#ubuntu-server 2006-10-02
<sanmarcos> why does dpkg-reconfigure generate an expired certificate for dovecot?
<Ries> sanmarcos: Maybe you have the 'back to the feature' edition of ubuntu?
<sanmarcos> indeed
<sanmarcos> ill just genereate one of my own, anyhow I dont understand why it starts from 2005
<sanmarcos> /var/lib/dpkg/info/dovecot-common.postinst
<sanmarcos> I wont bother reporting a bug report..
<Ries> sorry, I dom't know..... it sounds like a setting, but then again I am nnot much of a ubunto guru
<sanmarcos> that is the problem and yet again the most promiment feature with ubuntu
<sanmarcos> not enough people with years of experience
<sanmarcos> besides the core devs
<fabbione> sanmarcos: is that on dapper?
<sanmarcos> yeah
<fabbione> dovecot shouldn't be even generating a certificate and use the one from ssl-cert
<fabbione> that's a common snake-oil cert in /etc/ssl/...
<sanmarcos> dovecot-common does
<sanmarcos> snake-oil I suppose is your all purpose ssl cert for the machine?
<fabbione> yeah the "fake" certificates autogenerated just to make the services happy to start for the user
<fabbione> dovecot (1.0.alpha5-1ubuntu2) dapper; urgency=low
<fabbione>   * Switch default config to use ssl-cert-snakeoil certificates.
<fabbione>   * Add Depends on ssl-cert.
<fabbione>   * Make postinst use a more generic grep for SSL_* otherwise it just doesn't
<fabbione>     work.
<fabbione> the certificate is generated only if it can't find the pre-generated ones
<fabbione> and the path to the certificates is embedded in the config
<fabbione> if you did customize your config, then it might generate the snake-oil certificates for you
<fabbione> it's not really a bug.. it's wanted behavious
<fabbione> behaviour
<sanmarcos> anyhow, I like to put some of my info in the cert
<sanmarcos> it works, so whatever
<sanmarcos> latest on dapper does not check for snake oil
<fabbione> i just checked the source in dapper.. it does
<sanmarcos> *** 1.0.beta3-3ubuntu5.3 0
<sanmarcos> postinst for dovecot-common, does not
<sanmarcos> dapper updates this is
<fabbione>   ## SSL Certs
<fabbione>   # Certs and key file
<fabbione>   SSL_CERT=$( (grep "ssl_cert_file" /etc/dovecot/dovecot.conf  || echo '/etc/ssl
<fabbione>   SSL_KEY=$( (grep "ssl_key_file" /etc/dovecot/dovecot.conf || echo '/etc/ssl/pr
<fabbione> ivate/dovecot.pem') | cut -d'=' -f2)
<fabbione>   # Generate new certs if needed
<fabbione>   if [ -f $SSL_CERT ]  && [ -f $SSL_KEY ] ; then
<fabbione>     echo "You already have ssl certs for dovecot."
<fabbione> yes it does
<sanmarcos> ohh that you mean, yes I have that
<fabbione> it expects 2 separate files for cert and key
<fabbione> or at least both the entry in the config
<sanmarcos> yeah but does not check for /etc/ssl/certs/ssl-cert-snakeoil.pem
<fabbione> there is no need to
<fabbione> the default config points to that
<sanmarcos> ah ok
<fabbione> if you change the default config, it changes the check
<sanmarcos> heh, that is why
<fabbione> so as i am saying.. it works :)
<sanmarcos> thank you for taking your time to clarify my confusion
<fabbione> no problem
<fabbione> given that i did the patch for ssl-cert-snakeoil thingy :)
<sanmarcos> nice
<sanmarcos> still I dont know why it was generating a new dovecot.pem cert with start date 05 and end 06 (october)
<sanmarcos> anyhow, I couldnt care, since I made my own
<sanmarcos> ahh it feels nice to do some maintenance on servers.. fixing all the erorrs
<porkpie1> Hi guy's ....can anyone tell me where I can find the driver for a PERC 5/i raid contoller
<porkpie1> controller
<porkpie1> ivoks:hi
<ivoks> hi
<porkpie1> I spoke to dell today and it's deffinatley hardware raid 
<ivoks> hehe
<porkpie1> When I installed the os both drives were active ....I think the issue is the megaraid_sas driver
<ivoks> did you ask them do they know what's software raid?
<porkpie1> Yeah ....
<ivoks> and?
<porkpie1> software raid is controlled by the OS 
<ivoks> right
<porkpie1> I have deleted the raid configuration and  recreated it  ...
<ivoks> and, on install, you see one or two/three disks?
<porkpie1> 3
<ivoks> so... that's impossible with hardware raid
<porkpie1> ubuntu is detecting the physical drive as well as the logical drive
<ivoks> right
<ivoks> with hardware raid you see one disk or you don't see anything
<ivoks> system can not see all disks
<porkpie1> I even tried installing on sda but it still failed with error 21
<porkpie1> I agree 
<ivoks> that's what linux calls fakeraid
<ivoks> in the end, it's a software raid
<ivoks> it's controlled by the driver
<ivoks> i.e. driver for hardware raid is used to detect controller
<ivoks> driver for fakeraid is used to detect controller and set up raid fields
<porkpie1> hmm!
<ivoks> software raid is used when there is no raid controller
<porkpie1> how did the other guy get his 1950 to work ....
<ivoks> porkpie1: it had other raid controller
<ivoks> maybe you noticed, but dell calls all their controllers PERC
<ivoks> or whatever
<ivoks> they even have same number - 5
<ivoks> but one costs 0$, and other 700$
<ivoks> which one do you think is hardware raid? :)
<ivoks> go with linux software raid
<porkpie1> well according to dell the PERC 5/i is and LSI card
<porkpie1> http://www.lsilogic.com/cm/LookupDownloads.do?role=1&geo=ALL&category=-1&family=-1&product=8279&subtypes=Driver
<ivoks> porkpie1: please read http://linuxmafia.com/faq/Hardware/sata.html
<porkpie1> http://www.lsilogic.com/products/megaraid_sas/index.html
<porkpie1> ivoks:this is sas not sata
<porkpie1> ivoks:the link you sent me is for sata which dell use on there desktops .....this is different it's scsi
<ivoks> hm
<porkpie1> ivoks:I think if I can get the correct driver for the initramfs ...it might work ??
<ivoks> initramfs isn't the problem
<porkpie1> ??
<ivoks> porkpie1: your grub dies... that's before initramfs is loaded
<porkpie1> Yeah
<porkpie1> IC
<ivoks> porkpie1: this happens with fakeraids, when you install system on disk, but not on raid
<ivoks> porkpie1: and you see disks, not raid in installation
<porkpie1> Hmm! yeah
<ivoks> porkpie1: maybe you didn't set up raid correctly?
<porkpie1> ivoks:it's very simple ...I have set it up twice now ....I even went through it with Dell ...
<ivoks> http://lists.us.dell.com/pipermail/linux-poweredge/
<porkpie1> what am I looking for
<ivoks> anything :)
<porkpie1> hahahaha
<porkpie1> shit  ...I might as well send this box back 
<porkpie1> ivoks:there must be a way to get this to work.  It works with RH and Suse
<ivoks> so... megaraid_sas should detect raid, not disks
<ivoks> maybe some modules loads before and detects disks?
<porkpie1> in the install you mean
<ivoks> yes
<porkpie1> hmm!
<porkpie1> not much we can do about that is there ?
<ivoks> start install and, when you get to partitioner
<ivoks> choose 'go back'
<porkpie1> OK
<porkpie1> doing it now
<ivoks> then shift to alt+f2
<ivoks> and lsmod | grep megaraid
<porkpie1> megaraid_sas  
<porkpie1> scsi_mod 160504 4 usb_storage,sg,sd_mod,megaraid_sas
<porkpie1> ivoks:?
<ivoks> that looks ok
<ivoks> but you don't see raid :/
<porkpie1> hmm! what does that mean
<ivoks> could you export dmesg to some file
<ivoks> and upload it somewhere?
<ivoks> dmesg > dmesg_log
<ivoks> mount /dev/fd0 /mnt
<porkpie1> hmm! how would I get it off the drive
<ivoks> cp dmesg_log /mnt
<ivoks> umount /mnt
<porkpie1> ivoks:no floppy drive
<ivoks> of course, you need floppy :)
<ivoks> oh...
<ivoks> scp?
<porkpie1> not network connection
<ivoks> dhclient eth0
<porkpie1> it  doesn't detect the card
<ivoks> nice :/
<ivoks> usb?
<porkpie1> I have usb slots
<porkpie1> yes
<ivoks> and usb key/stick? :)
<porkpie1> I have a usb stick as well
<ivoks> there you go
<porkpie1> OK let me get the stick ...2 secs ...can you run me through the commands
<ivoks> porkpie1: dmesg, lspci
<ivoks> sure
<ivoks> dmesg : dmesg_log
<porkpie1> 2 secs
<ivoks> grr
<ivoks> dmesg > dmesg_log
<ivoks> lspci > lspci_log
<ivoks> lspci -vv > lspci-vv
<porkpie1> OK doing it now
<porkpie1> the last command didn't work
<porkpie1> switch is wrong
<porkpie1> invalid option w
<porkpie1> -w
<ivoks> -vv
<ivoks> not -w
<porkpie1> OK
<porkpie1> upper case
<ivoks> no
<ivoks> two v
<porkpie1> OK
<ivoks> not double w
<porkpie1> OK ...it that it
<ivoks> that's it
<ivoks> copy them to stick and upload somewhere
<porkpie1> hmm! how do I cp to the stick 
<porkpie1> sorry 
<ivoks> run dmesg
<ivoks> last lines will tell you the name of the stick
<ivoks> proabably /dev/sdd1
<porkpie1> yeah thats it
<ivoks> mount /dev/sdd1 /mnt
<porkpie1> do you only want dmesg_log
<ivoks> no, all three files
<porkpie1> blast I took the stick out before umount ....I need to remount
<porkpie1> eh I cant remount
<ivoks> umount it first
<ivoks> then mount it again
<ivoks> copy
<ivoks> umount
<porkpie1> hmm! no such file or dir ..sorry about this 
#ubuntu-server 2006-10-03
<porkpie1> I think I need to exit and go back in
<ivoks> entering and exiting shell won't fix kernel and mounts
<porkpie1> OK  ...go throught the exersise again
<ivoks> umount -f /mnt
<ivoks> try that
<ivoks> then insert stick and mount it
<porkpie1> failed
<porkpie1> forced umount of (null) failed!
<ivoks> porkpie1: what failed?
<ivoks> ok
<ivoks> does 'mount' show that your stick is mounted?
<porkpie1> no
<ivoks> then just mount it
<ivoks> hopefully, filesystem isn't destroyed
<porkpie1> OK shall I email them to you
<ivoks> ok
<ivoks> ivoks@ubuntu.com
<porkpie1> you should have them 
<ivoks> ok
<porkpie1> what are you looking for in those files
<ivoks> ideas for solution
<ivoks> it detects disk beforce it detects PERC
<ivoks> that's odd, don't you think
<porkpie1> I noticed in the dmesg
<porkpie1> yeah ..why does it do that
<ivoks> this dmesg lacks first part :/
<porkpie1> do you want me to run it again
<ivoks> how many disks do you have in there?
<porkpie1> 2
<ivoks> but it detects 3...
<ivoks> i assume sdc is raid
<ivoks> so...
<porkpie1> yep
<ivoks> it shouldn't detect sda and sdb
<porkpie1> hmm!
<ivoks> this dmesg isn't enough
<porkpie1> It does say Driver sd needs updating  please use bus_type methods
<ivoks> that's not the problem
<porkpie1> tell me what you need
<ivoks>  /var/log/syslog if it exsist
<Hobo_Joe> Hi Guys, I am trying to set-up a static IP address on Ubuntu Server 6... I have just installed using LAMP. What is the file I need to edit to do this?
<ivoks> or /var/log/kern.log
<ivoks> Hobo_Joe: /etc/network/interfaces
<porkpie1> OK ....I will need to run the install again ...I switched the server off  ..it was giving me  a headache
<ivoks> :)
<Hobo_Joe> ivoks: Thanks I will give that a try
<ivoks> Hobo_Joe: man interfaces
<ivoks> porkpie1: but hurry up... it's 00:30AM here
<porkpie1> OK 
<porkpie1> doing it now
<porkpie1> 4mins
<Hobo_Joe> ivoks: tnx
<porkpie1> no kern.log
<porkpie1> only syslog
<ivoks> ok, syslog then
<Hobo_Joe> ive edited interfaces, how do I make the changes apply?
<porkpie1> ivoks:you have it
<ivoks> Hobo_Joe: sudo /etc/init.d/networking restart
<Hobo_Joe> ta
<ivoks> porkpie1: lol, how many CPUs are there? :)
<porkpie1> 2 dual cores
<ivoks> 2 dual core with ht enabled :)
<ivoks> that makes 8 of them :?)
<porkpie1> :)
<porkpie1> with VT enabled
<Hobo_Joe> bleh, I know that by default you cant login as root on Ubuntu, but is there an easy way to do this?
<Hobo_Joe> (loging in as root)
<ivoks> Hobo_Joe: sudo passwd
<stu_> what happens if you do try and login as root?
<stu_> cos if you can login, sudo passwd root
<ivoks> porkpie1: ok, could you do modprobe -r megaraid_sas
<ivoks> that probably woudn't work
<Hobo_Joe> YAY root rules
<ivoks> porkpie1: ?
<porkpie1> ?
<stu_> ?
<ivoks> modprobe -r megaraid_sas
<porkpie1> ivoks:it returned nothing
<ivoks> great, then it worked
<ivoks> now try going to partitioner
<porkpie1> what worked ?
<ivoks> removing megaraid_sas module from kernel
<porkpie1> I can't get to the patitioner
<ivoks> how come>
<porkpie1> dunno
<porkpie1> looks like the kernel has crashed
<ivoks> eh...
<porkpie1> I'm there
<porkpie1> sorry
<ivoks> so, any discs in partitioner?
<porkpie1> hmm! it hasn't loaded
<porkpie1> I have a blue screen
<ivoks> tya
<ivoks> i'm cluless
<porkpie1> ivoks::(
<ivoks> it looks like megaraid_sas detects both disks and raid
<porkpie1> ivoks:I think I am doomed :(
<ivoks> you should talk to someone from ubuntu-kernel
<porkpie1> I have a message that reads partman: Reading all physical volumes   this may take a while ...thats when I did alt+f4
<ivoks> basicly, partitioner crashed
<ivoks> hm...
<ivoks> that was rather rude...
<ivoks> bye all
<grandy> hello... i'm having trouble with the megaraid driver on dapper and i'm wondering if anyone can help...   it won't recognize the drive... (neither will gentoo) but i checked my hardware version and it's supposed to be supported by the megaraid_mbox module, which is being loaded
<TJWorld> Any ServerTeam members about?
<TJWorld> Hmm, I meant, any Server^Testing^Team members about?
<grandy> hello:  I'm wondering if anyone knows the last version of Ubuntu use a 2.4 kernel for the livecd... 
<shwag> mysql-administrator should be pushed out as a new version. 1.1.6 is way borked. http://bugs.mysql.com/bug.php?id=17879
<shwag> 1.1.10 fixes.
<psycose> hi
<psycose> i'm looking for user experience about a Sun blade 150 - sparc install, if you know some great url/docs i've not found that much on google thanks
<psycose> Anyone has any experience about Ubuntu server on Sun blade 150/Sparc ?
#ubuntu-server 2006-10-04
<rapha> Hi all!
<rapha> Can somebody help me get Ubuntu Server working on my old P166MMX?
<rapha> I'm installing it the third time now, I don't think I'm doing anything wrong. The first two times, after installation, when CD was removed, it always rebooted right after GRUB screen.
<rapha> Even when I said .... init=/bin/sh
<rapha> Machine has only 48M of RAM, but installer runs so I don't know why system itself doesn't run...
<kahuuna> hello, can anyone help me on http://www.ubuntuforums.org/showthread.php?p=1578863 ?
<xerxas_> Hi
<kahuuna> so noone can help? :/
#ubuntu-server 2006-10-05
<AngryParsley> hmm, it's much quieter in here than the main channel
<Overand> yep
<Overand> this is a development channel, really
<AngryParsley> oh
<AngryParsley> well, I installed ubuntu server and everything is peachy
<AngryParsley> so far it's been much easier than getting gentoo set up
<AngryParsley> so uh, thanks guys
<stephans> has any of you tried to get auth-smb to work in apache on ubuntu server?
<DJ_Mirage> stephans, Topic for #ubuntu-server is: This is a development channel, for the planning and co-ordination of Ubuntu Server CD images, installation methods, kernels, and related package sets || Please take support questions to #ubuntu
<stephans> ok
#ubuntu-server 2006-10-06
<Stonekeeper> hi. When i boot from the ubuntu server cd and enter rescue mode, I mount my /boot and / partitions correctly (/ first then /boot within the first mount) then chroot it. The file system is setup just fine. However when i type "grub" it complains that it cannot open bterm. Any ideas how to fix this? Thanks in advance.....
<infinity> Stonekeeper: Try "grub --no-curses"
<infinity> Though I'm not sure why you're running the grub shell at all, perhaps it's grub-install that you're really looking for>
<infinity> ?
<Stonekeeper> for some reason, these HDs like to lose their grub config
<Stonekeeper> so it wont boot off raid1
<beuno_> anyone know why this happens:
<beuno_> lineage2@lineage:/etc/dovecot$ mkpasswd
<beuno_> -bash: mkpasswd: command not found
<infinity> beuno_: You don't have "whois" installed?
<beuno_> no, I didn't
<beuno_> solved it
<beuno_> thank you
<beuno_> infinity, do you have any expierience setting up postfix?
<Tailsfan> Hello
<Tailsfan> How much does a Server install take without a GUI
<Tailsfan> I was thinking of coming back to Ubuntu with th elowest amount of disk space used
#ubuntu-server 2007-10-03
* Starting logfile irclogs/ubuntu-server.log
<ivoks> umm... daily gutsy alternate is 717MB
<soren> ivoks: Yup.
<soren> ivoks: It's been oversized for a while :(
<soren> ivoks: Openoffice exploded.
<soren> or something.
<ivoks> yeah...
<ivoks> and... we have serious bug with udev and network cards on fresh install
<ivoks> i just did an install on a computer with two network cards and i got eth2 and eth3, with lots of bad lines in 70-persistent-net.rules
<ivoks> i'll do more testing this night...
<nijaba> ivoks, looks like its a busybox bug, see https://bugs.launchpad.net/ubuntu/+source/udev/+bug/145382
<ubotu> Launchpad bug 145382 in busybox "[Gutsy]  broken 70-persistent-net.rules" [Undecided,Fix released] 
<ivoks> right, that's the one
<nijaba> Says the fix is released...
<ivoks> 17 hours ago, yes
<ivoks> then i'll test it tomorrow :D
<nijaba> I'll do it too, I had the same problem
<ivoks> bbl
<soren> ivoks: Yes, that was. fixe... Oh, he buggered off.
<pike__> anyone here use aix much?
<pike__> offtopic ^
<jdstrand> mathiaz: what do you think the chances of getting the debdiff for bug #135624 uploaded for gutsy?
<ubotu> Launchpad bug 135624 in php5 "libapache2-mod-php5 should provide LAMP test page" [Low,In progress]  https://launchpad.net/bugs/135624
<jdstrand> s/gutsy/gutsy are/
<mathiaz> jdstrand: hum... low I think.
<mathiaz> jdstrand: you may ask soren about this also.
<jdstrand> mathiaz: yes, but you were here ;)
<soren> jdstrand: Well, it might be ok to get it in. There's a few issues with it, though.
<soren> jdstrand: You say "if see this page in a browser, then PHP must be working " which is not true.
<wolfe> I'm running postfix on a server, and am having some issues
<soren> jdstrand: the register_shutdown_function trickery kills kittens.
<soren> jdstrand: There's extension_loaded to do that sort of thing more cleanly.
<wolfe> I'm trying to use this line which has a dbm filewith a list, and ubuntu is complaining about not having the postfix-dbm package. I tried to find the package but one doesn't exist, is 7.04 borken for postfix packages?
<lamont> wolfe: that's because dbm is broken.  don't use dbm maps, since they're not supported any more
<soren> jdstrand: I also don't particularly like the mysql_connect call. You shouldn't hardcode the path to the unix socket.
<lamont> use hash instead
<lamont> the error message from postfix is "try the postfix-$maptype package"
<wolfe> lamont: hmm
<ScottK> There was actually just a recent thread on postfix-users about how broken it is.
<lamont> the part it doesn't say is "if that exists"
<wolfe> lamont: do I need to perform anything differently?
<jdstrand> soren: the PHP 'if see this page in a browser' part could be reworded.  But the basic idea is that if php is not installed/registered, the file with just be downloaded.  I was trying to say that if the file wasn't downloaded, then its working.  Am I missing something?
<wolfe> I still need to run postmap on the file, right?
<soren> jdstrand: If you accept whatever's built into libmysqlclient (by just setting it to "localhost"), we'll be able to catch it easily if they should get out of sync (which somehow has happened before).
<lamont> wolfe: only if you're using something other than postmap or newaliases to build the file
<lamont> still postmap
<soren> jdstrand: Even though the package is installed, doesn't mean it's managed to enable the php interpreter.
<lamont> or postalias/newaliases, depending
<wolfe> k, thanks
<jdstrand> soren: agreed.  but if the interpreter is not enabled, that file will be downloaded as a txt file, and not shown as html
<soren> jdstrand: Likely, yes.
<jdstrand> soren: the 'spirit' of the comment was to describe that difference.  But obviously, I was not clear.
<soren> jdstrand: I'd just like it to actually do test something.
<jdstrand> soren: what can it test if php not enabled?
<soren> jdstrand: Perhaps something like: "<td>php</td><td><!--- <? print(" -->Works<!--"); => --></td>"
<jdstrand> soren: ah.  well that's easy enough
<soren> jdstrand: If php is not enabled, the print call will be commented out in html. If php is enabled, it will end the comment, write "Works", start a new comment...
<soren> jdstrand: right.
<soren> jdstrand: I actually thing the mysql_connect call shouldn't get any arguments.
<soren> jdstrand: These are all details, though. In general, it's a good starting point.
<soren> jdstrand: I'm too tired to do much about it right now, though.
<jdstrand> soren: it will take only a few minutes to change
<jdstrand> soren: I'll do it
<soren> jdstrand: Cool. i've got another php bug I want to fix tomorrow to. If you attach the new page to the bug, I'll take care of it tomorrow.
<soren> "...fix tomorrow, too".
<jdstrand> soren: thanks-- you get to flex your core-dev muscles then!  :)
<soren> jdstrand: Exactly :)
<soren> Goodnight, guys.
<servervm> I just loaded up Dapper 6.06 LTS server LAMP and I'm going through php.ini to set it up for vTiger. It mentions 4 extensions to php... all listed as .dll's .. are these windows extensions already loaded in the linux version via a different method?
<servervm> or different file name?
#ubuntu-server 2007-10-04
<kb3llm> hi everyone
<kb3llm> i was using ubuntu server, then i tried to install a GUI on it, and had problems, and tried debian. Have even MORE problems, so i'll probably go back to text-only ubuntu server
<kb3llm> and i can ssh in
<ScottK> That's how it's meant to be used.
<kb3llm> i know, but i wanted a GUI..
<kb3llm> learned my lesson :)
<kb3llm> and i couldn't get xorg.conf to work right on debian for ANYTHING
<kb3llm> any way to add more than 6 virtual terminals to ubuntu server?
<kb3llm> aside from using screen
<leonel> kb3llm:  for a  simple gnome  gui on servers   I install these :
<leonel> gnome-panel gdm metacity xserver-xorg firefox xfonts-base firefox-themes-ubuntu gtk2-engines-ubuntulooks ubuntu-artwork gnome-applets   gnome-system-tools nautilus gnome-terminal ubuntu-docs update-manager
<kb3llm> and it works without any problems?
<leonel> not for me ;)
<kb3llm> cool... then i could browse the internet when my mom takes away my mac mini lol... (she leaves the server in my room) i just use it for the fun of it. I HAD 3 sites hosted on it, before all this happened. Now i have the sites, but somehow lost the MYSQL database backups in the process, so i'll have to start fresh on some parts of the sites :(
<kb3llm> leonel: what about screen resolution problems?
<kb3llm> that was one of my problems with my short time of playing with debian
<kb3llm> i was stuck at a max of 800x600
<leonel> kb3llm: none   dpkg-reconfigure xorg-xserver  and you're done
<kb3llm> i did that with debian and it didn't help at all.
<leonel> what video card you have ?
<kb3llm> cirrus something....
<kb3llm> its an HP netserver LC3
<leonel> and the resolution for that card  and montor what is ?
<kb3llm> according to a website: Cirrus Logic CL-GD5446; BIOS 1.33; PCI; 2 MB; 8 MB; Video Resolution SVGA; Video Resolution XGA; SVGA
<kb3llm> the max resolution of the monitor is 1680x1050
<leonel> but for the  video card to keep with  that resolution need memory
<kb3llm> ?
<kb3llm> so i cant run that resolution with that card?
<leonel> 2 mb 8 mb   it's to low  for  1680 x1050
<kb3llm> whats the max i could run then?
<leonel> you need to fit those pixels  in memory   and  the max colors  for it
<leonel> configure  to use  thousands of colors instead millions  and try 1024
<kb3llm> how do i do all that? will you help me, once it finishes installing? (installing the main ubuntu-server right now)
<leonel> just
<leonel> sudo dpkg-reconfigure xserver-xorg
<leonel> and  choose  a 1024x768  resolution  with  16bit color
<leonel> if it works   do a greater  resolution
<kb3llm> any widescreen res.'s that will work on that card?
<leonel> don't know but  you have to low video memory to  keep with your monitor resolution
<kb3llm> even if i use 16 bit instead of 24?
<leonel> yes
<kb3llm> if i try will it screw it up, or can i keep trying, until something works?
<kb3llm> leonel: any way, after installing all those packages, to make it default boot into TERMINAL and only use X if i call "startx"  ?
<leonel> you can try
<leonel> for let the server in text mode
<leonel> sudo update-rc.d -f  gdm   remove
<kb3llm> and that will make it so i have to type startx every bootup?
<leonel> kb3llm: yes
<leonel> kb3llm: http://www.infohq.com/Computer/notebook-video.htm
<leonel> maybe the video memory it's ok but try with lower resolution and 16 bits
<kb3llm> whats the default root password?
<kb3llm> i didn't get to set it in setup for some reason
<leonel> kb3llm: you don't use a root password
<leonel> kb3llm: sudo -s
<leonel> will let you "AS" root
<kb3llm> i got it..   sudo passwd root
<kb3llm> lol
<leonel> :)
<kb3llm> k I'm gonna install those packages now. you sure those are the only ones i need?
<kb3llm> curious, what happens if you startx through an ssh connection?
<kb3llm> will it try to start in the terminal window?
<kb3llm> through ssh
<kb3llm> ?
<leonel> it will give you error  since  startx need a  TTY  and not a  pts
<leonel> if you want  X apps  from your server to your desktop
<leonel> 
<leonel> ssh -X user@server
<leonel> then   will forward  all the X11 to your desktop
<leonel> and not use startx  just ..
<leonel>   firefox
<leonel> and you will be using  firefox on your server  with the display on your desktop
<kb3llm> what if the desktop is a windows machine? or os x?
<leonel> I don't know  windows  or  osx
<kb3llm> that'd be sweet. run linux programs on a windows machine thru ssh
<leonel> i think you need  a  Xserver on windows  and  maybe  on osx  can  work
<leonel> but ..
<leonel> with windows  I've tried that  about 15 years ago  with  Xservers  on windows
<leonel> yes i'm talking about  windows 95 and  3.11  :)
<kb3llm> lol
<leonel> and that's the last windows I've used as desktop   i have a XP  but as a simple and plain  enduser there
<leonel> and really don't use it
<kb3llm> leonel: you here?
<kb3llm> need some help with the screen res. thing
<leonel> kb3llm: what's up
<kb3llm> i tried that reconfig thing, and it didn't help
<kb3llm> cant get past 640x480
<kb3llm> can you help guide me through the steps?
<kb3llm> ill try again.
<kb3llm> but 640x480 sucks :)
<leonel> did you select  your cirrus  driver  and 16 bit color ?
<kb3llm> yup
<leonel> try the vesa  driver
<kb3llm> k.
<kb3llm> will you guide me through it. There are some steps i'm not sure about: do i choose simple advanced or medium, for the display thing?
<leonel> go simple
<kb3llm> and 20" ? (its a 20 inch monitor, but its widescreen, so, still choose 20?)
<leonel> yes
<kb3llm> k
<kb3llm> what resolutions should i select?
<leonel> 1024
<kb3llm> too late, i selected a few. should i start over? (640, 800, 1024)
<leonel> ok
<kb3llm> ?
<leonel> it will try
<kb3llm> so its fine
<kb3llm> and 16 bit?
<kb3llm> 8?
<leonel> 1024 first and let you with the one than can do that resolution
<leonel> 16
<kb3llm> so start over, and select 1024
<kb3llm> k
<kb3llm> if i just close my ssh terminal,, will that kill it and let me start over?
<leonel> in teory ..
<kb3llm> i'm doing the config over ssh, testing on main monitor, though
<kb3llm> its a dual input monitor, that way i dont have to switch back and forth
<kb3llm> he he, i put 1024 like you said, and when i started x again, it let me choose 800x600
<kb3llm> weird
<kb3llm> but a little better...
<kb3llm> is that as good as its gonna get, or can it go a little higher?
<leonel> doit again   with higher  resolution
<leonel> but keep the ones you selected
<kb3llm> but why did it let me choose 800, if i selected 1024??
<kb3llm> thats weird
<kb3llm> i just selected 1024, thtas it
<kb3llm> i didnt even select 800...
<kb3llm> hmm
<leonel> because  with   ctrl alt  +   you can  switch resolutions
<leonel> that are configurated
<leonel> you can have all the resolutions supported by your card and monitor  and  switch  with  ctl alt  NUM+
<kb3llm> oh, so i could have dont ctrl alt + and gone up to 1024?
<kb3llm> ?
<kb3llm> leonel: ?
<kb3llm> leonel: i selected another one, and it didn't do anything. just stayed at 800x600
<kb3llm> i wonder if the vid card will only support 800x600 max?
* kb3llm will try 1280x1024
<kb3llm> i think 800x600 is the max its gonna give me
<leonel> <kb3llm> oh, so i could have dont ctrl alt + and gone up to 1024?
<leonel>  ?  <-- yes if it's supported and configured
<leonel> you can configure  all the options  and the xserver will try all and  give you the higher
<kb3llm> so since i chose 1024, and it gave me 800, 800 is the highest....
* kb3llm sighs
<umop-apisdn> hey, where's my system messages?
<umop-apisdn> used to be available on ALT+F12 ?
<leonel> ctrl alt f8 ?
<umop-apisdn> no dice :P
<zylstra555> Good evening: I need to get OpenSSL and Perl on my server. How do I do this?
<zylstra555> *specifically to get Webmin working, I should add
<zylstra555> In interest of time, Ill try the other channel (just Ubuntu)
<kraut> moin
<Kamping_Kaiser> other then top, what can i use to get a breakdown of ram/swap usage by application? is there something out of the box?
<soren> What do you want to find out, specifically?
<Kamping_Kaiser> what is swapping to disc, when i still have ~40mb of ram left.
<Kamping_Kaiser> in cache admitedly
<soren> If you're getting short on RAM, the kernel will swap out anything that's not locked and is not being actively used.
<soren> It could change from one second to the next.
<soren> Are you seeing any significant performance problems?
<Kamping_Kaiser> no, i dont think so. i've not run the box enough to know when its running well or not
* soren goes to fetch some coffee
<soren> Kamping_Kaiser: If it's working fine, why bother with this?
<Kamping_Kaiser> soren, intrest. a desire to know whats going on
<soren> It's hard to determine, really. You can get a reading of how much of a process' ram space is resident, how much is shared, and how much virtual memory it takes up, but turning that into "which processes are swapped out" is not easy.
<kraut> anybody knows a tool for linux to stick a process to a  special cpu?
<soren> kraut: Yeah, it's known as cpu affinity.
<kraut> soren: ah, i think i found it
<kraut> http://www.cyberciti.biz/tips/setting-processor-affinity-certain-task-or-process.html
<soren> kraut: You use taskset(1) to fiddle with it.
<soren> kraut: You need to remember, though, that you use it to lock a certain process to a specific set of cpu's. If you want to keep everything else off of that same set of cpu's so a process is the only thing running on them, it gets slightly trickier.
<kraut> soren: yep, i know. i am trying to tune a python script but the main issue is i/o wait.
<soren> kraut: The easiest way would be to set init's cpu affinity from initramfs.
<kraut> rrdtool writes its stuff on a nfs-mount and it's to slow to handle this.
<soren> And this relates to cpu affinity how?
<kraut> threads waiting for i/o
<kraut> but it won't change anything as i thought... :/
<soren> Threads waiting for I/O are not running, so they're not really on any cpu anyway?
<kraut> dunno
<kraut> 11:08:12     CPU   %user   %nice    %sys %iowait    %irq   %soft  %steal   %idle    intr/s
<kraut> 11:08:17     all    0.30    0.00    1.10   43.80    0.70    4.20    0.00   49.90   3663.60
<kraut> 11:08:17       0    0.60    0.00    2.00   87.20    1.40    8.40    0.00    0.40   3541.40
<kraut> 11:08:17       1    0.00    0.00    0.20    0.40    0.00    0.00    0.00   99.40    122.40
<soren> kraut: Er... Yes?
<soren> kraut: One CPU is really busy, another isn't?
<soren> kraut: That's not notable by itself. Do you have several cpu bound processes running?
<soren> kraut: Or perhaps jus tone?
<soren> just one..
<kraut> several one, but it's more a nfs-problem. look at the heavy i/o wait
<soren> kraut: i/o wait is not heavy.
<soren> kraut: by definition.
<soren> kraut: It's *waiting*.
<dholbach> heya
<dholbach> does anybody have the time to dive into bug 139251, bug 134342 and bug 134068?
<ubotu> Launchpad bug 139251 in mediawiki1.10 "package mediawiki1.10 1.10.1-1 failed to install/upgrade: " [Undecided,Confirmed]  https://launchpad.net/bugs/139251
<ubotu> Launchpad bug 134342 in ubuntu "[needs packaging]  Themeampache" [Wishlist,Fix committed]  https://launchpad.net/bugs/134342
<ubotu> Launchpad bug 134068 in ubuntu "[needs-packaging]  libapache2-mod-bwshare" [Wishlist,Fix committed]  https://launchpad.net/bugs/134068
<dholbach> dendrobates: ^ :-)
<maeth> hi, im trying to install a VPN on my ubuntu server machine, i got DHCP and internet sharing+firewall via firestarter
<maeth> i have never succefully installed a VPN before, ive tried on windows XP, it was pretty simple but it doesnt work well....
<soren> maeth: Personally, I like openvpn a lot. There are many howtos about it floating around.
<soren> Kamping_Kaiser: You're the one who working on the mediawiki bug, right?
<Kamping_Kaiser> soren, yes (for values of working)
<soren> Kamping_Kaiser: Just removing "set -e" sounds like hiding the symptoms, but not fixing the problem. Do you remember the actual error?
* soren is too lazy to just install it. :)
<kraut> soren: yep, i know. but in fact the machine is to slow to handle all the rrd-container.
<soren> kraut: What if you generate them on a local drive and copy them onto the nfs file system?
<_ruben> hmm .. what would be the best fix/workaround for the udev network bug in gutsy?
<_ruben> google hasnt been very helpful, yet
<lamont> what bug?
<_ruben> devices showing up as eth2 and eth3 instead of eth0 and eth1
<_ruben> and im having some troubles renaming my interfaces to custom names (having troubles = finding the proper ubuntu way, i do know the suse way)
<lamont> _ruben: see /etc/udev/rules.d/70-persistent-net.rules
<_ruben> that's the file i'm currently playing with, yet with no success
<lamont> what's to play - you put an entry there with the MAC you want and the name you want...
<_ruben> play as in finding the proper syntax, i tried several so far, but either they're wrong or dont get picked up by an /etc/init.d/networking restart for some other reason
<_ruben> eg: SUBSYSTEM=="net", DRIVERS=="?*", ATTRS{address}=="00:18:8b:f7:90:59", NAME="int0"
<_ruben> oh well .. enough 'playing' for today, time to go home
<soren> Just nuke the current /etc/udev/rules.d/70-persistent-net.rules
<soren> reboot and presto!
<soren> After that, everything should be fine and stay the same.
<soren> The bug only occurs in the installer
<_ruben> soren: i replaced the contents with the line above, havent rebooted though, will try tomorow
<soren> int0? Is that right?
<_ruben> that's what i want it to be
<soren> Alright.
<_ruben> int/ext/wan/etc
<soren> If it finds a nic it doesn't know already, it's added to that file, so the easiest way to add stuff to it, is to remove the file, and reboot.
<_ruben> ah ok
<soren> ...and use the result as a starting point.
<soren> And you need to reboot for any changes in there to take effect.
<_ruben> will try that tomorow
<_ruben> ok
<soren> Well, either that or yank the nic and reinsert it, but if your hardware is not hotpluggable, reboot's the thing.
<soren> Alright. Have fun.
<_ruben> ic, with suse a network restart is enough. need to get rid of my suse 'tricks' i guess :-)
<_ruben> assuming we'd abandon suse that is :)
<_ruben> anyways, thanks for the pointers and i'll be back tomorow if i cant get it to work afterall
<soren> Alright, see you then.
<oly_mk2> if anyone is intrested, i made a video on installing ubuntu server manager on a fresh install of gutsy, from downloading to bringing up the webpage.
<oly_mk2> the link to the video is http://www.ubuntusm.org/index.php?Page=Forum_Post&TID=10&TID=10
<umop-apisdn> oly_mk2: nice background on the desktop. where'd you get it?
<oly_mk2> um, its the gutsy background or one of them
<umop-apisdn> ah
<umop-apisdn> thanks, i use feisty, myself
<umop-apisdn> <-- not an early adopter. still uses 6.06 on his server
<oly_mk2> well, i made that video on a test laptop, i am actually doing most development and testing on feisty
<oly_mk2> but wanted to know if it worked with gutsy
<oly_mk2> not tried dapper though, probably missing some packages, at a guess
<nealmcb> oly_mk2: thanks for the video, and usm.
<oly_mk2> thats okay :)
<nealmcb> the video is hard to see on this screen of mine - especially the browser part - a smaller resolution would help
<oly_mk2> still needs a lot of work though, but its starting to come together into something visibly working
<nealmcb> always a pity to see all those nasty warning about ssl certs
<oly_mk2> you can download it, the quality is much higher then
<nealmcb> what was the MAC error - repeated - I couldn't read it
<oly_mk2> you can actually read the text then
<oly_mk2> in firefox ?
<oly_mk2> the ssl warning go away if you install the certificate, and if its generated correctly it helps
<oly_mk2> ie the cname conatins the same hostname you access the page with, i will improve that at some point but for now its not that important
<nealmcb> of course - I'm just moaning about the whole interconnected frustrated difficult broken world of pki....
<oly_mk2> okay
<nealmcb> can you contrast usm and ebox?
<oly_mk2> nope not tried ebox yet, but i could
<oly_mk2> i installed it but did not know what port to access it on instantly so i left it there
<oly_mk2> till i can be bothered to try it again
<oly_mk2> i am intrested though because might give me ideas / inspiration
<nealmcb> I do prefer python :-)
<oly_mk2> me to :)
<nealmcb> have you tried putting it in a ppa?
<oly_mk2> this is my first venture into python,
<oly_mk2> i tried making a deb and failed miserably
<oly_mk2> getting lots of wierd errors that where meaningless to me,
<oly_mk2> i guess with ppa you make the deb and upload it ?
<oly_mk2> will probably have another crack at it soon
<nealmcb> yeah, after testing builds locally
<nealmcb> https://help.launchpad.net/PPA101/20070913
<nealmcb> you may still need to be in the launchpad beta testers team
<oly_mk2> aha, okay will look into it
<nealmcb> downloading didn't help my view of the video - what size screen did you make it on?
<oly_mk2> i would like to know how to make debs
<oly_mk2> its a widescreen laptop
<nealmcb> that's the problem for me - only 1024 across
<oly_mk2> 1400x1050
<oly_mk2> perhaps i will try making it again, and drop the resolution
<oly_mk2> did not really consider that when making it
<nealmcb> I recall a good screencaster-maker howto from a while ago, will share it if I find it
<oly_mk2> okay,
<oly_mk2> what i really want is a good ogg editor :p
<oly_mk2> but i am yet to find one
<nealmcb> I think there are much better codecs for screencasts, but don't know if there are good free ones yet
<oly_mk2> most likely, but i liked the fact i can use cortado and embed on my webpage
<nealmcb> https://wiki.ubuntu.com/ScreencastTeam/RecordingScreencasts
<oly_mk2> instead of using google or youtube video
<nealmcb> huh - I don't see the video on the webpage - just the download link
<oly_mk2> needs java, and some tweaking i think :p
<oly_mk2> i only just added it to the site to allow them to be embeded,
<nealmcb> ahh - I always disable java - too big/slow on this machine
<nealmcb> pity...
<oly_mk2> thats why theres a download link :)
* nealmcb nods
<oly_mk2> anyway hometime now
<Scunizi> what's the install file name for glibc headers?
<ivoks> install file name?
<ivoks> name of the package?
<ivoks> libc6-dev
<Scunizi> ivoks, thanks.  I'm trying to install vmware-tools in xubuntu desktop on Dapper Server. It's reporting an error in locating the correct directory to find the C headers. Using "locate" doesn't seem to help.
<ivoks> apt-file would help
<ivoks> apt-file search name_of_the_file
<Scunizi> ok.. and the file name is libc6-dev?
<ivoks> no
<ivoks> that's package name
<ivoks> file name would be something like /usr/include/termio.h
<Scunizi> ok.. I'll give it a shot..
<ivoks> just install libc6-dev
<ivoks> those are C headers
<Scunizi> I did but vmware-tools is looking for the headers in /usr/scr/linux/include and can't find them.  That's why I'm looking for the right location.
<Scunizi> shoulda mentioned that first :|
<ivoks> that's kernel headers, not C headers
<Scunizi> It's specifically asking for the C headers.
<ivoks> what kernel do you use?
<ivoks> C cause it's a language; it wouldn't ask python for C programs :)
<Scunizi> 2.6.15-26 server
<ivoks> then install linux-headers-server
<Scunizi> k
<Scunizi> installed and still getting... "What is the location of the directory of C header files that match your running kernel? [/usr/src/linux/include] .  It can't find them...
<ivoks> location is /usr/src/linux-headers-2.6.15-26-server
<ivoks> or, you can make link
<ivoks> ln -s /usr/src/linux-headers-2.6.15-26-server /usr/src/linux
<Scunizi> it wants me to type in the direct path to them. I tried /usr/src with no success.. and /usr/src/linux .. weird.. I've done this before without these hoops..
<ivoks> well, you are doing it wrong
<ivoks> create a link
<ivoks> and then just leave it as /usr/src/linux/include
<Scunizi> ok.. I'll give it a shot.. I appriciate your help.
<Scunizi> when I uname -a to discover which kernel I'm using it shows what I previously mentioned.  After installing the headers with the line you gave me, and looking in /usr/src with Thunar it shows header files for xx.xx-29..
<Scunizi> Is that normal?
<ivoks> you just installed system?
<ivoks> and didn't do apt-get dist-upgrade?
<Scunizi> I did an update and an upgrade not a dist-upgrade..
<Scunizi> Will dist-upgrade attempt to take me beyond Dapper?
<ivoks> no
<Scunizi> ok.. I"ll do that first..
<ivoks> do-release-upgrade does that
<Scunizi> It's been a while since I did a fresh install.. still fairly noobish at this and remembering the nuances of install..
<Scunizi> you'd figure after a year of practicing I'd remember some of this.. erg.
<ivoks> :)
<ivoks> just install latest kernel, boot it and then continue installation of vmware tools
<Scunizi> will do
<Scunizi> Success!  Thanks.. I know it can sometimes be aggravating helping when some of the much needed info to diagnose a problem is eeked out. I know, I occationally help on #ubuntu.  Your patients is appriciated.. :)
<ivoks> great... enjoy ;)
<Scunizi> you bet!
<osmosis> will I be able to upgrade to gutsy final easily when it comes out, from gutsy beta ?
<ScottK> Yes.
<ScottK> Just do regular updates and when the final is released, you'll have it already.
<ScottK> lamont: For a Hardy mail server goal I was thinking amavisd-new in Main as the official way to bolt on crack like clamav or spamassassin might make sense.  Any thoughts?
<lamont> haven't used amavisd or clamav.  I have used spamassassin though....
<ScottK> How did you integrate it into Postfix?
<lamont> I imagine  you and that other guy I know will have very good ideas about what the default MTA install should look like....
<ScottK> Right.
<lamont> some random howto from the web, which I probably b0rked, since I get occasional complaints about the db lock file not being creatable....
<ScottK> You might want to look into amavisd-new and call SA from that.  On postfix-users it seems to be the standard recommendation these days.
<lamont> ah, cool
<lamont> I assume I can have amavisd-new and not actually check for any viruses?
<ScottK> I also just uploaded a new version to Gutsy.
<ScottK> Yes.
<lamont> if there were windoze boxen, I might care more.
<ScottK> Amavisd-new can have either SA, clamav, or neither bolted on.
<lamont> nice
<ScottK> I'm in the opposite position myself.  I run outbound MTAs and I trust my customers not to spam (long story, but it works for me), but since the almost all run Windows boxen, I pass clamav over everything.
<ScottK> Since I just need clamav, I use clamsmtp myself since it's a lighter way to do just clamav.
<lamont> ah, ok
<lamont> from what I don't know, I might actually understand parts of that long story.  Then again, it's all supposition
<ScottK> No, it's probably a different story, but who knows (since you claim you don't).
<lamont> I have a long-standing NDA with that other guy.  then again, I also have no need to know other than helping him with racking stuff and answering his BIND questions from time to time
<ScottK> In any case I just uploaded a new amavisd-new that's more Ubuntuized.
<lamont> nice
<lamont> and it's pure assumption on my part that A is related to B at all.
<ScottK> Right.  It's not 100% unrelated, but close.
* lamont watches his rebuild testing happen before uploading stuff, just to be a good little boy.
<ScottK> I mostly did the upload so that if uname -a isn't a FQDN (which we have bugs aboug), the user gets pointed to the actual correct conf file.
<lamont> (no change uploads can be fun when they break... always good to test first)
<ScottK> Agreed.
<lamont> uname -a almost never gives an FQDN....
<lamont> hostname --fqdn, otoh....
<ScottK> Right.  Wrong extension.
<ScottK> Option, whatever
<ScottK> In any case we don't always set it right.
<umop-apisdn> can anyone show me a well-commented series of examples for iptables? i need port redirection to specific machines, and a generic nat for non-specific machines.
<umop-apisdn> oh, and i have ip aliases on my external nic, eth0, eth0:1, eth0:2, etc. the interface it comes in on determines which internal machine gets the port redirect
* lamont bets tldp.org has iptables howtos on it
<umop-apisdn> lamont: thanks, i'll try those
* lamont debates whether or not he wants to see if (un?)labeled aliases on an interface still breaks postfix
<lamont> ScottK: and possibly just unkind mind games on my part to imply that I have any knowledge on whatever subject that is... :)
<ScottK> Sure.  No problem.
<lamont> :-)  I'll remember to be more kind in the future.
<lamont> that whole "approaching good from the other side" thing that Keybuk was accusing me of last night
<ScottK> lamont: I used to enjoy the cygwin mailing list whose motto (for those that don't know) is WJM _ We're Just Mean.
<lamont> heh
<ScottK> The Ubuntu CoC represents an interesting challenge for me.  I've mostly managed to stay on the correct side of it.
<pike_> how do i designate a tab key in a sed? like cat /proc/cpuinfo|grep model\ name | sed -e 's/model name        //'
<pike_> i can use tr to do it with a \t just wondering
<pike_> lol nm
#ubuntu-server 2007-10-05
<halcyonCorsair> can anyone tell me the easiest way to install the minimal ubuntu-desktop packages?
<Burgundavia> halcyonCorsair: what do you mean by minimal?
<lamont> apt-get install ubuntu-desktop?
<lamont> depending, of course on what you mean by "minimal"
<halcyonCorsair> ubuntu-desktop is in no way minimal...lots of cruft, all i pretty much want is x, gnome, and firefox
<leonel> halcyonCorsair:  I install these  on servers that  customers  "want"  a gui  :
<lamont> ah, then you don't want ubuntu-desktop.  you want gnome+firefox
<leonel> gnome-panel gdm metacity xserver-xorg firefox xfonts-base firefox-themes-ubuntu gtk2-engines-ubuntulooks buntu-artwork gnome-applets gnome-system-tools nautilus gnome-terminal ubuntu-docs update-manager
<leonel> can I make  a  metapackage with  this dependencies  and  be included in Universe  ??
<lamont> (ubuntu-desktop would be my definition of the minimum set of packages that need to be installed  on the machine to call it an "Ubuntu Desktop")
<lamont> leonel: it's a bit late for gutsy, but you could sure upload it - worst case, it'd land first thing in hardty
<lamont> hardy, even
<halcyonCorsair> hmm
<leonel> lamont:  great !
<lamont> mind you, I don't approve uploads :)
<leonel> lamont: not so great !  :(
<leonel> haha
<lamont> if it exists in the open source universe, it goes in universe... so just make your  package and upload it.
<lamont> OTOH, the decision of whether or not to take it for gutsy/universe is not mine to make
<leonel> ok
<lamont> the bigger question is going to be around what the package should be called...
<lamont> leonel-gui comes to mind as one that would likely not fly. :-)
<leonel> haha
<leonel> another  would be  put it  on  ppa  and  there we have all the "minimal" desktop  for servers
<halcyonCorsair> why would mount tell me "unknown filetype iso9660" for a cdrom?
<lamont> modprobe?
<lamont> generally, I just don't tell it a type.
<halcyonCorsair> hmm
<halcyonCorsair> lamont: somehow after an update, one of our servers managed to delete everything under /lib/modules, so i had no drivers >:(
<lamont> neato.
<halcyonCorsair> not so much
<halcyonCorsair> i eventually got it back with the help of a rescue cd :(
<lamont> you'll want those.
<kgoetz> smooth work
<halcyonCorsair> *sigh*
<nealmcb> lamont: I'd think a printer gui config app might be a good option for part of the "minimal gui" for servers.
<lamont> nealmcb: are there any good ones?
<lamont> short of maybe cupsys's gui?
<Burgundavia> ebox has an ok one
<nealmcb> lamont: I was assuming the default of gnome-cups-manager -but don't know how much cruft that would bring in beyond what you all listed before....
<nealmcb> but it is surprising that there doesn't seem to be a way to bring in a relatively simple gnome desktop with ooo etc.  I guess "relatively simple gnome" is an oxymoron...
<lamont> hehe
* lamont isn't a gui guy, for the most part
<nealmcb> me either.  I just know that dealing with a printer on a feisty xubuntu desktop is a pain.  I guess I need to figure out how to configure the x11 config of cups, with working users and all - first attempts failed....
<kraut> moin
<kgoetz> hey
<_ruben> hmm .. i tried both emptying and deleting the 70-persistent-net.rules, but it either remains empty or non-existing after a reboot :(
<_ruben> soren: any ideas? or anyone else for that matte
<_ruben> r
<soren> _ruben: Hang on.. checking.
<_ruben> sure
<soren> Have you done anything at all to 75-persistent-net-generator.rules ?
<_ruben> nope, i hadn't even noticed that file untill now
<soren> _ruben: What do you mean by "either remains empty or non-existing"? which is it?
<_ruben> depends on whether i emptied it or deleted it ;-)
<_ruben> iow: nothing changes after reboot
<_ruben> any way to force to generation of that file other than rebooting?
<soren> _ruben: Not really.
<soren> Do you see the interfaces at all?
<soren> ifconfig -a ?
<_ruben> yes, i see both of em, nicely named eth0 and eth1
<soren> Ok. Hang on, I'll test something.
<_ruben> Ok
<soren> it does work for me.
<soren> _ruben: Ok, here's what we do..
<soren> No, that didn't work :
<soren> )
<soren> This is feisty, or gutsy?
<soren> I forget.
<_ruben> gutsy
<soren> Everything's up-to-date?
<_ruben> i installed yesterday and ran a dist-upgrade .. i'll if there's any pending updates now
<soren> No, yesterday is recent enough.
<soren> Could you be so kind and file a bug on launchpad about this?
<_ruben> hmm .. there's 23 updates available, i'll give this a shot and if that aint helping i'll file a bug
<_ruben> would there be any differences between emptying the file and deleting it? just rebooted with an empty file and it remains empty
<_ruben> ok, bug filing it is
<kraut> yoda?
<_ruben> hehe ;)
<_ruben> soren: is there a specific package i should file this bug against?
<_ruben> bug filed (#149319)
<soren> _ruben: udev.
<soren> _ruben: oh.
<soren> _ruben: heh :)
<soren> _ruben: have you done anything else at all to try to fix the nic naming thing?
<_ruben> soren: not that i recall .. i did manage to get it renamed to int0 like i wanted (using a line i tried earlier but only did network restarts back then, no reboots)
<_ruben> i added the reference to the udev package in my bug report
<leonel> is there any problems with     security.ubuntu.com ?
<_ruben> its slow, but seems functional otherwise
<leonel> _ruben: yes it responded
<ScottK> lamont: The Postfix backport for Feisty got done and my servers upgraded no trouble at all (as I expected).  I think it'd be nice to offer the latest Postfix in dapper-backports too.
<lamont> ScottK: I'm good with that
<lamont> I'm mean, it's -backports...
<lamont> more crack there than in universe. :-)
* lamont reminds himself to be nice.
<lamont> ScottK: does it require a manual upload for dapper, or is it push-button?
* lamont can't remember
<ScottK> lamont: Dunno.  I have a dapper box I can test it on.
* lamont is reminded that screwing up his mirror script and then removing all of the gutsy/ports debs makes for a long resync
<ScottK> more crack in lamont's mirror script than in ...
<ScottK> Oops.  Did I say that out loud?
<Kamping_Kaiser> :)
<lamont> two extra quote characters...
<lamont> it's a less abusive script than my partial-mirror script was
<lamont> this script at least mirrors a complete suite/arch tuple
<lamont> instead of being rather germinate-like in generating a list of what I wanted.
<lamont> ScottK: touch
* ScottK makes a Dapper pbuilder....
<soren> _ruben: Could you grab an md5sum of /etc/udev/rules.d/75-persistant-rules-generator.rules ?
<_ruben> sure, sec
<_ruben> 1536dab0e466d9eede6fe88edd09d9ff  /etc/udev/rules.d/75-persistent-net-generator.rules
<_ruben> i assume that one
<ivoks> again problems with interfaces?
<_ruben> same issue as yesterday still
<ivoks> soren: AFAIR, that file wasn't changed
<ivoks> installer was changed
<ivoks> _ruben: did you reinstall?
<_ruben> i did manage to get my interfaces renamed, but the 70-persistent-net.rules doesnt get recreated
<_ruben> ivoks: i did a fresh install yesterday
<ivoks> with latest daily?
<soren> ivoks: I know it hasn't changed, but it's not working on _ruben's system.
<_ruben> i guess not, picked the beta, didnt even think about the alternative of picking a daily
<ivoks> _ruben: well, in beta, that's broken
<soren> I get the same md5sum.
<ivoks> installer is the guilty one
<soren> ivoks: Yes, in the installer.
<soren> After install, it should work.
<soren> it doesn't.
<ivoks> it does for me
<_ruben> afaik i didnt do anything fancy during or after install
<ivoks> that one loads only if there are new interfaces, which don't exist in 70-persistent-net.rules
<_ruben> ivoks: i tried both emptying and deleting that file, no changes after reboot
<_ruben> file remains empty/deleted
<ivoks> _ruben: you have latest updates?
<_ruben> yes
<ivoks> ok
<ivoks> remove all content (but not file) from /etc/udev/rules.d/70-persistent-net.rules
<_ruben> unless my source are messed up somehow as well, but i doubt that
<_ruben> i've tried that several times
<ivoks> and then stop udev
<ivoks> and then start udev
<ivoks>  (/etc/init.d/udev stop | start)
<ivoks> you did that?
<_ruben> no, i tried network restarts and reboots
<ivoks> network restarts have nothing to do with this
<_ruben> that's a habit i got from suse
<_ruben> though i doubt restarting udev would yield different effects than a reboot, right?
<ivoks> ok, could you just try that what i've told you?
<_ruben> sure
<ivoks> great...
<_ruben> ruben@ismlnx-fw08:~$ sudo /etc/init.d/udev stop
<_ruben>  * Stopping kernel event manager...                                                                                                                                                                                                  [ OK ] 
<_ruben> ruben@ismlnx-fw08:~$ sudo /etc/init.d/udev start
<_ruben>  * Starting kernel event manager...                                                                                                                                                                                                  [ OK ] 
<_ruben>  * Loading hardware drivers...                                                                                                                                                                                                              error receiving uevent message: No buffer space available
<_ruben>                                                                                                                                                                                                                                      [ OK ] 
<ivoks> hm
<_ruben> file's still empty
<ivoks> that message isn't normal
<_ruben> and my nics kept their renamed names (int0/wan0) btw
<ivoks> is that amd64?
<_ruben> yes
<ivoks> long boot up?
<_ruben> not really
<ivoks> https://bugs.edge.launchpad.net/ubuntu/+source/udev/+bug/57041
<ubotu> Launchpad bug 57041 in udev "no buffer space available" [High,Invalid] 
<ivoks> do you get this message every time?
<_ruben> hmm .. it did like 3 times in a row, just tried again once, and it didnt show that message
<ivoks> funny... :/
<_ruben> 3 times in a row without that error now
<ivoks> ok
<_ruben> but file remains empty
<ivoks> is that /etc/udev/rules.d/70-persistent-net.rules still empty?
<ivoks> ok...
<ivoks> is this a laptop?
<_ruben> no, dell poweredge 860
<ivoks> hm hm hm
<ivoks> and what network devices you have?
<_ruben> 04:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5721 Gigabit Ethernet PCI Express (rev 11)
<_ruben> 05:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5721 Gigabit Ethernet PCI Express (rev 11)
<ivoks> ok...
<ivoks> try adding int*|wan* to /etc/udev/rules.d/75-persistent-net-generator.rules
<ivoks> so the second line would look like:
<ivoks> ACTION=="add", SUBSYSTEM=="net", KERNEL=="eth*|ath*|wlan*|ra*|sta*|int*|wan*" \
<ivoks> then do udev start stop thing again
<_ruben> heh .. i did get that buffer error again .. but...
<_ruben> $ cat /etc/udev/rules.d/70-persistent-net.rules
<_ruben> # PCI device 0x14e4:0x1659 (tg3)
<_ruben> SUBSYSTEM=="net", DRIVERS=="?*", ATTRS{address}=="00:18:8b:f7:90:5a", NAME="wan0"
<_ruben> # PCI device 0x14e4:0x1659 (tg3)
<_ruben> SUBSYSTEM=="net", DRIVERS=="?*", ATTRS{address}=="00:18:8b:f7:90:59", NAME="int0"
<_ruben> odd .. wonder why it didnt work back when i had eth* devices
<ivoks> only one?
<ivoks> ok... but this is not good
<ivoks> checkout dmesg | grep eth
<_ruben> only one error? yeah
<ivoks> and dmesg | grep wan
<_ruben> $ dmesg | grep eth
<_ruben> [   63.928948]  eth0: Tigon3 [partno(BCM95721) rev 4101 PHY(5750)]  (PCI Express) 10/100/1000Base-T Ethernet 00:18:8b:f7:90:59
<_ruben> [   63.928955]  eth0: RXcsums[1]  LinkChgREG[0]  MIirq[0]  ASF[1]  WireSpeed[1]  TSOcap[1] 
<_ruben> [   63.928957]  eth0: dma_rwctrl[76180000]  dma_mask[64-bit] 
<_ruben> [   63.969067]  eth1: Tigon3 [partno(BCM95721) rev 4101 PHY(5750)]  (PCI Express) 10/100/1000Base-T Ethernet 00:18:8b:f7:90:5a
<_ruben> [   63.969073]  eth1: RXcsums[1]  LinkChgREG[0]  MIirq[0]  ASF[1]  WireSpeed[1]  TSOcap[1] 
<_ruben> [   63.969075]  eth1: dma_rwctrl[76180000]  dma_mask[64-bit] 
<_ruben> $ dmesg | grep wan
<_ruben> [   69.896212]  tg3: wan0: Link is up at 1000 Mbps, full duplex.
<_ruben> [   69.896216]  tg3: wan0: Flow control is on for TX and on for RX.
<_ruben> [   83.522902]  wan0: no IPv6 routers present
<ivoks> ok...
<ivoks> emtpy the content of /etc/udev/rules.d/70-persistent-net.rules
<ivoks> and reboot :)
<_ruben> hmm .. not sure, but im under the impression that int0 and wan0 swapped names at a certain point during the reboots, but that doesnt really matter now (i think)
<ivoks> it's possible, yes
<_ruben> ok, lets see if it comes up properly .. the machine is a few stairs down :)
<ivoks> :)
<ivoks> thanks for helping us solve this...
<_ruben> takes a while to boot, but that's the bios and shit taking quite some time .. ubuntu itself is small part of the total boot time ;)
<ivoks> if it doesn't get interfaces up, that could be a good sign :D
<_ruben> its pinging :)
<_ruben> lets see if ssh works
<_ruben> ok, its up, with an eth0 and eth1
<_ruben> checking the file
<_ruben> ruben@ismlnx-fw08:~$ cat /etc/udev/rules.d/70-persistent-net.rules
<_ruben> ruben@ismlnx-fw08:~$
<ivoks> funny
<_ruben> yup
<ivoks> udev stop & udev start?
<_ruben> no longer empty ;-)
<ivoks> but no that buffer error?
<_ruben> indeed, no error
<_ruben> i realised something
<ivoks> and is eth0 and eth1 in 70-persistent-net?
<_ruben> dont know if its related
<_ruben> yes
<ivoks> great!
<ivoks> maybe it is
<_ruben> i have /var/log/ on a lvm partition on top of a software raid .. and during boot i see a msg like mv /dev/.udev.log /var/log/udev .. which fails because /var/log isnt mounted yet
<ivoks> ouch...
<ivoks> we should talk with someone know know udev better than us :D
<ivoks> anyway, that is a bug
<ivoks> and you should report it
<_ruben> you happen to know such a person? ;-)
<_ruben> i already did
<_ruben> 10:48 < _ruben> bug filed (#149319)
<_ruben> i guess i could add some comments now
<_ruben> that udev restart does work, somehow
<ivoks> yeah
<ivoks> bug 149319
<ubotu> Launchpad bug 149319 in udev "network interfaces not properly configured" [Undecided,New]  https://launchpad.net/bugs/149319
<ivoks> do you have /dev/.udev.log?
<ivoks> or /var/log/udev?
<_ruben> lemme check
<_ruben> ruben@ismlnx-fw08:~$ ls -lh /var/log/udev /dev/.udev.log
<_ruben> -rw-r--r-- 1 root root 293K 2007-10-05 16:48 /dev/.udev.log
<_ruben> -rw-r--r-- 1 root root 302K 2007-10-04 13:42 /var/log/udev
<ivoks> anyway, bug with multiple interfaces is solved (i'm checking it again)
<ivoks> heh /var/log/udev is from yesterday
<ivoks> you installed it yesterday?
<_ruben> yes
<_ruben> most likely around that time
<_ruben> my lost+found dir has a similar timestamp, so that'd be correct
<ivoks> ok... that could be a root of the problem
<ivoks> and you can edit /etc/udev/rules.d/70-persistent-net.rules now and rename interfaces to the ones you want
<_ruben> sure
<ivoks> the thing with eth2/eth3 instead eth0 and eth1 is fixed (but, i'm checking it again)
<_ruben> i really need to edit my inputrc to have pgup/pgdn scroll through my bash history .. its a habit/feature i dont want to lose ;-)
<_ruben> and some terminal configuration as well .. when pressing arrow keys in edit mode in vi(m) causes D/B/... chars to be printed instead of cursor movement
<_ruben> smth i recall from my slackware 4.0 machine :-P
<mralphabet> _ruben: I have that too, it drives me crazy and I am not sure how to fix it
<_ruben> 5 o'clock .. time for me head home
<_ruben> thanks for the support so far and have a nice weekend
<ivoks> _ruben: wait
* _ruben burns some skidmarks in the carpet
<ivoks> :)
<ivoks> _ruben: add the information about /var/log to that bug
<_ruben> ah ok
<_ruben> having /var/log as seperate partition might need a bug on its own .. /var/log/boot shows: (Nothing has been logged yet.)
<ivoks> _ruben: great, then report it as a new bug :)
<_ruben> any particular package i could file that against?
<ivoks> udev
<_ruben> the /var/log/boot one is udev related as well?
<ivoks> bug will be reassigned to proper package if udev is wrong
<ivoks> it's just important to get that on LP ASAP, since launch is near
<_ruben> ok
<ivoks> i think scott is already working on it :)
<_ruben> Bug #149476 filed
<ubotu> Launchpad bug 149476 in udev "Having /var/log as a seperate partition breaks udev and possibly more" [Undecided,New]  https://launchpad.net/bugs/149476
<_ruben> (couldnt think of a more proper title for the bug, its friday afternoon, weekends around the corner ;-))
<ivoks> it's ok :)
<_ruben> it took quite some thinking to get to this one ;-)
<ivoks> thanks for all the info and help
<_ruben> same to you
<_ruben> am i allowed to go home now ? ;-)
<ivoks> :D yes :D
<_ruben> might go play a ball or two of table soccer in the basement first tho .. will be back monday :-)
<ivoks> enjoy your weekend
<_ruben> you too
<ivoks> um soren ... :)
<ivoks> soren: i just tested with daily from yesterday... and the bug with interfaces is still there :/
<soren> ivoks: d-i might need a rebuild to catch the new busybox.
<ivoks> could be, yeah...
<ScottK> lamont: Postfix 2.4.5-3 on Dapper works just fine with no changes.
<ScottK> -3build1 I guess.
<lamont> rock
<ScottK> lamont: Done.
<ScottK> It may be some kind of record.  4 minutes from I filed the backports bug to the archive had released the backport!
<mathiaz> ScottK: ok.
<ScottK> It seemed more on topic here.
<ScottK> Yes.  I know almost nothing about samba
<mathiaz> ScottK: every now and then there is a request file in LP that samba should be upgraded to suppor the latest and greatest.
<ScottK> Which is, in general, what backports is for.
<mathiaz> ScottK: I was wondering if dapper-backport could be used for shipping the latest samba
<mathiaz> ScottK: so that people can use the latest version of samba or choose the one that is supported.
<ScottK> Sure.  The key questions are:
<mathiaz> ScottK: I was thinking about putting the latest version from samba in dapper-backports.
<ScottK> 1.  Are there rdepends that it breaks?
<ScottK> 2.  Does it work (who's got Dapper and is going to test it)?
<ScottK> 3.  When it falls over and dies and users file bugs, who can I point a finger at?
<mathiaz> ScottK: for 3. I guess that users will file a bug directly under samba for ubuntu.
<soren> ivoks: I checked, and yes, that's the case.
<mathiaz> ScottK: so ubuntu-server will receive it.
<ivoks> soren: great
<ScottK> mathiaz: And if they do, you should mark it invalid and tell them to file against dapper-backports.
<mathiaz> ScottK: right. May be ubuntu-server could be added as a bug contact for samba in -backport
<soren> ivoks: Yeah, so it's under control, and as soon as my module-init-tools build is done, I think cjwatson will be doing a new d-i build, so either tomorrow or the day after.
<ScottK> For backports it's all or nothing.
<ScottK> I think we can leave it that if there are problems, I'll scream and you'll deal with it.
<ScottK> Oh.  Almost forgot:
<ScottK> 4.  Are all the dependencies present in Dapper.
<ScottK> That's important too.
<mathiaz> ScottK: yes. of course.
<mathiaz> ScottK: I won't try to publish in dapper if it cannot build.
<mathiaz> ScottK: what do you mean by "all or nothing" ?
<ScottK> If you are a dapper-backports bug contact you get ALL the dapper-backports bugs, not just specific packages.
<mathiaz> ScottK: you cannot set a bug contact for the specific package ?
<ScottK> No.
<mathiaz> ScottK: is it by policy or for a technical reason ?
<ScottK> Technical
<ScottK> We don't file bugs in backports by package, just against the project.
<mathiaz> ScottK: ok.
<ScottK> It's no problem for me to point you at stuff that comes up, I just want to make sure there's someone that will figure Samba stuff out as I'm virtually completely ignorant on Samba.
<mathiaz> ScottK: ok. I understand your point of view.
<mathiaz> ScottK: I may bring that up during next ubuntu-server meeting.
<ScottK> So, if you decide to go for it, test the package out and then file a bug in dapper-backports.
<ScottK> OK.
<ticked> i am trying to install ubuntu 7.04 server edition, the desktop edition sets up fine on that machine. but when ever i try the server edition i get to "trying to enable frame buffer" and it hangs there....any ideas??
<nealmcb> ticked: what kind of machine?
<ticked> nealmcb hang on and i will get the details
<ticked> utits a p4 1.6 with 512MEG
<nijaba> ticked: the video card would be usefull
<ticked> sis
<nijaba> if you do not know the precise model : put the result of lspci -vvnn in pastebin.com and send the URL
<ticked> hang one
<ticked> Integrated RealTek 256-bit 2D/3D Graphics Engine.
<ticked> that help?
<nealmcb> ticked: this can also help: https://wiki.ubuntu.com/DebuggingHardwareDetection
<ticked> thanks
<ScottK> lamont: I find Changed-By: SpecialK <scottk@byu.edu> in the changes file for the Postfix backport to Dapper.  Since you're the listed maintainer, you may hear from SpecialK as that's not me.
<ScottK> lamont: Also it FTBFS on AMD64.  Any suggestions? http://launchpadlibrarian.net/9824338/buildlog_ubuntu-dapper-amd64.postfix_2.4.5-3build1%7Edapper1_FAILEDTOBUILD.txt.gz
<maestrojed> i have just installed php5 on my ubuntu box.  Some functions that use sendmail are not sending mail yet not returning any errors.  Does the default installation of PHP5 built for Ubuntu disable sendmail in any way?
<ScottK> maestrojed: Did you install an MTA?  One isn't included by default.
<maestrojed> ScottK: I don't know what an MTA is?
<maestrojed> ScottK: so, no, I did not install one :)
<ScottK> maestrojed: Mail Transfer Agent (aka mail server).
<ScottK> Then you have no sendmail.
<mathiaz> !mta | maestrojed
<ubotu> Sorry, I don't know anything about mta - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<maestrojed> ohhh, no this is the first server I built and I followed the direction for a standard LAMP server but didn't now I had to do that.
<mralphabet> the piece of software that accepts a message, wraps stuff around the message, then is capable of handing the message off to another machine = MTA
<maestrojed> Gotcha, Thanks for all this info.  I will read up on it and try to get one installed
<mralphabet> maestrojed: LAMP is apache mysql (or postgresql) and php (or python or perl)
<maestrojed> mralphabet: right, I just thought sendmail was a self contained function in PHP that could send mail.  I did not realize it needed a MTA
<mralphabet> mta isn't in that equation ;)  I would suggest postfix, it seems the standard preference
<maestrojed> great
<mralphabet> maestrojed: gotcha
<mralphabet> "sendmail" is an MTA by itself
<mralphabet> there are several large MTA packages
<mralphabet> Sendmail, EXIM, Postfix
<ScottK> Postfix is the primary/most supported in Ubuntu, but you can use pretty much whichever one you want.
<mralphabet> there are other smaller ones too, but like ScottK said, postfix is probably the way to go
<dantalizing> does the postfix configuration set up a symlink for /usr/sbin/sendmail?  and does postfix accept the same args?
<dantalizing> the way exim4 does?
<mralphabet> now that we have beat that issue to death . . .
<ScottK> dantalizing: Yes.  One of Postfix's primary design goals was to be externally compatible with Sendmail.
<dantalizing> thx
<ScottK> dantalizing: The other ones were to be more secure and more comprehensible.
<ScottK> Even today, "Sendmail does X, so please fix Postfix" is generally an acceptable request.
<dantalizing> need to try migrating one of my systems to postfix
<maestrojed> Hey I appreciate it because I know not what I am doing :) So all this info is great
<ScottK> For anyone learning Postfix, I highly recommend "The Book of Postfix".  It covers everything you need to know in a logical, detailed way.  Not just Postfix specifics, but the theory behind it too.
<dantalizing> is that available via apt? or $ only?
<dantalizing> nm...
<ScottK> Which?
<ScottK> Oh.
<leonel> the latest clamav for  feisty  is  0.90.2-0ubuntu1.4    where can I get the original before this updated version ?
<nealmcb> maestrojed: if you don't really want to handle mail on the machine, you can also check out smaller packages like ssmtp  nullmailer, nbsmtp, esmtp-run, sendemail
<nealmcb> many of which just send email....
<Roge> is there a way to force apt-get to use the network repo.. as it is asking for the cd
<ScottK> leonel: Source package or .deb?
<leonel> deb
<ScottK> Which arch?
<leonel> i386
<ScottK> leonel: Linked from here: https://edge.launchpad.net/ubuntu/+source/clamav/0.90.2-0ubuntu1.3/+build/366243
<leonel> thank you
<leonel> I Still get lost  between mirrors  packages.ubuntu.com  and launchpad :(
<mralphabet> Roge: remove cd from /etc/apt/sources.list
<Roge> thx
#ubuntu-server 2007-10-06
<lamont> ScottK: busted libcdb on amd64.  suckage
<lamont> tinycdb has a bug on dapper.  we should fix it.
<lamont> got an amd64 machine around to play with>
<lamont> ?
<randomness> hi all, would like to ask if anone has tried to install vmware server on top of ubuntu server?
<lamont> next time someone asks, they /usr/sbin/sendmail link and parameters working is a matter of debian policy for MTAs
* lamont wanders off again
<nealmcb> !vmware | randomness
<ubotu> randomness: VMWare Player is in Ubuntu's !Multiverse repository (package "vmware-player"), and http://www.easyvmx.com/easyvmx.shtml can create VMs for it. For VMWare Server, instructions can be found at https://help.ubuntu.com/community/VMware - See also !virtualizers
<randomness> nealmcb: i thought it might be more appropriate to ask here, nonetheless, thanks for recommending vmware channel
<nealmcb> randomness: here is a fine place to ask.  I'm just not an expert, so I leaned on ubotu....
<kb3llm> i have ubuntu server working, but how do i make it a printer server? (how do i install the printer, first off)
<ivoks> install cupsys package
<kb3llm> ok??
<kb3llm> thats it?
<lamont> ScottK: note that postfix_2.4.5-3ubuntu1 will not backport to dapper very well (switched to db4.5 from db4.3)
<lamont> and db4.5 arrived in feisty
<ScottK> Argh.
<dantalizing> agreed
<ScottK> lamont: Sounds like I have another backport to do.
* ScottK mumbles that some versioned depends on dbwhatever would have been nice....
<kb3llm> is there an apt-get for the CUPS drivers? I got cups, but the drivers arent installed (according to webmin)
<leonel> !webmin
<ubotu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system
<leonel> !webmin @ kb3llm
<ubotu> Sorry, I don't know anything about webmin @ kb3llm - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<leonel> kb3llm:
<leonel> !webmin
<ubotu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system
<kb3llm> heh, its been working fine for me..
<lamont> ScottK: I'm open to suggestions
<ScottK> lamont: OK.  Let me see what I can figure out.
<ScottK> lamont: I'm a bit confused.  The source package for 2.4.5-3 that I downloaded has a build-dep on libdb4.3-dev.  When you say you switched from db4.3 to db4.5, where do I find that in the package?
<lamont> ScottK: in 2.4.5-3ubuntu1
<lamont> which was just uploaded earlier ...  and consists of changelog + sed -i s/db4.3/db4.5/g debian/control.
<Scunizi> how is webmin started?
<ScottK> lamont: Then I guess I just barely dodged the bullet for Dapper as 2.4.5-3build1 is what got backported and it has 4.3.
<julius> Basically My new raid card has had the module loaded incorrectly and i have allready started expanding my md array with many errors being shouted at me
<julius> can i shutdown the computer without hurting the expansion process?
<kraut> moin
<lamont> ScottK: right.
<ScottK> lamont: Which is just as well because db4.5 FTBFS in Dapper even on i386.  It would have been a real mess to clean up (of course if I'd had the db4.5 version my test build would have failed).
<lamont> right.  I was asked to roll postfix/gutsy to db4.5 since it was the last package on the CD that Depends: libd4.3
<lamont> that was after your backport
<lamont> so it won't be an issue until the next time..
<lamont> and in hardy, it'll be using libdb4.6
<lamont> which sid already does
<lamont> I could make it build-depend: libdb-dev (>4.6.19-1) | libdb4.5 | libdb4.3, I suppose
<lamont> I could make it build-depend: libdb-dev (>4.6.19-1) | libdb4.5-dev | libdb4.3-dev, I suppose
<lamont> I'm disinclined to do so that though
<lamont> s/that//
<ScottK> I think offering Postfix 2.4.5 in dapper-backports is plenty.  If it ever became important to do another backport, I'd just ask you to do it as a source backport with the libdb build-dep rolled back.
<lamont> yeah
<ScottK> This episode does, I think, demonstrate the basic strength of the Debian package management system.
<ScottK> We thought we'd broken something, hadn't, and only after (me anyway) noticed that we couldn't have broken it because the packaging system wouldn't have let us.
<ScottK> It does make me really glad though that I gave pitti a ping to do it and he did it right away so the version I tested and the one he backported were the same one.
<lamont> heh
<lamont> and tinycdb needs a fix in dapper-updates(?) so that it'll build postfix on amd64
<ScottK> lamont: Do we have a patch for tinycdb?  I haven't looked into it.
<lamont> so, uh, once you get a patch for tinycdb for dapper, I'll be happy to upload that. :-)  backporting that one isn't really an option (binary package renamed, etc)
<ScottK> Sounds like a good thing to get fixed in general.
<lamont> note the care with which I duck working on said patch.. :-)
<ScottK> OK.  Can you point me in a direction?  I know zip about tinycdb.
<ScottK> Yes. Noted.
<lamont> somewhere in the make, it builds that .o without -fPIC and then drops it into the library
<lamont> the other option would be to not support cdb on amd64. :)
<lamont> it needs to have -fPIC on the lib files
<ScottK> Better to fix tinycdb if I can figure it.
<lamont> for .so (does it even make a .so there..)
<lamont> ?
* ScottK hasn't looked at tinycdb yet.
<lamont> holler if you get stuck - I'd have to dig into it enough to understand what its doing, too.
<ScottK> First I'll see if I can Tom Sawyer someone else into doing it.
* lamont thought that was huck finn.
<ScottK> I'm pretty sure it was Tom Sawyer that had to whitewash the fence.
<ScottK> It's been several decades since I read the book, so who knows.
<lamont> same issue here.
* lamont -> family
<ivoks> http://paste.ubuntu-nl.org/39776/ - check this out
<ivoks> system can see sda partitions, but not /dev/sda :)
<longhui> Hello!
<longhui> I have some troubles with booting from an RAID+LVM array
<longhui> can anyone help me?
<longhui> I used to have a LVM system only
<longhui> that I migrated to RAID+LVM online
<longhui> now I wanted to make sure the system starts up if it somewhen has to -> it does not
<longhui> the root partition /dev/mapper/hostname-root is not found
<longhui> the logical volume is set up on top of /dev/md1
<sten_> wow...
<sten_> that seems to be the default behaviour
#ubuntu-server 2007-10-07
<sten_> hello?
<sten_> read error?
<sten> well, I just ran wireshark against my local interface, and it looks like SMTP TLS is working :-)
<Roge> whats wireshark
<sten> ethereal was re-named to wireshark -- I just learnt this 5min ago.  I've been working on setting up Dovecot SASL authenticated SMTP, which doesn't relay mail for anyone except for authenticated users.  (and it's all encrypted)
<sten> seven years ago it was so, so much harder to set such a system up!
<sten> sniffing the wire was necessary to ensure that everything was in fact encrypted
<nealmcb> sten: yeah - I went thru the pain years ago also.  what is involved now?
<nealmcb> just works by default that way?  is that what you said earlier?
<sten> nealmcb: mm.  I was surprised that mail-relay was enabled for Dovecot SASL authenticated users
<sten> (Dovecot has its own SASL interface which replaces Cyrus'...Thank god.  It's much easier/simpler/faster to set up)
<sten_> I'm of course planning to change the snakeoil certs
<sten_> but yeah...it's a lot easier to set up Postfix + Dovecot for SASL and TLS/SSL than it used to be
<sten_> nealmcb: here are some of the sites I used as references
<sten_> /etc/ssl/private/DigitalMercury.key
<sten_> oops
<sten_> http://www.postfix.org/SASL_README.html
<sten_> http://adomas.org/2006/08/postfix-dovecot/
<sten_> http://www.postfix.org/TLS_README.html
<sten_> http://www.aet.tu-cottbus.de/personen/jaenicke/pfixtls/
<sten_> (that was one of the few times Xorg's clipboard--the middle click--failed me)
<sten_> hmm, that last link is superfluous
<sten_> there's only one catch:  The version of Dovecot (possibly Postfix too...I don't remember) shipped with Dapper doesn't support exporting a SASL interface to Postfix
<sten_> Now I remember why "everything just worked"....I modified my main.cf a year ago, before learning that the version of Dovecot I was using was too old.  Having recently upgraded to Fiesty, I thought that I'd give it a try again.
<tc> hi, after installing gutsy i lost a network
<tc> how could i proceed to make it work again?
<elliotjhug> hi all, how do I get apache to forward requests for www.foo.com to /var/foo as opposed to forwarding everything to /var/www?
<wasabi> You alter the configuration file.
<elliotjhug> wasabi: yeah.... I worked out that much. I was kinda after a pointer on where to alter said configuration file
<elliotjhug> alternitievely anybody's sample vhost.conf file would be useful?
<soren> elliotjhug: Yo uset the DocumentRoot to /var/foo
<elliotjhug> soren: thanks
<elliotjhug> soren: Thing is I want domainA to go to /var/domainA and domanB to go to /var/domainB
<soren> elliotjhug: Then you create two virtualhosts.
<soren> One with documentroot /var/domaina and the other /var/domainb.
<elliotjhug> soren: Thats what I thought, doesn't appear to be working
<soren> elliotjhug: What've you done?
<elliotjhug> soren: I followed http://www.linux.com/feature/118471 but all it does it keeps forwarding to the same place
<soren> elliotjhug: Well, you've left something out.
<soren> elliotjhug: In /etc/apache2/sites-available you should create two files..
<soren> one for each domain.
<elliotjhug> soren: OK, I'll have a go with that then
<elliotjhug> soren: thanks
<soren> Make sure you've got the proper symlinks in /etc/apache2/sites-enabled.
<elliotjhug> are there any good guides for this kind of thing you know of or what?
<soren> There's something at http://doc.ubuntu.com/ubuntu/serverguide/C/httpd.html but there's possibly something better out there. I don't really know, actually.
<ScottK> soren: Would you have a look at Bug 150276?  Looks like one we ought to get uploaded to me....
<ubotu> Launchpad bug 150276 in ivtv "UVFe: [Sync Request]  ivtv 1.0.2-2 from debian unstable" [Undecided,New]  https://launchpad.net/bugs/150276
<soren> ScottK: will do.
<soren> ScottK: Acked and subscribed u-a.
<ScottK> Great.
<soren> ScottK: Thanks for pinging me about these things. I'm waay behind on bugmail.
<ScottK> No problem.
<elliotjhug> soren: sorry to interrupt, I tried that thing you sent me, and used the httpd guide. Still goes straight to the site I don't want it to..
<soren> elliotjhug: And you still haven't told me what you've done.
<elliotjhug> soren: Ok, What I've done is created the sites-available directory, and files. Based on what the apache guide and tutorials say. Then I used a2ensite to enable my two sites. Then I restarted apache, and asked someone outside my network to check both. They both forward to the same site
<soren> elliotjhug: Put those two files on pastebin, please.
<soren> !pastebin
<ubotu> pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)
<elliotjhug> soren: http://paste.ubuntu-nl.org/39904/
<elliotjhug> soren: Sorry, I'll have to go. Thanks for your time anyway
<soren> gah..
<soren> Dear user. Please to be stoppink askink questions you not be havink time to wait for answers to. kthxbye.
#ubuntu-server 2008-09-29
<phaidros> my irc live on my server, just need a dumb term with ssh :)
<phaidros> s/live/lives
<[Solars]> heh
<[Solars]> so it said it re-added
<[Solars]> cat /proc/mdstat shows all
<[Solars]> but still inactive
<phaidros> but all are in?
<[Solars]> yea
<[Solars]> all 4 parts
<phaidros> hm, what does swapon -a say?
<phaidros> (maybe use /dev/md2 in fstab)
<[Solars]> swapon -a still gave same complaint
<phaidros> hm, ok.
<phaidros> so: mdadm --stop /dev/md2
<[Solars]> the raid needs to be active
<phaidros> we shut it down
<[Solars]> also... blkid doesn't show uuid for that device
<[Solars]> kk lets stop it!
<phaidros> and reassemble with: mdadm --assemble ..
<phaidros> that would rebuild the created (once with --create) raid device
<[Solars]> got an error!
<[Solars]> after entering
<phaidros> what does it say?
<[Solars]> mdadm --assemble /dev/md2 /dev/sda2 ... /dev/sdd2
<[Solars]> i got
<[Solars]> mdadm:/dev/md2 assembled from 3 drives - not enough to start array while not clean - consider -force
<phaidros> hm, strange
<[Solars]> so i guess gotta figure out how to clean the four drives
<phaidros> what does your /etc/mdadm/mdadm.conf say about that md2 ?
<phaidros> (maybe only 3 listet)
<[Solars]> nope
<[Solars]> shows it with 4 drives with raid 5
<phaidros> so, 3 possibilities: use --force for assemble or try assamble with --scan (to see what is does)
<phaidros> 2nd: leave as is
<[Solars]> erm lets break it then reassemble with scan
<phaidros> 3rd: consider having a non raid swap. (i usually not raid my swaps) and mount 4 of them with same prio :)
<[Solars]> or can i run scan w/o breaking
<phaidros> nope. assemble wants to setup new imho. but try
<phaidros> http://www.racmar.com/content/view/27/42/
<phaidros> someone with the same issue :)
<[Solars]> failed to RUN_ARRAY /dev/md2: Input/Output error
<[Solars]> using the cmd mdadm --assemble --scan --force
<phaidros> hm, I'm runnind out ideas now ..
<phaidros> what does fdisk say about sdd ?
<[Solars]> wonder if i have to use the alt-cd and go to rescue mode and rebuild that partition
<[Solars]> fdisk shows all partitions
<phaidros> nope. it is not in use. so you could rebuild it
<phaidros> just be careful about device numbering
<phaidros> maybe deleting in fdsik is not so clever ..
<phaidros> not sure
<phaidros> is it a server machine?
<[Solars]> i rebooted just to see if it would work... all points are shown in /proc/mdstat but are syncing
<phaidros> good :)
<[Solars]> this isn't used as a server machine
<phaidros> this will take a while, after that either swapon or creating mkswap before should work :)
<[Solars]> but not shown in mount
<phaidros> swap is never shown in mount
<phaidros> you only see with swapon -s
 * flyback swears this is the last canucking time he spends half or all of his weekend working on work stuff even just remote
<phaidros> lol @ flyback
<phaidros> isn't it always 'terminal-time' ?
<phaidros> sometimes i even find it very refreshing :)
<phaidros> odd, eh?
<[Solars]> erm swapon -on doesn't show anything
<phaidros> swapon -s
<[Solars]> er i ment -s
<phaidros> yeah, because the device is still under rebuild
<[Solars]> and mkswap /dev/md2 complains about not having enough space
<phaidros> until this is done, waiting is the game :)
<[Solars]> so i gotta wiat
<phaidros> argh --
<phaidros> rebuild is done?
<[Solars]> lemme check again
<phaidros> sometimes this can take ages (it lasted 2 hours for my partition this afternoon :-/)
<[Solars]> i might be wrong about it rebuilding... entry for /dev/md2 is
<[Solars]> md2 : inactive sda2[0](s) sdb2[3](s) sdc2[2](s) sdd[2](s)
<phaidros> hm
<[Solars]> sdd[2] is new as long with the (s)'s
<phaidros> why inactive??
<[Solars]> doesn't say
<phaidros> well, I throw the towel .. sorry, no idea
<[Solars]> can mdadm check stats?
<phaidros> uhm .. wait
<[Solars]> status
<phaidros> mdadm --detail or like this
<phaidros> and mdadm --examine
<phaidros> detail for mdX, examine for sdX
<phaidros> or vice versa
<[Solars]> it just shows the device is not active fter "mdam --details /dev/md2"
<phaidros> what I would do now is the following:
<phaidros> stop md2
<phaidros> set for all sdX2 devices: mdadm --zero-superblock /dev/sdX2
<[Solars]> examining each shows each partition active and part of raid5
<phaidros> (which deletes the mdadm conf from the partition)
<phaidros> and afterward recreate the md2
<phaidros> mdadm --create /dev/md2 --level=5 --raid-device=4 /dev/sdX2 /dev/sd2 ..
<phaidros> mkswap and swapon -s
<phaidros> if that fails consider something very unusual ..
<[Solars]> erm does that also recreate /etc/fstab entry
<phaidros> nope.
<phaidros> when using mkswap /dev/md2 it tells a new uuid
<[Solars]> kk
<[Solars]> brb
<phaidros> so take that uuid into fstab *or* just write /dev/md2 in fstab :)
<phaidros> (I used to see the direct device name fail, but can't remember why)
<[Solars]> everything worked up to "mkswap /dev/md2"
<[Solars]> "swapon -s didn't work
<[Solars]> or rather showed nothing
<phaidros> mkswap worked?
<phaidros> now try swapon /dev/md0
<phaidros> after that you would see something with swapon -s
<[Solars]> that worked!
<[Solars]> i copied the UUID to fstab
<[Solars]> for the mount point for swap should be "none"?
<phaidros> yes
<[Solars]> kk lets reboot
<phaidros> swap is just used be the kernel if ram gets to full
<phaidros> s/be/by
<[Solars]> it rebooted
<[Solars]> and swap worked
<[Solars]> yay!
<[Solars]> i guess i'll load up irssi
<phaidros> :)
<phaidros> so, 2a.m. here. gotta go
 * [Solaris]2 waves to [Solars] 
 * [Solars] waves to [Solaris]2
<[Solaris]2> this is going to take some getting used to
<[Solaris]2> diffentl nees to be configured so ic an see stuff
<[Solaris]2> bbl
<drake_> erm
<[Solars]> test
<drake_> test
<elnewb> test
<[Solars]> working on getting irrsi color scheme working right lol
<drake_> test 2.0
<[Solars]> looks alot better
<[Solars]> green/black with linux standard
 * flyback bbl
<lukehasnoname> so apparently usermod -G writes OVER the user's current groups
<lukehasnoname> which is megagay
<lukehasnoname> so now my (currently) headless server has no sudo-capable user
<vk5foss> nice work.
<vk5foss> -a ftw
<lukehasnoname> ya, after rereading the man page I saw that
<lukehasnoname> so now my plans for the night must be appended as I cannot setup the VMs I wanted to do, since one of my roommates' brothers stole my server monitor so he could play WoW with us
<lukehasnoname> how do I install suggests in apt-get?
<vk5foss> i think you can set it in apt.conf
<lukehasnoname> eh, like on a case by case
<lukehasnoname> there are --no-install-recommends and --install-recommends (default) switches
<vk5foss> or with something like `-o Install::Suggests`
<kraut> moin
<chmac> kraut: moin moin
<scuser> hi all, does anyone know which package should I install to get the file /etc/auth-client-config/profile.d/krb-auth-config ?
<chmac> scuser: I think there's a command that can tell you which files are in which packages
<chmac> scuser: I'm not sure what it is though!
<hads> dpkg -L
<hads> Only for installed packages though so doesn't help the situation.
<chmac> scuser, hads: http://www.debian.org/doc/FAQ/ch-pkgtools.en.html#s-filesearch
<hads> scuser, chmac: http://packages.ubuntu.com/
<chmac> hads: Neat, I didn't realise there was a filename search on there, useful to know
<scuser> hi all, can anyone help me with this error "ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
<IOU> i dont know if this is the right place, but does anyone know of any good ways of tracking everything that users do on my server? They log in via SSH
<philsf> IOU: have you looked into acct?
<IOU> briefly
<philsf> IOU: what else do you need?
<scuser> hi all, does anyone know where could I find libnss-ldap.conf file ?
<slangasek> doesn't exist in Ubuntu, it's called /etc/ldap.conf instead; do you have documentation that refers to libnss-ldap.conf?
<milestone> hi all
<milestone> i have a queation with openldap as the authentication backend. I have installed and configured ldap-auth-config and ldap-auth-client. Authentication works on my ubuntu server
<milestone> only id -g <users> does not show the users memberships
<ivoks> zul: ping
<zul> ivoks: pong
<ivoks> zul: i have a working drbd setup :)
<zul> ivoks: really cool? what did you do?
<ivoks> zul: but, the problem is that it requires changes in kernel and userland
<ivoks> zul: i skiped 8.2.6 and moved to 8.2.7~rc1
<zul> ivoks: shouldnt be a problem I think
<zul> shouldnt be a problem after beta I think
<zul> ivoks: can you send me a diff of the kernel changes?
<ivoks> ok, i'll prepare patches
<ivoks> zul: sure
<ivoks> i don't have it atm, but i'll create one
<zul> ivoks: no problem
<ivoks> and that bacula bug... it could be a user error
<zul> which one? :)
<ivoks> since reported on bacula bug list said that patch fixed a problem
<ivoks> the one that's stalling 7.1 revison in hardy :D
<zul> ah the strippath one
<ivoks> right
<ivoks> never mind that... first things first - drbd
<Kamping_Kaiser> milestone, backend to what?
<ScottK> Any idea why the Ubuntu Server survey asks about how Synaptic can be improved to better support Ubuntu server?
<Nafallo> ScottK: lol
<ScottK> Nafallo: In fairness it did say apt/synaptic, but it seems odd to mention it at all.
<Nafallo> ScottK: s/synaptic/aptitude/ :-)
<Kamping_Kaiser> no idea.
<Kamping_Kaiser> i should really get around to doing the survey too
<stka_3-21> hi
<stka_3-21> I'm close to getting nuts with ubuntu-server 8.04 and TLS. Everytime I set "TLSCipherSuite HIGH:MEDIUM:+SSLv2" the openldap Server isn't starting anymore all I get is "main: TLS init def ctx failed: -1"
<stka_3-21> I read al lot of postings in the Web, all with the same problem but no solution
<Kamping_Kaiser> stka_3-21, drove me nuts as well - and if i was at work, i could look at my notes and tell you what fixed it :\
<stka_3-21> Kamping_Kaiser: so you got a solution?
<Kamping_Kaiser> stka_3-21, pretty sure we did
<stka_3-21> would it be possible that when I give you my e-mail adress that you can give the solution?
<Kamping_Kaiser> stka_3-21, looks like we dropped that line from the config file. i only have TLSCACertificateFile TLSCertificateFile TLSCertificateKeyFile
 * Kamping_Kaiser is ssh'd to the host
<stka_3-21> When I remove the line openldap ist starting, but I can't get a connection then with "ldapserch -x -ZZ -H ldap://host.home"
<stka_3-21> so there is no TLS connection possible
<Kamping_Kaiser> do you have the correct cert/key/ca files?
<stka_3-21> yes, I verified it three or four times even rebuild the certificates
<zul> stka_3-21: permissions are correct?
<stka_3-21> jes
<stka_3-21> yes
<Kamping_Kaiser> what sort of error do you get connecting?
<stka_3-21> mom
<stka_3-21> ldap_start_tls: Connect error (-11)
<Kamping_Kaiser> sorry, /me -=> bed
<Kamping_Kaiser> good luck with it
<ScottK> stka_3-21: You really ought to find a way to avoid SSLv2.  It's no longer considered cryptographically secure.  In Intrepid (I think) openssl is buit without SSLv2 support.
<stka_3-21> in /var/log/syslog there is only http://phpfi.com/358271
<Kamping_Kaiser> ScottK, thats one reason we dropped the linel from our config
<Kamping_Kaiser> my memory is it may not even be valid in 2.4, but dont quote me
<stka_3-21> ScottK: "gnutls-cli -l" tells me that I can use SSL 3.0 so I change to "SSLv3" but still the same
<ScottK> OK.  I don't have a solution to your problem, just wanted to point that out.
<stka_3-21> I would drop the line if I can figure out what to do to get a connection to my openldap via TLS
<ivoks> in intrepid none of our ssl libraries support sslv2
<ScottK> Which is wonderful news.  Thanks again for your work on that.
<ivoks> i was just loud :D
<stka_3-21> so what shoud I do to get openldap running with TLS
<stka_3-21> this is how it looks now http://phpfi.com/358275
<ivoks> so.. problems with ldaps client?
<stka_3-21> yes
<ivoks> both server and client are ubuntu?
<stka_3-21> at the moment I try it from the same maschine
<ivoks> oh...
<ivoks> telnet localhost 636 works?
<stka_3-21> i don't use ldaps
<stka_3-21> i did't this befor with suse and debian and it allways worked
<stka_3-21> Here are my entries from /etc/ldap/ldap.conf http://phpfi.com/358280
<ivoks> are those keys signed?
<stka_3-21> self signed
<ivoks> TLSVerifyClient never
<ivoks> ?
<stka_3-21> I never had any Problems with self signed certificates
<stka_3-21> ivoks: that's default
<stka_3-21> I can give it a try
<ivoks> ok
<ivoks> on client, add:
<ivoks> TLS_REQCERT allow
<stka_3-21> ok
<stka_3-21> still the same
<stka_3-21> ldap_start_tls: Connect error (-11)
<ivoks> ok, stop the ldap server on server
<ivoks> and run it like this:
<ivoks> sudo slapd -d127 -h "ldap:///" -u openldap -g openldap
<stka_3-21> ok is running
<ivoks> give me a second...
<felimwhiteley_> Hi All, I'm trying to troublshoot a bug on Server at the moment (https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/273313)
<uvirtbot> Launchpad bug 273313 in linux-meta "TSC Clocksource Unstable Switches To acpi_pm But Server clock freezes/becomes unusable" [Undecided,New]
<felimwhiteley_> Any of you evr run the dbeug kernel, not sure if it give me a more verbose dump of what's going on as of right now I can't find anything
<ivoks> gnutls-cli -s --insecure -p 389 server_ip
<ivoks> er...
<ivoks> without -s
<stka_3-21> ok
<stka_3-21> mom
<ivoks> does that work?
<stka_3-21> ivoks: the result http://phpfi.com/358285
<ivoks> so, the server doesn't do TLS
<ivoks> can you paste your /etc/ldap/slapd.conf?
<stka_3-21> yes mom
<stka_3-21> here ist is http://phpfi.com/358286
<laga> hi.
<stka_3-21> That's the the result from "ls /etc/ssl/zertifikate/"
<stka_3-21> demoCA  ldapcert.pem  ldapkey.pem
<ivoks> do you see any problems in terminal where you started openldap?
<laga> soren: did you ever get around to adding proper vbox support to ubuntu-vm-builder?
<stka_3-21> no Problem at all. The logfile is clean
<ivoks> there's no log file
<ivoks> you started slapd in debugging mode
<stka_3-21> in /var/log/syslog
<ivoks> forget that now
<stka_3-21> ok
<ivoks> check the terminal where you started slapd
<stka_3-21> you mean when I start slapd over the cli
<ivoks> yes
<ivoks> sudo slapd -d127 -h "ldap:///" -u openldap -g openldap
<ivoks> you could try with -d64
<stka_3-21> I see all the messages from loding the schema files and the opening of the database
<soren> laga: Nope.
<ivoks> stka_3-21: ok, kill that
<ivoks> stka_3-21: add loglevel 64 to /etc/ldap/slapd.conf
<ivoks> stka_3-21: and start slapd normaly; /etc/init.d/slapd start
<laga> soren: why not pull vbox references from ubuntu-vm-builder till it actually works? or are there cases where it works?
<stka_3-21> that's waht I get for TLS when starting over cli http://phpfi.com/358288
<soren> laga: AFAICS, the vbox "pluin" in the old ubuntu-vm-builder is a no-op.
<soren> laga: I don't use VirtualBox myself. I don't know what it needs to work.
<stka_3-21> ivoks: that's the result http://phpfi.com/358289
<laga> soren: see bug #244309 - it will fail.
<uvirtbot> Launchpad bug 244309 in ubuntu-vm-builder "ubuntu-vm-builder fails on vm_target_conversion for vm type vbox (dup-of: 218029)" [Undecided,Confirmed] https://launchpad.net/bugs/244309
<uvirtbot> Launchpad bug 218029 in ubuntu-vm-builder "ubuntu-vm-builder vbox output defaults to x86 Architecture" [Wishlist,Confirmed] https://launchpad.net/bugs/218029
<ivoks> stka_3-21: ok, now connect with gnutls-cli
<soren> laga: I'm not surprised. What file format does virtualbox use?
<stka_3-21> ivoks: here is the result http://phpfi.com/358290
<laga> soren: they use some XML to describe the virtual machine and probably a homegrown image format. it can also use vmdk or you can use vditool to convert images AFAIK
<ivoks> stka_3-21: just for fun, let's enable ldaps
<stka_3-21> ok
<ivoks> stka_3-21: in /etc/default/slapd
<ivoks> stka_3-21: SLAPD_SERVICES="ldap:/// ldaps:///"
<stka_3-21> I dit it an restartet openldap
<ivoks> stka_3-21: gnutls-cli --insecure -p 636 server_ip
<stka_3-21> tcp        0      0 0.0.0.0:636             0.0.0.0:*               LISTEN      5418/slapd
<stka_3-21> that works :-)
<ivoks> but that's not what you want
<stka_3-21> not realy
<ivoks> you want TLS over 389
<stka_3-21> yes like I did it befor
<ivoks> is there a bug about this?
<stka_3-21> "ldapsearch -x -ZZ -H ldaps://ldapserver.home.stka" is still not working
<stka_3-21> ldap_start_tls: Can't contact LDAP server (-1)
<ivoks> ldapsearch -x -H ldaps://ldapserver.home.stka
<stka_3-21> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
<ivoks> try with IP
<ivoks> it should work; you've already connected with gnutls-cli
<stka_3-21> the same
<ivoks> and telnet server_ip 636 works?
<stka_3-21> Connected to 192.168.123.170.
<ivoks> check syslog
<stka_3-21> nothing
<ivoks> then your client is broken
<ivoks> you are missing:
<ivoks> TLS_REQCERT allow in /etc/ldap/ldap.conf
<ivoks> on client
<stka_3-21> I put it in, yes it was missing
<ivoks> i guess ldaps works, but ldap (with -Z) doesn't
<stka_3-21> But -ZZ forces the Server to authenticate with a certificate
<ivoks> only if you have TLS_REQCERT demand
<stka_3-21> That's what I got now http://phpfi.com/358294
<ivoks> report a bug, if it isn't already reported
<ivoks> i can't look into this deeper atm...
<stka_3-21> ivoks: here is the result with a "-d 1 " using ldapsearch http://phpfi.com/358297
<ivoks> TLS: peer cert untrusted or revoked
<stka_3-21> ivoks: but why?
<ivoks> did you import server's certificate on the client?
<stka_3-21> client and server ist the same maschine
<ivoks> i know
<ivoks> but you need to import server's certificate on client, so that client can trust the server
<stka_3-21> And normaly I don't need a client certificate
<ivoks> oh...
<ivoks> not client certificate
<ivoks> server's certificate
<ivoks> how does your client know who is the real server?
<ivoks> he can't know if it doesn't have some proof
<ivoks> and that's a certificate
<ivoks> you'll also need to add openldap user to ssl-cert group
<stka_3-21> That was the thing
<stka_3-21> I found out what it was
<stka_3-21> ivoks: this line "TLS_CACERT /etc/ssl/zertifikate/demoCA/cacert.pem" was missing in /etc/ldap/ldap.conf
<ivoks> right
<stka_3-21> I should not work the day after a marathon run
<ivoks> that's how you tell your client to trust all certs signed by that key
<ivoks> great... :)
<ivoks> so, that's solved
<ivoks> now, can i get back to drbd? :)
<stka_3-21> yes I know. I got that in my workshop as well. But sometimes it ist better to do something esle
<stka_3-21> yes it's solved. Thank you so much for youre help
<ivoks> np
<stka_3-21> I think I finish for today and go to bed ;-)
<laga> soren: i'm looking at the vmware scripts now. vbox support shouldn't be too hard to add. why was a noop vbox template added?
<soren> laga: I don't remember.
<soren> laga: Please don't work anymore on ubuntu-vm-builder.
<soren> laga: It's being replaced with a python implementation.
<soren> laga: http://launchpad.net/vmbuilder
<laga> soren: oh. in intrepid?
<soren> laga: Yes.
<laga> ah. does trunk work well now?
<soren> Quite.
<ivoks> python python clap clap clap :D
<soren> \o/
<laga> looks a lot cleaner than the bash one ;)
<ivoks> identetion and everything :)
<laga> if i didnt have so much on my plate already, i would have added vbox support :(
<soren> laga: Same here :)
<laga> "We intentionally  do not document the specifications of these files, as we must reserve the right to modify them in the future"
<laga> virtualbox on their xml files. thankls virtualbox
<laga> "VBoxManage" is a configuration interface. maybe that's going to work
<soren> laga: If you can come up with a way to take som raw disk images, and some settings (number of cpu's, amount of memory, etc.) and turn that into a virtualbox VM, I'll be happy to do the actual implementation.
<laga> now that's a plan. i'll get back to you
<ivoks> hm... guys...
<ivoks> how about maintaining server team's git for kernel?
<soren> You don't want to do that.
<ivoks> i don't :D
<ivoks> but chuck has it's tree
<ivoks> i guess i'll send patches to him
<Rioting_pacifist> !powersave
<ubottu> Sorry, I don't know anything about powersave
<Rioting_pacifist> im trying to setup powernowd or a similar powersaving daemon on my old laptop to turn it into a server (it no longer has a screen) but neither cpufreqd or powernowd seam to work
<Rioting_pacifist> mpd requires x11-common is this right? :S im new to servers but isnt x11 for desktops?
<ivoks> mpd doesn't require x11-common
<soren> Yes, it does.
<soren> by extension.
<soren> mpd -> libaudio2 -> libxt6 -> libx11-6
<ivoks> that might be...
<Rioting_pacifist> is it better to use xmms2 then as that doesnt seam to require any x11 components?
<soren> xmms is a gui application.
<ivoks> xmms2
<ivoks> that's a non-gui app
<ivoks> :D
<soren> Really? Wow
<ivoks> having x11-common isn't that strange on servers
<ivoks> there are some server related services that depend on it
 * soren nods
<Rioting_pacifist> so either is good then? ok thx
<ivoks> yeah.. i think some fonts pull it in
<Koon> x11-common is installed on servers now
<Koon> through openssh-client / xauth (bug 270512)
<uvirtbot> Launchpad bug 270512 in openssh "openssh-client could suggest xauth rather than recommend it" [Low,Confirmed] https://launchpad.net/bugs/270512
<Koon> libx11-6 is installed through wpasupplicant -> libdbus-1-3 -> dbus -> consolekit (bug 270500)
<uvirtbot> Launchpad bug 270500 in dbus "libdbus-1-3 shouldn't recommend dbus, makes up a heavy minimal seed" [Undecided,New] https://launchpad.net/bugs/270500
<ivoks> 'nice'
<Koon> "yes"
 * Koon drops out of sight
<Rioting_pacifist> isnt that rediculously easy to fix?
<Koon> Rioting_pacifist: you mean those two bugs ?
<Koon> Rioting_pacifist: you'd need first that everyone agrees those are bugs and not features.
 * Koon really drops out of sight now
<Rioting_pacifist> 1st one clearly is a bug, the only argument for it is that other software may need it, but if that is the case then the other software will install it openssh does not need xauth so should only suggest it
<didrocks> jdstrand: around?
<jdstrand> didrocks: hi! (yes)
<didrocks> jdstrand: hi!
<didrocks> jdstrand: did you have the time to have a look at making ufw case insensitive merge proposal?
<didrocks> (I say that because I make a smarter/better code yesterday that I pushed using list comprehension)
<jdstrand> didrocks: briefly (sorry for the delay). I plan to look at it more extensively today, and decide whether it can go into intrepid or should be jaunty material
<didrocks> jdstrand: no pb, just look at the very last commit :)
<jdstrand> didrocks: either way, I'll likely commit today if their are no issues
<didrocks> jdstrand: ok, keep me in touch. I always backlog on hl :)
<jdstrand> didrocks: cool, thanks
<didrocks> thanks to you!
<[Solaris]> infinity: /names
<ivoks> [Solaris]: ?
<infinity> ...?
<[Solars]> ivoks... err gotta get used to irrsi .. but anyways had a ton of fun trying to figure out why my /swap partition/raid was inactive and part of it was not "added" at boot up
<ivoks> added?
<ivoks> maybe you didn't format it as swap
<[Solars]> it was missing 1 of the four raid drives
<ivoks> oh...
<[Solars]> it all was all formated
<[Solars]> it was all partitioned
<[Solars]> basically what we did was
<[Solars]> ./mdadm --stop /dev/md2 && /mdadm <erased the superblocks on the 4 drives> && /mdadm --create /dev/mda2 <list the partitions) && mksawp /dev/mda2 && swapon /dev/mda2
<ivoks> great
<[Solars]> dunno if i am going to stick with irssi or not kinda annoying at times :P
<laga> heretic ;)
<[Solars]> last time before this that i used a cli irc client was bitchx
<[Solars]> and that was many years ago
<FFEMTcJ> has anyone downloaded and installed a copy of ubuntu server reciently on a cd?
<FFEMTcJ> I keep getting an error that a file is corrupt.. ive downloaded a couple times form different servers and made a bunch of cd's to no avail
<FFEMTcJ> and the most recient cd i made gives an error of there was a prolem reading data from your cd
<[Solars]> tried burning the cd as slow as possible>
<FFEMTcJ> [Solars]: i burnt them at 2x.. 1x is the only thing slower
<[Solars]> worse case scenerio you can get the desktop version, and install the server tools you need and remove the gnome desktop and x
<[Solars]> sometimes even 1x makes a difference
<FFEMTcJ> ill try it again
<FFEMTcJ> ./dists/hardy/main/binary-i386/Packages.gz is showing as failed md5 verification
<[Solars]> not good then
<Database> How does one configure Postfix for multiple domains?
<FFEMTcJ> [Solars]: so burning slower might not fix that?
<[Solars]> you did a md5 verification on the iso?
<[Solars]> if the iso checks ok
<[Solars]> then burning slower may fix it
<[Solars]> might even try different media
<_ruben> FFEMTcJ: and perhaps the cd burner and/or reader is broken/dieing?
<ivoks> Database: easily :)
<Database> Heh.
<Database> Well, I am a complete n00b to it, so be gentle. :P
<ivoks> you want an easy way to add new users?
<Database> Kinda.
<ivoks> Database: http://www.opensourcehowto.org/how-to/mysql/mysql-users-postfixadmin-postfix-dovecot--squirrelmail-with-userprefs-stored-in-mysql.html
<Database> Thanks.
<ivoks> Database: this should be more than good start
<Database> OOooh.
<Database> web-based admin panel.
<Database> I approve of this.
<ivoks> Database: follow this tutorial only if you don't plan to allow shell access
<Database> I don't.
<ivoks> then... great
<Database> It's only acecssible from inside my network, as well :)
<Database> ...Ah.
<Database> I'm using Lighttpd.
<Database> Does that matter massively?
<ivoks> that's irrelevant
<Database> Oh, good.
<ivoks> you are setting up mail server
<Database> I know, but I rtfm'd. ;)
<Database> ... not far enough, apparantly.
<Database> It does support Lighty.
<Database> >>
<Database> Sorry.
<RediXe> How do I check what service's are running? mainly apache
<ivoks> telnet localhost 80
<[Solars]> ivoks what irc client are you running?
<RediXe> Yeah, just realized that apache and mysql aren't running... Not sure how to start them either ...    they're not in the /etc/init.d/
<ivoks> irssi
<ivoks> RediXe: if they aren't there, then they aren't installed
<dana_good> RediXe: did you do a LAMP install?
<[Solars]> ivoks heh figued.. gotta find a client for me :P
<RediXe> ivoks, They were running before I restarted the server.               dana_good, I installed knowledge tree which installs apache and mysql. Just not sure where.
<ivoks> knowledge tree?
<ivoks> ?
<RediXe> Yeah it's a document management system ... I found what I was looking for
<RediXe> I just need to add the command to start up
<dana_good> RediXe: that's good, you might want to see if theres a support channel for knowledge tree if its installing things in nonstandard locations
<cyris|> hey everyone. i have a question regarding a new server I setup just recently. this new server is behind a NAT router. This server uses my isp's name server to resolve queries. Since this machine is behind this NAT router, what would be its proper hostname?
<RediXe> dana_good, well I was more curious on testing if it was running and something else was the issue. (and there channel is dead)
<RediXe> How would I add something to start with boot?
<RediXe> @reboot in crontrab is what I found.
<RediXe> That doesn't seem right to me
<dana_good> init.d
<hads> @reboot is useful if you want to start something as a normal user.
<hads> I do that for screen sessions
<mathiaz> RediXe: if you don't have proper init scripts, you can always modify /etc/rc.local
<RediXe> I'll look into it more tomorrow .. I'm about to be off work for the day.
<mathiaz> kirkland: did you add the virtulization task to the installer ?
#ubuntu-server 2008-09-30
<kirkland> mathiaz: yeah
<kirkland> mathiaz: i meant to test that today
<kirkland> mathiaz: is it there?
<mathiaz> kirkland: yes
<mathiaz> kirkland: could you add a test case to cover it on https://wiki.ubuntu.com/Testing/Cases/ServerInstall ?
<mathiaz> kirkland: I haven't tested though.
<kirkland> mathiaz: k
 * flyback bbl
<mathiaz> kirkland: seems that the new virtualization task works correclty
<kirkland> mathiaz: awesome
<mathiaz> kirkland: it pulls in kvm, libvirt-bin and openssh-server
<uvirtbot> New bug: #276145 in apache2 (main) "Apace2 default configuration incorrect for allowoverride" [Undecided,New] https://launchpad.net/bugs/276145
 * flyback feels like he is about to have a stroke
<ScottK> Any particular reason?
<flyback> na
 * flyback bbl
<nomingzi> I plan to download and to install Ubuntu server, may I know if it is come with GUI, unlike Debian has no GUI.
<[Solars]> debian has goo-ey just gotta install it
<mathiaz> !servergui | nomingzi
<ubottu> nomingzi: Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<[Solars]> ubuntu server doesn't come preinstall gui
<[Solars]> you can easily take the 'desktop' version and use it as a server
<[Solars]> just got to install the packages you want
<nomingzi> Solars: does the Ubuntu Desktop version has 64-bit edition ?
<nomingzi> Solars: sorry i m newbie
<[Solars]> yes
<[Solars]> get the one marked amd64
<nomingzi> solars: many thanks
<edgy> Hi, I am using Ubuntu 8.04.1 hardy and  logwatch --mailto me@mysite.com just prints to screen. I test postfix and it's working already
<kgoetz> edgy: not sure i understand your question
<edgy> kgoetz: logwatch is a log analyzer and reporter that when invoked like this: logwatch --mailto me@gmail.com should send the report to me@gmail.com
<edgy> instead of sending the report by email, it prints it to stdout instead!
<edgy> may be it's a bug I am not sure
<edgy> any one had hardy on x64 to test?
<kgoetz> edgy: its working fine for us - admitedly i'm running it via cron
<edgy> kgoetz: 32 or 64?
<kgoetz> 14:37:50 kgoetz@paver:~$ logwatch --mailto karl.goetz@rocksoft.com
<kgoetz> 14:38:09 kgoetz@paver:~$
<kgoetz> thats worked
<kgoetz> edgy: 64bit
<edgy> kgoetz: 8.04.1 or 8.04?
<kgoetz> .1
<edgy> my system is upgraded from a previous version and not a fresh installation, so what do you think the problem can be?
<kgoetz> logwatch_7.3.6-1ubuntu1_all.deb is the package i used
<kgoetz> some configuration issue
<edgy> kgoetz: but i tried --mailto from the command instead of depending on logwatch.conf to troubleshoot it. Shouldn't it work whatever values in config files is, beside I reinstalled logwatch so it's the default configs
<kgoetz> no idea then
<[HU]gnanet> Hello
<[HU]gnanet> i am looking for a good dedicated server provider in UK , of Ireland, preferrably with preinstalled ubuntu, any suggestions?
<[HU]gnanet> erm .. of-> or
<felimwhiteley_> [HU]gnanet: I've heard good thing about these guys http://bitfolk.com/
<felimwhiteley_> but I've not used them personally
<[HU]gnanet> Thank you
<uvirtbot> New bug: #268928 in network-manager-openvpn (universe) "File Choosers in configuration GUI mislabeled (dup-of: 275608)" [Undecided,New] https://launchpad.net/bugs/268928
<skep> whats the default syslogd in intrepid?
<sommer> morning all
<ivoks> zul: i've sent you kernel commit for drbd
<zul> ivoks: cool ill have a look
<Abracadabra> Hi
<Abracadabra> do you have a command to test write speed on a scsi disk?
<Abracadabra> such as hdparm for ide
<kirkland> mathiaz: section added to https://wiki.ubuntu.com/Testing/Cases/ServerInstall
<mathiaz> kirkland: awesome - thanks
<mathiaz> kirkland: do you have access to an intrepid host for doing some kvm testing ?
<kirkland> mathiaz: yup
<mathiaz> kirkland: I've run into a crash when trying to test raid installation
<kirkland> really
<mathiaz> kirkland: could you try to setup a guest with two qcow files and go through the installer to setup a raid mirror array ?
<mathiaz> kirkland: the kvm process dies when the installer tries to activiate the array
<kirkland> mathiaz: interesting...  i've always pre-created my disks with dd rather than qcow for my raid testing
<mathiaz> kirkland: or at least around that time
<kirkland> mathiaz: i would not have expected qcow to work properly
<kirkland> mathiaz: but i'll give it a shot
<mathiaz> kirkland: I use qemu-img
<kirkland> mathiaz: i do too, except when i'm doing raid testing
<mathiaz> kirkland: it works fairly well - I'm doing all of the iso testing with qcow2 files
<mathiaz> kirkland: It never crashed.
<kirkland> mathiaz: qcow2 doesn't crash, but qcow does, when doing raid testing?
<mathiaz> kirkland: hm - why would there be a difference when doing a raid testing ?
<mathiaz> kirkland: qcow2 crashes
<kirkland> mathiaz: well, i want to simulate a "real" disk more closely
<kirkland> mathiaz: so i do 'dd if=/dev/zero of=disk1.img bs=1M count=1000'
<mathiaz> kirkland: interesting - I'll try with dd then.
<kirkland> mathiaz: that's what my detailed testing notes on the BootDegradedRaid blueprint specifiy
<kirkland> mathiaz: i suspect that the dynamic growth of qcow2 images don't work well with synchronous raid writes
<kirkland> mathiaz: but i've never tried
<kirkland> mathiaz: i will now though ...
<kirkland> mathiaz: perhaps after the meeting
<mathiaz> kirkland: sure - I'll give a try to your dd suggestion later today
<ivoks> zul: does that commit look ok? (that's first serious commit i created :)
<zul> ivoks: I havent gotten the email yet
<ivoks> no?
<kaushal> hi
<kaushal> I have installed tomcat 5.5.25 on Ubuntu 8.04
<kaushal> the issue is that it doesnot get logged
<kaushal> in catalina.out file
<kaushal> its really really annoying
<soren> Koon: ^^
<Koon> soren: i'm on it :)
<soren> :)
<Koon> kaushal: what are you using as a JVM ?
<Koon> kaushal: the default one (gcj) ?
<Koon> kaushal: or did you install something else?
<Koon> (Sun's JDK, openJDK...)
<kaushal> JAVA_HOME=/usr/lib/jvm/java-6-sun
<laga> soren: i talked to the vbox guys. there is no nice way to create those VM description files. VBoxManage can only register empty xml files. we could cobble together a working file from the examples we have, but it's not exactly supported by sun/virtualbox. and there is no way of importing them
<Koon> kaushal: I seem to remember the logging issue as gcj-specific
<soren> Hey, what we're doing with vmware isn't supported either. It could fall apart at any given time.
<kaushal> ok
<Koon> kaushal: please check that it's really using sun's jvm
<laga> soren: right. they're working on a better interface for that kind of stuff.
<Koon> kaushal: that said, an update for hardy is in the pipe
<kaushal> Koon, so whats the workaround
<Koon> so that it works with openjdk
<laga> soren: we *could* call VBoxManage to create the VM, but we don't necessarily want the VM to be registered for the user who built them
<soren> laga: What I'm saying is: I don't give a hoot if creating the xml isn't supported. Let's just do it anyway if that's what works.
<laga> soren: yes, but that still doesn't solve the problem that you can't import the XML.
<Koon> kaushal: at that point the workaround would be to install sun-java6-jdk and run without specific JAVA_HOME (the init script should pick up sun's jdk)
<soren> laga: We've not promised anyone that it'll work to any degree. It's a best effort thing.
<Koon> in a few days the workaround woulfd be to install openjdk-6-jre
<laga> soren: ah, so it's not a "people will bi... complain to canonical if it doesn't work"?
<ivoks> ScottK: did you get my clamav patch?
<Koon> since the init script would support running that
<laga> thing.
<soren> laga: If we think it's really and issue, and vmbuilder goes to main, I can just split out the vbox plugin into a separate package. No biggie.
<laga> right.
<Koon> kaushal: see https://bugs.launchpad.net/ubuntu/+source/tomcat5.5/+bug/251004
<uvirtbot> Launchpad bug 251004 in tomcat5.5 "Tomcat 5.5 produces no logs when run with gcj" [Undecided,Incomplete]
<Koon> kaushal: running with TOMCAT5_SECURITY=no is also a workaround (if your environement is not very exposed)
<laga> soren: still, how it's useful if you can't import that piece of xml?
 * Koon leaves for a couple of hours
<soren> laga: Just because they don't offer a supported way of doing it, doesn't mean there isn't a way we can do it.
<soren> laga: Last I worked with virtualbox they had all-xml configuration files.
<soren> laga: ...which isn't terribly difficult to change programmatically.
<soren> ..by design, even.
<laga> yeah. it's easy to create an xml file describing the VM itself. but it's not that easy to add it to virtualbox, because you need to mangle the main virtualbox configuration file.
<soren> I'm quite sure VMWare doesn't support whipping up vmdk with qemu-img and handcrafting .vmx files. We do that anyway. *shrug*
<laga> does u-v-b actually import other VMs?
<soren> laga: I don't understand the question.
<laga> soren: as in, "creates .vmx and feeds it to vmware"
<laga> soren: Yes. but in virtualbox, there is no nice button to import that piece of XML generated by u-v-b. nothing.
<soren> laga: I realise.
<soren> laga: Correct me if I'm wrong, but here's how I remember it:
<soren> It has a main config, which refers by uuid to a set of vm's.
<soren> Each vm has a separate XML file, which in turn refers to some disk images, identified by uuid.
<laga> yes.
<soren> These disk images have a separate XML file pointing at the disk images.
<soren> What's to stop us from whipping up the disk xml, vm xml, and add the vm to the main xml?
<soren> From where I'm sitting, it seems the answer is: Not a thing.
<soren> This is all Linux and even free software. It can't hide stuff from us, even if it wanted to. We can just go and see what it would do itself and replicate that.
<laga> indeed, not a problem. but is that useful? do we *want* to add VMs directly to virtualbox?
<soren> What's the alternative?
<soren> If you say it doesn't even have a button to import anything.
<laga> if we want to just add a VM to virtualbox, we can use VBoxManage. that's a lot easier.
<laga> soren: it's a completely different thing from what u-v-m does not
<soren> I don't follow.
<laga> soren: it's a completely different thing from what u-v-m does currently
<laga> sorry, i'm tired.
<soren> Does VBoxManage provide hooks to do this or not?
<laga> if you tell it to make a vmware VM, it gives you a .vmdk file and a .vmx file. it does not import the VM into vmware.
<soren> Not at the moment, no.
<soren> ..but there's not reason it couldn't.
<laga> soren: VBoxManage lets you import a VM into virtualbox. yes.
<laga> alright, if that's actually desired behavior, then let's go for it
<laga> it'd be neat to have an option not to do that, though.
<soren> laga: I'm missing something. Clearly.
<soren> 16:00:45 < ~laga> soren: i talked to the vbox guys. there is no nice way to create those VM description files. VBoxManage can only register empty xml files. we could cobble  together a working file from the examples we have, but it's not exactly supported by sun/virtualbox. and there is no way of importing them
<laga> heh.
<soren> Can you import a VM or can't you?
<maswan> ugh. having a custom nfs server with a custom portmap kind of sucks.
<laga> soren: you can talk directly to VBoxManage and tell it to create a VM. it *might* be possible to use "VBoxManage registervm <filename>" to import a VM, but i was told by a vbox developer that it only accepts empty files.
<laga> for whatever reason.
<laga> we're talking about two different things, though.
<soren> Clearly.
<soren> Have you ever actually used ubuntu-vm-builder?
<soren> do you understand what it does?
 * soren doesn't see the point of importing an empty file, though
<laga> right now, u-v-b does one thing (for me): it creates a VM which i can import into my VM application, eg vmware. that's just not going to work for virtualbox *right* now (provided the 'empty file' thing is true)
<laga> what you are talking about is immediately registering the VM on the current system, which is a different thing.
<laga> and yes, i have used ubuntu-vm-builder :)
<soren> Ok.
<ScottK> ivoks: I did.  I haven't had time to look at it yet thought.
<kirkland> mathiaz: hey
<kirkland> mathiaz: okay, i tested using qcow
<laga> .. and in the former case, i can just put the VM on my usb drive and use it on another computer.
<kirkland> mathiaz: i actually didn't have any problem
<laga> importing is not really useful in that use case.
<kirkland> mathiaz: but i did think of something else....
<soren> laga: The point of actually deploying is this:
<mathiaz> kirkland: qcow or qcow2 ?
<soren> laga: Well, there's nothing else we can do really, is there?
<soren> laga: Anything short of that doesn't help you one bit.
<soren> laga: Sure, we can add a --no-deploy option to the vbox plugin if that makes you happy, but I don't see the point.
<mathiaz> kirkland: http://paste.ubuntu.com/52512/ <- this is what is printed in dmesg
<soren> laga: If you don't actually deploy it (add it to the hypervisor) you're left with something that you can't import anyway, which seems rather pointless to me.
<mathiaz> kirkland: when kvm segfaults (or at least the guest dies)
<laga> soren: yes. my point is that it's different from the current behavior (as I see it in hardy). so, it'd be sensible to use an extra option, eg --register-with-vbox.
<kirkland> mathiaz: when you created the partitions, did you mark them "Bootable" ?
<mathiaz> kirkland: yes
<laga> soren: you can import it by adding the .vmdk as a disk and creating a new VM, but it's not as neatly integrated as with vmware and .vmx
<kirkland> mathiaz: that's the problem
<soren> laga: Yes, the current behaviour in hardy for vbox is: break and fall apart in spectacular ways.
<soren> laga: ...also not very useful :)
<mathiaz> kirkland: because I want to be able to boot from RAID
<kirkland> mathiaz: yeah, well, that causes seg faults
<laga> soren: and for intrepid, it will be "futz with my Virtualbox config and possibly break it"? :(
<kirkland> mathiaz: i might have a bug on that one open already, i'll look
<soren> laga: For intrepid it says: I don't know what vbox is. Go away.
<laga> soren: you get the point.
<mathiaz> kirkland: ok - so how does this impact the test case for booting from degraded raid ?
<soren> laga: But sure, we can add a --no-deploy option if you really think that's useful.
<ivoks> ScottK: it's a very small contribution - an on-liner :)
 * ivoks had way too much coffe today :(
<soren> laga: I believe the sensible thing to do, though, is to add it to vbox.
<laga> soren: users will pull their hair out in spectacular ways if the vbox plugin behaves completely different from the vmware plugin. if you deploy automatically, then the vmware images should also be added automagically to the vmware hypervisor.
<soren> laga: Sure.
<soren> laga: It's just not been implemented yet.
<soren> laga: In part because I never bothered to figure out how.
<kirkland> mathiaz: just don't mark the individual /dev/sda1 and /dev/sdb1 bootable ...  rather, /dev/md0 will be made bootable
<mathiaz> kirkland: allright - I'll try that
<laga> alright. i guess now i knew what that "deploy" thing in the wiki meant. actually adding a .vmdk file to vbox is not hard. i'll compile some information for you then
<kirkland> mathiaz: i'll talk to cjwatson about this one
<mathiaz> kirkland: great - thanks for the help.
<laga> soren: and sorry for the long discussion, i should have made it clearer what i was talking about
<soren> laga: I probably should, too :)
<kirkland> mathiaz: no problem, thanks for the report
<\sh> guys, A big Thank You from Netviewer AG/Webzooms AG to you for providing rock solid ubuntu server edition :)
<mathiaz> kirkland: is there a bug report for this ?
<laga> soren: btw, since you're the VM guy: latest KVM seems to support pci passthrough. do you know if special hardware support is required for that?
<kirkland> mathiaz: not one i can put my finger on at this moment
<kirkland> mathiaz: this is the issue, though
<kirkland> mathiaz: i'm discussing with cjwatson in #ubuntu-installer
<mathiaz> kirkland: ok - should I file one ?
<kirkland> mathiaz: yes, please
<kirkland> mathiaz: file against both kvm and partman-md
<kirkland> mathiaz: the segfault part is clearly a kvm bug
<kirkland> mathiaz: but partman-md might need something too
<mathiaz> kirkland: ok.
<soren> laga: I'm actually not sure, but I expect it requires an iommu.
<mathiaz> kirkland: meh - kvm still segfaults even if I don't set the bootable flag when creating the partition.
<kirkland> mathiaz: ???
<mathiaz> kirkland: I'll try with dd files instead of qcow2
<kirkland> mathiaz: i'm baffled
<kirkland> mathiaz: i'd like to somehow see exactly what you're doing
<mathiaz> kirkland: I'm gonna record a screencast then
<kirkland> mathiaz: cool
<kirkland> mathiaz: are you using the testing instructions from https://wiki.ubuntu.com/BootDegradedRaid ?
<mathiaz> kirkland: not exactly - I'm just trying to setup a RAID array from the installer.
<kirkland> mathiaz: that's what my instructions describe....
<kirkland> mathiaz: anyway, i'll watch your screen cast
<mathiaz> kirkland: hm - seems that qcow2 files are the problem
<kirkland> mathiaz: interesting
<mathiaz> kirkland: using files created with dd, I was able to setup a RAID array.
<mathiaz> kirkland: and the system was able to go the base package install.
<kirkland> mathiaz: k
<nealmcb> mathiaz: Do you know what's going on with the problems with includes in old team reports and moin 1.6?  see https://bugs.edge.launchpad.net/ubuntu-website/+bug/276414
<uvirtbot> Launchpad bug 276414 in ubuntu-website "wiki: Attribute error - 'Request' object has no attribute '_page_headings'" [Undecided,New]
<Dave-X> need help configuring my sshd to accept only certain hashing/ encryption algorithms
<DubAndy> Hi! I've been trying to configure vnc4server on my ubuntubox. When I run either tightvnc for a windows computer or chicken of the vnc for a macintosh computer. All I get is an X11 connection with a hatched gray background and an x-cursor. It seemes like gdm is unable to startup. I've checked /.vnc/xstartup but I can't find anything.
<Dave-X> need help configuring my sshd to accept only certain hashing algorithms
<kirkland> Dave-X: http://manpages.ubuntu.com/manpages/intrepid/man5/sshd_config.html
<Dave-X> i set Cyphers
<Dave-X> and the man page doesnt say anything about hashing
<Dave-X> couldyou help me hout?
<Dave-X> i would like it to only use hmac-ripemd160
<kirkland> Dave-X: on that page, search for "hmac-ripemd160"
<kirkland> Dave-X: there's a hit about halfway down
<kirkland>  MACs    Specifies the available MAC (message authentication code) algoâ
<kirkland>               rithms.  The MAC algorithm is used in protocol version 2 for data
<kirkland>               integrity protection.  Multiple algorithms must be comma-sepaâ
<kirkland>               rated.  The default is:
<kirkland>  
<kirkland>                     hmac-md5,hmac-sha1,umac-64@openssh.com,
<kirkland>                     hmac-ripemd160,hmac-sha1-96,hmac-md5-96
<kirkland> Dave-X: MAC is another word for "Hash"
<Dave-X> ayty
<Dave-X> so
<Dave-X> adding these 2 lines
<Dave-X> Ciphers aes256-cbc
<Dave-X> MACs hmac-ripemd160
<Dave-X> will enable only thoes hashes, algorithms?
<kirkland> to /etc/ssh/sshd_config
<kirkland> right
<kirkland> and then `/etc/init.d/ssh restart`
<Dave-X> of corse
<Dave-X> ty kirkland
<kirkland> Dave-X: welcome
<Ergo^> hello
<Ergo^> i want to run something like : @reboot for i in /var/www/fastcgi/startup/*.sh; do $i; done
<Ergo^> in cron
<Ergo^> but it appears that @reboot command doesnt work
<Ergo^> how do i deal with that ?
#ubuntu-server 2008-10-01
<kirkland> mathiaz: i want to learn more about your kvm/raid/segfault problem
<kirkland> mathiaz: i'm trying to reproduce it and i cannot
<mathiaz> kirkland: hm  - I'll post my libvirt configuration
<kirkland> Ergo^: you want to run those on startup, or on shutdown?
<mathiaz> kirkland: it may help you debug it
<kirkland> mathiaz: thanks
<Ergo^> kirkland: i need on startup
<kirkland> mathiaz: i have two minor patches, one for landscape-client, and one for update-motd looking for a sponsor
<mathiaz> kirkland: I'm also running on a hardy host with an amd processor
<kirkland> Ergo^: /etc/rc.local is one option
<mathiaz> kirkland: right - is this some kind of tradeoff ?? ;)
 * kirkland wheels and deals :-)
<mathiaz> kirkland: you fix my kvm bug and I sponsor your diffs ?? :D
<kirkland> mathiaz: will code for uploads
<kirkland> :-)
<mathiaz> kirkland: lol
<kirkland> mathiaz: serious, i want to fix that kvm segfault
<mathiaz> kirkland: you should put that as your blog tag line
<kirkland> mathiaz: it's been a few days since I saw it
<kirkland> mathiaz: :-)
<kirkland> mathiaz: qcow, and qcow2 image files are working fine for me now
<kirkland> mathiaz: and so is the bootable flag
<mathiaz> kirkland: http://paste.ubuntu.com/52642/
<kirkland> mathiaz: is your kvm host machine intrepid?
<mathiaz> kirkland: ^^ that's my guest configuration
<mathiaz> kirkland: yes
<mathiaz> kirkland: he no
<mathiaz> kirkland: my host is running hardy
<kirkland> mathiaz: ah
<kirkland> mathiaz: hmm, my host is intrepid
<mathiaz> kirkland: that's why I'd like to know if you can reproduce it on intrepid
<kirkland> mathiaz: let me scp my img files over to hardy
<mathiaz> kirkland: right - do you have a hardy host ?
<kirkland> mathiaz: but of course
<Ergo^> kirkland: thanks
<kirkland> mathiaz: i've got 8 dual cores Intel and AMDs, a PPC running a variety of Ubuntu OS's :-)
<kirkland> mathiaz: all of them but the PPC having virt technology on the chip ;-)
<mathiaz> kirkland: he - I've got.... one laptop that doesn't have virt extension and one amd server that has virt extension..
<kirkland> mathiaz: dude, you need a laptop with VT
<kirkland> mathiaz: my wife's little thinkpad x61 is an awesome, small form factor laptop, with dual core intels, and VT
<[Solars]> erm i wonder how I would do this, I want my server to be a file server, but at the same time I want it to be able stream vedio to various windows pc in the house (wireless and lan)
<[Solars]> but also want to manage a bit torrent type service on the server remotely
<mneptok> [Solars]: MediaTomb + BitTornado
<[Solars]> erm never heard of either
<mneptok> well, that's why you're wondering how to do those tasks ;)
<[Solars]> mneptok just never heard of them so just doing som researching :P
<mneptok> [Solars]: MediaTomb is a UPnP media server. BitTornado is a CLI torrent client.
<[Solars]> yea reading up on mediatomb.. just don't know how spiffy my wife is on CLI stuff
<mneptok> what does she need to do?
<[Solars]> add torrents as she find them
<[Solars]> perhaps a way to interface...
<mneptok> all she'd have to do is drop the .torrent file in a directory
<[Solars]> might just have her come tothe pc
<mneptok> screen btlaunchmanycurses.bittornado --minport 6881 --maxport 6891 --max_upload_rate 50 /home/share/torrents
<[Solars]> is mediatomb and bittornado multithreading?
<mneptok> then she just has to put torrents in /home/share/torrents when she wants to download them
<[Solars]> thats good idea
<[Solars]> i am sure you can thottle the BT app
<mneptok> i have one every once in a while
<mneptok> --max_download_rate
<[Solars]> just gotta make it nice and simple for the wife thats all
<mneptok> have an rc script that fires off the BiTornado command at boot time. she just drops files into a folder.
<mneptok> (and waits)
<[Solars]> does the BT auto delete the .torrent files when completed?
<hads> Put it in cron @reboot with screen -d -m
<[Solars]> erm mediatomb looks like a nice interface
<[Solars]> sould put something over on the server and test it out
<mneptok> [Solars]: MediaTomb is a UPnP server. it's interface is that of the device accessing it.
<[Solars]> recommended a interface?
<mneptok> uhhh ...
<mneptok> i think you're confused as to what a media server does. :)
<mneptok> it HAS no interface.
<[Solars]> nay you confused me :P
<mneptok> i use MediaTomb. i access it with my PS3. the UI is that of the PS3.
<[Solars]> just have to see if I can find a UPnP device :P
<[Solars]> erm didn't realize xp had UPnP interface built in
<mneptok> *ding*!  :)
<[Solars]> heh just gotta figure out how to get it 'working'
 * [Solars] ponders
<[Solars]> mneptok you still there?
<mneptok> nope!
 * mneptok ducks behind the couch
<[Solars]> heh so the only way to add media to the mediatomb is to phyically move the data there, then manually add it to the database?
<mneptok> or move it to a network share mounted by the nedia server
<mneptok> *media
<[Solars]> or would it be easier just use samba?
<mneptok> MT's config allows monitoring of locations in the filesystem for new content
<mneptok> i'm not seeing why you want a media server, then.
<[Solars]> hold on
<[Solars]> lemme see if i can find a defualt location and put a file there
<mneptok> wanting a media server, and being surprised data needs to be on the server in order to be served is a disconnect i can't parse.
<[Solars]> heh thats not the case
<hads> How would it serve things if they weren't available?
<[Solars]> more like how do i add the data
<[Solars]> and i took a break to watch fringe
<hads> You add files via NFS/CIFS/WebDAV/etc.
<mneptok> you look in the MediaTomb config file and determine wher it is expecting the dat store to be.
<mneptok> *data
<[Solars]> well i got a avi in there now to see if i can get it to stream :P
<fearthenofear> hello
<fearthenofear> I need help with setting up Ubuntu Server 8.04 LTS. I have installed it and now I'm trying get the network settings. How I am using this server is to put files on it and possibly use it for printing as well. It is currently connected through a router via ethernet cable and the router has wireless. I am wanting to use only within the house it is currently on and not on the internet if that is possible.
<[Solars]> erm prolly can't help much but does your rotuer and the blinking lights on the nic card blink (e.g. using the correct cable?) (thats the extent of my help) :)
<fearthenofear> Yes
<fearthenofear> it shows it is connected and i did a ping on the router but forgot tell it how many times to ping the router so I had to shut the computer off which then made my router freeze up
<kgoetz> fearthenofear: can you rephrase your problem? i'm not exactly sure what it is ...
<mmcoffee> if you're pinging from the terminal, pressing control + c will stop it from pinging.
<kgoetz> fearthenofear: also, there may be a print/file server task you can use
<[Solars]> erm you could just ctrl-c and make it stop
<fearthenofear> I will be on later tonight to get this problem figured out.
<uvirtbot> New bug: #276605 in openldap (main) "package slapd 2.4.11-0ubuntu4 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/276605
<fearthenofear> I am having a problem trying to figure out my network settings to become a server computer that is available to the people who can connect through the wireless internet in my house. I am trying to configure the network connections so that I can transfer files to it. If possible, I would like to have a hard drive hooked up via USB.
<fearthenofear> I am connected via ethernet cable to the router and I have put the IP address that the router gives my computer into the /etc/network/interfaces. I have pinged the router and it gets back within .5ms. I have pinged cyberciti.biz it gets back at 150ms.
<kgoetz> fearthenofear: have you looked at the server guide?
<fearthenofear> I have looked at many server guides online but I have not found one that gets me completely through the network connections part.
<kgoetz> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<kgoetz> that one
<mmcoffee> How would I go about uploading a guide to the server guide?
<kraut> moin
<kaushal> hi
<kaushal> I have compiled tomcat from src
<kaushal> on ubuntu 8.04
<kaushal> I have created the start/stop script
<kaushal> http://rafb.net/p/zDUeNP46.html
<kgoetz> and?
<kaushal> kgoetz, is there start/stop script for tomcat which is build from src from http://tomcat.apache.org/download-55.cgi
<kgoetz> kaushal: and would you like a gold star? or are you telling us for some other reason?
<michazoet> hi to all
<kaushal> shutdown.sh and startup.sh
<kaushal> I want to run it from /etc/init.d/
<michazoet> is there someone with OpenLDAP knowledge around?
<kaushal> michazoet, #openldap
<Koon> kaushal: the one shipped with tomcat 5.5 packages doesn't work for you ?
<kgoetz> !anyone | michazoet
<ubottu> michazoet: A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<michazoet> kaushal: thx
<kaushal> Koon, the binary does not work for me
<kaushal> the catalina.out files does not get logged
<kaushal> so I have downloaded from src
<Koon> kaushal: did you try the workarounds ?
<kaushal> it works fine with out any issue
<kaushal> Koon, yes
<Koon> kaushal: I think the problem comes more from the init script (the way it uses jsvc to drop privileges and the way it chooses its JVM) than from the binary
<kgoetz> kaushal: you should file a bug, if you can still provide any info
<Koon> kaushal: so copying the one from tomcat5.5 package probably won't work
<Koon> kaushal: In my setup everything gets logged properly.
<kaushal> Koon, ok
<Koon> kaushal: However i'm using openjdk and a modified init script
<kaushal> Koon, I have this init script http://rafb.net/p/zDUeNP46.html
<Koon> kaushal: is /var/lib/apache-tomcat-5.5.27/bin/setenv.sh set up properly ?
<Koon> also with this init script you will run tomcat as root
<Koon> i'd prefer fixing why the packaged tomcat5.5 doesn't work for you rather than debugging your own init script
<Koon> my fix to your logging issue :
<Koon> install openjdk-6-jre
<Koon> then...
<Koon> (let me fetch that diff)
<Koon> http://pastebin.ubuntu.com/52747/
<Koon> this is the fix that is in a pending tomcat5.5 sru
<Koon> note that installing sun-java6-jdk should also work
<Koon> without even modifying the initscript
<Koon> and that's where I've a doubt with your config
<kaushal> Koon, do you want my config
<Koon> since you said yesterday you were using sun's JVM... and the logging issue is (afaict) gcj+security manager related
<Koon> kaushal: I could use your /etc/default/tomcat5.5 contents, yes
<kaushal> Koon, which config you are looking fot
<kaushal> for*
<kaushal> is it server.xml
<Koon> kaushal: no, I'm assuming you're trying to get some logging on a default install, without server.xml customizations ?
<kaushal> yeah
<Koon> kaushal: for me doing "sudo apt-get purge tomcat5.5 && sudo apt-get install sun-java6-jdk && sudo apt-get install tomcat5.5" will result in an installation of tomcat5.5 that does log properly
<Koon> without any post-install configuration
 * Koon confirms by testing in parallel on a hardy VM
<kaushal> ok
<Koon> kaushal: i confirm that creates logs in /var/log/tomcat5.5, however due to some jsvc restrictions they are only readable by root
<Koon> $ sudo tail -n1 /var/log/tomcat5.5/catalina.2008-10-01.log
<Koon> INFO: Server startup in 694 ms
<kaushal> Koon, agreed
<Koon> kaushal: you mean you can get some logging now ?
<kaushal> but when i run my application it does not get logged
<kaushal> :(
<Koon> ah.
<Koon> kaushal: that's a different issue :)
<kaushal> so when i compiled from src it gets logged
<kaushal> here in /var/lib/apache-tomcat-5.5.27
<Koon> one that probably comes from the security manager
<Koon> please add TOMCAT5_SECURITY=no at the end of your /etc/default/tomcat5.5 file
<kaushal> i did that already
<Koon> and restarting tomcat you still don't have application logging ?
<kaushal> yes
<Koon> kaushal: then you need some tweaking of /etc/tomcat5.5/logging.properties
<kaushal> ok
<Koon> the juli logmanager is enabled by default in /etc/init.d/tomcat5.5
<Koon> and it is a little picky with his friends
 * Koon tries something
<Koon> kaushal: the way /etc/init.d/tomcat5.5 is written, it will use the juli logmanager (configured in logging.properties) and redirect the catalina.out to syslog
<Koon> you should have a look there to see if your messages show, and/or reconfigure logging.properties to add your application
<Koon> kaushal: let me know how it goes
<kaushal> Koon, ok
<kaushal> I dont see anything in the syslog
<kaushal> so how can i configure it to use catalina.out file
<kaushal> I mean using logging.properties
<Koon> logging.properties will let you define specific files for each application
 * Koon tests
<Koon> see http://tomcat.apache.org/tomcat-5.5-doc/logging.html for configuration of logging.properties
<mindspin> Hi, I'm not sure if it is a server question, but I cannot reach several websites. client and router/server is hardy
<mindspin> name resolution works
<mindspin> when I have a look with wireshark, I can see, the webserver is sending RST
<mindspin> whenever I start the request, the router is sending an ARP request for the IP of the client machine, is this ok?
<mindspin> the win machine in the LAN can acces those websites fine
<mindspin> it is a real weird problem
<normanm> mindspin: you talk about websites in the internet or the local lan ?
<mindspin> internet
<mindspin> normanm: internet
<normanm> mindspin: maybe mtu issue ?
<mindspin> I scwitched up and down, but got no success
<normanm> what kind of router it is ?
<mindspin> pc hardy
<normanm> so yu do masquerading via iptables ?
<mindspin> yes
<kaushal> hi
<kaushal> I am facing this error http://rafb.net/p/GiUuLb55.html
<normanm> mindspin: have you tried to use --clamp-mss-to-pmtu ?
<normanm> mindspin: man iptables ;-)
<mindspin> ;-) dunno, I did it with fwbuilder but I'll have a look into the script
<mindspin> no "clamp" in the script
<normanm> mindspin: I have no idea howto set it in fwbuilder .. I just use iptables written by hand
<mindspin> I'll check it
<mindspin> found it
<mindspin> works
<mindspin> many thanks mate well done
<normanm> ;-) np
<mindspin> bye
<mindspin> Got another question
<normanm> mindspin: go for it
<mindspin> I#d like to add the "Time" modul to iptables, but it is not supported in hardy, should I act by hand or will the 8.10 release include it?
<mindspin> I desperately need to restrict the online time of my son and therefor it would be handy to do it with iptables
<normanm> mindspin: why not use squid =?
<mindspin> Squid is too much work now, I have no time yet to play around with squid
<mindspin> the "worktime" way would be handy right now
<uvirtbot> New bug: #276606 in openldap (main) "package update-manager 1:0.93.18 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1)" [High,Triaged] https://launchpad.net/bugs/276606
<stka> hi
<stka> how can I use SWAT for configuration of the samba Server without giving the root-account a password
<slangasek> you can't; this is but one of the weaknesses of SWAT's design
<stka> :-(
<stka> slangasek: I just found a solution. 1.) chgrp admin smb.conf  2.) chmod g+w smb.conf
<slangasek> hmm, ok, I guess that's an option
<slangasek> at least, I can't think of any reason off the top of my head why it should explode :)
<stka> with Linux there is allways a solution ;-)
<kaushal> Koon, yt ?
<Koon> kaushal: yep
<kaushal> Koon, my bash script works fine
<kaushal> I want to implement status in my bash script
<kaushal> can you please give me some examples
<Koon> kaushal: maybe something like https://wiki.ubuntu.com/InitScriptStatusActions would help
<kaushal> Koon, http://rafb.net/p/hAXSQM49.html
<Koon> kaushal: status is difficult with java servers because you can't just grep for "java", so you need to get a pidfile, which is difficult if you don't use jsvc
<Koon> kaushal: that's one of the reasons behind the use of jsvc in the official script. It sucks in many ways (especially its default umask) but it is more initscript-friendly
<Koon> kaushal: so i don't really have a simple solution for you
<kaushal> :(
<Koon> kaushal: one way would be to write a tomcat-status script that really contacts tomcat on a control port to certify that it is running
<osac> installed denyhosts the other day cos of attacks started within 10mins since opened firewall
<osac> so what about other services ..mail,ftp apache
<osac> will be constantly under some sort of attack ..how u solve prob like that
<normanm> osac: you can use mod_security or something like that (HTTP/HTTPS)
<osac> normanm: will look into that one, thx
<normanm> np
<osac> finaly decided to rent virtual server and now I'am all into security .p
<osac> dont want to get rooted 5mins after going live
<mynameistux> hey, I have a particurlaly n00by question about SAMBA. I havn't set up my server yet, and I am not sure if SAMBA is the tool I am looking for
<mynameistux> with SAMBA, can I share stuff (between windows and ubuntu) that remains on the harddrive of the computer it is being shared from, and have some things on the samba server's hdd, that can be accessed as well?
<mynameistux> also, what kind of configuration needs to be done to a windows pc, so that it can access my SAMBA shares?
<mynameistux> any help would be much appreciated
<didrocks> jdstrand: around? Did you have the time to look at my patch? :)
<jdstrand> didrocks: not yet, I was chasing down buildd issues for various updates
<didrocks> jdstrand: good luck for resolving them :)
<jdstrand> thanks, I think my part is mostly done now
<jdstrand> didrocks: would it be possible for you to test your patch against ufw 0.23 (in bzr)? if not, I understand and I can do it when I have a bit more time
<didrocks> jdstrand: no pb. It can wait for a couple of day because I am very busy with ubuntu-fr these days, but I can merge with your last trunk version :)
<jdstrand> didrocks: that would be a huge help, thanks :)
<didrocks> jdstrand: you are welcome. Did you add some tests cases for 0.23?
<didrocks> (that is the time consuming part, as adding one line car change every numbers in the result test files)
<jdstrand> didrocks: I did. not too many new ones, but there were some changes in command output to fix confusing output, which affected results files
<jdstrand> didrocks: your results will hopefully not need tweaking, just adding to the end of 0.23 tests
<didrocks> jdstrand: ok, will have a look into this and keep you in touch :)
<didrocks> jdstrand: I cross my fingers ^^
<mynameistux> *realises that problem probably wont be solved tonight*
<LiENUS> does the latest ubuntu have xen support?
<psufan> anyone know if /var/log/secure was replaced yrs ago and I didn't get the memo or do I have a real situation here
<psufan> it's missing on 2 ubuntu server boxes
<kirkland> kees: i'm not able to reproduce https://bugs.edge.launchpad.net/ubuntu/+source/virt-manager/+bug/198967 on intrepid
<uvirtbot> Launchpad bug 198967 in virt-manager "Screenshot image overwrite hangs virt-manager" [Undecided,New]
<kirkland> kees: i'm going to mark it "Fix Released", unless you have time to re-test it right quick
<kaushal> hi
<kaushal> I am faced with the error on dmesg
<kaushal> http://rafb.net/p/ZXAQDV26.html
<kaushal> I am running 2.6.24-19-server
<mathiaz> kirkland: ok - it seems that the raw file format doesn't trigger a kvm crash when creating a RAID array
<mathiaz> kirkland: only qcow2 files make kvm crash
<kirkland> mathiaz: and that's with a Hardy host
<mathiaz> kirkland: yes
<kees> <random>I have more people downloading 7.10 than 8.04 ISOs in my torrent tracker</random>
<sommer> maybe it's for historical purposes :)
<henkjan> off by one
<henkjan> they want 8.10
<mathiaz> kirkland: I've been playing wit the degraded boot option. During install, I set it to yes. I've rebooted once and shutdown the guest. Then I've removed one of the kvm drive.
<mathiaz> kirkland: On the first reboot, the system boot as expected. I then run dpkg-reconfigure mdadm and set the system to not boot from a degraded array.
<mathiaz> kirkland: on the second reboot, the system *still* boots
<kirkland> mathiaz: correct
<mathiaz> kirkland: well - I've got a degraded array and I've set the system to not boot from a degraded array.
<kirkland> mathiaz: because "degraded" is now the expected state of your array
<mathiaz> kirkland: but it still boots ...
<kirkland> mathiaz: kees and I have talked extensively about this one
<mathiaz> kirkland: ok then.
<kirkland> mathiaz: once you've booted your array "degraded", that is the expected state of your array
<kirkland> mathiaz: what you should do is re-add the second disk
<kirkland> mathiaz: wait for it to resync
<kirkland> mathiaz: which you can monitor with `watch -n1 cat /proc/mdstat`
<mathiaz> kirkland: right - so this option is more if the state of your array has changed wrt the previous boot, then you boot or not
<kirkland> mathiaz: do your dpkg-reconfigure ... set to NOT boot on degraded
<kirkland> mathiaz: right
<kirkland> mathiaz: remove a disk
<kirkland> mathiaz: reboot
<kirkland> bye bye kornbluth
<kirkland> mathiaz: it should wait 30 seconds
<mathiaz> kirkland: okidoki - I'll play with this a bit more
<kirkland> mathiaz: and then prompt
<kirkland> mathiaz: k
<mathiaz> kirkland: right - I saw a delay on the first reboot with a degraded array
<kirkland> mathiaz: i tried to word the debconf dialog very carefully
<kirkland> mathiaz: i *think* the words i used was "if your raid _becomes_ degraded ..."
<mathiaz> kirkland: right - I'm not sure about one of the sentence though
<mathiaz> kirkland: the last sentence
<mathiaz> kirkland: http://paste.ubuntu.com/52943/
<mathiaz> kirkland: I would put the emphasis on the fact that enabling this option will make the system boot unattended.
<kirkland> mathiaz: what wording do you suggest?
 * mathiaz thinks
<kees> "Unexpected RAID inconsistency" ?
<LiENUS> uh oh
<kaushal> CFI: Found no ck804xrom @ffc80000 device at location zero
<kaushal> its getting hanged
<kaushal> really really annoying
<LiENUS> your raid aray is refargling the ten4
<mathiaz> kirkland: the issue is not that you should not boot from a degraded array, it's more that we're not sure of the state of the array and we may boot a system that is inconsistent.
<mathiaz> at least that's what I recall as being the reason for not booting at all.
<kirkland> mathiaz: my concern would be booting a system that's unprotected
<LiENUS> is xen considered stable with ubuntu server?
<mathiaz> kirkland: hm - that's a valid concern but I don't thing it's the main issue in that case
<nxvl_> sommer: ping
<mathiaz> kirkland: the main issue is that we may boot an array that has the wrong drive in it (due to bad timing detection of the drives or something similar)
<kirkland> mathiaz: okay
<mathiaz> kirkland: I'm still thinking about the wording
<kirkland> mathiaz: and you'd like to express that in the debconf dialog?
<mathiaz> kirkland: the impression I've got from reading the message is that I will enable to boot from a degraded array no matter what as the reason I'm using a RAID array is to protect from hardware failures.
<sommer> nxvl_: yo
<nxvl_> sommer: just replied to your e-mail
<kirkland> mathiaz: okay....
<sommer> nxvl_: awesome, thanks man
 * kirkland is still trying to figure out where mathiaz is going with this
<nxvl_> sommer: http://flickr.com/photos/nxvl/2508022363/in/set-72157605156928350/
<sommer> nxvl_: heh
<sommer> good stuff
<nxvl_> yeah
<mathiaz> kirkland: what about something along these lines: However if you don't have access to the server console to fix the system from the recovery shell and want to force the system to boot in the event of a degraded array, you might answer yes to this question.
 * nxvl_ still remember the waitress
<kirkland> mathiaz: i tried to be as brief as possible to keep everything within a 80x24 screen
<sommer> nxvl: lol, easy killer
<nxvl> :D
 * sommer goes back to work with a sigh
<nxvl> sommer: are you planning on atending on December?
<mathiaz> kirkland: right
<sommer> nxvl: yeppers
<nxvl> \o/
<kirkland> mathiaz: pastebin the full text you're thinking of
<nxvl> more beers for deserv
<nxvl> i'm already thinking on the new UDS and i still remember the last one as if were last week
<sommer> heh, have to see how it goes :)
<nxvl> i hope that howard goes to, he live in the area
<mathiaz> kirkland: http://paste.ubuntu.com/52948/
<kirkland> mathiaz: s/force/enable/
<mathiaz> kirkland: right.
<kirkland> mathiaz: http://paste.ubuntu.com/52951/
 * kirkland counters with ^
<kirkland> mathiaz: I'm fine with the verbage, if you want to upload a change to mdadm
<mathiaz> kirkland: My point is that I found that the last sentence in the current version is to generic and may lead sysadmin to not totaly think through what it means to enable this option.
<mathiaz> kirkland: that's why I've tried to narrow down the situation where you'd enable this option
<kirkland> mathiaz: okay
<mathiaz> kirkland: the default is yes though.
<kirkland> mathiaz: a very, very vocal majority on the wiki and LP bugs insist that if they're installing RAID, they want boot fault tolerance
<kirkland> mathiaz: but note that the priority is such that in the installer, if your /boot or / is on RAID, you WILL see the prompt
<mathiaz> kirkland: right - I think that's ok.
<kirkland> mathiaz: i probably would have left it "no" if it were not presented to RAID users at all
<kirkland> mathiaz: for consistency with previous Ubuntu releases
<psufan> was /var/log/secure replaced with something?
<kirkland> psufan: i don't ever remember a /var/log/secure on Ubuntu ....  you might be looking for /var/log/auth ?
<psufan> could be
<psufan> it was before ubuntu that I last looked at that file ;)
<psufan> I just wanted to confirm it wasn't deleted
<kirkland> psufan: yeah, i just checked a fedora machine, and auth =~ secure
<kees> kirkland: sorry, I got a bit lost in the raid discussion -- what are the installed (and upgrade) defaults for boot-degraded?
<psufan> thx
<kirkland> kees: on installation, there's a screen added to the end of partitioning that will force the user to select YES/NO with the degraded raid debconf prompt
<kirkland> kees: YES is highlighted, but as i said, it is a conscious choice
 * kees nods
<kirkland> kees: i don't actually know about the upgrade behavior
<kirkland> kees: i'll add that to my todo list to test
<kirkland> kees: the debconf question is actually in the mdadm udeb
<kees> kirkland: it's really important that upgrade behavior defaults to "no", otherwise the people that want "no" will freak out.  :)
<kirkland> kees: yeah, i think you're probably right
<kees> I have no problem with the visually prompted default to highlight "yes", but the unattended or upgrade path should choose "no".
<kirkland> kees: i think it might be undefined, actually, in that it's the mdadm udeb that has the debconf question
<kees> that may take some detecting of the debconf prompting level, etc.
<kirkland> kees: okay, i'll test
<kees> kirkland: sweet, thanks muchly (as a person wanting the "no" behavior)
<kirkland> kees: i hear ya ;-)
<kirkland> kees: i want to put all the most vocal people on this topic in a cage match to the death :-)
<kirkland> kees: and sell tickets
<kees> kirkland: heheh.  it really gets down the fundamentally one side trusting drives and md vs not.
<kees> if you don't trust the drive ordering and/or md doing the right thing, you want to manually boot.  it can be argued that this is a very paranoid stance.  :)
<kirkland> kees: I'm installing a hardy raid guest now
<ivoks> ScottK: i will :)
<FFEMTcJ> has anyone reciently downloaded and burned to a cd 8.04 server? ive tried many times and i keep getting an integrity test failed on the same file... ./dists/hardy/main/binary-i386/Packages.gz
<ScottK> ivoks: Thanks.
<ivoks> np
<trashguy> I love my city
<trashguy> http://losangeles.craigslist.org/sfv/adg/836109998.html
<nxvl> emgent: ping
<trashguy> woop
<trashguy> wrong room
<trashguy> Anyone  run zimbra here?
<ivoks> i do/did, but i didn't like it
<trashguy> well
<trashguy> i rather run it then exchange
<trashguy> and form what ive done with it so far its pretty much an exchange alternative
<trashguy> outlook doesn't even notice
<trashguy> need to find someone who ran it on a SAN
<trashguy> with mutiple Mailbox servers and MTAS etc
<emgent> nxvl: half pong
<emgent> nxvl: i go to sleep, feel free to mail me, night :)
<osac> anyone running honeyd in vmware with dhcp ?
<lukehasnoname> Suggestion: Make video casts of the virtualization process with a fresh ubuntu install and KVM
<uvirtbot> New bug: #276912 in gvfs (main) "[intrepid] gvfsd-smb crashed with SIGSEGV in strlen() (dup-of: 264943)" [Undecided,New] https://launchpad.net/bugs/276912
<uvirtbot> New bug: #276913 in gvfs (main) "[intrepid] gvfsd-smb crashed with SIGSEGV in strlen() (dup-of: 264943)" [Undecided,New] https://launchpad.net/bugs/276913
<uvirtbot> New bug: #227322 in openssh (main) "[openssh] [CVE-2008-1657] possibility to bypass global "ForceCommand" directive" [Low,Fix released] https://launchpad.net/bugs/227322
#ubuntu-server 2008-10-02
<FroMaster> Is there a JeOS 64-bit or only 32-bit at the moment?
<stephen|sflc> does the resolve.conf need to be the local IP address.. or the external IP address?
<kgoetz> stephen|sflc: it has to be the nameservers ip
<SteckelBud> broken apache mod_rewrites- I installed apache on install, then added rewrites, but still doesn't work with drupal--any hints?
<hads> mod_rewrite can do logging, that's useful to see what's wrong.
<Poweruser> hello
<Poweruser> ?
<kgoetz> !greet Poweruser
<ubottu> Sorry, I don't know anything about greet poweruser
<kgoetz> aw
<kgoetz> !hello
<ubottu> Hi! Welcome to #ubuntu-server!
<antdedyet> hi
<Poweruser> thanks :)
<Poweruser> need some slapd help :)
<kgoetz> ah oh :o
<Poweruser> sorry starting to get used to empty IRC channels
<Poweruser> can u ghelp me ?
<Poweruser> kgoetz, can u?
<kgoetz> Poweruser: ask your question - if someone can help, they will
<Poweruser> need somhe help getting a basic slapd and samba conf going
<kgoetz> pretty sure wiki.samba.org has info on that
<kaushal> hi
<kaushal> when i do W: A error occurred during the signature verification.
<kaushal> when i do aptitute update
<ropetin> Do you have any non-standard sources in your apt sources?
<ropetin> OR not
<kaushal> hi
<kaushal> when i do apt-get update
<kaushal> i get
<kaushal> W: A error occurred during the signature verification.
<kraut> moin
<mdz> I noticed on a test install that the landscape-sysinfo status doesn't get displayed on first login, presumably because the cron job hasn't run yet
<mdz> likely not a problem, but it was noticeable
<danielm_mc> anyone in here?
<uvirtbot> New bug: #276292 in linux-meta (main) "Metapackages for virtual flavour are missing" [High,New] https://launchpad.net/bugs/276292
<gouki> Hi. How can I list all locked accounts? I don't see any changes in /etc/passwd to grep it.
<ivoks> there are changes
<ivoks> in /etc/shadow
<gouki> I'm also getting login incorrect when trying to login with a locked account. Is there any way of changing the output given?
<gouki> ivoks: Thank you. I'll check it.
<ivoks> there's '!' in front of the password
<gouki> ivoks: I see. So when locking a user, we're actually just 'changing the password'.
<ivoks> locking account is actually changing password to something that won't work :)
<ivoks> correct
<gouki> :) Got it! :) So I believe that second question is no. There isn't a way to change the output when a locked user tries to login.
<ivoks> well, it's open source :)
<gouki> Indeed!
<gouki> Without changing pam, or something similar :)
<ivoks> nothing is impossible
<uvirtbot> New bug: #277053 in openldap (main) "appamor prevents slapd.d to write cn=config" [Undecided,New] https://launchpad.net/bugs/277053
<Kamping_Kaiser> that bug looks familar
<sommer> yay  http://www.linux.com/feature/148629
<bosky101>  hi , would be gr8 if u threw some light upon a thought of partcular interest
<bosky101> im just moving from a single node setup to a multi-node one. how do u implement session mgmt
<bosky101> point user to the same node (persistent load-balancing) / no state (just urls/rewrites) / some mixture of state shared across a db ... ?
<uvirtbot> New bug: #277103 in freeradius (universe) "[intrepid] freeradius modules are missing" [Undecided,New] https://launchpad.net/bugs/277103
<mathiaz> kirkland: hello mister RAID ! :D
<mathiaz> kirkland: I did some more testing yesterday with raid0 and raid5.
<mathiaz> kirkland: I've put raid0 and raid5 on / (with /boot on the same partition) and the system got stuck at grub loading
<mathiaz> kirkland: which makes sense since grub doesn't support booting from RAID0 or RAID5 AFAICT
<mathiaz> kirkland: however the installer didn't emit a warning
<mathiaz> kirkland: or grub-install didn't fail
<uvirtbot> New bug: #277120 in openssh (main) "openssh-server init script contains irrelevant --pidfile argument to start-stop-daemon" [Undecided,New] https://launchpad.net/bugs/277120
<cyris|> any idea why I'm getting this packages kept back ? bind9-host dnsutils libbind9-30 libisccfg30 linux-image-server linux-server
<shame> just discovered /etc/crontab had been modified on 7/21 and apparently hasn't been used since, but I don't see anything in logs and it looks fine http://pastie.org/283641
<shame> anyone have an idea what to look for ?
<shame> the cron.daily etc scripts have not run since 7/31
<shame> 7/21 I mean
<shame> the box has been rebooted since, too
<shame> Oct  2 10:33:14 tug cron[28304]: Error: bad username; while reading /etc/crontab
<shame> wut?
<shame> oh jeez.. got it
<shame> if anyone's curious, there was a piece of the /etc/crontab that was omitted from the pastie that emailed an admin account on @reboot, something like @reboot echo "$(hostname) rebooted $(date)" |mail foo@example.com -s "$(hostname) Rebooted"
<shame> popping a 'root' after @reboot fixed it
<brousch> I can't find any info on tomcat5.5 in the server guide, help, or wiki. Are the docs as neglected as they seem, or am I missing something?
<ScottK> sommer: ^^?
<sommer> brousch: here's a link to the development serverguide on tomcat6: http://doc.ubuntu.com/ubuntu/serverguide/C/tomcat.html
<sommer> brousch: not sure if that's what you're looking for though
<brousch> sommer, that is what I'm looking for, but I can't find it by searching the web site. If you start at http://help.ubuntu.com and follow the Server Guide link, that version does not mention Tomcat
<brousch> Also, I don't see tomcat6 in the ubuntu 8.04 repos, I only see tomcat5.5. It looks like tomcat6 isn't coming until ubuntu 8.10
<mathiaz> brousch: correct. tomcat6 will only be available in 8.10
<nxvl> kirkland: ping
<kirkland> nxvl: yo
<nxvl> kirkland: did you already played with patch-tracker?
<kirkland> nxvl: only the debian frontend
<kirkland> nxvl: i have not looked at the code or tried to install it
<nxvl> kirkland: so just as an user?
<kirkland> nxvl: right
<nxvl> ok
<kirkland> nxvl: you wanna set up the server?
<nxvl> i've just cloned the git repo
<nxvl> and was about to give it a look
<toonew> hi there - ne1 out there
<toonew> hey hey
<lastdays> Help:Fresh JeOS,I need use pppoe with my xDSL,how to!
<sainzeo> hi all - I just installed Ubuntu Server into a virtual machine and am having problems with it as it doesn't seem to be accepting incoming connections - it can see the world and can ping others, but nothing can see it or ping it - any suggestions?
<brousch> sainzeo, is it NATted?
<sainzeo> brousch: i've tried using the Shared Networking option in Parallels as well as using the ethernet connection directly..
<brousch> sainzeo, does it get a non-NAT IP address using either of those methods?
<sainzeo> yeah - using the ethernet connection directly, I get a normal network IP address
<brousch> I'm not really familiar with parallels, but could the OSX firewall also be applying itself to the VM?
<sainzeo> brousch: i don't believe so as I had no problem with Ubuntu Server Gutsy....I am currently using Hardy though...
<[Solars]> where is a good spot to put a multimedia directory within the directory hiarchy ... going to be used to store media by multiple users
<sainzeo> brousch: does Hardy Server install some kind of firewall along with the LAMP installation or something?
<brousch> sainzeo, not that i know of
<brousch> what happens when you ping to the VM IP address?
<sainzeo> brousch: times out :(
<brousch> sainzeo, I have no other ideas. The symptoms point to a NAT/routing/firewall problem, and I don't see anything similar on Google searches. :)
<sainzeo> brousch: yeah i know - i wasn't able to find much either...hmm...maybe i'll just put gutsy back on and see what happens - thanks for your time though!
<kirkland> mathiaz: ping
<kirkland> mathiaz: i have a new upload of mdadm in the works, fixing 2 significant bugs
<kirkland> mathiaz: i could probably attach that debconf wording change onto here, if you want
<ivoks> mathiaz: drbd thing ended up being more complicated than we tought - i'm working with TJ from kernel team on this one
<kirkland> mathiaz: actually, i think we missed string freeze
<ScottK> ivoks: clamav with your apparmor change uploaded.  Thank you again.
<ScottK> jdstrand: ^^
<jdstrand> \o/
<ScottK> Beta is released, so we're free to break stuff now, right?
<Nafallo> ScottK: -> slangasek
<Nafallo> :-)
<ivoks> ScottK: no problem at all
<slangasek> no, you're not free to break me
<ScottK> slangasek: You aren't stuff.
<slangasek> harsh
<ScottK> Really?
<ScottK> Maybe that didn't come out like I intended then.
<slangasek> heh
 * Nafallo laughs
 * NCommander just had a horrible idea involving breaking stuff, slangasek, and a cast
 * ScottK was thinking 'stuff' = non-living items.
<NCommander> ScottK, well, its easy to make someone non-living
 * ScottK doesn't want to know.
<ScottK> True.
<ScottK> Then they can at least be stuffed.
<NCommander> *things_to_be_broken = (stuff) slangasek;
 * NCommander runs
<NCommander> although if we accept that to be broken it must be stuff, and to be stuff, it must be non_living, then we need to a call to homicide()
<NCommander> ....
<NCommander> I'm going to shutup now
<[Solars]> whats the best way to see what packages are installed on my server so i can systemactically go through each one and decide if i need it or not
<RediXe> How would I change a group ID to a custom #
<trashguy> [Solars], dpkg -l
<[Solars]> heh wow got lots of stuff installed
<trashguy> dkg -l | wc -l
<trashguy> show u how many pkgs are installed
<[Solars]> i should start from scratch
<[Solars]> if thats possible
<[Solars]> have a bare bone system without any updates
<[Solars]> then install what i want :P
<[Solars]> else i just end up installing packages i don't ever use except for that one time
<[Solars]> or have stuff hanging there from an old dependancy
<[Solars]> 1154 pkg
<[Solars]> doesn't help that ihave X installed :)
<trashguy> ,y email server has
<trashguy> 285
<trashguy> running zimbra
<RediXe> drwsrwsr-x     what is the s for?
<[Solars]> i want minual stuff installed but at the same time kinda need gui for the wife
<trashguy> for a server?
<trashguy> RediXe, im aussiming those are permissions
<RediXe> yes for a directory ..
<trashguy> s
<trashguy> o dunno what thsoe s are
<trashguy> usally
<nxvl> mathiaz: is there any easy/quick task in the RoadMap in need of attention
<mathiaz> nxvl: make sure 8.10 rocks !
<nxvl> \o/
<mathiaz> nxvl: done ?
<mathiaz> nxvl: awesome - thanks :D
<nxvl> yup
<nxvl> :D
 * nxvl is quick
<mathiaz> nxvl: what you could do is have a look at the ebox packages
<mathiaz> nxvl: https://launchpad.net/~ebox/+archive
<[Solars]> how many packages does the server install does?
<mathiaz> nxvl: I've started to test them but then got stuck in testing for beta
<trashguy> [Solars], 200ish
<mathiaz> nxvl: what's you could focus on is testing and reviewing the changes between the packages in hardy and intrepid
<trashguy> im used to freebsd, all linux distros feel bloated even server versions ;)
<mathiaz> nxvl: we should try to get them updated before release - in order to do that we'll have to ask for FFe as this is a new upstream version.
<nxvl> mathiaz: ok, wrote on my todo, i will take a look in a few minutes that i finish seting up my schroot
<mathiaz> nxvl: but as of now, the packages in intrepid don't work (because of the cn=config ldap change)
<nxvl> uhg, did you worked that with foolano already?
<mathiaz> nxvl: there are a couple of source packages that needs to need to have a FFe request prepared
<[Solars]> trashguy last time i ever used a *nix was several years ago with FBSD
<nxvl> mathiaz: is there a list of them?
<mathiaz> nxvl: the testing I did with the packages in the PPA are good
<trashguy> linux
<trashguy> is
<mathiaz> nxvl: the packages in the PPA seem to work correclty.
<trashguy> *nix ^^
<trashguy> Look alike oses
<[Solars]> heh
<trashguy> although freebsd is rooted a little more
<mathiaz> nxvl: now we have to do the work to get them uploaded to the archive.
<nxvl> mathiaz: i'm looking for things like testing and writing FFe, since they are a lot and quick, so i can do it after my work hours
<trashguy> i use ubuntu for my desktop and i recently had to install zimbra which doesnt run at all on freebsd
<[Solars]> well i used slackware, redhat, debian, fbsd, and now ubuntu to name a few
<[Solars]> what is zimbra?
<mathiaz> nxvl: awesome - ebox would fit perferctly then ;)
<nxvl> mathiaz: yes, that works perfect for after work hours/dead times while waiting for a process to finish
<[Solars]> which flavor of desktop enviroments is user friendly and not extremly bloated?
<trashguy> Zimbra is an exchange alternative
<trashguy> I run gnome
<[Solars]> i am going to reinstall ubuntu
<[Solars]> this time starting from a server disk
<[Solars]> then build up what i need
<trashguy> i just install desktop
<trashguy> then install server kernel
<trashguy> ^^
<uvirtbot> trashguy: Error: "^" is not a valid command.
<[Solars]> trashguy in any case i want a fresh start ...and its a good way to relearn the system building from the base up
<[Solars]> that way i know whats installed etc
<trashguy> yea
<trashguy> problem is
<trashguy> when yu do
<trashguy> the
<trashguy> ubuntu-desktop
<trashguy> you mind as well just installf ormt he cd
<[Solars]> not sure if i want to do ubuntu-desktop yet or not
<[Solars]> hard to say
<trashguy> that sthe pkg the recommend
<trashguy> if u want a gui
<trashguy> and all your sound and stuff working
#ubuntu-server 2008-10-03
<[Solars]> don't have speakers
<[Solars]> i think ubuntu-desktop gives you kde gnome and some other stuff
<[Solars]> or i can build up from xorg
<[Solars]> dunno might keep you on speed dial :)
 * [Solars] checks cd to make sure the server cd burnt well
<trashguy> ubuntu-desktop gives u gnome
<trashguy> kbuntu
<trashguy> is kde
<[Solars]> ahh
<[Solars]> i never actually played in kde
<trashguy> its not my preference
<[Solars]> looks wierd
<trashguy> i like minimalistic
<trashguy> xfce is even smaller
<trashguy> but i dont liek the default look
<trashguy> and if i mess
<trashguy> with themes or looks
<trashguy> it will end up so ugly
<trashguy> and un usable
<trashguy> ill reinstall
<[Solars]> lol
<[Solars]> heh didn't know people still use xfce
<[Solars]> for large data volumns what fs you like
<[Solars]> ext3?
<trashguy> ZFS ^^
<[Solars]> zfs?
<trashguy> how lare are you looking at?
<[Solars]> 1TB for main area
<[Solars]> ./boot is only 500mb. / is 1.3TB, and swap is 1.5GB
<trashguy> ext3 would be fine
<trashguy> ZFS is suns file system
<trashguy> its pretty much amazing
<trashguy> I have a file server at home tunning freebsd 7 and i have some disks with ZFS
<[Solars]> i vaguely heard of it
<trashguy> its quite powerfull
<trashguy> with disk snapshots
<trashguy> and maintiaing backsups etc
<[Solars]> can i upgrade from ext3 to zfs if i choose to?
<trashguy> its a migration
<trashguy> and
<trashguy> zfs support in linux
<trashguy> is hight experimental
<trashguy> right now
<[Solars]> figured as much
<[Solars]> documentation for it in ubuntu referres back to 7.10
<[Solars]> so its been around for a little bit
<[Solars]> doc also say they are working on an ext4
<trashguy> meh
<[Solars]> it was a interesting read to say the least
<[Solars]> takes for ever to format ext3 on 1+TB
<kgoetz> ext4 has been in devel for a few years
<[Solars]> figured as much
<kgoetz> also, zfs wont make mainline linux, as its CDDS (or whatever suns free licence is)
<trashguy> yes
<trashguy> Stallman is a GPL nazi
<trashguy> BSD license >
<trashguy> You can use our stuff just don't sue us
<trashguy> ZFS is amazing though I am glad they are rolling it in to FreeBSD
<trashguy> i wouldn't use it as a root system but for storage its pretty pro
 * [Solars] must now has to determine "which install package i want"
<[Solars]> sshd and prolly samba
<trashguy> you goign to use cifs?
<[Solars]> common internet file system?
<[Solars]> i mostly want to use samba as media storage
<[Solars]> i suppose i could just install samba myself afterwords
<trashguy> i liek doign stuff post install
<[Solars]> is the preinstall sshd worth doing (not sure what other packages are included with that)
<uvirtbot> New bug: #277327 in samba (main) "Installing wine makes samba shares unaccessible" [Undecided,New] https://launchpad.net/bugs/277327
<[Solars]> they need to stop wineing! heh
<trashguy> i install base sshd
<trashguy> pdate immediatley though
<[Solars]> heh should pay you to ssh to my box after its done setting up and have you fix everthing lol
<[Solars]> bah i will just install nothing at first
<trashguy> lol
<trashguy> its more fun to learn yourself
<[Solars]> yea
<[Solars]> but makes my wife measerable
<[Solars]> woot i got a nakid system!
<stainer> trashguy - what is pdate that you mentioned mean?
<stainer> too late
<[Solars]> hell be back
<stainer> k.. thanks. I just got a server up and running too... my wife got me a 1U for our anniversary
<Deeps> stainer: as in, apt-get update; apt-get upgrade
<Deeps> as whatever version of openssh is distributed on the install cd has already been updated
<stainer> gotcha
<stainer> update... I understand now... sorry... I have a North Carolina public education
<slangasek> whereas the North Carolina private schools have apt in their curriculum? :-)
<stainer> hahaha
<stainer> I started with Slack 3.1, no apt with that. tar -zxvf, make, make install
<[Solars]> heh i started with slack 2.9!
<stainer> love ubuntu though, its the first time I could get wireless working on my laptop
<macd> http://pastie.org/284003  <-- ideas?  (package installed, binary still doesnt exist no surprise its ruby related)
<mathiaz> macd: what does dpkg -L rubygems say Ã
<mathiaz> macd: ?
<macd> it says its installed
<mathiaz> macd: which PPA are you using ?
<mathiaz> macd: like /usr/bin/gems
<mathiaz> macd: >
<mathiaz> macd: >?
<macd> wait, dpkg -L rubygems doesnt have a binary at all, lket me see it rubygems1.8 does
<mathiaz> macd: gem1.8 ?
<macd> yeah, gem1.8 @ mathiaz is the binary
<macd> but it fails epicly at doing anything
<macd> http://pastie.org/284005
<macd> mathiaz, the ruby/gems from the PPA work fine, I was trying the packaged ones in intrepid.
<mathiaz> macd: the version in intrepid is not 1.2.0+2008081901
<macd> hardy, Im sorry.
<mathiaz> macd: in intrepid it's 1.3.0~RC1really1.2.0-2ubuntu2
<mathiaz> macd: hardy is 0.9.4-4 with 1.1.1 from hardy-backports
<mathiaz> macd: where did you get 1.2.0+2008081901-0ubuntu1 from ?
<macd> apt-get update then apt-get install rubygems
<mathiaz> macd: what's your sources.list ?
<macd> mathiaz, http://pastie.org/284011
<mathiaz> macd: hm - the only place where 1.2.0+2008081901-0ubuntu1 exist is in the ubuntu-ruby-backports PPA
<macd> and I dont use that repo
<macd> well I do, but not on this machine...
<macd> this is a fresh hardy install
<mathiaz> macd: hm - I don't know then. Have you downloaded the deb from the PPA and manually installed it ?
<macd> mathiaz, nahh, this is the second boot of the vm as well, first was to uncomment sources.list and dist-upgrade, then rebooted to install ruby+gems from the repos
<macd> I can try purging them, and reinstalling
<mathiaz> macd: that would help
<macd> mathiaz, so rubygems or libgems-ruby1.8 ?
<mathiaz> macd: try both
<macd> they can't coexist
<macd> one removes the other on install
<macd> let me try a few things, and I'll stick it all in a pastie
<macd> mathiaz, bleh I had a entry in sources.list.d/ I must've put it in my base VM image, thanks for the help.
<[Solars]> so now i am getting
<[Solars]> "sudo: unable to resolve host hel"
<[Solars]> should the host be resolved to localhost
<[Solars]> blah i just nuke and start over :P
<uvirtbot> New bug: #277370 in bind9 (main) "apparmor exception missing for keytab" [Undecided,New] https://launchpad.net/bugs/277370
<espacious> as i got no response nowhere im also askin here
<espacious> what a hell happened to ndiswrapper i was using TEW424 usb adapter for wireless
<espacious> but since i upgraded/renstalled to new version my pc freezes when try to connect
<espacious> to my ruter i need to hard reboot,i fonund out 128bit WEP works ok but not WPA. somebody?
<espacious> it was workong ok on the previsious release 7.10 i think.
<nxvl> mathiaz: ping
<nxvl> mathiaz: just tried to install ebox and i can't
<nxvl> The following packages have unmet dependencies:
<nxvl>   libebox: Depends: libjs-scriptaculous but it is not installable
<nxvl>            Depends: libjs-prototype but it is not installable
<mathiaz> nxvl: which package are you trying to install ?
<nxvl> ebox
<mathiaz> nxvl: and you've enabled the ebox ppa ?
<nxvl> yup
<ScottK> mathiaz: This reminds me of my mail to ubuntu-server the other day.  If we aren't going to fix the packages, should we just remove them?
<mathiaz> ScottK: I'd rather try to get them fix instead of removing the package
<nxvl> ScottK: we are testing it
<ScottK> nxvl and mathiaz: OK.  I got the impression from the meeting minutes that we were just telling people to use the PPA.
<mathiaz> ScottK: we've been kind of pushing people to use ebox instead of webmin - so I don't think it would be a good idea to just drop ebox from intrepid.
<nxvl> mathiaz: the weirdest part is that that package is not on the ppa
<nxvl> ScottK: well, it was some testing needed to grab the packages from the ppa
<ScottK> mathiaz: I agree, but better nothing that one that's broken.
<ScottK> OK.
<nxvl> ScottK: and that's what we are doing
<nxvl> :D
<nxvl> ScottK: agreed on that
<mathiaz> ScottK: ok. The plan is to test the version in the PPA and if it works well then we'll start to do a FFexecption request.
<mathiaz> nxvl: I've tested the ppa on monday and it was working then.
<ScottK> mathiaz: Did you see the mail about mailman updates today?
<mathiaz> nxvl: do you have universe enabled ?
<mathiaz> ScottK: yes - I haven't looked at the version in debian though.
<nxvl> wait
<ScottK> I don't have time to deal with an FFe, but I at least looked at their changelog (NEWS) and test built the package and it looks reasonable for an FFe to me.
<nxvl> is a problem with my sources.list
<nxvl> :S
<ScottK> mathiaz: ^^
<nxvl> or it looks like
<mathiaz> ScottK: ok.
<mathiaz> ScottK: is it a big new release ? or more a bug fix ?
<nxvl> heh
<nxvl> found the problem
<mathiaz> ScottK: I don't remember the rationale for updating the version in the email.
<nxvl> i was testing it in my hardy chroot
<nxvl> :D
<ScottK> mathiaz: A few minor features.  Almost all bug fixes.
<ScottK> It's a sync from Debian.
<mathiaz> ScottK: oh - that makes things even simpler then.
<ScottK> I just don't have time to deal with it ...
<mathiaz> nxvl: yes - I'd suggest you to try on intrepid instead :D
<mathiaz> ScottK: I'll have a look at it.
<nxvl> mathiaz: :D
<ScottK> Great.
<nxvl> ScottK: if it's not done after i finish with the ebox FFe i will take care of it
<ScottK> It's be nice to be able to answer that mail, "Because it was released after the autosync stopped.  Thanks for pointing it out, it's in Intrepid."
<nxvl> i'm looking for some quick tasks to do after hours and/or at dead times when waiting for end process to finish
<nxvl> btw, Fedora 10 beta is more broken than Ubuntu alpha 3
<nxvl> \o/
<mathiaz> nxvl: make Ubuntu rock ! <- Task
<nxvl> mathiaz: \o/
 * nxvl waves on NCommander 
 * NCommander waves nxvl 
<ScottK> NCommander: How's glib on hppa going?
<NCommander> Oh yeah, I was working on that
<ScottK> Yeah, so your wiki page wouldn't be a lie.
<slangasek> the wiki cake is a lie
 * NCommander rofls
<NCommander> slangasek, Portal fan?
<[Solars]> erm i want to make a script for managing files .. i.e. check to see if they are done download, move *.blah files to /my/dest, and rm-rf old files after x days
<[Solars]> whats the best way to do this?
<nxvl> the cake is a lie!
<NCommander> ScottK, the source package is glibc2.0, right?
<nxvl> i'm about to give up with schroot
 * NCommander pulls out a portal gun and makes slangasek's alpha disappear
<NCommander> slangasek, do you have any experience with the Windows NT ports?
<ScottK> NCommander: That sounds right.
<NCommander> ScottK, its building, but it looks like sbuild is the issue, so I'm trying to rule that out first
<ScottK> Great.
<NCommander> I guess I should fix kde4bindings while I'm at it :-/
<slangasek> NCommander: not a fan, just helpless in the face of memes
<slangasek> NCommander: glib2.0, not glibc2.0...
<NCommander> slangasek, right, typo ;-)
<ScottK> NCommander: No point until glib is fixed.
<NCommander> slangasek, how about All Your Bases Are Belong To Us
<slangasek> and what kind of "experience" are you looking for?  I know how to upgrade the console on an alpha so that it no longer boots NT.
<NCommander> slangasek, well, I'm trying to remove Windows NT PowerPC, but its having some sorta death grip and is resisting all attempts to removing it
<slangasek> mmmno.
<slangasek> I think for that one, you need to get an old Apple designer, a young Apple designer, and some holy water
<NCommander> Meh
<NCommander> It's my luck that I get the only RS/6000 that doesn't come with AIX, but evil
<slangasek> oh, there's a distinction: "not AIX, but evil"
<NCommander> Obviously you've never been a Windows NT Server admin. Having done the former, I'll take AIX any day of the week
<slangasek> I've done both.
<NCommander> Man, HPPA is s.l.o.w.
<NCommander> ScottK, it seems the entire configure script can crash sh :-)
<ScottK> NCommander: Kewl.  Have fun.
<NCommander> You have no pity :-P
<ScottK> I was nice to a senile old man today.
<NCommander> ScottK, you were nice to slangasek ;-)
<NCommander> ^?
<uvirtbot> NCommander: Error: "?" is not a valid command.
<NCommander> .....
<ScottK> NCommander: No.
 * NCommander shrugs
<ScottK> NCommander: He's younger than I am.
<NCommander> How old are you ScottK ?
<ScottK> 45.
 * ScottK is ancient.
<NCommander> wow, you probably remember the PDP-11 and COBOL
<ScottK> They relevant old man was in his late 70's or in his 80's.
<ScottK> NCommander: Yep.  I've dropped a COBOL card deck and had to re-sort it.
<NCommander> I hope it was numbered
<ScottK> That would have helped.
<ScottK> I honestly don't recall.
<NCommander> That's pretty
<NCommander> It builds fine on Debian
<NCommander> WHY DOES UBUNTU ON HPPA HATE ME
<vk5foss> because hppa is hateful
<ScottK> Because you radiate negative waves that attract this kind of pain.
<NCommander> I think its a problem with dash
<slangasek> otherwise stated: because you're there
<NCommander> I think I'm just not smart enough to run ;-)
<nxvl> NCommander: the correct questions is "Why are you playing with such a weird arch" :D
<NCommander> nxvl, blame ScottK
<nxvl> yeah, ScottK is evil
<nxvl> :D
 * nxvl HUGS ScottK 
<NCommander> nxvl, so you like seeing me in pain?
<vk5foss> :o
<nxvl> no
<nxvl> just like hugging ScottK
 * NCommander hugs ScottK 
<nxvl> NCommander: see, it's funny
 * slangasek waves his cane menacingly at NCommander 
<NCommander> slangasek, remember, I'm an EMT. If you have a heart attack at UDS, guess who's resurrecting you ;-)
 * ScottK considers buying new glasses so he can read the new LP fonts.
<NCommander> Be nice to the people who may potentially be saving your life :-)
<ScottK> NCommander: He doesn't get heart attacks, he gives them.
<nxvl> ScottK: use 800x600 :D
<NCommander> ScottK, I'll have to use my amulet of reflection :-)
<nxvl> NCommander: are you going to UDS?
<NCommander> I wish ;.;
<nxvl> UDS's are fun
<nxvl> but don't even try to talk to slangasek, it's almost impossible
<nxvl> on Prague i asked him to check a bug and he almost bite me
<nxvl> :P
<NCommander> nxvl, don't worry, I bet you have your rabbies shot ;-)
<slangasek> ScottK: a useful reputation to have, but for all my trying I've yet to be able to stop someone's heart remotely
<nxvl> just found why gnome-art is so shitty: ruby
<nxvl> :D
 * nxvl dances
<NCommander> ew
<slangasek> nxvl: huh, seriously?  did you interrupt me in the middle of a libtool rant?
<ScottK> slangasek: Same here.  I have, however, quite literally, made a grown man cry.
<NCommander> ScottK, WTF did you do?
<nxvl> slangasek: heh, no, you came into the server track, and you look a little hurry, then i asked and you said "probably not now i'm quite busy"
<nxvl> (you were on mi side IIRC)
<nxvl> my*
<slangasek> nxvl: ah :)
<nxvl> it was in a middle of session, so it was understudable
<nxvl> :D
<nxvl> all of us were really busy
<ScottK> NCommander: It was when I was in the Navy.  I was the investigating officer (regular officers do this for minor offenses in the military) of a case where a guy was charged with stealing some stuff.
<NCommander> YOu were an officer?
<ScottK> NCommander: He claimed the other guy had left it out and he had just picked it up for safe keeping.
<ScottK> Yes.
 * NCommander has considered a military carrier at times
<ScottK> I merely pointed out that he had been caught stealing before and so wasn't very credible on the topic.
<NCommander> and he started crying?
 * NCommander guesses it was the thought of dishonorable discharge
<ScottK> Once I got through explaining you can plead guilty and it will suck or you can not plead guilty and it will really suck and he got it, then he started crying.
<ScottK> Yeah.  Other Than Honorable actually.
<ScottK> DD you only get from a courts martial.
<NCommander> A general discharge isn't quite frowned upon as a dishonorable dicharge
<nxvl> ScottK: you were in the navy?
<ScottK> General is a step up from other-than-honorable.
<ScottK> nxvl: Yes.
<nxvl> wow
<ScottK> 5 years active duty and another 4 in the reserves.
 * NCommander has thought about joining the Marine Corps
<ScottK> I have a huge amount of respect for those guys.
<nxvl> is there even a 20% of americans not in the army?
<ScottK> nxvl: The military is less than 1% of the population.
<nxvl> i mean is/was
<ScottK> Ah.
<ScottK> I'd guess less than 10% have ever served.
<ScottK> Before 1972 there was a draft, so it was higher.
<NCommander> ScottK, I haven't joined at my parents requests
<NCommander> But its pulled strongly on my mind
<ScottK> I can understand their position.
<NCommander> Either coast guard, who gets shit on, but get my respect, or the marine corps
<nxvl> i've some friend who are in the Peruvian Navy
<ScottK> NCommander: You know why you have to be at least 6 feet tall to join the Coast Guard?
<nxvl> and they all tell this stories from his first year in the Navy school
<NCommander> ScottK, seriously? Damn it. I'm an inch too short
<nxvl> of all the jokes to the "dogs" (that's how they call the newly started in the navy school)
<ScottK> NCommander: No.  It's so you can walk ashore if your ship sinks.
<ScottK> ;-)
 * NCommander falls over
<NCommander> The coast guard however has my respect
<NCommander> Until '01, they were the only group that actively did their mission of guarding the US coastlines and such.
<nxvl> there is one that they make them eat a button, which is tied to a (thread?)
<nxvl> and they they pull that out
<ScottK> Lovely.
<nxvl> and as you can imagine, all your food come after the button
<NCommander> ew
<ScottK> There is a difference between proper indoctrination/training and hazing.
<NCommander> ScottK, I joined the fire department for the chance to serve
<nxvl> ScottK: not in peru
<NCommander> It's not the military, but the experience is amazing
<ScottK> The US military is generally pretty good about being on the right side of the line on that.
<nxvl> or they come on the morning and fill your bread with salt (all the salt they can find) and make you eat that
<NCommander> ScottK, same in the FD, though to less of the same extent
 * NCommander remembers he had his boots filled with shaving cream
<ScottK> NCommander: Yeah, well the motto of the Marine Corps is that every man is a Rifleman.  The motto of the Navy is that every man is a firefighter.
<nxvl> FD?
<ScottK> Fire Department
<nxvl> oh
<NCommander> ScottK, well, after WWI, fire departments became paramilitary
<nxvl> things are way different here
<NCommander> Our department was created by some caption from WWI,
<ScottK> NCommander: I did have to go through fire fighting training.  You can't serve on a US Navy ship without it.
<NCommander> ScottK, welcome to the hot seat
<NCommander> Well, fire at sea is incredibly dangerous
<nxvl> from 80 fire stations only 20 are opened, because the other 60 doesn't have budget even to put gas on the vehicles
<NCommander> We had a ship go up in our harbor
<ScottK> It was one thing when I know it was a school and I was pretty confident I wasn't going to die.
<nxvl> and the firemans are volunteers, they doesn't get paid
<NCommander> One of the most terrorifying calls ever
<NCommander> nxvl, I'm volunteer
<nxvl> NCommander: here EVERYONE is volunteer
<nxvl> there is no paid fireman at all
<NCommander> ScottK, the people who take their job as a ship firefighter have cast iron balls
<ScottK> We practice a lot and it's not like you've got anywhere to go if it doesn't work out.
<NCommander> YEah, well, its our worst nightmare to get lost in a building
<ScottK> I can imagine.
<NCommander> Your average cruiser is freaking maze
<ScottK> If you're assigned to it you know it though.
<nxvl> and it's sad that they are volunteers, they make it for nothing and sometimes they need to use their own money to maintain the firestation
<NCommander> The only thing you have over us is that collaspe risk is much lower than ours
<ScottK> Yep.
<NCommander> You'll be dead before that metal will melt likely
<ScottK> Not necessarily.  Some of the ships have aluminium super structures.
<NCommander> You'll still be dead, cause the moment you go through the deck plating, you'll get roasted alive
<ScottK> Yeah.
<nxvl> NCommander: so, you are a full time fireman?
<NCommander> Nope, volunteer
<ScottK> I heard a lecture by the Damage Control Assistant on the USS Stark when it got hit.  It got so hot when fighting the fires that his nylon underwear melted to his body.
<NCommander> I get my nuts roasted for no compensation
<nxvl> that means you whenever you want?
<NCommander> OW
<NCommander> fuck.
<ScottK> Yeah.
<ScottK> He didn't make much of it.
<NCommander> Yeah, well, I've seen the remains of our gear when it fails
<NCommander> Damn, guy is lucky to have anything ... still working if you catch my drift
<ScottK> There was another guty that stood IN the missile magazine for 18 hours straight cooling a bulkhead so the missiles wouldn't get hot enough to cook off.
<ScottK> Yep.
<NCommander> Gun powder is amazingly stable stuff
<NCommander> Its got to get REALLY hot being bullet starts flying
<ScottK> Right, but these have solid fuel rocket motors.
<NCommander> The one that always irks me is the exploding extinguishers
<ScottK> They have the fuel and the ozixidizer all in one.
<NCommander> Little known fact
<NCommander> Fire extinguishers explode in fire
<ScottK> Makes sense.
<[Solars]> you mean co2 expands when it gets heated!?
<NCommander> (well, CO2 ones have a release value, so they don't, but foam ones will go with the force of a few sticks of TNT at least, and water ones become ballistic missiles)
<NCommander> [Solars], actually, CO2 extinguishers have a safety release
<NCommander> So they *shouldn't* explode
<NCommander> The ones that really explode are foam ones
<NCommander> The other fun home cannister: the little old man with O2 and cigarettes
<NCommander> Bad combination
<[Solars]> NCommander i was being sarcastic :)
 * [Solars] is also a vff
<NCommander> \o/!
<NCommander> [Solars], O2 bottles scare me shitless
<NCommander> I was a volunteer dummy for the EMT-B examination
<NCommander> Someone in the other room dropped the bottle
<NCommander> The regulator snapped right off
 * ScottK used to SCUBA dive, so I know what happened next.
<NCommander> The bottle hits the ground, goes flying, and goes through two walls
<nxvl> i used to dive :D
<NCommander> THe regular shot through the ceiling, took out a comptuer and a desk and embedded itself in the second floor ceiling (we think, we never found it ....)
<NCommander> I personally think the regulator shot through the roof, but we couldn't find an exit hole so ....
<ScottK> In the Navy we didn't use compressed O2 for breathing, we had chemically generated Oxygen.
<NCommander> Sounds slightly safer
<ScottK> That's the theory.
<NCommander> ScottK, we have O2 for patients, us fire junkies use regular air. Still danger, but less likely to explode
<NCommander> *dangerous
<ScottK> RIght.
<ScottK> http://www.tpub.com/content/advancement/14325/css/14325_346.htm
<NCommander> Oh, so you strap the bomb to your front ;-)
<ScottK> Yeah.  Basically.
<ScottK> But better than scattering a bunch of compressed air bottles throughout the ship.
<NCommander> Yeah
<ScottK> They don't blow up though, then just get a 'little warm'.
<NCommander> We use composites
<NCommander> So in theory if it fails, you shouldn't have shrapnel
 * NCommander knocks on wood
<ScottK> Or at least softer shrapnel.
<NCommander> Given what we do to some of our packs, I'm suprised we haven't had a few rockets flying
<nxvl> ugh i forgot how hard was to start in a new project
<NCommander> ScottK, anyone who can be a naval firefighter has my respect, the marines say the firefighters don't know danger, but yah know, I think being shot is better then dying rather crispy
<NCommander> ScottK, at least you didn't have to deal with pets
<ScottK> True.
<NCommander> Our last house fire was a farm ... with 15 or so cats, a bunch of ducks, two cows, and I think a turtle
<NCommander> THAT was fun.
<NCommander> Those cats were absolutely phycho, one of them tried to claw my boss into minic meat
<ScottK> Well that's all very unpleasant, but you don't have the prospect of a 500 mile swim if you don't beat the fire.  It can be very motivating.
<NCommander> I've always been suprised at the lack of hallogen fire supression systems
<NCommander> I would think it would be eaiser to seal the bulkheads of an advacing fire, and then beat the fire by removing the O2
<ScottK> They do have it in the main engineering spaces.
<NCommander> hallogen is awesome
<NCommander> Scary
<NCommander> But awesome
<ScottK> Yeah.
<NCommander> Ever get to see a hallogen system deploy?
<ScottK> Nope.
<ScottK> Ship I was on never had a serious fire.
<ScottK> We did have a major fuel oil leak once that was kind of exciting, but it didn't go up.
<NCommander> I've used a hallogen extinisher
<NCommander> (aka, the oh shit extingisher)
<NCommander> You get a lingering cloud of death when you use it
<ScottK> Another advantage shipboard is a lot of firefighting stuff is installed.
<NCommander> But do they work ;-)
<ScottK> We had a dual firemain system that would deliver water or AFFF most anywhere on the ship.
 * NCommander can remember plenty of times when the supression system fails
<ScottK> Yes.
<NCommander> The worst case that I'm aware of is 1 Merdian Plazza
<NCommander> In PA
<ScottK> I'm thinking more of hoses and water/afff and such.
<NCommander> ScottK, your probably old enough to remember that fire, it was one of the largest co-flaguations and LOF calls before 9/11
<ScottK> No.
<ScottK> I remember when the Philly police burned down an entire block of Philadelphia.
<NCommander> It was in the 70s. A massive 8 floor fire on the 12-20th floors
<NCommander> 300 firefighters, and three days to simply get it under control
<ScottK> Wow.
<NCommander> Three things happened
<NCommander> Fire doors failed
<NCommander> SUpression system failed
<NCommander> Code violations caused fire spread to shoot like crazy
<ScottK> In the Navy there were a couple of severe fires on aircraft carriers in the late 1960's that really woke people up.  Then a couple more in the 1980s (including the Stark I mentioned earlier).
<ScottK> By the time I was in, the firefighting situation was pretty good.
<ScottK> Equipment worked, people got trained, and it was serious business.
<NCommander> Yeah
<NCommander> Still, things can go wrong
<NCommander> During my recruit class, there were two serious injuries
<NCommander> and I personally experienced a backdraft
<NCommander> It blew up right in my face
<NCommander> [Solars], ever see a backdraft?
<ScottK> NCommander: One of them was this one: http://www.youtube.com/watch?v=chuiyXQKw3I - some what on topic for today is the John McCain was on one of the planes in the fire.
<[Solars]> yea
<[Solars]> backdrafts are poerful
<ScottK> The guy you see charging towards the flames with a fire extinguisher around 35 - 45 seconds got the damage control school in Norfolk, VA named after him (posthumously).
<NCommander> Damn
<NCommander> Er
<NCommander> I really hope they aren't using water
<NCommander> Holy fucking crap
<nxvl> well, have a good night!
<nxvl> read you tomorrow!
<NCommander> cya nxvl
<ScottK> NCommander: http://en.wikipedia.org/wiki/Forrest_Fire seems reasonably accurate.
<NCommander> ScottK, christ, I just got more respect for McCain that he survived this
<NCommander> Things like this change a man
<ScottK> He was in the plane that got hit with errant ordnance.
<ScottK> So he wasn't just in it, he was at ground zero.
<NCommander> Damn
<NCommander> He just confirmed my vote
<NCommander> Ugh, water hoses -_-;
<NCommander> Bad combination
<ScottK> Yeah.  I've seen the full Navy training video.
<ScottK> They had people with water hoses washing foam away because they didn't know any better.
<NCommander> YOu don't use water to fight fuel fires :-/
<ScottK> As I said, that was a low water mark in Navy damage control that really got people's attention.
<NCommander> yeah
<NCommander> no kidding
<NCommander> The worst I ever experienced was an avoidable backdraft
<henkjan> wow, finally an offtopic talk in #ubuntu-server :)
<ScottK> It's not like we're drowning out real work.
<NCommander> heh
<NCommander> Well, to get my story, you need to know a little context
<NCommander> Our district is great at two fires
<NCommander> Not ventilating, and not putting up ground ladders
<NCommander> (it just never happens, its almost a running gag in our district)
<NCommander> s/two fires/two things/g
<NCommander> So, good two story fire in what can be best described as concrete eggcartons
<NCommander> We put in a ventaliation request, which has, up until that point had gone unheaded
<NCommander> I was on search and rescue, and the fire went out without me observing it, so I entered a room while my parnther stayed at the door while I sweeped
<NCommander> Little did I know that the room was hot (I couldn't tell, without ventilation, you simply are just melting away in your gear), and the only reason the fire went out is because it starved itself of oxygen
<NCommander> I think you can see where this story is heading
<ScottK> Yep.
<ScottK> Reminds me of an interesting point from the USS STARK fire.  They tried to cut holes in the aluminium superstructure for ventilation so the heat could escape and their cutting torches weren't hot enough.
<NCommander> OUch
<NCommander> Now, we're trained when we vent, we call command to make sure it ok to do it
<NCommander> To prevent said backdraft
<ScottK> But not then.
<NCommander> As I said before, we don't normally vent due to general incompentence
<NCommander> (its really no ones fault, but its something our training officer been working on)
<NCommander> At that very moment, the guy on the roof finally pops a hole in it
<ScottK> Of course.
<NCommander> you feel air moving
<NCommander> and FHOOMP
<NCommander> Boom
<ScottK> Right.
<NCommander> I had just cleared the room when the fire relight
<NCommander> a second earlier, and we probably won't be having this conversation
<NCommander> Normally I complain about the lack of venting, but in this case, I think I would have perfered to melt then being blown up :-)
<ScottK> ;-)
<NCommander> THat's the closest brush with death I personally had
<NCommander> (I didn't quite realize how close I came to being dead, or else would have pissed myself right then and there)
<ScottK> I think that's generally how it works.
<NCommander> yeah
<NCommander> So the rule of thumb is
<NCommander> Be careful what you wish for
<NCommander> You might just get it
<NCommander> So hppa hates me
<ScottK> Well that's a given.
<NCommander> Its getting stuck trying to use pthread() ;.;
<NCommander> You navy guys are alright in my book ;-). I didn't know you got FF training
<ScottK> You can't be permanently assigned to a ship without it.
<ScottK> I remember our ship doing well in a mass conflaguration drill by emptying our combat information center of almost everyone and sending them to fight fires.
<NCommander> WHen I think about it
<NCommander> It makes sense
<ScottK> This one talks about McCain on the Forrestal: http://www.youtube.com/watch?v=rxGV-eRUC_0&feature=related
<ScottK> As I'm looking, I particularly like the blog posts that attempt to blame McCain for the fire when it actually his plane that got hit by ordnance fired from another plane.
<[Solars]> just to keep the theme of the currect naming system of ubuntu where would be a good spot to put a samba directory called "media"
<kgoetz> on the server or client?
<[Solars]> server
<[Solars]> file server none-the-less
<kgoetz> /srv/
<kgoetz> i'd say
<[Solars]> erm kk now to setup samba :P
<kgoetz> you didnt ask that :P
<[Solars]> heh atleast i do have samba installed
<[Solars]> i vaguely remember how to do it
<kgoetz> i'll leave you to your pain - probably my pain this weekend, but yours for now
<[Solars]> heh if i scroll up enough i'll find it :P
<kgoetz> hehe
<[Solars]> don't think it was this channel
 * [Solars] checks another
<[Solars]> edit /etc/samba/smb.conf
<[Solars]> set the workgroup to whatever you have
<[Solars]> [14:32:07] <aTc> [share]
<[Solars]> [14:32:09] <aTc> path = /mnt/share
<[Solars]> [14:32:11] <aTc> available = yes
<[Solars]> [14:32:13] <aTc> browsable = yes
<[Solars]> erm errr
<[Solars]> [14:32:15] <aTc> public = yes
<[Solars]> [14:32:17] <aTc> writable = yes
<[Solars]> [14:32:23] <aTc> where /mnt share is whatever dir you chose
<[Solars]> [14:32:50] <aTc> then save it, and restart samba (/etc/init.d/samba/restart)
<[Solars]> but thats how you do it kgoetz :)
<kgoetz> [Solars]: :)
<kgoetz> its logged now :)
<espacious> which ndiswrapper was in 7.10
 * ScottK decides it's time for bed.  Goodnight all.
<kgoetz> espacious: look at packages.u.c
<kgoetz> ScottK: night
<espacious> kgoetz where i fount this?
<espacious> find*
<[Solars]> blah i hate winblows and not seeing my new smb drive
<Adri2000> has anyone here already set up a jabber server? which one do you recommend?
<kgoetz> !puc
<ubottu> Sorry, I don't know anything about puc
<kgoetz> bah
<kgoetz> espacious: packages.ubuntu.com
<espacious> thanks
<kgoetz> 16:23 < Adri2000> has anyone here already set up a jabber server? which one do you recommend?
<pschulz01> Someone say jabber server?
<kgoetz> pschulz01: ^^
<pschulz01> Do you think he might like some instructions?
<Adri2000> hi pschulz01 :)
<pschulz01> .. like the one's we;ve just written for ejabberd?
<kgoetz> pschulz01: perhaps he would
<kgoetz> nah, i think he wants them re-written first :P
<pschulz01> Adri2000: Let me just retype them..
<kgoetz> *hears keystrokes*
<didrocks> jdstrand: FYI, I merged with the last revision of your trunk :)
<chmac> Is there any way to make a symoblic link appear like a hard link?
<chmac> I'm having problems because PHP's __FILE__ constant resolves the symbolic link, so you get the actual file path, not the link path.
<chmac> I'm wondering if there's something I can do to fool PHP into thinking the file is a real file, when it's actually a symbolic link
<chmac> I'd prefer a symbolic link so I can easy swap the destination file without changing the links
<[Solars]> man so many different ways to have conky show infomation
<uvirtbot> New bug: #277447 in openvpn (universe) "script failed: could not execute external program " [Undecided,New] https://launchpad.net/bugs/277447
<uvirtbot> New bug: #277492 in likewise-open (main) "lwinet crashes when joining a windows domain with likewise" [Medium,New] https://launchpad.net/bugs/277492
<_ruben> Adri2000: we're using openfire as jabber server .. mainly because back then it was one of the very few with active directory integration
<wo0f> hi guys
<wo0f> how would i set up and terminal server
<wo0f> so i can login to a remote desktop where ever i am
<wo0f> is that edubuntu meta package any use to me?
<wo0f> i mean remote x btw $ not just ssh lol
<wo0f> i need x to start up a session each time i connect
<wo0f> (ie not just reconnect an existing session)
<_ruben> (Free)NX can be used for that
<wo0f> do i have to install nx on the server?
<lipsin> join #ubuntu-my
<_ruben> wo0f: that'd be the idea yeah
<wo0f> _ruben: cheers man
<wo0f> is it in the standard repo?
<_ruben> wo0f: yup .. nxserver package
<wo0f> _ruben: thanksman
<wo0f> thanks man*
<wo0f> _ruben: hmm, sudo apt-get install nxserver?
<_ruben> wo0f: that worked for me
<NikOwOw> for some reason my server installation can't fetch the settings from the DHCP server, what could be the problem?
<_ruben> firewall/routing and anything else network connectivity related comes to mind
<NikOwOw> at install time auto configuration of networking doesn't work :/
<wo0f> _ruben: hmm i get:
<[Solars]> trashguy hows things going
<trashguy> good
<trashguy> bit hungover
<trashguy> but good
<lukehasnoname> how long will the server survey go until it's done? And will the results be made public?
<trashguy> ?
<lukehasnoname> survey.ubuntu.com
<[Solars]> trashguywell i almost got my server 100% setup :)
<trashguy> nice man
<trashguy> serve the files
<[Solars]> its kinda a jack of all trades server
<[Solars]> internal http, file serving via samba, thinking of having it do dhcp,
<trashguy> yea
<trashguy> i have a services server
<trashguy> then i have a central file server
<trashguy> use for my MythTV boxes
<[Solars]> heh i tried compiling mythtv for winblows
<[Solars]> that didn't work
<[Solars]> i want to box for my tv to stream to
<trashguy> i have a mster box
<trashguy> then slaves
<trashguy> on my 2 tvs
<[Solars]> but upnp devices are expensive
<[Solars]> sent ya a /msg
<trashguy> THIS SURVEY IS SOOOO LONG
 * NCommander swears
<NCommander> [Solars], we need an ubuntu-firefighter group ;-)
<[Solars]> heh
<makkro> Hey! Have tried to run a 64bit Debian etch with 6Gb RAM on Intel box but have experienced laggyness ,etc, in system. Now going to try Ubuntu server 64bit and Xen, anything I should think of or do?
<[Solars]> bah
<[Solars]> i hate my router
<[Solars]> can't figure out how to make it do port fowarding
<trashguy> run
<trashguy> 32 bit
<trashguy> 64bit is more grief then its worth
<makkro> and the 2Gb above 4?
<trashguy> the serverkernel has pae anyways
<trashguy> it will see it
<makkro> the kernel slows system down
<trashguy> i run my dekstop with the server kernel
<trashguy> ?
<[Solars]> i run 64bit without any grief
<trashguy> the kernel slows system down?
<makkro> on debian etch,, it got very slow
<trashguy> [Solars], a lto of applications dont liek 64bit and flash is screwed with firefox on 64
<trashguy> makkro, youprobably did something
<trashguy> things dont magically slow
<makkro> I'm running a server,, game, mysql, web, mail
<[Solars]> trashguy erm true i did notice that but i try not to do much flash browsing on that server
<makkro> and no GUI
<trashguy> [Solars], true, 64bit is just grief unles syou really need it
<trashguy> and mostly
<trashguy> peopel dont need 64bit
<[Solaris]> erm
<makkro> i need a server that can access all RAM and do it as fast as 32bit.. No 1 have experienced any slowness?
<[Solaris]> this isn't getting fun
<trashguy> makkro,
<trashguy> unles syou have stupid hardware
<trashguy> you arent going to notice speed diff on 32 or 64
<trashguy> ubuntu server
<trashguy> has pae
<trashguy> whcih will detect all your ram while being 32bit
<[Solaris]> trashguy can you check that address i gave you
<[Solaris]> want to see if the external address works
<trashguy> you never gave me one
<trashguy> ^^
<uvirtbot> trashguy: Error: "^" is not a valid command.
<[Solaris]> heh /dns [Solaris]
<trashguy> ^hai
<uvirtbot> trashguy: Error: "hai" is not a valid command.
<makkro> hmm,, I'm a newbie at this,, how? :)
<[Solaris]> makkro just install the 32bit server
<makkro> and then?
<[Solaris]> do what ever you want
<trashguy> [Solaris], its valid
<trashguy> i get the IT Works
<trashguy> page
<[Solaris]> yay!
<trashguy> makkro,
<trashguy> then you have a server
<[Solaris]> so why can't i view my 'http' via the external address and I have to use hostname/<page>
<[Mitos]> hey all, someone around who knows his 4 bits of samba as pdc? running an ebox-server (which, if I understand right, is derived from ubuntu-server) but can logon the domain after joining it with an xp/vista machine
<[Mitos]> can't*
<makkro> <trashguy>hmm  getting to know this xchat thingy,, sorry for not responding ;)
<trashguy> :)
<trashguy> xchat is pure win
<makkro> aahh, thats why :D
<[Mitos]> basically i get an error message sayin (and i have to translate form german) that a connected device is not ready..
<makkro> I'll give it a final try and if it wont work I'll go back to 32bit with a PAE kernel
<trashguy> ubuntu server
<trashguy> regualr
<trashguy> 32bit
<trashguy> has what you need
<[Mitos]> trashguy: you mean me?
<trashguy> [Mitos], was talkin to makkro
<[Mitos]> ah, k sorry :)
<makkro> <trashguy> and what about the 6Gb ram,, have bad exp of 32bit and 6Gb ram with xen kernel?
<trashguy> makkro, should be fine
<trashguy> i have 8gb
<makkro> <trashguy>OK,, then I'll go for it,, you run xen aswell?
<trashguy> i have played it
<trashguy> with it even
<trashguy> was consdering it am option
<trashguy> but went with vmware
<[Solaris]> whats a good windows sshd client
<makkro> <trashguy>ok, it has an web interface tho,, nice.
<trashguy> SSHD?
<[Mitos]> [Solaris] putty just google for it, it's free and also gives you options to generate ssh-keys etc
<trashguy> never ran ssh on a windows machine
<trashguy> well a server that is
<trashguy> i use putty
<trashguy> for a client
<makkro> putty is great
<[Solaris]> kk
<[Mitos]> ssh/windows - hmm how contradictive :P
<makkro> hehe
<[Solaris]> ubuntu-server vbox'ing vista64
<[Solaris]> thats contradictive :P
<trashguy> i vbox vista
<trashguy> for windows stuff i need
<[Solaris]> i can't vbox for more then 30 days... lost my install key heh
 * [Mitos] runs 2 servers on a vista ultimate machine backed by vmware fedora 9 and ebox ;)
<[Mitos]> if it weren't for all the games, i would run it other way round, linux host and 1 win guest or so :P)
<trashguy> vbox is free
<[Solaris]> vista isn't
<trashguy> i run all my game sin ubuntu
<[Mitos]> aye, and doesn't eat up as much resources
<trashguy> including call of duty 4
<[Solaris]> w/o a correct key i can't run it more then 30 days
<trashguy> ohhh yea ^^
<trashguy> just make a snap shot
<trashguy> lol
<[Mitos]> you ever tried running assassins creed or bioshock on ubuntu? :P
<[Solaris]> lol
<trashguy> and when  it runs out load the snap shot
<trashguy> bio shock
<trashguy> not assisn creed
<[Mitos]> and btw, isn't vmware server for free anyways?
<trashguy> i compiled wine myself with the 3dmark patch
<trashguy> yes
<[Mitos]> just needs valid regsitration with (any!) email-adress
<[Mitos]> hmm, bugger that i can't compile software properly, my machine get's to hot :(
<trashguy> if you can run bioshock
<trashguy> im sure you cna compile
<trashguy> ^^
<uvirtbot> trashguy: Error: "^" is not a valid command.
<[Mitos]> freakin amd- dual-core and can't run it properly :O just havin it run when it's idle shoots cpu-temp up to 63 degrees
<[Mitos]> aye i can run bioshock in 800x600 windowed :P
<makkro> I've got that too
<[Mitos]> i go any higher than that in resolution (and higher than medium details) machine hits 85 + degrees in 10 minutes and powers off :P
<trashguy> laptop?
<makkro> "installing ubuntu"---back soon
<[Solaris]> in the php install where do you adjust how much memory it uses?
<[Solaris]> if that makes any sense
<[Mitos]> nope full fledged desktop system
<[Mitos]> in php.ini look for line "memory_limit = 64M"
<[Mitos]> or something like that
<[Mitos]> also lines like "post_max_size = xxM" should be checked
 * [Solaris] killed the channel
 * [Mitos] killed [Solaris]
<[Mitos]> irc-frag'em?
<makkro> haha
<[Solaris]> heh
<[Solaris]> kk lemme find php.ini
<[Mitos]> try /etc/php.ini ;)
<makkro> :)
 * [Mitos] found the BFG9000
<[Mitos]> *zap* you;re all dead (i think) :P
<makkro> as a zombie I'm post alive
<[Mitos]> fair enough :)
<makkro> :)
<[Solaris]> someone doesnt like me
<[Solaris]> http://pastebin.com/m6c8b80a2
<[Mitos]> woah, sheesh! :D
<[Solaris]> and i am still getting flooded
<[Mitos]> lord almighty, they never give up do they? one would think that after the first couple of failed attempts people stop wasting resources :P
<[Solaris]> well they have bounced me like 5 times in the past hour
<[Solaris]> nothing i can see touching my server
<nxvl> kirkland: btw, i've been using Private encr dir, and it's working awesome
<nxvl> kirkland: i had some trouble (but it was my fault) that make me loose all my firefox data
<nxvl> but other than that is working fine
<nxvl> i'm just moving some more stuff into it
<kirkland> nxvl: :-)
<kirkland> nxvl: send a MeMe to planet.ubuntu :-)
<RoAkSoAx> kirkland, i sent you an email about translating manpages.ubuntu.com to spanish
<kirkland> RoAkSoAx: hey, awesome
<nxvl> kirkland: as in what do i have in my Private directory meme?
<kirkland> RoAkSoAx: I'll try to get a framework setup
<kirkland> nxvl: yeah...  unless you don't want to
<RoAkSoAx> kirkland, ok just let me know whenever you need my help
<kirkland> nxvl: i just thought that might help exposure, see if other people need it
<nxvl> i've no problems with that, it's encrypted
<nxvl> :D
<kirkland> nxvl: s/need/use/ it
<kirkland> nxvl: :-D
<kirkland> RoAkSoAx: Cool, will do
<kirkland> RoAkSoAx: i'll try to get a multi-lang setup for that page working this weekend
<nxvl> and i've no porn on it, so there is no problem :D
<kirkland> nxvl: yeah right
<kirkland> :-D
<RoAkSoAx> kirkland, ok cool
<nxvl> i don't need it encrypted
<nxvl> :D
<uvirtbot> New bug: #277704 in openssh (main) "ssh fails with xmalloc: zero size" [Undecided,New] https://launchpad.net/bugs/277704
<[Solaris]> putty do xtunneling?
<[Solaris]> i guess that answer is no :P
<[Mitos]> damn mobile broadband :(
<kirkland> mathiaz: hey
<kirkland> mathiaz: can you push through those two uploads, to update-motd and landscape-client that you agreed to sponsor during beta freeze?
<zul> kirkland: is the archive open again?
<kirkland> zul: hmm, oh, maybe not?
<kirkland> zul: i assumed it was since iso was out of the door
<zul> check the /topic on #ubuntu-devel
<zul> or ask on #-devel
<nxvl> kirkland: http://nvalcarcel.aureal.com.pe/?p=258
<kirkland> nxvl: \o/
<[Solaris]> to run a bash script... you put your script in a file, lets say RunThis ... then you type 'bash RunThis' to run the script right?
<RoAkSoAx> [Solaris], sh RunThis
<brousch> [Solaris], normally you would chmod +x the script file and do ./RunThis
<[Solaris]> erm
<RoAkSoAx> [Solaris], you actually could do it both ways, sh RunThis or ./RunThis
<[Solaris]> erm
<[Solaris]> kk
<[Solaris]> so what would "CTDM: 101: Bad substitution
<[Solaris]> mean
<[Solaris]> i know CTDM is the file
<[Solaris]> is 101 the line number?
<nxvl> mathiaz: i've some issues with ebox
<nxvl> mathiaz: actually with openssh
<RoAkSoAx> [Solaris], yes, 101 is the line number
<nxvl> RoAkSoAx: with sh you will run it with dash, and if it has bashism it will fail
<RoAkSoAx> nxvl, yes indeed :P
<[Solaris]> RoAkSoAx heh this driving me crazy thats the last line "done"
<[Solaris]> is there a way to make it be verbose on whats it doing up to the point it gets there?
<nxvl> sh +x
<RoAkSoAx> [Solaris], try sh -x RunThis or sh +x RunThis
<RoAkSoAx> and see which one suits for you :P
<[Solaris]> heh
<mathiaz> kirkland: you can check if the archive is open via this link: https://launchpad.net/ubuntu/intrepid/
<mathiaz> kirkland: the status is "Active development"
 * [Solaris] throws up his fist in anger
<[Solaris]> don't know enough about scripting to even know where to start
<kirkland> mathiaz: thanks!
<zul> kirkland: not another meme
<kirkland> zul: muhaha!
<zul> noooooo...
<mathiaz> sommer: now that we're in DocumentationStringFreeze, if there is a change in a man page what should be done ?
<mathiaz> sommer: ask for a StringFreeze Exception ?
<mathiaz> sommer: do you know if man pages are translated ?
<sommer> mathiaz: good question, are man pages covered under the doc team?
<sommer> mathiaz: I guess my understanding of the SF was for the Ubuntu Official docs, but I could be way wrong about that
<sommer> mathiaz: I'd think that since the man pages are part of the package a standard FFE should work
<sommer> mathiaz: probably wouldn't hurt to ask on the doc ml though
 * sommer isn't much help :(
<mathiaz> sommer: that's also what I thought - that SF is for the Ubuntu Official docs.
<mathiaz> sommer: and I don't think that the update-motd man page is translated.
<[MitosKalandiel]> can one also get support here for the ebox-platform due to missing response in #ebox?
<ScottK> Possibly, but the odds of us knowing stuff they don't is low.
<[MitosKalandiel]> well i'll just give it a try then, following situation, one ebox server configure to be a pdc (but not to offer roaming profiles) all users are set up, firewall is open (actually turned off) and one windows xp client could join the domain but when i try to logon i get something like "A connected service couldn't be reached" (had to translate that from german, so it might be wrong, never seen that message b4 anyways with
<[MitosKalandiel]> servers). any idea what is going wrong?
<[MitosKalandiel]> obviously auth is working somehow, otherwise i wouldn't be able to join the domain, i can also see it in ldap, but i can just not auth against the ebox server
<[MitosKalandiel]> have installed ebox naked from their iso
<[MitosKalandiel]> and i'm just about out of ideas of what to checkl, i have lowered (poledit.msc) the needed algorythm for crypting password over the network but to no avail
<[MitosKalandiel]> and the xp machine itself is freshly installed and updated to sp3 with latest updates
<sommer> [MitosKalandiel]: do the ldap users have samba attributes?
<[MitosKalandiel]> quite a couple of them : http://joker-solutions.pastebin.com/d6e64160e
<trashguy> so
<trashguy> why do people have
<trashguy> [ ] around there names
<trashguy> is that the default
<[MitosKalandiel]> nope is just summit i do, no specific reason :)
<sommer> [MitosKalandiel]: hrmm, should work then I'd think... you might double check that smb and nmb services are indeed running
<MitosKalandiel> that better ;)
<MitosKalandiel> k, sec just checkin
<MitosKalandiel> i see both services started and listening
<MitosKalandiel> is there anytyhing on xp side i might have overseen? i know that some samba versions offer a .reg patch for xp. or maybe some firewall issue?
<sommer> MitosKalandiel: I'd try watching the /var/log/samba/log.hostname when trying to login, it may tell you more
<mathiaz> kirkland: is this the correct diff for update-motd http://paste.ubuntu.com/53530/ ?
<mathiaz> kirkland: I've built it from trunk.
<MitosKalandiel> found something here : http://joker-solutions.pastebin.com/d304d509f
<Olwe> Would questions pertaining to installing the desktop packages on a server be appropriate here?
<sommer> MitosKalandiel: are you using a user in both LDAP and /etc/passwd?  if so the uid and gid may need to match
<kirkland> mathiaz: let me check
<MitosKalandiel> sommer: yeah one user, hmm lemme check with a user that's just existent in LDAP
<MitosKalandiel> same exact response in /var/log/samba/hostname.log
<kirkland> mathiaz: that is the correct debdiff
<mathiaz> kirkland: great - thanks
<MitosKalandiel> sommer: so i would need to change at my group sid's? or what is it i need to do?
<MitosKalandiel> -at
<sommer> MitosKalandiel: not 100% sure, was the XP machine part of a previous domain?
<MitosKalandiel> nope was freshly installed for this test
<MitosKalandiel> (both machines, ebox and xp are running on virtualbox)
<sommer> MitosKalandiel: ya seems like it may be an issue with the way ebox configures samba, but I'm not sure.
<sommer> MitosKalandiel: here's a thread with what looks like a similar problem: http://lists.samba.org/archive/samba/2005-April/103843.html
<MitosKalandiel> sommer: ok thanks very much for your time and effort, this brings me somewhere :)
<sommer> np
<Olwe> not really a total server question, but i installed the ubuntu-desktop packages on my server, and restarted... problem is, i dont get any graphics, just a black screen
<trashguy> is your monitor turned on?
<Olwe> lol you know, i actually checked that first...
<[Solaris]> heh
<Olwe> like, the loading bar comes up, but after that, nothing
<Olwe> unless i Ctrl-Alt-F1, of course
<Olwe> i get to a prompt then, no problem
<[Solaris]> erm you have the right 'driver' for your vid card?
<Olwe> i believe so..
<trashguy> try
<trashguy> F7
<trashguy> ctrl + alt + f7
<trashguy> wait
<trashguy> yea
<trashguy> F7
<Olwe> alrighty
<Olwe> just waiting for the computer to boot
<[Solaris]> bah stupid stuck shift key
<Olwe> k, so F7, or ctrl-alt-f7?
<[Solaris]> ctrl-alt-f7 i believe he said
<Olwe> nothing, either way
<trashguy> GDM is nuked
<trashguy> maybe
<Olwe> all i did was run "sudo apt-get install ubuntu-desktop"
<Olwe> then reboot
<[Solaris]> apt-get update && apt-get upgrade
<[Solaris]> then try again
<[Solaris]> see if there was anything missing/old
<Olwe> k, i'll try that again
<trashguy> do a
<trashguy> ps -aux | grep Xorg
<Olwe> bad syntax?
<trashguy> fuck
<trashguy> wrong os
<trashguy> sorry
<Olwe> lol its aight
<trashguy> ps -e | grep Xorg
<Olwe> returns nothing?
<trashguy> type startx
<Olwe> fatal error, already running
<trashguy> interesting
<trashguy> did u use a cpaital x in the grep
<trashguy> its case sensitve
<trashguy> i never installed desktop on server before
<[Solaris]> all i did was
<[Solaris]> apt-get install ubuntu-desktop
<[Solaris]> and it configured and everything for me
<[Solaris]> installed a ton of packages thought
<trashguy> probably has some sort of driver issue
<trashguy> X can be a pain in the ass
<[Solaris]> thats why i ask if he had the right video card driver :P
<trashguy> i stuggled for years in freebsd to get it right
<[Solaris]> if he is using 8.10 there is an ATI problem
<[Solaris]> heh fbsd + X sucked
<trashguy> i have an 8-current
<trashguy> with x running its amusing
<[Solaris]> i thought about trying FBSD again but was convinced to go with Ubuntu this time
<[Solaris]> so far so good
<trashguy> it has its own percs and pitfalls
<[Solaris]> atleast it wasn't like slack in the diskette days
<[Solaris]> i had over 30 disks to install slack
<[Solaris]> now i don't even have a fdd
<Olwe> sorry, ran away for a sec...
<trashguy> i installed slac on my old laptop via a slip connection over a null modem cable
<trashguy> lulz
<[Solaris]> heh
<Olwe> 5023 tty7   00:00:02 Xorg
<trashguy> its running
<Olwe> yep
<trashguy> try
<trashguy>  sudo dpkg-reconfigure -phigh xserver-xorg
<Olwe> tried already, but cant remember the output... so me tries again!
<[Solaris]> also could check the logs to see if there was any error
<trashguy> well
<trashguy> its running
<[Solaris]> doesn't mean it didn't spit out a warning or error :p
<trashguy> i forgot where ubuntu keeps xorg.conf
<[Solaris]> 'locate' is yourfriend
<[Solaris]> here /etc/X11/xorg.conf
<trashguy> not the right one
<Olwe> warning that its over-writing the possibly customized config..
<trashguy> do it anyways
<Olwe> then error stating that it can't find a battery
<ScottK> Olwe: This is a server?
<Olwe> yeah
<Olwe> 8.04 ubuntu server
<ScottK> lamont: Any chance you could put your hppa porter's hat on long enough to make glib2.0 build on hppa?  Currently lots of stuff (for example pretty much all of KDE) is uninstallable/unbuildable.
<trashguy> hppa?
<ScottK> Olwe: OK, X issues are really not on topic since we don't ship X with Ubuntu Server, you might try #ubuntu.
<ScottK> HP PA-RISC architecture.
<trashguy> just checking
<lukehasnoname> get w/ the program trashguy
<trashguy> sorry
<trashguy> i only use SParc and Intel
<trashguy> i r not l33t
<Olwe> i do understand that, no responses over at #ubuntu though... just thouht id ask
<trashguy> lukehasnoname,
<trashguy> uubuntu n00b
<trashguy> where can you reset the video drive for xorg
<[Solaris]> Olwe try #xorg
<trashguy> i know what he should try
<trashguy> just linux distros but things in wierd places
<lamont> ScottK: meh
<trashguy> lol
<lamont> I'll look at it this weekend, maybe even after EOD today
<lamont> esp if  you poke me > 45 min from now.
<ScottK> lamont: Thanks.
<ScottK> OK.
<Olwe> i'll try #xorg, thanks
<trashguy> Olwe you just need to se your driver to vesa
<trashguy> get basica functionality going
<trashguy> /etc/X11/xorg.conf is worthless
<[Solaris]> heh yea
<Olwe> its odd that a few weeks ago, i did an install that worked fine, without any config...
<Olwe> unless.... maybe i had a different graphics card in there...
<trashguy> i get drunk and swap graphics cards
<trashguy> hobby of mine
<Olwe> thats umm.. just a lil... odd... but alright.. i wont judge..
<trashguy> ;)
<[Solaris]> everyone needs a hobby
<trashguy> yes
<Olwe> wow... those folks at #xorg really dont like to be helpful...
<trashguy> some people are elitists it usually provides me with a daily lol
<trashguy> #opensoalris is a good one
<Olwe> anything else you suggest i try?
<ScottK-palm> lamont: This is your glib2.0 on hppa ping.
<lamont> meh
<lamont> glib muppets for the win
<ScottK-palm> Good luck with that.
#ubuntu-server 2008-10-04
<Olwe> trashguy, did you find anything?
<trashguy> no
<Olwe> hmm...
<Olwe> i tried changing the video card, but my MOBO didnt like that at all.. something may be wrong with my AGP slot... or the card... but i mean, i get partway with the pci card, which i installed with
<maw> when "apt-get purge" is used and aptitude is identifying "ubuntu-minimal" to be removed as well
<maw> I assume that would be bad to remove
<ScottK> maw: Almost certainly whatever you are removing that's part of ubunutu-minimal is something you want to keep on your system.
<maw> ScottK: indeed, I was just removing all of the dhcpd and dhcp3-server related stufd
<maw> *stuff
<ScottK> ubuntu-minimal is just a metapackage, so removing it doesn't actually hurt anything.
<ScottK> You really ought to be sure you know what you're doing though if you remove stuff that's in minimal.
<[Solaris]> how do i put soemthing in cron to every 15 or 30 mins?
<sommer> [Solaris]: */30 * * * * command
<sommer> [Solaris]: change the 30 to 15 for every 15 minutes
<[Solaris]> do i need to put the file somewhere?
<sommer> that would be the cron entry... the crontab -e will let you edit the cron jobs
<[Solaris]> so it doesn't matter where the file resides?
<sommer> not sure what you mean by file?
<[Solaris]> i have a bash script that i want ran
<[Solaris]> script == file
<sommer> I usually put custom scripts in /usr/local/bin so your cron entry would be: */30 * * * * /usr/local/bin/filename
<[Solaris]> is 15 min to often for a cron..
<sommer> I have some jobs running every 5 :-)
<sommer> it's really a matter of what your script does, how resource intensive, etc
<[Solaris]> it moves files from one dir to the next
<sommer> I wouldn't think you'd have any issue, but I guess it depends on how many files and their sizes get moved, still shouldn't be an issue
<[Solaris]> cp: cannot create regular file `/usr/local/bin/CTDM': Permission denied
<[Solaris]> ohh id idn't chmod +e or what ever tothe file
<portablejim> What happens if you put 2 dhcp servers on one network? does the second stop the first from working, or does the second one just not work?
<MitosKalandiel> most likely you will get very unpredictable effects, either dhcp server a0 or b0 answering leases being given double etc, i am not sure if that's even mentioned in ip-specs
<MitosKalandiel> a or b even
<MitosKalandiel> but in every case i had 2 dhcp servers running my network became unstable and unpredictable, downright to the point of unusability..
<portablejim> so the second one would bring down the network. is that what you are saying?
<ropetin> portablejim: I'm late to this party, but I'd concur with MitosKalandiel, two active DHCP servers on the same segment is not worth the agro
<MitosKalandiel> portablejim: not necessaraly bringing the network down, but you will be tackling major problems when you do run two dhcp servers
<portablejim> thanks
<MitosKalandiel> yw
<ivoks> sometimes i just want to cry
<ropetin> ivoks: any reason or just in general?
<ivoks> ropetin: i've spent lots of time (a week) on debugging of one problem
<ivoks> ropetin: it turns our it's just an online change in one header
<ivoks> one line
<[Mitos]> ouch
<ivoks> and i figured that out this morning, after last night and lots of alcohol
<ivoks> moral of the story: alcohol can be good sometimes :D
<bogey-> i was running 8.04 and i did an apt-get upgrade and now my network stopped working. It says it is configured but no traffic goes in or out
<EvilDaemon> So I have an older box with 3 different ubuntu operating systems on it, and I want to put ubuntuserver on it. All of the thing I want to keep are backed up, now what?
<EvilDaemon> Also, when installing, it won't let me overwrite all of the partitions, just one out of two.
<EvilDaemon> Anyone...
<EvilDaemon> So... nobody?
<stainer> are you using the manual option?
<EvilDaemon> Well, I'm going to try dban and then install it
<stainer> I some trouble overwrite partitions with an older version. I deleted the partitions manually, the ran the install and that worked... I cant remember if that was a bug or not.
<stainer> or something I was doing wrong
<EvilDaemon> How did you delete them?
<stainer> used a live disk, and ran gparted
<EvilDaemon> Can you boot into a shell from the live Server cd?
<EvilDaemon> er, ubuntu server livecd
<stainer> I used a desktop cd, but you should be able to do the same thing with fdisk in command line
<stainer> make sure you have everything you need off that disk
<EvilDaemon> Yeah, everything is on a usb.
<EvilDaemon> thanks.
<stainer> fdisk deletes the partitions, then you can use a guided install, and it should write the whole disk
<stainer> np
<stainer> I am sometimes slow with this stuff, so your milage may vary :)
<EvilDaemon> fdisk just displays stuff, it's not doing anything.
<EvilDaemon> Is there a delete-all argument?
<normanm> EvilDaemon: you could even use cfdisk
<stainer> fdisk /dev/hda (or your hd)
<EvilDaemon> what about parted?
<stainer> parted would do the same... fdisk is pretty old, but straight foward
<EvilDaemon> There's four different kinds under /dev/
<EvilDaemon> Now I guess cfdisk is being suggested over parted.
<stainer> http://linux.about.com/od/commands/l/blcmdl8_fdisk.htm
<stainer> you have to delete each partition
<stainer> Try them in the order cfdisk, fdisk, sfdisk. (Indeed, cfdisk is a beautiful program that has strict requirements on the partition tables it
<stainer> accepts, and produces high quality partition tables. Use it if you can.
<stainer> I just found that... I have never used cfdisk before, so I didn't know about it
<EvilDaemon> okay. will one of them tell me what partition I'm on, or do I stab in the dark and hope I don't miss?
<normanm> stainer: lol
<normanm> cfdisk rocks
<stainer> it is rare that I have needed the partition manually... ubuntu takes care of it for you :) I have in the old days with dos, and slackware
<stainer> here is a better howto on fdisk http://tldp.org/HOWTO/Partition/fdisk_partitioning.html
<stainer> with everything in linux, there are about 45 ways to accomplish it
<EvilDaemon> fdisk - disk partition table manipulator
<EvilDaemon> fdformat - Low-level format a floppy disk
<EvilDaemon>  cfdisk
<EvilDaemon> Curses based disk partition table manipulator for Linux
<blue-frog> EvilDaemon: what do you need to do?
<EvilDaemon> To delete all my partitions.
<EvilDaemon> sorry for the flood.
<normanm> EvilDaemon: use cfdisk
<normanm> I still not understand what the problem is
<blue-frog> EvilDaemon: I assume you are on a livecd?
<EvilDaemon> Yes, but I only have a command line.
<stainer> cfdisk is nice
<blue-frog> EvilDaemon: then either one of the tools listed above will help you do that. chose the one you prefer
<EvilDaemon> I just took a look at cfdisk, so I'll use that. Now, how do I find out what partition I'm currently on?
<blue-frog> EvilDaemon: if you are running from a live cd you are on cloop
<EvilDaemon> okay, thanks.
<blue-frog> EvilDaemon: your drive will be certainly named /dev/sda
<EvilDaemon> okay, so that didn't work
<EvilDaemon> all of the oses that I originally had on there are still there, after deleting the partitions.
<EvilDaemon> from a livecd
<EvilDaemon> one is on sd2
<EvilDaemon> the other didn't say.
<EvilDaemon> If I run sudo rm -rf /, will it solve my problems?
<stainer> that would just delete the files, the partitions would still be there
<blue-frog> EvilDaemon: what livecd do you have?
<blue-frog> EvilDaemon: in fact are you root in your llivecd?
<EvilDaemon> no
<EvilDaemon> It's ubuntu gusty, 7.10 i386
<EvilDaemon> and I did sudo cfdisk
<blue-frog> did you reboot afterwards?
<EvilDaemon> yes
<EvilDaemon> it went to grub, and still showed all of the previous oses.
<EvilDaemon> ubuntu 7.10, and ubuntu 8.10
<blue-frog> EvilDaemon: so you didn't delete the /boot partition. that's all
<stuart> Hi All
<stuart> 8.04.1 server. Won't install on my hp netserver. Can't load installer from cd. Media check is good. ??
<stuart> -- hp netserver E800 2xP3 1GHz 2GB ram
<EvilDaemon> blue-frog: In cfdisk, there were two different options. one had boot on it. I deleted them all.
<blue-frog> EvilDaemon: sudo parted /dev/sda p    gives you what?
<blue-frog> EvilDaemon: by the way in cfdisk, you need to write out the changes you made
<blue-frog> otherwise nothing is done
<blue-frog> EvilDaemon: use parted, changes are made right away, no need to reboot
<stainer> only with AT&T is a dynamic ip a selling point. Dynamic IP Addresses - Every time you log on to the Internet, your computer is assigned a new, unique IP address, making it more difficult for hackers to find you.
<EvilDaemon> it says that the directory isn't there. So It's just deleting it off of grub?
<orogor> hi here
<orogor> anyone knows of any decent documentation/tutorial on apparmor?
<sommer> orogor: https://help.ubuntu.com/8.04/serverguide/C/apparmor.html
<sommer> orogor: should get you started anyway
<orogor> yhea, just stpotted the bottom link to suze doc , o think  was looking for that$
<orogor> sommer, is there a repository wth additional profiles for apparmor on ubuntu  ?
<orogor> also stupid queston what sthe difference between gentoo and gento server if i nstall server type packages on th desktop version ?
<sommer> orogor: there's the apparmor-profiles package which contains additional profiles, that may be what you're looking for
<sommer> orogor: nope the server and desktop use the same repositories so installing say apache on desktop is the same as installing it on sever
<orogor> sommer, there s like 10 profiles in it , whichb isn t much
<sommer> orogor: ya, apparmor integration is pretty conservative, due to the chance of messing things up
<orogor> i could build profiles by myself , but ... would have been nice if there were some more
<sommer> you can always submit any that you create :)
<orogor> doesn t works out server doesn t answer
<sommer> ?
<orogor> i modified the cupsd profile , i was presented with an option to uopdate the repository but had an error when submitting profle , apparently (in don t know which) server wasn t answerng http
<orogor> bah, i ll give up for today, i bet iptable forbidding incoming connections will protect me from 90% of stuff anyway
 * [Solaris] wonders if trashguy comes in on the weekends
<henkjan> D
<EvilDaemon> is for Dog
<[Solaris]> can someone tell me if my external IP address shows up a http page?
<NCommander> [Solaris], sure
<NCommander> IP address?
<[Solaris]> 98.196.35.51
<NCommander> [Solaris], yup
<[Solaris]> good good
<[Solaris]> now to figure out how to make it so a user can have a http page
<[Solaris]> 98.196.35.51/<user> is the address right?
<[Solaris]> typically
<NCommander> ~user
<[Solaris]> and in the user dir they need to add?
<NCommander> usually public_html
<NCommander> But that varies depending on the apache configuration
<[Solaris]> erm whats defualt?
<NCommander> No idea
<[Solaris]> know where i can look?
<[Solaris]> i thought normally you have to mkdir some directory for all the html stuff
<LeChacal> hello can some help with this. At my school we have public printer on ip address 192.168.***.*** and my dorm pc is on ip address 172.16.***.***. I cant touch the settings in the router so i cant set up routing table to allow me to print to this printer but does any one have a different idea of how i can print to this printer. Thank You
#ubuntu-server 2008-10-05
<[Solaris]> what does 98.196.35.51/~drake show?
<micah> has anyone successfully migrated from debian etch to ubuntu-server
<Andy__> hello
<hads> micah: Sounds tricky
<micah> aptitude can't just upgrade the packages with teh proper dependencies?
<micah> ubuntu should have higher versions for everything since etch is 1.5 years old
<Andy__> New to ubintu server. Is there a good GUI or web based admin for ubuntu server?
<micah> webmin?
<Andy__> How does that work?
<hads> Andy__: Typically people wouldn't use a GUI with a Linux server.
<hads> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<micah> Andy:  http;//www.webmin.com
<Andy__> I know but not real strong with the command line approach
<micah> ubottu: there is a debian package for webmin and it works fine
<ScottK> Except for when it doesn't.
<ScottK> I've tried to help users with Postfix problems that were because webmin corrupted their config files.
<Andy__> so command line would be better?
<Andy__> I have the server installed. What would be my next step? Newbie question but have to start learning sonner or later
<Andy__> Would it be good to set a static IP address?
<hads> If you want your server to have a static IP then yes, possibly :)
<Andy__> What's the advantage/disadvantage of a static IP address?
<hads> It's static rather than dynamic, that's it.
<Andy__> if I use webmin, do I need a static ip address?
<Andy__> Where would be a good place to learn about command line ?
<ScottK> Mostly I used Google and just started using it when I learned.
<ScottK> Stuff will be harder and take longer at first, but eventually you'll wonder why you ever thought GUI's were efficient.
<Andy__> What would you suggest as a starting point?
<ScottK> Trying to do whatever it is you need to do.
<Andy__> I have MySQL database on it. How do I access it?
<hads> Type `mysql`
<ScottK> I'm the wrong guy to ask about that.  Ask me about Postfix.
<Andy__> On my laptop I use SQYyog to manage my database in it. I need to know the host address. That should be the IP addrss. How do I find that on the server?
<Andy__> exit
<hads> ifconfig
<FFEMTcJ> I'm setting up a server.. I'd like some guidance on how I should partition the drive.. It's a single 160gb drive... It'd going to act as a proxy server, webserver, file server, and test server.
<FFEMTcJ> Would anyone mind helping me please?
<ScottK> FFEMTcJ: You'll almost certainly be fine if you let the installer partition it for you.
<FFEMTcJ> Ok.. So there's nothing special I should do then.. Thanks. :-)
<ScottK> I wouldn't think so.
<FFEMTcJ> Thanks ScottK
<FFEMTcJ> :-)
<scuser> hi all,how can I install sasl support with ldap?
<scuser> Hi all, I have this error now "ldap_sasl_interactive_bind_s: Local error (-2)" I'm trying to run the command " ldapsearch -b "dc=sc,dc=bibalex,dc=org" -Y "GSSAPI" -U scuser". Any idea?
<uvirtbot> New bug: #278495 in nut (universe) "megatec_usb does'nt detect ups" [Undecided,New] https://launchpad.net/bugs/278495
<scuser> Hi, I have this error now "ldap_sasl_interactive_bind_s: Local error (-2)" I'm trying to run the command " ldapsearch -b "dc=sc,dc=bibalex,dc=org" -Y "GSSAPI" -U scuser". Any idea?
<crevette> hello
<scuser> hi all, can anyone help me with this http://paste.ubuntu.com/54219/ ?
<crevette> I'm on intrepid trying to make works the kvm-intel module, but I've some error in messages stating there are unknown symbols
<crevette> I see that now kvm-source depends on dkms an no more on module-assistant
<crevette> s/an/and/
<crevette> http://dpaste.com/82476/ here come the error message
<crevette> I can modprobe kvm but not kvm-intel
<crevette> ah I 'm not perhaps on the appropriate chan
<scuser> dear all, I need help with Kerberos and LDAP authentication. It gives this error "ldap_sasl_interactive_bind_s: Invalid credentials (49)" after running the command "ldapsearch -b "dc=sc,dc=bibalex,dc=org" -Y DIGEST-MD5" I'm sure that I enter the right password any idea?
<thoand> hello
<thoand> is there some meta package like "ubuntu-desktop" so that you can debootstrap a ubuntu server?
<sylvaing> thoand: you can use ubuntu-vm-builder maybe
<thoand> mmhh, I would debootstrap my Dom0
<thoand> the basic problem ist that debians xen is totaly outdatet, so I decided to use ubuntu on my root-server. but my provider only provides debian with raid1 activated
<thoand> so I have installed ubuntu-server in a vmware (with two virtual hdds) and made a tar files of this installation
<thoand> but for some reason the system I extracted it (and build raid before and editted etc/fstab and so on and installed grub) does not start
<thoand> I now have tried the process in my vmware and found out, that grub is unable to access /dev/md0
<thoand> do I have to add raid support while installing grub? I did it from the chrooted ubuntu (with raid enabled)
<spikyjt> Hi all, I'm setting up Postfix (first go with a mail server - please be gentle!). Using a relay which works fine. Expected local mail (for domains in mydestination) to be delivered locally, but they go to relay. Any idea what I've missed, or is this correct behaviour?
<Nafallo> not without having main.cf
<Nafallo> probably not correctly set mydestination though
<spikyjt> sorry I'm a noob to irc as well - can I send you my main.cf somehow?
<Nafallo> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<spikyjt> thanks both
<stainer> they may be able to help you better in #postfix
<spikyjt> http://paste.ubuntu.com/54280/
<spikyjt> thanks stainer I'll jump on there too
<uvirtbot> New bug: #278617 in samba (main) "login crashed with SIGSEGV in dump_core()" [Undecided,New] https://launchpad.net/bugs/278617
<thoand> I found out what the problem was, in the initrd is a mdadm.conf file, there is the UUID of the source raid, you have to update it to the new one
 * johnc4510-laptop asks if someone is around who schedules the server meetings in #ubuntu-meeting?
<johnc4510-laptop> we have a conflict in scheduled meeting times
 * johnc4510-laptop asks if mathiaz is who i should contact about that?
<ScottK> Probably.
<johnc4510-laptop> thx
<johnc4510-laptop> ok, i sent mathiaz an email, and i'll stick around in here today to see if he shows up.
<lamont> ScottK: fwiw, glib2.0 bitchslapped
<lamont> OTOH, lots of stuff probably needs givebacks still
<ScottK> lamont: Great.  That's a start at least.  Thanks.
<lamont> OTOH, I still want to know why it does that sometimes
<lamont> stupid nptl
<tester-> hello channel, i need some help, i cant mount a freebsd disk under ubuntu server 8.04, is their any way to do it? i really need some data from that disk
<ivoks> you should be able to...
<ivoks> did you load ufs module?
<Ali_ix> ivoks: how to determine the filesystem type of unmounted disks?
<ivoks> Ali_ix: i have no idea :)
<tester-> ivoks, modprobe ufs?
<ivoks> tester-: yes
<tester-> yes but nothing?
<tester-> how can i verify that is ufs filesystem
<tester-> ?
<ivoks> if it's BSD, it's UFS
<tester->  sudo mount -r -t ufs -o ufstype=44bsd /dev/sdb /media/bsd/
<tester-> mount: wrong fs type, bad option, bad superblock on /dev/sdb,
<ivoks> sdb?
<ivoks> you can't mount disk, only partitions
<tester-> it returns tha same
<ivoks> what partition are you mounting?
<tester-> <tester-> mount: wrong fs type, bad option, bad superblock on /dev/sdb1....
<ivoks> are you sure it's sdb1?
<ivoks> FreeBSD has diferent partition types
<ivoks> maybe it isn't UFS
<ivoks> try 'sudo mount /dev/sdb1 /media/bsd'
<tester-> dev/sdb1   *           1       16368     8249440+  a5  FreeBSD
<tester-> mount: you must specify the filesystem type
<ivoks> which freebsd was used on that disk?
<ivoks> what version?
<tester-> 6.1
<ivoks> then
<ivoks> ufstype=ufs2
<ivoks> not 44bsd
<tester-> sudo mount -r -t ufs -o ufstype=ufs2 /dev/sdb1 /media/bsd/
<tester-> ?
<ivoks> should be, yes
<tester-> nop
<uvirtbot> New bug: #278712 in samba (main) "3.2.3 and qemu: could not init smb messaging context" [Undecided,New] https://launchpad.net/bugs/278712
<ivoks> tester-: dmesg | grep bsd
<tester-> [   36.058190]  sdb1: <bsd: sdb5 sdb6 >
<ivoks> there, it's sdb5 and sdb6
<tester-> i also tried them...
<ivoks> sdb1 is just a slice
<tester-> there is sdb1,5,6
<ivoks> tester-: you tried with ufs2?
<tester-> nothing is mounted
<tester-> yes
<ivoks> try with 5xbsd
<tester-> sdb5 mounted but /media/bsd is empty
<tester-> sdb1 and sdb6 returns the same error as before
<ivoks> sdb6 is probably swap
<ivoks> umount sdb5
<ivoks> ufs2 should work
<ivoks> mount -t ufs -o ro,ufstype=ufs2 /dev/sdb5 /media/bsd
<tester-> well done!
<tester-> thanks ivoks
<ivoks> i've asked about ufs2, you said yes :)
<tester-> bin  boot  cdrom  compat  COPYRIGHT  dev  dhclient.core  dist  entropy  etc  home  lib  libexec  mnt  proc  rescue  root  sbin  sys  tmp  usr  var
<ivoks> be careful with ufstype
<tester-> yes when i told you sdb5 mounted but it was still empty its because i was already in /media/bsd :p
<ivoks> if you use wrong one, you could corrupt filesystem
<Ali_ix> weird!
<tester-> i don't care about them now, i just want some files to copy to the ubuntu disk and then format
<tester-> thanks a lot
<ivoks> np
<tester-> bye
<ivoks> bye
<ScottK> lamont: Any suggestions on this one? http://launchpadlibrarian.net/18240816/buildlog_ubuntu-intrepid-hppa.openexr_1.6.1-3_FAILEDTOBUILD.txt.gz
<ivoks> ScottK: testRgba.cpp:166? :)
<[Solaris]> ivoks my server is finually working well :P
<ivoks> [Solaris]: great
<ScottK> ivoks: No idea.  No hppa hardware here.  Just trying to get KDE to build on it.
<ScottK> NCommander is my usual go to for this, but he's offline.
 * ScottK needs to run out and drive kids around anyway ...
<ivoks> :)
<ivoks> ScottK: enjoy
<[Solaris]> just need to find two good working nics, so i can put the server between the external address and the internal router.... I want to get it setup for DHCP
<[Solaris]> but gotten everything working well
<uvirtbot> New bug: #278784 in openvpn (universe) "openvpn configuration with token (pkcs11 provider) blocks the boot" [Undecided,New] https://launchpad.net/bugs/278784
#ubuntu-server 2009-09-28
<uvirtbot> New bug: #437881 in mysql-dfsg-5.0 (main) "fail" [Undecided,New] https://launchpad.net/bugs/437881
<jono> kirkland, hey
<golem_> during the install i chose 'automatic updates' - where is that configured if i wish to change to manual updates?
<jmarsden> dpkg -L unattended-upgrades    will show you all the files.  The one to edit to quickly disable them is probably /etc/apt/apt.conf.d/50unattended-upgrades
<golem_> gotcha, thanks
<jmarsden> No problem.
<golem_> i just commented out jaunty-security
<jmarsden> If you know you don't want it, sudo apt-get purge unattended-upgrades   will do the trick cleanly :)
<golem_> ah cool, so i can just apt-get update/upgrade
<jmarsden> Of course; the unattended-updates package effectively scripts doing that on a regular basis.
<aubre> how's the cureent state of karmic eucalyptus? thinking of updating when I go to work tomorrow
<uvirtbot> New bug: #437944 in samba (main) "Samba session request failure when using IP address" [Undecided,New] https://launchpad.net/bugs/437944
<darksmac> ok guys new to ubuntu server was wondering if any one has had any experience installing crda
<darksmac> comming aross an issue with it stating that i dont have a supported version of libnl and i have installed libnl1-1.1-3
<Anirban1987> I want to host a game server on my VPS
<claw> guten morgen ich bin auch der suche nach nem tool, dass meinen netzwerktraffic zÃ¤hlt
<claw> ich bezahl nÃ¤mlich pro megabyte und hÃ¤tte gerne sowas wie ne monatsÃ¼bersicht
<claw> gibts da etwas?
<_ruben> claw: asking in english will yield more responses probably .. as for traffic accounting tools, there's tons of those around
<maxagaz> how to use find to do this "ls -lart", but recursively
<maxagaz> ?
<domas> maxagaz: just use 'ls -R'
<domas> if you want ls functionality
<domas> you can also do find ./ -print0 | xargs -0 ls -lart
<domas> etc
<domas> :)
<maxagaz> domas, thanks
<maxagaz> but the result is not that good with find
<maxagaz> domas, because files are separated by directory
<maxagaz> domas, but the good thing is that their full path is shown
<cemc> is there a simple freespace disk checker package which sends mail when a partition is X % full ? something really simple
<Mohammad[B]> how i can resolve this problem in apache2 http://paste.ubuntu.com/280284/ please help me
<Jagged> Mohammad[B]: you need to correctly configure apache vhosts, or don't use vhosts.
<zul> morning
<oc> hi
<oc> Is it possible to somehow make aptitude -not ever- install gcj?
<oc> i.e. I have installed sun-java{5,6}-jdk
<oc> when I install tomcat, glassfish, ant, etc I do not want GCJ
<oc> gcj should never ever ever ever ever come into my OS
<oc> this is a major issue, not a minor one
<VK7HSE> oc: well install with '--no-install-recommends" then...
<pmatulis> (that would be for apt-get)
<VK7HSE> Oh yes forgot to mention that bit! ;)
<oc> that sort of helps
<oc> how do I set it as default?
<VK7HSE> oc: so then use this ... 'sudo apt-get install tomcat --no-install-recommends'
<oc> I understood that.. how do I set it as default?
<oc> (can I set it in apt.conf somehow?)
<VK7HSE> thinks so! ... just having a look through some settings stuff to see...
<oc> in server mode, that should be default IMHO :)
<oc> it's ok to be lax in desktop installations
<oc> but too much crap on the server will quickly escalate
<pmatulis> that option will only prevent "recommends" packages from being installed.  not sure if that is the case here
<VK7HSE> well its a defalt inubutnu.. I had a similar grizzle! when I was messing with KDE and i wanted to use firefox 3.5 and it wanted to pull in a heap of stuff from gnome!
<pmatulis> but you can make this the default by adding 'APT::Install-Recommends "0";' to /etc/apt/apt.conf
<oc> thanks
<VK7HSE> pmatulis: Gahh! ya beat me to it ;)
<VK7HSE> pmatulis: BTW I realised my error yesterday re: the server kernel on i386 (DOH)
<oc> I traced the deps now.. Seems like java2-runtime-headless asks me to install install gij istead of sun-javaX-jre (which are installed)
<oc> (and thats just an alias package -- which I find strange)
<pmatulis> oc: maybe openjdk will be friendlier
<oc> problem is, I'm setting up a buildserver, and it'll compile some "very enterprisey (tm)" code that only runs well in particular JDKs :o)
 * pmatulis nods
<oc> which I've found is an issue many places Ive worked :>
 * oc shrugs
<pmatulis> oc: how does gij mess you up?
<oc> I haven't tried yet, but it being installed makes my mind flash for potential errors :)
<pmatulis> !find gij
<ubottu> Found: gij, gij-4.3, gij-4.2
<pmatulis> !info gij
<ubottu> gij (source: gcc-defaults (1.78ubuntu1)): The GNU Java bytecode interpreter. In component main, is optional. Version 4:4.3.3-1ubuntu1 (jaunty), package size 1 kB, installed size 36 kB
<pmatulis> ah, only 36kB
<pmatulis> oc: what release are you running?
<oc> I don't want to potentially have to spend hours tracing runtime bugs in vastly untested code only to find out thats why
<oc> 9.04 server
<pmatulis> why you say untested?
<pmatulis> gij is in main which suggests it is very well tested
<oc> because alot of the code that is to be built is sadly untested :)
<pmatulis> i think you're over-reacting  :)
<oc> probably, but still better to be safe that sorry :)
<pmatulis> if it's an important project then you should have a development box built first
<oc> I'm installing a new CI server to replace an old Windows-server they've used for a while...
<oc> it'll be a dev/ci/integration-test/functional test box
<VK7HSE> I realise that each has their own way of things, but I tend to start with the default that tweak... ;)
<VK7HSE> *then!
 * pmatulis agrees
<pmatulis> default, test, and *then* monkey around
<oc> I have started with the default
<oc> testing it would take years :)
<oc> millions of lines of code :)
 * pmatulis doesn't have anything else to add.  goes away for a while
<VK7HSE> bit like me last night (UTC+10) I was jumping up & down cause I couldn't install an i386 server kernel! to be pointed to an article by pmatulis, that pointed me in the right direction! ;)
<smoser> anyone have time to ubuntu-educate me ?
<smoser> $ rmadison linux-ec2
<smoser>  linux-ec2 | 2.6.31-300.3 |        karmic | source
<smoser>  linux-ec2 | 2.6.31.300.0 |        karmic | amd64, i386
<smoser> i've 2 questions about that:
<smoser> 1. where does rmadison see the 300.3 source ? http://packages.ubuntu.com/source/karmic/linux-meta-ec2 indicates 2.6.31-300.0
<smoser> 2. what causes build of amd64/i386 of the .3 ? how would i go about getting that?
<zul> have you done an apt-get updaet?
<zul> apt-get update even
<zul> or not
<smoser> hm... i thought that rmadison was querying remote info. apt-get update doesn't change results for me
<Mohammad[B]> hi all
<Mohammad[B]> what is this ? :-s in apache2 please help me for resolving this http://paste.ubuntu.com/280396/
<aubre> Eucalyptus question: I have a newly added node which is acting like it can't connect to walrus, and libvirt is saying Domain not found, so it won't launch instances : http://paste.ubuntu.com/280394/ any ideas?
<VK7HSE> Mohammad[B]: what's the content of your ports file?
<VK7HSE> Mohammad[B]: see ... http://paste.ubuntu.com/280400/
<Mohammad[B]> VK7HSE, http://paste.ubuntu.com/280402/ this is my ports file
<Mohammad[B]> VK7HSE, some kind of my ports file :-s
<VK7HSE> Mohammad[B]: good! now are you by chance using webmin to administer that server?
<Mohammad[B]> VK7HSE, no, this is manually
<Mohammad[B]> and Ubuntu 9.04 in a VPS
<VK7HSE> Mohammad[B]: OK! I'm now just trying to remember what causes that issue!
<Mohammad[B]> ooh ok :)
<Mohammad[B]> thnx
<VK7HSE> Mohammad[B]: what's in your /etc/apache2/sites-available/default file?
<Mohammad[B]> VK7HSE, i'm change it to "boozary" wait
<VK7HSE> ok...
<Mohammad[B]> VK7HSE, http://paste.ubuntu.com/280410/
<Mohammad[B]> this is working but that error ... http://boozary.com/
<VK7HSE> Mohammad[B]: here's mine so you can compare...  http://paste.ubuntu.com/280409/
<Mohammad[B]> this is like my file
<Mohammad[B]> hummm
<VK7HSE> Mohammad[B]: the only thing I can see is that I haven't specified an ServerAlias in that file I have stated a ServerName www.vk7hse.hobby-site.org in apache2.conf  ???
<VK7HSE> Mohammad[B]: is that server online ? and what's its URL?
<Mohammad[B]> VK7HSE, yes, www.boozary.com
<VK7HSE> ok no content on it just yet I see! ;)
<Mohammad[B]> VK7HSE, http://boozary.com/ but this
<VK7HSE> Mohammad[B]: Hmm... sorry not sure what's happening there... but it's certainly accessible but I realise to get rid of that warning would be nice! ;)
<VK7HSE> Mohammad[B]: you haven't setup a second alias in /etc/apache2/conf.d  by chance? (I'm assuming you have not!)
<VK7HSE> Mohammad[B]: have a look at...  http://www.mydigitallife.info/2007/08/11/apache-warn-namevirtualhost-80-has-no-virtualhosts-error-when-start/
<Mohammad[B]> VK7HSE, thanks i seen it yet
<VK7HSE> Mohammad[B]: ok...  ;)
<Mohammad[B]> thanks alot ;)
<VK7HSE> Mohammad[B]: it kind of points to a duplication of the virtualhost of *:80 ... best of luck getting it sorted, sorry I wasn't of any help to you :(
<cemc> is there a way to disable disk caching in ram for a partition, or mountpoint?
<Mohammad[B]> VK7HSE, oh forget it dear ;) forget it
<Mohammad[B]> VK7HSE, problem resolved with comment the NameVirtualHost * in ports.conf ;)
<VK7HSE> Mohammad[B]: Ahh! glad to hear you sorted it ;)
<Mohammad[B]> VK7HSE, i have 2 domains one boozary.com is root and boozary.cn setted to boozary.com's DNS i want boozary.cn open another directory do you can help me ?
<VK7HSE> Mohammad[B]: as I'm only running one domain (vk7hse.hobby-site.org) I haven't attempted that ... sorry
<Mohammad[B]> oh ok thanks
<VK7HSE> but remember, GIYF (Google Is Your Friend)  ;)
<Mohammad[B]> =))
<Mohammad[B]> just fucking google :D
<genii> !language
<ubottu> Please watch your language and topic to help keep this channel family friendly.
<Mohammad[B]> VK7HSE, without google resolved :D
<uvirtbot> New bug: #394021 in vm-builder (universe) "[karmic] ubuntu-vm-builder crashed with AttributeError in preflight_check()" [Undecided,Fix released] https://launchpad.net/bugs/394021
<uvirtbot> New bug: #403149 in vm-builder (universe) "vmbuilder should allow for no swapfile" [Wishlist,Confirmed] https://launchpad.net/bugs/403149
<uvirtbot> New bug: #329458 in landscape "vmbuilder fails to work with grub2 (dup-of: 410886)" [High,Confirmed] https://launchpad.net/bugs/329458
<uvirtbot> New bug: #392190 in vm-builder (universe) "vmbuilder fails silently when providing invalid hostname" [Undecided,Incomplete] https://launchpad.net/bugs/392190
<uvirtbot> New bug: #316538 in vm-builder (universe) "allow for vmbuilder to change VM name and directory with the --hostname option" [Wishlist,Triaged] https://launchpad.net/bugs/316538
<Skami_18> Hello
<Skami_18> Someone have a web/mail server at home?
<remote> hi
<Skami_18> have you a box?
<uvirtbot> New bug: #436407 in eucalyptus/1.6 "if apache2 is using worker MPM, rampart causing periodic CC segfaults" [Critical,Fix committed] https://launchpad.net/bugs/436407
<Skami_18> I'm trying to configure my NeufBox for a web server... but without success!
<giovani> what's a NeufBox?
<pmatulis> Newfoundland computer?
<pmatulis> (joke)
<Skami_18> A neufbox in an internet-box, a NeufBox sucks!
<genii> Weird, i read that originally as NerfBox
<Vog> Hmm that would be an interesting theme on a graphical desktop...
<Vog> Nerf box... the computer you can't hurt yourself or anyone else with...
<remote> i'm having troubles compiling compat-wireless on ubuntu-server, did anyone else do it?
<remote> first i was having errors about /lib/modules/`uname -r`/build that didn't exist even though i had the kernel source and kernel headers installed
<dholbach> hi guys
<dholbach> could it be that dovecot's reload script (that is triggered after upgrades) does leave the services in a state where they're not listening or something?
<dholbach> maybe it's a configuration issue at my place, that could very well be
<f00fSteR> hey guys
<f00fSteR> i'm trying to start a new server instance for this one contract
<f00fSteR> now i set the internal static address ...
<dholbach> I usually test with  sudo lsof | grep DEL  to find out if "old libraries and stuff are still loaded" and things were fine
<f00fSteR> like a 192.168.0.4 as the internal
<f00fSteR> but for an external ip address i cant seem to configure anything
<f00fSteR> i tried changing the /etc/networking/interface file to include the seconbd external static ip with the name server but notthing
<f00fSteR> any suggestions guys ?
<uvirtbot> New bug: #409958 in nagios2 (universe) "Sends false disk space alerts" [Undecided,Incomplete] https://launchpad.net/bugs/409958
<jjohansen> smoser, erichammond: EC2 kernel status meeting
<smoser> woohoo
<smoser> http://paste.ubuntu.com/280496/
<jjohansen> uh oh, smoser  is excited about it, must have a bug :)
<smoser> no, i'm just excited that jjohansen is back
<jjohansen> hehe
<jjohansen> so basically I don't have much status
<jjohansen> I am going to try to finish bisecting the ec2 virtual style config this morning
<f00fSteR> jjohansen: hrmm... i'm in this too
<jjohansen> rtg committed zuls tty patch, so hopefully we will have log messages now
<jjohansen> f00fSteR: cool, welcome
<smoser> jjohansen, so the big things are that bug 434755 and bug 431103 are marked as "fixed released", but we dont have an official build with them
<uvirtbot> Launchpad bug 434755 in linux-ec2 "ec2 kernel has unnecessary dependencies" [Medium,Fix released] https://launchpad.net/bugs/434755
<uvirtbot> Launchpad bug 431103 in linux-ec2 "ssh host key fingerprint no longer available in the console log" [High,Fix released] https://launchpad.net/bugs/431103
<smoser> if possible, i'd like to get one, and get it published. that way, in case you dont finish the bisecting by beta, we'll have these 2 bugs fixed in beta
<smoser> with officially built kernels
<jjohansen> smoser: right, I'll ping rtg when he gets back
<smoser> and note, that with the AMIs having the kernel modules in them, bug 428692 is less severe (because the user has loop.ko available)
<uvirtbot> Launchpad bug 428692 in ubuntu "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Confirmed] https://launchpad.net/bugs/428692
<smoser> i really am happy you're back
<f00fSteR> hrmm
<f00fSteR> lol
<f00fSteR> so anyone know how to set an external static ip on the same interface
<f00fSteR> ?
<jjohansen> smoser: were you involved in the ec2 installer fiasco at the end of last week?
<f00fSteR> where an internal static ip has been set
<f00fSteR> ?
<jjohansen> f00fSteR: sorry to say I don't
<jjohansen> alright anything else we should cover?  Or shall we call this meeting adjourned
<f00fSteR> lol
<smoser> jjohansen, adjourned is fine.
<f00fSteR> maybe... setting up two static ip's on a single interface
<f00fSteR> FUCK!
<f00fSteR> lmfao
<smoser> ec2 installer fiasco ? i think you mean uec
<Pici> !language | f00fSteR
<ubottu> f00fSteR: Please watch your language and topic to help keep this channel family friendly.
<jjohansen> smoser: err yeah
<smoser> i didn't follow it too much
<jjohansen> and fiasco as in crunch
<jjohansen> smoser: ah, me neither except my machine got drafted into service :)
<smoser> f00fSteR, maybe look at https://wiki.ubuntu.com/UEC/Images/Testing , search for eth0:0
<smoser> jjohansen, i now have some hardware for testing UEC, but have been bogged down in ec2 stuff to deep to attempt setting up.
<jjohansen> smoser: good to hear you have hardware,
<erichammond> smoser: Can we get AMIs published with all the latest fixes?  Jono says Jorge's got testers working and it would be nice to make sure they're testing the best we have.
 * jjohansen completely understands being bogged down
<smoser> erichammond, actually...
<smoser> let me see if they're public, but i have some up there.
<f00fSteR> smoser: dude thanks :)
<smoser> erichammond, can you see ami-28a34041 ?
<erichammond> smoser: Yes, 20090926
<smoser> .1
<erichammond> yes
<smoser> and i just made ami-24a3404d public.
<smoser> so those are the latest. i'm not aware of any fixes outside of what they have
<smoser> US-i386-karmic: ami-28a34041
<smoser> US-x86_64-karmic: ami-24a3404d
<smoser> there are no EU ones for those.
<erichammond> smoser: Cool.  Can you make sure Jono/Jorge are aware of what should be tested?  I'm not sure how the communication works there or who's in charge.
<smoser> yeah
<smoser> hopefully we'll get a new kernel build from jjohansen sometime today and i'll get that uploaded / tested and attached to a nightly
<zul> smoser: there is a new version of ec2-api-tools out ill package and get a FFE for post-beta
<erichammond> zup: yippee!
<erichammond> zul: Any chance it can get into pre-Karmic releases, too?
<smoser> ppa releases would be easy
<smoser> erichammond, please see my comment in bug 414997
<uvirtbot> Launchpad bug 414997 in ec2-init "ec2-set-defaults should be 'run_once_per_ami'" [Medium,In progress] https://launchpad.net/bugs/414997
<smoser> i expect i know your feelings, but would like your thoughts
<erichammond> smoser: Yes, I've been reviewing it based on your note on #ubuntu-ec2
<zul> erichammond: we'll see
<erichammond> smoser: I think you've found the correct place to document the behavior if the file is overwritten on first boot.
<erichammond> smoser: The primary concern I have is for users who append PPAs to /etc/apt/sources.list
<erichammond> It would probably be more appropriate for them to be creating additions under /etc/apt/sources.list.d/ which I've just started doing myself.
<erichammond> smoser: Did you find anybody else who supported overwriting sources.list on rebundled AMIs?
<smoser> i've not gone asking much, erichammond (other than that bug)
<mathiaz> Nafallo: hey - are you still working on bug 127836?
<uvirtbot> Launchpad bug 127836 in bacula "[SRU] bacula-director-pgsql not installable" [Medium,In progress] https://launchpad.net/bugs/127836
<Nafallo> mathiaz: not really, no.
<Nafallo> mathiaz: went with another backup solution IIRC.
<erichammond> smoser: If folks feel that this is an area where it's really worth breaking existing users' code when they migrate, then I can help spread the word.  I'm just pushing for as smooth a migration plan as possible.
<mathiaz> Nafallo: ok - I'll unassign you from the dapper task then
<Nafallo> kewl.
<erichammond> smoser: I think you solved the problem for people who are paying attention which is good.
<smoser> erichammond, i'm glad you're reasonably ok with the idea
<erichammond> smoser: If I didn't tell the person building my company's AMIs, the process would break and he'd have to track it down, but he would probably figure it out when he went to look at sources.list
<smoser> i wish soren were around. i feel like its rude to put this change in (and get it into beta) in his absense
<smoser> erichammond, right
<baffle> smoser: Where is soren?
<smoser> I dont really know details, but he's out at the moment
<kutukepik> hi all
<kutukepik> anyone have a hand on tutorial for ubuntu-server esp cloud
 * biczd ola
<eliaswimmer> hello, i'm playing around with kvm/vmbuilder, therefor i wanna know if it is possible to specify a "use all available space" parameter in the partition file
<smoser> erichammond, regarding above, i think at this point, my suggested code change isn't warranted.  i think simpler to just modify the .tmpl files.
<smoser> if we find that we have a bunch of them in the future, and such maintenance is a pain, we could do something like my patch
<smoser> or maybe it is. i dont know.
<smoser> 6 in one half a dozen in the other
<erichammond> smoser: I haven't thought much about the locale, but wonder if a comment is less likely to be noticed.  I don't even know what file it would be found in.
<smoser> well, the file you would be changing if you were changing the locale
<smoser> (/etc/default/locale)
<smoser> my guess is its not often changed. we set it based on region
<smoser> us = en_US.UTF-8 , eu = en_GB.UTF-8
<smoser> (in ec2init/__init__.py)
<erichammond> Yeah, and there were no particularly good reasons for choosing those except that we had to choose something.
<erichammond> So if the user has made a selection, perhaps it is even less beneficial to arbitrarily overwrite the change.
<smoser> right. so, you get the queens english or US
<erichammond> If somebody wants Hungarian on a server in Washington, they are not likely to want en_GB on a server in Dublin.
<smoser> this is actually a reasonable example
<zul> smoser: can you test out the new ec2-api-tools in my ppa when it builds
<smoser> especially since it appears to me that the user sets that not by editing the file (which would work) but by running 'update locale <locale>'
<smoser> err... update-locale
<erichammond> When I build images it looks like I update /etc/default/locale and run "localdef"
<erichammond> But I'm sure I just copied this from some sample I found somewhere.  I'm not a locale expert.
<smoser> yeah. ec2-set-defaults does
<smoser> locale-gen and then update-locale
<smoser> even here, though, if the user is making that change, they can easily change the template file. i agree, it kind of sucks that it will break out of the box if you didn't know about the template file.
<smoser> the same case could be true for modifying /etc/apt/sources.list, but I think the user is more likely to be modifying that file with an editor (rather than a tool)
<erichammond> smoser: In my experience changes to sources.list are generally made with commands which append or a system like Puppet to overwrite so the user will not see the comment.
<erichammond> smoser: But I'm glad you see that it sucks to break what the user has done :-)
<smoser> well, if they're done with puppet, you think they're then re-bundled ?
<smoser> i would have thought puppet changes would have been done to a installed instance, and then the thing wihch does rebundling or reates the master would be handled differently
<smoser> so, i think the gist of all of this is that the template system is a more powerful system, and has good reason for existance.
<smoser> not re-generating on every "first boot", means the user loses the power that the templating system gained us
<smoser> and, as i pointed out, simply overwriting only if the file is different from the one you *would* write isn't sufficient, as it doesn't take into consideration the fact that the user is only able to write one file, while the template system outputs multipel based on environment conditions.
<erichammond> smoser: For some of our images CampusExplorer.com generates the base image using puppet and rebundling.  When the instance is started it runs puppet again to bring the system up to date and apply any local configuration changes.
<erichammond> The reason we do this is that the initial setup takes about 4 hours.
<smoser> interesting.
<erichammond> smoser: I think the template system is nice, and users should be encouraged to use it where they can take advantage of it.  I still would lean towards not breaking user changes to get them to notice the template system :)
<smoser> so then, i think maybe best to do a combination of the two.
<smoser> do not overwrite if different than would be generated
<smoser> that is "safe"
<smoser> but also put headers in those files about the primary source
<dassouki> i just got some hosting on a ubuntu server (linode), it's meant to be for an opensource project. I'm gonna give access to some users, what are some of the ways i can create groups, give access, to people so they can only access for example svn, their home folder, and postgresql connection ?
<smoser> but even that solution stinks. because the, the user almost *can't* take advantage of the templating system. because any file they write, and include in their rebundled image is going to be seen by ec2-set-defaults as "different" in some cases, thus making the existing file the one that is used.
<smoser> the only solution to that is for the user to delete the generated file before building (or otherwise indicate "please overwrite this all the time")
<smoser> i can't come up with a way to allow the user to take advantage of the templating and intelligently not overwrite their decision.
<jacovt> Hello guys.
<mathiaz> smoser: how are the templates structured?
<mathiaz> smoser: is there a place for the user to define their own templates?
<jacovt> Trying to get an answer in #kerberos for this without much luck, hoping there is a kerberos geek in here...
<smoser> they can modify existing templates
<mathiaz> smoser: where are these templates located?
<smoser> but cannot control the input to the template rendering
<smoser> /etc/ec2-init/templates
<mathiaz> smoser: so what's the use case you're trying to solve?
<smoser> ec2-set-defaults reads from there, and writes to the actual location
<smoser> well, the use case that the template system is designed to provide is that we wish to use a different mirror in EU and US
<jacovt> I want my notebook to authenticate agains 2 different kerberos realms, one at home and one in the office. These networks are not connected. If I take a look at the default krb5.conf it seems there are multiple realms defined, and I have my own realms aswell. Is it possible to authenticate against my home realm when I am at home and the work realm when I am at work using the same notebook?
<smoser> so sources.list has "mirror" in it, that ec2-set-defaults renders to the correct ec2 internal mirror for that region
<smoser> the issue that the bug raises is that this decision happens only "once ever". so if a user re-bundles, they're stuck with the output of that first run.
<smoser> they will no longer get magical optimized settings of sources.list
<mathiaz> jacovt: yes - if you use the kinit command to get a ticket for login@HOME_REALM or login@WORK_REALM
<mathiaz> jacovt: however gdm won't support that IIRC
<jacovt> mathiaz: Ah, thanks. But GDM?
<jacovt> ah.
<jacovt> lol.
<smoser> however, there is the possibility that they've mdoified sources.list (adding a line) and rebundled, but hopeed that that line would be in the new instance.  if ec2-set-defaults runs in their new image, it would blow away their changes.
<mathiaz> jacovt: you could try to login via gdm as login@REALM
<jacovt> mathiaz: Do you know if its do-able via PAM ?
<mathiaz> jacovt: but I don't that would work
<mathiaz> smoser: how about leveraging source.list.d?
<jacovt> mathiaz: Was kinda hoping for a transparent solution. :)
<smoser> that solves for a single case. and yes, the usre should use that, but they may not.
<mathiaz> jacovt: well - you'll always need to give the realm you want authenticate against
<erichammond> mathiaz: Some use cases are listed in bug 414997.  smoser and I differ (politely) in our opinions of which uses cases might be more frequent and how severe the risks are for each.
<uvirtbot> Launchpad bug 414997 in ec2-init "ec2-set-defaults should be 'run_once_per_ami'" [Medium,In progress] https://launchpad.net/bugs/414997
<smoser> right now, the templating system only deals with /etc/default/locale and /etc/apt/sources.list
<smoser> and i disagree violently with erichammond's assertion that we disagree politely.
<smoser> well, ok, i dont.
<erichammond> :)
<erichammond> I have to run, so I won't be able to defend my position, but I think I put most of it in the bug.
<smoser> in the end, i dont think its really a big deal at the moment
<jacovt> mathiaz: Well, I was hoping to do away with the krb5.conf completely, use srv and txt records for DNS to identify the kdc for the domain that is given to the notebook via DHCP (so it will auto lookup the kdc) and then just have pam authenticate agains whatever comes back for the domain. But I dont suppose its that easy.
<smoser> as if you want the stuff re-run in the new bundle, you can just remove the semaphore ".ever" file
<smoser> so maybe i would even agree that the best thing to do is to document *that* and otherwise leave code alone
<mathiaz> jacovt: it should be possible - if you trust your dns system.
<mathiaz> jacovt: I'd have a look at the pam_krb5 documentation and the krb5 documentation
<jacovt> mathiaz: I looked at it, saw a lot about cross-realm auth, but that seems to imply that I need to create trust between the 2 networks, which is nt possible.
<mathiaz> smoser: why not put the ec2 mirror information in /etc/apt/sources.list.d/?
<mathiaz> smoser: ie in /etc/apt/sources.list.d/ec2-mirror
<mathiaz> smoser: and leave the sources.list untouched
<mathiaz> smoser: or empty
<|rt|> hey guys I just mentioned this in #ubuntu but this is probably more server related than desktop related
<|rt|> in this case /etc/init.d/README suggests that you use update-rc.d to add init scripts to runlevels bu the man page for update-rc.d says that users should use sysv-rc-conf or bum should I file a bug to get the README updated to be in line with the man page
<smoser> i tihnk there are several reasonable solutions for /etc/apt/sources.list, and that that is one of them (not one i'd thought of). the bigger problem is more generic, but since we only have 2 files, its not that big of a deal.
<smoser> i think the solution i like best is to change nothing. if the user wants files regenerated after rebundle then they remove the semaphore ("already ran that") files.
<mathiaz> |rt|: on which version of ubuntu do you see that?
<|rt|> mathiaz: on 9.06
<|rt|> or 04
<mathiaz> |rt|: this has already been fixed in karmic - http://manpages.ubuntu.com/manpages/karmic/en/man8/update-rc.d.8.html
<mathiaz> smoser: agreed - supporting a .d/ include mechanism is usually the best way around that
<|rt|> mathiaz: yeah looks like it....then no need to file a bug
<mathiaz> smoser: you drop file in there and you can add comment to not touch it
<smoser> i think even then you still have an issue if the user *wants* to touch it
<smoser> ie, they do not like your selection of a mirror
<mathiaz> smoser: that's fine - they can delete the ec2-mirror file
<mathiaz> smoser: and if the /etc/apt/sources.list.d/ec2-mirror doesn't exist, don't regenerate it
<mathiaz> smoser: if it's there, update it
<mathiaz> smoser: always
<smoser> i think that works reasonably well there.
<erichammond> Who runs keyserver.ubuntu.com? It does not seem to be responding to apt-key commands or to links from launchpad PPAs like http://keyserver.ubuntu.com:11371/pks/lookup?search=0xEC3735E12A0C5C1B98F0CF350EC7E508BE09C571&op=index
<uvirtbot> New bug: #437445 in dhcp3 (main) "No Wired Network Connection: Attansic Technology Corp. Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller (rev b0)" [Undecided,New] https://launchpad.net/bugs/437445
<erichammond> I was about to add commands to my EC2 instance startup (and recommend them to the world) which would require that keyserver.ubuntu.com be available, but if it's not considered a high-uptime server I'll have to adjust.
<mathiaz> Ng: ^^?
<smoser> erichammond, i dont know the correct answer. i've seen it have issues before, but it is a fairly important service
<erichammond> I've been having problems since yesterday or before, but just tracked it down to the keyserver.
<smoser> erichammond, if you agree with my most recent comment in that bug, please go ahead and comment to that affect. if anyone here disagrees with it, do the same.
<smoser> err.. i see your response. hold on.
<erichammond> Eek, what is "127.0.1.1 $hostname" still doing in /etc/hosts in the EC2 template?
<smoser> it doesn't get used
<erichammond> and /etc/hostname
<erichammond> Yes, this is showing up in /etc/hosts on the Karmic Alpha6 AMI: 127.0.1.1 ubuntu.canonical.com ubuntu
<smoser> that file istn used, so we probably should delete it from ect-init to avoid confusion
<smoser> yeah, that gets written by vmbuilder
<smoser> not by ec2-init
<smoser> i thought you had opened a bug at once point, but couldn't find anything
<smoser> you have a reference ?
<erichammond> smoser: Me too
<erichammond> I can't spend time on this right now, but these two files should be fixed/removed.
<uvirtbot> New bug: #388934 in eucalyptus "not applying access authorisation checks" [Undecided,Fix committed] https://launchpad.net/bugs/388934
<smoser> bug 316201 and bug 402273 i find now.
<uvirtbot> Launchpad bug 316201 in ec2-init "Use EC2 DHCP hostname and domain name instead of "ubuntu."" [Undecided,Fix released] https://launchpad.net/bugs/316201
<uvirtbot> Launchpad bug 402273 in ec2-init "ec2 doesnt set /etc/hostname properly." [Undecided,Invalid] https://launchpad.net/bugs/402273
<smoser> and one of those points to bug 407861
<uvirtbot> Launchpad bug 407861 in ubuntu-on-ec2 "ec2-init: ec2-set-hostname should be eliminated, trust DHCP" [Wishlist,Fix released] https://launchpad.net/bugs/407861
<erichammond> smoser: Thanks for the research. So my "eek" was appropriate.  "Fixed" bugs popping up again are the worst.  One reason I like automating tests, especially for previously reported bugs.
<smoser> i dont think it was ever fixed
<smoser> the last comments in bug 407861 indicate that soren wanted to leave /etc/hostname with 'ubuntu' in it. it seems not to have side effects.
<uvirtbot> Launchpad bug 407861 in ubuntu-on-ec2 "ec2-init: ec2-set-hostname should be eliminated, trust DHCP" [Wishlist,Fix released] https://launchpad.net/bugs/407861
<smoser> and for /etc/hosts, soren suggested opening a bug, which never got opened.
<xt3mp0r> Any idea how i can make my tinyproxy(running on my ubuntu VPS) undetectable as a PROXY.. !?!!!?!?
<g-hennux> hi!
<RoyK> hi!!!
<g-hennux> why does the python-vm-builder package have sooo many dependencies? (postfix? mysql? subversion?)
<g-hennux> i don't actually want any of that on my vm server
<RoyK> perhaps the designers thought that was good
<RoyK> it'll just take a handful of megabytes
<RoyK> you can stop the services after they have been started or you can install the stuff by hand - your choice
<xt3mp0r> Any idea how i can make my tinyproxy(running on my ubuntu VPS) undetectable as a PROXY.. i tried looking a manpages..nothing helpful
<sub> xt3mp0r: You probably want to use the "Anonymous" directive, if the config format hasn't changed you add lines similar to: "Anonymous Header1", "Anonymous Header2", "Anonymous HeaderN" where HeaderN is the name of the header you want to ALLOW through
<sub> xt3mp0r: The example my config file has is located here: http://pastebin.com/da341278
<xt3mp0r> sub: Thanks :)
<xt3mp0r> giving it a try now
<jthomas_sb_> Whenever I run any command on a Jaunty server setup I get errors that begin with "perl: warning: Setting locale failed." and there are a few more line.  I can pastebin the whole thing if it matters.  How can I fix this??
<xt3mp0r> sub: I tried it, but didn't help me out.. i can still see the message "Possible Proxy Detected: 1.1 tinyproxy (tinyproxy/1.6.3)" when i go at whatismyip.com :s
<qman__> jthomas_sb_, I probably can't help with that specific problem, but the whole error does matter, every time. You really should pastebin it.
<sub> jthomas_sb_: Try installing the appropriate language pack, ie: sudo apt-get install language-pack-en for english
<jthomas_sb_> i assumed it was a common error since this is a clean install.  here it is: http://pastebin.ca/1583110
<qman__> xt3mp0r, using an alternate port may help
<jthomas_sb_> sub that did it, thanks.
<g-hennux> i am amazed by how much stuff works in ubuntu server "out of the box" concerning virtualization
<g-hennux> e.g. bridging, this dnsmasq thingy etc
<g-hennux> just one thing: i want the dnsmasq server to return some additional hostnames (i.e. it should host the names of the virtual machines). any way to do that?
<xt3mp0r> qman__ : Tried it, still the same.
<sub> g-hennux: I think dnsmasq might parse /etc/hosts for that, so you could try that
<g-hennux> sub: yeah, just read that, thank you
<davmor2> guys quick query on uec node is it meant to just spit the cd and reboot regardless.  Normally the cd is spat out and you're asked if you want to reboot.
<manusoftar> Guys, How do I allow connections from the outside in postfix? I've tried 0.0.0.0/128 though I'm sure I'm doing something wrong.
<manusoftar> Connecting from the localhost is allowd.
<manusoftar> The firewall is set to forward incoming requests to the correct PC, and it's been proven working
<manusoftar> When I do dpkg-reconfigure I'm sure I'm messing up  in that stge
<manusoftar> sed 's/stge/stage/g'
<g-hennux> hi!
<g-hennux> i have a problem with my kvm virtual machines: i'm using this virt-manager and can start them and say "open" and then sit directly in front of the console, i.e. see boot messages etc. however, once the console blanks (after a couple of minutes of inactivity), i get the message "connecting to console for guest", but cannot interact with the vm any more.
<g-hennux> then how is it possible to get this console back?
<g-hennux> i tried "console kvmtest" from the virsh, but get "no console available for the domain"
<g-hennux> ssh'ing still works
<reya276> how can I setup multiple websites on the apache server? I have internal IP addresses which are pointed to a NAT.
<reya276> On IIS I would create the virtual website then assign the IP address and Hostname. On Apache I created a virtual host with the IP address and hostname but the site does not show. Is there additional config which I need to do to a host file of the system or something and if so where can I find this file.
<Daviey> Is the -pae kernel karmic server default?
<jthomas_sb_> reya276 where did you create the apache2 config file?  and, have you linked it to /etc/apach2/sites-enabled/ (or used a2ensite _sitename.com_ ?)
<jthomas_sb_> i meant, linked it to /etc/apache2/sites-enabled/
<reya276> no, I'm new to apache as I've always used IIS
<jthomas_sb_> ok, where did you create the config file?
<reya276> if you could walk me step by step on how to do this it would be great
<jthomas_sb_> i have 5 minutes, but it may be enough
<jthomas_sb_> where did you create the config file?
<reya276> no right now I deleted the virtual host
<jthomas_sb_> ah.  ok... are you running on a command line or with a gui ?
<reya276> the website domain is www.finrcvgrp.com
<reya276> using webmin
<jthomas_sb_> sorry can't help you there then.  i don't know webmin at all but i've heard that it's full of security holes, I don't know for sure though.
<reya276> but I can do command if you give me the command
<jthomas_sb_> there is more to it than that; command line means you know some command-line editors like vim or nano or something.
<reya276> nano
<reya276> I have used that
<reya276> sudo nano /etc/filename
<reya276> on webmin there is a tab which allows me to create a virtual host then I can pastebin for you so you can see what it looks like
<jthomas_sb_> ok so, i have to go but:  use nano to edit a file like this (no quotes) :  'nano /etc/apache2/sites-available/www.finrcvgrp.com '  In that file set up <VirtualHost 123.IP.Add.Ress:80> blah blah documentroot /var/www/folder/to/htdocs/  blah blah </VirtualHost>  Then at the command line run 'a2ensite /etc/apache2/sites-available/www.finrcvgrp.com '  which links that document to /etc/apache2/sites-enabled/www.finrcvgrp.com   Then restart
<jthomas_sb_> apache, 'sudo /etc/init.d/apache2 restart'
<jthomas_sb_> sorry i know that is pretty useless, perhaps someone else can assist you more
<reya276> is ok, thanks
<reya276> jthomas_sb_: I got this error ERROR: No site found matching /etc/apache2/sites-available/www.finrcvgrp.com!
<reya276> but I think is /etc/apache2/sites-available/www.finrcvgrp.com.conf
<jthomas_sb_> hm maybe just  ' a2ensite www.finrcvgrp.com '
<jthomas_sb_> perhaps it looks in the right place and doesn't need to full path
<jthomas_sb_> note that thie really requires that the file exists :)
<jthomas_sb_> to restart apache2 you can also try 'apache2ctl -t' to test, and 'apache2ctl -k graceful' to (re)start the server, reya276
<jthomas_sb_> webmin may not put the apache2 config files in /etc/apache2/sites-available/  i am not sure
<jthomas_sb_> gotta go
<JanC> webmin is evil...
<reya276> no is there but it is called www.finrcvgrp.com.conf
<jthomas_sb_> lol ok use that file name for a2ensite
<reya276> JanC: I understand but I have no experience with command line
<g-hennux> is there any howto what i have to do (concerning port forwarding etc) if i want to have port 80 of my kvm guest be available from the outside of the kvm host?
<jthomas_sb_> reya276 no worry, you'll get there if you want to :)
<reya276> jthomas_sb_: ok that gave me a msg "Site www.finrcvgrp.com.conf already enabled"
<JanC> reya276: learn to use a linux server at home before you put one on-line, and you won't need webmin
<reya276> JanC: I do use Ubuntu at home, just never tried to configured a server before besides this is the time I'm taking to learn it
<reya276> JanC: 3 kids at home and a nagging wife is not a fun time to do this
#ubuntu-server 2009-09-29
<arrrghhh> i'm having pulseaudio issues... i can't run it from the init script and have it work.  the only way i can get pulse to work is when i run "pulseaudio -D".  the init script seems to run pulse OK, but i get no audio.
<incentifit> What user should own /var/www ?
<nick125> Isn't root supposed to own /var/www with www-data having read access?
<Pici> no, it should be www-data:www-data iirc
<nick125> Pici: I didn't think www-data should own /var/www for security reasons.
<incentifit> I have an application, hudson, that I want to allow to write files into /var/www.  root:root currently owns/var/www.  I thought that if www-data was the user that started apache, it should own /var/www and I could just make hudson user a part of www-data group.  Is that the right thing to do?  Surely I should not make hudson part of root.
<elijahwright1> i have a karmic VM in a bad state - on boot, it reports: "mountall:/proc: unable to mount: Device or resource busy"
<elijahwright1> any ideas on how to fix straightforwardly?
<elijahwright1> lrwxrwxrwx   1 root root   19 Jan 29  2009 S17procps.sh -> ../init.d/procps.sh  -- on the currently borken system, that points to a file that doesn't exist rather than to /etc/init.d/procps, which does.  trying a reboot now - hopefully that will fix it up.
<elijahwright1> fudge, still no good.
<smoser> if anyone is interested, https://bugs.launchpad.net/ubuntu/+bug/431103/comments/15 has information on up ami/aki/ari triplets for testing for beta
<uvirtbot> Launchpad bug 431103 in linux-ec2 "ssh host key fingerprint no longer available in the console log" [High,Fix released]
<pjarnahom> Is GUI is supported in server edition
<roxy09> hi there ...somebody know which is the best RAID ARRAY to save emails?
<szczym> helo how i could ls only one, the newest file in in given dir ?
<acalvo> hi
<maxagaz> how to find the last modified files in a directory including its subdirectories ?
<acalvo> I'm getting an opendldap segfault every hour or so
<acalvo> Sep 29 09:43:13 earth kernel: [60901.893100] slapd[28455]: segfault at 0 ip 00007f5f50bc8ee6 sp 00007f5f3ce793d8 error 4 in libc-2.9.so[7f5f50b48000+168000]
<pwnguin> http://it.toolbox.com/blogs/database-soup/ubuntu-server-904-good-and-bad-34446
<atomic_1> bad article
<atomic_1> it doesnt have X, how else are you supposed to configure NICs
<maxagaz> is it possible to check who's the last person who modified a file ?
<atomic_1> well permissions can narrow down the search :)
<atomic_1> maybe you can use use find with mtime and pair it with last
<maxagaz> atomic_1, pair it ?
<atomic_1> the -mtime parameter with find
<atomic_1> and last shows you when the last user logons were
<atomic_1> or if you know the file in question
<atomic_1> see the modification date, see who has +w
<atomic_1> and check their last login times
<maxagaz> how to show the full /path/name with printf in find
<maxagaz> i can't find the option
<maxagaz> atomic_1, thanks
<atomic_1> btw, find has -exec, which i like very much
<atomic_1> though the xargs crowd would disagree ;)
<_ruben> i use xargs, but only because i never bothered to look into -exec (do know of its existence) :)
<uvirtbot> New bug: #438585 in eucalyptus (main) "eucalyptus-nc doesn't start (no more init or upstart script)" [Critical,Fix released] https://launchpad.net/bugs/438585
<GoTo> juego de boxeo online http://www.kobox.org/kobox-fande-Nourine.html
<g-hennux> hi!
<g-hennux> where can i tell the nfs server (and anything needed for nfs) to listen only on a given network interface?
<pmatulis> g-hennux: i don't think you can.  consider iptables/ufw
<g-hennux> pmatulis: ok, thank you
<KSid> hi guys
<KSid> Has anyone managed to successfully install 9.04 on the latest VirtualPC RC?
<KSid> This is on Win7
<KSid> Everytime the installation completes and I try to boot Ubuntu I get segfaults left right and centre
<KSid> I've read a lot of people have had the same problems but didn't come across any proposed solutions
<zul> uh...no and it doesnt sound so serverish
<kwork> anyone managed to install perl Net:IRR on 9.04 ?
<erichammond> jjohansen, smoser: Catching a few hours of sleep.  I doubt I'll be up in time for our meeting in 4 hours.  I'll scan the logs afterwards or we can chat later in the day.
<KSid> zul: Normally use Virtual Server but i as VirtualPC is part of Windows XP Mode of Win7 I thought I'd give it a go
<KSid> I don't know if VirtualServer is even supported on Win7 at the moment but I suppose I should find out
<uvirtbot> New bug: #247310 in vsftpd (main) "vsftpd configuration file should have its own directory" [Wishlist,Confirmed] https://launchpad.net/bugs/247310
 * ttx tests UEC install on 20090929.2
<amin888> so quite in here.........................
<pmatulis> quiet?
<amin888> no.. i mean quiet... english is not my primary language :)
<amin888> just visit here... to find out what others's experience using ubuntu as server
<_ruben> its quite quiet in fact ;) .. differs from time to time though :)
<choop> hi all
<choop> anyone able to help answer a newby question with Ubuntu and Apache?
<Jeeves_> choop: Ask the question, and find out :)
<choop> where is the webapps directory located when Apache2 is installed?
<choop> I want to put a .war file there but can't find it
<Jeeves_> You're mixing Apache2 with Tomcat
<Jeeves_> apache2 does not serve .war files
<Jeeves_> Tomcat does
<choop> okay
<choop> I installed apache2 using apt-get which went sucessfully
<choop> so I need to install something else too?
<Jeeves_> Yes, you would need to install something that runs java
<choop> like the sun jdk?
<Jeeves_> Well
<Jeeves_> there's tomcat
<choop> freenode-connect ; I'm using the web one on webchat.freenode.net
<Pici> choop: freenode-connect is a bot, it automatically does a version request when you connect to freenode.
<choop> thanks Jeeves_ can you recommend a resource to see how to install tomcat?
<Pici> s/bot/network service/
<Jeeves_> choop: 'apt-get install tomcat6'
<choop> can't find that package...   apt-cache search returns only tomcat5.5
<Jeeves_> ow
<Jeeves_> 5.5 it is than
<choop> will I be able to connect 5.5 to apache2 ?
<Jeeves_> If you install mod-jk for apache, yes
<Jeeves_> But really, you should find a howto
<Jeeves_> this isn't very easy stuff
<choop> yep! :-)  am in need of this...
<choop> perhaps I'll try to download and install tomcat6
<incentifit> www-data user apparently doesn't have write access to /var/www, only root.  I have another service, hudson, that needs write access to /var/www.  Should I make hudson a member of root group or should I give www-data permission to write to /var/www and make hudson a member of www-data group?
<amin888> choop, try this howto : http://www.howtogeek.com/howto/linux/installing-tomcat-6-on-ubuntu
<amin888> but i never use tomcat... i'm using php with apache and postgresql
<biczd> ola
<biczd> who know how to see the people connected on vsftpd?
<ttx> smoser: ping
<smoser> here
<ttx> smoser: hey
<ttx> smoser: We don't have UEC/EC2 beta candidates up atm... any ETA ?
<ttx> (or at least they don't show up in the test tracker)
<smoser> i can do that. i didn't realize i was supposed to have them up right now. i'll upload, and get those. process takes ~ 1 hour
<ttx> smoser: I think it's good to have some now.
<smoser> i agree
<ttx> smoser: how automated is the build process ?
<smoser> build process is fully automated. with the exception of updating (bzr pull) the bzr branches that runs the builds.
<smoser> publishing, is what i was working on yesterday and more on today.
<smoser> so, i'm going to pick http://uec-images.ubuntu.com/karmic/20090929/ and publish it
<smoser> ttx, i would like to take a small diversion from the release process that we used  before
<smoser> which could cause some confusion
<smoser> rather than publishing something to a name like canonical-alphas-us/karmic-i386-beta , and making that available for the world to see
<smoser> i would like to publish to canonical-testing-us/karmic-20090929
<smoser> and then when we say "that looks good" to move those over to a more final resting place
<ttx> that sounds logical
<smoser> the issue is that you cannot move without regeneration of ami ids
<ttx> smoser: I don't really like changing the last-minute process, especially if you plan not to be around all day :)
<pjarnahom> how to install GUI in Server
<jacovt> pjarnahom: Try apt-get install ubuntu-server-desktop
<genii> !info ubuntu-server-desktop
<ubottu> Package ubuntu-server-desktop does not exist in jaunty
<genii> Hm
<acalvo> still having a problem with openldap
<acalvo> it segfault
<acalvo> Sep 29 15:16:44 earth kernel: [10469.810861] slapd[4496]: segfault at 0 ip 00007f37ae4a4ee9 sp 00007f37a8db12c8 error 4 in libc-2.9.so[7f37ae424000+168000]
<acalvo> _ruben: ping?
<pjarnahom> jacovt: Do we need any files for that
<ScottK> pjarnahom and jacovt: There is no such thing as a "Server Desktop".  You can sudo apt-get install ubuntu/kubuntu/xubuntu-desktop as you prefer
<jacovt> Yes. My bad. I meant ubuntu-desktop.
<pjarnahom> ScottK:is it willl download any thing
<ScottK> pjarnahom: Yes.  It will download and install all the packages needed that aren't on your system already.
<pjarnahom> ScottK:s but am using in vmware
<ScottK> Also any support questions related to what happens after you install it belong on #ubuntu and not here.
<ScottK> pjarnahom: How does that matter?
<pjarnahom> ScottK:can we use desktop edition for that
<ScottK> I wouldn't know, but that would be a question for #ubuntu
<pjarnahom> ok..
<pjarnahom> k...thank a lot for ur hlp..
<zul> smoser: yo are the beta images up yet?
<smoser> i'm slow, eh
<smoser> almost
<_ruben> acalvo: i have zero experience with openldap (yet)
<acalvo> _ruben: mm thanks
<acalvo> :)
<_ruben> acalvo: its one of many things on my todo list :)
<acalvo> do you know where I can get an updated packages for openldap?
<acalvo> it crashes every hour
<acalvo> I don't think it's the best solution
<acalvo> but may help
<_ruben> if it crashes every hour you should file a bug on launchpad
<acalvo> that's what I was thinking... but I didn't update anything and until yesterday it was working fine
<acalvo> I don't want to fill a bug when, maybe, it some kind of misconfiguration
<Daviey> Meeting ->
<acalvo> well, I've seen there a new update for the server kernel
<bjaspan> erichammond: ping
<bobg> i am setting up a jaunty ldap server using gosa to admin it. I am struggling getting a good schema put together with samba3 + postfix email + gosa extensions. Any advise on how to easily collect the schemas and resolve the dependency problems?
<smoser> hey all, there are beta candiates up on ec2 now
<smoser> http://paste.ubuntu.com/281408/
<smoser> as far as i'm aware, all bugs targetted for beta in ec2/uec images are contained in them: http://tinyurl.com/yazgzzf
<amin888> .
<bobg> smoser: excuse my ignorance but is ec2 the amazon service?  I thought that amazon had a closed set of kernels that you had to use
<ttx> kirkland: if using IP instead of localhost works (like in walrus-registration) you should probably get rid of my ugly sleep 5
<kirkland> ttx: k
<smoser> bobg, sorry for late response.
<smoser> yes, you're right. building and uploading kernels and initramdisk is not allowed for "normal" accounts.
<smoser> but amazon does allow certain accounts to do it. the "canonical" account has access to do this.
<smoser> our kernel team (primarily zul and jjohansen) have produced the most current kernels available on ec2
<jjohansen> smoser, time for EC2 kernel status meeting
<smoser> ok.
<smoser> i've not really got anything, other than, look up and i have kernels published everywhere
<smoser> i guess we can talk here about  my versioning issues
<jjohansen> yeah, just a sec
<jjohansen> I asked rtg to join since he knows that stuff much better than me
<rtg> jjohansen, dude
<jjohansen> rtg smoser has a kernel versioning question
<jjohansen> we are doing the EC2 kernel status meeting
<rtg> smoser, yes?
<smoser> ok. so, we have 2 places that we want to provide kernel binaries and initramdisks
<smoser> on amazon (the linux-ec2 flavour) and on uec-images (the linux-virtual flavour)
<smoser> when i publish something to either of these places, i need a unique name for it.
<smoser> i had intended to just use the version of linux-ec2
<rtg> smoser, doesn't the ABI number make the binary package name unique?
<smoser> but it appears that that isn't enough.
<smoser> the abi number is "300" in 2.6.31.300.0 ?
<rtg> smoser, yes
<smoser> so there will never be another linux-image-ec2 package with version 2.6.31.300.0
<smoser> err.. wait. with version: 2.6.31.300 ?
<rtg> smoser, correct. the ABI change will be 2.6.31.301
<rtg> the next*
<smoser> maybe i'm just foggy on what abi change means.
<smoser> i would not have thought that zul's last patch would cause an ABI change
<smoser> yet, the kernel released was functionally different for me, and i much prever the newer one.
<rtg> smoser, its just an arbitrary number, but since its part of the package name, each time it changes you have a _new_ package name
<smoser> s/prever/prefer/
<jjohansen> ABI is compatability of kernel apis
<zul> it would
<smoser> it would ?
<rtg> zul, the only difference was the console stuff.
<smoser> you're sure? i would have thought it didn't change any signatures or anything that would have caused abi differences
<zul> rtg: ack
<rtg> smoser, so, the first release was 2.6.31.300.1, right?
<rtg> that one had console issues.
<smoser> ok.
<rtg> the next release (a version update only) has the console fix, 2.6.31-300.2
<rtg> (or maybe it was .3)
<smoser> .3
<rtg> have to look at the changelog
<smoser> but no matter
<jjohansen> .3
<rtg> ok, so I don't understand your dilemma
<smoser> hm... well, i gues here is where it started.
<smoser> i wanted to only pay attention to 'linux-ec2'
<smoser> but that is apparently stuck at Version: 2.6.31.300.0
<bobg> smoser: thanks for the info. Do you know of  a stable hardy kernel for xen?  Our hardy server in amazon works but on our own xen server with teh stock xen kernel, we get "stuck cpu" kernel crashes when we load up our application
<rtg> smoser, I think what you really want to depend on is linux-image-2.6.31-300-ec2
<smoser> but then how do i come up with the fairly arbitrary string of "-300" ?
<bobg> the amazon kernel seems to be named after fedora 8 (fc8), but I could not get that kernel to work with ubuntu -- probably needs to have different kernel compile options
<rtg> smoser, uh, you just use it? perhaps you should be depending on the meta package instead.
<jjohansen> bobg: yeah you can't boot ubuntu with a fc8 kernel
<bobg> jjohansen: smoser, so is there a stable xen kernel for hardy?
<smoser> bobg, i'm sorry, i will respond to your questions, just trying to not waste more of rtg's time
<jjohansen> bobg: do you have problems with the one bundled with the hardy ami?
<smoser> rtg, so it will never change ?
<smoser> $ apt-cache show linux-ec2 | grep Version
<smoser> Version: 2.6.31.300.0
<bobg> smoser: np, thanks for letting me know -- I will be around for a while
<rtg> smoser, when next I change the ABI in the ec2 kernel, then I will definitely update the meta package.
<smoser> the 'linux-image' that you suggest i should watch is "linux-image-2.6.31-300-ec2"
<smoser> ok.
<rtg> smoser, actually, I mispoke. you _should_ be using the meta package. what you are currently doing is correct.
<smoser> so then in the future, the meta package would depend on 2.6.31.300.X where X was correct ?
<smoser> right now linux-ec2 depends on
<smoser> Depends: linux-image-ec2 (= 2.6.31.300.0)
<rtg> linux-ec2 _is_ the meta package, and currently depends on linux-image-2.6.31-300
<bobg> jjohansen: yes, when we run our app's batch loading process under xen+hardy it crashes with "stuck cpu".  hardy physical machine is fine and hardy in amazon (with the amazon propriatary kernel) is fine
<rtg> in the future it will depend on linux-image-2.6.31-301-ec2
<rtg> (or whatever the package name is with the new ABI)
<smoser> and there will only ever be released one package of linux-image-2.6.31-301-ec2 ?
<smoser> so i guess the 2 things i'm confused on
<rtg> smoser, there could be multiple versions of that package, as there are already.
<smoser> a.) linux-ec2 currently has a differently formated version than other meta packages (2.6.31.300.0 rather than -300.0)
<rtg> note that changing the ABI creates a new package name, _not_ a new version
<smoser> ok. thats what i thought.
<smoser> so i need to pay attention to the version of the linux-image-ec2
<rtg> smoser, yeah, an updated version likely indicates a new ABI (but not always)
<smoser> i think thats what i needed.
<rtg> smoser, I take it that you're trying to trigger a new AMI build when the kernel changes.
<smoser> my goal is to have something "watch" the archives. and each time a new build for ec2 arrives automatically publishes it and names it uniquely
<rtg> smoser, right. I think kirkland could be of great assistance in the endeavor.
<smoser> rtg, then i'll bother him and stop bothering you
<smoser> sorry for all this
<smoser> i really was just underprepared for asking
<rtg> smoser, np, I learned it the hard way myself
<smoser> so future releases of linux-ec2 will be versioned with '-XYZ.M' rather than '.XYZ.M' right ?
<smoser> that was just a temporary inconsistency ?
<rtg> smoser, nope, it is what it is. the next meta package version will be (for example) linux-image-ec2_2.6.31.301.4 (I think). Note that everything _after_ THE UNDERBAR IS PART OF THE VERSION, NOT PART OF THE NAME.
<rtg> opps
<rtg> caps lock crept in there.
<smoser> ok. why the difference ? was that intended ?
<smoser> bobg, jjohansen is definitely a much better resource than i for such questions.  In his (and everyone's) experience ec2 is a magical place where not everything is as it seems.
<rtg> smoser, likely inadvertent
<smoser> rtg, ok. i think i have all i need. and will bother kirkland for some insight as you suggested
<jjohansen> bobg: I will need to look at it, do you have a bug filed already?
<smoser> bobg, what is "xen+hardy" ? what version of xen dom0, what guest kernel ?
<unimatrix> what would be the best way to limit bandwidth to certain clients on a ubuntu linux router?
<bobg> jjohansen: no, but I saw "stuck cpu" bugs against hardy and assumed it was related. In the xen channel people considered the 2.6.24-xen kernel that hardy uses to be 'buggy' wrt xen
<smoser> rtg, ok. one last query:
<smoser> http://uec-images.ubuntu.com/karmic/20090929/ubuntu-uec-karmic-amd64.manifest
<smoser> shows that:
<smoser>   linux-ec2 2.6.31.300.0
<smoser>   linux-image-2.6.31-300-ec2 2.6.31-300.3
<smoser>   linux-image-ec2 2.6.31.300.0
<jjohansen> bobg: okay, I was actually unaware of that, I haven't actually done anything with the hardy kernel yet
<jjohansen> bobg: I will go have a look at it
<rtg> smoser, ok, looks right
<biczd> ola how to see the people connected on vsftpd?
<bobg> I have relunctantly  moved away from the LTS on to jaunty for production VMs -- I just noticed smoser talking about ec2 ubuntu kernels and thought maybe he would just know of a better xen kernel for hardy
<bobg> jjohansen:
<smoser> rtg, ok. i'l stop bothering you for now
<smoser> i promise this time
<smoser> i guess mailin i was confused because version of linux-ec2 and version of linux-image-ec2 != version of linux-image-2.6.31-300-ec2
<jjohansen> bobg: well we don't have any other kernels for hardy but obviously there are some bugs there that I need to  look into
<smoser> but i think the answer is that they're not necissarily linked
<bobg> jjohansen: don't feel like you have to do anything on this since we have found a solution in jaunty -- I figure the next LTS will be out next year and we will move to that
<rtg> smoser, yes, you have to be careful to distinguish the package name from the version. the meta package stuff can be really confusing until you grok the difference
<Daviey> mathiaz / ttx - http://www.doodle.com/yqturgidix7xx8mq ?
<jjohansen> bobg: well I do need to look into it because hardy is our current LTS
<jjohansen> and is going to be supported for a while
<bobg> I figure it must be a narrow issue that our application happens to bump into since most people seem to not be complaining
<mathiaz> Daviey: cool
<ttx> Daviey: cool
<jjohansen> bobg: yeah
<bobg> jjohansen: I see your point -- I have to go now, but I will file a bug later -- or add our information to an existing bug to help you out
<jjohansen> bobg: thanks
<mathiaz> Daviey: let's use that doodle pool
<mathiaz> Daviey: can you send the link to the ML thread
<Daviey> it is unrepresentative of the fact a meeting is > 1hr.. but i thought it was a good idea for meeting *start time*.. Also i included Weekend.. which is post likely a "no go"
<mathiaz> Daviey: ?
<Daviey> mathiaz: on it
<mathiaz> Daviey: and make sure to specify to update the timezone in the pool
<mathiaz> Daviey: *poll*
<jjohansen> smoser: I don't have anything else to add, can we call the meeting adjourned?
<mathiaz> Daviey: otherwise it will screw things up for every one
<smoser> so are you thinking about config option update sometime soon ?
<smoser> jjohansen, thats the only other nag i have
<jjohansen> smoser: okay, thanks
<smoser> ttx, or mathiaz are you able to update iso tracker ?
<smoser> jjohansen, question above there ^
<Daviey> mathiaz: will do
<mathiaz> smoser: nope
<mathiaz> smoser: IIRC slangasek can
<smoser> there is lots of clicking required for doodle, eh?
<ttx> smoser: ask in #ubuntu-release
<ttx> smoser: also discuss there what would need to be done while you're away in beta day
<smoser> well hopefully nothing
<ttx> smoser: :)
 * ttx drops out of sight, bbl
<Daviey> smoser: It defaults to "not avaliable" so it depends how avaliable you are :)
<smoser> well its not like i have a life outside ubuntu-server.
<Daviey> smoser: Tab and arrows work \o/
<smoser> could have told me that earlier ;-)
<smoser> I'm already in
<Daviey> Hmm, doesn't work that well actually.. :(
<smoser> any eucalyptus folks know if s3cmd will/would work with eucalyptus ?
<zul> smoser: do you have a list of bugs that are suppose to be fixed for beta?
<smoser> http://tinyurl.com/yazgzzf
<mathiaz> smoser: try #eucalyptus?
<zul> mathiaz: ping are you testing the beta?
<mathiaz> zul: yes
<zul> mathiaz: when you do the install can you run tasksel after it looks a bit weird to me
<zul> mathiaz: this is what I get http://people.canonical.com/~chucks/screenshot-tasksel.png
<mathiaz> zul: yeah - that's unsual
<mathiaz> zul: yeah - that's unusual
<zul> mathiaz: im going to open a bug
<zul> i think
<zoopster> smoser: I am 90% sure that s3cmd works with eucalyptus
<smoser> zoopster, per neckro_ " it does but you have to hack it a bit since the authentication in s3cmd assumes that there is not service path"
<zoopster> ah...good to know smoser
<uvirtbot> New bug: #438877 in php5 (main) "php5-librdb broken in karmic (as of Sep 29 09)" [Undecided,New] https://launchpad.net/bugs/438877
<zul> mathiaz: ah already been reported as #438546
<uvirtbot> New bug: #438904 in samba (main) "package samba-doc-pdf 2:3.4.0-3ubuntu4 failed to install/upgrade: error writing to '<standard output>': No such file or directory" [Undecided,New] https://launchpad.net/bugs/438904
<Guest77038> can anyone point in the direction of how to upgrade my kernal?
<Guest77038> I am using a server on rackspace cloud and it has the 2.6.24-24-xen kernal
<Guest77038> dont mistake the ubuntu channel for the ubutnu+1 chan
<garnold_> hello, has anyone successfully scripted the install of sun-java6-jdk
<dendrobates> Guest77038: you cannot change your kernel on the rackspacecloud, at this time.
<garnold_> is there anyway to auto-accept the license when running in non-interactive mode?
<jbernard_> garnold_: have you tried passing '--force-yes' ?
<garnold_> jbernard_: no, i haven't... let me give that a try
<ahe> i'm writing a web ui in python which backups certain directories of a server with tar
<ahe> i don't want the web ui to run as root for obvious reasons but at least for restoring the backups and sometimes even for creating the backups i need super user privileges
<ahe> is there some kind of a best practice for my scenario?
<ahe> i also want my python code to stay flexible so that i can still pass a list of files to backup to a backup function and not have this list hard coded somewhere
<ahe> i think about writing a setuid c program for backup and one for restore that accept a list of directories/files to backup/restore
<ahe> to make this secure they could check from a file only writable by root if those directories/files are allowed and otherwise terminate
<S0ckPants> weird question
<S0ckPants> how do i restart apache
<S0ckPants> can't find any working way
<S0ckPants> ah finally
<S0ckPants> aight, nvm :)
#ubuntu-server 2009-09-30
<golem_> i've installed xubuntu-desktop and i'm having a devil of a time figuring out how to remote desktop
<golem_> i've got a monitor attached
<golem_> vnc4server griefing me
<LisaR> Is there a way to run a mail server using a user id rahter then root?
<LisaR> On Fedora, ran ok, but ubuntu, I get a bind error using the user id.
<LisaR> running in root, it's ok, but now all logs and such come up root
<Jagged> Perhaps run in in a chroot jail?
<LisaR> ok, let me check, I've been using fedora for years, ubuntu for a few weeks, so I'm not too famil with the ubuntu ways.
<Jagged> I'm not saying its the "ubuntu way", its just a way to isolate the server since you were concerned about running it as root.
<LisaR> I realize, just many things I haven't used before such as sudo, update-rc.d vs chkconfig, so on.
<golem_> nevermind, i figured out vnc. not even on topic here
<brohism> So I made some changes to my server's network interfaces today, and now services aren't accessible outside the local network despite my having returned settings to their original state when things were working
<brohism> My server is behind a router, with port forwarding
<brohism> ping is very unresponsive, and seems to hang even when I try to terminate it with ctrl+c
<giovani> `
<kwork> mount.nfs: mount system call failed
<kwork> any ideas how to debug it ?
<S0ckPants> hi all
<S0ckPants> i'm trying to configure an nfs server
<S0ckPants> so far i've edited /etc/exports and /etc/hosts.allow, but i still can't seem to connect
<S0ckPants> here's those two files, and at the bottom what happens when i try to connect (from my mac): http://sockpants.pastebay.org/58128
<S0ckPants> (btw i saw a typo in the ip address, but i fixed that and it had no effect)
<ghostlines> I have a vm running on kvm, i can only access it by typing in it's IP for some reason I can't access it by it's hostname
<ghostlines> anyone have any idea's why this is?
<_ruben> hostnames depend on some form of dns being operational
<SockPants> hi all
<SockPants> i'm trying to get permissions right while configuring my server this time
<SockPants> i've managed to set up nfs so i can access it from my laptop (and only my laptop)
<SockPants> now i want to be able to edit /etc/apache2/httpd.conf from there
<SockPants> i can open it, but my editor says i cannot unlock the file whenever i try to type in it, unless i chmod it 666 on the server. how can i set the permissions so that not -everyone- can write it, but i still can edit it from my laptop
<ara> hello ubuntu-server people!!
<ara> new server ISOs in need of love have been just published
<ara>  i386: http://iso.qa.ubuntu.com/qatracker/test/3137
<ara>  amd64: http://iso.qa.ubuntu.com/qatracker/test/3136
<ara>  please, help us testing the ISOs
<VK7HSE> ara: downloading now! ;)
<ara> VK7HSE, nice :)
<ttx> mdz, kirkland: problem in 20090930.1 with -0ubuntu13, bug 439288
<uvirtbot> Launchpad bug 439288 in eucalyptus "1.6~bzr854-0ubuntu13 fails to run instances" [High,New] https://launchpad.net/bugs/439288
<ttx> Can't seem to workaround it
<ttx> I'll test 20090930 (with -0ubuntu12) and document workaround
<ttx> ara: we might go back to 20090930 for the server ISO.
 * ttx lunches and will test that option in a few
<kirkland> ttx: but registration worke?
<kirkland> ttx: worked?
<ttx> kirkland: it appears to work in the logs
<ttx> kirkland: but apparently that's not sufficient :/
<ttx> kirkland: 1/ you need to restart eucalyptus to make it aware of that registration
<ttx> kirkland: 2/ for some reason the node believes walrus is running locally to the nc
<ttx> kirkland: I tries reregistering and all kind of things with no success
<ttx> kirkland: at that point I'll test 20090930 + manual registration and if that works, make 20090930 the beta candidate
<ttx> at least I think I know how to make that one work
<ttx> the issue being a full UEC test cycle takes a couple hours
<kirkland> ttx: arg, okay
<kirkland> ttx: i swear, i spent 16 hours on this yesterday
<kirkland> ttx: i'm going for run, back in an hour
<ttx> kirkland: we should do a LP group for moral support
<ttx> ~eucalyptus-victims
<VK7HSE> should i stop the current iso's then ???
<ttx> VK7HSE: yes :(
<VK7HSE> ttx ok!
<VK7HSE> silly me deleted previous ones! so I was having to start afresh (DOH)
<ttx> you can rsync back to it :)
<VK7HSE> true, so the iso I was getting was both i386/amd64 for 20090930.1   will there be another build in the next day or so?
 * VK7HSE I assume yes!
<ttx> VK7HSE: my idea is to go back to 20090930
<ttx> if I can make it work
<VK7HSE> o I don't have that iso! on this system due to fresh karmic desktop install (my fail!)
<ttx> VK7HSE: if you have 20090930.1, you can rsync 20090930 on it
<ttx> rsync -tzhhP rsync://cdimage.ubuntu.com/cdimage/ubuntu-server/daily/20090930/karmic-server-amd64.iso .
<ttx> in the directory where you have karmic-server-amd64.iso from 20090930.1.
<VK7HSE> ok!... tnx
<ttx> VK7HSE: note that the test tracker is still pointing to 20090930.1, so if you test, just keep the results for yourself now, and enter them later
<ttx> (if we indeed go back to 20090930)
<VK7HSE> yep understood!
<VK7HSE> FTW the 2 servers I run here are doing well on Alpha6 (updates) ;)
<zul> morning
<ttx> zul: morn
<alexm> ttx: i was trying this server iso and found a problem booting jeos on kvm after install
<alexm> should i report it as a bug or it's better for me to wait iso rollback to previous one?
<alexm> ara: ^^
<ttx> alexm: If you wait 20 more minutes i'll be able to say which on e is the beta candidate :)
<zul> which iso should i be testing?
<ttx> zul: test the EC2 images
<ttx> those won't move :)
<zul> k
<alexm> ttx: okay, but i'm leaving right now, i'll catch up with you later
<ttx> alexm:  ok
<alexm> thanks
<ttx> looks like this one is working...
<ttx> hmm. no
<ttx> aw, come on...
<unimatrix> how do i limit bandwidth speed to every client except some exceptions?
<ttx> bah
<ttx> ok, we are back at testing 20090930
<ttx> I can get that one to run instances, minor some k,nown caveats
<unimatrix> where can i get some help with /sbin/tc ?
<zul> ttx: yay!
<ttx> hmmm, yay.
<mdz> ttx, kirkland, I guess we're at a point where we should be looking for workarounds to document rather than solutions, as we need to move ahead with testing
<ttx> mdz: yes, see my very recent email
<mdz> if we have to add one or two additional manual steps, that's what we'll have to do
<error404notfound> i keep getting [alert] (40)Too many levels of symbolic links: Can't chdir to /var/www and then apache terminates when i followed http://www.howtoforge.com/chrooting-apache2-mod-chroot-debian-etch to implemented chrootdir
<mdz> ttx, I'm still at the QBR and not able ot keep up with mail or IRC, so just checking in
<ttx> mdz: we are reverting the candidate to 20090930
<ttx> which works with manual registration
<ttx> or rather "can work"
<mdz> ttx, do you know what broke in 20090930.1?
<ttx> mdz: Not exactly, see bug 439288
<uvirtbot> Launchpad bug 439288 in eucalyptus "1.6~bzr854-0ubuntu13 fails to run instances" [High,New] https://launchpad.net/bugs/439288
<ttx> everything registers correctly (as far as the logs tell)
<ttx> but then the NC seems blocked on downloading stuff from 127.0.0.1
<ttx> mdz: eucalyptus is very very sensitive, touch it there, it will break somewhere else. And its difficult to reveal flaws without a complete install + instance run
<ttx> mdz: so yes, let's work from a known half-broken-with-workarounds state
<smoser> ttx, so 20090929 had issues ?
<ttx> mdz: to debug the registration, we need multiple people doing full cluster+node+instancerun tests
<ttx> smoser: I had a kernel boot issue, trying UEC beta candidate + local kernel, local ramdisk
<ttx> I have yet to try UEC beta candidate + kernel/ramdisk you provide
<smoser> hm... well there absolutely shouldn't be any difference in the kernels
<smoser> the initramdisk i guess its possible, but i wouldn't have thought so
<smoser> so was there something wrong with the 20090929 ? or did you just pick 0930 because its newer ?
<smoser> just wondering because i think it'd be nicer if ec2/uec were the same, but not terribly a big deal.
<ttx> no, 20090929 is the candidate on the UEC side
<ttx> 20090930 is the candidate on the servre ISO side
<smoser> oh. i see. so ara referred to iso
<smoser> sorry for confusion
<ttx> smoser: apparently it can't find the ramdisk in my test
<error404notfound> anyone?
<smoser> can't find ramdisk or cant find rootfs
<ara> cjwatson, migration didn't turn out that well: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/439306
<uvirtbot> Launchpad bug 439306 in ubiquity "Migration assistant didn't migrate Firefox bookmarks" [Undecided,New]
<ara> cjwatson, sorry wrong channel
<cjwatson> ara: ->evand anyway :)
 * cjwatson doesn't really do m-a
<ttx> everyone, we are testing the 20090930 server ISO, which doesn't appear on the test tracker yet
<smoser> error404notfound, i have to guess that your /var/www is a symlink that causes recursive symlink. at least somewhere down there it is.
<ttx> smoser: is there a way to tell which eri an emi is using ?
<smoser> $ mkdir /tmp/aa && ln -s ../aa /tmp/aa && find /tmp/aa -L
<smoser> describe-images should output it
<ttx> ah
<smoser> and then you can download it also . download-bundle
<ttx> smoser: http://pastebin.ubuntu.com/282153/
<ttx> smoser: doesn't show the link between emi and eri/eki
<error404notfound> smoser, according to that tutorial provided in my last message, my directory tree is: http://pastebin.com/m7b5aef8d
<smoser> ttx, when you bundle'd the image, you have to specify the kernel, or you dont get one
<smoser> ttx, hold on, checking somthing
<ttx> smoser: I /did/that
<ttx> I think.
<smoser> ttx: http://pastebin.ubuntu.com/282159/
<smoser> bug in euca2ools
<uvirtbot> New bug: #438395 in libvirt (main) "virsh crashed with SIGSEGV in virDomainCreate()" [Medium,New] https://launchpad.net/bugs/438395
<ttx> smoser: well, maybe not, maybe I failed when I registered them
<smoser> ttx, its a bad paste (first ec2 line is 2 lines)
<smoser> http://pastebin.ubuntu.com/282160/
<smoser> ttx, no.
<ttx> smoser: file it while its not moving too much
<smoser> the snippet in my output is from euca2ools looking at ec2
<smoser> so i know the issue is with euca2ools.
<ttx> ah
<ttx> I ran --ramdisk $EKI apparently
<ttx> hmm, I did not
<ttx> I guess $ERI was wrong then
<smoser> ttx. no. they dont show it. its a bug in euca2ools
<jdstrand> ttx: I noticed in #ubuntu-meeting that 20090930.1 should maybe be invalidated on server. does that mean I should test 20090930?
<smoser> http://paste.ubuntu.com/282167/ demonstrates that more.
<ttx> jdstrand: yes. Its been removed from the tracker
<smoser> i can open a bug if you'd like
<ttx> jdstrand: and now current points to 20090930
<jdstrand> ttx: ok, thanks
<ttx> jdstrand: pitti is struggling to put 20090930 on the tracker
<jdstrand> http://iso.qa.ubuntu.com/qatracker/info/3126 seems to still be around
<jdstrand> though, I haven't tried to grab the iso yet
<jdstrand> the iso is there...
<ttx> smoser: cannot hurt
<smoser> ttx, maybe there is some other way you can list it in euca
<jdstrand> ttx: and btw, you can disregard my euco/dhcpd3/apparmor question from yesterday. apparently I fixed it already ;)
<ttx> jdstrand: cool, one less issue to think about :)
<smoser> one way is (hopefully) to use ec2tools and point them at your uec
<ttx> jdstrand: yes, but it doesn't show up in the test list ?
<jdstrand> ttx: I'm just looking at the email I got and things seem ok there
<jdstrand> (so far)
<zul> so 20090929?
<ttx> server ISO = 20090930
<jdstrand> I thought we said 20090930
<zul> k
<ttx> UEC/EC2 = 20090929
 * zul go test the server iso
<jdstrand> this is somewhat confusing, but I know what I am supposed to do... :P
<zul> riiight ;)
<jdstrand> ttx: I see what you mean now-- the http://iso.qa.ubuntu.com/qatracker/build/ubuntuserver reports don't list 20090930
<smoser> bug 439366
<uvirtbot> Launchpad bug 439366 in ubuntu "euca-describe-images does not show kernel and ramdisk for an image" [Medium,Confirmed] https://launchpad.net/bugs/439366
<ttx> smoser: get-console-output booting UEC image candidate with kernel/ramdisk from uec-images.ubuntu.com
<ttx> http://pastebin.ubuntu.com/282176/
 * ttx checks that it works with the ones taken directly from the cluster node
<smoser> ttx, could you point me at an initrd that works for you?
<ttx> smoser: I'm testing that right now
<ttx> rebundling...
<ttx> smoser: could you run the "EC2 rebundle test" for the UEC images ?
<smoser> on uec? or can i run it on ec2
<ttx> smoser: see "Image run on EC2" at the bottom of http://testcases.qa.ubuntu.com/System/CloudImages
<ttx> That's the "Install (EC2 Single Instance)" test for UEC images
<smoser> yeah, no problem
<smoser> i can do that.
<ttx> zul: could you test the europe AMIs ?
<zul> am i missing 20090930 server iso doesnt seem to be on the tracker
<zul> ttx: already tested
<ttx> you know Quebec is almost part of the UE
<ttx> ah cool
<zul> ttx: wha quebec?
<ttx> zul: :-)
<zul> ttx: i know euca might be frying your brain but are you on crack? ;)
<gamla_kossan> how come the new release of ubuntu will ditch pidgin in favor of empathy?
<gamla_kossan> anyone have a clue?
<Pici> gamla_kossan: This channel is more for server issues.  #ubuntu+1 might be a better place to discuss that.
<gamla_kossan> right
<gamla_kossan> just htought anyone in here might have a clue
<gamla_kossan> =)
<VK7HSE> is anyone having any issue with "Abort pclzip.lib.php : Missing zlib extensions"  zlib1g is installed but not working any ideas ????
<VK7HSE> !info zlib1g
<ubottu> zlib1g (source: zlib): compression library - runtime. In component main, is required. Version 1:1.2.3.3.dfsg-12ubuntu2 (jaunty), package size 73 kB, installed size 168 kB
<zul> VK7HSE: please open a bug report with a sample code so it can be reproduced please
<VK7HSE> ok, its affecting my WordPress currently :(  (WP is installed from source!)
<ttx> ok everyone, we have a 20090930.2 (which is the same as 20090930) on the tracker now.
<ttx> any test you ran on 20090930 can be reported here. Just doublecheck you have the right md5sum
<ttx> amd64: fe689dd00226614e6da55d69928b1951
<ttx> i386: 	bde35e2c4ff8d238c6562eb7fb55735e
<VK7HSE> are there any predefined tests for zlib1g ?
<twb> VK7HSE: testing it for what?
<VK7HSE> I just want to get some verbose output for zlib is all ... I'm having an issue where WordPress (installed from source) is claiming that zlib extentions aren't installed/enabled
<twb> Probably you need to install a PHP-zlib bridge.
<twb> Not that I would recommend using either WordPress or PHP...
<error404notfound> i read that to secure my web deployments, every web application should run under its own vm and tools, how can i do this? do i need xen-vms? chroot+debootstrap based ubuntu installs?
<twb> error404notfound: the recommended virtualization technology for Ubuntu is KVM.
<VK7HSE> twb ok well I'll do my best to get something that hopefully will be usable!
<error404notfound> twb, yes, but is that the solution for running multiple web application, each in its own sandbox?
<ttx> \o/ instance run !
<twb> error404notfound: virtualization is a means for running ARBITRARY software in separate sandboxes.  I do not see why web applications would be any different.
<twb> error404notfound: however, I caution you not to believe everything you read.
<error404notfound> twb, hmm, and why not? :P
<twb> error404notfound: because people can lie
<error404notfound> twb, whats your opinion over this?
<twb> I would prefer to secure web apps by not running them in the first place.
<error404notfound> twb, thats a great idea. :D
<twb> But if you simply have to have your crappy NIH'd NeWS infrastructure, running each app in a separate VM is probably a good rule of thumb.
<VK7HSE> twb: Hmm... I fail to see your logic! if all is insecure? why bother? or enlighten me to your reasoning... ;)
<twb> VK7HSE: "security" is not a binary property.
<twb> For example, your server is more secure (against some attacks) if it is surrounded by armed guards, than if it is not.
<VK7HSE> right! :-/  anyway you have your reasons I respect that! ;)
<ttx> smoser: so I have a ramdisk that works
<twb> If you don't run a service, that service can't be attacked.
<ttx> smoser: /boot/initrd.img-2.6.31-11-generic from the server install itself
<VK7HSE> twb: but there has to be a compromise between Fort Knox to say the play park!  anyway I now see what you meant! ;)
<smoser> can you just put that somewhere ?
<smoser> theres no reason to mismatch
<ttx> smoser: uploading
<smoser> just being careful because i didn't do anything (*anything*) special to create the initrd. i just pulled it from the image where it was created by insall of -virtual (hm.... maybe thats it)
<smoser> you probably used -server
<twb> A VM's ramdisk won't necessarily be appropriate for general-purpose use.
<jdstrand> ttx: 20090930.2 just floated in. is this what I should be using now?
<ttx> its the same as 20090930
<twb> (Dunno if I'm following the conversation aright.)
<ttx> just a hack since the tracker wouldn't allow going back
<jdstrand> ttx: ok cool
<ttx> smoser: uploading
<smoser> twb, well, its almost the other way around.
<smoser> when doing vmbuilder builds of the ubuntu uec images, i installed the -virtual package and collect its generated initramdisk
<smoser> when ttx uses that ramdisk, he fails to boot in kvm.
<smoser> when he uses his from /boot on his server system, it works.
<ttx> smoser: http://people.canonical.com/~ttx/initrd.img-2.6.31-11-generic
<smoser> thanks. i'll look at differences.
<smoser> ttx, stupid question, but that is i386 right
<ttx> no, amd64
<ttx> smoser: ^
<smoser> k
<ttx> kirkland: please also see bug 439251, if you want to dig into autoregistration further
<uvirtbot> Launchpad bug 439251 in eucalyptus "Eucalyptus restart is needed after autoregistration of components" [High,Triaged] https://launchpad.net/bugs/439251
<VK7HSE> Bug #439407
<uvirtbot> Launchpad bug 439407 in zlib "Abort class-pclzip.php : Missing zlib extensions" [Undecided,New] https://launchpad.net/bugs/439407
<ttx> smoser: filed bug 439415
<uvirtbot> Launchpad bug 439415 in vm-builder "Bundling UEC image with provided ramdisk results in an EMI that fails to boot" [Undecided,New] https://launchpad.net/bugs/439415
<uvirtbot> New bug: #439410 in eucalyptus (main) "Instances from fresh EMIs sometimes fail to start" [Medium,New] https://launchpad.net/bugs/439410
<twb> smoser: well, KVM emulates an entire system, not just presenting a vserver/xen-style specialized environment to the kernel.
<twb> smoser: so maybe -virtual is not meant for kvm?  I don't know.
<smoser> -virtual is intended for kvm. so its a bug we need to fix.
<kirkland> ttx: does a .1 iso exist anywhere?
<kirkland> ttx: i really want to start my testing based on 13
<ttx> ask on release if there is a way to retrieve it
<ttx> I have one copy but uploading it with my 10k/s should take approximately 1 week
<kirkland> ttx: are you still trying to fix registration too?
<ttx> kirkland: no. I'm trying to document known issues
<ttx> kirkland: saw mdz's last email ?
<ttx> kirkland: I'm trying to translate my experience into filed bugs and test reports
<ttx> (on iso.qa.u.c)
<uvirtbot> New bug: #439415 in vm-builder (universe) "Bundling UEC image with provided ramdisk results in an EMI that fails to boot" [Undecided,New] https://launchpad.net/bugs/439415
<ttx> kirkland: there are still plenty of testing to do to make sure we identified all the known issues
<ara> ttx, is it worth it to test .2?
<ttx> yes, that should be the final
<ara> ttx, ok, thanks
<smoser> ttx, finished the rebundle test.
<smoser> ttx, i'm going to work now on getting the ec2 image into its beta resting place (rather than canonical-testing).
<smoser> you are not aware of any thing that would stop our use of the current published amis, right?
<smoser> the bug you just opened is all i see, and wouldnt' think it blocks beta
<ttx> AMIs are ok
<ttx> smoser: its the rtamdisk I'm concerned about
<ttx> smoser: if bug 439415 can't be fixed, I think we should pull them
<uvirtbot> Launchpad bug 439415 in vm-builder "Bundling UEC image with provided ramdisk results in an EMI that fails to boot" [Undecided,New] https://launchpad.net/bugs/439415
<smoser> :-(
<ttx> smoser: did you record the result of your rebundling test on the tracker ?
<smoser> i think so
<ttx> smoser: doesn't appear
<ttx> http://iso.qa.ubuntu.com/qatracker/result/3135/359
<ttx> http://iso.qa.ubuntu.com/qatracker/result/3134/358
<ttx> ah, it's the wrong test you filed
<ttx> look at "Install (EC2 Single Instance)"
<smoser> i'm consued
<smoser> that single test page that lists all the tests is the source of my confusion
<smoser> (http://testcases.qa.ubuntu.com/System/CloudImages)
<smoser> at that above url, i did: "Image run on EC2"
<smoser> ttx, bug 439415 certainly "can't be fixed" in without re-spinning images.  it is possible that it is only vmbuilder changes that could solve it, but even then you'd have to assume that the changes you made to the image so that the initramfs got fixed did not affect other things
<uvirtbot> Launchpad bug 439415 in vm-builder "Bundling UEC image with provided ramdisk results in an EMI that fails to boot" [Undecided,New] https://launchpad.net/bugs/439415
<ttx> I'm fine with respinning the UEC candidates... if we are sure it fixes the issue
<ara> hey zul_, thanks for helping testing the ISO images!
<ttx> kirkland: is my last email to -devel reasonable to you ?
<zul_> ara: no problem
<smoser> ttx, so you're saying in that case, you'd respin UEC candiates, but not ec2
<smoser> right?
<ttx> hmmmm
<kirkland> ttx: looking
<ttx> We could respin EC2... the thing is I'm not comfortable with respinning now. Especially with the amount of testing left todo
<ttx> and if you're away part of tomorrow...
<ttx> that sonds like a bad idea
<ttx> I have yet to tset UEC on i386
<kirkland> ttx: your email is reasonable
<ttx> which should take me the rest of today and tomorrow morning
<kirkland> ttx: i don't know that we can rely on mdz to see your note and make a decision in time, though
<ttx> kirkland: ok, mdz might disagree though, so watch that space
<ttx> I pinged him on IRC, fwiw
<kirkland> ttx: it's likely you'll just need to make the call
<ttx> tomorrow morning, I will.
<kirkland> ttx: dan is going to dial into my system and we'll debug it
<ttx> (if nobody else made it before me)
<kirkland> ttx: sounds like keybuk might help fix our upstart scripts too
<ttx> kirkland: hopefully you'll reproduce it, otherwise you'll really hate me for the whole thing :)
<mathiaz> kirkland: ttx: good morning!
<ttx> I so wanted it to work, I tried, I promise :)
<smoser> ttx, my away tomorrow shouldn't really affect things. i'll be back by noon eastern. we've not been releasing till ~ 5:00 pm eastern. if there everything is ok, 5 hours is plenty of time to get things together.
<ttx> mathiaz: ready to test 20090930.2 ?
<mathiaz> ttx: only at .2?
<ttx> its badly needing your magic test coiverage
<ttx> mathiaz: yes, I've been slacking, sorry
<mathiaz> ttx: I was expecting at least .42!
<mathiaz> ttx: my test magic won't cover eucalyptus though
<ttx> mathiaz: I take care of that. amd64 done, i386 tomorrow
<ttx> smoser: you didn't check the right box on UEC image testing
<ttx> smoser: its the "UEC / Install EC2 Single Instance" that you should have checked
<ttx> <ttx> http://iso.qa.ubuntu.com/qatracker/result/3135/359
<ttx> <ttx> http://iso.qa.ubuntu.com/qatracker/result/3134/358
<mathiaz> ttx: what has changed between 20090930 and 20090930.2?
<ttx> nothing. It's the same ISO
<ttx> same md5sum
<ttx> copy
<mathiaz> ttx: ah
<ttx> you can copy your test results
<mathiaz> ttx: now that explains why rsync was so fast
<ttx> :)
<mathiaz> ttx: ok - amd64 is done then
<ttx> kirkland: i'll go into more details in bug 439288, hopefully that will help
<uvirtbot> Launchpad bug 439288 in eucalyptus "1.6~bzr854-0ubuntu13 fails to run instances" [High,Triaged] https://launchpad.net/bugs/439288
<mathiaz> kirkland: bug 438602 - Fixed?
<uvirtbot> Launchpad bug 438602 in eucalyptus "Autoregistration of eucalyptus-cc sometimes fails" [High,Fix released] https://launchpad.net/bugs/438602
<smoser> ttx, are you opposed to me changing the header in the wiki doc at http://testcases.qa.ubuntu.com/System/CloudImages such that it corresponds to the name of the test ?
<smoser> s/corresponds to/is the same as/
<ttx> no
<kirkland> mathiaz: yes, i believe it's fixed, but it breaks something else
<kirkland> mathiaz: in ttx's testing, he wasn't able to get instances to run
<marshall> how do i check the time on my server from the terminal?
<mathiaz> kirkland: so it wasn't a problem with upstart?
<kirkland> mathiaz: however, in that patch, eucalyptus proclaims in the logs that all 3 components were successfully registered
<ttx> mathiaz: there probably still is an issue in upstart
<kirkland> mathiaz: well, there are likely upstart problems, too
<kirkland> mathiaz: for one thing, i'm confused why all 3 registrations try to happen simultaneously
<mathiaz> kirkland: walrus and cc should be happening at the same time
<kirkland> mathiaz: you can ps -ef | grep wget and see that all three are looking for the service running, at the same time
<mathiaz> kirkland: sc should follow cc though
<mathiaz> kirkland: right - I saw something similar when purging the packages
<mathiaz> kirkland: it takes 5 minutes to purge the eucalyptus* package
<kirkland> mathiaz: hmm, really?  i haven't seen that...
<mathiaz> kirkland: eucalyptus-common purging blocks for a long time
<Keizer> All Ubuntu server editions have PAE?
<Keizer> I thought PAE shows up when you type uname -a
<skrite> lo there all
<ttx> kirkland: btw, to fully fix autoregistration you also need to fix bug 439251, which is tricky as well
<uvirtbot> Launchpad bug 439251 in eucalyptus "Eucalyptus restart is needed after autoregistration of components" [High,Triaged] https://launchpad.net/bugs/439251
<ttx> one of the reasons I let it go
<ttx> kirkland: added some comments to bug 439288
<uvirtbot> Launchpad bug 439288 in eucalyptus "1.6~bzr854-0ubuntu13 fails to run instances" [High,Triaged] https://launchpad.net/bugs/439288
<kirkland> ttx: i just got my cloud running the .2 iso now
<ttx> kirkland: instances running ?
<kirkland> ttx: haven't tried yet
<kirkland> ttx: i'm waiting for dan
<ttx> ah .2
<ttx> not .1
<kirkland> ttx: we're going to take it from here
<kirkland> ttx: i can't get ahold of a .1 iso
<Keizer> Man I got an ubuntu server VM running with 16GB of RAM and four Xeon 2Ghz CPUs and vim kills it lol
<Keizer> And the VM is hosted by VMWare which is crazy
 * zul lunches
<Keizer> I'm thinking it's because the vm is i686 and I didn't see the PAE listed when I did uname -a
<ttx> kirkland: the tricky part is, to fully validate the fix you need an ISO burned.
<Keizer> Either that or that machine is on it's way out =(
<ttx> since what you test is the install from installer > reboot > start > autoregister path
<cocoa117> how to install Chinese fonts into headless ubuntu-server? At the moment, cli only show <E9><95>rather then real character
 * ttx disappears...
<ttx> I'll be back.
<skrite> hey all, i am needing some hardware advice. Our company has outgrown our web service and we need hardware. We run mysql backed apache and ruby rails. We have been looking at poweredge and blade servers but i need help.
<skrite> our site is not like most, we have light read loads but heavy heavy write loads.
<giovani> skrite: ok, can you explain a bit about your write load?
<skrite> we take in info from machines in the field, we process this into the data that tells the machines to do this or that, and we have a website where the info and processes are displayed.
<alexm> ttx: server iso rollback been performed?
<ttx> alexm: 20090930.2 = 20090930
<skrite> so the machines are writing history info all the time ( about 12 records inserted per second average)
<giovani> skrite: ok, so is the data that's being written heavily db-based? files? all at once? millions of individual transactions?
<giovani> oh, 12 records per second is not very much
<alexm> ttx: thanks, i'm starting this morning test again
<skrite> giovani, we are using MySQL for the records writing.  Another heavy load is that when a customer hits a page, it does calculations on thousands of rows adding this and that to create graphs, etc.. so the data writes are expensive and display of data is also a lot of work between ruby and the database
<skrite> the reason i am asking here is that most tutorials and info i am finding are relating to websites where lots and lots of reads are done and the need is for fast html serving. That isn't really what we need.
<giovani> skrite: so, mysql is a pretty awful database compared to others in performance
<giovani> skrite: if you're looking for something FOSS -- then postgresql is the way to go
<giovani> it's tunable, and can perform far better than mysql
<skrite> did NOT know that
<skrite> OK, definatly look into that.
<giovani> that's not to say that MySQL won't meet your needs
<giovani> it sounds like your needs aren't actually very high -- despite what you think
<giovani> disk i/o limitations are static between software, obviously -- postgres is a bit smarter about storage, etc, but ultimately, if disk i/o is your limitation, then you need to work on addressing that first
<skrite> what we are using now is a poweredge from Dell, 4 dual core Xeon with 8 GB RAM ( i know, that isn't much )
<skrite> ok
<rtg_> jjohansen, have you discontinued the AA kernel meetings?
<jjohansen> rtg_: no
<rtg_> did I just miss it today?
<giovani> skrite: none of the specs you listed relate to disk i/o
<jjohansen> rtg_: hrmm, my calendar didn't throw up a notice this morning
<skrite> giovani, we thought of clustering a few machines, but did not know if the trade off of just using a more powerfull ( newer ) server would be preferable.
<skrite> ok
<jjohansen> rtg_: nope, it didn't happen
<giovani> skrite: you seem to be confused about what "power" it is that you need
<skrite> giovani, exactly
<giovani> skrite: you've made no mention of current cpu usage
<Barre> according to tldp.org a bash script should return a zero on successful completion, but there are some exeption. My question is, what are those exceptions? When is, let's say exit 3 in a script a "bug" or an exception?
<rtg_> jjohansen,  is there any reason to continue it? seems like things have settled.
<Maleko> in ubuntu we use authorized_keys or authorized_keys2 ?
<Maleko> default one
<giovani> why would you think you need to cluster machines together?  do you have data that shows that you're using your current cpu heavily?
<jjohansen> rtg_: no, there really isn't
<Maleko> ssh key i mean
<jjohansen> rtg_: we just hadn't officially done that
<rtg_> jjohansen, ok, I'll notify Pete and mdz that it no longer seems necessary.
<jjohansen> rtg_: okay, thanks
<jjohansen> smoser: do you have any objections to dropping the daily EC2 kernel meeting?
<skrite> giovani, our processors are (on and off) working pretty hard. We run some scripts from cron that do some calculations and error checking on the machines, and they can run pretty heavy.
<skrite> by heavy, i mean that they peak out one or two cores for several seconds
<giovani> skrite: ok, do those cron jobs need to run quickly? i.e. would it be a problem if they were prioritized low, and then took more than a few seconds? if not -- I don't see any evidence that you have cpu utilization problems
<skrite> giovani, a few of the processes need to run fast, but most can be drawn out.
<smoser> i was going to suggest that today
<smoser> jjohansen, to give you more time to get me a kexec kernel :)
<jjohansen> :)
<zul> i swear to god I can do these installs in a language other than english now
<skrite> ok, what situation would cause someone to set up like a rack or blade server system instead of using a more powerful server computer?
<skrite> giovani, gotta admit, i kinda want to cluster some machines just because it would be cool to learn. But that is my own geeky trip
<kirkland> mathiaz: what did you use to get verbose upstart debugging at boot in your syslog?
<kirkland> mathiaz: my irc logs are failing me
<mathiaz> kirkland: https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/438602/comments/6
<uvirtbot> Launchpad bug 438602 in eucalyptus "Autoregistration of eucalyptus-cc sometimes fails" [High,Fix released]
 * sbeattie wonders why samba is reporting that smbd is reloading smbd.conf every 5 minutes to the console.
<kirkland> mathiaz: thx
<genii> sbeattie: Do you have logrotate for samba logs set for every 5 minutes?
<sbeattie> genii: nope; this is a stock karmic install from the beta server iso.
<zul> sbeattie: hmmm?
<genii> sbeattie: I'd probably file a bug then
<zul> sbeattie: smbd is doing what?
<sbeattie> zul: something is triggering smbd to reload its config file every 5 min.
<zul> sbeattie: hmm...i suspecting its dhcp
<incorrect> i am having a mental breakdown, i can't remember how to apt-get  install a package dependencies
<chmac> incorrect: You're installing a package from disk?
<incorrect> oh build-dep
<incorrect> there we go
<chmac> I have fuse-utils installed. Any idea why `modprobe -l fuse` returns nothing?
<genii> chmac: You mean: modprobe -l | grep fuse              ?
<chmac> genii: Both return nothing, is `modprobe -l fuse` not valid?
<chmac> genii: I think llutz on #ubuntu said it's part of the kernel so there's no longer a module
<zul> sbeattie: can you do a ls -R /etc/network please?
<sbeattie> zul: http://paste.ubuntu.com/282339/
<zul> sbeattie: is this the server iso?
<sbeattie> zul: it is
<zul> sbeattie: this is odd
<sbeattie> zul: it does seem to correlate nicely with dhcp client activity
<zul> sbeattie: yeah but why is that happening,
<genii> Perhaps your lease time is screwy
<zul> can you try disabling apparmour?
<sbeattie> zul: apparmor disabled, still seeing the messages.
<zul> thats what I thought
<zul> sbeattie: can you post the contents of your /var/lib/dhcp3/dhclient.eth0.leases as well?
<sbeattie> zul: http://paste.ubuntu.com/282363/
<genii> Interesting, netboot
<zul> sbeattie: option dhcp-lease-time 600;
<zul> this is what I have in mine option dhcp-lease-time 604800;
<sbeattie> right, this is a test lab, the lease times are AFAIK intentionally tuned low, so that machines can come and go quickly.
<zul> yeah so its dhcp doing that but im not sure where its restarting samba though
<genii> I think smbd hits the lease expiry, has some internal check for lost IP and restarts
<mathiaz> zul: I've seen something similar with sshd and mysqld as well. It seems that the networking subsystem sends a HUP signal when the dhcp lease is renewed
<zul> yeah same here
<zul> sbeattie: can you add the messages in syslog when it happens as well
<zul> mathiaz: its a regression in my eyes
<mathiaz> zul: well - was jaunty doing the same ting?
<mathiaz> zul: *thing*
<zul> mathiaz: i cant be sure
<zul> i just see more dhcp/samba bugs about more now
<sbeattie> mathiaz: give me a little bit and I can see if I can reproduce on jaunty.
<mathiaz> zul: well - a lot the bugs are related to remove filesystem share access via samba and NM
<mathiaz> zul: *remote*
<zul> true
<sbeattie> mathiaz|zul: okay, I'm seeing it in my jaunty instance as well.
<mathiaz> sbeattie: hardy?
<zul> /etc/dhcp3/dhclient-enter-hooks.d/samba is the one doing it
<zul> which is samba-common.dhcp
<sbeattie> mathiaz: doesn't look to happen in hardy, but I also got a permission denied error reported from dhclient on trying to write the leases file.
<zul> mathiaz, sbeattie: shouldnt it only reload if it gets a new IP address?
<mathiaz> zul: yes - that makes more sense
<zul> guys i might have a fix
<zul> sbeattie mathiaz: does this look reasonable to you? http://pastebin.ubuntu.com/282402/ the thinking behind it after the IP address becomes bound again check the old against the new and restart it if they are different
<mathiaz> zul: look good to me - did you test it?
<zul> mathiaz: yep did a smbclient -L localhost before and after
<zul> ill add it to the 3.4.1 stuff im doing
<unknown__user> hi, i was wondering if there is really a significant difference between server hard disks and normal hard disks, because the price difference is almost ten times...i'm asking this because i want to add normal disks to a server, in a RAID 1+0 config, so if a disk fails, no data is lost, and i can replace it ten times before the solution gets more expensive than using server disks.
<qman__> unknown__user, There is a difference between consumer grade and professional grade disks. What is your application, and what disks were you considering?
<genii> unknown__user: Usually the difference is server drives are something like SCSI versus IDE or SAS vs SATA, also rated high times between failures
<unknown__user> qman__:it's going to backup data, and i was considering the Seagate Barracuda 3.5" 1 TB, SATA2 3Gb/s
<unknown__user> with 32 MB cache
<qman__> unknown__user, if it's a low to moderate I/O application, those should do just fine
<qman__> normally you need better disks for things like database servers
<qman__> I have a SOHO file server that, among other things, supports daily backups from a few machines
<qman__> it uses 500GB SATA seagate drives, and I've been running it for over a year without issue
<unknown__user> this isn't the case, it should store data four times a day from another server, just files...
<qman__> yeah, that should be fine
<qman__> just make sure you implement good monitoring, so you notice if a disk starts to fail right away
<unknown__user> that's what i was looking for, thanks a lot qman__, really appreciate your help
<ttx> smoser: ping
<smoser> here
<ttx> smoser: any news on the ramdisk issue ?
<smoser> i've not made any progress there.
<ttx> fair enough.
<ttx> smoser: how feasible is it to pull the ramdisk/kernels from the published items ?
<smoser> we can definitely just 'rm a b c'
<smoser> and i support that as the most reasonable solution at this point
<smoser> the fact that they dont work, is testament to their necessity
<smoser> interestingly enough :)
<smoser> if my somewhat knowledgeable "this should work" guess at providing an initramdisk failed, it means that using whatever happens to be in /boot on a system is destined for failure
<smoser> or at least indeterminate results
<ttx> smoser: ok, do it then
<smoser> so at this point it looks like we're good with what we have other than that ?
<smoser> for server images ?
<ttx> smoser: things might get released before you join us tomorrow. Please sync with slangasek
<ttx> yes, server images should be "mostly ok"
<ttx> smoser: make sure that he has everything needed to trigger what is needed
<smoser> i will do so later night. i'll send out a mail of where things are, hopefully a.) making sure that things are ready to go b.) that someone else could do it.
<ttx> smoser: thanks
<Tux2> Is there anyone here who can help troubleshoot a bind9 problem?
<Tux2> Sep 30 14:53:19 CHU-AC1 named[13803]: configuring TKEY: failure
<Tux2> Sep 30 14:53:19 CHU-AC1 named[13803]: loading configuration: failure
<Tux2> Sep 30 14:53:19 CHU-AC1 named[13803]: exiting (due to fatal error)
<Tux2> That is the tail right after trying to start bind9
<ezhangin> hey guys
<ezhangin> hey so my member:ubuntu server just stopped booting
<ezhangin> uh
<ezhangin> my ubuntu server*
<ezhangin> it does do verifying DMI pools in the bios
<ezhangin> but then it doesn't do anything after
<ezhangin> any ideas?
<ezhangin> ugh i'm not even getting to grub, i don't see why this would happen all of a sudden
<ezhangin> the last thing i did was create a raid-5 array with mdadm separate from the boot drive
<qman__> unless you accidentally nuked your boot drive, or grub was for some reason on the wrong drive, the only thing left is hardware failure
<ezhangin> i can mount the boot drive
<ezhangin> in fact i;m looking at the grub menu
<ezhangin> .list
<qman__> ok
<qman__> the second thing I meant was, if grub was installed to the boot sector on one of the other drives, instead of the one you thought it was using
<qman__> and you wiped them, that could cause it to stop booting
<qman__> the solution there would be to boot live and redo grub-install
<ezhangin> the OS is definitely on the boot drive, could grub really have run away to another drive?
<ezhangin> i'm on live right now thankfully
<qman__> yeah
<qman__> grub-install dynamically determines which drive to install its boot sector to
<qman__> it doesn't always choose wisely
<ezhangin> yeah it just sits there blinking after verifying DMI
<ezhangin> oh
<ezhangin> hmm
<ezhangin> interesting
<qman__> so, you can manually reinstall the grub boot sector on the drive you want, from the live environment
<ezhangin> i might go back and change some BIOS values to the original ones i had and then do this
<ezhangin> you have been very helpful
<ezhangin> thanks already
<qman__> no problem
<ezhangin> how do i manually install grub, apt?
<qman__> no, just run grub from the live environment
<qman__> google for "reinstall grub", should get you a guide
<qman__> or repair grub, etc.
<qman__> your config is all fine, you just need to recreate the boot sector
<ezhangin> can i use a x64 sever cd or do i need a live cd?
<ezhangin> i have a 32 bit live cd
<qman__> server CD should be able to do it, but 32/64-bit won't really matter either
<qman__> since you're not installing any software, just running a command
<ezhangin> k
<ezhangin> live cd boot time
<ezhangin> yeah i just formatted the array, figures lol
<ezhangin> oh this makes sense now (one of my other problems)
<ezhangin> haha
<ezhangin> ah
<ezhangin> here is the grub prompt
<ezhangin> let's see
<pwnguin> is there a way to log FTP ... "user agents"?
<ezhangin> haha nice nick man
<pwnguin> focus
<ezhangin> i'm in here for help too lol, i just liked the nick
<ezhangin> well qman it booted
<ezhangin> but my array is jacked again
<ezhangin> i dunno wtf is going on >:
<ezhangin> oh
<ezhangin> it said something about (hd0,0) when booting up when it should probalby be (hd4,0)
<ezhangin> qman__: welp
<benc> anoyone familiar with autoscan?
<benc> what package do I need to install to have it?
#ubuntu-server 2009-10-01
<uvirtbot> New bug: #439288 in eucalyptus (main) "1.6~bzr854-0ubuntu13 fails to run instances" [High,Triaged] https://launchpad.net/bugs/439288
<ezhangin> well got my raid array to start from the live cd
<ezhangin> interesting
<ezhangin> let's see if it starts from the OS
<ezhangin> i think grub was looking at it earlier
<ezhangin> is it ok if the first thing the boot sequence says booting from (hd0,0) even though the boot drive is (hd4,0) i think
<ezhangin> yeah
<ezhangin> why is it doing that
<ezhangin> hmm
<ezhangin> anyone have an idea or should i just reinstall?
<ezhangin> with the raid drives unplugged for the time being
<ezhangin> wtf
<ezhangin> different frustrations
<ezhangin> now when i start one of my drives (at random) is in md_d0
<ezhangin> i have no idea what that is and i didn't set it up
<ezhangin> i guess i'll try formatting this thing again
<gobjub> hello
<Orfeous> hi everyone!
<gobjub> could someone please point me to some better documentation about how to use the jaunty uec images (http://uec-images.ubuntu.com/jaunty/) with amazon EC2?
<Orfeous> Ubuntu Server edition 9.04 will it be upgradable for ubuntu karmic packages?
<Orfeous> or will it be a ubuntu 9.10 server edition?
<gobjub> i'm missing some important connection between how to go from the .imgs to an AMI
<Orfeous> i just found the answer myself ;)
<Orfeous> found the cdimages of ubuntu-server 9.10
<qman__> Orfeous, the answer is actually both
<qman__> Orfeous, you could upgrade from 9.04 to 9.10, or install fresh with the new discs
<Orfeous> qman__, thanks for the confirm!
<Orfeous> ok, what is recommended install via 9.10 cd and update packages from internet or install via 9.10 dvd?
<Orfeous> ill be back later today
<error404notfound> anyone who could help on http://ubuntuforums.org/showthread.php?t=1278950 ?
<qman__> looks like own-sites is a directory, but apache is looking for a file by that name
<error404notfound> qman__, hmmm, what could be the cause and any ideas on how to fix it?
<uvirtbot> New bug: #439788 in ec2-ami-tools (multiverse) "ec2-bundle-image and ec2-unbundle-image use single, static named fifo in /tmp" [Medium,Confirmed] https://launchpad.net/bugs/439788
<ball> Anyone here run Ubuntu Server on entry-level Dell Server towers?
<error404notfound> anyone here who has done apache + mod_chroot successfully?
<_ruben> hmm .. i really oughta update my pxe boot config to include the jaunty installer .. installing intrepid over pxe, followed by do-release-upgrade is getting old :)
<uvirtbot> New bug: #426497 in qemu-kvm (main) "kqemu mode not compiled for karmic" [Wishlist,Won't fix] https://launchpad.net/bugs/426497
<Orfeous> hey!
<Orfeous> i just installed ubuntu-server 9.10 and everything works really good! but i wonder if there are any good web based administrator program?
<Orfeous> is ebox the onlyone? except running landscape
<Orfeous> then i want to setup a domain for my network.. i think its possible to do with samba server
<_ruben> ebox and landscape are the supported ones
<ivoks> urgh...
<ivoks> 2.6.31rcX and 2.6.31 are so different that they broke drbd
<kRocKodile> the installation stuck at 2% 'Retrieving file 143 from 159' ubuntu server 9.04 i386 on intel (chipset/cpu) desktop pc
<kRocKodile> an have install manu distros on this box, this is the first distro that fail to install
<kRocKodile> s/manu/many
<AzizLight> hi everybody
<AzizLight> I'm installing ubuntu server for the first time, I am doing a manual partitionning. What partitions do I need to create? can I just create a root partition or I have to create other partitions?
<ivoks> you need swap too
<ivoks> installer will warn you about that
<domas> ahhhh, stupid apache. mod_rewrite log code leaked IPC semaphores, even if mod_rewrite log is disabled
<domas> you need global mutexes to do nothing, apparently
<AzizLight> so root and swap is enough, or should I create other partitions seperately (ie boot, etc)?
<domas> oh, and leaked IPC semaphores also means that server doesn't come up eventually
<AzizLight> anybody?
<firecrotch> AzizLight: I've never had a reason to put /boot on a separate partition. You may want to put /home on its own partition though
<AzizLight> firecrotch: let's say I put /home on its own partition, how big should be / and swap? (I have 985GB to spare)
<firecrotch> AzizLight: what is the server going to be used for?
<_ruben> firecrotch: grub doesnt do /boot on lvm, which is why most of our servers have a seperate /boot partition
<AzizLight> firecrotch: it's a developement server
<_ruben> and yes, there's no "universal partitioning scheme", it all depends on wishes/needs/et
<_ruben> c
<firecrotch> For swap, the old standby of at least as much RAM, no more than 2x RAM is safe
<AzizLight>  / should be logical or primary?
<_ruben> i dont think lilo/grub care that much about that
<_ruben> i tend to create 2 primaries: one for /boot, one as lvm vg
<_ruben> err, lvm pv
<AzizLight> I actually selected the partitionning for the free space
<AzizLight> I think that's the best option for a first time
<domas> stupid jaunty
<domas> (gdb) run
<domas> Starting program: /usr/sbin/apache2 -X
<domas> Segmentation fault
<domas> works on hardy
<domas> :-/
<maxagaz> i need to see the port XX of a remote host open when using nmap, for that can i use a ssh tunnel ?
<maxagaz> if yes, how ?
<maxagaz> I tried "ssh -L 5432:localhost:5432 my_remote_host" but still, the nmap my_remote_host -p5432 doesn't show it as open
<maxagaz> can someone help me ?
<_ruben> -L is for local portmaps
<maxagaz> _ruben, how should i do my tunnel to get the result i'm expecting ?
<_ruben> well, what are you trying to accomplish exactly?
<maxagaz> _ruben, i'm trying to tun pgsql on my machine and connect it to a remote server
<maxagaz> _ruben, but the port used by postgresl is closed
<maxagaz> _ruben, i'd like to open an ssh tunnel, and check using nmap that it is open
<atomic_1> you can also check with nestat -tlnp
<atomic_1> *netstat
<maxagaz> atomic_1, but i should open the tunnel first
<maxagaz> atomic_1, that's my problem right now
<atomic_1> i just read what you wrote, if i understood you correctly...why would you use a ssh tunnel ? if you can login to the remote machine, you can use netstat to check if the port in question is being used by something else
<atomic_1> also check if there is an iptables firewall in place
<maxagaz> atomic_1, tcp        0      0 127.0.1.1:5432          0.0.0.0:*               LISTEN      -
<maxagaz> atomic_1, i have this twice
<atomic_1> this is on the remote machine? run it with root or sudo to see the program
<atomic_1> executing it as a regular user does not show the program name
<maxagaz> atomic_1, tcp        0      0 127.0.1.1:5432          0.0.0.0:*               LISTEN      14153/postgres
<atomic_1> there you go
<atomic_1> there is a pg server there :)
<maxagaz> atomic_1, i want to connect to it with pgadmin
<maxagaz> atomic_1, from my machine
<atomic_1> well, i think it needs to be listening on the external interface
<atomic_1> the one connected to the internet
<atomic_1> i dont have experience with pg
<atomic_1> but i am sure you can configure which interface it runs on
<atomic_1> what you pasted suggests that its bound on loopback (127.0.1.1)
<atomic_1> funny, i've had the same situation with a mysql server recently, and i also tried to use ssh tunnel for this :)
<atomic_1> and then use mysqladmin to connect to "localhost"
<atomic_1> but it didnt work
<atomic_1> i mean, mysql-query-browser
<maxagaz> atomic_1, i got it!!
<maxagaz> atomic_1, thanks
<atomic_1> that'll be 4 dollars
<atomic_1> ;)
<atomic_1> np
<maxagaz> atomic_1, ;)
<maxagaz> atomic_1, from what you told me, i checked netstat -tlnp, saw there was two lines about pgsql
<maxagaz> atomic_1, in the config of pgsql, it was set to listen on localhost and myhostname which points to 127.0.1.1 in /etc/hosts
<maxagaz> i changed this by its ip
<maxagaz> which was reflected by netstat -tln
<maxagaz> atomic_1, then "nmap myhost -p5432" told me it was open from my machine!
<atomic_1> that's what i would do too
<atomic_1> or check if i can set it on ethX, better that way
<atomic_1> either way should work
<maxagaz> atomic_1, which way is better ?
<maxagaz> atomic_1, also, can i netstat from my current machine to my remote server  ?
<atomic_1> you cannot use your local netstat to check a remote server
<atomic_1> its not a port scanner :)
<maxagaz> atomic_1, ok
<atomic_1> if your remote machine is not behind a nat
<atomic_1> just set it to listen on the public ip address
<atomic_1> if it is, you can still do it, but setup port forwarding on the gateway
<alourie> hello
<jimlovell777> Sorry for possibly being off topic but I thought this might be a good place to ask...... can anyone point me to a secure php contact form script or just a few good validation functions to prevent against injection attacks and any other security issue that comes from having a contact us page with sendmail access?
 * ttx goes for one more UEC reinstall.
<zul> morning
<uvirtbot> New bug: #410521 in vm-builder (universe) "Add support for (k)qemu" [Wishlist,Triaged] https://launchpad.net/bugs/410521
<uvirtbot> New bug: #391001 in vm-builder (universe) "vmbuilder fails when specifying numeric values in config file" [Undecided,Incomplete] https://launchpad.net/bugs/391001
<alourie> Hello all! Can I join the server team?
<henkjan> alourie: of course. read https://wiki.ubuntu.com/ServerTeam/GettingInvolved#becomemember
<alourie> henkjan: I've read that, I don't really understand how to proceed. How about "find the area of interest" ?
<alourie> oh
<alourie> it's just applying to Launchpad...
<benjamin__> hi, I try to run a shellscript wich I used on centos on a ubuntu 8.04 server, and I get the error "read: 160: Illegal option -a". Anyone an idea what's wrong?
<benjamin__> the line is:
<benjamin__>     while read -a a line; do
<benjamin__> both shells are bash
<uvirtbot> New bug: #346746 in vm-builder (universe) "/etc/resolv.conf seems to be hardcoded in vmbuilder when building ubuntu VMs" [Wishlist,Triaged] https://launchpad.net/bugs/346746
<mdeslaur> someone asked me if we are going to get symantec netbackup and backup exec client support for ubuntu server soon. Does anyone know?
<aubre> I asked botchagalupe to see about getting native .debs for TSM
<incentifit> I've just learned how to use adduser in a basic way.  I need to add a LOT of users a lot of times.  I'll be rebuilding the machine often.  How can I script this, is it possible.  I'm imagining putting my list of users, passwords, and their groups into a file/script
<alvin> incentifit: If you're using perl, you can use linlinux-usermod-perl (Linux::usermod)
<alvin> s/linlinux/liblinux
<zul> smoser: ping...your patch for ec2-ami-tools work right?
<RoyK> hi. does anyone have a link to a howto on making ubuntu packages?
<Pici> !newpackage
<ubottu> The packaging guide is at http://wiki.ubuntu.com/PackagingGuide - See https://wiki.ubuntu.com/UbuntuDevelopment/NewPackages for information on getting a package integrated into Ubuntu - Other developer resources are at https://wiki.ubuntu.com/UbuntuDevelopment - See also !backports
<aubre> I noticed that the default setting in eucalyptus on Karmic is now MANAGED-NOVLAN, what brought that on?
<stonekeeper> Hi there. Can anyone remember the name of the ubuntu specific project for configuring ubuntu server via a webpage? I can't remember off the top of my head (not webmin). Thanks.
<_ruben> ebox
<_ruben> or landscape
<lbsjack> who can run Eucalyptus successfully under ubuntu 9.10 aplha 6?
<stonekeeper> thanks ruben
<kirkland> zul_: kicking some vmbuilder butt?
<kirkland> :-)
<zul_> kirkland: trying to
<kirkland> zul_: well done, vmbuilder needs a hug
<zul_> it does it does
<zul> that and I like to fill up people's email
<AzizLight> how can I modify the default mysql collation please?
<zul> mathiaz: yay https://code.aunchpad.net/~ubuntu-server/+activereviews
<jmarsden> AzizLight: use the --character-set-server= and --collation-server= options.  See http://dev.mysql.com/doc/refman/5.1/en/charset-configuration.html
<smoser> kirkland in -curses mode of kvm, how do i get to console ? what is the escape?
<smoser> it apparently is not ctrl-a (at least its not working for me)
<uvirtbot> New bug: #311943 in vm-builder "Failure to create Ubuntu Intrepid Server Xen PV DomU  via vmbuilder" [Undecided,Incomplete] https://launchpad.net/bugs/311943
<JanC> you're not using screen?  ã
<smoser> no
<smoser> yeah, i did check that :)
<mruiz> hi all
<mruiz> is there any official documentation to set up kvm under Jaunty or Karmic ?
<zoopster> mruiz: have you reviewed the official server guide?
<mruiz> zoopster, http://doc.ubuntu.com/ubuntu/serverguide/C/virtualization.html
<mruiz> but I don't know if it is up to date
<zoopster> mruiz: that is the draft for karmic, yes.
<mruiz> great!
<mathiaz> ttx: should I cleanup the Items for Discussion section of the Meeting wiki page?
<mruiz> zoopster, thanks
<ttx> mathiaz: sure
<mathiaz> ttx: ok - I'll try to keep the recurring items there
<mathiaz> ttx: and remove specfici ones (like things related to beta)
<ttx> mathiaz: sure
<mathiaz> ttx: and I'll write up the minutes
<ttx> mathiaz: I bought the "Where in the world is my team" book btw
<mathiaz> ttx: argh - you broke the meme (and my planned joke)!
<mathiaz> ttx: awesome - I returned mine to the library
<free> mathiaz: yo
<mathiaz> free: hi
<mathiaz> free: I should have more time to get through the landscape-client/smart SRU now that beta is over
<free> mathiaz: sweet
<mathiaz> free: what's the bug number again?
<free> mathiaz: #347983
<mathiaz> bug 347983
<uvirtbot> Launchpad bug 347983 in smart "update intrepid and jaunty to landscape-client 1.3.2.3" [Medium,Fix released] https://launchpad.net/bugs/347983
<free> mathiaz: I was wondering if it's possible to set up a deadline somehow, as having that update pushed is becoming very important
<free> mathiaz: ideally we'd like to get it done before the end of this month
<mathiaz> free: that should be doable (considering we're the 1st of the month)
<free> mathiaz: perfect
<free> mathiaz: I guess the sooner the better though, as I believe things will get very busy for you folks as we apprach the karmic release
<mathiaz> free: one of the big stumbling block may be the smart update
<mathiaz> free: IIRC landscape-client has an SRU expeption, but not smart
<free> mathiaz: that's correct
<mathiaz> free: IIUC smart intrepid is a new upstream release
<free> mathiaz: also correct, jaunty is not
<free> mathiaz: the changes between the two versions are not that many though, if needed we could help in reviewing them and explain what they do
<mathiaz> free: yeah - that's probably what should be done
<mathiaz> free: in order to help in accepting the SRU team
<free> mathiaz: how do you think we should organize this?
<mathiaz> free: have two clearly marked sections in the bug description
<mathiaz> free: one dealing with the landscape-client SRU and one dealing with the smart SRU
<smoser> kirkland, ping
<kirkland> smoser: pong
<mathiaz> free: both sections should follow the standard SRU format: https://wiki.ubuntu.com/StableReleaseUpdates#Procedure
<smoser> hey. i have 2 things
<smoser> a. with -curses option to kvm, i can't seem to get to console. changing -echr seems to hvae no affect.
<mathiaz> free: I'll have a look at the attached patches - they seem good
<mathiaz> free: once that is done, I'll get the package ready for upload
<free> mathiaz: okay, I'm going to re-work the description now
<smoser> i'm thinking its possibly between chair and keyboard, but dont know
<mathiaz> free: and I'll wait on an update description of the bug
<mathiaz> free: the goal here is to get a clear description about the SRU
<mathiaz> free: so that the ubuntu-sru is comfortable with accepting the update
<free> mathiaz: so once you upload them to {intrepid,jaunty}-proposed the SRU team is going to review them looking at the bug?
<mathiaz> free: yes
<kirkland> smoser: hmm, i'm not sure about that one
<free> mathiaz: okay
<kirkland> smoser: as aliguori in #ubuntu-virt?
<mathiaz> free: they will look into the queue, see if there is a bug reference in the changelog and look at the bug
<mathiaz> free: this is why it's important to have the bug number in all the changelog as a reference
<free> mathiaz: cool, the bug reference is now on the top of each debian/changelog, as you recommended
<smoser> b. how does a guest become aware virtio ? .. mainly, you mentioned unaccelarated-ness of sym53c8xx . what faster path is there, and how should we change our images such that they take it.
<kirkland> smoser: it's not the guest that decides to use virtio
<kirkland> smoser: its the hypervisor
<kirkland> smoser: or libvirt
<kirkland> smoser: specifically, the kvm command line
<kirkland> smoser: i have a kvm wrapper in $HOME/bin/kvm that does it for me
<kirkland> smoser: let me paste you a line:
<kirkland> smoser: sudo /usr/bin/kvm -m 512 -smp 2 -usb -usbdevice tablet -net nic,model=virtio -net tap,script=/home/kirkland/bin/bridge.sh -drive file=karmic-server.img,if=virtio,index=0,boot=on
<smoser> if=virtio
<smoser> i was just about to write htat
<smoser> so then, i wonder, why eucalyptus is running with if=scsi
<mathiaz> smoser: it may depend on the guest OS - hardy guests don't support block virtio
<kirkland> smoser: please prepend 'kirkland';  i'm following too many channels :-)
<kirkland> smoser: i think virtio requires support in the guest
<kirkland> smoser: which has been available since ~hardy
<kirkland> smoser: but might break older guests, and per chance non-Linux guests?
<kirkland> smoser: scsi is more universally available than virtio, i suspect
<smoser> you're rpbably right
<kirkland> smoser: but you can get a ~10x performance improvement with virtio disks and virtio network
<kirkland> smoser: that's supposition on my part; don't take it as gospel yet
<mathiaz> smoser: kirkland: to be correct: hardy supports virtio network, but not virtio disks.
<kirkland> smoser: might confirm that elsewhere
<kirkland> mathiaz: ah, thanks
<mathiaz> smoser: kirkland: TBH hardy will also work with virtio disks - but there were some bugs in virtio disks that made us switch hardy to not officially use virtio disk
<mathiaz> kirkland: smoser: that was done in virt-manager - the default template for a hardy guest will use ide as the block device
<mathiaz> smoser: writing up the meeting notes -
<mathiaz> smoser: <smoser> mdz had asked that vmbuilder's version be included in the manifest
<mathiaz> smoser: <smoser> that is less straighttforward, as we're currently building with vmbuilder trunk.
<mathiaz> smoser: couldn't the bzr revno be used for that? ^^
<kirkland> mathiaz: cool, thanks
<smoser> yeah. it just doesn't match with the rest of manifest data
<smoser> i would suggest even branch-id:revno
<mathiaz> smoser: right - better than nothing though
<uvirtbot> New bug: #409768 in php5 (main) "php5 crashed with SIGSEGV in timelib_timezone_id_is_valid()" [Medium,Invalid] https://launchpad.net/bugs/409768
<kirkland> ttx: smoser: mathiaz: i gotta drop for a few minutes while I replace my 100mbps switch with a 1000mbps switch, and move some hard drives around
<kirkland> UEC testing takes fast network, faster disks
<kirkland> my 100mbps + usb disks in my DMZ cloud aren't cutting it
<mdz> smoser,mathiaz: I am not concerned about where it gets stashed; if you want to keep the manifest format the same (which I agree is useful), you could stash it somewhere else
<smoser> i absolutely agree that we should record it.
<smoser> would just writing to 'vmbuilder-version.txt' be sufficient ? or something like that ?
<jcastro> smoser: kirkland: the eucalyptus test page says: # The most recent Ubuntu Server ISO which can be found at: TBC.
<jcastro> what shall I put there?
<jcastro> is that just a pointer to the normal ISOs?
<mathiaz> jcastro: http://cdimage.ubuntu.com/ubuntu-server/daily/current/
<mathiaz> jcastro: ^^ this will always point to the latest daily -server iso
<smoser> well, in a couple hours beta link. but there are nightlies at http://cdimages.ubuntu.com/ubuntu-server/daily/current/
<jcastro> ok
<smoser> yeah
<mathiaz> jcastro: however it may be broken
<smoser> what mathiaz said
<jcastro> I know where those are, I'm just making sure that that's what the eucalyptus page should point to right?
<jcastro> ok
<jcastro> ok nm, reading the testcases makes it obvious that it's the normal server iso.
<smoser> the -server isos are what we use for eucalyptus installtion
<smoser> yeah
<free> mathiaz: hey I've updated the bug description of #347983, does it feel better?
<ball> Anyone here using entry-level tower servers (e.g. HP ML110, Dell T100 ?)
<mathiaz> free: great! much better. Thanks for updating this
<free> mathiaz: np!
<hiffy> hey peeps
<hiffy> ubuntu server 9.04 - vim isn't in the path, there is no vim-common in the repo and it says vim-tiny is already installed. What gives?
<felimwhiteley> hiffy: just a thought, I *think* vim-tiny actually runs as vi, certainly when I run it I get colour etc. when I enable it in the config file
<hiffy> i just noticed it's listed as vim.tiny
<hiffy> which uh confuses me
<hiffy> it's been vim-full for *years*
 * felimwhiteley uses nan anyway
<hiffy> the implication behind vi is that it is old school and annoying and I don't want to use it, or at least my years of doing this has trained me
<hiffy> i.e. the default version of vi that ships with everything
<felimwhiteley> aye but it's vim in ubuntu all the time even when you jsut run vi afaik
<hiffy> this is a freshly rolled install and it's not :(
<hiffy> ah well, if i can't get syntax highlighting working i'll be annoyed
<jtimberman> on karmic, why does couchdb require xulrunner??!
<blistov> what is pae?
<jtimberman> physical address extension
<jtimberman> blistov: http://en.wikipedia.org/wiki/Physical_Address_Extension
<blistov> is linux-generic-pae the default kernel for karmic now?
<blistov> Anyone know how to install libstdc++-33 in karmic/
<blistov> ?
<jjohansen> smoser: do you want to give i386: aki-c28063ab, ari-c48063ad  x86_64: aki-a68063cf, ari-ba8063d3
<jjohansen> smoser: they are built with the more virtualized configs
<smoser> give what ?
<smoser> give them a test ?
<jjohansen> smoser: yeah
<Hypnoz> my iphone supports PPTP, L2TP, or IPSec.  Any free apps that will run one of these easily?
<giovani> sure
<Hypnoz> any suggestions gio?
<giovani> openvpn is widely used
<Hypnoz> openvpn doesn't support any of those does it
<Hypnoz> i have openvpn running already, so if it did that would be the best
<Hypnoz> was thinking i'd have to set up a 2nd vpn just for my iphone
<giovani> of course openvpn does
<Hypnoz> not natively right
<Hypnoz> i'd need some kind of plugin?
<Hypnoz> everything i've read says the phone doesn't support openvpn cause it can't create a tun adapter
<giovani> if you want to use something proprietary like pptp then I think there's a pptpd
<giovani> ipsec is the way to go ... but, it's not as easy to set up -- openswan is the big daemon for that on linux
<|rt|> iphone does work with poptop
<Hypnoz> poptop = pptpd?
<|rt|> yeah
<Hypnoz> ya i was getting that feeling after some testing
<Hypnoz> rt have you ever connected iphone to a linux vpn?
<|rt|> yeah we have a poptop, pptp vpn, here at the office
<Hypnoz> i'm looking at the openswan wiki now, might try ipsec
<|rt|> we have some ipsec stuff too but currently only use it for the permanate tunnels
<Hypnoz> so i just need to configure my pptpd better and iphone will be able to connect...
<|rt|> Hypnoz: in theory :)
<|rt|> Hypnoz: i'll msg you to see if I can help with your configuration
<Hypnoz> you know what port pptpd runs on?
<|rt|> pptp runs on two ports 1723 and 47 for GRE
<|rt|> i guess that's IP protocol 47 not port 47 for GRE
<smoser> zul_, ping
<uvirtbot> New bug: #439868 in vm-builder (universe) "UEC images could be smaller" [Wishlist,Triaged] https://launchpad.net/bugs/439868
<gre0> Q: on a ubuntu box running as a NIS server, when changing a NIS user's password as root, does root have to specify the user's old password before entering the new?
<gre0> (this is the case on a SLES box I inherited, and I am trying to fix it by messing with PAM)
<Bilge> So I tried to mount a FAT device
<Bilge> Wasn't happening on Ubuntu server 8.04 LTS
<Bilge> FAT: codepage cp437 not found
<Bilge> Apparently this means I need to reconfigure and recompile the kernel
<Bilge> Does this sound right or am I way off the track somewhere
<Bilge> In some ways I hope so because I really know nothing about recompiling kernels and whether it's safe/possible with only remote SSH access
<alex_joni> sounds like you need to 'sudo modprobe nls_cp437'
<alex_joni> maybe that makes it work
<alex_joni> Bilge: http://www.linuxquestions.org/questions/linux-server-73/how-do-i-mount-a-usb-drive-at-boot-time-630115/
<Bilge> a) not a USB drive b) not boot time
<Bilge> This server hasn't been booted in
<Bilge> up 465 days
<smoser> jjohansen, you have configs available for those ?
<smoser> i wish our kernels had /proc/config.gz support
<jjohansen> smoser: sure
<jjohansen> smoser: chinstrap:/home/jj/config-ec2
<smoser> thanks.
<Bilge> alex_joni: modprobe gives: FATAL: Could not load /lib/modules/2.6.24.5-grsec-xxxx-grs-ipv4-32/modules.dep: No such file or directory
<Bilge> depmod can't generate it either
<Bilge> More errors
<Bilge> heh, never mind, fixed all that
<Bilge> FATAL: Module nls_cp437 not found
<Bilge> heh
<Bilge> `modprobe -l` returns nothing
<Bilge> lsmod returns Opening /proc/modules: No such file or directory
<Bilge> Something is really not right with this modules system
<Vog> did the 9.10 beta just get released?
<Vog> apt is dog slow today...
#ubuntu-server 2009-10-02
<zzz2009> Hi, I trying move my servers from fedora to ubuntu, and am looking for advice on setting up the disks, each machine has 2tb.
<zzz2009> I have currently partioned as follows: 250mb /boot raid 1, 4gb swap raid 0, 40gb /tmp raid 0 nosuid, noexec, 200gb / raid 0, 1.2 tb /data
<zzz2009> i'd like to use the /data as storage pool and was wondering if there is some way of sub-allocating it to /var and /home
<Jagged> zzz2009: why no have 1.5 tb in raid0 and use lvm?
<Jagged> *not
<zzz2009> jagged: as far as I can see LVM is not an option when etting up 9.04
<zzz2009> jagged etting = setting
<Jagged> it is
<Jagged> go into manual partitioning
<zzz2009> jagged: doesn't show up in my setup
<Jagged> after you dedicate your boot and swap md devices, you should be able to create the last md and specify "LVM" for "Use as"
<Jagged> that will in turn give you another option for setting up your lvm
<zzz2009> jagged: Of course he says hitting forhead on ground, forgot the use as LVM, back to drawing board
<zzz2009> jagged: thanks
<Jagged> Anytime :D
<zzz2009> quit
<zzz2009> How does one exit IRc politly
<zzz2009> #bye
<Jagged>  /quit
<Jagged>  /quit So long and thanks for all the fish!
<zzz2009> I know that the linux gurus generally disapprove of GUIs on servers, however I would like to install a GUI at least until i hae fully configured this server. ? which GUI would the peole here recommend?
<ewrjiwor> !ops
<ubottu> Help! Channel emergency! infinity, soren, lamont, mathiaz or tom
<ewrjiwor> Ban me
<ball> oh good.
<zul> smoser: ill upload your ec2-ami-tools patch tomorrow
<maxagaz> how to cat a file and color a given word in the output ?
<jmarsden> maxagaz: egrep --color=auto word afile
<blue-frog> grep
<maxagaz> jmarsden, egrep cuts my output
<jmarsden> Sure it does.  Oh, you want to see all lines of output?  I guess you could use sed and put the escape sequences for color around the word that way?
<maxagaz> jmarsden, good idea
<jmarsden> bold=$(tput smso); nobold=$(tput rmso) ; sed -e "s/WORD/${bold}WORD${nobvold}/" filename
<maxagaz> does someone know how to set the color of searched strings with the command less ?
<jmarsden> maxagaz: It uses whatever your termcap entry does for smso (enter standout mode) I think... so you could create a custom termcap entry if you really had to :)   Or if the term is a terminal emulator such as xterm or exvt you can probably do something appropriate in the .Xresources file to change what color standout mode is displayed as...
<jmarsden> Seems weird to care that much.. as long as standout mode stands out, does it *really* matter what color it is?
<jmarsden> less +/word filename     # should highlight word in the file filename ...
<jmarsden> maxagaz: ^^
<maxagaz> jmarsden, i wanted some customized colors
<jmarsden> maxagaz: A little googling found: http://nion.modprobe.de/blog/archives/572-less-colors-for-man-pages.html
<jmarsden> Which basically does it by setting the termcap entries in variables... should be workable for you?
<maxagaz> jmarsden, that's exactly what i needed, thanks a lot!
<jmarsden> No problem.
<maxagaz> jmarsden, how did you google that ?
<jmarsden> I searched for   less colors   and it was the first entry returned :)
<maxagaz> jmarsden, ok, i tried "less color" it was in 3rd, i missed it ;)
<Bilge> How can I make the kernel modules stuff work?
<Bilge> /proc/modules doesn't exist
<Bilge> After running depmod, modprobe -l returns nothing
<jmarsden> Bilge: Is your /proc filesystem mounted?   What does    mount -t proc     output?
<twb> jmarsden: good heavens, I never knew of that usage.
<twb> jmarsden: I always just cat or grep /proc/mounts (or mtab, if proc isn't available).
<jmarsden> twb: Learn something new every day :)  I sometimes do mount -t ext3 if I only care about "real" filesystems... in this instance it is the reverse...
<twb> I also don't trust /etc/mtab because on some of my systems where chroots are used heavily, it regularly lies.
<atomic_1> dammit, security.ubuntu.com is stuck again
<atomic_1> curse that samba bug :)
<twb> Seemed like a pretty severe bug
<spiekey> Hello!
<spiekey> i need to bridge eth0 and tap0 ...so i get br0: http://pastebin.com/da6f917
<spiekey> is there a way to rename eth0 to peth0 and to keep eth0 as a bridge?
<spiekey> problem: if eth0 changes to br0 i need to adjust iptables, configs...all based on "eth0"
<twb> Fortunately you keep those under version control, so it is not difficult.
<uvirtbot> New bug: #440440 in samba (main) "On regular system update, samba asked what to do with different smb-conf files. I cliked the last option ("open ??? with external application"(?)) and it hanged up." [Undecided,New] https://launchpad.net/bugs/440440
<kosolapiy> Hi all!
<kosolapiy> can some one help me with ubuntu server?
<kosolapiy> please?
<uvirtbot> New bug: #437014 in eucalyptus/1.6 "excessive number of CLC sockets to the backend cause the system to stop updating state" [High,Fix committed] https://launchpad.net/bugs/437014
<_ruben> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Bilge> jmarsden: sure it's mounted
<twb> _ruben: !anyone would've been more appropriate
<Bilge> jmarsden: proc on /proc type proc (rw,noexec,nosuid,nodev)
<Bilge> There's just no /modules
<Bilge> Come to think of it, I think my hosting provider builds a custom kernel
<jmarsden> Bilge: I'm guessing at this point... Did you compile your own kernel without module support??
<jmarsden> Ah, did the provider do that? :)
<Bilge> I'm with OVH who may mod the distro
<Bilge> :(
<Bilge> So what are my options?
<jmarsden> I'd ask them about it.  If they really gave you a kernel with no module support, you can't load modules, period, running that kernel.
<Bilge> Can I not rebuild the kernel remotely
<jmarsden> Sure, but if they did that they probably did other things... so there is little guarantee your new kernel will run in their (virtual hosting?) environment...
<Bilge> It's a dedicated server
<jmarsden> OK.  And do you have remote access to the console or serial port, or a way to do remote reboots?  if so you can try installing the default Ubuntu server kernel and booting that, and see what happens...
<Bilge> I can do remote deboots
<Bilge> reboots
<Bilge> Only access to the server is via SSH though
<Bilge> There's a web interface to administer hard reboots to the hardware
<jmarsden> Um... so how would you recover from an attempt to boot a bad kernel?  I think you may be stuck...
<Bilge> I might order a new box and migrate to that
<Bilge> So that flagrant errors won't be a problem
<Bilge> Just so long as I know remote kernel deployment is possible
<jmarsden> Oh sure, you can compile or install a new kernel and set up grub to use it and reboot.
<kwork> drac for the win
<kwork> or some other decent remote admin card
<kwork> via what you can install op sys :)
<Bilge> jmarsden: OK I'm ordering a new box
<Bilge> How do I actually build the stock Ubuntu kernel
<jmarsden> Easier to just apt-get install it, I would think.
<Bilge> Well sure, whatever works
<Bilge> I'm not looking to make things more difficult than they need to be
<jmarsden> So just do that.
<Bilge> I am, however, looking for how to do it, because I really have no clue when it comes to kernel swapping
<jmarsden> sudo apt-get install linux-image-server
<jmarsden> It's no different from installing other packages...
<uvirtbot> New bug: #440457 in samba (main) "when updating to jaunty i couldn't j keep my current version of samba" [Undecided,New] https://launchpad.net/bugs/440457
<jmarsden> Then check /boot/grub/menu.lst to see which kernel will boot by default, and edit it if necessary.
<Bilge> No doubt, but I don't know how I'm supposed to find out the package name
<Bilge> It strikes me as being one of those things that you either know or you don't
<atomic_1> apt-cache search linux-image
<jmarsden> Same as for other packages too:   dpkg -S /boot/vml*  will display the name of the package that contains the file... sounds like you need to learm a lot more about apt and dpkg
<atomic_1> or dpkg -l | grep linux-image ;)
<jmarsden> atomic_1: As I said ... apt and dpkg :)  In other words, this is package management, not anything super kernel-specific.
<atomic_1> yeah, its easy as pie
<jmarsden> Pie is more tasty :)
<Bilge> You're not actually telling me anything I didn't already know, there, but I still wouldn't know to server for linux-image or /boot/anything because I know nothing about the kernel or booting
<atomic_1> funny behaviour though, regular apt-get upgrade does not upgrade to a newer kernel, its kept back
<atomic_1> but once you do it manually
<Bilge> server = search
<atomic_1> every other upgrade will include a newer kernel build, if there is one in the repo
<jmarsden> Bilge: So, did it work?  Have you rebooted yet?  I need to go to bed, it is 2:24am here...
<Bilge> I thank you for your help, but you have no responsibility to assist further ;)
<Bilge> By which I mean, don't let me keep you
<jmarsden> OK... do you need to backup a ton of data from one server to the new spare one first?
<Bilge> I don't know yet because the delivery of the box takes time
<Bilge> Few hours, but more than you can spare I'm sure
<Bilge> I will need to migrate a lot of settings
<jmarsden> Ah, OK.  Then yes, I should get some sleep.  Goodnight all.
<Bilge> Thanks again
<jmarsden> No problem.
<Bilge> I'm sure it will be fine
<tarvid> any default support for saving and restoring iptables?
<_ruben> iptables-save > /some/file ... iptables-restore < /some/file
<tarvid> is there nothing for /etc/init.d?
<_ruben> !ufw
<ubottu> Ubuntu, like any other linux  distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI applications such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist
<_ruben> ufw does have an init script
<tarvid> ufw did not play well on my first foray and I'd just as soon write my rules
<AlexC_> g'morning,
<tarvid> fwbuilder corrupts display on my workstation, works at home sort of
<tarvid> i need nat to work and not much else
<AlexC_> I've got 2 servers, 1 of them is dedicated for email and we'd like to use SMTPS/IMAPS - so we need an SSL cert, however - for what domain do I buy this for? The MX records setup for domains is 'mail.example.com' - however the hostname of the mail server is 'mercury.example.com', (mail.example.com is a CNAME to mercury.example.com)
<atomic_1> +1 for iptables-save & iptables-restore
<atomic_1> put it in rc.local and forget about it
<_ruben> tarvid: if you know how to write scripts for iptables, writing an additional init script would be peanuts
<tarvid> just surprised that this is overloooked in Ubuntu
<atomic_1> fwbuilder adds a lot of stuff that i dont recognize in its scripts
<tarvid> and network-manager threatens to mess with iptables
<_ruben> AlexC_: with any ssl cert (https/imaps/smtps/etc) the name of cert must match the name the client is using to connect to that service
<AlexC_> _ruben, so that would be mail.example.com correct?
 * _ruben is glad there's no default handling of iptables on ubuntu
<_ruben> AlexC_: if that's what the clients will be using, yes
<AlexC_> _ruben, cool, ok thanks
<AlexC_> 1 more similar question, DKIM - the 'Domain' entry in /etc/dkim-filter.conf, should that be 'mail.example.com' as well?
<AlexC_> instead of mercury.
<gamla_kossan> could anyone perhaps explain the sandbox mode for do-release-upgrade?
<_ruben> AlexC_: been a while since i messed with DKIM, but i *think* the domain should be example.com
<gamla_kossan> *sigh* crap. I'm getting a problem when trying do-release-upgrade. anyone encountered this before?
<gamla_kossan> http://fpaste.org/k5cg/
<gamla_kossan> (googled it but can't seem to find anything useful)
<_ruben> !info network-manager
<ubottu> network-manager (source: network-manager): network management framework daemon. In component main, is optional. Version 0.7.1~rc4.1.cf199a964-0ubuntu2 (jaunty), package size 290 kB, installed size 2080 kB
<_ruben> oh crap .. tarvid already left
<_ruben> its a desktop thing
<_ruben> gamla_kossan: tried running apt-get update && apt-get dist-upgrade prior to it?
<gamla_kossan> _ruben: wait, I want to do that?
<gamla_kossan> I thought dist-upgrade was something that do-release-upgrade made obsolete =)
 * gamla_kossan doesn't know htough
<_ruben> dist-upgrade is an old name, its no longer used to upgrade from one version to another, but to make your current version fully up to date
<gamla_kossan> oh
<gamla_kossan> what's the difference between it and upgrade then?
<_ruben> with aptitude they chose better names: upgrade => safe-upgrade and dist-upgrade => full-upgrade
<_ruben> upgrade doesnt install new packages (new dependencies for instance), dist-upgrade does
<gamla_kossan> I see
<gamla_kossan> oh
<gamla_kossan> thanks a lot, this really clears some stuff up
 * gamla_kossan is used to yum
<ewook> muuu
<alex_joni> for example kernel updates
<gamla_kossan> muuu
<gamla_kossan> ^_^
<uvirtbot> gamla_kossan: Error: "_^" is not a valid command.
<alex_joni> you only get them with dist-upgrade
<gamla_kossan> right
<alex_joni> apt-get moo
<ewook> apt-moo
<gamla_kossan> awesome. lunch then upgrade time :>
<gamla_kossan> lunch!
<alex_joni> -bash: apt-moo: command not found
<ewook> oh, right. apt-get moo it is.
<_ruben> nice .. successfully updated my pxe install setup to include jaunty as well .. tho i should put some effort into creating a boot menu (now i have write out my selections on the boot: prompt)
<_ruben> aww .. they didnt even include 'moo' in the bash autocomplete ;)
<SockPants> hey all
<SockPants> how do i stop the nfs server from borking every time i do something wrong on a client
<twb> SockPants: define `wrong'
<SockPants> twb: i'm not sure, but for example trying to delete something without having permission
<SockPants> or deleting a very big file, even if i do have permission
<SockPants> after that it just keeps saying 'lockd is not responding'
<gamla_kossan> SockPants: depends on what you mean, but mount it with the option soft instead of hard
<gamla_kossan> could resolve it
<gamla_kossan> uh ohh
<gamla_kossan> this is not good
<gamla_kossan> I can't boot properly
<gamla_kossan> did a dist-upgrade,
<gamla_kossan> now I get this:
<gamla_kossan> [    5.480000] devicemapper: table: 254:1: snapshot-origin:  unknown target type
<gamla_kossan> during boot
<gamla_kossan> and a couple of other errors, then I'm dropped into a busybox
<gamla_kossan> anyone have a clue what'sup here?
<_ruben> doesnt ring a bell here
<_ruben> might wanna ask in #ubuntu-kernel as well
<zul> morning
<gamla_kossan> _ruben: think I know what it is - I'm missing the dm-snapshot module
<gamla_kossan> so I guess I need to make a new initrd, right?
<gamla_kossan> can I do that from a live-cd?
<_ruben> gamla_kossan: grub should show your previous kernel as well
<gamla_kossan> oh fsck. the ubuntu live cd doesn't have mkinitrd
<gamla_kossan> _ruben: yeah - I agree - but it doesn't :/
<_ruben> odd
<gamla_kossan> very
<_ruben> and you need update-initramfs
<gamla_kossan> that one's available
<gamla_kossan> sigh
<kwork> can you use dd to replicate compact flash
<_ruben> kwork: wouldnt know why not :)
<kwork> would it work if i first make disk image
<kwork> and then write it to other device ?
<kwork> i have only one card reader
<kwork> but i need to replicate the data structure to other compact
<bogeyd6> kwork yes that works, i have doen it before
<bogeyd6> however i might suggest o&o disk image for future usage
<kwork> o&o whats that ?
<bogeyd6> http://tinyurl.com/ydsgody
<bogeyd6> kwork http://tinyurl.com/ydsgody
<kwork> lol
<kwork> with what you made that video
<kwork> bogeyd6,  the problem is i have compact flash what has routers operating system on it just wondering will copyng it with dd to diskimage and from there to other compact
<kwork> will it work
<_ruben> sure
<bogeyd6> lololol
<bogeyd6> yes it works
<bogeyd6> :P
<kwork> i sure hope so
<J_P> hi all..
<J_P> How I disable beep always I use key TAB to completation?
<atomic_1> anyone using dhcpd encountered this in the logs: ï»¿Abandoning IP address: x.y.z.w; Pinged before offer ?
<bogeyd6> atomic_1 the dhcp server is checking to see if the ip address is in use
<fbc-mx> Where can I find all the new features for 9.10 on the ubuntu website?
<atomic_1> bogeyd6: i figured that out, but my clients never gets an IP address
<atomic_1> this happens with a few of my clients
<bogeyd6> fbc-mx http://www.ubuntu.com/testing/karmic/beta
<bogeyd6> Is there a reservation setup atomic_1
<smoser> zul, you have any idea where you would send a patch to ec2-ami-tools ?
<atomic_1> for certain clients, yes
<zul> smoser: not really let me poke around
<smoser> all i could see was the forums
<atomic_1> but not the addreses that i can see dhcp pings
<bogeyd6> atomic_1 What's most likely happening is that the DHCP server is assigning the
<bogeyd6> host an address, the host is verifying that the address is not in use,
<bogeyd6> and concluding that it is in use
<bogeyd6> atomic_1 Ping one of the addresses in the DHCP range that has not been assigned to any device (try it from each side of the bridge with a different IP address)and make sure you do not see any ARP relies in the ARP cache.
<atomic_1> hmm, good idea
<atomic_1> i should probably check my leases file too
<bogeyd6> duplicate lease will cause the same problem
<atomic_1> i kind of messed with it on occasions when dhcp failed
<bogeyd6> plus you gotta make sure you configure your leases separately from the pool
<bogeyd6> reser*
<atomic_1> thanks bogeyd6
<bogeyd6> yw
<bogeyd6> running failover dhcp servers will give those problems ALOT
<atomic_1> its only one instance here
<atomic_1> sometimes i also have troubles when i change a hostname here and there, because i use dynamic updates with bind
<atomic_1> dhcpd does NOT like that
<atomic_1> :)
<bogeyd6> very true atomic_1 but there is an interesting thing in a centos book about dhcp and dns
<bogeyd6> For Dynamic DNS to work, both the DHCP server and the DNS server need to be configured
<bogeyd6> correctly: they both need to allow the use of Dynamic DNS, and the DNS server
<bogeyd6> needs to âtrustâ the DHCP server. The latter is usually accomplished through the use of a
<bogeyd6> cryptographic key.
<zul> ttx: when you get a chance can you look at #420639?
<ttx> bug 420639
<uvirtbot> Launchpad bug 420639 in php5 "php-pear package problems (Karmic)" [High,Confirmed] https://launchpad.net/bugs/420639
<ttx> just the title doesn't make me want to touch it
<zul> ttx: heh...sometimes you dont have a choice
<atomic_1> bogeyd6: i just read what you wrote, my services are configured correctly, rndc-key and everything
<atomic_1> and it works, only 95% of the time
<atomic_1> :)
<bogeyd6> kk
<uvirtbot> New bug: #440598 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/440598
<acalvo> hi
<acalvo> how can I repair manually a mysql DB?
<ivoks> hi guys and girls
<ivoks> looks like one of recent kernel uploads broke drbd
<ivoks> this is known upstream and there's a new version of drbd that works with 2.6.31
<ivoks> but it's in rc3 state
<ivoks> so, i'd ask for sponsor on uploading new version of drbd, as soon as it gets released
<ivoks> is that possible?
<zul> is there just a patch for it?
<ivoks> i'll try isolating the patch, but imho we should move to new version
<ivoks> except the support for 2.6.31
<ivoks> with this new version, upstream supports drbd+pacemaker integration
<zul> any other regressions if we go with rc3?
<ivoks> so, there are no new files, it's just that they support it now
<ivoks> i haven't found any
<ivoks> i've been testing it for couple last two days
<ivoks> s/couple//
<zul> ok well you know the FFE process, when it gets approved let me know and Ill sponsor it
<ivoks> sure
<ivoks> i'll ping you
<zul> k thanks
<mathiaz> ivoks: is drbd still in the karmic kernel?
<ivoks> it's dkmsed
<mathiaz> ivoks: is it one of the 2.6.31 API that broke drbd?
<mathiaz> ivoks: the current version of drbd in karmic is 2:8.3.2-2
<ivoks> basically, 8.3.2 drbd (which we have now) worked with 2.6.31rc1
<ivoks> but it doesn't with 2.6.31
<ivoks> http://git.drbd.org/?p=drbd-8.3.git;a=blob;f=ChangeLog;hb=HEAD
<mathiaz> ivoks: ok
<mathiaz> ivoks: debian has 2:8.3.2-3
<mathiaz> ivoks: and 2:8.3.3~rc3-1 in experimental
<ivoks> 8.3.3 is mostly fixes
<ivoks> yep
<mathiaz> ivoks: if 8.3.3rc3 is mostly fixes, then a FFe is not needed
<ivoks_> looking at the changelog, only added functionality is support for infiniband
<mathiaz> ivoks: well - there are new features though: Support for Infiniband via SDP (sockets direct protocol)
<ivoks_> since there was no support for that before, i don't expect regressions :D
<mathiaz> ivoks: right
<mathiaz> ivoks: Improvements on the crm-fence-peer Pacemaker integration ?
<ivoks_> that was new in 8.3.2
<ivoks_> and it was unsupported
<mathiaz> ivoks: well - it depends how SDP support was added
<mathiaz> ivoks: it may break other parts of the code
<ivoks_> 8.3.3 has upstream support for crm integration
<ivoks_> and that's really cool
<ivoks_> i know
<ivoks_> i'll ask for FFE
<mathiaz> ivoks: do you plan to sync from experimental?
<ivoks> i'll take a look at the package
<mathiaz> ivoks: 2:8.3.2-3 seems to have DKMS dropped
<ivoks> i used my own package
<mathiaz> ivoks: 'Drop DKMS support for now, to get the package back into testing.
<ivoks> right, they removed dkms from drbd in testing
<mathiaz> ivoks: is it back in experimental?
<ivoks> i have to take a look at it
<ivoks> i was a bit out of development these days
<mathiaz> ivoks: ok - so it seems that we need to have at least 'Following Linux upstream changes 2.6.31' in karmic
<mathiaz> ivoks: since drbd doesn't work for now in karmic
<ivoks> right
<ivoks> it would be much easier if we would rush for the latest kernel :)
<mathiaz> ivoks: I'd have a look at the experimental package - if it supports dkms then as a sync
<ivoks> wouldn't
<mathiaz> ivoks: then *ask* a sync
<mathiaz> ivoks: with a FFe outlining the new features as well as the reason for syncing (2.6.31 broke drbd)
<ivoks> i'll be presenting pacemaker in ubuntu during oracle conference, here in croatia
<mathiaz> ivoks: awesome! Do you plan to post the slides?
<ivoks> yes
<ivoks> but it will be in croatian
<mathiaz> ivoks: well - put pictures in there
<ivoks> hehe
<ivoks> bbl
 * zul stabs php
<uvirtbot> New bug: #440662 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/440662
<skrite> hey all, what is  a good command to find out the ip address of all ssh traffic ?
<giovani> skrite: I don't understand your question
<skrite> well i am logged into another server and i don't want to stop the process, but i need to know the ip to log into that server again, different session
<jjohansen> smoser: did you get a chance to try those akis?
<smoser> jjohansen, i've not. other htan i booted a 32 bit with it. not done much testin gon it other than that.
<jjohansen> smoser: okay, thanks.  I am going to kick a few more instances again
<smoser> so far for you they've been good ?
<smoser> and how different are the configs "server" -> ec2, jj
<smoser> jjohansen,
<jjohansen> smoser: I saw one instance on 64 bit give cpu lockup errors, so it worries me
<jjohansen> smoser: the configs are fairly close, I had to disable a few things like HIGHPTE to get them to run
<jjohansen> smoser: there were a couple of other things I disabled too, would have to go back and check.  It was 4 or 5 config options total
<smoser> jjohansen, kexec
<smoser> :)
<jjohansen> smoser: hehe, no I didn't had that to these ones, but there just might be  a need to revise the configs yet ;)
<uvirtbot> New bug: #440683 in samba (main) "Samba server upgrade crashed" [Undecided,New] https://launchpad.net/bugs/440683
<uvirtbot> New bug: #440692 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/440692
 * zul perks up
<zul> ec2 configs?
<jbernard_> kirkland: ive got a byobu plugin for rackspace cloud server cost (like ec2_cost) brewing, you're gonna love it
<kirkland> jbernard_: nice ;-)
<uvirtbot> New bug: #440725 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: subprocess post-installation script returned error exit status 3" [Undecided,Won't fix] https://launchpad.net/bugs/440725
<mathiaz> hm - interesting - shorewall got dropped to universe in karmic
<mathiaz> zul: kirkland: ^^
<genii> Licensing maybe
<kirkland> mathiaz: never heard of shorewall
<zul> firewall thing?
<mathiaz> zul: yes
<mathiaz> zul: it used to be in main
<mathiaz> zul: dapper++
<ScottK> I wonder why it would have been in Main?
<mathiaz> kees: jdstrand: ^^
<mathiaz> kees: jdstrand: should shorewall be back in main - or is ufw enough?
<zul> mathiaz, hasnt been updated in 193 in weeks
<mathiaz> ScottK: it's been in main since dapper
<mathiaz> zul: karmic saw a package split
<ScottK> I just don't know why it would have been.  Before ufw, Ubuntu didn't provide a default firewall
<mathiaz> zul: http://packages.ubuntu.com/search?keywords=shorewall
<zul> ufw should be ok i dont see why it should be in main (shorewall)
<aubre> what are the chances that when the cluster controller is being installed we can get the opportunity to set up dhcpd on the network that the ncs are connected to? Or at least a reminder to do so?
<mathiaz> zul: does ufw support all of the shorewall features?
<mathiaz> zul: shorewall is still in the supported-network-common seed
<kees> mathiaz: I'm fine with dropping shorewall.
<zul> mathiaz: i dunno i never ran shorewall
<zul> jdstrand: ^^^
<kees> mathiaz: it was grandfathered in from before I did security work.  :)
<mathiaz> kees: you mean that it was move into main before you were doing ubuntu security work?
<zul> is there such a thing? ;)
<kees> mathiaz: correct
<mathiaz> kees: ok - so I'll update the seed then
<jdstrand> I'm here now
<jdstrand> mathiaz: ufw does not support all of shorewall's features
<mathiaz> jdstrand: ok
<jdstrand> ufw is a fully featured *host*-based firewall, with the ability to add any kind of routing you want
<jdstrand> shorewall has a steeper learning curve, but helps with routing/nat/etc
<mathiaz> jdstrand: right
<mathiaz> jdstrand: it supports gateways and zones
 * jdstrand nods
<mathiaz> jdstrand: it was in main since at least dapper
<mathiaz> jdstrand: and is currently in universe in karmic because of a package name change in debian
<jdstrand> ufw can do anything shorewall or netfilter can do via its framework (man ufw_framework), but it doesn't help a lot when you need the FORWARD chain
<mathiaz> jdstrand: kees suggested to really drop shorewall from main
<mathiaz> jdstrand: (it's still in the supported-network-common seed)
<jdstrand> meaning, you need to know about iptables atm to doing useful things with the FORWARD chain (though, there are examples in the man page, etc)
<jdstrand> tbh, it doesn't make a difference. I don't think shorewall has ever had a CVE against it
<mathiaz> jdstrand: right - but you can't easily (as ufw should be) create a gateway system with multiple zones
<mathiaz> jdstrand: which is quite usual when you deal with network gateways
<jdstrand> ufw's target audience has been desktops, servers, and bastion hosts
<jdstrand> a routing firewall has been out of scope until only very recently
<mathiaz> jdstrand: how about keeping shorewall in main until ufw provides these features?
<jdstrand> mathiaz: like I said. I don't care either way, but I will make this point: ufw is easy to getting started with immediately. its framework allows for doing any filtering/routing you want (with supporting documentation for common scenarios). I am not sure a newcomer to both ufw and shorewall would find shorewall easier overall
<jdstrand> mathiaz: meaning, you have to learn all about how to use shorewall in the first place
 * mathiaz nods
<jdstrand> you could likely spend less time learning the couple things you need to get the routing going within ufw
<mathiaz> jdstrand: and support for the FORWARD chain can be done in ufw as well?
<jdstrand> that is not to disrespect shorewall in any way. I am a fan, and think it is very cool. it has a different target audience than ufw though
<jdstrand> mathiaz: yes! (man ufw-framework)
<jdstrand> mathiaz: you edit configuration files and add iptables style rules
<jdstrand> mathiaz: it's the ufw cli command that doesn't have FORWARD support
<mathiaz> jdstrand: right.
<mathiaz> jdstrand: shorewall provides another layer of abstraction
<jdstrand> which is why I say it doesn't help with FORWARD 'much'
<mathiaz> jdstrand: considering that the target audience are *different*, I'd be inclined to keep shorewall in main
<jdstrand> mathiaz: yes, but with ufw you can mix and match cli commands and hand edited rules
<kees> mathiaz: if it fell into universe because of a package name change, and the old package is still in the supported seed, it should probably just follow and stay in main.
<kees> mathiaz: that said, I do like the idea of dropping stuff from main.  ;)
<jdstrand> so you can have a host that does NAT and provide services. so use the ufw cli command for the services, and add your few NAT lines to the config file (all detailed, again, in ufw-framework)
<mathiaz> kees: right - that's my current analysis of the reason why it fell in universe
<jdstrand> but I'll say it again, with shorewall, I doubt it'll make any difference
<mathiaz> kees: if things keep getting dropped from universe there will less reasons to grow the security team ;)
<jdstrand> mathiaz: believe me, there is more than enough work to go around
<jdstrand> :)
<uvirtbot> New bug: #440772 in samba (main) "Problems started occurring when i added 'mediubuntu' to the package sources list:  package smbclient 2:3.3.2-1ubuntu3.1 failed to install/upgrade: short read in buffer_copy (backend dpkg-deb during `./usr/bin/rpcclient')" [Undecided,New] https://launchpad.net/bugs/440772
<jdstrand> mathiaz: in previous releases, I have been asked whether shorewall should be dropped from main. I have said 'no', do to the fact that ufw doesn't help much with routing in your firewall. that has not changed
<jdstrand> s/do/due/
<mathiaz> jdstrand: ok - I'll update the seed then
<mathiaz> jdstrand: and keep shorewall in main
<jdstrand> that sounds fine
<jdstrand> ufw will be growing routing support. I don't know for lucid, but soon
<mathiaz> jdstrand: I still think it's a useful tool to configure a routing firewall/complex gateway (which is its target use cases)
<mathiaz> jdstrand: kees: thanks for your input
<jdstrand> mathiaz: I agree (like I said, it is a nice application)
<uvirtbot> New bug: #415799 in network-manager (main) "dhclient doesn't get any dhcpack" [Undecided,New] https://launchpad.net/bugs/415799
<JanC> FWIW: shorewall is quite easy to use as well as powerful after reading the (very fine!) manual; much easier than learn about "cryptic netfilter rules" (which is what you need for ufw ATM AFAIK), so +1 from me to keep it in main  ;)
<benventura> test
 * _ruben is tempted to look into shorewall for his ipv6 firewalling needs, see if it might be a decent candidate for our inhouse-developed bash-bashed scripts
<nicholas_> Hi, I'm looking for a kind of user logging system, which can help me create/give an overview of SSH loging and SFTP logings _without_ I have to look through raw logs? Know any? (It's for creating an overview of students activity on a school server)
<zul> jdstrand: ping have you seen this? http://pastebin.ubuntu.com/284064/
<mfoster> heh, sucks for  jeiworth
<adamsweet> hey jcastro
<jcastro> hi adamsweet
<adamsweet> hi, looking at the ec2 stuff, they refer to alpha6, should I concentrate on the beta now instead?
<adamsweet> the instructions refer to alpha6, that is
<jcastro> adamsweet: yes please
<adamsweet> jcastro: cool, thought I better check
<jcastro> adamsweet: I'll update the page
<jcastro> adamsweet: also, it seems that amazon devpay thing isn't working
<jcastro> so you'll probably end up with a bill of 2 dollars or something
<jcastro> but I am working to resolve that
<adamsweet> jcastro, :)
<adamsweet> bad timing :)
<jcastro> well they don't charge you until the end of the month
<jcastro> I should have it fixed by then. :D
<adamsweet> no problem
<jcastro> wiki fixed, thanks!
<Orfeous> hi again! got into a problem :P my friend has borrowed my dvd-reader and i need to reinstall ubuntu-server. so i thought that i could install from a usb stick.. but it dont work!! i have tried several methods that ive found on different forums. only desktop-ubuntu.. etc works but not server.. strange.
<Orfeous> any ideas to get it work?
<Jagged> Break said friend's legs and retrieve property.
<Orfeous> when i tried to boot from usb stick it only told me to insert a bootable disk and press enter..
<Orfeous> i selected my usb stick as bootup drive in bios
<Jagged> did you install to the usb stick correctly?
<adamsweet> Orfeous, are you sure your BIOS supports booting from USB? I have machines which don't
<Orfeous> Jagged, yes tried a program called unetbootinf and also followed guides on forums.. :)
<Orfeous> Jagged, got the 1gb fat16 partition om my usb stick.. copied all files from iso to usb stick.. renamed isolinux to syslinux and isolinux.cfg to syslinux.cfg..
<Orfeous> adamsweet, the usb stick is selectable from bios under boot devices..
<Orfeous> Asus P5B Premium vista edition is motherboard.
<Orfeous> also tried booting it from my htpc and it not worked.. :P
<Orfeous> i now i have been trying XBMC LiveCD USB and that booted from my usb-stick
<Orfeous> is the size on fat 16 partition important? i mean if its 1gb or if its likw 3gb?
<Orfeous> i can give links to what guide i have followed
<Orfeous> this is one guide: https://help.ubuntu.com/community/UbuntuServerFlashDriveInstaller
<Orfeous> this is another guide: http://www.ubuntugeek.com/how-to-install-ubuntu-linux-from-usb-stick.html
<adamsweet> Orfeous, do you have an existing Ubuntu machine?
<Orfeous> adamsweet, yes i have
<Orfeous> installed ubuntu-server 9.10 on it
<adamsweet> no desktops?
<Orfeous> no, just windows
<Orfeous> but i got a dvd-drive on my laptop
<Orfeous> and can boot up a livecd from that and make a bootable usb-stick from gnome
<Orfeous> but i havent tried that
<adamsweet> yes, try that
<Orfeous> really dont know why it doesnt work
<Orfeous> and why it doesnt work with ubuntu-server version :)
<adamsweet> In the Gnome desktop, System > Administration > USB Startup Disk Creator
<adamsweet> you'll need iso image on your laptop filesystem
<adamsweet> otherwise, I have no idea how to help you :)
<adamsweet> might be easier to go to your friends house and ask for your DVDd rive
<Orfeous> i can try that tomorrow, but are there no other isos that i can boot from and use netinstall for ubuntu-server?
<adamsweet> I don't think the iso image is your problem, rather your creation of bootable USB disks is, but I'm only guessing
<uvirtbot> New bug: #440918 in samba (main) "Did todays update, samba failed? can still browse mounted network shares" [Undecided,New] https://launchpad.net/bugs/440918
<edulacomadreja> hi everyone
<edulacomadreja> after editing "/etc/udev/rules.d/70-persistent-net.rules" ubuntu server hangs on boot at "configuring network intefaces.."
<edulacomadreja> how should i skip this?
<Hypnoz> I think if you comment the lines out ubuntu will regenerate them
<edulacomadreja> but how can i edit that file again?
<edulacomadreja> i'm stuck there...
<edulacomadreja> is someone there?
<allanon_> hi
<allanon_> could anyone tell me how i might figure out why 'netcat localhost 25' returns nothing?
<ScottK-desktop> Why did you expect it too?  Default Ubuntu Server doesn't listen on port 25.
<allanon_> ok I didnt think i'd need to bust it all out..
<allanon_> Im running postfix/squirrelmail/dovecot, etc
<allanon_> so yeah I assumed it would be ;p
<ScottK-desktop> Right, we we aren't mind readers.
<ScottK-desktop> I guess I'd look at postfix logs and see if it's complaining about anything first
<allanon_> sorry :( i guess nubs flow in here asking tarded questions and what not.  my apologies
<allanon_> the only thing in mail.log, in a repeating fashion, is:
<allanon_> Oct  2 16:42:00 sputnik postfix/smtpd[8135]: fatal: bad numerical configuration: unknown_client_reject_code = 450-Unknown_Client
<allanon_> Oct  2 16:42:01 sputnik postfix/master[2846]: warning: process /usr/lib/postfix/smtpd pid 8135 exit status 1
<allanon_> Oct  2 16:42:01 sputnik postfix/master[2846]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
<allanon_> every 1 minute too..
<allanon_> tried googling but crap you get so many conflicting ideas on what the culprit is
<Orfeous> hmmm
<allanon_> are those entries possibly meaning that something is causing smtpd to term, which its restarting but being killed again in a loop?
<allanon_> ok so it appears my convo with scott has rendered any further help null here.  So much for community.
<Jagged> Insults are always a good way to get help =\
<bventura> there's a typo on the Ubuntu Server Guide page that I bet was causing that problem allanon had
<bventura> I didnt notice till after he left
<Mike_lifeguard> Hello, I am going to be installing server edition for the first time. I'm not sure how to do that if I don't have a monitor to hook up to the machine though. Is it possible to ssh from a connected laptop or something to do the install?
<bventura> I'm trying to use qemu on jaunty with the 'Virtaul Machine Manager' GUI app and when I try to start up the virtual network I get the error "Error starting network cannot create bridge 'vibr1' : Operation not permitted.. anyone know how to fix this?  None of the stuff I found on google works
<ScottK> Mike_lifeguard: No.
<Mike_lifeguard> I suppose I will buy a monitor then :\
<ScottK> Once it's set up you can do anything you need via SSH, but not the install
<ScottK> So perhaps you can just borrow a monitor from another machine.
<Mike_lifeguard> I don't have access to hardware that's not a laptop. But I'll just find some cheap shit to use for a day while I get it set up, then dump it :)
<Mike_lifeguard> Thanks for your help.
<Orfeous> i will give it a try tomorrow ;)
<Orfeous> the install from usb stick thing :D
<erichammond> elmo: archive.ubuntu.com has been painfully slow the last couple days and sometimes times out on responses altogether.
<bventura> you know I've noticed that too lately takes forever
<erichammond> This has prevented me from being able to create new Ubuntu images for EC2 using the latest kernel Amazon built to fix the big security bug.
<bventura> what's the big bug I don't think I heard about it
<erichammond> bventura: http://developer.amazonwebservices.com/connect/thread.jspa?threadID=35410
<erichammond> Until we have modern, updated kernels for EC2 from Canonical, folks using Ubuntu on EC2 depend on Amazon updating older (2.6.18, 2.6.21) kernels.  It means we're not truly running complete "Ubuntu" but it works well enough to get the job done.
<jjohansen> erichammond: I have some new kernels to test if you want
<erichammond> jjohansen: cool.  I'm a bit backlogged right now, but like to keep notes on what's available so I know the development directions to take.
<bventura> .
<erichammond> jjohansen: My first attempt to use a recent 2.6.31 kernel with my own Karmic build resulted in an AMI which didn't boot well.  It's obviously my fault since Canonical's Alpha-6 works with it, but I haven't had the time to investigate further yet.
<jjohansen> erichammond: want me to mail you the details, or just post them here
#ubuntu-server 2009-10-03
<erichammond> I've removed mention of my Karmic AMIs from http://alestic.com in the hopes that folks will just use Canonical's and give feedback to make it unbeatable.
<erichammond> jjohansen: I'll take info any way you want to provide it.  I'm always a fan of making it public if it doesn't risk harm.
<thiagocrepaldi> has anyone here able to ENABLE LdapAuthentication mediawiki-extension plugin ?
<thiagocrepaldi> mediawiki-extension package looks like ubuntu specific
<thiagocrepaldi> so, i cant find any documentation to help me =/
<jjohansen> erichammond: public is fine, I just figured email is a nice way to store the note
<jjohansen> anyway, here they are aki=aki-c6896aaf, ari=ari-d8896ab1
<jjohansen> oops those are x86_64
<erichammond> Yep emaill archives are nice reference, but I'll be copying the relevant info into my TODO list
<jjohansen> i386: aki-e2896a8b ari-e4896a8d
<jjohansen> there are also, almost identical kernels with Hz=250 and kexec
<jjohansen> x86_64: aki-5e896a37 ari-50896a39
<jjohansen> i386: aki-00896a69 ari-02896a6b
<jjohansen> smoser: ^
<jjohansen> the Hz=250 was to compare that vs. standard config for VOIP
<jjohansen> the kexec is because smoser wanted to play with it
<erichammond> jjohansen: The manifest prefix names are looking good.  Lots of useful information.
<jjohansen> erichammond: all your doing
<erichammond> Somebody gets credit for taking my recommendations ;-)
<erichammond> ...and for ignoring the bad ones.  I throw enough out there that a few must be good just by chance.
<jjohansen> :)
<Saj0577> hey guys, i connected via ftp in a temrinal how do i copy files to my pc?
<jjohansen> Saj0577: get <filename>
<Saj0577> cheers. and what about if i want to specify where it saves them? or is there a config file for this?
<bventura> saj: do an "lcd" to the location where you want to save it
<Saj0577> bventura: cheers you got a guide or anythin anywhere with them all in a readable format?
<jjohansen> Saj0577: you can also do> get <remote-file> <local-file>
<bventura> usually it starts you out in your home directory
<jjohansen> Saj0577: you may also need to set your transfer mode
<jjohansen> Saj0577: >binary
<jjohansen> Saj0577: >ascii
<Saj0577> jjohansen: okay cheers.
<jjohansen> binary tells ftp not touch the data, ascii it does things to the data
<bventura> shhesh I'm loking for one Saj but everything that comes up on google is wayyy to verbose
<Saj0577> bventura: okay cheers
<bventura> maybe, try researching the terminal commands "cd" and "pwd" and go from there it's the same thing as in FTP
<Saj0577> oright yeah im fine with normal terminal so if its just the same role on hehe
<bventura> yeah everything is the same, just prefix it with "l" to run the command on your PC's local side
<bventura> mostly the same
<Saj0577> okay thanks alot :)
<bventura> np
<bventura> .
<tarvid> where do I post kernel net driver bugs?
<tarvid> how does one post a bug report at all?
<erichammond> tarvid: https://help.ubuntu.com/community/ReportingBugs
<tarvid> I've been on that page and I still cannot figure out how to file a bug
<tarvid> insmod: error inserting '/lib/modules/2.6.28-15-generic/kernel/drivers/net/sundance.ko': -1 Unknown symbol in module
<tarvid> It's been broken for three years and I picked up the wrong card on the way home tonight
<tarvid> That's one way to reduce the number of reported bugs.
<Saj0577> hey tarvid just read whats you been saying
<tarvid> I have an iptables rule set that works for me, how would I import it to ufw
<Saj0577> dont normally hang here but im sure i can help. so you keep getting a bug and your having truble reporting it?
<tarvid> I should just throw that card out. It works in that other operating system and works on Fedora but is still broken in Debian/Ubuntu
<tarvid> I have the precise error message and the kernel module which fails
<tarvid> but ubuntu-bug wants to file it under yelp and include tons of irrelevant information
<tarvid> it will get passed upstream if handled at all
<Saj0577> if you pastebin everything you know about the problem then that will probably be of help.and i will look into how you submit the bug report now for you
<tarvid> the problem is the one line above
<Saj0577> uknown symbol in module one?
<tarvid> yes
<tarvid> syslog has a few more lines
<tarvid> but the error is basic - fundamental
<Saj0577> kk
<tarvid> Some have recompiled the Fedora code. I'll throw the card away anyway. It is not worth the effort
<Saj0577> hehe. is it some old card you had lieing around for yearS?lol
<tarvid> But I had the urge tonight to unwind ufw
<tarvid> I had forgotten why it was laying on the shelf but now I remember.
<tarvid> Now much call for nics these days. I need to sandbox ufw
<tarvid> which also deserves a bug report
<tarvid> you should be able to start with iptables-save
<tarvid> trying to map the existing rule set into ufw is not uncomplicated
<uvirtbot> New bug: #296159 in vm-builder "ec2exec: quotes not needed in sed command" [Undecided,Fix released] https://launchpad.net/bugs/296159
<jdstrand> tarvid: if you do not want to use ufw, simply do 'sudo ufw disable'. it unloads the firewall and won't be loaded on boot. if you want to completely flush everything, '/lib/ufw/ufw-init flush-all'
<tarvid> I want to use ufw but I want to start with my existing firewall rules
<foxbuntu> wow
<foxbuntu> whoops
<foxbuntu> wrong channel :)
<zloyrusskiy> hi, there, i wanna know - is somebody compared performance of iScsi and samba?
<zloyrusskiy> with samba i have performance with my home server about ~35mb/s, is there some reason to migrate to iscsi?
<andguen1> We're awfully quiet today...
<_ruben> its weeekend
<VK7HSE> getting over the shock and awe of Beta! ;)
<andguen1> i shudder at life before bittorrent :)
<andguen1> boostar: Now, I'll happily answer it here, that other channel is awfully noisy :)
<BooStar> ah ok thanks
<andguen1> Feel free to ask the question again just so others know what we are talking about though..
<andguen1> Can I assume you are able to run the server process normally? Are you familiar with how to get other various daemons running at startup?
<BooStar> ok, so i installed the dhcp3-server to use ist for pxeboot and it worked very good but if i restart the server the dhcp3-server wont start up
<BooStar> i have to run /etc/init.d/dhcp3-server start manualy
<BooStar> other deamons like apache2 are starting during the boot
<andguen1> try 'update-rc.d dhcp3-server defaults'
<BooStar> System startup links for /etc/init.d/dhcp3-server already exist.
<andguen1> then give me a 'find /etc/rc*|grep dhcp' output
<BooStar> /etc/rc1.d/K40dhcp3-server
<BooStar> i get this frome 1 to 5
<andguen1> odd
<BooStar> rc1.d to rc5.d
<BooStar> odd?
<andguen1> the "K" on the front of the file means explicitly kill it
<andguen1> it should be killing in rc0.d and rc6.d, but not 1-5
<BooStar> ok.. there is a file in which this was asked
<BooStar> i try to remember ;)
<BooStar> i think i need to edit this http://de.pastebin.ca/1590446
<BooStar> right?
<andguen1> It MIGHT be worth renaming K40dhcp3-server to S40dhcp3-server within /etc/rc3.d --- I usually don't go such brute force, but its probably the easiest way to make it work.
<BooStar> ok i try
<andguen1> I looked at that pastebin, but I'm not familiar with the file itself, the start and stop numbers I agree with though
<BooStar> there is not k40* file in /etc/rc3.d
<andguen1> cd /etc/rc3.d && ln -s /etc/init.d/dhcp3-server S40dhcp3-server
<andguen1> brute force method :)
<andguen1> Then do a 'less /etc/rc3.d/S40dhcp3-server' and make sure it doesn't give you any errors opening the file
<BooStar> re
<BooStar> i tried to link the file but it already exists
<andguen1> ?
<BooStar> cd /etc/rc3.d && ln -s /etc/init.d/dhcp3-server S40dhcp3-server
<BooStar> ln: Erzeuge symbolische VerknÃ¼pfung âS40dhcp3-serverâ: File exists
<andguen1> can you give me a 'find /etc/rc*|grep dhcp' output again?
<andguen1> if the S40 exists, it should be starting up
<BooStar> sure
<andguen1> In that case, you may have startup issues, it might be worth a 'grep dhcp /var/log/syslog'
<BooStar> http://de.pastebin.ca/1590466
<BooStar> root@andreas-server:/etc/rc3.d# /etc/init.d/dhcp3-server status
<BooStar> Status of DHCP server: dhcpd3 is not running.
<andguen1> This is the setup we were looking for earlier. I'm confused how it got fixed, but I'm ok with it.
<BooStar> this is strange.. i thoungth its hard to setup a pxeboot ;)
<andguen1> Heh, pxe drives me crazy.
<BooStar> hehe... its workin on my system
<andguen1> In theroy, this should now work correctly on reboot. If /etc/rc3.d/K40dhcp was just recently changed to /etc/rc3.d/S40dhcp, that should fix your problem
<BooStar> should i rename it?
<andguen1> If it does not, definitely check on dhcp errors in /var/log/syslog and dmesg (the command)
<andguen1> based on your last pastebin, you are good
<BooStar> is there a way to run a command on startup? mabe something linke /etc/init.d/dhcp3-server restart ?
<andguen1> Edit /etc/rc.local and add what commands you want there. You shouldn't have to do this, but it likely will work.
<BooStar> ok.. first i try to reboot again ...
<BooStar> re
<andguen1> any luck?
<BooStar> it works after i added the /etc/init.d/dhcp3-server comand to the rcc.conf
<BooStar> i think its not the best way but it works
<andguen1> rc.local you mean?
<BooStar> maybe ;
<andguen1> yea, not the best way. The biggest challenge now is remembering its there in 2 years when you have to troubleshoot it next time. :)
<BooStar> yeah.. rc.local
<BooStar> hm i write any changes to a wiki
<andguen1> good idea
<BooStar> thx
<BooStar> but its a lot of work
<BooStar> but its nice to have this
<BooStar> anyway... maybe i can help you with your pxeboot...
<BooStar> or does it work already ?
<andguen1> eh, not currently a priority. I got out of IT a year ago. Thanks for the offer though.
<andguen1> best of luck with your setup
<BooStar> thanks a lot
<dutchie> having trouble with SASL auth after following https://help.ubuntu.com/community/Postfix
<dutchie> testsaslauthd gives a success
<dutchie> but Evolution won't send and I can't authenticate manually with nc
<uvirtbot> New bug: #427896 in samba (main) "Cannot unmount a windows network share." [Undecided,New] https://launchpad.net/bugs/427896
<uvirtbot> New bug: #406466 in samba (main) "cifs mount on NAS-share with empty directory" [Undecided,New] https://launchpad.net/bugs/406466
<dutchie> having trouble with SASL auth after following https://help.ubuntu.com/community/Postfix
<dutchie> testsaslauthd gives a success
<dutchie> but Evolution won't send and I can't authenticate manually with nc
<ScottK> What do the postfix logs say about it?
<dutchie> which one should I look at?
<ScottK> /var/log/mail.log has everything, but check .warn and .error first
<ScottK> (this is on your server)
<dutchie> http://pastebin.com/f41ce6661
<dutchie> that's .warn
<ScottK> Probably need to look at does Postfix in it's chroot have access to saslauthd.
<uvirtbot> New bug: #441406 in php5 (main) "php5 crashed with SIGSEGV in clone()" [Undecided,New] https://launchpad.net/bugs/441406
<ScottK> dutchie: What Ubuntu release are you running?
<ScottK> I suspect if you look at https://help.ubuntu.com/community/Postfix#Authentication carefully, I suspect you'll find you missed a step.
<dutchie> ScottK: Karmic
<dutchie> no, hardy sorry
<ScottK> dutchie: My recommendation though is to go and use the official docs for this: https://help.ubuntu.com/8.04/serverguide/C/email-services.html
<ScottK> You'll be better off in the long run to do it that way since people will better be able to help you here.
<dutchie> right, screw authentication, I'll just use the dyndns thing to identify
<dutchie> which config option should I set in /etc/postfix/main.cf?
<ScottK> dutchie: Probably all you need to do get authentication working is unchroot postfix
<ScottK> If you want the quick and easy way
<dutchie> is that bad in any way?
<ScottK> It's in theory slighlty less secure.
<ScottK> In the scheme of things it's way better than 'screw authentication'
<dutchie> it will probably not be the most insecure thing on that server
<ScottK> ;-)
<ScottK> You have to work at making postfix insecure.  Some people manage, but I have no idea how.
<dutchie> do I have to change anything apart from the one line in master.cf?
<ScottK> IIRC it's more than one, but I don't have time to look it up right now.
<ScottK> I think what the guide you were following had is correct (it hasn't changed in more recent postfix)
<uvirtbot> New bug: #440206 in mysql-dfsg-5.0 (main) "123456" [Undecided,New] https://launchpad.net/bugs/440206
<dutchie>  it still won't authenticate even outside the chroot
<uvirtbot> New bug: #441498 in samba (main) "missing alternatives/defaults for testparm, net and nmblookup" [Undecided,Invalid] https://launchpad.net/bugs/441498
<ScottK> dutchie: Did you restart postfix?
<dutchie> ScottK: yes, and it still doesn't work
<ScottK> OK, I'd follow the server guide link I gave you earlier.
<cumulus007> Hi, as an Ubuntu translator, I noticed the presence of the Ubuntu Server Guide as a translatable package
<cumulus007> I have a question regarding this: where are translated versions of this guide to be found?
<ScottK> sommer: ^^
<cumulus007> I'm interested in translation the guide only if the translations will be used somewhere
<ScottK> Understandably.
<ScottK> That's why I pinged sommer.  He's the one that mostly takes care of it.
<cumulus007> *translating. Okay :)
<ScottK> IIRC it's available as an installed package on Ubuntu Server and I'd guess that's where the localized form of it exists.
<cumulus007> yes I noticed that, but I think more users would be satisfied with an online PDF version of the document rather than that package, since reading documents on the console isn't very pleasant to do
<ScottK> I don't know how hard that would be to do.
 * ScottK doesn't know a huge amount about translations.
<cumulus007> ScottK, there is already a PDF version available, though not translated
<ScottK> I don't know how that one gets built.
<uvirtbot> New bug: #441621 in samba (main) "samba crashed" [Undecided,New] https://launchpad.net/bugs/441621
<pmatulis> cumulus007: the documentation team handles translations of the official docs
<MagicFab> pmatulis, come to #ubuntu-qc
<cumulus007> pmatulis, I asked it them in their IRC channel but I had no luck with feedback
<toddobryan> Could somebody walk me through deciding how to implement LDAP/Kerberos on a school lab that I administer.
<toddobryan> ?
<pmatulis> cumulus007: the official docs are hosted on launchpad
<cumulus007> they are? Are they accessible in Wiki-style or something?
<JanC> you can read them on help.ubuntu.com, but only in English
<toddobryan> It's a thin client lab, with three servers, so I really need centralized login/user info, but I've hit brick walls several times trying to go through HowTos.
<pmatulis> cumulus007: bzr repo
<cumulus007> But that's not really user-friendly, is it
<cumulus007> Translated versions of the server guide should be available for consulting online in either PDF format or in a way like the current English documentation is built
<cumulus007> It may be a good idea to file a bug about this issue
<pmatulis> cumulus007: 'bzr branch lp:ubuntu-docs'
<pmatulis> cumulus007: the official docs are what make up help.ubuntu.com
<pmatulis> cumulus007: they are also on your desktop system
<pmatulis> cumulus007: see 'System > Help and Support' and search for 'server guide'
<cumulus007> I can't find them there
<cumulus007> never mind, got it
<cumulus007> Don't forget that a server doesn't have a nice GUI to consult the server guide ;)
<cumulus007> I really think it should be a great idea to make the translated versions of Ubuntu documentation available online, along with the English version
<pmatulis> cumulus007: join the documentation team and/or send a suggestion to their mailing list
<cumulus007> That's a good idea and I think I'm going to do that, or at least file a bug report
<pmatulis> cumulus007: what i find weird is that they impose a "string freeze" after which the docs cannot be changed.  for example that freeze is presently in effect for karmic.  no more changes to the karmic docs  :(
<pwnguin> usually these things have exceptions
<pwnguin> meaning you have a formal review process for change instead of whatever goes
<pmatulis> sure, sure
<pmatulis> thing is, people need to use a release and then document
<pmatulis> right now they have about a month after feature freeze
<pwnguin> the other thing is, i believe you're mistaking string freeze for translations freeze
<pmatulis> ah perhaps
<pwnguin> but maybe not
<pmatulis> but i was told something pretty clear a couple of weeks ago
<pmatulis> there is no good reason to impose a documentation freeze at all
<pwnguin> the idea is
<pwnguin> translators shouldn't have to translate every version of a string
<cumulus007> pmatulis, a freeze is important for translators so they can translate without having the risk that their translation is lost the next day because the string changed
<cumulus007> anyway, thanks for your information about the server docs
<cumulus007> good night :)
<Weasel[DK]> is dcc-client not available for Hardy any more ?
<JanC> Weasel[DK]: http://packages.ubuntu.com/dcc-client --> not as a separate package at least?
<Weasel[DK]> JanC, right... it has vanished for some reason ?
#ubuntu-server 2009-10-04
<tarvid> looking for ipac-ng; seems to have been last seen in dapper
<JanC> Weasel[DK]: sorry, I have no idea, but often it happens because it's not maintained upstream anymore, or a better solution is available in another package, or such
<tarvid> tnx
<tarvid> any suggestions for ip accounting by ip address
<JanC> no suggestions as in "this works for me", but from the description seems like net-acct should be able to do that  ;)
<JanC> I'm sure there are other solutions too
<lfaraone> How do I configure apache to return all requests for any URL as HTTP 503 (and some error page)?
<JanC> lfaraone: I don't know about a ready-made solution, but should be easy to write a simple script that does that?
<lfaraone> JanC: okay, how can I rewrite all requests to any page to a single php/python script?
<erichammond> lfaraone: You can send all requests to the same file with a RewriteRule.
<erichammond> To return a static file with headers like "Status: 503" check out the ".asis" file extension.
<JanC> e.g. http://www.dotcomunderground.com/blogs/2006/08/31/return-503-status-with-apache-webserver/ has an example
<JanC> or what erichammond says  ;)
<JanC> you could use the same file content for that
<erichammond> .asis can handle a more volume than a script which is especially useful if you are getting flooded.
<JanC> most likely (a dedicated apache module could be even faster of course)
<lfaraone> JanC, erichammond, thanks.
<erichammond> Toss a RewriteCond before the RewriteRule and you can turn your maintenance page on with the simple creation of a file.
<grim76> Gotta suck being these guys http://idle.slashdot.org/article.pl?sid=09/09/16/1555252
<grim76> crap wrong channel sorry
<Tohuw> I'm managing IT for a small (> 25) person company. I just started a few weeks ago, and they have NO server or domain of any kind right now. I'm seriously considering Ubuntu Server, but I'm concerned about single-sign on, directory services, and group policy management. Any insights or shared experiences would be greatly welcome.
<thiagocrepaldi> which tools is used on ubuntu docuemntation ? mediawiki ? (http://help.ubuntu.com)
<VK7HSE> thiagocrepaldi: are you asking what type of wiki they use? if so I believe it is Moin Moin
<thiagocrepaldi> VK7HSE, yes. i asn't even sure if it was a wiki
<thiagocrepaldi> wasn't*
<VK7HSE> ;)
<thiagocrepaldi> i installed here, but i anted a "static website" look and feel to everybody else, tehn me
<twb> ikiwiki is a compile-oriented wiki.
<twb> You push changes to the wiki source repo, and as a post-hook ikiwiki runs which "compiles" statically rendered pages, which you can export with any old httpd.
<twb> Of course, that would ACTUALLY be static, rather than "looking and feeling" static...
<lbsjack_> who uses Eucalyptus under ubuntu 9.10 ?
<erichammond> My PPA package build is going to start in 11 hours?! https://launchpad.net/~alestic/+archive/ppa/+build/1274306
<erichammond> Seems like this project might be able to use a little EC2-ness for spike loads.
<roxy09> hi there ...i just install kubuntu and i am getting "out of range" in my windows with a black screen. somebosy know how resolve it?
<zzz2009> ? how the hell does one get postfix sasl to work?
<NineTeen67Comet> This may not be the place, but I've installed mediatomb and can start/use it fine with cli input. How do I get it to start with boot? I added mediatomb to rc.local but it didn't seem to start up.
<ivoks> how did you add it?
<NineTeen67Comet> simply added the line /usr/bin/mediatomb (then to test just added mediatomb) .. above the exit 0 line ..
<ivoks> then it should start
<NineTeen67Comet> ivoks: I'll play with it a little more .. it'll restart with /etc/init.d/mediatomb restart .. but I don't see it running in top unless I start it myself with mediatomb ..
<ivoks> does it need ip?
<_ruben> no rc.local is needed, as it got a proper /etc/init.d/mediatomb
<NineTeen67Comet> _ruben: that's what I was thinking ..
<_ruben> sudo update-rc.d mediatomb defaults
<NineTeen67Comet> Then I edited the /etc/mediatomb/.config.xml file to match the one in my home directory .. still nothing ..
<ivoks> if you get ip by dhcp, and that service requires an IP to start, then think about it :)
<NineTeen67Comet> _ruben: I'll try that ..
<NineTeen67Comet> ivoks: all my boxes are static (17 all told in my house) ..
<_ruben> mediatomb is kinda nice, if only my tv's dlna implementation wouldnt suck so much :(
<NineTeen67Comet> _ruben: I always forget how to add stuff to rc .. says it's already exists ..
<_ruben> might build me a ion based xbmc thingie
<_ruben> NineTeen67Comet: then it should work already, does for me atleast :)
<NineTeen67Comet> Yeah I've installed it mainly for my PS3 .. my mythbuntu boxes already work great (no TV so I use a lot of my own movies) ..
<_ruben> might wanna check the logs to see why it fails
<_ruben> could double check update-rc.d's work with: ls /etc/rc?.d/*mediatomb
<NineTeen67Comet> yeah, it seems odd .. I can start it manually in cli by typing mediatomb but if I check it when it boots nothing ..
<_ruben> also, does the screen show any attempts to start when booting up ?
<NineTeen67Comet> Looks like it's trying to find it's html file in my home directory .. gotta change that back to the default directory ..
<_ruben> encrypted homedirs as well? had that problem with sabnzb+, looking for config in my homedir, which couldnt get decrypted once i logged in :)
<NineTeen67Comet> yeah, I'm creating a /home/mediatomb/.mediatomb directory now .. with all my default configs ..
<_ruben> i dont recall mediatomb messing with files in homedirs, then again, been a while since i played with it
<_ruben> gave up on it due to my crappy dlna implementation tv (samsung 32")
<_ruben> no support for ffwd for instance
<NineTeen67Comet> I started it initially as me as the user .. when I typed in mediatomb I didn't preface it with sudo or anything ..
<NineTeen67Comet> _ruben: I hear your pain .. when I was trying s-video the resolution just sucked too bad to be useful ..
<_ruben> here it runs as user mediatomb, by using the init script
<NineTeen67Comet> yeah mediatomb .. that's why I created the /home/mediatomb directory with all the .mediatomb files from my directory rsynced in .. (along with changing the permissions to mediatomb:mediatomb and chmod 777 them just to be ultra done .. lol
<_ruben> mediatomb's homedir is /var/lib/mediatomb, not /home/mediatomb though :)
<NineTeen67Comet> _ruben: got it going .. just changed the file in /etc/meditomb/.config.xml to point to it's own directory instead of mine .. all's well that ends well ..
<NineTeen67Comet> Now I gotta figure out how to hack my ADSL router (just moved into this place) so I can get my web sites back up .. sigh .. HATE VERIZON!
<NineTeen67Comet> Thanks for the ideas _ruben .. off to bed ..
<NineTeen67Comet> take care
<alonswartz> Hey folks, regarding ubuntu-on-ec2, I noticed that linux-modules-VERSION-modules (ubuntu-on-ec2 ppa) has been upgraded since the canonical ami's (and so the aki/ari's) were released. Would the latest version still be compatible with the released AMI's (hardy LTS)?
<AnirbanHazra> What is the latest release of Ubuntu 8.04 ?
<andol> AnirbanHazra: There is a 8.04.3 point release
<AnirbanHazra> andol: Thanks, and I hope its LTS ?
<andol> AnirbanHazra: Actually 8.04.3 is still 8.04, and hence LTS. It's merely a new release/iso, saving you the trouble to download that many updates after install.
<Ruadh> Hi. I am having problems downloading 6 updates on my ubuntu server.  I get the error message saying "... Could not resolve 'gb.archive.ubuntu.com'" Can anyone help?
<clusty_> Ruadh, try a different mirror
<Ruadh> clusty, how do i do that?
<clusty_> Ruadh, did you install some GUI to your server or you kept it totally headless ?
<Ruadh> a small GUI
<clusty_> easiest is with synaptic
<clusty_> it's a GUI to the package manager
<Ruadh> ok
<Ruadh> I'll have a look thanks
<clusty_> you can chose software repositories
<clusty_> and it also can check for fastest mirror for you
<AnirbanHazra> andol: How long Ubuntu 8.04 LTS is supported ?
<clusty_> i think it is 2 years maybe?
<andol> AnirbanHazra: https://help.ubuntu.com/community/CommonQuestions#Releases%20and%20Version%20Numbers
<clusty_> btw, how does one upgrade a server distro?
<clusty_> i presume there is no update-manager -d equivalent?
<clusty_> can i just replace the sources.list ?
<Ruadh> clusty_, I tried synaptic bit it came up with the same error.
<Ruadh> oop
<clusty_> Ruadh, you changed your mirror?
<clusty_> or tried the same?
<Ruadh> how do i do that in synaptic?
<clusty_> check settings
<clusty_> you will havething called repositories
<clusty_> or whatever
<clusty_> and you can chose from a big list the mirror
<clusty_> and then you can choose the repos you want
<Ruadh_> clusty_, All done and dusted. Thanks
<clusty_> goody
<Ruadh_> :)
<uvirtbot> New bug: #442372 in samba (main) "package samba 2:3.3.2-1ubuntu3.1 failed to install/upgrade: sub-processo novo script post-removal retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/442372
<hanshenrik> for some reason... i got php.ini in /etc/php5/apache2  and /etc/php5/cli, umm... witch 1 does my apache2 install use?
<AnirbanHazra> How anyone can seamlessly upgrade from Hardy Heron to Lucid Lynx when it is released on Apr 2010 ?
<pmatulis> AnirbanHazra: the normal way, nothing special
<AnirbanHazra> pmatulis: What is the "normal way" . I apologize for not having the idea .
<pmatulis> AnirbanHazra: are you using GNOME?
<uvirtbot> New bug: #442403 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/442403
<AnirbanHazra> pmatulis: No, mine is a server edition , so only shell is there.
<pmatulis> AnirbanHazra: then 'sudo do-release-upgrade -m server'
<nicholas_> What is the best web-based apache statistics viewer?
<_ruben> !best
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
<nicholas_> :-)
<nicholas_> What do YOU prefer?
<_ruben> no preference at all, since i dont care about "web-based apache statistics viewers"
<Jagged> webalyzer is what I normally use...
<nicholas_> Thanks Jagged.
<uvirtbot> New bug: #439315 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: subprocess post-installation script returned error exit status 75" [Undecided,Invalid] https://launchpad.net/bugs/439315
<pmatulis> wasn't there something called awstats?
<AnirbanHazra> how can I understand that whether I am running a desktop or server version of Ubuntu ?
<dthacker> AnirbanHazra: ubuntu server does not have a graphic desktop environment installed by default.  Do you have one installed?
<Mike_lifeguard> AnirbanHazra: you can also check what kernel you're using with uname -r
<pmatulis> please note that there is no server kernel for i386 starting with karmic
<AnirbanHazra> pmatulis: Mike_lifeguard: uname -r = 2.6.18-92.1.18.el5.028stab060.2
<AnirbanHazra> what does it mean ?
<_ruben> that's not an ubuntu kernel
<_ruben> looks redhat'ish
<_ruben> eg redhat, fedore, centos ..
<AnirbanHazra> _ruben : But I am on Ubuntu !!
<_ruben> what does lsb_release -d say ?
<AnirbanHazra> _ruben: Description:	Ubuntu 8.04.3 LTS
<pmatulis> EC2?
<AnirbanHazra> _ruben: Any idea ?? Is there anything wrong with that kernel ?
<pmatulis> AnirbanHazra: using Amazon EC2 cloud computing?
<_ruben> AnirbanHazra: its not a standard kernel as shipped by ubuntu
<AnirbanHazra> pmatulis: I am on an OpenVZ VPS.
<pmatulis> ok
<pmatulis> they use something non-standard
<_ruben> dpkg -l linux-generic linux-server 2>&1 | tail -2
<AnirbanHazra> pmatulis: Googling up that kernel is throwing up : http://wiki.openvz.org/Download/kernel/rhel5/028stab060.2
<_ruben> told ya it looked redhat'ish :)
<AnirbanHazra> _ruben: No clue , the VPS admins have installed it . Will I face any major problem due to that ?
<uvirtbot> New bug: #433483 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/433483
<pmatulis> AnirbanHazra: so your kernel = mainline + red hat stuff + openvz stuff
<_ruben> AnirbanHazra: wouldnt know, i dont like "virtualization" products like openvz a single bit, though
<AnirbanHazra> _ruben: But not everyone can't afford dedicated server in this world and shared hosting is also not for everybody !
<_ruben> AnirbanHazra: true, doesnt make me like openvz though :)
<pmatulis> AnirbanHazra: don't worry, a linux kernel cannot differ much from another linux kernel, just different options turned on/off to introduce certain features and maybe a few quirks to handle special hardware
<AnirbanHazra> _ruben: Actually I am also a bit suspicious also because even on a clean OS installation Virtualmin installation script failed .
<_ruben> virtualmin is based on webmin which isnt supported on ubuntu
<AnirbanHazra> _ruben: !!!!?????
<_ruben> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<AnirbanHazra> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<AnirbanHazra> thanks
<AnirbanHazra> It seems that OpenVZ uses its own kernel for any distro while creating VPS. Don't know whether that will cause an issue or not ?
<uvirtbot> New bug: #442125 in bacula (universe) "Bacula daemons are not started during system boot" [Undecided,Incomplete] https://launchpad.net/bugs/442125
<uvirtbot> New bug: #442498 in openldap (main) "karmic openldap cut-to-bone-and-beyond install, why ????" [Undecided,New] https://launchpad.net/bugs/442498
<PleXuS> could this bug let hang my ubuntu server? -- > http://pastebin.com/d6924717b
<PleXuS> it freeze when I had heavy network traffic
<uvirtbot> New bug: #442575 in munin (universe) "munin-node is not started during system boot" [Undecided,New] https://launchpad.net/bugs/442575
#ubuntu-server 2010-10-04
<eriksson25> Dont understand
<eriksson25> Anyone around that is proo on proftpd
<iarp> eriksson25: what's wrong with vsftpd? aside from not being able to restart
<eriksson25> Well, I have been using proftpd for a long time. But since updating to latest the tls support dosent work. So I looked at vsftpd but its virtuel user suport is so messy to set up. And since I only need to get tls to work on proftpd for everything to be set up I wanted to give it a other chanse
<fluvvell> eriksson25, I'm not proo on proftp, but the upstart message is fairly clear - its an "improvement" on the standard service starting mechanism
<fluvvell> I have one instance of proftp working on a server , but its a simple setup
<electrofreak> where do /dev/md_d*p* come from? I have /dev/md_d3 and /dev/md_d3p[1-4] for some reason, and I can't get rid of them.
<electrofreak> mdadm --stop /dev/md_d3 will work, but I can't get rid of the p1-p4
<martin-> electrofreak: you want to remove the array?
<electrofreak> martin-, I don't know where it came from.... so..... yes
<Dravekx> how is the release date looking for Maverick? :)
<martin-> electrofreak: mdadm --detail /dev/md_d3, mdadm --stop /dev/md_d3 and mdadm --zero-superblock the devices that are part of the array
<martin-> md_d3p[1-4] are just partitions on md_d3, so they should disappear when you stop /dev/md_d3 I think
 * fluvvell is annoyed that when he hit enter on "Commit partition changes and write to disk", it suddenly started installing the root system before he has his raid1 partitions allocated
<electrofreak> martin-, they didn't disappear.. :-/
<electrofreak> these might be coming from some external HDD I used to play with a linear "raid"
<electrofreak> I thought I zero'd out the whole drive when I saw done... maybe not
<martin-> if you zero the superblock on the raid members and reboot, they should be gone
<martin-> I'm assuming you have backups of course :)
<electrofreak> martin-, hah, yea.... ideally. My storage volume kinda out grew the external drives...
<electrofreak> I think I was working on playing with btrfs + compression and stuff... never got back to it though...
<martin-> hehe
<electrofreak> so, is 10.10 going to be a 2.6.35 kernel? or 2.6.34?
<electrofreak> I haven't been keeping up with it
<Dravekx> I have 2 drives installed: /sda and /sdb, what is dm-0???
<martin-> I just installed 10.10 desktop on my laptop, which is .35
<martin-> Dravekx: dm-0 is a mapper device used by lvm, dm-crypt etc.
<Dravekx> martin-, ah...
<aegis> Hi all...  I'm restoring my server after having to rebuild my RAID array...  I was wondering if anyone could direct me to information for ensuring that GRUB2 will recognize my new mdadm RAID array as well as what I need to do to update mdadm on the system.
<electrofreak> aegis, the initram should have what is needed for RAID... which is built when you install a kernel...
<electrofreak> if you install mdadm... I think by default it'll detect your array(s)...
<aegis> electrofreak: the problem is I'm restoring my system from backups...  the backups most definitely have different UUID's for the raid arrays since these are new.
<electrofreak> edit /etc/mdadm/mdadm.conf
<aegis> I can probably edit /etc/mdadm.conf
<aegis> right
<aegis> but I still think grub is going to throw a fit when I go to boot the system...  actually, I think grub may not even pop up to be honest...
<electrofreak> did you run grub-setup?
<twb> IIRC the default behaviour is to scan all partitions for md arrays, and activate any it finds.
<electrofreak> or grub-install
<Dravekx> Ahhhh... upstart change. :(
<twb> That is, in an initrd that was built after mdadm was installed.
<aegis> electrofreak: I just rebuilt the arrays using sysrescuecd and am in the processes of restoring the filesystem from backup onto the array...  That's where I am right now...  When it finishes, I will have a RAID 1 and RAID 10 array with my system as it was 3 days ago...
<twb> Sorry, I tell a lie.  In 8.04, at least, mdadm.conf is copied into the ramdisk and appears to only assemble pre-defined arrays.
<aegis> electrofreak: So should I try to rub grub-install or grub-setup from the rescuesyscd I have up now?
<aegis> twb: So do you think if I just change the UUID's in mdadm.conf that it will boot?
<twb> aegis: you will need to change the UUIDs in the *ramdisk* mdadm.conf.
<electrofreak> I would chroot into your restored install, then run it from there.
<electrofreak> UUIDs can be found with blkid
<twb> aegis: you can do this by editing the chroot and running "update-initramfs -u -k all", or by doing it by hand with cpio
<aegis> AHHHH, great idea
<twb> You can, of course, simply tell mdadm to create the array with the old UUID
<aegis> I forgot about chroot... interesting...  that opens up some possibilities.
<aegis> twb: the arrays are already created though and LVM installed on top...  the system is being restoring onto the lvm as I type...
<twb> something like mdadm assemble /dev/md0 /dev/sd[ab]1 --update=uuid --uuid=XXXX:XXXX:XXXX:XXXX
<twb> One of my failover products works by making the failover host have the same UUIDs as the "real" host.
<aegis> twb: that's interesting...  that sounds like that might be the easiest thing rather than to hunt throughout my system to find all the places it might be referenced...
<aegis> electrofreak: so when I chroot into the system, are you recommending I run grub-install?
<electrofreak> aegis, well... you need a bootloader.... so yes
<aegis> electrofreak: so, grub-install versus update-grub?
<electrofreak> either might work
<aegis> cool...  I'm just researching the update-initramfs command twb recommended as well...
<twb> aegis: you'll want to do it for the LV names and filesystem UUIDs, too
<twb> aegis: you can't fix the MACs of the NICs, though, so you'll want to edit or delete /etc/udev/rules/*persistent-net.rules
<aegis> twb: okay, I'm a little confused now...  what will I want to do for the LV names and filesystem UUID's now?
<twb> Oh -- and if you make UUIDs match, NEVER EVER EVER put both the old and new disks in the same box at the same time.
<aegis> twb: these are the same disks
<twb> aegis: make them match the old box (or hunt down references to the old UUIDs and update them, e.g. /etc/fstab)
<aegis> twb:  the disks were just rebuilt into a new array
<twb> aegis: oh, you're restoring from tape or something?
<aegis> twb: from tar... basically...
<twb> okey dokey
<aegis> twb: so if I delete those rules, will they be recreated somehow?
<aegis> twb: I did use mostly the same LV names...  I figured that would be the easiest thing to fix by editing /etc/fstab anyway...
<twb> The persistent-net.rules file is generated by the persistent-net-generator.rules file in the same directory (or in /lib/udev/rules.d/ in newer versions)
<aegis> twb: okay, the nic thing shouldn't be a problem though right?  it's going in the same box...  so the MAC for the NIC should be the same...
<aegis> twb: do you agree?
<twb> Yeah
<aegis> what does the -u -k all switch do for update-initramfs?  errr, I'll just read the manpage. ;)
<Dravekx> W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://extras.ubuntu.com maverick Release: The following signatures couldn't be verified because the public key is not available.
<twb> Magic
<Dravekx> LOL
<aegis> oh, so that will affect all the kernals...
<aegis> kernels rather
<twb> -k all is basically because you're probably running a live CD so "uname -r" is the wrong mojo
<twb> s/is/gives/
<aegis> twb: but even if I'm chrooted?  uname-r should work for the chrooted system, right?  or will it go back to the host?
<twb> Dravekx: you need to install the appropriate key
<twb> Dravekx: for official archives, that's usually "apt-get install foo-archive-keyring" or so -- for PPAs and such, you'll need to use gpg(1) and apt-key(8).  Join #debian-bots and /msg dpkg apt-key XXXXXX, where XXXXXX is the key hash mentioned in the error.
<aegis> uh oh...  my tar just gave me an "tar: exiting with failure due to previous errors"... :(
<twb> aegis: chroot doesn't change the kernel
<twb> aegis: and now you've just learned why tar is a bad archive format
<aegis> twb: any idea how to figure out what errors ?
<twb> Not offhand
<aegis> no problem... thanks for your help though!  I'm closer to getting this fixed... if I can figure out what files had errors I might get there. :)
<twb> Er, what tar said is "I stopped unpacking partway because I had a problem"
<twb> (I think.)
<twb> I'd be diffing the lslR you generated at archive time with the current one.
<aegis> twb: roger that...  I'm just trying to find out what the problem might be...  if it is the fact that I created certain directories already prior to extracting, that's fine... but if it lost files, that's more serious...
<aegis> twb: not exactly sure how to do that...  sounds like a good idea though.  They should be almost identical
<twb> Well, it assumes you did an "ls -lR / >/lslR" or so before the problem occurred
<twb> That is, because you made the tarball
<twb> That is, BEFORE you made the tarball
<aegis> well, it's a backuppc archive
<twb> I'm not familiar with backuppc
<aegis> I created a tar from that
<twb> I guess you could try something like "diff -u <(find / -xdev -ls | sort) <(tar tvf /dev/rmt | sort)"
<twb> Where / is the chroot dir and /dev/rmt is your tarball
<twb> The trick will be to get the line format to match so diff doesn't have a whole lot of false positives
<aegis> twb: I'm trying to just chroot into it now...  not working out so well... lol  Backuppc did give me this report when creating the tar:  bin$ /usr/share/backuppc/bin/BackupPC_tarCreate -t -n -1 -h localhost -s '/' / > /mnt/data1/try/restore.tar
<aegis> Done: 119909 files, 50597613663 bytes, 18531 dirs, 9994 specials, 0 errors
<Dravekx> anyone have a tutorial on auto mounting a second drive on startup?
<twb> Dravekx: put it in /etc/fstab
<Dravekx> twb, do I need to add the UUID for that? or can I simply specify /dev/sdb ?
<twb> Either will do
<Dravekx> great.
<twb> But note that drive names are increasingly allocated dynamically
<Dravekx> so the UUID would be a better recommendation?
<twb> If you can assume udev (which you can for Ubuntu), then UUID or LABEL is more future-proof than drive name
<Dravekx> ok thx
<knolls> i'm trying to find where my databases are stored in sql.  the only way i've ever been able to transfer them is through export feature in phpmyadmin.  is there a way i can manually recover them?
<twb> knolls: mysql databases typically live in /var/lib/mysql
<twb> Obviously you cannot simply copy the files while the database is active, because they're incoherent.
<twb> Either stop the database before copying the files, or use the mysql-specific dump command.  #mysql or the Ubuntu Server Guide are probably good places to learn about that.
<fluvvell> oh woes of 10.04 server.  Can anyone tell me what the virtual machine support is that is referenced in the install ?
<twb> fluvvell: probably KVM
<twb> Are you looking at the tasksel screen in d-i?
<fluvvell> way past that twb, have a running system. So much is different to hardy.
<fluvvell> I've botched the raid install, was trying to do it by hand
<fluvvell> Might be better to start again.
<aegis> Well, I think I may have figured out part of my problem...  I was trying to chroot from a 32 bit live cd into a 64 bit system...  I think that probably doesn't work so well.
<fluvvell> Wait, my raid1 array has changed its name, its not /dev/md0 anymore, its... /dev/md_d0 ? and only has one element Whaaat ?  Is this normal behaviour?
<twb> FSVO well = at all
<twb> fluvvell: oh, that.  You're screwed.  I don't know how to stop that
<twb> fluvvell: basically what's happening is that post-install, the two RAID1 partitions are recognized as a single RAID1 *disk* with two partitions *inside* the array
<twb> I "solved" that problem by installing 8.04 instead
<fluvvell> twb, :-S
<fluvvell> twb, I've managed to --auto-detect and start the original array, but the second hard drive is the one thats showing up as the md_d0 and md_d1
<fluvvell> doesnt mdadm have a way of knocking off an array ?
<twb> I don't know, man
<fluvvell> I guess I need to find the changelog of software raid.
<fluvvell> Why do they screw around with stuff like this without telling us?????
<twb> Because where Debian is run by a committee of conservative pedants, Ubuntu is run by a handful of Canonical employees
<twb> So they Just Do Stuff, and sometimes it works great, and sometimes they go "oh, oops, that actually totally breaks one in eight machines.  Oh well, they aren't desktops"
<twb> Not that I'm bitter...
<fluvvell> no, not a bit lol.
<twb> Having seen how well per's conservative startpar work WORKS on Squeeze, I'd put all of upstart into the latter bucket
<fluvvell> err, ok.  I'm not really following debian squeeze, but there is times when ubuntu's pressing forward really bugs me too.   btw, I just tried the grml disk that someone recommended the other day, and .. well it left me less than satisfied.
<fluvvell> particularly that I couldn't chroot into my system, it grizzled on about zsh stuff
<twb> Well, grml is a fork of Debian
<fluvvell> yeah, got that part.
<twb> Try Debian Live,
<twb> it's *not* a fork
<fluvvell> yeah, well I'm either past that... 10.04 is booting (very quickly I might add) but just the raid stuff is a pig.
<fluvvell> so I either reinstall, or
<fluvvell> Oh I might as well.
<fluvvell> great, the raid configuration utility in the cd is clearlyl screwed.
<qman__> so, my file server locked up again last night, and even though I have auditd installed, there was nothing in /var/crash
<qman__> am I right in assuming it pretty much guarantees hardware fault?
<twb> I'm not familiar with auditd
<twb> But obviously if you have e.g. a kernel panic, it will be hard for it to then write stuff via the filesystem
<qman__> I don't think it's a kernel panic, but I don't know for sure, it just drops off the network with a blank screen and no keyboard response
<qman__> any time I've had a kernel panic on screen the keyboard flashed too
<qman__> but this one just halts, basically
<qman__> one time it responded to sysrq commands to sync and reboot
<qman__> this last time it didn't
<reggi> hey everyone
<reggi> anyone know anything about how to setup a PXE network boot server? If so do you know a 'how to' so I can learn how to do it myself?
<demonspork> how do I keep iftop from figuring out that my local IP address is myserver.local without the -n option because I still want to see the reverse lookups on the remote hosts, I just need to distinguish between each IP address while looking at it, because now they are all lablled "servername.local"
<twb> reggi: apt-get install di-netboot-assistant
<demonspork> it used to do what I wanted, just showed my the local IP address that was making the connection but it randomly decided it wanted to start just telling me that useless "servername.local" crap
<twb> demonspork: edit /etc/hosts or wherever your nsswitch.conf is configured to reverse-resolve those IPs
<reggi> hey twb thanks for replying. i'll check it out - by the way, do you have experience with network booting?
<demonspork> so I could put a name on them? could I name them after themselves? like " 1.2.3.4         1.2.3.4"
<twb> reggi: http://prisonpc.com <-- is me
<twb> IOW I run some diskless netboot farms
<twb> demonspork: er, no.  You'd remove the entry entirely
<twb> demonspork: of course, that will almost certainly break OTHER things, that DO need to reverse-resolve your local IPs
<reggi> twb - nice work man
<qman__> you could just pipe the results through a sed for easier reading
<twb> qman__: eh?
<twb> Oh, ntop.  I think ntop is a curses application, not a stream.
<qman__> oh, ok
<twb> And I *think* his problem is that he has mapped all his addresses back to a single name, so he can't tell which is which
<demonspork> so why would it have suddenly changed from just seeing the IP address to resolving to the servername.local
<demonspork> twb, yeah, that is what is happening
<twb> e.g. his ntop has both 127.0.1.1 and 10.0.0.1 mapping to wankfest.example.net
<demonspork> I can't tell which is which
<qman__> ah
<demonspork> iftop actually
<qman__> well, the solution would be to unmap them or map them to different names
<demonspork> but why would it have changed?
<twb> demonspork: you could also change the mapping such that the canonical name is something like 1.1.0.127.wankfest.example.net
<qman__> but you need to make sure that won't break anything
<qman__> either your name resolution has changed, or that function was broken for some reason and an update fixed it
<demonspork> even BandwidthD used to give " 1.2.3.4 - Configure Reverse DNS for this IP"
<demonspork> but now it says "servername.local
<demonspork> "
<qman__> well, the solution is to modify your name resolution so that the different addresses have different names
<demonspork> if I used the /etc/hosts file does the name being applied have to be a fully qualified domain name, or does it not matter
<qman__> depends on what your applications want
<qman__> apache needs an FQDN
<reggi> hey twb are you free for a couple of minutes so I can pick your brain on something related to network booting?
<demonspork> does a FQDN need to have a true reverse lookup set up on the IP, or can I just set it in the hosts file and leave the actually reverse DNS setup for later
<twb> By convention, one would put in /etc/hosts "IP FQDN [ CNAME ... ]"
<twb> demonspork: that depends on the application
<twb> reggi: ask away
<reggi> thanks twb
<reggi> twb, i'm a computer technician, work from home. i do lots of virus repairs / windows reinstalls.
<reggi> i would like to be able to network boot a computer and have the option (in a menu) to choose to install xp, vista etc over the network, or run diagnostics (UBCD).
<reggi> my current setup is as follows...
<reggi> 1 gateway which acts as the DHCP
<reggi> 1 linux laptop (ubuntu desktop 10.04)
<twb> I don't know about installing Windows or UBCD over the network, but otherwise, that's possible.
<reggi> a couple of pc boxes.
<reggi> ok twb, my question is this
<reggi> is it possible to setup the network boot server on a virtualbox machine (on my linux)?
<qman__> IME virtualbox's networking leaves something to be desired
<twb> netbooting requires broadcast, so basically you need to be on the same network
<reggi> or will it not work because the dhcp is already provided by the gateway
<twb> That *probably* means that it will work with a vbox virtual server iff you're bridging, but NOT if you're routing or masquerading
<qman__> for that reason among others I'd suggest breaking this section of your network off from the rest by a router
<reggi> ya i always set the virtualbox network adapter to bridge mode
<Dravekx> where is the setting to allow php after chrooting sftp?
<reggi> i see
<reggi> yeah that was suggested actually, to create a separate network for the purpose of network boot server
<qman__> you could accomplish the same thing by putting two NICs in your netboot server
<qman__> Dravekx, there is no such thing as a "setting to allow php"
<reggi> oh yeah so  putting two nics = two seperate networks
<qman__> you need to configure file permissions correctly
<reggi> oh well looks like i'll have to set up a seperate network
<reggi> although it would have been handy to stick on the existing network and use my Nas (freenas) for storing images
<qman__> you can still route between the two
<qman__> though I'd be careful about that, since you mentioned you're dealing with viruses
<Dravekx> qman__, php is disabled in home directories after setting userdir.
<reggi> i can? would that mean my existing network would be 192.168.0.0 and the PXE network could be 192.168.1.0?
<qman__> reggi, yes
<reggi> ahah
<Dravekx> qman__, I found it. :)
<qman__> you don't need NAT, just regular routing
<qman__> and I suggest a firewall
<reggi> hmm
<qman__> you don't want your infected windows machines doing anything nasty
<qman__> just basic internet access, plus access to your file store
<reggi> maybe what I'll do is learn to setup this PXE in a separate network before joining networks.
<qman__> have you already squared away the part about booting windows installs?
<qman__> I've not seen that done and am somewhat interested
<reggi> yeah I actually saw a youtube vid of someone who had setup a neat little network boot with menu
<reggi> where you can choose which version of windows to install
<reggi> so rather than putting the install CD in the drive (which takes a long time to complete the installation process)
<reggi> you basically install over the network, so basically the relevant version of windows ISO is transferred to the computer as it is required.
<reggi> lemme look for that youtube vid.
<reggi> http://www.youtube.com/watch?v=-Xi0xRVlxbk
<qman__> thanks
<reggi> http://www.youtube.com/watch?v=zUajpWii_c0
<reggi> nah those vids arent it
<reggi> it's missing the menu...lemme look for it
<demonspork> lol, reading back, a few months ago I slapped together a virtual box and bound it to one of the ethernet ports on my laptop and installed Ubuntu via a PXE boot on a laptop with a bad CDROM that did not support USB booting
<reggi> FOUND IT!
<reggi> http://www.youtube.com/watch?v=mJZsDQtmQvg&feature=related
<qman__> I know it's pretty easy to do with linux
<qman__> but installing windows is trickier
<reggi> unfortunately the creator of this utube vid does not provide a 'how to'
<qman__> yeah, he shows it off, but doesn't actually say what software it is or how to set it up
<reggi> wait a sec
<qman__> oh, UDA
<reggi> what are those two links in the description?
<reggi> is that it?
<reggi> that utilities menu
<reggi> has links to installing different versions of windows, accessing acronis, and other utilities
<echosystm> i need a bit of help
<echosystm> im looking to consolidate all my network gear into one low power computer running xen or kvm
<echosystm> i'd like to know if it is possible to dedicate a NIC to a xen or KVM instance, without the "host" being accessible on that interface
<echosystm> i know in vbox/vmware you can do things like NAT or bridged, but the host OS is visible on that NIC
<twb> echosystm: AFAIK it is
<echosystm> i want the host to be invisible to the outside world
<twb> Don't assign an IP to the host OS on that iface
<echosystm> it should look like a collection ofphysical devices, not one
<echosystm> rightyo
<twb> Note that's just SPECULATION
<echosystm> ok
<twb> I plan to do that, but I haven't actually tried it yet
<echosystm> anyone with xen/kvm experience able to confirm?
<twb> It will also matter if you're running libvirt, since that gets its greedy fingers into the network configuration
<echosystm> howso?
<twb> Because obviously if you're doing it via libvirt you're stuck with whatever libvirt can do
<twb> Whereas if you set it up by hand, you aren't
<echosystm> ah yeah
<echosystm> what happens at the moment is this...
<echosystm> (wireless adsl modem)--wireless--(my access point)--(switch)--(my computers)
<echosystm> because i share a unit with other people
<echosystm> i need to create a DMZ, because im setting up a few servers here... so it would look like
<echosystm> (modem)--wireless--(AP)--(unsecure stuff / router)--(safe stuff hanging off router)
<echosystm> theres going to be cables going everywhere
<echosystm> so... what i want to know is if it is possible to just go like this...
<echosystm> (modem)--wireless--(xen/kvm server)--(safe stuff)
<echosystm> does that make any sense at all?
<echosystm> my AP/router/servers/whatevers will all go in that xen or kvm box
<qman__> I have done that before
<qman__> with vmware server 1.x
<qman__> simply don't assign the host an IP
<qman__> effectively completely inaccessible
<qman__> you would, however, still have to worry about kernel bugs and exploits for the host OS
<twb> And ARP
<echosystm> ARP?
<_Techie_> any good tutorials for setting up cups for an HP laserjet 2100m or similar ( lpt port ) ?
<twb> MAC <--> IP resolution
<twb> In IPv4, ARP is used for that and it happens below the IP layer
<echosystm> doesnt it somehow magically handle that too?
<echosystm> oh wait
<echosystm> nevermind
<echosystm> sorry
<qman__> the host kernel would still be vulnerable to ARP poisoning attacks
<echosystm> yep
<twb> echosystm: it only matters if you have a rogue ARP poisoner on the local network
<echosystm> what is the worst that can happen from an ARP poison though?
<twb> echosystm: MITM attacks on your online banking
<echosystm> oh.
<echosystm> do not want
<qman__> anything from complete network outage to MITM snooping whatever they wish
<echosystm> is that any more or less likely with xen/kvm though?
<twb> Of course, if your bank actually a fucking clue how to do security, and your users had a clue about not just clicking through SSL errors, you probably wouldn't be vulnerable
<qman__> it's got nothing to do with them
<twb> You *can* turn off ARP and hard-code MAC resolution, of course.
<qman__> static ARP is the workaround, if you have to worry about that sort of thing
<echosystm> i see
<qman__> an attacker needs to be on the same switched network as you to do it
<twb> Or switch to IPv6 only, which replaces ARP with IPsec-secured ICMPv6
<echosystm> i think ipv6 would be a source of brain hurt, so i might give that a miss :P
<twb> Sorry, I forgot the ";-)"
<echosystm> so just to clarify, i would definitely be no more or less secure from ARP attacks than if i wasnt virtualizing everything?
<echosystm> im a bit confused
<qman__> yes
<echosystm> excellent
<echosystm> thanks :)
<alex88> can someone nmap my ip? i'm trying a firewall
<twb> echosystm: ARP poisoning is pretty bottom-of-the-barrel as far as attacks go
<twb> Especially since you'll probably be running PHPMyAdmin and wordpress and other random, totally insecure, services
<alex88> phpmyadmin and wordpress are totally insecure?
<twb> Well, they sure get lot of CVEs
<twb> And obviously anything that allows arbitrary users on the internet access to your database using single-factor authentication is bound to be Bad News
<alex88> well, for plugins..not itself..
<alex88> registering is disabled in wp
<twb> http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=wordpress
<alex88> seen..none about version 3.0
<alex88> is syslog replacing klogd
<alex88> ?
<alex88> mmhh..when starting /etc/init.d/klogd it remains in "* Starting kernel log daemon.."...any clue?
<alex88> i need it to log firewall rules
<twb> Erm, historically syslogd and klogd were separate daemons provided by the same sysklogd package.
<twb> As at 10.04, rsyslogd (I believe) performs both actions
<alex88> i've 10.04 server..csf firewall tell me "syslogd appears to be running, but not klogd which logs kernel firewall messages to syslog. You should ensure that klogd is running"
<alex88> cause i have problem tracking port scan..that's why i've asked someone to portscan me
<twb> If rsyslogd isn't installed then somebody fucked with the defaults
<twb> It could be that your "csf firewall" is reporting a false positive
<alex88> syslogd is running..
<twb> rsyslogd, not syslogd
<alex88> dunno what to do..
<twb> Complain to your VPS vendor that they've messed with the Ubuntu defaults?
<alex88> and what should i say?
<twb> That the 10.04 default syslogd is rsyslogd, but it appears you've got sysklogd, and its klogd component isn't running
<twb> At least, that's the evidence you've reported to me -- you may be misinterpreting it.
<corpsegrindr> Hi, When ever i transfer a file to or from my media server i seem to lose my network connection after a few seconds. Any ideas as to what might cause this?
<tydeas> I have an "issue" I always have more than 1 apache processes running in my server
<tydeas> http://pastebin.com/R3Mss13y
<tydeas> it this an issue?
<alex88> tydeas: no it's not
<tydeas> alex88: why this happen?
<alex88> cause apache uses more server executables to process more requests..
<alex88> you can change that value in /etc/apache2/apache2.conf
<ttx> Daviey: around ?
<kinygos> hi, i'm running ubuntu 9.04 and grub 0.97, and attempting to configure grub to boot from my raid partition.  i have grub installed on the disk, but in menu.lst, i need to specify the uuid for the /boot and / partitions.  i need these to be md partitions, but they're not loaded/mounted at boot time so grub cannot find them.  is it enough to put raid1 in /etc/modules?  or does this mean it's loaded after the kerne
<Zeu5> hi i bought domains in name.com and i am a new bie. am using an ubuntu server. what do i do so that my domain refers to /var/www/app/trunk folder?
<Zeu5> anyone here?
<alex88> Zeu5: you need to add virtualhosts in apache
<kinygos> Zeu5: i'm a newb too...but what do you mean "so that my domain refers to /var/www/app/trunk"?  do you want to serve web pages?
<alex88> where iptables log goes?
<alex88> i've some iptables rules like "17     216 12888 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 0 level 4 prefix `Firewall: *TCP_IN Blocked* '
<alex88> i can see those in dmesg, but neither in any file in /var/log
<_Techie_> what can i use to proxy non SSL IMAP connections, to a server that only allows connections with SSL?
<alex88> proxy to?
<_Techie_> yes
<_Techie_> proxy from a non ssl capable mail client, to a mail server that only supports connections with ssl
<alex88> if it only ssl you can't use non ssl clients
<_Techie_> alex88, theres a reason why im after a way to proxy the connection
<alex88> well, so you're asking for a proxy that encrypts to ssl and then connects to server?
<_Techie_> yes
<Daviey> ttx: Yes.. sorry - irc didn't hilight me - oddly :/
<TheInfinity> Hi everyone ... I have a really strange samba problem ... I have a smb domain @ lucid with printers via cups. Accessing cups without samba works, adding printer drivers too, connecting and adding to windows too, but printing itsself does not work
<TheInfinity>  rpc_server/srv_spoolss_nt.c:8386(_spoolss_AddForm)
<TheInfinity>   _spoolss_Addform: denied by insufficient permissions.
<TheInfinity> i get this error which cant be found via google which is the strange part of it
<TheInfinity> (using log level >= 2)
<TheInfinity> anyone has a suggestion where to search? samba does not give any hint which permission might be the problem, just this error. which makes me a little helpless.
<alex88> with cat /proc/kmsg i can see the iptables log, how can i transfer to syslog?
<nimrod10> is any of you using collectd for server statistics ? I am interested to know which tool you're using to graph the rrd files that collectd gathers.
<henninge> I have a small 10.4.1 server running here and I installed the latest updates on Saturday which included a kernel update (I guess it must have been 2.6.32-24.43).
<henninge> Now the system will not boot because /dev/mapper/severname-root does not exist.
<henninge> I assume this must be an error in the initrd but I don't really know how to fix that.
<alex88> tried to bood from old kernel?
<henninge> Also, I don't see a grub prompt before that. How do I get into the grub menu to anyting?
<henninge> alex88: ^ ;)
<henninge> I don't get a chance to pick a kernel.
<kinygos> henninge: press Esc to get into grub menu at boot time...by default, you get 3 seconds...
<kinygos> henninge: you can get to the prompt from there
<henninge> kinygos: let me try that. I admit, I am a bit rusty on grub usage ...
 * RoyK is impressed - Ubuntu on Hyper-V is _fast_
<alex88> btw i'm trying to catch iptables logs, they're shown fine in /proc/kmsg but i need they go into syslog, in /etc/syslog.conf i've added line kern.warn -/var/log/syslog, but there are no logs in there, /var/log/kern.log shows "No module symbols loaded - kernel modules not enabled"
<henninge> kinygos: no luck :( I can press (hold, repeat) ESC for as much as I like, I don't get any output (just a blinking cursor) until it says "Gave up waiting for root device".
<henninge> Can I not reach the grub config from the shell that it drops me to?
<kinygos> henninge: admitedly i'm using grub legacy (v0.97) but during boot it shows "starting grub" with a countdown to launch the menu during which you hit Esc
<kinygos> *admittedly
<henninge> kinygos: yes, that's what I remember, too. But I am not seeing any of that.
<_chris_> heja guys
<_chris_> kinda have problems mounting an usb stick
<henninge> kinygos: this is a new install of 10.4.1
<_chris_> i plug it in, messages log says "scsi7" but cant find sca or something in /dev
<kinygos> henninge: from that prompt you're at, you should be able to cd /boot/grub, but i'm not sure if you have access to any text editors there
<kinygos> henninge: perhaps you can load vi and then edit the configs...or do something more ingenious with grep
<henninge> kinygos: no boot dir ?:(
<alex88> what's the difference between syslogd and syslog-ng?
<kinygos> ouch...not mounted
<\sh> alex88: different syslog implementations...
<alex88> \sh: because i have problems with klogd and sysklogd because i can't see warn kernel logs that are in /proc/kmsg in /var/log/kern.log. can it be a solution?
<\sh> alex88: which release of ubuntu? we switched during lucid times I think to rsyslog as default syslog app
<alex88> \sh: 10.04, init.d has /etc/init.d/sysklogd, and i can't start klogd because i'm on vps and it's unable to use on openvz..
<alex88> i'll try with that..thank you..brb going to eat now
<ircleuser> Hi! I
<Guest81533> just out of curiosity if i'm installing ubuntu-server to a drive why would it put grub on a seperate drive?
<magnuso> Hi! I was wondering if someone could provide some help with installing Grub?
<_chris_> anyone can help me ? i cant mount an usb stick, i plug it in and /var/log/messages it is on device scsi7 , but it seems to not appear in /dev
<henninge> _chris_: is the device really "scsi7"?
<_chris_> thats what comes up in messages when plugging it in
<henninge> _chris_: is there no message about "sda" or "sdb" etc. ?
<_chris_> no , its only "scsi7 : usb-storage"
<_chris_> well, actually it is scsi9 now cause i unplugged it 2 times
 * henninge tries on maverick desktop
<_chris_> ah sorry, need to mention this is not ubuntu related, im on an esx server
<henninge> ...
<henninge> yes, I guess that is important.
<henninge> _chris_: here is what I get when I plug in an usb stick. http://paste.ubuntu.com/505654/
<henninge> so, it is scsi12, but the device is /dev/sdb
<_chris_> ok
<_chris_> yea
<henninge> _chris_: I guess the process that does that mapping is missing on your machine?
<_chris_> the only message that comes up here is line2 from your pastebin
<_chris_> what would that be then ? udev ?
<_ruben> _chris_: esx has very limited usb support, and you're better off asking in #vmware anyway
<_chris_> _ruben, ah ok didnt know there was channel, ill have a try there
<_chris_> thx anyway :)
<alex88> \sh: using syslog-ng worked perfectely
<alex88> *perfectly
<Guest81533> i just did a fresh install on a brand new drive.. made sure that it was the only drive in the machine to avoid accidently overwritting important data... let the installer do the guided install using full disk... everything installed without errors... just reboot for first boot... got Kernel panic - not syncing: VFS: unable to mount root fs on unwn-block(0,0)... please help i have to have this fileserver up and running for my
<Guest81533> users ASAP... work day is starting ... ahhhhh hard drive crashes are such a pain... first drive to ever fail on me!
<\sh> alex88: well..syslog-ng is not multi-core compatible (at least the last time I used it) since a couple of months/ 1 1/2 years, we are using rsyslog now here @office
<\sh> alex88: and it could be that the syslogd fragment is still on your system, and wasn't cleaned up somehow
<binBASH> moin \sh
<\sh> hey binBASH
<alex88> \sh: if there are some syslogd fragment they're not used.. i've checked some files and they're working fine.. just the kernel thing that now works..
<alex88> i mean files in /var/log
<kinygos> i'm trying to get my remote server to boot from a raid drive. i've installed grub on the underlying disk and i can boot from it if i point at the root partition of the non-raid disk...i'm trying to get the raid partition mounted in time for grub.  i've added raid1 and md to /etc/modules, but this isn't enough...
<kinygos> i've read that i need to update my ram disk using update-initramfs -u.  my question is, should i do this when i'm chroot'd to the mounted raid partition?
<kinygos> different question, md_mod doesn't appear to be loaded, but modprobe md won't load it...is ubuntu different?  using 9.04
<kinygos> i don't have any trouble running mdadm though
<tomsdale___> in courier, can I delete all contents e.G. in the folder .Trash ? I'm running out of space.
<tomsdale___> Thunderbird doesn't seem to really delete anything if I delete something via IMAP
<kinygos> RoyK: i've finally done it...all remotely :)
<kinygos> RoyK: i just need to configure notifications, then test failing the drives, but the partitions are synchronising now
<reisi> i have a device that is correctly detected when i plug it in, but could there be a way i could symlink it or change the /dev filename before any /dev file is created for it?
<_ruben> reisi: have a look at the udev documentation
<reisi> _ruben: thanks
<reisi> _ruben: though, i though udev was superceded in latest ubuntus? i guess i was wrong
<zul> ttx: i fixed that rabbitmq-server bug
<_ruben> reisi: not that i know of
<_ruben> (which doesnt mean all that much)
<reisi> oki
<zul> ttx: ping
<ttx> zul: pong
<zul> ttx: can you check out the /etc/network/if-up.d/samba for me the last chunk of it is wrong
 * ttx looks
<ttx> zul: wrong as in... doesn't apply to upstartified scripts ?
<zul> ttx: yeah
<ttx> zul: you want me to do waht exactly ?
<zul> ttx: make sure im not crazy? :)
<ttx> zul: it looks good, but I haven't tested it would fail ;)
<ttx> erh
<ttx> it looks bad, I mean
<zul> heh
<zul> ttx: so if im reading that correctly we should only restart nmbd?
<ttx> zul: apparently yes. "Try to bring nmbd up when an interface comes up, if smbd is already running."
<zul> ttx: k...ill write something then
<ttx> zul: I'd SRU that
<zul> ttx: agreed
<RoyK> kinygos: congrats :)
<kinygos> RoyK: thanks for all your help last week :)
<kinygos> i should really write the procedure up somewhere
<RoyK> please do
<RoyK> I guess more ppl might need that
<kinygos> where would be a good place?
<RoyK> kinygos: https://help.ubuntu.com/community
<kinygos> RoyK: awesome...i'll make a start :)
<zul> ttx: http://pastebin.ubuntu.com/505738/
<ttx> zul: looks good, untested though
 * ttx is deep into that axis2c build failure
<zul> ttx: i just tested it restarted nmbd according to the the log files
<zul> ttx: im surprised no one filed a bug about it
<zul> ttx: uploaded
<ttx> zul: did you file a bug about it ?
<zul> ttx: no should i?
<ttx> zul: if you want it to pass the release team, more than probably
<zul> ttx: k
<uvirtbot> New bug: #654549 in tomcat6 (main) "Cannot Upgrade Tomcat6 when doing release upgrade from lucid to maverick" [Undecided,New] https://launchpad.net/bugs/654549
<ttx> sigh
<uvirtbot> New bug: #654556 in samba (main) "Samba if-up script is incorrect." [Undecided,New] https://launchpad.net/bugs/654556
<elb0w> Has anyone been able to get Adobe AIR to run on 64bit 10.04?
<_ruben> iirc AIR is rather GUI'ish, so not likely to run on a server
<pmatulis> apparently the last lucid kernel update is missing lvm2 in the initrd.  can anyone confirm that?
<hggdh> Daviey: good morning. bug 585108 should be fixed by 2.0-bzr1241-0ubuntu4, correct?
<uvirtbot> Launchpad bug 585108 in eucalyptus "euca_conf --register-nodes returns 0 but the node is not registered" [Medium,Confirmed] https://launchpad.net/bugs/585108
<ttx> Daviey, zul, SpamapS: I need someone to look deeper into bug 600174
<uvirtbot> Launchpad bug 600174 in axis2c "axis2c fails to build from source on maverick/i386" [High,New] https://launchpad.net/bugs/600174
 * ttx tries to reproduce bug 654549 
<uvirtbot> Launchpad bug 654549 in tomcat6 "Cannot Upgrade Tomcat6 when doing release upgrade from lucid to maverick" [High,Incomplete] https://launchpad.net/bugs/654549
<zul> ttx: ill take a crack at it
<ssureshot> I have an nfs file share defined in fstab,,, when the server boots the nfs share doens't get mounted due to the fact the network isnt' up yet.. anyone aware of a workaround other than putting mount -a in /etc/rc.local?
<qman__> well, you could put mount -a in /etc/interfaces/if-up.d/, but it's an equally dirty workaround
<qman__> err
<qman__>  /etc/network/if-up.d/
<ssureshot> right on, I was hoping there was a proper hack lol
<hggdh> zul: there?
<zul> hggdh: ye
<hggdh> zul: about bug 654249 -- should we send it over to the desktop team?
<uvirtbot> Launchpad bug 654249 in libnss-ldap "libnss-ldap create troubles in gnome session when ldap server is unreacheable" [Undecided,New] https://launchpad.net/bugs/654249
<zul> hggdh: yes i think so
<hggdh> zul: thanks, will do
<zul> ttx: i think there is still a nis upstart issue that we havent looked at yet
<zul> ttx: i was going to do it this afternoon
<ttx> zul: ok, file bug if there isn't any, and point me to it
<zul> ttx: ack
<zul> ttx: i was able to reproduce it
<elb0w> um if I change my group and im a sudoer do I lose sudo access?
<zul> ttx: it happens when there is no network
<ttx> hm
<zul> but i need to eat so bbiab
<shauno> elb0w: out of the box, you shouldn't; the default entry is a named user.  do take a look at your /etc/sudoers first tho
<elb0w> I lost sudo
<elb0w> on the one user that had it
<elb0w> when I did a usermod -G and -g
<smoser> could i get someone to sponsor https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/649591 for me please ?
<uvirtbot> Launchpad bug 649591 in mountall "mountall spins eating cpu when 'nobootwait' option exists in fstab followed by a comma" [Critical,Fix released]
<kinygos> why on earth does the server build from my isp have openoffice installed? lol...epic failage
<knolls> if i have ubuntu-server installed and serving, can i apt-get install ubuntu-desktop without affecting the configuration i have currently, and obtain gnome?
<Datz> knolls: afaik, yes.
<knolls> Datz: thanks.
<Datz> sure, haven't personally tried it myself.. but in theory..
<qman__> beware of networkmanager messing up your network configuration
<qman__> otherwise you should be fine
<RoyK> kinygos: heh - your ISP doesn't seem like one I'd use :Ã¾
<qman__> yeah, still using a hacked up version of jaunty
<kinygos> RoyK: indeed...but it's just a burden on me to do more sysadmin kinda stuff, which is good cos i learn :)
<RoyK> kinygos: which version are you running now?
<qman__> if they're not going to update with each cycle, they should at least stick to LTS versions
<kinygos> RoyK: 9.04 at the moment, but i'm removing stuff i don't need like openoffice, mysql, php before upgrading to 10.04LTS (i know 9.10 first)
<RoyK> k
<kinygos> qman__: i know...it's insane...but they're cheap
<qman__> I'm still running 9.10 on my desktop, because it's just the way I want it and it works great
<qman__> I know most people had tons of problems with 9.10 but I didn't
<RoyK> kinygos: remember to set prompt=lts in /etc/update-manager/release-upgrades when you're at 10.04
<qman__> however, I did have tons of problems with 10.04 on my other machines
<RoyK> qman__: what sort of problems?
<kinygos> RoyK: to stop it picking up updates automatically?
<qman__> failed upgrades, requiring lots of manual fixes
<RoyK> kinygos: to stay at LTS until a new LTS is released, even if someone runs do-release-upgrade
<RoyK> the only problems I've seen so far are some initial grub issues and g77 missing
<kinygos> RoyK: thanks :)
<qman__> it broke my torrentflux, grub, my ability to see fsck on boot, on one system it broke my framebuffer
<qman__> I got it mostly straightened out but it was a huge hassle
<RoyK> well, works for me (tm)
<RoyK> I only have 10-15 10.04 installs yet, but then...
<qman__> but I upgraded my desktop to 9.10 in RC, and it went without a hitch
<qman__> and has ran beautifully since
<qman__> so I'm not touching it until 9.10 support drips
<qman__> drops
 * RoyK suspects kinygos will make a decent sysadmin some day if he keeps on working with ubuntu :)
 * kinygos loves working with ubuntu :)
<qman__> agreed
<qman__> I have complaints but they're petty compared to the problems I used to get
<kinygos> well, i haven't done much yet, but what i have done, once i've figured out how to do it, it's made perfect sense :)
<mdlueck> I am having a hard time finding the Ubuntu package name for a Perl CPAN module I like using. It is called Devel::Trace. Am I just not searching for the correct keywords?
<SpamapS> kinygos: did you get your raid done?
<mdlueck> I found the Ubuntu package for Perl CPAN Debug::Trace but that is not what I need
<kinygos> SpamapS: yep :)  am a very happy chap atm
<SpamapS> kinygos: how many months until you can ditch your crappy provider? ;)
<kinygos> SpamapS: thanks for your help too btw :)
<SpamapS> kinygos: its a pleasure.. glad you were able to work around their weirdness :-D
<kinygos> SpamapS: well, if the business is successful then i'll be able to change easily...but whilst there's no revenue from the app, i have to work with a tight budget
<Guest81533> well... i got everything setup on my machine and samba and all was running great... modified fstab to automount the two drives i needed mounted... then reboot and i get /dev/sdb1 already mounted or /fileserver (mount point) busy.. according to mtab /dev/sdb1 is mounted on / ... what might be the problem?
 * RoyK has just moved some VMs to Hyper-V and the speed is _great_ - those MS drivers for Linux guests really work well - I'm impressed!
<qman__> Guest81533, sdb1 is not the correct drive (though it may have been before)
<qman__> use fdisk -l to find the right one
<qman__> ubuntu uses UUIDs by default because of this problem, sometimes disks detect in a different order after an update or configuration change
<Guest81533> qman__, , how could it have changed since i reboot? the drive that has the OS on it is specified by UUID
<Guest81533> qman__, i was going to specify the other two drives that are data drives by UUID but one of them is a removable drive that will be swaped every week to take off site
<qman__> the UUID should stay the same
<qman__> that's why UUIDs are useful
<qman__> unless you format the drive, it should stay the asme
<qman__> same*
<Guest81533> qman__, oddly enough i just put in a liveCD to check my fstab and it boot just fine
<qman__> like I said, the sd?? naming is relative and changes depending on your environment and configuration
<qman__> and is therefore unreliable
<Guest81533> qman__, so if i have two drives that i swap out everyother week they are going to have the same UUID and can be put in the fstab that way?
<qman__> no, they won't
<qman__> they will have different ones
<qman__> but they also won't always have the same sd??
<Guest81533> qman__, ok i'll boot to the liveCD and use UUIDs, just concerned as to how i'm to automount the two drives to the same mount point depending on which is installed at a given time... won't it fail? or will it just mount whichever is there?
<qman__> that, you'd have to test
<mdlueck> What type of drives are being plugged in, USB?
<qman__> the only reliable way I can think to achieve that is to not use automount, but to instead use a script
<qman__> that knows of the two different UUIDs
<Guest81533> qman__, well it is to be used as a backup... i was planning on using rsync and cron... i guess i could use a script to mount before executing the rsync
<mdlueck> If you are speaking of USB drives, I am thinking to use usbmount to achieve a consistent mount point for my USB backup drives.
<Guest81533> mdlueck, its an enclosure that has 3.5" drive in it... I have two that I can alternate which enclose pops in
<mdlueck> Aaahh, some sort of hot swap container then?
<Guest81533> mdlueck, similar, but unfortunatly not hot swapable
<mdlueck> OK, then the usbmount package obviously would not help in your situation.
<Guest81533> so a bash script executed by cron (still need to review how to set that up to schedule the backup) to mount the drive then execute the rsync should be sufficient? or would you suggest perl?
<qman__> whichever you're more comfortable with
<qman__> basically you just need the script to look up attached UUIDs, match against the two you use, and mount that drive
<Guest81533> qman__, shouldn't be that hard... lexicographical scripting is that hard
<Guest81533> isn't i mean
<Guest81533> still annoyed that grub never was installed... can't afford to mess wtih it right now, cuz i need my users to be able to work
<Guest81533> it'd always been installed automatically in the past
<qman__> it still is
<qman__> unless your issue is hardware specific, I'd be wary to use that install
<Guest81533> qman__, i put in a new drive and installed directly from the same disk as i had on the old drive.. i had the disk check for errors on it and didn't find any
<Guest81533> qman__, can labels be used in the fstab or just /dev/sd?? and UUID?
<qman__> did you change the boot order post install?
<Guest81533> qman__, nope
<qman__> I don't think you can, because they're not necessarily unique, but I don't know for sure
<Guest81533> qman__, i thought i had a problem first time i installed because it wouldn't boot, but it turned out to be an option that was turned off the the BIOS... damn previous employee was notorious for turning BIOS options off
<Guest81533> qman__, they may not be necessarily unike but i could then lable the two drives to be swaped back and forth the same and avoid the differnt uuid issue... maybe not worth the effort... it'd be good practice to write a script
<qman__> according to this, you can  http://ubuntuforums.org/showthread.php?t=283131
<qman__> #Data partition
<qman__> LABEL=data /mnt/usr_data ext3 auto,users,rw,relatime 0 0
<jeiworth> hi guys, anyone here has a local ntp server up and running? i am trying to get it to run with ntpd and following some how-tos but it doesn't seem to work :( if i do an nmap on the server it shows me port 123 as closed although ntpd is up and running and configured (well, at least that's what i thought) to provide ntp service to the local network
<Guest81533> qman__, nice... i'lll try the label meathod...
<qman__> jeiworth, I do run local NTP, but I set it up a long time ago, I can share my config if you like
<jeiworth> http://pastebin.ubuntu.com/505857/ <-- current config
<jeiworth> qman__: would be greatly appreceated, thanks :)
<qman__> I'm only noticing two differences
<qman__> I have
<qman__> restrict -4 default kod notrap nomodify nopeer noquery
<qman__> at line 30
<qman__> and I have line 39 commented out
<jeiworth> ok, let's see...
<qman__> oh, 44 is commented out too
<jeiworth> another question, are you using ntpdate on the c,lients or the ntpd as well?
<qman__> 'broadcast' is apparently a deprecated method
<qman__> ntpdate-debian
<qman__> clients should not need to run ntpd
<RoyK> it doesn't hurt, though
<RoyK> good if you want log file timestamps in sync
<jeiworth> <qman__> clients should not need to run ntpd <-- exactly, they should just query the server and set the time once a day
<jeiworth> $ sudo ntpdate 192.168.1.10
<jeiworth>  4 Oct 12:40:36 ntpdate[12821]: the NTP socket is in use, exiting
<jeiworth> hmm
<qman__> yes
<qman__> use ntpdate-debian
<qman__> ntpdate will not work
<jeiworth> ok
<jeiworth> qman__: not in the repo :(
<qman__> it's in the default install
<qman__> sudo ntpdate-debian
<qman__> in lucid, configure the time server for non-ntpd clients in /etc/default/ntpdate
<jeiworth> qman__: aaaaaah
<qman__> in older versions, modify the cron script in /etc/cron.daily
<jeiworth> qman__: ok, with ntpdate-debian it worked, also thanks for the hint with /etc/default/ntpdate! :D
<Guest81533> qman__, thanks for your help...
<krebain> whoops...  >.>  I typed it in to tell you.
<RoAkSoAx> kirkland: ping?
<kirkland> RoAkSoAx: pong
<Bill_> hello?
<RoAkSoAx> kirkland: have you experienced this before: sudo virt-install --connect qemu:///system -n hardy -r 512 -f hardy.qcow2 -s 12 -c hardy-server-amd64.iso --vnc --noautoconsole --os-type linux --os-variant ubuntuHardy --accelerate --network=network:default
<zul> Daviey: PING
<RoAkSoAx> plop
<RoAkSoAx> lol
<RoAkSoAx> kirkland: i mean this: libvirtError: internal error process exited while connecting to monitor: char device redirected to /dev/pts/3
<RoAkSoAx> qemu: could not open disk image /home/roaksoax/.cache/testdrive/iso/ubuntu_maverick-server-i386.iso: Permission denied
<zul> Daviey SpamapS: when you get a chance can you look at #600174 please
<kirkland> RoAkSoAx: sorry -- no.  apparmor maybe?
<kirkland> RoAkSoAx: is your home encrypted, and not mounted?
<kirkland> RoAkSoAx: don't know....
 * kirkland away from keyboard ~15-20 minutes
<jdstrand> more likely libvirt-wemu:kvm doesn't have DAC read access
<Daviey> bug #600174
<uvirtbot> Launchpad bug 600174 in axis2c "axis2c fails to build from source on maverick/i386" [High,Confirmed] https://launchpad.net/bugs/600174
<RoAkSoAx> kirkland: none of that, was working fine yest, today it is not after some package upgrades
<RoAkSoAx> jdstrand: how can I fix it :)?
<zul> Daviey: i was able to reproduce it in my ppa as well
<jdstrand> RoAkSoAx: try 'sudo -u libvirt-qemu -g ls -l /home/roaksoax/.cache/testdrive/iso/ubuntu_maverick-server-i386.iso'
<jdstrand> RoAkSoAx: err
<jdstrand> sudo -u libvirt-qemu -g kvm ls -l /home/roaksoax/.cache/testdrive/iso/ubuntu_maverick-server-i386.iso
<Daviey> zul: AIUI it's just FATFS on amd64?
<Daviey> err, i386
<jdstrand> RoAkSoAx: sigh
<zul> Daviey: i386
<jdstrand> RoAkSoAx: that won't work either
<RoAkSoAx> jdstrand: nope :)
<Daviey> zul: and armel :/
<Daviey> zul: I'll poke i386
<zul> Daviey: meh
<zul> Daviey: drop it ;)
<jdstrand> RoAkSoAx: you just need to make sure that that user can access that file. so, if any of the directories or chmod 0700, then that is a no go
<Daviey> zul: I don't know how much we *need* it.... perhaps we should drop it and it's rdepends.
<jdstrand> RoAkSoAx: my ~/.cache directory is 0700, so I wouldn't expect testdrive to work there
<zul> Daviey: good idea :)
<zul> of course its not my head that will roll
<RoAkSoAx> jdstrand: jdstrand I can access that file. I can even launch a VM using TestDrive, but when I try to do it with virt-install or virt-manager It just through that error
<jdstrand> RoAkSoAx: also, if you use encrypted home, you will have an 0700 $HOME
<jdstrand> RoAkSoAx: oh right, testdrive is kvm only
<jdstrand> RoAkSoAx: libvirt runs VMs as libvirt-qemu:kvm. that is the user that needs access to the file
<jdstrand> RoAkSoAx: if you don't want to change permissions, you can adjust /etc/libvirt/qemu.conf to run as root:root
<RoAkSoAx> jdstrand: the iso permission are being changed: -rw-rw-r-- 1 libvirt-qemu kvm      705077248 2010-08-16 06:22 ubuntu_ubuntu-10.04.1-server-i386.iso
<jdstrand> RoAkSoAx: yes, but every directory in the path leading to that file needs to be accessiable by that user/group
<jdstrand> RoAkSoAx: ie, if your ~/.cache is 0700: boom
<jdstrand> RoAkSoAx: you can also simply move your iso somewhere else
<jdstrand> (that is readable by libvirt-qemu:kvm)
<RoAkSoAx> jdstrand: right but that's the thing, I did use ISO's that were downloaded through testdrive, and used virt-manager to install VM's, and it didn't through that error on saturday
<RoAkSoAx> s/through/throw
<jdstrand> RoAkSoAx: I don't understand "it didn't through that error on saturday"
<jdstrand> RoAkSoAx: there have been no new libvirt uploads. I don't know what happened on saturday, I can tell you for sure that if libvirt-qemu:kvm cannot read the file, it won't work. check your path, move the iso or adjust /etc/libvirt/qemu.conf
<RoAkSoAx> jdstrand: ok thanks :)
<jdstrand> sure, np
<mdeslaur> RoAkSoAx: I'm preparing security updates for clvm in lvm2...do you have any idea on how I can test it?
<RoAkSoAx> mdeslaur: not really. Though, you should ask ivoks since I beleive he works with these stuff :)
<mdeslaur> RoAkSoAx: thanks!
<mdeslaur> ivoks: ^
<raubvogel>  If you are configuring bind9, in which of the three named.conf files would you put the acl's?
<ivoks> mdeslaur: yes?
<ivoks> mdeslaur: ah, clvm
<mdeslaur> ivoks: I need to test clvm for a security update...is there an easy way to do this? or some docs perhaps?
<ivoks> mdeslaur: you would have to set up a cluster with redhat cluster suite
<ivoks> mdeslaur: or... you could enable support for corosync and openais in build
<ivoks> mdeslaur: and then use available doc for thath
<ivoks> that
<ivoks> mdeslaur: i don't really have any docs on clvm in redhat cluster suite :/
<ivoks> mdeslaur: you'll need shared storage in any case
<ivoks> mdeslaur: or, you could just give me the diff and i'll test it :)
<mdeslaur> ivoks: I have packages for dapper all the way to lucid...are you sure you want to volunteer? :)
<mdeslaur> how about this: https://wiki.ubuntu.com/ClusterStack/LucidTesting#BONUS%20:%20RHCS%20Samba%20file%20server%20cluster
<mdeslaur> ivoks: I can try that, right? ^
<ivoks> mdeslaur: oh yeah
<ivoks> i totally ignored RHCS part of that page
<mdeslaur> ivoks: was there anything special in the PPA mentioned there, or should that work with the default lucid packages?
<ivoks> mdeslaur: still, you need shared storage
<mdeslaur> ivoks: I can do that with two VMs, right?
<ivoks> mdeslaur: for RHCS, you don't need additional ppa
<ivoks> mdeslaur: yes
<mdeslaur> ok, thanks ivoks, I'll try and get that working
<ivoks> mdeslaur: i'll probably be online next couple of hours, so ping me if you need help
<mdeslaur> ivoks: sweet, thanks
<RoAkSoAx> ivoks: speaking of which, I'll enable Pacemaker RHCS support for maverick and upload it to a PPA ubuntu-ha-maintainers. Then, we can start working on the library split for natty
<ivoks> RoAkSoAx: ok, you could do that for lvm too
<ivoks> RoAkSoAx: enable it to build with corosync and openais
<RoAkSoAx> ivoks: ok will do. I think I'll just setup a blueprint for natty to discuss library split and trying to get HA for UEC
<RoAkSoAx> ivoks: I'm gonna start testing that
<RoAkSoAx> ivoks: would there be anything else you'll like me to discuss in the blueprint?
<ivoks> RoAkSoAx: ways to reintegrate that into debian
<ivoks> RoAkSoAx: even if we know that's a complete failure :)
<RoAkSoAx> haha indeed
<RoAkSoAx> ivoks: had the same conversation with fghaas about it, but they said what we all know already. Anyways
<uvirtbot> New bug: #654574 in mailman (main) "qrunner crashed with IOError in _logexc()" [Undecided,New] https://launchpad.net/bugs/654574
<mdeslaur> ivoks: I'm getting "parse error in config: The consensus timeout parameter (4800 ms) must be atleast 1.2 * token (12000 ms).". Any ideas?
<RoAkSoAx> kirkland: I'm installing a Lucid UEC setup. During installation of the VM's, they ask for the IP of the CLC. Should I specify it or should I leave it, to have autodiscovery?
<mdeslaur> ivoks: never mind, I found it
<kirkland> RoAkSoAx: what component are you installing?
<RoAkSoAx> kirkland: sc-cc in one VM
<RoAkSoAx> kirkland:  but I believe the same will apply to the walrus
<ivoks> mdeslaur: sorry, i was away for couple of minutes
<mdeslaur> ivoks: np :)
<kirkland> RoAkSoAx: normally, you let it autodetect
<kirkland> RoAkSoAx: that requires that avahi work
<kirkland> RoAkSoAx: i don't know what your network setup looks like
<kirkland> RoAkSoAx: but if avahi broadcasts work, it should autodetect okay
<RoAkSoAx> kirkland: well since this is just testing, avahi will work. I'm just using NAT
<RoAkSoAx> kirkland: i"m doing it all in VM's
<kirkland> RoAkSoAx: right -- the VMs must be bridged to talk to one another
<RoAkSoAx> kirkland: yep, but I just want to have the eparate components ( 1 CLC, 1 Walrus, 1 CC-SC, 1 NC) to start looking into how to provide HA
<RoAkSoAx> kirkland: so they are all in a single virtual network, which is the NAT provided by KVM
<kinygos> upgrade to 10.04 was supersmooth...bloody good job guys :)
<cfairles> where can you set environment variables such that they are loaded even for no-login users (specifically JAVA_HOME), no bash rc's because they are shell user only, /etc/environment doesn't seem to work either
<T3CHKOMMIE> hey guys, did a sudo apt-get update and something hung on my 10.04 x64 install when i log in it says ihave updates avaiable but when i update/upgrade it says there were errors and nothing gets installed. any ideas on how to flush this out?
<soren> T3CHKOMMIE: Depends on what the errors are.
<T3CHKOMMIE> it looks like its unable to connect to some of the packages listend in the source.lst
<T3CHKOMMIE> like lucid-security-updates /multiuniverse
<T3CHKOMMIE> etc
<Pici> Pastebinning the errors would be a good start
<Pici> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<T3CHKOMMIE> "unable to connect to security.ububtu.com etc....
<T3CHKOMMIE> it trys conencting then times out...
<T3CHKOMMIE> then goes to about 21%... then says "failed failed failed... etc"
<T3CHKOMMIE> ok here we go, "some index files faild to download, they have been ignroed, or old ones used instread.
<T3CHKOMMIE> --fix-missing doesnt help either.
<T3CHKOMMIE> is the repo server down?
<demonspork> I seem to have a nonfunctional dpkg process sitting in the background  locking my /var/lib/dpkg/lock file. It was in the middle of install MRTG and it stopped doing anything, I left it for 30 minutes and then I tried to ctrl+c with no luck, so I actually closed that ssh session and then reconnected, and now the dpkg won't die
<ehcah> Hello. can anyone give me a technical reason for using ebox over webmin? I understand webmin is no longer supported, but it offers much more flexibility if I wish to modify some configuration files by hand.
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
 * kinygos likes ubottu
<guntbert> ehcah: ebox is ... well I don't like it at all -- but webmin will botch your system if you use it to actually modify configuration :-((
<ehcah> guntbert: Compared to the experiences I had with webmin, I don't like ebox (zentyal), at all.
<ehcah> It is an extremely limited tool with its scope.
<RoyK> ehcah: imho the commandline outperforms any web-based administration interfaces
<ehcah> RoyK: You and I have chatted about that before, and I agree - no question.
<guntbert> ehcah: I said the same -- especially since ebox uses its own config files -- but still  webmin "is not compatible" -- I agree with RoyK here
<ehcah> No arguments here. I really liked being able to use webmin to review my configs easily. Funny as it sounds, I still do a lot of terminal based changes.
<ehcah> More simply stated, I wish there was a webmin like GUI out there that was supported.
 * RoyK sticks to vim
<poolvibe_> sooooz
<poolvibe_> ok 1st time on IRC sheeshe I'm a lil noobish
<franksterville> test
<franksterville> Anyone know of a good HP Designjet 500 Driver other than the preinstalled HP junk
<franksterville> the foomatic shifts stuff all over the page
<qman__> there's a couple different ones included, foomatic, hp2js or something
<franksterville> othere than that the new 10.04 is solid here
<franksterville> ye they all shift stuff bout 1/2" off the top of a landscape page
<franksterville> tried gen hp stuff too
<franksterville> maybe use alien and grab a fedora one?
<qman__> they use the same ones
<franksterville> figured
<franksterville> hmmm maybe its the format
<franksterville> pdf
<ivoks> mdeslaur: everything ok?
<franksterville> i am still amazed that the other 5 printers in the building work flawlessly
<franksterville> Sharp Dell 3 other HPs
<SpamapS> it still amazes me that printer manufacturers feel a need to write and maintain drivers when PCL and PS are perfectly capable of anything anybody wants to do.
<mdeslaur> ivoks: yes! I've tested it on lucid...tomorrow, I'll do the others
<ivoks> mdeslaur: ok
<franksterville> they should all use gen PCL
<franksterville> would be so much easier
<ivoks> PS
<ivoks> not PCL
<franksterville> PCL6
<ivoks> PS, so that we can just cat files to usb port
<mdeslaur> ivoks: I had trouble for a while, until I fixed the hosts file properly
<ivoks> Apple figured it out
<ivoks> that's why they just dump screenshot to printer
<qman__> they have to write drivers because the printers aren't smart enough to understand PS or PCL
<SpamapS> Yeah, PS used to have the argument that it was too complex.. but at this point you can embed highly capable SoC in your printer cheaper than you can build an ASIC to handle your super special printer driver language.
<franksterville> yeah its painfull
<qman__> like winmodems, they're basically mechanical devices on USB control
<qman__> the rest is handled in software
<franksterville> I cringe when someone says I need a new printer
<franksterville> i rem google talking about universalizing
<ivoks> still, even if all printers would be PS, they would have 'drivers'
<qman__> brother laser printers have been great for me
<ivoks> not every printer is the same
<ivoks> -> PPD
<franksterville> oh boy
<qman__> cheap, good functionality
<franksterville> the sharp here has PPD
<SpamapS> I really fought even having a printer until 6 months ago. I hate the damn things.
<franksterville> I spend more time on them than I do anything else here
<franksterville> Even the windows clients take less time
<franksterville> the mac maintain themselves
<ivoks> i never had problems with printers
<franksterville> the servers are nix so nadda there either
<ivoks> plug it in...wait... works
<franksterville> u run a print server?
<ivoks> yeah, on each ubuntu desktop :)
<franksterville> LOLOL
<ivoks> and on couple of servers
<qman__> my print server has to run windows because I have to support a canon laser with no linux drivers
<RoAkSoAx> Anyone has any idea of this error? : For example, I have a 37GB partition mounted, formatted with ext4. Inside the partitions I have 3 disk images that total 26GB. When I try to create another 10GB image there it says the disk does not have enough space, and it will only let me create a disk image of 5gb. Any ideas why?
<franksterville> I always ran windows print servers with ubuntu file servers until 10.04
<ivoks> why?
<franksterville> because of drivers
<franksterville> had to use win
<ivoks> where do you get printers
<qman__> RoAkSoAx, by default it reserves 5% for the journal
<franksterville> form HP SHarp Dell
<ivoks> i'm having troubls finding printer that won't work on linux
<ivoks> ah, dell
<ivoks> USA?
<ivoks> :)
<franksterville> gen PCL does
<jcastro> dells are rebranded lexmarks?
<franksterville> but u have to .cofig it a bit
<franksterville> *.config
<franksterville> it defaults to greyscale and such
<ivoks> lexmark is the brand i avoid
<qman__> yeah, lexmarks are junk
<franksterville> I like the Shap the best here
<franksterville> Hi Speed
<RoAkSoAx> qman__: ohh didn't know that :)! And would there be any way to override that reservation?
<ivoks> sharp
<franksterville> ye
<franksterville> sry
<qman__> HPs are okay
<ivoks> even epson is good
<franksterville> HP makes me ill on the windows side tho
<franksterville> crapware
<qman__> but I've been recommending brother printers, best one I have
<ivoks> i have epson multifunction and bunch of HPs
<franksterville> ye?
<ivoks> plug and play
<franksterville> never tried one
<qman__> RoAkSoAx, that's specified when you create the filesystem
<ivoks> brother is OK, that's true
<qman__> might be able to change it with tune2fs
<ivoks> i've talked with Till couple of months ago
<ivoks> HP and Brother are working with community
<ivoks> while others... :)
<RoAkSoAx> qman__: cool thanks ... btw.. I just create an image using qemu-kvm specifying 10GB size, and it did it withpout a problem
<RoAkSoAx> kirkland: in lucid, is walrus supposed to register to the clc automatically without having to exchange keys before?
<RoAkSoAx> kim0: ^^
#ubuntu-server 2010-10-05
<_Neytiri_> how do i setup a vpn server and route traffic from the remote pc's through it
<_Neytiri_> i have pptpd in stalled and configured and remote clients can connect but i cant get the internet traffic to route
<pmatulis> _Neytiri_: PPTP?  ouch
<_Neytiri_> point to point tunneling server
<_Neytiri_> http://forums.bit-tech.net/showthread.php?t=132029
<_Neytiri_> i used that tutorial
<pmatulis> _Neytiri_: PPTP design is broken and weak, consider IPsec or SSL/OpenVPN tunnel
<_Neytiri_> ok how do i install that and is there a tutorial
<pmatulis> _Neytiri_: yes, go to openvpn.net
<_Neytiri_> if i can do it over a ssh connection all the better
<_Neytiri_> and on openvpn.net there isnt a verson for ubuntu 10.4.1
<_Neytiri_> which is wha ti am running
<pmatulis> _Neytiri_: check the 10.04 server guide
<ruben23> hi guys any suggestion or idea im getting this tons of erro when i do apt-get update -----> http://pastebin.com/t7KXFFdb
<cwillu_at_work> _Neytiri_, ubuntu has openvpn in the repository, you don't (and shouldn't) install it from openvpn.net yourself
<cwillu_at_work> openvpn isn't related to ssh though
<cwillu_at_work> if that's what you were thinking
<cwillu_at_work> ruben23, your dns is down
<cwillu_at_work> or something along those lines
<ruben23> cwillu_at_work: im using google public--> 8.8.8.8 and 8.8.4.4
<cwillu_at_work> ruben23, what does "host security.ubuntu.com" say?
<ruben23> cwillu_at_work: thats my error when i do it
<cwillu_at_work> ?
<ruben23> http://pastebin.com/t7KXFFdb
<cwillu_at_work> ruben23, I want you to type "host security.ubuntu.com" into a terminal and tell me exactly what it says
<cwillu_at_work> the pastebin is the output of your apt-get
<ruben23> cwillu_at_work: connection time out: no server could be reached
<cwillu_at_work> ruben23, your dns configuration is messed up then.  pastebin the contents of /etc/resolv.conf
<cwillu_at_work> apt-get pastebinit; pastebinit /etc/resolv.conf
<cwillu_at_work> er, nevermind, you can't apt-get :p
<cwillu_at_work> just pastebin the file the normal way
<ruben23> nameserver 8.8.8.8   and   nameserver 8.8.4.4
 * cwillu_at_work realizes that he has better things to do than retyping his instructions over and over until ruben23 finally does them, and goes for lunch instead
<ruben23> cwillu_at_work:)
 * cwillu_at_work gets back from lunch
<pmatulis> cwillu_at_work: 18 minute lunch?
<cwillu_at_work> pmatulis, it's also 6pm.  problem? :p
<mattcen> Hi all, I've got a server running 8.04, and am trying to work out what is telling logrotate to rotate /var/log/auth.log and /var/log/syslog. There is no reference to either file in /etc/logrotate.conf or /etc/logrotate.d/*
<bgsmith> I am looking for a good bare metal recovery solution for an ubuntu 10.04 server. The box has RAID1+LVM and I have tried mondo and clonezilla on a test system with no success over the last three days. (clonezilla does not support soft RAID), and mondo restore always fails to restore :(
<twb> bgsmith: recovering from what?
<twb> e.g. the server being destroyed, the HDDs dying, someone with root running an rm -rf /...
<bgsmith> bare metal recovery
<bgsmith> new machine
<bgsmith> same specs
<bgsmith> worst case scenario disaster recovery planning
<bgsmith> I have filesystem level backup and archiving policies in place
<bgsmith> but setting up RAID, partition tables and the configuration etc would perhaps be too much to ask of a sys admin not too proficient with linux during a crunch.
<|rt|> hey guys I'm trying to setup a driver using dkms but while a driver is being built at /var/lib/dkms/arcmsr/<version>/<kernelversion>/<arch>/module/arcmsr.ko update-initramfs -v shows that this driver isn't not being included in the initrd any ideas?
<|rt|> if I make install the driver it puts the .ko file in the /lib/modules/<kernelversion>/extra and update-initramfs shows that the driver is being included in the initrd
<twb> bgsmith: so your DR plan has to cope with an ignorant sysadmin?
<bgsmith> in the current scenario ... unfortunately ... yes. this is a small company, and I am the only linux guy here.
<bgsmith> we will expand and get more people on board, but that will take around 3 months.
<bgsmith> so, automated re-creation of partition tables, RAID and filesystem restoration is needed.
<bgsmith> (a la norton ghost / acronis true image)
<|rt|> the raid in this case is software raid?
<bgsmith> mondoarchive seems to be able to do this ... except that it is failing in many ways with our setup.
<bgsmith> yes ... it is software raid.
<bgsmith> the bigger HP servers (couple of them) have hardware raid controllers
<|rt|> partimage will do what you're looking for
<bgsmith> and will be backed up by clonezilla
<|rt|> clonezilla works for that too
<bgsmith> the clonezilla website still says that soft RAID + lvm is not supported
<|rt|> actually clonezilla is a bit better I think
<|rt|> ah....i take it you're running lvm on top of this software raid
<bgsmith> yes lvm is running on it
<_Techie_> is there a really good tutorial on getting a parallel port printer working with cups and hplip?
<|rt|> bgsmith: dd isn't an option?
<bgsmith> dd it seems will not work if /boot is on LVM
<|rt|> how is that possible?  dd is just a block stream image of the block device
<bgsmith> http://forums13.itrc.hp.com/service/forums/questionanswer.do?admit=109447627+1286246340448+28353475&threadId=79940
<bgsmith> that is just what I thought
<bgsmith> I need to attend a meeting for an hour :( will be back! tnx
<twb> bgsmith: I'm not aware of any magic that can do what you're asking properly
<|rt|> i don't think lvm on hpUX is the same as on linux
<bgsmith> hmmm I will test dd today.
<bgsmith> actually mondoarchive claims to do just that.
<|rt|> I know my wife used to work on the LVM equivalent on HPUX when she was at HP and I'm pretty sure it's a different animal there
<twb> bgsmith: I have a DR solution for similar "dumb" customers, but it assumes that the "real" sysadmin manually performs partitioning ahead of time, and manually duplicates any lvextends and such on the DR box.
<bgsmith> twb: mondoarchive claims to do just that ... and works fantastically in a non RAID-lvm environment, and the manual says that it should handle raid+lvm as well ...
<twb> Is that one of the DVD-RW based solutions?
<bgsmith> can do network based recovery or disk based
<twb> One of *my* core requirements was also that the end user not need to do anything like rotating media each week
<twb> (Because they forget to do so.)
<bgsmith> hmm
<twb> !dpkg -l mondo
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<twb> Grmph
<twb> ubottu should be forked off the dpkg bot, instead of being its own damn silly supy instance
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<bgsmith> http://www.mondorescue.org/  ... I will do the dd thing, and run a couple of more tests with mondo after one hours worth of meetings
<twb> bgsmith: OK, yeah, that's "mondo" in apt.
<bgsmith> right ... but that was old
<bgsmith> I had to get the latest
<bgsmith> from the website
<bgsmith> in order for the backup to work.
<twb> I remember looking at it but not why I dismissed it.  Possibly because it looked overkill
<bgsmith> (the restore still isn't)
<bgsmith> brb!
<twb> upstream ships 2.2.9.4, squeeze and karmic onwards ship 2.2.7.  That's not a big jump...
<_Techie_> is there a really good tutorial on getting a parallel port printer working with cups and hplip?
<twb> _Techie_: don't you just plug it in and browse to :631 and follow the prompts?
<_Techie_> apparantly not
<_Techie_> i installed the hp drivers hplip
<_Techie_> but whenever i run hp-setup -i, i only get USB and net
<twb> Personally I avoid printers that don't have onboard ethernet and PostScript
<_Techie_> well, this printer was given to me for free and my new desktop machine doesnt have a lpt port
<twb> Cheapass printers are loss leaders for the consumables.
<_Techie_> this isnt a cheapass printer
<_Techie_> its a HP laserjet 2100m
<twb> If it doesn't have a RAM upgrade slot, it's a cheapass printer :P
<_Techie_> it does have a RAM upgrade slot
<_Techie_> comes with 4mb default
<|rt|> simms maybe :)
<twb> So why are you connecting to it via the parallel port?
<_Techie_> keep it in mind, its not exactly a new printer
<_Techie_> twb, because i dont have the ethernet module for it
<ScottK> Jetdirect boxes aren't very expensive.
<_Techie_> yeah, but im trying to make do with what i already have
<qman__> I've got a parallel-ethernet print server device for such situations
<twb> _Techie_: bummer
<twb> _Techie_: well, anyway, as you may have guessed I can't help with the immediate problem :P
<_Techie_> i figured, but its nice to atleast chat
<qman__> but yeah, no reason not to buy network printers anymore
<qman__> when you can get a laser with ethernet for $100
<_Techie_> qman__, i would love to have an ethernet printer, but sometimes you gotta make do with what you already got, eg 2x 17" CRT's
<_Techie_> and a 16"
<twb> I kept those for ages because CRTs can do a much higher resolution that these bloody new-fangled LCDs
<mobasher> i'm trying to install ubuntu server...which option should i select ubuntu enterprise cloud or server ?
<cwillu_at_work> mobasher, are you installing onto a cloud?
<twb> mobasher: if you do not know what a cloud is, you want the latter
<mobasher> i have no cloud just this amd box and one intel with ubuntu desktop on it
<cwillu_at_work> mobasher, so -server
<mobasher> ok thanks...i guess cloud is more for like server grid computing ?
<twb> mobasher: well, cloud is for cloud computing
<cwillu_at_work> yeah;  you're look for less hardware support and more virtualization support
<twb> But IMO it's mostly buzzword wankery
<cwillu_at_work> spoken like somebody who doesn't know what they're talking about <3
<mobasher> thanks guys..appreciate it ;-)
<twb> cwillu_at_work: you know it
<cwillu_at_work> although I don't know for a fact that ubuntu's cloud stuff has memory ballooning and so forth enabled
<cwillu_at_work> twb, the concept of using-all-of-the-available-memory-on-cache fails hard in a virtual environment
<cwillu_at_work> the typical bandaid is to tell the vm that it only has 256mb available or whatever
<cwillu_at_work> far better is to say that it has several gb available (as is true), but that it should minimize its use of those resources
<qman__> I'm of the opinion that clouds have their place
<cwillu_at_work> otherwise you end up having cache on disk, with the vm thinking it has that data available quickly, and the host having little idea what can actually be pushed to disk
<qman__> and that my 20 node network isn't it
<twb> cwillu_at_work: erm, can't you jsut set stuff like vm.swappiness=0?
<cwillu_at_work> twb, that has nothing to do with this :)
<twb> (OK, that's swap not cache, but you get the idea)
<cwillu_at_work> twb, and you don't necessarily _want_ swappiness at zero
<cwillu_at_work> really, you probably want swappiness at 100, so that the vm is perfectly aware of when it needs to go to disk, rather than it thinking that gee, my memory is really slow today!
<cwillu_at_work> all this to say that yes, you really do want a different distro for vm than you do for real hardware
<cwillu_at_work> whether vm itself is useful to you is another matter
<twb> I guess I call it 'buzzword wank' because it mostly seems to be stock standard virtualization with a shim to allow rapid (de)provisioning of stateless VM images across a farm.
<cwillu_at_work> ... as qman__ mentions
<qman__> it's useful technology, but it is littered with buzzwords
<twb> cwillu_at_work: where "different distro" mostly means a handful of kernel .config changes and sysctl.conf, I guess.
<qman__> and it really isn't all that different from the virtualization we've been using for the last decade
<cwillu_at_work> qman__, this is true.  But the solution to that isn't to focus on the wankery :p
<cwillu_at_work> twb, yes, that's what distro's do
<cwillu_at_work> I mean the difference between ubuntu and kubuntu is a set of default packages
<twb> I don't consider kubuntu to be a different distro
<cwillu_at_work> and the difference between fedora and ubuntu is the packaging manager
<twb> cwillu_at_work: and the packages
<cwillu_at_work> twb, not nearly as much as you may think
<twb> and all the other infrastructure, like the ticket system and the PR team
<cwillu_at_work> both distros want to be as stock as possible
<cwillu_at_work> twb, you're conflating the companies and the distros
<qman__> fedora is very different
<cwillu_at_work> hmm
<cwillu_at_work> yeah, I see your point
<cwillu_at_work> I'll say flavour instead :p
<twb> Nod.
<twb> kubuntu and -server are "flavours" of Ubuntu
<cwillu_at_work> nonetheless, it's significant enough differences that not having to configure a lot of things by hand is nice
<twb> I *might* say CentOS is a flavour of RHEL :-)
<twister004> hi guys... how can i configure a Raod warriror vpn tunnel using racoon, setkey and shorewall on ubuntu server ?
<twb> twister004: you have a roaming server?
<cwillu_at_work> twister004, I suggest finding a tutorial via google or something
<twister004> so far i have been hardcoding.. as the public adresses are static.. but now, I have a dynamic address with a dns name... how can i incorporate this dns name in my ipsec setup on ubuntu?
<twister004> it's not roaming
<qman__> I use dynamic dns with my openVPN without issue, but I don't use ipsec, so not sure how that works
<twb> qman__: it's basically like openvpn only more difficult :P
<cwillu_at_work> it's like openvpn, except they reinvented _every_ aspect
<twb> ipsec is a core part of ipv6, so you WILL need to learn it sooner or later
<qman__> yeah
<cwillu_at_work> you don't use the normal os routing tables, you don't use standard encryption, you don't use standard key management, it's recommended to use it via kernel-space modules rather that user-mode binaries and daemons...
<qman__> I've had classes and such touch on it, but I've never actually used it
<mattcen> Nobody has any ideas about my logrotate query yet?
<cwillu_at_work> mattcen, did you grep for auth in /etc/logrotate.d?
<qman__> I just checked my remaining hardy server, there are none
<qman__> might be hard coded?
<mattcen> cwillu_at_work: It returns nothing.
<cwillu_at_work> mattcen, oh, I missed that you were on hardy
<cwillu_at_work> sec
<qman__> I'm guessing it uses the general rules in logrotate.conf
<qman__> weekly, rotate 4, create
<qman__> though that doesn't add up, since I have syslog going up to 6
<mattcen> hmmm
<mattcen> Basically, to articulate my *actual* question, I want to change logcheck from running hourly, to daily, and therefore need it to run just before logrotate shifts the logs, but I was looking for evidence that logrotate is *actually* what's doing the rotation in this case.
<echosystm> is LXC stable enough to use in a production environment?
<rougeleaf> anyone available to assist with installing driver for usb wifi card?
<franksterville> Herron
<franksterville> Hewro
<rementis> Having an issue where an external usb drive randomly disappears...
<rementis> I've never used irc before, so not sure if anyone can see this
<JanC> rementis: we can see this
<hardfire> <hardfire> help needed
<hardfire> <hardfire> Error deploying virtual machine: Failed to create domain
<hardfire> <hardfire> error in the one_vmm_log file
<hardfire> <hardfire> what causes this error
<hardfire> <hardfire> any help will be appreciated
<hardfire> any help ??
<franksterville> What u deploying
<qman__> hardfire, it would help to mention what software you're using and what you did that resulted in this error
<franksterville> Vmware or box
<hardfire> installed opennebula cloud using 2 machines
<hardfire> one as contreller and other as node
<hardfire> ubuntu 9.10
<hardfire> trying to deploy a windows xp image
<franksterville> Why neb vs box?
<franksterville> And why 9.10 vs 10.04
<JanC> rementis: what exactly do you mean by disappear?
<rementis> i mean it looks mounted, but the usb device isn't there.  can't even run fdisk on it
<hardfire> was trying the nebula express installer in 10.04 didnot work
<hardfire> so using this as a guide right now https://help.ubuntu.com/9.04/serverguide/C/opennebula.html
<JanC> rementis: maybe an issue with USB suspend not working correctly?
<rementis> if i turn the usb hard drive off, then on, it reappears and I can mount it.  maybe power management?
<rementis> can i disable power management for usb
<JanC> you can, but I'd have to look up how
<hardfire> franksterville, der ?
<rementis> It would be awesome if you could find out how to do it, I've been looking and can't find anything
<hardfire> any help for open-nebula would be appreciated
<hardfire> ubuntu box - 1 cc and 1 worker node
<hardfire> cannot deploy vm
<hardfire>  Error deploying virtual machine: Failed to create domain
<JanC> rementis: you can write -1 to /sys/bus/usb/devices/.../power/autosuspend where ... is the device
<rementis> wow, let me try that
<rementis> can i ask where you found it?
<JanC> in the linux kernel docs  ;)
<rementis> any way i can determine which device my usb hard drive is?
<rementis> it's not obvious at all
<blahdeblah> rementis: lsscsi is what i use
<rementis> and will i need to reboot after writing the -1?
<rementis> perfect on lsscsi, thanks!
<blahdeblah> rementis: np
<JanC> AFAIK your drive going into suspend shouldn't cause errors, but if it does, this might help
<blahdeblah> Can anyone point me to documentation about the difference between linux-image-virtual and linux-image-generic, and whether or not VMware tools is necessary when running linux-image-virtual under VMware Server?  I've searched Google and come up with no rationale for the existence of linux-image-virtual, nor any explanation of the difference between it and linux-image-generic.  I can diff the kernel config files, but i'm far fro
<JanC> and reboot would reset this setting, so certainly don't reboot  ;)
<qman__> yeah
<qman__> if you want to set it permanently, do so in sysctl
<rementis> i see this:
<JanC> as qman__ says
<rementis> root@steeler:/sys/bus/usb/devices/usb1# lsscsi
<rementis> [0:0:0:0]    disk    ATA      WDC WD400BB-23DE 05.0  /dev/sda
<rementis> [0:0:1:0]    disk    ATA      ST3320620A       3.AA  /dev/sdb
<rementis> [1:0:1:0]    cd/dvd  COMPAQ   DVD-ROM GD-8000  0011  /dev/sr0
<rementis> [5:0:0:0]    disk    WDC WD10 EAVS-32D7B1            /dev/sdc
<rementis> and this
<rementis> root@steeler:/sys/bus/usb/devices# ls
<rementis> 1-0:1.0  1-5  1-5:1.0  2-0:1.0  3-0:1.0  4-0:1.0  usb1  usb2  usb3  usb4
<rementis> so which device is the WDC WD10?
<rementis> and how do i put this setting in sysctl?
<twb> rementis: ask hdparm
<blahdeblah> rementis: use pastebin.com for stuff that long
<twb> rementis: sysctl is for /proc/sys, not /sys
<twb> IIRC power management of USB devices is on by default for only one kind of device... I can't remember which kind... hubs?
<JanC> I thought they were going to enable it again for other devices too?
<JanC> not sure what kernel etc. that would apply to
<JanC> rementis: does your external USB drive have its own power?  if not, it might suffer from a power loss...
<JanC> oh...
<twb> JanC: AFAIK, not done as at 2.6.32
<twb> Obviously if you pm-suspend or pm-hibernate, the device will fall over and get a new name when you resume.
<kaushal> hi
<kaushal> can someone please guide me about fcron scheduler ?
<joschi> kaushal: `man fcron`. what's your concrete question?
<Datz> Sc
<kaushal> joschi: I do get fcron emails, is there a way to find out the receipient list ?
<kaushal> and also is there a way to edit the subject line of fcron emails
<kaushal> I dont see anything in /etc/fcron.conf
<joschi> kaushal: check your (f)crontabs for the MAILTO variable
<kaushal> joschi: how do i find out ?
<kaushal> I did sudo fcrontab -l
<joschi> kaushal: `man 5 fcrontab`, or http://manpages.ubuntu.com/manpages/lucid/en/man5/fcrontab.5.html for the online version
<joschi> kaushal: well, `sudo fcrontab -l` will only show the crontab of 'root'
<kaushal> yeah
<joschi> kaushal: /var/spool/fcron should be a good starting point (or the directory given for fcrontabs in your fcron.conf)
<joschi> but don't edit these files directly
<SpamapS> heh
<SpamapS> how many times have I said that to myself?
<SpamapS> man.. F cron.
<joschi> SpamapS: I'm pretty sure that the f in fcron stands for 'fine' ;)
<SpamapS> joschi: just like in rtfm!
<kaushal> joschi: I checked /var/spool/fcron/root.orig
<joschi> SpamapS: that depends on the context ;)
<kaushal> shall i pastebin the /var/spool/fcron/root.orig ?
<_Techie_> is there anything extra i need to do to have dovecot authenticate against users with /etc/passwd ?
<kaushal> I dont see MAILTO variable
<kaushal> not sure i understand that
<kaushal> I have not hardcoded any MAILTO in the fcrontab
<kaushal> dont understand why mails are being sent to specific users
<kaushal> joschi: you around ?
<kaushal> can someone please guide me about my fcron issue ?
<_Techie_> could you quickly explain what fcron is?
<kaushal> _Techie_: yeah sure
<kaushal> its a scheduler
<_Techie_> does it differ from cron?
<kaushal> yes
<_Techie_> how exactly?
<_Techie_> i might not be able to help, but im interested
<kaushal> for fcron it does not require that the server being up 24*7*365
<_Techie_> i see
<_Techie_> so rather than specifying a time to do a job, you can scedule a job to run X hours after boot
<kaushal> i was interested in the MAILTO directive
<_Techie_> thats actually quite nifty
<_Techie_> what about it?
<_Techie_> hrmm
<_Techie_> just read all the scrollback
<twb> Anacron provides similar functionality
<twb> Also, vixie cron supports @reboot.
<_Techie_> interesting question, ill have a poke around in cron and see if anythign jumps out
<_Techie_> cron also supports @reboot
<_Techie_> i use it all the time
<twb> vixie cron *is* cron, as far as ubuntu is concerned
<_Techie_> i see
<_Techie_> hrmm, i cant seem to turn up anything on my sytem that would be of any help with your issue
<_Techie_> do you want to recieve cron mail?
<kaushal> I am receiving fcron email
<_Techie_> yes
<_Techie_> do you want to recieve it
<kaushal> I want to disable it
<twb> kaushal: remove the MTA, then
<_Techie_> i have a way, but its only a tempoary fix
<_Techie_> twb, it uses system mailboxes
<kaushal> twb: is there a way to disable the receipients ?
<twb> cron cannot deliver mail unless there is an MTA installed
<_Techie_> twb, and most people like to have mail functionality on their server
<twb> _Techie_: yeah, I know :-)
<_Techie_> kaushal, after each fcron command, add this     >/dev/null 2>&1
<_Techie_> that will stop it from giving any output
<_Techie_> and then it wont send you emails
<kaushal> ok
<_Techie_> its not a proper fix, but it will stop it untill a fix can be found
<kaushal> so is it fcrontab -e and then add 30 02 * * * /usr/local/bin/scripts/gziptomcat4.sh >/dev/null 2>&1 ?
<_Techie_> perfect
<kaushal> twb: is that correct ?
<twb> Hmm?
<twb> Looks OK to me
<twb> Apart from you running tomcat :P
<kaushal> basically i want to stop sending emails to particular users
<twb> kaushal: man newaliases
<twb> Or ask #postfix how to blacklist users, I guess
<_Techie_> twb, except the mail is sent by the user that the cronjob runs as, to the user that the cronjon runs as
<_Techie_> so blacklisting users isnt really a good idea
<kaushal> _Techie_: Thanks
<_Techie_> wait
<_Techie_> sorry
<_Techie_> sent from cron@domain.com to the user
<kaushal> _Techie_: ?
<_Techie_> so blacklisting could work
<kaushal> _Techie_: shall i pastebin the email ?
<_Techie_> nah
<_Techie_> i know what it looks like
<kaushal> 30 02 * * * /usr/local/bin/scripts/gziptomcat4.sh >/dev/null 2>&1 would do the fix ?
<_Techie_> i have my cronjobs send me email, i find it handy to know when services dont start properly
<_Techie_> yeah that would fix it
<kaushal> so that line means the script would get executed and it wont send emails ?
<_chris_> hej all
<_Techie_> yep
<blahdeblah> Can anyone tell me whether there is a programmatic way to find out whether a reboot is required after an automated upgrade?
<_Techie_> kaushal, it pipes all output to /dev/null and reports back that it ran properly.... no output... no email
<kaushal> _Techie_: ok
<_chris_> im pretty new to linux and want to put a service to autostart, im wondering if can also define dependencies ? for example service x should not start before service a b and c are started ?
<_Techie_> !upstart |  _chris_
<blahdeblah> _chris_: Most of that happens automatically with Ubuntu server
<ubottu> _chris_: Upstart is meant to replace the old Sys V Init system with an event-driven init model.  For more information please see: http://upstart.ubuntu.com/
<_chris_> ty :
<_Techie_> blahdeblah, you mean other than logging into ssh and have it blatantly tell you that a system reboot is required?
<_chris_> :)
<blahdeblah> _Techie_: yes.  "programmatic" means i don't want to have to log in - i want to find out via shell script or something like that
<kucumber> when I login to my server via ssh I am getting the notice - 47 packages can be updated.
<kucumber> 19 updates are security updates.
<kucumber>  sudo apt-update isn't fixing this....
<kucumber> *sudo apt-get update
<blahdeblah> kucumber: apt-get update just refreshes the package lists; apt-get upgrade is what you want
<_chris_> can i see what program are in autostart already ?
<_chris_> *programs
<twb> _chris_: list /etc/init (or /etc/event.d, in 8.04)
<_chris_> twb, no command 'list' found
<twb> Based on that response, I think you don't know enough to safely write new upstart jobs
<twb> However, all packages you install via the package manager should already be configured to "autostart", as it were.
<kucumber> blahdebblah excellent, thank you
<_chris_> twb, nvm already got it, stupid me ^^
<uvirtbot> New bug: #655039 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/655039
<kinygos> hi...my pre-installed server seems to have been configured in a way that's not recommended...it had one user account, root.  so, to correct this, i've created a new user, but when i try to add that user to a group admin, i'm told group 'admin' does not exist...
<kinygos> does this mean i need to manually add my user to the sudoers list???
<kinygos> (i want my user to have the ability to elevate its privileges with sudo)
<twb> Correct; there is no "admin" group.
<twb> There is a "sudo" group, but it is probably not allowed to sudo by default.
<twb> You can check by examining /etc/sudoers for a %sudo entry (% denotes a group match).
<kinygos> twb: my /etc/sudoers file contains 2 lines, Defaults env_reset and root ALL=(ALL) ALL...
<kinygos> twb: everything else (including the entry you mention) are commented out
<kinygos> twb: could you spare 1 minute and check the 3 commands in the snippet http://dpaste.com/253304/..basically making /etc/sudoers writable, then adding a single line, then removing write from the file...is this a safe way to give a user the ability to elevate their privileges?
<twb> Try "%sudo ALL=(ALL) ALL"
<twb> Use visudo to edit it
<twb> sudoers should NOT be writable.
<kinygos> twb: thanks, i thought it was a bit hacky :) does the entry you suggest mean any user can elevate their privileges, but must enter their password first?
<twb> Modulo your wishy-washy terminology: yes.
<kinygos> twb: thanks :)
<uvirtbot> New bug: #655058 in clamav (main) "freshclam apparmour error : type=1502 operation="inode_permission" requested_mask="r::" denied_mask="r::" name="/proc/28071/status" " [Undecided,New] https://launchpad.net/bugs/655058
<kinygos> hi..may a noob ask a question? i've followed the disk partitions my isp created in their standard build of my server...my /home partition has the majority of space...i will be hosting a database backed web application on the server (postgresql/apache2)...i'm reading seemingly conflicting statements about /home online...i'd like to put my application database and source in directories in /home...is this a bad ide
<kinygos> alternatively, should i re-partition my disk so that /var contains the majority of space?
<kinygos> i'm looking for best-practice really as i'm a developer learning on the job trying to set up a server for my app
<RoyK> kinygos: shouldn't matter where it is
<RoyK> kinygos: I think I would have repartitioned /home and made most of it a separate fs for /var
<RoyK> just my thought, though
<kinygos> RoyK: that's what i'm thinking now...just feels wrong having data directories in /home alongside user directories (not that i'm gonna have many user directories)
<RoyK> as in - set a root password, login as root directly to avoid keeping files open on /home, move any data on /home somewhere else, repartition, create new filesystems for the new /home and /var partitions, rsync the old /var to the new one, mv /var /oldvar, mkdir /var, mount /dev/asdf /var
<RoyK> more or less
<RoyK> that is, rsync _after_ you have mounted /var (obviously)
<kinygos> RoyK: awesome, i see where you're going with that...thanks again :)
<jo-erlend> good reason to use lvm.
<kinygos> jo-erlend: i've realised that now too...i had enough drama installing RAID remotely :)
<jo-erlend> :)
<kinygos> RoyK: erm...sorry to bother you again, but what device is /dev/asdf?  i don't have it mounted at the moment..i have a RAID partition mounted on /var
<_Techie_> anyone in here know their way around the exim configuration files?
<RoyK> kinygos: :)
<RoyK> kinygos: /dev/asdf was meant as /dev/something
<RoyK> http://asdf.com/whatisasdf.html
<kinygos> RoyK: lol :)
<RoyK> _Techie_: not really - I use postfix :Ã¾
<kinygos> RoyK: reminds me of a riddle...i am h i j k l m n o but only 5 letters...what am i?
<_Techie_> RoyK, darnit, i need to enable exim to suthenticate without tls, and the debian way of doing the config files is extremely confusing
<RoyK> kinygos: no idea :)
<kinygos> RoyK: i'll tell you later :)
<raubvogel> Quick bind9 question: how does it load named.conf.default-zones?
<DrPoO> what do you guys recommend for a backup solution for 10 servers? I have a storage array, but should i just write a bash script to run rsync? or is there something more sophisticated that I could do?
<qman__> raubvogel, the files are included from named.conf
<raubvogel>  qman__, this is the 4th time I looked at that file and the first time I noticed default-zones is there as the last entry. Thanks! I feel better now.
<ttx> Daviey: are you on that axis2c i386 build failure ?
<ttx> Also if you can't reproduce it I'll drop Bug 653154 from server-mrs
<uvirtbot> Launchpad bug 653154 in dovecot "package mail-stack-delivery (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [High,Incomplete] https://launchpad.net/bugs/653154
<doko> http://imgs.xkcd.com/comics/golden_hammer.png
<njin> Hello to all; I've a bug report about a IBM x3560 that don't boot from MM CD. I'm not expert in server side. At wich package assign ? https://bugs.launchpad.net/ubuntu/+bug/654936
<uvirtbot> Launchpad bug 654936 in ubuntu "Maverick 10.10 server RC does not boot on IBM x3650 M2" [Undecided,New]
<njin> Thanks in advance
<elb0w> I want to mount a windows share from shell, how should I do it?
<kinygos> RoyK: water...and the groans begin :)
<franksterville> Mounting unprotected (guest) network folders
<franksterville> Assumed that:
<franksterville> Network connections have been configured properly.
<franksterville> The Windows computer name is servername, this can be either an IP address or an assigned name.
<franksterville> The name of the share is sharename.
<franksterville> You want to mount the share in a folder mountname.
<franksterville> First, let's create the mount folder. You will need a separate folder for each mount.
<franksterville> sudo mkdir /media/mountname
<franksterville> Then edit your /etc/fstab file (you need root privileges) to add this line:
<franksterville> /servername/sharename  /media/mountname  cifs  guest,uid=1000,iocharset=utf8,codepage=unicode,unicode  0  0
<franksterville> Where
<franksterville> guest indicates you don't need a password to access the share,
<franksterville> uid=1000 makes the Linux-user with specified uid or username owner of the mounted share, thereby allowing that user to rename files,
<franksterville> the combination iocharset=utf8,codepage=unicode,unicode allows access to files with names in non-English languages. This doesn't work with shares of devices like the Buffalo Tera Station, or Windows machines that export their shares using ISO8895-15. With these the codepage argument has to be codepage=cp850, otherwise characters like the German 'Umlaute' are displayed as garbage.
<franksterville> After you added the entry to /etc/fstab type:
<franksterville> sudo mount -a
<RoAkSoAx> !paste | franksterville
<ubottu> franksterville: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<franksterville> https://wiki.ubuntu.com/MountWindowsSharesPermanently?highlight=(Samba)
<franksterville> sorry lol
<franksterville> my god that was hidioud
<elb0w> franksterville, cifs did not work
<elb0w> it says wrong fs
<RoAkSoAx> elb0w: try smbfs ?
<franksterville> ye smbfs
<elb0w> but then I have to mount as root
<elb0w> I want a normal user to have write priv
<RoAkSoAx> elb0w: I think that in that case you need to specify mount options to allow the user to have access to the mount point
<elb0w> I have not done this much mounting, would you happen to know the option?
<RoAkSoAx> elb0w: in your command line "man mount", then look for "The non-superuser mounts."
<elb0w> I have to do it in the fstab then?
<elb0w> I didnt have to do all this last time
<RoAkSoAx> elb0w: you can still do it from the command line afaik, look in the man page...
<RoAkSoAx> :)
<RoAkSoAx> elb0w: prolly something like mount.smbfs /source /dest -o rw,user,noauto etc etc
<elb0w> when I do a sudo mount it makes everything owned by the root
<elb0w> with those options
<RoAkSoAx> elb0w: well an awful hack would be to change the permisions to mount
<RoAkSoAx> elb0w: I can't really help you miuch more given that I don't have any samba share to test
<RoAkSoAx> elb0w: but I'll prolly do it in /etc/fstab for automounting
<elb0w> yeah, I like keeping it seperate
<gsker> can someone help me with a simple postfix problem?
<gsker> I need some postfix help on ubuntu. I can't seem to get smtpd_sender_restrictions=check_sender_access map:/etc/postfix/regexp to work
<soren> smoser: You probably know this.. Does Eucalyptus update console output in real time or does it do what EC2 does?
<hggdh> soren: it should get the last 64k, but there was a bug on it (from smoser), and I have not checked lately
<smoser> soren, it updates in real time
<smoser> which is nice, but probably not going to scale well (i've always assumed scalability is why it is as it is on ec2)
<jjohansen> smoser, ttx: I am probably missing the meeting today, I am still pretty sick
<smoser> bummer dude.
<smoser> can i get one question in ?
<jjohansen> I didn't have anything to bring up, should I get another kt member to cover
<smoser> regardin g the t1.micro and java bug. any progress there ?
<smoser> jjohansen, ^
<jjohansen> smoser: no I haven't looked at it all
<jjohansen> sorry
 * jjohansen has been learning the dm/scsi layer and having fun with that :(
<smoser> ok.  I think that would be the biggest issue from our perspective plaging kernel right now.
<smoser> the other one being the still delinquent proc/loadavg bug
<istevenmon> is there a package for vrrpd or do i need to compile it from source?
<leonidus> need a web editor for ubuntu equivalent to dreamweaver pls
<istevenmon> i think there is a bluefish project
<leonidus> am running ubuntu server, lamp on my machine
 * kinygos thinks dreamweaver is evil
<kinygos> i wish i had the time to develop a dreamweaver type app for ubuntu...would be an awesome project imho
<leonidus> yes it is
<kinygos> something like that could be a killer app for ubuntu-desktop
<uvirtbot> New bug: #655215 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/655215
<maswan> Since this is #ubuntu-server, I'm going to suggest vim. :P
<uvirtbot> New bug: #655220 in bacula (main) "Bacula Installation Failure" [Undecided,New] https://launchpad.net/bugs/655220
<kinygos> maswan: :)
<RoAkSoAx> jiboumans: ping
<mdlueck> I make use of a Perl CPAN module which is not packaged in the Ubuntu repos: Devel::Trace. 1) How can I install is so that is available to all users and 2) how could I request it be packaged?
<panfist> for right now, i have a server that provides many services on my network, but i don't want to configure all my clients to point to myserver.mydomain for every service; how can it be configured so that mail.mydomain, psql.mydomain, www.mydomain point to the same host (for now)
<qman__> set those records up in your name service
<qman__> all pointing to your server
<ChmEarl> mdlueck, apt-cache show dh-make-perl
<mdlueck> ChmEarl: Sounds excellent, thanks!
<mdlueck> ChmEarl: Are perl modules x32 / x64 cross platform? Can I build it on my x32 test server and then install it on an x64 server?
<RoyK> ChmEarl: nice - I didn't know the show argument :)
<RoyK> mdlueck: perl modules are written in perl, a script language, so as long as the underlying library is compatible, the module will be
<RoyK> mdlueck: and I guess some 95%+ of the current code is quite compatible between x86 and x64
<RoyK> mdlueck: there's no such thing as x32, btw, it's the old x86, which is 32bit
<mdlueck> RoyK: Very good. Yes in fact the Ubuntu version is identical between test and prod, just the x32 / x64 difference.
<RoyK> I'd use the same platform for test/prod if I were you, though, at least if the platform is business critical
<mdlueck> RoyK: Me knods about x86 = x32
<mdlueck> RoyK: Can't run x64 code at present in the test environment. Best I can do.
<RoyK> well, most stuff will probably work
<mdlueck> Surprisingly well in Ubuntu land! :-)
<RoyK> I don't think I've seen _any_ 32/64 bit incompatibilities yet...
<RoyK> we're running ubuntu on 20+ servers at work, most of them on 10.04 atm, and mostly on x64
<hey_pig> Question: Ever sence I "upgraded" to 10.04.01 when I SSH into my box, i loose all my samba shares for about 1 minnet , then they fix themselves. I tried purgeing and re-installing the SSH stuff, deleteing the config file and everything, and it still semi-nukes my serve every time i atempt to ssh in.... any suggestions?
<RoyK> hey_pig: samba and ssh aren't related
<simplexio> hey_pig: only related on netstack level.
<hey_pig> hmmm
<simplexio> hey_pig: one reason could be some strange firewall rule
<simplexio> hey_pig: and if it cut connection dmesg should show them if reason is on kernel level
<simplexio> that was good english :)
<hey_pig> thanks simplexio ill check dmesg
<simplexio> hey_pig: and check firewall rules on both machines
<kucumber> if i password a web directory using .htaccess on my server, if I connect to a media file locally via mplayer and point to my server directory would it just deny access or ask for a password for that directory?
<doubleD> Point throught the webserver ? Yes... Accesing the file on disk directly, no
<kucumber> no pointing though to the webserver directory to "stream" the file via mplayer
<doubleD> Like mplayer /var/www/file.avi ?
<Laverne> you can use http://username:password@domain.com/filename.avi
<kucumber> doubleD - yes
<kucumber> Laverne - in what way? Oh you mean once the .htaccess password is set
<Laverne> it wont ask for a password, the .htaccess file is only read/used by apache
<Laverne> if you access it locally, then the permissions on the directory/file are only taken into account
<kucumber> so setting a password via htaccess is still vulnerable?
<kucumber> its not accessing it locally
<kucumber> it's streaming from my server and just saving on space...
<elb0w> Does anyone know of any nice mysql query guis for ubuntu? I used to use heidisql. Looking for something similar
<doubleD> Mysql-query-browser?
<ChmEarl> mdlueck, did you build libdevel-trace-perl yet?
<mdlueck> ChmEarl: Currently working through it...
<ChmEarl> mdlueck, call dh-make-perl as user, not root
<mdlueck> ChmEarl: Indeed I did
<mdlueck> ChmEarl: Working through fixing up the files in ~/Devel-Trace-0.10/debian   then to start looking for how to build a .deb
<ChmEarl> mdlueck, this worked dh-make-perl -e 'Joe Hacker <joe@hacker.com>' --build --cpan Devel::Trace
<mdlueck> ChmEarl: Any suggestions how to package.... oh, I guess I will start over with that more verbose syntax...
<ChmEarl> no need to touch ./debian
<kinygos> does anyone know where the command to start postgresql automatically at boot time is in ubuntu-server 10.04?
<ChmEarl> after running that cmd, a DEB was found in ~
<kinygos> my google searching fails miserably :(
<mdlueck> ChmEarl: Cool!!! :-)
<franksterville> prob in the init script
<mdlueck> @kinygos: Really, in 10.04? I do not happen to use postgresql, but am surprised that with the packages properly installed it would not auto-start.
<kinygos> mdlueck: apologies...it does autostart, i just want to modify the options it starts with
<mdlueck> @kinygos: No problem... for example back in 9.04, one package installed itself as a service, just would not auto-start the service. That was corrected in 9.10.
<kinygos> i looked in the /etc/init.d/postgresql-8.4 script, which itself runs /usr/share/postgresql-common/init.d-functions which is a long script that i can't believe i need to edit, so i'm convinced i'm doing something wrong :(
<SpamapS> kinygos: it probably also sources /etc/default/postgres-8.4 or something like that too.
<franksterville> webmin really saves my bacon on stuff like this
<mdlueck> ChmEarl: I see libdevel-trace-perl_0.10-1_all.deb at long last!
<franksterville> slight gui without actual hardware access needed
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<franksterville> hmmm no more webbmin?
<franksterville> oh noooos im doomed
<RoyK> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<franksterville> looking now
<kinygos> RoyK: water btw (h..o) :)
<aegis> Guys, I just restored my server from backups...  There was one folder I found (/var/cache/man) that had the permissions messed up.  However, everything else seems to be running perfectly.  Can any of you reccomend a "stress test" of sorts that might let me know if I'm having other problems of which I'm not aware (yet)?
<franksterville> hmmm seriously
<franksterville> ebox?
<RoyK> kinygos: Dihydrogen monoxide is bad for you
<kinygos> kinygos: lol..the epic hoax :)
<kinygos> wth???
<kinygos> RoyK: there's even a wikipedia article on that hoax
<RoyK> I know :)
<RoyK> it's a pretty neat hoax, though
<kinygos> RoyK: indeed :)
<franksterville> so the webmin issues stem from needing an old perl module?
<RoyK> franksterville: afaik the webmin issues are bound to redhat/fedora linking of config files
<franksterville> so ubuntu is okee?
<RoyK> franksterville: but then, I don't use web-based configs, so I might be wrong
<franksterville> well i use it as a crutch...  trying to ween myself to terminal only
<RoyK> franksterville: no, webmin uses redhat/fedora-style configs, that are incompatible with debian/ubuntu
<franksterville> ahhh so why is this an issue in 10.04
<franksterville> worked perfectly in8.04
<RoyK> franksterville: I only know what's been told me, that webmin isn't designed for debuntu, but for rpm-based distros and later ported, for what I hear, erronumous, to dpkg-based distros. It might work, but AFAIK it's not well supported
<franksterville> Royk:  gotcha.... any experience with ebox?
<RoyK> franksterville: as I said, no, I use the commandline
<n3kl> How can I tell libvirt to use my manually configured bridge instead of hacking up the 192.168 network that it does?
<aegis> Guys, I just restored my server from backups...  There was one folder I found (/var/cache/man) that had the permissions messed up.  However, everything else seems to be running perfectly.  Can any of you reccomend a "stress test" of sorts that might let me know if I'm having other problems of which I'm not aware (yet)?
<demonspork> I have had dpkg stop functioning 3 different times while running apt-get to install something. What steps can I take to begin troubleshooting this, because it feels dangerous to kill it in the middle of installing a package
<n3kl> what is the something?
<demonspork> first time it was mrtg
<demonspork> second time I don't remember
<n3kl> are you out of disk space?
<demonspork> this time it is a package meant for jaunty, so a little bit risky to begin with
<demonspork> lol, no
<demonspork> I have a 550GB array
<n3kl> Why are you installing packages from another release?
<demonspork> 5 drives in RAID 5 with spare
<n3kl> Did you check backports?
<n3kl> the size of the array says nothing of the filesystem that you are installing to
<demonspork> yeah, it is an HP support package I had to download from HP
<n3kl> What does it do?
<demonspork> it is a small repository of packages to monitor the hardware of my server, including a server management homepage
<n3kl> I see
<n3kl> Does it contain kernel modules?
<demonspork> the majority of the packages installed successfully, and I don't think that the package I am currently installing is the issue seeing as dpkg is doing this recuring
<n3kl> Any information in your logs?
<demonspork> what logs should I check
<osmosis> any kvm virt experts in the house?  how come win2k3 worked great on hardy, but fails horribly on lucid?
<n3kl> prolly /var/log/syslog and /var/log/dpkg.log
<n3kl> osmosis: I wish there were some in the house, cause I could use one also
<n3kl> aegis: you run an fdisk?
<osmosis> n3kl, whats your issue?
<demonspork> http://pastebin.com/qGeqdiQs
<n3kl> I have manuallly configured a bridge in my interfaces file and I can't get my vmbuilder build vms to use it.
<n3kl> osmosis: I fail to understand why when I remove the symlink for the default network and restart libvirt, the iptables rules and second bridge is created.
<n3kl> osmosis: I just want to have all my vms use the bridge I provide them, with --bridge=br0 somewhere inthe command line or something
<osmosis> n3kl, dunno that one, sorry
<demonspork> osmosis, did you see my pastebin link?
<delimiter> I'm seeing abnormally high query times in mysql slow-query log on lucid...example Query_time: 18446744073709.550781
<demonspork> and the Putty window just timed out
<CharlieSu> I just changed some limits in "/etc/security/limits.conf", how do i reload that configuration without restarting?
<kees> CharlieSu: that file is only processed during user login through PAM, so just log in again
<demonspork> I can't kill a dpkg process, it doesn't seem to be a zombie (it has no parent) and sudo kill -9  doesn't even force it to die. This is the third time it has happened, and this is not a computer I can restart without considerable preparation
<kees> demonspork: does anything show up in dmesg to indicate it getting stuck? unkillable usually means stuck I/O
<demonspork> so how do I check that?
<CharlieSu> kees: thanks for the help.. not sure it worked..  can you look here?   https://gist.github.com/0717e4d2b18fa7249e0f
<kinygos> i'm looking for best-practice/recommendation again...i'm about to install django on my ubuntu server...should i install the package in my /home partition and create a symlink to it in /usr/local/lib/python2.6/dist-packages...or should i just install it there?  the people in #django were busy discussing other stuff
<guntbert> !crosspost | demonspork
<ubottu> demonspork: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
 * kinygos hides cos he just did the same thing
<kees> demonspork: dunno, does dmesg have any clues?
<demonspork> I have no idea, I am seeing some stuff about  INFO: task mandb:25191 blocked for more than 120 seconds. followed by a bunch of lines of jibberish
<kees> demonspork: yeah, sounds like bad disk or RAM, off hand. but try "ubuntu-bug linux" and get it reported into LP for people to look at
<kees> CharlieSu: trying it locally, one sec
<demonspork> well crap
<CharlieSu> kees: yeah i tried.. but it doesn't persist when i logout and login again.
<kees> CharlieSu: works fine for me.
<kees> CharlieSu: you can't sudo though, that has a separate PAM config without pam_limits, IIRC
<kees> CharlieSu: e.g. it comes from pam_limits.so, which is in /etc/pam.d/sshd
<kees> CharlieSu: but sudo is handled by /etc/pam.d/sudo
<demonspork> one thing I am worrying about right now is inodes. I have an application that is generating thousands if little bitty files, but it only is using about 500MB of space with those files
<CharlieSu> ahh that is why
<kees> CharlieSu: oddly, pam_limits is listed in sudo ....
<kees> hmm
 * kees switch to #ubuntu-devel
<istevenmon> what would happen if i connect a laptop with dhcp if i have two DNS servers running in the same network segment, two different ip range pools, the only difference would be the default gateway?
<franksterville> istevenmon:  why is my question
<istevenmon> sorry DHCP servers
<fluvvell> franksterville, I've used webmin a bit with ubuntu - mainly because I converted from fedora about 4 1/2 years ago - were you asking about webmin?
<franksterville> well they say since 10.04 not working and no support
<franksterville> working fine here
<franksterville> wondering whats up
<fluvvell> Ah, well I've not tried it in lucid.
<guntbert> franksterville: thats a long story and not since 10.04 only, essentially all debian based distros have their config files organized in a way so that webmin might mess them up
<franksterville> guntbert:  would a purge of webmin be advisable?
<guntbert> franksterville: no need to purge it, if you just use it to view config details it will do no harm, but be warned (ebox is in no way an alternative)
<franksterville> guntbert:  so ebox=fail lol...  Well I do mess with perms and shares on occasion with webmin.  I suppose I should go terminal only...
<guntbert> franksterville: seems advisable :-), I only use it for squid, dhcp and so on where the config follows standards
<franksterville> guntbert:  just file/print server here so gui helps with printers...
<guntbert> franksterville: I'd say read up on the issues (iirc there *are* steps to get it back to debian/ubuntu but...)
<franksterville> guntbert:  dont NEED it just like it.  I like well running server better LOL
<demonspork> gaaaah, I still can't kill that process - this is driving me insane
<demonspork> last time I just left it for 24 hours and it vanished
<istevenmon> how can i preserve vrrpd configuration over reboot ?
<n3kl> istevenmon: just curious, what are you doing with vrrpd?
<n3kl> istevenmon: and you could use puppet to restore a configuration file if you needed.
<istevenmon> n3kl: doing gateway redundancy
<n3kl> istevenmon: is that box your most external facing?
<istevenmon> yes
<istevenmon> but the configuration is not done with a config file
<istevenmon> but with comands
<n3kl> Ahh
<n3kl> lame
<n3kl> is there a "write me" command
<n3kl> ?
<istevenmon> i dont know, i think i will create a startup script with the commands to be run
<baggar11> is booting to software raid5 possible with either 10.04 or 10.10?
<n3kl> I doubt it
<n3kl> raid 5 boot issues have plauged linux for a long time
<n3kl> baggar11:what I do is boot a usb stick as my root, then mount /var and /usr from the raid to speed up applications.  Works like a charm.  Then I have only one array, and if the usb ever dies, debootstraping a new one is easy
<panfist> if anyone is familiar with the request tracker package...i keep trying to install it with a postgres db configuration, but it keeps using sqlite
<baggar11> thanks, just checking
<mata> someonehere?
<guntbert> mata: many :-)
<mata> i have an ubuntu server, and i dont know how to compile an pvpgn 199 with mysql
<mata> i mean is the first time using the ubuntu server
<mata> ??
<guntbert> !copmpile | mata
<guntbert> !compile | mata
<ubottu> mata: Compiling software from source? Read the tips at https://help.ubuntu.com/community/CompilingSoftware (But remember to search for pre-built !packages first)
<mata> is hard, my first time, someone can help me_
<mata> ?
<demonspork> mata, try it out and ask specific questions about what you are having issues with
<kees> CharlieSu: you need explicit lines for root in your limits.conf.  root isn't included in "*"
<_Neytiri_> how do i setup a vpn server and have the remote clients use that mahcines internet connection
<iarp> _Neytiri_: have you tried ssh tunneling or do you need local network access as well
<_Neytiri_> local network access
<iarp> !vpn | _Neytiri_
<ubottu> _Neytiri_: For more information on vpn please refer to https://wiki.ubuntu.com/VPN
<_Neytiri_> i have been there and was havineg issues with that tutorial
<_Neytiri_> i need to get it to run over a ssh connection tho
<_Neytiri_> the way our servers are sewtup is that they all have a private address on the lan i am trying to get to.
<_Neytiri_> our public ip's are 1 to 1 natted to the private addresses
<tsrk> How can I change the SSH banner "SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4" so that it doesn't include the "Debian-3ubuntu4"?
<RoyK> _Neytiri_: most servers listen to ssh
<RoyK> tsrk: why?
<tsrk> RoyK: My PCI compliance scan considers it to be OS disclosure
<RoyK> tsrk: AFAIK that's compiled into sshd
<_Neytiri_> RoyK| i know that i need to vpn over that and have remote and local network access
<tsrk> RoyK: Unless it's getting the OS from SSH somewhere else... is there somewhere else it's "disclosing the OS"?
<RoyK> tsrk: you shouldn't be afraid of disclosing your OS, you should secure it
<tsrk> RoyK: I'm not, but I need to follow PCI policy, and they consider it an unnecessary risk.
<RoyK> tsrk: there are people around that think disclosing the OS is a security breach, but it's not, the security breach is not securiing the OS
<tsrk> RoyK: Try telling that to PCI
<RoyK> PCI?
<tsrk> RoyK: https://www.pcisecuritystandards.org/
<RoyK> tsrk: if that is a risk, add a firewall in front
<tsrk> RoyK: For transmitting/storing CC info
<tsrk> RoyK: It's a remote machine, so I need remote SSH access
<RoyK> to be quite honest, security by obscurity is no way to go
<tsrk> RoyK: Would limiting it by IP be the best solution?
<RoyK> even if you remove that from ssh, I can find the OS with an nmap scan
<tsrk> RoyK: How's that?
<RoyK> nmap uses tcp fingerprinting, unique to the OS
<RoyK> and can detect OSes quite nicely
<tsrk> RoyK: I think that was one of the things that I already had to disable
<RoyK> just beleive me - don't go for obscuring your system, just secure it
<jpds> tsrk: nmap -O your-server-ip
<tsrk> RoyK: It's not my choice... Visa/MasterCard will fine me broke if I don't do what they want me to
<shauno> tcp fingerprinting isn't something you can really avoid.  it uses tiny differences in how different network stacks handle things
<shauno> if I had to come up with an analogy, it'd be accents rather than replies
<RoyK> tsrk: then add a firewall in front
<tsrk> RoyK: Ok, I guess that'll work
<RoyK> tsrk: it'll work if the firewall adds proxies for the apps like ssh and apache
<tsrk> RoyK: I was thinking just block SSH from everywhere except where I need access from
<RoyK> well, that works too
<RoyK> /etc/hosts.deny etc
<RoyK> sshd reads tcpwrapper files
<tsrk> RoyK: Oh yeah, that'd be simpler... forgot about those files
<RoyK> or use iptables/ufw if you like to
<\sh> tsrk: read http://www.derkeiler.com/Newsgroups/comp.os.linux.security/2003-02/0757.html about that issue
<tsrk> RoyK: oh, what do the hosts.... files apply to?
<RoyK> tsrk: I think \sh's answer is better
<tsrk> RoyK, \sh, Ok, thanks, I'll read that thread
<RoyK> tsrk: still, security should be on the host, not trying to camuflage the host
<\sh> tsrk: the version banner is within the protocol spec. you can just change it in the sourcecode, but you need to provide at least the default stuff...
<tsrk> RoyK: I know, I don't do this on any of my other servers, but I need to on this one because it handles CC data
 * RoyK wonders why anyone would add it as a so-called security arrangement to disallow the version of the OS
<\sh> the important message is http://www.derkeiler.com/Newsgroups/comp.os.linux.security/2003-02/0770.html in this thread...it says all you need to know about that matter...tell your PCI it's not worth a dime ;) close the port via port filter from the outside allow ssh logins only from trusted ips eventually only via vpn
<RoyK> I don't care - any OS should be secured, never mind its version
<RoyK> ssh is a sort of vpn
<\sh> RoyK: yes...vpn was more in the meaning of a trusted access point to your inner network...eventually do the jumphost game
<tsrk> RoyK: I think these standards are designed for people running MS software... one of the requirements is running anti-virus software
<RoyK> tsrk: hehe
 * RoyK isn't running anti-viral software and doesn't have to
 * \sh runs anti-vir software all the time...it's a good tool...named Ubuntu/Fedora/OpenSUSE/Gentoo/etc ;)
<jo-erlend> what Windows users call antivirus, is not really antivirus. They scan for trojan horses, etc, which are not unique to Windows.
<tsrk> RoyK: also, I had to make apache and PHP hide their versions because the scan was detecting the old version numbers and telling me to upgrade, not taking into account of course the backported patches that ubuntu (and I assume everyone else) uses
<jo-erlend> we do have antirootkitscripts, etc.
<tsrk> \sh: unfortunately I don't think that'd count if they audited me
<\sh> tsrk: it's a problem with those companies...they don't care about distros but only about upstream versions
<tsrk> \sh: so I installed clamAV and hope that it counts
<tsrk> \sh: yep
<tsrk> PCI should just have one requirement that says "don't be a moron" and be done with it
<\sh> tsrk: our pentest company did the same, and then I gave them a shell on a honeypot server they tried to break into the systems in the backend...they failed
<tsrk> \sh: heh yep.... stuff is a lot more secure these days than it used to be I guess
<_Neytiri_> how do i setup a vpn server and have the remote clients have local and remote netwrok access over a ssh connection
<\sh> the only mistake I made was to provide an uudecode tool..so they pushed their pentest software (shared linked as I saw later) and uudecoded the binary..but invane, our libs etc. were incompatible with their apps...and they weren't able to static link them, because of "no clue about static linking" ;)
<tsrk> \sh: hah nice!
<\sh> now end of business for today..heading home :)
<Frank__> Oh nice irc from my iPhone
<tsrk> Frank__: I just wish a network with decent coverage had the iPhone :)
<shauno> they do :)  lots of them.  just not in the US :p
<Frank__> True I know but AT&T actually been pretty good for me
<tsrk> shauno: yeah, the US is a little bit slow on these technologies
<Frank__> Freaking dems taking all the r and d cash
<tsrk> Frank__: i go enough places that they don't cover that it'd be a problem
<shauno> I'm not sure slow is the right term.  I imagine blanketing every city in ireland was a significantly easier task
<tsrk> shauno: yeah, but still
<tsrk> shauno: sorta unrelated but look at the freaking measurement system
<tsrk> shauno: americans don't like change, be it measurements or cell phone tech
<Frank__> Lol I love starting an argument
<tsrk> Frank__: i started the argument!
<shauno> I'm not arguing :)  I've lived in the US, so I've seen both sides.
<shauno> the grass is only greener here because it never stops raining :)
<_Neytiri_> how do i setup a vpn server and have the remote clients have local and remote netwrok access over a ssh connection
<tsrk> shauno: i live here now and everyone is stupid
<shauno> I've discussed this with someone before.  that is something I found very curious
<shauno> I found very, very few americans I didn't like.  but their "hive mind" is something completely different.  I'm still not sure how that works
<shauno> (way off-topic, I know)
<tsrk> shauno: hive mind?
<shauno> the group-think doesn't seem to match the individuals, at all
<tsrk> shauno: can you give an example? i still don't understand
<tsrk> shauno: i probably suffer from this hive mind you speak of
<shauno> it is odd to explain.  I found you could have a perfectly reasonable conversation about politics with one or two people, and it be fine
<shauno> you get a group of them, and suddenly you're terrified of being the foreigner that's criticizing their country
<_Neytiri_> can someone tell me how to route all traffic over a ssh tunnel?
<shauno> I think all traffic would be difficult; ssh will tunnel individual ports.  you'd likely want a http or socks proxy on the other end, depending on the actual application
<shauno> if you actually want to set the tunnel as a route, you're probably better looking into vpns
<_Neytiri_> shauno: i have tired vpns wint no luck
<tsrk> shauno: i think i see what you mean.... i've never seen anything different though so i guess it seems normal to me, but i think it's just the majority being the majority and acting based on what they have in common
<_Neytiri_> i also have a limeted number of ports that are poked through the firewall
<franksterville> Vpns alway make me crazy from slowness
<shauno> I use ssh & tinyproxy for http; I really can't think of a sensible way to send literally everything
<tsrk> shauno: can't you dynamically forward using socks?
<tsrk> like ssh -D 1080 ...
<tsrk> and locally connect to port 1080 as a socks proxy?
<shauno> I assume socks would work because it's targetted as a single port, rather than a host/route.  but that I haven't tried
<shauno> (it's not a no, just a genuine "I've no idea how to create a new route without having it exposed to the OS as a network interface@)
<tsrk> I found an awesome explanation of PCI requirements: https://www.pcisecuritystandards.org/about/pcidss_rocks_video.shtml
<_Neytiri_> well is there a way i can do a vpn over 22?
<Fross> Hey, I have a modem with 4 wired ports on it. one of the ports connects to a wireless router, which also has 4 wired ports. The computes hooked to the wireless router can ping computers on the modem ports, but the modem ports cannot ping the computers on the wirless ports. Is that even possible?
<franksterville> 22 is sftp
<tsrk> Fross: the router is NAT'ing the computers connected to it
<tsrk> Fross: (most likely)
<franksterville> Is the wireless bridged or sep nw
<tsrk> Fross: if you want them to be on the same network as the ones connected to the modem, you should disable the router's DHCP server and connect the modem to a standard port on the router (rather than the WAN one)
<Fross> tsrk: thank ill try that out quick
<Fross> Should the router still have the wireless capabilitys with this configuration?
<tsrk> Fross: yes
<osmosis> anyone else want to help give me ideas on how to troubleshoot failing win2k3 guest instances using qemu-kvm on ubuntu 10.04?
<iarp> Who's password is required for straight 'su' command? All i'm getting is 'Authentication Failure'. I'm trying to access a folder which i'm denied from (/var/lib/folder/).
<hggdh> iarp: for 'su', the target's password
<hggdh> for 'sudo', your password
<Corpse> Ok now my system that is connected to the wireless router port has the same local ip as the modem, but i still can not ping the system
<tsrk> iarp: by default, there's no password that works with Ubuntu's "su" command (since root has no password)
#ubuntu-server 2010-10-06
<tsrk> iarp: if you want to execute a command as root, use "sudo ...". If you want a root shell, use "sudo -i"
<iarp> tsrk: ah ha thanks, been a while since i've had to do this.
<_Neytiri_> iarp you can seta passeword for root, althoe its not advised
<Corpse> tsrk: ok so all of the systems now have the same local ip's. but none of of the systems connected to the modem can ping the systems that are connected to the wifi router.
<Corpse> but the modem shows those system in its routing table
<Corpse> oops
<Fross-> sorry that question from corpse was me
<cfairles> how do you increase the maximum number of open file descriptors for a "no-login" user? I have hard/soft limits for nofile in /etc/security/limits.conf, cat /proc/sys/fs/file-max/proc shows it in the millions, yet i stress test and my service can only open the same old 1024
<cfairles> i can't even figure out how to check, ulimits doesn't really work unless you're in a shell
<kees> cfairles: for an upstart service, see "man 5 init" and add a "limit" line to the service's init file
<cfairles> kees, hm. i use stop-start-daemon
<kees> cfairles: if it's a sysvinit script, just add the call to "ulimit" in the /etc/init.d/ script
<cfairles> kees, ah
<cfairles> kees, yeah, maybe
<cfairles> error setting limit, operation not permitted hrm
<cfairles> close
<cfairles> I keep seeing "session required pam_limits.so", I don't see this in my /etc/pam.d/common-session though ...
<cfairles> keep seeing pam_limits.so mentioned in post about ulimits I should say
<demonspork> Where can I find a description of what the purpose of each of the different kernels available from the repository are?  I currently have a PAE kernel that I don't need (3GB of RAM is all that is supported by this server) so I am going to move to a different kernel and I don't know which one to choose
<blahdeblah> demonspork: I would love to hear an answer about that, too.  I've been unable to find any useful information about that.
<blahdeblah> Yesterday i asked: "Can anyone point me to documentation about the difference between linux-image-virtual and linux-image-generic, and whether or not VMware tools is necessary when running linux-image-virtual under VMware Server?  I've searched Google and come up with no rationale for the existence of linux-image-virtual, nor any explanation of the difference between it and linux-image-generic.  I can diff the kernel config fi
<blahdeblah> I got no response so far.
<mobasher> i'm creating separate volumes for boot, kernel, home and swap....what is recomended for each ?
<__Snooker__> I usually use for an installation / boot 100M, / 7G / usr 10G / var 10G / 1G swap depending on the amount of memory and / home the leftovers.
<mobasher> it's a 250gb HD small AMD box...with 2gb memory
<__Snooker__> sorry for english because I'm using a translator ... I do not speak English but I'm trying to learn.
<mobasher> no problem :) thanks for the help
<uvirtbot> New bug: #655442 in php5 "memory content leak when using invalid utf-8 with XMLWriter::writeAttribute" [Low,Confirmed] https://launchpad.net/bugs/655442
<mobasher> do i need to create seperate partitions for -> var (10gig) , usr(10gig) ?
<__Snooker__> on my laptop I used 500G / boot 120M, / 10G / 10G usr, / var 6G / 1G swap and the rest divided between / home and / srv.
<__Snooker__> recommend using lvm and store for future use 20G
<mobasher> okay great thank you
<uvirtbot> New bug: #586888 in upstart "euca_conf register-nodes Cannot find source keys directory" [Undecided,Invalid] https://launchpad.net/bugs/586888
<mobasher> do i have to setup networking before i install xinit package ?
<__Snooker__> mobasher, I think not ... you may need to install before. Then regardless of how it will work set
<headache> I'm trying to install ubuntu-server 10.04 on my atom N450 motherboard with no luck.  It doesn't recognize the external USB CD-Rom and it can't find the driver for the onboard Ethernet.
<Datz> demonspork: I've been looking for such a description myself, but have only found an articel on the difference between the -generic and -server kernel.
<Datz> I don't know if you've seen it.
<_ruben> and -virtual is a stripped down version (module wise mostly) of -server, to reduce disk and memory footprint ... the 32bit -server kernel has been "replaced" by the -generic-pae kernel since the differences were too subtle to keep both around
<_ruben> the few remaining differences (schedulers and the like) can be changed at runtime
<twb> I don't know why people like headache are still trying to use optical media
<_ruben> ugh .. needa get my a bluetooth headset with proper noise cancelation .. talking on your cellphone in a dc aint fun :p
<_ruben> s/my/me
<twb> _ruben: district of columbia?
<_ruben> close ;) .. nah, just a noisy serverroom in a datacenter
<twb> Oh gods, I hate trying to do that
<_ruben> think there was a thread on nanog about headsets that'd perform good in these circumstances, doubt any "cheap" ones were listed ;)
<twb> Actually it's worse at our prisons, because cells aren't allowed, and the on-site monkey's office is like a twenty-minute walk from the machine room, etc, etc
<twb> s/cells/cellphones/, that is
<_ruben> heh, no cells in a prison, that'd be odd indeed ;)
<twb> Actually they have "cottages"
<mr_lou> Hello all. Can anyone help me getting Freetype2 working on my recently installed Ubuntu Server? I've managed to get mySql and PHP up running, and GDlib also works, except I can't draw text, so I'm trying to install freetype without much luck.
<mr_lou> I have no experience with server installation as such, but my boss wants this solution I'm about to start developing, to be hosted internally. So Ubuntu Server it is. Only thing I'm missing is this freetype thingy, before I can get development started.
<mr_lou> So far I've tried apt-get install most packages that has the word "freetype" or similar. No go.
<twb> mr_lou: it's probably libxft, but you doubtless need php5-something
<mr_lou> It is php5 something.
 * mr_lou tries libxft
<twb> php-image-text
<twb> Or php5-gd, if you don't already have that
<mr_lou> Already install that libxft apparently. I'll try with the dev version too.
<twb> Wrong.
<mr_lou> GDlib works fine. I can make images using e.g. imagecreatefrompng and such. Just can't draw on them using e.g. imagefttext
<twb> -dev packages are only needed for linking; if you need them at runtime your application is broken.
<mr_lou> I see.
<twb> 18:12 <twb> php-image-text
<mr_lou> No such package.
<twb> Actually ignore that.  php5-gd depends on libfreetyp6, so clearly it's the right package.
<mr_lou> There's php-image-barcode though.
<twb> If it doesn't work and php5-gd is installed, I can't help -- it becomes a PHP issue, of which I remain happily ignorant.
<mr_lou> Must be something else. Since LAMP already sets up PHP5 + mySql + GDLib just fine, I'm betting this freetype thingy is also set up, and you're right that it could be a PHP thingy.
<mr_lou> But the same code is running fine on 2 different external hosts.
 * mr_lou tries rebooting the server
<twb> "Since LAMP already..." -- do you mean the checkbox during installation (tasksel)?
<mr_lou> yea... never tried a LAMP installation before that takes care of all those things.
<mr_lou> I know it's been around for ages, but as I said, I'm not a sysadm as such.
<mr_lou> But pretty neat.
<mr_lou> And although phpMyAdmin version is only 3.2.something, it's still fine.
<twb> OK, good.
<mr_lou> twb: You don't like PHP? More of a Ruby guy then?
<twb> Har fucking har.
<mr_lou> I see you have another religion then.
<mr_lou> Which one?
<twb> As a sysadmin, I prefer libraries to be in C, with any glue on top in something quick-and-dirty like perl or python.
<mr_lou> So python for webbased solution?
<twb> As a computer scientist, I'd really like a language with FP semantics and sexpr lexicography, but the real world is just too stupid for that.
<mr_lou> The world is too stupid for many things.
<twb> mr_lou: IMO the whole "web" platform should FOAD.  NeWS made sense, and the whole modern browser-as-a-platform phenomenon is an idiotic attempt to reinvent NeWS on top of totally inappropriate protocols.
<mr_lou> Luckily I don't have that many demands. :-)
<twb> This is, obviously, dismissing the higher goal of keeping users off the network, since as we all know, THEY are the ones that break it.
<mr_lou> I don't care about that. I'm happy doing web-solutions, so I'm not complaining. I believe it's true what they say about the future though. That apps and data of will be online.
<mr_lou> I doubt I'll use it myself like that though.
<mr_lou> I prefer my stuff to be local.
<twb> mr_lou: yeah... so we're back to the original bloody batch processing paradigm with a layer on wank on top.
<mr_lou> yup
<mr_lou> All new inventions are slower than the older ones.
<mr_lou> Just look at new televisions. Just switching channel on our brand new Sony flatscreen takes much longer than on our old CRT. :->
<mr_lou> omg
<mr_lou> twb: Fixed it. You were right. It was a PHP thingy.
<mr_lou> Stupid
<maedox> I have a weird index.cgi issue. They all now show as plaintext in the browser after I upgraded from Hardy LTS -> Lucid LTS. Everything checks out, +ExecCGI, perl -c = Syntax OK, files are executable, owned by www-data, nothing in the logs. Any ideas?
<mr_lou> twb: Described here if you're curious under the headline "fontfile". http://dk2.php.net/manual/en/function.imagefttext.php
<twb> mr_lou: freetype is usually used with fontconfig to find font files
<twb> e.g. fc-match Monospace-24 ==> DejaVuSansMono.ttf: "DejaVu Sans Mono" "Book"
<mr_lou> mkay
<mr_lou> Adding this line worked: putenv('GDFONTPATH=' . realpath('.'));
<twb> mr_lou: bleh.  So you're storing font files within the PHP code tree?
<mr_lou> Yes
<twb> Typical PHP suckiness
<twb> It ought to be utilizing /usr/share/fonts
<mr_lou> Well, initially I did it because it was hosted externally.
<mr_lou> twb: Depends if you want it to be a solution that's easy to move or not. ;-)
<mr_lou> Any server-setup I can avoid at a later stage, is good.
<mr_lou> Anyway, coffee break. Thanks for the help twb.
<kinygos> #join django
<kinygos> lol..sorry...half asleep
<DaveWhite> Hi guys, I'm running the latest beta of ubuntu svr on a laptop. The laptop screen blanks every 5 mins or so. Anyone know how I can change that?
<DaveWhite> I dont *think* its a BIOS setting
<twb> DaveWhite: at the tty?
<twb> It's a tty setting.  Read the setterm(1) manpage
<DaveWhite> I tried that, but it didn't seem to make a difference.  Could it be that the settings aren't set immediately but only on the next session?
<twb> setterm affects the active tty only
<twb> e.g. if you log into tty1, it won't affect tty2
<twb> Also, if you're running screen, the escape codes won't propagate through it to fbcon
<twb> Oh, and they'll be lost when you reboot, and *possibly* when you log out
<DaveWhite> not a big deal to set them permanently, but I have to try it again to see if I'm not going crazy.  It might be a power setting on the laptop or something.
<DaveWhite> Thanks for your help twb, at least I know I was on the right path.
<twb> Yes, hardware could also be doing it in some way you can't get at
<twb> Note that there is blanking and there is powering down, and they're different
<DaveWhite> I just discovered that... I've set them BOTH to off for now, we'll see if that works
<twb> okey dokey
<VoiDeT> Hey everyone, is it possible to downgrade a package? I believe an upgrade to openssl is now causing my lighttpd install fail on start
<twb> VoiDeT: officially, no
<twb> VoiDeT: unofficially, "good luck!"
<VoiDeT> hahaha awesome thanks twb
<VoiDeT> is there a way to still use aptitude to upgrade lighttpd to 1.4.28 ?
<twb> It depends largely on how "clever" the packaging is.  For example, downgrading mg would work, downgrading mysql probably wouldn't.
<VoiDeT> woops
<twb> 21:15 <twb> It depends largely on how "clever" the packaging is.  For example, downgrading mg would work, downgrading mysql probably wouldn't.
<twb> lighttpd 1.4.26 is the newest release available in Ubuntu.
<twb> There may be unsupported third-party packages
<VoiDeT> ahh ok, i have .22 installed
<VoiDeT> what sources should i be using to get to .26
<twb> You shouldn't
<VoiDeT> im on karmic
<twb> Trying to install packages out-of-band is a good way to fuck up your system.
<VoiDeT> true, well at the moment my sites are down, so i figured digging the hole deeper couldn't hurt
<twb> I guess...
<twb> I'd try downgrading openssl or whatever first
<twb> Or, you know, working out WHY it isn't starting, and fixing that
<VoiDeT> yeh, ive been looking around on the net a bit
<VoiDeT> and its a bug with the new openssl and lighttpd below 26 i think
<\sh> VoiDeT: which new openssl in karmic?
<\sh> the latest openssl in karmic is 0.9.8g-16ubuntu3.2 (via security/updates)
<\sh> that shouldn't crash your lighty...or you did an upgrade of openssl 0.9.8 to 1.0.0 by yourself, then you are alone
<VoiDeT> hmmm \sh weird, Im not too sure what could of happened here
<\sh> VoiDeT: so you have openssl 1.0.0 on the machine? I don't know what you did, but you did something wrong ;) there is no 1.0.0 release in all ubuntu releases till today...and it's a problem to upgrade to 1.0.0 without rewriting some parts of code in several apps to maintain backward compatiblity with older ssl clients
<\sh> meeting brb
<VoiDeT> yeh i for sure didnt do that
<VoiDeT> i just upgraded to 10.04, issue fixed
<VoiDeT> however i see apache2 is running now, and i try apt-get remove apache2 and nothing found
<twb> That's probably because it's called apache2-mpm-worker or something
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<hardfire> opennebula vm is in save_stop state how do i delete it??
<jussi> hardfire: please dont repeat yourself
<patdk-wk> but he needs help :)
<_ruben> he did succeed at one thing: getting some attention ;)
<jussi> _ruben: yeah, but can you imagine if everyone did that?
<jussi> :D
<patdk-wk> everyone doesn't already?
<patdk-wk> heh, I refuse to join #ubuntu cause that goes on constantly :(
<_ruben> #ubuntu is good for keeping your connection alive ;)
<_ruben> but no, i dont endorse repeating or any other form of spamming
<xfaf> morning
<zul> ttx: did someone upload dovecot yet?
<ttx> I saw it fixreleased
<ttx> signed by mvo
<zul> k
<ttx> Daviey: for the axis2c ftbfs, should we maverick-updates-it  ?
<ttx> That's the only remaining one on our plate, before ISO testing
<Daviey> ttx: Well.. i think -updates makes sense
<Daviey> it's not like fixing the FTBFS actually gives us anything better for release..
<Daviey> ... it's an -updates issue...  IMHO...
<Daviey> (unless doko finds a fix sooner)
<doko> sorry, not working on this currently
<Daviey> doko: Oh.. ok.. no problem.. Thanks for letting us know.
<kshallid> hello all
<kshallid> is there any how to install and running xen-server on ubuntu-server 10.4 (Lucid)
<soren> No.
<twb> kshallid: you mean making Ubuntu a domU?  or a dom0?
<RoyK> kshallid: it's possible, but I'd recommend against it - use kvm instead
<kshallid> dom0
<RoyK> not recommended
<RoyK> !xen
<ubottu> XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<soren> Not supported. At all.
<twb> kshallid: that's extremely non-trivial
<twb> soren: are Ubuntu kernels domU-capable by default, like Debian ones?
<kshallid> twb: that what i saw on all forums, so just want to ask
<RoyK> kshallid: use kvm, that's simple, stable and supported
<soren> twb: Yes.
<twb> Good-o, that's what I thought
<soren> They have been for years.
<RoyK> paravirtualising ubuntu under xen is a pita, and running it hwvirtualized is a pita i/o-wise
<kshallid> RoyK: any referencies ?
<RoyK> kshallid: references for what?
<kshallid> kvm
<RoyK> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<kshallid> RoyK: ok thx
<ttx> JamesPage: did your Hudson autotester go through todays ISO yet ?
<franksterville> morning all
<twb> I'd be enthusiastic about kvm if I had a single bloody host that had VT extensions
<franksterville> I need a donut and cofee
<franksterville> before i can do anything  productive
<plovs> twb virtuallbox can be ran headless as well
<franksterville> vb needs gui i thought?
<twb> vbox can't be run headless unless you use the non-free version or are happy to have a host you can't connect to
<ttx> smoser: did you see with skaet for cloud image release procedure ?
<twb> Whereas kvm can simply hook up the 80x25 VGA console and serial console to new PTYs, or to curses, or to stdio
<plovs> twb afaik you can run headless, and use the guest to connect, remote desktop or ssh
<twb> plovs: wrong
<twb> The RDP server is only available in the non-Free version
<smoser> i sent her a mail last night pointing to https://wiki.ubuntu.com/UEC/Images/Publishing and info on acl for AMI pages on amazon. opened a RT for her to have access to nectarine (which is finished)
<smoser> ttx, ^
<twb> So if your headless VM falls over and goes into a fsck in single-user mode, you have no way to get into it
<plovs> twb but it should be possible to use rdp build into the windows guest, no?
<plovs> but yes, kvm is "better"
<qman__> that's assuming it works
<qman__> when it breaks, you're screwed
<patdk-wk> why not just run like xvnc or something?
<plovs> yep
<twb> plovs: if it was a windows guest running an RDP server, that would be just as inaccessible during a panic on the guest
<plovs> twb yes, if it breaks, then your screwed
<twb> Yes, if nothing goes wrong, you are fine
<twb> But that's like putting a server in a remote rack without any kind of KVM-over-IP or LOM or what have you
<smoser> twb, is there a way to get at serial console ?
<franksterville> you can still give yourself shell access for emergency
<twb> smoser: not according to the #vbox people
<qman__> things go wrong
<qman__> this is a given assumption when you work in the real world
<smoser> yeah, then that really stinks.
<twb> franksterville: how?  The guest has no networking, and you have no local head because vbox is too cheap and stupid to support serial
<smoser> on a related note, for the cloud images, i'm thinking it would be good to have a panic mode ssh server
<smoser> or some way to get at the instance if in fact mount / fails (but you did get to the ramdisk or other early part of boot)
<franksterville> oh u mean shell to the virtual..  gotcha
<franksterville> use vmware much more robust
<twb> Har fucking har
<ttx> smoser: skaet is with me, having trouble unencrypting your email. Could you send it to me ?
<qman__> KVM is the supported solution for a reason
<twb> The vmware hypervisor, maybe.  The gratis stuff like vmware server is a fucking joke
<plovs> hypervisor is great, the free server is awful
<franksterville> never messed with kvm
<ttx> smoser: or send it in clear text if there isn't anything sensitive in it
<smoser> ttx, sure. i tihnk i did encrypt with "Kate Stewart (Canonical PGP key)" C18CFBA0 . maybe error on my part.
<smoser> ttx, there is sensitive
<franksterville> most anything free is aweful
<smoser> the ami pages acl
<plovs> franksterville only if the free version is meant to advertise paid versions
<twb> franksterville: this *is* #UBUNTU-server
<ttx> smoser: ok, send it (encrypted) to me then
<smoser> k
<franksterville> twb:  and?
<twb> franksterville: Ubuntu is gratis
<franksterville> I happen to have one,  I am allowed to learn here?
<franksterville> alot of the extended functionality comes at a price sometimes
<twb> franksterville: I mean, if free stuff is awful, why aren't you in #RHEL
<franksterville> nono I love free stuff
<franksterville> but sometimes free isnt worth it
<franksterville> ubuntu is tho
<franksterville> but i dont like VB
<twb> Mostly because they take Debian and break bits their core users don't care about, like NFS root... >duck<
<plovs> franksterville usually free means more work, vmware hypervisor is simpler to get working, but kvm takes more time but can mostly do the same
<franksterville> guys im here mostly to learn, was just chiming in prematurely lol
<ttx> smoser: hang on, she did unencrypt it
<franksterville> why would one need a virtual with linux?
<ttx> smoser: so everything is fine
<smoser> ok
<smoser> my stupid encryption setup i dont have copying myself
<smoser> so i was going to have to type it again (ie, i can't read my sent-mail folder)
<ttx> smoser: hmm, in fact, she can't read it
<ttx> smoser: so we are still a go ;)
<smoser> ok. hold on.
<qman__> franksterville, that's not important
<qman__> someone needed it, so someone wrote it
<qman__> and gave it to the community
<qman__> if you take away all things that people allegedly don't "need", you don't leave much left
<franksterville> valid point...
<franksterville> i did consider running a windows virtual just as a print server
<franksterville> since then there has been alot of nix printer drivers added soz no need. nix can do it
<franksterville> Morning all
<twb> franksterville: in my case, virtualization is useful to delegate a subset of my overall resources to an administrative zone.
<franksterville> twb: I figured you were avoiding having a bunch of boxes.  I am learning alot here
<twb> e.g. the buildds get at most 50% of RAM and 25% of disk I/O; apache gets an IP address and 80% of the network I/O
<twb> Yeah, consolidation.
<franksterville> rather than carve up a ridiculas permission scheme
<elb0w> Anyone use imsniff?
<twb> franksterville: it's only ridiculous until, say, you find out that e.g. your financials postgres database has lost the last week of data because /var/log and /var/lib/postgres share a filesystem, and DOS attacks filled that filesystem via /var/log/auth.log
<franksterville> twb:  oh ^**%* yes that would be bad
<twb> Or, say, you're hosting customers' services and want to charge them based on the bandwidth they consume
<franksterville> twb:  i woek in a pretty small office environment,  dozen clients soz I hink in that context
<twb> You don't want bank.example.net to get zero bandwidth because your other customer porn.example.net was uploading a new video.
<franksterville> lololol
<plovs> franksterville we used to run our backup domaincontroller virtualized
<twb> It also makes backups and migrations easier
<plovs> and two applicationservers
<franksterville> twb: I use amazon s3 for backups as well as a local raid
<plovs> that is two less boxes less ports in the switch, less electricity etc
<franksterville> twb: sounds like u have a much larger situation than i do
<franksterville> the green aspect is huge
<twb> franksterville: well, my office network is actually a mess.  We have more mission-critical hosts than staff, and our most powerful box is running PPPoE and nothing else
<twb> franksterville: but I also babysit a bunch of customers, including a couple of multinationals.
<elb0w> Anyone know any software for monitoring AIM for linux? My companies compliance needs something to monitor the devs
<franksterville> twb:  mostly web services?
<twb> No, systems administration.
<twb> elb0w: AIM as in the AOL IM protocol?
<franksterville> twb: soz i get stuck i can hire you to fix it lol
<elb0w> twb, correct
<twb> elb0w: ask "apt-cache search".  Probably libpurple (pidgin, finch, bitlbee) can speak it.
<twb> franksterville: or you could just ask here, if you're prepared to put up with me explaining how stupid you are when you do something dumb and need help fixing it
<franksterville> twb:  well, that comes with doing something stupid.  On occation it will be so stupid that I am willing to pay for privacy LOL
<franksterville> twb:  It took me 2 years to talk my company to ditch windows and now that they finally listened its my head
<plovs> franksterville you have replaced all your windows servers?
<franksterville> yes
<franksterville> file, print,  web
<plovs> wow, do you use centralized authentication? i quite liked AD
<franksterville> windows makes me ill
<plovs> AP+exchange+outlook is hard to replace
<franksterville> spent more time locking people out of everything so they couldnt mess it up
<twb> plovs: I bet he doesn't
<franksterville> I use OPen Dir
<twb> Yeah, developers are nearly as bad as engineers when it comes to fucking up their unix workstations
<franksterville> lol
<plovs> and developers are harder to lock down
<franksterville> i am talking receptionists and costomer service reps
<twb> "My pineal gland told me that upgrading GCC would make my fortran code marginally faster, so I tried to sudo make install..."
<franksterville> lolololol
<Pici> !ot
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<plovs> franksterville is open dir an active directory replacement running on ubuntu?
<twb> Pici: sorry.
<franksterville> whatever ubuntus stock AD replacement is
<twb> franksterville: there isn't one.
<franksterville> there is a lugin
<franksterville> plugin
<franksterville> i rem setiing it up
<twb> OpenLDAP does some of it, and Samba4 does some, but it isn't production-ready
<franksterville> my google fu is good
<franksterville> yeyey LDAP
<franksterville> i used a tutorial top to bottom the first time and i try not to mess with anything
<twb> plovs: I guess he's referring to Sun OpenDS (java) or Apple Open Directory (OS X)
<plovs> twb ok, but those are not cheaper then AD, and ldap on ubuntu is not something i want to risk my job over :-(
<twb> I run OpenLDAP on hardy, but I ran out of budget before I got SSL or Kerberos or NFSv4 working on top.
<franksterville> twb: since i am noob and really shouldnt sudo anything i try to just let the thing run.  I only apt-get upgrade every 6 mo
 * plovs hopes samba4 will solve this hurdle
<franksterville> my first streach i went 500 days without reboot
<franksterville> but then kernal needed reboot
<franksterville> just distro upgraded to 10.04
<franksterville> cant beleive it still works lol
<twb> I believe d-r-u is recommended over dist-upgrade'ing
<franksterville> again google is my admin lol
<twb> !do-release-upgrade
<twb> Hm, maybe I forget it's name
<Pici> There isn't a factoid for it.
<Pici> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<twb> Okey dokey
<Pici> But yes, its the recommended way.  There are some quirks that d-r-u can fix that can't be handled by dpkg/apt.
<franksterville> did these:  sudo apt-get install update-manager-core, sudo do-release-upgrade
<Pici> Thats fine :)
<franksterville> kept my ftp, dhcp, sambap, user configs
<plovs> if possible, a clean install is best for servers imho, and just restore configs from backup later
<franksterville> i plan to do clean install in Dec
<franksterville> replace HDs etc
<franksterville> use the leaf blower
<franksterville> with todays internet speeds i was considering an instance on S3
<franksterville> and forget local
<smoser> ttx, so should we be starting iso testing ?
<smoser> should i have tracker populated with 20101006 ?
<ttx> smoser: I'd rather wait for the server ISO generation and trigger the cloud image generation after that
<ttx> should arrive in a few
<smoser> ttx, where there packages spun explicitly for ?
<smoser> (how about that for yoda speak)
<ttx> smoser: I don't think so
<ttx> smoser: but ideally we would take the same publisher run :)
<jeiworth> interesting, anyone using otrs as ticket system? i'd like to try the new 3.0b4 and funny enough it's available only in 2 different rpm falvours, for suse and redhat? anyway, using alien to convert shouldn't be a problem so can anyone recommend either flavour? i don't really think it matters but better ask.. ;)
<jeiworth> ...oO(hmm supose i could just install a centos vm and be done with it...)
<franksterville> lol ye i always cronge when using alwin
<franksterville> alien
<franksterville> *
<plovs> jeiworth better download the tar-ball and create a deb from it with checkinstall
<jeiworth> plovs: that works with otrs? because it's not source code, it's well more like e.g. the joomla-tarball that you just extract into /var/www/ and take it from there...
<uvirtbot> New bug: #655772 in tomcat6 (main) "postinst script failed if tomcat6 user is present in the system" [Undecided,New] https://launchpad.net/bugs/655772
<jeiworth> otrs is just a bit of a pita because you have to manually install all required dependancies and set up the db with sql-scripts etc...
<jeiworth> s/dependancies/dependencies
<plovs> jeiworth you might mail the maintainer of otrs2 and ask if he is working on otrs3? it looks not taht  simpe to make a deb
<jeiworth> plovs: hmm, otrs3 is still in beta, i am not sure but one can always ask ;) thanks
<coxn> I'm looking at https://help.ubuntu.com/10.04/serverguide/C/jeos-and-vmbuilder.html and wondering what the best approach is to push an SSH key to the default user
<ttx> smoser: you can spin the cloud images -- server ISOs are being regenerated as we speak
<coxn> ahh! I see --ssh-key and --ssh-user-key now
<coxn> nevermind
<smoser> ttx, so, i can spin, yes
<smoser> but if there is no package difference from last nights' i'd just prefer to use last nights
<smoser> as publish process is multi-hour
<ttx> smoser: any way to compare current status ?
<ttx> smoser: there were quite a few bugs squashed, some of them affecting us
<smoser> i can hack somethign together. just go through manifest and check archive data.
<ttx> smoser: we had Bug 653362 and Bug 641259 fixed recently
<uvirtbot> Launchpad bug 653362 in dovecot "package mail-stack-delivery 1:1.2.12-1ubuntu7 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [High,Fix released] https://launchpad.net/bugs/653362
<uvirtbot> Launchpad bug 641259 in grub2 "grub does not appear to load after maverick post-beta install" [Critical,Fix released] https://launchpad.net/bugs/641259
<smoser> grub does affect me.
<smoser> so i should get that
<ttx> smoser: so I'm pretty sure it would end up being different
<smoser> ok. respin.
<smoser> kirkland, can you sponsor upload of https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/649591 to lucid
<uvirtbot> Launchpad bug 649591 in mountall "mountall spins eating cpu when 'nobootwait' option exists in fstab followed by a comma" [Critical,Fix released]
<RoAkSoAx> kirkland: howdy!! I was wondering if the monitoring of a service you were talking about the other day was cloud related?
<ttx> Looks like we'll have a respin
<kirkland> RoAkSoAx: yeah, sort of ;-)
<SpamapS> ttx: release the hounds?!
<ttx> yes, respin in progress
<RoAkSoAx> kirkland: because to be able to provide HA, OCF Agents will have to be created to be able to monitor the service, which I believe would be kinda the same of what you were looking into...
<ttx> zul, JamesPage ^
<RoyK> ttx: respin?
<zul> ttx: ack
<ttx> RoyK: new Server ISOs candidates for final Maverick generated
<RoyK> ah
<RoyK> ok
<ttx> RoyK: that affects testing
<ttx> @ http://iso.qa.ubuntu.com/qatracker/build/ubuntuserver/all
<RoyK> k
<ttx> we need to reset the testing efforts
<RoAkSoAx> kirkland: so I was wondering if you planned already how to do that, or if you wanted that for HA clustering environments ... or that sort of stuff?
<kirkland> RoAkSoAx: yeah, i have a patch
<kirkland> RoAkSoAx: let me show you ...
<kirkland> RoAkSoAx: it would totally be useful, I think, for HA environments
 * SpamapS is quite interested as well
<kirkland> RoAkSoAx: http://paste.ubuntu.com/507383/
<kirkland> RoAkSoAx: this is the "quick and dirty" solution
<kirkland> RoAkSoAx: patching /usr/sbin/service
<ttx> 20101006.3 is up
<kirkland> RoAkSoAx: at UDS, i want to talk to keybuk and try to convince him to build this into upstart
<ttx> Roll you r ISO testing engines, gentlemen
<kirkland> RoAkSoAx: because upstart's current "status" action is pretty much worthless
<delimiter> anyone know if there is a package for Lucid containing the Auth::GnuPG perl module?
<Pici> delimiter: The closest I see is libcrypt-gpg-perl, but thats Crypt::GPG.  Also, I'm not a perl guy so I have no idea if thats way off.
<RoAkSoAx> kirkland: haha indeed!! but for HA environments we could either use simple upstart status, or actually testing that the service is running such as doing requests to http services and stuff like that , which would be usefull in cloud environments
<SpamapS> delimiter: if nobody has needed it as a dependency, then its less likely it will be packaged. dh-make-perl usually does a pretty good job of making CPAN modules into .deb's ... You could even try to get it uploaded into debian, and then request a backport for lucid. ;)
<kirkland> RoAkSoAx: with this patch, you could just use the service(8) command to ask for status
<kirkland> RoAkSoAx: if packages have "smarter" ways of determining if the service is actually up, then those scripts just need to be installed in /usr/lib/sysvinit/status.d
<SpamapS> kirkland: It needs to be called something other than status...
<kirkland> RoAkSoAx: and exit 0 for success, non-zero for not
<SpamapS> kirkland: status is "the service is running" .. it doesn't speak to the health of the service.
<kirkland> SpamapS: you are my favorite bikeshedder of all time
 * kirkland hugs SpamapS 
 * SpamapS has a blackbelt in bikeshed
<smoser> kirkland, did you see my 'please sponsor' request above
<smoser> please
<smoser> with a cherry on top
<kirkland> smoser: no, i'll do that now
 * kirkland gives 100% attention to smoser 
<RoAkSoAx> kirkland: Yes indeed it would help for HA environments. For example, in HA, OCF resource agents support "start", "stop", "status", "monitor". The "status" action can simple check if the pid is running or use those scripts you talking about, however, the "monitor" action will actually check if the database is up and running and received request, or if HHTP server if receieving request, and so on
<Datz> delimiter: tried cpan?
<kirkland> smoser: hmm, did you use my nick in that request?
<smoser> yes
<kirkland> smoser: i don't see it in my history
<delimiter> Datz: I will if needed
<smoser> [12:00] <smoser> kirkland, can you sponsor upload of https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/649591 to lucid
<uvirtbot> Launchpad bug 649591 in mountall "mountall spins eating cpu when 'nobootwait' option exists in fstab followed by a comma" [Critical,Fix released]
<SpamapS> kirkland: i'm actually planning on working w/ keybuk on some best practices for upstart jobs and on using upstart jobs in maintainer scripts... one of the issues is that start/stop's return codes are meaningless in upstart, you have to use the status command....
<RoAkSoAx> kirkland: so probably, if your patch goes trhu, we might not even have to provide an OCF RA for UEC, and just use the actual upstart RA, which uses upstart to determine service status
<Datz> delimiter: ok, just doing aptitude search libcrypt-* I didn't see something too close
<smoser> i have a response following that from uvirtbot, so it *did* get to the channel (i had questioned network here)
<kirkland> smoser: hrm
<kirkland> smoser: weird, not in my history
<SpamapS> kirkland: so, letting the service define what it thinks status should return makes some sense, but I'd want to have that discussion at the same time.
<RoAkSoAx> kirkland: and we will just simple provide those scripts you talking about by default for monitoring. But we'll hve to see how good that will work for HA Environments
 * SpamapS would like to note that while he is an excellent bike shedder, this actually is relevant and has nothing to do with the color of the shed. ;)
<SpamapS> RoAkSoAx: I always liked the way heartbeat's scripts worked .. they were fine as init.d, but offered more if you needed it.
 * RoyK wants native ZFS for linux :Ã¾
<kees> SpamapS: actually, "status" was already doing smart checks. it's upstart that broke "status", so if you want a command for "is the process there", _it_ should be named something other than "status"
<SpamapS> RoyK: excellent, maybe you can explain to me why ZFS is really as cool as they say it is.
<kees> SpamapS: with sysvinit, "status" already has a meaning, and that includes smart checks
<ttx> "status-that-works"
<RoyK> SpamapS: scan through this one - it won't take long and it's quite desriptive http://hub.opensolaris.org/bin/download/Community+Group+zfs/docs/zfslast.pdf
<SpamapS> kees: really, upstart's start/stop/status commmands are all just named too closely to sysvinit arguments.. when they don't really implement the same interface.
<kees> ttx: no, "status" should remain status. and upstart's nearly useless check should be named something else :)
<kirkland> SpamapS: i previously considered calling it "status+", but kees provided some very compelling arguments otherwise, and i agree with him -- "status" should encompass all of that
<kees> SpamapS: exactly. except that "start" and "stop" _do_ do the same thing (provided the upstart conf for the service was ported sanely)
<ttx> hehe
<SpamapS> kees: the return codes of start/stop cannot be duplicated from what I have seen.
<kees> SpamapS: there is clearly a need for whatever upstart's "status" command does, but it should not be called "status" as it conflicts with the actual prior functionality of sysvinit "status", whereas start/stop don't.
<SpamapS> kees: and restart is.. nearly impossible to do other than with $0 stop;$0 start
<kirkland> smoser: http://pastebin.ubuntu.com/507393/
<SpamapS> kees: I think they all may benefit from wrappers.
<kees> SpamapS: "start" needs to dtrt and give a sane exit code.
<kees> SpamapS: that's likely. but in that case, I would argue all the commands should go away and we can rely on "service" again.
<SpamapS> kees: the problem I've seen is that start really only returns whether or not it told the job to start.
<hggdh> smoser: are the UEC images ready?
<kees> SpamapS: right; which is totally wrong.
<RoAkSoAx> SpamapS: indeed, but currently is the same idea. Cluster can monitor a service either with the sysvinit Resource Agent, which uses the sysvinit scripts, or upstrat RA, or even legacy heartbeta RA's, and off course, the OCF RA's, which are now preferred if you actually need to do "in-depth" monitoring on the service to decide wether or not to failover:)
<RoAkSoAx> SpamapS: and inded it was simple to actually use the current init.d script, but they don't provide the monitoring of the service that is needed in critical HA applications
<smoser> hggdh, no. spinning.
<SpamapS> kees: yeah, so we should have the 'service' command's start do   start && status to give the right return code.
<hggdh> smoser: roj, thank you
<smoser> hggdh, will appear at http://uec-images.ubuntu.com/server/maverick/20101006.1 hopefully by 20:00
<ttx> hggdh: he said 4 hours, 90 min ago. Calculate ETA.
<\sh> can't we just revert upstart back to sysvinit for servers? ;) it would make things very much easier for all of us ;)
<ttx> \sh: coming to UDS ?
<SpamapS> kees: I look forward to having this discussion at UDS :)
<\sh> ttx: no..it's US <- no way, and I don't have the time
<ttx> we plan a flash mob there.
<kees> SpamapS: keybuk will just slap us all :)
<hggdh> \sh: pity, I was looking forward to talk with you again :-(
<\sh> ttx: oh well, should I send you our team internal clue bat? ;)
<SpamapS> kees: maybe we should throw him off by starting off with a big group hug.
<ttx> \sh: if it's accepted in hand luggage, yes
<kees> SpamapS: hehe
<\sh> ttx: hehe...it's a soft one, but hurts ;) so it looks like a normal baseball bat for kiddies :)
<\sh> hggdh: next time again :)
<hggdh> indeed, next one should be in Europe :-)
<\sh> hggdh: well, I hope my company will sponsor a trip to XXXX again :)
<hggdh> they will, they will... have faith :-)
<SpamapS> \sh: I think upstart can eventually be preferred for servers. We just need to push the servers' needs into upstart.
<\sh> btw...does anyone know a good python implementation of the stomp protocol? python-stompy is not good enough, stomp.py  is crashing on me and carrot doesn't work with activemq because of no ampq implementation
<SpamapS> I've oft wondered if we couldn't pipe the output of upstart -v into plymouth's status messages.
<ttx> SpamapS: ahh! the voice of reason
<SpamapS> \sh: stomp has problems in every language from what I've seen.
<ttx> SpamapS: "well volunteered" as our fearless leader would say.
<\sh> SpamapS: if you can explain our foundations team, that some things which do work on desktops are not so good for servers? I mean, nothing against upstart or systemd, but it makes more problems on servers which is more a conservative work environment
<SpamapS> ttx: indeed! I'd love to grab upstart by the horns and get some of this stuff into it. :)
<ttx> SpamapS: you might get that opportunity sooner than you'd think.
<\sh> SpamapS: I was hoping that I could use activemq (because this is our std broker) and python-carrot, but it looks like that activemq doesn't have any ampq implementation yet
<ttx> \sh: I think they are aware of it. Just having resource issues
<SpamapS> \sh: it also solves a lot of problems too. In production environments, for a long time, I've used daemontools to do what upstart does with respawn. The difference is, that one was written for servers, so the 'svc' command it uses provides predictible exit codes and doesn't try to be like sysvinit.
<SpamapS> and daemontools has logging built in, which is another thing I'd like to add to upstart.
<\sh> ttx: well, it looks like that most activemq users are java users...I will give python-activemq a try...or I have to tell our devs to switch from activemq to rabbitmq ;)
<SpamapS> ttx: if its not in the next 6 weeks, I'd be very sad. ;)
<ttx> SpamapS: did I ever disappoint you ?
<\sh> SpamapS: yes...I used daemontools in the 1990ties...I think it was in combination with qmail or so
<SpamapS> \sh: stomp is a really simple protocol.. is python-stompy written in all python or c+python ?
<SpamapS> ttx: once, but I forgave you because it was Bastille day.
<ttx> ah!
<SpamapS> no frenchman is in his right mind on Bastille day
<\sh> SpamapS: both python libs are pure python
<SpamapS> ;)
<ttx> Daviey: where are your network cables, dude
<\sh> whereas stomp.py (http://code.google.com/p/stomppy/) is much better then python-stompy
<ttx> Ng: cables !
<SpamapS> \sh: I was trying to use Stomp from PHP and C .. it didn't go well... for such a simple protocol, every implementation seems to be total crap.
<ttx> Ng: I can't leave this place before I did complete at least one ISO test :)
<\sh> but eventually I'm crashing it because I push too fast into the queue or something else happens, which I can't debug right now, because of it reports only "Errno 32: broken pip"
<\sh> +e
<SpamapS> ttx: should we begin iso tests now or wait for the respin?
<ttx> it's respun already
<SpamapS> \sh: the throttling that activemq does is very confusing for the libraries.
<ttx> see: <ttx> 20101006.3 is up
<ttx> SpamapS: go wild !
<SpamapS> ttx: woot
 * SpamapS zsyncs like he just don't care
<\sh> SpamapS: yes..but actually I need a messaging solution, I need to create ssl keys+certs for hosts for puppet, which have to be delivered to a puppetmaster ( or more then one) and I came up with a nice solution (hopefully I'll blog about in the next few days when I find time)
<SpamapS> \sh: oh you're not tied to activemq?
<SpamapS> \sh: I am a huge fan of (and a contributor to) gearmand ;)  www.gearman.org
<\sh> SpamapS: well, we are using activemq in our product backend...and I wouldn't like to introduce another message broker
<SpamapS> \sh: the difference in bloat vs. simplicity is staggering when you compare activemq to gearman
<kirkland> cjwatson: so I uploaded smoser's mountall fix to lucid-proposed ....
<kirkland> cjwatson: am I also supposed to push the merge to lp:ubuntu/lucid/mountall ?
<SpamapS> \sh: ahh
<kirkland> cjwatson: or do i just let launchpad sort that out?
<SpamapS> kirkland: I believe launchpad's package importer does that
<smoser> the package importer does do it
<smoser> but in theory you can do it also
<smoser> its supposed to handle noticing "already done"
<smoser> but i've seen it fail sometimes.
<smoser> ie, the fact that i had to add the previous security release myself
<cjwatson> kirkland: lp:ubuntu/lucid-proposed/mountall, I think - but it might not let you.  probably just let it do it.
<ttx> Closing for the day, see you tomorrow
<kirkland> cjwatson: ack;  will do;  i have had pushes rejected when i've tried to lp:ubuntu/lucid-proposed/*
<\sh> SpamapS: I'll have a look at gearman...eventually it's a solution for my problem :)
<SpamapS> \sh: you can disable activemq's throttling too
<SpamapS> \sh: last I checked, you had to disable it "instance wide" though.
<\sh> SpamapS: as said, I'll give python-activemq lib a try and if nothing helps I write my own message broker ;)
 * SpamapS watches his macbook struggle to keep up with 3 vms hitting the disk at once and wonders if he'd have better performance w/ an array of USB flash drives...
<alex88> hi, i'm setting up key auth to remove pass auth into my server..i've created key pair in client, copied in server ~/.ssh/authorized_keys
<alex88> now to set key auth as only login type in sshd_conf?
<RoyK> alex88: vi sshd_config?
<alex88> true..but, is there something to change?
<alex88> i want to completely disable password auth for ssh
<RoyK> from man sshd_config:        PasswordAuthentication           Specifies whether password authentication is allowed. The default is yes. This option applies to both protocol versions 1 and 2.
<alex88> oh k, so PasswordAuthentication no..
 * RoyK kindly asks alex88 to RTFM :Ã¾
 * alex88 will remember that next time
<RoyK> just remember to test key auth before you disable password auth :Ã¾
<alex88> already done.. now disabled and worked fine..thank you
<Guest66942> Anyone know why when copying using NFS the load average would spike to 8?
<Guest66942> home 192.168.1.1/24(rw,no_root_squash,async)
<Guest66942> is the export
<Guest66942> 192.168.1.1:/public /public nfs rw,hard,rsize=32768,wsize=32768,timeo=14,intr 0 0
<Guest66942> Is the fstab
<Guest66942> 100 MB full duplex
<kucumber_> I get "broken pipe" when I leave my connection idle a while, is there a way to stop this?
<Brot1> Hi, I'm using Ubuntu 10.04 LTS on a vServer. But there are some services not starting after a reboot. (e.g: cron, dovecot) what's wrong with this vServer or Ubuntu 10.04?
<kucumber_> perhaps leave a torrent client running?
<RoyK> Brot1: anything in the logs?
<j3ckyl> Any know why the load average would spike to 8 when transferring via NFS
<j3ckyl> export is
<j3ckyl> rw,no_root_squash,async
<j3ckyl> fstab is
<j3ckyl> rw,hard,rsize=32768,wsize=32768,timeo=14,intr 0 0
<j3ckyl> media is 100 Full Duplex
<RoyK> j3ckyl: s/hard/soft/ ?
<Brot1> j3ckyl, in which file should I look? I couldn't find something in /var/log/messager or /var/log/syslog
<RoyK> Brot1: I guess that was to me - check /var/log/daemon.log first - also check that these services are set to autostart
<j3ckyl> It's a dell dual pentium III with 2 gig memory running 10.04 LTS
<j3ckyl> load typcialy runs at .60
<j3ckyl> It's a USB drive that is mounted, I am thinking the problem is i/o but iostat doesn't reflect a problem
<RoyK> j3ckyl: pastebin `ps fax` and install sysstat (and enable it)
<Brot1> j3ckyl, I don't know where I should like if cron is configured to autostart. but dovecot is enabled in /etc/default/dovecot
<RoyK> j3ckyl: erm - usb is quite slow on the i/o, especially with that sort of hardware - probably usb1, which is dead slow
<Brot1> j3ckyl, i read that this could be a problem with upstart and ubuntu 10.04?
<j3ckyl> Well, I know it's probably a io issue , I know USB 1 is slow
<RoyK> Mass storage usb on a PIII is asking for trouble
<j3ckyl> but a load of 8? really?
<j3ckyl> is there an NFS mount export that can nice it?
<Brot1> it's seams a little bit weird that cron isn't starting after startup?
<RoyK> j3ckyl: with waits for i/o, the load is bound to be high
<j3ckyl> rw,hard,rsize=32768,wsize=32768,timeo=14,intr 0 0
<j3ckyl> So would going to lower chunk sizes help?
<RoyK> j3ckyl: you said so, thrice, the problem is probably the i/o bottleneck to the usb device
<j3ckyl> Yes, but it should be able to be throttled
 * RoyK hands j3ckyl a soldering iron and some usb2 chips
<j3ckyl> heh
<RoyK> sorry about the sarcasm, but usb1 is NOT a good candidate for mass storage
<RoyK> j3ckyl: better stick an usb2 card in the pci bus - it'll be way faster
<j3ckyl> Yeah, but given that, in NFS you can control that to some extent
<RoyK> not really
<j3ckyl> I know I can remove async
<j3ckyl> I don't need a reason to check the bits
<RoyK> still, the load average will be reflected by the number of processes waiting for i/o
<j3ckyl> I can probably lower the chuck size
<RoyK> it won't help much
<j3ckyl> Give it less to read at one time
<RoyK> but then, a high load average won't kill you
<j3ckyl> Well, at 8, it turns the cli into mud
<RoyK> slow i/o => high load average
<RoyK> it's one of Linux' infamous 'features'
<RoyK> linux doesn't deal well with slow i/o
<j3ckyl> but, it's a transfer
<j3ckyl> this is not a / drive
<j3ckyl> it's simply an ext4 that's for storage
<RoyK> j3ckyl: there are several (kernel) processes waiting for i/o - that keeps parts of the system busy
<j3ckyl> so I should be able to control the feed using nfs to match the io speed
<j3ckyl> yes?
<RoyK> beleive me - get a new usb board or even a SATA disk instead
<RoyK> or an old IDE drive
<RoyK> I don't know how well the usb1 drivers handle DMA (or at all)
<j3ckyl> Really don't need that. It's a media drive that feeds mediatomb
<j3ckyl> Do I don't need io speed except for initial media transfers
<j3ckyl> I would just like to tune it better
<RoyK> well, it was only a mere suggestion - I've only worked with operations for 15 years or so...
<j3ckyl> I hear ya
<j3ckyl> I know there are a lot of NFS tweaks though
<j3ckyl> It's defaintely not optimized
<RoyK> it doesn't matter if there are nfs tweaks around if the block level sucks
<RoyK> or block layer
<RoyK> even
<j3ckyl> I did have a cisco 5200, I could run weights red on nfs
<j3ckyl> err weighted red
<j3ckyl> limit the speed across line
<\sh> RoyK: even nfs from usb device is not that good, use local SAS storage or if you need more use a storage box as direct attached or actually use a SAN ;)
<j3ckyl> that was kinda a last resort
<j3ckyl> Long long time ago when I was working for a financial, we use to run thinnet across a solaris star
<j3ckyl> all NFS mounts
<j3ckyl> The primary server had similiar problems
<RoyK> \sh: heh - I use zfs on osol/nexenta/something for nfs servers :Ã¾
<\sh> RoyK: I'm running here a 2x HP dl365 G5 with 10 nics, 2x 4nics as port channel bonds, bonded together as active/passive bonds...inside the hp dl365 there is an p800 smartarray and attached to this controller there are 2x msa 70 with sas hds :) rock'n'roll
<Brot1> I think I found the bug I'm having with my installation: https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/543506. But why the hell is this bug open since 2010-03-21??
<uvirtbot> Launchpad bug 543506 in upstart "Some services not started on boot, runlevel returns "unknown" (dup-of: 554172)" [High,Confirmed]
<uvirtbot> Launchpad bug 554172 in linux "system services using "console output" not starting at boot" [High,Confirmed]
<RoyK> \sh: nice - I just ordered a couple of (net) 120TB systems with 10Gbps connectivity :D
<\sh> RoyK: netapps or hps or emcs? ;)
<RoyK> \sh: nexentacore on supermicro hardware :)
<RoyK> FAR cheaper
<RoyK> and with SSD caching, it will probably do about the same performance-wise
<\sh> argl...supermicro
<RoyK> nah - works well
<\sh> RoyK: http://www.welt.de/multimedia/archive/00251/Rechenzentrum_DW_Wi_251366p.jpg :) former company, 635 supermicro machines, 16 500GB sata hds, 2x dual core amd opteron cpus 16GB ram...I know all about supermicro boards :)
<RoyK> \sh: I've only had a few of boxes running stably for a year or so
<\sh> RoyK: for the raid6 stuff we used, we had a areca raid controller inserted...and this version was very fast, but had a unreliable backplane...every day, at least 50 disks were reporting a failure
<RoyK> ouch
<kucumber_> people, I can't for the life of me seem to get .htaccess working to password a folder on my server
<RoyK> we haven't had any problems with the backplanes
<RoyK> kucumber_: AllowOverride AuthConfig
<kucumber_> AllowOverride AuthConfig in the .htaccess file?
<RoyK> no, in the apache config
<RoyK> that allows overriding authconfig in the directory given
<kucumber_> ah - where might be the location?
<yann2> hello, is /srv/ commonly used on ubuntu? I've rarely seen documentation referring to it
<uvirtbot> New bug: #655890 in mysql-5.1 (main) "net-device-up of mysql's upstart-script won't be triggered on OpenVZ VMs" [Undecided,New] https://launchpad.net/bugs/655890
<RoyK> kucumber_: probably in <Directory>
<yann2> is it good practice to put ftp files, webpages, etc in there?
<yann2> may I get in trouble with apparmor? :)
<RoyK> yann2: /var/www is mostly used for web stuff
<RoyK> yann2: /srv is mostly a Solaris thing AFAIK
<yann2> I know being confused by https://lists.ubuntu.com/archives/ubuntu-users/2009-March/176239.html
<kucumber_> RoyK: <Directory> sorry, where is this - n00b here
<RoyK> kucumber_: read the apache docs :Ã¾
<yann2> am working on a bazaar server and wondering where I should put the bazaar project files
<Amgine> What's the best cantrip for archiving a remote folder and copying it to the local machine? scp -rp user@host:/path -| tar -cvf - | gzip -c backup ??
<\sh> rsync ?
 * RoyK votes for rsync
<\sh> RoyK: /src is a debian thing, /opt is a solaris thing, and /var/www/ is mostly used on debian systems for files which are served via apache/lighty
<RoyK> \sh: /srv is a solaris thing iirc
<RoyK> /src is something else
<\sh> aeh /srv i mean...I never saw it on solaris these early days..
<\sh> and rsync with -e "ssh" is a good way to go :)
<RoyK> \sh: you may be right - can't find /srv on these old sunos boxes...
<yann2> so, shouldnt use /srv on ubuntu?
<yann2> and use /var instead?
<RoyK> yann2: yes
<RoAkSoAx> kirkland: btw.. where you able to take a look to my PowerNAP additions?
<yann2> ok, thanks
<\sh> yann2: /var/www is your way to deploy web stuff
<yann2> and for a ftp server, for example, where to put the files served?
<yann2> /var/ftp ?
<\sh> yann2: tbh, I didn't use ftp anymore since 1998
<yann2> ok so I have 10 projects with 10 bzr repositories on a vm that will only do version control where should I put them ? :)
<yann2> I was thinking of /srv/bazaar, hence the question
<\sh> yann2: that you do...you need to set the correct user permissions then :)
<yann2> yeah that'll be fun :)
<yann2> thanks for your time
<alex88> connection refused mean that server send a REJECT packet right? So it's not filtered
<alex88> *dropped
<RoyK> reject, yes
<alex88> damn..probably my parallels firewall is conflicting with mine..because i'm on vps..
<alex88> thanks RoyK
<RoyK> alex88: either iptables -j REJECT or the host doesn't listen to that port (which will send the same ICMP message)
<alex88> i've setup csf firewall, there are only DROP or ACCEPT
<alex88> seems that parallels firewall check for open ports and the other are closed
<alex88> debugging with tcpdump
<alex88> how do i use tcpdump to extract syn packets received from a host?
<KB1JWQ> alex88: http://packetlife.net/blog/2008/oct/18/cheat-sheets-tcpdump-and-wireshark/
<alex88> KB1JWQ: got it, it respond with reject..damn..
<alex88> KB1JWQ: http://pastebin.com/HTNpbs6G can you have a look here? iptables rules
 * RoyK can't wait to get his 120TB boxes
<alex88> there is a user "list" running some python scripts..is that normal?
<RoyK> alex88: download chkrootkit and run it]
<RoyK> s/\]//
<alex88> it's runnin process: /usr/bin/python /usr/lib/mailman/bin/mailmanctl -s -q start
<alex88> with child procs: var/lib/mailman/bin/qrunner --runner=ArchRunner, BounceRunner, CommandRunner, IncomingRunner, NewsRunner and others 3
<RoyK> mailman installed?
<alex88> oh..it's http://www.gnu.org/software/mailman/index.html...
<alex88> well, i've installed virtualmin.. but i haven't specified to install that too
<demonspork> I have had dpkg stop working 4 times now while installing various packages (called by apt-get) and the process refuses to die. I literally have to just let it sit for like 8 hours before it will disappear and then I can install stuff again.  I get a thing repeating in dmesg while dpkg is sitting there doing nothing: http://pastebin.com/umJbJU5c
<alex88> sudo kill -kill dpkg-pid?
<demonspork> yeah, does nothing
<demonspork> tried kill -9
<demonspork> nothing
<alex88> same thing.. :/ semms like a segfault
<demonspork> so how do I resolve this?
<demonspork> it has only happened to dkpg, nothing else seems to be suffering
<alex88> open a bug ticket?
<alex88> i don't know what to do in those cases
<guntbert> demonspork: could it be that you have a failing drive? (just a guess)
<demonspork> what type of diagnostics can I run? This is a RAID 5 on an HP SmartArray 5i
<demonspork> I checked the diagnostics that the hpacucli gives on the drives, and the only drive with errors is drive 3, which isn't even built into the array, it is currently marked as a spare and won't even spin up until it is needed
<guntbert> demonspork: no idea to be honest, but what about a file system check? the lines with io... and wait... gave me the idea
<wmorri> Hi, I am wondering where the sendmail.mc file is stored?
<wmorri> I am new to setting up a mail server with ubuntu
<guntbert> wmorri: no need for sendmail - use postfix instead
<guntbert> wmorri: see https://help.ubuntu.com/10.04/serverguide/C/email-services.html
<cfairles> Anyone know how to globally disable editing with "less"? I want to add it to /etc/sudoers with NOPASSWD but in a "read-only" mode
<demonspork> so how can I kill this dpkg process. It is driving me insane - I need to do some other stuff and I can't reboot
<guntbert> demonspork: you should try to find out what is the cause...
<demonspork> yeah, I want to use it with a trace, and dig through that trace/submit it
<demonspork> but I can't do that until I can run it again
<demonspork> this is getting extremely aggravating
<demonspork> :(
<demonspork> how can it be impossible to kill a process
<X-Sleepy-X> demonspork: how are you trying to kill it?
<demonspork> kill -9, among other kill signals
<demonspork> it has no parent
<demonspork> it isn't a zombie
<X-Sleepy-X> hmm
<demonspork> it is just a dpkg process that won't die
<demonspork> this is the 4th time it has happened
<demonspork> I usually just have to wait several hours
<X-Sleepy-X> weird
<demonspork> I have to leave now
<demonspork> :(
<X-Sleepy-X> k
<demonspork> be back in like 4 hours
<X-Sleepy-X> ill be sleepin by then
<demonspork> lol
<demonspork> anyone with suggestions, post it in here _AND_ pm it to me if you can
<hggdh> did we drop the option to reinstall GRUB from the ISO?
<hggdh> mathiaz: the server ISO does not offer anymore rescue/Reinstall GRUB?
<mathiaz> hggdh: hm - I don't know
<mathiaz> hggdh: I haven't tested that lately
<mathiaz> hggdh: you may wanna ask cjwatson about that feature
<hggdh> mathiaz: I cannot find it there on either amd64 or i386, and charlie-tca just confirmed to me that the alternate ISOs have it
<hggdh> cjwatson: ^
<kucumber_> I'm getting "broken pipe" when I leave my dedicated server on a while
<kucumber_> how can I stop this/
#ubuntu-server 2010-10-07
<The_Paco> Hi. I'm trying to get nmbd/smbd to restart properly when I make changes, but I wind up having to kill them because upstart wants me to use "service smbd restart" or "service smbd stop" and then says "restart/stop: unknown instance"
<The_Paco> how can I get smbd/nmbd to restart properly without resorting to kil?
<armenb> hello...what's the fundamental difference between ubuntu-server and ubuntu-desktop?
<armenb> err, desktop and server versions of ubuntu
<The_Paco> server is stripped down, no X interface
<armenb> I'm trying to install a *-dev package in Desktop, and it can't find it
<armenb> whereas my server instance can...
<armenb> is there something I'm missing?
<The_Paco> check to see if they're using the same sources in apt-get?
<The_Paco> they're largely identical, afaik. So they should be able to find and install the same packages. Be careful that you're not committing yourself to loading x11 if you use aptitude, though, as it tries to resolve dependencies
<qman__> ubuntu server and desktop use the same apt repositories, so you have one enabled on your server that is not enabled on your desktop
<qman__> the biggest difference is the default package set
<qman__> the kernels are slightly different too
<qman__> but they're the same core OS, and everything from one can be installed on the other
<qman__> The_Paco, you're looking for "service samba restart"
<armenb> gah, lame. I needed to apt-get update first.
<qman__> or maybe not
<qman__> that's what it is on karmic
<qman__> on lucid both smbd and nmbd exist
<The_Paco> ah
<The_Paco> well
<qman__> a whole lot of names changed in lucid, very frustrating
<The_Paco> ... no, says unrecognized service
<qman__> but anyway, that error means that upstart is attempting to stop a PID that doesn't exist
<The_Paco> is there some kind of better place for learning about upstart than that anemic wiki of theirs?
<The_Paco> I'm feeling that the community has yet to get behind it, despite it now almost completely replacing init for us
<qman__> it completely replaced init a long time ago
<qman__> ubuntu's been using it in sysv compatibility mode since, I want to say, 6.10
<qman__> it's only just now to the point where a lot of services have native upstart scripts
<The_Paco> fun
<The_Paco> where are the upstart scripts held, then?
<qman__> I'm really not a fan of upstart
<qman__>  /etc/init/
<The_Paco> I'm starting to understand that mindset
<The_Paco> okay, so same place
<qman__> no
<qman__> sysv scritpts are/were in /etc/init.d/
<The_Paco> oh yeah that's right
<qman__> in my opinion upstart overcomplicates things
<qman__> not that it's a bad idea at its core
<qman__> if you're interested in some reading, I found this idea to be brilliant  http://0pointer.de/blog/projects/systemd.html
<The_Paco> it's fighting with itself
<The_Paco> yeah, I'll read it
<The_Paco> I've got to learn how to manage these things properly. Init.d was annoying but at least by the time I was slightly familiar with it it was consistent. Trying to run the smbd upstart script puts me in an endless loop admonishing me to use certain commands while ignoring the ones I give and spawning more smbd's
<qman__> yeah
<qman__> somehow, your smbd is running outside of upstart
<qman__> a reboot would probably fix it, though you should be able to just kill it and start a new one
<qman__> if it's not working, something else is getting in the way
<The_Paco> it's been a while since a reboot, what could it hurt. Few mins.
<The_Paco> huh, actually seems to be behaving now, funny that
<The_Paco> just goes to show that even with linux, the first troubleshooting step is always to restart and see if that fixes it
<qman__> well, that's the easy way
<qman__> but it's also almost never actually necessary
<qman__> question is, is it worth the time to figure it out
<The_Paco> I'm extraordinarily good at breaking things
<uvirtbot> New bug: #656048 in amavisd-new (main) "package amavisd-new-postfix (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/656048
<The_Paco> couldn't hurt, wave of the future and all that. Thanks. Later
 * freeflying 
<paul_whipp> Is this a good place to ask a beginner question about postfix?
<Amgine> Reasonably ok, paul_whipp.
<paul_whipp> thanks Amgine - it looked a bit quiet;
<Amgine> <grin> It's quite quiet, but you'll never know unless you ask your question.
<paul_whipp> I am a web developer and I've been using ssmtp but I need to change it to postfix. I can probably deal with the installation and configuration once I understand what it means by hostname - does this need to be a known domain for the mail server?
<qman__> the hostname it asks for in the debconf menu is the domain you want that server to receive mail for
<Amgine> http://www.postfix.org/VIRTUAL_README.html#canonical
<paul_whipp> I want it to receive email for lots of domains though
<qman__> then think of it as the primary domain
<qman__> you can add more though additional configuration
<paul_whipp> ok, thx
<paul_whipp> <looking at link>
<Amgine> painful, but you should be able to work through it.
<paul_whipp> it is - I just want it to send the mail for each domain (and not route it through gmail like I had ssmtp doing)
<qman__> mail is a lot of work
<qman__> local mail is no big deal, but mail on the internet has to be done right, otherwise your messages will just get marked as spam
<qman__> and you don't want to get your IP blacklisted
<paul_whipp> Yes - I've been dragged into this by clients sticking around on my 'test' server in the cloud. Their email forms all come from 'me' as the gmail sender.
<paul_whipp> I guess I'm just going to have to plough through it.
<paul_whipp> Is there any reason I can't try postfix out by installing it on my desktop machine (it has a static IP)?
<qman__> no
<paul_whipp> thanks qman, I'll try it there first.
<qman__> I actually run postfix in a smarthost configuration on mine to forward SMART messages and such
<paul_whipp> I've been using ssmtp there too but I can afford to break it <grin>
<qman__> pumped to my main server, which sends them through a gmail account to me
<qman__> I know postfix is overkill for that use, but it's what I know
 * ScottK has postfix on ~every computer he owns down to and including his netbook.
<qman__> yep
<paul_whipp> Wow. OK - I think I'll have more questions soon. I'm going to work through the installation and configuration locally now.
<qman__> that extra few K of RAM is insignificant compared to the hundreds of megs web browsers leak
<paul_whipp> ssmtp has served me well for forwarding to my gmail account for system stuff and it only took a few minutes to install and set up. I'm going to miss it.
<qman__> postfix is easy to set up that way for the clients, just pick smarthost and point to your server
<ScottK> Postfix is at least as easy to install for a relay (as qman__ says)
<qman__>  the server took a little more time to set up, but not more than a couple hours
<qman__> google time included
<ScottK> Longest it ever took me to set up a Postfix server was about 3 hours.
<ScottK> And that was starting from boxes of parts on a table.
<qman__> it only gets complicated with a 'real' server on the internet
<paul_whipp> Hmm... I will need a 'real' server for the clients although it only needs to send mail so far.
<qman__> yeah
<qman__> but you still need to get it right, because fishy headers equal spam, and that means blacklist
<paul_whipp> <googling smarthost>
<paul_whipp> Is there an easy way to 'know' I've got it right (no fishy headers or open relay)?
<qman__> open relay is easy to test
<qman__> and sending test mail to your own personal accounts, and checking the headers should factor in the anti-spam measures
<paul_whipp> qman: thx, how do I test open relay?
<qman__> telnet in on 25 and attempt to send mail without authenticating
<paul_whipp> qman: thx. I can do that.
<qman__> by default, I'm pretty sure it allows open relay on the local subnet
<qman__> so you'd have to change that
<paul_whipp> ok. I'm going to try installing it and see if I can put some of this into practice.
<_Techie_> how to disable TLS in postfix?
<ScottK> It's not enabled by default.
<ScottK> paul_whipp: By default, Postfix is not an open relay, so you don't need to worry about that much unless you edit configuration files.
<paul_whipp> thx ScottK
<electrofreak> Did ubuntu cut out the adaptec driver from the kernel?
<electrofreak> in 10.04
<electrofreak> all the things I'm reading on adaptec's Linux blog seem to indicate (for previous ubuntu versions) that the code is already included...
<electrofreak> but it doesn't appear to be for 10.04?
<SpamapS> electrofreak: "the adaptec driver" ?
<electrofreak> aacraid
<electrofreak> SpamapS, ^^
<SpamapS> linux-image-2.6.35-22-generic: /lib/modules/2.6.35-22-generic/kernel/drivers/scsi/aacraid/aacraid.ko
<SpamapS> its in maverick
<electrofreak> is maverick 10.10? (I don't keep up with these silly names)
<SpamapS> electrofreak: yes, 10.10
<SpamapS> which is out in 4 days ;)
<electrofreak> wait a second... I have it in my libs, too...
<electrofreak> why isn't my card being seen?
<electrofreak> lspci sees it... but I'm not getting any /devs for my array
<SpamapS> electrofreak: I'm always fuxzy on how initrd's work .. but maybe its not in there?
<SpamapS> electrofreak: lsmod | grep aacraid
<electrofreak> well, I just modprobed it... and it inserted...
<electrofreak> what would the devs come up as?
<SpamapS> I forget
<electrofreak> wait... there it is
<electrofreak> I'm so sorry... this appears to have been a retard moment, brought to you by electrofreak. everything is working....
<electrofreak> it is /dev/sda... so it must have been there at boot.
<SpamapS> :-D
<SpamapS> actually
<SpamapS> the modprobe would have created it
<electrofreak> SpamapS, nothing printed out recently in dmesg....
<electrofreak> and now that I look more closely at dmesg, I do see it initializing... about 2.2 seconds after kernel started timing.
<electrofreak> so, my bad.
 * SpamapS drums fingers waiting for AT&T EDGE speeds.. 
<electrofreak> now what we need is ASM/arcconf in apt...
<electrofreak> adaptec is working on improving support for debian based distros...
<electrofreak> so I was able to get it setup from a build they mentioned in their blog.
<electrofreak> now I need to reboot though. flashed new firmware to my card. Thanks SpamapS!
<paul_whipp> more postfix questions: I installed it fine on my local machine and I set it up to relay to gmail but how do I specify the port?
<paul_whipp> postfix trouble: I just tried using smtp.gmail.com:587 but then I get a certificate failure message in the log. Don't really want a certificate. How do I get relay to gmail to work?
<twb> apt-get install  ca-certificates
<twb> that cert's in the default list
<paul_whipp> twb: why do I need a cert?
<twb> YOU don't
<twb> But postfix needs to be told to trust the cert that smtp.gmail.com is using
<twb> If ca-certificates is installed and you haven't unchecked any options in the low-priority debconf prompts, that SHOULD be the default behaviour (unless postfix is very weird).
<paul_whipp> I already have it installed
<paul_whipp> I have no idea about prompts so I guess I did not uncheck any <grin>
<twb> Then pastebin the full transcript and/or talk to #postfix about it
<paul_whipp> ok, thx
<twb> http://paste.debian.net/94002/ <-- you should have something like this
<paul_whipp> thanks twb. It actually sent the mails in the end - it seems the certificate line was just a warning.
<paul_whipp> I have a working postfix server :-D
<twb> Whatever
<paul_whipp> Now I just need to work out how "not to relay"
<twb> That should also be the default behaviour
<paul_whipp> twb: I hope so, I'm going to comment out the gmail relay configuration and give it a go.
<Dravekx> Anyone have a fix for this error? status: Unable to connect to system bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
<Dravekx> it happens when I try to check status on a service
<paul_whipp> Dravekx: are you checking in a login shell?
<Dravekx> paul_whipp, no. checking samba status. but it gives me the error no matter what service status I check via SSH.
<Dravekx> or lol. that's what you asked.
<twb> Somewhere in postconf there are options on which domains you accept mail for
<Dravekx> any idea on a fix?
<paul_whipp> Dravekx: dbus is a pain. If you google you'll find some variables you need to set up for it to work.
<paul_whipp> twb: Luckily I only want to send mail to begin with <takes baby step>
<twb> If your 25 and 587 are closed, then you aren't an open relay
<paul_whipp> Cool. I can fix that easily in the firewall to be certain.
<twb> Except potentially in the more general sense, like having a "send this page to a friend!" feature on your website
<paul_whipp> Dravekx: Hang on... I'll dig something up
<Dravekx> paul_whipp, Ahhhh... nvm... I got it. I wasnt using root.
<Dravekx> it's a samba issue now.
<paul_whipp> Dravekx: ok cool.
<zanthir> Hello, does anyone know how to add groups to groups?
<zanthir> I'm running xfce on my ubuntu-server, and the groups for services (such as www-data) are well *ahem* groups, not users.
<zanthir> On my Ubuntu (not server) machine, these users are users, not groups (www-data for example).
<demonspork> zanthir, they are groups _and_ users
<demonspork> zanthir, do they exists in /etc/passwd
<zanthir> demonspork, I don't have an /etc/passwd...
<demonspork> zanthir, then you are not usin Linux
<demonspork> "cat /etc/passwd"
<paul_whipp> twb: I think send it to a friend would still work. Having removed the relay I'm seeing the connection attempts time out e.g. "connect to gmail-smtp-in.l.google.com[74.125.155.27]:25: Connection timed out" for an email to my own gmail address
<demonspork> should give you a list of users
<zanthir> demonspork, I installed Ubuntu Server 10.04. I believe I am using Linux.
<demonspork> zanthir, then there is a 100% chance that the file "/etc/passwd" exists
<zanthir> You have an email? You can SSH in and look for yourself. Not there. Sorry...
<twb> demonspork: it is theoretically possible to have a working system that doesn't use "files" or "compat" for name resolution.
<demonspork> yeah, that is possible
<demonspork> but only theoretically
<demonspork> I didn't even bother mentioning it though
<twb> Indeed, when I try it about four packages fail their postinsts
<twb> Though those are bugs
<demonspork> zanthir, do you have a terminal window open?
<demonspork> type "cat /etc/passwd"
<twb> Certainly *UBUNTU* is required by specification to have a specific set of users and groups present in /etc/passwd and /etc/groups
<demonspork> or even just "stat /etc/passwd"
<zanthir> oh, taht last one worked!
<twb> zanthir: if /etc/passwd doesn't exist then your system is broken
<zanthir> So, it's probably just hidden?
<twb> zanthir: if you're using a GUI, I cannot comment on its behaviour.
<zanthir> cat says "No such file or dir..." but stat finds it...
<twb> That shouldn't happen.
<zanthir> err... sry, I cat-ed for /etc/group, not passwd... Sorry.
<zanthir> Right, ok. Cat finds everything.
<zanthir> For some reason though, they only show up as groups in my users and groups GUI...
<zanthir> Should I probably ignore that and just try adding them to groups as if they were users from the cmd line?
<zanthir> Mm. Ok. Thanks twb.
<zanthir> (about GUI)
<zanthir> Thank you too demonspork.
<RudyValencia> OK, so my server runs approx package caching, if I copy the contents of /var/cache/approx to another drive and then reinstall, will I be able to restore the cache by simply copying it back (along with the appropriate configuration)?
<twb> IIRC, yes
<twb> But I am emphatically NOT a fan of those apt cachers, they've caused me far more problems than they've solved.
<twb> Nowadays I simply run debmirror, which consumes on average maybe 128MB a week to keep a complete mirror of lucid and hardy.
<jcastro> squid-deb-proxy my friends
<jcastro> squid ftw
<twb> I've had problems with "optimized" squid cachers, too
<jcastro> booo
<twb> In particular, when they decide to cache Packages.bz2 (which is big) but not Release (which is small)
<twb> So you get checksum errors
<flock_> dear friends i am try to create a name based virtual host in my local machine, but it is not working,
<flock_> I add the following lines in the configuration file
<flock_> <VirtualHost *:80>
<flock_> ServerName www1.example.com
<flock_> ServerAlias kevin
<flock_> DocumentRoot /test
<flock_> <Directory "/test">
<flock_> 	Options Indexes FollowSymLinks
<flock_> 	AllowOverride None
<flock_> 	Order allow,deny
<flock_> 	Allow from all
<twb> !paste
<flock_>     </Directory>
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<flock_> </VirtualHost>
<twb> flock_: are you testing it with netcat?
<flock_> i am using unutu 10.04
<flock_> and using apache2
<twb> That was not my question.
<RudyValencia> I think I'll just reinstall from a disc
<RudyValencia> which no longer fits properly on a CD-R
<RudyValencia> (I have to use a DVD-R now)
<qman__> I use squid
<qman__> it's not perfect but it's effective when all my servers update at the same time
<qman__> I blacklisted Packages.bz2 and Release and such from being cached
<twb> qman__: in theory, I just have my servers point to the local quaternary mirror
<twb> That hasn't actually happened yet because the debmirror is on a fucking 10baseT hub or something, so it's actually slower than the ISP's tertiary mirror...
<RudyValencia> I'm backing stuff up right now, what else should I back up besides /etc ?
<RudyValencia> (on my server)
<RudyValencia> I know definitely userdirs
<gravity1187> what service are your providing from your server?
<RudyValencia> Samba shares (from folders on a separate drive mounted to /srv), Web serving (also from the separate drive mounted to /srv), PXE Ubuntu installation, approx package caching, DNS, DHCP, and printing services
<gravity1187> and /srv are on their own drives
<gravity1187> any custom scripts that you may have put in /usr/bin or /usr/sbin
<gravity1187> any mysql databases
<RudyValencia> /dev/sdb1 is attached to /srv
<RudyValencia> I haven't made any scripts
<RudyValencia> and I did back up the MySQL DB
<RudyValencia> I decided just to copy /etc wholesale
<gravity1187> yeah....any programs in /opt
<gravity1187> that weren't installed from apt
<RudyValencia> nothing in /opt
<RudyValencia> that's probably good enough
<gravity1187> then I would just be concerned with the /etc directory
<RudyValencia> hm, my backup drive is ntfs though :(
<gravity1187> what are you using for back up software?
<RudyValencia> just cp -a
<gravity1187> you may want to look at rsync
<RudyValencia> (to preserve the files as they are, but I just realized that ntfs won't save permissions
<gravity1187> lot better solution in the long run
<gravity1187> no it won't
<RudyValencia> I need to format the backup drive as ext3 or something
<gravity1187> probably be the best way to go unless your zip or gun-zip the back-up first and then copy that to the ntfs partition
<qman__> using ntfs is a bad idea anyway
<gravity1187> so you could cp the entire etc directory into a backup directory and then gzip the directory and move it to your backup partition
<qman__> the odds are one in a million, but you don't want it to be your partition that blows up
<gravity1187> agreed
<RudyValencia> I'm setting the backup drive up with ext3
<gravity1187> qman__: an you think of any other important directories other than the obvious?
<qman__> might want to take an ls of /var/cache/apt/archives, so you can look back at what packages were installed
<qman__> or dpkg -l or whatever
<gravity1187> I thought about that one
<RudyValencia> I'm just reinstalling only what this server needs
<qman__> have a look through /var to see if there's anything in there you need and missed
<qman__> and your home directories
<gravity1187> RudyValencia: you said you were using Samba are you also using LDAP
<qman__> everything else important would be in /etc
<RudyValencia> no, just workgroup mode
<gravity1187> log files might also be good if you are worried about retention
<RudyValencia> nah, this is my private server in my residence
<gravity1187> etc it is then
<RudyValencia> I guess just /etc, /var/lib/tftpboot, /var/cache/approx, and the MySQL dump
<RudyValencia> (and possibly /srv for good measure, just in case something goes horribly wrong_
<twb> A backup should include all of /etc and /var, and if used /opt and /srv
<RudyValencia> ah
<RudyValencia> ok
<RudyValencia> will be backing up /etc and /var after /srv copies
<twb> If I were you, I'd backup the whole filesystem
<paul_whipp> I have a new working postfix install on a web server running a number of sites. The sites use forms that access sendmail via PHP (Joomla) and send emails to site staff etc. from the public. The PHP code changes the from email address so that the staff can reply directly to the person that sent them the mail if they choose to. Unfortunately, this results in the emails being put into the SPAM folder because "this message was likely forged and did not
<gravity1187> have you tried whitelisting the From address?
<paul_whipp> No.
<paul_whipp> Is that something that has to be done on a per recipient basis?
<gravity1187> yes and or per sender basis
<paul_whipp> Per sender would be impossible because they are members of the public filling in a form
<gravity1187> are you using spamassasin?
<paul_whipp> I'll try the 'real' sender
<paul_whipp> No
<gravity1187> so what program is picking it up as SPAM?
<paul_whipp> gmail
<gravity1187> hmmmmm
<gravity1187> is this a public facing server?
<paul_whipp> Yes.
<twb> Probably your MTA is misconfigured
<paul_whipp> Whitelisting the real sender does not help
<twb> e.g. it's HELO'ing with a hostname that doesn't resolve.
<gravity1187> that was what I was going to ask next
<paul_whipp> twb: very possibly since I barely know what I am doing
<gravity1187> yep
<gravity1187> what MTA are you using
<twb> You mentioned sendmail.  Do you mean /usr/sbin/sendmail, or sendmail-the-MTA?
<twb> You should be using postfix, not sendmail, as the MTA.
<gravity1187> concur
<paul_whipp> the mta is postfix I just installed isn't it?
<gravity1187> nope sure isn't
<gravity1187> goto http://www.howtoforge.com
<paul_whipp> then the MTA is google gmail - its an online reader
<twb> paul_whipp: wrong.
<paul_whipp> so what is the MTA?
<gravity1187> they have great tutorials on setting up postfix so that is secure and compiant
<twb> smtp.gmail.com operates and MTA, but it is not YOUR MTA.
<qman__> his MTA is postfix, he mentioned it in his original question
<gravity1187> MTA stands for Mail Transport Agent it is the program that sends and receives mail
<twb> Your MTA is a daemon running on your server.  Its job is to 1) receive mail from local users and send it to local/remote receipients; and/or 2) to receive mail from remote recipients for local users.
<paul_whipp> Sorry - I'm filling in a form on a website that has my newly installed postfix sending the mail for it (via the sendmail php interface). When I receive the email as an end user via an online google gmail account it appears as spam.
<paul_whipp> My postfix is not receiving any email - it doesn't need to.
<gravity1187> what is your server hostname?
<twb> gravity1187: tell him how to get the information, otherwise he'll give you the wrong datum
<paul_whipp> How do I check the hostname? I think I entered samfordwebsites.com.
<twb> paul_whipp: what does "cat /etc/mailname" return?
<twb> paul_whipp: pastebin the output of "postconf"
<paul_whipp> samfordwebsites.com.au (I was close ;))
<twb> paul_whipp: pastebin the output of "ip addr"
<paul_whipp> pastebin...
<qman__> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<paul_whipp> Ah - whitelisting 3 times in google seems to have worked for the gmail account (guess they are using a heuristic)
<paul_whipp> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<gravity1187> paul_whipp: Part of the problem is your server is blacklisted http://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a174.129.39.156
<qman__> you can use any pastebin you like, that's just one of them
<paul_whipp> http://paste.ubuntu.com/507784/ for postconf
<paul_whipp> http://paste.ubuntu.com/507785/ for ip addr
<paul_whipp> At least I have a workaround by whitelisting the sender. I can tell my various clients that they have to do this so that the messages don't end up in their spam folders.
<gravity1187> what is the public addy of this server?
<paul_whipp> It does not have one.
<twb> gravity1187: look at the ip a result
<paul_whipp> I've always just used the IP
<twb> paul_whipp: that doesn't help.
<twb> Your network's mail gateway should have a public IP.
<gravity1187> twb: I did not responding to ping and the domain ip is different
<gravity1187> and that is probably y you got black listed
<twb> It should also have valid A and PTR and MX records and your /etc/maildomain should correspond to them.
<paul_whipp> I'm out of my depth here - Its just a machine in the cloud running a number of websites via apache. I DNS to the IP fine and everything (including ssmtp) worked fine.
<paul_whipp> I do own the samfordwebsites.com.au domain but its just one (not set up) site on the server that happens to be mine.
<paul_whipp> black listing seems strange since until now its only sent a few emails via my gmail account.
<twb> paul_whipp: that you know about
<paul_whipp> twb: fair point. I do look at the logs though.
<twb> It's entirely possible that your PHP crap is allowing anyone to send mails to anyone, i.e. it is an open relay
<Amgine> <eyebrow>
<paul_whipp> Scary thought - Its Joomla (latest version) so quite popular.
<paul_whipp> I don't think that is possible though unless it can be hacked to change the recipient somehow.
<twb> Yeah, well.  IME PHP hackers tend to excel at including that kind of feature in their code.
<paul_whipp> twb: possibly, but Joomla seems pretty sound and being Open I haven't seen any sign of issues. Most security problems come from people leaving the doors open with it.
<twb> "seems pretty sound" in what way?  Suddenly you're a security analyst?
<paul_whipp> twb: No but I can read code and the mail part is pretty small. As for the rest I am dependent on the Joomla updates and feedback.
<paul_whipp> As ssmtp has never had any kind of related records (not sure how it could) might the blacklisting be more to do with the IP range - its an amazon elastic IP
<twb> Hmm, the latest relevant one I can see is
<twb> CVE-2008-4103 The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam.
<uvirtbot> twb: The mailto (aka com_mailto) component in Joomla! 1.5 before 1.5.7 sends e-mail messages without validating the URL, which allows remote attackers to transmit spam. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4103)
<paul_whipp> yes - I keep the updates going. 1.5.20 now.
<twb> Most of the other vulnerabilites are SQL injection or information disclosure
<twb> paul_whipp: you're using ssmtp as your MTA?
<paul_whipp> I was until now.
<paul_whipp> I only needed to send emails from the sites when user forms etc. are filled in.
<twb> Last time I looked, that did the Wrong Thing when you tried to point it at the real world.
<paul_whipp> Worked fine relaying through gmail. Its been running for a couple of years like that until now. Trouble was that with more client sites the recipients of the form emails would just click reply - sending an email back to me rather than to the user who filled in the form.
<twb> Particularly when on a NATted box where dnsdomain and maildomain and friends don't match up with the smarthost's view of the world
<twb> paul_whipp: that's what ssmtp is supposed to do
<gravity1187> twb: look at private
<paul_whipp> sorry - private?
<gravity1187> I sent a private message to twb
<paul_whipp> ok - I can't see that then.
<gravity1187> nope sure can't
<gravity1187> me and twb are having a sidebar
<paul_whipp> np
<gravity1187> paul_whipp: what is the from address that you are using
<paul_whipp> I've been entering different ones on the forms - here is a form: http://174.129.39.156/~samford_state_school/index.php?option=com_contact&view=contact&id=1%3Apaul-whipp&catid=8%3Aadministration&Itemid=29
<paul_whipp> That one sends emails to me (obviously) but they want to add lots more contacts on this and on one other Joomla site hosted on the same server.
<qman__> if the messages you're sending aren't from a domain that points back to your mail server, they will get marked as spam
<qman__> sooner or later
<qman__> because that's how spammers work
<paul_whipp> Yes, thanks qman, I think this is an unsolvable problem. If I could do it then I could effectively spoof emails to appear to come from anyone.
<qman__> like twb said, you need A, PTR, and MX records identifying your server as part of the domain
<paul_whipp> I will have to set up the one domain properly.
<gravity1187> and then instead of using the mail php script due via an actual account
<gravity1187> do it via an actual account
<paul_whipp> Good idea. I like the form though because it keeps the destination email private.
<gravity1187> and it still will be private it is just going to go through an actual account for sending to the authorized individual that needs to receive it
<twb> paul_whipp: sending mail without meaningful DNS records *will* get you blacklisted
<paul_whipp> ok - thanks very much for the help. I will configure one proper domain (one of mine) and then inform the clients they have to whitelist that. I think that will solve the problem. gtg now.
<twb> "keep the destination private" is achieved by setting an envelope RCPT TO but not specifying a message To field, or by using BCC instead of To.
<twb> Note that this will also often your message classed as spam.
<paul_whipp> ok - thanks. Lots more reading (and configuring to do) then. l8r
<gravity1187> If you need help come back and chat
<gravity1187> also have a look in the wiki and http://www.howtoforge.com has great tutorials
<Zeu5> anyone here can help me with my server set up? i am using ubuntu
<Zeu5> my domain is correct. http://ombi60.biz/ but somehow its not pointing to my cakeapp
<twb> cake is some ruby thing, right?
<Zeu5> twb: hi its a php framework
<Zeu5> twb: i have placed the files inside a folder inside /var/www/myapp/trunk
<qman__> Zeu5, your domain is pointing to /var/www
<Zeu5> i do have a index.html in /var/www but i am sure i pointed my virtual hosts to the new folder and restarted my apache. please advise
<qman__> either modify the default site configuration to point to /var/www/myapp/trunk, or move your files to /var/www
<Zeu5> qman__: thank u for help. shd i pastebin my apache conf file?
<qman__> yes
<Zeu5> hangon.
<Zeu5> qman__: http://apache.pastebin.com/t5da94gY thank you
<qman__> that's not the right way to do it in ubuntu
<qman__> please undo the changes you've made, then modify /etc/apache2/sites-available/default
<Zeu5> qman__: the only changes i have made are those line 10 onwards
<Zeu5> qman__: are you asking me to remove them?
<qman__> yes
<qman__> in ubuntu, site configurations are in /etc/apache2/sites-available/
<qman__> modifying the default is the easiest way
<qman__> right now, the default site is overriding your configuration
<Zeu5> qman__: how shd i correct it?
<qman__> by creating the site the ubuntu way, either by modifying the default site, or creating a new site in /etc/apache2/sites-available/
<Zeu5> qman__: i am not well-informed enough to make the distinction. would you mind advising me whether to modify default site or create new site?
<qman__> modifying the default site will be easiest
<Zeu5> and how to modify OR create
<qman__> all you need to do is change the documentroot
<Zeu5> i changed. i tried to restart i get a fail
<qman__> what's the error?
<qman__> see /var/log/apache2/error.log
<Zeu5> [Thu Oct 07 06:35:40 2010] [error] (2)No such file or directory: could not open transfer log file /var/log/apache1/other_vhosts_access.log.
<Zeu5> Unable to open logs
<Zeu5> i got this when i restarted apache
<qman__> run the following command and pastebin the result (if it's more than one line)
<qman__> sudo grep -R other_vhosts_access /etc/apache2
<qman__> also, paste the result of
<qman__> sudo ls -l /var/log/apache2/other_vhosts_access.log
<Zeu5> http://pastebin.com/p4ZGnh1P
<Zeu5> http://pastebin.com/XzajJrpu
<qman__> ah, there's the problem
<Zeu5> i am sorry i dun get it
<qman__> it's a typo
<Zeu5> can u please teach me
<qman__> see how it says "apache1"
<Zeu5> yes
<qman__> edit apache.conf and change that line to "apache2" instead of "apache1"
<qman__> apache2.conf*
<Zeu5> YES!
<Zeu5> qman__: thank u very much
<Zeu5> there are other errors but i think those are application levels rather than at server.
<qman__> probably
<qman__> if apache started and didn't complain on-screen, that's likely the case
<Zeu5> qman__: how do i check for mod_rewrite? i am not tat familiar with apache in ubuntu server
<qman__> it is not enabled by default
<qman__> if you need it, run
<qman__> sudo a2enmod rewrite
<qman__> then restart apache
<Zeu5> qman__: the people over at #cakephp insists i look at the apache config to check that mod_rewrite is turned on. i have told them i have run that command you gave me. is there a way to doublecheck?
<qman__> if you ran that command and restarted apache, and there were no errors, it is enabled
<qman__> you can double check by running 'ls /etc/apache2/mods-enabled/
<qman__> rewrite should be present
<qman__> also, ensure that these lines exist in /etc/apache2/apache2.conf
<Zeu5> qman__: i got this http://pastebin.com/iXNQEHHT
<qman__> # Include module configuration:
<qman__> Include /etc/apache2/mods-enabled/*.load
<qman__> Include /etc/apache2/mods-enabled/*.conf
<qman__> rewrite.load is present there
<Zeu5> the lines you told me they are indeed inside apache2.conf
<qman__> then, provided there were no errors, rewrite is loaded
<qman__> the only other way to test is to create a script which utilizes it
<qman__> but that's a little more complex
<Zeu5> thanks qman__
<Zeu5> qman__: i am toggling between here and the #cakephp channel. hopefully i can get this resolved soon.
<Zeu5> qman__: i got it resolved. thanks. its a apache allowoverride issue.
<Zeu5> qman__: you have a good day ahead :)
<qman__> ah
<SpamapS> gah.. I have to wake up in < 4 hours and I just can't fall asleep :P
<twb> SpamapS: read a sendmail .cf
<twb> Or just, you know, bull on through to the point where the fatigue toxins make you feel warm and fuzzy and lucid
<qman__> I know the feeling
<SpamapS> twb: that will be about the time I need to wake up anyway. ;)
<twb> I watched Fight Club again last week
<twb> SpamapS: for a meeting, or something actually important? :P
<SpamapS> I drank a wheat beer and had a piece of bread + butter.. the insulin shock should push me over the edge enough to get a couple of hours of sleep. :)
<SpamapS> twb: I have to board a plane in < 6 hours.
 * SpamapS has decided to fix RC bugs in squeeze to lull himself to sleep
<twb> I can't help thining any still open are gonna be hard
<SpamapS> yep
<SpamapS> http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=595120
<SpamapS> I think turning off name resolution (which is, IMO, a really stupid feature of mysql) is the right way to go. Even if its not turned off, I think its fair to think that requiring $named to start before mysqld is a bit weird.
<Zeu5>  i got this error Invalid command 'VirtualDocumentRoot', perhaps misspelled or defined by a module not included in the server configuration and this was the line VirtualDocumentRoot /var/www/ombi60/trunk/%1/app/webroot
<Zeu5> please advise
<Zeu5> how do i check if i have truned on the right module for this to work.
<qman__> mysql making use of name services is one thing, but it shouldn't _require_ them
<qman__> just fall back to IPs if named is not available
<Zeu5> hi qman__
<Zeu5> :)
<SpamapS> qman__: Yeah.. it does that, but it does it *really* slowly. ;)
<qman__> Zeu5, looks like it requires mod_vhost_alias
<qman__> sudo a2enmod vhost_alias
<Zeu5> qman__: thanks! i gooogled ard but cannot find the right command. is there a reference to all these a2enmod commands?
<qman__> a2enmod is simply a frontend, it creates symbolic links in /etc/apache2/mods-enabled/ for modules installed in /etc/apache2/mods-available/
<qman__> so everything in /etc/apache2/mods-available/ can be enabled or disabled with a2enmod and a2dismod
<Zeu5> qman__: thanks!
<Zeu5> a2enmod simply means apache2 enable mod
<Zeu5> got it
<Zeu5> qman__: would you mind if i ask u more specific apache questions?
<qman__> ask away
<Zeu5> qman__: i am trying to set up a multi site  platform kinda like blogspot.com ,etc and i came across this article telling me how to optimize without using htaccess
<Zeu5> http://bakery.cakephp.org/articles/view/boost-performance-by-removing-htaccess-plus-multi-site-with-virtualdocumentroot
<qman__> this is exactly the place for that
<Zeu5> scroll down to his part 2
<Zeu5> i modified my default to look like this http://pastebin.com/KLeBK3Mv now. it does not work. i wonder what i did wrong.
<Zeu5> qman__: erm did i say something wrong?
<qman__> sorry, I was busy for a moment
<Zeu5> qman__: oh sorry am i disturbing?
<normanm> hi there.. I'm using ubuntu 10.04 and see "java.io.IOException: File too large" messages
<normanm> is there some os file limit with ext4 ?
<qman__> no, just multitasking
<normanm> I never saw this before on earlier rleases
<qman__> I notice you're missing the section where he sets up the directory statement for the multiple directories
<qman__> <Directory "/opt/leagues/sites/*/app/webroot/">
<\sh> normanm: how large is your file?
<qman__> and the following bits
<qman__> where * is the user directories
<normanm> \sh, eno clue as it happens within a mailserver
<\sh> normanm: humm? you are running a java mail server?
<normanm> \sh, yep.. development server
<SpamapS> normanm: ext4's max file size is in the terabytes, maybe even petabytes actually
<\sh> SpamapS: wait...
<\sh> I found a bug with the same error
<qman__> the java file limit might be the problem
<normanm> \sh, the max file size ?
<\sh> https://bugs.launchpad.net/gnome-split/+bug/580901 <- the guy says, he's using ext4 and the other guy tried it with ntfs and there it works
<qman__> I know I ran into open file handle and open network connection limits in java before
<ttx> hggdh, JamesPage: great job on ISo testing guys... hopefully we won't respin
<uvirtbot> Launchpad bug 580901 in gnome-split "File too large" [Undecided,Invalid]
<twb> Max file size    16 TiB (for 4k block filesystem)
<\sh> normanm: can you change your fs from ext4 to xfs or whatever else you could have?
<JamesPage> ttx: no problem; automated ISO testing ran through completely cleanly so all I had todo was update with test results!
<normanm> \sh, I even can reproduce it with dd
<ttx> We might respin if we find a fix for Bug 641259
<uvirtbot> Launchpad bug 641259 in grub2 "grub does not appear to load after maverick post-beta install" [Critical,Fix released] https://launchpad.net/bugs/641259
<normanm> \sh, http://pastie.org/1204813
<normanm> \sh, let me try ext3
<twb> Just because the *OS* supports 16TiB files doesn't mean *java* does
<normanm> twb, see my paste.. it even happens with dd
<twb> Cf. Emacs, which has a file size limit of 2**(word size - 3)
<twb> normanm: hum, OK
<SpamapS> ttx: wow, that grub bug is nasty
<ttx> SpamapS: yes, cjwatson needs to reproduce on bare hw
<qman__> Zeu5, ah, I see the part where you put it
<ttx>  /some/ servers have 100% failure
<Zeu5> qman__: i think i know why. i did nt create 1 directory per user hence it didnt work
<ttx> we just hope we can get our hands on one failing example around here
<SpamapS> normanm: http://www.cyberciti.biz/faq/file-size-limit-exceeded-error-under-linux-and-solution/
<SpamapS> normanm: check ulimit -a
<qman__> Zeu5, that would do it :)
<Zeu5> my implmentation is slightly different from the article author. i got it to work though. :)
<Zeu5> qman__: you are very friendly and patient. thank you. have a nice day :)
<qman__> I haven't used that module in any capacity myself, so just looking for more obvious things
<\sh> normanm: and eventually check your ulimit for that particular user you are running your dd / java app
 * SpamapS is starting to feel some possible sleepiness
<normanm> \sh, I run at root
<normanm> just to make sure
<normanm> ulimit -a shows unlimited
<qman__> normanm, I have run into similar problems with java applications hitting limits that don't apply to the rest of the system
<qman__> never found the solution, just stopped using java
<normanm> qman__, again.. it happens with dd too
<twb> qman__: good man!
<qman__> with dd, though, there is a problem
<twb> normanm: this is an ext4 filesystem?
<normanm> twb, yep
<normanm> twb, will try to get ext3 on it
<twb> normanm: please pastebin the output of "tune2fs -l /dev/sdAB" and "df /usr/local", where AB are the letter and number of the filesystem
<twb> normanm: also, if this is a VM or jail, specify the flavour thereof.
<qman__> normanm, do you have any quotas enabled?
<normanm> qman__, no quotas
<qman__> or special mount options
<normanm> twb, yeah its a vm
<twb> qman__: if he did, it SHOULD give a quota error
<normanm> vmware
<qman__> at precisely 10MB, something is almost certainly interfering with an artificial limit
<twb> normanm: do you have hgfs installed?
<twb> normanm: that is the vmware thing that provides file sharing with the host os
<normanm> twb, even don't know what it is ;)
<normanm> so I guess no
<qman__> oh, nevermind
<qman__> I read that wrong
<twb> Do you have the "vmware server tools" or so installed?
<qman__> so it's between 10MB and 100MB
<twb> Also, pastebin those things I asked for
<ttx> SpamapS, JamesPage: Another small issue I just detected on the ISOs: they still show "Ubuntu maverick (development version)" where they should say "Ubuntu 10.10" or something like that
<normanm> twb, http://pastie.org/1204832
<qman__> using vmware, did you preallocate the disk? if not, check the host OS for free space
<normanm> qman__, there is about 2tb free space
<qman__> ok
<ttx> We won't respin just for that though, we might go for a 0-day SRU on lsb-release
<normanm> twb, vmware tools are installed
<twb> normanm: that includes hgfs
<normanm> twb, ok
<normanm> should I stop the tools ?
<normanm> its esx 4
<twb> It won't hurt to try, I suppose
<SpamapS> ttx: That seems like a pretty serious problem.
<SpamapS> ttx: I mean, its cosmetic, but.. you install 10.10 official, and it claims to be the dev release?
<elisa871> hi
<elisa871> do you use citrix?
<normanm> twb, ok.. tools stopped same problem
<twb> I'm out of ideas
<normanm> twb, funny enough.. if I create 10 files of 10mb it work
<normanm> if I want to create one of 100mb it fails
<normanm> so WTF!
<twb> talk to your vmware vendor?
<normanm> well with 9.04 I don't see this problems
<normanm> but its ext3
<normanm> so let me try this first
<normanm> same with ext3
<normanm> I don't get it
<twb> apparmour?
<twb> dmesg, logfiles?
<ttx> SpamapS: I'd leave it to skaet... but you can voice your opinion on #ubuntu-release
<normanm> twb, apparmour disabled
<normanm> nothing in dmesg / logfiles
<ttx> i've mixed opinions
<twb> pastebin the output of stracing the dd
<normanm> let me cool vm admin first
<normanm> cool/call
<normanm> twb, http://pastie.org/1204860
<normanm> same with xfs
<normanm> so it must have something todo with the os
<normanm> or vm
<normanm> or whatever
<normanm> need to test more
<normanm> will come back later again
<twb> normanm: OK.
<twb> I wonder if dropping to single-user mode would help
<twb> I guess there's a lot of random shit in whatever upstart calls rcS
<normanm> true enoguh
<normanm> enough
<JamesPage> ttx:  who's the resident postfix/amavisd expect on the team?
<JamesPage> ttx: ^expert
<ttx> JamesPage: In the "Ubuntu server team" that would be ScottK
<ttx> Noone in the canonical team is the 'expert', but I guess SpamapS or mathiaz know a bit about it
<JamesPage> ttx: OK - just wanted a second option on whether AV scanning with a postfix 'Local only' config was a common use-case;  I don't think it is (bug 656048)
<uvirtbot> Launchpad bug 656048 in amavisd-new "package amavisd-new-postfix fails to install when postfix configured for 'Local only'" [Low,Confirmed] https://launchpad.net/bugs/656048
<twb> JamesPage: what would be the point?
<JamesPage> twb: I can't think of one :-); I guess you could send you (or someone else) on the same system a virus infected email
<twb> Wouldn't matter, since the system, being linux, doesn't really do the virus thing
<crb> nscd doesn't cache DNS requests in Debian/Ubuntu
<crb> therefore every time anything wants a DNS response on my local network, it goes to my DNS server
<crb> (tcpdump port 53 is very loud!)
<twb> crb: did you install it?
<crb> every now and then, under load, there's a 5 second delay on looking up names, which I suspect is related to running out of sockets
<crb> twb: install nscd?  I have it installed as I'm using LDAP for user auth
<crb> but it's the DNS traffic I'm concerned about at the moment
<twb> nscd definitely does *something*, because without it, lucid's pam_ldap fails to talk to hardy's slapd due to some bizarro bug that I can't remember
<crb> I had to install nslcd to work around a bizarro bug with pam_ldap
<crb> but the LDAP part is fine
<twb> PADL needs to get their shit together
<crb> I'm seeing 80 DNS requests a second from a given web server in production
<crb> multiply that by lots, and it makes me think some local caching might not hurt
<crb> what's the general feeling on that?
<twb> Shrug
<crb> honest :)
<twb> Note that nscd only affects nsswitch users
<qman__> a caching secondary would likely solve that problem, but I'm wondering why a web server is making DNS requests at all
<twb> Some retarded programs, like firefox and polipo, do their own DNS resolution.
<twb> qman__: PTRs
<crb> qman__: resolving internal services
<crb> it does a SOAP call to our SSO
<qman__> ah, ok
<twb> single sign-on?
<crb> authentication backend, yes
<twb> SOAP's a funny way to spell LDAP/krb
<crb> LDAP is for UNIX users
<crb> SOAP is for web users (Atlassian Crowd)
<twb> And windows users
<crb> And dirty people
<crb> anyway, I didn't pick the applications
<crb> (the web ones)
<twb> Yeah, fair enough
<qman__> well, installing a DNS caching server on the web server with a reasonably short cache life (an hour or so) would solve the network bottleneck
<twb> OpenID needs to die and be replaced by krb
<twb> qman__: isn't that what nscd is?
<crb> qman__: you have any preference? dnsmasq?
<qman__> I don't know what nscd is
<crb> my understanding is nscd would do it transparently, at system call level
<twb> I wouldn't think 80 hits per second is exactly a bottleneck
<qman__> and I don't really have a preference, I haven't done anything extensive to have an opinion on performance of them
<twb> crb: yes, but only for stuff that uses those syscalls
<crb> true
<twb> crb: if your app is doing them directly then it'll ignore nscd
<twb> You could try asking ss/netstat what's connecting (-p)
<crb> nothing appears out of the ordinary
<soren> nscd doesn't work at the syscall level, but at libc level.
<soren> syscalls are the interfaces to the kernel. The kernel doesn't care about DNS (or usernames, etc.).
<twb> soren: sorry, I was a bit confused
<bigbrovar> Hi guys, am using kubuntu 10.04 and am thinking of upgrading to 10.10 I setup ssh passwordless login keys on my current system to couple of servers I admin. can I just backup and save my .ssh file in my home and use it on the new install. would it work? or I would have to setup ssh-keygen again on the new system?
<a_ok> Is there a way I can boot ubuntu without networking?
<uvirtbot> New bug: #656225 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1 [modified: usr/share/bind9/bind9-default.md5sum] failed to install/upgrade: el subproceso script pre-removal instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,Confirmed] https://launchpad.net/bugs/656225
<milx> my hosting provider sent me this log of suspicious activity on my account http://pastebin.com/bAU7RkeM - how would I generate such a log on my own server?
<hggdh> ttx: a question -- the server ISo does not have 'reinstall Grub' anymore on the rescue option?
<ttx> hggdh: no clue... it used to have that ?
<hggdh> ttx: it did, yes
<hggdh> ttx: but it is not there now. The Alternate CD has it still
<ttx> strange... I see no reason why it would have disappeared specifically on the server CD... maybe ask on #ubuntu-release
<zoopster> bigbrovar: as long as you have your private AND public SSH keys...no need to recreate via ssh-keygen
<bigbrovar> zoopster: thanks :)
<zoopster> a_ok: not sure the context, but ubuntu runs fine sans network...a server is rather useless w/o networking, imho, but it will run
<uvirtbot> New bug: #656251 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/656251
<hggdh> ttx: My fault, I only tested LVMs yesterday...
<a_ok> zoopster: I disabled the NICS in bios, I wanted it to start without network active to prevent ipconflicts
<spiralis> Maedox. Probably not a good idea, but - not my hardware :(. Thanks for the channel info.
<elmuerte> I have an interesting issue with a newly installed 10.04 server on an asus eeebox 1007: after a few seconds of network inactivity it looks like it falls a sleep, and needs a second packet to wake up
<spiralis> Hi all, I am having problems with installing ubuntu-server due to failing to install grub.
<zoopster> a_ok: well...disabling in the bios will do it.
<spiralis> This is a standard PC with two SCSI RAID drives.
<a_ok> zoopster: was looking for some kernel option to acceve that (like startt in some runlevel that does not enble netork stuff)
<a_ok> zoopster: yeah I was in luck it was on board stuff
<a_ok> I have no physical access
<zoopster> a_ok: ah I see...so you have a ILO board or something then...not sure what runlevel removes networking...2 maybe? Never had a need so it's been purged from my memory banks. upstart manages that so a quick search on it may yield what you want faster
<jjman6_> does nfs4 not support ext4? i'm having problems exporting ext4 partitions. but ext3 seem to work
<qman__> a_ok, recovery mode (single user) should accomplish that
<qman__> though I haven't tested it
<qman__> however it will have significantly reduced functionality
<qman__> if all you wanted to do was change network configuration while offline and reboot, recovery mode would work
<qman__> jjman6, I don't see any reason why it shouldn't
<qman__> nfs doesn't directly access the filesystem AFAIK, so it should work with any
<jjman6> qman__: well i've tried on several partitions & 2 machines and i keep getting "... does not support NFS export"  error
<qman__> google says you're not the only one
<zul> morning
<qman__> no real results though
<qman__> is your desired export directory doing anything special or unusual? mount -o bind? encrypted home? symbolic link?
<ttx> smoser: we might respin -- that would affect cloud images too, at least to change the lsb-release name
<ttx> Current finals still  shows "Ubuntu maverick (development release)"
<ttx> fixed in archive
<hggdh> ttx: the only change would be that?
<ttx> hggdh: no, we also get others
<hggdh> ttx: OK, back to testing then
<ttx> hggdh: we still try to fix the "grub broken on some servers" issue
<ttx> that's what's holding up the potential respin
<hggdh> ttx: you mean not being in the rescue option, or other brokeness?
<ttx> no, other brokeness. bug 641259
<uvirtbot> Launchpad bug 641259 in grub2 "grub does not appear to load after maverick post-beta install" [Critical,Fix released] https://launchpad.net/bugs/641259
<ttx> it's not really fixreleased yet.
<ttx> we also have bug 656037 in the queue
<uvirtbot> Launchpad bug 656037 in choose-mirror "Software sources not selected" [High,Fix released] https://launchpad.net/bugs/656037
<ttx> that affects d-i, so server
<hggdh> yes, and a nasty one
<elmuerte> ok.. the problem I had is a local machine issue... other machines have no issues connecting to the new ubuntu server
<linuxawi> !release
<ubottu> Ubuntu releases a new version every 6 months. Each version is supported for 18 months to 5 years. More info at https://wiki.ubuntu.com/Releases & http://wiki.ubuntu.com/TimeBasedReleases
<jjman6_> qman__: no,  i finally got a mount to work tho.  just still have no luck with any directories in my users home dir.  always says not support NFS export
<jjman6_> qman__: and the other intersting part is using nfs4  os the type no longer seems to work.  i have to use straight -t nfs
<binBASH> someone knows how to edit a file in a qcow2 kvm image?
<smoser> ttx, :-(
<smoser> ttx, i ran tests already. oh well, run them again if we respin
<ttx> smoser: it's not as if it wasn't automated ;)
<binBASH> I found this http://libguestfs.org/virt-edit.1.html but it's not shipped with ubuntu unfortunately
<smoser> ttx, no, but it does cost $50
<nijaba> SpamapS: nice https://wiki.ubuntu.com/CloudLoadbalancingHowto, but shouldn't it be help.ubuntu.com/community/ wiki ?
<ttx> smoser: that's nothing compared to what devpay pays you every month, right ;)
<smoser> well, no, but i like to spend canonical money as if it were my own and I *didn't* have an unlimited stream of money.
<hggdh> smoser: do I understand that _you_ have an unlimited stream of money?
<zul> hggdh: its his little pot of gold
<smoser> ttx, so, to be clear, there is a lsb-release update ?
<smoser> https://launchpad.net/ubuntu/+source/lsb
<ttx> base-files
<smoser> the latest i see in archive is 4.0-0ubuntu8
<smoser> oh.
<smoser> ok
<ttx> /etc/lsb-release is shipped in base-files
<smoser> ok. so i have to start a spin.
<ttx> we should have a d-i update as well
<smoser> will do.
<ttx> smoser: not now... we might get a new grub as well
<smoser> ok.
<ttx> I'll let you know
<smoser> just tell me when to push go
<smoser> i will hold my breath
<smoser> hggdh, well the "joke" is that every time someone runs an ubuntu instance on ec2, i get pennies
<ttx> smoser: how did the "current" tests go ?
<ttx> I see them all at 0/2 on the tracker so far
<ttx> smoser: also there is no cloud image on the tracker yet
<ttx> (tar.gz)
<smoser> well, there doesn't need to be :)
<smoser> i had asked that to be populated, but oh well.
<ttx> hmmm
<ttx> doing tests on the previous dailmy is not completly useless
<ttx> as in.. it's the last time to catch a last-minute bug
<ttx> Daviey, hggdh: did you test recent cloud images  ?
<Daviey> ttx: yes, i tested the latest one
<Daviey> 'current', this morning
<ttx> ok.
<hggdh> ttx: I certainly tested the UEC ones, on both amd64 and i386, but I did not test EC2
<Daviey> The only thing that i noticed the hostname not being resolved... when sudo'ing
<ttx> ok, so even if we have no results registered yet, it looks good, I assume
<Daviey> I thought that wasn't an issue previously.
<ttx> its been a long time since I last did sudo into a cloud image running on EC2, I must confess
<ttx> s/EC2/UEC/g
<hggdh> I am missing the UEC images tests from the ISo tracker, though -- where are they?
<Daviey> ttx normally roots them via an unpublished kernel buffer overfill.
<ttx> hggdh: <smoser> i had asked that to be populated, but oh well.
<ttx> Daviey: who needs sudo anymore ?
<smoser> ttx it was in the same request as for ec2 images so it just must have been lost.
<Daviey> :)
<hggdh> Daviey: I did not see any issue on sudo
<ttx> smoser: those QA people are so unreliable
<hggdh> oh, yes, don't trust them
<hggdh> er
<ttx> I mean, marjo left the remains of his lunch on the table, and it smells now
<hggdh> LOL
<hggdh> what, anchovies?
<ttx> salmon
<ttx> a bit of rice
<Daviey> and a lemon
<ttx> I'll flush that down the toilet now
<ttx> done.
 * Daviey watches ttx take it to the bin... i wonder if bin and toilet are lost in translation.
<ttx> Daviey: you don't want to know
<hggdh> TMI, TMI
<Daviey> :)
<ttx> Daviey: I got lazy on my way there
<patdk-wk> texas medical industry? what do they have to do with anything?
<ttx> yay, fire alarm
<hggdh> actually, Too Much Info
<patdk-wk> :)
<hggdh> so, ~1.5 hours for the next ISO?
<ttx> hggdh: no ETA
<ttx> hggdh: cjwatson wrestling the grub situation in some obscure server room
<ttx> see #ubuntu-release for progress
<hggdh> ttx: ack
<ttx> hggdh: just in case we end up keeping the current candidate, would be good to register your test results on cloud images on the tracker
<hggdh> ttx: indeed, but we are missing the entries for UEC
<ttx> hggdh: I thought you could fix that. Maybe ask ara ?
<hggdh> will do
<bpgoldsb> Kinda of tricky question.  I could be approaching this the wrong way, but this is a good crowd to ask.  I've got ~15 megs of PHP files for a webserver.  It's running in a VM, with less ram than I'd like.  Can anyone think of a way to force/trick Linux into keeping those files cached?
<bpgoldsb> The goal is to avoid disk-hits for the majority of page loads
<patdk-wk> bpgoldsb, cat /var/www/* > /dev/null
<patdk-wk> in cron every min :)
<JamesPage> ttx: Can you take a look at bug 656173?  Its a maverick bug related to multiple chained backing_files/qcow2 in libvirtd
<uvirtbot> Launchpad bug 656173 in libvirt "virt-aa-helper generate incomplete apparmor profiles  with chained backing files" [Undecided,Incomplete] https://launchpad.net/bugs/656173
<ttx> JamesPage: that would be a new feature. At that point we just support the first level
<JamesPage> ttx: its a regression from Lucid where this actually works
<ttx> I'd wishlist it... maybe jdstrand has another opinion
<ttx> JamesPage: ah?
<ttx> that surprises me
<JamesPage> Permissions in apparmor profile are incorrect but it parsers all three levels of file.
<jdstrand> JamesPage: can you try setting 'allow_disk_format_probing = 1' in /etc/libvirt/qemu.conf?
<JamesPage> Yeah - I'll give it a spin now.
 * ttx didn't know that was supposed to work ;)
<jdstrand> (it isn't in 0.8.3)
<jdstrand> not without setting that option
<bpgoldsb> patdk-wk: Interesting idea. ;)
<patdk-wk> there is an even more interesting idea :)
<JamesPage> jdstrand,ttx: that did the trick (after a restart of libvirtd); all three levels of disk are now detected correctly.
<JamesPage> ttx: does this need to go into the release notes?  Could trick some people out.
<jdstrand> JamesPage: as you read from the conf file, this is by design. it fixes a CVE
<ttx> JamesPage: ask skaet on #ubuntu-release
<jdstrand> I'll comment in the bug
<patdk-wk> http://www.mythtv.org/wiki/User:Yeffetn
<patdk-wk> scroll down to the nocat program
<JamesPage> jdstrand: do you want to put some words together on this feature?
<jdstrand> JamesPage: I can, but it'll be in a while
<JamesPage> jdstrand: I can draft something for review if that would help; also need a pointer on where to put release notes (not done it before...)
<jdstrand> JamesPage: I'll do it. I'd like it to be similar if not identical to the USN text I will be drafting
<JamesPage> jdstrand: OK - let me know if you want a second pair of eyes over it.
<smoser> hggdh, do you have any use for 20101007.1 images ? ie, should i get them to http://uec-images.ubuntu.com (even though thy're not completlye published yet)
<hggdh> smoser: I would rather wait for the server respin -- then I can get it all done in one single swwep
<smoser> good deal
<hggdh> smoser: so, no hurry
<elb0w> How do I update sources to fastest mirror from shell?
<franksterville> http://www.debianadmin.com/howto-select-fastest-mirror-in-debian.html
<franksterville> if ur deb.... that is
<elb0w> k ty
<ewook> elb0w: a university close to you? :)
<elb0w> nyu
<elb0w> franksterville, apt isnt finding that
<elb0w> any other options?
<franksterville> not finding netselect?
<franksterville> ahhh crap its broken under ubuntu
<franksterville> sigh
<elb0w> :(
<franksterville> you could ping them all rofl
<elb0w> hahaha
<elb0w> i have ubuntu gui here
<elb0w> its not server though
<elb0w> could I take those mirrors and change them?
<franksterville> with gui ...  http://www.ubuntugeek.com/how-to-select-fastest-mirror-in-ubuntu.html
<elb0w> yeah ive done it in gui
<elb0w> but I cant move that over to server right?
<franksterville> i dont actually know lol
<franksterville> sheeshe
<franksterville> ummmm
<elb0w> im comparing the files
<elb0w> ill check
<elb0w> :)
<franksterville> kk
<elb0w> looks like i can
<elb0w> lol
<franksterville> they match up?
<franksterville> nice
<elb0w> could be that its a 32bit server
<elb0w> and 32bit client
<elb0w> would make sense
<franksterville> ahhhh lucky lol
<elb0w> yeah i have a 64bit server i have to do this for though
<elb0w> :(
<franksterville> i try to run headless but sometimes i have to cave to connecting a kb and monitor
<franksterville> i hate it
<elb0w> 1.2megs > 1.2B
<elb0w> the server doesnt even have a gui
<franksterville> install gnome
<franksterville> lol
<elb0w> lol
<franksterville> startx :)
<elb0w> no need actually
<franksterville> yeyeye
<elb0w> Install x server
<elb0w> ssh -X
<franksterville> ye that to
<elb0w> oh I guess package manager is part of gnome
<elb0w> that wouldnt work
<franksterville> lolol
<franksterville> pwned
<elb0w> :(
<franksterville> doh!!!:/
<ttx> new ISOs on a mirror near you, maybe
<ttx> go wild!
<ttx> JamesPage, hggdh, SpamapS, Daviey, zul ^^
<zul> ack
 * hggdh goes suffer a bit more
<hggdh> ttx: if smoser has published the UEC images, can you please re-enable them on the ISO tracker?
<smoser> hggdh,
<smoser> http://uec-images.ubuntu.com/server/maverick/20101007.1/ is populated with images (no ec2 info yet)
<Daviey> \o/
<hggdh> smoser: cool, thank you
 * hggdh goes back to suffering a bit more
<SpamapS> ttx: I'm on battery on shared wifi at puppetcamp.. probably shouldn't be downloading isos. ;)
<ttx> ah! you're at puppetcamp too ? That's 3 of you, right ?
<uvirtbot> New bug: #656415 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu7.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 3" [Undecided,New] https://launchpad.net/bugs/656415
<SpamapS> ttx: yes, just the intro to mcollective seems worth the 70 minute flight. ;)
<ttx> mcollective?
<SpamapS> http://marionette-collective.org/
<SpamapS> messaging layer for puppet
<ttx> ah, right. Teyo mentioned it to me
<SpamapS> Described as an "Orchestration framework"
<SpamapS> Only thing I don't like is activemq .. but I'm sure it can be made to not suck. ;)
<ttx> JamesPage: did the hudson instance take up the new ISOs ?
<illytacos> hi folks, i need some desperate help my job is literally on the line. I am having a hell of a time to get samba share working and I just need it to work for one user and one file just to show it works
<illytacos> please please please help
<RoyK> what's wrong?
<RoyK> describe your config and pastebin smb.conf
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<RoyK> illytacos: ?
<jeiworth> yeah samba can be a pita in the beginning, but once you get the hang of it it's actually pretty straight-forward
<illytacos> thanks RoyK I'm just trying to go back and fix some of the crap I already did wrong
<RoyK> illytacos: you need to be a little more specific if you want us to help :)
<illytacos> yeah for sure sorry just give me one sec
<illytacos> I need to start from scratch
 * RoyK would gladly spend some time helping illytacos to save his job
<illytacos> I tried to migrate permissions from one file to another
<RoyK> illytacos: start out by pastebinning the config
<illytacos> and oh man did that not work out
<RoyK> illytacos: posix ACLs?
<illytacos> ok
<illytacos> whew. sorry abotu that
<illytacos> ok so now I'm followign this tutorial for now just give me a sec to modify the samba config file
<ttx> closing for the day -- happy ISO testing everyone :)
<illytacos> http://www.jonathanmoeller.com/screed/?p=1590
<ttx> smoser: you should be able to find someone to post your EC2 AMIs to the ISO tracker on #ubuntu-release
<RoyK> illytacos: no, pastebin /etc/samba/smb.conf
<ttx> smoser: and start the automated tests
<illytacos> ok hnx
<ttx> JamesPage: please add your magic test results to the tracker when they are done as well :)
 * RoyK waves his wand in ttx's direction
<JamesPage> ttx: will do; they will take most of the night to spin through so will update in the morning.
<ttx> JamesPage: works for me
<illytacos> there done
<illytacos> thank you
<JamesPage> ttx: great
<illytacos> http://paste.ubuntu.com/508176/
<illytacos> I feel like I'm going to have a heart attack -_-''''
<RoyK> illytacos: calm down :)
<illytacos> thnx
<RoyK> so cutting away the comments, here's the file http://paste.ubuntu.com/508178/
<RoyK> what is [test]?
<RoyK> your test share?
<RoyK> if so, that needs at least a path
<illytacos> sorry what are the comments?
<RoyK> anything starting with # is a comment
<RoyK> that is, not parsed
<RoyK> by samba
<illytacos> ok so I get rid of the # cool.
<RoyK> er
<RoyK> no
<RoyK> don't
<RoyK> what are you trying to do?
<RoyK> make a test share to some dir?
<illytacos> yes
<illytacos> I can put the path in
<RoyK> here's an example share http://paste.ubuntu.com/508182/
<RoyK> from one of my test boxes
<RoyK> everything not under [global] are treated as shares
<uvirtbot> New bug: #656456 in samba (main) "Samba is filling the disk with two logfiles (syslog and daemon.log) with messages on "No data on inotify ds?!" [Undecided,New] https://launchpad.net/bugs/656456
<RoyK> illytacos: or to detail it - first you have a [globals] section, then, after that, you have [myshare], [yourshare], [whateveryyouwannacallit]
<illytacos> amazing!!!!!!!! i got it I got it
<RoyK> :)
<illytacos> ok now how on earth do I set up a new user?
<illytacos> to access a few of the files
<illytacos> oh my god I love you
<RoyK> illytacos: smbpasswd -a someuser
<illytacos> omg ok thnx
<RoyK> iirc you need to create a unix user for it as well, but I'm not sure about that
<RoyK> better just try with smbpasswd -a someuser first
 * RoyK gladly accepts Islay whisky in payment
<RoyK> s/in/as/
<illytacos> sorry royk in terminal i type which smbpasswd -a user how do I set up a password
<RoyK> illytacos: http://paste.ubuntu.com/508186/
<RoyK> it needs a unix user, it seems
<illytacos> cannot lock /etc/passwd...??
<RoyK> illytacos: if you have a windows domain controller in the network, configure samba to use that
<RoyK> illytacos: erm - are you root?
<illytacos> omg sory I'm panicing and not thinking sorry
<RoyK> :)
 * RoyK hands illytacos a dram
<illytacos> crap access denied
<RoyK> illytacos: you don't have root access to the box?
<hggdh> darn! Why does libvirt change the ownership of an ISO image?
<illytacos> I need to access it from a windows machine
<uvirtbot> New bug: #656465 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu6 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/656465
<RoyK> illytacos: the shares can be accessed from a windows machine once you have created samba users
<illytacos> ok so I just created a user
<illytacos> and no dice
<RoyK> both useradd -m username and then smbpasswd -a username?
<illytacos> yeah
<RoyK> perhaps setting a unix password for the user might help - 'passwd username'
<JavaAtom> Trying to install 10.04 Server (x64) on a series of three RAID-0 devices (on two physical hard drives) -- Grub fails to install. How am I doing it wrong?
<JavaAtom> ** The three raid devices are 100MB /boot, 16GB swap, and 4TB /
<RoyK> erm ... three raid-0 devices??
<JavaAtom> RoyK: Software raid.
<RoyK> sure, but that's playing with matches and gasoline
<JavaAtom> And hoping the server doesn't lose a drive, I get that.
<JavaAtom> Should I just move to a RAID-1?
<JavaAtom> For everything?
<RoyK> dunno - never tried that - perhaps using a dedicated /boot partition will help
<RoyK> I'd do that if I were you
<RoyK> disk space isn't very costy atm
<RoyK> I have a bunch of servers with linux software mirrors (raid-1) - works well
<RoyK> a little tricky on old Hardy, but with Lucid, it's smooth
<JavaAtom> RoyK: Getting these 2-TB drives (and the server) was hard enough. This is also for our wiki
<JavaAtom> RoyK: * Enterprise wiki. Regular backups will be made and moved to a backup server.
<illytacos> RoyK: sorry um how to I set a unix one?
<RoyK> passwd username
<uvirtbot> New bug: #656471 in mysql-dfsg-5.1 (main) "package mysql-server-core-5.1 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/my_print_defaults', which is also in package mysql-cluster-server-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/656471
<illytacos> hm on the windows machine it says thatthe path can't be found but I navigated to it in explorer
<RoyK> illytacos: pastebin smb.conf again, please, and make sure the path it points to is writable for that user
<RoyK> or at least readable
<illytacos> tnx
<RoyK> chmod 777 /path/to/data
<illytacos> http://paste.ubuntu.com/508206/
<RoyK> illytacos: ls -ld /home/oecmsrvtst01/test/OECM_OFFICE_APR08
<illytacos> RoyK: so chmod 777 ls -ld /home/blah/blah
<RoyK> illytacos: ls -ld /home/oecmsrvtst01/test/OECM_OFFICE_APR08
<RoyK> pastebin that
<illytacos> oic
<illytacos> http://paste.ubuntu.com/508218/
<RoyK> illytacos: what is the username with which you are trying to connect to the server from the windoze box?
<uvirtbot> New bug: #655846 in samba (main) "package winbind 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/655846
<illytacos> RoyK: pm'd
<illytacos> honestly after all this I don't even know if I care about staying
<illytacos> if I didn't have bills I would walk out. RoyK you're awesome and thank you
<RoyK> illytacos: try to chmod 777 that dir first
<RoyK> see if that helps
<illytacos> yes but now I can see everyone's everything
<RoyK> what do you mean?
<illytacos> the user name and pass help but I can see all files. I need the rest to be locked down except for the one I set permissions on
<RoyK> illytacos: how many users are there in this network?
<illytacos> just root, server and me
<illytacos> for now
<illytacos> oh hang on
<illytacos> I think I made myself admin in error
<franksterville> Is there a .conf file that handles all printers or are they separate somewhere
<RoyK> if you create [homes], a special share is created for each user, pointing to that user's homedir
<RoyK> franksterville: it's in the CUPS docs
<franksterville> man?
<illytacos> RoyK: er...
<RoyK> illytacos: man smb.conf :)
<illytacos> yes but... I have no idea what I type... I just type [homes]?
<RoyK> illytacos: do you want to share all data, or do you want separate shares for private data?
<illytacos> seperate shares for private
<RoyK> well, a [homes] section in smb.conf will help you there
<RoyK> illytacos: man smb.conf
<RoyK> it's all there
<RoyK> the docs
<illytacos> I don't know what man is
<RudyValencia> man is the linux manual viewer
<RoyK> illytacos: on the command line in linux, type 'man smb.conf' and press <enter>
<RoyK> without the quotes
<illytacos> ohh ok
<franksterville> just a random tidbit....  There are 5 members in the #webmin IRC
<franksterville> thats it
<JavaAtom> RoyK: Any suggestions on a "proper" way to use the space of two drives as one giant usable space?
 * RoyK loathes web-based administration
<illytacos> I'm sorry RoyK
<illytacos> thank you
<franksterville> RoyK:  werkin on headless and webless:  My terminal-foo is poor
<RoyK> JavaAtom: I'd say 50 gigs for the root (which will be quite sufficient) and the rest for /home or perhaps a separate /data partition - you choose
<RoyK> JavaAtom: if there is room for more drives in the box, make sure to set it up with LVM so that you can add another mirror later and add that space to the filesystem
<RoyK> franksterville: not to be harsh, but learning basic administration is quite easy and once learned, it'll help a lot
<franksterville> RoyK:  Oh I understand.  Real admins do just that, they dont muck around in a gui because it is too slow that way.  Bash is so much faster IF you know wtf ur doin
<jeiworth> JavaAtom: if you want to creat just one big partition out of 2 hdds you might want to look into lvm or raid-0
<jeiworth> although neither is really recommendable due to possible data loss in case of a single hdd failure
<RoyK> franksterville: it won't take too long to learn that part
<\sh> .oO(webmin, that's so 1990ties)
<jeiworth> hehe
<JavaAtom> jeiworth: That's what I thought -- I was just looking for some potential alternatives.
<franksterville> RoyK:  I get frustrated when I have to stop and read the entire Man 3 times lol
<RoyK> jeiworth: I think he's setting up a mirror of two 2TB drives
<jeiworth> JavaAtom: well, as said, technically quite possible, but not recommendable
<franksterville> bout to apt-get remove webmin
<RoyK> franksterville: just use another terminal :)
<JavaAtom> RoyK: Nope, trying to span/stripe across both still.
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<RoyK> JavaAtom: you're mad
<RudyValencia> Will setting up SSH with OpenSSL keys stop login attempts from bad users that I get a lot of in my logs?
<JavaAtom> RoyK: Either that or I figure out how to get this single application to spread its data over two dedicated partitions.
<franksterville> the bot dont even like webmin sheeshe
<franksterville> lol
<JavaAtom> RoyK: Which do you think is harder? :P
<jeiworth> RoyK: that's another way to put it.. ^^
<RoyK> JavaAtom: just reinstall on a mirror
<RoyK> franksterville: for good reason
<\sh> webmail QMail Module Descr: Configure the popular Qmail mail server package | Author: Stephan '\sh' Hermann | Last Updated 2001-01-21 11:11:39 *lol*
<RoyK> qmail????
<JavaAtom> RoyK: You're not getting it -- I need more than the one 2-TB space I'd get out of that. Raid would work, but there's an error when I try to install GRUB on the raid-0.
<franksterville> RoyK:  okok I'm gonna go cold turkey...  Mark this day....
<franksterville> remove then purge?
<franksterville> remove then clean?
<RoyK> JavaAtom: then reinstall with a separate /boot fs
<JavaAtom> RoyK: Okay -- that should work then.
<RoyK> JavaAtom: I don't think grub likes raid0
<\sh> RoyK: yes...I used qmail to spam DENIC (.de registry) with "REG: foobar.de" mails...I crashed their sendmail on sun os in 1998
 * RoyK uses postfix
<JavaAtom> RoyK: I was thinking that might help solve it -- again, thank you much.
<jeiworth> grub doesn't seem to like any raid, tried to set up raid 1 on a running system with multiple partitions and all worked fine except for boot partition, that still boots from a "normal" one
<Dev^Null> Hey all I have a disk image of ubuntu 9.10 that I replicate to about 500 different machines. I am having an issue with the 70-persistent-net.rules becuaes it wants to name the nic based of the mac address while this changes with each machine. I would like to set it up to look if ATTR{operstate}=="up" then  call that car eth1 I have 2 nic's in each box and only one is ever used. how would I do this.
<\sh> RoyK: and I installed qmail on any customer server we sold these days, and the cusomters wanted to have webmin, so I wrote a qmail plugin...the very first ;)
<RoyK> JavaAtom: just keep in mind that when one of the drives die, the shit hits the fan
<JavaAtom> RoyK: Absolutely.
<guntbert> RudyValencia: not by itself, but after setting that up correctly you can turn off password based logins in ssh entirely
<JavaAtom> RoyK: That's why I have backups pushed to a diff server.
<RoyK> JavaAtom: and with the current pricing of drives, wtf don't you use a raid5 or something?
<jeiworth> raid6!
<\sh> Dev^Null: image based os deployment is a bit complicated with udev and nics on board...use FAI :)
<JavaAtom> Case only holds two drives for now. And I'm on a budget.
<jeiworth> Dev^Null: that's a good question, i have the same problem here every time i clone a test-vm, always changes the eth interface number :-/
<RoyK> RAIDz2 ftw
<\sh> jeiworth: raid6 costs license fees on HP G6/G7 Hardware with p410 smartarray on board ;)
<jeiworth> \sh: what's FAI, have a link? :)
<\sh> jeiworth: http://www.fai-project.org/
<jeiworth> \sh: yuck, license what? ;)
 * RoyK is planning two new servers with 11 7-drive (2TB) RAIDz2s in a zpool
<jeiworth> \sh: thx!
<\sh> jeiworth: debian project, 10 years old but very heavy maintained...very good, very fast...is being used all around the world
<\sh> jeiworth: together with (DC)Â² (http://dc2.sourcecode.de/ + http://launchpad.net/dc2 ) the better solution for bare metals and vms with pxe boot then preseeding, imaging or kickstarting :)
<\sh> jeiworth: 100 VM servers in less then 5 mins with a full blown ubuntu server setup
<jeiworth> \sh: wow, cool! thanks again, will give it a closer look :D
<\sh> jeiworth: if you need help or need infos join #fai@oftc and / or ask me in here.../me needs to leave now...going home :)
<RudyValencia> guntbert: maybe even denyhosts to stop more than three attempts?
<\sh> cu tomorrow
<jeiworth> \sh: 'aight, take care :)
<guntbert> RudyValencia: to be honest: I really don't care about attempts that *cannot* succeed
<RudyValencia> I'll just block interactive login without the public-key then
<RudyValencia> if that's possible - no public-key, no SSH
<franksterville> RoyK:  thx for the push  webmin nuked
<RoyK> :)
<franksterville> :O  what have I done lol
<franksterville> <breathe>   just a file/print server
<guntbert> RudyValencia: exactly, there are two lines in /etc/ssh/sshd.conf where you can do it, they are well commented
<RudyValencia> ah
<RudyValencia> and turning off password auth should reduce the number of attempts I see in my logs, right?
<RudyValencia> (also, it won't prevent me from accessing my SSH on the road because I have the other half of the key, right?)
<guntbert> RudyValencia: not necessarily - people can still *try*, but they cannot succeed
<RudyValencia> ah, there'll still be attempts in my logs, ugh
<RudyValencia> I hate my logfiles getting so big from them
<RudyValencia> but I also hate putting SSH on an alternative port
<guntbert> RudyValencia: just choose a *very good/long* passphrase for that key
<RudyValencia> I have one that uses a mix of characers from the keyboard-typeable set
<RudyValencia> *characters
<guntbert> RudyValencia: okok - but make it long too if you take the key on the road with the risk to "loose" it :-)
<RudyValencia> I rarely go out
<guntbert> RudyValencia: *you* said "... accessing my SSH on the road ..."
<RudyValencia> I rarely use it on the road
<RudyValencia> for those few cases that I do, PuTTY is on my USB keychain, not the comptuer
<RudyValencia> *computer
<RudyValencia> and the USB keychain is encrypted
<RoyK> illytacos: did you fix your problem?
<rneese> afternoon guys
<rneese> i need a good howto for unubtu-server custom iso
<franksterville> RoyK:  Thats serious hardware
<RoyK> franksterville: what?
<franksterville> the 2 new servers u planning
<RoyK> ah
<RoyK> yeah
<RoyK> fun :)
<RoyK> franksterville: to be used for Bacula storage
<franksterville> rename urself to BigRaid
<RoyK> hehe
<franksterville> You use Bacula?
<RoyK> franksterville: two boxes with 110TB net storage and one small one with 10TB net storage, some SSDs for caching and a truckload of RAM
<franksterville> I use Amazon S3 offsite
<RoyK> franksterville: not now, but we will
<RoyK> with tens of terabytes for a single backup, Amazon isn't really an option
<franksterville> huge storage
<elb0w> I am trying to build a Load balanced server setup with fail over. I was looking at Ultra Monkey but it looks like it hasnt been touched since 2007. Does anyone have any suggestions?
<franksterville> must be pron lol
<franksterville> or banking
<RoyK> franksterville: not really - http://nilu.no
<franksterville> ffs i cant read that
<franksterville> what laung is that lol
<RoyK> there's an 'english' link on top
<franksterville> ahh lol
<franksterville> ok hats better
<franksterville> this kinda site reminds me of a friend of mine at rfmd.com
<RoyK> franksterville: we got some press after us recently after the EyjafjallajÃ¶kull eruption - this scientist has constructed a sort of camera that can see volcanic ash ...
<RoyK> (or even SO2, but the ash follows that cloud)
<franksterville> wow insane stuff
<RoyK> franksterville: I guess I could have gotten better payment from a consulting firm than working with NILU, but then, it's quite fun to work with these nerds :)
<franksterville> more important to enoy life
<RoyK> indeed
<franksterville> this is why i decommisioned IIS in favor of ubuntu lol
<elb0w> So what do you guys use for fail over?
<RoyK> early IIS is a piece of crap, later they have added more of the good stuff
<franksterville> i love the simplicity of linux
<franksterville> so much easier to implement
<RoyK> elb0w: I don't use any atm, but glusterfs is rumored to be quite good
<RoyK> franksterville: ACK
<RoyK> splittettisplatter
<illytacos> hey RoyK I'm still having some challenges
<illytacos> trying to work through it
<nikolaj_basher> Hi :D is there any buddy how has set up an sms gateway?
<uvirtbot> New bug: #656527 in samba (main) "net usersidlist on a newly-installed samba server crashes with SIGSEGV" [Undecided,New] https://launchpad.net/bugs/656527
<alex88> if i want to use wget and then shutdown the pc..i have to use sudo to shutdown but i will asked after wget terminates..how to ask at starting?
<alex88> like sudo (wget file && shutdown -P now)
<RudyValencia> I'm trying to install Ubuntu Server from the CD, but it says libldap and some other packages are corrupt
<RudyValencia> I burned the CD several times
<RudyValencia> but it still gives the same errors
<RudyValencia> I'm trying to install Ubuntu on my server but it keeps saying everything after libldap is corrupt, despite burning the disc two times.
<SpamapS> RudyValencia: what version?
<RudyValencia> 10.04.1
<RudyValencia> ah
<RudyValencia> no wonder
<SpamapS> ?
<RudyValencia> the md5sum of it is wrong
<SpamapS> RudyValencia: it happens. ;)
<RudyValencia> What I'll do is restart the torrent to "fix" the parts that did not download properly
<RudyValencia> ah, truncated download.
<RudyValencia> considering right now my backups are on a USB drive that I can't seem to mount with any Windows utility, I'm stuck until this finishes.
<demonspork> how can I restrict a user so that they can only bind to a certain IP addresS?
<demonspork> or, how do I monitor bandwidth usage on a per user basis
<echosystm> hi guys
<echosystm> i'm looking for a pretty transparent backup solution
<echosystm> essentially i just want to a plug a hard drive in and have it automatically clone the entire system to that hard drive
<echosystm> whats the best way to do this?
#ubuntu-server 2010-10-08
<echosystm> i could use LVM and raid1, then keep breaking the array, but that sounds a bit scary
<echosystm> essentially i'm looking for raid1, where i can physically remove the hard drive from the computer (to protect against power surges)
<_Techie_> echosystm, so you want a hotswappable RAID 1 setup
<echosystm> basically, yeah
<echosystm> i imagine this could be done somehow involving lvm
<echosystm> essentially i want to do backups without having to turn off the power or stop any processes
 * away_Sgiomlairea is now away - Reason : dinner
<_Techie_> echosystm, this might provide you with a bit of reading, http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg00182.html
<RudyValencia> OK, why are my ttys displaying text shifted two character places right?
<_Techie_> okay, i need a bit of help, my postfix server isnt authenticating properly when recieving mail - http://pastebin.com/Qg63NxP0
<demonspork> I am having trouble getting something to bind to a specific port  "java.net.BindException: Cannot assign requested address" but nothing shows up as being bound to that port
<demonspork> how can I check further if anything is trying to use that port but isn't showing up with netstat -l
<demonspork> ooooh, it can't assign it to that specific address, it doesn't matter what port it seems
<demonspork> lol, that IP didn't come up on reboot
<demonspork> although all of the other IP addresses did
<demonspork> hmm
<uvirtbot> New bug: #656596 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/656596
<paul_whipp> I can't ping my cloud server. I've executed "sudo iptables -A INPUT -p icmp -j ACCEPT" and allowed icmp in the security group. web services on the server are running fine but ping still just times out. How do I get ping to work?
<twb> Suppose I have an office network with a handful of servers and a high turnover of staff, who mostly use personal laptops.
<twb> Is there non-negligible benefit to advertising servers' services over that zeroconf DNS-SD stuff?
<twb> (Oh, and the laptops are mostly linux, with the occasional OS X or Windows user.)
<_Techie_> i have iptables setup to allow my server to act as the default gateway for my nework, is there any way to find out how much data is being sent and recieved by a specific internal IP?
<twb> _Techie_: a cheapass way would be to have a rule per host, and then count the packets/bytes that matched.
<twb> IIRC there are better ways, but I can't remember what they are.
<_Techie_> twb, do you know of a way that doesnt involve ripping apart my current set of rules?
<_Techie_> oh
<twb> They were probably too heavyweight for me to run on my 16MB router
<qman__> bandwidthd does that IIRC
<_Techie_> i see, well ive got a 2.2ghz athlon with 2gig of RAM, so nothing is too heavy
<qman__> if you have the horsepower to run it
<_Techie_> dual core athlon*
<qman__> it wasn't what I wanted, I just wanted a total, so I used vnstat instead
<twb> I didn't think bandwidthd could distinguish between hosts
<_Techie_> if you want a total, phpsysinfo gives it in a nice output
<twb> I think _Techie_ is trying to answer questions like "which bastard is using all the bandwidth?"
<_Techie_> no
<_Techie_> i just want to know how much data my phone uses to check mail and connect to IRC before i switch it to using the cellular network
<qman__> looks like it does go by IP   http://bandwidthd.sourceforge.net/
 * Sgiomlaireachd is no longer away : Gone for 2 hours 34 minutes 41 seconds
<qman__> not sure if it can go by internal IP
<qman__> may or may not do what you want
<twb> _Techie_: that's easy, then -- ask the phone
<_Techie_> twb, not sure if the phone knows how to answer that question =P
<twb> It's not running linux?
<_Techie_> no
<_Techie_> i wish
<twb> Huh, how backward
<_Techie_> im not actually sure what its running
<_Techie_> its a chinese touch screen phone designed to imitate the iphone
<twb> Oh, a lenovo one?
<_Techie_> no
<_Techie_> gimme a sec
<twb> Lenovo make a smartphone, but they only sell it to China
<_Techie_> twb, http://www.modster-pc.co.nz/shop/product_info.php?cPath=214&products_id=4162
<_Techie_> if i could find an app that would allow me access to the root of the phone via bluetooth, i could modify some stuff
<qman__> I've never used a phone that didn't keep totals
<_Techie_> but i cant find anything that will do that
<qman__> data and minutes
<_Techie_> i really dont want to just chuck it onto the cellular network, even though its prepay
<_Techie_> casual data rates are 50c per MB, or i can buy a 50MB pack for $6, but that only lasts one month
<ChrisBuchholz> Hey. I just purged couchdb on my 10.04 server, because i had a lot of problems with it, and the guys at #couchdb said that would be the easiest solution to fix it. I dont also deleted /etc/couchdb before i thought -- well, then everything must be gone and i can start fresh with apt-get install couchdb. But now my couchdb doesnt function. It says it needs different files in /etc/couchdb, and i understand why it fails, since /etc/couchdb doesnt
<ChrisBuchholz> I did also delete /etc/couchdb because i thought***
<twb> Sounds like you didn't really purge it
<ChrisBuchholz> twb: apt-get purge couchdb ?
<twb> It used to be apt-get remove --purge.  I guess "purge" is new and does the same thing.
<twb> I also suspected there was a libcouchdb1 or suchlike, but I can't see one.
<ChrisBuchholz> twb: hmm. Just tried one my time, this time with remove --purge. Didnt help, it still doesnt function
<ChrisBuchholz> /etc/couchdb is still non-existent
<twb> I know that if you *remove* (as opposed to purging) a package, then install it, the conffiles will remain deleted.  This is because dpkg assumes you deleted them for a reason.
<demonspork> there is an option to override that behavior
<demonspork> gah, I just saw it last night
<demonspork> where is iz
<twb> dvorak, eh?
<demonspork> lol - what makes you say that
<twb> Your typo
<demonspork> nope
<Zeu5> hi there, i have this message when i loggedinto my ubuntu server. http://picasaweb.google.com/lh/photo/aatDYefpWVu2HKMcb-7asA?feat=directlink should i do the sudo tasksel -section server ? do i need to restart my server? please advise.
<twb> Oh, swiss
<demonspork> Zeu5, what are you trying to use this server for?  the message about restart is probably a kernel update that has been installed but isn't in use, or some other various packages - most things don't require a restart though
<twb> Or another national keyboard layout near there
<demonspork> nope
<Zeu5> demonspork: its a webserver . hosting a webapp. LAMP stack
<demonspork> Zeu5, so you have all of those components installed already?
<Zeu5> demonspork: i mean webserver and database server in 1
<Zeu5> LAMP? yes its currently running.
<demonspork> k
<ChrisBuchholz> No luck on finding that command to override 'that' behvaior, demonspork ?
<demonspork> did you install the LAMP when you were doing the initial setup or install all the components later on
<demonspork> ChrisBuchholz, I looked into it a little bit - it is a dpkg command and I don't know how to make it happen using apt
<Zeu5> demonspork: sorry i am a newbie. so do i need to a) restart my server , b) do the sudo tasksel --section server?
<Zeu5> demonspork: i just did a sudo apt-get update and sudo apt-get upgrade. my LAMP was installed days ago
<ChrisBuchholz> demonspork: ah okay, sad :/
<demonspork> Zeu5, but you install all of the packages yourself?
<Zeu5> was the update & upgrade the reason for the message about server restart?
<Zeu5> demonspork: LAMP yes. sudo apt-get update & upgrade yes.
<demonspork> probably, it most likely installed a kernel update - which needs an update to actually be used
<Zeu5> demonspork: so what should i do? leave it alone? restart server? sudo tasksel --section server?
<demonspork> ChrisBuchholz, try this: "sudo ucf --purge /etc/whateveryourfilenameis
<demonspork> Zeu5, restarting probably should be done, the tasksel message is just it assuming you haven't installed anything useful yet
<demonspork> when you actually have
<demonspork> so don't worry about the tasksel
<Zeu5> hmm. i see. thanks demonspork. :)
<ChrisBuchholz> demonspork: yeah? No output, so no error, i guess. And then try to install couchdb again?
<demonspork> try it
<Zeu5> is there a command in ssh for me to restart the server?
<demonspork> shutdown -r now
<demonspork> you will need root, so "sudo shutdown -r now"
<demonspork> -r says to reboot, now tell sit when to restart
<Zeu5> btw, i am using an amazon web services. and the ubuntu is an machine image from canonical
<ChrisBuchholz> demonspork: holy crap. It worked!
<demonspork> :)
<ChrisBuchholz> thanks for your help, guys ;)
<demonspork> I am as surprised as you are
<demonspork> lol
<demonspork> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444076
<uvirtbot> Debian bug 444076 in nagios-mysql "nagios-mysql will not replace deleted config file /etc/nagios/database.cfg" [Normal,Fixed]
<demonspork> got the idea from there
<ChrisBuchholz> demonspork: ah, cool
<ChrisBuchholz> it works now, so lovely times to come
<demonspork> apt-get replace conf files   -    that is the google search that led me there
<Zeu5> demonspork: yes the restart message is gone. the tasksel is still there
<demonspork> hmm
<Zeu5> demonspork: so i just leave it alone for now yea?
<demonspork> yeah
<demonspork> I am trying to remember where all of those login scripts are kept
<demonspork> I wanna look through them
<Zeu5> okie cool. thanks demonspork
<_Techie_> twb, i just gave in, i set my data connection to GPRS and am testing things out
<_Techie_> thats not too bad, 13c to check my email, check facebook, and connect to my BNC and sync all 8 channels, with 50 lines of buffer
<twb> BNC?
<demonspork> Where can I find a list of the commands that run when I log in
<twb> You're still using thinwire?
<_Techie_>  thinwire?
<RudyValencia> Why are my ttys displaying text shifted two character places right (like, I type off the right side of the screen and not only does the cursor disappear for two characters but the text I type doesn't appear)?
<RudyValencia> uh, nvm I think my monitor's settings are messed up
<_Techie_> haha RudyValencia, problem lies between the keybaord and the seat?
<RudyValencia> no, problem is in the new LCD panel I bought
<demonspork> PEBKC
<RudyValencia> It seems to be 80x25 textmode getting misconfigured
<RudyValencia> (not by Linux but by the flatpanel)
<_Techie_> wait, you have a flatpanel, and your using 80x25 textmode?
<_Techie_> thats ever so slighly overkill i reckon
<RudyValencia> this is my server I'm talking about
<_Techie_> yeah
<_Techie_> i figured
<RudyValencia> Should I be running a minimal X session perhaps?
<_Techie_> no
<RudyValencia> maybe along the lines of twm?
<_Techie_> you should be logging in via SSH
<_Techie_> hell, Orannis doesnt even have a GPU
<_Techie_> leta lone a monitor
<_Techie_> let alone*
<RudyValencia> well, I'm trying to configure SSH for public-key auth without a password
<_Techie_> thats easy
<demonspork> doesn't require any config changes except disabling password login
<RudyValencia> don't I have to tell it to use the user's authorized_keys file?
<demonspork> after you have shared the public key ( cat id_rsa.pub > .ssh/known_hosts )  is a line I use a lot
<RudyValencia> ah
<demonspork> authorized keys
<demonspork> not known hosts
<demonspork> I typed the wrong thing
<RudyValencia> Oh
<RudyValencia> I'm using the wrong file
<_Techie_> RudyValencia, http://pastebin.ubuntu.com/508448/
<RudyValencia> I'm using the "opensshkey" file from PuTTYgen
<demonspork> .ssh/known_hosts in the user's home directory
<_Techie_> oh yeah
<RudyValencia> Yeah
<demonspork> that would be the file
<_Techie_> you will need to modify the public key that putty gives you
<RudyValencia> ah
<_Techie_> it needs to be in this format    '  ssh-rsa AAAAB3NzaC1yc2EA..............5B1eXHomBN6mU=
<_Techie_> and all on one line
<RudyValencia> ah
<_Techie_> i figured that out while working on Zeus, Hades, and Poseidon
<_Techie_> so once thats all done, just open the .ppk file from putty, connect and enter your username
<_Techie_> if you trust your own security and want to make things extremely automated, dont encrypt your private key and use an auto login username
<_Techie_> that way you can just right click the Pageant icon in the taskbar adn select the apropriate saved session, and your in without having to type anything
<demonspork> can someone else think of some terms to google to find the list of scripts that get executed when i log in?
<demonspork> like the landscape info and package stats
<demonspork> I been looking
<demonspork> I not finding
<RudyValencia> Okay
<_Techie_> demonspork, its ~/.bashrc if your using /bin/bash/
<RudyValencia> "Server refused our key"
<_Techie_> !bashrc
<_Techie_> !bash
<ubottu> The linux terminal or command-line interface is very powerful. Open a terminal via Applications -> Accessories -> Terminal (Gnome), K-menu -> System -> Konsole (KDE), or Menu -> Accessories -> LXTerminal (LXDE). Guide: https://help.ubuntu.com/community/UsingTheTerminal
<_Techie_> well, that was alot of use
<demonspork> _Techie_, yeah, but that doens't list any of the things that do run when I log in....
<demonspork> like the landscape information and the information about packages that are available for update
<_Techie_> RudyValencia, did you correct those lines in /etc/ssh/sshd_config ?
<RudyValencia> yes
<_Techie_> did you restart SSH
<RudyValencia> Yes
<RudyValencia> I think I'll copy the original config back over and try again (I have it stored as sshd_config.orig) :)
<_Techie_> okay
<demonspork> I found it
<demonspork> /etc/update-motd.d/
<RudyValencia> Still not.
<demonspork> those don't run on long exactly
<demonspork> they just run periodically and login displays the results
<RudyValencia> which key does the server hold?
<RudyValencia> the private key or the public key?
<demonspork> the server needs the public key
<RudyValencia> okay
<RudyValencia> I think I just had the wrong half
<demonspork> I am so excited - my HPSMH is working
<demonspork> I tried for like 4 days to get it working
<demonspork> and then I rebooted
<demonspork> and it worked
<_Techie_> grats demonspork
<RudyValencia> I probably need to generate a new keypair
<_Techie_> i owuld advise it, especially if you put your private key on the sevrer
<RudyValencia> Server is still refusing the key...
<_Techie_> =(
<_Techie_> pastebin the private key please
<RudyValencia> that's fine right?
<_Techie_> yes
<RudyValencia> It's a PuTTY key format
<_Techie_> pastebin it anyway
<_Techie_> and i will check it and tell you what you need to do
<_Techie_> hrmm
<_Techie_> what bit key is this?
<RudyValencia> brb
<_Techie_> 1024?
<RudyValencia> 1024 bit RSA
<_Techie_> kk
<_Techie_> RudyValencia, http://pastebin.com/zm46rQ2G
<RudyValencia> I see the problem
<RudyValencia> PuTTYgen puts "gxysrv01" at the end of the public key
<RudyValencia> and I pasted that in along with it
<_Techie_> that doesnt matter
<RudyValencia> apparently it did
<RudyValencia> for some odd reason Ubuntu server doesn't like it that way
<_Techie_> ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAp7kt8NZ4ZYvCrT7CZ+0f9Va1kNWSD2sSU4T3FoNfkb1w7S6446x4Y1yjLmKD90bEPovUVDmm/M6QSWN6BoHMQuIpp7jykKd5NOm0woMzsCNx3We7qOsqx9RDb0bw3eL+ByJP7IpySILE84g0fnrWGbztTjyTnKPKVLZEOEvEfjE=
<_Techie_> thats what your authorized_keys file should look like
<RudyValencia> ah
<RudyValencia> yeah
<RudyValencia> it does now
<_Techie_> also, the .ssh folder should be chmodded to 700, and the authorized_keys file to 600
<RudyValencia> mmhmm
<_Techie_> and both folder and authorized_keys file should be owned by your suer and group
<_Techie_> user*
<_Techie_> now it should work
<RudyValencia> I've been redoing my server and forgot half of those little nuances
<twb> _Techie_: auth.log will tell you if you get those permissions wrong
<twb> 14:14 <RudyValencia> PuTTYgen puts "gxysrv01" at the end of the public key
<twb> RudyValencia: that's the key comment.  The comment can be anything
<RudyValencia> oh
<twb> OpenSSH comments are usually <user>@<host>
<RudyValencia> maybe I did have the permissions wrong on the server-side
<_Techie_> or in my case, Techie's Key
<_Techie_> Authenticating with public key "Techie's Key" from agent
<_Techie_>   FTW
<RudyValencia> ah
<RudyValencia> in my case it's the name of the server
<RudyValencia> 'gxysrv01'
<twb> _Techie_: hm, mine uses the path.  I guess you run seahorse or something
<_Techie_> twb, putty
<_Techie_> RudyValencia, you need to think of a better name for your server
<RudyValencia> I use PuTTY too
<twb> $ ssh alioth.debian.org ==> Enter passphrase for key '/home/twb/.ssh/id_rsa':
<RudyValencia> It's named that because:
<RudyValencia> gxy = greeley
<RudyValencia> srv = server
<RudyValencia> 01 = well, 1
<RudyValencia> I do the same for my workstation, 'gxywks01'
<_Techie_> bah, you cant have a singular server with a name that makes sense
<RudyValencia> and my laptop, 'gxylap01'
<_Techie_> or even a cluster
<RudyValencia> hm
<_Techie_> you have to have a naming theme
<twb> RudyValencia: RFC1178
<RudyValencia> well, it used to be called 'excalibur' a long time ago
<demonspork> gah, I can't get rid of  these stupid mail messages that were sent when I typoed a crontab entry. I use "mail" and then I try using "d *" or "d 1" and the message never gets deleted. It doesn't give an error or anything, it is simply still there
<_Techie_> demonspork, manually edit your mail file =)
<twb> demonspork: use a better MUA than mail(1) ? ;-P
<RudyValencia> I'm trying to think of a new naming system
<_Techie_> RudyValencia, got a favourite book?
<RudyValencia> hitchhiker's guide series
<twb> *RFC 1178*
<_Techie_> RudyValencia, then pick names from that
<twb> _Techie_: that's a bad idea because the set is finite.
<_Techie_> so
<twb> Meaning that eventually you will run out of names to allocate.
<_Techie_> i have a cluster of VM's named after greek gods, thats finite
<RudyValencia> I think I'll just change to something like srv01.gxy.glenmereind.local
<demonspork> where is the mail file I need to edit
<_Techie_> demonspork, depends on your setup
<twb> RudyValencia: that should be an alias, not a name.
<RudyValencia> maybe gxy-serv-001 ?
<_Techie_> *sigh*
<_Techie_> be creative
<_Techie_> what about Astarael
<RudyValencia> I'm thinking
<RudyValencia> maybe LotR names, or maybe video game character names
<_Techie_> anything will do, its just gotta be something other than a plain name
<RudyValencia> ok, well, I'd have to alter a whole bunch of stuff but eh
<_Techie_> if the name tells you exactly where the server is, or what it does... then you gotta keep thinking
<RudyValencia> hm, maybe band names
<RudyValencia> I don't know
<RudyValencia> nah because 'boston' conflicts with the 'don't use a geographic name' rule
<_Techie_> hell, you could even use vegetable names
<RudyValencia> 'rutabaga.glenmereind.local', 'endive.glenmereind.local', 'chard.glenmereind.local'...
<RudyValencia> hehe
<gravity1187> hello everyone
<RudyValencia> Star Wars...
<_Techie_> perfect
<_Techie_> starwars would be great
<RudyValencia> 'luke.glenmereind.local', 'vader.glenmereind.local', 'anakin.glenmereind.local', 'hansolo.glenmereind.local', 'chewie.glenmereind.local', 'leia.glenmereind.local', etc.
<RudyValencia> it's probably been overdone though
<_Techie_> or, you could use species names
<RudyValencia> 'homosapiens.glenmereind.local'?
<RudyValencia> ugh
<_Techie_> RudyValencia, no, star wars
<RudyValencia> oh
<_Techie_> wookie, ewok...
<RudyValencia> nah
<RudyValencia> how about presidents?
<RudyValencia> hm nah
<RudyValencia> famous composers!
<gravity1187> Mozart
<RudyValencia> bach, brahms, mozart, pachelbel, beethoven...
<RudyValencia> yeah
<RudyValencia> but which to assign to which system(s)?
<RudyValencia> that's why I prefer the 'bland' naming scheme
<RudyValencia> it's only a small home net anyway
<_Techie_> RudyValencia, just start with one machine, assign a name... then move to the next... theyl stick with time
<_Techie_> that also reminds me, i need to rename my desktop
<RudyValencia> I don't know, I already have everything pretty well set up...
<RudyValencia> hm, I need to find an IP block that isn't being used in most places so that when I connect to my VPN I don't end up overlaying a network that exists there
<RudyValencia> 10.37.1.x/8 ?
<_Techie_> 192.168.15-254.X should be relatively safe
<RudyValencia> 192.168.15.x/24 ?
<RudyValencia> I had it 192.168.37.x/24
<_Techie_> yeah
<_Techie_> did you ever run into a conflict with 37?
<RudyValencia> I didn't go too many places
<RudyValencia> most of them have 192.168.0.x/24 / 192.168.1.x/24
<RudyValencia> (the places I know
<RudyValencia> hm, maybe that range in 172 might be interesting
<RudyValencia> 172.[16-31].x.y/20
<RudyValencia> oops
<RudyValencia> 172.[16-31].x.y/12
<RudyValencia> yeah
<RudyValencia> I'll do that
<RudyValencia> 172.16.x.y/12
<_Techie_> anyone in here know how i can find out what subsystem my cellphone is using?
<uvirtbot> New bug: #656660 in samba (main) "package samba 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/656660
<RudyValencia> How do I set up my server to automount my external hard drive when it's plugged in?
<coxn> RudyValencia: https://help.ubuntu.com/community/Mount/USB#Automounting%20%28Ubuntu%20Server%29
<RudyValencia> ty
<RudyValencia> thanks
<RudyValencia> hm, and I have a LaserJet 4 Plus connected to my server, what driver is best to use with CUPS?
<RudyValencia> Gutenprint, HPIJS, or...?
<RudyValencia> I would assume HPIJS is best as it's from HP
<shivraj123> i need to install BT4 tools in my server, some not able to connect to the repo.
<sabgenton> hey all I'm trying to do nat between  wlan0 (wan) and  eth0 (lan)
<sabgenton> i got it working  undershorewall  and did restarts  clears  and all
<sabgenton> still worked
<sabgenton> but on restarting the computer
<sabgenton> it stoped working!
<sabgenton> the firewall can ping out to wan and lan
<sabgenton> the lan hosts can see the firewall
<sabgenton> but the firewall is not NATing anymore
<sabgenton>  tcpdump shows no activity pasing from to lan
<sabgenton> now
<sabgenton> just  stops at the lan
<sabgenton>  and same in reverse  (port fowards stoped working)
<sabgenton> .
<sabgenton> so in short NAT has stoped
<sabgenton> mabye wifi  nics are bugy in linux ?
<sabgenton> for this sort of activity
<sabgenton> using ath5k driver i think
<uvirtbot> New bug: #656727 in samba (main) "Samba PDC breaks after recent update" [Undecided,New] https://launchpad.net/bugs/656727
<alvin> How can one *fix* the motd messages you get when logging in through ssh? (Messages are seen double, and also plain wrong)
<_Techie_> alvin, disable the motd via /etc/ssh/sshd_config
<_Techie_> ubuntu exectues its own motd when you login
<_Techie_> thats why you are getting double motd's and one of them is blantantly wrong
<alvin> _Techie_: I see. So, I have to do this on every server?
<_Techie_> by default the motd is disabled in ubuntu in openssh-server
<alvin> Well, there's no mention of it in sshd_config
<_Techie_> then add PrintMotd no
<alvin> I did, also restarted ssh. Didn't get any error message, but now I can no longer log in. It's a remote server. Now l have to wait until tuesday to fix it.
<alvin> There's no other way to log in :-(
<trimeta> I want the newest version of iodine, which isn't available in Karmic; there's a package in Debian Unstable, but I'm not sure how I'd use that on my system (possibly with apt-src) without pulling in the rest of Debian Unstable.
<_Techie_> !debian
<ubottu> Ubuntu and Debian are closely related. Ubuntu builds on the foundations of Debian architecture and infrastructure, with a different community and release process. See https://help.ubuntu.com/10.04/installation-guide/i386/what-is-debian.html - Remember, !repositories meant for Debian should NOT be used on Ubuntu!
<trimeta> _Techie_: I know, but the Ubuntu way of solving this (finding a PPA of the newer version of the package) isn't working.
<trimeta> So what else am I supposed to do, download the source and configure; make; make install?
<_Techie_> why not build it yourself?
<trimeta> I'd like to have apt have some idea of what I'm installing.
<trimeta> So it can manage things, maybe even pull in updates for me.
<_Techie_> you can build it into a .deb, but im not sure how
<kinygos> hi...if i want to be able to send e-mails from my web application (or from the OS to tell me when something has gone wrong), is it enough to install and configure Postfix?  do i need any services from my ISP in this case?
<kinygos> (it's a dedicated server)
<_Techie_> you will need to make sure that your ISP does not block port 25
<_Techie_> if they do, you will need to resuest to have it unblocked for your connection
<kinygos> _Techie_: awesome, thanks :)  is it challenging to setup and configure Postfix securely?  i've found what looks like an excellent doc on help.ubuntu.com
<_Techie_> once you get your head around it, postfix isnt too hard
<kinygos> _Techie_: thanks again for your time...most appreciated :)
<_Techie_> kinygos, https://help.ubuntu.com/community/Postfix
<kinygos> _Techie_: that's the doc i have :)
<_Techie_> well, thats a great guide
<_Techie_> i use it to aid me in quickly installing postfi
<_Techie_> postfix*
<_Techie_> do you have a static IP?
<kinygos> _Techie_: yes...it's a dedicated server, but on a tight budget :)
<_Techie_> what about a domain name?
<kinygos> _Techie_: yep..i have a couple
<_Techie_> well then, why not run your own mail server
<kinygos> _Techie_: cos that sounds really hard to set up :s
<_Techie_> not really
<_Techie_> it actually makes setting up SASL authentication easy with postfix
<_Techie_> you setup dovecot to authenticate against /etc/passwd and /etc/shadow
<_Techie_> and then you setup postfix to authenticate against dovecot
<_Techie_> then you dont have to fiddle around with PAM
 * kinygos is quickly looking up these terms
<_Techie_> !dovecot
<ubottu> IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol
<kinygos> _Techie_: i'm learning as i'm going along (and really enjoying it btw)...you make it sound easy...i'll probably be asking questions in this channel :)
<_Techie_> well, if im around... ill do my best to answer them
<kinygos> _Techie_: thanks again :)  i'm off to do a bunch of reading and try stuff
<_Techie_> well, you may want to start with dovecot first
<_Techie_> it will make postfix easier
<kinygos> _Techie_: :)
<kinygos> _Techie_: again, my knowledge is limited here...as the server will be hosting an e-commerce web application, should i be considering POP3 as opposed to IMAP?  there will be less than 10 mailboxes, and probably only 2 clients really using the mail server regularly in the early days
<_Techie_> depends on your need
<_Techie_> each has its upside and downside
<kinygos> ok..i'll read up..thanks :)
<_ruben> setting up an email server (sending and/or receiving) is quite trivial, setting up an email server that properly deals with spam and the likes is far from trivial
<kinygos> _ruben: that's what i thought...although, perhaps naively, i'm more concerned with my mail server being used as a spam relay
<_Techie_> its not hard to disable the relay function
 * RoyK think China is going to be slightly pissed off by this http://www.bbc.co.uk/news/world-europe-11499098
<JamesPage> ttx: I've updated iso.qa.ubuntu.com; noticed bug 656527 which hggdh raised yesterday which I have reproduced manually
<uvirtbot> Launchpad bug 656527 in samba "net usersidlist on a newly-installed samba server crashes with SIGSEGV" [Undecided,Confirmed] https://launchpad.net/bugs/656527
<JamesPage> ttx: the automated test suite for samba server did not cover this specific test; now fixed and retesting now on amd64 and i386
<kinygos> omg...connecting to a share on a windows pc was sooo simple...i thought i was gonna have trouble after that chap yesterday was struggling
 * kinygos pats himself on the back then hides
<ttx> hggdh: do you have the hardware to cover for the RAID1 tests ? I'm on upgrade testing right now
<patdk-wk> ttx, what do the raid1 tests need?
<ttx> better with two physical disks
<patdk-wk> so just software raid1
<ttx> http://testcases.qa.ubuntu.com/Install/ServerRAID1
<ttx> yep
<patdk-wk> how I'm running this machine :)
<ttx> heh
<patdk-wk> this is my only non-hardware raid, cause it's just a workstation
<patdk-wk> I could easly do those tests later, in like 6hours
<ttx> JamesPage, hggdh: zul and I are checking out the samba issue
<JamesPage> ttx: excellent.
<zul> looking at it now
<JamesPage> ttx: do you want me to pickup one of the raid1 tests?
<ttx> JamesPage: if you can, that would be great$
<JamesPage> ttx: on it now :-)
<ttx> we aim for 100% test coverage
<_ruben> bugger, my nfs server is i386, debootstrapping an amd64 root won't work
<ttx> JamesPage: you got that sigsegv on amd64 as well, right
<JamesPage> ttx: I've not confirmed that manually (only an automated test result)
<zul> ttx: same code in git
<hggdh> ttx: no, I do not have the hardware, unfortunately
<ttx> hmm, can't reproduce :P
 * ttx tries on i386
<soren> Wow... Installing maverick on an XFS filesystem is /unbelievably/ slow.
<soren> Bordering on useless.
<zul> ttx: on amd64?
<zul> soren: patches accepted ;)
 * soren makes a rude gesture
<zul> hehe
<patdk-wk> soren, reinstall on btrfs? :)
<soren> Pain is enough. I don't also need suffering.
<zul> ttx: i was able to reproduce it on i386
<patdk-wk> I've been running my maverick system on btrfs for months now, haven't had any issues so far :)
<soren> My refridgerator also works.
<soren> That also does not solve my XFS problem.
<patdk-wk> it might, give it a chance :)
<patdk-wk> have to deal with vzw today :(
<hggdh> ttx: I should have been clear, I did not see the samba issue on amd64
<hggdh> sorry
<JamesPage> hggdh: I'm not sure I agree; no seg fault on amd64 but the list of SID's returned does not include all accounts
<hggdh> JamesPage: then this is still a bug; it is probable, then that amd64 and i386 behave differently on it. Good catch, sir
<JamesPage> hggdh: looks like it.
<ttx> JamesPage: right
<zul> ttx: https://bugzilla.samba.org/show_bug.cgi?id=7718 opened upstream
<uvirtbot> bugzilla.samba.org bug 7718 in Client Tools "net usersidlist crashes on i386" [Normal,New]
<ttx> hmm, on i386 it ~works here
<ttx> (behvaes like your amd64
<ttx> )
<zul> oddd
<ttx> maybe depends on username size
<zul> whats the username?
<ttx> "ttx"
<ttx> hhhhmmmm
<ttx> if I create another user, it just works
<ttx> JamesPage: at best it's strange behavior, but samba works, so I'd consider the test as passed, not failed...
<ttx> hggdh: your opinion: ^
<hggdh> it looked, for me, like it failed at the end (on i386), but still listed the users. Perhaps a boundary condition
<hggdh> ttx: but I agree the test seems to have passed (and I had marked mine as so)
<hardfire> anyone working on opennebula ??
<ttx> JamesPage: could you change the test result ? I don't think that should be considered a FAIL
<hardfire> anyone working on opennebula ??
<ttx> hardfire: no
<ttx> hardfire: try #opennebula, maybe
<hardfire> #opennebula is the most inactive channel i've ever been
<ttx> hardfire: sounds a bit more ontopic there though
<hardfire> oh! true .. just gave a try to this channel .. anyways .. its related here too!
<JamesPage> ttx: OK; I'll update my results.
<ttx> JamesPage: strange thing is that if you add other users they are reported correctly.
<JamesPage> ttx: hmmm very odd
<ttx> also the net USERSIDLIST command is undocumented in man net
<ttx> maybe our test is a bit wrong
<JamesPage> we could use wbinfo -u instead
<ttx> hmm that net command is pretty bad
<ttx> so typing net --help, you get: Use 'net help usersidlist' to get more info about 'net usersidlist' commands
<ttx> but if you try 'net help usersidlist'...
<ttx> it just does te same as if you did net usersidlist
<JamesPage> yeah - its not pretty is it.
<ttx> looks a bit abandoned.
<ttx> hggdh: did you have a bug number for the missing grub rescue bug ?
<hggdh> ttx: yes, just a sec
<hggdh> ttx: bug 320183
<uvirtbot> Launchpad bug 320183 in rescue "When using "Recover a broken system" from the Server CD boot menu, /boot is not mounted" [Low,Triaged] https://launchpad.net/bugs/320183
<ttx> hggdh, Jamespage: is one of you on the RAID1 tests ?
<JamesPage> ttx: I've picked up the i386 RAID1 test; running at the moment.
<ttx> if yes, mark it "started" please
<ttx> ack
<ttx> jdstrand: if hggdh is not on it, you could cover the RAID1/amd64 test, I know you usually find exploding corner cases :)
<hggdh> ttx, jdstrand I cannot run the raid tests, no hardware available for it
 * ttx is on rescue mode /i386
<jdstrand> hggdh: I always just use kvm
<hggdh> then I guess I could it it after I finish the current one
<Babbla> i must have typed something incorrectly in my crontab commands... how do i view the error infromation from the command attempting to execute? i read somewhere online that it sends mail to root
<hggdh> ttx: on the amd64 raid1 test now
<ttx> hggdh: great !
<patdk-wk> heh? those tests looked like software raid, cause if you had hardware raid, there would be no need to select the raid type or anything in the ubuntu installer
<Babbla> why would quotes stop a command that otherwise works fine not work in the crontab?
<Pici> Well it depends where the quotes are of course ;)
<Babbla> well... it wasn't the quotes it was the %s which i knew i couldn't have without escapes, but i was too focused on the ""s... just thought i'd mention it for others
<Doonz> hey guys, is there a way i can install ubuntu over a debian install with only ssh access to the box?
<thesheff17> is there anyway easy way to check to make sure SSH is running on a remote machine?
<patdk-wk> ps ax | grep sshd
<Brumle> thesheff17: yes, there is
<Brumle> telnet other.machine 22
<patdk-wk> if ssh is on the standard port
<thesheff17> patdk-wk that is locally I need it to check it remotely.
<patdk-wk> run that command on the remote machine :)
<patdk-wk> otherwise your going have to check what ports are open, and telnet to each one
<patdk-wk> or hope it's on the default port 22
<hggdh> ttx: I cannot set a partition bootable (trying to create the RAID partitions)
<thesheff17> Brumle: yea that is what I thought...I would think it would be pretty easy to do in python but what happens when you get stuck in the connection with telnet?
<patdk-wk> control ], quit
<hggdh> JamesPage: on i386, could you set partitions bootable?
<JamesPage> hggdh: I didn't have todo that; guess grub must have fixed it up for me
<thesheff17> Ah ok class telnetlib.Telnet([host[, port[, timeout]]]) there is a timeout...thx Brumle
<hggdh> JamesPage: OK. I will see what happens here
<cfairles> anyone run mysql with innodb plugin 1.0.7?
<Doonz> hey guys, is there a way i can install ubuntu over a debian install with only ssh access to the box?
<shauno> that sounds a lot like 'danger will robinson' territory.  there *used* to be a supported upgrade path with one or two of the earliest ubuntu releases, but I don't believe it's a good idea anymore
<shauno> not sure if supported is the right word there :)
<JamesPage> hggdh: how is your RAID1/amd64 test going?
<hggdh> JamesPage: still through the install...
<JamesPage> hggdh: its quite slow; writing to two virtual disks generates twice as much io to the same underlying disk :-(
<JamesPage> hggdb:  the i386 version worked fine; however I was unable to complete the last step as no hot(un)plug as far as I can work out when running in KVM
<hggdh> JamesPage: yeah, this is a limitation. I guess the best we can do is force off, detach one of the discs, and boot again
<hggdh> JamesPage: yes, it seems grub now marks the partition bootable
<JamesPage> hggdh: did you have issues marking it as bootable using the manual partitioning?
<hggdh> JamesPage: yes, it simply did not work. At all
<JamesPage> hggdh: hmmm - feels like a bug to me but not a significant one.
<hggdh> I agree, mostly because we default to grub now. But it would be nice to check
<JamesPage> ttx:  RAID1/i386 successfully tested....
<Babbla> when selecting DNS during ubuntu-server install does it install bind?
<zul> yes
<mathiaz> ttx: o/
<ahasenack> hi guys, uec on lucid
<ahasenack> has anyone ever seen this error in the cloud-debug log file
<ahasenack> com.eucalyptus.ws.HttpException: HTTP input line longer than 4096 bytes.
<ahasenack> I can't start instances via landscape because of that, the line is about 5k
<ahasenack> but this wasn't a problem before (where "before" is some months ago, which was the last time I tried)
<hggdh> ttx: AMD64 raid1 test done
<ttx> hggdh: yay
<ttx> so we are just missing the ESX test
<ttx> bladernr: ping
<bladernr> ttx:  whattup
<hggdh> ttx: on tis one... no can do, no Windows here
<ttx> bladernr: was wondering if you plan to cover the "install on ESX" test
<bladernr> ttx:  I'm trying to get the ESX ones underway
<ttx> bladernr: great ! that's our only missing tests
<bladernr> I'm "finally" into the server but having permission issues on the ISOs so I can't actually connect my VM to the ISO image
<bladernr> :/
<bladernr> so, yeah, I am planning on them, just have to get them underway
<ttx> bladernr: in the past I think fader and sbeattie ran that test
<bladernr> yeah... heh
<bladernr> lucky me...
<bladernr> :-)
<bladernr> out of curiosity, the JeOS stuff uses the same server ISOs as everything else, yeah?
<ttx> bladernr: yes, I think with a F4 option
<sbeattie> bladernr: where in the esx' host fs do you have the isos?
<ttx> see SVI-002 under http://testcases.qa.ubuntu.com/Install/ServerMinimalVirtualInstall
<bladernr> ttx:  /vmimages/isos
<bladernr> when I try to point the VMs cdrom to the ISO, I get a permissions error...
<bladernr> the full path (/vmimages/isos/*.iso) is owned root:root and has the right perms all the way down.
<bladernr> VIC is complaining about permissions though...
<sbeattie> bladernr: hrm.
 * sbeattie suspects the karmic isos in /vmfs/volumes/storage2/isos/ can be deleted.
<hggdh> ttx: no respin in view for the server? I hope not...
<patdk-wk> what iso needs testing, I could give it a go on esxi right now
<patdk-wk> either 4.0u1 or 4.1
<sbeattie> patdk-wk: ubuntu-server i386/amd64 with the minimal install (f4 at iso boot to select)
<sbeattie> esxi 4.x testint would be appreciated, we only have access to 3.5
<patdk-wk> 32 or 64? or both?
<ttx> hggdh: I hope not either
<bladernr> sbeattie:  any ideas?
<ttx> hggdh: I might come home early.
<gus3> I'm looking at High Availability set on some ubuntu servers. I'm leaning towards HAProxy.  Anyone have any recommendations? Thanks all.
<hggdh> ttx: now that does sound good, does it not?
<patdk-wk> gus3, that depends on what you want to be HA
<patdk-wk> just webservices, ya, haproxy is fine
<ttx> it looks pretty good from where I stand
<sbeattie> bladernr: can you access any of the iso images in [storage1] or [storage2]?
<gus3> apache2 running php
<sbeattie> patdk-wk: ideally, testing both 32 and 64.
<gus3> I'm new to load balancing and still pretty new with linux.
<patdk-wk> I downloaded both, loading now
<bladernr> sbeattie:  no... when I try to access anything listed under datastores (storage1, storage2 and vmimages) I get "Permission to perform this operation was denied"
<sbeattie> bladernr: what user are you logged in as?
<bladernr> enablement
<gus3> Ultra Monkey looks to be an interesting choice too. But it looks like development may have stopped on it. I also like that HAProxy has stats displays.
<gus3> My final preference is something that resides in the ubuntu repositories.
<gus3> Thanks patdk-wk
<patdk-wk> hmm, odd, the i386 disk just drops to the isolinux boot: prompt on boot
<patdk-wk> same for x64
<patdk-wk> oh wait, downloaded wrong mini's :)
<bladernr> ttx:  I've got it running now... install underway for 64bit
 * hggdh hugs bladernr
<patdk-wk> where is the install a minimal virtual system option :)
<patdk-wk> f4 just refreshs my screen, but nothing really changes
<bladernr> ttx:  on 32bit, should uname -r return a -server kernel as the test case says, or -pae?
<ttx> -pae
<ttx> -server would be a bug :)
<bladernr> ok... well the test case says it should be -server
<ttx> bladernr: yep, that's a bit out of date
<bladernr> next question... on vmware, should linux-virtual be installed? (again, test case says yes, but dpkg says no)
<ttx> the important bit is about -virtual package
<ttx> hm
<ttx> do you have ubuntu-standard installed ?
<bladernr> yep
<ttx> looks like you missed step 2
<ttx> #
<ttx> Press F4 and select Install a minimal virtual system
<patdk-wk> I tried that, f4 wouldn't do that
<patdk-wk> but f4 in the help menu did display the f4 help page
<bladernr> well, maybe so... I know I hit f4 and highlighted it and hit enter... BUT I'm also doing both 32 adn 64bit at the same time...
<bladernr> so, I'll redo this one just in case I didn't...
<ttx> that triggers the specific seed
<ttx> taht points to virtual and avoids installation of ubuntu-standard
<ttx> in that F4 case, you end up with a -virtual kernel, rather than -server or -pae
<ttx> frankly, if you got that far, that means ESX is ok :) since the test on KVM worked.
<ttx> the delta with the previous test is ESX hypervisor,
<bladernr> ttx:  so, 2 for 2 now... both installs ended up with ubuntu-standard, not linux-virtual
<patdk-wk> same for me
<patdk-wk> and I pressed f4
<bladernr> 64bit has a -server kernel (that's correct or incorrect for 64bit)
<patdk-wk> on boot, installer boot menu, (install, command-line install, advanced options, help)
<patdk-wk> pressing f4, causes it to refresh, but still same screen
<patdk-wk> pressing any f* does the same thing
<patdk-wk> http://archive.ubuntu.com/ubuntu/dists/maverick/main/installer-amd64/current/images/netboot/
<bladernr> ttx:  yeah... step 2... again, the test case is messed up... it said "select Install Minimal Virtual System" not Virtual Machine... so I picked the one that had the word "System".
<patdk-wk> strange, I can't even get that
 * bladernr is really getting tired of questionably accurate test cases... (and his own lack of reading comprehension)
<patdk-wk> or did I download the wrong mini.iso files :)
<sbeattie> patdk-wk: for esx tests we're looking for the minimal install option off of the regular ubuntu-server isos.
<patdk-wk> oh normal install, heh, wonder how I got stuck on mini :)
<patdk-wk> where are the server iso's hidden :)
<RoAkSoAx> jcastro: howdy!! I have a question regarding the blueprint naming schemes. I filed a blueprint such as: server-natty-powernap-improvements. So, I don't see how this blueprint should be renamed. (PowerNap is integrated with the cloud so it could be cloud-server-n, or it is related to reduction of power consumption, so it could also be performance-server-n... or else?)
<patdk-wk> I know where the desktop/live and alternate re
<patdk-wk> are
 * ttx packs up
<RoAkSoAx> jcastro: or should it just be other-server-n-powernap-improvements?
<jcastro> RoAkSoAx: I think cloud-server-n
<jcastro> ttx: whose doing the specs review and stuff for -server?
<jcastro> jiboumans or did he assign someone else?
<sbeattie> patdk-wk: http://cdimages.ubuntu.com/ubuntu-server/daily/20101007/
<ttx> jcastro: jib and robbiew.
<RoAkSoAx> jcastro: but if the improvements are not only cloud related, should it go there too, or should I ask jiboumans or robbiew ?
<jcastro> RoAkSoAx: I would say make a best-guess estimate and then run it by them
<RoAkSoAx> jcastro: ok thanks :)
<jcastro> as long as the right people are subbed to the blueprint it doesn't really matter which track it's in in the schedule
<RoAkSoAx> haha ok cool thanks :)
<jcastro> then they'll either fight over the spec or try to pawn it off on each other, that exercise if left for the reader. :)
<patdk-wk> heh, mini.iso downloads so much faster :)
<undecim> In DNSMasq, can I set a dhcp-host option with an IP outside dhcp-range?
<ncampion> undecim, i believe thats what that setting is for
<undecim> Because I have read-ethers and dnsmasq doesn't seem to be reading it. All the IPs are outside of dhcp-range, and I thought that might be the cause.
<RoAkSoAx>  /win 17
<patdk-wk> ok, redid the esxi tests
<patdk-wk> it installs both i386 and x64 no issues, both say linux-virtual/2.6.35-22-virtual
<patdk-wk> the x64 though throws some modprobe failed messages up before the login though
<patdk-wk> FATAL: Could not load /lib/modules/2.6.35-22-virtual/modules.dep: No such file or directory
<patdk-wk> only other thing that failed is x64 df -h shows / using 519Megs, on i386 it's 499megs
<ncampion> undecim, are the dotted-quad IP addresses in /etc/ethers in the same subnet as your dhcp-range?
<undecim> ncampion: yes
<undecim> ncampion: Maybe I should specify the subnet mask explicitly to make sure?
<undecim> Though ifconfig shows that it's /24
<undecim> So all the IPs should be fine
<ncampion> undecim, as far your initial question, man dnsmasq says "Addresses allocated like this are not constrained to be in the range given by the --dhcp-range option, but they must be in the same subnet as some valid dhcp-range." So, I believe what you are doing should be viable.
<patdk-wk> hmm, modules.dep exists, must be an upstart order thing, where it tried modprobe too fast or something, not sure
<ncampion> of course, i've done just enough of this to get my routing setup working :-)
<undecim> Also, I have local=/wake/, but hostname.wake names don't resolv.
<undecim> I've checked resolv.conf, and I'm definitely using the dns server, and even use dig to check, but it's not working.
<uvirtbot> New bug: #657007 in php5 (main) "Assigning the return value of new by reference is deprecated in /usr/share/pear/Mail.php" [Undecided,New] https://launchpad.net/bugs/657007
<vinterrymden> Hey all. Got a question. I'm setting up proftpd and I'm not sure where to find the AuthUserFile. Any help is appreciated
<n3kl> For some strange reason I can't join #ubuntu-virt
<zooko> Folks: I'm upgrading a set of t1.micro EC2 instances from Lucid to Maverick.
<zooko> Seems to be working okay. Except: it always says "*** System restart required ***" on login even if I just restarted.
<n3kl> I can't seem to get anything to work properly with libvirt on ubuntu.
<n3kl> I am building my vms with ubuntu-vm-builder, seems like they get built.  I can see then in virsh list, I can't console to them with virsh console, nothing comes up.
<n3kl> When I try to use virt-viewer, the keyboard layout is jacked, like when I press enter, it types a 'j' on the terminal
<n3kl> then, I am not sure my netowrk is working, I can see in my dhcp logs that the new host with the mac address has requested and been assigned dhcp but I can't ping the beast
<n3kl> Would pasting my xml configurations help?
<zooko> Oh,and the motd still identifies itself as 10.04.1.
<_ruben> sounds like a fairly busted upgrade
<_ruben> zooko: what does lsb_release -a tell you ?
<WALoeIII> w/ a PPA can I build multiple versions of the same package? I need 3 nginx 0.7.67s with different modules compiled in
<consumerism> anyone use drbd and heartbeat for a highly available nfs server?
<Brumle> consumerism: probably someone... what is your question?
<kamote> anyone using DDOSdeflate here
<aljosa> ruby gems not working on ubuntu 10.4, i always get "HTTP Response 302 fetching http://gems.rubyforge.org/yaml" when i try to update/install or anything else. any idea?
<ewook_> hey. somethings fishy with a lot of things after my upgrade from 8.04 to 10.04, screen cannot start, mysql didn't start before but now does, now postfix doesn't start ..
<Brumle> ewook_: does any of them give any error messages?
<ewook_> Brumle: no. mysql had a init.d-missconfig before, but postfix seems to be bothered by something else right now, anwers on localhost, but not from remote *_*.
<ewook_> need to check my ip-tables if something is up..
<Brumle> ewook_: add some "-j LOG" if comfortable with iptables :)
<ewook_> Brumle: already on it :). just irritated.. all I did was take down everything for three hours - did not think I'd get a bunch of problems from it :P
<Brumle> ewook_: old hardware?
<ewook_> Brumle: not really. just, it's been upgraded from 8.04 to 10.04.
<ewook_> = bad idea for a server.. :p
<ewook_> atleast mine.
<Brumle> ewook: I see the problem. Good to do in test or stage first....
<ewook> I did.. but this one is so full with stuff, that I couldn't really duplicate it :p
<ewook> oh well.. seems like I need to rebuild the iptables... used ufw once and those are still in there...
<ewook_> mwhah. lol.
<ewook_> my router had failed over to my second isp...
<soren> ScottK: Hey. I've uploaded a couple of things (a small fix for a bug 657053 and likewise for bug 657047). I really appreciate your ACK on bug 645936, but people failed to deliver the stuff I needed to make that happen, so the only part of that bug that remains true is my intention to SRU the final release of Nova.
<uvirtbot> Launchpad bug 657053 in nova "Compute service's run_instance method fails due to wrong datatype from db" [Undecided,New] https://launchpad.net/bugs/657053
<uvirtbot> Launchpad bug 657047 in python-eventlet "Missing dependency on python-greenlet" [Undecided,New] https://launchpad.net/bugs/657047
<uvirtbot> Launchpad bug 645936 in nova "[FFe] Plan for Nova for Maverick" [Undecided,Confirmed] https://launchpad.net/bugs/645936
<ewook_> and that isp is blocking port 25 anywere but to their relay. still, postfix did not start
<Edward_Elric>  please helpme to vote
<Edward_Elric> http://148.245.35.4/CursoPhp/index.php
<Edward_Elric>  :D
<Edward_Elric>  is about ubuntu
<ewook_> Edward_Elric: seems like a strange request?
<shauno> it's a pretty sparse list of options too
<dstryr> to see if i configured raid 1 correctly i would just unplug the first drive and see if everything boots correctly right?
<dstryr> anyone around who could lend some assistance?
<ScottK> soren: It's all accepted now (at least what was in the queue)
<ScottK> ewook_: If postfix is responding on localhost, then it is up and running.  There's nothing in Postfix that should have a problem with 8.04 -> 10.04.
<ewook_> ScottK: I know ;). but first of - it didn't start - so I started it manually, checked it locally, and then tried to connect to it from the outside - well, the isp I was trying to check from has port 25 blocked if not going thro their relay-server :P
#ubuntu-server 2010-10-09
<ScottK> That's going to make it a bug tough.
<ewook_> yeah. darn router had switched me over to my failover connection without me noticing...
<Zer> I will say, Postfix-*Dovecot* from 9.10 -> 10.04 was a horror
<demonspork> fffuuuuu
<demonspork> how do I prevent a certain user from using anything but a certain IP address?
<uvirtbot> New bug: #657127 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.3 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/657127
<pmatulis> demonspork: what do you mean?
<RoyK> demonspork: you can do that with iptables if you work hard on it
<qman__> seems like an overcomplicated way to accomplish whatever it is you're really after
<RoyK> demonspork: google for iptables owner
<demonspork> well, RoyK and qman__, what I am trying to accomplish is to keep users from binding what they are running to any IP address but the one I want for them to have access to
<RoyK> demonspork: I think you should give them a VM if you want to isolate them from the system in that way
<Zer> demonspork, you could perhaps use iptables with -m owner
<Zer> At the very least that'd prevent them from getting anywhere if they tried
<demonspork> it isn't a security thing, it is a monitoring thing
<demonspork> I would be just as happy with a solution to monitor bandwidth usage per user
<RoyK> demonspork: as I (and Zer) said, try to use the owner module in iptables
<demonspork> yeah, I am looking into that right now
<Zer> demonspork, Google:
<Zer> iptables bandwidth accounting
<Zer> It comes up with quite a bit
<Zer> ...oh... I didn't scroll up. Sorry RoyK :)
<Zer> A server split made it quite a ways away
<RoyK> :)
<RoyK> always a splatter
<uvirtbot> New bug: #657149 in squid (main) "package squid 2.7.STABLE9-2ubuntu5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/657149
<fluvvell> I want to remount a directory that is on a drive with heaps of space onto a directory under the root, what do i need in the fstype part of fstab ?
<RoyK> mount it somewhere else
<RoyK> and umount -l the old dir
<RoyK> man umount
<RudyValencia> On http://drakespizzapalace.com/ why do the navigation li backgrounds overlap the
<RudyValencia> +overlap the regular background?
<RudyValencia> Oops sorry meant to type that in #web
<fluvvell> RoyK, I think what I'm looking for relates to mount -R /olddir /newdir   but I need a none option in fstab, was just checking if anyone new of any other requirements
<RoyK> fluvvell: the fstab is only used under boot
<RoyK> fluvvell: never mind that during runtime
<fluvvell> RoyK, yep but its to be permanent will need it to survive reboot.
<fluvvell> Another question, know how to change time zones by command line?
<gravity1187> any of you have much experience with bastille?
<shauno> I didn't know that was still alive
<gravity1187> still in the repos, but appears to have a lot of issues
<gravity1187> I've found at least 2 bugs in the last day
<gravity1187> really pisses me off because they are critical bugs and this package is always a great starting point for hardening a system
<kees> gravity1187: I'd have to disagree. bastille doesn't have much general utility in a modern system.
<kees> gravity1187: see https://wiki.ubuntu.com/SecurityTeam/Roadmap under "Not Interested"
<kees> gravity1187: though I'm open to further thoughts on it. we just didn't see anything useful in it any more.
<shauno> most of what it contained would probably be better off as 'sensible defaults' rather than optional fiddling.  but their site says the next release is due jan 14th 2008, which is never a good sign
<gravity1187> I'll have to take a look at the roadmap, but IMO ufw and app-armour have a long way to go especially with programs such as pasd that are designed to work with iptables
<gravity1187> correct me if I am wrong
<LucidGuy> Ubuntu phpmyadmin question... everything is working fine but I can't find where in my apache2 confs it declares mysite.com/phpmyadmin    No include line stating php .. anyone?
<LucidGuy> cancel that .. found it.
<pwnguin> i think its in apache2/conf
<pwnguin> for some odd reason
<pwnguin> debian webapp packaging is inconsistant
<LucidGuy> apache2/conf.d/  yes
<pwnguin> it should probably be in sites-available
<RoyK> pwnguin: it's not really inconsistent, it just bases all on that everything is on the same box
<RoyK> pwnguin: you can easily separate it all to new virtualhosts
<RoyK> pwnguin: it would be worse if you had to create a virtualhost to gain access in the first place
<pwnguin> RoyK: have you read the debian guidelines for webapps?
<RoyK> no
<RoyK> but then - sites-available holds virtualhosts
<RoyK> by definition
<RoyK> mods-available holds modules
<pwnguin> http://webapps-common.alioth.debian.org/draft/html/
<RoyK> which part are you referring to?
<pwnguin> perhaps im mistaken
<pwnguin> looks like the official policy is to register with apache via conf.d
<pwnguin> err the unoficial
<RoyK> I think that is the bin into which they throw all the leftovers
<RoyK> the ones not in by standard
<pwnguin> i thought i had seen a few in sites-available, but i dont have any
<pwnguin> that i didnt make
<RoyK> sites-available is for Apache VirtualHost entries
<RoyK> obviously, it can be used for all sorts of stuff, but to keep it clean, just put vhosts in there
<rsouthard> I have several luns presented to my workstation via qlogic HBA's. They are setup in /etc/multipath.conf with an alias. I can see all the luns with the multipath -ll command. How would i go about renaming the luns with device mapper? I do not want to use /dev/dm-7 in fstab since the dm-7 is not necessarily persistant at reboot. Any thoughts?
<RudyValencia> OK I have usbmount setup on my server, when I'm finished with a volume do I unmount it manually first?
<uvirtbot> New bug: #657180 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/657180
<chrislabeard> What is the best php accelerator ?
<Patrickdk> the one you use :)
<chrislabeard> that would be none so sceratch
<chrislabeard> I tried to install apc but didn't seem to work
<Patrickdk> I'm personally using xcache, but also sometimes use apc when needed
<uvirtbot> New bug: #657200 in bacula (main) "package bacula-director-pgsql 5.0.1-1ubuntu1 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 10" [Undecided,New] https://launchpad.net/bugs/657200
<soren> ScottK: Excellent, thank you.
<uvirtbot> New bug: #657229 in samba (main) "samba shares are no longer shown on host" [Undecided,New] https://launchpad.net/bugs/657229
<uvirtbot> New bug: #657245 in clamav (main) "package clamav-base 0.96.1 dfsg-0ubuntu0.10.04.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/657245
<jayvee> Any IPsec users here?
<jayvee> I would like to know if IPsec is still broken in linux-image-virtual like it was in Karmic.
<spiekey> Hello!
<spiekey> i have a md-raid with 8 disks and my box crashed. Can i simply boot up with a live-system and "activate" that md-raid again?
<spiekey> of course it should not destroy my existing data
<jayvee> spiekey: define 'crashed'
<spiekey> well, my root-disk was not a raid and it crashed
<spiekey> so i am left with my "data" which was on my md-raid
<jayvee> so by 'crashed' you mean the disk has died, not 'kernel panic' or 'power outage'
<jayvee> I have never used md-raid, but I would say it is very likely possible to mount the raid setup from a live system.
<jayvee> exactly how, I could not tell you.
<spiekey> jayvee, yeah. That my problem. it "should" work :)
<spiekey> but i dont want to acidentally rebuild the raid :)
<jayvee> ah good, ipsec works with linux-image-virtual on Lucid :)
<spiekey> jayvee, just for your notes... the disks have some sort of uuid. So mdadm automatically knows which disks belongs together
<spiekey> it was just like plug+play
<jayvee> nice one
<jayvee> great to hear
<uvirtbot> New bug: #657302 in openssh (main) "X11 forwarding does not work" [Undecided,New] https://launchpad.net/bugs/657302
<ivnnvi> hi
<ivnnvi> qualche italiano???
<Jeeves_> No, this is an english channel
<Doonz> hey guys, i rebooted my server and when it came back up its doing a fsck scan on one of my drives. how can i see a progress meter of this scan
<RoyK> AFAIK fsck doesn't have one
<Doonz> thats sux
<RoyK> what fs are you using?
<Doonz> ext3
<RoyK> when you create an ext3 fs it tells you to tune2fs -c0 -i0 to inhibit periodic checking
<RoyK> if it wasn't a periodic checking, well, then it was probably needed
<Doonz> i dont remeber seeing that
<Doonz> but its been a year since i built this array
<RoyK> mke2fs -j will print that by default
<RoyK> was it a periodic check?
<Doonz> yeah
<RoyK> k
<Doonz> but its like 3.7Tb the array
<RoyK> well, disable it when it's done, then
<Doonz> so i wanted to see how much time was left
<RoyK> heh - that'll take some time :)
<Doonz> :/
<Doonz> yeah
<Doonz> at least its saturday
<RoyK> me sticks to zfs for volume data
<Doonz> i was just learning when i did this
<RoyK> well, just wait
<RoyK> nothing more to do
<Doonz> i have two raid 5 arrays with 1tb populating them
<Doonz> 10tb raw
<RoyK> k
<Doonz> so my next moe will be to grabe 6x 3tb drives and go to zfs
<Doonz> move*
 * RoyK is setting up a couple of 110TB boxes soon and is feeling like a child on his way to the circus
<Doonz> nice
<Doonz> in 9u cases?
<RoyK> 11 7-drive raidz2 LVOLs
<Doonz> ah ok
<Doonz> brb
<RoyK> 4U supermicro server with 34 2TB drives and a JBOD with 45 drives
<Doonz> ah ok
<Doonz> yeah i have a norco 20 sas/sata bay case at home
<RoyK> Doonz: moving to zfs?
<qman__> you can actually break out of it by pressing ctrl+alt+del
<qman__> but if it's been a year, it's probably a good idea to let it run anyway
<qman__> 3.7TB should take probably a couple hours
<qman__> and fsck used to have a nice progress bar up until lucid
<qman__> when plymouth broke it
<Doonz> RoyK: i will once i get my new drives
<Doonz> im only cli
<Doonz> woot its done
<Doonz> now how do i disable it from doing that again?
<RoyK> Doonz: tune2fs -c0 -i0 /dev/something
<franksterville> Ohhh can Lucid do ZFS?
<RoyK> franksterville: with fuse, yes, but I wouldn't use that on critical data
<franksterville> RoyK:  I'll leave the ext3 alone :)
 * RoyK stiicks to nexenta for critical data
<franksterville> reg ole raid 5 here
<RoyK> ole?
<franksterville> old*
<RoyK> k
<franksterville> sigh*
<RoyK> franksterville: with this new setup, we can't really afford 'silent data', which gets quite common with 80 2TB drives installed....
<franksterville> RoyK:  80!  holy platter surface
<RoyK> hehe
<EvilPhoenix> holy hell thats a lot of drives
<RoyK> well, actually it's only 79
<EvilPhoenix> they in RAID?
<RoyK> with two spare drives
<RoyK> they will be organized in 11 7-drive raidz2 LVOLs
<RoyK> two boxes - one for the private net, one for the dmz
<RoyK> 4+4U each :D
 * RoyK will need to take some pictures of this setup - 17U worth of backup with the 1U pizzabox for the Bacula Director
<RoyK> http://www.funofun.com/hillbilljobapp.shtml
<Doonz> RoyK: is there anychance of me damaging the drive with running that command
<RoyK> no
<RoyK> afaik it's virtually impossible to do much damage with tune2fs unless you force something with -f
<Doonz> thanx
<RoyK> those options (-c and -i) should be safe, anyway
<Doonz> so did you take a picture yet?
<RoyK> I haven't got the boxes yet
<RoyK> arriving in a week or so
<Doonz> ah
<Doonz> nothing like cristmeas
<Doonz> :)
<RoyK> :)
<Doonz> we got 40 2u servers coming in cant wait to get all them up and running
<RoyK> for what sort of service?
<Doonz> dcs system upgrade
<RoyK> dcs?
<Doonz> digital/distributed control system
<RoyK> btw, have you automated installs on those, or do you plan to install them all by hand?
<RoyK> ok
<Doonz> will be auto imaged but then manual setup after the base image is applied
<RoyK> just curious - what do they control?
<Doonz> Oil plant
<RoyK> ah
<RoyK> SAP or something?
<Doonz> No the actual control of the plant
<Doonz> valves pumps boilers and so forth
<RoyK> last I checked, SAP can do that stuff too
<Doonz> ive never heard of SAP
<RoyK> but then, I guess hireing 100 developers to make something new will cost less
<Doonz> there is honeywell emerson yokogaw and siemens for dcs world wide
<RoyK> k
<RoyK> beware of Stuxnet, then
<Doonz> SAP here at site is used to deal with wo n1 breaks ins and so forth
<Doonz> we dont have siemens plc here
<RoyK> k
<Doonz> but were immune to that type of exploit anyhow
<RoyK> but 2U? lots of local drives?
<Doonz> dual ati r220 video cards
<RoyK> ah
<RoyK> ic
<Doonz> i think its r220 id have to look at the box
<Doonz> its kvm over ip
<RoyK> but ... supermicro has some dual GPU machines in only 1U
<Doonz> not certified
<RoyK> by whom?
<Doonz> Emerson/Honeywell
<RoyK> k
<RoyK> seems like a lot of horsepower in those boxes, though :)
<Doonz> they are made by dell but only for those two companies
<RoyK> heh - sounds expensive
<Doonz> just your basic dual core with 4gb ram dual ssd with quad nics and the dual cards
<Doonz> quad nic*
<RoyK> but with that many GPUs, I guess there'll be a lot of modelling
<Doonz> no
<Doonz> quad monitor support
<RoyK> for 2U boxes??
<Doonz> yep
<Doonz> operator and engineering stations
<RoyK> so, 4 monitors on 40 servers, that's 160 monitors
<Doonz> yeah
<RoyK> I don't get it...
<Doonz> you have 4 screens per operator station with 3 operator stations per area
<RoyK> why not local machines?
<Doonz> so areas are 4 operator stations
<Doonz> some*
<Doonz> dont want them to be availible to anyone
<RoyK> or are you just running video over long high-speed transport?
<Doonz> easier to maintain the euipment in a controlled environment
<Doonz> 1 sec
<RoyK> what about remote X or something?
<RoyK> transporting VGAish video over a link seems to be a bad idea imho
<Doonz> its fine
<Doonz> http://www.amd.com/us/products/workstation/graphics/ati-firepro-3d/rg220/Pages/rg220-features-benefits.aspx
<Doonz> the run is over fiber roughly 3miles
<Doonz> pretty neat stuff that works as advertised
<RoyK> fancy
<RoyK> what - just gigE?
<RoyK> or 10g?
<Doonz> ptp fiber
<franksterville> POLL:  Linode or Ec2 MIcro instance?
<Doonz> it can be ran 10g but it will be copper to fiber -> long run -> fiber to copper
<Doonz> 100mbit siwtches
<martin-> how can I change the device of an md device?
<martin-> currently mdadm --examine --scan gives me two md0 devices
<martin-> which causes problems when booting (since system is on md0)
<martin-> device number*
<uvirtbot> New bug: #657385 in mysql-dfsg-5.1 (main) "mysql failed to configure while upgrading to 10.04" [Undecided,New] https://launchpad.net/bugs/657385
<Chrisbuchholz> Hey guys. Where do i find my auth-log on ubuntu server 10.04? I have looked it /var/log, but it only contains the rotated logs auth.log and auth.log.1
<ScottK> Chrisbuchholz: What are you looking for that isn't in those logs?
<Chrisbuchholz> scottK, nothing. I just thought that the rotated logs would be archived, while a 'auth' would be the most current
<Chrisbuchholz> ScottK: maybe i'm wrong?
<ScottK> auth.log is the current one
<Chrisbuchholz> ScottK: Okay, thanks ;)
<uvirtbot> New bug: #657392 in dovecot (main) "package dovecot-common 1:1.2.9-1ubuntu6.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/657392
<uvirtbot> New bug: #656973 in samba (main) "Samba configuration window is disabled and cannot enable it" [Undecided,New] https://launchpad.net/bugs/656973
<franksterville> Silly question....   start x to start gui...   to stop gui???
<qman__> startx is an extremely basic method
<qman__> use the 'log out' or 'exit' function within X, or switch to the TTY which you invoked startx and press control+C
<uvirtbot> New bug: #656253 in samba (main) "Winbind doesn't automatically start when recovering from hibernation." [Undecided,New] https://launchpad.net/bugs/656253
<franksterville> qman: when you say startx is basic,  what do you mean?  It starts gnome.  How could one start gnome in a non basic form...??
<qman__> startx only starts x
<qman__> it's the most simple way
<qman__> most setups use what's called a desktop manager or a login manager
<qman__> ubuntu desktop uses gdm, kubuntu uses kdm
<qman__> and there are many others
<qman__> startx is only really useful for testing and single user systems
<qman__> startx has to run after the user logs on
<franksterville> qman:  the reason I asked is I rarely run in gui and sometimes for whatever reason I need to use it.  When I am done I usually log out witch kills it.  I for get to log out it just locks the screen so I want to be able to kill it remotly
<qman__> then kill the process
<franksterville> yeye service gdm stop
<franksterville> got it
<qman__> gdm and startx are very different
<qman__> if you use gdm, that's the right way to do it
<qman__> and service gdm start to bring it back up
<qman__> but startx works completely differenly
<franksterville> roger that thanks for the distiction...  still learning
<franksterville> learning best practices
<franksterville> just ditched webmin,  beefing up my console skillz
 * RoyK hands out win98 CDs
<chrislabeard> How can you check to see if APC is working and configured correctly?
<ikonia> APC is a power cell isn't it ?
<chrislabeard> Its for php
<chrislabeard> php caching
<ikonia> ask the guys in ##php for a test case
<vsd20c_> I'm planning on building a web server for personal purposes and I'm going to go with a Lamp build. But, I want to be able to support users and make an accessible domain for easy remote desktop situations. what should i use as an base os? i have ubuntu 10.0.4, will that support a domain?
<MartyMcFly> vsd20c_: "webserver" and "easy remote desktop" are a bad match. Better look out for cheap webspace.
#ubuntu-server 2010-10-10
<Doonz> hey guys. Im trying to get apache2 to listen on a different port. But it will not work other than on port 80. no firewalls or anything blocking me
<qman__> Doonz, two things must be changed
<qman__> Add your port to /etc/apache2/ports.conf
<qman__> and then configure your site to listen on said port, <Virtualhost *:[port]>
<NoobFukaire> I've read in places that xen isn't supported on the latest LTS (lucid)
<NoobFukaire> is that the case?
<paul_whipp> newbie question: I've set up and run EC2 instances on us-east-1 with ec2-run-instances command but when I try to start a ap-southeast-1 ami I get "Client.InvalidAMIID.NotFound: The AMI ID 'ami-ea1e60b8' does not exist". How do I switch zones so I can run this instance there?
<paul_whipp> It seems the only ubuntu amis I can launch are in us-east-1. Is this something in my config?
<knolls> after i installed xubuntu-desktop grub doesn't give me options on bootup it just runs memtest86
<ScottK> knolls: Xubuntu is off topic for this channel.  Try #xubuntu.
<knolls> well my original installation was ubuntu-server, and my problem may not be related to me installing xubuntu-desktop
<knolls> just wondering if anyone has seen this problem
<ScottK> Did you try running update-grub?
<vsd20c_> anyone know the difference to private and public cloud? is it just Internet connectivity?
<KurtKraut> vsd20c_, usually, yes.
<caution> how can I create several screen sessions, each running a command on startup?
<caution> rephrased: how can I create several screen sessions on startup with each running a command?
<JasonLeschnik_> Hey all
<JasonLeschnik_> Have many Ubuntu Server admins moved to *BSD?
<uvirtbot> New bug: #657607 in mysql-dfsg-5.1 (main) "package libmysqlclient16 5.1.41-3ubuntu12.6 failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/657607
<qman__> I saw 10.10 is up on the site, but the torrents aren't working
<qman__> I get
<qman__> rejected by tracker - Requested download is not authorized for use with this tracker.
<qman__> Problem connecting to tracker - [Errno 101] Network is unreachable
<remix_tj> qman__: i think is too early to get the torrent dowloading
<yann2> mmmh is seems that nagios-nrpe-server is in main and is missing an UFW profile
<yann2> (lucid)
<yann2> is that a bug or a wishlist?
<xfaf> working toay?
 * RoyK rarely works on sundays
<uvirtbot> New bug: #657672 in clamav (main) "don't start freshclam" [Undecided,New] https://launchpad.net/bugs/657672
<uvirtbot> New bug: #657719 in openldap (main) "package slapd 2.4.21-0ubuntu5.3 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/657719
<cipher__> anyone been able to upgrade yet?
<cipher__> arg..
<shauno> haven't tried, to be honest; I imagine most the servers are hating life right now
<padhu> cipher__: wait for short time
<cipher__> just need it to get my myhtv back
<demonspork> so you already upgraded?
<cipher__> my desktops yes
<cipher__> but server isn't ready
<xperia> hello to all. i am having big problems with installing/removing the package "proftpd". as first i cant remove it after the install as it breaks everytime with the error message "debconf: DbDriver "config": could not open /var/cache/debconf/config.dat". Reinstalling dont want to work too. can anybody help me with this problem ?
<xperia> i have installed it first that way "sudo apt-get install proftpd" but after some seconds it stopped with installing the packages and outputed some error messages. it looks like i needed to install "proftpd-basic"
<qman__> xperia, your problem is not directly the proftpd package, but rather your debconf system
<qman__> something is wrong with the package manager
<qman__> I don't know exactly how to fix it, but that file is a part of the package manager, and until that problem is resolved, you will not be able to install, remove, upgrade, or otherwise change packages
<xperia> hmmm but before i installed proftpd everything worked. i checked now the directory "/var/cache" with ls -la and i dont have any debconf/config.dat dir and files there
<qman__> try this
<qman__> sudo mkdir /var/cache/debconf; sudo touch /var/cache/debconf/config.dat
<qman__> what most likely happened is that something broke prior to or during the install of proftpd
<qman__> not as a direct result of the proftpd package
<qman__> but some other issue
<xperia> qman__; thanks a lot. will try it out. think i removed it manually this dir and file some days agao
<xperia> qman__: you are great it worked awesome ;-) thanks a lot man !
<alex88> hi, i'm trying to mount a samba share
<alex88> with smbfs
<xperia> just need now some good howto for proftpd-basic. the one in the community help wiki is not very helpfull
<alex88> i has no pass and command "sudo mount -t smbfs //192.168.0.193/LaCie /media/samba/" says "Unable to find suitable address."
<alex88> O.o..sorry
<enquora> do-release-upgrade isn't seeing 10.10. There's something I need to change to allow upgrading an LTS version to non-LTS, isn't there?
<alex88> enquora: command line?
<enquora> yes
<alex88> sudo do-release-upgrade ?
<enquora> alex88: no upgrades available.
<alex88> https://help.ubuntu.com/community/MaverickUpgrades tried this?
<enquora> I remember needing to change something when running 8.04 to recognize non-LTS upgrades, but I've forgotten what
<alex88> that page shows how
<enquora> alex88: "no new release found"
<enquora> want to perform a network upgrade
<alex88> edited /etc/update-manager/release-upgrades etc?
<enquora> that is probably it
<hggdh> yes, this is it
<alex88> i've told you to read that page..why you haven't done those steps?
<enquora> I've read the page and don't see any reference to that
<enquora> ok, there it is
<alex88> https://help.ubuntu.com/community/MaverickUpgrades#Network Upgrade for Ubuntu Servers (Recommended)
<ruben23> hi guys i tried to used modprobe on my ubuntu-server but  i get this error------------> http://pastebin.com/yWjsdsb8
<qman__> those are only warnings, not errors
<qman__> they do not prevent your command from running, they are simply informing you of incorrect settings
<ruben23>  qman__:  what should be the right way..?
<qman__> as the warnings say, alsa-base does not follow the new convention of naming all config files .conf, and /etc/modprobe.conf is also a deprecated way of setting things
<qman__> it's not important in the current release, but doing things that way in future releases may not work
<ruben23> hi guys how about this are there any serious issue with this..?---->http://pastebin.com/1SR57gZc
<qman__> no, just a runlevel inconsistency
<qman__> made obsolete with upstart anyway
<Pilif12p> How can i see how much ram my server has?
<qman__> Pilif12p, free -m will show memory usage statistics in megabytes
<Pilif12p> ok
<Bilge> I'm still running 8.04 LTS
<Bilge> How safe/easy is it to migrate to the next LTS?
<Bilge> I'm kinda interested in moving on to PHP 5.3 and I imagine that first upgrading my distro is the best way to achieve that
<qman__> make sure you have a good backup
<`jpg> Heya.
<qman__> I've upgraded two servers, both with problems
<qman__> not unsolvable, but be prepared to work on them
<`jpg> Does maverick include a xen dom0 kernel?
<Bilge> What kind of problems did you have?
<qman__> one of them, the graphics completely broke
<qman__> took me a while to get a picture back
<qman__> my torrentflux install also completely broke
<Bilge> Wait what
<Bilge> This is a server distribution
<qman__> yes
<qman__> I had no video output
<Bilge> The graphics? :)
<qman__> out of range
<qman__> it took me a while and lots of searching to fix it
<qman__> a combination of KMS, grub2, and plymouth
<qman__> just be prepared in case something goes wrong, that's all I'm saying
<qman__> set aside plenty of time to work on it
<Bilge> I think that's the key thing
<qman__> and have good backups
<Bilge> I do have backups but that won't help if I need to reinstall the entire system
<Bilge> And it will be a huge pain in the ass to do that since it's all encrypted and stuff
<Bilge> Speaking of which I don't even know if I remember the encryption keys ;p
<Bilge> up 358 days
<qman__> wait a week :)
<qman__> then you can have a year of uptime
<qman__> servers are probably overloaded anyway
<qman__> they usually are around release time
<detrix> I just installed server edition on my desktop.  I need some guidance with setting up the interface with eth0
<qman__> detrix, see `man interfaces` and the networking section in the server guide
<detrix> I have the general idea of how to do it, but its not working
<qman__> in that case, pastebin your /etc/network/interfaces file, and explain what isn't working
<detrix> the computer with the server can't get on the internet yet.  but I will type it all in, in pastebin
<detrix> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<xperia> hello to all. i am trying to get phpbb3 on my ubuntu server to work but for some reason i just get a empty site with no content. the apache/php server just call the one site index.php and nothing else.
<xperia> i have installed phpbb3 as follow: "sudo apt-get install phpbb3" "sudo ln -s /usr/share/phpbb3/www /var/www/phpbb" "sudo /etc/init.d/apache2 restart" "http://localhost/phpbb"
<xperia> what could be the problem that phpbb3 is not working like it should. looks like a apache config problem!
<qman__> also, a little information about your network will be helpful, how you get to the internet, your routing/DHCP situation, etc
<qman__> xperia, apache is probably configured to ignore symlinks, and that's a bad idea even if it isn't
<qman__> the package should have installed another site configuration file
<qman__> or, if not, you should install one
<qman__> ls /etc/apache2/sites-available/
<xperia> qman__: okay thinked also that way. have only this files here "default" and "default-ssl"
<xperia> will check the vhost files then in default
<qman__> if it didn't create a site for you, create one yourself, using the directory /usr/share/phpbb3/www
<qman__> and a site alias, as demonstrated in the default site with the /doc
<qman__> allowing symlinks like that is a considerable security risk, as you might imagine
<qman__> you need a <Directory /blah> block for apache to render the files
<xperia> qman__: one thing that i just dont understand if symlinks are ignored why i am able then to call the index.php file still
<qman__> they might not be ignored
<qman__> depending on the options set
<qman__> what might be happening, is that apache can see all the files but PHP is being prevented from interacting with them
<qman__> in any case, it's good policy to do it the way I explained, and it will probably solve the problem
<detrix> Ok, here is the pastbin:  http://paste.ubuntu.com/510296/    I have a linksys router.  I have assigned an IP to each compute in my local net.
<qman__> detrix, ok, what is the DHCP lease range set on your router?
<xperia> qman__: yeah i guess also that something with php is probably the problem. this are btw the vhost lines http://paste-bin.com/view/8962ebcf
<detrix> All the router shows is address starting at:  192.168.1.100.  My desktop though has been assigned staticly though at 192.168.1.10
<qman__> detrix, ok, what I was getting at is that you don't want to statically assign addresses within the range, so you're ok there, and that one reason it may be failing is if that address is in use
<qman__> detrix, what command did you use to restart networking?
<detrix> nope. I have used this address for many years with this router.     sudo /etc/init.d/networking restart
<qman__> detrix, that makes it a big more puzzling then
<qman__> also, for future reference, as sysv scripts are being replaced by upstart scripts, that method won't work in the future, use 'sudo service networking restart' (and similar)
<detrix> qman__, so the interfaces file is fine?
<qman__> yes, the configuration you showed is fine
<qman__> might be something up with the dhclient, not sure exactly
<qman__> I'm assuming you installed with dynamic and then changed to static
<detrix> this is my first time playing with this.  how do I check the dns server. on the computer?
<qman__> DNS wouldn't have any effect on this, it depends on this working first
<detrix> I did not see the option to do the static. maybe I will try to re-install.
<qman__> I'd try rebooting first
<qman__> sometimes, it's the magic fix
<detrix> ;)
<detrix> but I have. for a moment I thought it did fix it.  but nope
<qman__> what's the output of `ifconfig -a` look like?
<qman__> don't have to copy it verbatim, just note which interfaces exist and what addresses they have, if any
<detrix> you want this is pastebin as well
<qman__> just telling me is fine
<detrix> it shows eth0: with the right address of 192.168.1.10.  it also show:  eth1_rename LInk  and lo:
<qman__> do you have two cards installed?
<detrix> yes.
<detrix> ones on the motherboard, the other is a pci card
<qman__> ok
<qman__> what bothers me about that is eth1_rename
<qman__> it should just be eth1
<qman__> look at their MAC addresses
<qman__> make sure they're not all 0s, and that they're not identical
<detrix> I am also seeing something fishy.  of eth0: it shows for H
<detrix> for HWaddr I get  ff:ff:ff:ff:ff:ff
<qman__> for both?
<detrix> no
<qman__> which interface?
<detrix> for eth1: I get a 6c:f0:49:72:e9:c9
<qman__> I have a feeling that eth0 either has the wrong driver, or has failed
<detrix> I am going to try to reboot one more time
<detrix> I will also pull out eth1
<qman__> before you do
<qman__> remove the file
<qman__>  /etc/udev/rules.d/70-persistent-net.rules
<qman__> then shut down, remove your extra NIC, and start back up to see what you hav
<qman__> e
<detrix> when I did shutdown -t 0 now:  a recovery menu came up....why???
<qman__> you didn't specify what to do
<qman__> I suggest using `sudo poweroff`
<qman__> but you'd have to specify -h for halt, -r for reboot, etc
<detrix> ok. I like poweroff better
<detrix> pulling eth1
<detrix> powering back up
<SaberUK> http://www.ubuntu.com/products/whatisubuntu/serveredition/techspecs/whatsnew # eta on this being updated for 10.10?
<detrix> qman__, well, that seems to have fixed it.  I was able to ping www.google.com
<detrix> qman__, thanx very much
<detrix> qman__, have a great day.
<qman__> no problem
<tomsdale__> my hd fell on the ground recently. Everything seems to be working but is there some physical check I could do to verify there are non problems?
<guntbert_> tomsdale__: I suggest you ask in ##hardware
<xperia> can somebody explain me why phpbb3 is not working after installing in ubuntu ? i just get a blank page when i call the index.php file
<NoobFukaire> is it just me or all the virtual machine tools completely broken with the latest up to date lucid system?
<NoobFukaire> I mean the kvm stuff
<NoobFukaire> I can create a new vm
<NoobFukaire> but attempting to clone it fails, no matter if I'm using qemu-img or virt-clone or whatever
<NoobFukaire> it's just fucked
<guntbert> !language | NoobFukaire
<ubottu> NoobFukaire: Please watch your language and topic to help keep this channel family friendly.
<NoobFukaire> so is that an acknowledgment
<guntbert> NoobFukaire: no, its an admonishment - mind how you say things please
<NoobFukaire> sorry cuntbert, I'll be more careful in the future
<guntbert> NoobFukaire: but as to your question: sorry, I never used kvm ....
<oxicarus> omg. so many people in this channel. guess i have a great chance of finding a solution to my issue. guys. look. i'm just the regular user, no 'advanced guru' or anything even remotely close :p i have this ubuntu server, i did apt-get install *apache2* *php5* *mysql* (sort of, you get the drill). now, the parsing of .php files works fine,, but(!) ONLY on root (/var/www/), when i put an .php file in ~user/public_html/, the php file will not parse correctly 
<xperia> hmmm why do you want it having in "~user/public_html/"
<xperia> i have all my vhosts in /var/www
<xperia> i need to go see you all next time.
<MTecknology> I really didn't think this EC2 thing through...
<MTecknology> I have 55min (less) and no idea what to do with it
<Patrickdk> terminate it :)
<MTecknology> Patrickdk: but I like playing with it
<Patrickdk> hehe
<Patrickdk> but it's not so fun to forget to kill it and get a nice bill
<MTecknology> Patrickdk: i bet
<detrix> I get the following message when I log in:   system information disabled due to load higher than 1   I am running the server, and the desktop on the same machine.  How do I get it to show the system info for higher loads?
<nnnnn> is there an easy way to block regions from accessing a website your hosting"?
<eboyjr> Any good ways of installing 10.10 server without a monitor?
<eboyjr> or keyboard :p
<yann2> depends on the server, I use ELOM on sun servers
<yann2> and iDrac on dell servers
<eboyjr> Its a dell but I don't have iDrac since it's actually supposed to be a desktop computer
<eboyjr> I had an idea of using ssh from the livecd.. don't know how I would start it though
<eboyjr> Sounds like it would be too complicated though, I'll just wait for some peripherals
<vsd20c> looking for ubuntu server administration guides any recommendations?
<uvirtbot> New bug: #657972 in samba (main) "Panic or segfault in Samba" [Undecided,New] https://launchpad.net/bugs/657972
#ubuntu-server 2011-10-03
<qman__> system services should run as nonprivileged users without access to important information, that's just basic security principles
<qman__> ventrilo doesn't have the best security reputation either, so I'd suggest following that convention here
<qman__> and if the server does anything else important, I'd look into jailing it
<tawhid111> hi all
<lickalott> hi
<tawhid111> hi lickalott
<Havlock> Anybody else having a problem with sysctl.conf being ignored on bootup?
<Havlock> 'Cause kernel.printk is defaulting to "15 4 1 7" and spamming my console with every logged message.
<Havlock> Even with kernel.printk set to "4 4 1 7" in my sysctl.conf file.
<Havlock> I have to manually run 'sysctl -p' after every boot if I want to use my console.
<bookpage> is there a way to emulate something for $display on a virt?
<twb> bookpage: I don't understand the question
<bookpage> if im running ubuntu in a virutliased environment, is there any way that i can set something to the $display variable? I was hoping that VNC output or something could be assigned to it, but im really clueless at the moment
<bookpage> sorry, twb
<twb> Uh, $DISPLAY (uppercase) is used to locate the X display, but servers do not normally run X.
<twb> Your VM might provide a virtual screen or serial console to the guest OS, and export that to the users as a VNC session or similar, but the guest will just see the emulated environment -- you need to talk to your VM vendor about that.
<bookpage> hmm, can X be placed ONTO a server after twb?
<twb> Personally I would recommend doing a little extra configuration and learning to use the serial interface, because then you can access it in a terminal instead of wasting bandwidth on a VNC display that only shows text anyway -- as a bonus, you can also copy-and-paste out of a serial line.
<twb> bookpage: it can, but we don't recommend it.
<bookpage> I see, it's not a matter of things being convenient, the bandwidth would likely be local so it would be free.... it's that i want to run things in d3d that require $DISPLAY to be set
<bookpage> and why wouldn't you recommend it twb?
<bookpage> and also, does X usually use a GPU or can does it emulate one, twb
<twb> Because GUIs don't belong on servers, and sysadmins that rely on GUIs to do their job, are crap sysadmins.
<bookpage> twb, I see, well yeah again, it's not to make things easier, it's for a purpose i wish to satisfy... I prefer ssh over vnc
<twb> What purpose is that?
<bookpage> to run d3d applications which will be captured to video
<twb> d3d?
<bookpage> ummm, direct 3d... via wine
<twb> Sorry, I don't support Windows stuff
<bookpage> wine is linux, and it uses opengl to emulate windows d3d
<twb> But if your goal is just to make captures, you could use the virtual fb driver for X
<twb> So it exists but isn't rendered anywhere except when you run e.g. "import -window root screenshot.png"
<twb> bookpage: I don't support wine either.
<bookpage> twb: thanks for your help
<twb> I think it's called Xvfb, I can't really remember
<lynxman> morning o/
<jamespage> morning all
<jamespage> morning lynxman
<lynxman> jamespage: hey :)
<jamespage> lynxman: back in the UK?
<lynxman> jamespage: yeah! glad to be back in this side of the Atlantic
<jamespage> puppetconf then sprint?
<lynxman> jamespage: exactly
<VampsDaBeast> any one any software that would allow me to graphically edit my metamodes?
<VampsDaBeast> ahh crap.. wrong channel sorry
<bookpage> is there a good clean public and current ubuntu AMI on ec2?
<smw> bookpage, cloud.ubuntu.com/ami
<bookpage> ty smw
<smw> bookpage, if you google "ubuntu ami", the first result is the wiki which mentions that page and even has that link in the summary in google. The second link is the actual page I gave you.
<smw> It is not exactly hidden ;-)
<bookpage> oh, sorry smw
<bookpage> maybe a silly question, but can you startx if there is no screen?
<nigelb> Is it an aws thing to have /usr/bin/gconftool --get /system/http_proxy/use_http_proxy run every day.
<nigelb> I've set sudo to mail me everyday and I see this on all the servers
<nigelb> I'm fairly sure its not something I've set
<koolhead11> hi all
<udienz> hi koolhead11
<koolhead11> udienz: hello
<lynxman> koolhead17: hey o/
<koolhead17> hey lynxman, how are you?
<jamespage> Daviey, zul: bah - nova-common borkes on a clean install ATM
<koolhead17> jamespage: hey
<jamespage> morning koolhead17
<jamespage> how are you today
<koolhead17> jamespage: am good. not trying diablo on oneiric though :)
<koolhead17> ATM :)
<lynxman> koolhead17: good, recovering from jet lag :)
<koolhead17> lynxman: hehe. am recovering too from 600 km bike ride :P
<lynxman> koolhead17: holy molly, were you doing the Tour de France? ;)
<koolhead17> lynxman: on motorbike :P
<lynxman> koolhead17: aaah :D
<koolhead17> Does anyone faced "gpg: keyserver timed out " error?
<koolhead17> because the public key is not available: NO_PUBKEY 7D21C2EC3D1B4472
<koolhead17> am adding key for this
<linocisco> hi
<linocisco> how to email sync ?
<RoyK> qman__: ping
<KM0201> pong.
<xiexie> hi all
<xiexie> how could I know if inetd running?
<Tm_T> xiexie: run "ps aux | grep inet" in terminal, I assume it would tell if such process is running or not
<xiexie> ps -e?
<Tm_T> I suppose that would work too
<xiexie> okay, thanks
<jamespage> Daviey, smoser, zul: review of http://tinyurl.com/629w7wf much appreciated when you get a chance
<Daviey> jamespage: hey
<smoser> jamespage, previously find would have exited failure with no files found ?
<jamespage> smoser: the filtering clause on the find bits is user = nova and (group = nogroup or group = root)
<jamespage> so when you get a fresh install its permissions are root:root
<jamespage> so they don't get set at-all
<jamespage> and it falls over in a heap
<jamespage> the piece that fails is actually the db sync call at the bottom - as nova-api can't create the sqlite database
<smoser> ah.
<smoser> yeah.
<jamespage> I had that moment as well
<koolhead17> RoyK: hwy
<jamespage> zul, smoser, Daviey: you guys OK if I push that fix?
<RoyK> ehlo
<smoser> jamespage, i'm good with that.
<jamespage> smoser: ack - doing it now
<koolhead17> Daviey: hello
<kaushal> Hi
<kaushal> is there a way to know number of HDD attached to a server ?
<kaushal> for example 1000 servers
<koolhead17>  can someone tell me what was the last revision before keystone got integrated with dashboard?
<koolhead17> last revision == on launchpad
<koolhead17> Am not able to find it after checking the revision logs :(
<robbiew> Daviey: around?
<robbiew> quick question
<robbiew> Daviey: nevermind, I'll just subscribe you to the bug...it's trivial (non-code relateD)
<robbiew> kim0: I'll finish my article today...how do you want me to answer the questions?
<robbiew> I can just reply to the comments on cloud.u.c
<kim0> robbiew: yeah .. if you think a question is good enough .. take it to the article .. but many questions are not really relevant .. for those you can reply in a comment otherwise I can try to reply
<kim0> robbiew: Thanks a lot .. I really appreciate it :)
<robbiew> kim0: yeah...I've only seen 1 or 2 so far
<kim0> robbiew: others may still come .. the US is still waking up :)
<robbiew> indeed
<Olotila> RoyK, I got the server installed
<Olotila> and there was difference between usb and cd install, even when there *should* not be :)
<Olotila> i think it messed usb boot, but left hd boot intact
<Olotila> did not boot server
<Olotila> i fixed boot with cd
<Olotila> now it works
<Olotila> But now I cannot install Adaptec 6805E drivers
<Olotila> Ubuntu server x64 10.04 LTS
<Olotila> starts to install
<Olotila> reading database ...
<Olotila> unpacking aacraid ...
<Olotila> ...installation started ... No driver found
<Olotila> No driver *archive found
<barcef> how do i install aufs-tools? it says it doesn;t exist in the repos.
<RoyK> Olotila: oh - I think I've seen that, grub messing up and installing itself to the usb stick instead of the drive
<RoyK> barcef: what's aufs-tools?
<barcef> RoyK, dunno but it's a dependency of a package that I'm trying to install
<RoyK> http://packages.debian.org/sid/aufs-tools
<RoyK> but I can't find it in ubuntu
<SpamapS> RoyK: existed in hardy, not in lucid, in maverick - present
<RoyK> barcef: what are you trying to install?
<barcef> dtc-common
<SpamapS> RoyK: probably got dropped for some reason
<barcef> should I just add http.us.debian.org/debian to my repos?
<barcef> will it break somethign?
<RoyK> probably :P
<Pici> Most likely.
<barcef> it will probably break something?
<Olotila> here is output of driven installation output
<Olotila> http://pastebin.com/hUxNWzLG
<RoyK> barcef: install the package from source
<barcef> RoyK,  is that where i have to do that 'make install' stuff?
<RoyK> Olotila: someone pasted a link to the downloadable drivers from adaptec yesterday
<RoyK> barcef: bingo :)
<barcef> RoyK,  damn, i hate doing that.
<RoyK> barcef: you get used to it :)
<RoyK> barcef: the alternative is to use a VM with hardy
<barcef> RoyK, I keep running into squeeze binaries(.deb). I can't seem to find the source.
<RoyK> what does this software do, btw_
<RoyK> ?
<barcef> RoyK, the dtc-common? or the aufs tools?
<RoyK> http://www.gplhost.com/software-dtc_5download.html
<RoyK> there's a description there on how to make a debian package, which should work well on ubuntu as well
<RoyK> but dunno if it might work
<RoyK> may have unresolvable dependencies...
<Olotila> RoyK, seems I have the latest driver AACRAID Debian and Ubuntu Driver v1.1.7-28000
<Olotila> If that was the point?
<RoyK> Olotila: but do your disks show up?
<Olotila> I do not have yet disks attached
<RoyK> I guess that's a place to start, then :)
<Olotila> yeah, after I solve backup problem described here :
<Olotila> http://www.tomshardware.co.uk/forum/274015-14-external-usb3-drive-shows-devices#t1878747
<Olotila> arg, use the link without #t1878747
<RoyK> no idea about that - it's windows, right?
<Olotila> shows in bios
<Olotila> DBAN helps neither
<RoyK> then it's a firmware thing on that usb drive enclosure
<Olotila> I think so too
<RoyK> some have that to help PCs having problems with >2TB drives
<Olotila> but dont have tools to change that
<RoyK> Olotila: disassemble the enclosure and plug the drive on SATA :P
<Olotila> dont want to void the warranty
<RoyK> well, it's not a linux thing
<RoyK> if you want to, you can span those 'drives' with lvm
<RoyK> that'll create a single logical volume
<Olotila> at this point I would be happy to get back to factory settings :)
<RoyK> Olotila: there might even be a way to disable it
<RoyK> what make/label?
<Olotila> Verbatim 3TB usb3
<adam_g> lynxman: ping
<lynxman> adam_g: pong
<Olotila>  model # 47662
<RoyK> Olotila: seems something at Verbatim must have been smoking something...
<adam_g> lynxman: hey! were you gonna update that FFE Bug #854899 to security fix? it looks like debian has updated
<Olotila> RoyK, heh yeah
<adam_g> lynxman: (puppet)
<lynxman> adam_g: was just pushing to my branch right now
<lynxman> adam_g: just this second :)
<adam_g> lynxman: sweet!
<lynxman> adam_g: yeah about to upload new packages to the ppa too in 2 mins
<RoyK> Olotila: I'd keep it as it is and just use LVM to span it
<RoyK> Olotila: no warranty issues, and if the drive dies, both will probably die at once, so no bigger chance of data loss either
<Daviey> robbiew: hola
<robbiew> Daviey: how's the summit?
<Daviey> robbiew: fyi the net connection at ODS is less than adequate.
<Daviey> robbiew: Going well, many people seem to have prepaired well.
<robbiew> Daviey: groovy...glad our demo doesn't depend on an external net connection then ;)
<Daviey> hah
<lynxman> how did the demo go?
<lynxman> or not yet
 * jamespage eod
<Olotila> RoyK sorry connection died
<RoyK> k
<Olotila> cant even nuke the drive anymore
<Olotila> or make a non-quick format
<RoyK> Olotila: can you access the partitions from linux?
<RoyK> Olotila: cat /proc/partitions
<RoyK> (not from windoze)
<Olotila> I can try that
<Olotila> what if I can?
<Olotila> I have tried tools in Ultimate Boot CD
<Olotila> great stuff
<RoyK> erm - are you using windows to access this drive?
<RoyK> or - is that the plan?
<RoyK> if so - please ask somewhere else
<Olotila> both systems
<RoyK> then you're probably stuck with two 'drives'
<Olotila> but np, I did not want to specifically bother this channel with that issue
<RoyK> windoze can create a filesystem spanning both, and so can linux, but windows doesn't understand LVM and I doubt you can make linux understand the windows volume manager - some have tried and AFAIK some have succeded, but YMMV
<RoyK> Olotila: did you try to connect some drives to that aacraid thing?
<Olotila> once intel ssd
<Olotila> but now i realize the sas cable was not properly attached
<Olotila> so actually not
<RoyK> iirc aacraid controllers doesn't show shit until you create a logical volume
<Olotila> yeah
<Olotila> that what it says in boot
<Olotila> could that be the reason it doesnt install driver ?
<Olotila> no drives attached
<RoyK> as for SSD, I don't know if the aacraid controllers support TRIM
<RoyK> sounds reasonable
<Olotila> manual says "install drivers to all OSs before creating array"
<RoyK> no reason to have a driver around with nothing to do
<Olotila> the intel ssd does not either
<Olotila> its the gen 1
<RoyK> x25-m or something?
<Olotila> yeah
<Olotila> not gonna be in raid
<Olotila> just system disk
<RoyK> I'd recommend against using an SSD for system disk
<RoyK> better use a couple of old, cheap spinning drives in a mirror
<Olotila> been thinking using it as ssd cache for raid
<RoyK> the root partition is hardly written to except logs, and is hardly read from
<Olotila> not sure yet, would have to study more
<RoyK> does linux support that yet?
<Olotila> ssd cache?
<RoyK> I thought ZFS was about the only open solution to support that
<Olotila> well, like I said, would have to study that more
<Olotila> now i would be happy to get the drivers installed as the manual says
<RoyK> I really doubt neither linux nor the controller supports caching on ssd
<RoyK> well, create a logical drive on the SSD
<RoyK> from the controller's bios
<RoyK> Olotila: if you want to use an SSD for caching, use something like OpenIndiana - native ZFS rocks
<RoyK> but then, the RAID controller is a waste of money
<RoyK> since ZFS generally does that better
<Olotila> guess gonna stick to pure spinning disk raid for now
<Olotila> ssd cache seems to be just hyping atm
<Olotila> "hybrid raid"
<RoyK> Olotila: I have this fileserver with some 14TB net storage across 28 mirrored 1TB drives and some SSDs for caching, but read and write, and it rocks!
<Olotila> ok :)
<RoyK> not linux, though
<RoyK> it's only on 1Gbps, so that's what limits bandwidth...
<patdk-wk> heh, played with zfs on ubuntu
<patdk-wk> it works, but well, not very good
<RoyK> patdk-wk: any SLOG/L2ARC support on zfs-fuse?
<patdk-wk> dunno about zfs-fuse
<patdk-wk> never used it
<RoyK> oh - native zfs on linux?
<patdk-wk> yep
<RoyK> patdk-wk: the zfs in ubuntu (apt-get install zfs) is fuse
<patdk-wk> apt-get install ubuntu-zfs I think it is
<patdk-wk> have it in a esx vm
<RoyK> afaik the only zfs in ubuntu is using fuse
<RoyK> native zfs won't go into ubuntu for obvious reasons - different license
<patdk-wk> https://launchpad.net/~zfs-native/+archive/stable
<patdk-wk> looks fine to me
<RoyK> does that come with a posix layer?
<patdk-wk> comes with zpool, zfs, ...
<RoyK> k
<RoyK> guess I'll try that some day I'm bored :P
<RoyK> patdk-wk: how did it work 'not very well'?
<RoyK> crashes or performance issues or what?
<patdk-wk> just performance
<patdk-wk> seem to have random pauses
<patdk-wk> might of been esx though
<patdk-wk> going give it a spin when I get my motherboard
<patdk-wk> before I install oi on it
<RoyK> k
<RoyK> Olotila: if you want to try zfs, google for openindiana - it's an open fork for opensolaris after oracle closed the source tap
<Olotila> I'll check that out, thanks
<RoyK> Olotila: just remember it's not linux, so a few things are different.....
<patdk-wk> heh, well everything :)
<RoyK> well, quite a lot of userspace is GNU
<maswan> there is also the option of debian/kfreebsd for zfs, if you want to have something that's a bit more similar. don't know how new/old zfs version that is vs openindiana though
<RoyK> maswan: or just freebsd...
<RoyK> tbh, I think freebsd might be a good choice for zfs, at least looking over some nasty i/o timeout handling in OI/Illumos that has surfaced lately
<patdk-wk> hmm, I can't locate any iscsi boot nics that aren't server grade class
<patdk-wk> just want some to throw in some desktops
<patdk-wk> it looks like I will have to live with pxe iscsi boot
<RoyK> patdk-wk: probably because most iSCSI boot is meant for servers :P
<RoyK> patdk-wk: but are they really that expensive? I thought you could get those for $100 or so
<patdk-wk> na, these all have iscsi offload stuff too, don't need all that, just boot :)
<patdk-wk> not that I can locate
 * RoyK doubts anyone will add iSCSI boot without offload
<patdk-wk> I want a pcie x1 low profile nic
<patdk-wk> all I can find are dual and quad port server nics
<RoyK> afaik most of those are dual+
<RoyK> but they should come in low profile...
<RoyK> but 1x may be more difficult
<patdk-wk> $135 for intel i350 dual port x4 card
<RoyK> sounds reasonable
 * RoyK is waiting for an AOC-SAT2-MV8 to setup a home server :P
<RoyK> cost me some $35 - not very fast, but stable.....
<patdk-wk> yep
<patdk-wk> should be fast enough
<patdk-wk> 600MB/sec
<RoyK> yeah, even with only 32bit PCI
<RoyK> the network is likely to be the limit anyway
<patdk-wk> what? 32bit?
<patdk-wk> my home server is 3 of those, quad gigabit, and 2 20g infiniband
<patdk-wk> limited by the pcix backplanes, to about 1400MB/sec usable
<RoyK> the card is PCI-X, but my box only has PCI slots, which isn't a big deal, since PCI-X is compatible with PCI (given you have place for the rest of the board to hang dangling)
<patdk-wk> givin the card is 5v compatable
<RoyK> patdk-wk: heh - I don't have that sort of home network/server, neither do I need it ;)
<patdk-wk> but it's cheap to just get a pcix motherboard
<RoyK> I'll try this one first
<patdk-wk> I'm annoyed at my current one, that only gets 200MB/sec
<RoyK> on pci-x??
<patdk-wk> no, pcie x8's
<patdk-wk> it only has dual gigabit though
<patdk-wk> and the drives need to be redone
<RoyK> 200MB/s is about the bandwidth you can expect with 32bit PCI 2.1
<patdk-wk> no it's not
<patdk-wk> 100MB/sec is the max over 32bit pci
<patdk-wk> 32bit 133mhz
<RoyK> 132MB/s theoretical over 32bit 33MHz
<patdk-wk> ya, 33mhz, heh, I'm still on pcix :)
<RoyK> PCI 2.1 is 66MHz
<RoyK> and has been the standard for 10ish years
<patdk-wk> well, I can say then, nothing I have ever used did pci 2.1 correctly then
<patdk-wk> I know all my motherboards supported it
<patdk-wk> but I always capped out at 100MB/sec
<patdk-wk> 50MB/sec using nic+disk
<RoyK> if the (or one of them?) controller card doesn't support 66MHz, the bus will clock down
<patdk-wk> found a single port, iscsi, pcie lp on ebay, but it's still x4 :(
<RoyK> get a new mobo :P
 * RoyK echos patdk-wk 
<patdk-wk> hehe
<patdk-wk> it's embedded systems, not that easy
<patdk-wk> have two slots, x16 used by video card, x1 empty
<patdk-wk> use them for mythtv frontends :)
<RoyK> guess you're stuck with pxe then...
<patdk-wk> it adds boot lag though :(
<RoyK> how often do you boot?
<patdk-wk> once a day
<RoyK> so, say 20secs boot lag, that's 20 out of 86400 - rather low :D
<patdk-wk> hell, I should just throw my fc card in it
<RoyK> 1x FC card?
<patdk-wk> nope :)
<RoyK> RS/232 to FC adaptor?
<patdk-wk> that works
<RoyK> probably faster with an SD card for the root, though
<patdk-wk> I did usb stick for root, for a while, was painful
<RoyK> well, with infiniband and fibrechannel at home, you should whine somewhere else :P
<patdk-wk> heh
<patdk-wk> it's only 2g fc
<patdk-wk> but then the fc tape drive only goes 70MB/sec
<RoyK> almost like poverty - I can understand...
<patdk-wk> well, I need it
<patdk-wk> I can't well tell people, here, buy and install this stuff, no I personally have no idea how to use it, or if it will work
<patdk-wk> plus, when there are issues, and it's possible, it's nice to bring it home, and test it
<patdk-wk> that is what I got the fc stuff for
<patdk-wk> the infiniband was for proof of concept, and cause well, 10g ethernet costs too much
<RoyK> more than IB?
<patdk-wk> 10g ethernet is like double or triple the price of IB
<patdk-wk> cheapest 10g switchs start at 3k
<RoyK> how much do you pay for a 24-port IB switch giving you ~10Gbps?
<patdk-wk> $350
<patdk-wk> cisco topspin 120, dual psu's and managed
<RoyK> used or new?
<patdk-wk> used
<patdk-wk> there are no used 10g ethernets
<patdk-wk> and I don't need new for home
<RoyK> a 24-port 10gE is close to $1k, or a bit more from cisco
<patdk-wk> what model?
<jhobbs> where are you finding 24-port 10gig switches for $1k?
<patdk-wk> I'm thinking 24gig ports, and options to install 2 10gige
<jhobbs> yeah, the two sfp's would be about $1k ;)
<patdk-wk> ya
<RoyK> supermicro/dell switches cost some $1k, perhaps $1k5 for a 24-port gigE - same switch - from Delta Electronics
<RoyK> eeeeeerm
<RoyK> not 1k
<RoyK> 10k
<RoyK> decimal error
<patdk-wk> ya, 10k, 10gig ethernet totally out of price range
<patdk-wk> I can get 40gig IB for cheaper
<koolhead17> hello all
<patdk-wk> cisco 12port 10g, 3560E-12D, $13k
<RoyK> cisco generally costs a wee bit more...
<patdk-wk> yep
<patdk-wk> I find netgear business switchs to be good personally
<patdk-wk> have about 8 of them, only the poe models have ever died on me
<patdk-wk> I now use external poe piggyback switchs
<RoyK> probably rebranded from delta or something
<patdk-wk> nope
<RoyK> I know for certain that most of netgear's stuff is OEM
<patdk-wk> the two issues I had with netgear, they have fixed in the firmware
<RoyK> they do the firmware, or have good contacts with the producer, but they don't make hardware
<patdk-wk> man, launchpad i386 build servers are busy today :(
<patdk-wk> 6h delay currently :(
<TheEvilPhoenix> patdk-wk:  they're working on building the packages for the 11.10 release arent they
<koolhead17> :(
<patdk-wk> dunno, no delay on amd64
<patdk-wk> glad I am not building lpia stuff anymore, 27hour delay
<TheEvilPhoenix> lol
<GTRsdk> how do I setup a server that serves files to my PlayStation and other computers on the network?
<RoyK> GTRsdk: afaik, there's no official release, but http://ps3mediaserver.blogspot.com/ works well
<RoyK> GTRsdk: that is, that software works, but isn't under the ubuntu hat
<GTRsdk> RoyK, I just need to be able to connect to the server via web browser and download files, but not have the files on the server searchable via Google (or similar)
<RoyK> GTRsdk: there are several web browsers available for ubuntu - the ps3mediaserver is a media server that is recognized by ps3 automatically
<RoyK> s/web browsers/web servers/
<RoyK> if you just need a webserver, install apache or something
<GTRsdk> RoyK, I just need the files to be downloaded, like how a ftp server can let people download files on a simple UI
<jamespage> zul: around?  having trouble reconciling the packaging branch for nova with what's currently in the oneiric archive - patches appear to be different
<jamespage> hmm - looks like not - maybe Daviey or smoser might be able to help ^^
<RoyK> I read there's GTRsdk both apache or some other web server, or some ftp server like ncftpd can do that
<RoyK> sorry - both apache or some other web server, or some ftp server like ncftpd can do that
<ikonia> if you want your play station 3 to play media you need a unpnp player
<ikonia> upnp even
<RoyK> ikonia: no reason for that if you're on the same lan
<ikonia> there is if you want the ps3 to be able to browse and play the media files as part of it's media player
<ikonia> I don't care really, what you want to do
<RoyK> ikonia: ps3mediaserver works will out of the box - beleive me
<ikonia> that's not a web server
<ikonia> it's a upnp server
<RoyK> upnp is for opening ports in a firewall
<RoyK> without a firewall in between, there shouldn't be a problem
<ikonia> http://en.wikipedia.org/wiki/Universal_Plug_and_Play
<ikonia> it's not for a firewall
<ikonia> that's actually not a bad description
<ikonia> for once wikipedia actually has a reasonable description, shock horror
<RoyK> I thought ps3 used SLP or something sane
<ikonia> I've only seen it work happy with upnp
<ikonia> anyway, what ever you feel is best
<RoyK> I guess the reason SSDP doesn't use SLP is that's it's written by fscking mickysoft
<RoyK> I mean - SLP is sane and simple
<ikonia> or "microsoft" as we call it in the grown up world
<RoyK> every time someone makes a good protocol, microsoft just has to make a new, and irrecoverable worse one
<RoyK> ikonia: there's a perfectly good reason to name them mickysoft - stuff that comes from that house, like upnp or pptp or - well - anything - seems to lack support from anything but internal closed-source binaries from themselves
<ikonia> RoyK: there is no reason to call them stupid names,
<RoyK> ikonia: I must say there is. Any software house that lives on due to defunct, proprietary software, not gaining the communities around, only themselves, should be given pet names for what they do
<RoyK> ikonia: and Microsoft is one of the worst in that setting
<ikonia> RoyK: grow up, it's a business, it's not illegal to make proprietary, nor is it a problem, if you can't discuss them without stupid names for them, then your views have no credability
<ikonia> and it's not welcome within the Ubuntu name space
<RoyK> take OOXML, you make a ripoff out of OpenDocument and in it, you allow for binary encoded proprietary extensions. That's not open
<ikonia> it doesn't really give the Linux or ubuntu commuity a good name calling competators stupid names
<ikonia> RoyK: I don't care if it's open or not - there is no law that says everything must be open.
<RoyK> there should be a standard saying naming something open, should be used only for open products
<ikonia> RoyK: I don't care
<RoyK> and the first O in OOXML is for "open"
<RoyK> ikonia: then you don't care much about open source, IMHO
<ersi> RoyK: It's okay to have an opinion. It's NOT okay to be an ass about your own opinion though. Respect others opinions, as they should respect yours.
<GTRsdk> I think ushare will work, but will I be able to download via web browser?
<tdelam> hey guys, does ubuntu server encrypt the HD by default?
<tdelam> We suffered a crash and have this error on boot asking for a passphrase which we've never created before, I'm not sure how to get around this
<ersi> tdelam: No. It's totally optional.
<ersi> tdelam: So someone did choose to set a passphrase and encrypt some portion of the install.
<tdelam> Interesting, :(
<icekk_> hey guys, my ubuntu server has an ip address, i can ssh into it remotely across the internet, but for some reason when i try to ping google or perform apt-get upgrade it cant resolve the hosts
<icekk_> any idea how i could fix this
<tdelam> is there anyway around it if they don't remember doing that, ersi ?
<icekk_> When I ping an ip it says 66 packets sent, 0 recieved, 100% packet loss
<ersi> tdelam: Pretty much screwed, if that was the case. Your only option is to brute force the passphrase - hoping The Installer Person chose a dumb phrase
<tdelam> Ha! damn
<tdelam> ok thanks ersi
<ersi> Good luck man :/ Tough situation
<ersi> Go get the wrench ;)
<tdelam> ersi: hah thanks
<RoyK> ersi: sorry, did you misunderstand my words?
<zul> oh my god...wireless is working
<KM0201> lol, a wireless server?
<fishscene> Hello everyone. I just wanted to send a great big "THANK YOU!" to the Ubuntu Server team. I installed Ubuntu Server on a fit-pc2i and will be streaming a live infrared webcam feed to our video and backstage crews using VLC and Ubuntu 11.04 Server. We really appreciate how easy this was to set up and get working. :)
<SaidKLE> QUESTION: how to enable php5-pgsql module in php5 and ubuntu server 11.04
<SaidKLE> ...I installed it, but I keep getting "Unrecognized function call pg_connect()" in error log
<SaidKLE> Question: How do I get php5 to connect to postgresql?  I installed apache2, php5, php5-postgresql, etc., but nothing it working.
<SaidKLE> edit: server is working, php is working, pg_connect() is not recognized.
<Toidi> If I create a raid array with mdadm will it format it? (using mdadm --create --level=1 --raid-devices=2 /dev/sd[bc]1)
<twb> Define "format"
<Toidi> wipe all present data?
<Toidi> Some idiot unplugged the NAS server while running and now it won't boot. I've loaded up an ubuntu desktop live cd to try and run fschk on it to verify the drives for the array are fine
<Toidi> I just need to add /dev/md0, but I don't want to format it
<twb> Toidi: it will write data to the disk, but it won't overwrite everything within sd[bc]1
<twb> If you want to assemble an existing array, use --assemble, not --create.
<twb> If sdb1 is a normal partition and you want to turn it INTO a RAID1 array, you can't do it that way.
<twb> In that case, you need to create a degraded array using only sdc1, copy the files / filesystem from sdb1 to md0, then add sdb1 to md0 as an array node (which WILL overwrite everything in sdb1)
<twb> If you've never done that before, you should definitely make a backup first
<nronksr> can someone tell me if the 10.04LTS version of the ubuntu-server portmap is securable via hosts.allow/hosts.deny files?
<twb> nronksr: /etc/hosts.allow is tcpwrappers; it will show up in ldd deps as libwrap or something IIRC
<twb> nronksr: but I strongly advise you to use netfilter and ipset instead, because if someone later on recompiles a daemon *without* libwrap, you won't silently lose all your blocks
<twb> If this is just for NFS, you can set some config files that will make it use static ports, which makes firewalling it much easier
<nronksr> I'm looking at nfs setup in particular.  I was planning on firewalling it, but I also like controlling from hosts.allow/deny as well.
<nronksr> old habits...
<twb> http://cyber.com.au/~twb/doc/iptab
<twb> That first block is there as a safety net to avoid netfilter failing open
<twb> That's what I would do instead of duplicating your blocklist in both netfilter and tcpwrappers
<nronksr> Thanks, I'll take a look!
#ubuntu-server 2011-10-04
<twb> (The rest of that firewall doesn't really concern you.)
<nronksr> no problems.
<hallyn_> jdstrand: did you have any libvirt bugfixes you were still planning to try to push for o?
<hallyn_> SpamapS: bug 865686 - is it true that upstart will kill any pre-stop job after 10 seconds?  I didn't observe that in my testing fwiw
<twb> hallyn_: might depend on which release you're on?
<hallyn_> twb: it might, but i *think* everyone is talking in terms of oneiric here.  But maybe not
<hallyn_> yeah bug submitter at least is
<hallyn_> hopefully that timeout isn't a new upstart feature
<twb> hallyn_: ignore me, I missed the bug #
<Takyoji> I noticed a mistake in this tutorial: https://help.ubuntu.com/community/OpenLDAPServer#Creating_a_DIT_with_the_RTC_System
<Takyoji> The last line of the <code> section, "olcDbIndex: objectClass eq", it's missing the object class to index.
<Takyoji> and I don't know what one it would be.
<Takyoji> or I'm misreading the error message. "ldap_add: Invalid syntax (21) - additional info: objectClass: value #1 invalid per syntax"
<twb> Takyoji: you ran ldapmodify instead of ldapadd, maybe
<Takyoji> I actually did run ldapadd
<twb> That attribute is perfectly valid and noraml
<Takyoji> So then where is the syntax error? :P
<twb> I don't know
<twb> I would guess that you already had that object in the database, or you made a transcription error
<Takyoji> actually I think I know what it is, it's probably not described since cosine.ldif, nis.ldif, nor inetorgperson.ldif was imported.
<Takyoji> of which isn't mentioned on that link
<SpamapS> nis.. Ugh
<twb> SpamapS: it's not actually nis
<twb> SpamapS: you'd do better to complain about cosine, anyway, they are like Teh InterNet 0.1b2
<twb> The only reson they're still around is because there are accidental dependencies in the schemas
<SpamapS> twb: I really don't like ldap either.. but it seems we're stuck with that crapfest
<twb> LDAP is better than NIS+ or whatever
<twb> Certainly better than putting account objects in mysql
<twb> I think LDAP itself is OK, it's just that nobody has made it intelligible to small-timers yet, so you have a huge ramp-up cost
<twb> All the OpenLDAP people have a huge hard-on for compiling stuff in /opt against the latest openssl and building in support for enterprise bidirectional sync between databases and shit, but if you just want "the Linux equivalent of AD on SBS", then you don't care about that.
<twb> And of course kerberos is even worse
<SpamapS> twb: well kerberos is sort of complimentary to LDAP
<SpamapS> twb: IIRC, 389 server was started to try and make this easier
 * SpamapS prepares to board his red-eye
<twb> *complementary
<twb> "complimentary" would be if LDAP said "hey krb, you have a nice arse"
<nigelb> twb: lol.
<nigelb> twb: I'd say that of LDAP, not kerb ;)
<twb> And then LDAP *maces krb in the face*
<twb> Rarr!
<jamespage> morning all
<jamespage> rbasak: around?
<lynxman> morning everyone
<jamespage> morning lynxman
<lynxman> jamespage \o/
<jamespage> lynxman: and how are you on this fine day?
<lynxman> jamespage: enjoying the mini summer although slightly jet lag still, and you? :)
<jamespage> lynxman: all good here - enjoying a nice cup of fresh coffee!
<lynxman> jamespage: brilliant :)
<jamespage> rbasak: question re nova - should we be using patchset 1 or 2 from https://review.openstack.org/#change,706?
<jamespage> I think its 2 - but we currently have 1 in the archive and 2 in the packaging branch which I need to resolve
<Daviey> How are things looking?
<jamespage> Daviey: meh
<jamespage> endeavouring to sort out the nova break this morning
<jamespage> seems we might not have the right patchset for the ringbuffer/libvirt stuff in the version in the archive
<Daviey> jamespage: What breakage are you seeing?
<jamespage> Daviey: same break from yesterday - nova-common postinst and permissions on /var/lib/nova
<Daviey> ah
<jamespage> I have that fixed - however the patch for libvirt console in the archive is patchset 1 from upstream
<Daviey> find being over excited
<jamespage> whereas the patchset in the packaging branch is patchset 2
<jamespage> any idea which we should be using?  I've not found rbasak this morning yet
<rbasak> jamespage: patchset 2
<jamespage> \o/
<rbasak> I'm also thinking about trying a process-based solution instead of a thread-based one
<jamespage> great - we are not at the moment - I'll update the changelog entry for 0ubuntu5 to reflect that we used the wrong patch in 0ubuntu4 and re-upload
<Daviey> super
<rbasak> How are we doing about timing at the moment? Is it worth me trying a process based improvement, or would that not hit the archive in time? There doesn't seem to be any conclusion in the review at the moment for the upstream submission though I suppose ODS is slowing that down
<jamespage> Daviey, rbasak: uploaded
<jamespage> let see if we can not annoy the release team today :-)
<Daviey> rbasak: Yeah, I think we'll have to continue with the patchset #2.. I'll bug vish today, and see if he can comment.
<lynxman> Daviey: hey sir o/
<Daviey> hey ly	
<lynxman> :)
<lynxman> Daviey: I applied the security patches to my puppet FFe, was wondering if it was worth it also to provide packages for 2.7.5
<Daviey> lynxman: I really don't think 2.7.5 can go in Oneiric.
<Daviey> Weare a week before release, the amount of testing, potential fallout is too high.
<lynxman> Daviey: I know :) was just asking
<Daviey> It's /because/ it's a mian package that we need to be more careful.
<lynxman> Daviey: sure, we ran all the unit tests and it was fine though
<lynxman> (thankfully puppet provides them)
<Daviey> If we ddiidn't care about it, then sure.. but because we do..
<lynxman> Daviey: of course, more than understandable
<Daviey> oh, if unit tests pass it must be solid.. lets ship it :)
<lynxman> Daviey: still 2.7.3 should still be considered, specially now that all has been patched
<lynxman> Daviey: sorry, didn't hear you through the sarcasm ;)
<lynxman> lol
<Daviey> heh
<lynxman> Daviey: sorry for being so insistant on it, but I think it's important :)
 * lynxman praises Davieys infintite patience
 * jamespage biab
<Daviey> lynxman: I think if we look to drop it to universe, we can bump it :)
<Daviey> can't have everything :)
<lynxman> Daviey: *sad panda* but understandable
<rbasak> https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/865462 is a report of a regression in a security update. What should I do with it?
<TREllis> puppet to universe?
<TREllis> a small part of me just died.
<lynxman> TREllis: he was joking ;)
<TREllis> lynxman: whoops, I'll promise to replace the kittens that just died :)
<lynxman> TREllis: sacrificing kittens again in your basement? ;)
<TREllis> lynxman: :-)
<TREllis> has anyone packaged netcf?
<Daviey> TREllis: I'm saying that a new upstream release of puppet this close to release, is too dangerous for us to support.
<Daviey> The fact that it is in main, means we have to care about supportability.
<TREllis> Daviey: aye, I agree with no shipping the latest & greatest right this second anyway
<TREllis> hallyn_: did you get anywhere with netcf packaging? I see you piped up on http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573072
<jdstrand> rbasak: that issue is only on lucid, and I'll fix it
<rbasak> jdstrand: thanks!
<hallyn_> TREllis: no, haven't foudn the time.  Note that it's not *packaging* netcf.  It's implementing it for debian networking
<koolhead17> hi all
<hallyn_> TREllis: i'm hoping the next cycle will nice and stable, and there'll be time to do that :)
<koolhead17> soren: i never got your reply ysterday :(
<koolhead17> *yesterday
<TREllis> hallyn_: ah cool, dberrange posted about it the other day. He's done the implementation for debian & ubuntu
<TREllis> hallyn_: http://berrange.com/posts/2011/09/28/porting-netcf-to-debianubuntu-suse-and-windows/
<TREllis> hallyn_: so I started some packaging
<hallyn_> TREllis: awesome!
<soren> TREllis: Wow, that's really good news!
<hallyn_> soren: yes, other than making me feel like a lazy heel :)
<soren> hallyn_: Get in line, man. That's been on my todo list since 2008 :)
<m4xx> i'm trying to set up a pxe boot menu. i've followed some instructions that i've found here: http://www.serenux.com/2010/05/howto-setup-your-own-pxe-boot-server-using-ubuntu-server/ when  boot up my client it says "could not find kernel image: ubuntu-installer/i386/boot-screens/vesamenu.c32"
 * hallyn_ takes his spot in line
<TREllis> soren: indeed, perhaps openstack can use it ;-)
<TREllis> well, nova specifically
<soren> TREllis: Yep.
<fixxxermet> I'm looking for a way with orchestra / cobbler to override the automatically generated pxelinux.cfg/default file - I don't want to include hostname or domain n the append line.
<fixxxermet> These get setup automatically when I run 'cobbler sync'
<m4xx> sorry, my dumb ass put ubuntu-installer directory in pxelinux.cfg instead of the root tftp directory =\
<sidnei> SpamapS, around?
<SpamapS> sidnei: yes, at conference so my responses may be interrupted. whats up?
<sidnei> SpamapS, got pinged by a pypy developer about getting a package into ubuntu (again, it was in hardy but got removed right after apparently). no idea who or how to ask about that.
<SpamapS> sidnei: https://wiki.ubuntu.com/UbuntuDevelopment/NewPackages
<sidnei> awesome, thanks!
<boxybrown> hey all
<boxybrown> I'm trying to setup an LDAP server, and its way more overhead than I'd prefer to manage
<boxybrown> are there any out of the box solutions you would recommend
<boxybrown> something like the Fedora Directory Server, or Mandriva Directory Server?
<atdprhs> Hello, I am now beside my ubuntu-server that is a webserver and hosts a website
<atdprhs> I want to configure it to that way where I can just type my website's name instead of the local ip address, what do I do?
<pmatulis> boxybrown: try the Ubuntu serverguide
<pmatulis> atdprhs: set up name resolution (/etc/hosts or DNS)
<atdprhs> I went through and I configured it,but I reached to that point in my programming, I need it to be sitename.com instead of 192.168.1.X
<atdprhs> dns is empty
<atdprhs> /etc/dns is empty
<atdprhs> hosts: 127.0.0.1 sitename.com localhost
<atdprhs> 192.168.1.2 sitename.com localhost
<boxybrown> pmatulis: I already tried the ubuntu server guide, and followed the directions for installing OpenLDAP
<atdprhs> pmatulis: anything I should do?
<boxybrown> I'd rather not have to deal with schema setup and writing my own scripts for adding users etc etc, I was wondering if there were any 'out of the box' packages like Mandriva Directory Server
<pmatulis> atdprhs: yes, google for 'linux hostname resolution'
<atdprhs> okayz, thank you, give me 15 minutes and I will tell you if I got any progress or not
<pmatulis> boxybrown: what do you mean by 'out of the box' packages?
<boxybrown> pmatulis: it already has schemas setup, they already have scripts and/or a user interface for managing users
<AdvoWork> whats the general rule of thumb for swap space? if im assigning say 15GB, how much swap space should I assign?
<pmatulis> boxybrown: schemas depend on what the purpose of the directory is
<pmatulis> boxybrown: you can alwyas install a graphical client to administer it
<pmatulis> boxybrown: such as 'Apache Directory Studio'
<boxybrown> pmatulis: yes I'm aware, but when you are just trying to setup a simple LDAP to do user management, theres a lot of cruft to try to understand with regards to schema setups
<boxybrown> I want that to be abstracted as and have reasonable defaults
<pmatulis> boxybrown: LDAP by nature is a very versatile tool, you cannot expect a 'one size fits all' type arrangement
<boxybrown> if it doesnt exist on ubuntu, it doesn't exist, I was just wondering if there were suggestions
<boxybrown> pmatulis: this is an unreasonable argument because this tool exists on other distros. whether you agree with those packages or not is irrelevant, i'm simply asking if theres such a solution for Ubuntu
<pmatulis> boxybrown: i'm not arguing
<boxybrown> thanks for your help
<pmatulis> boxybrown: you're welcome
<jason_> anybody ever tinker with LTSP using PPC clients?
<hallyn_> soren: is openstack code still in bzr right now?
<AdvoWork> whats the general rule of thumb for swap space? if im assigning say 15GB, how much swap space should I assign?
<TheEvilPhoenix> you dont technically *need* swap
<TheEvilPhoenix> my rule of thumb is 1.5x or more the amount of RAM you have, but only if you intend to use more than the amount of physical memory
<Tm_T> AdvoWork: as much as you need
<hallyn_> (commits as of 10/1 so i'll assume so)
<robbiew> jamespage: ping
<jamespage> robbiew: call time?
<robbiew> aye
<robbiew> jamespage: g+?
<jamespage> robbiew, good with me
<robbiew> jamespage: one sec...will send an invite
<robbiew> jamespage: invite sent...I think
<jason_> anybody ever tinker with PPC clients on an LTSP server?
<soren> hallyn_: No.
<soren> hallyn_: Well, the trunks are in git, but the stable branches are still in bzr, I think.
<hallyn_> oh
<hallyn_> the wiki page linked which was supposed to tell me where to get the code, did not exist :)
<hallyn_> feh, now it is.  wiki glitch earlier today?
<soren> Not that I know of.
<soren> hallyn_: root      3557  0.0  1.8 408844 298044 ?       Ss   Feb24   0:41 /usr/sbin/apache2 -k start
<soren> hallyn_: Seems to have been running untouched for a while :)
<hggdh> SpamapS: there?
<hallyn_> soren: <shrug>  it pointed me to a 'do you want to creae this page' page (it being the link from http://wiki.openstack.org/HowToContribute)
<hallyn_> oh well
<robbiew> RoAkSoAx: you'll be updating https://wiki.ubuntu.com/ServerTeam/Orchestra with instructions and such, right?  I **think** you said "yes", but my memory is crap during the month of the release.
<RoAkSoAx> robbiew: hehe yeah I will
<RoAkSoAx> robbiew: im actually still writing the document from the sprint, which it will also serve as base to update the wiki
<robbiew> cool
<robbiew> thnx!
<Daviey> hallyn_: You are most confident that the libvirt changes only impact lxc?
<hallyn_> Daviey: it passed qa-regression-testing at any rate
<Daviey> hallyn_: If it blows up in my face, can i blame you? :)
<hallyn_> of course
<Daviey> nah, i wouldn't do that.
<ikonia> (he would)
<Daviey> hallyn_: Just to confirm, it doesn't touch the kvm (or other) interfaces?  It doesn't look like it, but can you confirm?
<ikonia> Daviey: fyi: should have my last bug fixed later tonight, I think this ones a fixer
<Daviey> ikonia: rocking, what bug number?
<hallyn_> it doesn't touch those interfaces.  It does however moving virExec* from util/util.c to util/command.c, but nothing broke due to it
<ikonia> not got number here in office hence "tonight"
<Daviey> ikonia: Just ake sure it's not one already fixed..
<Daviey> make*
<ikonia> I learnt that lesson :)
<Daviey> cool
<utlemming> hallyn_: you around?
<hallyn_> utlemming: yes
<hallyn_> trying to make sense of kernel signal delivery code
<utlemming> hallyn_: qemu arm images are working again
<utlemming> last nights build boots all the way to a login prompt (albeit slowly)
<hallyn_> utlemming: cool
<hallyn_> i assume that's arm VM on x86 host?
<utlemming> yes
<utlemming> qemu-system-arm -M beagle -sd <file>
<dnyrgr> Hi, ive installed apache on ubuntu server everything seems to be working fine but I added a directory to /var/www and I get a 403 and 508 error when I try access those files froma  browser can  anyone help please?
<genii-around> dnyrgr: Do those directories belong to www-data ?
<dnyrgr> guampa: Im new to apache (im trying to put up some doc. generated by doxygen on a local dev. server) so I dont know what that is.
<guampa> tabfail, but, permissions aren't related specifically to apache, moreso to the OS
<guampa> or should i say "ownership"
<dnyrgr> no I don't seem to have a 'www-data' group
<dnyrgr> guampa: ^
<guampa> what OS ?
<dnyrgr> ubuntu server
<guampa> "getent group www-data" doesn't return an entry?
<dnyrgr> yes it does sorry
<genii-around> If you installed apache it should have made www-data entries
<guampa> give that group ownership to the resources
<dnyrgr> still get the same errors
<dnyrgr> I can add files to /var/www the problem only seems to occur in the 'doc' subdir. of www
<dnyrgr> Im also generating the files and then cp the directory to doc
<dnyrgr> no sure if that helps
<Toidi> I Installed and configured Samba via webmin, but for some reason why I attempt to login it rejects it and the log shows the line "Can't become connected user!". Any ideas on how to fix this?
<dnyrgr> guampa: any more ideas?
<guampa> dnyrgr: idk know what errors you got
<guampa> but you might check the permissions are correct besides ownership
<koolhead17> hi all
<guampa> meaning the group (if you gave www-data group-ownership) has to have rx permissions on everything you want apache to access to
<dnyrgr> guampa: 403 in the browser 505 in access log and 'client deied by server configuration' in the error log
<guampa> i don't think that's related to perms/ownership but still check those
<guampa> dnyrgr: also you might want to try in #httpd too, apache's channel
<dnyrgr> guampa: lol thats where I started they sent me to debian and ubuntu which sent me here
<guampa> hehehe, "irc soccer" it's called ^^
<dnyrgr> guampa: ok well thanks for all the help thanks
<guampa> from the error it looks like it should be something in the apache config, but i can't help beyond that, sorry
<hggdh> SpamapS: is it a good time to talk about squid & maverick?
<SpamapS> hggdh: probably not, at ODS
<robbiew> SpamapS: if you see adam_g, tell him I'm back
<robbiew> nevermind
<robbiew> lol
<hggdh> SpamapS: roj. For the record, there is no FS recovery after applying the maverick-proposed squid; but still the system states the FS is in use, and remounts it RO
<fixxxermet> I'm having some confusion with orchestra.  I'm adding a system with "cobbler system add --name=test-vm-1 --profile=lucid-x86_64 --mac=52:54:00:af:2c:9f"
<fixxxermet> The issue is that the pxe menu for this system, the profile is listed as 'test-vm1' instead of 'lucid-x86_64'
<fixxxermet> As seen in http://pastebin.com/xPuvUimy
<hallyn_> Daviey: oh, we never finished our discussion
<hallyn_> Daviey: I vote let's go with the longer patchset - it's the one i tested with qa-regression-testing
<koolhead17> fixxxermet: so the profile you have selected in your systems file will be used for that mac address :)
<koolhead17> lynxman: hey
 * koolhead17 finds channel in deep silence today!!
<fixxxermet> koolhead17: Sorry, systems file?  I thought the profile was selected by the --profile switch
<koolhead17> fixxxermet: i meant that particular system will use profile as mentioned/provided by systems file
<fixxxermet> What is the systems file, though?
<fixxxermet> From the pxelinux.cfg file you can see "url=http://192.168.10.1/cblr/svc/op/ks/system/test-vm-1" is being based off the --name and not the --profile
<koolhead17> I'm adding a system with "cobbler system add --name=test-vm-1 --profile=lucid-x86_64 --mac=52:54:00:af:2c:9f"
<fixxxermet> right
<fixxxermet> Honestly I'm not seeing what you're getting at.
<koolhead17> fixxxermet: what i meant by that is, in you cobbler/orchestra configuration, you can have N number of profiles
<fixxxermet> right
<koolhead17> now when you want to use one particular profile for a specific system on basis of MAC address you use cobbler system add
<koolhead17> and there you can specifically provide it whiich
<koolhead17> profile it should use
<koolhead17> am i much clear now?
<fixxxermet> Isn't that what I did?  I want a particular system, based on mac address, to use a particular profile, from the --profile switch?
<koolhead17> hmm so what is the the problem?
<fixxxermet> is isn't using the profile that I'm telling it to.
<koolhead17> fixxxermet: can you inspect the entry of your system file once
<koolhead17> fixxxermet: cobbler system report --name= >
<fixxxermet> Profile                        : lucid-x86_64
<fixxxermet> @ koolhead17
<koolhead17> fixxxermet: interesting: so this profile is overwritten via orchestra?
<fixxxermet> koolhead17: No, the profile isn't touched.  When I run 'cobbler system add' and then 'cobbler sync', it makes the pxelinux.cfg/Mac-add-res-s file.  In that file, instead of pointing the url to the profile, it points the url to the system name
<koolhead17> fixxxermet: you dont need to use cobbler-sync after adding the system i suppose.
<fixxxermet> koolhead17: running cobbler-sync sets up the tftp pxe files
<fixxxermet> otherwise it boots using the default pxe file
<koolhead17> fixxxermet: i never did this sync think with standalone cobbler afaik
<fixxxermet> koolhead17: have you used orchestra?  I haven't used standalone cobbler myself
<koolhead17> i have use cobbler on ubuntu. installing orchestra as am having conversation with you on oneiric
<tdn> I am experiencing a lot of I/O wait on my system. Is there any way to see which processes/users are causing the I/O wait? I have tried top and htop, but they do not seem to reveal this.
<hallyn_> iotop?
<tdn> hallyn_, great idea. I will try that next time. The load is currently over.
<boxybrown> I've run into a reproducible issue when performing an apt-get dist-upgrade on ubuntu-10.10 server
<boxybrown> it basically bonks my install
<boxybrown> shutdown: error while loading shared libraries: libdbus-1.so.3: wrong ELF class: ELFCLASS32
<boxybrown> any ideas?
<boxybrown> :(
<Daviey> hallyn_: yeah, that was settled. :)
<boxybrown> is there any way to get a list of packages that shows which are 32bit and which are 64bit?
<|G0LTaR|> hello, i got a problem :/ i try to perl script and i got this error: Can't locate HTTP/Request.pm in @INC (@INC contains: /etc/perl /usr/local/lib/perl/5.10.1 /usr/local/share/perl/5.10.1 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10 /usr/local/lib/site_perl .)
<|G0LTaR|> some help? :(
<erichammond> Where would I find the list of upstart events triggered by the new cloud-init software in Ubuntu 11.04 Natty?  They apparently have changed from some older versions.
<erichammond> ...and now I try a different Google search and up pops smoser's alerting me that it was going to change and what I should use: http://groups.google.com/group/ec2ubuntu/browse_thread/thread/3a0ccf40a45e7857
<erichammond> I'll give this a try.
#ubuntu-server 2011-10-05
<genii-around> I guess that's what you get for idling... ;)
<pmatulis> @comment 43860 that was a test guys!
<ubottu> The operation succeeded.
<IdleOne> that was uncalled for and mean. I am reporting you for op abuse
<IdleOne> :P
<pmatulis> awwww
<boxybrown> this is the most unhelpful channel
<boxybrown> but FYI, I fixed my problem
<boxybrown> it ended up being a VM + Linux Kernel issue
<boxybrown> http://ubuntuguide.net/virtualbox-4-on-ext4-error-host-io-cache-will-now-be-enabled
<TheEvilPhoenix> lol @ opabuse :P
<cruiseoveride> Hey guys, I need some help with software raid
<cruiseoveride> Is this the right place to ask?
<cruiseoveride> I created an md1 (radi1) with sdb1 and the 2nd drive missing. I then ran mkfs on md1, mounted it, copied some files, and then umounted, rebooted. Now i cant mount md1. Says there is no filesystem
<cruiseoveride> be right back
<cxo> Right, back.
<cxo> Is there a better channel for mdadm questions?
<haha> hi
<haha> could anyone kindly help me download this file please:http://www.filesonic.com/file/2311849181/0470540834.pdf
<twb> Is there a way to get I/O stats for tmpfses?
<ClayFig> hey does anyone here test security?
<jamespage> morning all
<lynxman> jamespage: morning!
<daxroc> morning
<daxroc> Has anyone encounterd nfs issues where it times out most of the time but does eventualy connect? ubuntu 10.10, nfs v3 on both ends
<twb> daxroc: at boot?
<daxroc> twb: no, manual mounts. autofs fails too with timeouts
<twb> haven't seen that, no
<twb> I know the boot process as at lucid has cyclic dependencies (i.e. never works) for some NFS use cases
<daxroc> It seems to work fine on fresh installs, but dist upgrades seem to have problems
<twb> Hm, the main difference I know of is that hardy had server-side groups off, and lucid had them on
<twb> Which only matters if your NFS server can't resolve uids/gids on its own exports
<twb> daxroc: I would be doing some tcpdumping and rpcinfo -p'ing and such, see if you can spot a bork-bork
<jamespage> lynxman, morning
<daxroc> twp only thing that stands out in the tcpdump is .rpassword incorrect for the two hosts
<AdvoWork> to install the man pages, is it sudo apt-get install man or manpages or both, as i see both exist?
<ikonia> AdvoWork: the man pages are installed by default
<ikonia> AdvoWork: you shouldn't need to install them
<AdvoWork> ikonia, hmm, ive just used debian and xen to install ubuntu 10.04 server,and its sort of installed a bare bones system, ive had to install like vim, ssh etc, and it doesnt appear to have man either
<ikonia> AdvoWork: what install media did you use
<AdvoWork> ikonia, on the debian machine, i specified the link for lucid # mirror_lucid = http://archive.ubuntu.com/ubuntu
<AdvoWork> and installed via xen that way
<AdvoWork> it seems to have installed, but as i say, barebones
<ikonia> AdvoWork: no, I asked what ubuntu install media you used
<AdvoWork> well, i specified that path, xen downloaded and installed it, is that what you mean?
<ikonia> so you didn't install from an iso for example ?
<AdvoWork> no
<AdvoWork> first time ive ever made an ubuntu VM, and it seemed to go ok, but im wondering if it didnt now
<ikonia> I'd suggest using one of the iso images so that it goes through the proper install process, gets the right packages, configures them etc etc
<AdvoWork> ikonia, not that easy with xen
<ikonia> AdvoWork: really, I've never had an issue with it
<AdvoWork> how would I specify it then? instead of a mirror, in the /etc/xen-tools/xen-tools.conf? this is only what ive been told mind you
<ikonia> let me see if I can grab a read through the docs, I've not used xen for ages since kvm came usable
<ikonia> --mirror=/file/system/location/file.iso
<koolhead17> hi all
<AdvoWork> ikonia, ok cool, and one further thing, would it be this file? http://releases.ubuntu.com/lucid/ubuntu-10.04.3-server-amd64.iso
<ikonia> AdvoWork: that looks like the current 10.4 64bit iso
<AdvoWork> cool
<jamespage> hallyn_: yesterdays libvirt update looks to have fixed the spawning multiple machines with lxc error in nvoa
<jamespage> I've hit something racey on termination though - looking now
<AdvoWork> ikonia, and is that also still using debootstrap?
<ikonia> AdvoWork: I don't believe so
<AdvoWork> i can't seem to find an example or anything for using an iso instead, i know i can specify the iso file as you say, but it still asks in my xen-tools.conf  dist = whatever  which refers to a mirror, so i'd comment out the mirrors, but dont know about that bit, nor the debootstrap bit
<ikonia> AdvoWork: dies = lucid
<ikonia> not a mirror
<AdvoWork> dies? sorry i dont get you
<ikonia> AdvoWork: sorry, typo
<ikonia> distro=lucid
<AdvoWork> ahh, so really i'd comment out the mirrors, specify the new mirror for the iso, leave dist=lucid as it is?
<ikonia> thats how I see it
<AdvoWork> ok cool, and would i also comment out the debootstrap bit or not?
<ikonia> AdvoWork: have a quick read onthe docs, that's all I'm doing
<ikonia> I've not done this for years so just referencing the docs
<AdvoWork> if ive firstly done xen-create-image --hostname=whatever and then xm create /etc/xen/cfg/whatever.cfg   and now i want to change it, ive done xm destroy whatever, how do i undo the first bits? ie how do i properly delete the whole vm? i keeep reading steps that only seem to do the same as destory
<AdvoWork> ah that does work
<AdvoWork> just missleading
<koolhead17> RoAkSoAx: hey
<lynxman> koolhead17: pretty sure he's sleeping :)
<koolhead17> lynxman: hey. :)
<hallyn_> jamespage: yay (on the first)
<hallyn_> jamespage: by chance, are you getting msgs in syslog from ext4 on shutdown?
<jamespage> hallyn_, I don't think so
<jamespage> bug 868206 is the termination issue
 * hallyn_ goes to look, and wonders where the bot went
<hallyn_> jamespage: don't lie to me :)
<jamespage> ah - you mean on instance shutdown
<jamespage> they yes I do
<jamespage> it looked like the devices where getting unmounted or something before the lxc instances where actually terminated
<hallyn_> jamespage: can you try the trivial patch from bug 861656 ?
<jamespage> yes - just re-imaging now
<hallyn_> though really you're right, and we might ought to do it differently
<hallyn_> i dont' know if we add a wait on the container init, if we cna prevent the umount from failing in the first place
<AdvoWork> ikonia, ok, i downloaded the iso, set the mirror to the iso, commented out the other mirrors, created the vm, but still, man command is not found..
<ikonia> AdvoWork: did it go through an install process ?
<ikonia> AdvoWork: eg: ask you to create a username and password, partition the disk etc etc
<ikonia> ncurses based install routine
<AdvoWork> ikonia, no, it basically only asked me for the root password, so nothing else :S
<AdvoWork> so i dont know what im doing wrong?
<ikonia> then it's not using an ubuntu server iso
<ikonia> it's not even installing ubuntu
<ikonia> ubuntu doesn't have a root password set
<AdvoWork> no i mean, its asking me to set the root password
<AdvoWork> and to confirm it
<AdvoWork> thats the only thing it asked
<AdvoWork> just ssh'd into the machine, and cat /etc/issue shows Ubuntu 10.04 LTS \n \l  so its installed ubuntu, just not the right one?
<ikonia> AdvoWork: I don't know where it's getting the install from
<AdvoWork> nor me :/
<AdvoWork> whats wrong with using this base version, is it just not worth it?
<ikonia> well the fact that you don't know anything about it is what's wrong with it
<jamespage> hallyn_, no IO errors - but 4/6 did not complete termination according to nova
<jamespage> although no lxc instances where found on the hypervisor
<jamespage> running the terminate again did clear them
<jamespage> so I would say its better
<jamespage> hallyn_, then I looked at the console
<jamespage> lots of ext4 errors still :-(
<jamespage> no opps tho
<AdvoWork> ikonia, well i know its a base/bare system of ubuntu server, it appears to be ok from what ive seen so far, but i dont know whats not in it that should be
<ikonia> AdvoWork: well your missing packages, you've not got the sudo security model setup, so that's 2 core things which I wouldn't trust
<AdvoWork> how do you know ive not got the sudo security model setup? only wondering
<AdvoWork> can i not just do an update/upgrade?
<ikonia> AdvoWork: because you set a root password
<AdvoWork> dont you normally when you do a new server installation? its been a while since i did one
<ikonia> no
<Myrtti> Ubuntu doesn't have root password
<Myrtti> no matter what kind of installation you are doing
<ikonia> there should be no root password
<AdvoWork> hmm,in which case, im stuck then
<hallyn_> jamespage: eh that's just how ext4 rolls :)
<hallyn_> jamespage: can you pb some examples?
<jamespage> yeah - sure
<AdvoWork> ikonia, any further suggestions then?
<AdvoWork> ikonia, also just done uname -a which shows: Linux test-system 2.6.32-34-server #77-Ubuntu SMP Tue Sep 13 20:54:38 UTC 2011 x86_64 GNU/Linux  does that help at all?
<hallyn_> jamespage: still not seeing any here though fwiw
<jamespage> hallyn_, http://paste.ubuntu.com/702714/
<jamespage> sorry - got distracted trying out juju local lxc provider
<hallyn_> jamespage: how many were you shutting down?
<jamespage> 6
<hallyn_> ok
 * HarryPanda is looking for a simple package/upgrade manager, like Spacewalk, but for ubuntu
 * koolhead17 points HarryPanda to landscape
<HarryPanda> I'm trying the demo at the moment, quite slick - but I need *hands on*
<koolhead17> *Landscape
<koolhead17> HarryPanda: expalin handson
<koolhead17> *hands on"
<HarryPanda> source code, that I can tinker with
<koolhead17> HarryPanda: is Spacewalk free product?
<HarryPanda> yes
<koolhead17> or a Red Hat enterprise product?
<HarryPanda> it was a redhat enterprise product - their 'Satellite' network, and was only open-sourced reasonably recently
 * HarryPanda will look at 'landscape-common' package and see if anything interesting can be used
<jamespage> hallyn_, any idea why plymount --ping might hang? having trouble with juju lxc containers not starting up properly
<hallyn_> jamespage: no, i don't even know what that is.
 * hallyn_ checks the source
<hallyn_> jamespage: I assume the PLY_BOOT_PROTOCOL_SOCKET_PATH socket is not created.  Wonder waht creates that
<hallyn_> (abstrace unix socket \0/ply-boot-protocol)
<aliverius> does ubuntu run on i386 machines?
<hallyn_> jdstrand: quick question about the bash auto completions for virsh - is it better to have libvirt-bin drop those in, or to add it to the bash-completions package?
<genii-around> aliverius: Yep
<aliverius> ty
<genii-around> aliverius: We have a couple old 486DX machines here using 6.06
<jdstrand> hallyn_: while the bash-completion package does have a lot, in this case it feels more right to have whatever package ships the virsh command (libvirt-bin) ship it, especially if you expect it to change and are going to be maintaining it
<jdstrand> hallyn_: so, for Ubuntu, ship in libvirt-bin. when pushing that to Debian, the maintainer may decide bash-completion is better
<jdstrand> hallyn_: it would also make the most sense if upstream libvirt picked it up to ship it in libvirt-bin
<jdstrand> hallyn_: (that way we can always get their updates to it easily)
<hallyn_> jdstrand: yup, i'll definately send it to the list.  THough I want to fix up the container name completion first
<hallyn_> thanks
<jdstrand> cool. thanks for picking that up :)
<hallyn_> (right now i'm trying to build netcf :)
<rbasak> jamespage, Daviey or zul: around? I'm quite concerned about bug 868349. I can probably fix it quick but need help reproducing it - it doesn't in my dev environment running out of the source tree, and I don't know how to set up a working environment straight from the packages.
<jamespage> rbasak, I am
<jamespage> and where is the bot?
<rbasak> also, I don't know what to do with the bug metadata to indicate that I think it needs looking at immediately
<rbasak> (apart from Importance)
<jamespage> rbasak, working environment straight from packages - https://wiki.ubuntu.com/ServerTeam/Oneiric/OpenStackTestPlan
<jamespage> its all in one
<rbasak> ah yes, of course
<jamespage> rbasak, lemme tear down my test rig and I'll have a go as well
<jamespage> rbasak, I've added the server-o-rs tag to the bug report - that will get it on Ursinha and Davieys reports and visible
<Ursinha> yes sir
<f18> hi guys! which could be the reason for overwriting my /etc/apache2/ports.conf after every system restart (I'm using ubuntu 10.04)?
<f18> with the default ports.conf
<rbasak> jamespage: OK I've reproduced it
<jamespage> rbasak: sounds like something we really need to fix then
<jamespage> Can you marked it as confirmed and 'High' for importance
<genii-around> f18: Do you have a separate partition/mount for /etc ? It may be reading whats underneath before mounting happens
<f18> genii-around: no I don't, but the strange thing is that as far as I saw only to files are affected: the ports.conf and the sites-available/default
<f18> *two
<rbasak> jamespage: OK I've got a one line fix. The problem was a double close. What I don't understand is why I can't reproduce it in a test, but the fix is trivial. I'll keep trying the test for a bit.
<Jeeves_> Hi!
<Jeeves_> Has anyone here figured out a way to allow people to use vnc towards kvm-vm's via some kind of a proxy?
<Jeeves_> Via a webserver?
<Jeeves_> With password-authentication?
<rbasak> jamespage: I've attached a patch to the bug: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/868349/comments/4 - are you OK to update and upload from there, or would you like me to update the bzr branch and do a merge request? Only I know that time is critical and I don't want to make a mistake there.
<jamespage> rbasak: I'd prefer todo this through a merge request; I'm happy to upload but I would like smoser or zul to review
<rbasak> jamespage: OK, I'll prepare one now
<jamespage> rbasak, are you happy with what you need todo? i.e. branches etc..
<jamespage> btw - I just reproduced so pretty easy to test the fix
<rbasak> jamespage: yes - i'm branching lp:~ubuntu-server-dev/nova/diablo, right?
<jamespage> yep - thats the one
<rbasak> jamespage: shall I update backport-libvirt-console-pipe.patch or add a new patch?
<jamespage> rbasak, I would update that patch; patch upon patch is just going to get complicated
<rbasak> jamespage: trouble is that I now have a diff of a diff to look at which is quite confusing! quilt refresh has walked all over the patch as well. Is this OK - is this the normal way of doing it?
<jamespage> hmm - not sure quilt should have changed to much in the patch
<jamespage> I think zul already refreshed then against the diable codebase
<jamespage> diablo
<jamespage> can you push the branch and let me have a look?
<rbasak> I did: quilt push backport-libvirt-console-pipe.patch; quilt fold < /tmp/868349.patch; quilt refresh; quilt pop -a
<rbasak> OK will do
<rbasak> jamespage: what should I be pushing to? I tried ~racb/nova/diablo/868349 but got permission denied
<jamespage> rbasak, I think thats OK
<jamespage> (the use of quilt)
<jamespage> try ~racb/nova/868349
<jamespage> you can specify which branch to target when you generate the MP
<jamespage> at which point use ~ubuntu-server-dev/nova/diablo
<rbasak> Yep found it. https://code.launchpad.net/~racb/nova/868349/+merge/78284 - I hope that's right!
<jamespage> zul, smoser: any chance one of you can find the time to review ^^
<jamespage> or even Daviey :-)
<jamespage> rbasak, to complete the round trip the review.openstack.org change should be updated as well
<rbasak> jamespage: will do
<jamespage> that way the patch headers match up nicely - will keep reviewers more happy
<jamespage> rbasak, I'm eod - hopefully Daviey, zul or smoser will pickup and review
<jamespage> and we can upload am tomorrow
<rbasak> jamespage: OK, see you tomorrow
<jamespage> ttfn
<Toidi> Any idea on how I can figure out why Samba won't let me save a file as a guest (even though the guest account has R/W access to the shares). I can write a file as the gues account with no issues via ssh
<Toidi> I can write a file via notepad, but not illustrator or photoshop oddly enough. This is driving me mad hehe
<Guest27965> Hi everyone, I was looking for some help with powernap on ubuntu server.
<Guest27965> I have Apach2 running on the machine but its connecting via TCP6 which I am guessing the TCP monitor isnt catching
<Guest27965> I thought that I would have it run an IOMonitor for apache but that isnt working either.
<IdleOne> !google | test
<ubottu> test: While Google is useful for helpers, many newer users don't have the google-fu yet. Please don't tell people to "google it" when they ask a question.
<g0t_> Results for | test on Google:
<g0t___> Results for | test on Google:
<g0t___> --
<g0t_> --
<g0t__> Results for | test on Google:
<g0t__> --
<IdleOne> g0t_ g0t__  and g0t___  could you please disable that script in all Ubuntu channels.
<IdleOne> Tm_T: g0t____ has rejoined
<Tm_T> every keyboard action has a delay and possibility to be lost, nice
<Zanzacar> close
<Zanzacar> close
<Zanzacar> close
<dkn> could i create a raid 6 array, then mirror that array to another HD in raid 1 and just swap out the single HD on the other side of the raid 1 as my take home backup?
<dkn> i know it's not going to let me restore files or anything like that, but as a quick way to coordinate an off site backup?
<ikonia> dkn: I'd suggest having the two meta devices, then using a technology such as lvm to keep them in sync, assuming the sizes of the arrays are compatible
<dkn> hmmm
<dkn> what do you mean by two meta devices?
<ikonia> dkn: 1 raid6 meta device and 1 raid 1 meta device
<ikonia> (or the meta device and single hard disk)
<dkn> ya, i didn't know lvm let you manage sync, i just though it was a layer you could move things around on
<ikonia> you can "mirror" with lvm, so if you use it that way, it's a good otion
<dkn> would the lvm recognize the performance of the raid 6 over a single disk and prefer it?
<ikonia> dkn: your mirror the data within lvm it will use both
<dkn> but, for example, if you raid1 a SSD, and a HD together, it's going to prefer the SSD for reads, and the HD will be the bottleneck for writes
<dkn> will it do the same with lvm mirror?
<ikonia> it won't do that at all
<ikonia> if you raid 1 a device it will access the meta device not the individual hard disk
<dkn> raid or lvm?'
<ikonia> either
<dkn> really?
<ikonia> it will request info from the meta device, and the OS will offer the data from what it best can at that moment in time
<dkn> but i thought the meta device requested the info, and whatever disk provided it first it would ship it off, so the SSD would supply the data faster and that data would get sent as soon as it's available
<ikonia> you may get it for a read, but it still has to confirm the second disk is in a valid state
<dkn> mmm true...
<ikonia> eg: it needs to know both are in sync before offering the data or how does it know which one is valid
<dkn> bah...
<dkn> stupid bottlenecks
<dkn> it makes sense when you say it that way though
<ikonia> I don't believe it actually checks the data on both, mearly checks the device is marked as sync
<ikonia> I'm not %100 been a while since I looked really under the hood at it
<dkn> ya..
<ikonia> but that's still a read
<dkn> does the lvm mirror support hot swapping?
<ikonia> depends on the hardware
<dkn> ok, so i'm good them
<dkn> it's to bad mirror or raid 1 doesn't really come with any performance advantage...
<ikonia> why would it ? you're writing to 2 disks and constantly keeping them in sync
<dkn> cause i can either get a purchase order approved for the redundancy level we need, or the capacity we need, but not both..
<dkn> thanks for the help
<koolhead17> "Precise Pangolin"
<Takyoji> Anyone know a way to skip dpkg-reconfigure when installing a package that requires configuration; or some way to specify configuration values from a script?
<RobinBAwesome> pardon me
<RobinBAwesome> how do I specify what mirror does the first stage of pxe/netinstall gets used?
<RobinBAwesome> right now it always uses some archive.ubuntu.com mirror
 * patdk-wk finds it easier to just tell it to use a web proxy server
<RobinBAwesome> hmm
<RobinBAwesome> not a bad thought
<patdk-wk> as I'm running apt-cache-ng locally, it helps out :)
<patdk-wk> plus it autoconfigures apt to use that, on the installed system
<RobinBAwesome> it seems liek archive.ubuntu.com is hardcoded in a .c file
<patdk-wk> na, probably in the seed file
<RobinBAwesome> nope
<RobinBAwesome> set everything in preseed we could
<patdk-wk> odd
<RobinBAwesome> reading C code now
<RobinBAwesome> patdk-wk: this is stage 1 ... where it gets the intaller gets retrieved
<RobinBAwesome> patdk-wk: does your proxy server intercept traffic to archiv.ubuntu.com
<kirkland> RoAkSoAx: ping
<RoAkSoAx> kirkland: pong
<RoAkSoAx> kirkland: howdy man
<kirkland> RoAkSoAx: hey man
<kirkland> RoAkSoAx: i'm curious about ubuntu-natty-x86_64.seed in the orchestra source
<kirkland> RoAkSoAx: seems kinda outta place
<RoAkSoAx> kirkland: yeah I just saw it today too
<RoAkSoAx> kirkland: I'll get rid of it
<RoAkSoAx> kirkland: it's a leftover from preivous orhcestra
<kirkland> RoAkSoAx: okay, hold on
<kirkland> RoAkSoAx: i'll kill it
<RoAkSoAx> kirkland: ok
<kirkland> RoAkSoAx: i'm fixing a couple of bugs i hit with SpamapS last night
<RoAkSoAx> kirkland: the reconfigure one and the partition one?
<kirkland> RoAkSoAx: yup
<patdk-wk> RobinBAwesome, no, no need to
<kirkland> RoAkSoAx: reconfigure is committed
<RoAkSoAx> kirkland: ok cool
<patdk-wk> when you start the installer, it asks for a proxy server to use
<kirkland> RoAkSoAx: where's the seed that orchestra uses for non-juju installs?
<RoAkSoAx> kirkland: that's supposed to be the one which I was planning to rename and cleanup
<kirkland> RoAkSoAx: the one that was named: provisioning-server/var/lib/orchestra/kickstarts/ubuntu-natty-x86_64.seed ?
<RobinBAwesome> patdk-wk: do you know if the proxy server be set in the  kernel params?
<RoAkSoAx> kirkland: yeah, that's the only seed file that was there before I added the juju one
<kirkland> RoAkSoAx: okay
<RoAkSoAx> kirkland: but technically, the juju one will work
<kirkland> RoAkSoAx: there used to be one called ubuntu-orchestra-client.preseed
<RoAkSoAx> kirkland: uhmmm i might have got rid oof it by mistake
<RoAkSoAx> kirkland: but the juju one, the only difference is the cloud-init stuff for juju, which if it is non-existant, shouldn't affect
<RoAkSoAx> kirkland: http://bazaar.launchpad.net/~orchestra/orchestra/trunk/revision/239
<kirkland> RoAkSoAx: okay, cool
<RoAkSoAx> kirkland: yeah the ubuntu-orchestra-client.seed was an old preseed that should probably be dropped and just copy the juju one and remove the juju sepcific stuff
<RoAkSoAx> kirkland: my parking is expiring in 10 mins (im at my former school). I'll take care of it
<RoAkSoAx> as soon as I get home
<kirkland> RoAkSoAx: agreed
<kirkland> RoAkSoAx: i just called it "orchestra.preseed"
<PleXs> anyone known a descent web management tool voor samba file server?
<kaushal> Hi
<kaushal> is there a glassfish version 3 package available for 8.04 ?
<koolhead17> kaushal: is 8.04 anymore supported?
<kaushal> yes it is
<kaushal> I mean server
<Patrickdk> till 2013.04 :)
<Patrickdk> or is it 2013.10?
<kaushal> Patrickdk: yes
<kaushal> Any clue to my answer ?
<kaushal> i mean to my question
<Patrickdk> you don't know how to use apt?
<kaushal> http://pastebin.ubuntu.com/703055/
<kaushal> i dont see version 3 available
<Patrickdk> but as it's in universe, it's not supported
<kaushal> Patrickdk: are there deb packages available for 8.04 ?
<kaushal> I mean pertaining to version 3
<Patrickdk> how should I know?
<Patrickdk> there are no official, or any in the unoffical ubuntu builds
<Patrickdk> you would have to find someone that did it themselfs
<Patrickdk> I would suggest google
<kaushal> Patrickdk: i did it already
#ubuntu-server 2011-10-06
<Zanzacar> Hi does anyone have any experience setting up powernap configuration files?
<Zanzacar> I have checked out the config files, looked at the logs with verbrosity 3 setting on, and looked through the man pages but still can figure out whats going on.
<Zanzacar> Basically I have a ubuntu-server running to host .mp4 files to my roku ( pretty neat setup really ). I wanted to setup powernap to allow the server to only run while it is streaming the video
<Zanzacar> I set up the config file to not shut down while there is ssh=20, ftp=22, and http=80. That being said it still falls alseep while the movie is streaming. I noticed through netstat that my http is runing on tcp6 and not just tcp which I think might be part of it.
<Guest80136> Is anybody here faimilar with setting up SSL?
<twb> !any
<twb> !anybody
<ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<Guest80136> Alright, I have spent the past two or three hours trying to set up an https server. I have two virtual servers, one normal http, the other SSL. When I go to my website, using http, it works fine, but https doesn't respond. The error logs don't appear to offer any useful information. I  have googled for a similar problem, but just haven't found a solution.
<aliverius> Steve Jobs is dead
<Guest80136> ya, i just saw that.................
<Guest80136> crazy
<lajjr> kim0, are you online?
<twb> Guest80136: are you testing with curl -v?  If not, do so.
<Guest80136> Well, i just found out that my ssl server works fine, I can connect to it using openssl s_client -connect localhost:443.  But, I cant connect from the outside. Although I can connect to the http half
<twb> That sounds like a firewall issue
<Guest80136> Duh. I feel rather stupid. My router blocks it by default. Of course the problem would be the most obvious one. Thanks a bunch
<twb> No problem.
<Guest95876> Hello all!
<Guest95876> Is anyone willing to help with an eth0 not working problem?
<Guest95876> (that is if I have the correct channel this time)
<Guest95876> Erm, has anyone ears or mouths here?
<Guest95876> Hi, anyone on here?
<Guest95876> Hi!
<pdtpatrick_> Question .. is there a way to tell how long a service has been up with upstart?
<Guest95876> Well, here is the real question: eth0 does not show up in ifconfig, but lo and virbr0 does
<twb> Guest95876: ask "ip a" not "ifconfig"
<Guest95876> I do not remember creating a virtual bridge, though I may have started a headless virtual machine during a previous login
<twb> vbox probably did it
<Guest95876> asking "ip" only asks for options
<twb> That's why I said "ip a"
<Guest95876> ohh, I get the same, lo and virbr0
<twb> lspci | grep net
<twb> Make that lspci -nn | grep net
<Guest95876> lspci -nn | grep net gives nothing
<twb> Where do you think this NIC is, physically?
<Guest95876> nore does lspci | grep net
<Guest95876> pci
<twb> It's a PCI card?
<Guest95876> yes
<twb> Sounds like it's not seated properly
<twb> turn off the box, unplug and replug the card, wiggle it around a bit to make sure it's seated cleanly
<twb> If possible see if you can see it in the BIOS -- e.g. as "BBS-0" PXE boot
<Guest95876> hmmm, machine has not moved, and light is on, in the eth card
<Guest95876> ok, I'll reboot and check that out
<twb> Well, if lspci can't see it then it's not even a driver issue
<twb> THe kernel can't even see there's a device there
<Guest95876> I have modprobed during this boot, so I may have dissassociated it
<Guest95876> ?
<twb> Unless you've managed to unload the PCI bus driver, I don't see how that would affect lspci
<twb> I suppose it could be that there isn't enough power on the bus to drive the card, or just that the card is completely fucked, but has just enough smarts left to flash the blinkenlights
<twb> A mis-seated card is far more likely, though
<Guest95876> there is also modem card on pci though
<Guest95876> nothing shows up for lspci
<twb> If lspci (without the grep, I mean) doesn't print *anything*, then something is seriously wrong
<Guest95876> no, I was just being lazy, lspci give plenty
<Guest95876> I meant with the grep
<twb> Linux doesn't have drivers for most DSL and ATM modems
<twb> It should show up in lspci, but not be usable
<twb> grepping for "net" assumes you're talking about an ethernet (IEEE 802.1) card.  Otherwise, read the full lspci output and identify the card yourself
<Guest95876> its just good ole regular lan
<Guest95876> reseating the card now
<Tohuw> I've created a "public" samba share on my home server. My smb.conf: http://paste.ubuntu.com/703129/ Here's the problem: when I mount it via smbfs, it is owned by rtlkit:pulse. I suppose this is because the uid:gid of those is equal to the values of the user and group on the server who own the share. Is this correct? (e.g., on the server it's owned by smbguest:sambashare, and if that uid was 1001 and the gid is 1002, perhaps on my local system the
<Tohuw> uid of rtlkit is 1001 and the gid of pulse is 1002.)
<Tohuw> If that's the case, do I need to pass uid and gid params in fstab so it works as a public drive, or is there something I'm doing wrong in Samba?
<Tohuw> (Samba version is 3.5.8, btw)
<twb> Tohuw: that sounds right
<twb> Tohuw: if you want to do networked filesystems, you really need centralized users and groups
<Guest95876> Turns out its not PCI, its directly on the motherboard
<twb> Guest95876: OK, then check if it's enabled in the BIOS
<Tohuw> Yeah, I was mucking in ldap and then my vision started getting blurry and I discovered some previously unearthed four letter words, so I haven't gotten bakc to htat yet.
<twb> Guest95876: if it's an x86 motherboard it's probably using PCI or PCI-E as the backplane, so it should still show up in lspci
<Guest95876> OK
<twb> Tohuw: if you are in a hurry and you only have two hosts, you can monkey around to manually sync some of the IDs
<Tohuw> twb: that's evil. I like it in this case though
<twb> Tohuw: e.g. on my laptop I changed me UID from 1000 to 1087 so I could more easily mount NFSv3 servers at work, where twb is 1087
<twb> Tohuw: it's certainly not a sustainable long-term solution
<Tohuw> Aye
<Tohuw> I have a few hosts here too :(
<Tohuw> So I can't really change it for every single one
<Tohuw> I suppose I could remove the write list parameter from the share
<Tohuw> or, do I need to use a wildcard for it instead of removing it
<Tohuw> I was hoping it would auth against the server accounts
<twb> auth is separate from making the IDs match
<Tohuw> twb: every user connecting to the server has an account on the server; here's my fstab, for instance: http://paste.ubuntu.com/703135/
<Tohuw> oh
<twb> You probably shouldn't be using btrfs in production at this time, either
<Tohuw> so even though you auth as a user on the server with write access to the share, you still can't write to it because of unsync'd ids?
<twb> And you might as well take pass out, since there's no btrfsck yet
<Tohuw> Yeah, this is my test server; I'm just playing with it.
<Guest95876> BIOS shows that it is enabled, but does not show whether it is recognised or not
<twb> Guest95876: then I dunno what's happening
<Tohuw> "take pass out": remove the 0 entirely?
<Guest95876> k, thx anyways
<twb> Tohuw: the 0s are dump, not pass
<twb> Tohuw: set both to 0 for btrfs
<Tohuw> oh, ha, I just noticed that was set to 1 0
<Tohuw> That's why I was confused
<Guest95876> guess i'll try a second ethernet card, may be fried...
<twb> Guest95876: certainly an immediate workaround is to just go buy a PCI-E NIC and slap it in there
<Tohuw> errr, 0 2... what is wrong with my brain today
<thevinci> Can any one help a first time server set-up?
<twb> !anyone
<ubottu> A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<thevinci> Been using Ubuntu desktop for a few years now, and I'm trying to set up a server in my home now.
<thevinci> Well, I've got 10.04 LTS server installed. that was easy. I want to set up the server as a file share for the household, and hopefully to stream movies to our X-box 360.
<gadgetdevil> I recommend not using Ubuntu Server. There is nothing special about Ubuntu Server that you can't not achieve with Ubuntu Desktop. Ubuntu Server is simply a striped down version of Ubuntu Desktop to make it a more viable mass-deployment & production solution
<gadgetdevil> Check out the Amahi Home Server project
<twb> gadgetdevil: er, ubuntu server isn't "stripped down"; all ubuntu versions back onto the same package archive, the onl difference is the preseed file (which mainly governs the packages installed by default).
<thevinci> Well, I've already got it on there, and I'm fairly familiar with the command line. we have no reason for a GUI on the server
<gadgetdevil> twb: that is what I mean by stripped down, it doesn't ship with extra packages
<twb> thevinci: right; we discourage installing a GUI on servers
<thevinci> When I installed, it gave me a list of server 'set ups' (I'm guessing?) to choose from, I picked "Samba" since we have a mix of Ubuntu and windows/microsoft here
<gadgetdevil> thevinci: use sudo tasksel to quickly install software stacks
<thevinci> was that correct?
<twb> thevinci: that was called "tasksel"; you can re-run it whenever you want.  What you should install depends on what you want to do.
<twb> thevinci: as for the 360, I think you need to install some DLNA shit, as it doesn't even speak regular CIFS
<thevinci> twb: I can install that using tasksel?
<twb> AFAIK, no
<twb> You want to use aptitude or apt-get or some other package manager
<twb> tasksel is a "high level" wrapper for those
<thevinci> ahh, alright
<thevinci> and I suppose I will have to add the repo's manually first?
<twb> Assuming DLNA is what you want, "apt-cache search dlna" only turns up GUI things and minidlna, so I guess I would be looking at that
<gadgetdevil> mediatomb is available in the Universe repo and is DLNA compatable
<twb> thevinci: /etc/apt/sources.list should already have Ubuntu entries in it
<gadgetdevil> I use minidnla with my PS3 and it works excellently.
<twb> Ah, mediatomb only mentions upnp not dlna
<twb> Maybe I should "apt-cache search upnp" instead
<Patrickdk> I never found a dlna server I liked
<twb> Patrickdk: well, DLNA and UPNP are ridiculous protocols
<Patrickdk> just use the built in mythtv one now, for the rare times I use it
<Patrickdk> normally I just browse a cifs share
<Tohuw> twb: After mucking around a bit with my Samba permissions issue, I decided to just pass uid and gid params in fstab corresponding to my user on this system. Now I can write to everything below the top level, so at least it's a major step up.
<twb> Tohuw: hmm, I didn't think you could do that
<twb> Tohuw: I though uid/gid forcing was only available for FAT
<Patrickdk> twb, well, upnp was made by microsoft, I think, so that explains it
<thevinci> ok, I'm going to research some of this stuff. thanks guys. its a start
<Tohuw> twb: nor did I :)
<twb> Patrickdk: yes, upnp is basically mdns/dnssd, except using HTTP instead of DNS
<Tohuw> twb: oh, you can force uid and gid on non-fat things. I just didn't know you could do that with CIFS
<twb> Shrug
<twb> Good to know
<thevinci> when I try to use "tasksel", after I choose the software I want to install, it gives me, 'tasksel: aptitude failed (100)'
<thevinci> what gives?
<twb> did you run it as root?
<thevinci> sudo tasksel
<thevinci> sudo = temporary root privlages as far as i understand
<twb> Then I dunno
<twb> maybe because you're also running aptitude as root elsewhere?
<thevinci> would 'top' show me if that is so?
<jmarsden> thevinci: ps -C aptitude      # might be quicker and more to the point :)
<thevinci> that shows me 'PID TTY      TIME CMD'
<jmarsden> thevinci: So you don't have an processes named aptitude running.
<thevinci> jmarsden: not that I can see
<jmarsden> OK.  So, does aptitude work fine "on its own"?  Does    sudo apt-get update        # work fine, for example?
<thevinci> yes
<jmarsden> Or   sudo aptitude update    if you prefer.
<thevinci> and I just did sudo apt-get upgrade like 20 minutes ago and It was just fine
<thevinci> mind you, I JUST installed this last night, so maybe I'm missing some packages????
<jmarsden> thevinci: OK, so as a workaround, you can do   tasksel --list-task YOURTASK     and then use apt-get by hand to install them.
<thevinci> well, I haven't the foggiest what I did, but tasksel just started working...
<thevinci> I'll bet it's because I uncommented some repo lines in my apt/sources.list
<thevinci> then checked if sudo apt-get update worked like u asked.
<Zanzacar> !poll
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
<Zanzacar> I am looking to configure powernap config file and seem to be having a hard time with IOMonitor, can anyone help with that?
<thevinci> I'm having a really hard time understanding how to get my server started. can anyone point me to a good starting point?
<thevinci> I'm wanting it to be a storage and file sharing center for my house. we have 2 ubuntu laptops, and one Win 7 laptop. also, an xbox 360 that I would like to stream movies and music to.
<twb> thevinci: hit the power button on the front
<Tm_T> forgot the hat, sorry
<Zanzacar> thevinci: I recently did this myself I would be more the happy to show you everything
<Zanzacar> the vinci left :( I was going to help him
<trapmax> faq for converting from physical install to virtual?
<lynxman> morning o/
<jamespage> morning lynxman
<lynxman> jamespage: good morning sir :)
<CluelessPerson> Can someone help me?  For some reason my apache just displays "It works!" the default page instead of a directory list or index of the the directory...
<CluelessPerson> Does anyone know how I can make it show the index of that particular directory?
<ikonia> you need to enable indexs or remove the index page
<CluelessPerson> ikonia, How do I do that?
<ikonia> CluelessPerson: first thing is to remove the index page in your web root
<CluelessPerson> ikonia,  There is no page in the directory, it's empty
<CluelessPerson> ikonia, http://kingkept.cluelessperson.com/
<CluelessPerson> there is no index page in that directory.
<ikonia> CluelessPerson: there is a page, that messsage is created from an index page
<ikonia> CluelessPerson: where are you looking ?
<CluelessPerson> ikonia, the directory the apache site is directed to, but it's using the apache default page when an index page isn't found.
<ikonia> CluelessPerson: what directory are you looking in
<CluelessPerson> ikonia,  I'd like to allow that for other pages, but here in this directory, kingkept, I want the index to show.
<ikonia> CluelessPerson: what directory are you looking in
<CluelessPerson> the directory that the actual webpages would be stored by the user.
<ikonia> CluelessPerson: what directory are you looking in
<CluelessPerson> ikonia, /media/first.storage/kingkept/web/
<ikonia> CluelessPerson: could you please paste the apache config for that site (please use a pastebin)
<CluelessPerson> http://paste2.org/p/1692615
<CluelessPerson> ikonia, ^
<ikonia> CluelessPerson: your missing option "Indexes" what happens if you put an "index.html" page in that document root
<CluelessPerson> ikonia, I've tried several variations, including putting an .htaccess file in the directory.
<CluelessPerson> ikonia, I followed a tutorial's instructions and removed it, it probabaly wouldn't load any default webpage, like main.html, index.html, etc.
<ikonia> CluelessPerson: can you show me the tutorial you're following please.
<ikonia> CluelessPerson: ubuntu has a non-standard apache layout for it's config, I suspect this tutorial has not accounted for that
<ikonia> (which may account for your issues)
<CluelessPerson> ikonia, I've followed several to no avail.
<CluelessPerson> ikonia, one moment while I gather links
<CluelessPerson> http://ask.metafilter.com/87072/Why-is-Apache-not-listing-any-files-in-an-open-directory
<ikonia> CluelessPerson: the config you've just shown me for your domain, in what file have you put that ?
<CluelessPerson> http://httpd.apache.org/docs/current/mod/mod_autoindex.html
<CluelessPerson> ikonia,  /etc/apache2/sites-available/
<CluelessPerson> kingkept.cluelessperson.com
<ikonia> CluelessPerson: so that's a new file in that directory
<CluelessPerson> yes
<CluelessPerson> linked to the sites-enabled.
<ikonia> CluelessPerson: did you follow this through by any chance ?
<ikonia> https://help.ubuntu.com/10.04/serverguide/C/httpd.html
<CluelessPerson> ikonia, No.
<ikonia> CluelessPerson: ok - that is %100 worth walking through to make sure your domain is setup well
<CluelessPerson> ikonia, Agreed.
<ikonia> CluelessPerson: as a tip, using the official ubuntu docs on https://help.ubuntu.com is always a good starting point
<ikonia> CluelessPerson: it looks like you're in the ball park, but rather than trouble shoot, verify against this document then we can move forward
<CluelessPerson> ikonia, I can be quite misguided sometimes
<CluelessPerson> ikonia,  SIR! :D
<ikonia> CluelessPerson: it's not an issue, but it's worth bookmarking https://help.ubuntu.com
<ikonia> CluelessPerson: it's normally got sane and useful advice/guides on it for most common stuff
<CluelessPerson> ikonia, Yeah, no dice for me.
<CluelessPerson> just shows the annoying "it works!"
<ikonia> no dice ?
<ikonia> ok, so there is the test
<ikonia> in the document root put the file, "test.hml" and put any html content in it you want, just saying "test" for example
<CluelessPerson> ikonia, okay.
<trapmax> how to convert lvm2-root partition to kvm-guest virtual disk root-partition?
<CluelessPerson> ikonia, done
<ikonia> does it work ?
<ikonia> trapmax: you won't be able to do that as the guest will have no knowledge of the lvm structure
<ikonia> trapmax: you could present the lv as the root file system for the guest though
<CluelessPerson> ikonia, no
<CluelessPerson> ikonia,  Sorry man, I have to get some sleep.
<CluelessPerson> ikonia, Thanks for the help though.
<ikonia> CluelessPerson: at least we know it's your domain config
<ikonia> it's not looking in that document root
<ikonia> CluelessPerson: I believe I know what's happening :)
<ikonia> should be quite straightforward to confirm
<trapmax> ikonia: k. going to try that
<JadedJacob> Hi.
<JadedJacob> Just setting up Ubuntu server 11.04
<JadedJacob> I also ticked 'open SSH server' and 'LAMP'
<JadedJacob> was wondering if anyone had any experience with setting up imagemagick
<jfb_h20> apt-get install imagemagick
<JadedJacob> heh sweet, so much easier than window
<JadedJacob> *windows
<JadedJacob> ok, how about setting up a ftp server?
<Myrtti> is there a specific reason why you need ftp server?
<JadedJacob> I'm running ubuntu server as a virtual machine using virtual box
<Myrtti> I tend not to recommend it unless there are some client applications (like webcams etc) that have no other option
<Myrtti> ssh server can IMO be configured so that it allows only sftp, not ssh logins
<JadedJacob> cool
<JadedJacob> I'll look into it
<Myrtti> I've not done it myself but will look into it myself sometime soon, I personally think FTP has very limited amount of viable use cases nowadays
<jamespage> rbasak, I just tested and uploaded your nova changes; pending release team review
<rbasak> jamespage: thanks!
<AGirlyGirl> Hi
<AGirlyGirl> Second attempt at IRC
<AGirlyGirl> not sure if anyone is here?
<GirlyGirl_> Hi everyone
<GirlyGirl_> Possibly quick question... I've changed the owner:group of some directories and was wondering if anyone happens to know where this original owner information might be stored
<_ruben> GirlyGirl_: there's no "history" for such commands, if you change owner, there only way to revert that is knowing what the previous owner was and change it to it manually
<GirlyGirl_> _ruben oh no
<GirlyGirl_> there is no record of uid's that have been assigned?
<GirlyGirl_> there's absolutely no way?
<_ruben> only the current state is known, not the previous one(s)
<GirlyGirl_> okay, thanks for your answer.
<ersi> GirlyGirl_: Well, all UIDs are present in /etc/passwd. But not historically, for files.
<GirlyGirl_> mmm, yes, that's user id
<GirlyGirl_> but the way these directories were created, they don't actually create users
<ersi> directories never create users :)
<GirlyGirl_> I'm stuffed.
<ersi> Just meant that if you have a weak idea of who/what might have owned it earlier, but not sure who - then /etc/passwd and /etc/groups can be useful
<GirlyGirl_> they were all assigned 4 digit numbers
<GirlyGirl_> ####:sites
<GirlyGirl_> i know the sites bit
<GirlyGirl_> but i changed some...er all of them... to jail some of our users to the /home folder.
<GirlyGirl_> the trouble is that now they have problems uploading new files
<GirlyGirl_> so i thought i might back out of what i did.
<ersi> Oh, dang.
<ersi> Well, unless you've manually sat those before.. so it's stuck in your shell history..
<GirlyGirl_> no, they are automatically generated through the control panel (I'm guessing that's how it works) --- obviously new to the server stuff. but learning.
<patdk-wk> heh, shell history never works for me, cause I always have several sessions at one, and only the last one to exit gets saved
<ersi> Most likely, yeah'
<patdk-wk> see if the control panel has a history?
<patdk-wk> the control panel I made for stuff like that, works on a database, so the database has a history of that kind of stuff
<GirlyGirl_> @patdk-wk hmm, that's interesting. i'll see if i can do just that
<jason_> Does anybody have any idea how I could possibly obtain an Ubuntu 10.04 PPC chroot?
<jason_> I was hoping someone might be hosting it somewhere for the 10 people in the world who might want it...
<RoyK> http://apina.biz/46419.png
<trapmax> =)
<raubvogel> Package version number question: if the nfs server package in Fedora is 1.1.5-6, what would be the equivalent for ubuntu?
 * ogra_ points to launchapd
<raubvogel> ogra_: I know it was a stupid question. Kinda like the why I can do things in the Fedora nfs but not in ubuntu.
<RoyK> lol http://boingboing.net/ <-- new theme today :)
<hggdh> hallyn_: can you have a look at bug 868753 later on? Seems a regression
<caribou> kernel question : what is the best practice wrt kernel versions in, say Lucid LTS for example
<caribou> there is 2.6.32, 2.6.35 and 2.6.38 based kernels
<caribou> should the most recent 2.6.38-based kernel be preferred ?
<smoser> jamespage, thank you for testing rbasak 's merge.
<jamespage> smoser: np - it was starting to annoy me as I could not shutdown any instances!
<smoser> why?
<smoser> the ring buffer one ?
<smoser> jamespage, have you seen http://devstack.org ?
<smoser> its the new novascript
<jamespage> OK -so I could shut them down - but they did not disappear from describe-instances
<jamespage> I was just reading
<JoeyJoeJo> I'm trying to install cassandra but I'm getting this error. "Package cassandra is not available, but is referred to by another package."
<jamespage> JoeyJoeJo, where are you getting your cassandra package from?
<JoeyJoeJo> jamespage: I ran 'sudo apt-get install cassandra'
<jamespage> JoeyJoeJo, there is currently no cassandra package in Ubuntu - you can however use the upstream .deb's
<jamespage> http://wiki.apache.org/cassandra/DebianPackaging
<jamespage> 'but is referred to by another package' - not seen that one before
<JoeyJoeJo> thanks!
<smoser> hallyn_, around ?
<hallyn_> smoser: what's up?
<smoser> ok.
<smoser> so i'm probably doing this wrong
<smoser> but in my /etc/fstab, i have a line like: "none /cgroups cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0
<smoser> "
<smoser> on boot, libvirt-bin is up, but /cgroups is not mounted
<smoser> so i have to do the 'sudo libvirt-bin stop; sudo libvirt-bin start'
<smoser> but the start takes minutes
<smoser> oh, and before doing that i have to manually 'sudo mount /cgroups' (i'm not sure why it doens't get mounted)
<smoser> so hallyn_ the 2 things are A.) why does /cgroups not get mounted on boot, and B.) why is libvirt-bin taking ages to start.
<hallyn_> I don't know a).  it looks like it should work
<hallyn_> if you umount /cgroup; mount -a, does it show back up?
<hallyn_> why don't you strace the start?  I've not seen that happen, curious to see where it's spending its time
<smb> zul, I moved assignment of bug 854829 to you for doing any xen package changes at your leisure.
<smb> ubottu, bug #854829 ?
<adam_g> rbasak: ping
<rbasak> adam_g: pong
<adam_g> rbasak: hey! that patch for Bug #868349 seems to work great here, is there a pending package upload with that fix?
<adam_g> rbasak: nvm, i see the merge request onw
<jamespage> adam_g, yes - its waiting for review ATM
<rbasak> No problem, sorry for the error in the first place - my test environment based on the source tree rather than the package still works fine for some reason. I think it's pending approval from the release team.
<adam_g> ah cool! no problem, thanks guys
<hallyn_> smoser: I can't reproduce, with your exact fstab entry, mount -a mounts /cgroup
<hallyn_> (and reboot also mounts it)
<smoser> hallyn_, it doesn't do it here.
<JadedJacob> is it risky downgrading php from 5.3 to 5.2?
<JadedJacob> I'm running ubuntu server
<TheEvilPhoenix> JadedJacob:  why would you need to downgradeE?
<TheEvilPhoenix> downgrade*
<JadedJacob> because I want to use a script that requires zend optimizer
<hallyn_> smoser: you didn't answer about mount -a
<smoser> hm.. it does not do it.
<smoser> htat is strange. manual 'sudo mount /cgroups' does
<smoser> hallyn_, its strange
<hallyn_> does your kernel not support some of the cgroups you list?
<patdk-wk> JadedJacob, heh, zend optimizer thing made me made, but there is always ioncube :)
<smoser> i lsot my history, but when i ran 'mount -av' initially, it said "already mounted". but /proc/mounts did not have it.
<smoser> but now i've done something and it seems to work
<lynxman> SpamapS: ping
<hggdh> Daviey: we just found a potential issue with i386, at least the minimal install
<hggdh> Daviey: udev startup fails because there is no dbus installed; as a result, the system remains with a RO root filesystem, and does not complete boot
<JadedJacob> I'm running ubuntu 11.04, php 5.3, can someone help me downgrade to 5.2?
<its> hello
<its> Im having some trouble setting a static IP using the GUI. Should I just use /etc/network/interfaces instead?
<its> anyone alive in here? :P
<patdk-wk> hmm, gui isn't server, try #ubuntu?
<its> oh shit
<its> well, I installed X11 and gnome and all that so I could get a desktop.
<its> I am on Ubuntu server edition, though.
<patdk-wk> those aren't part of server edition, so we have no idea how they work
<its> Do you just CLI?
<patdk-wk> none of my *servers* have screens, so yes
<its> Like, no desktop enviornment on server edition?
<its> Interesting.
<patdk-wk> none of my servers have keyboards also
<its> But, all the dotfiles and all the /etc/ should be the same for us, right?
<patdk-wk> just a big pile of cpu, ram, and disks
<its> Well, this server won't either. I'm just setting it up as a router that sits on the edge of the network.
<patdk-wk> setting an ip in /etc/network/interfaces and in the gui are totally different, and are not compatable with each other
<its> One port is public/DHCP and the other port is private/static
<its> hah! alright, so that's why...
<its> No more gui config-ing for me, then.
<patdk-wk> well, I think it's just not compatable on a per interface level
<its> right
<patdk-wk> but well, I don't play with it, so :)
<its> I was experiencing problems with the gui but what you're saying makes perfect sense.
<its> after I get this thing configured its going in the rack/
<its> Without a screen and without a keyboard, all that.
<its> have you set up a static IP on your box before?
<its> if so, how?
<its> through /etc/network/interfaces?
<qman__> its, please read the server guide, this is covered in extensive detail there
<qman__> also, if you installed NetworkManager, uninstall it, as it _will_ break your configuration
<qman__> installing X on your router is a bad idea
<qman__> being the device with the most exposure to the internet on your network, it should have the least possible amount of software installed to do the job
<its> qman_ you're right
<its> where is the server guide?
<its> and what is the pkg name for network-manager?
<its> I found the guide. Its in the topic.
<JadedJacob> Man I give up trying to downgrade
<JadedJacob> I'm going to do a fresh install
<JadedJacob> Is it possible to setup a new install of ubuntu server, with a lamp server running php 5.2? (not 5.3)
<its> Package network-manager is not installed, so not removed
<its> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
<smoser> hallyn_,
<smoser> so, debugging a bit.
<smoser> i'm still not sure why /cgroup is not getting mounted.
<smoser> but my 'init libvirtd-bin start' takes 2 minutes due to libvirt-cgconfig-wait
<JadedJacob> cya
<hallyn_> smoser: you have cgroup-bin installed?
<its> ubuntu doesn't use linux 3.0 yet?
<lynxman> its: it does in the new about to be released version 11.10(oneiric)
<its> when that comes out, a simple apt-get update upgrade command will install it?
<hallyn_> its: no, you'll need to do do-release-upgrade
<its> anyone have a date of when that's expected?
<genii-around> Oct 13
<its> my birthday :)
<Daviey> hggdh: geez
<Daviey> hggdh: when was this introduced
<Daviey> ?
<hggdh> Daviey: I do not know; for some time now, we have been having eventual failures on the test rig; re-running the test would usually succeed.
<Daviey> hggdh: the CI tests didn't spot this?
<hggdh> Daviey: yes, they did; but the end result is boot does not complete, and at this point in time, nobody would be near to see it; and, again, re-running the tests would work most of the times
<smoser> hallyn_, bug 869364 explains my problem.
<hggdh> Daviey:  yesterday I tried to connect, using virt-manager, to one such instance -- and found another bug, now on libvirt, it seems...
<hggdh> and today jibel_ was able to connect, and found that udev seemgly did not start
<Daviey> hggdh: are you tracking the other udev issues?
<Daviey> ergo, udev is a mess.
<hggdh> Daviey: no, I *was* not. Now, I guess, I will ;-)
<hggdh> Daviey: note that this seems to be rather pretictable nowadays only on the minimal virtual install
<Daviey> hggdh: bug 818177
<Daviey> bug 862823
<Daviey> and potential, 790712
<jamespage> bah - where is that bot?
<Daviey> err, last one should be bug 801494
<Daviey> jamespage: he needed a vacation.
<Daviey> adam_g: Are you going to drive bug 850880?
<hggdh> Daviey: in this case, per jibel_, udev fails to open a session to dbus, and dies. jibel_ tried some boots, same error; then he installed dbus, and tried again, it worked
<hggdh> Daviey: but I tried it with dbus installed, fails the same. It really smells like a race
<Daviey> hggdh: interesting, perhaps jibel_ should talk to jhunt tomorrow.
<hggdh> Daviey: end result -- i.e., visible result is boot failed because / is RO
<Daviey> jamespage: perhaps nova wants, 838581
<Daviey> and 859679
<smoser> where is our beloved mup
<smoser> Daviey, had you seen this: https://bugs.launchpad.net/nova/+bugs?field.tag=diablo-backport
<Daviey> smoser: ofc :)
<smoser> those are bugs that vishy tagged as relevant for diablo-backport
<smoser> there wer e2 guys from Quanta Research at openstack summit that tbug 838581 was affecting.
<Daviey> smoser: that sounds like the bug which makes nova-api suck, no?
<smoser> i cherry picked the upstream commit reported to fix it but have no way of testing
<Daviey> smoser: You have done that, or you will do that?
<smoser> well, i thought i had
<smoser> but i realize now tha ti had left the patch out of the ocmit
<Daviey> If it's the nova-api sucking issue, it's pretty easy to reproduce in the lab
<Daviey> I bet smoos doesn't have the issue
<Daviey> smosos
<RoyK> what would be a good threshold for drive temperature alerts?
<Daviey> 0 C would be alarming
<smoser> -273 also
<hallyn_> smoser: are you there?
<Daviey> hallyn_: How are things looking?
<hallyn_> Daviey: terrific :)  except for udev
<Daviey> hallyn_: the udev story only gets worse.
<hallyn_> tmpfs anyone?  :)
<hallyn_> Daviey: are more ppl reporting bugs?
<Daviey> hallyn_: don't worry, you'll awake in 10 years time - in the shower, and it'll all have been aa dream.
<ersi> RoyK: Around 30-40C?
<smoser> hallyn_, here.
<smoser> Daviey, look at that bug
<smoser> https://bugs.launchpad.net/nova/+bug/838581
<Daviey> yeah?
<hallyn_> smoser: i did.  i don't think the package can do anything about that
<hallyn_> i'm testing to make sure it hasn't changed, but it used to be, once you composed cgroups, you couldn't mount them under different compositions
<Daviey> ersi: my laptop hd temp is 36 C at normal use.
<janesays_> ubuntu + openssh is the most failest thing ever.
<Daviey> janesays_: incorrect.
<smoser> i just pushed a branch to https://code.launchpad.net/~smoser/nova/lp838581 that cherry picks the upstream commit that reported to fix the bug.
<smoser> https://github.com/openstack/nova/commit/d6b460e2e87e573500f6b521939895c6d93f5fdf
<smoser> but then, there is  a new branch linked to that bug
<Daviey> smoser: your award will be in the post shortly.
<smoser> which seems to me to be a sane fix
<smoser> http://bazaar.launchpad.net/~rackspace-titan/nova/eventlet-sqlalchemy-locking-lp838581/revision/1527
<janesays_> I get the same roaming not allowed by server request and I did all the fixes online
<janesays_> http://pastebin.com/ubc3tFsT
<janesays_> it only works for one of the computers, another account has no problem
<janesays_> and can ssh directly into the host, but not from the main host to the secondary
<smoser> janesays_, read at http://www.snailbook.com/faq/trusted-host-howto.auto.html
<smoser> look for roaming
<smoser> its a server setting, and your "main host" probably isn't reverse lookuping correctly.
<zul> smoser: the award will be in a shape of a cookie
<hggdh> Daviey: I could reproduce a udev issue on boot on a KVM install of minimal-virtual
<smoser> Daviey, please look at that bug, and the "rackspace-titan" commit also.
<smoser> to me, the rackspace-titan fix seems more sane, but i admit to not really knowing what all is happening in either one.
<smoser> i'll be back in ~ 1 hour. Daviey and then i'll go looking in #openstack for some racker help.
<smoser> https://launchpad.net/~rackspace-titan/+members#active
<Daviey> smoser: wait, https://github.com/openstack/nova/commit/d6b460e2e87e573500f6b521939895c6d93f5fdf looks like just slashing code out?
<hallyn_> Daviey: my vaio sits at 67 degrees at idle :)
<Daviey> hallyn_: Careful, i burned my leg on an old laptop.
<koolhead17> cookies
<utlemming> hallyn_: when I was in school, I had a laptop that would get to 63C during the summer months. The max the chip was rated was 65C. So every couple hours I would have to shut it down, and put it in the fridge for a half hour or so just to get my home work done.
<zul> smoser: that patch looks sane
<RoyK> anyone here that uses backblaze.com for backups?
<hallyn_> utlemming: 69 is the low point, it often runs at 94C while a do a build
<utlemming> perhaps the freezer over the fridge. What's your chip rated for?
<hallyn_> bios takes actions at 94 and 98
<hallyn_> 98 = shutdown
<RoyK> 97ËC is rather high
<Daviey> i'd quite like to boil water on my laptop
<hallyn_> she cannot do any more, capn!
<RoyK> hehe - no problems if you spill water on it - the water will just steam away :D
<utlemming> nothing like the smell of hot silicon
<utlemming> RokY: although you might fracture the chip due to the rapid cooling
 * RoyK just setup this home server with four WD Black drives and they tend to get a bit hot.....
<RoyK> utlemming: indeed
<RoyK> perhaps I should use greens - lower spin, but still sufficient for my use
<qman__> so things haven't changed
<qman__> every time I've compared int he past, seagates ran about 10C cooler than WDs of similar performance
<ramy_d_> hi i'm having an issue when my server boots
<ramy_d_> it doesn't turn on the eth0 device, I can turn it on however if i run sudo ifconfig eth0 up
<ramy_d_> i'm wondering if throwing the command in /etc/rc.local will fix my problem
<ramy_d_> or if i should be looking for another solution
<qman__> ramy_d_, your /etc/network/interfaces is probably not configured correctly
<ramy_d_> thanks, i will make a note and look into it
<smoser> Daviey, right.
<RoyK> at what temperatures will a drive find itself in a bad mood?
<RoyK> I have some closing to 60ËC
<janesays_> smoser, I think I broke it worseâ¦ o_O
<smoser> what i think the one that went into trunk does is remove the pool of things that could have caused the race, meaning there might now only be one?
<smoser> the patch in the ~rackspace-titan tree seems to just synchronize each function
<smoser> which seems more sane.
<genii-around> RoyK: Thats pretty high. I think most state their operating temps around 40-45 C
<smoser> but the one is in trunk
<Daviey> smoser: if you prove it solves a bug, and doesn't regress - lets go for it.
<RoyK> http://paste.ubuntu.com/703566/
<smoser> Daviey, i've not esen it, but i can try to reproduce and see if change affects it.
<Daviey> smoser: next week, we should try and validate keystone and dashboard works.
<genii-around> RoyK: Is it SCSI?
<Daviey> smoser: So if it solves the bug that was concern me, was slow (or failed) concurrent instance start.
<Daviey> nova-api getting abused.
<RoyK> genii-around: sata
<janesays_> http://pastebin.com/D7jr6UmA   o_O
<janesays_> now root is instead sending its own key and not forwarding mine o_O
<Takyoji> any way to detect a kernel panic or similar in log files?
<Takyoji> I'm working on a system remotely via SSH, and it just suddenly becomes completely unresponsive via the network after a couple minutes or so
<Patrickdk> by definition, no
<Patrickdk> if the kernel panics, normally that means logging isn't working anymore
<Takyoji> so how will I be able to troubleshoot it whatsoever? xP
<Patrickdk> uptime would tell you if the system rebooted
<Takyoji> it's not automatically rebooting though
<Patrickdk> if it did panic, and you set it up to dump ram to swap drive, it would recover it on next boot
<Patrickdk> serial console?
<Patrickdk> kvm over ip?
<Takyoji> I don't have that as an option currently
<Takyoji> So by nature of a kernel panic, it would automatically reset the system?
<Patrickdk> depends what you told it to do, and how *operational* the panic is
<Patrickdk> default is to not reboot
<Patrickdk> sysctl kernel.panic = ?
<Takyoji> ahh
<Takyoji> all I know is that it's a Trixbox installation: http://fonality.com/trixbox/downloads
<Takyoji> and I'm not sure how things are configured by default as of Trixbox
<Takyoji> on the next time it's restarted I can check the value
<linty_> i need help please. i've installed a lamp stack via tasksel. and for some reason php won't process. when you go to http://184.106.225.233/info.php it just wants to download the file instead of display it in the browser?
<linty_> sorry. the beginning of what i typed above didn't post. i installed lamp via tasksel
<Takyoji> is the Apache PHP module even active?
<Takyoji> a2enmod php5
<qman__> also, what version of ubuntu, and under what circumstances?
<linty_> 11.04 web server
<linty_> no
<linty_> sorry the "no" was the wrong window
<Takyoji> PHP seems to be running now.
<linty_> yeah i just rebooted
<linty_> very weird
<linty_> status was active
<linty_> on both
<linty_> thanks for your help Tak
<Takyoji> because, if it's returning the source code, that usually means nothing is set in the config/modules to parse the PHP first; and, if it's acting like downloading, but the downloaded file is completely blank, then (I think) that's usually when the PHP process dies in some way or another and Apache returns a blank result.
<linty_> hmmm wonder if it could be a hardware issue
<linty_> time to run some scans
<Takyoji> that would be very very specific for it to be a hardware issue, for it to be only an issue in PHP and everything else being perfectly fine. :P
<qman__> yeah, unlikely at best
<linty_> ok well i'll just chalk it up to the linux gods and see if it happens again
<qman__> usually it's a bug in loading of the module
<qman__> some configuration not sticking or whatever
<linty_> thank you qman
<linty_> and thanks again Tak
<qman__> re trixbox, my only experience with it is encountering one at a business that got completely owned and was racking up their phone bill
<Takyoji> heh
<qman__> though I'm sure that had more to do with the guy who set it up than the software itself
<Takyoji> I still wonder what the hell it would even be. Does a kernel panic reset all the network connections, or not?
<qman__> a kernel panic stops the entire system
<qman__> all programs, connections, everything halts
<qman__> and you may or may not be able to send the kernel signals via direct keyboard input and the sysrq magic keys
<qman__> the only way to log a kernel panic is an IP KVM or serial console
<janesays_1> still having issues getting a roaming error on ssh.  it's only from mac laptops, other laptops are fine o_O  http://pastebin.com/D7jr6UmA
<Daviey> janesays_1: mac + ssh is the most failest thing ever.
<janesays_1> it is :(
<janesays_1> I've been dicking around with it all day
<janesays_1> so why can I do it perfectly fine on linux hosts
<janesays_1> and not with mac
<Daviey> sorry, don't know :(
<janesays_1> I appreciate your help daviey
<chrislabeard> Do you guys know if its possible to run 2 mail servers on the same domain?
#ubuntu-server 2011-10-07
<JayWalker_> Anyone here versed in apache and rewrite rules? I only ask here because there's no apache IRC afaik
<panfist> i'm not sure if this is an ubuntu question or if it's more application-specific,
<panfist> i was wondering what's a good strategy to maintain a shared environment between hosts, for example when you have a testing and staging server, and several workstations supporting those servers
<panfist> the testing and staging server are running some version of python for example and set of modules,
<panfist> i'm guessing you can configure those on the servers and mount them read only on the workstations or something like that,
<twb> JayWalker_: #httpd
<JayWalker_> thanks
<panfist> is it possible to set up something like a package server, where if you mark and install a package on the main machine, that package is pushed to other machines?
<twb> panfist: puppet
<twb> panfist: or dpkg --get-selections | ssh otherhost dpkg --set-selections, but really you want puppet
<Takyoji> Sssoooooo, would it be stupid to force the unmounting of a harddrive that has potentially failed (as there's IO errors when accessing it), even though when you try unmounting it says 'device is busy'? :P
<twb> Takyoji: no, but it's unlikely to work
<twb> Takyoji: first you should kill off any procs not in D that are trying to access it
<Takyoji> any way to list such?
<twb> lsof
<Takyoji> lsof | grep (name of the mount point)
<Takyoji> yes?
<Zanzacar> Hi, I have recently started up a media server and looking for ways to reduce my overall power bill I thought I might install powernap. That being said I have been trying to edit the config file to not fall asleep while apache is reading or writing to the hard drive. Does anyone have any ideas on how to do this?
<TheEvilPhoenix> servers are in general always on.  what makes you think that it is taking up the most of your power bill?  there's definitely other items that eat more power than a server ;P
<Zanzacar> Thats probably very true, but I only use the server at home for specific things like streaming videos to my TV.
<Zanzacar> No reason to power something that isnt going tobe used.
<TheEvilPhoenix> then why run a server at all :P
<Zanzacar> well isnt going to be used all the time haha.
<Zanzacar> no reason to have a light on in a room your not going to be in.
<TheEvilPhoenix> (btw, afaik, there's no way to differentiate between read/write processes and idle state)
<Zanzacar> Powernap has monitors for IO,TCP,Process,Loads etc.
<Zanzacar> I read the man page, changed the debug settings to output more information, read the config files and I am kind of at a losss.
<Zanzacar> Hi everyone I was looking for some help on setting up SSH on a server. I have it all setup where I can login through SSH through the same local network but I would like to do it from outside my home network. How can I do that? Additionally does that open up other computers on the network to security riskes?
<thevinci> hey folks, I have set up a computer in my house as an ubuntu server. I've got vsftpd installed, and some files in folders, now I'm trying to figure out what to do to access them from my laptop
<thevinci> I've tried Places<Connect to Server
<thevinci> and then I enter the IP of my server, right?
<thevinci> cuz that ain't working for me...
<greppy> thevinci: what is running on your laptop?
<thevinci> greppy: ubuntu 10.04 desktop
<greppy> thevinci: did you select FTP with login?
<thevinci> greppy: I've gotten past the ftp hurdle, I am now able to view and write files on my server from my laptop
<thevinci> greppy: and as a kicker! I figured out that I can mount my usb harddrive in my ftp directory and access it from there!
<greppy> heh
<greppy> you could also use sftp ( included with openssh-server ) to do it securely
<thevinci> greppy: any suggestions now on how to get connected to an xbox 360? heh... I'd like to stream videos to it
<Gerowen> How is everyone?
<Gerowen> thevinci: I used this for the longest time to stream videos to both my PS3 and 360 from my Linux box, http://www.ps3mediaserver.org
<thevinci> Gerowen: is that a package I can install on my server?
<Gerowen> I just downloaded the tarball from their website, it runs with Java
<Gerowen> You can have it run as a service so you don't have to have a GUI
<thevinci> that's what I'm looking for! :)
<thevinci> I'm assuming all the info regarding such is found through the link? ;)
<Gerowen> Yep, I haven't used it in a little over a year, but last time I did it worked pretty good.
<thevinci> I'm assuming I want to look under the "install on a headless ubuntu server" section?
<thevinci> I'm only guessing that headless refers to no gui?
<Gerowen> yep
<Gerowen> Well I'm going to head out, catch ya later everyone.
<thevinci> thanks for the tips Gerowen! Big help!
<thevinci> problem, I use command 'ftp localhost' from my server, login, and then I can connect from my laptop, BUT! I want to also do other things on the server while this is going on. only way I can see to do this, is to quit ftp localhost, which ends my connection from my laptop.
<thevinci> never mind... I just added '&' after 'ftp localhost' and that worked!
<lynxman> morning everyone o/
<jamespage> morning all
<gnuyoga> morning
<RoyK> mrnng
<markatto> I am trying to file a bug on launchpad, but I can't figure out how. The "report a bug" button just sends me to a page with instructions on how to use some gui thing.
<nigelb> markatto: Its not only a gui thing.
<nigelb> apport-cli exists
<markatto> nigelb: can you point me at instructions?
<nigelb> markatto: I'm pretty sure you can just do 'ubuntu-bug packagename', the page you got sent to should have detailed instructions :)
<markatto> nigelb: the instructions all refer to gui boxes popping up and getting sent to a webpage, but I'll try ubuntu-bug
<nigelb> markatto: I can sum up in a minute anyway.
<markatto> there is no `ubuntu-bug` command, btw
<nigelb> (1) Find your package. If you know the binary, do a "which binary" to find the path the binary. THen do dpkg -S /path/to/binary to find the package
<nigelb> (2) You can either do "ubuntu-bug package", or "apport-cli package"
<nigelb> markatto: That's strange. Which release? Do you have apport installed?
<markatto> 10.04 server
<markatto> I am installing the apport package now
<nigelb> My 10.04 servers do have apport.
<nigelb> While you can override this, its nicer to file a bug with apport since it most of the time collects a bunch of relevant information which makes triaging easier.
<nigelb> Or else, you're going to go back and forth to get the right info.
<markatto> nigelb: I think i've got it
<nigelb> \o/
<markatto> i viewed the report and it didn't have that much relevant stuff in it
<markatto> imho this is unecessarily convoluted
<nigelb> Yeah, I'm goign to bring it up to bug squad.
<nigelb> This is certainly painful for server.
<nigelb> markatto: which package was this btw?
<markatto> rsyslog-gnutls
<nigelb> It probably doesn't have a hook.
<nigelb> Packages with hooks have beautiful functionality from apport. However, I see your point.
<nigelb> markatto: Could you link me to the wiki page (I don't get there, bug control member)
<nigelb> https://help.ubuntu.com/community/ReportingBugs ?
<markatto> yeah that
<nigelb> markatto: For future, use https://help.ubuntu.com/community/ReportingBugs#Filing_bugs_at_Launchpad.net
<markatto> mmk
<markatto> debian and fedora are much simpler than this
<lynxman> jamespage: morningsir
<nigelb> markatto: heh, I might disagree about debian  ;)
<nigelb> Although debian bug reporting awakens the geek in me
<markatto> nigelb: well, regardless, the package works in debian ;)
<ersi> markatto: thanks for taking time reporting/trying to report an issue :)
<markatto> ersi: yeah it sucks that a web search turns up many people with the same problem, but no bugs have been filed
<ersi> yeah, that always sucks quite hard
<markatto> even worse is that it is 5 am and I need this working by tomorrow
<markatto> so i'm probably going to have to build a new package myself
<koolhead17> hi all
<markatto> is there a way to attach multiple files in launchpad, or should I just tar them up?
<thevinci> AGGH! I just ran a process on my server, command line, ya know? And now after the print out, I'm left with a blinking cursor stuck in the process! How do I get out!?
<thevinci> 'quit' 'exit' and 'escape' did not work
<markatto> thevinci: ctrl+c
<thevinci> I tried that. it just printed a bunch of gibberish on the screen, kinda like when I try to use arrow keys right now
<nigelb> maybe break out of the ssh session?
<nigelb>  Enter + ~ + .
<markatto> thevinci: some programs will terminate with ctrl+d (EOL)
<markatto> or, open a new shell and kill the process
<markatto> or try ctrl+z to pause it
<thevinci> thank you! Swithcing to a different console helped
<thevinci> I didn't know I could do that in a server setting. Just started this project this week
<markatto> thevinci: you are physically in front of the server and using keyboard + monitor?
<thevinci> yes
<markatto> ctrl+alt+[F1-F6] are all getty instances on most linux installs
<thevinci> I knew I could do that in my ubuntu desktop, just never made the corralation to the server side. lol
<thevinci> like I said, just started this this week. been using ubuntu desktop for a few years now though. exited to dive deeper in to the command line O.o
<sanderj_> Why is my load average 18.00 14.21 12.21, when my processes isn't using more than 20% cpu and memory?
<maswan> most likely waiting for disk access
<markatto> or network i/o
<markatto> but probably disk
<markatto> sanderj_: check iostat
<thevinci> Anyone know a good service for streaming video from ubuntu server to xbox 360?
<thevinci> I already have FTP, and DAAP set up and working, but neither of those work with the 360, nor does mediatomb
<markatto> thevinci: google says uShare
<thevinci> thanks markatto, I'll check that out
<thevinci> believe me, I've been googling, lol, just didn't come up with that one yet
<lynxman> koolhead17: hey, morning ;)
<koolhead17> hello lynxman :)
<thevinci> any of you familiar with Samba?
<koolhead17> thevinci: the dance ?
<koolhead17> :D
<thevinci> lol, no the file sharing protocol
<lynxman> thevinci: rather than ask to ask, ask away your question, I'm sure someone will pick it up :)
<koolhead17> indeed thevinci :)
<thevinci> I'm trying to set up my ubuntu server with samba. I've followed a tutorial and i think I've configured it right, but I can't connect to it from my laptop
<thevinci> I have samba installed on my laptop as well
<thevinci> When I click on the network folder in ubuntu, all it shows me is 'windows networks' and when I click that, it tells me it can't connect to the server
<lynxman> thevinci: any error on the logs?
<lynxman> thevinci: /var/log/samba/*log on the server side
<thevinci> lemme check lynxman...
<koolhead17> thevinci: https://help.ubuntu.com/10.04/serverguide/C/windows-networking.html  is this the guide you followed?
<thevinci> lynxman, it tells me no such file or directory exists
<thevinci> and yes, that's the one i started with koolhead17
<koolhead17> thevinci: is the service running
<jamespage> iscsi root testing beckons this afternoon
<jamespage> w00t
<thevinci> well, when I tell it to start samba by 'sudo start samba' I get 'start: unknown job: samba
<thevinci> =/
<thevinci> smb doesn't work either
<koolhead17> thevinci: so the service is not running it means
<koolhead17> jamespage: :)
<koolhead17> Daviey: hey
<smb> thevinci, How can you say that?
<thevinci> lol, sorry, was referring to a command, not you smb
<thevinci> and yeah, that's what it looks like koolhead17
<koolhead17> kim0: can you point me to the paste link of server guide. i need to check what all chapters is left and under me :D
 * smb just had to jump on that opportunity
<kim0> koolhead17: http://pad.ubuntu.com/serverguide
<thevinci> i've tried uninstalling and reinstalling to no avail
<kim0> koolhead17: if you wanna take one of the others .. feel free :D
<koolhead17> kim0: i remember you told me that some more have been assigned under my belt. :)
<kim0> koolhead17: did you try the core thing?
<kim0> koolhead17: yes .. etckeeper I believe
<koolhead17> kim0:  i will do etckeeper once am home
<kim0> great
<kim0> thanks man
<thevinci> Is 'smbd' the same as samba?
<koolhead17> thevinci: yes that is the daemon :)
<thevinci> am I missing something installed on the laptop side of things?
<koolhead17> thevinci: read the documentation once more
<koolhead17> :)
<thevinci> Ok, well, 'smbd' runs and restarts just fine
<koolhead17> kim0: i have no KVM here, i have to use on virtualbox
<koolhead17> thevinci: read the manual once again my suggestion would be to you.  And see if you missed adding something in the configuration file
<koolhead17> kim0: no one is doing the web server part?
<koolhead17> i can add myself to apache2 and php thing as well :p
<hallyn_> smoser: do you still see bug 863629 on occasion?
<smoser> where is mup?
<smoser> hallyn_, i haven't seen it since the time i was looking at it.
<smoser> but i haven't been trying
<smoser> where did uvirtbot go ?
<hallyn_> smoser: ok, thanks.  I think that the lxc_driver was dying before thte lxc_controller got going
<smoser> anyone know ?
<smoser> Daviey, ?
<hallyn_> I'm going to leave it sit for now then
<smoser> hallyn_, i can try today to run the same thing and see if i hit it.
<smoser> regarding uvirtbot, i have:
<smoser> 10/02/11 05:55:03 <--   uvirtbot has quit (Ping timeout: 252 seconds)
<smoser> time is eastern
<Daviey> smoser: o/
<smoser> do you know who ran uvirtbot daviey?
<Daviey> smoser: uvirtbot is run by soren.. i assume it's poorly, and he hasn't noticed.  If it doesn't come back by end of week, we'll enable ubottu.
<Daviey> I'm sure soren will resolve it when he notices.
<kim0> koolhead17: check the list I emailed the server list .. only the mysql guy replied .. any other chapter, you can take .. just put your name on it, that would be very great. Thanks man
<koolhead17> kim0: just added :D
<kim0> koolhead17: woohoo
<thevinci> read the manual again, cleaned up config file, still, when I click 'networks' i get failed to retrieve share list from server
<thevinci> I know you don't have all the specific answers, just wondering if you can help point me in a good direction.
<smoser> i think we should at least have a public git branch that includes the ubuntu fixes for opesnstack components.
<lynxman> zuping
<lynxman> zul: ping
<lynxman> smoser: hey :)
<smoser> hey.
<JohnRandom> good evening
<JohnRandom> quick question: I get "gcc: readline/libreadline.a: No such file or directory" during compilation of the python-django source â¦ libreadline6-dev is installed â¦ am I missing something?
<jamespage> negronjl: around?
<negronjl> jamespage: here
<jamespage> negronjl, hey
<negronjl> jamespage: hi
<jamespage> negronjl: 1) I just finished a load of work on the tomcat7 juju charm - OK if I retro fit to the tomcat6 one?
<jamespage> and 2) have you had a chance to look at the cassandra charm changes I proposed?
<negronjl> jamespage: sure on the tomcat6 retro-fit.  don't remember the changes on cassandra.. can you tell me again?
<jamespage> negronjl, http://tinyurl.com/3mt2ur6
<jamespage> I did a bit of refactoring into a single script;
<jamespage> and worked on the peering/cluster seeding so it requires less restarts of cassandra instances
<jamespage> its still a little deficient in that it does not deal that well with units being removed
<negronjl> jamespage: interesting... I don't remember seeing this at all... did you talk to me about this before and I just don't remember ( i must be going crazier than I thought ).  Give me a minute or two to read it over.
<jamespage> negronjl, I did not talk to you about it - but requested a review from you
<negronjl> jamespage: hmm... I approved it.  thanks for the changes.
<negronjl> jamespage: interestingly enough, I received no email or notification ( that I can think of ) about it.  heh....water under the bridge now.
<jamespage> negronjl, any chance you could update the ownership of lp:charm/cassandra to charmers?
<jamespage> That way I can push it myself
<negronjl> jamespage: done.  I also changed all of my charms that have been merged into lp:charm to charmers....sorry for the delay on this.
<negronjl> jamespage: I have been out of work for a few days and have not kept up with things.
<jamespage> negronjl, np - that was the only piece that was stalled :-)
<Daviey> utlemming / smoser: do the cloud images not do a daily apt-get update?
<smoser> what does that mean
<Daviey> smoser: desktop, and unless i am mistaken - has a daily cron task of doing an "apt-get update" to reflect the current cache
<smoser> Daviey, i do not believe they do.  I do not believe that the default server installation does that.
<smoser> if default server does, and cloud images do not, then we should fix that.
<smoser> if you're just saying "why dont we test the mirrors more frequently?", we can probably have that done.
<smoser> utlemming, i'm thinking that we could add code to the publishing process that used python-apt to check mirrors.  and just report failures.
<Daviey> smoser: hmm, /etc/cron.daily/apt is present
<utlemming> Daviey: what are you seeing that is prompting the question?
<Daviey> utlemming: I was suprised to not see any pending updates, on a 8 day old cloud image
<rbasak> Does it prompt for something related to updates at installation time?
<utlemming> Daviey: did an apt-get update show
<Daviey> no
<rbasak> Presumably the cloud images are built with a preseed
<utlemming> one of the final build processes is to run "apt-get update"
<Daviey> 11.04 Server iso =
<Daviey> dave@bootie:~$ apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists
<Daviey> UpdateInterval='1'
<Daviey> It's null on the cloud images.
<smoser> well what is modifying that ?
<utlemming> I wonder if that is live build....
<utlemming> live-build has the options of "--yes --force-yes -o Acquire::http::No-Cache=True -o Acquire::Retries=3 -o APT::Get::AllowUnauthenticated=true"
 * utlemming checks to see if those options are written out
<utlemming> so it looks like live-build does de-configure the apt config when the chroot is torn down
 * utlemming looks to fix the problem
<Daviey> utlemming: cool.
<rbasak> https://bugs.launchpad.net/ubuntu/+source/samba/+bug/862129 seems to be causing upgrades to fail for quite a lot of people - I've tracked down a number of duplicates. Can someone comment on my patch please?
<Zanzacar> I have a remote server and I was wondering how might you find out if someone has tried to brute force your SSH?
<Kiall> Hi All - Trying out Oneiric server (Beta 2, all updates applied) and am getting occasional Kernel Oops with KVM.. Anyone around who can help debug the issue?
<jamespage> Daviey, SpamapS: iscsi root gets installed with a 'manual' entry for eth0 - and the network failsafe stuff then kicks in
<jamespage> any ideas?
<Daviey> jamespage: is that a regression?
<jamespage> Daviey: not sure - if you remember for beta-2 it would not boot at-all
<jamespage> I think it was OK before that tho
<Daviey> jamespage: can you raise a bug with that?
<jamespage> Daviey: sure
<Daviey> jamespage: I think it needs to be confirmed to be a regression (from Natty), before we consider fixing it.
<Daviey> If it is a regression, we could probably target a fix - otherwise it's one for P.
<jamespage> Daviey: ack - I need to take a break now but I will be back later
<Daviey> jamespage: oh sure.. i don't want you panicing over it.  If we know before 10:00 Monday, that would be rocking.
<Daviey> adam_g: around?
<bau-> hi all, i'm configuring postfix to simply send an email from a php page. I have done everything, but when I receive the mail, is says: from: www-data@what i want how can I change www-data with something else?
<Kiall> anyone know if I've filed this oneiric kernel/kvm/openstack kernel oops bug with all the necessary info? https://bugs.launchpad.net/ubuntu/+source/linux/+bug/870168
<utlemming> Daviey: still awake?
<Daviey> utlemming: yup
<Doonz> how can i find out what is accessing my device /dev/sdc1 my system claims its busy yet lsof and fuser dont list anything
<utlemming> Daviey: I just installed a server from the daily ISO, and APT::Periodic::Update-Package-Lists is not set
<Daviey> Hmm, interesting.. it is set on natty. :/
<utlemming> Daviey: that was with a minimal install.
<Daviey> You get a null return?
<utlemming> correct
<utlemming> I checked my Beta1 install and it had it set
<Daviey> utlemming: you installed from beta 1, or upgraded from prior?
<utlemming> Daviey: test1) beta1 install, upgraded - good
<utlemming> test2) daily server install - bad
<utlemming> Daviey: do you know what package sets that value?
<hggdh> Daviey: bug 870212 should aat least be mentioned on the release notes, I think
<hggdh> hell, where is the bot?
<hggdh> Daviey: https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/870212
<jamespage> Daviey, https://bugs.launchpad.net/ubuntu/+bug/870214
<Daviey> jamespage: ta
<Daviey> utlemming: no, sorry.
<jamespage> Daviey: effects auth and unauth amd64
<jamespage> just going to regression test natty
<Daviey> thanks hggdh
<consumerism> on my ubuntu nfs server i am looking at htop and the total of all the reported processes memory usage is less than 5%, but about 4.5GB out of 8GB are used (green) in htop, and free -m agrees (-/+ buffers/cache:       4419). how can i see what's using up all the memory?
<consumerism> in top, if i sort by %MEM, only the top few processes are using more than 0 and each of them only use 1 or 2 %.
<consumerism> yet...Mem:   7358492k total,  7321908k used,    36584k free,     2368k buffers. so about 4.5GB should be used by user processes right? where are they?
<Kiall> consumerism, try "free -m" on the command line ..
<Kiall> the free amount on the +/- buffers col is what's actually free
<RobinBAwesome> hi, i'm trying to edit the 10.04 minimal iso with a preseed, and after the installer configures DHCP it just hangs for a couple minutes before moving on on a blue screen. the log says "net-retriever:". what could this be?
<RobinBAwesome> the install continues, but it seems like it's timing out. i've tried it both without modification and against a local apt cache with the same results
<soren> Daviey: I'll take a look at uvirtbot.
<Daviey> soren: good sushi
<consumerism> Kiall: quoting myself from my first message: "free -m agrees (-/+ buffers/cache:       4419)"
<soren> Daviey: Weird. Supy still lives, but it's just not connected.
<iggi_> Hello, I seem to have a problem with emulating PFSense 2.0 on QEMU-KVM 0.14.0 and Ubuntu 11.04, I have it running on another machine with Ubuntu 10.10 and QEMU-KVM 0.12.5. Whenever I start the virtual machine it loads the boot menu on the live CD and then locks up in a few seconds effectively using 100% of the cpu
<consumerism> Kiall: i want to know which processes are using that memory since top and htop only list a few processes using any memory at all, and the total % is less than 5. i want to know what processes are using the other 95% of the memory which free -m reports used.
<Daviey> soren: blame freenode, bet it got lost in a netsplit
<soren> INFO 2011-10-02T10:06:56 supybot Error message from freenode: Ping sent at 2011-10-02T10:04:55 not replied to.
<soren> Then nothing.
<Daviey> freenode is so rude
<Daviey> soren: maybe if you were running smosos it would have been reliable.
<Kiall> consumerism: if "free -m" said "(-/+ buffers/cache:       4419)" .. then you have 4.4GB free, while top said you had 36584k free..
<soren> Daviey: I'm not the target audience, I'm afraid. :(
<Kiall> the difference is the disk cache, and its usable free RAM, just linux decides to put it to use (speeding up disk access) rather than let it sit idle..
<Daviey> soren: :(
<consumerism> Kiall: i thought - buffers meant that that amount was used by user processes. the usage in top reports the total usage including kernel buffers and disk cache
<soren> Daviey: :(
<soren> Daviey: kill -HUP killed it.
 * soren hasn't grown out of uptime fixation yet
<soren> soren     3985  0.9 18.6 224432 10912 pts/0    Rs+   2010 8064:11 /usr/bin/python /usr/bin/supybot virtbot.conf
<Kiall> consumerism: the buffers are usually only a small % of the difference .. they should be listed on the first line of free -m
<Kiall> eg .. http://paste.ubuntu.com/704171/
<Kiall> soren: your involved with openstack package for ubuntu right? (I could be thinking of someone else..)
<Kiall> you're*
<Kiall> packaging* .. not my day!
<daxroc> evening
<Daviey> soren: i used to run some servers that sync'd with the uptime project :)
<Daviey> soren: you did the noa xen package?
<Daviey> nova*
<jamespage> Daviey: all iscsi root tests completed - all had the same long boot/failsafe issue
<consumerism> Kiall: so in your paste, which number is the amount of memory used by user processes?
<Kiall> 4034M
<Daviey> jamespage: rocking :/
<Daviey> jamespage: thanks for doing them.. have you failed them on the iso tracker?
<jamespage> Daviey: I suspect that the interface is set to manual for good reason
<jamespage> well TBH they don't fail - they just take a long time to boot
<jamespage> I've linked the bug on all four test cases from the ISO tracker
<Daviey> jamespage: can you throw open a bug, otherwise i will forget.
<Daviey> In the least, it's something for P
<jamespage> Daviey: any specific tag?
<jamespage> ah - it already has server-o-rs
<Daviey> jamespage: server-o-ro, not sure it will get fixed - but i'd like to strill track it as sucj
<Daviey> hmm, which bug number?
<jamespage> bug 870214
<uvirtbot> Launchpad bug 870214 in ubuntu "iSCSI root installation creates manual eth0 configuration + long boot" [Undecided,New] https://launchpad.net/bugs/870214
<jamespage> w00t the bot it back
<jamespage> I don't know much about /etc/network/interfaces other than how to use it but that might actually make sense
<jamespage> you don't want the network interface to be downed/upped again during boot - because you are booting off it?
<jamespage> Daviey ^^
<jamespage> might be talking out of my hat - be there you go :-)
<jamespage> be/but
<Daviey> sounds viable
<Daviey> (you talking out of your hat, that is :)
<jamespage> lol
<uvirtbot> New bug: #870301 in irqbalance (main) "package irqbalance 0.55 20091017-3ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/870301
<jamespage> Daviey: bug 870244 - Precise?
<uvirtbot> Launchpad bug 870244 in dovecot "mail-stack-delivery package install needs to restart dovecot" [Low,Confirmed] https://launchpad.net/bugs/870244
<jamespage> its been there for a while...
<Daviey> jamespage: If you are motivated to fix it for Oneiric, i'd be happy approving it.
<Daviey> Seems like a safe simple fix.
<jamespage> Daviey: OK - looking at it now
<Daviey> jamespage: remember to have a weekend aswell. :)
<jamespage> bah - who need one anyway...
<Daviey> jamespage: Now there is a core-dev, if i ever saw one!
<jamespage> Daviey: hmm - well the change is easy - however dovecot does not really like restarting
<jamespage> I'm going to leave this for tonight and take a look early monday
<Daviey> jamespage: if it starts to look less than fun, probably better to defer it.. See how it goes
<Daviey> What was dovecot doing?
<jamespage> Daviey: if restarts to quickly - the sockets have not cleaned up from the previous instance
<jamespage> if/it
<jamespage> so it fails to start
<Daviey> geez, that sounds like a standalone restart also fails then?
<Daviey> as in, dovecot on it's own - not part of the stack package
<Tohuw> bind9 is throwing "rndc: connect failed: 127.0.0.1#953: connection refused" on reload. Nothing shows in syslog. The named PID file has the right permissions. Clues?
<Tohuw> Turns out it was a permissions issue on a few config files in /etc/bind. All is well now.
<LUCID_PHP> Hi, what is the best way to get PHP 5.3.8 on Lucid LTS - with future security updates...
<LUCID_PHP> but I also need APC...
#ubuntu-server 2011-10-08
<lost127> i have a number of linux servers (vm's and physical) is there a straightforward way to share home directory contents between them? how do i approach setting something like this up?
<Patrickdk> lost127, there are hundreds of ways
<Patrickdk> most simple is nfs mount
<Patrickdk> harder is using something like a clustering filesystem
<RoyK> lost127: the old way is nis/nfs, the new way is ldap/nfs
<RoyK> Patrickdk: there aren't hundreds of ways to do that while keeping permissions etc - there are two ways - perhaps more - but not hundreds
<Patrickdk> you only listed two
<Patrickdk> I listed gfs
<Patrickdk> you could use gluster, luster, afs, ...
<Patrickdk> hell, even samba :)
<RoyK> that's not amusing
<Patrickdk> but ya, two things you have to solve
<Patrickdk> user id sync, and file sharing
<RoyK> meaning either nis or ldap
<RoyK> protocol used for sharing is optional
<RoyK> but nfs is probably preffered
<Patrickdk> I use mysql :)
<Patrickdk> mysql tied into pam
<RoyK> preferred, even
<Patrickdk> evil isn't it?
<RoyK> mysql is a dumb-ass database
<RoyK> use postgresql if you want a real dbms
<Patrickdk> I thought about converting it to ldap, but it really isn't worth the hassle
<RoyK> mysql is nothing but a hack
<Patrickdk> why do I need a real dbms?
<RoyK> works well for small systems, but sucks at large ones
<Patrickdk> I'm getting hundreds of thousands of transactions per sec from mysql
<uvirtbot> New bug: #870405 in nova (main) "nova-manage providing filename to default_flagfile breaks devstack" [Undecided,New] https://launchpad.net/bugs/870405
<qman__> where mysql really falls flat is when you need more than one server
<RoyK> Patrickdk: mysql has several issues for large scale transaction databases
<qman__> unless things have changed since I last worked with it
<Patrickdk> qman, nope, still only have one option for replication
<RoyK> Patrickdk: except postgresql?
<RoyK> Patrickdk: which even has sync support for every transaction
<dkn> running into some trouble loading a intel SSD into my raid array
<Patrickdk> royk, ya, but why do I need sync support for every transaction?
<Patrickdk> if I want sync support, I would turn it on, if I don't, turn it off
<Patrickdk> I defently don't want to force that on the db's I use
<Patrickdk> as they don't have to be consistant or reliable
<RoyK> Patrickdk: you don't have to, but it's rather neat if you want to keep your data clean
<Patrickdk> my heavy traffic mysql servers are like scratch pads
<RoyK> Patrickdk: postgresql is a real dbms, mysql is a hack
<Patrickdk> so far, everytime I hit a performance issue with mysql, it was bad application programming
<Patrickdk> nothing worse that locating php code that loops over a table, then loops over the table again inside that loop
<Patrickdk> and that code is called from cron every min
<RoyK> Patrickdk: for large databases, say a few hundred gigs, mysql can lose its tolerance with a single unexpected reboot. that doesn't happen to postgresql
<RoyK> mysql is a dirty hack, not a good DBMS
<Patrickdk> was this on ext3?
<RoyK> or ext4
<Patrickdk> ok royk, your repeating yourself
<RoyK> Patrickdk: I may say it again if you like
<Patrickdk> you already did 3 times
<Patrickdk> and I never said I didn't agree that mysql isn't a hack
<RoyK> ok, mysql is a dirty hack
<Patrickdk> but it still performs well
<RoyK> it surely does
<RoyK> so does postgresql
<Patrickdk> and in my 10+ years of using it, I haven't once had it crap out and die
<Patrickdk> now, my biggest mysql db is about 25gigs though
<RoyK> probably not a transactional database
<Patrickdk> it is
<Patrickdk> it's heavy transactions for that database
<RoyK> using mysql for a random transactional database seems to me a VERY bad idea
<RoyK> myisam uses table locking
<Patrickdk> why?
<Patrickdk> there is your issue :)
<Patrickdk> myisam doesn't support transactions
<Patrickdk> therefor you don't do transactions on myisam
<RoyK> innodb has row blocking, but has rather bad issues
<Patrickdk> haven't had issues with innodb at all
<Patrickdk> it's just a ram hog
<RoyK> postgresql doesn't use much memory - it leaves it to the system to do the caching
<RoyK> which is good, with modern systems
<RoyK> 10-20 years ago, a database needed to do the caching on its own, because the filesystem/buffers weren't good enough
<RoyK> now that has changed
<uvirtbot> New bug: #870448 in nagios-plugins "check_http fails to decode chunked encoding before performing string checks" [Undecided,New] https://launchpad.net/bugs/870448
<chronos> Good night.
<chronos> All of guys here use ubuntu server in production servers without any prob?
<chronos> I need to mount a new server for my work that will use python 2.7 and ubuntu already have it native.
<chronos> but people like debian and I'm trying to search points of comparisson to use ubuntu server instead debian
<lost127> points of comparisson really boil down to project philosophy and ease of use.
<lost127> between debian vs ubuntu
<lost127> ubuntu is debian with a little more polishing to make it shine a bit more.
<qman__> in production, one of the biggest advantages of ubuntu is LTS releases
<qman__> you can count on keeping the same major versions but still have security updates
<qman__> they're basically the same in many ways, since, as mentioned, ubuntu is debian based
<qman__> the differences are mostly in packaging, releases, and such
<uvirtbot> New bug: #870481 in samba (main) "package samba 2:3.5.11~dfsg-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 870480)" [Undecided,New] https://launchpad.net/bugs/870481
<uvirtbot> New bug: #870480 in samba (main) "package samba 2:3.5.11~dfsg-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/870480
<koolhead17> hi all
<Daviey> adam_g / RoAkSoAx: don't suppose you are around?
<Daviey> smoser: around?
<uvirtbot> New bug: #870744 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/870744
<dkn> i changed out both the drives on my raid-1 boot drive, they resync'ed fine, i did however move them to different sata ports then the original, is that why nothing is loading when i reboot the server?
<RoyK> any idea how I can change the default home directory path from /home/ to somewhere else
<pmatulis> RoyK: when creating new users you mean?
<RoyK> found it - /etc/default/useradd
<dkn> ok i made sure the bios was pointing to the right boot drive... but i still get a blinking cursor after the bios detects all the disks.... do i have to update grub?
<RoyK> dkn: is grub installed on that drive?
<dkn> ahhh.... i guess not, ahh dang... i created the partitions, then added it to the array, i assumed the resync process would do the grub stuff
<dkn> is it easier to do it from a live desktop usb stick or a server recovery cd?
<RoyK> rsync works on the filesystem - grub is outside of that
<ertyui> hi
<ertyui> how to set date  on command line
<ertyui> ?
<RoyK> man date
<ertyui> yes
<ertyui> date how to set ?
<RoyK> http://i.imgur.com/fNZk5.jpg
<RoyK> ertyui: the manual says that quite clearly :)
<ertyui> lol
<ertyui> i dont understand the manual
<RoyK>        -s, --set=STRING
<RoyK>               set time described by STRING
<ertyui> just a sec
<ertyui> this is what i done
<ertyui> date -s â25 DEC 2008 13:45:00â³
<ertyui> this is what i got
<ertyui> for that : http://paste.ubuntu.com/704511/
<RoyK> then read the error message - it says 'Recognized formats for TIME.....'
<ertyui> well how to written this one in number ? 	[[[[[YY]YY]MM]DD]hh]mm[.ss]
<RoyK> ertyui: transfer $100 to my account and I'll give you a one-liner for that
<RoyK> YYYY is the year in four digits ... [something] is something that may be omitted
<RoyK> etc
<ertyui> this one not working
<ertyui> date -s 2011-10-08 18:01[:30]
<dkn> ah,,, can i run rescue mode from a server usb stick?
<RoyK> try without [:30]
<RoyK> dkn: yes
<dkn> i'm stuck at the load cd drivers, and load files from cd
 * RoyK can only conclude that good old PCI sucks rather badly on performance
<ertyui> same error
<ertyui> date -s 2011-10-08 18:01
<RoyK> add quotes around the date
<RoyK> date -s "asdf"
<ertyui> perfect RoyK
<iToast> hey
<iToast> i have a ubuntu server 8.4
<ertyui> can we talk about firmware here ?
<iToast> How do i setup a damn static ip >:C
<ertyui> is it easy to build firmware based on ubuntu ?
<RoyK> iToast: /etc/network/interfaces
<RoyK> !interfaces
<iToast> ...
<iToast> RoyK: i tried.
<iToast> what do i put for network?
<RoyK> iToast: the network address ;)
<iToast> Ill tell you want i want and know...
<iToast> 192.168.2.4 192.168.2.1 192.168.2.255
<RoyK> iToast: pastebin your current interfaces file
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<iToast> i can't?
<iToast> the machine its on isnt able to get on the web.
<RoyK> my guess is your network will be 192.168.2.0
<iToast> Tried
<iToast> said it cant put it up.
<RoyK> driver issue?
<RoyK> try setting the address manually - ifconfig eth0 192.168.2.4
<iToast> ok
<iToast> the drivers are fine
<iToast> it reconizes every bit of hardware :)
<ertyui> can you do this two line iToast
<ertyui> ifup eth0
<ertyui> then /etc/init.d/network restart
<ertyui> then ping the your ip
<RoyK> ertyui: no need for the ifup first
<ertyui> yes
<RoyK> and it's /etc/init.d/networking restart
<ertyui> can you do
<ertyui> cat /etc/issue please
<ertyui> and paste it here
<RoyK> ertyui: are you drunk?
<iToast> that didnt work
<iToast> ertyui: i cant....
<iToast> -_-
<iToast> my main box is windows, my first server is windows
<iToast> My new webserver is ubuntu
<RoyK> iToast: any particular reason for using hardy?
<RoyK> that is, 8.04
<iToast> RoyK: Just what i had on hand, and it works with everything i have
<RoyK> iToast: ok
<RoyK> iToast: 10.04 is the latest LTS release - should work too - but then - hardy works well as well
<iToast> i have network netmask adress broadcast and gateway sent.
<ertyui> well RoyK is it easy to build firmware ?
<ertyui> for router ?
<iToast> it tells me  that im missing some lines....
<iToast> now
<iToast> The ubuntu wiki isnt even helpful since its impossible to get through
<ertyui> iToast:
<ertyui> what tell missing ?
<RoyK> iToast: can you please try to pastebin the /etc/network/interfaces file? even if you have to type it
<iToast> cant D:
<iToast> its just a default config changed to static from DHCP
<ertyui> if you can't go away iToast
<iToast> ...
<ertyui> lol
<ertyui> seriously you asking for help and don't want to cooporate
<ertyui> that's not cool
<ertyui> really
<iToast> ...
<RoyK> iToast: set eth0 auto and correct address and never mind the rest - that should allow you to connect to the machin on the LAN
<iToast> RoyK: What do you mean?
<RoyK> or auto eth0
<iToast> in the interfaces file it has auto eth0
<RoyK> iToast: I mean 'auto eth0' ..... 'inet static' ..... address 192.168.2.whatever
<RoyK> and restart networking
<RoyK> or reboot
<iToast> RoyK: and it will do the rest...?
<iToast> Il try
<RoyK> you can do the gateway and network and netmask etc later
<ertyui> hello anyone
<ertyui> RoyK: i setup the time
<ertyui> but if i reboot my box
<oakbox> Hi all, does anyone here have knowedge on noip2 and using it to update bind?  I have a script that will update bind and noip will run it when ever my ip changes.  The problem im having is I then have to restart bind manually, which defeats the object!
<ertyui> i have to set the date again
<ertyui> anyone other way to sync it ?
<ertyui> automatically ?
<oakbox> ertyui, you could use a NTP (i think) service to sync your time to...
<RoyK> ertyui: apt-get install ntp
<RoyK> ertyui: please try to google first - the answers are all there :P
<ertyui> ok thanks
<dkn> i'm still stuck trying to install grub to my new raid disks
<dkn> all the articles assume you're doing a regular HD..
<dkn> or you're creating a new array
<RoyK> dkn: raid what_
<RoyK> ?
<dkn> i had a raid 1, i changed out one disk, let it sync back
<dkn> then changed out the second disk, let it sync back
<RoyK> iirc linux needs a separate /boot partition for the boot
<RoyK> dunno if grub understands md
<RoyK> sorry
<RoyK> it does
<dkn> it's supposed to understand raid 1 i think...
<RoyK> but it needs to be raid-1
<dkn> check
<oakbox> No takers for help with restarting bind from a script without privileges? :)
<dkn> https://help.ubuntu.com/community/Installation/SoftwareRAID i'm trying to run grub-install /dev/sde, but i get this... http://pastebin.comQsSYr01V
<dkn> sorry http://pastebin.com/QsSYr01V
 * RoyK listens to The Asylium Years
<oakbox> dkn, silly question but does /dev/sde exist on your system?
<RoyK> as for what oakbox said - cat /proc/partitions
<dkn> yup, it's showing up in fdisk -l with the two partitions, 4gb swap partition, and 70gb root partition,
<dkn> also shows in /proc/partitions, and gparted
<dkn> weird hunh?
<dkn> both the server, and the live stick are 10.04 lts
 * RoyK is down to 43ËC ib his drives after installing a fan......
<RoyK> s/ib/on/
<RoyK> it was close to 70ËC last night :P
<patdk-lap> heh
<RoyK> 70ËC doesn't seem too good for most drives :P
<dkn> any takers? really need to get this system up and running
<dkn> installing grub to disks already in a raid set that you can't boot into yet
<patdk-lap> hmm, my drives are pretty consistant, in this case, 35-37
<GeekyAdam> hi all. can't get teamspeak-server to work. i do "sudo apt-get install teamspeak-server", it installs, seems to be up and working, i can log into it from my desktop with http://server.ip:14534 and change settings and users, but i cant connect with a teamspeak client and on the server when i do "nmap localhost" i dont see any teamspeak port(s) open.
<RoyK> GeekyAdam: wtf - has teamspeak gone open?
<RoyK> GeekyAdam: try mumble
<GeekyAdam> RoyK: what do you mean? open-source? i dont think so. found it in default repos though
<GeekyAdam> RoyK: i'd like to get TS working if possible.
<RoyK> GeekyAdam: try mumble - it's better
<GeekyAdam> RoyK: how so?
<RoyK> seems teamspeak has changed license to BSD
<RoyK> that's good :)
<RoyK> erm
<RoyK> no
<RoyK> GeekyAdam: mumble is open and free and utilizes speex
<GeekyAdam> i have a feeling its something on my end or a server-side setting because i recently tried to get a Q3A server up and all looked fine, but the server didn't open any ports just like now...any ideas why that might [not] happen when installing a piece of server software on ubuntu server?
<RoyK> that's a good gaming voip thing
<GeekyAdam> RoyK: whats the max users?
<RoyK> no max users
<RoyK> max == what your server/connection can handle
<RoyK> so if your machine can handle 1k users, well, fine
<oakbox> GeekyAdam, have you checked things like firewalls?
<GeekyAdam> oakbox: i've checked my desktops firewall, no problems there...i never installed one on the server, it doesnt install one by default does it?
<oakbox> not sure tbh ;)  check your iptables on the server would be my first place to look...
<GeekyAdam> i was afraid of that. i have no experience with iptables. i thought ubuntu-server kind of always did that on its own when isntalling software from repos?
<koolhead17> GeekyAdam: Ubuntu is different :P
<GeekyAdam> koolhead17: how so?
<koolhead17> Ubuntu is about simplifying things :)
<koolhead17> RoyK: hody
<koolhead17> *howdy
<GeekyAdam> koolhead17: right, which is why ubuntu automatically sets up iptables when installing a software package from repos, right?
<RoyK> koolhead17: hi
<koolhead17> GeekyAdam: i have not used iptables so cant say about that :P
<dkn> wow that was fun....
<dkn> fyi, server recovery doesn't work on a usb stick....
<dkn> and reinstalling grub on a server with 16 disks is really really confusing
<dkn> if my routes are all pointing to the right interface, br0, and br0 has an ip, why wouldn't my network connection be working? i can't even ping my router
<dmc68a> Hello Everyone, I am checking on here to find a Developer who is pretty much a guru+ when it comes to Drupal. I am forming a very very elite team to handle time sensitive quick turnaround projects and I will need one front end and one back end developer. They must have incredible resumes that can be sold to clients. If you know this person please have them email me at wheresdave @
<dmc68a> gmail.com If you have any further questions private message me in the next 5 minutes. US Citizens only at this time please.
<Kiall> wow - i hope that guy finds some really "elite" developer who turns out to be an idiot ;)
<Zanzacar> Haha thats pretty funny.
<JanC> all of 5 minutes?
<Kiall> JanC: he will probably move to another server to continue spamming .. ;)
<koolhead17> that was quick
#ubuntu-server 2011-10-09
<dkn> i had bonding setup on my network interfaces eth0 and eth1, i unplugged eth0 and attached it to another port on my switch when i was booting off of recovery mode CD, now the bond is getting an ip but not working, i can't ping anything, and eth0 is getting it's own ip address.... what did the boot cd do to my network config?
<uvirtbot> New bug: #871058 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/871058
<jrwr> How stable is glibc crypt() (using $6$) from ever changing?
<jMCg> Hey folks
<jMCg> I got my NFS server up and running and I put according to https://help.ubuntu.com/community/NFSv4Howto server:/export/homes /home nfs4 _netdev,auto 0 0 in the clients' /etc/fstab -- but it doesn't mount it on boot.
<jMCg> "Currently Ubuntu Server does not come with the scripts needed to auto-mount nfs4 entries in /etc/fstab after the network is up." oh joy.
<jMCg> I was wondering about the missing /etc/network/if-up.d/$stuff...
<jMCg> for fs in $( awk '/_netdev/{print $2}') < /etc/fstab ); do mount $fs ; done'
<jMCg> That should do it.
<jMCg> Yeah baby.
<jMCg> Two machines, equal setup. One mounts nfs on boot, the other does not.
<SpamapS> jMCg: can you boot with '--verbose' in grub on the one that doesn't, and share your /var/log/boot.log and grep init: /var/log/syslog ?
<jMCg> SpamapS: I'd rather not touch grup - I only have SSH access.
<jMCg> SpamapS: but adding sleep 5 to my script fixed the issue -- I tried it before with ifdown eth0; ifup eth0 -- and it said no route to host when trying to mount nfs.
<scalability-junk> hey I'm trying to use automatic memory allocatin with ubunutu 11.04 and kvm, but can't find any docs, can anyone help please
<scalability-junk> *allocation
<ejv> greetings, I have apcupsd monitoring my APC UPS battery backup, upon a fresh restart of the server, 'apcaccess' responds promptly with data dump of all the relevant information; after several hours, it stops responding correctly and my dmesg log fills up with "generic-usb 0003:051D:0002.0001: control queue full" why is this happening, and how do I fix it?
<Takyoji> RAID 1 is really the only possibility for software RAID (to boot from), right?
<patdk-lap> no
<Takyoji> then how the does the boot loader magically read the harddrives (if it exceed a sector) if it doesn't even have software RAID running? :P
<jrwr> I think it does some magic sector mapping
<patdk-lap> Takyoji, that would be the magical raid grub2 boot driver :)
<Takyoji> ahh
<Takyoji> So it's only present in GRUB2 then, yes? Whereas prior to GRUB2, it wasn't?
<patdk-lap> yep
<patdk-lap> but as everything, from 10.04+ has grub2
<Takyoji> also, any thoughts on software RAID versus hardware RAID?
<patdk-lap> that depends on your needs
<Takyoji> How exactly do you configure the hardware RAID controller?
<patdk-lap> how exactly do you configure your bios?
<Takyoji> So it's modularly through the BIOS process?
<patdk-lap> unless you get one with network/serial support
<Takyoji> basically the need here is generally fault-tolerance
<patdk-lap> then anything would work
<patdk-lap> if the need is quicker burst ability, hardware raid + battery backup
<patdk-lap> but there generally is not much difference from software and hardware raid unless your using a battery backup
<patdk-lap> except that more of your pci bandwidth is used writing to the disks, that the hardware raid would be doing
<Takyoji> because apparently there's a school that had a backup harddrive, and would rsync things nightly from the main harddrive (y u no RAID? D: ), and the backup harddrive failed, and they didn't even know, and apparently they also had a single copy of some data on there as well that's now pretty much lost. xP
<Takyoji> ahh
<Takyoji> there's really nothing else on the PCI bus anyway
<patdk-lap> well, nothing will help with that
<Takyoji> I know, but just for preventive future measures.
<patdk-lap> software and hardware riad both need to be monitored
<patdk-lap> ya, if they had raid, they would unlikely know one drive failed
<Takyoji> and I'm just wondering what alert system would be used, or how you'd even tell
<patdk-lap> and would notice when the second one did
<patdk-lap> normally, it emails
<patdk-lap> but that only works if email server works to get out the email address is still in use, and all that :)
<patdk-lap> and someone does monitor that email account, and it doesn't go to junk :)
<Takyoji> but regardless, the reason of RAID would be: better read (don't really care much about write speed, xP), no need for doing the redundancy nightly instead of on-instant, etc
<patdk-lap> only if people have a habit of deleting things
<patdk-lap> that they need
<Takyoji> I wonder if there's anything for along the lines of "soft deletion"
<Takyoji> as for the files itself, it's an LDAP server with NFS/SAMBA
<Takyoji> moreso focusing on the NFS/SAMBA part
<Takyoji> so there can be precautions server-side that are transparent to the client.
<thevinci> I've set up transmission-cli and transmission-daemon, and I've just accessed the web interface, i went to download a torrent, and it gave me an error, saying permissino denied.
<thevinci> is this because transmission doesn't have write properties in the folder I created for my downloads?
<scalability-junk> is there any way to enable automatic memory ballooning with ubuntu (kvm) couldn't find any docs about it
<nronksr> What are people using for email servers these days?
<Takyoji> Postfix and Dovecot?
<patdk-lap> heh, that is software
<patdk-lap> I normally use hp blades
<srk9> I have been given a virtual machine running Ubuntu Server. On Gentoo, I can run "glsa-check -l" to view all security advisories that apply to installed software. IS there an equivalent command on Ubuntu?
<Olotila> Is there a HDD benchmark similar to CrystalDiskMark for server?
<Olotila> I tested in windows, would be interesting to see ubuntu server comparison
<Olotila> disk utility tests mostly just cache, like gives over 1GB/s writes for 4x1TB HDD raid0 with spinning disks
<Olotila> http://img1.uploadscreenshot.com/images/orig/10/28101590141-orig.jpg
<Olotila> here is test in windows side, is there a program that is easy to compare to those results?
<Olotila> http://img1.uploadscreenshot.com/images/orig/10/28103022752-orig.jpg
<Takyoji> I'm not sure if you can use 'palimpsest' (which is actually called the 'Disk Utility' in the Admin menu in Ubuntu) to do such remotely.
<Takyoji> I know you can use the tool for checking details of a filesystem remotely, but not sure if the read/write test is possible remotely.
<uvirtbot> New bug: #871216 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/871216
<uvirtbot> New bug: #871236 in clamav (main) "package clamav-base 0.97.2 dfsg-1ubuntu1.11.04 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/871236
<dgrf> Hello,can somebody give me a guide for setting up postfix mail server along with dovecot and a webmail interface?
<ejat> can someone help me with this driver on ubuntu server
<ejat> 1c:00.0 VGA compatible controller: Matrox Graphics, Inc. MGA G200e [Pilot] ServerEngines (SEP1) (rev 02)
<dkn> what do ya need?
<ejat> xorg .. is it supported in oneiric .. the driver?
<ejat>     13.617] (EE) Failed to load module "mgag200" (module does not exist, 0)
<ejat> [    13.617] (EE) No drivers available.
<ejat> i hv tried "mga" also not work
<dkn> looks like that should work
<dkn> if the xorg.conf is setup for mga in the chipset, and mgag200 in the device section, what version are you on?
<RoyK> ejat: X isn't really a server issue, is it? ;)
<ejat> RoyK :) .. yeah .. agreed .. just wondering "if" u guys can help me :)
<ejat> ive tried using vesa â¦ but its flickering ..
 * RoyK had an rsync running all night for this apple time machine disk and only realized now that it uses hard links
<dkn> buy gui's can good for quick reference :)
<dkn> but*
 * RoyK never uses X on servers
<dkn> of course, i'm certain extra junk that came with my gui is causing the network problems i'm having...
<dkn> http://pastebin.com/atPqJk4k if anyone is feeling brave :)
<dkn> one of my bonded interfaces is still getting it's own IP... i think when i booted from the recovery CD it messed something up with the networking cause i'm setup for eth0 & eth1 --> bond0-->br0
<RoyK> the gui isn't very likely to mess up networking
<RoyK> probably PEBKAC ;)
<dkn> when i restarted Network Manager (used to ignore the eth1 and eth0 interfaces), it started poping up with auto eth0 and eth1 getting their address....
<dkn> most likely, i had i just run grub before restarting i could have saved myself soooo much trouble...
<dkn> i'm about ready to dump the whole bonding config and just go back to one interface and deal with it later :(
<dkn> i just don't understand how eth0 and eth1 are getting an IP? i removed network manager, and /etc/network/interfaces has them as slaves for bond0.... does not compute!
<RoyK> dunno - never used bonding on linux - sorry
<dkn> ya? i just liked the idea that one port could go bad, or one cable could get un pluggd and everything would keep working
<dkn> so the hard links filled things up did they?
<RoyK> the lack of hard links
<RoyK> 1,5TB used, while the source had 1,3TB
<RoyK> stopped it and added -H to rsync
<RoyK> installed 4 WD Black drives for holding this storage and found out a few hours later that adding a fan in front of them would be a jolly good idea - 65ËC isn't healty for a drive :P
<dkn> did google post a report.... 45 or something was better then 35?
<RoyK> I think I read something like that too
<RoyK> but 65 is a bit over the top
<RoyK> theyÃ¦re currently at ~40ËC
<dkn> the fans in our server could get used in a vacuum.... ear plugs NOT optional
<RoyK> 1U servers have very small fans, spinning at a very high rate... :P
<dkn> 16 disk 4U monster
 * RoyK has a couple of 45 disk 4U monsters :P
<dkn> they're hovering around 32ËC
<dkn> ouch
<dkn> 2.5"
<dkn> ?
<RoyK> well, it's two servers - 36 drives in the server chassises and 45 drives in their JBODs
<RoyK> front and back
<RoyK> supermicro stuff
<dkn> i think i saw that thing
<RoyK> 100TB net storage in each
<dkn> is the crane optional? or included to help you mount it in the rack?
<RoyK> hehe
<RoyK> it's not that heavy if you install it without the drives
<dkn> :P i know
<dkn> and you just run single nic's?
<RoyK> those ones uses 10Gbps
<dkn> fiber? or copper?
<RoyK> copper to the switch, single mode fiber from that datacentre to our main datacentre
<RoyK> bacula backup storage
<dkn> ahhh
<dkn> alright alright.... i'll drop the bonding...
<RoyK> bonding should work, though
<RoyK> that is, if it's correctly configured on the switch
<dkn> switch hasn't changed since i set it up last year, and it's been working great since yesterday :(
<dkn> i mean.... until
<RoyK> http://paste.ubuntu.com/704869/
<RoyK> dkn: that's one of the servers' raid config ;)
<dkn> wow.... 2 spares?
<RoyK> should suffice - all VDEVs are RAIDz2, so in theory, we can lose 22 drives without losing data
<dkn> ahhh
<dkn> and.... raidz2...? is that like raid 60?
<RoyK> raid6
<RoyK> and no, it's not running linux :P
<dkn> c'mon get gnome on there!
<dkn> imagine the media library you could have :)
<RoyK> http://paste.ubuntu.com/704872/
<RoyK> this is the real beast
<RoyK> only 24 drive slots, 24 gigs of memory, but with striped mirrors and SSDs for caching both reads and writes
<RoyK> fastest file server I've seen so far
<RoyK> cost us some NOK 43k
<dkn> is that the solaris system for ssd caching?
<RoyK> openindiana, so yes, solarisish
<dkn> cool
<RoyK> it's zfs' caching system
<RoyK> works on freebsd too
<RoyK> and there's a linux port, but I don't think that's very good (yet)
 * dkn dreams about SSD caching in linux
<RoyK> IIRC there's some in ext4
<RoyK> you can place the journal on an SSD
<RoyK> that won't affect reads, though
<dkn> i think i read something to that effect....
 * dkn drives all the way back to work get the networking..... working
 * dkn grumbles.... stupid netnotworking
<dkn> exit
<scalability-junk> I'm looking for a way to have automatic memory ballooning, but couldn'T find any docs. is it even possible?
<StevenR> scalability-junk: can you be more specific?
<scalability-junk> I want the memory of my kvm ubuntu setup to be dynamicly allocated so if guest a needs 1 gb in peak and it is available it will get it.
<StevenR> ahh. kvm. I'm not sure the hypervisor will do that
<scalability-junk> any other hypervisor capable of this?
<RoyK> scalability-junk: using virt-manager, you can set a minimum and maximum amount of memory available. is this what you mean?
<RoyK> that's on kvm
<scalability-junk> RoyK: sort of, I just want it to be automated, always check and allocated the needed memory, I don't think virt-manager is automating it
<StevenR> scalability-junk: http://www.linux-kvm.org/page/FAQ#Is_dynamic_memory_management_for_guests_supported.3F
<StevenR> might help
<scalability-junk> StevenR: not really the link is moved and not available anymore, the one for the balloon monitor
<scalability-junk> or is this something just supported and I wouldn't notice?
<StevenR> scalability-junk: I think so. according to that url, it depends on your guest OS
<scalability-junk> ubuntu 11.04 host and guest.
<StevenR> then it probably does
<scalability-junk> but I just don'T think it is automatic and I can't really test it
<StevenR> scalability-junk: virt-top may help you
<RoyK> scalability-junk: why would you use a non-LTS version for the server?
<scalability-junk> RoyK: I always upgrade anyway
<RoyK> scalability-junk: I usually find it wise to stick to LTS for servers
<scalability-junk> RoyK: I'm more the always the latest kind of guy ;)
<uvirtbot> New bug: #871297 in cloud-init (main) "uncloud-init updates.tar doesn't work" [Undecided,New] https://launchpad.net/bugs/871297
 * dkn jumps in victory
<dkn> network manager had cleared out the nameservers in /etc/resolv.conf
<palt> If I have created some groups on a server, is it possible to also create a user with the same name as the group? For example  have group02, can I also make a user name group02?
<dkn> yup
<palt> When I use adduser group02 I get an "error" saying that the group group02 already exists
<palt> That is "adduser group02"
<palt> Can I use any other commands or is there a switch I have overlooked for the adduser command
<episteme> exit
<episteme> oops
<dkn> adduser group02 group02 should create the user and the group at the same time and assign group02 as the primary group of the user group02
<dkn> errr... sorry
<palt> I still get the error message. The problem is that I have already created the group group02
<palt> But I think it could be usefull to be able to login as the group also
<palt> It's for an exercise many people will be doing on a server
<palt> So they have individual accounts, but I have created groups for them. But I think it would be convenient to be able to login as their group also
<dkn> ok
<palt> But if it is too much a hassle they are probably allright with just a user accunt and memebership in the same groups
<dkn> create the user group02 sudo adduser group02
<dkn> then assign the user to the group02 sudo adduser group02 group02
<dkn> to create a new group sudo adduser --group group03
<dkn> it's confusing though :)
<palt> But the command "adduser group02" complains that the group02 already exists. Yeah I know, I try to create the user and it complains about the group
<palt> But it seems like the more low-level command useradd worked
<palt> Oh... wait!
<dkn> no, it's saying the user group02 is already created, so now create the group with sudo adduser --group group02
<palt> adduser group02 --ingroup group02 seems to work :D
<palt> When I run "adduser group04" I get this out adduser: The group `group04' already exists.
<palt> But it seems to work if I use the useradd group04 --ingroup group04
<palt> But yeah, quite confusing :P
<palt> hurray :D
<dkn> indeed
<palt> It probably tries to be smart about users and groups and prevent me from mixing them up
<Bigbucks> Hello, any clue why a lot of commands on my VPS are not working correctly
<dkn> ok..... why would restarting cause the /etc/resolv.conf file to get regenerated by network manager..... when NetworkManager isn't installed anymore...
<uvirtbot> New bug: #871278 in nova (main) "Cannot attach volumes to instances if tgt is used" [High,Triaged] https://launchpad.net/bugs/871278
<Daviey> smoser: can you check out bug 871297 please?
<uvirtbot> Launchpad bug 871297 in cloud-init "uncloud-init updates.tar doesn't work" [Undecided,New] https://launchpad.net/bugs/871297
<scalability-junk> how do I run the command (qemu) info balloon in ubuntu?
<qman__> palt, when you adduser without specifying a group, it automatically creates a group by the same name and puts the user in it
<palt> qman__: Aaaahh.. so therefore it didn't like that the group was specified from before :)
<qman__> yep
<qman__> adding the user to an existing group without confirmation could have big implications, using a different group name automatically would be inconsistent, and prompting the user would ruin scriptability
<qman__> so erring out is the best option
<palt> I see. Yeah, my use case is probably a bit strange. I though of adding a group user after I had created the users so
<palt> *afet I had created the groups
<jeeves_moss> I have a "Ethernet controller: Intel Corporation 82543GC Gigabit Ethernet Controller (Fiber) (rev ff)" and I can't get the OS to see it. ideas on how I can find it?
<Kiall> Jeeves_: Odd - I would have thought that would be supported, since its one of the adapters VirtualBox can simulate (well .. its the same chipset anyway)
<Kiall> when you say the OS doesnt see it, what do you mean?
<jeeves_moss> Kiall, when I run an lspci, I get "00:0a.0 Ethernet controller: Intel Corporation 82543GC Gigabit Ethernet Controller (Fiber) (rev ff)"
<Kiall> Okay, and you have tried adding the interface to /etc/network/interfaces?
<jeeves_moss> but when I grep dmesg, I get "e1000: This is not a software error! Something bad happened to" "e1000 0000:00:0a.0: eth1: (PCI-X:33MHz:64-bit) 00:00:00:00:00:00" "e1000 0000:00:0a.0: eth1: Intel(R) PRO/1000 Network Connection"
<jeeves_moss> and I can use "ifconfig eth1 up" to bring it up.  I've tried adding it to the interfaces list, and it won't come up
<jeeves_moss> the reason I want to use it is for my NAS
<Kiall> Oh .. Are you sure the card is working? ("This is not a software error")
<jeeves_moss> Kiall, the card was pulled from a knowen working envoriment
<jeeves_moss> the issue is that I have the 64bit card plugged into a 32bit slot
<jeeves_moss> and when I use the "ifconfig eth1 up", I get "SIOCSIFFLAGS: Cannot assign requested address"
<Kiall> a 64 bit card, assuming it fits (older PCI-X slots wont accept it), should *generally* would ..
<jeeves_moss> yep, it fits.  and the card was functioning in a 32 bit slot in the device it was pulled out of
<Kiall> Its possible - ah .. scratch that idea then
<jeeves_moss> ??
<Kiall> I was going to say maybe that card is incompatible with 32 bit slots ..
<Kiall> but you beat me to it ;)
<jeeves_moss> lol.  it's just weird that the OS "sees" it, but won't "use" it
<Kiall> Well - the OS sees it, and believes there is a hardware error so is refusing to use it
<Kiall> was it taken from another linux box?
<jeeves_moss> hmmm.  I don't want to rip other hardware apart to get a gig card.  :-(
<jeeves_moss> ok, let's try a "new" card.  <rolls eyes>
<jeeves_moss> Kiall, now, let's see if it like a Sun systems MMF card any better
<jeeves_moss> weird, it likes the Sun card.  LOL
<Kiall> typical ;)
<jeeves_moss> argh, it causes ssh issues
<jeeves_moss> grrrr.  time to rip out the card in my other server that's a 32 bit
<dkn> is it better to put the uuid, or the /dev/mapper/udisks-luks-uuis-yadayada in fstab if i want to automount an encrypted lvm?
<dkn> automount on boot that is
<SpamapS> dkn: I'd use UUID=xxx ... but it probably isn't that critical of a decision
<dkn> i guess both will be visible if it's set to remember the pass on the server
#ubuntu-server 2012-10-01
<Wyleyrabbit> can anyone suggest a place to get help with an LTS upgrade problem?
<pmatulis> Wyleyrabbit: this is a good place for you
<Wyleyrabbit> pmatulis, really? I asked a question about an hour ago and got no response.
<Wyleyrabbit> OK, I upgraded a server from 10.04 LTS to 12.04 LTS, and now my database-driven website doesn't work.
<Wyleyrabbit> seems the CMS (Called MODx) cannot create a database connection.
<Wyleyrabbit> not sure if related, but an apache module called "fcgi" continually segfaults.
<Wyleyrabbit> everything was working before the upgrade.
<pmatulis> Wyleyrabbit: when you try to start apache it doesn't work or only crashes when it is solicited/used?
<Wyleyrabbit> only when solicited
<pmatulis> Wyleyrabbit: and solicited using mysql/php?
<Wyleyrabbit> right
<pmatulis> Wyleyrabbit: i would begin by looking for error messages in mysql/php logs
<pmatulis> Wyleyrabbit: does mysql start?
<Wyleyrabbit> Apache logs show lots of these:
<Wyleyrabbit> "[error] mod_fcgid: process /home/domain/fcgi-bin/php5.fcgi(30368) exit(communication error), get signal 11, possible coredump generated"
<pmatulis> Wyleyrabbit: i would begin by assuring that mysql and php are in good shape, then look at apache side
<Wyleyrabbit> yeah, Mysql starts fine.
<Wyleyrabbit> and I can install and use an old version of the CMS.
<Wyleyrabbit> seems the new version uses "xpdo" or something to talk to database, and that seems to be a problem now.
<pmatulis> Wyleyrabbit: ah ok, when you upgrade your cms everything goes pear-shaped?
<Wyleyrabbit> ha ha ha
<pmatulis> Wyleyrabbit: is that the case?
<Wyleyrabbit> just testing exactly that.
<pmatulis> Wyleyrabbit: ok
<Wyleyrabbit> set up a new subdomain for testing, installed version 1.x of cms, and it worked fine.
<Wyleyrabbit> will know in about 3 minutes about upgrading to 2.x
<Wyleyrabbit> pmatulis, argh. php having issues. Setup for Modx 2.x is saying date.timezone setting isn't set (it is!!!).
<Wyleyrabbit> anybody know where php5 logs its errors (in Ubuntu 12.04)?
<pmatulis> Wyleyrabbit: i believe that is set in the main/global PHP config file.  forget where that is.  you shouold also be able to increase verbosity in the same file (if needed)
<pmatulis> Wyleyrabbit: but it's prolly a known issue.  might head over to the modx community (if it exists)
<pentagon> 37.9.53.2
<pentagon> leadpile.com
<pentagon> How is it making a reverse vnc connection past ufw
<pentagon> 37.9.53.2RURussian Federation66Saint Petersburg CitySaint Petersburg59.894430.2642Petersburg Internet Network ltd.Petersburg Internet Network ltd.
<planet> what is the quickest way of stripping ubuntu server of everything not needed for the bare system to run
<sanderj> When I boot ubuntu 12.04 it says I cant find "bnx2-mips-09-6.2.1a.fw"
<sanderj> ,  but it's located inside /tmp/lib/firmware/3.2.0-24-generic/bnx2
<sanderj> I'm wondring how I repack initrd
<RoyK> sanderj: man mkinitramfs
<sanderj> RoyK, when I extracted the initrd. The file it was complaining about is there. Do you know what could be wrong then?
<RoyK> dunno...
<jacobw> hi, i'm trying to make a preseed, how can i generate a hash to use at the root password value?
<melmoth> mkpasswd ?
<jacobw> thanks
<RoyK> jacobw: using that alone, only generates the des-56-encrypted password - better use -m something-cool
<sanderj> How do I create a mkinitramfs for a diffrent architecture? mkinitramfs only does it on the same.
<sanderj> Is it just a matter of spesifying the correct kernel?
<eagles0513875_> hey guys i have dovecot + postfix for email how can i set it up to use multiple domains ?
<mld> eagles0513875: tried googling it? have a look at http://library.linode.com/email/postfix/dovecot-mysql-ubuntu-10.04-lucid
<mld> eagles0513875: here's another take on it: http://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/
<ikonia> eagles0513875: you've set this up befor e- we've been thorugh it before
<ikonia> why are you not doing the same as your server that worked
<hallyn> smb: awesome, good idea on the saddr=daddr=0 patch :)
<smb> hallyn, It is a bit poking in the mud... At least it works with the testcase... :-P
<hallyn> smb: do you have a kernel built in ppa?
<hallyn> stgraber and SpamapS were able to hit it very quickly, so confirmation from them would go a long way (of course 'i didn't hit it' won't be "proof" :)
<smb> hallyn, No I only got 64bit testkernel debs right now which will puke a lot of messages
<smb> I could shove them over to people if they want to
<hallyn> smb: i think it'd worthwhile
<smb> ok
<hallyn> (given what you'd posted in the bugzilla before)
<smb> stgraber, SpamapS, hallyn, http://people.canonical.com/~smb/clonetst
<stgraber> smb: thanks! I'll try that one once I'm done going through my e-mails.
<randomDude> Just physically moved server location, one of my cloud servers had a firewall rule allowing ssh access only from a specific ip address (which i no longer have access to), I do however have the cloud server offlined and its harddrive attached to a recovery server and mounted at /mnt/recovery... can I edit a file to reset the firewall rules ?
<hallyn> randomDude: depends how you were loading the rule before.  if using ufw, check ufw-framework manpage
<randomDude> hallyn: it was with zentyal
<randomDude> perhaps if i put a `ufw reset` somewhere in the init scripts after zentyal has loaded all its bits?
<stgraber> smb: running your test kernel now, will do a bit of stresstest today (rebuilding all my test containers, playing with arkose/lxc-start-ephemeral to see if I can make something bad happen)
<smb> stgraber, Ok cool. Lets see what happens. Though I somewhat still hope to get some upstream feedback... :)
<smb> Daviey, Seems you where not adventurous last Friday... ;)
<Daviey> smb: oh?
<Daviey> the upload, ah :)
<smb> :)
<ziggyzero> Can anybody help me with installing mod_proxy_html v3.1 so I get rid of the Invalid command 'ProxyHTMLEnable', perhaps misspelled or defined by a module not included in the server configuration error message
<mercsniper> Do you know how to compile from source?
<mercsniper> Ziggy
<ziggyzero> mercsniper: sorry I was trying to ask the same question in httpd too
<ziggyzero> mercsniper: but it won't let me post :-(
<mercsniper> I have no idea on httpd channel
<mercsniper> but do you know how to compile?
<ziggyzero> mercsniper: I've seen instructions on how to compile the c source using the apache module compiler but I have not done it before, no.
<mercsniper> I have not compiled with apache, but I know how to compile using gcc
<ziggyzero> mercsniper: I am paranoid about breaking apache2 package that I installed via apt-get :-|
<ziggyzero> mercsniper: basically I just want to proxy to an internal web server, but atm it's redirecting to absolute paths
<ziggyzero> mercsniper: I am led to believe that mod_proxy_html 3.1 will resolve the issue but apt-get repository only has 3.0.11
<mercsniper> see this http://www.apachetutor.org/admin/reverseproxies
<SpamapS> smb: installing your test kernel now
<ziggyzero> mercsniper: He's using Apache 2.2 and mod_proxy_html 3.1
<ziggyzero> mercsniper: I also want to use mod_proxy_html 3.1
<mercsniper> that article details how to install the module with the apxs command
<ziggyzero> mercsniper: ProxyHTMLEnable On   and ProxyHTMLURLMap  /      /app1/ are the lines are need
<ziggyzero> mercsniper: Ah, I see the section 'Building Apache for Proxying'
<mercsniper> then after that section it mentions how to compile the module
<mercsniper> using apxs
<ziggyzero> mercsniper: I am paranoid about breaking apache2 package :-|
<mercsniper> how would you break it
<mercsniper> the module is only activated if you have the ProxyHTMLEnable on
<mercsniper> building the module will not inherantly break it
<mercsniper> the apxs command just builds it
<mercsniper> but you need to know if your version has the apxs command by
<mercsniper> "which apxs"
<ziggyzero> mersniper: I don't have apxs installed. Also not in the repository
<ziggyzero> mercsniper: I also have another problem (unrelated to the proxy one)
<ziggyzero> mercsniper: I have a SAMBA share setup on another server. I automount this in FSTAB, which works fine
<ziggyzero> mercsniper: I map this using an account called Bill with 755 privilges.
<mercsniper> ok
<ziggyzero> mercsniper: But when Bill created files and folders on the share the privileges it creates them with is 700, but I want 755 so others have readonly access
<mercsniper> to install apxs: http://knowledge-republic.com/CRM/2011/09/ubuntu-missing-apxs-fo-compile-apache-module/
<ziggyzero> mercsniper: Thanks mercsniper, I'll install that now
<ziggyzero> mercsniper: on my other issue the automount command I am using is: //192.168.1.2/docs /mnt/docs cifs auto,iocharset=utf8,uid=bill,gid=staff,credentials=/root/.cifscredentials,file_mode=0755,dir_mode=0755 0 0
<ziggyzero> mercsniper: but when bill creates files they are created with 700. The umask is showing as 0022. Any advise also appreciated
<SpamapS> smb: any help on how I can run that test kernel of yours with bcmwl ?
<SpamapS> smb: I get a build failure from dkms complaining about GPL/non-GPL
<smb> SpamapS, Did you install all of the debs? I am cheating there a bit because it would otherwise need an ABI bump
<SpamapS> smb: yes installed them all
<SpamapS> smb: http://paste.ubuntu.com/1254068/
<SpamapS> smb: http://paste.ubuntu.com/1254069/
<SpamapS> smb: second one is the dkms fail
<smb> SpamapS, Hm, ok. Can you paste me the error that dkms complains about? Wonder whether it is because of the the lockdep enablement... ok thanks
<SpamapS> smb: can I assume then that I can't just cheat and copy the one from -16?
<smb> SpamapS, Yeah sounds like wl cannot be compiled when the kernel has lockdep enabled. *sigh*
<SpamapS> OH
<smb> SpamapS, Nothing guaranteed but its worth a try
<smb> Though I fear that the module abi hashes don't match and so it won't work
<SpamapS> smb: can I just lie to dkms that wl is gpl compatible somehow?
<SpamapS> I promise I won't distribute wl.ko to anybody except me ;)
<smb> SpamapS, Never tried it... not sure its enough to modify the MODULE_LICENSE line in the source code, but you could try
 * smb did not say that and denies any recollection of the incident
 * xnox that's what she said.... we have logs!
<xnox> http://www.xkcdb.com/logo.png
<CharlieSu> Hi all.  I'm running Ubuntu Server on one of my servers that acts as a SFTP server and I'm noticing that it is starting to take a long time to login.  The console-kit-daemon process is eating up a lot of CPU.  What does this process do?
<holstein> login? or boot?
<Jeeves_> CharlieSu: Good question. I've been wondering about that for some years now
<Jeeves_> No manual entry for console-kit-daemon
<SpamapS> smb: well I don't have any non-bcmwl machines here.. so, can't test your kernel. :-/ (changing MODULE_LICENSE caused breakage elsewhere)
<chmac> How can I disable the auto update check? Can only find instructions that involve clicking in the forums, etc.
<holstein> http://askubuntu.com/questions/172524/how-can-i-check-if-automatic-updates-are-enabled seems relevant chmac
<SpamapS> smb: hang on, don't start a non-lockdep build or anything, I might have it..
<smb> SpamapS, Oh I was not (even yet) ;)
<SpamapS> ok booted and testing now
<CharlieSu> Jeeves_: https://bugs.launchpad.net/consolekit/+bug/284229
<uvirtbot> Launchpad bug 284229 in consolekit "console-kit-daemon using a lot of cpu" [High,Fix released]
<chmac> holstein: Awesome, that looks like exactly the ticket, thanks a lot. :-)
<stgraber> hallyn: FYI (not sure it's really worth spending a lot of time on), having commented fstab entries make lxc-start-ephemeral fail, at least on 12.04
<stgraber> hallyn: found that out while helping one of the unity guys debug a broken lxc :)
<SpamapS> smb: [  701.391431] unregister_netdevice: waiting for lo to become free. Usage count = 2
<SpamapS> smb: not fixed :(
<SpamapS> root     13315  0.0  0.0  27532  1112 ?        Ds   08:57   0:00 lxc-start --daemon -n clint-local-ci-u2-0 -l DEBUG -o /home/clint/.juju/data/clint-loc
<smb> SpamapS, It would be nice if you could send me the full dmesg somewhere
<smb> Could be just not the case of daddr=saddr=0
<SpamapS> [  821.326828] rt-key: hash=fa11 daddr=7259bd5b saddr=600a8c0 oif=0
<SpamapS> smb: recreate with base LXC tools..   lxc-create -n foo -t ubuntu-cloud -- -r precise  ; lxc-start -n foo ; lxc-stop -n foo ; lxc-destroy -n foo ; # Usage count = 2 starts printing
<smb> SpamapS, Yeah, I guess that means that preventing any route is not the way forward... Rather needs the route cache purged at some point...
<SpamapS> smb: is there a command that can be run to purge the route cache manually?
<smb> SpamapS, Maybe /proc/sys/net/ipv4/route/flush...
<smb> echoing 1 into
<SpamapS> smb: that doesn't seem to do anything unfortunately :-/
<smb> SpamapS, Darn, ok, back to thinking... But thanks for testing
<SpecialEd> Hi, would anyone know of a good Ubuntu 12.04 VPS hosting company that is physically located in Amsterdam?  I am hoping to configure this VPS to receive LVM Snapshots of my production VPS for use as a failover. I currently have a VPS hosted in France $15USD/mo 512MB RAM, 100GB HDD, 100Mbps uplink...     If this is NOT the place to ask I apologize, any suggestions where I should ask would
<SpecialEd> be greatly appreciated!  Thanks :)
<RoyK> SpecialEd: I don't think it's the politically correct place to ask, but I don't know if too many bothers - why does it have to be in Amsterdam, when the internet contains so many other species?
<SpecialEd> I like the netherlands :)
<SpecialEd> for real, its a customer request, don't understand the full scope of it to be honest
<SpecialEd> something to do with needing to have a hot site that is specifically so many miles away
<RoyK> np
<SpecialEd> and I know what you were thinking :P
<RoyK> really, all I was thinking was that it doesn't matter much for me where a VPS is, physically, so long as the setup is stable and latency isn't too bad
<SpecialEd> true
<SpecialEd> may I ask what country your from?
<SpecialEd> Im in the states, and I used to work for a data backup company that was all ubuntu driven creating Windows VMs and storing them in an 8 petabyte cloud
<SpecialEd> so, given the country your from I can probably tell you reasons why physical location matters (mostly to idiot auditors and government regulations)
<SpecialEd> but I personally think at your level with that :)  as a veteran of the disaster recovery field I can tell you that 80-90 % of disasters are the result of human stupidity :)
<bananapie> I used the network interfaces on my ubuntu 10.04 to setup network bonding. I have eth1 and eth3 as slaves. I am using active backup ( mode 1 ), when the server boots it uses eth3 as the primary and eth1 as the backup. I want eth1 as the primary and eth3 as the backup. Anyone know how I can fix this ?
<SpecialEd> not sure what the best suggestion would be, but maybe fooling the NIC order in /etc/udev/rules.d/70-persistent-net.rules  ?
<sarnold> bananapie: I was thinking vaguely along SpecialEd's line of thought, though thought about fiddling with the order in /etc/network/interfaces
<SpecialEd> yeah network interfaces would definitely be the place to start
<bananapie> You think it's because eth3 is being brought up first ?
<RoyK> what parses networking interfaces, btw?
<SpecialEd> I dont mind building a 10.04 vm real fast to try for ya
<SpecialEd> and I dont believe /etc/network/interfaces is parsable
<smoser> kirkland, ping
<bananapie> Physically changing the wires at this point is complicated because the server is 350 kilometers away. I had a look at persistent rules, I see that eth1 and eth0 are listed before eth2 and eth3
<SpecialEd> sorry, can't do the VM, just realized i dont have my host machine's second nic available
<bananapie> eth1 is using tg3 ( according to comment ) and eth3 is sundance ( according to the comment )
<SpecialEd> u mind doing a pastebin of /etc/network/interfaces  ?
<SpecialEd> I've had to deal with VERY remote network troubleshooting like this, its like walking on eggshells ...
<bananapie> Yes
<bananapie> fortunately, this machine has something called 'ilo' and is non-critical.
<bananapie> http://pastebin.com/3Agq0jCW
<SpecialEd> actually i can bridge two virtual nics to a physical and replicate it
<SpecialEd> yeah, but if it breaks it still sucks to have to troubleshoot it with an end user (if your lucky to have that )
<bananapie> the network interfaces file is the same as another machine, I think my problem is related to the difference in drivers on the cards.
<SpecialEd> i got a 10.10 server 64bit ISO locally on this machine, that should be close enough to 10.04 i think
<bananapie> Yea, networking stuff doesn't change a lot
<RoyK> SpecialEd: 10.10 isn't supported anymore, though
<SpecialEd> yeah b/c 10.04 was lts
 * RoyK only uses LTS for servers
<SpecialEd> but since im gonna try and replicate his issue real fast in a vm it should be close enough
<SpecialEd> for this issue
<SpecialEd> yeah, I'm pretty much all 12.04 myself right now
<bananapie> I am hoping to migrate to 12.04 on my servers in the new year.
<RoyK> I still have a few machines/VMs on 10.04 and even an old hardy installation
<SpecialEd> hardy was what 8.04 ?
<RoyK> mhm
<SpecialEd> i think that was my first intro to ubuntu
<bananapie> I had a hardy installation, we wiped it out this morning :D
<bananapie> my first intro was version 5 something, 5.10 maybe ?
<RoyK> problem is - that hardy installation runs zimbra on 32bit and migrating that to 64bit is a PITA, so I haven't gotten around to it yet...
<SpecialEd> still installing the OS btw, almost done
<bananapie> I think I found the problem, I think the network cards I installed don't support bonding properly and can not read the status of the card.
<hallyn> stgraber: is that with the bash or python version of lxc-start-ephemeral?
<bananapie> and that's mixing up bonding
 * RoyK thought bonding was done in software...
<bananapie> yea, but the monitoring ( miimon ) has hardware stuff, no ?
<RoyK> bananapie: what sort of NICs are these?
<bananapie> 10/100 mbps pci cards ( it's an older server )
<RoyK> what chipset?
<bananapie> I think it's an HP DL380 g4, eth 3 is a cheapo card from an electronics store.
<RoyK> lshw will tell
<bananapie> hang on
<bananapie> rebooting
<bananapie> I think I found a solution.
<stgraber> hallyn: bash
<SpecialEd> are eth0 and eth2 in another bond?
<bananapie> yes
<stgraber> hallyn: python should be unafected (didn't try though)
<bananapie> ok
<bananapie> I am uploading my solution to pastebin
<SpecialEd> vm is up
<bananapie> http://pastebin.com/xrmQryyf
<SpecialEd> im in bash shell
<SpecialEd> and playing with it now
<bananapie> I used bond-arp instead of bond-miimon, and it boots with the proper card. I think that whatever miimon is using is not working properly on the card.
<bananapie> Thanks for your guys' help :D
<SpecialEd> not sure bout this...
<SpecialEd> network 192.168.2.0
<SpecialEd> shouldn't that line be:
<SpecialEd> gateway 192.168.2.0
<SpecialEd> ?
<RoyK> no, .0 is the network address with 24bit mask
<RoyK> gateway is the address of the router on the network
<SpecialEd> kk
<SpecialEd> i can't test ur static route in there
<SpecialEd> and im replicating ur config on a 10.
<SpecialEd> failed to bring up bond
<SpecialEd> hmm
<SpecialEd> 1 sec
<bananapie> The file '/sys/devices/virtual/net/bond1/slave_eth3' contains 'unknown', it should say 'up'. Anyone know where I need to go next ?
<Daviey> zul: wtf is openstack-resource-agents ?
<zul> Daviey: its the openstack HA stuff that roaksoax was working on
<zul> roaksoax: ^^^
<roaksoax> Daviey escoex talk al
<roaksoax> err
<Daviey> zul / roaksoax: bug 1054022 needs more data before i can even consider reviewing it.
<uvirtbot> Launchpad bug 1054022 in ubuntu "[FFe] [needs-packaging] openstack-resource-agents" [Wishlist,Incomplete] https://launchpad.net/bugs/1054022
<Daviey> roaksoax: Has it been uploaded to Debian yet?
<roaksoax> they are scripts that allow monitoring of openstack components in pacemaker based clusters
<roaksoax> Daviey not yet
<Daviey> roaksoax: For universe ?
<roaksoax> yes
<vikram> hello... I am using Tomcat 7.0.29 ... my question is why we need to restart tomcat after making configuration changes ( changes to .properties file ) ......???
<sarnold> vikram: does tomcat not provide a SIGHUP-style reload-configuration-please trigger?
<vikram> sorry .... i am new to tomcat .... let me search it ..
<Daviey> zul: ./run_tests .. -P .. what does the P do now?
<zul> ignores the pep8 tests
<adam_g> jamespage: around?
<Daviey> zul: oh, cool
<Daviey> zul: is it not pep8 clean now?
<zul> Daviey: it is but not for the version we ship in quantal/precise
<Daviey> zul: suck
<Daviey> thanks
<vikram> sarnold: r u talking about "reloadable" attribute of Tomcat's Context ??
<sarnold> vikram: most servers allow you to do something as simple as 'kill -SIGHUP `pidof servername`' and they'll reload their configuration file.
<jacobw> i want to learn about juju, where's are the resources collated?
<vikram> sarnold:  'kill -SIGHUP `pidof servername` means they will stop the server ... i want to apply configuration changes without restarting the server
<sarnold> vikram: that's the thing; since the "modem hangup signal" doesn't mean anything to servers the clear majority of servers use SIGHUP to ask for configuration reload.
<sarnold> vikram: see here, the signal handler installed will catch SIGHUP and schedule a configuration file reload: http://www.mail-archive.com/tomcat-dev@jakarta.apache.org/msg11338.html
<b0ot> What's the easiest way to keep email servers fully synced?
<Jeeves_> Ehm, need more info
<Jeeves_> define email servers
<b0ot> So, when users send email it stores all the email until they are able to get online
<b0ot> essentiall store and forward messenging
<RoyK> b0ot: all servers do that
<b0ot> RoyK, I need all the servers to fully duplicate all email though
<b0ot> so any user could connect to any server to get their mail
<RoyK> then you need some sort of cluster
<RoyK> DRBD could do it, perhaps glusterfs, or if you're not worried about redundancy, NFS will work
<smoser> Daviey, https://launchpad.net/ubuntu/+source/cloud-initramfs-tools/0.18-ubuntu1/+build/3869162
<smoser> does that need some "ack" ?
<smoser> it has been built but not copied to archive for ~ 1 hour
<Daviey> smoser: yes, you can see because https://launchpad.net/ubuntu/+source/cloud-initramfs-tools/0.18-ubuntu1 shows (New)
<Daviey> smoser:  cloud-initramfs-dyn-netconf_0.18-ubuntu1_all.deb
<smoser> right. that is a new binary package.
<Daviey> smoser: accepted
<hallyn> zul: adam_g: hey, have either of you ever run into bug 985489?  if so, can you also repr it with lxc, or only kvm?
<uvirtbot> Launchpad bug 985489 in nova "nova-compute stops processing compute.$HOSTNAME occasionally on libvirt" [High,Confirmed] https://launchpad.net/bugs/985489
<zul> hallyn: i havent but i dont run a canonistack in my basement
<stgraber> smb, SpamapS: flushing the route cache in /proc/sys/net/ipv4/route/flush would likely only work if done from the right network namespace
<stgraber> so the idea might still work, it's just that you'd need to run that against the "stuck" network namespace, which is relatively tricky to do (especially as it's in a pretty weird state, so not sure we can actually attach to it)
<hallyn> zul:  i thought you did
<TLoT> anyone here want to help confirm/refute a php5-fpm bug?
<TLoT> just asking because it being confirmed determines if i upstream it to debian :p
<zul> hallyn: nope
<TLoT> https://bugs.launchpad.net/bugs/1059272  <-- for those who want to help see if this actually happens
<uvirtbot> Launchpad bug 1059272 in php5 "php5-fpm init.d script does not return when php5-fpm  is started or stopped" [Undecided,New]
<lamont> anyone want to claim significant dnsmasq knowledge?
<hallyn> smb: have you tried (a) bisecting or (b) reproducing the bug with and without the commit removing the routing cache?  (i.e. at commits 89aef8921b and 89aef8921b^) ?
<hallyn> zul: anyway i'm trying to decide if i need to try and do a full kvm based cluster to test (hoefully i can do that with 2 laptops?) or if i can do it with lxc with just one
<hallyn> i guess i'll try with lxc and see what i get
<zul> hallyn: hmmm...i can try to reproduce it as well
<hallyn> zul: that'd be great.  i suspect it's present in precise and fixe din quantal.  (bc several nastybugs were solved there)
<zul> yeah
<ziggyzero> Hi does anybody know anything about libxml2?
<ziggyzero> I have run apt-get install libxml2 but it has not given me the file I need.
<ziggyzero> I was hoping to have /usr/lib/libxml2.so
<hallyn> ziggyzero: maybe /usr/lib/x86_64-linux-gnu/libxml2.so.2.8.0 ?  check 'dpkg -L libxml2' to see what files it ships
<ziggyzero> hallyn: Thanks, found it at /usr/lib/x86_64-linux-gnu/libxml2.so
<SpamapS> stgraber: is that something we could work into lxc-stop as a workaround?
<smw_> Hi all, how can I regenerate the default config for a package?
<smw_> I deleted my /etc/apache2 dir and I want to make it the default again
<stgraber> SpamapS: not in lxc-stop but in lxc-start, probably. (lxc-stop essentially just pokes lxc-start asking it to kill the container)
<stgraber> hallyn: ^
<SpamapS> smw_: its not generated, it is stored in the package.. you can remove the files and dpkg -i --force-confmiss file.deb ...
<SpamapS> stgraber: *ah*
<stgraber> hallyn: having lxc-start flush the routing tables of the netns (if not sharing the host's) when destroying the container
<smw_> SpamapS, I don't have the deb file though...
<SpamapS> stgraber: so perhaps as something to do right after tearing down the network, the route cache could be flushed? It seems like a reasonable workaround given the impact and nature of the kernel bug (and how close we are to kernel freeze.. ;)
<smw_> SpamapS, and yes, I know it is not generated, I just want it to pretend it is installing apache2 for the first time
<SpamapS> smw_: you should be able to get it. It may even still be in /var/cache/apt/archives
<smw_> ah, right
<smw_> I guess I can just unzip the deb and install the etc files manually
<SpamapS> smw_: actually for that you can do  dpkg -i --force-confask --force-confnew apache-common_x.y.z-a_arch.deb
<smw_> SpamapS, it works, thanks
<smw_> sudo dpkg --force-confmiss -i apache2.2-common_2.2.22-1ubuntu1_amd64.deb
<hallyn> stgraber: worth a shot
<hallyn> stgraber: note that won't help in.vsftpd (which *should* have the problem too)
<hallyn> perhaps we can do it in the kernel, at exit_net_ns
<SpamapS> that seems more comprehensive
<SpamapS> essentially if we know where the route cache causes problems, just flush it right after that point
<hallyn> smb: ^ do you know offhand how you would do that?
<mkeys> I have a ntfs formatted usb hard disk, /dev/sdc1 at the moment, and want to automount it at boot. It seems I must do a manual replug of the device for it to "see" the disk, it automounts it as /media/Seagate when I do. I snagged the uuid of the disk and put it in /etc/fstab, but like I said it doesn't see it without a manual replug and I'm forced to "press S to skip" at grub boot. Any suggestions?
<sarnold> mkeys: if you set the 'auto' column to '0', you'll at least avoid the "Press S to Skip" prompt. Perhaps it'll even magically mount once the USB modules have loaded? (perhaps they load after fstab has been parsed?)
<mkeys> fstab line is : UUID=D6D4E78DD4E76E65 /usbhd ntfs defaults 0 0
<mkeys> uuid looks strange compared to the others, is that normal?
<sarnold> that _is_ a funny looking UUID
<mkeys> from blkid : /dev/sdc1: LABEL="Seagate Backup Plus Drive" UUID="D6D4E78DD4E76E65" TYPE="ntfs"
<mkeys> mkeys@server:~$ sudo grub-probe -d /dev/sdc1 -t fs_uuid
<mkeys> D6D4E78DD4E76E65
<sarnold> mkeys: is sdc1 mentioned in your grub configuration?
<hallyn> stgraber: SpamapS: we can't exactly flush the caches from end of lxc-start, of course, bc 'exec' doesn't return.
<stgraber> hallyn: hmm, right, so kernel would be our best bet (though I'm not fond of the idea of getting a workaround like that in the kernel)...
<stgraber> SpamapS: I guess you could at least check that putting the flush line that smb gave you in a very late upstart job (in the shutdown sequence) indeed "fixes" it for you
<stgraber> SpamapS: having a job that brings down all interfaces (ifdown -a) and then flushes the routing table should avoid the issue (if it's indeed where we think it's)
<mkeys> sarnold : not that I can find
<hallyn> stgraber: well, we'd be saying "flush the routes from this netns", since the netns is going away presumably that should be done anyway
<sarnold> mkeys: makes me wonder if the UUID is being used at all by the tools. (Since it doesn't match the usual UUID format...) Perhaps try a /dev/disks/by-id/... link in the fstab instead?
<SpamapS> stgraber: hm. so if that doesn't run and we forcibly stop a container.. there's no recovery except reboot. :(
<stgraber> hallyn: indeed
<stgraber> SpamapS: yeah, you'd have to live with lxc-shutdown for the time being
<hallyn> smb` is probably eod, lemme go see if i can figure out whether what i'm saying even amkes any sense
<mkeys> sarnold : so happens the uuid is the same in /dev/disk/by-uuid for sdc1. in by-id there's a wwn id for it
<mkeys> wwn-0x5000cca34dd7edd6-part1 -> ../../sdb1
<mkeys> whoops wrong one
<mkeys> wwn-0x5000c50049a5812c-part1 -> ../../sdc1
<sarnold> mkeys: aha, seagate :) http://en.wikipedia.org/wiki/World_Wide_Name
<sarnold> (not that that means anything. It's just neat to find.)
<mkeys> sarnold : works ok once it boots to desktop i can partprobe, mount -a, and then /usbhd/* exists
<SpamapS> stgraber: thats pretty ugly. :-/
<sarnold> mkeys: that still sounds like a lot of work. :/
<mkeys> don't know how to force grub/kernel to look for it at boot
<SpamapS> hallyn: "netns is going away" ?
<hallyn> SpamapS: when the contaienr goes away, the netns goes away
<mkeys> sarnold : hmm http://www.novell.com/coolsolutions/tip/17785.html
<sarnold> heh, I don't think I've ever added 'hotplug' to an fstab line before..
<hallyn> SpamapS: something like http://paste.ubuntu.com/1254876/
<mkeys> must be a suse thing
<mkeys> Oct  1 17:45:51 server udevd[3783]: invalid rule '/etc/udev/rules.d/99-mount.rules:2'
<SpamapS> hallyn: makes sense to me
<hallyn> SpamapS: doing a test build;  i suspect the main question is: do we get to the point of freeing the struct net, and do that leaving route entries orphaned, or do we not get to that point (in which case my patch won't help) bc of the left-over entries?
<hallyn> but it's worth a shot.  will get back to you
<SpamapS> hallyn: let me know if you want me to test
<SpamapS> hallyn: you can reproduce w/ lxc-stop right?
<hallyn> SpamapS: only once in a long while.  i'll shout if it works at all so you or stgraber can test :)
<mkeys> testing hotplug, brb
<SpamapS> hallyn: I get it nearly every time
<hallyn> SpamapS: well while my build test runs, i went ahead and pushed to ppa:serge-hallyn/lxc-natty (figuring that wont' step on anyone's toes :)  so if it works it should be available there "in awhile"
<mkeys> ok, i take that back. partprobe does not see it. manual unplug/replug and then it shows up in dmesg
<mkeys> is there a way to force a usb bus scan?
<mkeys> I'll try modprobe usb-storage manually, brb
<lamont> smoser: around?
<mkeys> still have no idea how to force a bus rescan. http://pastebin.com/27MNbwFd
<sarnold> mkeys: hrm, try udisks --poll-for-media /path/to/dev ? Perhaps that can poke the disk in the eye and get its attention?
<protoCall7> Hi All, I am working with a Cobbler setup which has created a local repository mirror (via debmirror) for me, and I would like to add custom packages to it, however all of the documentation I'm finding is leading me to believe that this isn't really possible
<protoCall7> could someone either confirm that, or point me in the right direction to research the proper way to go about doing this?
<sarnold> protoCall7: probably easier is to run a separate repository for your own packages
<sarnold> (since Releases.gz is signed and all that, trying to inject packages into a mirror sounds like more work than it is worth -- but setting up a new repository is not horrible)
<protoCall7> sarnold:  That is accomplished using reprepro, correct?
<sarnold> protoCall7: no idea about "reprepro" :) sorry
<protoCall7> no worries, i
<protoCall7> ve at least got a starting point for research
<protoCall7> thanks!
<sarnold> have fun :)
#ubuntu-server 2012-10-02
<daniel_-> somebody can help me? my log files e.g. auth.log syslog mail.log are all empty except the same files with a trailing number e.g. auth.log.1
<daniel_-> is this wrong? :/
<sarnold> daniel_-: a great many of my log files are also size 0, seems normal enough
<qman__> daniel_-, that just means nothing has happened that needs logging since the last time logrotate ran
<sarnold> daniel_-: I think there was an update to the standard syslog rules that reduced the number of logged files, and probably logrotate doesn't know to stop making new ones...
<sarnold> (though my empty wtmp is surprising..)
<daniel_-> but there happened alot to auth.log, but all goes into auth.log.1
<daniel_-> I mean like sshd attempts
<qman__> daniel_-, it goes into auth.log, but nothing has happened since the last time logrotate ran
<sarnold> daniel_-: the .1 version gets _new_ entries??
<qman__> which could have been a minute ago
<daniel_-> sarnold: yes the .1 gets new entries
<daniel_-> all *.1 get the new entries. But I guess then its the default
<mkeys> so still having this problem, ter in #udev suggest ubuntu support. :)
<mkeys> (unable to enumerate usb disk at boot)
<sarnold> daniel_-: if new entries are going into the .1, that is a mistake. rsyslog _should_ have closed those files after the logs rotated. Hrm.
<sarnold> daniel_-: which log files are open in: sudo lsof -p `pidof rsyslogd`   ?
<sarnold> mkeys: some more options, you could try askubuntu.com or file a bug in launchpad (if you can be confident of which package is failing you in which way)
<daniel_-> sarnold: alot of *.1 are open
<sarnold> daniel_-: I'd suggest filing a bug. That's not supposed to happen.
<sarnold> (perhaps someone already has filed a bug?)
<daniel_-> alright! thx for your help sarnold!!
<sarnold> daniel_-: in the meantime, a "kill -HUP `pidof rsyslogd`" _should_ fix those.
<daniel_-> now a writing to auth.log has begun
<daniel_-> *.1 are killed
<daniel_-> thx man!
<sarnold> daniel_-: check your logs for anything from logrotate; there _may_ be some more details in the logs
<sarnold> e.g., if logrotate is confined by AppArmor and does not have capability kill, it may not have been able to alert rsyslogd about the rotated files
<sarnold> (only one of many potential reasons for failure)
<stgraber> hallyn: is an up to date quantal container booting for you?
<hallyn> stgraber: in q i assume?
<hallyn> my q laptop is over (waves) there
<hallyn> get back to you in a bit
<stgraber> hallyn: yeah, on q. All I'm getting at startup time are mountall Event failed errors
<stgraber> I'm also getting a whole bunch of errors from upstart in dmesg
<stgraber> [40355.415061] init: Failed to spawn mounted-proc main process: unable to change root directory: No such file or directory
<hallyn> (wgetting)
<stgraber> hallyn: hmm, looks like something with the pivot root went quite wrong here... it also wiped the content of my laptops' /tmp at startup... rebooting
<hallyn> hooooly cow
<hallyn> hm mine failed on debootstrap.  what on earth?
<hallyn> oh, bad network
<stgraber> hallyn: found the issue, it's totally my fault
<stgraber> hallyn: I'm using lxc from staging which doesn't have a default lxc config (doesn't read /etc/lxc/lxc.conf) which means my container didn't have any networking config
<stgraber> which explains why mountall failed (well, kinda)
<stgraber> then I turned off apparmor to see if that was the issue and that triggered the rest of the mess
 * stgraber really needs to push that lxc-create change upstream and get a default lxc.conf implemented there too, not sure all of our users could debug that kind of weird mess :)
<hallyn> defualt lxc.conf upstream - still not sure how we can swing that
<hallyn> unless we default to an empty netns
<hallyn> which wouldn't be that bad i guess
<hallyn> we could also add a script "lxc-add-dev brX -n containerX" to create a new veth pair, hook one end up on bridge brX, and pass the other into the named containerX
<stgraber> I think we should ship a default lxc.conf that includes a bit of documentation as comments, ensures that a veth pair is setup but simply not bridged to anything
<stgraber> that way you get your eth0, the container is happy and you don can always bridge it to whatever you want later on
<hallyn> stgraber: just to be sure, q container started fine for me in q just now :)
<stgraber> hallyn: good to know that the distro package is fine and it's indeed just my daily build that's missing some bits
<hallyn> stgraber: so the kernel seems to have built fine in ppa:serge-hallyn/lxc-natty.  i haven't tested it for the netns leak yet
<linocisco> hi all
<linocisco> I could finally setup ubuntu mail server using postfix and dovecot
<linocisco> I tried using Thunderbird on Windows and Android's IMAP email clients. It worked fine but with disable_auth= no in dovecot.conf. I dont know what would be if auth is enabled.
<hallyn> stgraber: eh never mind, my silly idea didn't work.  depending on what smb shares with us in the morning i may see about bisecting
<linocisco> who is using ubuntu mail server for production environment like spanning 100 or 1000 multiple domains across the globe. I would like to be shared such kind of knowledge. As my office is just using windows server globally, I could never have such experience
<SpamapS> linocisco: "mail server" is hard to pin down. Web mail? SMTP/IMAP? More?
<linocisco> SpamapS, SMTP/IMAP. I have never tried webmail.
<SpamapS> linocisco: dovecot and postfix can scale to many thousands of domains
<linocisco> SpamapS, is there any scenarios on step by steps setup on how to?
<SpamapS> linocisco: https://help.ubuntu.com/12.04/serverguide/
<SpamapS> specifically
<SpamapS> https://help.ubuntu.com/12.04/serverguide/email-services.html
<linocisco> SpamapS, yes. I read it already
<SpamapS> linocisco: ok, so, whats your question?
<linocisco> SpamapS, how to archive emails in portable readable format without needing email clients?
<sarnold> is Maildir an option? easy, piece of cake, downside is it may eat too many inodes if you've got tons of tiny mails
<linocisco> SpamapS, in novell groupwise, there is ArchiveToGo software , which can download emails and burn on CD or USB stick into readable format.
<linocisco> sarnold, what are inodes? what does this mean?
<sarnold> mbox is another option that might be tolerable, it's easily human-readable, but may lead to huge files if you're not careful
<linocisco> sarnold, mbox is only text only one single file as far as I learnt
<sarnold> linocisco: an 'inode' is the basic unit of unix filesystem storage. every file has an inode.
<sarnold> linocisco: indeed, that's what makes mbox so awesome.
<SpamapS> linocisco: they're just ways to store email on disk
<SpamapS> linocisco: I suspect you want a comprehensive system..
<sarnold> linocisco: different filesystems can be optimized for different tasks; you may have fewer inodes if you expect your filesystem to contain nothing but gigabyte-sized files, you may have more inodes if you expect it to contain many small files.
<linocisco> sarnold, so which could be better option to archive and how to ?  Actually administrator should delete email accounts of transfered staff after archiving and giving him a copy. At another duty station, another administer will create a new email account for him.
<linocisco> sarnold, that is what my org is doing not to keep a person's email for so long. I dont know what is more intelligent idea
<sarnold> linocisco: if you're just keeping all your mail in spool files (a little odd, since you don't get folders that way, but the example is easy) then you just archive /var/spool/mail/sarnold and move on. If the person does have folders, it'll typically be stored in e.g. ~sarnold/Maildir or ~sarnold/Mail or some similar place. tar and rm as you see fit.
<sarnold> linocisco: if you want to intentionally throw away mail, that takes a bit more effort. Probably a weekly / monthly cronjob run of procmail with appropriate rules over the mailboxes in question could do it. That feels pretty ugly though.
<linocisco> SpamapS, in your point of view, what should be comprehensive system in my case?
<linocisco> sarnold, that means email policy.
<SpamapS> linocisco: GroupWise is.. massive. So. something else massive. Zimbra maybe.
<linocisco> SpamapS, groupwise has calendar sharing and other intelligent business options. so alternative is Zimbra to be used with ubuntu mail server?
<SpamapS> linocisco: sure, take a look
 * SpamapS goes afk
<linocisco> SpamapS, any other alternatives else?
<sarnold> linocisco: if you want an MS Exchange-alike, look at these guys: http://en.wikipedia.org/wiki/Open-Xchange
<linocisco> sarnold, actually I want to hear success stories on what Linux admins are doing on mail servers in their enterprise. I tried to find on full cycle magazines and whitepapers on ubuntu .com . I found a few
<linocisco> sarnold, so that I can learn their tips and tools in stories like their night mare headache. reading documents like wiki is just boring.
<sarnold> linocisco: heh, I know the feeling.
<sarnold> linocisco: everyone I know runs something like postfix+dovecot or postfix+uw-imapd, except for one guy who runs postfix+powermail (downloads.powerdns.com/documentation/powermail/html/)
<sarnold> linocisco: I don't know anyone who runs email for 100K+ user organizations though, so...
<linocisco> sarnold, thanks anyway
<linocisco> sarnold,            http://summit.open-xchange.com is cool
<smb> SpamapS, Not sure whom you sent email yesterday. But it may not have been me... ;)
<smb> Daviey, So what is the problem with xen (nobody caring to upload it)?
<Daviey> smb: no, not that!
<Daviey> smb: I did bounce a question to you on Friday.. can't remember what it was
<smb> Daviey, I guess you mean the warning about email address not being ubuntu
<Daviey> hmm
 * Daviey re-reviews
<Daviey> smb: Ah yes.. it was conflict/replaces
<smb> Daviey, Which I answered that I left them in as they were left in with the previous rc1 upload
<Daviey> ok, ok!
 * smb growls
<Daviey> smb: libxen3 was dropped in natty?
<Daviey> which means that lucid->precise is the only upgrade path.. meaning this can be dropped.
<smb> Daviey, Yeah I thought so too when doing the merge at the beginning of the cycle. zul kept them in. And I would not change that right now. It should not matter really
<smb> We should drop those for R
<Daviey> true
<Daviey> ok
<Daviey> smb: so i updated changelog to point to quantal, and updated the maintainr
<smb> Daviey, Ok, yeah, quantal was my fault and the maintainer something that was always "wrong" before
<smb> eh no
<smb> Daviey, You are right, messed that up and ignored it as I thought it complained about canonical
<janek_> hi guys, I have just set my first ubutu serv and wanted to completely switch of the logs related to eth0 I am working on. Any help would be appreciated.
<va> Hi. In ubuntu 12.04 server, gnome-control-center's 'unlock' button is inactive if logged in through Xrdp or through an LTSP thin client (works if logged in locally). It says "system policy prevents changes. contact admin" on hover. Anyone know how to enable it or what could be causing this?
<mdeslaur> va: it's caused by policykit. There's likely a policykit rule file that needs you to be on the console to get appropriate permissions.
<mdeslaur> va: look in /usr/share/polkit-1/actions
<mdeslaur> va specifically in org.freedesktop.accounts.policy
<Guest4020> If i have a server on let's say 192.168.0.1 and I want to redirect all user to this IP if they try to reach me at 10.5.24.10x would the following Code do the job with Iptables?
<Guest4020> iptables -t nat -A OUTPUT -d 10.5.24.10x -j DNAT --to 192.168.0.1
<Guest4020> Or how about this iptables -t nat -A PREROUTING -i eth1 -j DNAT --to 192.168.0.1
<Guest4020> Well is there anyone able to solve my problem ?
<Guest4020> So you are able to change my username but answering is impossible
<Guest4020> Great why am I even here
<Guest4020> Hello ?
<va> Guest4020: iptables -t nat -A PREROUTING -i eth1 -d 10.5.24.101 -j DNAT --to 192.168.0.1  seems what you want
<Guest4020> Great thank you man :)
<va> whether this will work if 192.168.0.1 is on the same machine that does the nat i'm not sure
<va> u might need some additional trick
<Guest4020> That would be ?
<Guest4020> But actually it is one the same machine, I'm just curious :o
<va> Guest4020: hm, ye u probably wouldnt even want to do this NAT if the IP was on the same machine idk why i thought about it, god confused with tricks myself
<va> *got
<Guest4020> It's just about testing, I know it does not make enormous sense at all :D
<caribou> Can someone tell me if 'bzr builddeb' is used frequently to build off LP branches ?
<caribou> just wondering if I should get used to use it or continue manually
<zooko> Hm, I see that an automated bring-up of an Ubuntu server has stopped on this debconf query: http://codepad.org/aBgISt20
<zooko> The command that start this was: apt-get upgrade -y
<zooko> Seems like "-y  Assume Yes to all queries and do not prompt" isn't quite working as advertised.
<zooko> Ah: http://askubuntu.com/questions/146921/how-do-i-apt-get-y-dist-upgrade-without-a-grub-config-prompt
<zooko> Oh! New AMIs shouldn't have had this problem?
<zooko> I must have gotten a stale AMI ID just now then. Whoops.
<SpamapS> zooko: you using cloud-images.ubuntu.com ?
<zooko> SpamapS: I used alestic.com.
<zooko> Wait, no I didn't.
<zooko> Hrm.
<zooko> Yeah, I used this: http://cloud.ubuntu.com/ami/
<zooko> Is http://cloud.ubuntu.com/ami/ not the right place to find AMI ids?
<jcastro_> zooko, those should be up to date
<zooko> jcastro_: they say 20120424 on them,
<jcastro_> but yeah, http://cloud-images.ubuntu.com/ is much nicer imo
<zooko> and the lp ticket says the bug was fixed 201206
<jcastro_> man, these look way out of date
<zooko> And, the AMI ID I got from http://cloud.ubuntu.com/ami/ has the bug.
<jcastro_> daker, ping
<zooko> Daily builds? Yikes, that doesn't sound like what I want!
<zooko> http://cloud-images.ubuntu.com/precise/
<jcastro_> http://cloud-images.ubuntu.com/releases/precise/release/
<jcastro_> is what you want
<jcastro_> (they're under a releases directory)
<jcastro_> though, why the dailies are in the root instead of under /dailies is beyond me
<zooko> Thanks!
<jcastro_> I filed a bug, thanks for bringing it up!
<zooko> Thank you!
<zooko> Bug # please?
<zooko> Or URL...
<zooko> Found it.
<zooko> https://bugs.launchpad.net/ubuntu-cloud-portal/+bug/1060199
<uvirtbot> Launchpad bug 1060199 in ubuntu-cloud-portal "Cloud images are out of date" [Undecided,New]
<zooko> Okay, in a minute or so https://leastauthority.com should be back in operation using the recommended Precise AMI. Thanks for your help!
<jcastro_> zooko, wow, that's really cool
<zooko> jcastro_: thanks! I'm excited about it!
<zooko> It's just me and two other folks. âº
<jcastro_> that is quite excellent
<zooko> Doing a test signup to see if the resulting Precise server comes all the way up...
<zooko> Whoops... EC2Error: Error Message: The AMI ID 'ami-32845d2f' does not exist
 * zooko investigates...
<zooko> I wonder where that AMI ID came from. Oops...
<SpamapS> zooko: most common problem is you chose the wrong region
<zooko> SpamapS: yep. sa-east-1
<zooko> sa?
<zooko> South America. Neat. But yes, that was the problem.
<zooko> Thanks!
<doko> Daviey, what's the status of https://bugs.launchpad.net/ubuntu/+source/freeipmi/+bug/1052056 ?
<uvirtbot> Launchpad bug 1052056 in freeipmi "[FFe] [MIR] freeipmi" [Undecided,In progress]
<daker> jcastro_: pong
<jcastro_> daker, I filed a bug on it, the images are out of date in the AMI browser?
<daker> oh yeah :(
<daker> i need to fix that
<zooko> Hm, so linux-ec2 and linux-image-ec2 are no longer present. I'm changing my setup from lucid to precise.
<zooko> Is there a new package that I should install instead?
<Daviey> doko: looking
<Daviey> doko: it's In Progress :)
<Daviey> roaksoax: Have you been able to do the things jdstrand requested for freeipmi?
<doko> Daviey, I'd say rather incomplete ...
<Daviey> doko: No, the bug report has enough information to allow a developer to undertake the work, and it is assigned. :)
<roaksoax> Daviey: howdy, no not completely
<doko> Daviey, no, in-progress is not a status for a developer to finish the mir. but anyway, if it's being worked on ...
<roaksoax> Daviey: the only thing missing is fixing the compiler warnings... if someone could give a hdn with that would be great :) http://paste.ubuntu.com/1256058/
<hallyn> stgraber: d'oh, the grub update failure in lxc is real.
<doko> roaksoax, these are about unused results. so check the result, and error out in case that an error is returned
<roaksoax> doko: will do
<Daviey> doesn't dh do that automagically?
<SpamapS> hallyn: yeah I ran into that yesterday
<SpamapS> hallyn: have it on my TODO to report the bug
<SpamapS> hallyn: patch should be simple enough.. does it ever make sense to install grub in a container?
<SpamapS> hallyn: or rather.. to configure it in a container.
<Daviey> zul: can you check bug 1059907 isn't a binary depends?
<uvirtbot> Launchpad bug 1059907 in nova "python-nova depends on python-setuptools-git?" [Undecided,Won't fix] https://launchpad.net/bugs/1059907
<hallyn> SpamapS: it might, if you're using a loopback block dev as backign store and intend to later boot it in kvm
<Daviey> zul: a source depends is no problem, but if there is a binary dpeend, we should fix it.
<hallyn> but in general the answer is no
<zul> Daviey:  build depends
<Daviey> zul: certain?
<zul> its not a binary
<zul> yes checked it before i wrote that response
<zul> Daviey: very certain
<Daviey> zul: thanks
<SpamapS> hallyn: so perhaps the answer is not to fail postinst if root is not a block device.
<hallyn> SpamapS: or even if no access to the device
<hallyn> right now, no access would mean cgroups.  Next cycle, it might mean different user namespace
<hallyn> changing locale, biab
<roaksoax> doko: do you have a sample code for the unused result check?
<roaksoax> i haven't touchd C in years
<zul> Daviey: i just uploaded stevedore to binary new can you please review it (dep for ceilometer)
<Daviey> ok
<doko> roaksoax, no, not at hand. afk today early, and tomorrow is bank holiday
<skrite> hey all, i am looking for an easy to run and configure web server distro that i can just put in a VM on ubuntu.. our company needs a mail server with a fqdn but i am trying to avoid a lot of config pain. any ideas?
<rbasak> skrite: yeah that should work
<zul> hallyn: i havent been able to reproduce the libvirt hostname thing
<hallyn> hostname?
<_yac_> i'm fiddling with xen in ubuntu server 12.04. i have a working bridged network setup but want to try a routed setup. is it safe for the dom0's networking to alter the xend-config.sxp to this effect? also comment out xenbr0 and comment back in the standard eth0 fare. pifalls?
<eutheria> is there still an ubuntu directory server project?
<hallyn> zul: i'm not sure what you're talking about
<hallyn> stgraber: ubuntu containers don't have grub installed.  ubuntu-cloud containers (both precise and q) do, and updates are failing
<zul> the thing we were talking about yesterday
<hallyn> zul: with nova?
<zul> hallyn: yeah
<hallyn> zul: cool, thanks for the info
<hallyn> he did say 'once a month or so'  :)
<hallyn> iow bug reproducer's nightmare
<zul> dah
<hallyn> doo
<adam_g> jamespage: hey, about OVS 1.4.3.. i'm going to propose lp:~gandelman-a/ubuntu/quantal/openvswitch/1.4.3 for uploading. theres a 1.4.3 package in  ppa:gandelman-a/ppa available for testing. any chance you can give that a run through your autmoated testing first (and possibly sponsor the upload:)?
<jamespage> adam_g, yes
<jamespage> lemme get my sprint out of the way for today and I'll test and upload later on
<adam_g> jamespage: great, thanks. shall i propose the merge and subscribe you to the bug?
<jamespage> sure - sounds good
<mercsniper_> anyone offer assistance with maas?
<melmoth> mercsniper_, there s a #maas channel as well.
<mercsniper_> melmoth: thank you, I asked the question there and I can ask it here, is the cloud-init package still out of date?
<smb> SpamapS, stgraber, Ok, so the v2 test kernel is up on people. If you got time I'd be quite interested to see how that goes. :)
<hallyn> stgraber: so were you going to file thtat as a bug against grub?
<hallyn> i'm wondering whether we do a simple 'is-container' check at top of update-grub, or check deeper inside grub whether we have write access to the root dev
<stgraber> hallyn: I vaguely remember smoser or SpamapS mentioning that bug on #ubuntu-devel yesterday, maybe they already have a bug report for it somewhere
<stgraber> smb: thanks, will update and reboot soon
<smoser> i did not mention such a hting. but that would be nice.
<hallyn> stgraber: i dont' think so.  SpamapS said it was on his todo
<SpamapS> It was on my todo to report it as a bug and suggest a patch to cjwatson
<SpamapS> and still is actually
<stgraber> hallyn: as LXC doesn't really support full disks but instead only partitions, I guess it's fine to just exit 0 if is-container returns 0
<smoser> i'd say that supporting partitions has nothing to do with it.
<hallyn> stgraber: i do fear that eventually we'll find there are cases where we want to support it, but for now it seems best
<hallyn> i'll whip up a patch this afternoon
<smoser> even if it worked on a partition it isn't going to have an affect
<hallyn> SpamapS: if you report the bug, please give # here, else i'll report it after lunch
 * hallyn bbl
<stgraber> smoser: well, I was thinking of a case where someone would use LXC to fix/upgrade an existing system (VM/external disk), but as LXC won't let you see the whole device anyway grub won't be able to update the mbr
<adam_g> zul: where does the 'websockify' python module come from?
<melmoth> adam_g, universe ? http://packages.ubuntu.com/quantal/i386/websockify
<zul> adam_g: what do you mean?
<adam_g> # apt-get -y install websockify ; python -c 'import websockify'
<adam_g> import error
<zul> w...t...f\
<adam_g> also
<adam_g> why does novnc provide an init script that starts nova-novncproxy?
<zul> adam_g: i have no idea that area is a big mess
<melmoth> i realised both packaged conflicted one with another the hard way last week.
<adam_g> melmoth: is there a bug?
<melmoth> https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1055505
<uvirtbot> Launchpad bug 1055505 in nova "nova-vncproxy conflicts with novnc" [Undecided,Fix released]
<adam_g> melmoth: thanks
<adam_g> ugh
<melmoth> ohhh, it s fixed :-)
<adam_g> melmoth: no, its not
<adam_g> zul: consider yourself subscribed: bug #1060374
<uvirtbot> Launchpad bug 1060374 in websockify "websockify installs no importable python module" [Undecided,New] https://launchpad.net/bugs/1060374
<zul> thanks
<jamespage> adam_g, openvswitch tested OK
<jamespage> preparing the upload now
<stgraber> smb: the little bit of stress test I did on your kernel here didn't show any hang, though I'm not nearly as good at reproducing the bug as SpamapS :)
<adam_g> jamespage: super thanks
<smb> stgraber, I hope he won't be successful this time. ;) And interestingly proposing this variation seems to have refreshed some memory upstream. And I got some pointers to 3 patches in linux-next...
<jamespage> adam_g, its in the unapproved queue
<jamespage> Daviey, ^^
 * jamespage goes for food
<Daviey> jamespage: reviewing
<zul> adam_g: websockify wasnt actually a python-module per say...anyways its fixed upstream just need a FFE
<zul> Daviey: ^^^
<adam_g> zul: yea...
<adam_g> zul: are you uploading something?
<zul> adam_g: yeap its pending review
<adam_g> zul: okay
<adam_g> zul: as i predicted, that tgt config change broke nova-volume
<hallyn> SpamapS: filed bug 1060404
<uvirtbot> Launchpad bug 1060404 in grub2 "update-grub runs and fails in containers" [High,Confirmed] https://launchpad.net/bugs/1060404
<zul> adam_g: the upgrade or just everything?
<adam_g> zul: the removal of the '--conf' option from calls to tgt in nova-volume breaks nova-volume
<zul> adam_g: looks like we are going to have to carry at patch
<zul> er....a patch
<adam_g> zul: ?
<zul> blah....*grumble* *grumble*
<adam_g> zul: specifying --conf causes other bugs, which is why it was removed
<adam_g> zul: the real problem is chaning the 'include' statements in tgt's config. includes can only be specified in /etc/tgt/targets.conf, not from within included files in /etc/tgt/conf.d/
<adam_g> so dropping nova_tgt in /etc/tgt/conf.d/ to inclue /var/lib/nova/volumes/ doesn't work, and never really did :|
<zul> adam_g: but i have been running fine with it
<adam_g> zul: no, you ahave never been using it. if --conf is specified to tgt-admin, /etc/tgt/targets.conf is never even consulted
<zul> i havent
<SpamapS> hallyn: thanks for filing that. I only have one bit of feedback on your debdiff, which is to consider using debconf so that it can be internationalized
<SpamapS> hrm
<SpamapS> actually thats daft
<SpamapS> I wonder if there is a simple way to access 'templates' from maintainer scripts without telling debconf to nag the user with a question
<Daviey> SpamapS: priority
<Daviey> but remember, debconf isn't a registry :)
<SpamapS> Daviey: what I'm saying is, I want it to print out text that translators have a chance at internationalizing
<SpamapS> its silly
<SpamapS> server.. containers.. we can skip i18n for now :)
<Daviey> Yeah, only en_GB matters TBH
<rbasak> :-)
<zul> adam_g: do you want to prep an upload
<adam_g> zul: yes im filing a bug
<zul> adam_g: k prep one for the cloud-archive and ill ack it
<adam_g> zul: also, i've committed the missing xvpvnc / novnc stuff
<zul> adam_g: good
<adam_g> but i'd like some input from someone who knows htf this is supposed to be packaged
<SpamapS> hallyn: ok forget my previous comment, but also the language needs some work. "not running because it is in a container" is a bit.. weird
<zul> adam_g: check with vishy
<SpamapS> hallyn: "Declining to perform automatic grub install in container." might make more sense.
<Poapfel> my sysadmin gave me a ipv6 adress and a ipv6 gateway how do I use these to things to enable ipv6 on this server?
<Poapfel> (I was able to use ipv6 for a couple of minutes but after closing my ssh session it was disable or so)
<Poapfel> (by editing /etc/network/interface)
<Jeeves_> Poapfel: Just configure another ethX
<Jeeves_> Instead of 'static inet', you configure it as 'static inet6'
<Poapfel> I did that...
<Poapfel> Jeeves_: this is what my /etc/network/interfaces looks like http://paste42.de/4183/
<Jeeves_> Your gateway is wrong
<Jeeves_> That should be just an address
<Poapfel> what is with this /48?
<Jeeves_> Also, it suggests that you are in a /48, not a /64
<Jeeves_> That's your netmask
<Poapfel> but the address had a /64 at the end
<Poapfel> therefore I thought the netmask is 64
<Poapfel> and not not 48
<Poapfel> should I change the address to xxx:xxx:xxx:xxx:xx:0:0:0/64?
<Poapfel> and the netmask to 48?
<hallyn> SpamapS: I'm fine with wahtever :)  if you come up with something good, could you post it in the bug?
<Jeeves_> Poapfel: What did your admin tell you?
<hallyn> at this point I'm waiting for cjwatson input :)
<maswan> hm. I'm not sure I've done a static gw in v6 actually. but I would tihnk that that was just an IP, not an IP with netmask
<maswan> Poapfel: typically the adress ends in something not 0
<maswan> like 2001:6b0:e:2018::163
<DataCruncher> I'm running a minecraft server on Ubuntu Server. I am remotely connected with putty. I would like to be able to exit putty without shutting down the server. Is there any way to do that?
<maswan> and gateway should just be the ::1 stuff, no /whatever
<maswan> I think
<Jeeves_> Indeed
<Jeeves_> Just an address
<Jeeves_> the same for 'address'
<maswan> netmask goes in the netmask field in network/interfaces
<Jeeves_> THe netmask is only mentioned in 'netmask' :)
<DataCruncher> Anyone?
<maswan> which you already have there
<Jeeves_> Kinda makes sense! :)
<maswan> DataCruncher: start it inside screen(1)
<Jeeves_> DataCruncher: screen
<Poapfel> hm
<Poapfel> I am going to change the netmask to 48
<Poapfel> and to be more specific my sysadmin gave me the following two informations(without any comments):
<Poapfel> 2a00:12c0:1015:100:44:0:0:0/64
<maswan> Poapfel: Almost all the time the netmask is going to be 64 on ipv6
<Poapfel> GW: 2A00:12C0:1015::1/48
<Poapfel> I guess the first one is the adress and the second on is the gateway, right?
<maswan> ok, that seems to be a network definition for router setup
<DataCruncher> Maswan/jeeves: I'm confused, how would I do that?
<DataCruncher> And what exactly does it do?
<Poapfel> maswan: well...
<maswan> DataCruncher: first you start screen, then you get a new shell inside that and then you can start the minecraft server process inside there. then you can detatch screen by hitting ctrl-a d and logout. later you can login and use "screen -x" to re-attach to the running server
<Poapfel> it is still a ipv6 address then, isn't it?
<maswan> yeah
<Poapfel> hm
<maswan> well, 2A00:12C0:1015::1 is an ipv6 adress
<maswan> 2a00:12c0:1015:100:44:0:0:0 is a network, you have to choose an IP inside of that
<maswan> like 2a00:12c0:1015:100:44::5
<Poapfel> oh
<Poapfel> but I thought that 2A00:12C0:1015::1 is my gateway
 * Poapfel is a total noob when it comes to networking
<maswan> yeah, that's what he said it was
<maswan> but I don't really understand that bit either, since usually you need the gateway to be inside your network
<Poapfel> maswan: I am pretty much confused now...
<Poapfel> what should I enter as a ip adress now?
<maswan> Poapfel: yeah, so am I. could that be instructions for setting up a router for a whole subnet?
<Poapfel> maswan: no, I don't think so
<maswan> Poapfel: I'm pretty confused at the instructions too then. :/
<Poapfel> :(
<maswan> and I've done ipv6 admin on ubuntu for a few years now
<Poapfel> hm
<Poapfel> well...it is a kvm based vserver which is part of a big data center, but I don't know if this informations matters
<Poapfel> (probably it doesn't)
<maswan> you could try choosing an IP in 2a00:12c0:1015:100:44::, like 5. and try the gateway 2A00:12C0:1015::1 and readjust the netmask to 48 and see how that works
<maswan> because that's confusing, a network has a mask, not an IP. and the gw is just an IP
<Jeeves_> maswan: You disappoint me :)
<Jeeves_> 2a00:12c0:1015:100:44:: is just as much an ip as 2a00:12c0:1015:100:44::1
<Poapfel> Jeeves_: so is 2a00:12c0:1015:100:44::1 my ip?
<Jeeves_> Poapfel: yes, possibly
<Jeeves_> But, the gateway-address you've got is outside the /64 you're configuring
<Poapfel> hm?
<Jeeves_> Poapfel: Your /64 network starts at 2a00:12c0:1015:0100:0000:0000:0000:0000 en ends at 2a00:12c0:1015:0100:ffff:ffff:ffff:ffff
<Jeeves_> Your gateway is at 2A00:12C0:1015:0000:0000:0000:0000:1
<maswan> Jeeves_: wouldn't the network adress be a bad idea for a host adress in ipv6 still?
<Jeeves_> Which you cannot reach from 2a00:12c0:1015:100::
<Jeeves_> maswan: ipv6 doesn't have network or broadcastaddresses
<maswan> Jeeves_: ah
<Jeeves_> link-local
<Poapfel> btw: what is the correct way to reload the /etc/network/interfaces configuration /etc/init.d/networking restart seems to be deprecated
<DataCruncher> maswan: Just got it working, thank's for the help.
<Poapfel> besides I always get the error "RTNETLINK answers: File exists. Failed to bring up eth0."
<hallyn> stgraber: smb: you know, in the end eth0 is just a nic like any other - i wonder if the dnsmasq preventing clean shutdown bug is actually also to do with routes not being cleaned out at shutdown
<hallyn> probably not...
<hallyn> stgraber: temporarily assigned bug 1017847 to you to make sure i grok it - is the failing case meant to be caught?
<uvirtbot> Launchpad bug 1017847 in qemu-linaro "qemu segfaults when creating an armhf container on an amd64 host" [High,Confirmed] https://launchpad.net/bugs/1017847
<stgraber> hallyn: well, the problem is that we can't really know what architectures are supported by the running kernel
<stgraber> hallyn: at least not in an easily parsable form for a bash script
<stgraber> hallyn: so the code simply always call qemu-debootstrap if it's installed and deboostrap if it's not
<stgraber> so the actual failure to mount is probably in debootstrap's code
<hallyn> stgraber: no, it's during the 'chroot $container apt-get update'
<hallyn> (i believe)
<hallyn> so actually, maybe it's just because qemu-arm's dependencies are no longer in our path?
<stgraber> hallyn: that's surprising, it should fail way before that...
<stgraber> hallyn: it could happen if you have a container in the cache but qemu-user-static isn't installed anymore
<stgraber> then there isn't much we can do really...
<hallyn> not sure what you mean
<stgraber> you could get that kind of failure if you do:
<hallyn> what i'm saying is it works with qemu-user-static but not qemu-user,
<stgraber> lxc-create -t ubuntu -n p1 -- -r precise -a armhf
<stgraber> apt-get remove --purge qemu-user-static
<stgraber> lxc-create -t ubuntu -n p2 -- -r precise -a armhf
<hallyn> so i guess it has to do with kernel tries to fire off qemu-armel in the container's namespace, but does'nt find the libs
<stgraber> as p2 will copy from cache but can't execute as the binfmt handler is no longer there
<hallyn> yeah that would happen too...  doesn't seem any wors than the original reported case
<hallyn> so, what do we do?  :)
<adam_g> zul: are you going to take care of a new websockify?
<hallyn> hm, rsyslog keeps SEGVing in the armhf container
<Daviey> hallyn: i saw a new rsyslog in the quantal queue btw
<hallyn> hm
<hallyn> this container ws *just* created
<Daviey> oh
<Daviey> adam_g: I'll accept the new nova, but please can we have the man pages complete before release?
<Daviey> perhaps track it via a bug?
<hallyn> gotta say, today unity in qemu over spice looks nice
<raub> Embarassingly easy question: can anyone spot what I am doing wrong here:
<raub> ssh -t -K server1.domain.com 'sudo -v' && ssh -t server2.domain.com "stty -onlcr; sudo tar czf - /etc/ldap/ 2>/dev/null" | tar xvf -
<adam_g> Daviey: maybe. the manpages that sphinx generates are no less "stubby"
<SpamapS> hallyn: were you able to test smb's latest kernel?
<SpamapS> smb`: still failing w/ smb2 btw
<SpamapS> is that the 'netns' kernel thread reporting that?
<SpamapS> if we have a kernel thread, can't we tell it to go look for deadlocks?
<hallyn> SpamapS: no, i haven't.  and i wont given it doesn't work for you :)
<hallyn> SpamapS: eod here, i gotta run  but will be back on later tonight
<uvirtbot> New bug: #1059459 in maas "Existing DHCP server not stopped" [Undecided,New] https://launchpad.net/bugs/1059459
<uvirtbot> New bug: #1059556 in maas "/etc/init/maas-celery.conf not removed on upgrade" [Undecided,New] https://launchpad.net/bugs/1059556
<uvirtbot> New bug: #1059899 in nova (main) "nova fails to configure dnsmasq, resulting in DNS timeouts in instances" [Medium,Confirmed] https://launchpad.net/bugs/1059899
<uvirtbot> New bug: #1060053 in qemu-kvm-spice (universe) "Audio starts working several hours after starting Windows Vista guest" [Medium,Incomplete] https://launchpad.net/bugs/1060053
<uvirtbot> New bug: #1060237 in maas (main) "apt-get install maas maas-dhcp maas-dns fails" [Undecided,Fix committed] https://launchpad.net/bugs/1060237
<uvirtbot> New bug: #1060319 in juju (universe) "FFE - Juju" [Undecided,Triaged] https://launchpad.net/bugs/1060319
<uvirtbot> New bug: #1060336 in nova (main) "nova-novncproxy does not install binaries or any running services" [Undecided,Fix released] https://launchpad.net/bugs/1060336
<uvirtbot> New bug: #1060422 in nova (main) "nova-volume volume creation fails, tgt config not loaded" [Undecided,Fix released] https://launchpad.net/bugs/1060422
<uvirtbot> New bug: #1060238 in logwatch (main) "unmatched entries for sshd" [Undecided,New] https://launchpad.net/bugs/1060238
<uvirtbot> New bug: #1035320 in libvirt (main) "free(): invalid pointer" [High,Fix released] https://launchpad.net/bugs/1035320
<uvirtbot> New bug: #1058760 in logwatch (main) "unmatched entries for dovecot login" [Undecided,Confirmed] https://launchpad.net/bugs/1058760
<uvirtbot> New bug: #1059907 in nova (main) "python-nova depends on python-setuptools-git?" [Undecided,Won't fix] https://launchpad.net/bugs/1059907
<uvirtbot> New bug: #1059973 in maas (main) "purging packages can't remove files because dirs are not empty" [Undecided,New] https://launchpad.net/bugs/1059973
<uvirtbot> New bug: #1060175 in libvirt (main) "Libvirt not creating sockets anymore." [Undecided,Invalid] https://launchpad.net/bugs/1060175
<uvirtbot> New bug: #1060184 in puppet (main) "puppet client init script pid file error" [Undecided,New] https://launchpad.net/bugs/1060184
<uvirtbot> New bug: #1060218 in maas (main) "error deleting maas user removing the maas package" [Undecided,New] https://launchpad.net/bugs/1060218
<uvirtbot> New bug: #994476 in libvirt (main) "libvirt-bin : error : virExecWithHook:328 : Cannot find 'pm-is-supported' in path: No such file or directory" [Low,Fix released] https://launchpad.net/bugs/994476
<uvirtbot> New bug: #1058987 in network-manager (main) "In Quantal, the root filesystem is not cleanly unmounted at shutdown or reboot" [High,In progress] https://launchpad.net/bugs/1058987
<uvirtbot> New bug: #1059943 in lxc (universe) "lxc-start-ephemeral masks process exit code (dup-of: 1050351)" [Undecided,New] https://launchpad.net/bugs/1059943
<uvirtbot> New bug: #1059979 in nova (main) "novnc quantal packages are incomplete" [Undecided,New] https://launchpad.net/bugs/1059979
<SpamapS> whoa
<SpamapS> uvirtbot: clock skew?
<uvirtbot> SpamapS: Error: "clock" is not a valid command.
<uvirtbot> New bug: #1059272 in php5 (main) "php5-fpm init.d script does not return when php5-fpm  is started or stopped" [Undecided,New] https://launchpad.net/bugs/1059272
<uvirtbot> New bug: #1059453 in maas "The celery cluster worker is not properly stopped" [Critical,Triaged] https://launchpad.net/bugs/1059453
<uvirtbot> New bug: #1059485 in maas (main) "maas_local_celeryconfig.py is world readable" [Critical,Fix released] https://launchpad.net/bugs/1059485
<uvirtbot> New bug: #1059567 in cyrus-sasl2 (main) "update-rc.d: warning: saslauthd stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (1) " [Undecided,New] https://launchpad.net/bugs/1059567
<uvirtbot> New bug: #1057325 in glance "Error when starting glance-api - unable to redeclare queue" [Undecided,Fix released] https://launchpad.net/bugs/1057325
<uvirtbot> New bug: #1058669 in php5 (main) "htmlentities returns nothing" [Undecided,New] https://launchpad.net/bugs/1058669
<xymantec> Hi is anyone around :)
<sarnold> irc tends to work better if you just ask :)
<xymantec> I am having problems setting up a damn cron job... I have a lamp server (uOS 12.04.1) with php5-cli installed
<xymantec> SERVER API = apache
<xymantec> i "sudo vim /etc/cron.hourly"
<xymantec> created a i.sh file
<xymantec> inserted * * * * * php /var/www/cron/t.php
<xymantec> and saved file, but I it looks like its not working. I did do research and have come to the conclusing that i need to include the path to php binary which is typically /usr/local/bin
<xymantec> *conclusion
<sarnold> hopefully not /usr/local/bin/php, but /usr/bin/php -- check 'which php' for details there
<xymantec> my question is how do I include this path, do i include in the i.sh or the actually php script? and how to i include it
<sarnold> but you've typed t.php and i.sh so far -- which are you running?
<xymantec> i.sh is the shell script inside cron.hourly folder
<xymantec> t.php is the script i want to run on a cron cycle
<zul> adam_g: already have
<xymantec> its /usr/bin/php
<xymantec> do i put that in my shell script of in my php script?
<xymantec> *or
<sarnold> xymantec: I would. Most cron problems come from improperly specified paths
<sarnold> xymantec: though it just strikes me; if you're using cron.hourly, you don't need the * * * * * time specifcation
<sarnold> look at cron.daily or something for inspiration :)
<sarnold> you only need the time specification for the "main" crontabs, not the "helper" crontabs
<sarnold> (I hope that makes sense)
<xymantec> gotcha well i really wanted to use it ever hour, but for test purposed i have it clocked at every minute ;)
<sarnold> well, the thing is, you've got a syntax error in your file :)
<xymantec> hey since I have you helping, can you answer this. i tried using sudo crontab -e and it open up a default file, the problem is i could never figure out how to save it.
<xymantec> which file?
<xymantec> the shell script?
<sarnold> xymantec: depends on which text editor it started. if it started vi, use <esc>:wq   to save and exit
<sarnold> if it started something else, you'll have to figure out how to drive taht other editors
<xymantec> how to i setup the system default editor, because i think that part of the problem
<xymantec> i installed vim-nox but for some reason it always uses some other crappy editor
<sarnold> xymantec: I think I uninstalled nano or whatever just to get the /etc/alternatives/ to use vim always
<xymantec> I am assuming the correct syntax inside my shell script should be '* * * * * usr/bin/php x/path/phpscript.php '?
<sarnold> forget those *****
<xymantec> i understand you dont want me to have those but for testing purposes (every minute) is it ok to leave them on temporarily?
<xymantec> I just want to make sure the script works
<xymantec> script => cron
<sarnold> xymantec: it's not a matter of testing
<sarnold> if you want them in every minute, then put it into the /etc/crontab file directly
<sarnold> if you want it  every hour, take them out, and put it into the /etc/cron.hourly file :)
<xymantec> ok let me try sudoing that
<xymantec> lol ok
<xymantec> ok wrote to main crontab
<xymantec> do i need to restart cron service or do i just restart apache?
<xymantec> i guess ill see in a min if it works! :D
<xymantec> YES it works
<xymantec> sweet thanks a mil sarnold :)
<xymantec> i can now go put ice on my forhead...(bangin my head against my desk lol)
<sarnold> xymantec: woo :)
<stgraber> SpamapS: had a chance to test smb`'s new kernel?
#ubuntu-server 2012-10-03
<zul> hallyn: still around?
<zul> hallyn: have you seen this before? http://pastebin.ubuntu.com/1257101/ when trying to do virsh iface-list?
<uvirtbot> New bug: #1060541 in ipsec-tools (main) "racoon: broken script env for IPv6" [Undecided,New] https://launchpad.net/bugs/1060541
<SpamapS> stgraber: yes, I did, and the problem does not seem to be resolved
<SpamapS> stgraber: root     12367  0.0  0.0  27532  1108 ?        Ds   14:53   0:00 lxc-start --daemon -n clint-local-ci-u2-0 -l DEBUG -o /home/clint/.juju/data/clint-local-ci/units/u2-0/container.log
<pmp6nl> Hey, all! Is unison a good way to backup my webserver to my laptop?
<uvirtbot> New bug: #1060549 in maas (main) "maas-dns fails to install because maas user hasn't been created yet" [Undecided,New] https://launchpad.net/bugs/1060549
<uvirtbot> New bug: #1060550 in lxc (universe) "lxc-ls with ephemeral containers reports too many containers" [Undecided,New] https://launchpad.net/bugs/1060550
<bits8mybytes> postfix or sendmail?
<sarnold> I'd go with postfix, but that's mostly because I think it is better documented and better designed.
<bits8mybytes> ok
<bits8mybytes> I have used sendmail
<bits8mybytes> have not tried postfix
<bits8mybytes> yet
<bits8mybytes> and sendmail was a bitch
<sarnold> how do you feel abou the m4? :)
<sarnold> hehe
<bits8mybytes> sendmail never worked
<bits8mybytes> and when I finally got it to work
<bits8mybytes> I don't know how the hell I did
<sarnold> yeah. then you'll like postfix.
<bits8mybytes> cool does it do regex stuff?
<bits8mybytes> on emails
<bits8mybytes> obviously
<sarnold> and more :)
<sarnold> and all way easier than sendmail.
<bits8mybytes> sarnold thanks for the tip
<sarnold> bits8mybytes: have fun :)
<Skaag> if I see this in my /sys/block/sda/queue/scheduler : noop anticipatory [deadline] cfq
<Skaag> it means I'm on the 'deadline' scheduler right?
<SpamapS> Skaag: yes
<hallyn> zul: that was the augeas bug for which you uploaded the fix.
<hallyn> zul: should nto be happpening any more
<hallyn> zul: it came from the /etc/modprobe.d/iw* file having a line split by '\', which the modprobe lens couldn't handle
<hallyn> so HOPEFULLY you're not seeing it in an uptodate quantal
<level15> hi. i have a server with a few KVM libvirt VMs. one of them is paused and refuses to be unpaused. any ideas?
<TLoT> anyone here know why oidentd would spawn tons of processes?
<Fajkowsky> hey can someone help me with maas? http://askubuntu.com/questions/195115/nodes-cant-connect-to-server-after-bootstrap
<bigjools> Fajkowsky: can you ssh to your node from your juju client machine?
<bigjools> to 192.168.0.102 from the screenshot
<bigjools> it looks like the machine has not booted yet.  You might be falling foul of the  Oauth time bug
<Fajkowsky> witch machine?
<Fajkowsky> node?
<bigjools> Fajkowsky: yes the node
<Fajkowsky> Ok i know what i was doing wrong
<Fajkowsky> I was trying run node from old ubuntu instance
<Fajkowsky> Now i let install again ubuntu on node
<bigjools> ok
<Fajkowsky> can I ask something about maas?
<Fajkowsky> i go to #maas
<bigjools> yup
<MacroMan> I'm trying to install Ubunutu-server 12.04 onto an old box as a test server, but I only have an i686 cpu so it won't install. Anyone know what version of ubuntu-server I need to install on this machine?
<MacroMan> Does that just mean that the processor is 32 bit and not 64?
<rbasak> Are you trying to install using the i386 version or the amd64 version?
<rbasak> The amd64 version probably won't work for you.
<rbasak> You may also need a non-PAE kernel, for which you'll need to use mini.iso and do a network-based install.
<MacroMan> Erm, I just downloaded the recommended one from the UBuntu website. I'm getting the message 'This kernal requiers an x86-64 CPU'
<rbasak> Right. So amd64 won't work for you.
<MacroMan> OK. So should I just try with the 32bit download?
<MacroMan> Or is that a waste of time?
<rbasak> Depends on whether your machine supports PAE or not.
<MacroMan> PAE?
<rbasak> If you don't know, it's probably easiest just to try the 32 bit download
<rbasak> If it doesn't work, then look for instructions on installing 12.04 on a non-PAE machine
<MacroMan> Ah yes, it does.
<MacroMan> Cool, I'll try the 32bit one and see where I get
<MacroMan> Tanks
<eagles0513875> hey guys i need to implement dovecot + postfix for use with multiple domains. I already have dovecot + postfix setup which works. does anyone have a good how to on how to do this
<eagles0513875> :(
<eagles0513875> anyone alive in here?
<tanathos> yes
<eagles0513875> tanathos: do you have any experience with dovecot + postfix and multiple domains
<tanathos> just that I have no ideea of dovecot + postfix unfortunately
<eagles0513875> tanathos: no problem :(
<uvirtbot> New bug: #1060900 in maas (main) "HTTP proxy config being created in /etc/apt/apt.conf on nodes" [Undecided,New] https://launchpad.net/bugs/1060900
<vrturbo> hi all, any good howto's for juju + MAAS + openstack folsom + quantum ?
<Fajkowsky> if someone will have time please check my problem with juju - http://askubuntu.com/questions/195901/juju-services-are-not-deplyoing-correctly
<zul> hallyn: yeah works with augeas-lens installed
<zul> hallyn: shouldnt augeas-lens be a depends now then?
<hallyn> zul: doesn't it?
<hallyn> augeas-tools -> libaugeas0 -> augeas-lenses
<zul> hallyn: doesnt look like it
<hallyn> zul: http://paste.ubuntu.com/1257929/   what do you see?
<zul> hallyn: http://paste.ubuntu.com/1257931/
<hallyn> zul: oh!  yeah.  you want libvirt to depend on it.  i see
<hallyn> zul: so yeah, any reason not to have libvirt depend on libaugeas0?  it's in main...
<zul> hallyn: nope not that i know of
<Daviey> hallyn: what is the benefit ?
<hallyn> Daviey: 'virsh iface-list' doesn't bomb out
<hallyn> 00:14 < zul> hallyn: have you seen this before? http://pastebin.ubuntu.com/1257101/ when trying to do virsh iface-list?
<hallyn> Daviey: ^
<Daviey> i see :)
<hallyn> smb`: Daviey: ok, are we at the point where i should fire up a large compute instance and bisect the netdev-freeing 'lxc' bug?
<Daviey> One for smb i think.
<Daviey> (as in, i don't know the state)
<hallyn> smb`: ^
<hallyn> ahs3: hi, debian bug 688167, have you had a chance to look at the 0.2.2-1 proposed pkg?
<uvirtbot> Debian bug 688167 in src:libvirt "libvirt: Please port to libnl-3.x" [Normal,Open] http://bugs.debian.org/688167
<SpamapS> smb`: any ideas? I'm still running your 'smb2' kernel.. I can give you dmesg's or syslogs..
<smoser> SpamapS, ping
<smoser> http://paste.ubuntu.com/1258070/
<smoser> or anyone, really
<smoser> why does that job not respawn
<xsl> hello all , sorry this "noobish" question. but i want to use lxc to separate php from nginx and mailfilter from postfix .. but the thing is ... all stuff installed with apt-get wants to install dependencies
<xsl> can i use a flag on apt-get to install stuff that i want
<xsl> like .. on 1 lxc i want just mysql-server
<xsl> on lxc.2 i want nginx and mysql support .. no mysql-server again
<xsl> any tips pls?
<Kniggedigge> hi guys, can someone give me some support on netatalk on ubuntu 11.4? http://pastebin.com/HSeTUMDp
<holstein> Kniggedigge: you tried the suggestion at http://0pointer.de/avahi-compat?s=libdns_sd&e=afpd ?? i would want to be running a more recent version, or an LTS... 10.04 or 12.04
<Kniggedigge> hey holstein, do you think it might be, that afpd isnt running correctly? actually i tried to connect to the afp share with a mac, that does not work, but root      5998  0.0  0.0  65980  2532 ?        S    16:52   0:00 /usr/local/sbin/afpd -U uams_dhx.so,uams_dhx2.so -g -c -n  says that afpd is runningâ¦ so i dont know if the error message above is important and blocking the whole thing....?
<Adri2000> adam_g: hi, in what vcs is the keystone package maintained?
<holstein> Kniggedigge: if it were me, i would start simple... ping the machines, check firewall settings... can the mac "connect" to anything? i usually just use ssh
<Adri2000> adam_g: debian/control points to an essex branch and ~ubuntu-server-dev has no other up to date branch for this
<Kniggedigge> yes i have a whole lan setup here with another smb share that works and im configuring the ubuntu machine via sshâ¦ so that works, firewall does not block anything
<zul> Daviiy: ping im just going to put instructions on how to configure the ceilometer stuff in a README.Debian
<Adri2000> zul: hi. I think I should have asked my last question to you. any idea? :)
<zul> Adri2000:  what question? i wasnt paying attention
<Adri2000> in what vcs is the keystone package maintained? debian/control points to an essex branch and ~ubuntu-server-dev has no other up to date branch for this
<zul> Adri2000: all the work is going into lp:~openstack-ubuntu-testing/keystone/quantal-folsom-proposed
<Adri2000> ok thanks
<ahs3> hallyn: whups.  completely spaced uploading that package.  i'll get to it this evening.
<hallyn> ahs3: thanks!
<ahs3> hallyn: sorry 'bout that.  my bad.
<hallyn> zul: back to libvirt and augeas - libvirt build-depends on netcf, so it should end up linked against libaugeas0.  i guess that does NOT end up pulling in the things libaugeas0 package depends on?  that'd be too much?
<hallyn> or is that a bug int eh builder?
<zul> it doesnt
<chmac> How do I unfreeze an SSD on a server? Can't hotplug it as I don't have physical access... :-(
<zul> hallyn: lets see what debian does
<xsl> guys, quick tip plz. i want to have 3 LXC containers lxc.mysql(mysql-server) lxc.php(php-fpm phpmyadmin) lxc.www (nginx) but i dont want for instance to install mysql-server on lxc.php wen i do apt-get install phpmyadmin ... any tips ?
<zul> hallyn: i think we can get away with adding augeas-lens but im not 100% sure
<xsl> APT::Install-Recommends "0";
<xsl> APT::Install-Suggests "0";
<xsl> found it
<xsl> i dont install the recommends
<xsl> just the the stuff i rly think it needs and the Depends
<hallyn> zul: wanna file a bug real quick or should i?
<zul> hallyn: please
<hallyn> k
<hallyn> zul: no, wait.  here you go.  libvirt-bin depends on libnetcf1, which depends on libaugeas0, which depends on libaugeas-lenses.  no?
 * hallyn fires up a new instance to test.  this makes no sense
<zul> hallyn: right but i have none of that installed
<hallyn> zul: why?
<zul> hallyn: i had to manually install augeas-lenses and libaugeas0
<hallyn> yes, but why didn't they get installed automatically
<hallyn> zul: http://paste.ubuntu.com/1258197/  are you sure you didn't mess around with your system?  do an 'apt-get autoremove' or something?  (i *hate* autoremove, it's so broken)
<zul> hallyn: pretty sure lemme get back to you
<DarkStar1> Hello. I have postfix/dovecot(mysql backend) installed on a webserver and use roundcube for the webmail front end. Only problem is I'd now like for each user to be able to change their own passwords. Is there an alternative to roundcube that has this functionality built in?
<SpamapS> smoser: does it exit 0 ? (the maas job)
<SpamapS> smoser: respawn only happens on non normal exits
<smoser> SpamapS, sorry. i figured it out.
<smoser> you have to say
<smoser> respawn
<smoser> *and
<smoser> err..
<SpamapS> OH
<SpamapS> respawn is missing yes
<SpamapS> didn't see that
<SpamapS> respawn limit != respawn ;)
<smoser> i read the man page and assumed that the defaults for the respawn meant that respawn by default
<smoser> but you have to state that.
<SpamapS> yeah thats not the most clear distinction
<smoser> (and it does respawn on non-zero exit)
<smoser> thanks for the reply, though, SpamapS
<DarkStar1> No ideas?
<RoyK> DarkStar1: users and passwords stored in the mysql db?
<DarkStar1> RoyK: Yeah
<RoyK> then I guess it should be fairly simple to write that in php
<RoyK> usually the password is stored as a hash, so using that for authentication is trivial, and changing it even easier
<RoyK> just make sure access is over https
<DarkStar1> I haven't done any php coding before and I doubt it is as trivial as you make it sound :D
<RoyK> have you any pratice in any other programming languages?
<DarkStar1> RoyK: Yeah C, C++ Java
<RoyK> then php should be trivial indeed
<RoyK> or perhaps writing the same thing in another language
<RoyK> DarkStar1: can you create a bogus user, set a password, and pastebin the user entry from the database? it should show up now the password is stored
<DarkStar1> RoyK: wish I can but I can't afford the time to code this. I'm working on two other projects as I speak. I was just told to look for a solution
<SpamapS> DarkStar1: are you sure Roundcube doesn't have some kind of plugin to support it?
<RoyK> it really won't take long, it's very simple indeed
<SpamapS> Yeah but I'd bet money its already done
<RoyK> true
<DarkStar1> SpamapS: I am currently searching but I was given to understand that my boss hadn't found any.
<RoyK> but perhaps I misunderstood - he was looking for an alternative to roundcube...
<DarkStar1> which is why it gets passed down to me :)
<DarkStar1> RoyK: I just wanted a solution that would allow a user to change their passwords. IF there is a plugin for roundcube, all the better
<RoyK> DarkStar1: it's just a simple html form to authenticate the users, and then another to set a new password, and then some db connections and SQL to be passwd
<RoyK> s/passwd/passed/
<DarkStar1> I really can't afford a few hours to code this thing debug stuff, make sure it's secure etc.
<RoyK> DarkStar1: find that user entry, and I may give it a try - I don't have much to do this very hour (home from work and a bit tired, but can't sleep yet)
<SpamapS> DarkStar1: http://code.google.com/p/dovecotpfd/ this wouldn't work?
<SpamapS> oh.. hrm.. only supports doevcot files, not db
<SpamapS> doh
<sarnold> DarkStar1: if you do wind up coding it yourself, here's a good set of guidelines: https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
<RoyK> doesn't list dovecot, though
<sarnold> DarkStar1: http://www.openwall.com/phpass/ (I *love* the openwall.com work. Strong endorsement of anything they touch. :)
<RoyK> sarnold: the hash() function is usually sufficient
<RoyK> http://no2.php.net/manual/en/function.hash.php
<sarnold> RoyK: I strongly disagree.
<sarnold> RoyK: (a) too many people screw up the salting. Really. Check stackoverflow.com some time to see hudnreds of poorly written PHP password storage contraptions.
<sarnold> RoyK: (b) the iterations are nearly as important -- they drastically slow down targetted brute force attempts.
<sarnold> RoyK: Openwall's phpass handles these details correctly, once, in one place.
<RoyK> ok
<RoyK> anyway
<RoyK> I guess that may be incompatible with dovecot?
<DarkStar1> Man I can't use anything that would require me getting my hands dirty with Php code atm. a) I haven't coded php before whilst I'm not against learning it, I don't think coding a password utility too is the best way to start. and b) I just simply can't spare the time
<sarnold> RoyK: perhaps; I thought we were talking about PHP? :)
<DarkStar1> I'm solidly jammed for the next few months
<RoyK> DarkStar1: erm - I didn't ask you to code php - I said just give me a dump of a bogus user :)
<RoyK> DarkStar1: perhaps I can do some coding for free - I don't have much else to do atm
<bjf> jamespage, do you every see http://pastebin.ubuntu.com/1258161/ with your jenkins jobs ?
<uvirtbot> New bug: #1061064 in keystone (main) "ubuntu-cloud.archive: swift3 is no longer in swift-proxy" [Undecided,New] https://launchpad.net/bugs/1061064
<bananapie> Hey, a while back I found a command that I execute instead of 'make install', it builds a .deb file instead of installing the package. I can't find the command, anyone know what I am talking about ?
<bananapie> checkinstall is the command, thanks
<bananapie> 'checkinstall -D make install'
<sarnold> :)
<zul> Daviey: ceilometer uploaded
<Daviey> thanks
<scsinutz> is there an AMI creator tool sort of like boxgrinder for Ubuntu?
<SpamapS> scsinutz: sort of
<SpamapS> scsinutz: what you really want is just to pass in cloud-config as userdata and use the stock AMI's
<SpamapS> scsinutz: https://help.ubuntu.com/community/CloudInit
<SpamapS> scsinutz: also you might be interested in juju, which goes further and helps model the relationships between services
<SpamapS> scsinutz: http://juju.ubuntu.com/ for that
<uvirtbot> New bug: #1061154 in nagios-plugins (main) "pgsql.cfg includes a check_pgsql_4 command, but check_pgsql does not actually take the -4 argument" [Undecided,New] https://launchpad.net/bugs/1061154
<pmatulis> anybody here manage to get sssd working with sudo rules in ldap?
<TheLordOfTime> so, on the mailing list, noticed a discussion on "Webmin", zentyal, and others.  Has the public-facing security implications of those been addressed yet?
<SpamapS> TheLordOfTime: what implication would that be? That zentyal/webmin are less likely to be secure than ssh?
<TheLordOfTime> SpamapS, that it opens up more brute-forcing attempts.  that, and it can break how configurations work with certain webserver packages which are likely to run
<TheLordOfTime> SpamapS, i find it a tad too insecure... in SSH, you can key-restrict connections
<TheLordOfTime> in webmin, its password-restricted only
<TheLordOfTime> that protection gap, in my opinion, makes it a risky package (note i've not worked with zentyal, talking strictly webmin atm)
<TheLordOfTime> while i don't care if people load it up manually by source, it default listens on *:10000 which makes it even less secure because it can be publicly accessed
<SpamapS> TheLordOfTime: I don't think it opens up any more brute forcing than ssh (you can use cert based auth just as easily with HTTPS as with SSH)
<SpamapS> TheLordOfTime: but frankly, what sane person would *ever* put their management interface on the internet?
<TheLordOfTime> SpamapS, define "sane" to be the server team, and i'll agree
<SpamapS> Which server team?
<TheLordOfTime> SpamapS, any sane team of server administrators
<TheLordOfTime> SpamapS, my concern is with the less sane / less experienced crowd of server admins
<TheLordOfTime> namely the newbies
<SpamapS> Are going to install a server.. on the internet.. without a firewall?
<SpamapS> I don't think even newbies make that mistake.
 * TheLordOfTime coughts
<TheLordOfTime> coughs*'
<TheLordOfTime> you'd be surprised what i see cross my desk :p
<SpamapS> Because even if they do.. its a mistake that corrects itself rather quickly with a remote compromise.
<TheLordOfTime> but i'll not argue :P
<sarnold> you never know when hyou might want to admin your erver from a local starbucks...
<SpamapS> sarnold: right, and there are ways of doing that without just leaving it wide open to the whole net.
<SpamapS> tho I acknowledge that a newbie may make that mistake..
<SpamapS> still, this is no different than opening ssh
<zul> adam_g: thats *not* good (re: 1061166)
<TheLordOfTime> i think we just need to look into practical use cases for it, and whether its "default" of listening on *:10000 with nothing but a password is sane.
<TheLordOfTime> (IMO that default is evil)
<SpamapS> TheLordOfTime: why is that evil?
<TheLordOfTime> although openssh-server also suffers from a similar issue.
<SpamapS> Ok, so basically you want training wheels on your servers.
<TheLordOfTime> SpamapS, i lock down my servers, i'm far beyond using webmin :p
<SpamapS> Thats a very backwards way of thinking.
<SpamapS> A web based interface is going to be a lot easier to tweak via a smartphone than ssh'ing and vim'ing files
<SpamapS> There are lots of use cases for things like zentyal
<SpamapS> and port 10000 is.. meh
<SpamapS> its not ever going to be installed by default
<SpamapS> so user's who install it are expected to think about what they're installing
<SpamapS> (which is why we fought so hard to not have openssh enabled on the CD's)
<SpamapS> TheLordOfTime: I think its a molehill.. not a mountain.
<TheLordOfTime> perhaps i'm just over-analyzing, maybe just over-analyzing the general population of ubuntu/ubuntu-server users *shrugs*
<SpamapS> You want to protect people from themselves. Don't.
<SpamapS> Make good sane defaults, and help them discover their options. But please don't treat people like children.
<TheLordOfTime> indeed, i shall do so.
<TheLordOfTime> oh, while you're here... can you test/confirm a php5-fpm bug for me?  its so low a bug it wouldnt even get low IMO, but i'd like it tested/confirmed/reviewed by someone other than me :P
<TheLordOfTime> https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1059272  <-- that's the bug
<uvirtbot> Launchpad bug 1059272 in php5 "php5-fpm init.d script does not return when php5-fpm  is started or stopped" [Undecided,New]
<TheLordOfTime> more of an aesthetics thing than anything else.
<TheLordOfTime> s/aesthetics/reporting/
<TheLordOfTime> afaict, that's on precise, i havent loaded up a quantal VM that hasnt imploded.
<zul> adam_g: is that ec2 bug on the openstack-ci?
<adam_g> zul: what do you mean?
<zul> adam_g: https://bugs.launchpad.net/bugs/1061166
<uvirtbot> Launchpad bug 1061166 in nova "ec2 instance IDs are broken after folsom upgrade" [Undecided,New]
<adam_g> zul: what do you mean is it on the openstack-ci? was it triggered there? no
<zul> ok
<zul> just checking
<zul> adam_g: mind if i use the openstack-ci lab to test it out?
<adam_g> zul: sure, if you trigger the precise_essex_deploy_proposed you'll get an essex install you can upgrade
<zul> cool thanks
<uvirtbot> New bug: #1061212 in vsftpd (main) "package vsftpd  not installed  failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1061212
<howdypartner> Howdy all. I set up a small lan and I have a client that can ping the server through the switch but I can't seem to get it to access the internet. Do I have to do some port forwarding on the server or ?
<unless> hey hi!
<holstein> howdypartner: you'll need to congigure your router to allow it to be "seen"
<holstein> howdypartner: you can forward a port around the router's firewall, or put the machine in the "dmz" and run a firewall out there
<howdypartner> holstein: My server is acting as the router. I set it up as a dhcp server
<howdypartner> holstein: modem -> dhcp server -> switch -> client is how i have it set up
<holstein> howdypartner: i doubt the server is the only thing between you and the internet.. i would confirm the ip address, and check what ports your isp might be blocking
<holstein> what did i do? i forwarded a port in my ddwrt's router config.. and i use a dyndns address
<howdypartner> holstein: Well, I can ping from the server but the client can only ping the server. So I assumed it might be an iptables issue?
<howdypartner> ping google*
<unless> I am accessing my remote server and I need to run from inside it a ssh localhost. I did generate a public key and renamed it to authorized_keys but it still asking me for password from a remote connection point of view.
<baarthor> @unless access rights for authorized_keys are ok?
<baarthor> think 600 should be ok
<uvirtbot> New bug: #1061244 in samba (main) "Fix net rpc share allowedusers to work with 2008r2" [Undecided,New] https://launchpad.net/bugs/1061244
<axisys> how to provide default answers to apt-get install libpam-ldap ?
<uvirtbot> New bug: #1061277 in openssh (main) "ssh ignores ssh_config" [Undecided,New] https://launchpad.net/bugs/1061277
<cincinnatus> I noticed that Webmin is showing signs of aging... but did anything replace it?
<SpamapS> cincinnatus: Zentyal is the closest thing
<cincinnatus> SpamapS: It doesn't even come close though :( It creates a basic virtual server, and that's it. It has very little knowledge of Apache
<cincinnatus> Is there an advanced Apache module out there?
<cincinnatus> (to configure redirects, etc)
<cincinnatus> for Zentyal, that is
<SpamapS> cincinnatus: dunno.
<cincinnatus> At work, I usually administer Linux boxes with CLI... However, it feels like so last century... It's hard to believe things have gone backwards since the last time I used Webmin
<cincinnatus> So I'm probably missing something
<SpamapS> cincinnatus: well, the whole "admin a single box" paradigm is kind of going away :)
<Eitan> hey gents, quick question on ulimits, i am having the darnest time getting the ulimit changed permanent. I can change stach size by doing ulimit -s XXX size. but when i change /etc/security/limits.conf  * hard stack 10240 it wont affect ulimit even after restart. I also went ahead and made the cahnge to /etc/pam.d/common-sessions
<Eitan> dont know what i could be missing
<SpamapS> Eitan: /etc/security/limits only affects logged in users with a pam session
<SpamapS> Eitan: so if you're trying to affect the limits for services, thats the wrong way
<Eitan> ok
<Eitan> i see
<Eitan> i was trying to affect the limit for user: postgres
<Eitan> or a number of other users
<Eitan> so that would not be the way to do it?
<sarnold> Eitan: depends upon how the user postgres is running the processes in question; if they are started via init (upstart), put the ulimit commands in the initscript / config file. If they are started via a user logging in via ssh or getty, make sure pam_limits is configured for whichever service they use to log in.
<Eitan> well postgresql runs upstart
<Eitan> oh i see
<Eitan> thats makes sense to add the ulimit commnads to the initscript
<RoyK> why do you want to ulimit postgres?
<Eitan> the guy developing the application wants those tweaks made to postgres
<Eitan> i dont thinks nessesary
<Eitan> but thats what he wnats
<RoyK> it will probably make postgres crash
<Eitan> well, he will have problems with his application then, lol
<Eitan> ill let him know
<RoyK> postgres tries to allocate memory and gets an error and crashes
<RoyK> ENOMEM - boom
<sarnold> 10megs of stack may be plenty
<RoyK> better fix the application
<sarnold> I don't know postgres specifically, but stack use tends to be higher on "unbounded" applications, especially ones that may make recursive calls. databases aim for more predictability.
<sarnold> I bet there's a reasonable number you can pick -- maybe 10 megs, maybe 100 megs -- that a non-broken postgres will always stay within.
<RoyK> pgsql calls can be recursive
<RoyK> and all languages can be written uglily ;)
<sarnold> RoyK: not SQL queries -- the C implementation
<RoyK> sarnold: is that what Eitan is doing?
<sarnold> RoyK: yeah
<RoyK> sarnold: there may be plenty of pgsql fun in an sql statement...
<sarnold> RoyK: indeed :) I just have a feeling that the pgsql team's execution engine wouldn't go through unlimited stack to execute it :)
<Eitan> ill let him know guys
<Eitan> thanks
<RoyK> sarnold: I have a feeling there might not be much stack checking in pgsql...
<sarnold> RoyK: it wouldn't be explicit in their code; it'd be in how they write their function calls.
<sarnold> it'd be answerable probably wit ha static code analyzer :)
 * RoyK is a wee bit worried about sdb http://munin.karlsbakk.net/munin/karlsbakk.net/smilla.karlsbakk.net/index.html#disk
<Daviey> SpamapS: hey, can you work out if you or Norvald should be drafter for https://blueprints.launchpad.net/ubuntu/+spec/servercloud-r-mysql please
#ubuntu-server 2012-10-04
<SpamapS> Daviey: I'm not sure I expect a spec from that one.. being a roundtable, its more to gather the interested parties in the room and do a checkup on where we're at
<AaronMickDee> What's the easiest way to set up a virtual machine server with Ubuntu? I host all my stuff on my box, but a lot of the stuff hosted is for friends. I'd rather just give them a virtual machine rather than a user account. Any ideas?
<sarnold> AaronMickDee: qemu/kvm is pretty awesome.
<Daviey> SpamapS: I want a drafter that is the person responsible for driving the roundtable then :)
<uvirtbot> New bug: #1030276 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: tiáº¿n trÃ¬nh con ÄÃ£ cÃ i Äáº·t vÄn lá»nh post-installation tráº£ láº¡i lá»i, tráº¡ng thÃ¡i thoÃ¡t 1" [Medium,Expired] https://launchpad.net/bugs/1030276
<uvirtbot> New bug: #1030342 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subproces installed post-installation script gaf een foutwaarde 1 terug" [Undecided,Expired] https://launchpad.net/bugs/1030342
<koolhead17> Daviey: around
<brontosaurusrex> what would i use for spider/search engine for a small intranet site ?
<brontosaurusrex> like a local google
<xnox> brontosaurusrex: http://www.searchblox.com/ ?
<xnox> brontosaurusrex: or well "Google Mini"
<brontosaurusrex> $5000 per server?
<brontosaurusrex> it must be free
<Daviey> koolhead17: hey
<chris|> brontosaurusrex, you could try yacy
<brontosaurusrex> tested searchblox, its messy
<brontosaurusrex> chris|, p2p part can be disabled i hope?
<Japje> zow/w 157
<Japje> meh
<frojnd> Hi there. I just got an ubuntu 12.4 server to my hands and I'm seeking somekind of a handbook, or server guide. I don't find this https://help.ubuntu.com/12.04/serverguide/index.html guide pretty informative. Can you suggest me any good guides? Or wikis?
<xnox> frojnd: what do you actually want to learn / know?
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<frojnd> xnox_: everything :)
<frojnd> Currently I'm adding users that will do some programming on the server
<frojnd> I'd like to create a user that has admin access so I can disable root login
<xnox_> frojnd: by default root is disabled on ubuntu. the first account has sudo rights. and it looks like you are after "linux CLI" instead of server tasks....
<frojnd> I've put the user to sudo group (if it will want to do some maintainance work) like this: # usermod -aG sudo newuser
<frojnd> xnox_: ok so I can safely read "debian handbook" for tasks like this
<frojnd> xnox_: I got ssh access with only root
<xnox_> frojnd: yes. debian handbook, debian-administrator website, http://ubuntu-manual.org/
<RoyK> you can turn off root login over ssh in /etc/ssh/sshd_config
<frojnd> The problem is that when I login with this newuser and try to do sudo something it gives me incorrect password attempt
<frojnd> xnox_: tnx
<frojnd> RoyK: but first I have to put some users into admin group I persume
<frojnd> don't wanna lock myself out
<RoyK> frojnd: sudo prompts for the *user's* password, not the root password
<frojnd> RoyK: exactly
<frojnd> and it tells me it's wrong
<frojnd> let me check if I'm in sudo group
<frojnd> with that user
 * frojnd is apologizing for multiple lines - won't happen again
<frojnd> Ok. So it was my wrong password :/ :)
<frojnd> time to disable root login
<Adri2000> zul: keystone and python-keystoneclient minor fixes proposed through merge proposal in LP, fyi.
<maruq> hi guys
<maruq> I'm trying to setup ntpd on 12.04 on ec2.
<frojnd> Hm.. I have 2 hard drivs: sda and sdb. Both are 250GB. Now / boot swap etc (system) is innstalled on sda and I've assign 200GB from sdb for /home. But I think 250GB for / is too much?
<maruq> as far as I can tell, it's install ntp package, set the servers, then enable independent_wallclock
<maruq> 12.04 seems to have moved the /proc/sys/xen dir. any idea where I should be looking for indepenent_wallclock now?
<edgy> Hi, I just want to understand where the recovery kernel argument in grub.cfg coming from or documented? or is it ubuntu specific?
<rbasak> edgy: for grub 2, try /etc/grub.d and /etc/default/grub
<edgy> rbasak: may be you didn't understand my question, isn't ubuntu has an entry that would allow you to go to recovery mode?
<edgy> rbasak: : grub.cfg contains linux /boot/vmlinuz-3.5.0-16-generic root=/dev/mapper/vg00-lv_root ro recovery ... What's recovery here referes to?
<rbasak> edgy: it signals to the initramfs that recovery is requested. See /usr/share/initramfs-tools/init
<edgy> rbasak: but there is no kernel option called recovery, where is this documented? the init file you refer me to contains recovery=y, so what?
<rbasak> edgy: userspace can make use of kernel options too. It's common for bootstrapping to pass things into userspace from the bootloader this way. Userspace bootstrap programs examine /proc/cmdline to see all arguments that the kernel received, and the kernel ignores arguments that it doesn't recognise.
<rbasak> edgy: /usr/share/initramfs-tools/init parses /proc/cmdline and sets its variable recovery=y if recovery was on the cmdline
<edgy> rbasak: ok so the recovery option is passed to which user space program?
<maruq> hi guys. anyone know how I enable independent_wallclock in 12.04 on EC2? /proc/sys/xen doesn't seem to exist
<rbasak> edgy: the initramfs init script, which comes from /usr/share/initramfs-tools/init
<edgy> rbasak: and how the initramfs init script would handle it? the code there is not enough for me to understand
<Daviey> maruq: try, sysctl -w xen.independent_wallclock=1
<edgy> rbasak: it's just saying for x in $(cat /proc/cmdline); do recovery) recovery=y
<rbasak> edgy: not sure, sorry. I recover my systems by hand so never used the recovery feature. I would read the code to find out
<rbasak> edgy: so look for where else it uses the recovery variable
<maruq> Daviey: just tried. I get 'error: "xen.independent_wallclock" is an unknown key' :(
<edgy> rbasak: exactly that was the question I grepped the whole initramfs and no where else used this variable
<edgy> rbasak: how do you do it manually?
<Daviey> maruq: Ah, HVM instances won't have it.
<Daviey> maruq: I think you already get it for free.  I assume you have ntpd running?
<rbasak> Apart from on the "exec run-init" line?
<rbasak> Looks like it gets upstart to fire a "recovery" event. The next place to look is in upstart's configuration for jobs that fire on that event.
<rbasak> I use a recovery disc
<maruq> Daviey: yeah, I installed ntp package, went with default settings & restarted the service
<edgy> rbasak: I used to do it by passing init=/bin/bash which gives me a recovery shell, too
<maruq> Daviey: 'less /sys/devices/system/clocksource/clocksource0/current_clocksource' says "xen"
<rbasak> Usually if something's wrong it just drops down to a recovery shell anyway
<rbasak> I haven't had to use init=/bin/sh in years
<maruq> Daviey: Is there a way I can confirm that it's actually using the timeservers?
<Daviey> maruq: Sorry, i don't know.  Maybe someone else will have a better answer
<uvirtbot> New bug: #1061537 in lxc (universe) "invalid syntax in apparmor profile abstractions/lxc/container-base" [Undecided,New] https://launchpad.net/bugs/1061537
<Daviey> maruq: syslog should contain ntpd info
<maruq> Daviey: this is what I'm seeing in syslog: https://gist.github.com/f4f927d94e5dec938e06 is that correct?
<edgy> rbasak: there seems to be a loop here? ls -l /lib/recovery-mode/recovery-mode/recovery-mode
<edgy> lrwxrwxrwx 1 root root 18 Jun 22 15:54 /lib/recovery-mode/recovery-mode/recovery-mode -> /lib/recovery-mode
<rbasak> Probably useful when working with chroots
<edgy> rbasak: don't know
<edgy> rbasak: ok thanks for you help
<zapotah> hi
<zapotah> after the latest updates something went wrong
<zapotah> one of the bridge interfaces wont come up
<zapotah> configuration is as follows
<zapotah> two nics
<zapotah> with lacp bond0
<zapotah> vlan interface vlan40 with bridge to bond0.40
<zapotah> a few other vlan interfaces as well
<zapotah> but the bond0.40 wont come up
<zapotah> vlan100 interface with bridge to bond0.100 comes up and cat /proc/net/vlan/config shows that everything is working fine with that one
<zapotah> problem being here that atm four servers that have the vlan 40 attached wont start
<zapotah> running xen on the server
<smb> SpamapS, stgraber, So I got one more iteration to fix bug 1021471. Probably SpamapS could have a look at the latest (and now only) packages at people~smb/clonetst
<uvirtbot> Launchpad bug 1021471 in linux "clone() hang when creating new network namespace (dmesg show unregister_netdevice: waiting for lo to become free. Usage count = 2)" [High,Triaged] https://launchpad.net/bugs/1021471
<uvirtbot> New bug: #1061565 in tomcat7 (main) "package tomcat7 7.0.26-1ubuntu1.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1061565
<Daviey> zul: what is the difference between nova-novncproxy and nova-vncproxy?
<zul> Daviey:  im not 100% sure
<Daviey> zul: it's a change after f3
<zul> Daviey:  no difference in my opinon it still uess novnc
<melmoth> Daviey, one is to use with horizon, the other with a java client.
<melmoth> ohh, may be i m confusing with novnc..
<melmoth> from http://docs.openstack.org/trunk/openstack-compute/admin/content/faq-about-vnc.html :
<Daviey> zul / melmoth: There difference is the package namees. :).. It seems we switched package names after f3
<melmoth> nova-vncproxy was removed from the nova source tree. The Essex analog for this process is nova-novncproxy, which is provided by an external project.
<melmoth> so it looks like there has been some name changed from diable to essex.
<zul> Daviey: bah sorry i didnt notice
<Daviey> hmm
<Daviey> we still build it from nova tho?
<Daviey> zul: The thread on the OS mailing list.. I'm trying to work out if it's a trivial doc fix
<melmoth> i must admit i was really confused finding the right package for the right kind of proxy (novnc for horizon and nova-vncproxy for the java client)
<zul> Daviey: ok ill try to reproduce the upgrade issue though and double check things
<Daviey> melmoth: yeah, i don't want to give poor advice
<Daviey> zul: i did just reproduce it
<Daviey> zul: it's not an upgrade issue, a plain install issue
<zul> grrr
<Daviey> zul: I am about to reply with, "In your apt-get install line, can you replace nova-vncproxy with nova-novncproxy.  This was a change made after Folsom-3, and the documentation hasn't been updated to reflect." - but i want to make sure that is accurate
<Daviey> FWIW, it does /install/
<Daviey> but is it what the user wants :)
<zul> Daviey:  right
 * Daviey adds some ubiquity 
<zul> Daviey: right you are more awake :)
<koolhead17> hey zul
<zul> koolhead17: hi
<koolhead17> Daviey: which doc you are talking about sir? Do i need to modify something :)
<Daviey> koolhead17: yeah, possibly
<Daviey> koolhead17: It's not your fault.
 * xnox ponders if Daviey meant English noun "ubiquity" or the Ubiquity - Ubuntu Installer....
<koolhead17> Daviey: just let me know what changes are needed will do. In a meanwhile with new quantum pkg in place we will push quantum doc too :)
<koolhead17> in the same doc
<Daviey> xnox: not the installer
 * xnox is back in the installer then
<Daviey> koolhead17: rocking !
<jasonmsp> good morning all..  What is the meaning of  this first part of  a cronjob  "root [ -O /tmp/dir.cache]"  I'm used to seeing if statements as in "root if [-x " but i can't find any reference to this on a web search.
<SpamapS> smb: downloading your latest fixed kernel now
<smb> SpamapS, Great. :)
<skrite> hey all, i am looking for an easy to configure mail server distro i can build and run in a vm for our company... any ideas?
<SpamapS> skrite: http://www.turnkeylinux.org/search/luceneapi_node/mail%20type:appliance ... these would probably work
<SpamapS> skrite: Zimbra in particular is pretty nice.
<skrite> SpamapS: thanks
<zul> Daviey: based on andrew's comment on the ec2 bug https://github.com/openstack/nova/blob/master/nova/db/sqlalchemy/migrate_repo/versions/107_add_instance_id_mappings.py it doesnt happen when the table is created and migrated
<uvirtbot> New bug: #1060404 in lxc (main) "update-grub runs and fails in containers" [High,Confirmed] https://launchpad.net/bugs/1060404
<uvirtbot> New bug: #1061665 in nova (main) "Filter scheduler not respecting the force_hosts hint" [Undecided,New] https://launchpad.net/bugs/1061665
<koolhead17> i see Daviey live :)
<SpamapS> smb: you going to be around for a bit longer? Just now about to test that kernel
<chmac> denyhosts has started blocking localhost on a handful of machines in the last 24 hours. Any idea what's going on?
<chmac> I'm not aware of anything that's changed on our setup.
<SpamapS> chmac: sounds like a bug.. localhost should be whitelisted
<chmac> SpamapS: Right, sounds odd, and what caused it to flare up now, on 3 servers, within 24 hours of each other, all with similar configs...
<chmac> I'll double check the whitelisting.
<chmac> I only noticed the issue because monit can't connect on localhost, so it thinks sshd is down, restarts it a few times, then times out. Meanwhile, it's running all the time.
<moose> hey
<moose> has anyone compared chroot to virtualbox?
<moose> hello?
<holstein> moose: hey.. you can just ask.. if anyone knows they will answer
<moose> ok
<holstein> i have only used Vbox, and its arguably "easier" i would say.. thought the chroot might be less overhead if thats what you want/need.. theres Vbox headless (text mode)
<moose> what are the pros and cons of chroot vs [3~[3~[3~[3~[F[3L:/ok
<moose> which one is more secure?
<holstein> i wouldnt trust any casual answer on the IRC about that... i would say if you are experience, either can be as secure as you need
<moose> how much resources does a virtual box need compared to chroot?
<holstein> moose: i have only used Vbox, but i would just set both up and see..
<moose> ok
<moose> thank u
<SpamapS> moose: chroot and virtualbox are like a bicycle and a car... pretty hard to compare
<SpamapS> holstein: and don't be silly, chroot cannot be as secure as a VM.
<moose> my server has only 500mb of m,
<SpamapS> moose: heh, thats not a server then :)
<SpamapS> you might be using it to serve things, but its not a server computer :)
<moose> well, not a sver for virtual box maybe, but chroot might be ok
<holstein> SpamapS: i still think it would depend on the use case and the skill level.. but like i said, i use Vbox..
<SpamapS> smb: initial result seems positive!
<SpamapS> hallyn: ^^ smb's newest kernel seems to address the issue
<moose> is 500 RAM not enough for a server? min is only 125mb
<SpamapS> crap
<SpamapS> [  455.352556] unregister_netdevice: waiting for lo to become free. Usage count = 1
<SpamapS> hallyn: spoke too soon
<hallyn> what did his newest kernel do?
<SpamapS> No idea he hasn't been sharing patches
<hallyn> i wonder how hard it woudl be to 'just' yank the routing cache :)
<SpamapS> just posting kernels which I try ;)
<SpamapS> root     16118  0.0  0.0  27532  1032 ?        Ds   09:07   0:00 lxc-start --daemon -n clint-local-ci-u1-0 -l DEBUG -o /home/clint/.juju/data/clint-local-ci/units/u1-0/container.log
<SpamapS> dead
<SpamapS> smb: n/m, still broken
<hallyn> SpamapS: i meant what approach did that kernel take to trying to fix it
<SpamapS> hallyn: *no idea*
<hallyn> ok
<SpamapS> hallyn: you'd have to ask smb
<SpamapS> [  577.079821] rtdbg: fib_disable_ip(lo/ffff880164917000/ffff880073e68000, -1)
<SpamapS> seems to be printing that out a lot
<hallyn> i did, implicitly :)  irc is a wonderful thing
<moose> how do i supress [D[D[D[D[D[D[D[D[D[3~[3~[3~[3~[3~[3~[3~[D[D[D[D[D[D[D[D[3~[3~[3~[3~[3~[3~[3~[3~[F[A[A[A[B[B[B[B[B[B[3~[3~[3~[3~[3~
<SpamapS> hallyn: could this be avoided at all by restarting the lxc-net service between lxc-stop/lxc-destroy and lxc-start ?
<SpamapS> moose: use the right $TERM setting
<hallyn> SpamapS: no
<SpamapS> yeah just tried that
<SpamapS> hallyn: anything we can put in the instances to clear out the route cache right before halt?
<hallyn> SpamapS: what we could try,
<SpamapS> at this point, I'm not really confident that we'll have a solution for 12.10's release
<hallyn> what we could do is stash away /proc/self/ns/net for the open container
<hallyn> or actually, mnt
<hallyn> then use that after container shuts down to flush the route cache
<hallyn> but really, smb's earlier kernel tried to do that from th ekernel, and it didn't work
<hallyn> so my guess would be that your write to the 'flush' file would hang, waiting for a mutex to P
<hallyn> i still think that despite assumptions we've made, it would be worth bisecting upstream kernel both for the commit breaking it, and teh commit fixing it
<hallyn> noone has AFAIK *verified* that dropping the route cache fixed it
<hallyn> if need be i'll spin up a bigmem.xlarge or whatever amazon instance and start the bisection, but i've been waiting to hear whether smb is doing that already
<SpamapS> hallyn: right, there is a lot of change between here and there
<SpamapS> hallyn: how does that work, bisecting on amazon?
<hallyn> SpamapS: does an upstream kernel havethe needed supprot to boot inamazon?  i figure it would work the same way as installing a new kernel .deb
<hallyn> i.e i was assuming EBS instances can boot whatever grub says to
<SpamapS> hallyn: you'd have to ask smoser and utlemming.. I'm just not sure how it would work
<hallyn> still going to wait for smb.  i dont' want to duplicate work
<hallyn> meanwhile i have to piss off upstart :)
<SpamapS> I admit that I usually put my hands on my ears and sing "Camp town ladies" whenever people talk about the kernel
<sarnold> (that's an option? :)
<hallyn> yes, but your punishment is dealing with php :)
<sarnold> hallyn: ooh, that's cold.
<smoser> hallyn, ebs (or instance store) boot with "pvgrub"
<smoser> which reads /boot/grub/menu.lst
<smoser> as far as upstream kernels having the right stuff, i suspect that current upstream can be configured to boot correctly.
<hallyn> smoser: "boot with pvgrub" - where do i specify that?
<utlemming> hallyn: that happens automatically with AWS
<utlemming> pvgrub is specific to Xen
<hallyn> cool
<hallyn> thx
<smoser> it happens automatically with our images in pvgrub
<smoser> you register with a kernel
<smoser> our images are registered with the pvgrub "kernel"
<smoser> (since 10.04)
<RoyK> hm... apt-btrfs-snapshot looks like a jolly good idea, but does it integrate with grub to allow booting from the previous snapshot somehow?
<xnox> RoyK: initramfs does not support booting of any subvolumes bug @
<xnox> RoyK: so, no. You can change @ to achive the same I believe.
<xnox> but I have not tried.
<zapotah> i stated earlier that something was broken with the latest updates
<zapotah> dont know if its the devs fault or whoevers
<zapotah> but specifying in the /etc/network/interfaces a vlan40 interface and a line with bridge_ports bond0.40 does not create a sub interface bond0.40
<zapotah> it created a bond0.100 interface which was the first specified
<zapotah> in interface vlan100
<zapotah> manually specifying bond0.100 bond0.40 etc with vlan-raw-device bond0 works
<zapotah> after that stuff works like it used to
<zapotah> dont know if the problem lies with ubuntu
<zapotah> package vlan or ifenslave
<zapotah> can anyone say if ubuntu has the lacp function built-in nowadays or is the ifenslave still required
<zapotah> ?
<zapotah> ifenslave package*
<resno> any suggestions about sys admin blogs i should read?
<howdy> Hello. Has anyone here created a dhcp server? If so, if I have a network such as [modem] -> dhcp server -> [switch] -> client .... and the client can talk to the dhcp server... what would be stopping the client from accessing the internet? I tried to open some ports through iptables but it doesnt seem to like me. Any thoughts?
<sarnold> howdy: if you're assigning RFC 1918 non-routable addresses to your clients, you'll also need a network address translation firewall: http://en.wikipedia.org/wiki/Network_address_translation
<patdk-lap> dhcp server has nothing to do with accessing internet
<howdy> Well, I know it's to assign ips. But I guess I'm misunderstanding something.
<howdy> sarnold: Thanks.
<Poapfel> Everytime I try to restart my network I get this error message http://paste42.de/4195/ is there another way to restart the network?
<Jeeves_> Poapfel: No. They broke networking restart while porting it to upstart
<hallyn> zul: do you have any ideas on bug 1057024 ?  i don't...
<uvirtbot> Launchpad bug 1057024 in libvirt "internal error Process exited while reading console log output: char device redirected to /dev/pts/1 error when creating a vm" [High,Confirmed] https://launchpad.net/bugs/1057024
<hallyn> i can't reproduce it.  everythign looks kosher
<hallyn> it sure looks like libvirt-qemu user simply can't access /dev/kvm.  but perms are correct
<sarnold> hallyn: any AA rejects?
<hallyn> sarnold: hm, i haven't asked for that info, as i don't see how it's possible :)  but i'm getting desparate enough...
<zul> hallyn: i havent seen that before but this looks suspicious:
<zul> http://pastebin.ubuntu.com/1260491/
<hallyn> zul: i know!  but /dev/kvm is owned by kvm group, with group write perms
<hallyn> psivaa: hi
<psivaa> hallyn, hi
<hallyn> psivaa: sarnold was just suggesting maybe there's apparmor perms problem.
<hallyn> can you pastebin the tail end of /var/log/syslog?
<zul> hallyn: im asking for the dmesg output as well
<psivaa> sure, 1 sec
<hallyn> zul: psivaa is the bug submitter
<zul> psivaa:  oh hi
<zul> hallyn: can you re-load the module
<zul> and then restart libvirt
<hallyn> zul: note *i* can't reproduce the bug
<zul> hallyn: yeah googling doesnt have anything interesting
<psivaa> hallyn, zul https://pastebin.canonical.com/75924/ is the syslog
<hallyn> wait a sec
<hallyn> psivaa: jinkeys, that requires 2-factor auth for me to read
<psivaa> hallyn, ohh yea, what other form could i paste?
<zul> psivaa:  dmesg please
<hallyn> psivaa: oh hey.  do you by chance have vmware or virtualbox installed?
<psivaa> hallyn, yes, i do have it installed
<psivaa> zul, is canonical pastebin ok for you?
<hallyn> gah!
<zul> psivaa:  prefer not :)
<hallyn> psivaa: can you unload its kernel modules?
<psivaa> hallyn, not sure how to do that :)
<hallyn> we may want to call this a linux kernel (kvm module) bug, but that'll be the problem
<hallyn> psivaa: can you pastebin 'lsmod ' output?
<hallyn> or just apt-get purge virtualbox, if you don't actually use it
<hallyn> but for testing we should be able to just rmmod the module (once we know its name)
<smb> hallyn, SpamapS, Not sharing patches is a lie. You should for a change read the bug report. It basically now does yank the route cache as it is supposed to
<hallyn> smb: ?  who is not sharing patches?
<smb> With the debug kernel you should actually see it in the logs
<psivaa> zul, hallyn: https://pastebin.canonical.com/75926/ is the dmesg, sorry i dont have anyother means now :$
<smb> hallyn, Though SpamapS was telling that I would not ;)
<smb> though
<smb> *thought
<smb> gah
<hallyn> smb: im' 99% sure he didn't mean whatever he said quite like that
<Poapfel> Jeeves_: ?
<Poapfel> so there is no way to restart it?
<hallyn> smb: are you able to/have you been doing a bisect to determine where the bug was introduced or fixed?  should i be trying that?
<SpamapS> smb: indeed I was a liar. :)
<hallyn> (bisecting upstream, not ubuntu kernel)
<psivaa> lsmod https://pastebin.canonical.com/75927/
<smb> hallyn, I am 100% sure I am overstating the fact ;)
<smb> The problem with net is that they a) replaced the whole route cache by something different between 3.5 and 3.6
<smb> That makes bisecting a major pain in the rectum
<SpamapS> smb: I'm still running the affected machine so, do you need any more dmesg's or such?
<hallyn> smb: right, but i was thinking of bisecting 3.2 .. 3.5 to figure out where it was introduced
<hallyn> smb: hey do you know offhand the name of the virtualbox kernel module?
<smb> Plus they have some fixes in the pipe (linux-next) that also targeted a similar sounding issue
<Jeeves_> Poapfel: You can ifdown, but that will probably disconnect you
<Jeeves_> screen , ifdown ; ifup mght work
<smb> hallyn, hm no. Some dkms thing...
<hallyn> smb: yeah, finding the commit that fixes it is IMO less likely to work :)
<hallyn> ok thx,
<hallyn> psivaa: drat, i can't find the virtual box kernel module in your lsmod list.  Do you mind going through software center and removing virtualbox, to see if that fixes it?
<smb> hallyn, seems there is 4 of them
<smb> hallyn, vboxpci, vboxnetadp vboxdrv and vboxnetflt
<hallyn> oddly those aren't apparently loaded though
<smb> Neither here apparently. I even forgot I installed it once
<psivaa> hallyn, i have purged virtualbox now but still its occurring
<hallyn> psivaa: after a reboot?
<smb> hallyn, No this time I am lying
<smb> Or I cannot type the grep all the times I am trying
<hallyn> smb: but if you'd like me to try the bisect (starting tonight) i'm happy to try
<psivaa> hallyn, is that ok if we continue a little later or tomorrow :), i need to urgently go out
<hallyn> psivaa: of course - thanks!
<psivaa> hallyn, sorry aboutt that
<smb> SpamapS, When things fail for you. Is it always a 1 reference left?
<hallyn> talk to you tomorrow
<SpamapS> smb: yes, though I think that number goes up with the number of containers stopped
<smb> SpamapS, I believe it was 2 when the route cache is involved (probably a factor of two) but maybe there is another leak left now
<Poapfel> my ipv6 connections breaks everytime a few minutes after a reboot, how I am suppose to fix this if I am not able to restart the network?
<SpamapS> smb: agreed, I think it was 2 before as well
<SpamapS> smb: with #24~smb1 it was 2
<SpamapS> smb: and with #24~smb2 it was 1, and has been 1 ever since
<smb> SpamapS, Right that also seemed to be consistent with the testcase for which I do not see a problem anymore.
<hallyn> woot! progress :)
<SpamapS> ok, so what else bumps the refcount?
<smb> SpamapS, Could you please post a complete /var/log/syslog file to the bug report
<SpamapS> smb: sure, doing that now
<smb> SpamapS, Everything that uses the netdev
<smb> SpamapS, Ok, then I can look at it tomorrow
<SpamapS> smb: attached
<smb> SpamapS, thanks!
<smb> SpamapS, Oh and btw, with the test case and without patches the problem would go away after somethimes up to 5 minutes
<smb> SpamapS, It would be a valuable info if that also happens for this case
<SpamapS> smb: it has not gone away in 5 minutes for me.. but I may be screwing it up by doing another lxc-start (which then gets stuck in disk wait)
<SpamapS> smb: I'd swear that this time, with your current patch, it took longer for the unregister_netdevice messages to pop up
<smb> SpamapS, Yeah, that would add to the theory that we now hit another problem which was hidden by the previous fail.
<delinquentme> hey all .. I've got a server process I'm running and I've launched it through a SSH connection .. I would like the process to persist after I've closed the terminal
<smb> Though I need to carefully go through the log there and compare addresses
<delinquentme> how can I do this?  ... i thought $ bundle exec trinidad & might do it
<delinquentme> that is not the case
<SpamapS> smb: are you reproducing locally still btw?
<sarnold> delinquentme: investigate screen, tmux, and nohup. nohup is easiest IFF it works.\
<SpamapS> delinquentme: if you just want it to keep running and you don't care much about being able to interact with it.. 'nohup programname &' does it
<delinquentme> actually I think i got it :D
<smb> SpamapS, Well for me the problem was sort of fixed. But I only use the test C code and not too many times. So no
<SpamapS> smb: ok .. its fairly simple for me to reproduce with lxc-create/lxc-start/lxc-stop
<smb> SpamapS, I guess I will have to try those steps on further debugging or see what would happen when modifying the test case a bit
<SpamapS> smb: sounds like something during the actual machine boot bumps the refcount and then the tear-down is missing that
<smb> SpamapS, Sounds like I should definitely see to be able to reproduce this locally and then enable the ugly warn_on on every get and put.
<smb> SpamapS, Anyway what is interesting is that stgraber is less likely hitting that but would be doing the same thing...
<SpamapS> smb: the dreaded race condition
<SpamapS> stgraber: ^^ are you testing on a system w/ SSD or slow disk?
<SpamapS> My SSD box definitely reproduces 100% while my older laptop sometimes doesn't.. I think.. its all me guessing
<smb> The disk would be a less likely suspect but who knows.
<SpamapS> well...
<SpamapS> if things happen in a different order..
<SpamapS> and there is a missing lock somewhere
<SpamapS> would explain a counter skew
<SpamapS> smb: I'm thinking the boot and/or shutdown of the container and its network configuration might be racing something else.
<SpamapS> like, lxc-wait .. which I realize now is in the mix, I just haven't been considering it part of the equation
<smb> SpamapS, I would not completely rule it out, its just one suspect that rather comes later to your mind. First with how those refcounts are handled and net involved you would think of rcu and cpu based races...
<Aresby> I'm considering mv'ing production resources to ubuntu-server.  Been exploring what's "in the release", as well the whole PPA infrastructure.  General question re: kernel -- how "vanilla" upstream are the kernels u-s uses & makes available?  Are they typically UN-patched upstream releases? more in line with Opensuse-esque franken-kernels?  Or something in-between?
<Aresby>   For my usecase, I'd *prefer* to be as close to upstream kernel + upstream Xen (virtualization is mission-critical here) as possible ...
<patdk-lap> aresby, I don't know anything about suse kernels
<patdk-lap> should be just like redhat kernels
<patdk-lap> a kernel version is picked, and that version is stuck to, and security patchs are backported to it
<patdk-lap> there are some custom stuff, but not much
<patdk-lap> the custom stuff I know of, is attempting to be ported into the normal kernel
<smb> Aresby, Quite upstream + stable patches. There were one or two patches but those are gone or are not really changing much.
<smb> (or being separate drivers)
<Aresby> patdk-lap: ok, thanks.  I'll continue to read-up.  How amenable to DIY-build/use of newer kernels is U-S?  I assume there's likley PPAs that already do this --- but, if i DIY, I'd like the process to be less filled with distro-specific "gotchas".
<Aresby> smb: ARe thos patches Ubuntu-community generated/maintained?  From/thru Canonical?  or from Upstream itself?
<patdk-lap> I normally just download the source, add my patch into the build
<patdk-lap> and push it to a ppa :)
<patdk-lap> simple
<Aresby> patdk-lap: Heh, sure *that* part is.  It's the "Oh, btw, your custom-built kernel is gonna smoke your box" stuff that I'm worried abt ;-)
<Aresby> plus the "and don't let the door hit you in the ass on the way out of #irc" Centos-isms ...
<smb> Aresby, Community maintained in some sense I would say. Like aufs/overlayfs, some dm-raid45 one. Probably community in a wider sense.
<smb> Aresby, If you look at our public git trees there is a ubuntu subdir which contains all those. Everything else is more or less like a current upstream stable kernel of the same version
<Aresby> smb  ok.  tbh, I *am* banking on the assumption that I don't have to explain to folks in _here_ what 'enterprise' means, or why I might want a custom kernel build -- so "community" is far less of a risk.
<Aresby> Thanks!
<uvirtbot> New bug: #1052365 in samba (main) "pas la possibilte d installer derniere version de samba" [Undecided,Invalid] https://launchpad.net/bugs/1052365
<zapotah> so, anyone know if somethings changed with vlan or ifenslave or something with ubuntu networking for my described problem to pop up out of the blue with updates
<zapotah> in /etc/network/interfaces thers an lacp bond interface over which ive created a few vlan bridges
<zapotah> after some updates this past few weeks i encountered a problem today in which i updated the xen hosts and they were apparently unable to create bond0.x subinterfaces corresponding to the vlans
<zapotah> had to manually specify the bond0.x subinterfaces for it to work again but i was wondering if theres been some fundamental change to the networking workings as of lately
<zapotah> anyone?
<zapotah> anyone at all?
<zapotah> i lack the ability to troubleshoot the code and the inner workings of the linux networking stack so im asking if anyone would have any insight into this problem
<zapotah> we have production systems running with the exact same configuration as the lab setup i updated today and it would be extremely embarassing for them to stop working because of an update
<sarnold> zapotah: (if you're completely stuck here, consider also serverfault.com -- feels appropriate to me there, too, unless you've got a debian-specific bug of some sort..)
<Aresby> Iiuc, launchpad is the primary (only?) jumping off point for finding newer-than-release PPAs.  Still getting my sea-legs:  starting with search@launchpad, how do I find a/the "most-likely-to-be-production-reliable" PPA/pkg for a server app?  Let's, e.g., say MySQL v5.6 ...
<zapotah> sarnold: im not stuck because the way i solved the problem in the lab env propably works for the production env as well.
<maswan> Aresby: production-reliable? then you need to know who runs it and trust them to ship [security] updates at a resonable pace.
<patdk-lap> aresby, percona
<zapotah> sarnold: my concern is that the problem is more deeply rooted and as I am unable to debug it further than the functionality and how im able to work around the bug im somewhat concerned as to how to make sure the problem wont fatally affect the production systems
<Aresby> maswan: Well,  production-reliable-er ... Where I hail from (opensuse) there are different shades of repos -- from the 'official', to 'almost, or will be, official' to end-users' "hobby" repos.  I'm trying to get a sense for what's what @ubuntu.
<Aresby>   patdk-lap That's not the question -- MySQL is an example.  I'm asking about ubuntu repos
<patdk-lap> but if your looking for, production/stable/reliable, you are NOT looking for mysql 5.6
<patdk-lap> aresby, heh?
<sarnold> zapotah: makes sense :) It's way outside of my experience, and I wanted to make sure you weren't stuck with something bad ;)
<patdk-lap> you aren't making sense, if it isn't in ubuntu main repo, it's not going be production/stable/reliable/secutity patched
<patdk-lap> unless it's done via a 3rd party
<Aresby> patdk-lap: Great.  Pick another app -- that's newer than what ubuntu-release ships.  The specific app is irrelevant to my question.
<patdk-lap> and your completely on your own there
<patdk-lap> yes, and your going have to either do it yourself, or find someone you trust/pay to do it
<patdk-lap> it's the same way for rhel
<patdk-lap> no difference
<Aresby> So @ubuntu it's either in "main" or it's not dealt with in bugs/lists/community etc?
<patdk-lap> main is handled
<maswan> patdk-lap: eh, some of it can be decently supported. like pitti's postgresqls.
<patdk-lap> anything else is handled by whoever handles it :)
<maswan> but yeah, if you need something newer than currently released, you're usually better off waiting 6 months and jumping onto a non-LTS
<patdk-lap> rhel is the same, they handle what is in their repo, what is outside it, they don't handle, epel, or any other repo you locate
<Aresby> maswan: Assuming that "pitti's postgresqls" means a PPAC that's widely adopted/used, and/or built by someone s with good track-record, how does one go about find the "pitti-ish" repos?
<patdk-lap> if you want newer than what is supported, it's not going be production/stable/... by ubuntu
<zapotah> I know that the people on this channel are propably not financially invested in the development of ubuntu so theyre not bound to give and find answers to difficult problems but if canonical makes folks to believe that ubuntu is an enterprise ready platform i wish problems like this wouldnt rise no matter what
<maswan> Aresby: By knowing and maybe having a chat with the maintainer.
<patdk-lap> zapotah, I can't help you, I have never had your issue, my vlans and bonded interfaces work fine
<Aresby> maswan: Not ideal, but fair/reasonable point.  Thanks.
<zapotah> patdk-lap: any idea what couldve caused this kind of problem with a xen host?
<zapotah> its work-aroundable sure
<patdk-lap> heh xen?
<patdk-lap> try simplifing the issue
<maswan> Aresby: some might have stated policies. but in general you don't want to run production services on things outside the dist
<patdk-lap> your throwing too many *issues* into it
<zapotah> patdk-lap: how come?
<patdk-lap> to hard to know *who* or *what* broke it
<patdk-lap> xen has been gone from ubuntu for a long time now
<Aresby> maswan: Sure.  Just a matter of "outside the dist" means different things @ different distros -- and I'm learning @ubuntu.
<zapotah> patdk-lap: uhh how come? the latest xen has been provided by the main repo until a few months ago
<patdk-lap> anything outside the dist, would be, not by default included :)
<maswan> Aresby: there is a bit of difference between "main" and "universe" too, "main" is promised support from canonical, "universe" is "community supported". real security fixes go fine in universe, but getting bug fixes through kan be iffy at times depending on who is handling it etc.
<zapotah> havent checked lately but xen 4.1.2 was provided by the main repo until just a little while ago
<zapotah> i know ubuntu favors kvm nowadays
<patdk-lap> I dropped all xen support back when it went out in 10.04
<patdk-lap> but still, does the issue only happen when using xen?
<patdk-lap> do you know?
<zapotah> unfortunately i dont have a non-hypervisor host to make sure
<Aresby> zapotah: xen 4.2 builds and functions cleanly on Ubuntu 12, fwiw.  One of the reasons I'm looking at switching TO ubuntu.  this was my starting point: https://help.ubuntu.com/community/Xen
<zapotah> Aresby: i know ive tried
<zapotah> Aresby: xenapi and ovmf support at build requires some modifying of the Makefiles and env variableÂ¨s
<maswan> Aresby: That said, if you are really needing something not in the dist, using a ppa is a good starting point though, and a good starting point if you need to build your own packages.
<Aresby> maswan: Noted, thanks.
<maswan> Aresby: you just want to be sure you're following upstream's security announces etc in case the ppa goes stale
<Aresby> maswan: yep
<Aresby> zapotah: there _were_ some mods required in my 1st runthroughs.  In general, it seems that Xen upstream's "most native" dev env is Debian.  Which, iiuc, should make Ubuntu easily doable.
<Aresby> maswan: "really needing something" varies.  I'm certainly not a glutton for punishment, but it's oft-happened that an 'official repo' @distro has pkg-brokenness with little interest in, or urgency about, pushing fixes.  When that happens, I look for those "pitti-ish" repos, or DIY ...
<zapotah> Aresby: i think it required the modifying of the static GCC44 variable and the nonfuncioning autodetection of the XML anc CURL configuration variables
<zapotah> and with ovmf the version difference of GCC between debian and ubuntu
<zapotah> but after dealing with those it compiled without problems
<Aresby> zapotah: yep, reading Xen@Debian info atm ...
<zapotah> ashamed i have to admit i didnt have time to actually try it out if it actually worked
<zapotah> but i would guess it did
<zapotah> libvirt has some problems compiling atm with xen 4.2 but i guess everyonell have to wait for them to patch that atm
<zapotah> problem with libxl.h api
<zapotah> tried to debug that but again it goes above my field of expertise
<Aresby> zapotah libxl challenges seem to be vendor-agnostic; there's enough to go around.  My hope is getting closer to upstream -- @ both kernel & xen -- will simplify matters.
#ubuntu-server 2012-10-05
<uvirtbot> New bug: #1057320 in glance (main) "Glance api and swiftclient not compatiable versions" [Undecided,Fix released] https://launchpad.net/bugs/1057320
<pmatulis> anyone here get sssd working with sudo configured in ldap?
<uvirtbot> New bug: #1061961 in horizon (main) "Upgrading openstack-dashboard does not upgrade dependencies." [Undecided,In progress] https://launchpad.net/bugs/1061961
<ipl31> Hello, so I had a qlogic 10 Gig card that worked oneiric but now seems to not be happy because of a firwmare version in precise. Did something change in the linux-firmware package?
<sarnold> ipl31: were there any enlightening notes in the /usr/share/doc/<foo>/changelog* files?
<ipl31> sarnold: unfortunately no
<sarnold> :(
<sarnold> ipl31: if you steal the firmware from the old version, does it work?
<ipl31> good question I should try that
<ipl31> although box is remote and I have not network access only remote KVM, but I will see if there is way I can get it on there
<sarnold> oof
<ipl31> yeah :)
<sarnold> would it be easier to get a local card?
<ipl31> yeah it might be, its 10G card so I can't buy one locally would need to have it shipped
<ipl31> but I might end up doing that
<sarnold> .. it doesn't sound cheap :) but still, that also sounds like a system that's best to leave alone as much as you can. :)
<ipl31> actually system is not in service so I can do whatever I want
<sarnold> woo :
<sarnold> :)
<ipl31> testing the upgrade to precise
<uvirtbot> New bug: #1061977 in cloud-init "Machine fails to commission when console=ttyS0 is present on kernel opts" [Undecided,New] https://launchpad.net/bugs/1061977
<stgraber> SpamapS: I'm testing on an ivy bridge laptop (i7) with a lot of RAM and a very fast SSD...
<SpamapS> stgraber: ok, so not that dissimilar from my mac book air (i5, 4GB RAM, average SSD)
<Guest2295> Hello all!!!
<Guest2295> I am coming I think to the end of a very drawn out problem with reference to my primary system running ubuntu.
<uvirtbot> New bug: #1061996 in samba (main) "Can Not Create Samba Share" [Undecided,New] https://launchpad.net/bugs/1061996
<Tohuw> I need to install Magick-config, but it seems the only packages that provide it from the Ubuntu repos require X11. Can someone enlighten me as to why this might be, and if there's a suitable alternative if my only goal is to provide Magick-config for gem install rmagick?
<sarnold> Tohuw: drat, I wondered if graphicsmagick-libmagick-dev-compat might be easier .. but no luck, it also eventually depends upon libx11-dev
<sarnold> Tohuw: I believe I've read some mechanism to fake dpkg into thinking that some specific packages are already installed; I _hope_ that graphicsmagick or imagemagick would load libraries only as they need them..
<Tohuw> sarnold: I could force the install of the package, but I'd rather not... based on my reading of Magick-config, it seems odd to require the X11 stack for it...
<sarnold> Tohuw: it'd be a package-level dependency, the individual tool may not need it at all.
<Tohuw> sarnold: I found a workaround via installing libgraphicsmagick1-dev, which installs an acceptably minimum number of X11 dev packages.
<sarnold> Tohuw: oh! hooray for just the -dev packages. that'll save a bit.
<Tohuw> Yes, considerably. x11-common, libx11-dev, x11proto-xext-dev. I can live with that.
<Tohuw> For the record, the correct package ended up being 'graphicsmagick-libmagick-dev-compat' to resolve rmagick not installing on Ubuntu via gem install. This is the most minimal provider I could find.
<Tohuw> I didn't catch that libgraphicsmagick1-dev provides GraphicsMagick-config, which is not quite the same. I also needed libmagickwand-dev.
<uvirtbot> New bug: #1006149 in libvirt (main) "PowerPC needs access to /proc/device-tree/ in apparmor perms" [Medium,Expired] https://launchpad.net/bugs/1006149
<basil60> I'd like some advice on possible malware on ubuntu11.04 server please?
<basil60> I've received a number of complaints from my ISP that unsolicited emails have originated from IP address. I've scanned for rootkits , malware a,d almost every other conceivable problem on my PC. As soon as I turned my server back on, the complaints returned. I'm sour it's some system change that I made that has permitted this problem... I'd just like some advice on shutting it down.
<basil60> Thanks guys...I might try again later
<jellybean> Good morning all
<jellybean> Is there a recommended procedure for installing Ubuntu Server to a compact flash drive?
<DarkStar1> hi all.. Is there anyway I can increase the size of a directory? specifically one under the /var tree
<chmac> DarkStar1: Directories don't have sizes exactly, unless you put more stuff into the directory, in which case it'll get "bigger"
<chmac> DarkStar1: Or are you running out of space?
<DarkStar1> chmac: I ran out of space. I was importing old mail archives into a the directory path /var/vmail
<chmac> DarkStar1: Do you have space elsewhere on the disk?
<DarkStar1> chmac: yeah. let me pastethe output of df -hl
<DarkStar1> chmac: http://fpaste.org/05Cn/ so I'm guessing I need to increase the amount of space allocated to /dev
<chmac> DarkStar1: OVH server right?
<DarkStar1> yeah
<DarkStar1> chmac: houw'd you know :)
<chmac> They have this weirdness with rootfs and /dev/root, very strange. /dev/root doesn't actually exist.
<DarkStar1> hhmm.
<DarkStar1> mayhaps I can remount /var on dev2?
<DarkStar1> on /dev
<DarkStar1> ?
<chmac> DarkStar1: There is no /dev
<chmac> It's a virtual filesystem, your only real file system is /dev/md2
<chmac> You could try symlinking your /var/vmail directory to /home/vmail or something like that.
<chmac> ovh are pretty stupid in the way they lay out your disk, I always repartition them.
<sri> hi
<Guest18447> hi
<DarkStar1> chmac: hhmâ¦â¦...
<DarkStar1> good idea. Will have to trythat later. thanks
<chmac> DarkStar1: Have you been using the machine for a while?
<chmac> DarkStar1: You could also repartition it, that's one advantage of software raid, you can repartition on the fly.
<chmac> DarkStar1: I wouldn't recommend it with a production system, but ovh provide 100G of ftp backup, so you can push a backup to be doubly safe, take one disk out of the raid array, repartition, bring it back into the array, resync, wait, repeat.
<DarkStar1> chmac: for over a week now. I've been setting it up for a client and there a few sites hosted on it so
<DarkStar1> far
<chmac> DarkStar1: In that case you definitely want to repartition, all your /var/www/ and /var/logs/ will be on that 10G root partition, likewise /var/lib/mysql
<DarkStar1> Oh.. I'll have to book sometime off to do that then
<chmac> You can do the whole thing with the machine still online, because you have 2 disks.
<DarkStar1> shit!!
<DarkStar1> all that time setting up >:/
<feisar> hi my question's about virsh and vmbuilder ubuntu but #ubuntu-virt is a little quiet: if I created a vm using vmbuilder kvm ubuntu but i did it from the wrong directory, can I just mv my .qcow2 then edit the VM using virsh # edit VM_NAME?
<DarkStar1> chmac: That just poo pooe'd my tgi friday feeling now
<chmac> DarkStar1: You will need to take down the machine in order to move data around onto new partitions, but it's not so hard
<DarkStar1> chmac: what a stupid way to partition a machine
<DarkStar1> Pissed off at them now
<chmac> DarkStar1: You pay peanuts, you get monkeys!
<chmac> DarkStar1: In my opinion, their SSD boxes are a better deal than their traditional disks, 120G is usually way more than we ever use on any of our web machines, and the SSDs perform much, much better.
<DarkStar1> chmac: but let's be honest that kind of beetlejuice partition is spiteful
<chmac> DarkStar1: It's just stupid, but so is much of what I see at OVH! :-)
<DarkStar1> SSds aren't worth the price atm and I need space. Lots of it. the mail archve I was trying to migrate is 100Gb zipped up
<chmac> DarkStar1: Then you want a spinning disk!
<RoyK> [slightly offtopic] hm... I just upgraded a server install to Quantal and installed ubuntu-desktop on it, and lightdm doesnt't start automatically
<AlexO> Hey, I opened the 3306 port (for mysql) but when I'm trying to connect with telenet on 3306, I get a connect refused, the strangest this is, that it's was working yesterday, but today It's not working anymore...
<AlexO> any ideas?
<AlexO> -this+thing*
<Lachezar> AlexO: netstat -antup | grep 3306 shows?
<AlexO> "tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      15568/mysqld"
<Lachezar> AlexO: That seems OK. Are you sure you're telnet-ing into the right address?
<AlexO> Lachezar: yep, I just checked it again
<RoyK> AlexO: using ufw?
<AlexO> RoyK: iptables
<RoyK> AlexO: turn on logging in iptables, then, or just use ufw
 * RoyK uses ufw for 95% of his work
<DarkStar1> I only know a little iptables and 0 about ufw
<AlexO> RoyK: what do you mean but turn on logigng in iptables? You mean open the 3306 port ?
<AlexO> by*
<AlexO> I'm runing out of batery, need to find a plug brb
<AlexO> if you have any idea let me know my screen will still be there
<DarkStar1> AlexO: he means you should enable iptables logging so that you can see infomation about the firewall
<jamespage> rbasak, is the subarch support SRU required to support diff arm archs?
<rbasak> jamespage: yes, but also any arch at all
<rbasak> jamespage: any ARM arch at all I mean
<jamespage> rbasak, ack
<jamespage> rbasak, looking at the branch now
<rbasak> thanks!
<jamespage> rbasak, 02- patch is missing from the branch :-(
<rbasak> jamespage: well that's embarrassing :-/
 * rbasak digs it out
<jamespage> rbasak, lol
<rbasak> jamespage: wondering how best to recover from this
<rbasak> jamespage: another upload with a bumped ubuntu revision?
<jamespage> rbasak, just push a new version to the branch
<rbasak> jamespage: roaksoax has already uploaded - it's in the unapproved queue
<jamespage> rbasak, ah! I wish he'd commented.
<jamespage> I think we can get that rejected
<rbasak> jamespage: ok, so do I need to bump the version, or does it count as not published?
<rbasak> I suppose nobody will have been able to install from it if it never actually entered precise-proposed?
<jamespage> rbasak, no - its not been published anywhere yet!
<rbasak> OK
<jamespage> rbasak, oh - was the upload for quantal or precise?
<rbasak> jamespage: both. roaksoax took the change upstream for quantal I think, and uploaded precise as-is
<jamespage> rbasak, sorry - LP was confusing me
<jamespage> rbasak, actually it looks OK in the queue
<jamespage> http://launchpadlibrarian.net/118134341/maas-enlist_0.4-0ubuntu1.1_0.4-0ubuntu1.2.diff.gz
<rbasak> jamespage: I'm confused. How? Or does that mean that roaksoax noticed and fixed it up? Also the pocket was wrong, which I know he fixed
<jamespage> rbasak, I suspect roaksoax fixed you up :-)
<rbasak> thanks roaksoax :)
 * rbasak commits fixes to the branch anyway
<rbasak> At least it should match now
<rbasak> jamespage: sorry for the mess!
<jamespage> rbasak, no problem
<jamespage> rbasak, story of my day today
<jamespage> looking at stuff thats already been done!
<uvirtbot> New bug: #1057946 in mod-auth-mysql (main) "A patch to support Phpass hash (Used by Wordpress, phpBB3, etc)" [Undecided,New] https://launchpad.net/bugs/1057946
<uvirtbot> New bug: #1062277 in nova (main) "092_add_instance_system_metadata migration fails when upgrading" [Undecided,New] https://launchpad.net/bugs/1062277
<jamespage> zul: ^^ nova upgrade bug
<zul> jamespage: not cool
<selvodka> hello
<Ulfr> I just switched my frontend webservers from CentOS to Ubuntu because of an issue with PCRE, but now I'm trying to troubleshoot a problem my servers have after about a day of uptime where sessions will stack up in HAProxy and I haven't the foggiest why. Can anyone help me get started with troubleshooting?
<Ulfr> I use HAProxy to load balance to squid reverse proxies running apache2 on ubuntu 10.04 if that helps
<Mupfi> hi there :-)
<Mupfi> anybody here who is familiar with kerberos?
<feisar> hi what's the fix for the 'waiting for network configuration' on every boot with 12.04?
<Mupfi> i have problems with the krb5-kdc which woulden't start
<Mupfi> krb5kdc: cannot initialize realm ALKAR.INTERN - see log file for details
<uvirtbot> New bug: #1062314 in nova (main) "do_refresh_security_group_rules in nova.virt.firewall is very slow" [Undecided,New] https://launchpad.net/bugs/1062314
<Mupfi> and the logfile tell me "krb5kdc: No such file or directory - while initializing database for realm ALKAR.INTERN"
<uvirtbot> New bug: #1062336 in nova (main) "nova-compute expects libvirtd group" [Undecided,New] https://launchpad.net/bugs/1062336
<uvirtbot> New bug: #1062334 in nova (main) "nova-*  not work -  Scientific Linux 6.2" [Undecided,New] https://launchpad.net/bugs/1062334
<hallyn> smb: hi, bug 914788, it's marked fix released and nominated for oneiric.  but you seem to be talking about q new quantal patch?
<uvirtbot> Launchpad bug 914788 in libvirt "libvirt expexts qemu-dm in wrong path for xen" [Undecided,Fix released] https://launchpad.net/bugs/914788
<smb> hallyn, Yes, since George made the patch for q but probably should have done a new report
<jamespage> zul, I enjoyed that bug ^^
<smb> Things broke again after Debian removed the alternates setting which created xen-default link
<zul> i did as well :)
<hallyn> smb: can you mark it Triaged again?
<hallyn> I'll push the fix this afternoon then.  tuesday is freeze :)
<smb> hallyn, not sure I can do that, but in theory we probably should make the main task triaged again and add a precise task marked fixed?
<smb> hallyn, Yeah, seem you have to accept the nomination at least.
<hallyn> smb: sigh, ok, let me set them how I THINK you mean them
<smb> hallyn, I could do the rest, I just cannot accept nominations for anything I cannot upload
<hallyn> smb: can you reload and tell me if that's ok?
<hallyn> smb: and then you're saying i can just take that patch, pop it onto quantal package, and expect itto work?
<smb> hallyn, I looks like I thought (probably need to decide to won't fix for O) and no not that simple
<smb> hallyn, Not sure it helps you but I liked a branch
<smb> hallyn, A bzr branch. Basically I had to pop back to the old patch and have pushed the modified ones on top
<hallyn> oh, *linked* a branch :)
<hallyn> i thought you were facebooking
<smb> errr yeah... :-P no
<smb> Just missing keys
<hallyn> smb: so does the branch work?
<smb> hallyn, I did the test-build from that
<hallyn> smb: ok, thanks.  lemme look at it
<SpamapS> smb: so, any progress?
<SpamapS> smb: have not looked through my bugmail yet today
<smb> SpamapS, Tsk, well it works for me which is not progress I guess. And I asked for a more detailed list of steps
<smb> SpamapS, Not sure whether there is any special network setup involved or so
<SpamapS> smb: let me try my reproduction steps one more time..
<uvirtbot> New bug: #914788 in libvirt (main) "libvirt expexts qemu-dm in wrong path for xen" [Undecided,Fix released] https://launchpad.net/bugs/914788
<SpamapS> smb: hm, doing the basic steps doesn't cause it.. I'll try again with juju, maybe it is doing something special
<smb> SpamapS, Maybe I prepare another kernel in parallel that logs a lot of stack traces (for every dev_hold and dev_put). Its ugly but if you are the only one to be lucky I would let you run it and post the results. :)
<SpamapS> smb: for sure :)
<SpamapS> smb: indeed, something juju is doing in its destroy-environment is causing the issue reliably.. will boil it down to a test case
<hallyn> smb: i dunno, patch looks good to me (though i can't bzr import it bc of the way you moved the patch around in the queue)  I'll run the qa regression tests against it, then push the package from source
<smb> hallyn, Grr and I was just using quilt and bzr locally. :-P But ok, just note patches, because there were two
<hallyn> smb: yeah, bzr just doesn't deal well with any sort of funky quilt usage.  but I'm just doing 'bzr bd -S' out of your bzr tree, worked fine, so it'll have both your patches
<smb> hallyn, Ok, cool. Yeah, I probably should just have all patches unapplied and then replaced the file before applying them again
<smb> SpamapS, If you find a nice test case, please let me (err well the bug report) know. Otherwise the smb2 version is now up.
<SpamapS> smb: ok, working on it now
<uvirtbot> New bug: #1061964 in cloud-init "Config drive ensure local-hostname" [Medium,In progress] https://launchpad.net/bugs/1061964
<DarkStar1> qq the cron task: 3 0 * * 1/3/5  will run this task 0003 every mon-wed-friday right?
<DarkStar1> No one here?
<kendosan> hello guys, when i put my bash command in startup, when i reboot everything runs , but the bashscript that runs gives me error ffmpeg not found,  i run a nohup on startup
<kendosan> so im not sure what is wrong
<kendosan> when i cd in directory and do nohup manualy everything is cool
<Guest54412> hmm does anyone here have lamp installed
<patdk-lap> kendosan, that doesn't tell you anything?
<kendosan> hmm thats the thing im not sure what im doing :(
<kendosan> for example on startup commandline nohup sh /var/www/bash/nohup.sh >/dev/null 2>&1 &
<sarnold> kendosan: try without throwing away the error messages..
<kendosan> er i will try
<patdk-lap> kendosan, oviously your ENVIROMENT is different
<patdk-lap> different path settings and other things
<kendosan> patdk, what do you mean ? i run ubuntu server 12.04 64bit
<TJ-> kendosan: Which 'nohup' is start-up using? The shell's version, or "/usr/bin/nohup" ? They have differences, especially if the start-up script isn't using a log-in shell
<kendosan> just a second please :)
<sarnold> TJ-: oh? I hadn't heard this :) thanks for the heads up.
<kendosan> i put the nohup commandline here  /etc/rc.local
<patdk-lap> so no login, so you can't depend on anything being right
<patdk-lap> and have to make sure path and all are specified
<kendosan> it executes but, the thing is it does not run, when i type it in manual way :O
<kendosan> maybe im just confused with all this :D
<TJ-> kendosan: Usually that's because the shell environment at start-up is minimal compared to a log-in shell. Best debugging is to insert, in your start-up shell, a debug line of the form "env > /tmp/start-up.log" so you can look at the env it runs with
<kendosan> thanks i will try to do that
<TJ-> kendosan: s/your start-up shell/your start-up shell script/'
<hallyn> smb: my build of your libvirt tree oddly fails on an augeas lens test
<smb> hallyn, there is lenses in libvirt???
<hallyn> in the tests, yeah
<hallyn> biam
<smb> Weird I have created a source package from my tree and ran it though sbuild... my only problem there is building sometimes ending up in /build which then bails because of an overlayfs bug
<smb> The second attempt with /build diverted to non-overlayed /home/... did succeed
<DarkStar1> the cron task: 3 0 * * 1-5/2  will run this task every mon-wed-friday right?
<DarkStar1> I'm new to this
<DarkStar1> the aim is that it will run it at 0003h on those days.
<SpamapS> smb: installing your kernel next
<SpamapS> smb: the test case is still the same... just start and stop a container
<DarkStar1> no one know?
<sarnold> DarkStar1: that's how I read it as well
<sarnold> DarkStar1: though I'd probably use 1,3,5
<sarnold> no longer, no shorter, but more explicit
<SpamapS> smb: note that the container I start/stop also does an apt-get upgrade.. I wonder if there's something weird in there
<DarkStar1> sarnold: ok
<DarkStar1> with the commas right? I'm new to task automation.
<sarnold> DarkStar1: yes, with the commas
<smb> SpamapS, Hm, at least a bit more usage of the net devices. And the container is just created with "lxc-create -t ubuntu -n name -- -r quantal" ?
<SpamapS> smb: -t ubuntu-cloud
<SpamapS> smb: and -r precise
<SpamapS> smb: actually there's also some userdata fed in which does an apt-get upgrade and installs a few things...
<smb> SpamapS, I guess I will better wait for your detailed description... ;-P
<SpamapS> smb: you can use my juju branch which does it reliably..
<SpamapS> smb: bzr branch lp:~clint-fewbar/juju/local-cloud-img
<SpamapS> smb: from that dir, PYTHONPATH=$PWD PATH=$PWD/bin:$PATH bin/juju bootstrap
<SpamapS> smb: and PYTHONPATH=$PWD PATH=$PWD/bin:$PATH bin/juju deploy wordpress
<SpamapS> smb: then the same but 'juju destroy-environment'
<smb> SpamapS, Probably you should write that down then *in* the bug report. My memory is very limited (especially when it is actually the weekend)
<SpamapS> smb: I'm hoping to have a lower level reproducer
<smb> SpamapS, Me too :)
<SpamapS> smb: so far, unable to reproduce with your stacktrace happy kernel
<SpamapS> smb: n/m, reproduced
<SpamapS> smb: want syslog?
<smb> SpamapS, Yes please in the bug report.
<smb> SpamapS, Probably just a matter of timing as it now is a bit slower with the lots of output
<hallyn> smb: even plain libvirt is faling to build.  hopefully i just messed up my localhost, lemme try on a clean instance
<smb> hallyn, Yeah, hopefully. Well, in some way. But I could not explain how that test did not bother me otherwise...
<frojnd> Hi there. I don't know why but when I try to change /etc/motd as root it won't update it. And when I reopen file with vim it's still last message
<SpamapS> hallyn: did you come up with a plan for bisecting btw?
<hallyn> SpamapS: bisecting what?
<SpamapS> hallyn: I can reproduce 100% of the time on this hardware with the fairly lengthy steps I posted in the bug.. but have not yet boiled it down to anything less than a long juju deploy/destroy
<sarnold> frojnd: see update-motd(5)
<SpamapS> hallyn: netns bug
<hallyn> SpamapS: so you can't reproduce with the test program attached to the bug?
<SpamapS> hallyn: no, this is a different problem
<SpamapS> hallyn: the simple fix of flushing the route cache addressed that
<hallyn> are you sure there's no zombie tasks pinning the netns?
<SpamapS> hallyn: to reproduce I have to boot up an ubuntu-cloud based container and then stop it
<frojnd> This happens if I'm editing with nano too.. So I must do something wrong. Why after editing /etc/motd as root this new login message won't exist?
<SpamapS> hallyn: no, how would I check?
<hallyn> anyway no, i've been leaving that to smb to not reproduce effort
<hallyn> ps -ef should show the defunct tasks...
<SpamapS> nothing there
<hallyn> SpamapS: what is the bug#?
<SpamapS> bug #1021471
<uvirtbot> Launchpad bug 1021471 in linux "clone() hang when creating new network namespace (dmesg show unregister_netdevice: waiting for lo to become free. Usage count = 2)" [High,Confirmed] https://launchpad.net/bugs/1021471
<SpamapS> hallyn: I posted the steps to reproduce using my juju branch
<hallyn> SpamapS: given that it conflicts with the bug which smb did fix, i'm not sure we can bisect now :)
<hallyn> still i could try.  but if smb thinks he's about got it nailed...
<smb> hallyn, No not that one. Just got data for it to look trhough
<hallyn> ok.  lemme finis up the libvirt one and then i'll see if i can reproduce and join the party
<smb> hallyn, Though if you want to run bisecting maybe from the other end (take our mainline kernels between 3.2 and 3.6 as a start)
<smb> Usually it turns out to be one -rc1 and then the fun begins
<smb> Err make that 3.5
<hallyn> smb: happy to.  i was going to do linus' tree, what do you mean by 'our mainline'?  (i think i can find it from old emails, but if you have git url handy...)
<hallyn> right :)
<hallyn> 3.2..3.6 was going to be my range
<hallyn> uh 3.5  wtf?
<smb> http://kernel.ubuntu.com/~kernel-ppa/mainline/
<hallyn> thanks.  ttyl
<frojnd> Is there a manual or something how to change default ssh login prompt? Changing /etc/motd as root doesn't work unfortunatelly.
<smb> Well, we know 3.5 is broken (3.6 apparently not) So you could go that way as well, but at least for that I know that the removed the route cache for one thing
<hallyn> yeah, i meant 3.5, i don't knwo why i keep mistyping.  ttyl :)
<SpamapS> hallyn: while you're still playing, I'm going to try 3.4.12-quantal
<SpamapS> hallyn: as in, http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.4.12-quantal/
<hallyn> sounds good.
<hallyn> smb: regression tests still running;  built fine on fresh instance;  intend to push this afternoon.
<hallyn> zul: you have no libvirt changes to push to quantal right?
<zul> nope
<smb> hallyn, ok, phew
<SpamapS> hallyn: I am unable to reproduce on 3.4.12 btw
<hallyn> SpamapS: in your recipe, should i just 'apt-get install juju'?
<SpamapS> hallyn: no
<SpamapS> hallyn: it shows, bzr branch the specific branch I'm using
<SpamapS> hallyn: it still happens with stock juju, but not as frequently for some reason
<hallyn> you don't show building/installing it
<SpamapS> bzr branch
<SpamapS> just run it from there
<hallyn> i did bzr branch, entered it, then you say run 'juju', but juju was not installed (and ./juju is a dir)
<hallyn> oh hm
<hallyn> so it should be coming from my new path.  but it's not happy with it.  why?
<hallyn> (checking)
<SpamapS> I set PATH :)
<hallyn> SpamapS: well i've since apt-get installed juju, and id o see juju in my path, so i'm guessing there was a dependency of juju which wasn't installed.  (the error has scrolled off ths creen)
<hallyn> proceeding
<SpamapS> ahh right
<SpamapS> python-txzookeeper or python-txaws or twisted or something like that :-P
<SpamapS> hallyn: ok, so in the interest of narrowing your bisect ... 3.4.12 is fine.. what would be the other end of the spectrum to try? 3.5.5?
<uvirtbot> New bug: #1062474 in nova "Migrations do not populate volume_id_mappings and instance_id_mappings completely" [Undecided,New] https://launchpad.net/bugs/1062474
<hallyn> SpamapS: not sure, hold on lemme check around which release the route cache was removed
<hallyn> btw, first attempt on c1.xlarge did NOT reproduce.  trying again
<SpamapS> hallyn: if it fails again, perhaps let me login and I'll see if there are assumptions I've left out
<hallyn> heck, the commit "ipv4: reintroduce route cache garbage collector" sounds suspicious :)
<SpamapS> hallyn: hah yeah
<hallyn> SpamapS: 3.5-rc7 did not have commit 89aef8921bfbac22f00e04f8450f6e447db13e42.  3.6 did.  (that being the commit removing the routing cache)
<SpamapS> hallyn: I haven't actually confirmed that 3.6 doesn't reproduce with my particular issue
<SpamapS> hallyn: ok, 3.5.5 does reproduce
<SpamapS> hallyn: also reproduces with the original reproducer, so no news there
<SpamapS> [  191.483843] unregister_netdevice: waiting for lo to become free. Usage count = 2
<SpamapS> thats 2, so route cache + "the other thing"
<hallyn> SpamapS: hrmph, juju seems to have messed with my ptys
<SpamapS> hallyn: ??
<SpamapS> hallyn: ok, so I'll try 3.6-rc1 next
<hallyn> i ran 'juju bootstrap' in byobu, exited the shell, and now defunct java tasks are pinning /dev/pts/1, and re-starting byobu hangs
<hallyn> rebooting, not sure what state i just left things in... sigh
<SpamapS> hallyn: oh thats interesting.. zookeeper should have daemonized.
<SpamapS> hallyn: thats likely the culprit there
<SpamapS> hallyn: so i'll do 3.6-rc1, and then 3.5-rc7
<SpamapS> hallyn: yeah looks like we need to use start-stop-daemon to run ZK so it will let go of the terminal
<SpamapS> hallyn: you should have just killed the java process
<SpamapS> hallyn: AHA!
<SpamapS> hallyn: 3.6 still has it
<SpamapS> hallyn: well, 3.6-rc1
<SpamapS> hallyn: so, the route cache issue is separate
<SpamapS> [  253.892068] unregister_netdevice: waiting for lo to become free. Usage count = 1
<SpamapS> thats on 3.6 rc1
<smb> SpamapS, Unfortunately there are a few additions to the whole mess that are (or where) not even in upstream linux when I looked last
<SpamapS> smb: well I think you were looking at the route cache issue and using stgraber's reproducer only
<hallyn> SpamapS: interesting
<SpamapS> trying 3.6-quantal now
<smb> I was also following a few hints from upstream, but they pointed to a follow up on things that happened after removing the route cache. So things may have gone jojo
<SpamapS> well if nothing else, its clear that this is a separate bug from the route cache issue
<hallyn> SpamapS:  it might be worth opening a separate upstream kernel bugzilla
<hallyn> except, of course, we probably need a reproducer outside of juju :)
<SpamapS> yeah
<SpamapS> I think its something in the timing
<SpamapS> hallyn: lxc-stop returns immediately, right, you still need lxc-wait to know that it is stopped?
<hallyn> SpamapS: i think so, though the python api one can wait iirc
<hallyn> SpamapS: though lxc_stop "sort of" waits, by waiting for the monitor socket to close
<SpamapS> ah ok
<SpamapS> weird.. why do our cloud images have ntfs installed? :-P
<Daviey> SpamapS: ntfs ebs volume ! :)
<SpamapS> so much win
<SpamapS> hallyn: ok, confirmed still in 3.6
<SpamapS> hallyn: I'll try to boil this down to at least just lxc commands to reproduce
<hallyn> SpamapS: gah, no, can't reproduce on amazon with juju.  i'll just try quickly running lxc testsuite and see ifthat helps
<hallyn> smb: libvirt pushed, thanks.
<smb> hallyn, At least something that worked today. :)
<smb> thanks
<hallyn> haha no kidding.  still no idea about psivaa's bug
<hallyn> mdeslaur: if i said that after psivaa installs a new quantal desktop and installs kvm, then virt-manager, virt-manager fails to create/start VMs, but once you manually create one with virsh define and start that, then virt-manager succeeds
<hallyn> mdeslaur: would that ring any bells for you?
<mdeslaur> hallyn: no...what does virt-manager do?
<hallyn> my only guess would be bad perms inside /var/lib/libvirt/images, but that doesn't really make sense either
<hallyn> it manages to start kvm, but then kvm bombs with with -EPERM trying to actually use kvm
<hallyn> (as seen in the /var/lib/libvirt/qemu/x.log)
<hallyn> the bug # is 1057024 fwiw
<mdeslaur> hallyn: trying on a fresh install now
<hallyn> mdeslaur: thanks.  i've tried that 3 times no with no success, maybe i'm unconsciously doing something blatantly different...
<mdeslaur> hallyn: with no success? you mean you couldn't reproduce his issue, or you couldn't get it to work?
<hallyn> couldn't reproduce it
<hallyn> worked for me every time
<mdeslaur> hallyn: worked fine for me
<mdeslaur> hallyn: not sure what's going wrong for him
<mdeslaur> hallyn: hardware problem?
<hallyn> mdeslaur: kvm does run fine by hand, or using 'virsh'.
<hallyn> mdeslaur: but there are funky /dev/sda errors in syslog
<hallyn> worse, psivaa has *two* machiens that do it
<mdeslaur> hallyn: hrm
<hallyn> so i started wondering if there is a corrupt archiv emirror...
<hallyn> i dunno
<mdeslaur> hallyn: I did a fresh install, dit "apt-get install virt-manager", did "apt-get install qemu-kvm", added myself to the libvirtd group, rebooted and everything worked
<hallyn> mdeslaur: thanks for trying.  i'm out of ideas
<hallyn> psivaa: any chance you can post dmesg from the other machine that also does this for you?  (to the bug)
<hallyn> are they the same kind of laptop?
<mdeslaur> hallyn: my iso was in my home directory, not sure that's relevant
<hallyn> mdeslaur: hm, so was mine.
<bgoliveira> Hello everyone. Could anyone can explain me why /etc/resolf.conf turns into a sym link to /run/resolvconf/resolv.conf ?
<bgoliveira> I'm having to upgrate my servers from 11.04 to 12.04 ...and I just realised this because a normal user can not use the host comand.
<SpamapS> hallyn: ok so here is how lxc-create is invoked..
<SpamapS> 3742  execve("/usr/bin/lxc-create", ["lxc-create", "-n", "clint-local-ci-ubuntu-0", "-t", "ubuntu-cloud", "--", "--debug", "--hostid", "clint-local-ci-ubuntu-0", "-r", "precise", "--userdata", "/tmp/tmplp3Y7E"], [/* 13 vars */]) = 0
<sarnold> bgoliveira: it's part of the 'resolvconf' package, which rewrites the resolv.conf file for different name servers based on dhcp results
<SpamapS> hallyn: and lxc-start..
<SpamapS> 3816  execve("/usr/bin/sudo", ["sudo", "lxc-start", "--daemon", "-n", "clint-local-ci-ubuntu-0", "-l", "DEBUG", "-o", "/home/clint/.juju/data/clint-local-ci/units/ubuntu-0/container.log"], [/* 21 vars */]) = 0
<SpamapS> followed by..
<SpamapS> 3820  execve("/usr/bin/sudo", ["sudo", "lxc-wait", "-n", "clint-local-ci-ubuntu-0", "-s", "RUNNING"], [/* 21 vars */]) = 0
<psivaa> hallyn, dmesg attached to the bug
<hallyn> psivaa: thanks
<mdeslaur> hallyn: this is definitely odd: Could not access KVM kernel module: Permission denied
<hallyn> SpamapS: hm, precise container, <shrug> maybe that makes a difference
<psivaa> hallyn, one of them is Hp pavilion g6 and the other is Dell Inspiron
<hallyn> mdeslaur: right.
<SpamapS> hallyn: sure, I'll try a quantal container
<hallyn> psivaa: and so where do you store the iso for virt-manager to pick up?
<mdeslaur> psivaa: what's "getfacl /dev/kvm" show?
<bgoliveira> sarnold for example, I can ping a website. But, ping only can resolv the name because it has a SUID bit active. Host doesn't have a SUID bit active ... any ideia?
<Daviey> woot, sbeattie extended his ~ubuntu-server membership.. Great to have you. :)
<mdeslaur> psivaa: ?
<hallyn> mdeslaur: i fear it's way past EOD for psivaa
<mdeslaur> hallyn: consolekit is supposed to set extended acls on the kvm device to your user
<psivaa> mdeslaur, hallyn, ohh the iso's are stored on in desktop in one machine and home/myname/iso/ubuntu in anouter
<mdeslaur> hallyn: maybe he's using some retro-grouch desktop environment
<hallyn> mdeslaur: interesting
<hallyn> i hate magic
<mdeslaur> psivaa: can you do a "getfacl /dev/kvm"?
<psivaa> mdeslaur, just added to the bug
<hallyn> mdeslaur: but, /dev/kvm is group kvm, group read-write, and libvirt-qemu user is in default group kvm...
<hallyn> so unless virt-manager manages to run kvm not in libvirt-qemu user, ...
<mdeslaur> hallyn: he has group::---
<mdeslaur> hallyn: incorrect permissions, kvm group doesn't have proper rights
<mdeslaur> hallyn: (yeah, the extended acl isn't used)
<psivaa> hallyn, mdeslaur on the other machine which now works after following th wiki from hallyn i have group::rw-
<mdeslaur> psivaa: so something is breaking the permissions on that device
<mdeslaur> psivaa: do you have /lib/udev/rules.d/40-qemu-kvm.rules ?
<hallyn> SpamapS: say, ...  you're using juju, so you're not using lxcbr0?  are you using virbr0?
<hallyn> well you're not specifying -f, so i guess you must be using lxcbr0
<psivaa> mdeslaur, yes
<SpamapS> hallyn: this branch does use lxcbr0
<hallyn> SpamapS: sadly, i still can't reproduce.
<SpamapS> hallyn: yeah I'm working out a series of lxc-* commands to do it
<hallyn> doing a loop of while [ $c -lt 100 ]; do sudo lxc-start -n p1 -d & sudo lxc-wait -n p1 -s RUNNING; sudo lxc-stop -n p1; done
<hallyn> SpamapS: can you pastebin your userdata file?
<psivaa> mdeslaur, just to make sure, i did a fresh quantal install, i did apt-get install kvm and install virtual machine manager using software centre, addded the user to the group and logged out and in back
<SpamapS> hallyn: sure
<SpamapS> hallyn: thats part of what I'm working on :)
<mdeslaur> psivaa: quite odd, I'm not sure how your permissions get like that
<mdeslaur> psivaa: if you reboot, do they go back to normal?
<psivaa> mdeslaur, i'm not sure which permissions do you mean here, but rebooting alone did not solve the issue, it was running the sequence given in https://wiki.ubuntu.com/SergeHallyn_libvirtnest and then reboot solved it
<hallyn> mdeslaur: on the other machine of psivaa's, definately /dev/kvm was rw-rw---- when it was not working
<mdeslaur> hallyn: so, two different problems then
<Daviey> SpamapS: Hey, are we expecting another juju upload?
<mdeslaur> hallyn: it definitely can't work if the kvm group doesn't have access
<psivaa> mdeslaur, although i only tried once with the wiki sequence, i could try once more if you think its needed
<hallyn> mdeslaur: yeah...  actually, psivaa, wasn't that other lapto (with bad kvm perms) one you had a bad upgrade on?
<Daviey> SpamapS: specifically, i want bug 1061286 included :)
<uvirtbot> Launchpad bug 1061286 in juju "juju bootstrap returned ERROR Invalid 'cpu_count' constraint '1.0'" [Medium,Fix committed] https://launchpad.net/bugs/1061286
<gholms> smoser: Any idea why the resizefs cloud-init module opts to create a new device node?
<gholms> I *suspect* it's so it doesn't have to attempt to locate the one under /dev, but I'd like to be sure.
<SpamapS> hallyn: http://paste.ubuntu.com/1262631/
<SpamapS> Daviey: yes I am, and it would include that
<SpamapS> Daviey: hoping on Tuesday or Wednesday
<hallyn> psivaa: if you reboot the second machine, which doesn't have group write perms on /dev/kvm (as shown by getfacl), does /dev/kvm *then* have group write perms?
<Daviey> SpamapS: do you care if i monkey that patch in now, with your upload superseeding it?
<smoser> gholms, yes.
<uvirtbot> New bug: #1062518 in maas (main) "[FFe] New upstream release" [Undecided,New] https://launchpad.net/bugs/1062518
<smoser> how else would it figure out the device name ?
<SpamapS> Daviey: go ahead, we may not get our act together for this 0.6 release in time to squeeze it into quantal
<smoser> so it just doesn't bother.
<Daviey> SpamapS: ok, thanks
<gholms> smoser: By looking it up in /proc/partitions?
<gholms> smoser: The problem I'm running into here is that Fedora and friends mount /run with nodev.
<gholms> Same with /tmp and a host of other things.  :-\
<smoser> gholms, we could just make it in /dev/
<smoser> that is likely to not be mounted without 'nodev'
<smoser> :)
<smoser> err.. wahtever . i meant that probably we can create device nodes in /dev/
<smoser> just try that rather than /tmp
<smoser> it seems wasteful and pointless to find do a stat on /, get exactly the data we need, then to go looking in some other location for a name that doesnt matter.
<gholms> Heh
<gholms> smoser: Would you be against a patch that just grabs the device numbers from /, looks up the matching blockdev in /proc/partitions, and uses that directly?
<gholms> I mean, I get *why* it works the way it does.
<gholms> It just... adds more variables that can break.
<sbeattie> Daviey: I like to delude myself into believing I know something about servers.
<SpamapS> sbeattie: you know nothing john snow
<smoser> gholms, it is less variables.
 * SpamapS apologizes.. the GoT withdrawals are getting intense
<smoser> you're suggesting more variables (parsing /proc/partitions incorrectly, or /proc not being mounted)
<SpamapS> hallyn: success!
<sbeattie> SpamapS: no worries... Winter is coming. :)
<SpamapS> hallyn: I have a simpler reproducer now
<gholms> smoser: touchÃ©
<smoser> just make the device in /dev/.tmp.cloudinit
 * gholms hrms
<gholms> Yeah, that's probably the best bet at this point.
<Daviey> sbeattie: hah, get a grip.. you've probably done more server package uploads than me :)
<SpamapS> hallyn: http://paste.ubuntu.com/1262645/
<SpamapS> hallyn: now, here's the tough part.. it only seems to happen if you wait for the system to fully boot
<SpamapS> hallyn: the way that script works, you have to press enter after cloud-init says "done booting"
<SpamapS> hallyn: interrupting it earlier seems to not reproduce
<SpamapS> hallyn: which should actually help narrow down what is causing the issue
<SpamapS> hallyn: I need to take a break and get some lunch, but hopefully that helps
<SpamapS> hallyn: I wonder if the proprietary WL driver has anything to do with this.
<psivaa> hallyn, yes the bad upgrade one is the one with wrong permissions, to check if rebooting recovers the group permissions, i need to reboot *this machine,
<Daviey> SpamapS: fancy reviewing http://pb.daviey.com/wTv8/ ?
<psivaa> hallyn, mdeslaur rebooting has made the getfacl /dev/kvm -> group::rw- and i am able to create vm's now
<mdeslaur> psivaa: interesting...maybe the qemu-kvm postinst isn't setting the device permissions as intended
<hallyn> mdeslaur: in the past psivaa has shown /dev/kvm perms to b eright when still unable to create vms
<mdeslaur> hallyn: ok
<mdeslaur> hallyn: I just confirmed postinst seems to work too, so it's not that
<mdeslaur> hallyn: I'm stumped now
<psivaa> mdeslaur, im doing a fresh quantal install now ill let you know if rebooting alone gives the req'd permission, iirc it did not,
<mdeslaur> psivaa: ok. I'm eod, but leave the info in the bug.
<psivaa> mdeslaur, ack
<Daviey> SpamapS: would also seem prudent to include http://pb.daviey.com/0DDk/ i guess
<uvirtbot> New bug: #1061286 in juju "juju bootstrap returned ERROR Invalid 'cpu_count' constraint '1.0'" [High,In progress] https://launchpad.net/bugs/1061286
<uvirtbot> New bug: #1062538 in php5 (main) "package php5-dev 5.3.10-1ubuntu3.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/1062538
<SpamapS> Daviey: indeed, that one fixes canonistack
<Daviey> SpamapS: you don't make my life easier, you know. :P
<SpamapS> Daviey: why not just make a snapshot from trunk?
<Daviey> SpamapS: well it's getting that way... you know the CURRENT package FTBFS?
<SpamapS> no
<SpamapS> but I suspect its a race
<SpamapS> had to retry the PPA builds a few times
<SpamapS> anyway, I have not eaten yet, and I think if I delay any further my stomach will eat me
<Daviey> ok
<hallyn> SpamapS: can you use the laptop over wired and not load the proprietary wireless driver?
<uvirtbot> New bug: #1061678 in juju "OpenStack provider should fall back to local-ipv4 if public-ipv4 is not found" [Critical,Fix committed] https://launchpad.net/bugs/1061678
<hallyn> SpamapS: nope, repro.sh still doesn't reproduce it here.  jinkeys!  lemme try that laptop over yonder
<hallyn> SpamapS: nope, not there either
<SpamapS> hallyn: this one has no wired conn.. but I can try w/ my pro
<SpamapS> hallyn: I suppose I can try w/ everything cached and just shut down wireless too
<hallyn> SpamapS: yup, should work.  of course it's still possible that it's just your fast ssd making it happen
<SpamapS> hallyn: I've had it work quite a high percentage of the time on the spinning rust too
<SpamapS> hallyn: ok I forgot to rmmod wl .. but it did happen while on wired LAN and eth1 (wl) was down
<SpamapS> hallyn: ok, actually, no.. it was the route cache one
<SpamapS> hallyn: so indeed, it may only be my air that reproduces with the route cache fix smb made
<hallyn> utlemming: precise cloud images have empty /dev
<utlemming> hallyn: I think that might affect oneiric and quantal too
<utlemming> hallyn: I believe that it is excluded in the build since the initramfs populates it
<SpamapS> hallyn: progress! it only happens when wl is involved
<hallyn> utlemming: no, quantal has /dev populated
<utlemming> hallyn: right, I just checked....
<hallyn> utlemming: ok, i just wanted to make sure it wasn't intentional
<utlemming> hallyn: nope...I'll check into what is happening
<SpamapS> hallyn: oo, and rmmod on wl makes the problem go away
<SpamapS> err no
<SpamapS> ignore that
<hallyn> utlemming: great, thanks
<basil60> hi i've had complaints from isp about my home network sending unsolicited emails. I've run some "extensive" tests on my pc, and found nothing. I suspect it may come from my linux server (ubuntu 11.04). Any suggestions on how I may test it?
<sarnold> basil60: if you've got a wordpress or phpbb or something similar installed, that's a reasonable possibility
<sarnold> if your machine has been _rooted_, you may not be able to do much examining "from inside" the system. But if it is a simple / stupid exploit, it might be fixable from within...
<basil60> not running Wordpress
<basil60> I ran "rootkitcheck" yesterday - it found nothinh
<sarnold> basil60: does 'netstat -anp' show any unexpected connections?
<basil60> can i export that netstat command to a text file?
<sarnold> netstat -anp > /tmp/file
<sarnold> :)
<basil60> netstat -anp >/tmp/file/netstat
<sarnold> that'll fail unless you already have a /tmp/file directory
<sarnold> netstat -anp > /tmp/netstat would work alright
<basil60> dovecot appears to be running - wasn't even sure i had that turned on
<SpamapS> smb`: so, good news, the problem is just in the wl drivers..
<SpamapS> smb`: see bug report for more info
<hallyn> SpamapS: ok, i wasn't sure which order the bug and irc comments went in :)  i thought after the lp comment you decided it was NOT jsut the drivers.
<hallyn> so, phew ;)
<SpamapS> it *is*
<hallyn> and, nice reminder about proprietary drivers, i guess
<SpamapS> just that you can't rmmod wl to clear it
<SpamapS> I thought wl was supposed to be fully free'd at some point
<hallyn> so, WOOT!  smb might have it fixed in quantal release then?
<hallyn> <shrug>
<SpamapS> hallyn: yes, his last patch addresses the route cache problem that the reproducing C program shows perfectly
<hallyn> SpamapS: right, but we're past kernel freeze
<SpamapS> hallyn: ok, so worst case its in that 0-day SRU kernel that we always end up shipping anyway ;)
 * SpamapS adds a "its past beer-thirty" disclaimer to that comment
<hallyn> all i see there is 'beer', and i'm outta here :)
<hallyn> tttyl
#ubuntu-server 2012-10-06
<katronix> hi all, can someone recommend a good easy to use email server?
<SpamapS> katronix: TurnKey Linux makes a nice Ubuntu based machine image for Zimbra
<test> Hello! :)
<test> I setup a server and most of the things are fine, except when attempting to connecting to it externally the ip conflicts with the cameras set up. How would I set it up to where I can access the actual server also, if not both at the same time at least set the Ubuntu Server as default instead of the cameras.
<SpamapS> test: sorry, camera what?
<test> Just as cameras around the house.
<test> security cameras* if that makes more sense.
<SpamapS> test: can you explain why you think "the ip conflicts wiht the cameras set up" ?
<SpamapS> test: are you using NAT forwarding from your "real" IP to the private ips behind your router?
<test> SpamapS: When I type in my external IP, it displays nothing but a html title that save Web Client for EDVS/EVS ( cameras ).
<test> Spamaps: Can you explain your last question?
<SpamapS> test: no, sorry
<SpamapS> test: its going to be long and complex
<SpamapS> test: this is not really the best way to learn about IP addresses
<test> Spamaps: I understand it now.
<test> By "real" IP are you referring to external IP?
<SpamapS> sure
<uvirtbot> New bug: #1062031 in maas "pserv is oopsing: "exceptions.TypeError: not all arguments converted during string formatting"" [Critical,In progress] https://launchpad.net/bugs/1062031
<SpamapS> what the.. ubuntu-cloudimg-query in precise doesn't understand 'quantal' ?!
<kingcrimson> Hi all
<kingcrimson> Anyone have any experience of ldap/kerberos?
<bz0b> So basically I need to setup 2 hp servers with 24tb disk arrays that need to be clustered for HA, authenticated via AD, and setup with an NFS, AFP (netatalk), and Samba Share, and they all have to be highly available, and synced through both servers, and all authenticated with AD
<bz0b> Anyone have any ideas if this is possible?
<Amzul> hi, hope it's the right place. i am trying to mount ubuntu-12.04.1-server-amd64.iso into my virtualbox. i am keep getting fatal error: no bootable medium were found. is this iso is bootable?
<RoyK> Amzul: it is
<Amzul> any idea what can be the problem in that case :\
<Amzul> maybe i have a bad iso file
<Amzul> yes, that was the problem, my iso is only 57mb
<frojnd> Hi there. I've created a chrooted sftp environment and a directory test_readwrite with following permissions: drwxr-xr-x  2 root sftponly 4096 Oct  6 14:11 test_readwrite, when I use filezilla and try to create directory in the directory mentioned before, I get permission denied. I've also noticed that Filezilla shows 0 0 Under Owner/Group, as if it wouldn't recognize sftponly group? What am I missing here?
<SpamapS> frojnd: are you sure you're ending up in the same dir?
<frojnd> SpamapS: It was my mistake, I just doble checked I made chown -R root:sftponly /var/www/test_readwrite
<frojnd> SpamapS: so now it shows 0 1003 under Owner/Groups
<frojnd> SpamapS: But I still can't upload files to that dir with FileZilla, I've tried to disconnect/reconnect but nothing
<RoyK> frojnd: you haven't allowed the group to write there
<RoyK> chmod g+w
<frojnd> what a newbie mistake :/
<frojnd> thanx RoyK for your eyes :)
<RoyK> :)
<cluelessperson> So..
<cluelessperson> Apache has suddenly stopped responding.
<cluelessperson> I get no http response.
<cluelessperson> restart
<cluelessperson> and nothing
<cluelessperson> it's gone
<cluelessperson> so wtf
<blkperl> have you checked the logs?
<cluelessperson> blkperl: Yes, I checked error logs for apache, nothing of evidence
<blkperl> you need to figure out if its a network problem, configuration problem, or something else
<cluelessperson> blkperl: I had everything configured, it was working, I restarted my comptuer, and the guest VM
<cluelessperson> and BAM, it doesn't work
<cluelessperson> Port forwarding works, I'm able to putty in on 22, on localhost.
<cluelessperson> but localhost:80 doesn't work
<cluelessperson> or localhost:9001
<drag0nius> recently half times i log into my ubuntu server i get message about some zombie process
<drag0nius> but not every time, i tried searching for commands to find it but no success
<cluelessperson> Hello.
<cluelessperson> I've had everything working nicely for awhile.  Recently I restarted my pc and suddenly apache does not respond anymore.  There are no errors.  I've reloaded, restarted.  I need help. ;_;
<sarnold> cluelessperson: are there any related messages in /var/log/syslog ?
<sarnold> cluelessperson: does apache have its own log files? are there any messages in those?
<sarnold> cluelessperson: does 'netstat -anp | grep 80' show an apache process listening on the default http port? (it'll probably also show unrelated sockets too, so be sure to read that one carefully..)
<cluelessperson> sarnold: there is a process listening on 80.  Nothing related or of evidence in apaches log file or system log.
<sarnold> cluelessperson: is it an apache process or another webserver?
<cluelessperson> sarnold: I haven't installed another webserver, should only be apache.
<cluelessperson> sarnold: The only other webserver is for subsonic, and that's on port 80.
<sarnold> cluelessperson: aha :) is apache configured to listen on port 80 or another port?
<cluelessperson> sarnold: I have apache proxyforward mysite.com/media to mysite.com:9001/media
<cluelessperson> sarnold: I'm sorry, I mispoke, it's on port 9001
<sarnold> aha
<cluelessperson> sarnold: Subsonic is 9001, apache is http 80, I have apache proxy mysite.com/media to mysite.com:9001/media internally.
<cluelessperson> sarnold: I have this server running in as a Guest with virtual box.
<cluelessperson> sarnold: I can connect from the host machine, by localhost:22 to the VM.  Port 80 is configured the exact same way, but there's no response.
<cluelessperson> sarnold: http://psithurisms.com/
<sarnold> heh, sure enough, that loaded quickly...
<sarnold> and loaded nothing. :)
<cluelessperson> yes
<sarnold> $ HEAD http://psithurisms.com/
<sarnold> 200 Assumed OK
<sarnold> Client-Date: Sat, 06 Oct 2012 21:51:09 GMT
<sarnold> Client-Peer: 76.184.220.159:80
<sarnold> Client-Response-Num: 1
<cluelessperson> sarnold: I don't bother with a firewall on the VM because only 3 ports are enabled to access it from the host machine, and my host machine firewall is currently off to be sure.
<sarnold> cluelessperson: hrm, you can run 'ssh localhost:22' and it'll connect to the VM??
<cluelessperson> sarnold: I use windows 7, and yes, Putty connects on localhost:22
<sarnold> okay, that strikes me as odd. what do you get for 'ping localhost'? does that get you 127.0.0.1 or something else?
<cluelessperson> sarnold:  yes, I get 127.0.0.1
<sarnold> cluelessperson: I'm mighty confused; I wouldn't have expected that ssh connection to work.
<cluelessperson> sarnold: why is that?
<sarnold> cluelessperson: I wouldn't expect your VM to be able to accept() connections made to localhost on the host..
<cluelessperson> sarnold: It's because I have the VM forwarding the host's ports
<cluelessperson> sarnold: I have never had a problem with it until now.
<cluelessperson> sarnold: if you want to poke around you can teamviewer in.
<cluelessperson> sarnold: I suspect this happend during a botched shutdown.  I don't think the VM closed gracefully.  I'm not sure, but it should work fine when reset. :/
<cluelessperson> sarnold: so yeah.  :/ I'm freaking out because I've been working on my site and got everything perfect, now it's just. blah
<sarnold> cluelessperson: hrm, if the VM system can forward the host's ports, then either there's a firewall active or the VM's got the ports open and some proxying in place. Iw wonder...
<sarnold> cluelessperson: what does the windows equivalent of 'netstat -anp' show? :)
<Plizzo> I have an installation of Ubuntu Server 11.10 with the system on an SSD and all my storage on a RAID5 partition. If I wipe my SSD and perform a clean install of my system, will it in any way affect the status of the RAID, and will I be able to mount it instantly through fstab like I do today?
<cluelessperson> Active connections, none
<cluelessperson> sarnold:  any ideas?
<sarnold> cluelessperson: no, sorry. Windows is really outside of my experience. :/
<cluelessperson> sarnold: yes, but windows is forwarding correctly i'm pretty sure
<cluelessperson> Plizzo: Sorry, what?
<cluelessperson> Plizzo: a Raid5 is useless if all partitions on the same drive..
<sarnold> cluelessperson: heh, good point. I don't know how I didn't see that...
<sarnold> Plizzo: you may wish to drop the raid5 altogether: http://www.miracleas.com/BAARF/RAID5_versus_RAID10.txt
<sarnold> also, http://www.baarf.com/
<cluelessperson> I'll have to look into RAID 10 later.
<cluelessperson> sarnold:  I use a RAID 1 for my archives, photography and the like.
<escott> I would assume that Plizzo is saying the data is on RAID5 spinning disks. in which case the answer to his question is to backup his mdadm.conf then resintall and restore it
<sarnold> cluelessperson: I should do the same. I've just got bodged-together backups; it isn't very satisfying.
<sarnold> escott: excellent, thanks for actual details. :)
<cluelessperson> sarnold: My setup is 120GB SSD for OS, 1 TB 7200 for program files, 2x 2TB WD Caviar Blacks for RAID 1 for archive.  And a bitlocker encrypted 1 TB for testing.
<sarnold> cluelessperson: very nice. :) i've got a 60gb SSD for OS, 1TB 7200 for /home, VMs, and so forth. It worked fine for e.g. Top Gear, but it's way too slow for VMs, I need a new SSD for those and build chroots
<cluelessperson> sarnold: I have named the 1TB drive "Constant" because it's constantly used, for torrent buffer, program files, website that the VM uses.  That keeps spun up.  My Archive RAID is kept spun down most of the time.  So they'll last and last and last and last. :P  And they're mirrored so if anything goes wrong.  Just pop in another hard drive.
<sarnold> cluelessperson: hahaha
<cluelessperson> sarnold: It makes me feel safe that I can tell when my archive spins up.  Any important data/ or restricted is on there, if I'm not using my computer and that spins up?  Icheck things out.  I use the VM to isolate all the big primary web functions
<cluelessperson> sarnold: Hack my website?  Good for you, you're restricted to a v
<cluelessperson> VM stuck on a certain folder.
<cluelessperson> and the VM is backed up as well.
<cluelessperson> sarnold: Just switch the guest VM to the backup and all is right as rain again.  Website data/media is all saved outside the VM, the vm only handles settings.
<cluelessperson> sarnold: Right now though, I'm just trying to get to a stable configuration.  This is pissing me off because I've had issues that require me to reinstall the VM every freaking week.  Ubuntu update, virtualbox update, etc etc, they break things
<sarnold> cluelessperson: oof, yeah, it's only a savings if it is reliable..
<sarnold> otherwise, it sounds nice. :)
<sarnold> given enough ram, of course.
<cluelessperson> sarnold: Right now 16 GB, I will double it shortly.
<cluelessperson> sarnold: Not that I need to.
<Plizzo> escott: Do I really need to bother about the RAID5, do I need to reinstall mdadm and set the config before I can start using them again?
<cluelessperson> sarnold: I don't like RAID 5.  I would just go mirror.
<cluelessperson> That's my experience based on them dying in the field.
<sarnold> cluelessperson: agreed. the nice part of 10 is that you can go for more than two drives; just stripe over 4, or 6, or whatever.
<escott> Plizzo, you don't have to backup the mdadm.conf, but it will make things easier. without the mdadm you have to rescan the devices to build the array again
<Plizzo> escott: So I should backup all config files I want to save, including the mdadm.conf and then reinstall, once installed I should install mdadm, upload the old config and do what?
<cluelessperson> sarnold: I don't understand why this isn't working, sigh.
<cluelessperson> sarnold:  I've streamlined the reinstallation of the VM though.
<escott> Plizzo, and reboot
<cluelessperson> sarnold: I just hadn't backed it up recently, my recent configurations aren't backed up, better to go ahead and reinstall I guess. sigh.
<Plizzo> escott: That's it, the raid should then assigned a volume as usual?
<escott> Plizzo, all the definitions of what raid array to mount where are in mdadm.conf and fstab. you might want to update-initramfs to be able to make those available at early boot
<Plizzo> escott: I'm decent with Linux but a friend helped me to set up the array the first time. How do I use update-initramfs?
<escott> Plizzo, sudo update-initramfs -k all
<escott> or -uk or something like that
<Plizzo> And at what step do I run that? :/
<escott> Plizzo, after you put the mdadm.conf and fstab back the way you want
<Plizzo> escott: Alright, I'll probably just use my old fstab and make sure that's it pointing to the correct drive
<Plizzo> partition*
<Plizzo> escott: Thanks
<Plizzo> escott: Would you recommend 12.04 or 12.10?
<sarnold> 12.04 has long-term support (LTS) -- it'll still be getting security updates after 12.10 has been retired.
<Plizzo> sarnold: So 12.04 is the best option at the moment? :)
<Plizzo> sarnold: LTS releases are preferred I guess
<sarnold> Plizzo: 12.04 also has the benefit of existing. :)
<Plizzo> sarnold: So does 12.10, but I just realized it's a beta :P
<cluelessperson> Plizzo: sarnold  I'm warning you now.  I've had several updates come out that have made HUGE headaches for me. :(
<cluelessperson> I've had to reinstall multiple times
<Plizzo> cluelessperson: What has been a problem?
<Plizzo> cluelessperson: What issues have you had?
<patdk-lap> heh?
<patdk-lap> reinstall cause of an update?
<cluelessperson> patdk-lap: I don't know enough about linux other than to get it running
<cluelessperson> patdk-lap: I come here to ask help and learn why but no one ever knows what happened to everything,.
<Plizzo> Does this dd command look alright to you? I'm attempting to create a carbon copy from my SDD onto my mechanical disks that are raided. The raid is mounted in my home folder, but dd won't care about the mount right?
<Plizzo> dd if=/dev/sdb of=/home/jonathan/Storage/Backups/Lumen/lumen_cc.img conv=sync,noerror bs=64K
<sarnold> Plizzo: why 'sync'?
<Plizzo> sarnold: I was recommended
<Plizzo> sarnold: Would that be bad?
<sarnold> Plizzo: it just feels like it has the potential to modify your data. would it only modify the final block, in case the final block isn't a multiple of 64K ?
<Plizzo> sarnold: Good point
<Plizzo> sarnold: Can you recommend any good backup tool, I just want to create a carbon copy of my SSD
<escott> Plizzo, rsync
<escott> Plizzo, never understood the point of dd copies... if the SSD dies its not like you will get a new SSD that is the exact same
<Plizzo> escott: Alright, I'll look it up, thanks :)
<escott> Plizzo, also you cannot dd a mounted filesystem
<sarnold> escott: but you can mount a dd ..
<escott> sounds like a bad pornographic joke
<sarnold> rsync may munge permissions or symlinks or device files, you've got to study the manpage for longer to get a good copy ;)
<sarnold> haha
<escott> you can't dd a mount, buy you can mount a dd
<sarnold> *ba dum tish*
<escott> in any case i think Plizzo was thinking he could dd /dev/sdb where his / filesystem was running and get a valid image out of it... which would not happen
<sarnold> right, it'd only work if it were mounted readonly
<sarnold> which is an odd state for a / to say the least
<sarnold> I had been under the assumption that he'd boot to another / and have his SSD unmounted, but that's a large assumption on my part. :)
<escott> another thing against dd copies. they sound great in theory, but the hardware always changes because the hardware is what fails, and you have to turn the system off to make such a copy
<escott> unless you are using a virtual machine manager and what snapshots because you are making big changes to the vm image in which case you probably have some kind of snapshotting capability anyways
<escott> i think Plizzo is pretty new to things so i wouldn't want to make any assumptions
<escott> anyways. goodnight all
<sarnold> 'night escott :) good advice. thanks.
#ubuntu-server 2012-10-07
<cluelessperson> I seriously don't understand what the fuck is happening
<cluelessperson> Everything is fail for me know
<cluelessperson> what the fuck is "public login: mountall: Disconnected from Plymouth" ?
<IdleOne> Please stop cursing
<cluelessperson> IdleOne: I'm getting extremely frustrated.
<cluelessperson> IdleOne:  I cannot get a fraking stable configuration in place, because seemingly, every day, there's an undate that breaks something.
<cluelessperson> IdleOne: and by something, I mean everything
<IdleOne> I feel for you and wish I knew how to help you but getting upset and swearing is not going to help you get help.
<IdleOne> I know that saying everything is broken is not enough detail to start trying to help.
<cluelessperson> IdleOne: I cannot shutdown my vm because ubuntu put out a flawed update, I'm getting a "public login: mountall: Disconnected from Plymouth" when the server (FRESH install) boots up
<cluelessperson> IdleOne: and apache is not responding on port 80.
<patdk-lap> and the logs say?
<qman__> does sudo netstat -lanp | grep apache return anything?
<cluelessperson> patdk-lap: qman__  I'll respond to your questions in a moment, I appreciate your taking interest
<qman__> I don't know anything about Subsonic, and I don't have experience using apache's proxyforward, but I know a thing or two about apache and networking in general
<qman__> so hopefully I can at least get you that far
<cluelessperson> qman__: I don't think that's broken.  Actually, I think it's virtualbox that may be breaking things.  However the "public login: mountall: Disconnected from Plymouth" and the screwed up shutdown are known bugs now
<cluelessperson> You know what?
<qman__> well, one other point to verify
<qman__> bad downloads can really ruin your day
<qman__> they do happen, even with good internet connections, and they have happened to me
<qman__> and that is _never_ fun
<cluelessperson> qman__: like, bad ubuntu iso?
<qman__> bad iso, or bad debs from the net
<cluelessperson> qman__: I'm installing very few things.  lamp, openssh, subsonic, virtualbox guest additions
<qman__> check the md5sum/sha1sum/whatever to make sure your iso is good, and then I'd check key packages like apache
<cluelessperson> okay
<qman__> every package downloaded will be in /var/cache/apt/archive
<cluelessperson> qman__: The apache thing happened after a restart
<qman__> I try not to reboot
<qman__> upstart had ruined my day on more than one occasion, too
<patdk-lap> packages should be ok, they are signed
<patdk-lap> and the signature wouldn't be valid
<qman__> should be, but it has happened to me before
<patdk-lap> sounds like bad disk then
<qman__> I think it displays on screen when a signature isn't valid, but a lot of times that gets blown by with all the other feedback and you miss it
<patdk-lap> mine always bombs out on bad sig
 * patdk-lap likely would place the blame on virtualbox, it's known to have issues
<patdk-lap> one of the reasons I don't use it
<qman__> given the alternatives, virtualbox isn't half bad
<qman__> but it does have some issues
<patdk-lap> alternatives? I'm happy with vmware
<qman__> virtual PC is really lacking in options, and last I checked, vmware workstation was expensive
<cluelessperson> virtualbox lacks obvious features like start on boot or login, or graceful shutdown with host, dear god
<qman__> well, that's not what it's for
<qman__> virtualbox is for user-centric virtualization on a desktop
<patdk-lap> yep, and this is the server channel
<qman__> if you want features like that you need to use a software designed to do it
<qman__> like KVM, or ESXi
<qman__> or Xen
<patdk-lap> depending on the scale you need, lxc :)
<patdk-lap> openvz, ...
<cluelessperson> qman__: What do you suggest for a small server?
<qman__> what's your hardware like, and what sum total are you virtualizing?
<patdk-lap> what is the small server? is it inside this vm? or is it what is running these vm's?
<patdk-lap> almost sounds like you want to run a small server vm on a desktop machine
<qman__> if you're doing that, and you have a linux desktop, you could use KVM
<sarnold> kvm++
<qman__> it'll play nice when you're using the host as a desktop
<qman__> Xen and ESXi won't do that, they're for dedicated host setups only
<qman__> KVM does dedicated host too, but it can work on a user desktop
<cluelessperson> qman__: patdk-lap    This is a Xeon 3.4ghz quad core with 8 threads, 10 MB cache, motherboard automatic overclocking to 3.6.  I run Windows Ultimate64 bit
<qman__> well, all of the above requires a linux host OS
<cluelessperson> qman__: patdk-lap  I use this for gaming, work, several serving functions.  I want the VM for an isolated and modular linux server that handles certain situations
<patdk-lap> I wouldn't know anythin about running when using a windows os
<qman__> I don't know if microsoft still does virtual server, but that could work
<sarnold> qman__: did they ever update that for the CPU-based virtualization deals or did it stay a paravartualized thing?
<qman__> but hyper-v probably squashed that product
<qman__> in the windows world, hyper-v is the right thing for this situation, but it's pretty expensive
<qman__> virtual server was free
<qman__> or, if you can still get vmware server, that'd be a good option
<qman__> but that was squased with ESXi
<qman__> squashed*
<cluelessperson> sigh
<cluelessperson> So right now.  Apache2 is not responding on port 80
<cluelessperson> qman__:  ^
<cluelessperson> and I get "psithurisms login: mountall: Disconnected from Plymouth"
<cluelessperson> apache2 logs and system logs show nothing.
<qman__> cluelessperson, that message is benign, you shouldn't see it at your login screen but it doesn't by itself break anything
<qman__> does sudo netstat -lanp | grep apache return anything?
<cluelessperson> qman__: it disables my login on that screen
<qman__> cluelessperson, press enter, it should give you a new prompt
<cluelessperson> qman__: Control Alt F2
<cluelessperson> qman__: What's causing it though? -_-;
<cluelessperson> qman__: alright, but apache2 doesn't work.  Not responding on port 80
<qman__> from what I found while searching, it's a symptom of a lot of other problems
<qman__> so is it running or isn't it
<cluelessperson> qman__: apache is running, yes
<qman__> ok
<qman__> and are there any messages in /var/log/apache2/access.log?
<qman__> if there are, check error.log for errors
<cluelessperson> qman__: None.
<qman__> so, what it means is, your requests are not reaching apache for one reason or another
<qman__> access.log would contain things regardless if it worked or not
<cluelessperson> qman__: Which doesn't make sense to me.  Because I'm able to to putty in from my host over the forwarded port to the guest localhost:22
<escott> qman__, can you telnet to http? is your firewall up?
<cluelessperson> qman__: and port 80 is forwarded in the exact same way.
<escott> rather cluelessperson can you telnet to http? is your firewall up? does it respon on localhost?
<qman__> on the server, run curl localhost
<qman__> you may have to apt-get install curl
<qman__> if you get output that looks like a webpage, apache is working, and something else is causing your problem
<cluelessperson> qman__: 404 not found, which means my directory is off, but I should still see that 404 in browser. but yes, apache's apparently working
<qman__> yes
<qman__> so that means apache is working
<qman__> ubuntu does not have any firewall rules enabled out of the box, you can verify with iptables -L
<qman__> so the next step is to find out where the networking issue is
<qman__> probably virtualbox, networking has never been its strong suit
<qman__> could be your windows firewall too
<cluelessperson> qman__: Firewalls are disabled.
<cluelessperson> qman__: The only way I know to test virtualbox right now is to localhost:22 which is allowing my putty through.
<cluelessperson> http is forwarded the same way, I've double checked my port settings on other possible interfering programs.
<qman__> you may have another program on your host OS or a feature of virtualbox using port 80 and preventing the port bind
<cluelessperson> qman__: Wouldn't netstat show that?
<qman__> if you have another app, yes
<qman__> if it's virtualbox, maybe
<cluelessperson> qman__:   :/  I haven't upgraded virtualbox.  I don't know why it would work one night and not the next.
<cluelessperson> qman__: I should've reinstalled it already, will now
<qman__> reinstalling is not likely to fix this problem
<qman__> though depending on how bad it is that might be a good plan anyway
<cluelessperson> qman__: Reinstall virtualbox I meant?
<qman__> oh, ok
<qman__> maybe, don't know
<cluelessperson> qman__: No dice. reinstalling did not work
<cluelessperson> qman__: At this point, it's a fresh install of Virtualbox, Ubuntu 12.04
<cluelessperson> qman__: I've tried closing out and opening other network adapters on the guest.
<qman__> cluelessperson, if you're using a NAT networking config, I'd try setting it up as bridged instead and see if it solves the problem
<cluelessperson> qman__: I was avoiding that, but okay.
<cluelessperson> qman__: Also, I do not have graceful shutdown with "sudo shutdown now" but I'll worry that later
<qman__> cluelessperson, try sudo poweroff
<cluelessperson> qman__: Upon reboot, Sda1 is not ready or is not present.
<cluelessperson> qman__: ...  I don't understand how switching to bridge mode makes a partition inaccessible
<cluelessperson> qman__:  I think I may be done with virtualbox
<qman__> cluelessperson, you can still get VMWare Server, it's unsupported but available: https://my.vmware.com/web/vmware/evalcenter?p=server20&rct=j&q=&esrc=s&source=web&cd=9&ved=0CFoQFjAI&url=https://www.vmware.com/go/getserver&ei=vgBxUN3jIu66yAG9oYCACw&usg=AFQjCNHs4HR7u8yZ9MQgHmR4wAAVNVOUGw
<qman__> I think that will be better suited to your purpose
<cluelessperson> qman__: btw, I feel I owe you money.
<qman__> heh
<cluelessperson> qman__: Sigh.  Now I can't install ubuntu on vmware.  It's stuck
<Mammutpanzer> Hello. My name is Mammutpanzer and I plan to administrate a server. Before going onto the real server I want to run a VM to test everything, see if it is possible for me, look if it is fun to me or too much of a desaster. So I installed a VM of Linux Ubuntu Server 12.4. Now I would like to discuss security. Is this the right channel to discuss ubuntu server security?
<darthanubis> Mammutpanzer,never ask to ask, just ask your questions
<cluelessperson> clear
<cluelessperson> So, I've installed VMware Server, and I can't install ubuntu 12.04 because it hangs at the very first menu.
<darthanubis> and?
<darthanubis> need more info
<cluelessperson> darthanubis: sorry
<cluelessperson> darthanubis: I just installed VMware server, ubuntu install hangs at "install ubuntu server" first menu
<Mammutpanzer> Is this the right channel to ask questions about ubuntu and server security or should I go to ubuntu-hardened?
<chris|> Mammutpanzer, don't ask to ask, just ask the question
<Mammutpanzer> Well chris I didn't ask to ask a question I just wanted to follow the channel rules and one is that I should be on topic question was if I am on topic
<Mammutpanzer> I can't open the man start-stop deamon manual does someone know why? Do I have to download additional man packages?
<Mammutpanzer> I am trying the command "ps -aux > foo" but it doesn't write to foo it simply says "bad ps syntax perhaps a bogus"? What am I doing wrong?
<woodler> I just recently installed ubuntu server on a vm, Im very new to linux servers. Whats the initial process you would perform to setup on a Linux server? For example does it need to have something such as Active Directory setup, or the promotion of a Domain Controller? Can you give me some thoughts/insight on what they think should be set up first initial process? Please give me a real world testing solution. Thank you
<roniez> woodler: well do you use AD or DC_
<Rodney353> hi, by any chance has anyone here ever worked in a datacenter?
<Rodney353> :(
<SpamapS> Rodney353: maybe ask your real question?
<SpamapS> Rodney353: a lot of us just read backscroll... so an answer might take a few hours
<Rodney353> trying to find information to learn about the equipment in a datacenter
<SpamapS> Rodney353: take a tour
<Rodney353> trying to get a job in one, took a tour today, and realized i know next to nothing...
<roniez> the equipment in a a datacenter can variy alot
<SpamapS> Hm, I've been in about 20 DC's ... they are all basically the same in my eyes
<Rodney353> there were hard drive arrays, load balancers, and all this crazy equipment...
<roniez> what does it say about responsibilities.
<SpamapS> the make/model might differ, but the setup is almost always the same
<roniez> SpamapS: also depends wheter he will be having access to client cages or not as well
<Rodney353> I took ccna and mcsa, and wasnt prepared....at all....
<SpamapS> haha
<SpamapS> Rodney353: "learn by doing"
<Rodney353> i thout it would be just routers, switches and servers
<Rodney353> WAY off
<roniez> http://www.cisco.com/web/learning/le3/le2/le41/le99/learning_certification_type_home.html
<roniez> thats for datacenter certificates.
<SpamapS> Rodney353: don't take this the wrong way, but when I evaluate an operations person for hire.. the more certs they have, the more suspicious I am that they know nothing.
<roniez> very true
<roniez> i worked in a NOC for almost 2 yrs before i took my ccna
<roniez> and ccnp
<SpamapS> Rodney353: did you bother talking to ops people before getting these certs?
<Rodney353> I took them as a extra class at my college
<roniez> my entire IT career is based on experiance. i have not landed a single job due to any certificates.
<Rodney353> it was cheap, so i took them
<Rodney353> figured they couldnt hurt...
<roniez> Rodney353: they dont. :)
<roniez> can easily get you a better paycheck
<Rodney690> but i kinda want this job...
<Rodney690> and if I get it I dont want to show up and be clueless...
<roniez> DO you know how many other applicants?
<Rodney690> even though it is a 'lerning' lower level position
<SpamapS> roniez: you'll be fine. my recommendation would be to get an entry level job and just push hard to learn.
<roniez> that was for Rodney690 :D
<SpamapS> Rodney690: You'll be fine. Be honest about what you don't know, and how excited you are *to learn*
<Rodney690> its very entry level, but just giving the tour I felt bad that i didnt know anything
<roniez> You cannot know everything from start.
<roniez> and entry lvl at a Datacentre means u will have a mentor
<roniez> atleast it does here in holland
<SpamapS> yeah in fact they probably wouldn't want you to know anything
<SpamapS> then you'd want $$
<roniez> hehe
<Rodney690> well the pay is decent...
<roniez> knowledged = higher paycheck demands
<Rodney690> not great, but livable
<roniez>  so dont worry too much Rodney690 just be honest about what you know and dont lie about it.
<Rodney690> well, Im looking for information to learn these things
<Rodney690> but i cant find any information on it
<SpamapS> Rodney690: seriously, the way to learn these things is to get a job like the one you're applying for.
<Rodney690> I think they want me to know at least a little lol
<Rodney690> They gave me a test but they were easy
<Rodney690> like really easy...
<roniez> its entry level
<roniez> and if you find them easy your already in a good position
<roniez> counting that you passed the test ofc.
<Rodney690> like make a crossover cable
<roniez> alot of your work will be remote hands supporting
<roniez> patching, switching hardwares etc.
<roniez> depending on the clients request ofc.
<Rodney690> and then we walk into the center and theres milltions of cables everywhere
<Rodney690> spools of 100 fiber cables
<Rodney690> and im like uhhhh.... Ive connected fiber cables to a switch .... I have no idea what these 100 do
<Rodney690> there was equipment I have never even seen before
<roniez> just preformance difference.
<SpamapS> Rodney690: right, nobody ever sees those except in a job in a DC
<SpamapS> Rodney690: *chill out*
<Rodney690> lol...
<SpamapS> Rodney690: your biggest danger now is your own head, not knowing something.
 * SpamapS goes back to regular Sunday
<Rodney690> wish there were videos that described what goes on in typical racks
<Rodney690> keep searching, found nothing :(
<shauno> don't let the cabling phase you.  they can smell fear.  show any sign of weakness, and you'll disappear into a loom and never return
<Rodney690> lol, I act like its no big deal, Ive seen it before
<Rodney690> when inside Im like: I have no idea what any of these things are doing
<Rodney690> I was like a computer helpdesk guy at my old job.
<Rodney690> Just delt with routers, switches, and servers
<roniez> oh yea cabling is like dont even bother. if they failed it from the start they will never work it out until they redesign the entire DC
<Rodney690> never even seen a load balancer, let alone one thats worth over 100k
<roniez> a LB is nothing special just a fancy way of moving a round robin DNS to its own hardware.
<roniez> :)
<Rodney690> yah but they had like 500k equipment
<Rodney690> my hp proliant 7 server cost 4k...
<roniez> just wait until they cmoe with the new nexus-switches
<roniez> they are fun
<Rodney690> they also had cloud servers
<Rodney690> with hard drive arrays
<Rodney690> no idea how that works...
<roniez> just a storage raid setup. :) linked to some ESX environment
<roniez> its all Virtualized now and days.
<Rodney690> well, yah but if I have to troubleshoot or change wiring on it...
<roniez> u wont learn that until u do it
<roniez> there is no way to prepare for that kind of stuff.
<Rodney690> they were throwing out models left and right
<Rodney690> like i was supposed to know what they are talking about lol
<Rodney690> needless to say catalyst 6500 was not one of them lol
<Joy0x3806> anyone experience a black screen with white cursor on boot from USB?
<Joy0x3806> trying to install ubuntu server from usb
<Joy0x3806> used universal usb installer and unetbooting
<Joy0x3806> both give me the same results
<Joy0x3806> anyone?
<Joy0x3806> help?
<roniez> well black screen with white cursor is not really saying much
<Joy0x3806> oh
<Joy0x3806> trying to install ubuntu server from usb drive
<Joy0x3806> I used universal usb installer
<Joy0x3806> when I boot from usb, I dont see any splash screen, not even a grub message, nothing
<Joy0x3806> It just hang
<Joy0x3806> what could it be ? Maybe the MBR was not properly installed on usb with universal or unetbooting ?
<Free99> Hello everyone. I'm setting up a mailstack server (that is, the semi-preconfigured postfix/Dovecot via the repos), but I'm having a little trouble getting postfix to accept mail
<Free99> I have the system setup to use my LDAP server, postfix searches the LDAP for any users who have the
<Free99> *who have the "mail=" field defined, and if so, accepts the mail... or at least, that's the plan
<Free99> I've checked with postmap -q that the ldap search file works, it returns a username if the search for an email address was successful, otherwise it returns nothing
<Free99> the stack has been removed from chroot, and I'm sending mail locally, so there should be no problems with the firewall, etc..
<Mammutpanzer> Hi I try to do sudo cd directory to go into a directory but it says sudo: cd: command not found
<Mammutpanzer> How can I go to the directory?
<TJ-> Mammutpanzer: firstly, you don't need "sudo" to change-directory. Secondonly, when you use "sudo" it cannot execute a shell-builtin (which is what 'cd' is) unless you use additional options to "sudo".
<Mammutpanzer> but how can I access a dir that has the following? drwx------?
<Mammutpanzer> Oh and thanks for the explanation TJ- :)
<TJ-> Mammutpanzer: You'd need to do "sudo -i" which gives you an interactive root shell. Once you're done in the shell, type "exit" to return to the non-privileged user
<Mammutpanzer> There is no other option?
<TJ-> Mammutpanzer: If you want to execute a particular program as super-user, you can do things like: "sudo ls -l /path/to/restricted/dir/"
<TJ-> Mammutpanzer: If you need to do several things, you could also create a short shell-script file, and execute it "sudo /path/to/my/simple.sh"
<Mammutpanzer> Sounds good thanks for all the advices :D I really try to not login as root
<Free99> hello there. I'm curious to see what the standard solution is for when iptables isn't responding correctly
<Free99> I have 12.04.1 on a 64-bit server with two interfaces and two bridges
<chmuri> could someone used in past klickstart for ubuntu?
<Free99> I wound up doing an iptables-save, then iptables- L (which promptly locked me out of my SSH session..ha. ha.) then iptables-restore... seemed to fix the issue. Has that happened to anyone else in the past?
<guntbert> Free99: I have only seen instances of iptables not bein configured correctly, the rules you set are followed by the kernel
<guntbert> *being
<cluelessperson> So I've installed VMWare server, but ubuntu server hangs at selection in the first menu "Install ubuntu server"
<cluelessperson> No errors are seen
<Free99> guntbert: funny thing is, I had only enabled UFW, no rules were added. I also have fwknopd 2.0.3 running on the server, but I've never had it misconfigure the firewall before
<Free99> is there a command I can run to get iptables to mention an erroneous config?
<patdk-lap> heh?
<patdk-lap> there is no such thing as an erroneous config
<patdk-lap> either the iptable command works or doesn't
<patdk-lap> it is easy possible to create some kind of packet flow logic that doesn't do what you want, but no way iptables would know that
<Free99> that's what I figured, considering that I ran iptables-restore on a possibly bad config, and it works fine now
<Free99> hmm
<guntbert> Free99: it may be that there are misunderstandings between yourself and the programmer of a tool...
<Free99> I do have two interfaces, so that could have something to do with it
<guntbert> Free99: its still a matter of your understanding what some tool will do - the final commands are unambiguous
<Free99> I do not know how to directly control iptables. This much I do know: UFW has worked a-ok in the past, as has fwknopd. The only reason I think I may have an issue is because this is the first time I've had two interfaces active as opposed to just one
<patdk-lap> your not attempting to use both are you?
<patdk-lap> you should only have one or the other installed
<patdk-lap> having both, is going be unpredictable
<Free99> really? why is that?
<patdk-lap> likely, at reboot, both will run
<patdk-lap> so the last one to run will be active
<patdk-lap> and with upstart, that order could be random :)
<Free99> well, I see both have their own separate tables
<patdk-lap> heh?
<patdk-lap> they both have to use the input/output/forward tables at least
<Free99> sudo ufw show raw:
<Free99>   533070 775614937 FWKNOP_INPUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0
<Free99>   532389 775567243 ufw-before-logging-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0
<Free99>   532389 775567243 ufw-before-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0
<Free99>   123399 20614426 ufw-after-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0
<Free99>     2741    89822 ufw-after-logging-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0
<cluelessperson> sigh
<Free99>     2741    89822 ufw-reject-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0
<Free99>     2741    89822 ufw-track-input  all  --  *      *       0.0.0.0/0            0.0.0.0/0
<Free99> that's for the input chain
<escott> oh joy
<guntbert> Free99: having more than one program to manage iptables is like calling trouble
<Free99> so yeah, you're right, they all go through in out and forward
<guntbert> !paste | Free99
<ubottu> Free99: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<patdk-lap> in this case, FWKNOP gets priority, then ufw
<Free99> woops, my bad
<patdk-lap> and if upstart flipped it, ufw might get priority and fwk later
<patdk-lap> and it could make a huge difference
<patdk-lap> though you don't seem to understand why
<Free99> Ho-hum.
<Free99> I see what you mean
<Free99> ufw's default is to deny access
<Free99> incidentally, I'm still not sure how upstart works. I'm used to making sysV style scripts and using update-rc.d to install them in init.d
<Free99> hang on, I'll google it rather than bother you blokes
<guntbert> Free99: STOP - uninstall one of them, and keep the other, then you can try to tweak the rules
<Free99> system is running ok for the time being, I'll leave it be without rebooting it for now
<Free99> I'm going to need UFW, my boss doesn't know much about iptables. I'll try writing an upstart script for fwknopd rather than use sysV
<guntbert> Free99: not the best of possible ideas - usually the system restarts at one point in the future when you definitely cannot cope with any problems :-)
<Free99> I think it'll be ok for a couple of days... I know what you're saying however lol
<guntbert> Free99: and you migt want to have a look into shorewall
<guntbert> *might
<guntbert> and keep in mind: only one tool at a given time!
<Free99> well.. let me ask you then: this server is a KVM host, it doesn't need to anything but directly route packets to the VMs which are connected to bridges br0 and br1..
<Free99> I need to be able to SSH in, but other than that, nothing really (and obviously ssh is protected by fwknop)
<guntbert> Free99: I have no idea what fwknop might be - but it doesn't protect anything by itself - all tools only generate iptables rules
<Free99> oh, silly me. It's a single-packet port knocker, basically asks iptables to unshield port 22 to a specific ip that sends a correctly encrypted packet
<Free99> works really well, no 0day exploits or anything of the sort are possible against commonly attacked ports when fwknop is in use
<guntbert> Free99: don't rely on port knockers - they provide just a not so secure password - configure your ssh server to only accept pubkey based logins
<guntbert> Free99: SEE http://bsdly.blogspot.co.at/2012/04/why-not-use-port-knocking.html
<patdk-lap> hmm, no need for fwdnop, iptables does that itself
<Free99> umm... gpg keys are supported for fwknop. Besides, sometimes I have to manage something on my android phone, it's a bitch to use pub/priv keys with
<guntbert> Free99: suit yourself - but you have been warned :-)
<Free99> guntbert: I actually read something like this, it's not based on knocking different ports in sequence
<Free99> http://www.cipherdyne.org/fwknop/
<patdk-lap> wait? fwdnop is an daemon? with root permissions?
<patdk-lap> and it's allowed to receive generic ip traffic? and you trust it more than sshd?
<patdk-lap> just use the built in iptables port knocking, so much safer
<patdk-lap> ifyou must use port knocking at all
<Free99> well, you have to know what port it's on, it uses UDP...hmm.
<patdk-lap> an those things make it secure? no
<patdk-lap> forget about a zero day ssh issue, any issue in fwdnop and your toast
<patdk-lap> I personally never saw the point of portknocking though
<guntbert> Free99: how many different ports are there?
<patdk-lap> shorewall has portknocking built in though, using iptables rules to do it, no extra software insecurity
<Free99> alright, so look: on the client, I run "fwknop -a 123.123.123.1 -A tcp/22 -D 123.234.111.12 --test" and then input my password, or use my gpg key
<Free99> it encodes as 2146526055123413:ZmFsY29uZXll:1349642014:2.0.3:1:MTIzLjEyMy4xMjMuMSx0Y3AvMjI
<patdk-lap> that isn't the point
<patdk-lap> your exchanging one daemon (opensshd) with another daemon(fwdnopd) to cause the same root exploit
<patdk-lap> your protecting x, with something just as insecure, y
<Free99> so if I run it as a different user with permission to run a sudo script that opens only 22 to a specific address...?
<Free99> it=the dameon, that is
<patdk-lap> would be better then
<Free99> so why should I trust any of the author (Michael Abrash)
<Free99> *any of the author's other stuff?
<patdk-lap> I dunno? should you?
<patdk-lap> I personally don't trust many people
<patdk-lap> and defently not random blogs
<Free99> he has a module that listens for stuff via snort and blocks skiddies automatically based on the rules.. well. I looked through his code, it looks good, and people liked him at toor
<Free99> (shrug) I guess it is a trust thing.
<Free99> it's in the repos, by the way
<Free99> fwknop, that is
<patdk-lap> no one is saying it's a bad idea, there is no usecase for it
<patdk-lap> but care must be taking in how it's used
<patdk-lap> and it seems overkill for simple ssh protection
<Free99> yeah, kinda forgot that it was running as root :-/
<Free99> I'm not a professional sysadmin if you couldn't tell lol
<Free99> I got tired of the ssh bots running around my school network, this seemed to fit the bill
<patdk-lap> I just use basic tech, like fail2ban
<patdk-lap> also submit all those firewall blocked logs to dshield, and do my own parsing on them
<Free99> I originally like denyhosts until I heard about the ssh botnets that purposely distribute cracking attempts
<patdk-lap> haven't ever had an issue with one of them
<Free99> I understand that these are all band-aids to a problem... but I've got this running successfully on ~8 different servers, it'll be a while before I can get people to adapt to something new
<Free99> perhaps an apparmor profile?
<patdk-lap> apparmor would just be more bandaid protection to fwdnop
<Free99> someone's mentioning that the server listens passively via libfko, no direct tpc or udp connections per se. Sigh. that sucks man, I thought this was great
<patdk-lap> well, udp is passive
<patdk-lap> but it processes data contained in that passive udp listener
<patdk-lap> that is where issues can come up
<patdk-lap> buffer overflows, being common
<Free99> you know, that reminds me. why the hell doesn't the ubuntu kernel use NX?
<Free99> I have to compile my own kernel for that, what gives?
<Free99> anyway, yeah. I'm looking over shorewall right now
<Free99> wrong again also, looks like they put no-exec in after 10.04
<Free99> https://wiki.ubuntu.com/Security/CPUFeatures
<patdk-lap> no, that has always been there
<patdk-lap> the WARNING, if your on a noexec compatable cpu, that has that feature disabled, is on 10.04+
<Free99> I appreciate your help so far patdk-lap. I have one more Q... any reason I shouldn't compile my own kernel for a web-facing system using the grsecurity patches?
<patdk-lap> it all depends
<patdk-lap> seems like it has a lot of interesting stuff, I have never used that though
<patdk-lap> personally, I perfer to detect if a system is compromised long before something like that should kick in
<Free99> I was looking at it in terms of just mitigating that potential as much as possible
<Free99> I have backups already implemented, and I tried to harden nginx and php as much as possible
<Free99> or at least, as much as I knew how to w/o breaking anything
<chris|> harden php.. that one never gets old
<patdk-lap> while those are a problem, 90% of the issues is normally the php program themselves
<Free99> lol I have to run wordpress, so... yeah
<Free99> I'm using the suhosin patches
<patdk-lap> heh, wordpress has a long histroy of issues :)
<Free99> (shrug) Its a fickle thing you know?
<patdk-lap> I would opt for using mod_security
<Free99> isn't that only for apache?
<patdk-lap> yep
<Free99> <- nginx
<patdk-lap> your running facebook?
<patdk-lap> performance over security?
<Free99> apparently? lol..
<patdk-lap> it's all what you want :)
<patdk-lap> I have crapload of iis server I *must* use
<Free99> guh
<patdk-lap> but I do shove an apache with mod_security on them
<patdk-lap> makes me feel better
<patdk-lap> also require vpn access to even hit the proxy
<patdk-lap> and yes, I do perfer not to use apache when I can
<patdk-lap> but some things, it still is required
<Free99> I mean look, I'd use thttpd if I could make it run with php
<Free99> I like simple, it usually translates to secure (I used to tinker with freeBSD a lot)
<Free99> nginx hasn't been too bad security-wise though, you have to structure the rules correctly from what I understand
<Free99> it freaked me out how my apache mpm prefork would jump in cpu and memory every time I tested connecting to it
<Free99> one firefox connect= 2% ?
<roniez> thttpd should work with php no?
<Free99> I wish man, I turned the internet upside down looking for a way to do fastCGI
<patdk-lap> heh?
<patdk-lap> I have >300 connections with apache and I don't have 2% cpu usage
<patdk-lap> but then, prefork is the issue there, just don't use prefork
<Free99> cripes, just when you think you're getting good at being a sysadmin, you find out you don't know your dick from your elbow :P
<roniez> hehe
<roniez> the life of a sysadmin
<roniez> always learning
<patdk-lap> ya, it's whatever works best
<patdk-lap> I do not use apache on a lot of systems
<roniez> agreed.
<patdk-lap> but I do use apache on any systems I don't have full control over
<patdk-lap> you could implement a lot of mod_security stuff by making nginx rules in it's config
<patdk-lap> but it would get highly annoying
<Free99> I followed the nginx tutorials... all I cna hope for is that they're secure enough, I have too much to do atm
<Free99> :-/ what a cop out though
<CrypticSquared> Free99: nickto is a nice little tool
<CrypticSquared> er nikto
<Free99> wow crypticsquared, that's awesome! thanks!
<CrypticSquared> np
<codescience> can i still download ubuntu server 8.10?
<holstein> codescience: http://old-releases.ubuntu.com/releases/8.10/ though the repos are down AFAIK
<codescience> thanks.
<Free99> anyone good with postfix here?
<patdk-lap> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<roniez> Yea be ready to idle. :)
<roniez> sometimes an answer can take a while
<patdk-lap> there is a whole #postfix channel too, though I am normally only there during working hours
<gen0cide_> Anyone know what happens when rsyslog on ubuntu tries to send to a server but can't resolve the DNS name?
<gen0cide_> I'm trying it now, but can't see anything in syslog to tell that it's failing
<TJ-> gen0cide_: "man rsyslog" might give you some clues
<gen0cide_> " If  the  remote  hostname cannot be resolved at startup, because the name-server might not be accessible (it may be started after rsyslogd)  you  donât  have  to  worry.   Rsyslogd will retry to resolve  the  name  ten  times  and  then   complain.    " - I don't see the complaint. Where would that happen?
<TJ-> In the log, I'd have thought
<gen0cide_> Nope, nothing -.-
<TJ-> Maybe the startup-script is sending output to /dev/null
<techie> im going to be setting up a machine running ubuntu-server as a game server in the next few weeks and i was wondering if there was a way to recursively create folders and symlinks
<techie> for shared resources
<techie> or would i have to manually create folders, and symlink everything in them
#ubuntu-server 2013-09-30
<TheLordOfTime> since #ubuntu has decided to troll instead of help, I"ve got a zombie sh process that I'd like to terminate... how do I do that
<rbasak> TheLordOfTime: the zombie's parent needs to wait on it, or the parent needs to die and init will wait on it. But really there's no need. A zombie process is dead as far as everything is concerned. It only remains so that the parent can observe its demise without a race.
<TheLordOfTime> rbasak, so there's nothing bad about letting a defunct sh process sit there...
<TheLordOfTime> (I've reported to upstream of the parent program that the system isn't grabbing the information about the process's death)
<rbasak> TheLordOfTime: not really. Except that its parent should wait on it. Depending on what the parent does, there's a risk that it'll fill up the process table with zombie processes.
<rbasak> TheLordOfTime: OTOH if the parent will eventually wait on it (eg. when it needs to start another child), then there's not really a problem, apart from slight sysadmin annoyance.
<rbasak> Of course it could indicate a different bug in the parent.
<TheLordOfTime> i doubt the parent process is going to wait on it
<TheLordOfTime> ZNC isn't nice that way when it spawns sh
<TheLordOfTime> :/
<TheLordOfTime> unfortunately the system's got upwards of 75 users on it...
<TheLordOfTime> so i can't exactly restart the parent process
<rbasak> Sometimes a parent wants to background child processes, and isn't set up to be able to wait on a child. Eg. Python's subprocess module, which IIRC can only wait on backgrounded processes when a new process is started because of the way it's arranged.
<TheLordOfTime> yeah, well, i'm going to just chmod 000 the module that spawns those `sh` processes anyways..
<TheLordOfTime> that way i don't have it sitting there lagging out the parent process
<TheLordOfTime> (which is kinda what's happening)
<TheLordOfTime> i've got to install the kernel updates anyways, and maintenance reboot...
<TheLordOfTime> that should not only terminate the zombies with cybernetic oblivion... it should also fix everything.
<qubits> ello
<pentest> getting this with Xubuntu alternate CD 12.04lts
<pentest> http://imgur.com/19Gkzfr
<pentest> can anyone help
<pentest> trying to build a LTSP environment
<justanotheruser> Hi, I'm trying to connect to a VPN using nm-applet, but everytime I try to connect it says "The VPN connection 'vpn name' failed because the connection attempt timed out". An hour ago I had no problems, but now I can't connect to any of my servers
<soren> jamespage: https://code.launchpad.net/~soren/python-jenkins/add-crumb/+merge/188155
<jamespage> soren, ooo
 * jamespage looks
<soren> jamespage: I have a hunch that might disappear in the noise of the scores and scores of mp's I'm sure you have to look at each day.
<jamespage> soren, :-)
<jamespage> soren, OK - I'm mid deployment of an openstack havana test environment right now
<jamespage> I'll take a look PM today
<soren> jamespage: Cool.
<eagles0513875> hey guys I have migrated 2 websites of mine to a new server and im getting an error saying the following Your PHP installation appears to be missing the MySQL extension which is required by WordPress.  I have installed the  following  php extension  php5-mysql
<eagles0513875> im a bit stumped as to what else i would be missing do i need the native msql driver?
<lifeless> hallyn: still in europe?
<lifeless> cause if you are, https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1233075 may entertain you.
<uvirtbot> Launchpad bug 1233075 in linux "resizefs failure with raring" [Undecided,New]
<smb> lifeless, It would help a lot if you had also the top of the stack trace which includes the exact kernel version
<lifeless> smb: I would love to have it
<lifeless> smb: I'm obtaining this from an ilo textcons, which is 80x25 only
<lifeless> smb: as it happens in early userspace I can't even attempt a login - there is no getty yet
<lifeless> nor even the fallback logic glue for when root fails to mount
<smb> lifeless, Ok, you probably could manually mount the cloud image you use and check there.
<lifeless> https://lkml.org/lkml/2013/3/19/554
<lifeless> looks very similar
<smb> Yeah at least flexbg stuff as well and probably something occuring in upstream stable too.
<lifeless> smb: I'm not sure what you mean by manually mount the cloud image and check..
<smb> Thats why I would be interested to know which kernel version of us this happens on and whether maybe there is already something int the pipes
<lifeless> smb: oh, you want the kernel version?
<smb> yes
<lifeless> linux-image-generic, latest as of a few hours ago
<lifeless> when I built the image; apt-get updated in there
<smb> ok
<lifeless> I'm just building a quantal image now to see if it happens there
<lifeless> I had a bunch of machines deploying perfectly with quantal 4 months back or so
<lifeless> from memory
<lifeless> but we've twiddled our fs creation code since then too...
<smb> Ah, hm, so it may or may not be present in original raring or have been caused by a stable change. we would not know
<lifeless> yup
<lifeless> or it might be present in Q as well and depend on the ext4 fs we're creating.
<lifeless> That I'll know in a little bit
<lifeless> smb: quantal worked fine.
<smb> lifeless, ok, so somewhere between that and now... would you have the option of trying an older raring kernel in the image?
<smb> 3.8.0-19.29 would have been on the release and 3.8.0-31.46 is in theory the current one
<lifeless> smb: notnow, but toss it in the bug and I'll see about us doing some track-down for you
<smb> lifeless, ok will do as well as probably asking for latest saucy (to check whether it might have been fixed but just not backported)
<MACscr> ok, if im doing a hostname schema like http://foo.bar.domain.com/, should i make my /etc/hostname entries foo.bar?
<MACscr> oops, li meant like foo.bar.domain.com
<zul> jamespage:  lovely the neutron tests are timing ut
<mardraum> MACscr: no, the host is "foo"
<jamespage> zul, \o/
<MACscr> mardraum: should the domain in /etc/resolv.conf be just domain.com? seems to be .net.domain.com because my routers hostname is fw1.net.domain.com
<mardraum> if you mean the "search" parameter, it can be anything you like. but it is most useful probably in you sub-domain. It's also entirely optional and won't break things to not have it.
<mardraum> unless you rely on referring to local machines by host only, which I would not advise you do usually
<MACscr> mardraum: these hostnames will be used only internally, so just trying to make sure i am doing it right. guess i have no option but to manually create a dnsmasq entry for each server so they can communicate with each other by their fqdn
<mardraum> usually, you would just setup your dns zone propery
<mardraum> properly
<mardraum> you shouldn't be manually adding things on servers, if that's what you mean?
<MACscr> im talking about dnsmasq on the pfsense system (aka, the router)
<MACscr> these systems will only have internal ip addresses
<mardraum> I have no idea what you are talking about then
<mardraum> internal? as in rfc1918? that does not preclude you getting DNS sorted out in any way.
<mardraum> you can even do it with the same DNS server if you wanted via zones
<mardraum> personally I like to keep them separate
<MACscr> well for internal dns, i am thinking a simple dns forwarder (dnsmasq) on the gateway is the best route to go. Which means that all the servers have 192.168.0.1 as their dns entry, then it queries the dnsmasq entries before it queries the public dns servers
<z302> I am installing ubuntu-server 13.04 in expert mode. Any real difference between choosing the kernel linux-generic and linux-server? the main purpose of the machine is BOINC (basically, there will be a GUI and several math threads at 100% cpu running all the time).
<z302> I ask this because I already googled, but I found out that "Since 12.04, there is no difference between the Desktop linux-generic and Server linux-server kernels; they have been merged.".  I am confused.
<patdk-wk> z302, why ask if you know the answer?
<grn_> hi! I'm setting up a Jenkins server. I'd like to bind it to port 80. Is it a good idea?
<ikonia> grn: why would it be good/bad ?
<grn> ikonia: is exposing an application server directly w/o a reverse proxy a good idea?
<zul> jamespage/roaksoax/adam_g: https://code.launchpad.net/~zulcss/ceilometer/havana-alarms-ftbfs/+merge/188331
<ikonia> grn: it can be good/bad, what are you worried about ?
<grn> ikonia: I have no particular worries, just asking for general advice. The instance is going to be accessible from the Internet if that matters.
<ikonia> grn: there can be pros/cons
<ikonia> it's up to you to work out if they met your needs
<z302> patdk-lap, I asked because the installer still prompted me
<jamespage> adam_g, hey - I updated the swift-storage redux branch to bind to 0.0.0.0
<jamespage> if was trying to bind to 'private-address'
<jamespage> not work so well on maas
<mgw> How does the MOTD system work on 12.04? I have a bunch of systems (originally booted off the cloud image) that are not updating the MOTD.
<jamespage> adam_g, how do you feel about having an 'external-network' configuration item on the nova-cloud-controller for neutron?
<jamespage> before it was configured when the neutron networks where configured
<jamespage> but that's been dropped
<jamespage> but it sits in /etc/nova/nova.conf so really need to be injected somehow
<ivoks> has anyone seen this:
<ivoks> https://bugs.launchpad.net/neutron/+bug/1210121
<uvirtbot> Launchpad bug 1210121 in neutron "Havana staging:ERROR neutron.common.legacy [-] Skipping unknown group key: firewall_driver" [Low,In progress]
<justanotheruser> Hello, recently I purged an important package (don't ask why). It removed many dependencies (A LOT). I connected to the internet through ethernet because it purged network-manager. Now I installed network-manager again, but when I try to install the important package it doesn't install any of the dependencies I deleted. Is there a way to reinstall them without manually doing it by copying the purged packages one by one?
<ivoks> justanotheruser: you can extract removed packages from the log and then reinstall them
<ivoks> justanotheruser: /var/log/apt/history.log
<justanotheruser> ivoks: thanks
<PaulePanter> Hi. Running Ubuntu 12.04 on a server rented at a hosting provider (Hetzner), I cannot use USB or other ports like graphics. Do you folks disable such things for fewer points of failure or just leave it?
<ivoks> PaulePanter: i have ubuntu servers in hetzner
<ivoks> PaulePanter: it runs normal ubuntu kernel, therefore nothing is disabled
<ivoks> PaulePanter: and i can see usb ports on my servers
<jamespage> zul, how much packaging related change do we have across the openstack packages this cycle? it would be good to get that uploaded asap
<jamespage> so as we move towards release its just upstream only changes
<zul> jamespage:  like patch changes?
<jamespage> zul, I was mainly thinking about dependencies
<zul> jamespage:  well all of the dependencies are up to date
<jamespage> zul: btw I'm just uploading mariadb to debian :-)
<ivoks> jamespage: \o/
<ivoks> will we sync it?
<jamespage> zul, in the packages in the archive? or just in the branches?
<jamespage> ivoks, depends how quickly it gets through the NEW queue
<zul> things like oslo.config, etc we are up to date
<jamespage> ivoks, but TBH is not mega critical for this release
<PaulePanter> Another option would be to build a Linux kernel, with not-needed parts disabled. This would even boot faster and the image from disk is smaller.
<jamespage> more for next
<jamespage> zul, you did a load of updates to control files to add versioned deps right? is that in archive yet?
<PaulePanter> ivoks: Yes. But as you are not in their datacenter you are not able to use the USB ports. So it would be better to disable that.
<rbasak> smoser, utlemming: in between precise and quantal, ubuntu was removed from the admin group in our cloud images. Was this intentional, and if can you point me to the rationale, please? It stops ubuntu from being added to the libvirtd group by the libvirt-bin postinst.
<ivoks> PaulePanter: i wouldn't be so sure about that...
<zul> jamespage:  not yet it will be when we upload next, but the dependencies changes that i did to the control file we have the latest
<ivoks> PaulePanter: when you ask for their intervention, they might be plugging in usb keyboard
<utlemming> rbasak: the admin group was dropped at precise, if I recall correctly
<ivoks> PaulePanter: anyway, most of ubuntu kernel is modular; you can just re-create your initrd
<rbasak> utlemming: it was replaced by the sudo group, but the admin group still exists.
<jamespage> zul, OK - I think I understand
<zul> jamespage:  we should be good :)
<rbasak> (in our cloud images)
<smoser> rbasak, between precise and quantal the admin group ceased to be recommended i think.
<smoser> replaced by the 'sudo' group.
<smoser> to which the user should be a member
<rbasak> smoser: right, but we used to add ubuntu to the admin group, and now we don't add ubuntu to the sudo group.
<utlemming> rbasak: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/893842
<uvirtbot> Launchpad bug 893842 in policykit-1 "Move "admin" group to "sudo"" [Critical,Fix released]
<ivoks> PaulePanter: kernel is less than 5MB, but initramfs can go up to 20MB
<utlemming> rbasak: checking on the latest cloud image, we do add ubuntu to the sudo group
<utlemming> rbasak: that is for Quantal
<rbasak> utlemming: I just did: wget http://cloud-images.ubuntu.com/quantal/current/quantal-server-cloudimg-amd64-root.tar.gz; tar xzf quantal-server-cloudimg-amd64-root.tar.gz etc/group; egrep admin\|sudo etc/group
<rbasak> sudo:x:27:
<rbasak> admin:x:111:
<utlemming> rbasak: right
<utlemming> rbasak: on quantal the user is created at first boot
<utlemming> rbasak: the ubuntu user does not exist in the tarball
<jamespage> adam_g, I just spotted the changes to the cloud-archive reports
<jamespage> nice
<rbasak> utlemming: OK, I'll check by starting instances. But in my test saucy image, ubuntu does not seem to get added to sudo.
<rbasak> (upon login)
<utlemming> rbasak: yeah, so that is definately a bug
<utlemming> rbasak: care to fill one out for it?
<rbasak> In cloud-init then I guess, if it is supposed to happen on first boot? I'll investigate - thanks.
<rbasak> Will do.
<rbasak> Thanks for your help.
<utlemming> rbasak: I found the problem
<utlemming> rbasak: I'll get smoser a MP on it
<PaulePanter> ivoks: Yes. That initramfs is another thing to optimize. Probably not needed at all on a server, which is not encrypted and where you have static components and now what you run.
<rbasak> utlemming: thanks! Bug 1228228.
<uvirtbot> Launchpad bug 1228228 in uvtool "ubuntu is not added to sudo group" [High,New] https://launchpad.net/bugs/1228228
<ivoks> PaulePanter: there's nothing to optimize, you can decide what to put in it
<smoser> rbasak, /etc/cloud/cloud.cfg lists the groups that the default user will be added to
<smoser> and there is no 'sudo' there.
<smoser> does libvirt copy users in the sudo group to the libvirt group ?
<ivoks> PaulePanter: /etc/initramfs-tools/initramfs.conf
<utlemming> smoser: yeah, mp coming your way for that
<rbasak> smoser: yes - it copies both admin and sudo members
<smoser> rbasak, your tool should address the case where the user is not in the sudo group.
<smoser> ie, you should have a sane path for "you do not have libvirt group access"
<rbasak> smoser: you mean a test and a sensible error message, or something more?
<utlemming> smoser: shouldn't the default user be in the sudo group?
<ivoks> PaulePanter: distribution can not ship different kernels for different machines; that's why there's generic kernel + initramfs
<ivoks> PaulePanter: if you want a kernel that's specific for your hardware, you have to do it yourself
<smoser> rbasak, i don think you shoudl do anything more than a sane error message:
<rbasak> ack.
<smoser>  could not connect to qemu:///system . You need to be lin the libvirt group.  sudo adduser $USERNAME libvirtd
<smoser> somethign to that affect
<smoser> also, kind of sucks but then after that you hvae to log out and back in or use 'sg' to get into that group.
<smoser> utlemming, its really a "meh" whether or not they should be in sudo group.
<smoser> does 'd-i' add the first user to sudo ?
<smoser> if so, then i'd agree to following that ocnvention
<utlemming> smoser: checking....
<soren> smoser: It does.
<soren> utlemming: ^
<soren> http://bazaar.launchpad.net/~ubuntu-installer/user-setup/master/view/head:/user-setup-apply#L164
<utlemming> soren: ack, I thought it did...just didn't have the code reference
<PaulePanter> ivoks: Yes.
<utlemming> soren: thank you kindly
<PaulePanter> ivoks: So blacklisting the modules is the only thing to do, when you want to stay with the default Linux image.
<ivoks> PaulePanter: 'default linux image' doesn't exist
<ivoks> PaulePanter: ubuntu kernel without modules is almost non-functional
<PaulePanter> ivoks: Â»default Linux imageÂ« meant the image shipped by Ubuntu.
<ivoks> PaulePanter: kernel modules are part of the ubuntu operating system
<ivoks> it's like linux kernel works
<ivoks> if you disable modules on a server, you lose: kvm, iscsi, parport, network card drivers, etc, etc...
<ivoks> i think even sata is lost then
<PaulePanter> ivoks: Surely I would only blacklist the modules, which I do not need.
<ivoks> if you've never done that... i would strongly advise not to do it on production server :)
<ivoks> that's a famous sentence all of us said once
<ivoks> and only for 1-2 seconds faster boot
<mgw> What would prevent motd from updatingâ¦ but then start working after I ran run-parts on it manually?
<smoser> jamespage, you dont have anything for cloud-archive that checks ubuntu -> staging, do you ?
<jamespage> smoser: http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/
<jamespage> we should update that to compare ubuntu->staging for cloud-tools
<smoser> is there code that generated that ?
<jamespage> lp:ubuntu-reports I think - adam_g would know definatively
<smoser> k. yeah, i'd like to have 'ubuntu' 'next' 'staging' 'proposed' 'updates' coluns
<smoser> and really...
<smoser> i just want a tool like cloud_do_work that does it.
<rbasak> smoser: just testing the cloud-tools pocket uvtool for the first time.
<rbasak> smoser: uvtool-libvirt : Depends: python-simplestreams but it is not going to be installed
<rbasak> smoser: python-simplestreams : Depends: python-glanceclient but it is not installable Depends: python-swiftclient but it is not installable
<rbasak> smoser: we need to drop those down to Recommends I think?
<smoser> rbasak, well dropping to recommends isn't a fix.
<smoser> is it ?
<rbasak> smoser: that functionality is optional, though, isn't it?
<smoser> well, if you consider code that just doesn't have to run "optional".
<smoser> i think maybe just do python-simplestreams-openstack package .
<smoser> that was my intent, but i forgot to do that.
<rbasak> That seems reasonable
<smoser> rbasak, of course i dont know how we're ogin gto handle that...
<smoser> can you think of a way ?
<rbasak> Ah I get your use case now. You want to be able to create a package that depends on the openstack functionality provided by python-simplestreams.
<smoser> hm..
<smoser> if we just put the openstack stuff into a binary package, that binary package will not be installalbe on precise. but, oh well.
<rbasak> That's fine by the cloud-tools pocket's defintion through, right?
<rbasak> smoser: about how to do it. Must we separate the code? What if python-simplestreams-openstack were a simple metapackage with the appropriate Depends?
<rbasak> smoser: packages that require simplestreams openstack packages can depend on it. Packages that don't need it depend on python-simplestreams.
<rbasak> And the code can move in the future if necessary.
<smoser> yeah, its fine for cloud-tools pocket.
<smoser> rbasak, well, i already cut the files out of the package for python3
<smoser> (as none of that stuff will run, so i dont ship the files that wouldnt run)
<rbasak> smoser: I filed bug 1233269.
<uvirtbot> Launchpad bug 1233269 in cloud-archive "python-simplestreams in cloud-tools pocket is broken" [Undecided,New] https://launchpad.net/bugs/1233269
<rbasak> smoser: I'm not familiar enough with Python packaging to understand the interaction between Python module packages and files and stuff :-/
<smoser> rbasak, http://paste.ubuntu.com/6176232/
<smoser> well, we'll see. i'll try tof ix.
<smoser> rbasak, i think i like your idea of the metapackage though.
<zul> roaksoax:  around?
<smoser> zul, he's out till manana
<zul> smoser:  arrgh
<zul> smoser: can you have a quick look https://code.launchpad.net/~zulcss/ceilometer/havana-alarms-ftbfs
<orogor> hi
<orogor> kernel 3.11 is only for ubuntu saucy  right ?
<blazeme8> Hi guys. I'm trying to install alsa and the snd kernel module on ubuntu but running into some trouble with getting that module.
<blazeme8> I tried this guide: https://wiki.ubuntu.com/Audio/InstallingLinuxAlsaDriverModules . But on the install step, the paackage isnt found.
<smoser> zul, https://code.launchpad.net/~zulcss/ceilometer/havana-alarms-ftbfs/+merge/188331
<smoser> th eonly thing that looks curious is the oslo.config dependency version change
<smoser> is/was there a reason for that?
<smoser> zul, ^^
<mgw> any ideas why motd would fail to update on login? as far as I can tell, pam_motd is properly configured in both sshd and login pam files
<zul> smoser:  yeah it requires a newer version of oslo.config
<mgw> actually, it looks like it's updating itâ¦ but displaying the previous version
<smoser> zul, approved.
<smoser> sorry that took so long.
<zul> smoser:  thanks no worries
<pentest> LTSP Question
<pentest> Xubuntu 13.04 Host OS and LTSP server, 1 wifi card connected to Internet. Virtual Box installed with Thin Client Guest OS. Is it possible to have Thin Client boot-up with this LTSP server plz?
<Darkstar1> just a qq. Someone install apache mpm-event with phpfpm on my server the other day; just tested it a few minsa ago and realised that php pages aren't being intepreted
<Darkstar1> all googling points to the php5 module not being loaded, but the guy says that's not needed. Is this true?
#ubuntu-server 2013-10-01
<pentest> Host OS Xubuntu 13.04 is the LTSP server. 1 wifi card connected to Internet. I have got wlan0 (addr:192.168.1.2) and virbr0 (addr:192.168.122.1). Thin Client Guest OS installed in Virtual Box. Is it possible to have Thin Client boot-up with this LTSP server plz using virbr0? Note I have 1 physical NIC and 1 virtual NIC.
<lesterc> I knew there would be a server channel! :)
<lesterc> so anyone here runs ipsec+xl2tpd inside a lxc container? :)
<stgraber> I think I actually saw a bug report about that recently, I've never tried it myself but it sounds potentially tricky due to the way ipsec works with the kernel...
<stgraber> if it was a simple userspace daemon using a tap/tun device, that'd be easy (and openvpn tends to work great thanks to that) but ipsec is much trickier with some bits in the kernel and some bits in userspace and my fear is that not all the kernel bits are namespace aware
<lesterc> stgraber: yeah I am running openvpn inside lxc as we speak. :)
<shotoflove> Hi, anyone have experience with kerberos,ldap and ad?
<lesterc> What's the question shotoflove?
<shotoflove> lesterc: I'm trying to follow https://help.ubuntu.com/community/ADWin2k8KerberosLDAP but after getting my kerberos ticket I'm unable to getent passwd with data from Windows AD.  I'd be willing to pay for support getting this setup.
<lesterc> shotoflove: sorry - no experience with recent windows stuff.
<lesterc> I'm sure you can get people to do a one-off job for you if you are willing to pay.
<shotoflove> Where at?
<lesterc> check your local linux user group. :)
<lesterc> to answer your question - if you managed to get a AD ticket issued to your linux host all you need is to configure nsswitch.conf (i think)
<shotoflove> Yeah, I modified nsswitch to use ldap for passwd and group
<shotoflove> My issue is syslog says nslcd is unable to login with ldap to my windows ad
<shotoflove> Says invalid credentials
<lesterc> check your libldap.conf (or equalvilent?)
<lesterc> brb
<shotoflove> lesterc: I used /etc/nslcd.conf binddn CN=User,OU-Users,DC=domainname,DC=edu
<shotoflove> I set my Windows AD up as name.domain.edu
<shotoflove> I tried binddn CN=User,OU-Users,DC=name,DC=domainname,DC=edu
<shotoflove> Nothing seems to want to authenticate
<lesterc> IIRC AD requires login for lookup no?
<shotoflove> I think so
<lesterc> I'm **really** the wrong guy for these sort of questions...
<shotoflove> When i used likewise it also joins my computer to AD.  With a kerberos ticket I'm not seeing my computer joined to the domain.  I'm wondering if that might be the issue as well.
<shotoflove> hah
<shotoflove> All good
<shotoflove> Sorry that bother you
<lesterc> just trying to help. u might get a better answer from others on the channel however.
<lesterc> but if I were you I'd check binddn and password in ldap.conf
<shotoflove> Hm that guide had me remove that file
 * lesterc is happily Windows free for the last decade.
<pentest> Guys I am stuck. This is LTSP related. Please help..here is the details
<pentest> Host OS Xubuntu 13.04 is the LTSP server. 1 wifi card connected to Internet. I have got wlan0 (addr:192.168.1.2) and virbr0 (addr:192.168.122.1). Thin Client Guest OS installed in Virtual Box. dhcpd.conf edited with these values:
<pentest> authoritative;
<pentest> subnet 192.168.122.0 netmask 255.255.255.0 {
<pentest>     range 192.168.122.20 192.168.122.250;
<pentest>     option domain-name "example.com";
<pentest>     option domain-name-servers 192.168.122.1;
<pentest>     option broadcast-address 192.168.122.255;
<pentest>     option routers 192.168.122.1;
<pentest> Thin client virtual network is this: Attached to: Bridged Adapter, Name: virbr0.
<pentest> When booting up says searching for server ip (DHCP)....No IP.No IP.No IP.
<Andre_Gomes> Hello
<Andre_Gomes> i'm new to ubuntu server and i think i maked a big mistake, i typed pure-pw mkgroup -l > /etc/group and pure-pw mkpasswd -l > /etc/passwd now my system wont boot
<Andre_Gomes> i can only boot to recovery, i have searched but no lucky
<lesterc> does anyone knows about the status of bind10? :)
<sgran> hi, is this a reasonable place to ask about the cloud-archive?
<sgran> I'd like to poke a few bug reports, but I'm not sure where to prod
<xnox> sgran: typically it's a straight backport from current ubuntu release to the LTS, so just open bugs against the affected package with $ ubuntu-bug package, it should file the bug correctly I believe.
<xnox> there is little chance that it doesn't affect the current ubuntu release as well.
<sgran> for instance: https://bugs.launchpad.net/cloud-archive/+bug/1233178
<uvirtbot> Launchpad bug 1233178 in nova "novncproxy broken in grizzly cloud-archive" [Undecided,Invalid]
<sgran> or https://bugs.launchpad.net/cloud-archive/+bug/1220692
<uvirtbot> Launchpad bug 1220692 in neutron "LBaaS HAProxy agent outputs traceback in get_stats" [Medium,Fix committed]
<xnox> sgran: that seems reasonable place to file those bugs.
<sgran> if those look correctly filed, then I guess I'll just wait.  I was hoping to push it forward a bit, but I'm not sure how to help
<xnox> smoser: jamespage: ^^^ can you please take a quick look at the above bugs?
<koolhead17> hi all
<koolhead17> jamespage: around
 * koolhead17 knows zul must be sleeping
<serapath> hello
<serapath> i'm using koding.com. It offers a VM that i can use from a terminal within the browser
<serapath> thats my question: http://askubuntu.com/questions/352224/howto-start-scripts-before-after-startup-reboot-suspend-hibernate-power
<serapath> if i go offline and come back later after more then 20 minutes, my VM has been restarted or returns from suspend or something, because all my daemons or services (e.g. dropbox, nodejs server) are not running anymore and i have to restart them manually
<serapath> i would like to have a script which is automatically executed when i return, because its a bit cumbersome to always start that stuff manually
<serapath> how would i do it?
<serapath> i'm not exactly sure if my VM is suspended, but if thats the case, how can i do that manually, so that i do not have to wait 20 minutes? (pmi action suspend) doesnt work
<jamespage> koolhead17, yes
<koolhead17> jamespage: how have you been sir?/
<jamespage> koolhead17, very well thanks - and you?
<koolhead17> jamespage: am rocking thanks
<jamespage> xnox, ack - will do
<xnox> jamespage: thanks a lot.
<rbasak> zul: any comment on bug 1231970? "nova-novncproxy requires websockify version 0.5.1" - does this need an FFe and sync?
<uvirtbot> Launchpad bug 1231970 in websockify "Version update request [0.5.1 is out]" [Undecided,New] https://launchpad.net/bugs/1231970
<jamespage> rbasak: yes I think so
<rbasak> jamespage: shall I target to Saucy then?
<jamespage> rbasak: please do
<jamespage> sgran, re those two bugs; one will be fixed at havana rc1 - the other should not be a problem in grizzly - but see convestation above re havana
<rbasak> done, thanks
<serverchicken> Installing ubuntu server 12.04. The CD does not include a precompiled module of the computer's network card
<jamespage> zul, can you take a look at bug 1231970?
<uvirtbot> Launchpad bug 1231970 in websockify "[FFe] nova-novncproxy requires websockify > 0.5 - please sync from unstable" [High,Triaged] https://launchpad.net/bugs/1231970
<zul> jamespage:  yep will do so when i get in
<serverchicken> I have compiled one though. is it possible for me to load the module while installing?
<serverchicken> Jump to a shell and do a modprobe [module]
<zul> jamespage:  https://code.launchpad.net/~zulcss/nova/lxc/+merge/187796
<smoser> random neat little thing i just tested as functional
<smoser> cat ~/.ssh/authorized_keys ~/.ssh/id_rsa.pub > mykey.pub
<smoser> nova keypair-add --pub-key mykey.pub default
<smoser> nova boot --key-name=default --flavor=m1.small --image=$IMG my-server-name
<smoser> then i can ssh in with any of the keys there.
<smoser> ie, your pubkey that you upload can have more than one pubkey in it.
<herol3oy> Hi. I have got a pen driver and it has got the "New Folder.exe" virus and now I want to search for it in terminal and then delete them immediately? how can i do it? thnkx
<ikonia> herol3oy: what do you want to search for ?
<herol3oy> ikonia:  I want to find all the "New Folder.exe" files and then delete them!
<ikonia> herol3oy: find them on what ?
<smoser> herol3oy, find / -name "New Folder.exe" -delete
<smoser> maybe with 'sudo' first.
<herol3oy> ikonia: u know i don't wanna format my pen drive so i need to find all these files and then delete them so my friends computer will be safe when I put the pen drive in their usb drive.
<smoser> herol3oy, find /media -name "New Folder.exe" -delete
<ikonia> herol3oy: ok, so mount the pendrive, then use the command smoser suggested replacing / with the mount url
<ikonia> mount point (not url)
<smoser> yeah, and just go from /media unless you'd *want* to leave 'New Folder.exe' files around.
<smoser> you could also do:
<smoser> well, if you drop the '-delete' it will print them.
<smoser> so do that first, be satisfied that its not doing anything you dont want
<smoser> then run with '-delete'
<sgran> jamespage: so that means it will get uploaded to saucy and then pulled to the cloud-repo?  If so, cool, and thanks
<sgran> I'm doing a test deploy now, so I'm trying to report and track any bugs before we need it for anything important
<herol3oy> ikonia: hey dude. I run this command line:     find /media/herol3oy/usbdrive/ -name "New Folder .exe" -delete      but it only delete the file which was located in root. how can i delete them all also in other folders and sub-folders?
<ikonia> herol3oy: it should only search /media/herol3oy/usbdrive
<jamespage> sgran, that is the case yes
<jamespage> sgran, are you using the havana-staging PPA?
<sgran> deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-{updates,proposed}/havana main
<jamespage> sgran, urgh - Ok - thats not quite as up-to-date as ppa:ubuntu-cloud-archive/havana-staging
<sgran> can it be :)
<soren> jamespage: I'm around now if you want to discuss https://code.launchpad.net/~soren/python-jenkins/add-crumb/+merge/188155
<jamespage> soren, sorry - looking now
 * jamespage got distracted by some openstack issues yesterday
<soren> jamespage: I know that feeling.
<herol3oy> ikonia: thanks dude. i did it ;)
<rbasak> smoser: we'll want uvtool in main eventually I presume? Does this block juju at all?
<smoser> juju is universe
<smoser> right?
<smoser> (thats what apt-cache policy tells me)
<smoser> i do not have any reason for why uvtools should be main.
<smoser> not that i can think of.
<rbasak> Oh. Of course juju isn't in main yet.
<rbasak> Thanks
<excalibr> Is discard directive in rsyslog broken in Raring? I put & ~ at the end of my iptables log config and i still see its log messages being logged to /var/log/syslog
<excalibr> :msg, contains, "iptables: " /var/log/iptables.log
<excalibr> & ~
<jamespage> soren, that should fix the 'you need todo POST' error message from jenkins right?
<jamespage> I'm still seeing that
<soren> jamespage: "you need todo POST"?
<jamespage> soren, "You must use POST method to trigger builds. (From scripts you may instead pass a per-project authentication token, or authenticate with your API token.) If you see this page, it may be because a plugin offered a GET link; file a bug report for that plugin."
<soren> jamespage: Uh. No.
<soren> jamespage: This fixes authentication when CSRF is enabled.
<soren> jamespage: Your problem seems related to your not using the API token, but perhaps your password?
<soren> So, if CSRF protection is enabled, you need to include a crumb in your requests (to validate that you haven't just been tricked into posting something from a malicious web site).
<soren> This patch fetches that crumb and adds it to your request.
<stemid> I have this weird issue on an old 10.04 system where /tmp suddenly uses 4.4G with no large files inside it. usually this means some process has an open file handle on /tmp but lsof |grep inode number of /tmp shows nothing.
<stemid> so far the only solution has been reboot
<soren> stemid: Why would it show the inode number of /tmp?
<soren> stemid: Doesn't it say "/tmp/blah (deleted)" or something to that effect?
 * soren forgets the exact format
<soren> stemid: Yup, it certainly does for me.
<soren> stemid: sudo lsof | grep tmp.*deleted
<stemid> soren: lsof shows inodes too, I've obviously already tried greping for /tmp or I wouldn't be searching for inodes now
<stemid> and I just tried a grep -E '(every|inode|in|/tmp)'
<stemid> just to be sure
<jglanz> Hi all, never chat with the sparkfun guys online!
<Pici> jglanz: okay? this is #ubuntu-server though.
<jglanz> I had a random question, I'm building my first project enclosure which includes several components, I purchased an enclosure, and board from you guys...question is should I be soldiering or wire wrapping, etc?
<jglanz> sorry wrong room
<soren> stemid: If that really yields nothing, I'd start killing processes one at a time until the space was released.
<brendand> hello, i'm trying to use mount on a cloud image but it's failing - the same command i use for desktop/server images works
<aandy> hi guys, couldn't find a BIND/named chan, so hope it's ok i ask here. any users of bind9 who can review a config of mine and help me figure out why views won't work properly?
<Sling> try #bind
<Sling> (and /msg alis list *bind* to search for all channels matching the name 'bind')
<aandy> ah, i joined on the wrong network, that explains it. d'oh. thanks Sling ;)
<Sling> np
<jamespage> zul, re lxc mp - one test failed for me when test building
<zul> jamespage:  yeah fixing it now
<BrixSat> how do i resize a partition on a live server?
<BrixSat> i mean i know its with resizefs but im kind of afraid.
<ivoks> hallyn: have you seen issues with running qemu inside kvm, with both acpi and apic enabled? :)
<ivoks> hallyn: acpi and apic enabled in qemu
<hallyn> ivoks: no.  smb is investigating some kvm-in-kvm nesting issues...
<hallyn> you're not trying qemu64 in kvm32 I assume?
<ivoks> it's 64 in 64
<ivoks> same behavior is observed with qemu inside of esxi
<ivoks> once i disable acpi and apic, system boots
<ivoks> with it, softlockups or blkid timeouts
<hallyn> is there an open bug for this?  which releases/kernels?
<smb> There is something subtly broken with events/traps in nested vmx, but I have not really gotten down to it
<hallyn> smb: but ivoks is talking about unaccelerated qemu inside kvm
<ivoks> hallyn: there isn't; i'm still trying to come up with a stable reproduces
<ivoks> sometimes it works, sometimes it doesn't
<hallyn> ivoks: love those
<smb> hallyn, Ah ok this would be different then
<PaulePanter> Hi. The server in the data center does not restart running Ubuntu 12.04.
<PaulePanter> The problem is I only have network connection and do not know what is going on.
<BrixSat> This is my gparted http://paste.ubuntu.com/6179921/
<PaulePanter> I can ping it but I cannot log in using SSH.
<PaulePanter> Sending Ctrl + Alt + Del using the hosterâs robot interface works too.
<PaulePanter> How do I know that there is no fsck going on?
<ivoks> PaulePanter: how long was it up?
<PaulePanter> Maybe half an hour.
<ivoks> PaulePanter: before reboot
<PaulePanter> Four days.
<ivoks> PaulePanter: do you have raid on it?
<PaulePanter> In the rescue system, running fsck manually it says everything is fine.
<PaulePanter> ivoks: Yes, it is a RAID.
<ivoks> PaulePanter: and both disks are working?
<PaulePanter> They should. The rescue system could mount it.
<ivoks> PaulePanter: did you check logs while in rescue system?
<ivoks> if you can ping it, it at least mounted filesystem and set up networking
<PaulePanter> ivoks: I checked the logs. It looks like it was up as `/var/log/wtmp` had a recent time stamp.
<PaulePanter> ivoks: /var/log/upstart/syslog strangely did not have something from the last reboot though.
<ivoks> PaulePanter: i wouldn't expect anything in that file
<ivoks> PaulePanter: since that file will contain only errors on starting the syslog daemon
<PaulePanter> ivoks: Ah.
<PaulePanter> How do I disable services from a rescue system?
<PaulePanter> Or do I go into a chroot and do it from there?
<ivoks> ubuntu rescue mode or hetzner's rescue image?
<PaulePanter> Hetznerâs rescue image.
<ivoks> you have to enter chroot
<PaulePanter> Thanks. Did that now.
<jamespage> soren, ok - I'm confused
<jamespage> soren, I turned on CSRF protection
<PaulePanter> So in the rescue system looking at the time stamps of the files in `/var/log/*`, only `wtmp` has an updated time stamps and in there, the reboots (Ctrl + Alt + Del) are noted.
<jamespage> and python-jenkins worked without your patch...
<PaulePanter> All other files have the time stamp of time it worked the last time.
<zul> jamespage:  lxc patch fixed
<jamespage> zul, time to chat about horizon and writing to /etc/openstack-dashboard?
<zul> jamespage:  always
<jamespage> zul, well
<zul> jamespage:  dont do that? :)
<jamespage> the code out of the box does this generate_or_get call
<jamespage> zul, I think that should be pointing at /var/lib/openstack-dashboard
<jamespage> with www-data permissions?
<zul> sounds like a plan
<jamespage> OK
<zul> jamespage:  are you going to patch it up?
<jamespage> zul, just trying to figure out how the compression is working now as well
<zul> jamespage:  ack...im just in the middle of fixing keystone and going to look at this oauth business again
<jamespage> zul, lesscpy is borked
<jamespage> bin/lesscpy uses python3
<jamespage> but it uses argparse in the code
<zul> lovely
<zul> ill take a look
<zul> roaksoax/jamespage/adam_g: https://code.launchpad.net/~zulcss/keystone/oauth2-refresh/+merge/188639
<adam_g> zul, is oauth2 now completely optional?
<zul> adam_g:  yeah
<adam_g> cool
<zul> its still in the requriments.txt file though but if you dont have it installed it will be ignored
<jamespage> zul, raising a bug for python-lesscpy
<zul> jamespage: ack
<jamespage> zul, bug 1233749
<uvirtbot> Launchpad bug 1233749 in python-lesscpy "lesscpy command fails" [High,Triaged] https://launchpad.net/bugs/1233749
<zul> jamespage:  ack
<jamespage> zul, is there a precendence for sneaking a source package from Debian into Ubuntu?
<zul> jamespage:  not that i remember
<zul> check on #ubuntu-release
<jamespage> zul, adam_g: https://code.launchpad.net/~james-page/horizon/fixup-secret-storage/+merge/188659
<zul> jamespage:  looks good to me, i think the generate_or_read_from_file should be upstream as well
<mgriffin> can i determine if some package has a command (or perhaps i can only know it is a file) in it called "foo"?
<mgriffin> i don't have the foo command and want to know if some package can provide it
<mgriffin> oh, i forgot that was built in to ubuntu by default :D
<soren> jamespage: Well, then your CSRF protection is broken.
<soren> jamespage: It's supposed to reject the requests. My Jenkins certainly does.
<jamespage> soren, hmm - I'll poke it again tomorrow
<jamespage> somethings wonky
<soren> jamespage: np
<Hexch> hi
<Overand> Hey - question.  How can I figure out what stuff I've got on this system that i installed via apt. vs installed via .deb files?
<sarnold> Overand: I guess you'll need to compare /var/log/dpkg.log* files against /var/log/apt/history* files. There may be a better option, but that's the first that comes to mind..
<Overand> woof.
<Overand> Yeah.
<Overand> Maybe there's a way I can look at what's installed vs. what's avaialble via apt - while not 'technically correct' i think in this case it might work.
<sarnold> Overand: aha, try 'apt-cache pkgnames' for a starting point there.
<Overand> sarnold: it's not even an ubuntu-server machine, it's a legacy debian box.  most of my curerent machines are ubuntu-server
<pentest> can some one help plz http://ubuntuforums.org/showthread.php?t=2178061
<sarnold> pentest: do you have a dhcp server listening on virbr0 to hand out IP addresses? do LTSP guests need IP addresses? Or a dhcp server? do you need to configure NAT on your machine to forward packets for those guests? Or is that the role of LTSP? (Can you tell I know nothing about LTSP? :)
<pentest> sarnold: let me try to answer...
<pentest> if you see the dhcpd.conf setting.. I have changed the ip settings there..
<pentest> so technically there should a dhcp server.. however when I booted up lubuntu guest OS ..I cannot get an ip
<pentest> so that is the prroblem..
<pentest> yeah..virtual box do not seem to communicate well virbr0 virtual adapter it seems
<sarnold> pentest: check netstat -lnp output, make sure that the dhcp server is listening on the correct interfaces / addresses
<sarnold> pentest: check iptables -L output to make sure that the guests are allowed to communicate with the host?
<pentest> tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      2261/dnsmasq
<pentest> http://pastebin.com/QehtnebV
<pentest> seems good for me here
<pentest> I think key will be able to use virtual box created adapter rather than libvirt
<gartral> ok all, i'm gearing up to do a drive swapout from a dying drive to a new one, would it be easily do-able to just dd the drives from current to new?
<sarnold> gartral: if the drive is truly going, you might need to use something like dd_rescue or myrescue, in case IO errors prevent plain dd from working
<sarnold> gartral: (maybe conv=noerror is good enough these days? there has to be a reason for those tools, perhaps they were writte nbefore conv=noerror..)
<sarnold> gartral: anyway I've had success with dd to move filesystems around before, that part ought to work fine.
<pentest> just ignore me.. testing something
<pentest> just ignore me.. testing something
<pentest> just ignore me.. testing something
<gartral> sarnold: the drives' internal error recovery is working fine, but the drive is slowly going due to old age..
<sarnold> pentest: you may wish to /join #test if you're going to be doing too much more..
<sarnold> gartral: oh good :)
<pentest> just ignore me.. testing something
<pentest> just ignore me.. testing something
<pr3d4t0r> Greetings.
<metasansana> Is there a way to listen for syslog events from an application?
<qman__> metasansana, you can configure syslog to log a given application's events to a specific log file, and then watch that log file with inotify
<metasansana> qman__, I'm try to write a small monitor that will react to certain syslog events.
<qman__> there's also the quick, dirty, and performance-impacting way of: tail -f /var/log/syslog | grep myapp
<qman__> metasansana, if it's for one specific application, doing it the way I first mentioned is probably best
<qman__> if it's for multiple, use the main syslog file
<qman__> with inotify
<qman__> tail -f adds unnecessary disk activity and should really only be used interactively
<metasansana> I supposed I will have to parse the file after being notified.
<qman__> yes
<metasansana> ick
<qman__> alternatively you could write your application to accept the syslog data directly, and have syslog log to that file handle
<metasansana> Can I mock a file with an application? Like an input stream or something?
<qman__> yeah
<metasansana> ah yes
<metasansana> qman__, thanks! I'll google how to do that
<qman__> not sure whether unix sockets or named pipes or something else would be better (not a programmer) but it's definitely possible to do it that way
#ubuntu-server 2013-10-02
<metasansana> qman__, I found this : http://securfox.wordpress.com/2009/08/02/pipes-in-syslog/
<metasansana> not exactly but it should suffice
<smoser> roaksoax, you said you uploaded maas ?
<smoser> is it still stuck in -proposed ?
<roaksoax> smoser: seems so
<smoser> did you get a upload ack?
<smoser> i dont see it https://lists.ubuntu.com/archives/saucy-changes/2013-September/thread.html
<smoser> err.. october link
<smoser> but.. same deal
<smoser> oh. i geuss that only happens when it goes to release pocket
<smoser> no entry http://people.canonical.com/~ubuntu-archive/testing/saucy-proposed_probs.html
<smoser> roaksoax, you got the email ack ?
<roaksoax> smoser: yes... waiting for approval
<bateee> Hello, could someone please guide me to find a guideline for recommended settings for ubuntu server security audit configuration. I need to find out a standard set of rules that can be configured with auditing facility of ubuntu.
<sarnold> bateee: the auditctl(8) manpage has some examples; I _really_ like the SUSE documentation of the audit system, I think it's top-notch writing about a complicated tool http://doc.opensuse.org/products/draft/SLES/SLES-security_sd_draft/cha.audit.comp.html
<sarnold> bateee: obviously some things won't be identical on ubuntu, but the vast majority of that text ought to be useful.
<PaulePanter> Looking at the log files in `/var/log/upstart` the last thing is
<PaulePanter> # more /var/log/upstart/udev-fallback-graphics.log
<PaulePanter> FATAL: Error inserting vesafb (/lib/modules/3.8.0-31-generic/initrd/vesafb.ko): No such device
<PaulePanter> This is retrieved from a rescue system and there is nothing in `/var/log/dmesg`. This is Ubuntu 12.04 on a remote server, so I just have a SSH session to a rescue system.
<noaXess> morning
<noaXess> i got this, this morning: http://i.imgur.com/ZmRjtWg.png
<zetheroo> I am trying to do "javaws jviewer.jnlp" but I get this output: /usr/bin/javaws: line 66: /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/java: No such file or directory
<lotuspsychje> hello all
<lotuspsychje> what you guys reccomend for server backup?
<rbasak> What sort of server backup?
<lotuspsychje> ubuntu server, settings and packages
<lotuspsychje> lets say the main hd crashes, to restore everything
<PaulePanter> Do you also have that with Ubuntu 12.04?
<PaulePanter> $ more /var/log/upstart/ureadahead-other.log
<PaulePanter> ureadahead:/var/lib/ureadahead/boot.pack: No such file or directory
<PaulePanter> Could you please check?
<PaulePanter> I found https://bugs.launchpad.net/ubuntu/+source/ureadahead/+bug/1077570 but it did not get any useful answers.
<uvirtbot> Launchpad bug 1077570 in ureadahead "ureadahead:/var/lib/ureadahead/home.pack: No such file or directory" [Undecided,New]
<rbasak> smoser: could you subscribe ~ubuntu-server to https://launchpad.net/ubuntu/+source/uvtool please?
 * rbasak isn't a team admin
<jamespage> zul, I pushed a new python-lesscpy from the Debian git repository with an additional patch to make it work on python3.3
<jamespage> also pushed that upstream as well and let zigo know
<grn> I installed postfix on a server. Only one local user should be allowed to send mail to a particular domain (let's say example.com). How can I configure postfix to achieve that?
<zul> jamespage:  ack
<zetheroo> I need help with setting up bonding! I have set this up successfully on two other Ubuntu servers here, but on this one it's nothing but a hassle ... I am stuck now at this message "unable to update mode of bond0 because it has slaves"
<zetheroo> if I set the IP settings on the bond to DHCP it works ... but in static it doesn't
<ws2k3> Hello my ubuntu server sometimes randomly reboots the error i have in my kern.log is : imklog: Cannot open proc file system
<ws2k3> i found this bug on launchepad https://bugs.launchpad.net/ubuntu/lucid/+source/rsyslog/+bug/523610 but i'm not sure if thats the problem i have because the error is not compleetly the same
<uvirtbot> Launchpad bug 523610 in rsyslog "rsyslogd spins CPU on some kernels" [High,Fix released]
<zul> jamespage:  can you +1 the lxc branch for me please
<PaulePanter> sudo /etc/init.d/postgresql-8.4 restart
<PaulePanter> is mentioned in https://help.ubuntu.com/12.04/serverguide/serverguide.pdf
<PaulePanter> Is the guide going to be updated to use the recommended upstart commands?
<PaulePanter> Git is also not mentioned in it. ;-)
<jamespage> zul, sorry - one second
<jamespage> zul, adam_g: well az zone configuration did not work how I expected it to!
<zul> jamespage:  ?
<jamespage> zul, I lasted looked in folsom where it was a configuration file option
<jamespage> zul, you now assign nodes to zones using host aggregates
<zul> jamespage:  ah yes
<jamespage> in >= grizzly
<jamespage> zul, just wondering whether it even makes sense to try and support az's in the nova charms or not
<jamespage> or whether thats something we do external to the charms
<jamespage> like we do for creation of neutron networks etc...
<zul> jamespage:  i think it might be a good feature but im not crazy about it
<ws2k3> Hello
<ws2k3> sometimes my server rebooten and then i have the following error in my kern.log
<ws2k3> imklog: Cannot open proc file system, 2.
<PaulePanter> ws2k3: Maybe because it has been unmounted to due to the restart?
<PaulePanter> ws2k3: Find out, what is causing the reboot. Or does it crash?
<ws2k3> well i dont know yet
<ws2k3> i'm trying to find out Why my servers reboot every 4/5 days
<PaulePanter> ws2k3: Paste /var/log/syslog and `/var/log/messages` somewhere.
<ws2k3> the entire file ?
<PaulePanter> ws2k3: Maybe just everything happening 10 minutes before the reboot.
<smoser> rbasak, i can't do that. i will try to get admin
<smoser> zul, awake?
<zul> smoser: in theory
<zul> smoser:  physically yes...mentally no
<smoser> can you make me admin of ~ubuntu-server
<smoser> please
<zul> arent you already?
<zul> smoser: done
<smoser> thanks
<smoser> rbasak, done.
<ws2k3> PaulePanter i sended you 2 links one is my syslog and one is my messages
<rbasak> Thanks!
<ws2k3> PaulePanter are you still around?
<ws2k3> Hello i'm trying to figure out why my ubuntu server reboots reguarly
<resno> ws2k3: im curious is this a phyiscial or vm?
<zul> jamespage:  rc1 is out for keystone ill get it today
<jamespage> zul, good - lets drip feed them through as they release
<ws2k3> physicial
<irv> hello, my /boot partition has filled up to the point of not being able to run apt-get remove linux-image-xx for to free up some space by removing the old kernels
<irv> which files can i manually remove safely from there to temporarily be able to free enough space to properly remove the unused kernels
<resno> check syslog. the usual suspects, bad ram, overheatting cpu
<ws2k3> resno i already did that
<resno> already did what?
<resno> i listed 3 things
<ws2k3> i allready checked those things
<ws2k3> only thing i can find in kern.log is kernel: imklog: Cannot open proc file system, 2.
<ws2k3> but i dont know if that is something
<resno> howd you test the ram?
<resno> i quite sure your issue is heat releated or failure of a component
<ws2k3> resno i am pretty sure that heat or hardware failure is also not the problem because i have like 5 servers with the same behaviour
<ws2k3> i do have this line in my var/log/messages ct  2 13:27:23 web190 rsyslogd: [origin software="rsyslogd" swVersion="4.2.0" x-pid="3595" x-info="http://www.rsyslog.com"] exiting on signal 15.
<zul> jamespage/roaksoax: quick and easy https://code.launchpad.net/~zulcss/horizon/lesscpy/+merge/188834
<ws2k3> anyone?
<PaulePanter> ws2k3: Sorry. I could not spot anything in these files either.
<PaulePanter> ws2k3: Normally there is a method: some process requested the system to reboot or so. I could not find it and I do not know where it is stored.
<jamespage> zul, needs fixing
<resno> ws2k3: just because one machine has failed does mean all the others would fail at the same time. if you have looked into it, then fine. if you are assuming its ok then just check into it is all im suggesting
<zul> jamespage:  fixed
<soren> jamespage: How did you test that patch yesterday? Which operations did you attempt? crumbs are only needed when POSTing.
<jamespage> soren, triggering a build
<jamespage> zul, last iteration of lxc stuff I promise - but please can the patch have some headers!
<zul> jamespage:  dep8 headers?
<jamespage> zul, yep
<zul> jamespage:  ack
<jamespage> it has zip right now
<zul> jamespage:  done
<resno> ws2k3: have you check dmesg?
<ws2k3> yeah i was unable to find anything in dmesg
<ws2k3> the server do reboot every 3/4 days but not at the same time
<jamespage> zul, python-werkzeug is causing me grief for the cloud-archive - it wants dh-python
<ws2k3> so its not enviremental
<ws2k3> also dmesg does not have timestamps
<zul> jamespage:  backport dh-python then?
<jamespage> zul,
<jamespage>  sbuild-build-depends-dh-python-dummy : Depends: libpython3-stdlib but it is not installable
<zul> jamespage:  oh...not good
<jamespage> no
<zul> jamespage:  i would just build without dh-python then :(
<jamespage> zul, maybe - I'll look
<zul> jamespage:  ack
<resno> ws2k3: does it gracefully reboot or just power cut type?
<ws2k3> how can i find out
<ws2k3> i do know its a signal 15
<ws2k3> so i assume thats not a power cut
<ws2k3> rsyslogd: [origin software="rsyslogd" swVersion="4.2.0" x-pid="3595" x-info="http://www.rsyslog.com"] exiting on signal 15.
<jamespage> zul, OK _ I'm going to be pragmatic and push a ~cloud1 for flask to drop the python3 stuff
<jamespage> which we don't need anyway
<zul> jamespage:  okiedokies
<jamespage> that way we can stick with 12.04 werkzeug
<soren> jamespage: That's a GET request, AFAICT.
<jamespage> zul, one last thing on the headers and then all good for LXC
<jamespage> soren, its probably OK then
<zul> jamespage:  k
<soren> jamespage: Yeah, so it's apparently not supposed to be prevented by CSRF protection.
<soren> I'm not sure why, but that at least explains why you're not seeing the problem the patch is meant to fix.
<jamespage> zul, Laney has a question on the FFe about the LXC inclusion that you need to answer pre-upload as well
<zul> jamespage:  looking
<jamespage> soren, OK _ well I don't see that your patch is breaking anything so +1
<jamespage> I'll merge shortly
<soren> jamespage: {copy,rename,delete,enable,disable,create,reconfig}_job  are all affected.
<jamespage> soren, ack
<soren> Oh, and delete_node.
<soren> I think that's it.
<jamespage> soren, I see
<jamespage> soren, OK - confirmed as fixing that issue - definately merging
<Sander^work> Why is ther 100MB of usage here: /var/lib/apt/lists
<Sander^work> ?
<Sander^work> disk usage.
<zul> jamespage:  dep8 updated
<zul> rbasak:  *grumble* i dont see why not, ill do the packaging if you file the FFE
<rbasak> zul: I'm worried about breaking things this late in the cycle.
<zul> rbasak:  thats my concern as well
<zul> rbasak:  i can cherrypick the patches though as well
<rbasak> zul: Clark just emailed me a list (without commit ids!). I'll see if they apply cleanly.
<zul> rbasak:  i have the same list
<rbasak> Oh you got them too
<zul> rbasak:  ill poke at it this afternoon
<soren> jamespage: Ta very much.
<jamespage> soren, no - thank you!
<Sander^work> How come /var uses 225MB of space according to du.. but 8,7gb according to df?: http://pastebin.com/HZJUCNUT
<zyga> hey, is there a simple way to make lxc-create use a local mirror instead of the main archive?
 * zyga just found MIRROR and SECURITY_MIRROR, thanks
<jamespage> zul, I've uploaded the previous flash version as the current to avoid pulling in all the extra dependencies - its a hack but will work
<jamespage> flash == flask
<zul> ack
<jamespage> zul, urgh - this is a mess - I need newer python-werkzeug
<jamespage> but I don;t want to pull in all the python3 stuff
<zul> jamespage:  welcome to my world of PAIN :)
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/keystone/2013.2.rc1/+merge/188874
<jamespage> zul, the python-wsme problem is a flakey test case IMHO
<jamespage> zul, I think the later version of werkzeug in saucy is hiding a failure
<jamespage> zul, OK _ I'm trying for a Saucy fix on flask tests in python-wsme to fixup the cloud-archive - it hopefully the release team will be nice :-)
<zul> jamespage:  cool...i just uploaded keystone rc1
<jamespage> I saw
<zul> working on glance
<jamespage> glance rc1 also out
<jamespage> oh - snap!
<jamespage> I'm not
<jamespage> working on glance that is
<zul> goody because the tests are melting my laptop
<jamespage> zul, I pushed the wsme fix upstream as well - https://github.com/stackforge/wsme/pull/1
<jamespage> I don't actually understand the test case - its looks wonky to me
<zul> cool!
<jamespage> zul, inbetween rc's could you take a look at libvirt and xen in the CA
<zul> jamespage:  ack
<zul> jamespage:  whats wrong with libvirt?
<jamespage> zul, its out-of-date
<zul> jamespage:  ah
<jamespage> http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/havana_versions.html
<jamespage> zul, where is your LXC code work?
<zul> jamespage:  as in a git repo?
<jamespage> zul, yeah - or gerrit review or something
<zul> jamespage:  i need to update it gimme a sec
<zul> jamespage:  https://github.com/zulcss/nova
<jamespage> zul, thats good
<jamespage> zul, i would put "Forwarded: no, https://github.com/zulcss/nova"
<zul> jamespage:  k just a sec
<zul> jamespage:  pushed
<jamespage> zul, +1
<zul> jamespage:  will small wonders never cease ;)
<jamespage> zul, "python3-pbr | 0.5.21-0ubuntu4 | saucy/universe | all"
<jamespage> ?
<jamespage> huh
<zul> jamespage:  wtf?
<jamespage> causing https://launchpad.net/ubuntu/saucy/+source/python-wsme/0.5b5-1ubuntu2
<zul> jamespage:  uh? its in main for saucy
<zul> jamespage/adam_g/roaksoax: https://code.launchpad.net/~zulcss/glance/2013.2.rc1/+merge/188888
<jamespage> zul, better take a look at http://people.canonical.com/~ubuntu-archive/component-mismatches.txt
<tasslehoff> I'm trying to find out how to best share a folder from my server so that I can stream media from it on my android phone/tablets. Any tips?
<lenios> tasslehoff, http would be a good way
<lenios> install apache2 and put everything in /var/www
<tasslehoff> lenios: hm. feels odd to have it there. currently I have various media folders in /data, and share it out with smb. the issues I had were that file managers in android either could not log in or wanted to download instead of streaming.
<tasslehoff> then I found good old total commander :)
<pleia2> hallyn: happen to be around? instead of going back and forth in this iscsi bug report it might be more efficient to chat for a couple minutes
<hallyn> pleia2: sure
<pleia2> hallyn: just uploaded new strace to the bug, is that what you're looking for?
<hallyn> (waiting on launchpadlibrarian.net)
<hallyn> pleia2: yeah so what has me confused is why you're able to bind to the netlink socket.
<pleia2> hallyn: it was actually surprising while I was testing this that I could, which is what made me assume it would be usable, but alas
<hallyn> ok, but so it's binding to netlink type 8, which is iscsi, which points to
<hallyn> ../../drivers/scsi/scsi_transport_iscsi.c:3989: nls = netlink_kernel_create(&init_net, NETLINK_ISCSI, &cfg);
<hallyn> so have you talked to SpamapS about other configurations?
<pleia2> not yet
<pleia2> it's a broader team discussion because this is actually testing infrastructure, so we want to make sure we're testing the same thing that is actually being used
<pleia2> cc: lifeless ^^
<hallyn> thanks for the straces btw.  the one remaining puzzle there is why the container after netlink failure tries to open a new connection to the qemu host.
<hallyn> (but that's irrelevant as to the core issue)
<lifeless> hallyn: pleia2: will bbiab to chat
<pleia2> thanks
<zul> adam_g:  just doing ceilometer now
<mgw1> Any sysadmins or devops engineers looking for full time work, please feel free to ping me :-)
<stingsay`> hello
<stingsay`> hello
<stingsay`> can some body help me please
<pr3d4t0r> stingsay`: Just ask your question, don't ask to ask.
<stingsay`> i have 12.04.3 i am try to install mysql i am getting error invoke-rc.d: initscript mysql, action "start" failed.
<stingsay`> pr3d4t0r http://tny.cz/3303cde7
<stingsay`> pr3d4t0r i have search every where. but not help .
<stingsay`> i have 12.04.3 i am try to install mysql i am getting error invoke-rc.d: initscript mysql, action "start" failed. complate error http://tny.cz/3303cde7
<thumper> stingsay`: how are you installing mysql?
<stingsay`> thumper sudo apt-get install mysql-server
<thumper> well, the bug says that it isn't configured
<thumper> s/bug/pastebin
<thumper> have you tried to reinstall the package?
<thumper> or work out what the configuration failure is?
<thumper> looked at the logs?
<stingsay`> yes . i have try also i have try apparmor profile disable but same error
<stingsay`> thumper thanks
<thumper> have you changed any config settings?
<thumper> normally the default installs work fine
<stingsay`> thumper now it's working. i have spend 3 hours and try every available solution on net. not config settings . i have remove all files with mysql name . and try it again .
<stingsay`> with sudo find / -name mysql
<stingsay`> thumper but thanks you
<thumper> np
<zul> adam_g:  https://code.launchpad.net/~zulcss/ceilometer/2013.2.rc1/+merge/188951
<adam_g> zul, are the things that are getting release merges expected to build at this point?
<zul> adam_g:  what do you mean?
<zul> adam_g:  ceilometer builds fine for me with that branch
<adam_g> zul,  how much confidence do you have that when you upload the package to ubuntu its going to build okay?
<zul> adam_g:  pretty good confidence
<adam_g> zul, our jenkins doesnt seem so happy
<zul> adam_g:  cinder needs a new babel apparently :(
<zul> adam_g:  ill go talk to cinder upstream
<adam_g> zul, even things like glance + ceilomter don't appear to be healthy atm
<zul> adam_g:  ceilometer is building fine at least ill look at cinder next
<adam_g> zul, where is it building fine?
<zul> adam_g:  locally just did a test build
<adam_g> zul, can you get them building on our jenkins cluster and in the saucy testing PPA?
<zul> adam_g:  sure approve the branch first ;)
<adam_g> i'm updating the build configs to pull from milestone-proposed instead of master for those that have rcs
<adam_g> zul, can you set the branch to UNRELEASED?
<zul> adam_g: *sigh* already tagged it
<zul> adam_g:  updated
<zul> adam_g:  https://review.openstack.org/#/c/48739/ thats the reason for the babel bump ill look at things when i get back tonight
<med_> stgraber, if my lxc instance isn't getting a dhcp (yet dnsmasq seems to be running right) how do I debug? I'm running 1.0.0~alpha1.0+master~201309 in saucy
<med_> (and this worked last week just fine when I was starting containers.)
<med_> no leases in the dnsmasq lease file
<med_> hallyn, ^
#ubuntu-server 2013-10-03
<zul> adam_g:  did something happen to the openstack-ci?
<adam_g> zul, not that i know of. its probably just pegged from parallel builds
<zul> adam_g: gah
<zul> adam_g:  just doing a local test for cinder
<styol> Hola. I was curious if anyone might have an opinion on how to best solve the following problem. On a new server being provisioned via bash script there are some sysctl.conf changes made by a third party that `sysctl -p` dislikes because there are a couple unknown keys and this causes the bash script to exit with an error due to the -ex specification on `#!/bin/bash -ex`
<styol> So, I was thinking either wrapping the additional entries being made to sysctl.conf that are known keys and the sysctl -p in a separate bash script without -ex OR using sed or something to search and replace those unknown keys with a commented out version OR something else a kind soul might be able to recommend?
<styol> aha.. even better yet.. providing -e to sysctl will ignore errors about unknown keys.. roger!
<shauno> styol: you could put "set +e" before the lines that are allowed to fail, to disable errexit, and then "set -e" afterwards to put it back
<lastwish> ewdwed
<DzAirmaX> Hello guys
<DzAirmaX> I got a little question for you
<DzAirmaX> I noticed that the motd is not applyed on the first login on the machine : always on the second login time, is that normal ?
<DzAirmaX> nobody has the answer ?
<w0rp> Blargh, I'm on a UEFI motherboard. How do I set up a boot loader for Xubuntu 12?
<w0rp> I'm staring at a Grub command line off my pen drive that I barely got to load.
<ikonia> !uefi | w0rp
<ubottu> w0rp: UEFI is a specification that defines a software interface between an operating system and platform firmware, it is meant as a replacement for the BIOS. For information on how to set up and install Ubuntu and its derivatives on UEFI machines please read https://help.ubuntu.com/community/UEFI
<w0rp> I hate UEFI now because it cost me time.
<w0rp> <3 boot-repair-disk
<jamespage> zul, up yet?
<jamespage> zul, doing neutron rc1
<hXm> hi, how to install and share a printer without http interface?
<zul> jamespage:  just woke up ill talk to you about babel after i drop liam off (need to have breakfast as well)
<bekks> !cups | hXm
<ubottu> hXm: Printing in Ubuntu is done with cups. See https://help.ubuntu.com/community/Printers - https://wiki.ubuntu.com/HardwareSupportComponentsPrinters - http://linuxprinting.org - Printer sharing: https://help.ubuntu.com/community/NetworkPrintingWithUbuntu
<hXm> cups requires http interface
<jamespage> zul, https://code.launchpad.net/~james-page/swift/fixup-cache-perms/+merge/189044
<jamespage> when you start
<zul> jamespage:  https://code.launchpad.net/~zulcss/cinder/babel-ftbfs/+merge/188963
<jamespage> zul,  did you upload the horizon fix from yesterday? if so please can you merge the branch
<jamespage> zul, +1 on that cinder fix
<zul> jamespage:  not yet i was going to wait until horizon is out
<jamespage> zul, OK _ its is - I was doing that - I'll merge your branch if thats OK
<zul> jamespage:  yep
<g0tcha> i have a question, if my ubuntu server got compromised and i install a new version, is there a way to make sure the hacker didnt alter files i can bring over from the compromised machine to the new one?
<zul> g0tcha:  probably check from a good known backup
<g0tcha> very old backup
<jamespage> zul: https://code.launchpad.net/~james-page/horizon/havana-rc1/+merge/189067
<zul> jamespage:  +1
<jamespage> zul, ta - uploaded
<jamespage> zul, so thats keystone and horizon done right?
<jamespage> I'm looking at neutron
<zul> ceilometer, keystone, glance and horizon
<zul> jamespage:  ill get nova
<zul> jamespage:  do you want to do cinder when its out, ill get heat
<jamespage> zul, I think alot of the neutron test failures are due to patching of neutron.conf
<zul> jamespage:  oh?
<jamespage> zul, yeah - we set a core plugin and I think that conflicts with some of the test cases
<zul> jamespage:  *sigh* lovely
<jcastro> jamespage: or zul
<jamespage> jcastro, hell
<jamespage> o
<jamespage> blimey that was freudian
<jcastro> http://askubuntu.com/questions/353127/migration-from-generic-openstack-to-ubuntu-openstack
<jcastro> heh
<zul> jamespage:  i was about to say
<jcastro> recommendations here?
<jamespage> jcastro, run away screaming?
<jamespage> seriously thats hard
<zul> it is
<jcastro> afaik we don't have any kind of recommendation for this
<jcastro> all I've ever heard is "you learned your lesson, now you get to start over."
<jamespage> jcastro, yeah - there are just 1000 things that could go wrong during a migration
 * jamespage thinks about it a bit
<jamespage> what is 'generic openstack'?
<jamespage> zul, that swift bug I fixed was causing 503's on serverstack
<jamespage> not seen that before
<zul> jamespage:  cool! i like testing things before moving them out to our users ;)
 * jamespage sighs
<jamespage> another new neutron plugin - embrane
<jamespage> is it me or does everyone have a new SDN solution these days
<zul> jamespage:  btw this will make you happy: python-ceilometer | 2013.2~b3-0ubuntu1 |         saucy | all
<jamespage> w00t
<koolhead17> zul: hola
<zul> koolhead17:  hi
<koolhead17> zul: long time. how have you been?
<zul> koolhead17:  good, busy, you?
<koolhead17> zul: same2same
<zul> jamespage:  https://code.launchpad.net/~zulcss/heat/2013.2.rc1/+merge/189076
<jamespage> zul, dude - you can edit the existing changelog entry - thats already uploaded
<zul> jamespage:  erg?
<jamespage> look at the diff
<zul> damn it...gimme a sec
<zul> jamespage:  https://code.launchpad.net/~zulcss/heat/rc1/+merge/189081 andhttps://code.launchpad.net/~zulcss/nova/2013.2.rc1/+merge/189082
<jamespage> zul, ack on heat
<jamespage> zul, nack on nova
<jamespage> zul, just as a detail I've been describing these as 'New upstream release candidate."
<zul> jamespage:  actually nova b3 ubuntu2 never got uploaded
<jamespage> zul, urhg
<zul> jamespage:  nova fixed
<jamespage> zul, pushed? can't see it
<zul> jamespage:  just did
<zul> jamespage:  i didnt create a new changelog entry for rc1 because there is no ubuntu2 for nova
<jamespage> zul, fine but you still have a typo
<zul> jamespage:  wait there is
<hallyn> med_: hey, sorry - did you straighten the dhcp issue out?
<zul> jamespage:  ok *now* its fixed
<jamespage> zul, I still don't see it here - https://code.launchpad.net/~zulcss/nova/2013.2.rc1/+merge/189082
<brendan-> hi guys/gals.. was there an update to the repos that removed/renamed older packages?
<brendan-> E: Unable to locate package libxml2dev
<zul> jamespage:  pushed to an rc1 branch i had its there now
<jamespage> zul, the un-uploaded changelog entry is back
<zul> jamespage:  yeah it got stuck in proposed
<jamespage> OK
<jamespage> zul, +1
<zul> jamespage:  thanks
<brendan-> lol
<brendan-> im retarded
<brendan-> had -'s in my puppet manifest then i replaced, which took away the -'s from ssl-cert & other packages
<brendan-> thanks anyways
<med_> hallyn, yep, I needed to flush my precise
<med_> new containers were dhcping fine
<zul> jamespage:  alright we are just waiting for cinder and neutron correct?
<jamespage> zul, glance done?
<jamespage> yes - I see it is
<hallyn> med_: cool
<med_> yep
<med_> I'd never done that before.
<Gargoyle> Greetings.
<Gargoyle> Can anyone offer any pointers to info as to why iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT is better/worse than iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
<jamespage> zul, https://code.launchpad.net/~james-page/neutron/havana-rc1/+merge/189092
<jamespage> I'll look at the tests again but for now....
<zul> jamespage:  +1
<med_> How does havana end up in saucy if they release on the same date? Very tight coupling and upstream cohesion?
<jamespage> med_, well the rc1's are going in now
<med_> nodz.
<jamespage> albeit fixes that should be release
<jamespage> it will get zero-day sru'ed
<jamespage> which reminds me I need to line up an SRU team person todo that
<med_> jamespage, I'm mostly asking in case I need to answer anyone else.
<jamespage> med_, the answer is probably on release day +1
<med_> ack.
<jamespage> zul, OK - started on tidying the CA staging area
<jamespage> python-wsme uploaded from saucy - should be good now
<zul> jamespage:  ack
<jamespage> zul, http://people.canonical.com/~jamespage/ca/havana/
<jamespage> for lesscpy
<zul> +1
<jamespage> zul, actually ply is not required
<jamespage> its enough in precise already
<zul> jamespage:  sweet
<hallyn> jdstrand: sadly, commit fbe2e26c15af35e4d157874dc80f6a19eebaa83b in qemu breaks a bunch of the qa-regression-tests test-qemu.py checks :(  (i'll push a fix... just a pain)
<hallyn> (it changes a bunch of 'file=whatever' to remove the 'file=')
<jdstrand> hallyn: yuck. that is the type of stuff I don't understand why people change. it was fine before...
<jdstrand> hallyn: I guess you'll be making that shange to be saucy+ specific?
<hallyn> jdstrand: "HMP is intended for humans, so we'll make sure no non-humans can parse it" is the commit message's position
<jdstrand> yes
<hallyn> jdstrand: well i'm comparing qemu version to 1.6
<jdstrand> sounds good
<jdstrand> hallyn: is there an interface for non-humans to parse?
<hallyn> jdstrand: there is.  i wasn't sure if we should use that, or if we actually wanted the HMP to get verified
<jdstrand> my dog would love a simplified interface, for example
<hallyn> one woof for 32-bit, two for 64-bit
<jdstrand> hallyn: I'll let you make that call. I haven't updated/used that script in quite a while
<hallyn> jdstrand: for now i'm just gonna make it work as is, but the duct tape is coming loose so pretty soon i'll make a patch proposal to change it i think
<hallyn> (i wont' just push that without discussion -somewhere :)
<jdstrand> hallyn: in general, if there is a mchine-readable interface, the tests could all be made to use it. then have a couple of tests for HMP
<hallyn> sounds good
<jdstrand> but yeah, doesn't have to be done now
<hallyn> jdstrand: thanks, ttyl
<jdstrand> np
<jarkinox> OK, I'm going nuts trying to figure this out on my own.  Thus I reach out to the community.  I have a Bugzilla 4.4 installation on my Ubuntu 12.04 server
<jpds> OK.
<jarkinox> And I have Bugzilla configured to send emails whenever a bug is submitted or changed.  But it won't do it and I believe the problem is with postfix.  My mail.log shows connection time out.
<jarkinox> I have port 25 open
<jarkinox> So what gives?
<Pici> Can you send mail without having bugzilla initiate it?
<jarkinox> I've been trying to figure out how to do that with the mail command, but haven't figured it out?  do you have a quick few lines I can try?
<Pici> mail someone@somewhere.com <enter>
<Pici> press ctrl-d to finish
<jarkinox> that was easy :)
<jarkinox> ok, so I got "send-mail: fatal: chdir /Library/Server/Mail/Data/spool: No such file or directory"
<jarkinox> I notice that it says send-mail there.  isn't that different than postfix?
<jarkinox> seriously setting up email correctly has been the most challenging thing for me.
<Pici> jarkinox: How did you install postfix?
<rbasak> What's send-mail?
<rbasak> What's /Library/Server/Mail/...?
<rbasak> Neither of these are standard components in Ubuntu.
<jarkinox> during the server installation and also with apt-get
<jarkinox> shit
<rbasak> jarkinox: what's the output of the command "which sendmail"?
<jarkinox> hold on, sorry guys.  I ran that command on my mac terminal
<jarkinox> switching to ubuntu
<jarkinox> too many windows open
<jarkinox> ok, so I sent email through ubuntu and it seems to have worked ok
<jarkinox> but haven't received the email yet
<jarkinox> checking mail.log
<jarkinox> Oct  3 09:20:16 Ubuntu postfix/smtp[32192]: connect to XXXXXXXXXXXXXXXXX:25: Connection timed out
<jarkinox> rbasak: /usr/sbin/sendmail
<rbasak> So it's not a postfix problem then. Find out why you can't connect to that server on port 25.
<jarkinox> it's a gmail server
<rbasak> It may be that your ISP blocks connections. That's not uncommon. In that case, your ISP probably provides a smarthost, and you'll need to configure postfix with that.
<jarkinox> how do I figure that out?
<rbasak> Or you could configure the server to send everything through your gmail account. That might be easier for you.
<rbasak> http://askubuntu.com/q/228938/7808 can help you with that.
<jarkinox> awesome
<jarkinox> thank you rbasak
<jarkinox> i think that would be easiest
<jarkinox> man this is overwhelming
<jarkinox> ugh
<mallu> hi.. I was wondering if anyone can point to some resource for silently installing ldap client on Ubuntu 12.04
<mallu> I'm looking for a script
<lenios> mallu, you only need to do apt-get install ldap-utils
<mallu> well... that is prompting for ldap server information
<lenios> that's just installing stuff
<lenios> there is no question asked during this install. If you mean 'silently configure the ldap client so that it's pointing to an ldap server", that would be specific
<lenios> and it depends on what you want to do
<sarnold> mallu: hopefully helpful: http://manpages.ubuntu.com/manpages/lucid/man7/debconf.7.html
<lenios> there is no debconf question asked
<TheLordOfTime> since -motu and -bugs are all failing to respond to my question, anyone here know the SRU process and can tell me what happens if a package in precise-proposed gets verification-failed on the SRU bug?
<sarnold> TheLordOfTime: I'm pretty sure that package dies. No progress happens until someone either re-tests and confirms that it -does- fix the problem, or upload a new version ..
<TheLordOfTime> sarnold: yeah, that's what I thought (and at the same time as you answered, hggdh answered in -bugs).
<TheLordOfTime> sarnold: my main question is what happens to the package in -proposed, does it just get removed or what?
<sarnold> TheLordOfTime: hrm, I doubt it'd get removed right away, that'd be too easy for some jerk to waste hours of buildd time...
<hggdh> usually, it will be demoted after a while by "itself". If it is a critical failure, the archive managers should be pinged
<TheLordOfTime> i see.
<zul> hallyn:  ping
<hallyn> zul: uh, nobody here now but us chickens.  bok bok.  please call back later.  bok bok
<zul> hallyn:  riiight...do you know why policykit got added as a dep for libvirt?
<hallyn> zul: hm.  no.  there *was* a policykit-related bruhaha recently,
<zul> hallyn:  ok cool
<hallyn> zul: either it was part of the licensing problem, or it there was a patch in libvirt-security about it.
<hallyn> lemme check git log
<zul> hallyn:  yeah saw it mdeslaur bumped it
 * zul shakes his fist at mdeslaur
<hallyn> heh.  that won't work, i'm looking at qemu log
<hallyn> 'bumped' meaning refused it?
<hallyn> yeah, i don't know, sorry
<hallyn> zul: commit ecbb3d51b5f195a73377840d35072b7014da2aa0 claims to fix building without policykit
<hallyn> (sep 27 2013)
<hallyn> i'd frankly prefer to build without it, but...
<zul> hallyn:  ditto makes backporting to the CA a bit more interesting
<hallyn> all right i need a change of venue - biab
<zul> hallyn:  i cant find that commid id
<hallyn> zul: you can't find ecbb3d51b5f195a73377840d35072b7014da2aa0 in the libvirt src tree?
<zul> hallyn:  no found it
<zul> http://libvirt.org/git/?p=libvirt.git;a=commit;h=ecbb3d51b5f195a73377840d35072b7014da2aa0
<hallyn> is that in the package?
<hallyn> zul: and when you said 'it became a dependency' what did you mean?  it won't compile without it, or debian added it as a build-dep?
<zul> hallyn:  libsystemd-login-dev is a dependency of policykit-1 and its not in precise (and i dont want to go down that rabbithole ;))
<adam_g> zul, policykit backports from raring and folsom built fine in precise folsom/grizzily -staging
<zul> libsystemd-login-dev?
<zul> adam_g: libsystemd-login-dev isnt a dependency for policykit-1 for raring
<adam_g> zul, oh, you're having trouble with the saucy backport?
<zul> yeah
<adam_g> zul, why did we backport libvirt for H?
<zul> adam_g:  i really dont want to backport systemd
<zul> adam_g:  because people wanted a newer libvirt
<adam_g> zul, for what features, though?
<zul> adam_g:  and there is an open cve for 1.1.1 right now
<zul> in the CA
<bladernr_> Hey, do any of you guys know if there is an Ubuntu Server live image, or can point me to something on building a Server live image?
<adam_g> zul, what were the feature requirements that drove the bump in libvirt, though? IIRC, we did it last cycle for ceph rbd support
<zul> i believe thats right
<hallyn> zul: so adding that patch to saucy's libvirt, and dropping the polkit dep;  does that work?
<zul> hallyn:  working on it
<hallyn> (we can still do the same thing for saucy)
<hallyn> cool
<zul> why do we have a policykit-1 dep anywya?
<hallyn> i'm quite certain i didn't ad it
<hallyn> zul:
<hallyn>   [ Guido GÃ¼nther ]
<hallyn>   * [05e9a39] build-depend on policykit so polkit auth works with virsh
<hallyn>     as well
<hallyn> from 0.6 changelog
<zul> well screw that ;)
<hallyn> zul: it's in precise too
<zul> hallyn:  building a testdeb
<zul> need to go do dad duty
<hallyn> o
<hallyn> o/
<hallyn> that's me with two heads
<zul> hallyn: buids fine without polkit
<jamespage> zul, nova-novncproxy is borked
<jamespage> its blocking the autopkg tests
<jamespage>   File "/usr/lib/python2.7/dist-packages/websockify/websocketproxy.py", line 86, in __init__
<jamespage>     websocket.WebSocketServer.__init__(self, *args, **kwargs)
<jamespage> TypeError: __init__() got an unexpected keyword argument 'no_parent'
<jamespage> zul, you might want to cherry pick reverse of https://github.com/openstack/nova/commit/3eb67b811ae2442bd86781d9f1c4078a982cfe84
<hallyn> zul: well i guess we shoudl at least run wqa-regression-testing against it before pushing to saucy
<zul> jamespage:  ack ill look at it tonight
<zul> hallyn:  ill put it in a ppa tonight
<jamespage> zul, marverllous
 * jamespage goes back to fixing neutron
<zul> jamespage:  have to take liam to scouts/beavers tonight
<jamespage> zul, funny - I did that this evening as well!
<zul> jamespage:  heh
<hallyn> all right the only qemu test failure that still worries me is test_nic failing to connect over ssh.  The rest I'm gonna fix in the testsutie tonight.  THis one, gotta figure out what's going on.
<hallyn> hm ,looks like i82551 is the problem
#ubuntu-server 2013-10-04
<jrwren> anyone know how to use libapache2-mod_uwsgi ?  I enable the module, use apache diretive uWSGISocket but apache does not send requests to hte uwsgi process
<Jeeves_Moss> how do I add secondary IP addresses to an interface?
<sarnold> Jeeves_Moss: for temporary use, 'ip addr add <address> dev <device>', add new routes if necessary
<Jeeves_Moss> sarnold, basically, I've setup Nagios, and I need to monitor a bunch of subnets internally
<Jeeves_Moss> or is it just easier to add more NICs to the VM?
<jrwren> what does one have to do with the other? Nagios doesn't need secondary IP addresses to work.
<sarnold> jrwren: I assumed it was a matter of making it easy to communicate with different subnets..
<zul> jamespage:  when you get in in the morning https://code.launchpad.net/~zulcss/nova/nova-novnc-regression/+merge/189201
<pmatulis_> hallyn: do you know the state of lxc/dnsmasq on saucy?  i haven't used lxc in a long time and i also happened to upgrade to saucy this morning.  dnsmasq isn't giving out leases it seems
<zul> hallyn:  policykit less libvirt perkulation
<zul> https://launchpad.net/~zulcss/+archive/libvirt-testing
<pmatulis_> hm, looks like the new maas package is having package dependency problems.  who can help?
<pmatulis_> it appears to depend on 'python-curtin' which does not exist (until Saucy)
<hallyn> pmatulis_: the containers need to be updated
<hallyn> pmatulis_: do an lxc-create -t ubuntu -n u1 -- -F to flush the cache and build a new one
<hallyn> zul: remind me tomorrow, i'll set up a test machine
<pmatulis_> hallyn: hm, ok
<zul> hallyn:  ack
<hallyn> stgraber: i'm going to push the lxc-fedora update to git head unless you should in the next few mins
<stgraber> hallyn: I think it's fine, I never use that template and if I did, it'd work better than the current one anyway
<hallyn> hah, you THINK :)
<hallyn> how much time do you really think you'd be willing to put into making systemd work in a container :)
<pmatulis_> hallyn: dunno, still no address given out.  prolly a dnsmasq thing
<pmatulis_> hallyn: i do see DHCP offers in the logs
<hallyn> pmatulis_: you created a new container after flushing the cache, and it still doesn't work?
<stgraber> hallyn: can I give a negative answer?
<stgraber> because I feel I've already spent too much time on it ;)
<hallyn> stgraber: :)
<hallyn> stgraber: ^ what is the dnsmasq in containers issue again?
<stgraber> hallyn: btw, do not ack the autodev stuff, we have /etc/systemd/system on Ubuntu and i don't want autodev by default, so he'll have to find a better way of detecting systemd
<stgraber> hallyn: can't think of a dnsmasq issue, what are you reffering to?
<hallyn> stgraber: ok.  i wasn't going to read that thread right now anyway, it's convoluted and uninteresting.
<hallyn> stgraber: ^ pmatulis_'s containers aren't getting addresses.
<hallyn> i thought that was a known problem with out-fo-date containers in most cases
<hallyn> but i can't recall the details
<stgraber> ah yeah, but that was isc-dhcp
<stgraber> basically the 3.10 kernel changed a bit and started doing udp offloading on veth
<stgraber> so the udp checksums are no longer filled in by the kernel
<stgraber> which upset isc-dhcp
<stgraber> to fix that, just make sure your container isn't out of date. I SRUed the fix to all supported releases
 * hallyn scratches his head on how any sort of offloading on veth is supposed to work
<hallyn> pmatulis_: ^ if that doesn't fix it, then i guess please file a bug so we can collect details
<pmatulis_> hallyn: i'm at a container console.  dhclient causes OFFERS on the host but no address gets assigned
<pmatulis_> hallyn: will do the bug thing tomorrow, it's late here
<hallyn> pmatulis_: thanks - good night
<stgraber> pmatulis_: yeah, that sounds like the thing I fixed two months ago, update your container and try again
<stgraber> pmatulis_: chroot /var/lib/lxc/<container>/rootfs/ apt-get update && chroot /var/lib/lxc/<container>/rootfs/ apt-get dist-upgrade
<stgraber> pmatulis_: if you see isc-dhcp-* in there, then that's probably it
<pmatulis_> stgraber: the 'apt-get update' does not work.  DNS is busted.  http://paste.ubuntu.com/6190625/
<sarnold> temporary copy over your /etc/resolv.conf from host to the chroot?
<stgraber> pmatulis_: what he said ^ (cat /etc/resolv.conf > /var/lib/lxc/lxc_precise/rootfs/run/resolvconf/resolv.conf)
<pmatulis_> ok, working
<pmatulis_> stgraber: yeah, isc-dhcp-client isc-dhcp-common need upgrading
<stgraber> ok, so hopefully that was the bug and the container will work after that
<stgraber> I SRUed the fix for that quite a while back, I'm surprised people are still getting that issue. I guess not everyone has a package update OCD as I seem to have ;)
<pmatulis_> stgraber: bingo
<sarnold> stgraber: or once the kernel on the host is updated, the guests are a PITA to update :/
<pmatulis_> stgraber: dunno, how could i *not* have it?  i don't quite understand
<stgraber> sarnold: yep, exactly
<pmatulis_> stgraber: this is a new guest.  me confused
<pmatulis_> stgraber: how will the next guest be any different?
<stgraber> pmatulis_: because you have a cache in /var/cache/lxc/ that you should flush or update from time to time
<stgraber> the first container debootstraps the system in /var/cache/lxc, any subsequent lxc-create will just copy from the cache
<pmatulis_> stgraber: hallyn had me flush that already
<stgraber> so if you have the old isc-dhcp-* in there, all your new containers will be broken too
<stgraber> hmm, odd then because the template is supposed to apply updates from -updates so the debootstrap was done in the last 2 months, you shouldn't have had the bug...
<pmatulis_> i did this: 'lxc-create -t ubuntu -n u1 -- -F'
<stgraber> that should have worked...
<pmatulis_> another bug?  :)
<pmatulis_> lemme try another guest...
<stgraber> pmatulis_: ah, -F will only flush the cache for the version and architecture of your host, so as you are apparently on saucy, that wouldn't have flushed the precise cache
<stgraber> lxc-create -t ubuntu -n u1 -- -r precise -a amd64 -F would do that
<pmatulis_> stgraber: oh
<pmatulis_> stgraber: retrying...
<pmatulis_> stgraber: isn't there a command for all releases?
<stgraber> pmatulis_: rm -Rf /var/cache/lxc/* would do that :)
<stgraber> (I never use -F, I just wipe the cache manually)
<pmatulis_> fair
<pmatulis_> stgraber: ok, new precise guest is good!
<pmatulis_> stgraber, sarnold: thanks
<stgraber> cool, glad to hear we don't have another annoying bug to fix by release ;)
<pmatulis_> stgraber: why when i try the same flush command for quantal does it say 'container already exists'?
<pmatulis_> stgraber: it exists, but i want to flush/update it
<pmatulis_> stgraber: gah, disregard
<igalic> Hello happy people
<igalic> We've had a couple of crashers recently, so I'm trying to implement https://help.ubuntu.com/12.04/serverguide/kernel-crash-dump.html
<igalic> I've already tested this on my laptop, and now I'm testing it on a virtual machine, but my patience is running short. *How* long does it take until the dump/reboot happens?
<rbasak> igalic: if you don't get an answer here, try #ubuntu-kernel.
<igalic> rbasak: I was just looking at the https://wiki.ubuntu.com/IRC/ChannelList to find a channel more fitting.
<gartral> ok all, i'm gearing up to dd one whole disk to a new disk, from /drv/sda to /dev/sdb, what caveats should I be awear of? I'm looking for any minute detail that would keep this from running smoothly, including any grub-related issues such as boot-drive uuid
<gartral> /dev/sda to /dev/sdb*
<TJ-> gartral: Use a large blocksize to make it fast as possible
<gartral> TJ-: I plan on it
<TJ-> I typically use BS=100M or more
<gartral> TJ-: I'm just worried about other issues
<TJ-> As long as the destination system won't have both drives in at boot... unless after the clone you change all the file-system UUIDs
<gartral> TJ-: no, i'll be taking both drives and copying using another machne
<TJ-> If drives are a different size, and the cloned drive is larger, you'll probably want to add or expand a partition to include the free space
<gartral> TJ-: i'm dealing with a dying hdd in my server, both the dying drive and new drive are 320GB, I'm just hopin gto have a clean, if slow, swap..
<gartral> hopeing*
<TJ-> I'd recommend you not use 'dd' then, use 'ddrescue'
<gartral> TJ-: there's no re-read errors or spin up errors on the dying drive, yet. So I'mma try straight dd first
<TJ-> OK
<rbasak> smoser: I no longer seem to get a "ci-info: eth0" line in my console output in Saucy. Is this expected?
<gartral> TJ-: I'm not expecting this too take 15-30 minutes, I'm hopeing it doesn't take more than 6 hours
<TJ-> Make sure you're on UPS!
<gartral> TJ-: I wish I had one
<gartral> where does mysql store it's databases? or is it safest to juse export them from the mysql client?
<mardraum> you should use mysqldump if you are moving them around, the mysql data dir by default in ubuntu is in /var/lib/mysql
<gartral> ok, I'll just export all databases from within phpmyadmin
<jamespage> zul, reviewed, pushed and uploaded - thanks for fixing that up!
<rbasak> utlemming: http://askubuntu.com/questions/353370/installing-ubuntu-13-04-64-bit-virtual-machine-with-vagrant-on-os-x-provides-o
<rbasak> utlemming: looks like we/something is not expanding the partition to the size of the disk on boot.
<rbasak> Maybe because cloud-init is not being used?
<sander^work> How come du -csx /* gives 1GB used.. but df displays 10GB used?
<rbasak> sander^work: did you try googling? Eg. http://serverfault.com/q/57098 and http://linuxshellaccount.blogspot.co.uk/2008/12/why-du-and-df-display-different-values.html
<sander^work> rbasak, looks like Reserved block count is: 235916 and Block size is: 4096.. is this the problem?
<sander^work> No. tune2fs -m 5 /dev/xvda1 gives me: Setting reserved blocks percentage to 5% (235916 blocks)
<sander^work> df -i tells me only 5% is in use. but df tells me 96%
<sander^work> Hum. lsof +L 1 / | grep -i deleted ..gives me two files
<sander^work> How can I force delete those files I found with that command?
<sander^work> Cool. Some app had it open. Fixed it :)
<smoser> rbasak, i'll loook. you should. i'll lok.
<smoser> rbasak, please file a bug
<rbasak> smoser: filed bug 1235231
<uvirtbot> Launchpad bug 1235231 in cloud-init "ci-info: eth0 missing from latest saucy images" [Undecided,New] https://launchpad.net/bugs/1235231
<zul> jamespage:  https://code.launchpad.net/~zulcss/cinder/2013.3.rc1/+merge/189299
<jamespage> zul, + * New upstream point release. -> New upstream release candidate
<jamespage> zul, finish_volume_migration now tests OK right?
<zul> jamespage:  yeah removed the skip and ran fine
<zul> noticed the bug i opened was closed ;)
<jamespage> other than the changelog comment +1 then
<zul> jamespage:  fixed
<jamespage> zul,  OK - dash theme refreshed
<jamespage> man I hate doiing css
<zul> hehe
<zul> jamespage: CA nearly updated waiting for cinder and nova
<smoser> rbasak, can you test one of the other saucy 'releases' ?
<rbasak> smoser: which one? Do you have a simplestreams filter query for me? :)
<smoser> you just need to get more than one
<smoser> http://cloud-images.ubuntu.com/releases/saucy/
<smoser> rbasak,
<smoser> sstream-query http://cloud-images.ubuntu.com/releases/streams/v1/com.ubuntu.cloud:released:download.json release=saucy arch=amd64  "label~(alpha|beta)" ftype=disk1.img
<smoser> that works for me
<smoser> but uvtools just returns to quickly.
<jamespage> zul, https://code.launchpad.net/~james-page/horizon/theme-refresh-perms-fix/+merge/189314
<zul> jamespage:  +1
<jamespage> zul, ta - pushed and uploaded
<jamespage> phew
<jamespage> I assume you reviewed every line of my css change?
<jamespage> :-)
<rbasak> smoser: it's because I'm using max_items: 1. Is that a bug, and if so, where?
<rbasak> smoser: I wanted the latest single thing for each product that matched the query.
<rbasak> smoser: it seems that I'm getting the latest single thing and then filtering that with the query instead.
<smoser> right. that is how that works rbasak
<smoser> max applies to the newest item
<rbasak> smoser: which bit is right?
<smoser> indepnedent of match.
<rbasak> I'm lost. Are you telling me that I'm calling the simplestreams API wrong for what I want?
<smoser> well, as it is right now you can't use max for that.
<smoser> because 'label' is on the item
<smoser> and max is counted before it gets down there to find the item
<smoser> i think.
<smoser> it is the way it is.
<smoser> i dont know if its necessarily "right"
<smoser> i think when i wrote it i thought i could go both ways on that.
<smoser> i dontk now.
<smoser> i'm willing to be convinced otherwise.
<rbasak> I'd expect the filter to apply first, and then a limit, with the newest products coming out first.
<rbasak> It doesn't make sense for a limit to apply before the filters.
<rbasak> smoser: ci-info: eth0 disappeared between alpha3 and beta1. Also missing from beta2.
<smoser> rbasak, thank you.
<rbasak> smoser: alpha3: http://paste.ubuntu.com/6192406/; beta1: http://paste.ubuntu.com/6192407/; beta2: http://paste.ubuntu.com/6192408/
<hallyn> zul: starting regression tests against your libvirt candidate
<zul> cool thanks
<Teduardo> Hi I am running Ubuntu 13.04 and I did apt-get install ubuntu-desktop and I need to start the desktop and a VNC server for the console at boot, can anyone tell me how to do this?
<Teduardo> or even how to start the desktop/vnc from SSH
<Teduardo> under rhel it's just init 5
<smoser> jodh, can i 'start on mounted MOUNTPOINT=/run' and not block ?
<hallyn> zul: http://paste.ubuntu.com/6192587/   4 errors... not sure why
<zul> hallyn:  so that sucks
<hallyn> zul: any ideas offhand?
<zul> hallyn:  not really maybe the tests expect policykit?
<hallyn> lemme finish this commit then i'll dig in
<jamespage> zul, OK if I don't propose a merge for the swift fixes I did this week?  I'd like to push that out with rc1
<zul> jamespage:  sure
<jamespage> zul, ok pushed and uploaded
<zul> jamespage:  yay!
<zul> jamespage:  poking at glance with a pointy stick
<smoser> rbasak, so this is i think not cloud-init's fault.
<smoser> but plymouth or upstart.
<smoser> rbasak, do you want to debug some ?
<smoser> it'd be useful to see output with that 'my-logger.conf' added in.
<rbasak> ack
<rbasak> smoser: I'll need to look on Monday I think. It's pretty tedious doing this by hand; I might as well add some functionality to uvtool.
<smoser> rbasak, mount-image-callback
<smoser> is your friend on that.
<smoser> mount-image-callback my.img sh -c 'tee -a $MOUNTPOINT/etc/init/my-logger.conf' < my-logger.conf
<smoser> something like that.
<rbasak> Yeah but this disk is a qcow2 overlay
<smoser> give me some credit.
<rbasak> I could use the nbd thing or whatever it is too.
<smoser> why would i write a tool that  made you think about such things.
<rbasak> It works with that?
<smoser> :)
<smoser> es.
<smoser> yes
<rbasak> "mount a file" is a bit vague :)
<smoser> only because you are too smart
<rbasak> Is it a problem if the debug results I give you isn't from first boot?
<smoser> and think "oh, it can't bpossible do smart things"
<smoser> i't be better if they were first boot i think.
<smoser> but probably not
<smoser> you could just patch the original libvirt volume
<smoser> make a copy, patch, revert.
<rbasak> Does mount-image-callback unmount after it's done? Or is the clue in the name?
<smoser> it cleans up.
<smoser> so after you do that it is unmounted.
<smoser> it used to be called mount-callback-umount
<rbasak> Aaargh.
<rbasak> I used /mnt for temporary stuff
<rbasak> Forgot I can't do that with cloud images since /mnt is used for stuff.
<zul> jamespage:  was it neutron you unpatched, ran the testsuite, and then patched it?
<jamespage> zul, yes
<zul> jamespage:  ok i think i might have to do the same for glance
<jamespage> zul, hallyn: ever seen one of these before?
<jamespage> thats a 3.11 guest running on a 12.04/3.8 host
<jamespage> and http://paste.ubuntu.com/6192811/
<jamespage> from the host
<jamespage> oh - and its nested KVM
<jamespage> so its a 12.04/3.2 guest on a 13.10/3.11 host, which in turn is a guest on a 12.04/3.8 host
<jamespage> blimey - thats alot of different versions
<zul> why is it probing for an xfs filesystem?
<hallyn> jamespage: smb is working on a nested kvm bug...
<rbasak> smoser: it doesn't seem to have changed much. http://paste.ubuntu.com/6192819/
 * jamespage shrugs
<rbasak> smoser: I checked and I see a /etc/init/my-logger.conf
<jamespage> zul,  - i have not idea - I suspect that something is trying to determine fs type maybe?
<zul> right
<zul> i havent seen that beofre
<hallyn> jamespage: though really in this case it looks like you have very unfortunate garbage on nbd7
<hallyn> it doesn't find ext3, and then xfs chokes on it
<jamespage> hallyn, I think that is a problem but I don;'t think its the reason why the instance is in paused state
<jamespage> hallyn, it actually started to boot
<hallyn> jamespage: I think the guest is waiting for you to fix the fs...
<jamespage> http://paste.ubuntu.com/6192827/
<hallyn> jamespage: is http://paste.ubuntu.com/6192827 for someone else?
<hallyn> (cause i don't see how it relates to the other paste)
<hallyn> is the 5 hour jump in syslog from a tz switch during boot?
<jamespage> hallyn, thats the console log from the highest level guest
<hallyn> then what's the other one?
<jamespage> is the kernel log from the host
<jamespage> it problem did nothing for a few hours
<hallyn> oh the HOST is choking on the xfs?
<jamespage> yeah
 * hallyn confused about why the host is trying to mount it then
<jamespage> agreed
<hallyn> seems like automount-gone-wild
<jamespage> hmm
<jamespage> its doing something with ndb
<hallyn> udev sees new nbd device and says "aw shucks, lets mount it" ?
<jamespage> maybe
<jamespage> does libvirt do anything like that?
<hallyn> not that I know of, no
<hallyn> but maybe nova is pre-mounting it for the guest?
<jamespage> hallyn, maybe - I'd hope not but who knows?
 * jamespage digs further
<hallyn> jamespage: is it possible to stop nova on the host and then run the test?
<hallyn> zul: the 4 failures seem to be due to apparmor not allowing libvirt to read files under /tmp/*/
<hallyn> what i can't figure out is why this would be new
<zul> polkit version?
<jamespage> hallyn, hmm
<jamespage> zul, that might be something todo with it
<hallyn> zul: libpolkit-gobject-1-0:amd64 is all i have
<jamespage> I don't see this on the bare metal host
<jamespage> which is running older libvirt from havana staging on 12.04
<hallyn> zul: (or was that directed at jamespage )
<hallyn> well lemme downgrade libvirt and see
<zul> smb: https://launchpadlibrarian.net/152526461/buildlog_ubuntu-precise-i386.xen_4.3.0-1ubuntu1~cloud1_FAILEDTOBUILD.txt.gz
<rbasak> EOD
 * rbasak EOD
<jamespage> hallyn, OK _ I see similar kernel log messages on the physical havana hosts; but no kernel stack trace
<jamespage> for example - http://paste.ubuntu.com/6192922/
<jamespage> hmm - instance key injection I think
<hallyn> ?
<jamespage> when nova starts an instance it can potentially inject an ssh key to the instance
<jamespage> it does that using qemu-nbd
<hallyn> ah.  but so that nbd7 is meant to be a valid fs?  I assumed it was not-yet-created fs attached as a secondary hd
<jamespage> hallyn, I'm not sure but nova does not log the failure message so I'm assuming it succeeds
<jamespage> hallyn, the http://paste.ubuntu.com/6192811/ paste was from libvirt/qemu
<hallyn> jamespage: do you know what fs is actuall *on* nbd7?
<jamespage> hallyn, well its a stock precise cloud image
<hallyn> wouldn't that be ext4?  but it wasn't ext4
<jamespage> hallyn, actually there is a qemu-nbd process running =- root     25190     1 99 15:53 ?        00:58:11 /usr/bin/qemu-nbd -c /dev/nbd7 /var/lib/nova/instances/3eac2a3b-52d3-4a9c-ba21-602f1cc5e220/disk
<jamespage> so it started OK
<jamespage> despite the error message
<jamespage> but then the instances pauses
<hallyn> that just sets up the block device.  it doesn't mount it
<hallyn> you can do that with a completely garbage file
<smoser> rbasak, sorry. slow reply. that paste http://paste.ubuntu.com/6192819/ shows that a *ton* of output got eaten
<Phog> what are some good projects to help me learn ubuntu a bit better
<sarnold> Phog: whatever will keep your interest long enough :) if you're at a complete loss of what to do next, you could read the server guide:https://help.ubuntu.com/12.04/serverguide/   or you could read all the manpages on your system (probably harder today than it once was, maybe focus on commands in /bin and /sbin for starting..)
<Phog> hmm ok
<Phog> i like projects because i learn as i implement
<Phog> but
<Phog> i can handle this
<Phog> thanks
<sarnold> Phog: you might find the perfect project while reading the guide :) it's got a lot of cool stuff...
<Phog> you ever tunneled http through an ssh session
<sarnold> sure, it's quite useful for traversing firewalls
<Phog> yeah
<Phog> does chrome do it?
<Phog> on windows?
<Phog> seems like all the guides i read are firefox
<sarnold> Phog: sure, chrome will do it fine, if you can get the ports configured properly for ssh. I _think_ putty has those options, but I haven't looked in a decade or more.
<Phog> ok
<Phog> ssh is pretty nifty
<hallyn> sarnold: yeah i've port fwded through putty for accessing security cam before, it does it fine
<hallyn> zul: 1.1.1-0ubuntu8 fails the same way
<hallyn> did we use to allow /tmp/** access to libvirt-qemu?
<zul> hallyn:  really?
<zul> im not sure
<sarnold> hallyn: cool :) I figured MS would have made a Good Enough copy of BSD sockets layer to let it work fine..
 * hallyn checks precise
<hallyn> no...
<hallyn> is this a regression in virt-aa-helper?
<Phog> wow
<Phog> i can't believe i've gone this long not realizing i could tunnel through SSH
<Phog> jesus
<Phog> how fucking insanely handy is that
<hallyn> jobs-level insanely
<hallyn> i suppose thats why plan 9 network ns  binding stopped being so cool
<sarnold> plan 9 never stopped being cool, even if I never did get the hang of using the mouse so much.
<hallyn> need a corded kbd
<hallyn> grumble grumble thermal shutdown grumble grumble
<tom[]> i foolishly broke a server's packages. i learned on #opensmtpd of a supported .deb. the only pkg available then was a sid but i didn't know what that meant. i added "deb http://http.us.debian.org/debian sid main" to sources.list on ubuntu 12.04. i soon learned how stupid that was. chaos ensued. the mess is beyond apt-get -f (no aptitude on the system). how can i get back to the versions from the precise distro?
<hallyn> there's probably a better way, but you could just install a quick precise instance somewhere to get package versions of things you defiantely need, then grab them from archive.ubuntu.com/ubuntu/pool/
<hallyn> (then dpkg -i them)
<hallyn> or,
<hallyn> you could install a rootfs (say a container) onto a usb stick;  mount that on that server;  copy stuff to bootstrap
<tom[]> the servers are very distant.
<tom[]> but i have two that are almost a matching pair. i screwed up only one of them
<hallyn> rsync -va remote:/bin/ /bin/ ?
<hallyn> well if you have wget and dpkg then i'd recommend the first option
<sarnold> yeah, I like the sounds of the first option
<sarnold> another option that I very nearly hesitate to mention... try replacing 'precise' with 'raring' in your sources.lists, and try to apt-get dist-upgrade your way forward. It won't be on an LTS release then, but going further forwards make work better than trying to downgrade packages..
<tom[]> i have wget, dpkg. but i don't understand what you wrote. "install a quick precise instance somewhere" e.g. locally in virtualbox?
<hallyn> or an amazon instance;  or a container (lxc-create -t ubuntu -n p1 -- -r precise;  lxc-start -n p1)
<hallyn> or even just a debootstrap somewhere.  just so you can compare versions and sha1sums
<hallyn> sarnold's raring suggestion is good depending on what this box does and your future plans for it
<tom[]> its a webapp server (maria, php, nginx, sphinxsearch etc.)
<tom[]> currently a hot standby and working but the packages are unmanagable
<jrwren> i'm trying to chroot to a tree where most things (libc, bin/bash) are symlinks to another area in the same tree. strace shows chroot syscall succeed but execve /bin/bash fail with ENOENT   This works on an old FC system. Can anyone suggest where I should look?
<jrwren> nevermind. of course after I ask, I find soemthing new and fix it.
<hallyn> zul: all right, passes on raring.  i dunno...  lemme try a new cloud instance of saucy
<zul> hallyn:  ack thanks for doing this
<hallyn> zul: yea a new stock saucy instance has the same 4 failures.  not sure when this regression popped up.
<hallyn> sigh - bisect i guess
<hallyn> testing 1.1.1-0ubuntu4
<delinquentme> OK so putting in alias commands ... ~/.bashrc or  ~/.bash_profile ??
<jkyle> anyone have a working example of a multi-disk, multi volume group (lvm) preseed?
<jkyle> or know if that's not possible.
<TJ-> delinquentme: Neither - ~/.bash_aliases
<delinquentme> TJ-, what are the other two files used for then?
<jkyle> TJ-: shit, learn something every day. didn't realize *_aliases was in the init list
<jkyle> for bash like shells
<delinquentme> ^^^
<uvirtbot> delinquentme: Error: "^^" is not a valid command.
<delinquentme> ditto I'm characterizing another machine and I'm learning how "things should be done" bit by bt
<TJ->  .profile will include .bashrc if the shell is bash, .bashrc will include .bash_aliases and other files
 * TJ- is gone -  been a long bug-fix of a day
<adam_g> smoser, http://status.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/cloud-tools_versions.html
<smoser> dude.
<smoser> you rock!
<adam_g> smoser, required minimal changes. adding the next -> ubuntu dev will be a little more work.
<smoser> ubuntu -> next
<ajhlinuxuser> Hi, using virt-manager, creating a VM remotely won't let me select an ISO file.  What is wrong??
<GH0> Hello, I need some help installing Ubuntu Server on a UEFI motherboard, I am installing the 12.04.3 LTS on a Gigabyte 990FX UD3 AMD motherboard. Everytime I use the installer disc, I can get past the the partition management utility, but it seems to fail at "Installing the Base System". This fails at "The debootstrap program exited with an error (return value 1). Check /var/log/syslog or see vitual console 4 for the details"
<GH0> When I switch over to that screen, I see three lines that are ext4-fs errors'
<GH0> For device sda2 which would be the / mount point, as sda1 iis the /boot mount point
<GH0> The error listed is: "EXT4-fs error (device sda2) in ext4_reserve_inode_write:4688: Journal has aborted
<GH0> The second error listed is: "EXT4-fs error (device sda2) in ext4_evict_inode:243: Journal has aborted
<GH0> This has happened twice, and I don't think it is a disc problem, so I was wondering if anyone could help me out with the install.
<hallyn> zul: jdstrand: the qa-regression-tests have 4 failures using the raring libvirt package on saucy;  they all pass on raring.
<hallyn> each failure is due to:
<hallyn> Oct  4 21:39:46 ip-10-10-145-232 kernel: [40612904.124019] type=1400 audit(1380922786.415:533): apparmor="DENIED" operation="open" parent=1 profile="libvirt-7d781722-69b7-8801-fe96-caf37b7a8969" name="/tmp/tmpgvfz4m/device_disk.img" pid=17761 comm="qemu" requested_mask="rw" denied_mask="rw" fsuid=107 ouid=107
<hallyn> i'm at a loss.  doesn't appear to be the policy shipped with libvirt that's the problem...
<rgouveia> hi ... i have an old 32bit pentium-m without pae. is there a netboot of 12.04 server available ?
<rgouveia> nevermind, i thought the server kernel was different from the desktop one
<hallyn> yeah the entry   "/tmp/tmphzIH1Q/device_disk.img" rw,
<hallyn> is not being added
<hallyn> using the same version of libvirt
<xibalba> is it just me or are the apt repos slow as snot
<xibalba> always get around 80KB/sec
<sarnold> xibalba: back when I used them, I'd get around 300KB/sec, it felt glacial.. I switched to http://mirror.anl.gov/ubuntu/ and now I get several megabytes per second now..
<xibalba> where do i mod that again?
<hallyn> zul: well anyway i see no regressions compared to the current saucy version.  back over to you with that.  but the apparmor problem has me stumped
<xibalba> found it
<xibalba> sarnold, what's the line you've got in sources.list?
<sarnold> xibalba: here's just my deb lines: http://paste.ubuntu.com/6194382/
<sarnold> xibalba: you may not need or want them all..
<xibalba> thanks
<xibalba> do i need to specify precise-*
<xibalba> i never know the name of ubuntu releases
<xibalba> on 12.04.3 though
<sarnold> xibalba: ah right, precise for that.
<xibalba> holy crap
<xibalba> exceptionally faster
<sarnold> yeah :D
<xibalba> i remember back in my freebsd boxes you could run like fastest_cvs and it would auto add the fastest mirrors for you
<xibalba> ubuntu should do that post install on first apt-get updat
<sarnold> I tried to find one of those when I got tired of the slow ubuntu.com speeds but the ones I thought I remembered from debian a decade ago just weren't there. but anl.gov is bloody fast, faster than my connection can go anyway, so it works well enough for me. :)
<hallyn> heh, remember, kids, root's cron-fired jobs do not have /sbin/ in $PATH by default
<sarnold> heh, if I've learned one thing about cron, it's that it is just best to use full pathnames for everything always.
<jkitchen> yes.
<jkitchen> or just ... not use cron.
<xibalba> not use cron?
<xibalba> blasphemy
#ubuntu-server 2013-10-05
<delinquentme> so how can I automate the install of something like the passenger configuration script ... since when I run $ passenger-install-nginx-module  it asks for prompts  !!!!!!!!!!!!!!!!!!! how do automate something like this!?
<sarnold> delinquentme: if the script doesn't just let you give answers via --foo=bar, --floor=baz, etc., then you can always drag out expect(1). expect is a horrible tool, but when it works, it often solves a task that nothing else quite can do...
<sarnold> delinquentme: but perhaps there would be another tool written by someone else that would do the same job in a better fashion?
<sarnold> s/better/more automated/
<delinquentme> sarnold, it looks like linode has tools that I'm looking far
<igalic> If anyone here is particularily bored, I'd love to get some feedback on https://bugs.launchpad.net/ubuntu/+source/kexec-tools/+bug/1235616
<uvirtbot> Launchpad bug 1235616 in kexec-tools "linux-crashdump doesn't actually dump and reboot" [Undecided,New]
<Kwayzu> anyone running utorrent with webgui on their ubuntu-server?  Mine is stuck "loading"
<gartral> hey all, I have a dying drive, and a drive of slightly larger capacity that I wish to clone said bad drive too, using ddrescue I get "Bad or missing numerical argument" with the command ddrescue -r=3 -d -f -v /dev/sda /dev/sdc ./recovery.log
<gartral> nvm, fixed it
<gartral> the -r=3 was wrong, it needed too be -r 3
<andol> gartral: the = is more common with --long-options, even if it often is volontary then.
<Trebacz> Migrating to a new server. Is the best way to migrate configuration files and settings to use rsync? If so how to I copy files between directories such as /var/www using sudo and ssh?
<Trebacz> I tried something like sudo rsync -e "ssh -p 22" -avz /var/www david@192.168.0.188:/var/www
<bekks> Trebacz: sudo rsync ...
<Trebacz> I tried: sudo rsync -e "ssh -p 22" -avz --rsync-path="sudo rsync" /var/www david@192.168.0.188:/var/www/  but I get a no tty present and no askpass program specified
<bekks> Trebacz: you have to setup ssh keys for root for what you want to do there.
<TJ-> Trebacz: You'll need the "-t" or even "-tt" argument to "ssh" to solve the "no tty present" issue
<shauno> or 'nopasswd' for rsync in sudoers, so it doesn't need to prompt for a pass ?
<Trebacz> With sudo rsync -e "ssh -tt -p 8080" -avz --rsync-path="sudo rsync" /var/www david@192.168.0.188:/var/www/ I get a protocol version mismatch -- is your shell clean?
<Trebacz> rsync 3.0.9 version is identical on both servers
<gartral> andol: there's no special magic I have to pull out of rear-end to make this cloned drive bootable, right? aside from, of course, the obligatory fsck, right?
<gartral> side thought; how many years does it take to squash all bugs in a program? A: x=1*r (r standing for known fixed bugs.)
<TJ-> gartral: It depends on whether the development has come to a halt or not, and whether it interacts with other programs/kernel :D
<gartral> TJ-: those are forigen variables. also, the latter is almost cetainly always in a "false" state, as even the most basic of programs *must* communicate through other programs, same for the most elementar, BIOS and Microcode are nothing without each other
<zoned> when i do a mount -t reiserfs /dev/disk/by-id/<the id> /mnt/foo     df -h shows my 750G disk as 134M
<kartoffelfreund> hello everybody... is someone fit in server maintenance? i have a little issue with my raspberryPI,a backup and a read only system
<kartoffelfreund> well...bein in ubuntu server makes my first question obsolete
<gartral> kartoffelfreund: you aren't offering much to go on here.. elaborate please
<kartoffelfreund> well... i run a raspberryPI with rasbian-netinstall, have set up an apace, owncloud etc and everything went well...
<kartoffelfreund> now i wanted to overclock the systen and made a backup from the sdcard...
<kartoffelfreund> as mentioned in the oc menu, the system failed, so I dd'ed the backup back to the mmc-card
<kartoffelfreund> now I'm able to boot the system but it does not start the apache (read only filesystem)
<kartoffelfreund> it does not find the external hdd eiter
<kartoffelfreund> im not sure but has the "read only " something to do with the user-permissions from my laptop?
<gartral> kartoffelfreund: well either there was an inconsistent backup, which corrupted your server or you've left some *.lock files where they shouldn't have been, are you able to ssh into the PI and poke around?
<kartoffelfreund> I even tried this http://askubuntu.com/questions/197459/read-only-file-system but fsck does noting/something i dont understand
<kartoffelfreund> yes
<kartoffelfreund> im logged in via ssh
<gartral> which did fsck do, nothing, or was there some output that doesn't make sense?
<kartoffelfreund> root@pi:~# fsck -Af -M
<kartoffelfreund> fsck from util-linux 2.20.1
<kartoffelfreund> root@pi:~#
<kartoffelfreund> but i fear that the backup was inconsistent... :/
<gartral> ok, so that rules out the corrupt FS theory.. for now.. do ls -AR | grep *.lock
<gartral> oops, let me revise that
<gartral> kartoffelfreund: ls -AR / | grep *.lock
<kartoffelfreund> shows nothing
<gartral> >.<
<gartral> kartoffelfreund: ls -AR / | grep lock
<kartoffelfreund> much more :D
<gartral> did that show times?
<kartoffelfreund> what do you mean by times?
<kartoffelfreund> it listed roughly 100 files
<gartral> kartoffelfreund: you'll have to go through and determine when those locks were created
<kartoffelfreund> o.o
<gartral> i recommend man ls or a good google, but I'm willing to bet that some of those locks are old
<kartoffelfreund> i set the pi yesterday up...
<kartoffelfreund> i worked like a charm until i decided to oc the pi...
<gartral> is it still overclocked?
<kartoffelfreund> looking closer it also shows entries called block/clock etc...
<kartoffelfreund> yes but at a safer value wich worked well
<gartral> at this point, I'm not much help, I don't own a PI and i can't divert any more time into helping you with yours, I'm sorry
<kartoffelfreund> and it even does not boot up when rebooting...
<kartoffelfreund> :(
#ubuntu-server 2013-10-06
<wilee-nilee> Not sure if this is appropriate channel, however I'm a fairly experienced ubuntu user except in this area.  So I have a smart tv, I have minidlna working with home and, video, but can't get it to read an external usb HD, not sure the pathway. I
<crass> weird, I have been able to use resize2fs on a live filesystem in the past
<crass> but now it appears to be requiring that the block device is not in use...
<crass> any ideas why now resize2fs fails when opening the device because its in use?
<gartral> alright all, i've been fighting this all night, even with ddrescue I can't get the superblock of my booting partition from my server to transfer to a new drive, any advice?
<sarnold> gartral: (just a quick note before I go to bed...) if you really can't get the superblock there tend to be superblock backups made around 8192 or 8193 or something, there's a whole string of superblock backups. Probably you can't get your master boot record or partition boot record to copy over instead, but those might be easier to create anew anyhow. Hope this helps :) have fun
<darkXplo_> hi guysss
<darkXplo_> can anyone help me with UPW
<darkXplo_> https://gist.github.com/anonymous/39e070dbc70c45c48502
<darkXplo_> UFW
<Jinxed-> Anyone know of a video conferencing server for a private network that would allow android mobile devices to connect
<gartral> sarnold: yea, none were working
<gartral> Jinxed-: asterisk should allow that
<chmac> Added eth1 to /etc/network/interfaces with a static ip for a private subnet (10.0.0.0/24), but the route for that subnet is not being created...
<chmac> Do I need to manually add the route somewhere?
<chmac> I think on my other machine it "just works"...
<Svetlana> http://multipath-tcp.org/pmwiki.php/Users/ConfigureRouting has some details about how this is done. Is it how you do it on both machines?
<Svetlana> Looking at http://manpages.ubuntu.com/manpages/precise/man5/interfaces.5.html I think you can add a command into interfaces file directly... like 'IFACE OPTIONS' section says. Is this how you do it?
<chmac> Svetlana: http://pastie.org/8381455
<chmac> Svetlana: Yeah, I'm reading here and there that I could add a `post up route add foo`
<chmac> But that seems like a hack, and I'm not sure why it's working on one machine but not another
<chmac> These are both ubuntu-server instances running inside virtualbox
<Svetlana> Is this how your interfaces file looks under both machines? Does any of them have different files in /etc/network/if-up.d/?
<Svetlana> (I gave you two links. https://wiki.merproject.org/wiki/Nemo/USBNetworking is an example for the second one: you would have to replace the stuff after 'up' and 'down' with 'route bla bla' commands.)
<chmac> Svetlana: The machine that works has a postfix file in there, let me see if there's anything useful in it...
<chmac> Otherwise, the md5s match on all the files on both machines
<chmac> Svetlana Nothing about routing in the postfix file
<Svetlana> And while the route is not bring created, is the connection activated at all? 'sudo ifconfig' shows 'inet addr' line for the active ones.
<chmac> I think I could solve it with the `post up route add` option, but it's a Sunday morning and I'm inclined to spend a little time to see if I can figure out the issue!
<chmac> Svetlana: Hmm, let me restart the vm and see...
<chmac> Svetlana: Yeah, the interface is up
<Svetlana> what IP address does ifconfig show?
<chmac> 10.1.0.2
<Svetlana> Okay, that looks fine.
<chmac> Shows a netmask of 255.255.255.255 though...
<chmac> Aha, while my other machine shows 255.255.255.0
<chmac> Crazy, typo in the interfaces file, I wrote netmasT instead of netmasK :-)
<chmac> Svetlana: Thanks a lot for your help, I really appreciate it
<Svetlana> http://manpages.ubuntu.com/manpages/precise/man5/interfaces.5.html in 'static method' it does not list 'network' rule, but you have it. It is a bit strange.
<chmac> Svetlana: Hmm, good point, probably ignores it, I guess it ignored the netmasT line! :-)
<Svetlana> When you said 'Nothing about routing in the postfix file', you meant the interfaces file, right? Or were you referring to the if-up.d/* files, which you compared?
<eagles0513875_> hey guys i am trying to change the php upload size and for some reason even after changing the upload_max_filesize and restarting apache the filesize has not changed
<AntelopeSalad> hey guys, i'm setting up my first server and i'm curious if init.d and upstart scripts will conflict with each other
<AntelopeSalad> basically i've installed things like nginx through apt-get (after updating my source list) and that seems to setup an init.d script but i've been following guides that create a custom upstart config
<AntelopeSalad> is there a way to somehow disable the init.d version so it doesn't run double the processes?
<qman__> most packages which have upstart scripts install a dummy init.d script, verify first that there isn't an upstart script already
<qman__> that said, if the package includes an init.d script and not an upstart script, adding your own in will conflict with the package contents
<AntelopeSalad> qman__: what can i do to fix it? i made the upstart config afterwards
<qman__> it's possible to manually remove/disable the init.d script and install the upstart script, but this will break every time you update the package
<qman__> the correct way to change this is to rebuild the package using the upstart script instead
<AntelopeSalad> what do you think is the most sane way to ensure that the process stays up?
<qman__> the most sane way is to stick to the distro default and not touch it
<AntelopeSalad> i didn't build anything, all i did was apt install nginx
<AntelopeSalad> but i wasn't sure if that came with any type of process monitoring
<qman__> it doesn't; neither does upstart
<AntelopeSalad> but i setup process monitoring with upstart (i think)
<qman__> if you need process monitoring, implement that separately, either with a simple cron job or to full on systems like nagios
<AntelopeSalad> this is what i setup by following some tutorial http://pastie.org/8381932
<AntelopeSalad> i thought upstart was the standard way to make sure stuff loads on startup and doesn't die
<qman__> upstart provides service management the same as traditional sysvinit did; it has different features
<qman__> it is not a monitoring system
<AntelopeSalad> maybe i'm using the wrong termonology
<qman__> it can be used by your monitoring system, though
<AntelopeSalad> all i want to do is make sure if nginx dies that it gets restarted
<AntelopeSalad> and that it starts when the system boots up
<qman__> in a traditional init script you'd manually implement respawn on failure in the service itself
<qman__> where upstart provides rudimentary functionality to respawn on failure
<AntelopeSalad> so i should use the default init.d script and not touch it, and that will take care of it loading on startup?
<qman__> yes
<AntelopeSalad> but then use something other than upstart to make sure it doesn't die?
<qman__> yes, if you care about monitoring, implement it
<qman__> that can be anything from a simple cron job that checks if it's running to a full featured monitoring system like nagios
<AntelopeSalad> if i delete the config file in the /init/ dir is that good enough to completely reverse the mistake i made?
<qman__> if that's all you created, then yes
<AntelopeSalad> (and reboot the machine of course)
<qman__> no reboot necessary
<qman__> while converting to upstart is a good thing long term, sticking to the system defaults wherever possible is the most sane way to manage a system, because then updates won't break things
<qman__> nginx will more than likely be converted to upstart in a future release if it hasn't already
<AntelopeSalad> ok thanks, so it's really up to the tool to handle supplying the startup scripts
<qman__> correct; you can do it yourself but there's a lot to take into consideration
<qman__> and it involves building your own packages
<AntelopeSalad> that sounds like the opposite of what i want to do haha
<qman__> if you want set and forget, sticking to defaults is best
<AntelopeSalad> btw is it standard to run "service nginx start" or should i be using sudo?
<qman__> you generally need root privileges to run the service command
<AntelopeSalad> ok, i actually didn't try it without it but i wasn't sure if running a process as root was a good idea
<qman__> it doesn't run nginx as root
<qman__> or at least it shouldn't, that would be a very bad bug
<qman__> generally the init script handles deescalation of privileges
<AntelopeSalad> i think it's running it as root
<AntelopeSalad> http://pastie.org/8381963
<qman__> ah, I see
<qman__> only the main binary is using root, the subprocesses are running unprivileged
<AntelopeSalad> i'm not sure though
<qman__> which looks to be by design
<AntelopeSalad> yeah
<qman__> I'm not intimately familiar with nginx
<AntelopeSalad> the worker is what gets touched by the public maybe?
<qman__> but that's a sane setup
<qman__> right
<AntelopeSalad> because in the nginx conf i had to supply the # of workers
<AntelopeSalad> i chose 1 in this case
<qman__> apache does the same thing
<qman__> there's one root process and everything else is unprivileged
<AntelopeSalad> ok, thanks for the advice, i'll continue to install everything as i did before and look into nagios for making sure they don't explode
<AntelopeSalad> (minus the upstart confs)
<qman__> http://pastie.org/8381969
<qman__> there's lots of ways to do it, nagios is just one popular one
<AntelopeSalad> is it lightweight?
<qman__> not really, it's made to be comprehensive
<AntelopeSalad> i'm running quite a bit on a micro instance, coming really close to the ram limitation
<qman__> well there's two main ways to run nagios
<qman__> you can run with a client, or clientless
<qman__> clientless, your nagios server just makes connection attempts to see if the service is up
<qman__> you can http request and based on the result, either say it's up, or failed
<AntelopeSalad> oh, so i can't even run nagois on the same server as the deployed web app?
<qman__> right
<AntelopeSalad> yeah that's definitely not going to work in this case
<qman__> well, you can, but it's not the best design setup
<qman__> if you just want local monitoring, you'd be better off with a simple shell script
<AntelopeSalad> atm i'm dealing with 1 instance
<AntelopeSalad> maybe i should look into something tied into the language the app is written in?
<qman__> this is about the most basic script: http://pastie.org/8381973
<qman__> you'd then set that script up to run as root in the crontab every X minutes depending on your need
<AntelopeSalad> oh
<qman__> you can get more complicated by checking pids or logs
<qman__> or add a line to email you when it's down
<qman__> whatever you need
<AntelopeSalad> would the pid be in /var/run/nginx.pid?
<AntelopeSalad> i'm comparing your script to that upstart conf and it seems similar, except the upstart one handles the workers
<AntelopeSalad> i'm not sure what happens if nginx crashes, it might be possible for it to be alive but with no workers in which case that's bad
<qman__> probably, I don't have any nginx servers to check
<qman__> well, one thing you can do
<qman__> http://pastie.org/8381986
<qman__> er, want that to say restart
<AntelopeSalad> is restart smart enough to also start if it can't find something to restart?
<qman__> should be, you can test it
<qman__> kill nginx without stopping the service, then try
<qman__> if it isn't, you could stop then start
<qman__> then if stop failed it would continue to start
<AntelopeSalad> it seems to be ok, i killed the master manually
<AntelopeSalad> and it restarted
<AntelopeSalad> yep it works, i killed both the master+worker manually and restart still worked
<AntelopeSalad> a sources.list.d file is saying to use "squeeze" for an ubuntu code name for a certain tool i'm trying to install, they don't seem to have one for raring or precise -- is this going to be bad if i use squeeze?
<AntelopeSalad> i'm using ubuntu 13.x
<genii> AntelopeSalad: What exactly are you trying to install?
<AntelopeSalad> genii: redis, and after some googling it seems like the dotdeb.org list is my best hope for a recent version
<TJ-> AntelopeSalad: The biggest challenge can be what the package depends on (other packages and their versions) because they may not be correct in Ubuntu. The other issue is slight difference in  package config installation practices / locations between Debian and Ubuntu
<AntelopeSalad> i decided to take a risk and just tried it using "stable" as the code and it seems to have installed correctly, do you think i'm in the clear if it happened to complete without errors?
<TJ-> AntelopeSalad: Well you've managed to avoid the dependency issues so just monitor it, its log-files, and the system log-files until you're satisfied
<AntelopeSalad> ok thanks
<genii> There seems to be a popular PPA for it which is maintained
<AntelopeSalad> genii: which?
<genii> AntelopeSalad: https://launchpad.net/~rwky/+archive/redis
<genii> Last build was 5 weeks ago which is pretty recent
<AntelopeSalad> ah yes, i saw this earlier but it didn't contain the steps on how to get it into the sources list
<genii> AntelopeSalad: sudo add-apt-repository ppa:rwky/redis     ..in this case. DISCLAIMER: USE PPAs AT YOUR OWN RISK
<AntelopeSalad> yeah i got hung up on doing the key step
<AntelopeSalad> most other tools i've used had a url that had the key
<AntelopeSalad> this one links to the key but it's not something i can just wget
<genii> But in this scenario, the PPA is far less dangerous than adding Debian repositories
<AntelopeSalad> oh, so this ppa method bypasses having to do the sources.list steps?
<genii> AntelopeSalad: It makes an entry in /etc/apt/sources.list.d/ directory with the PPA name
<AntelopeSalad> if i delete that file in the sources.list.d dir does that completely wipe it out after i run apt-get update?
<genii> AntelopeSalad: This way no foreign entries make it into /etc/apt/sources.list main file and you can always later do ppa-purge command if it was problemmatic
<AntelopeSalad> because if this launchpad version works i'd like to delete the dotdev one
<genii> AntelopeSalad: No, just deleting the file there doesn't remove the app if it was already installed. You need to do the ppa-purge as described. Alternately with ppa name, like: sudo ppa-purge <name>
<AntelopeSalad> ok
<AntelopeSalad> it seems to have worked using the launchpad's ppa, thanks
<AntelopeSalad> that version it has is the latest stable one too
<genii> AntelopeSalad: Just remember that if you experience some issue with it, you probably won't find support here and will need to talk to the PPA maintainer or to the redis people instead :)
<AntelopeSalad> genii: yeah
<AntelopeSalad> also 1 one last thing if you don't mind...
<AntelopeSalad> if i do a dpkg -i foobar.deb , this still gives me an init.d script right?
<genii> AntelopeSalad: If the package installs one
<AntelopeSalad> ok, so that's up to the package -- gotcha
<AntelopeSalad> thanks again, in this i guess i got lucky and it did (elasticsearch)
<zexcriz> what is the difference between hosting our data on our VPS and in the other in the cloud ? i doubt there is any difference
<bekks> zexcriz: How important is that data?
<zexcriz> bekks, currently hosting a VPS and now i was curious what are advantages or disadvantages if any if go for cloud
<zexcriz> so just need some advice, what to go for as i am totaly confused over here.
<bekks> I'd not use a cloud for anything that might be important.
<soren> Uh..
<soren> So you'd not put anything important in the cloud, but a VPS is fine?
<zexcriz> bekks, data security in cloud is a prob ?
<bekks> soren: I am not using a VPS either.
<soren> bekks: Then your argument is nonsense.
<bekks> soren: If you think so: please take over the conversation.
<zexcriz> so thinking about efficiency and security which is the best option ?
<pmatulis_> bekks: why do you say the cloud is not good for important data?
<bekks> pmatulis_: Because there is no guarantee whatsoever that you actually can access your data when you need it. There is somethin like 99.9xy% -- but thats lower than 100%.
<soren> Same for anything else.
<soren> Even stuff you control yourself.
<soren> But certainly for any other type of storage managed by someone else, whether it's called "cloud" or just "VPS" or whatnot.
<soren> zexcriz: "Cloud" basically means that you can control "it" with an API. It also typically means that you're charged in very small increments and only for exactly how much you're actually consuming.
<soren> zexcriz: In terms of security for instance, cloud and VPS is the same thing.
<zexcriz> soren, getting your point.
<soren> zexcriz: Being able to control things with an API means that you can very easily acquire (and get rid of) resources. If your resource requirements are almost entirely static, you might as well stay with what you've got.
<zexcriz> soren, ok :)
<soren> If, on the other hand, your resource demand varies (over the course of a day, or over the course of a week or over the course of a year, for instance) and you applications scale well horizontally, "cloud" might be a good option for you.
 * soren has to run
<pmatulis_> good intro to cloud ^^^
<zexcriz> yeah that was really a good intro..!! :) thanks soren :)
<pmatulis_> a main point is trust.  you implicitly place your trust in a cloud provider.  as opposed to building your own (private) cloud
<zexcriz> imp point.
<ersi> Magic eightball says: Outlook cloudy.
#ubuntu-server 2014-09-29
<funta> :)
<funta> folks is it secure to use apt-get install as root?
<teward> funta: is it secure to run `sudo apt-get update` or `sudo apt-get install` as a non-root user with sudo access?
<funta> hmmm
<funta> yes
<teward> funta: the bigger security question is "Is it secure to use the root user instead of a non-root user"
<teward> (this is why `sudo` actually exists)
<funta> use means operate via putty?
<funta> for example
<teward> mhm
<funta> if I set root login to no password and using key only?
<funta> is thats fine?
<funta> *that
<teward> you missed my point
<funta> yes
<funta> as it not obvious to me
<funta> when I install stuff as root something is not good?
<teward> funta: is it safe to use the root user irregardless of authentication requirements in place of a non-root, unprivileged user, who can sometimes run some commands using `sudo`
<funta> yes
<funta> seems so
<teward> funta: `apt-get install` will only run with superuser access and work, i.e. `sudo apt-get install` or just `apt-get install` as root.  That answers your initial question.  I would suggest DISABLING the root user, though, and just use `sudo` from a user with sudo access
<funta> ok so totally disable root?
<funta> when use apt-get where does it install stuff it compiles? /usr something?
<funta> if its usr/bin all users can access
<funta> lol i am using windows mostly yet I understand linux too
<funta> ok sudo usermod -p '!' root ?
<funta> thats the one?
<funta> ok
<funta> done
<funta> is there some easy way to propagate existing server to new one?
<funta> like ruby setup, some apps
<lordievader> Good morning.
<thresh> thanks for whoever pushed the updated ubuntu amis to ec2.
<thresh> although bash in there lacks the Recent Fixes
<thresh> 4.3-7ubuntu1.3 vs 4.3-7ubuntu1.4, but I guess will be updated as well?
<rbasak> jamespage: please could you subscribe ~ubuntu-server to src:bcache-tools?
<jamespage> rbasak, done
<rbasak> Ta!
<pmatulis> morning
<blackyboy> Hi everyone i want to redierct http to https and if some one access in mysite.com it want to forward to www.mysite.com this both want to be done for my domain but i have done the mysite.com to www.mysite.com but i cant redirect my http to https if i enable the virtual host redirect rule for http to https page not getting loaded.  im using apache2 in ubuntu server 14.04LTS here is my virtualhost entry in pastebin http://paste.ubuntu.com/8454609/
<rbasak> jpds_: any news on bug 1330504 please?
<uvirtbot> Launchpad bug 1330504 in strongswan "strongSwan 5.1.3" [High,Confirmed] https://launchpad.net/bugs/1330504
<jpds_> rbasak: Got held up by other things last week.
<jpds_> rbasak: But I've not forgotten about it.
<YamakasY> is it possible to reunt a trusty upgrade ?
<YamakasY> something went wrong
<YamakasY> *rerun
<cfhowlett> YamakasY, what went wrong?
<cfhowlett> !details | YamakasY,
<ubottu> YamakasY,: Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information, errors, steps, and possibly configuration files (use the !pastebin to avoid flooding the channel)
<jamespage> coreycb, zul: so all of the oslo updates we did last week are blocked by bug 1371620
<uvirtbot> Launchpad bug 1371620 in keystone "Setting up database schema with db_sync fails in migration 039 (SQLITE)" [Medium,Fix committed] https://launchpad.net/bugs/1371620
<jamespage> needs a pick of this patch: https://github.com/openstack/keystone/commit/7dfccb705ac9c0cbcd7394bf37b356d84dbaa0ba.patch
<jamespage> zul, I'm assuming you are re-working the flex package based on cjwatsons feedback right?
<zul> jamespage:  yes and yes
<jamespage> zul, are you dealing with keystone as well or do you need coreycb or I to parallize that for you?
<jamespage> that was bad spelling
<patdk-wk> YamakasY, normally, rerun, is just to do apt-get dist-upgrade
<zul> jamespage:  get corey to do that please, more packaging familarily for him would be awesome
<jamespage> coreycb, you OK todo that? I can review and sponsor; also we need to re-enable the keystone test suite
<zul> jamespage:  i was looking at the keystone test suite on friday we need to sync python-pysaml2 from debian and MIR it
<zul> coreycb:  ^^^
<jamespage> zul, is it just pysaml2?
<zul> jamespage:  i believe so
<jamespage> coreycb, zul: pysaml2 would also require MIR's of:
<jamespage>  * python-repoze.who binary and source package is in universe
<jamespage>  * xmlsec1 binary and source package is in universe
<zul> jamespage:  ok maybe we can get away with it
<jamespage> zul, its only a test-requirement
<zul> jamespage:  right...lets see if we can skip the tests then
<jamespage> zul, so we could skip those tests for this cycle, and MIR early next
<zul> jamespage:  +1
<jamespage> zul, lets make that upstreamable - like qpid in oslo.messaging
<zul> jamespage:  ok want me to do it?
<jamespage> zul, thinking
<jamespage> zul, no - leave it for corey or me - you focus on flex
<zul> k
<mdev> "Bismillah writes Google security researcher Michael 'lcamtuf' Zalewski says he's discovered a new remote code execution vulnerability in the Bash parser (CVE-2014-6278) that is essentially equivalent to the original Shellshock bug, and trival to exploit."
<uvirtbot> mdev: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278)
<mdev> anyone looking into this?
<jamespage> coreycb, whilst my test env rebuilds, taking a look at keystone
<jamespage> hazmat, waiting on a release team ack for https://bugs.launchpad.net/ubuntu/+source/websocket-client/+bug/1374335
<uvirtbot> Launchpad bug 1374335 in websocket-client "FFe: Sync websocket-client 0.18.0-1 (universe) from Debian unstable (main), juju-deployer 0.4.2, python-jujuclient 0.18.4" [Medium,New]
<gnuoy> jamespage, with regards to https://code.launchpad.net/~gnuoy/nova/bug1314677/+merge/236321 , can point 1 follow shortly or will you block on it?
<jamespage> gnuoy, as it takes like 30 seconds todo point 1) yes I would block
<gnuoy> ack
<jamespage> if you do it that way you can just use the patch from the upstream review for your packaging patch and forget about DEp-5
<hazmat> jamespage, awesome.. going to do a minor future compatibility fix for jujuclient as their changing some behavior incompatibily in trunk and release (0.18.5)
<jamespage> lifeless, is there any way to make testr a little more friendly in the event of a missing import somewhere in a test codebase?
<mdeslaur> mdev: this update mitigates that CVE: http://www.ubuntu.com/usn/usn-2364-1/
<jamespage> lifeless, we hit this quite frequently during dev cycles as new deps are introduced and it would be nice if testr could identify thse
<patdk-wk> mdev heh?
<patdk-wk> mdev equiv to the origional? it's a stack issue, and the linking lib doesn't allow it to do any harm, other than to yourself
<patdk-wk> and the last patch that went in, fixed it so that issue can't be triggered anymore, possible yes, but it's fixed before it gets there now
<coreycb> jamespage, thanks!
<jrgifford> Quick question - is a question about linaro on-topic here?
<rbasak> jrgifford: depends on the question I guess.
<rbasak> jrgifford: there are also the #linaro and #linaro-enterprise channels which might be relevant.
<jrgifford> http://askubuntu.com/questions/530114/upgrading-ubuntu-13-09-to-13-10-for-lts
<jrgifford> I'm trying to figure out where to route that question on stackexchange.
<jrgifford> seems on-topic, but also doesn't seem on-topic.
<jrgifford> Would that question be on-topic *here*?
<jrgifford> (If it was asked here directly)
<rbasak> I would recommend re-installing rather than upgrading.
<rbasak> See http://askubuntu.com/questions/91815/how-to-install-software-or-upgrade-from-old-unsupported-release if you have to upgrade though.
<rbasak> Your issue is that your system appears to be based on Raring, which is EOL.
<jrgifford> Right, but that's not my question ;)
<jrgifford> My question is "Is this a Linaro-specific question, or is it a Ubuntu question?"
<jamespage> rbasak, looking at the failing DEP-8 mysql-5.6 tests:
<jamespage> Failing test(s): main.ctype_uca main.mysqlhotcopy_archive main.mysqlhotcopy_myisam
<rbasak> Technically, it's a Linaro-specific question, since Linaro/13.09 was done outside of Ubuntu.
<jamespage> I think I fixed the hotcopy ones in mysql-5.5 already
<rbasak> But we are friendly enough that it doesn't have to matter :)
<jrgifford> rbasak: thanks, that's what I wanted to know.
<jamespage> they require writable /usr/lib or something
<rbasak> jamespage: can we punt those upstream?
<coreycb> jamespage, anything else need work, how about pysaml2?
<jamespage> rbasak, maybe
<jamespage> coreycb, I think it would be good to get pysaml2 into universe this cycle - it will still need a FFe for the sync from debian
<jamespage> coreycb, please feel free to request!
<jamespage> if it lands we can add it to the suggests of python-keystone
<YamakasY> patdk-wk: did a reinstall
<coreycb> jamespage, Ok, I'll do that
<jamespage> coreycb, ta!
<mndo> hi, I am having problems with bridge networking from a host (trusty) to the guest (also truty, using virtio the guest does not even detect a link and with other drivers it detects the link but there's no connectivity
<mndo> any ideas?
<mndo> I am using the same config I have on another hosts
<jamespage> hazmat, did you get your zmq test cases proposed?
<jamespage> coreycb, zul: OK _ keystone fixed up
<zul> jamespage:  cool
<coreycb> jamespage, ok - I opened bug 1375289
<uvirtbot> Launchpad bug 1375289 in ubuntu "[FFE] Please sync python-pysaml2 (2.0.0-1) from Debian (unstable)" [Undecided,New] https://launchpad.net/bugs/1375289
<zul> jamespage:  just fixing flex with what i have in my ppa
<jamespage> coreycb, thanks
<jamespage> coreycb, "OpenStack Keystone's test suite depends on python-pysaml2." well thats true but thats not why we want it
<jamespage> we can ignore pysaml2 in the context of the test suite; this is to allow users to feature preview the federation aspect of keystone, without doing another MIR this late in cycle.
<jamespage> it reflects the amount of testing we have done of it == zero
<coreycb> jamespage, ok thanks I'll update it
<jamespage> coreycb, thanks - I'll confirm it once you have  :-)
<jamespage> zul, python-eventlet (>= 0.15.1)
<jamespage> how important? might take a look
<zul> jamespage:  in the requirements repo?
<zul> jamespage:  makes me nervous
<jamespage> zul, indeed - https://github.com/eventlet/eventlet/issues/122
<jamespage> 15.1 appears to have some issues
<jamespage> zul, the bump was only for ironic and paramiko ssh handling
<zul> jamespage:  then we should be ok
<jamespage> adam_g, how critical was the eventlet version bump for ironic? I might try cherry pick the commits we need ontop of 0.13 if its super criticial
<zul> hallyn:  so wanna package libvirt 1.2.9? ;)
<smb> zul, Just keep in mind that I'll bring my bean-filled whack bonk to the next sprint if you silently drop my patches again. ;-P
<zul> smb: too late to merge :)
<smb> Lucky you. :)
<jamespage> coreycb, can you take a look at mterry's feedback on https://bugs.launchpad.net/ubuntu/+source/python-django-pyscss/+bug/1370452 please
<uvirtbot> Launchpad bug 1370452 in python-django-pyscss "[MIR] python-django-pyscss, python-pyscss" [High,Fix committed]
<coreycb> jamespage, yep
<jamespage> coreycb, thanks
<coreycb> jamespage, any tips on getting re "unexpected upstream changes" with python-pysnmp2?
<jamespage> coreycb, hmm
<jamespage> coreycb, are you working from the branch or from a raw source package?
<coreycb> jamespage, lp:debian/python-pysnmp2
<jamespage> coreycb, I'm not seeing that
<coreycb> jamespage, hmm
<Delemas> Anyone know if the current Trusty bash is immune to CVE-2014-6277 and CVE-2014-6278? The Ubuntu web pages I can find say no. Redhat says they are already patched for those.
<uvirtbot> Delemas: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277)
<uvirtbot> Delemas: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278)
<Delemas> Basically I'm wondering if this also applies to the existing bash patches Ubuntu is using: "Yes, that is one of the CVEs that Red Hat builds are already immune to, by virtue of moving the function exports out of the regular variable namespace."
<RoyK> Delemas: http://paste.ubuntu.com/8459566/
<coreycb> jamespage,  pull-debian-source FTW!
<Delemas> RoyK: Those are listing the other three CVEs which I know are patched...
<ianward> Does anyone know if new EC2 AMIs will be created for http://www.ubuntu.com/usn/usn-2364-1/ ?
<RoyK> Delemas: erm - how many others are there?
<Delemas> There are two which I referenced which I'm trying to figure out whether we are already immune.
<Delemas> This shows them as needs-triage/needed but I'm not sure if they are accurate: http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-6277.html http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-6278.html
<uvirtbot> Delemas: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277)
 * RoyK somewhat reflects over the fact that the pronunciation of 'bash' is similar to the norweigan 'bÃ¦sj', meaning 'feces' :P
<uvirtbot> Delemas: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278)
<Delemas> Think I just answered my own question. Both are mitigated by existing patches. It is weird those pages say they are already fixed but then list status as needs-triage and needed.
<adam_g> jamespage, it was pretty high, this was the bug that prompted it: https://bugs.launchpad.net/ironic/+bug/1321787
<uvirtbot> Launchpad bug 1321787 in python-eventlet "Paramiko does not properly work with eventlet concurrency" [Undecided,Confirmed]
<adam_g> jamespage, this was the patch that fixed it, https://github.com/eventlet/eventlet/commit/da87716714689894f23d0db7b003f26d97031e83 tho i think a subsequent patch may be required as well
<genii> Dows anyone know where I can find the MD5 for ubuntu-14.04.1-server-i386.iso ?
<sarnold> genii: http://cdimage.ubuntu.com/releases/14.04.1/release/SHA256SUMS and .gpg
<genii> sarnold: Thanks
<sarnold> genii: and MD5SUMS if you really want those :)
<genii> sarnold: i386 is not listed there
<sarnold> genii: interesting, I hadn't even noticed that the i386 images aren't there...
<lifeless> jamespage: yes, its awaiting review in http://bugs.python.org/issue19746
<lifeless> jamespage: right now the behaviour you should be seeing is the failed imports listed
<lifeless> jamespage: that patch will make it possible to show the actual exception as well
<bastidrazor> where does 14.04 keep it's motd information? i have a custom motd i would like displayed on login
<sarnold> bastidrazor: see update-motd(5) for details
<bastidrazor> sarnold: nice. i knew it had been moved a few years back. thanks
<genii> Bah, from 3 different i386 images now I'm getting same error of "could not open builtin file '/lib/modules/3.13.0-32-generic/modules.builtin.bin'" .
<rostam> hi I am using ubuntu 14.04. Have a question on 'tc' utility, could it rate limit at millisecond range, like 50kb per 10ms ? thx
<sarnold> rostam: probably not.
<rostam> sarnold, is there a good source of info on tc I can read other than man pages...
<sarnold> rostam: http://lartc.org/lartc.html#LARTC.QDISC
<sarnold> rostam: good luck :)
<rostam> sarnold, thanks so much.
<genii> Hm, I've got identical symptoms as bug 1371386
<uvirtbot> Launchpad bug 1371386 in linux-meta-lts-trusty "No loop block dev support on trusty server install 3.13.0.32" [Undecided,New] https://launchpad.net/bugs/1371386
<jamespage> lifeless, awesome
<lifeless> jamespage: what symptoms are you seeing today? it may indicate you have old testr in the archive ..
<jamespage> lifeless, here's and example - https://launchpadlibrarian.net/184677391/buildlog_ubuntu-utopic-i386.keystone_1%3A2014.2~b3-0ubuntu1_UPLOADING.txt.gz
<jamespage> 0.0.18 of testrepository right now
<lifeless> thats two releases stale
<lifeless> yeah, you'll get much nicer output if you update the testrepository package
<lifeless> jamespage: that bug was fixed march 3rd
<user123323> What are good ways to measure the time taken for a server failover? (eg: 2 Servers with HAProxy LB, when one server goes down, the LB could redirect the connections to the 2nd one)
<user123323> 2 servers and one LB*
<qman__> Is shellshock patched in 13.10? I'm not seeing it in the security advisories
<qman__> Oh, its already EOL, nevermind
<qman__> That was short
<lordievader> qman__: Was about to say that. 13.10 was the first with a 9 month support period.
<qman__> Vendors building images with non-LTS versions are so frustrating
<qman__> Down to 26 unpatched servers, 7 of which are ubuntu, all EOL versions
<patdk-wk> qman__, not bad,
<genii> Odd. That error I'm having is linked somehow to network discovery. If network setup is skipped the rest of the install goes fine.
<hallyn> zul: btw i assume you were joking about merging 1.2.9 :)
<jamespage> lifeless, ack - I'll take a look tomorrow
<zul> hallamigo:  i was
<zul> hallyn: i was totally serious ;)
#ubuntu-server 2014-09-30
<teward> anyone know how to enable the php hash plugin/functionality?
<mdev> install uh
<mdev> apt-get install php5-mcrypt
<mdev> but I believe it already has some builtin to core
<mdev> like md5, sha256 etc...
<keithzg> Hmm, where does do-release-upgrade (or is it just apt?) get its expected download speed from? I'm doing a 12.04 -> 14.04 upgrade right now, and it told me "You have to download a total of 992 M. This download will take about 1 minute with your connection." I mean, I WISH our connection was that fast ;)
<lifeless> keithzg: you are on 1Gbps ethernet, right ? :)
<lifeless> keithzg: erm 10Gbps
<lifeless> keithzg: alternatively, it might be going by how long it took to update the package indices, I'm not sure - have never bothered looking
<mdev> has there been another shellshock patch?
<mdev> google engineers said the things still super vulnerable to where it was before
<mdev> in a different way
<sarnold> mdev: the hardening patch that we released on saturday should mitigate the scope of the remaining flaws down from "crisis" to "bug that needs to be fixed"
<mdev> alrighty thanks
<mdev> i'd say it'd be nice to avoid this sort of thing in the future but apparently bash is worked on literally 1 guy so...
<mdev> yeah
<sarnold> and he's done heroic work this last week
<mdev> thought an ubuntu dev fixed it for ubuntu?
<sarnold> yes, mdeslaur provided us with updated packages; he used Chet's patches :)
<mdev> ahh nice
<mdeslaur> sarnold: for the record, I used redhat's patch, as did debian
<mdeslaur> Chet's patch came out a few hours later, and used a different suffix
<sarnold> mdeslaur: aha :)
<mdeslaur> and now apparently apple has used a different prefix/suffix combo also
<mdev> well inital ubunut patch wasn't completely, was that from redhat?
<sarnold> >() or something.. go figure.
<iDealz> anyone know how I can lookup what version of ubuntu I'm running from initramfs prompt?
<iDealz> I know it is 12.04 but dont remember if there was anything beyond that
<mdev> lsb_release -a
<mdev> may have to apt-get install lsb_release
<iDealz> doesnt work from initramfs prompt
<iDealz> I have a broken array so loads into funky prompt
<iDealz> trying to get a boot usb going so I can boot into root
<mdev> cat /etc/*-release
<iDealz> but want to make sure I get the right version
<mdev> cat /proc/version
<mdev> uname -a
<iDealz> hmm
<iDealz> cat /proc/version and uname -a both worked
<iDealz> but unexpected results
<iDealz> Linux (none) 3.2.0-43-generic #68-Ubuntu SMP
<iDealz> is what it returned
<iDealz> and a date
<mdev> uname -r
<iDealz> same result less date
<iDealz> 3.2.0-43generic
<iDealz> must be because of the failed array and not being able to boot into root
<mdev> lsb_release really the best way, when I first started porting code to nix I was rather annoyed it was so hard to cross distro version info reliabily like you can on windows, but apparently that's not really cared about in nix community
<mdev> *get rather
<mdev> you maybe able to get version info based off your repo but I don't know how
<iDealz> anyone have any experience with rebuilding broken arrays?
<iDealz> anyone have any experience with rebuilding broken arrays?
<lordievader> Good morning.
<|\n> hey guys, noob situation here... was trying to set it with a value much lower than 65535 and got "sysctl: setting key "net.core.somaxconn": Invalid argument" what should i read to get understanding on why i see this error at all?
<soren> |\n: EINVAL for that sysctl should only be caused by the value being outside the valid range.
<soren> |\n: ..which is 0-65535.
<|\n> soren, i can not agree with that due to what i see, many thanks for pointing that out
<soren> |\n: How are you setting the value?
<|\n> soren, i've edited sysctl.conf directly and -p
<|\n> that is not all, i also got the same for net.ipv4.tcp_max_tw_buckets, net.ipv4.tcp_tw_reuse and most of things i tried to set out of experimental purposes
<soren> |\n: pastebin your sysctl.conf.
<|\n> k
<|\n> soren, http://pastebin.ovrnet.ru/paste/gH1BsuJ-#J2z2Ic2i
<soren> |\n: If you stop putting comments after the values, you'll be fine.
<soren> |\n: Those aren't comments. They'll get written to the sysctl, too, so you're not even passing in integeres.
<soren> integers.
<|\n> soren, oh, hah, good if so! many thanks!
<soren> np
<|\n> soren, i don't do such things often enough to stop myself from commenting things like that before i put em
<|\n> thank you, man
<soren> Sure.
<jamespage> rbasak, there is a bug for that writable /usr/lib thing in mysql already I think
<jamespage> let me check
<jamespage> morning soren
<soren> jamespage: 'morning!
<gnuoy> jamespage, I've updated https://code.launchpad.net/~gnuoy/nova/bug1314677/+merge/236321 as per your comments however the patch has been -2 upstream due to stable/icehouse freeze for 2014.1.3
<jamespage> gnuoy, bah - nm - we can carry it as a patch for .3
<sveinse> Hi. I'm running 14.04 server in a VMWare Datacenter (don't know exact which, but I'm using vSphere to access it). I have problems with this build server where it becomes mindbuggingly slow. It is doing dpkg-builds and may take ages to complete. We have a similar server running 12.04 on the same datacenter, with the same setup which runs fine. When the 12.04 takes 1.5 hrs to build all...
<sveinse> ...software, the 14.04 server may take 8-10 hours.
<sveinse> I can't figure out why this happens. From the data center side, the two servers are identical. Looking from the 14.04 guest side, the kernel log sais nothing, but you see it running at 100% on all cores and is generally very slow
<sveinse> I'm running the latest kernel 3.13.0-36-generic 64-bit. The core of the problem is: How can I figure out if this is a datacenter issue or a kernel/guest issue?
<sveinse> I'm lost and IT cant help me any more as I can't provide any description to what is wrong
<jamespage> zul, ok - what do we have rc's for - keystone?
<zul> jamespage: ?
<zul> jamespage:  afaik nothing has changed packaging wise for keystone or glance
<jamespage> zul, yes - I mean't which upstream rc's
<zul> jamespage:  glance and keystone so far
<jamespage> zul, http://pad.ubuntu.com/juno-rc1
<jamespage> for tracking
<zul> jamespage: coolio...ill keep my eye on things and update it if i see any more
<rtfmoz> Hello, I was wondering why "w" was returning an ip address like 1.128.31.14. Ubuntu 12.04.05 kernel 3.8.0-44-generic. Is there a bugtrack I can check?
<maxb> rtfmoz: Nothing you've said so far indicates a bug
<rtfmoz> ok what should I check...
<maxb> Nothing, as nothing appears to be wrong?
<jamespage> zul, rage watch files
<rtfmoz> oh? my ip address is 101.168.42.151
<rtfmoz> system seems to think I am coming from that address... 21:59:12.243307 IP 172.31.0.23.22 > 1.128.31.140.62793: Flags [P.], seq 1178096:1178304, but i dont think I am. will be back
<rtfmoz> to check something
<maxb> 172.31.0.23 is a RFC1918 private address
<maxb> Clearly NAT is involved
<rtfmoz> yes but thats happens inbound to that address. my source is internet address and should not be modified.. investigating.
<jamespage> zul, coreycb: hmm - either of you doing MIR for python-glance-store ?
<coreycb> jamespage, I can, the sync just went through yesterday
<jamespage> coreycb, please - its needed for glance rc1
<jamespage> coreycb, I'll upload with it added to the deps
<coreycb> jamespage, ok
<rtfmoz> ok it seems 1.128.31.14 is a valid IP address after all. go figure.
<henkjan> inetnum:        1.128.0.0 - 1.159.255.255
<henkjan> netname:        TELSTRAINTERNET49-AU
<jamespage> coreycb, ok - just dealing with an issue in the unit test execution in glance
<rtfmoz> yep that the carrier I am using. just thought it was a bogus address. thanks
<jamespage> coreycb, zul: glance needs a minor bump on retrying as well - syncing that now
<sveinse> I am now testing server performance with sysbench, and I am seeing that my 14.04 server is on cpu performance is a factor 5(!) worse performance than on a twin 12.04 server installation.
<sveinse> I don't understand this. Kernel issue? Kernel on vmware host issue? Only on 14.04?
<jamespage> sveinse, are you benchmarking ontop of vmware?
<coreycb> jamespage, https://bugs.launchpad.net/ubuntu/+bug/1375770
<uvirtbot> Launchpad bug 1375770 in ubuntu "[MIR] python-glance-store" [Undecided,New]
<sveinse> jamespage: Yes. Because this is the (corporate) environment we have to run our build servers.
<sveinse> jamespage: the 12.04 server performs adequate, but the 14.04 server performs very poorly for unknown reason. Takes factor 3-5 longer time to compile same software as on 12.04 server
<jamespage> sveinse, are they on the same underlying hypervisor?
<sveinse> jamespage: They are on the same host, with the same back-end storage solution
<patdk-wk> well, didn't the scheduler change?
<patdk-wk> for the disk?
<patdk-wk> did you tune any of them? or both just default installs?
<sveinse> both servers are running out-of-box solution for storage, that is with lvm2 default. No encryption
<patdk-wk> lvm2 default? that was never a default when I installed my servers
<patdk-wk> you need to check for differences
<patdk-wk> are both vm's built using the same scsi controller? same queue scheduler? same readahead? .....
<sveinse> patdk-wk, yes, that is what IT is telling me.
<patdk-wk> heh? it? what is an it?
<sveinse> The biggest difference I can see is the kernel, but I guess you guys would have known if there were issues with the 3.13.0 kernel...
<sveinse> IT = IT department. The BOFH that controls the mandatory datacenter in our company
<sveinse> And they are giving up claiming that this is the 14.04 guest's fault, not the host system. So here I am
<qman__> Well, you could install the trusty kernel on 12.04 and see if it causes the problem
<sveinse> qman__: What about the oposite? Taking the 12.04 kernel to the 14.04 server?
<patdk-wk> how exactly are you using sysbench?
<patdk-wk> sveinse, that would never work
<sveinse> patdk-wk: Rudimentary really. sysbench --test=cpu --cpu-max-prime=20000 run
<qman__> The current kernel is backported to 12.04 and supported, the reverse is not
<patdk-wk> what? that is a cpu test, not disk
<patdk-wk> why would you think disk is the issue
<qman__> That's the only reason I suggested it
<sveinse> Takes 30.2s on 12.04, while it uses 168.5s on 14.04
<patdk-wk> but that doesn't even involve the kernel
<sveinse> I never said disk perf, did I? I said system performance. My apps compile awfully slow
<patdk-wk> ah
<sveinse> Disk performance is not that skewed, just a factor of 30-40%, instead of 500% percent difference on CPU
<patdk-wk> for me
<patdk-wk> 23.3525s on 14.04
<patdk-wk> 23.7733s on 12.04
<patdk-wk> so it is defently the 14.04 kernels issue
<patdk-wk> not that cpu tests even use the kernel
<sveinse> patdk-wk, on my VirtualBox 14.04 instance: 25.2s
<jamespage> sveinse, the 14.04 kernel does have more in-tree support for the esx hypervisor - its possible something there is causing issues; are you running open-vm-tools?
<patdk-wk> most likely, using a cpu's that lack ept support
<sveinse> jamespage: I was reccommended to install the commercial vmware tools from the hypervisor instead of using the open-vm-tools. Could this help perhaps?
<jamespage> sveinse, well its something to try
<patdk-wk> jamespage, it's still just cpu benchmark
<patdk-wk> tools aren't going make a difference
<patdk-wk> except to help network/disk/memory
<jamespage> hmm true
<patdk-wk> I would look for lack of ept support on the cpu, the host overloaded, or cpu overtemp
<sveinse> jamespage: I notice in vsphere that my 14.04 vm is setup with "hardware virtualization" disabled, and "performance counters" disabled. They are so for the 12.04, but could this be related as well?
<patdk-wk> what cpu is in this server?
<sveinse> patdk-wm: I would too, except 12.04 and 14.04 run on the same host server
<patdk-wk> does the server only have a single cpu?
<RoyK> sveinse: I am such a BOFH ;)
<patdk-wk> could be improperly installed heatsink on one
<patdk-wk> and intel is suprising resilent about mixmatched cpu's :)
<RoyK> sveinse: this is vmware, right? is vmware tools installed on the guest? I'd recommend using the vmware tools from vmware, not the open source variant
<sveinse> patsk-wk: I don't know the specs for it (as I don't have the rights to access this info in vsphere). I think its a 12-core AMD blade server (but I'm guessing)
<sveinse> RoyK: Yes, that was the recommendation from the datacenter admins as well
<patdk-wk> cat /proc/cpuinfo, should get you *close*
<RoyK> patdk-wk: on the guest? ;)
<patdk-wk> yes
<patdk-wk> it normally shows the *correct* cpu model name
<RoyK> it should show the cpu model, yes
<patdk-wk> but not the correct flags :)
<patdk-wk> but only the one the system was booted on, incase of vmotions it will be wrong
<sveinse> patdk-wk: AMD Opteron 6238
<jamespage> coreycb, http://pad.ubuntu.com/juno-rc1
<jamespage> for rc1 tracking - I'm dealing with keystone and glance - next is all yours ;-)
<sveinse> RoyK, you have any experience with running 14.04 on vmware data center? (unfortunately I don't which and which version)
<patdk-wk> sveinse, all of my tests where from ubuntu 12.04/14.04 running on esxi 5.5
<RoyK> sveinse: I have a few VMs running 14.04, yes
<sveinse> patdk-wk: Thanks
<coreycb> jamespage, ah thanks!  it looks like only Keystone and Glance have been released thus far?
<sveinse> What I'm seeing in vsphere management is that my 14.04 server is almost always maxing out the CPU figure (and gives CPU usage alarms). The other's are only a few 100's MHz, but 14.04 is consistently maxing out to 10320 Mhz (it is setup with 2 cores 2 sockets)
<jamespage> sveinse, "hardware virtualization" disabled sounds bad to me
<coreycb> jamespage, zul: could one of you merge this?  https://code.launchpad.net/~cjohnston/horizon/icehouse-1308651/+merge/235978
<sveinse> jamespage: I'll try to change that. I also see that CPU/MMU virtualization is set to automatic. What is it for you guys?
<coreycb> jamespage, zul: and this please, https://code.launchpad.net/~corey.bryant/horizon/b3-css-fix/+merge/236161
<patdk-wk> sveinse, you want automatic
<patdk-wk> but where is hardware virtualization even an option?
<sveinse> In vsphere (the web page). My VMs are running VM version 10 (ESXi 5.5 and later) and as such only available on the web interface, not the dedicated client
<sveinse> Under CPU options
<patdk-wk> ah, I only use the web interface if required
<sveinse> vmware has changed the policy, so some new features are only available in the web interface
<patdk-wk> that has always been the policy
<sveinse> Setting HW virtualization enabled didn't help. 12.04: 30.3s, rebooted 14.04: 182.1s
<sveinse> This is just so weird
<sveinse> Hmm. Hang on. My 14.04 is set to 32-bit linux in the host, while running 64-bit linux. Could this be the cause?
<patdk-wk> it will cause issues, yes
<patdk-wk> cause using 32bit on a 64bit system is slower than crap
<patdk-wk> so it will use software virtualization for 32bit guests
<patdk-wk> instead of hardware
<tafa2> really?
 * tafa2 did not know that
<tafa2> from #ubuntu [14:27:00]  BluesKaj:	 kodiak1, kvm and qemu, virtualbox
<sveinse> patdk-wk: That's it! Just rebooted. And it took 10s to come online with ssh. Results: 28.8s :D
<kodiak1> Hey folks, Redhat sysadmin here - wondering if Ubuntu has a supported oVirt-based virtualization product (like Redhat has with RHEV)
<sveinse> I am really happy guys! Let me test this for a day or two, but I am very optimistic
<kodiak1> tafa2:  Those aren't really a reasonable competitor to VMWare.  If those are 'it', I'm guessing Canonical aren't really trying to compete with Redhat or VMWare in the virtualization market...
<tafa2> kodiak1 im just the messenger someone posted that after u left
<kodiak1> tafa2, thanks haha
<tafa2> :)
<jrwren> what is ovirt? isn't that just the windows driver for kvm?
<tafa2> i thought that was virtio
<jrwren> ah, yes, virtio. I was confused.
<jrwren> https://en.wikipedia.org/wiki/Red_Hat_Enterprise_Virtualization is just KVM with extra stuff.
<jrwren> oh... this ovirt: https://en.wikipedia.org/wiki/OVirt  huh, never heard of it.
<jrwren> kodiak1: I think you are correct in saying that Canonical has nothing which directly matches up to those products.
<tafa2> looks cool
<kodiak1> "RHEV is just KVM with extra stuff" is kind of an understatement.
<kodiak1> That's kind of like saying that Openstack is just KVM with extra stuff
<jrwren> kodiak1: i'm crazy enough, I probably would say that :)
<kodiak1> I know that Canonical is heavily invested in Openstack but I'm still kind of surprised that they don't have the resources to roll a supported oVirt product.
<RoyK> jrwren: heh - kvm is just the hypervisor - there's a *lot* more
<jrwren> kodiak1: I know enough about openstack to know how foolish that would be. Is RHEV as much of a beast as OS?
<kodiak1> If you've ever used vSphere & ESX in a clustered config you're seeing basically the gamut of what oVirt does
<jrwren> kodiak1: what would such a product do? Allow management of virtual machines?
<jrwren> kodiak1: transparent migration too?
<kodiak1> All of it
<jrwren> kodiak1: that is impressive. good job redhat!
<kodiak1> People like to say that Openstack is for managing herds and RHEV / oVirt is for managing pets
<kodiak1> If you have specific long-running VMs that make up important long-term services they usually go on RHEV or VMWare, whereas appdev, testing, and more transient VMs go in Openstack
<kodiak1> -generally-
<jrwren> That is one approach. Another approach is everything in openstack.
<kodiak1> People are starting to use Openstack where they would traditionally use VMWare but that's kind of overkill
<jrwren> I think some folks have a goal of making openstack so easy that it is not overkill.
<kodiak1> oVirt is much more mature as well, I think a lot of mid-size shops are waiting on dust to settle on openstack because as-is it takes a lot more care and maintenance
<jrwren> i don't know that it takes a lot more care and maint. In fact, that was not my experience. It required very little maint.  It does havea  very steep learning curve.
<kodiak1> There's the learning curve
<kodiak1> There's the upgrades
<jrwren> kodiak1: at this point we are really talking business and markets, right? RHT wants to sell in that market right now and apparently canonical does not.
<kodiak1> Trust me as someone who's dealt with both recently oVirt is much simpler for people who don't have dedicated ostack people - and it'll run for way longer than havana, icehouse, etc are supported
<jrwren> kodiak1: is there a free open source ovirt thing that one can play with? Can I install fedora and try out the tools you are talking about?
<kodiak1> Yep oVirt is 100% free upstream project of the RHEV product
<kodiak1> I'm not too bummed that Canonical isn't in on oVirt in a paid-support kind of way, just a little surprised.  I'm a Redhat guy coping with a buddy working on Canonical stuff so it's not a big deal to me
<kodiak1> http://resources.ovirt.org/pub/ovirt-3.4/
<jrwren> kodiak1: :)  Why be "a redhat guy" why not be a linux guy ?
<kodiak1> When there are a million other things to stay current on it's easier to focus on what the employer is interested in using.
<kodiak1> I do check in on Canonical every few years.  I was a Debian user from 2002 on and used Ubuntu from 4.10-9.10
<jrwren> kodiak1: always good to stay aware of what is out there.
<kodiak1> Allegedly oVirt is supported on Debian
<jrwren> kodiak1: i saw that on ovirt.org. Probably not much to make it work on ubuntu.
<jamespage> coreycb, zul: keystone done
<zul> jamespage:  sweet
<gnuoy> coreycb, do you have anytime for https://code.launchpad.net/~gnuoy/nova/bug1314677/+merge/236321 ?
<coreycb> gnuoy, sure I'll take a look
<gnuoy> thanks
<TuxBrother> If I have a UnixListenSocket at /var/chroot/dev/log, how do I redirect the input to it to /var/log/blah.log?
<TuxBrother> Within rsyslog, the only possibility is to create a socket, not where the input is directed
<frickler> bug #1322568 also affects cloud-archive:icehouse, should this be added to the bug report and if yes, how? or will the updated libvirt packages be backported anyway?
<uvirtbot> Launchpad bug 1322568 in libvirt "nova interface-attach fails" [High,Fix released] https://launchpad.net/bugs/1322568
<zul> coreycb: ceilometer is out
<coreycb> zul, thanks
<tafa2> I personally dislike vmware - a lot
<RoyK> tafa2: why?
<tafa2> RoyK so clunky
<jamespage> coreycb, both of those horizon merges merged; I switch the changelog entries to UNRELEASED - please do that for any changes that won't be uploaded immediately
<tafa2> much prefer for example onapp
<RoyK> tafa2: clunky?
<coreycb> jamespage, ok, and thanks!
<coreycb> jamespage, can we merge liam's update to nova?  https://code.launchpad.net/~gnuoy/nova/bug1314677/+merge/236321
<jamespage> coreycb, already done!
<jamespage> just call me Mr Merge
<RoyK> tafa2: rather different things, though
<coreycb> jamespage, whoa, Mr Lighting Fast Merge!
<tafa2> RoyK yes - and I meant it from a hosting perspective
<tafa2> :)
<RoyK> for that, I'd probably used openstack
<gnuoy> jamespage, coreycb, thanks
<coreycb> gnuoy, yw - nice job
<jamespage> gnuoy, the UNRELEASED comment above is a good one for you as well btw
<jamespage> coreycb, gnuoy: using UNRELEASED means that additions to the changelog get appended to the UNRELEASED entry
<gnuoy> jamespage, yep, I did update the changelog after your comment
<jamespage> coreycb, gnuoy: leave releasing to the uploader... normally zul or I but might be others
<coreycb> jamespage, k thanks for the tip
<smoser> rbasak, or jamespage or anyone..
<rbasak> o/
<smoser> owonder if we have a sane source of information that shows package upgrades between T->U
<smoser> in a consolidated view (ie, not "go crawl utopic-changes")
<rbasak> What do you mean?
<rbasak> A list of packages that are newer?
<smoser> yeah. and i guess new packages too.
<rbasak> For the entire archive?
<smoser> and dropped.
<smoser> well, i care about main more than universe
<smoser> and universe more than multiverse
<rbasak> I'm not aware of one, but some shell-fu with grep-dctrl and comm or meld might be enough
<smoser> but i assume if such a thing exists it probably has data for all.
<rbasak> Maybe distrowatch?
<jamespage> zul, coreycb: oslo.vmware 0.6.0 also in the release team review queue for glance rc1
<jamespage> I'll get there even if it kills me
<zul> jamespage:  okies
<coreycb> jamespage, thanks
<RoyK> oslo.vmware? why 'oslo'? it's where I live :P
<jamespage> open stack library something or other
<rbasak> smoser: how about something like http://paste.ubuntu.com/8466864/ ?
<rbasak> (could do with some tuning though)
<smoser> yeah. not unreasonable as a start.
<smoser> this was for someone asking "what else is new in ubuntu server"
<smoser> and me wanting a way to somewhat easily answer that.
<rbasak> I guess maybe we want to filter that to packages subscribe to in LP by ~ubuntu-server or something.
<rbasak> There might be stuff in universe that'd slip through that net though
<jamespage> zul, are you intending doing anything with ironic? its currently bit-rotted all release stuck in proposed
<zul> jamespage:  not really, i thought someone else was taking care of that
<jamespage> zul, who?
<zul> jamespage:  adam_g
<jamespage> oh
<[1]Az> I want to ignore the error I get when I try and run an uninstalled program, but its not on STDERR
<[1]Az> is there a way around this?
<RoyK> [1]Az: 2>/dev/null
<[1]Az> ah
<[1]Az> i had a space in there like an idiot
<[1]Az> too pro
<RoyK> [1]Az: > somewhere or 1> somewhere sends stdout to somewhere, 2> somewhere sends stderr to somewhere
<[1]Az> yeah i know :)
<RoyK> 2>&1 sends stderr to stdout
<[1]Az> but I'd done 2 > /dev/null
<RoyK> ah
<RoyK> :)
<[1]Az> and assumed it was a kernel error
<[1]Az> which you cant send to /dev/null?
<RoyK> it very rarely is ;)
<[1]Az> dd does it i think
<[1]Az> oh no it wasnt dd
<[1]Az> it was something weird
<[1]Az> cant remember now
<[1]Az> one of time or sync has unpipable messages
<roaksoax> you are reading more than me about it
<roaksoax> lol
<smb> hallyn, So if you not beating me to it, I would do that forward of the libvirt/apparmor discussion tomorrow
<hallyn> smb: sure.  reply go guido now though to tell him you'll do so
<smb> ack
<hallyn> smb: zul: you'r enot working on any utopic libvirt push right now are you?
<zul> hallyn: hell no
<smb> nope
<hallyn> ok, pushing a quick fix for bug 1375910
<uvirtbot> Launchpad bug 1375910 in libvirt "package libvirt-bin 1.2.8-0ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,In progress] https://launchpad.net/bugs/1375910
<TuxBrother> I want logrotate to store the rotated files in a subdirectory
<wedgie> Hello. running 12.04 and am noticing this HWE business. Just trying to make sure i'm understanding the ramifications of updating to 12.04.5 HWE: Does this mean that i will be moving from a 3.5 kernel to a 3.13 kernel?
<patdk-wk> if you are on anything other than 3.2, yes, you will get 3.13
<sarnold> wedgie: correct, this is the package you'd be using https://launchpad.net/ubuntu/+source/linux-lts-trusty
<patdk-wk> anything inbetween is *unsupported*
<wedgie> ok, thanks
<iDealz> anyone have any experience with rebuilding broken RAID arrays?  I had a drive fail completely in an mdadm array 5 and now when I boot my server it boots into initramfs prompt.
<iDealz> when I choose the option to load a degraded array it seems to ignore my response and proceed to initramfs prompt anyway
<nyktovus> running ubuntu server 12.04. looking for someone to help walk me thru adding a swap file on a system
<nyktovus> swapon -s
<nyktovus> Filename                                Type            Size    Used    Priority
<nyktovus>  Device Boot      Start         End      Blocks   Id  System
<nyktovus> /dev/sda1   *          63    36812799    18406368+  83  Linux
<nyktovus> /dev/sda2        41082880    80021503    19469312    5  Extended
<nyktovus> /dev/sda3        36812800    41082879     2135040   82  Linux swap / Solaris
<nyktovus> /dev/sda5        41084928    80019455    19467264   83  Linux
<nyktovus> so theres no swap on currently.. yet i have a partition available for it.
<nyktovus> all the walkthroughs i've seen dont seem to cover this scenario
<lordievader> nyktovus: Could you pastebin your /etc/fstab?
<lordievader> !paste| nyktovus
<ubottu> nyktovus: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<nyktovus> http://paste.ubuntu.com/8468072/
<nyktovus> thanx for the  link
<lordievader> nyktovus: Your swap partition is not defined in fstab that is why it is not used.
<nyktovus> agreed.
<nyktovus> so how should i best define this?
<hallyn> utlemming: heads-up, https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1373981 sounds like a bug in cloud images (awaiting more info)
<uvirtbot> Launchpad bug 1373981 in lxc "ubuntu 14.10 server, amd64 - lxc-start fails to start container" [Undecided,Incomplete]
<lordievader> nyktovus: Add an entry like "/dev/mapper/padme-swap_1 none            swap    sw              0       0"
<lordievader> nyktovus: Of course edit to your configuration.
<nyktovus> how bout add "
<nyktovus> /dev/sda3       swap            swap    defaults        0       0
<nyktovus> "
<nyktovus> sorry.. there shouldnt have been line breaks in that
<lordievader> nyktovus: /dev/sda3       swap            sw    defaults        0       0
<lordievader> nyktovus: /dev/sda3 none       swap            sw    defaults        0       0
<lordievader> Disregard the previous one ;) none needs to be added.
<nyktovus> which one?
<nyktovus> ok.. so i added your line.. reboot? or do i need to tell it to swap on or something?
<lordievader> nyktovus: Try 'mount -a' or 'swapon', I forgot...
<nyktovus> swapon -s is now showing my listing
<nyktovus> i dont need the UUID of the partition in fstab?
<lordievader> It's preferable but not mandatory.
<nyktovus> why preferred?
<blaaa> hwat is preferable? the UUID of the partition or the UUID of the filesystem?
<lordievader> nyktovus: sdXY namings can change, UUID's should not.
<nyktovus> gotcha.
<nyktovus> apparantly i've been running this server for years with no swap... been flawless tho
<blaaa> nyktovus: should be like that
<blaaa> nyktovus: if not get more ram
<iDealz> anyone have any experience with rebuilding broken RAID arrays?  I had a drive fail completely in an mdadm array 5 and now when I boot my server it boots into initramfs prompt.
<iDealz> anyone have any experience with rebuilding broken RAID arrays?  I had a drive fail completely in an mdadm array 5 and now when I boot my server it boots into initramfs prompt.
<iDealz> oops, sorry for the double post
<slops17> hey all i have a wierd question. I am running ubuntu server 14.04 and during boot up the resolution is fine once it gets to the login prompt the resolution is just a small box on the screen. any one ever experienced this before
<nyktovus> so i shouldnt use a swap?
<sarnold> nyktovus: swap is nice but if you have too much swap traffic too often it's a sign you need more memory. :)
<blaaa> nyktovus: swap can be useful sometimes, to keep stuff in memory when it's _not_ used
<nyktovus> oh i dont have that issue at all.. i'm at 20% usage as we speak..
<slops17> its on a dell 1907 monitor
<iDealz> slops17: this might be of some help http://askubuntu.com/questions/299975/proper-way-to-change-terminal-resolution-in-ubuntu-server-13-04
<slops17> iDealz, i tried that already and didnt work
<iDealz> anyone have any experience with rebuilding broken RAID arrays?  I had a drive fail completely in an mdadm array 5 and now when I boot my server it boots into initramfs prompt. I believe I need to boot from a CD to get into root, but dont know where to go from there
<slops17> iDealz, i found this and seams to have worked
<slops17> http://www.thomas-krenn.com/en/wiki/Fixing_Graphics_Output_Driver_Problems_of_LES_with_newer_Linux_Kernels
<patdk-wk> slops17, good thing we don't do graphics in this channel :)
<slops17> patdk-wk, i had problem number 3 on that link only the upper left portion of the screen was in use and it was a paint to do anything on the box but it is now fixed
<Logos01> Howdy folks. I just updated my LXC binary, and now my apparmor service is dying on me with the below error. Can someone help me understand what "TOK_MODE" means so I can maybe take a stab at remediating it?
<Logos01> "AppArmor parser error for /etc/apparmor.d/lxc-containers in /etc/apparmor.d/abstractions/lxc/container-base at line 42: syntax error, unexpected TOK_OPENPAREN, expecting TOK_MODE"
<tyhicks> Logos01: Hi - what Ubuntu release are you running?
<tyhicks> Logos01: also, can you copy and paste line 42 of /etc/apparmor.d/abstractions/lxc/container-base?
<Logos01> 14.04
<Logos01> err, 14.04.1 (just updated) -- Whole line is "  unix (receive),"
<blaaa> Logos01: I have run into issues with apparmor scriptsa few months ago, don't know if they have been fixed, have stopped trying
<blaaa> Logos01: your issue looks different though
<Logos01> Mine is specific to LXC.
<Logos01> I have the lxc-daily ppa enabled (necessary because I'm using ZFS as backing store)
<tyhicks> Logos01: what is the output from `apt-cache policy lxc apparmor | grep Installed`?
<Logos01> Installed: 1.1.0~alpha1+master~20140930-0358-0ubuntu1~trusty ; Installed: 2.8.95~2430-0ubuntu5
<Logos01> If I only knew what "TOK_MODE" meant I could maybe puzzle out what's going on.
<tyhicks> Logos01: the problem stems from having a brand new version of lxc and an slightly old version of apparmor
<patdk-wk> heh? it makes perfect sense
<tyhicks> Logos01: ignore the TOK_MODE error message - it is just trying to tell you that the apparmor_parser program can't compile your policy
<Logos01> I get that TOK_OPENPAREN means it's seeing the open parenthesis in "unix (receive)", when it's expecting some other character.
<patdk-wk> unexpected token open parentheses, expecting token mode
<Logos01> tyhicks: Okay, then how do I resolve this?
<Logos01> (And how do I rule out a typo making it into the daily PPA?)
<tyhicks> Logos01: you can do one of two things: 1) comment out, with '#' characters, the lines that start with "unix" or 2) install the apparmor package from Utopic
<tyhicks> Logos01: I'd go with option #1
<Logos01> It seems to me that neither of these are optimal.
<Logos01> What *does* "TOK_MODE" mean anyhow?
<patdk-wk> mode :)
<Logos01> patdk-wk: heh.
<patdk-wk> read, write, create, ....
<tyhicks> Logos01: the apparmor_parser program in 14.04 doesn't know about "unix" rules
<tyhicks> Logos01: we just recently landed support for unix rules in Utopic
<tyhicks> Logos01: unfortunately, those are the only two possible workarounds available at the moment
<Logos01> Hrm...
<patdk-wk> rm / being one?
<Logos01> Okay, so going into backup of the etc dir I see the old file did not in fact have the unix lines.
<Logos01> So I'm not losing anything by commenting them out I suppose.
<tyhicks> Logos01: just a sec
<patdk-wk> you will be
<patdk-wk> you need something to give you that permission
<patdk-wk> so what is missing in the new file? that the old one had
<tyhicks> Logos01: looks like the lxc guys have a workaround for this in the lxc packaging
<tyhicks> Logos01: I'm not sure why it isn't working for you
<tyhicks> Logos01: what does `grep DISTRIB_RELEASE /etc/lsb-release | cut -d= -f2` output on your machine?
<Logos01> 14.04
<tyhicks> maybe they use different packaging for their daily ppa
 * tyhicks goes to look for it
<Logos01> I've had good history with the daily ppa, kinda surprised by this.
<Logos01> But ... it's rare that *nothing* goes wrong.
<Logos01> ( And at least this isn't bash related ... <_< )
<patdk-wk> oh ya, I haven't had time to check my bash hit counter today yet
<Logos01> patdk-wk: Just be thankful you don't have to deal with explaining to infosec people that "no, it's not possible to patch the system-provided bash shell on an OS version that went End of Life 12 years ago."
<patdk-wk> why?
<patdk-wk> I was in charge of patching our systems from 10years ago
<Logos01> Re-read that.
<patdk-wk> patching bash 3.2
<Logos01> 2.05
<patdk-wk> ah, I didn't have to go that far back
<tyhicks> Logos01: upgrade to lxc 1.1.0~alpha1+master~20140930-1924-0ubuntu1~trusty and everything should work without any manual changes
<Logos01> tyhicks: I did just perform upgrade about half an hour ago
<Logos01> But there's an LXC package available. Interesting.
<tyhicks> Logos01: do another
<tyhicks> Logos01: it'll fix it
<tyhicks> Logos01: they added in the change that removes the unix rules if you're running 14.04 or older in the latest version
<Logos01> tyhicks: It did not fix it.
<tyhicks> Logos01: same error?
<Logos01> Yes
<Logos01> It left my modified file in place.
<Logos01> When I uncommented the unix lines it errored again
<tyhicks> Logos01: I thought I stopped you before you edited it
<Logos01> Nope.
<tyhicks> Logos01: well, you now know the fix
<tyhicks> Logos01: sorry that you upgraded in the small window where the install script was missing the logic to comment out the unix rule
<Logos01> tyhicks: I'm not sure I do know the fix.
<Logos01> I tried uninstalling and reinstalling lxc altogether, both with and without the container-base file present, and it's not doing any good.
<Logos01> Well this is interesting. I decompressed the latest lxc *.deb from /var/cache/apt/archive and compared it's container-base to what I had on-hand. http://paste.ubuntu.com/8468711/
<tyhicks> Logos01: I think `sudo apt-get -o Dpkg::Options::="--force-confask" install --reinstall lxc` should do the trick
<Logos01> I then *copied* the deb's container-base file in place and restarted apparmor and it did not balk at the syntax.
<tyhicks> good to hear
<Logos01> Odd behavior is odd, to say the least.
<Logos01> tyhicks: Thanks for your help. Much appreciated.
<tyhicks> no problem!
<iDealz>     hhhhhju[p5+]\7
<iDealz> 1
<adam_g> zul, jamespage https://code.launchpad.net/~gandelman-a/ubuntu/utopic/ironic/juno/+merge/236635 <- refreshed the ironic packaging for juno. RC1 isn't released yet but it shouldnt require anythign new. python-ironicclient could use an upload, and eventlet could use those patches for bug 1321787
<uvirtbot> Launchpad bug 1321787 in python-eventlet "Paramiko does not properly work with eventlet concurrency" [Undecided,Confirmed] https://launchpad.net/bugs/1321787
<mgw> I've got an install that's failing on setting up grub
<mgw> I dropped into a shell
<Logos01> mgw: What device are you using?
<mgw> and there's no device.map
<mgw> I've tried hd0 (default) and hd1
<mgw> once I drop into a shell I can run grub-mkdevicemap
<mgw> and then grub-install works
<Logos01> device.map shouldn't be necessary.
<mgw> Might it be mapped to a different name?
<mgw> how can I print what devices grub knows about
<Logos01> Something seems odd that this is necessary at all.
<Logos01> What would be a brief description of your hardware setup? Anything unusual? VM? Physical? Installing to LVM?
<mgw> The unusual thing is that hda is a 3TB XFS volume and hdb has / on the first partition
<mgw> It's physical
<mgw> I can't set the 3TB as bootable
<mgw> hdb0 is marked as bootable
<Logos01> What version of Ubuntu are you trying to use?
<mgw> 14.04
<Logos01> mgw: If I understand correctly, your goal is to boot off of an XFS volume?
<mgw> no
<mgw> Logos01: it's to boot off the ext4
<mgw> on the second drive
<mgw> first partition of second drive is an ext4 partition
<Logos01> Physical partition?
<mgw> I got grub to install once, by dropping into a shell when it failed
<mgw> and running mkdevicemap
<mgw> and install hd1
<mgw> Yes, the first partition is physical
<mgw> there are some logical volumes there too
<mgw> after the first
<Logos01> logical partitions, not LVM2 logical volumes
<Logos01> ?
<mgw> right
<mgw> sorry
<Logos01> mgw: Just for confirmation, are you able to remove the XFS drive from the system?
<mgw> partitions
<mgw> no LVM involved
<mgw> physicall remove it?
<Logos01> (Re-attempt installation w/o XFS present is the goal, to isolate behavior)
<mgw> I cannot physically remove it
<mgw> this is PXE booting
<mgw> remotely
<mgw> I'm on kvm
<mgw> I can reformat it as ext4 though
<mgw> but I cannot make the 3TB bootable even as ext4
<mgw> in the paritioning manager
<Logos01> "the partitioning manager" being ... ?
<mgw> in the installer
<mgw> Logos01: should I try again having formatted the 3TB as ext4?
<mgw> And leaving "d-i grub-installer/bootdev string (hd1)" in the preseed?
<mgw> Logos01: would the devices always be hd0, hd1, etc?
<Logos01> mgw: Just a sec. I'll admit that I'm far better w/ kickstarts than w/ preseeds.
<mgw> or maybe they're sda1 ro something?
<mgw> before i run mkdevicemap
<mgw> to reiterate, before running mkdevicemap, grub-install complains that hd1 (or hd0 for that matter) does not exist
<mgw> after I run mkdevicemap hd0 and hd1 are properly mapped
<mgw> and grub-install works
<mgw> Logos01: I think i got it
<mgw> I can run "grub-install /dev/sdb" from busybox
<mgw> and it works
<Logos01> https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bug/1012629
<uvirtbot> Launchpad bug 1012629 in grub-installer "grub-installer ignores "bootdev" setting in preseed file" [Undecided,Confirmed]
<mgw> It's not ignoring it
<mgw> in my case
<Logos01> Right, but read that ticket history.
<mgw> It complains the device in the preseed does not exist
<Logos01> What you describe is very similar.
<mgw> reading
<mgw> hmm, I think the installer i'm booting into is newer than the release
<mgw> but perhaps not
<mgw> I"m going to try setting bootdev to /dev/sdb though and run through an install
<mgw> if that doesn't work, I'll ensure I have the latest install image
<mgw> Logos01: thanks for the help!
<Logos01> mgw: You tried 'd-i grub-installer/bootdev string /dev/sdb' ?
<mgw> no, i'm about to
<mgw> I was using hd1
<mgw> previously
<mgw> (hd1)
<Logos01> I'd suspect that by using the string you'd be able to avoid the need for the mkdevicemap.
<mgw> yeah, that's what my tests in busybox indicate
<mgw> since grub-install /dev/sdb worked
<mgw> and grub-install (hd1) did not
 * Logos01 crosses crossable phalanges
<Logos01> (that's fingers/toes)
<mgw> will know in a few minutes
#ubuntu-server 2014-10-01
<sandprickle> I setup postfix+dovecot starting with mail-stack-delivery, and virtual users are not working. Bounces all mail but that addressed to the mail username that matches my local username. The %d in mail_home and mail_location doesn't seem to be expanding.
<mgw> Logos01: thanks, changing bootdev to the dev path (/dev/sdb) worked.
<hfaust> hi guys, how are you?
<iDealz> anyone have any experience with rebuilding broken RAID arrays?  I had a drive fail completely in an mdadm array 5 and now when I boot my server it boots into initramfs prompt. I believe I need to boot from a CD to get into root, but dont know where to go from there
<rostam> HI I am using ubuntu 14.04. I have used debootstrap --downloadonly to download required packages for debootstrap. It works fine, but I see some of the packages have naming convention I do not understand: For example:  zlib1g_1%3a1.2.8.dfsg-1ubuntu1_amd64.deb, But not all the packages have this issue, could someone please help me? thx
<sarnold> rostam: I assume it is a : from epoch versioning, 1:1.2.8.dfsg-1ubuntu1
<lordievader> Good morning.
<Aison> hi
<Aison> is it possible, that ufw is just for simple settings?
<lordievader> Aison: Imo, yes.
<lordievader> You can do simple things, like allow/drop/reject connections but anything more complex... well then you have to write iptables rules.
<Aison> yes, I know how to write iptables rules, but my problem is also, that ufw is not removing my custom rules after "ufw disable"
<Aison> maybe it's best to use ufw just for filtering of incoming connections
<lordievader> What custom rules are you talking about? Those created with ufw?
<Aison> eg. things like that:
<Aison> -A POSTROUTING -o bond0.2 -s 10.35.0.0/16 -j SNAT --to-source 212.51.145.89
<Aison> many of those
<lordievader> Aison: I take that you created those outside of UFW, ofcourse it won't remove those.
<Aison> yes, when I take them outside, then it is my responsibility :)
<hxm> how to know if i am vulnerable to shellshock?
<ikonia> there are various tests on the web
<lordievader> hxm: If you regularly update your machine you should no longer be vunerable, given you run a supported version.
<cynicallemon> hxm: making sure your run updates is a good way
<hxm> i am updated, i just wanted to know
<hxm> you know, panic attack
<cynicallemon> hxm: https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability
<Aison> argh, wie liest man ipv6 netzmasken?!? muss ich verschiedene subnetze so schreiben 2a02:168:200f:0001::/56, 2a02:168:200f:0002::/56, 2a02:168:200f:0003::/56
<Aison> oder so 2a02:168:200f:0100::/56, 2a02:168:200f:0200::/56, 2a02:168:200f:0300::/56
<Aison> damn, sorry, wrong channel
<Aison> lol
<henkjan> Aison: sipcalc is a nice utility for ipv6 addresses/netmasks
<hxm> i run the bash version GNU bash, versiÃ³n 4.2.45(1)-release (x86_64-pc-linux-gnu)
<hxm> is that the lastest one?
<hxm> i try to upgrade bash and it says is the latest
<henkjan> Aison: see output https://p.6core.net/p/Yk3YdNzzdosBDVWhW1WYbtE2
<Aison> :D
<hxm> np fixed
<jamespage> adam_g, comments on mp - missing patch?
<jamespage> zul, coreycb: hmm the ironic driver landed in nova for c1
<jamespage> rc1 rather
<jamespage> adam_g, ironicclient sync from debian (1.2.x)
<jamespage> sorry 0.2.x
<rostam> HI I see some of the ubuntu packages have extra field: "1%3a" for example  zlib1g_1%3a1.2.8.dfsg-1ubuntu1_amd64.deb. Is this epoch version?  in any case does it have any difference with the package which does not have that extra characthers?  The problem I have I can not use those packages in my http server to download them, the extra packages break the download process.  Thanks
<rbasak> rostam: yes, it's for the epoch. The ':' character is in the filename but gets escaped due to HTTP requirements.
<rostam> rbasak, if I rename the package (removing extra 1%3a) would cause any issue, or is there a better way doing this? thanks
<rbasak> rostam: a better way of doing what?
<rostam> rbasak,  I want to remove the "1%3a" from package name?
<jamespage> zul, stevedore internal versioning was causing issues so I uploaded 1.0.0 and 1.0.0.0 so that I can actually test glance properly
<zul> bah
<Odd_Bloke> rostam: '1:' is part of the version, not part of the package name.
<rostam> Odd_Bloke, ok, so when package is downloaded through http, the  "1:" changes to "1%3a"  ??
<Odd_Bloke> rostam: ':' is not a legal character in URL paths so it's encoded to %3a.
<rostam> Odd_Bloke, thanks, now I got it.
<Odd_Bloke> rostam: :)
<jamespage> coreycb, look at you on your IPv6 address :-)
 * jamespage stops poking coreycb
<jdstrand> lordievader: ufw by default does not flush the primary chains since it by default does not manage the primary change. you should be able to adjust /etc/default/ufw to have MANAGE_BUILTINS=yes, but this may have other side-effects. see /etc/default/ufw for details
<jdstrand> s/primary change/primary chains/
<lordievader> jdstrand: I don't use UFW ;)
<jdstrand> oh whoops
<jdstrand> Aison: ^
<jamespage> zul, coreycb: almost have nova and glance done
<coreycb> jamespage, heh :)
<jamespage> coreycb, hello
<coreycb> jamespage, hey
<coreycb> jamespage, would you mind taking a look at this to see if it looks good so far?  https://code.launchpad.net/~corey.bryant/ceilometer/2014.2-rc1/+merge/236610
<coreycb> jamespage, I think I need to pip install to verify some things
<coreycb> jamespage, oh and I can take ironic
<jamespage> coreycb, adam_g already did
<coreycb> jamespage, oh sweet, thanks adam_g !
<jamespage> coreycb, interesting - http://specs.openstack.org/openstack/ceilometer-specs/specs/juno/ipmi.html
<coreycb> jamespage, yeah pretty cool
<jamespage> zul, sigh
<jamespage> VersionConflict: (oslo.config 1.4.0.0-a5 (/usr/lib/python2.7/dist-packages), Requirement.parse('oslo.config>=1.4.0'))
<jamespage> dealing with it now
<zul> nova?
<jamespage> zul, no glance
<jamespage> zul, I've uploaded new versions of stevedore, oslo.config and oslo.rootwrap with additional .0's to deal with final release/pre-release versioning stuff
<zul> ack
<jamespage> bug 1373714
<uvirtbot> Launchpad bug 1373714 in openstack-dashboard "openstack-dashboard next charms don't properly support vip_cidr" [High,New] https://launchpad.net/bugs/1373714
<jamespage> zul, gah - boto and eventlet are also causing problems...
 * jamespage sighs
 * zul shakes his head
<zul> as in how?
<jamespage> zul, for some reason bits of glance use pbr for stuff, and boto and eventlet don't match from a version perspective
<zul> jamespage:  gah...you should be able to get around that by patching the requirements.txt
<jamespage> zul, yeah - but the eventlet problem is in oslo.vmware as well
<jamespage> I can fix that
<zul> ok
<jamespage> but its a pita
<zul> jamespage:  i feel your pain
<jamespage> zul, bumping eventlet to 0.15.2 is a 25k diff
<jamespage> lots of py3 compat work
<jamespage> makes me nervous
<jamespage> boto might not be so bad
<jamespage> zul, boto - 22k diff
<jamespage> again lots of py3 compat
<rbasak> utlemming: bug 1375252 interests me. Is cloud-init resetting the hostname as I'd expect here, based on what Azure says, or is walinuxagent supposed to be doing something extra-clever here?
<uvirtbot> Launchpad bug 1375252 in walinuxagent "Hostname change is not preserved across reboot on Azure Ubuntu VMs" [Undecided,Confirmed] https://launchpad.net/bugs/1375252
<jcastro> jamespage, sorry those openstack charm bugs I filed were not descriptive, I was filing them on the spot. Now that I am back I'll get you more info.
<jamespage> jcastro, awesome
<jcastro> jamespage, you don't have an orange box do you?
<jamespage> jcastro, nope
<jamespage> zul, coreycb: We are scheduled to publish 2014.1.3 on Thurs Oct. 2nd for
<jamespage> wowser
<jamespage> ^^ gaughen :-)
<coreycb> jamespage, ok yep
<coreycb> jamespage, busy week!~
<jamespage> coreycb, yes indeed
<coreycb> jamespage, so if something is in universe it can't be a dep in debian/control?
<jamespage> coreycb, well it can but will need a MIR
<jamespage> coreycb, which one?
<coreycb> tox is required to generate ceilometer.conf
<coreycb> jamespage, ^
<jamespage> great...
<coreycb> jamespage, and tests get fubar if I don't include python-pysnmp4 in build-depends
<coreycb> but maybe that's just a rules file change, not sure
<jamespage> coreycb, pysnmp4 is already under MIR - waiting for security team review
<coreycb> jamespage, ah, cool
<coreycb> jamespage, guess I should have remembered that, my name is in the bug
<coreycb> :)
<jamespage> coreycb, hmm tox
<coreycb> jamespage, hmm.. tox..
<coreycb> jamespage, can we try to MIR?
<jamespage> coreycb, use "bash tools/config/generate_sample.sh -b . -p ceilometer -o etc/ceilometer"
<jamespage> and bypass tox
<coreycb> jamespage, nice, that works
<coreycb> jamespage, ceilometer is ready for review - https://code.launchpad.net/~corey.bryant/ceilometer/2014.2-rc1/+merge/236610
<queeq> http://pastebin.com/H9LALpSP
<queeq> Last lines are actually on different lines, just got malformed when pasted
<queeq> Packets are marked:
<queeq>   194 15982 MARK       icmp --  *      br0     0.0.0.0/0            0.0.0.0/0            MARK set 0x15
<queeq> Anyone?
<Aison> I guess isc-dhcp-server-ldap is not supporting DHCPv6?
<Aison> at least in the schema file there is no dhcpSubnet6
<|\n> what should i check first of all, if i see "dhclient.c:2277: Failed to send 300 byte long packet over fallback interface."
<jamespage> coreycb, zul: can you guys handle the remaining rc1's please
<jamespage> I have a load of charm review/work to finish for eod tomorrow and need to switch focus
<coreycb> jamespage, sure
<zul> jamespage:  sure
<smoser> rbasak, http://blog.oddbit.com/2013/10/04/automatic-dns-entries-for-libvirt-domains/
<smoser> stubled across that . and thought of uvt
<smoser> does parsing of leases file.
<smoser> that is actually really nice. and combined with 'incron' as suggeted. really neat
<rbasak> smoser: I hate things that involve modifying /etc/hosts
<rbasak> smoser: but an nss module would be nice!
<smoser> rbasak, it doesn't require modiying /etc/hosts
<smoser> well, the whole solution does.
<smoser> but you could just use the parsing libvirt for domain->ip
<Logos01> smoser: My apologies, what are you trying to do? (Catch me up)
<smoser> well, determine an ip address for a libvirt domain.
<Logos01> You could nuke the need for network manager by just sticking w/ dnsmasq and using pkill -SIGHUP dnsmasq whenever there's an inotify event.
<smoser> i have no need of network manager.
<Logos01> I'm reading the oddbit.com blog page.
<smoser> mostly i was just interested in parsing of libvirt xml and dnsmasq.
<Logos01> dnsmasq is pretty straightforward in these things.
<smoser> ?
<smoser> the problem is
<smoser>  a.) you start a domain in libvirt named 'smfoo'. it dhcp's and gets an ip address.
<Logos01> If I understand it you want to be able to obtain the ip address of an arbitrary libvirt domain/guest.
<smoser>  b.) you want to ssh to 'smfoo'
<Logos01> Right.
<smoser> but smfoo is not resolvable dnswise.
<smoser> so you have to do that.
<Logos01> And there are ways to make that viable.
<smoser> which do not require guest modification?
<Logos01> Nope.
<Logos01> I am in the habit of using dnsmasq as a local DNS cache on my boxes.
<Logos01> So my resolv.conf points to 127.0.0.1
<Logos01> This allows me to have whatever upstreams I like -- I could for example have my local dnsmasq instance reference the libvirt dnsmasq as an upstream.
<patdk-wk> only issue with that is, no dnssec support
<Logos01> The libvirt upstream one will provide responses for its dhcp clients (or at least their leases)
<smoser> Logos01, no it wont.
<Logos01> patdk-wk: dnsmasq can do dnssec.
<smoser> it will provide dns for those that provided it with a hostname on dhcp request.
<smoser> and if you launch 10 instances of a disk image that have 'foo' in /etc/hostname it fails.
<smoser> avahi is the other guest modification way to publish your name.
<smoser> which is what uvtool uses now. but i dont want the guest modification.
<Logos01> I'm not in the habit of reusing hostnames during provisioning.
<rbasak> smoser: I'm basically doing the same parsing inside uvtool.
<smoser> oh. i didn't know that.
<smoser> :)
<rbasak> smoser: writing /etc/hosts dynamically just feels bad to me.
<Logos01> So you want systems to have a shared local hostname, not have that be modified during dhclient lease acquisition, and still have the ability to address a system by hostname upon startup ?
<rbasak> smoser: for example, have fun with guests inserting interesting hostnames :)
<smoser> Logos01, "provisioning".
<smoser> i want no "provisioning".
<Logos01> smoser: Then you want no systems.
<rbasak> Zeroconf solves the problem.
<smoser> i have cloud-init and ubuntu cloud images.
<Logos01> Manual provisioning is still provisioning.
<smoser> i download them and run them.
<smoser> i dont modify them.
<rbasak> But avahi-daemon+libnss-mdns didn't seem reliable enough.
<Logos01> That's a form of provisioning.
<smoser> thats what i want to avoid.
<smoser> "guest modification"
<Logos01> Then let dhclient assign the hostname.
<rbasak> I want sensibly named hosts.
<rbasak> THat I specified at the commandline
<Logos01> Yeah, there's a meaningful part of the conversation missing here.
<smoser> rbasak, actually, the dhclient being run with the hostname
<smoser> is more doable now.
<smoser> and in the future the nocloud data source would be able to set that.
<smoser> the change is that now in utopic, the neworking will not come up until after cloud-init has searched local datasources
<patdk-wk> oh? when did dnsmasq get dnssec
<Logos01> Not sure when, but: http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
<Logos01> "It can be configured to do DNSSEC validation."
<Logos01> http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2014q1/008086.html <-- looks like it was Q1 2014.
<Logos01> Made it into 14.04 w/ dnssec support.
<smoser> Logos01, what did you mean by "let dhclient assign the hostname" ?
<tafa2> eh
<Logos01> smoser: I mean you have your dhcp server assign hostnames for the guests.
<smoser> i dont know that i follow.
<tafa2> whathttp://askubuntu.com/questions/104918/how-to-get-hostname-from-dhcp-server
<tafa2> 2 seconds in google
<tafa2> i didnt read it
<smoser> guest modification, tafa2.
<tafa2> smoser I came late... but you want to give dhcp clients hostnames server by your dhcp server?
<tafa2> *served
<smoser> never mind.
<smoser> it seems this could be fairly well solved with a dnsmasq '--script' or '--luascript'.
<smoser> libvirt runs dnsmsasq with dhcp-hostsfile and addn-hosts . the script could then read libvirt, and populate the dnsmasq specific hosts with the new entry.
<smoser> you'd still have to query the dnsmasq nameserver to get the response, but youcoudl do it ther.e
<Logos01> smoser: That is not guest modification.
<Logos01> Guest modification is something done by an automatic provisioning process.
<Logos01> Allowing dhcp server to assign hostnames when dhclient is run is a different story.
<smoser> but you ahve to modify the guest.
<smoser> to make it set its hostname.
<smoser> i dont know. maybe i'm missing something.
<Logos01> smoser: dhclient *should*, if 'instructed' to do so by the dhcp server, assign the hostname for the dhclient guest.
<Logos01> You have to configure your dhcp server to instruct the dhclient binary to set the hostname.
<smoser> really ? i dont think that generally sounds like good advice.
<smoser> what if i have 2 NICS both dhcp on different networks with different lease times.
<smoser> seems unpredictable.
<jrwren> i prefer cloud-init setting my hostname :p
<[F_F]> Ubuntu = Linux + Cancer + Aids
<[F_F]> specially AIDS
<bastidrazor> haha, all curable and revolutionary
<hxm> hi
<hxm> i have apache2 running, the 80 port is busy, now i have a process with webinterface that i want to run in port 80 too
<hxm> i changed the listening host but it still says is in use
<hxm> how can i do that?
<genii> hxm: You changed the port for apache to something else?
<hxm> no, i found a solution using proxy_mod and proxypass
<genii> Ah, good.
<Aison> how can I run a dhcpv6 server and dhcpv4 server at the same time?!?
<Aison> the strange thing is, i've got a isc-dhcp-server in /etc/init.d/
<Aison> and a isc-dhcp-server.conf and isc-dhcp-server6.conf in /etc/init
<Aison> ...-
<[F_F]> I guess you need both static IP's first
<[F_F]> IPv4 static and IPv6 static
<Aison> yes, i've got both, but somehow isc-dhcp-server have got no ipv6 version
<[F_F]> hmmm
<[F_F]> that's odd
<[F_F]> http://knowledgelayer.softlayer.com/learning/adding-ipv6-ubuntu-systems
<[F_F]> https://secure.evorack.com/portal/knowledgebase.php?action=displayarticle&id=17
<[F_F]> hope that helps
<Aison> when I try to start, I get subnet6 statement is only supported in DHCPv6 mode.
<Aison> works now :)
<[F_F]> Where does 2 links helpful?
<[F_F]> or not?
<Aison> not directly, the addresses were correctly set
<Aison> but the config file had the wrong name ^^
<[F_F]> awwww :(
<hallyn> jdstrand: any complaints to /sys/firmware/devicetree/** r, in the libvirt-qemu template?
<hallyn> (this is for bug 1374554)
<uvirtbot> Launchpad bug 1374554 in libvirt "ppc64el virsh start fails" [High,Confirmed] https://launchpad.net/bugs/1374554
<jdstrand> hallyn: none
<hallyn> thanks, pushing
<qman__> Bug 1358925 still being an annoyance :/
<uvirtbot> Launchpad bug 1358925 in postfix "root alias does not get set" [Undecided,New] https://launchpad.net/bugs/1358925
#ubuntu-server 2014-10-02
<iDealz> Anyone have any experience rebuilding broken arrays in Mdadm?  I had a drive completely die and now when I boot it opens in an "initramfs" prompt.  I was told booting from a disc/usb would at least get me to root, but not sure how to safely rebuild array
<Sachiru> How broken is broken?
<Sachiru> Degraded pr dead?
<Sachiru> *or
<JanC> maybe it didn't start degraded for some reason?
<JanC> not automatically
<iDealz> it is dead
<iDealz> trying to load degraded array is ineffective
<iDealz> just brings me to initramfs prompt
<iDealz> whether I select y/N
<JanC> so, you remove the faulty disk from the array and it still doesn't start if you tell it to start degraded?
<iDealz> exactly
<JanC> I hope you have backups...
<iDealz> I have the OS on a SSD drive so not sure why that is
<iDealz> I would think it would at least load to root even if it cant mount array
<iDealz> oh no, that doesnt sound promising
<iDealz> no backups LOL
<JanC> what if you mount the SSD manually?
<iDealz> from the initramfs prompt?
<iDealz> I was thinking about trying to boot from a USB to get to root
<JanC> BTW: did you try to exit from the initramfs prompt?
<iDealz> didnt know that was an option
<iDealz> saying I'm inexperienced in Ubuntu would be to put it lightly... my first run at Ubuntu and running an array
<iDealz> would I just do a change directory command to exit out of initramfs?
<JanC> IME it will (try to) continue booting
<JanC> no, you press Ctrl+D or you run exit
<JanC> sometimes that works if you ended up at an initramfs prompt because of a time-out
<iDealz> will give it a shot real quick
<JanC> obviously, it's not going to solve any RAID problems
<Sachiru> Assuming that this is ubuntu
<Sachiru> Try typing "exit" into the initramfs
<Sachiru> It's probably dropping into initramfs because it's asking if you want to boot degraded and (being a server, assuming headless) you don't tell it to boot degraded fast enough and the operation times out
<iDealz> I hit Ctrl+D
<iDealz> its checking drives now
<Sachiru> Uh
<Sachiru> Did you do the disk check
<Sachiru> Or is the disk check automatic
<iDealz> automatic
<Sachiru> If you invoked the disk check CANCEL IT RIGHT THE FUCK NOW
<iDealz> how do you cancel?
<Sachiru> If it's automatic, nevermind, let it run
<iDealz> LOL wasnt an optino
<iDealz> just started checking
<Sachiru> Considering that it's running I'm thinking that it's just degraded and not broken
<iDealz> okay that brought me to root
<iDealz> was able to login with no issues
<Sachiru> Okay, so you're now at console I assume
<iDealz> yes
<Sachiru> can you do this command?
<Sachiru> Wait, before executing commands
<Sachiru> What drives are on the system that are managed by mdadm?
<Sachiru> What is /dev/sd[X] where X are the drives in the RAID?
<iDealz> there are 3 2TB drives, sda1, sdb1, sdc1 I believe
<Sachiru> Ok.
<Sachiru> first step, backup existing superblock
<Sachiru> Please run the following commands: mdadm --examine /dev/sda1 >> raid.status
<Sachiru> mdadm --examine /dev/sdb1 >> raid.status
<Sachiru> and mdadm --examine /dev/sdc1 >> raid.status
<iDealz> unfortunately that is the issue, so I opened up the box to add more memory and low and behold when I rebooted it had a dead drive
<Sachiru> Even so
<iDealz> so no memory available for backup
<JanC> iDealz: so the SSD is sdd then?
<iDealz> sdd isnt on array
<Sachiru> The SSD is SDD I assume?
<iDealz> *ssd
<Sachiru> Then save the superblock to wherever the SSD is
<Sachiru> It's a very small file
<Sachiru> A 4 GB flash drive should be more than enough to save it
<iDealz> ah ok
<Sachiru> Hell a 1 GB flash drive is more than enough to save it
<iDealz> so run the examine commands first?
<Sachiru> No
<JanC> a 256 kB flash drive is ... (etc.)  :p
<Sachiru> Mount the backup location
<Sachiru> Then run the command so that it saves the raid.status file there
<iDealz> following the logic, but dont know the commands
<iDealz> <-- feels like an idiot
<Sachiru> mdadm --examine prints the contents of the metadata stored on the device
<Sachiru>  >> raid.status saves the printed metadata to a file named raid.status which will be saved in the current working directory
<Sachiru> So what you'd do is mount the backup location (SSD, flash drive, whatever), CD to that backup folder, then run the commands
<iDealz> okay so the command you gave above is backing up the superblock?
<Sachiru> Backing up to to rebuild the superblock, yes
<Sachiru> Backing up how to rebuild the superblock, yes
<iDealz> the SSD should be mounted automatically I would imagine
<Sachiru> Yeah, you can backup to that
<Sachiru> The advantage of backing up how to rebuild the superblock is that you see what commands went into building the superblock in the first place, which gives you an idea of how the system is configured
<iDealz> okay so good to run mdadm --examine /dev/sdb1 >> raid.status ?
<Sachiru> As long as your current directory is the SSD, sure,
<Sachiru> Hmm.
<Sachiru> I think it would be better if you ran this command instead
<iDealz> does it matter what directory I'm in?
<Sachiru> Yes it matters
<Sachiru> Because the current directory you are in would be the location of where the raid.status fill will be saved when you run that command
<Sachiru> Thus if you're in the RAID array you're essentially saving the backup back to the array
<JanC> you probably want ">" instead of ">>" ?
<Sachiru> Anyhow, run this command instead: mdadm --examine /dev/sd[abc]1 >> raid.status
<Sachiru> So that you run the command only once instead of three times
<iDealz> okay
<iDealz> and I'm not in the array so should be good there
<Sachiru> Once it's done please open raid.status and pastebin the contents here
<Sachiru> Is it done?
<JanC> "pastebin" meaning you put it on a sit like paste.ubuntu.com   :)
<iDealz> yep, had to restart router... server wasnt connected
<Sachiru> Ah
<iDealz> okay so sda1 isnt connect atm due to it being dead
<iDealz> *connected
<iDealz> I get the following response:
<iDealz> mdadm: no md superblock detected on /dev/sda1
<iDealz> did it still run the examine?
<iDealz> looks like it file is there
<iDealz> okay will pastebin
<iDealz> blah, is there a quick way to pastebin from terminal?
<Sachiru> @iDealz: So /dev/sda1 is the broken drive I assume?
<Sachiru> Do you have a spare drive that you can swap into sda1's slot?
<Sachiru> As for pastebin from terminal, there's a package for that, sudo apt-get install pastebinit
<Sachiru> Then cat raid.stats | pastebinit
<iDealz> yes @ the spare drive
<iDealz> and sda1 is the broken drive
<Sachiru> Or you can also do cat raid.stats | curl -F 'sprunge=<' http://sprunge.us
<iDealz> hmm it didnt like sudo apt-get install pastebinit
<Sachiru> Ok, do the cat to sprunge instead
<Sachiru> To pastebin from terminal (assuming you have curl installed), you can either do pastebinit or do  <command> | curl -F 'sprunge=<-' http://sprunge.us
<iDealz> cat: raid.stats: No such file or directory curl: (26) couldn't open file ""
<Sachiru> raid.status
<Sachiru> Not stats
<Sachiru> Don't worry, we make typos too
<iDealz> okay now it just says curl: (26) couldn't open file ""
<iDealz> did it create the folder but not the file when it got hung up on the "no md superblock on /dev/sda1"?
<iDealz> perhaps I should've left the drive connected
<iDealz> hmm so the raid must be running in a degraded capacity as well... I can see this server and the raid contents on my network
<iDealz> hopefully that is a good sign
<Sachiru> It should create the file even if it hung up on /dev/sda1
<Sachiru> But to be sure, run it like this: mdadm --examine /dev/sd[bc]1 >> raid.status
<Sachiru> Sorry about the gap, had to handle an incoming ticket
<Sachiru> Anyhow, once the superblock is backed up, please do the following:
<Sachiru> a) Insert the new, working disk into the array
<Sachiru> b) Run mdadm --manage /dev/mdN -r /dev/sda1 <-- Replace /dev/mdN with the name of the RAID array
<Sachiru> b) Run mdadm --manage /dev/mdN -a /dev/sda1 <-- Replace /dev/mdN with the name of the RAID array
<Sachiru> Sorry, that should be C)
<Sachiru> d) mdadm --stop /dev/mdN <-- Replace /dev/mdN with the name of the RAID array
<Sachiru> e) mdadm --assemble --run --force --update=resync /dev/mdN /dev/sda1 /dev/sdb1 /dev/sdc1 <-- Replace /dev/mdN with the name of the RAID array
<iDealz> Sachiru: sorry had stepped away
<Sachiru> No problem
<iDealz> so I did nano raid.status and there is information in the file
<iDealz> but will run it with just bc as well
<iDealz> still the curl msg when I try to send it to sprunge
<iDealz> will hook up the new drive though and move ahead with your directions
<iDealz> is there a way to double check the name of the array?
<iDealz> want to make sure I get this right LOL
<Sachiru> Uh
<Sachiru> Could you do "ls -l /dev/ | grep [md]" and paste the output?
<Sachiru> Sorry, grep md
<Sachiru> Without the brackets.
<iDealz> yep 1 sec
<iDealz> brw-rw---- 1 root          disk      9,   0 Oct  1 22:54 md0
<Sachiru> Ok
<Sachiru> So your array is md0
<Sachiru> No other array on the system I assume?
<iDealz> nope
<Sachiru> Ok, confirmed, your only array is md0
<Sachiru> Just run in sequence, then after step E
<Sachiru> Run "cat /proc/mdstat"
<iDealz> so replace mdN with md0
<Sachiru> That should show you the progress of the resync
<Sachiru> Yep
<Sachiru> mdN with md0
<iDealz> alright, need to shut the server down real quick to plug in new drive
<Sachiru> Just so you understand, step detaches sda1 from the raid array, step b attaches the new drive
<iDealz> does it need to be formatted in an fashion before step a?
<Sachiru> I mean step b and step c
<Sachiru> No
<Sachiru> No formatting at all
<Sachiru> the resync (step e) will do the format.
<iDealz> okay
<Sachiru> If you format it beforehand you run the risk of breaking the array even further
<iDealz> hmm perhaps sda1 is the SSD
<Sachiru> Wait
<Sachiru> Can you paste in the contents of raid.status
<Sachiru> Here?
<Sachiru> So that I can check?
<iDealz> yes
<Sachiru> Please do
<Sachiru> Did you already do step b? If so, stop
<Sachiru> And paste the contents of raid.status first
<Sachiru> Back in 15 minutes, lunch break
<iDealz> no, havent started on the steps, just hooked up the new drive
<iDealz> I'll be here
<Sachiru> Ok
<Sachiru> Paste the contents of raid.status here via pastebin, while I eat lunch
<iDealz> okay
<iDealz> http://pastebin.com/QSHvXKA6
<Sachiru> Back. Currently reading
<Sachiru> Okay
<Sachiru> Yep, sda is the SSd
<iDealz> ok, to be sure I did "sudo mdadm --examine /dev/sd[abcd]1 >> raid.status"
<Sachiru> So array members are sdb sdc and sdd
<Sachiru> So which disk is the broken one?
<Sachiru> Could you please paste the output of "cat /proc/mdstat"?
<Sachiru> And "mdadm -D /dev/md0"?
<iDealz> this looks like the line that might be important
<iDealz> output was long
<iDealz> md0 : active raid5 sdc1[1] sdd1[3]
<Sachiru> Paste complete output into pastebin please
<Sachiru> Then paste the pastebin link here
<Sachiru> In the future, when I say "paste the output of X here please", I mean "upload the output to pastebin then copy the pastebin link here please"
<iDealz> here is the first one in its entirety
<iDealz> Personalities : [raid6] [raid5] [raid4] [linear] [multipath] [raid0] [raid1] [raid10] md0 : active raid5 sdc1[1] sdd1[3]       3906763776 blocks super 1.2 level 5, 512k chunk, algorithm 2 [3/2] [_UU]
<iDealz> wasnt that long afterall
<Sachiru> Unless the output is just one or two lines
<Sachiru> Ok
<Sachiru> So it appears that sdb is the broken drive
<Sachiru> Am I correct in assuming that the new unbroken drive is already in?
<iDealz> yes
<Sachiru> Ok, please run these commands in sequence: mdadm --manage /dev/md0 -a /dev/sdb1
<Sachiru> Just that command
<Sachiru> What's the output?
<iDealz> here is from mdadm -D /dev/md0
<iDealz> http://pastebin.com/3aSnQ4sV
<iDealz> will do the last one now
<iDealz> mdadm: cannot find /dev/sdb1: No such file or directory
<Sachiru> Could you please paste the output of "ls -l /dev/ | grep sdb"?
<iDealz>  brw-rw---- 1 root          disk      8,  16 Oct  2 00:09 sdb
<Sachiru> Ok, please run this command: mdadm --manage /dev/md0 -a /dev/sdb1
<Sachiru> Sorry
<Sachiru> Remove the 1, should be /dev/sdb
<Sachiru> Is the command done?
<iDealz> mdadm: added /dev/sdb
<iDealz> was the output
<Sachiru> Ok
<Sachiru> Please run the following commands in sequence
<iDealz> ok
<Sachiru> sudo mdadm --stop /dev/md0
<Sachiru> sudo mdadm --assemble --run --force --update=resync /dev/md0 /dev/sdb /dev/sdc1 /dev/sdd1
<Sachiru> Then paste the output here
<iDealz> problem with first command
<iDealz> mdadm: Cannot get exclusive access to /dev/md0:Perhaps a running process, mounted filesystem or active volume group?
<Sachiru> Ah.
<Sachiru> Could you unmount it first please?
<iDealz> how do I unmount?
<Sachiru> Is it actively in use?
<Sachiru> Stop everything that uses it first
<iDealz> ahh it is in use
<iDealz> so programs like sabnzb I need to stop prior to unmount?
<Sachiru> Before stopping? Yes
<Sachiru> You're not supposed to resync/reassemble a linux-raid drive while it is in use.
<Sachiru> That's why I like ZFS so much
<iDealz> hmm
<iDealz> so I have a number of programs that start on boot
<iDealz> I believe they all reside on the SSD and some write to the array
<Sachiru> Could you please paste the output of "cat /proc/mdstat"?
<Sachiru> And "mdadm --misc --detail /dev/md0"
<iDealz>  Personalities : [raid6] [raid5] [raid4] [linear] [multipath] [raid0] [raid1] [raid10] md0 : active raid5 sdb[4] sdc1[1] sdd1[3]       3906763776 blocks super 1.2 level 5, 512k chunk, algorithm 2 [3/2] [_UU]       [>....................]  recovery =  3.6% (70843128/1953381888) finish=325.1min speed=96500K/sec  unused devices: <none>
<iDealz> http://pastebin.com/vLC5pMy0
<iDealz> I'm somewhat at a loss on how to stop the programs though... sabnzbd was running and I paused it through its web portal
<Sachiru> Ah good
<Sachiru> No need to stop the programs
<Sachiru> It's starting to do the rebuild
<iDealz> okay
<Sachiru> It should be done in about 5 to 6 hours
<iDealz> thats it?
<Sachiru> Congratulations, you just fixed your first degraded RAID array!
<iDealz> LOL you just fixed my degraded RAID array.  Thank you so very much Sachiru
<Sachiru> No problem
<Sachiru> One last recommendation
<iDealz> yes?
<Sachiru> After 24 hours and during times of low to no usage
<Sachiru> run a scrub on the array
<Sachiru> To fully check the data on all drives
<Sachiru> Just to be sure.
<iDealz> is running a scrub fairly simple?
<Sachiru> Yes
<iDealz> I'm sure I can google and find the commands I dont want to take up any more of your time
<Sachiru> It's simply a matter of running "echo check > /sys/block/md0/md/sync_action"
<Sachiru> It will be quite I/O intensive however and you should expect some slowdown while running the scrub, so schedule it for off-peak hours
<Sachiru> It should also take around 5-6 hours to complete.
<iDealz> okay, will start it before bed
<Sachiru> If you're in the middle of a scrub and need to abort it, run "echo idle > /sys/block/md0/md/sync_action"
<Sachiru> After running the scrub you can do "cat /sys/block/md0/md/mismatch_cnt". That should show how many errors were detected and fixed by the scrub
<Sachiru> Have fun with your server! I accept paypal.
<iDealz> Thanks again Sachiru! and while you were likely kidding would be more than happy to paypal you a little token for your time
<Sachiru> Nah it's cool
<iDealz> LINUX guru and a standup guy
<iDealz> thanks!
<iDealz> now for sleep
<JanC> send him a postcard  ;)
 * JanC remembers back in the late 1980s / early 1990s some software was distributed as "postcardware"; you had to send the author a postcard of your town/area to be licensed to use it  :p
<JanC> (I bet most users didn't, but the author still got a huge postcard collection)
<ApplesInArrays1> That sounds pretty cool
<lordievader> Good morning.
<eagles0513875> hey all
<eagles0513875> lordievader: hey
<schrodinger> lo I'm looking for help with Landscape alerts. I looked at a landscape server today and it had a misconfigured MTA. The mailq was 0 but fixing the MTA caused >1000 emails to be sent to a ticketing system. It just never seemed to run out of steam. Everytime the MTA is started Landscape just keeps sending piles of emails all alerting the same thing.
<schrodinger> Is this expected or is there an alerts queue I could acknowledge or clear in Landscape?
<Rovanion> When trying to install jenkins with apt-get I get the response that there is no candidate for that package. Is it not packaged for 14.04?
<pmatulis> morning
<rbasak> Rovanion: yes, it looks like jenkins was packaged in 12.04 only.
<coreycb> zul, jamespage: heat's out and I'm starting on it
<zul> coreycb:  cinder is out as well
<coreycb> zul, k
<coreycb> zul, cinder is done, jamespage did that
<zul> coreycb:  k
<zul> coreycb/jamespage: the tools/config/generate_config works ok?
<coreycb> zul, yep, seems to
<Valduare> hows it going guys
<Valduare> shellshock a problem ?
<rbasak> Valduare: all the updates were promptly released by the security team. I'm not aware of any issue.
<Valduare> ok
<coreycb> jamespage, were you doing anything with  getting a newer version of python-eventlet?
<jamespage> coreycb, I was trying to avoid doing that - the diff is 25k for the 0.13 -> 0.15.2
<coreycb> jamespage, ah right I recall you saying that
<jdstrand> Valduare: just apply your security updates like normal
<Valduare> ok
<Valduare> I also use some smoothwall virt routers
<Valduare> but no patch on them yetâ¦.
<Valduare> what does that mean for me
<coreycb> jamespage, heat wants hacking>=0.8.0,<0.9 and 0.9.2 is in utopic
<coreycb> zul ^
<zul> coreycb: patch the test-requirements.txt then
<coreycb> zul, ok
<coreycb> zul, jamespage: heat is ready for review juno https://code.launchpad.net/~corey.bryant/heat/2014.2-rc1/+merge/236912
<zul> coreycb:  you have merge conflicts
<coreycb> zul, doh, fixing
<jamespage> coreycb, retarget that to /juno methings
<coreycb> zul, this should be better- https://code.launchpad.net/~corey.bryant/heat/2014.2-rc1/+merge/236916
<zul> coreycb: + libpython2.7-stdlib ??
<coreycb> zul, that's for argparse
<zul> oh no you dont want argparse
<zul> doko will shoot you
<coreycb> zul, heh -- ok
<coreycb> zul, heat's ready for re-review
<zul> coreycb:  k
<derfdref2> Am I wrong in thinking that if bridge_stp is off in an /etc/networking/interfaces bridge stanza, there's no point in having _fd, _hello, _maxage etc. lines?
<WodgeyD> Please help with a RAID issue (this is not an unubtu question but I am running Server 14.04)
<WodgeyD> I have 4 ssd's in my server connected to 2 x 2port raid cards. I am 90% sure that I have set BOTH raid cards to see their 2 drives as a striped array, however my server see's 1 array and 2 separate drives.
<WodgeyD> <<<--- PICNIC
<Phibs> anyone runningt trusty using the official postgres apt repo?
<CodeVent> When I boot my local server i am greeted with this message.  Incrementally starting RAID arrays  mdadm: CREATE user root not found  mdadm: CREATE group disk not found  Incrementally started RAID arrays. I have booted on live Debian mounted the raid insured it is still working and it is. Tried installing grub over again but it is missing the partition  table so it never installs. What should I do. There are 5 hdd in raid0 on
<voidstar> CodeVent: if it doesnt have a partition table, you need to give it one
<voidstar> assuming there isn't one already there that is broken
<voidstar> CodeVent: man fdisk
<CodeVent> what happens to the old data or old table?
<voidstar> 100% data loss
<voidstar> for the data and table
<CodeVent> forgive my ignorance, if i can mount the raid, why do i need a new table?
<voidstar> with the live image correct?
<CodeVent> yes
<voidstar> and I assume you attempted the grub install with that right?
<CodeVent> yes, it could not find the superblock? i can boot up shortly and say exactly whats wrong in a min
<voidstar> that information would be useful
<ApplesInArrays1> Simplest way to mitigate denial-of-service attacks? Like AB?
<sarnold> ApplesInArrays1: ask your ISP to block worst offenders at ingress and talk with packet sources to get them squelched
<ApplesInArrays1> Sure
<ApplesInArrays1> Here's another one:
<ApplesInArrays1> Sometimes my MySQL goes offline and I have to login to restart it. Best way to deal with it?
<sarnold> anything in the logs say why it failed?
<ApplesInArrays1> SegFault
<sarnold> interesting; check dmesg for other segfaults, disk errors, etc
<ApplesInArrays1> it has also failed due to AB testing before
<sarnold> does it die on specific tasks?
<ApplesInArrays1> for the segfault, I couldn't figure out why and I investigated
<ApplesInArrays1> I tried to reproduce it, but couldn't
<ApplesInArrays1> I had someone else look at the logs, they couldn't tell either.
<ApplesInArrays1> Anyways, i'm interested in a way of having mysql 'revive' by itself.
<sarnold> dang :/
<sarnold> maybe install mcelog, you might find mahcine check exceptions getting logged..
<ApplesInArrays1> It might be a band-aid, but it'd help out immensely with what I"m doing right now
<sarnold> maybe run memtest86+ or other memory stressors...
<ApplesInArrays1> i'm interested in a way of having mysql 'revive' by itself.
<sarnold> ApplesInArrays1: yeah, makes sense, that might even make it easier to track down what specifically killed it
<ApplesInArrays1> Alright, I can shut it down by AB testing with another machine.
<ApplesInArrays1> and being offline until I wake up and figuring out what's wrong isn't really the best.
<ApplesInArrays1> Is there a way to revive MySQL if it's not running?
<sarnold> ApplesInArrays1: this is where service monitoring systems like runit can help, but you could script together something like a "while true ; do sleep 10 ; service mysql status | something && /etc/init.d/mysql restart  ; done
<ApplesInArrays1> Sounds like a script is the way to go. thanks
<sarnold> good luck :)
<ApplesInArrays1> while true; do sleep 60; service mysql status | service mysql restart
<ApplesInArrays1> ; . Would that work?
<ApplesInArrays1> service mysql status returns "mysql stop/waiting'
<sarnold> ApplesInArrays1: no, you need to inspect the output of service mysql status to see if it is still running or dead; or, if the service mysql status output doesn't know when it dies, find something better for determining when mysql is alive or dead. (nagios is likely to have a mysql monitoring script available that you can steal)
<ApplesInArrays1> mysql start/running, process 1104 = on. mysql stop/waiting = off
<ApplesInArrays1> Ahh, I see
<sarnold> .. just so long as it always -knows- when mysql has unexpectedly died. it probably does, but that might not always have been true..
<CodeVent> voidstar:
<CodeVent>  root@debian:/# grub-install /dev/md128
<CodeVent> Installing for i386-pc platform.
<CodeVent> grub-install: warning: File system `ext2' doesn't support embedding.
<CodeVent> grub-install: warning: Embedding is not possible.  GRUB can only be installed in this setup by using blocklists.  However, blocklists are UNRELIABLE and their use is discouraged..
<CodeVent> grub-install: error: will not proceed with blocklists.
<ApplesInArrays1> How would I go about sending 'service mysql start' every 5 minutes through bash?
<sarnold> ApplesInArrays1: if it came to that, /etc/crontab
<clepto> im having issues with my samba setup on my headless file server. i had to change routers and now samba isnt working. nothing changed other then the hardware of the router. the configs are the same, heck even the internal ip's are the same. i have a pastebin of the testparm command could anyone help me figure out this issue? http://pastebin.com/v8D7wsx3
<ApplesInArrays1> I just typed that, now I'm stuck
<ApplesInArrays1> user:root@scrapy2:/etc# crontab
<voidstar> CodeVent: http://askubuntu.com/questions/420778/i-need-step-by-step-guidence-to-recover-grub
<voidstar> first result on google
<voidstar> my search query was "ext2 ubuntu error: will not proceed with blocklists"
<sarnold> ApplesInArrays1: try ^C
<sarnold> ApplesInArrays1: if that doesn't work, try ^D
<CodeVent> yes, I have followed this too
<ApplesInArrays1> ^C works for some reason. Strange.
<voidstar> what is the output of fsck of that device?
<sarnold> ApplesInArrays1: good good :) first, run "man 5 crontab", and then edit your /etc/crontab file :) hehe
<ApplesInArrays1> */15 * * * * /bin/bash /etc/cron.d/clear-mixtape-dir.shÂ 
<ApplesInArrays1> I can follow this template.
<ApplesInArrays1> I'd save "service mysql start" in file (/etc/cron.d/clear-mixtape-dir.shÂ )
<sarnold> oh, /etc/cron.d/ looks handy
<CodeVent> WARNING: Re-reading the partition table failed with error 22: Invalid argument. The kernel still uses the old table. The new table will be used at the next reboot or after you run partprobe(8) or kpartx(8)  Syncing disks.
<sarnold> do that instead, yes :) ignore /etc/crontab
<CodeVent> when I reboot same error.
<ApplesInArrays1> I also have a directory i should clear out every day
<ApplesInArrays1> /var/web/html/img
<ApplesInArrays1> i could use bash to clean out that folder once a day, yeah?
<sarnold> ApplesInArrays1: yeah
#ubuntu-server 2014-10-03
<CodeVent> when using parted rescue command if you want to start at the beginning but dont know what number the end it what should be inputted
<ayr-ton> About this architecture: http://www.ubuntu.com/cloud/openstack/reference-architecture
<ayr-ton> Is okay to deploy maas under a hypervisor?
<ayr-ton> Like in hyper 1?
<Cloudka82> Okay so, I'm now trying to install Open-VPN Server on Ubuntu server 12.04. The issue is, i go to 'source vars' I then run sudo ./clean-all and then it tells me I must source var first
<Cloudka82> any ideas anybody :O
<Cloudka82> heh
<sarnold> Cloudka82: are you compiling from source or somehting? why not "apt-get install openvpn"?
<Cloudka82> hmmm well
<Cloudka82> https://help.ubuntu.com/12.04/serverguide/openvpn.html
<Cloudka82> that's the guide I'm following
<Cloudka82> I'm now at the var ./clean-all ./build-ca phase
<sarnold> Cloudka82: ah! good. Then I made incorrect assumptions :)
<sarnold> Cloudka82: did you edit the /etc/openvpn/easy-rsa/vars file?
<Cloudka82> Well, I added a few things.
<Cloudka82> But, I'm unsure whether or not I have to edit anything in particular
<Cloudka82> also
<Cloudka82> could it be that i'm trying to clean all as sudo?
<sarnold> Cloudka82: ah, could be
<Cloudka82> I'm forced to do this since I get tons of permission denied errors if i don't
<sarnold> Cloudka82: run "sudo -s" and do all these operations in the resulting shell
<Cloudka82> kk 1 sec
<sarnold> Cloudka82: "source vars" will read the file, execute it -- in this case, setting environment variables
<sarnold> Cloudka82: 'sudo' trims a ton of variables -- or throws away all but a few variables, I forget -- so they might not be set on the next 'sudo ...' execution if you're putting 'sudo' in front of everything
<Cloudka82> so if i run sudo -s, will that force everything in the current directory to run as sudo?
<Cloudka82> and sorry, I'm a complete rookie XD Been using linux for roughly 4-5 months
<sarnold> ah welcome aboard :)
<Cloudka82> thank you, I'm making the switch from the Windows world
<Cloudka82> I'm a jr sys admin
<sarnold> in the default configuration, the shell prompt will show you -- # for root, $ for usre
<Cloudka82> OMG it worked
<Cloudka82> i love you
<sarnold> <3
<Cloudka82> <3
<Cloudka82> sarnold: would you advise debian server or ubuntu server for a linux rookie that wants to change his career path from windows to linux
<Cloudka82> ;O
<Cloudka82> I know a lot of people have been saying they're completely different, but i don't feel that they are as far as commands and paths go
<Cloudka82> it kinda feels the same to me
<sarnold> Cloudka82: either; both. :)
<Cloudka82> ok :)
<sarnold> Cloudka82: debian and ubuntu are more similar than different, especially in the larger ecosystem of e.g. centos, suse, gentoo, arch, and less-related BSDs, illumos, etc...
<Cloudka82> Ic ;O
<Cloudka82> Sorry, was eating dinner
<Cloudka82> Very interesting, sarnold
<Cloudka82> Question: So I successfully installed OpenVPN server on my ubuntu 12.04 server. I know understand that I must take, ca.key client.key client.ca and use those on the client's end that would like to connect to my server
<Cloudka82> However, my client is using windows and it is looking for an .opvn extension in windows
<Cloudka82> nvm figured it out
<Cloudka82> thanks
<Thatrandomfrogsi> Hey guys got an issue and was hoping I could get some help. Im getting a 552 (disk usage error) when trying to upload to my server (14.04). The disk is not full however. Any ideas on how i could fix this?
<wmp> hello, kernel on ubuntu 14.04 havent ta module? I dont understand why i have tun0 without tun module
<lordievader> Good morning.
<ruben23> hi guys any help..Enter your Mysql PATH: (default: /usr/bin/mysql)Defautl press Enter   <----------- this install si for centos, but for ubuntu what shoudl be the PATH the same..?
<lordievader> ruben23: The server or the client?
<lordievader> ruben23: Client is in the same directory, /usr/bin/mysql
<ruben23> the server
<ruben23> im installing in teh server
<CrypticSquared> maybe learn to use `which` or `find` ?
<ruben23> yes i did..im just worreid if /usr/bin/mysql is centos mysql client also..?
<lordievader> ruben23: I think so.
<lordievader> ruben23: /usr/sbin/mysqld seems to be the server.
<ruben23> so if mysql only its client..?
<ruben23> /usr/bin/mysql <--- this is client only
<CrypticSquared> what does `man mysql` and `man mysqld` say?
<lordievader> ^
<Aison> after booting my machine, the network device eth3 is up as described in network/interfaces
<Aison> but somehow I can't control it with ifup/ifdown
<Aison> the device is up (can show it by ip link or ifconfig)
<Aison> but ifdown: interface eth3 not configured
<Aison> strange....
<viktor89> My problem is i did an "apt-get install sendmail" on a server running plesk admin panel. Now my admin panel has no mail settings anymore :( I'm an idiot, I know :(
<pmatulis> morning
<jamespage> coreycb, oh joy I just realized websockify is not in main
<jamespage> (and I added it to the nova BD's for rc1)
<jamespage> arrrgggghhhh!
<syspanic> hi, i'm running ubuntu server 13.10 with zentyal small business server on top of it and I can access it via lan with ssh. The problem is when i authenticate via ssh it says permission denied on /home/mymainuser 's home dir. I sudo su and then I've even tried to set chmod 777 perms but when i tried to login with myuser it also said "permission denie
<syspanic> d" (plz help - desperate guy here! :S)
<coreycb> jamespage, ah great
<soren> syspanic: First of all, Ubuntu 13.10 is no longer supported. No security updates (including recent bash vulnerabilities, for instance).
<soren> syspanic: Second of all, you've probably lost the execute bit on /, /home, and/or /home/mymainuser.
<soren> syspanic:  Share the output of: ls -ld / /home /home/mymainuser
<syspanic> drwxr-xr-x  22 root    root      4096 Jul 30 19:48 /
<syspanic> drwxrwx---+ 36 root    __USERS__ 4096 Jul 25 10:46 /home
<syspanic> drwx--x---  18 deepzen deepzen   4096 Oct  3 13:25 /home/deepzen
<soren> syspanic: "groups deepzen" (as root)
<soren> syspanic: And then "getfacl /home" (again as root)
<syspanic> deepzen : deepzen adm cdrom sudo dip plugdev lpadmin sambashare fuse
<soren> Getting warmer.
<syspanic> # file: home
<syspanic> # owner: root
<syspanic> # group: __USERS__
<syspanic> user::rwx
<syspanic> user:ebox:rwx
<syspanic> user:nobody:r-x
<syspanic> group::rwx
<soren> deepzen has no execute rights on /home (unless granted via ACL's, which getfacl will tell us)
<syspanic> mask::rwx
<syspanic> other::---
<soren> Yup, there's your problem.
<soren> With no execute privs, you can't reference anything in the directory.
<soren> "sudo chmod o+x /home" and you're done.
<syspanic> chmod o??
<soren> others.
<syspanic> ah ok
<soren> I.e. not the owner, not the group. Everyone else.
<soren> (owner would be "u", intuitively)
<soren> All better?
<syspanic> yeah i just didnt recognize it cause i always use octal syntax
<soren> Try not to do that.
<syspanic> Yup!! thnx i was so paniced and i couldn't realize one simple thing....
<soren> No no, I mean try not to use octal.
<syspanic> y not?
<soren> Far too often have I seen people remove execute bits from directories or add them to files where they don't belong, etc.
<syspanic> ah ok
<soren> If you use [uog][+-=][rwxs] you know exactly what you're setting and unsetting.
<soren> Well...
<soren> If you use [uog][+-][rwxs] you know exactly what you're setting and unsetting, rather.
<soren> = has pretty much the same problems.
<syspanic> hmmm i see, propably i should change some Î·Î±Î²Î²Î¹ÏÏ
<syspanic> habbits**
<soren> *blink*
<soren> What was that? :)
<syspanic> greek :P
<soren> Oh :)
<soren> Of course.
<syspanic> i just wanted to write habits but i was switched to greek....
<soren> Happens all the time.
<coreycb> jamespage, know of a debian/rules target that runs before patches are applied?
<syspanic> can i dist-upgrade ubuntu 13.10 to 14.04 LTS ? Is it wise to do it with all these services running ?
<jamespage> coreycb, no such thing
<jamespage> atleast I don't think so
<jamespage> coreycb, what's your problem?
<coreycb> jamespage, bash tools/config/generate_sample.sh -b . -p ceilometer -o etc/ceilometer
<soren> syspanic: It's not wise to stay with 13.10, that's for sure.
<coreycb> jamespage, ^ we have patches that patch the conf file and it's not there when patches are applied
<coreycb> so I need to generate the conf file before patches
<syspanic> syspanic: i mean... is it safe or what's the possibility of failure after dis-upgrade ?
<soren> syspanic: Depends on what you have running, really.
<soren> syspanic: There are no guarantees.
<soren> syspanic: Well, I guarantee there won't be more security updates, but that's probably not very helpful.
<syspanic> soren: it's all in one super duper mega server :SSSSS openldap, smb4, dns, squid
<syspanic> well the good thing is that is running on kvm
<frobware> hi - is it possible to prevent apt-get update past a certain date?  I think /something/ has broken in my install and I like to reinstall, but only with those packages that were available ~3 weeks ago.
<cfhowlett> frobware, never seen it done, but there's got to be a way ... if no answer here, ask ##linux
<frobware> cfhowlett: ok, thanks, will trying downgrading particular packages (e.g., qemu-system) first.
<coreycb> jamespage, zul: heat is ready for review - https://code.launchpad.net/~corey.bryant/heat/2014.2-rc1
<coreycb> jamespage, zul: ceilometer updates are also ready for review - https://code.launchpad.net/~corey.bryant/ceilometer/2014.2-rc1-2/+merge/236964
<patdk-wk> I don't think that is possible
<patdk-wk> normally older packages are replaced
<patdk-wk> or maybe that is just a mirroring thing
<coreycb> jamespage, zul: neutron is ready for review - https://code.launchpad.net/~corey.bryant/neutron/2014.1.3/+merge/237079
<coreycb> jamespage, zul: ceilometer is ready for review - https://code.launchpad.net/~corey.bryant/ceilometer/2014.1.3/+merge/237085
<coreycb> jamespage, zul: cinder is ready for review - https://code.launchpad.net/~corey.bryant/cinder/2014.1.3/+merge/237087
<coreycb> jamespage, zul: horizon is ready for review - https://code.launchpad.net/~corey.bryant/horizon/2014.1.3/+merge/237088
<coreycb> jamespage, zul: glance is ready for review - https://code.launchpad.net/~corey.bryant/glance/2014.1.3/+merge/237090
<Chrisfu> Anybody got working experience with Ubuntu OpenStack, particularly the Orange Box? Trying to replicate an Orange Box-like environment to PoC OpenStack, and I've found myself stuck in a chicken-and-egg scenario.
<Chrisfu> Any pointers would be most appreciated.
<tatie> hello what is the basic difference between snapshot raid and hardware raid 1
<tatie> what is are the weaknesses of snapraid
<tatie> snapraid, not snapshot raid
<tatie> anyone knows?
<tatie> why would snapraid be better (if it is better)?
<patdk-wk> !best
<patdk-wk> !poll
 * patdk-wk blames the bot
<jpds> tatie: http://snapraid.sourceforge.net/faq.html#diffraid
<tatie> ok but why would it not be good?
<jamespage> coreycb, ok I have 48 minutes to get the last few rc1's in for juno
<jamespage> coreycb, you did heat and ceilometer right?
<coreycb> jamespage, yep
<coreycb> jamespage, ok want me to time you? :)
<coreycb> jamespage, I'll have time this afternoon to do some juno work too
<jpds> tatie: Your data doesn't get copied in time?
<coreycb> jamespage, zul: keystone is ready for review - https://code.launchpad.net/~corey.bryant/keystone/2014.1.3/+merge/237097
<tatie> no we are just figuring out what to setup RAID 1 or SnapRaid
<jpds> tatie: You asked why it wouldn't be good.
<jamespage> coreycb,
<jamespage>     cp debian/ceilometer.conf.sample etc/ceilometer/ceilometer.conf
<jamespage>  
<jamespage> ?
<jpds> tatie: One reason why I think snapraid wouldn't be good is that if your main drive fails and you lose some data because it wasn't copied across in time.
<jamespage> that just overrwrites the version you just generated I think
<coreycb> jamespage, oh...
<jpds> tatie: The proper answer to your question is this though:
<coreycb> jamespage, I'll fix it and test it
<jpds> tatie: Try both, and decide which one's best for your use case after experimenting.
<tatie> :-)
<coreycb> jamespage, that should be correct as is.  the generated file is ceilometer.conf.sample
<jamespage> coreycb, yeah but the install file installs:
<jamespage> etc/ceilometer/ceilometer.conf etc/ceilometer
<jamespage> so why are we bothering to generate one?
<coreycb> jamespage,  we generate ceilometer.conf.sample and copy it to  etc/ceilometer/ceilometer.conf
<jamespage> coreycb, I must be missing something - I can't see that copy step
<coreycb> jamespage, I think it's correct, but I'm going to install it and see
<jamespage> coreycb, I'm not getting the ceilometer.conf.sample in debian folder thing
<coreycb> jamespage, oh yeah that cp is wrong, sorry
<coreycb> should be copying from etc/
<coreycb> jamespage, so do we want to use the generated one in etc/ or the static one from debian/ ?
<jamespage> coreycb, generated I should think
<coreycb> jamespage, yeah
<jamespage> coreycb, hmm
<coreycb> jamespage, I pushed a new ceilometer
<Zune> hey anyone good at observium? i have a basic n00b question
<pmatulis> !ask | Zune
<ubottu> Zune: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<SweetLips> hi
<jamespage> zul, jdstrand: have we tried to MIR websockify before?
<zul> jamespage:  long time ago i think
<jdstrand> not to my knowledge. sarnold? ^
<jdstrand> ah yes
<jdstrand> https://bugs.launchpad.net/ubuntu/+source/websockify/+bug/1108935
<uvirtbot> Launchpad bug 1108935 in websockify "[MIR] websockify" [High,New]
<SweetLips> hi, can i ask something about ubuntu here ?
<jamespage> zul, jdstrand: https://bugs.launchpad.net/ubuntu/+source/websockify/+bug/1108935
<uvirtbot> Launchpad bug 1108935 in websockify "[MIR] websockify" [High,New]
<jamespage> ressurected...
<genii> SweetLips: If it's to do with Ubuntu Server or other server-type things in Ubuntu
<SweetLips> genii : oh okay
<genii> SweetLips: If it's to do with regular Ubuntu instead, please use the #ubuntu channel
<SweetLips> genii : thank you
<genii> SweetLips: You're welcome.
<jamespage> coreycb, if you can polish up your heat and ceilometer juno rc1's, I'll sort them out first thing monday
<jamespage> coreycb, most other rc1's are in the queue now
<jamespage> zul, any ideas - https://launchpadlibrarian.net/186474578/buildlog_ubuntu-utopic-i386.openstack-trove_2014.2~rc1-0ubuntu1~ubuntu14.10.1~ppa2_FAILEDTOBUILD.txt.gz
<zul> jamespage:  nope
<jamespage> zul, any chance you could take a look - I need to eod
<jamespage> zul, the rest of the rc1 is here  - lp:~james-page/trove/juno-rc1
<zul> jamespage:  sure
<jamespage> zul, ta - resolution of that means 100% test success!
<zul> jamespage:  sweet
<coreycb> zul, jamespage: nova is ready for review - https://code.launchpad.net/~corey.bryant/nova/2014.1.3/+merge/237127
<zul> coreycb:  they built all fine?
<coreycb> zul, um, yeah
<zul> coreycb:  are you sure? :)
<coreycb> zul, ok what's failing
<zul> coreycb:  nothing im just asking
<coreycb> zul, ok
<Cloudka82> omg I found it
<Cloudka82> Guys !!1
<Cloudka82> Installing OpenVPN server on Ubuntu 12.04 server. During the last phase, I go to start OpenVPN's services by issuing /etc/init.d/openvpn start and recieve the following error, "SIOCSIFADDR: No Such Device: ERROR while getting interface flags: No such device
<Cloudka82> Halp :(
<sarnold> welcome back Cloudka82 :) check the log files.. sounds like an error from earlier in the process might have been overlooked..
<Cloudka82> LOL
<Cloudka82> kk
<Cloudka82> openvpn-status.log doesn't contain anything
<Cloudka82> perhaps I must enable logging first?
<Cloudka82> nvm found the lo
<Cloudka82> g
<smoser> hallyn, or stgraber is lxc mounting /run for me when i boot an ubuntu cloud image ?
<stgraber> smoser: I don't believe so
<smoser> i didn't think so either.
<stgraber> lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
<stgraber> lxc.mount.entry = sysfs sys sysfs defaults 0 0
<stgraber> lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0
<stgraber> lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0
<stgraber> lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0
<stgraber> lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0
<stgraber> that's what we mount for Ubuntu containers, the rest we let mountall deal with
<andreagi> ciao
<andreagi> !list
<ubottu> andreagi: No warez here! This is not a file sharing channel (or network); read the channel topic. If you're looking for information about me, type Â« /msg ubottu !bot Â». If you're looking for a channel, see Â« /msg ubottu !alis Â».
<Aison0> I would like to install cacti, but why is also mysql-server installed?
<Aison0> mysql-client should be enough, not?
<tgm4883> is there a global option in fail2ban to set the <sender> email address? currently it defaults to fail2ban@<DOMAIN> but that doesn't work for my situation
#ubuntu-server 2014-10-04
<mwhudson> frobware: no, but the lab mustangs being on old firmware means i'm using images with old kernels for the moment
<WodgeyD> Hi everybody. Can anyone help me with DRBL question?
<morenoh150> anyone know how to nuke lvm from my machine?
<morenoh150> just want to reinstall ubuntu without it
<morenoh150> but the install wizard doesn't seem to be able to handle it
<morenoh150> ended up trying 'use entire disk' hopefully it nukes lvm
<Logos01> morenoh150: It should.
<Logos01> If nothing else you can just relable the drive with fdisk.
<morenoh150> yeah I was just hoping I could set up partitions. But when I was on the screen nothing seemed to work for deleting the lvm stuff
<morenoh150> Logos01:
<Logos01> morenoh150: Yeah, if you chose "use whole disk" it will blank out the existing partitions.
<Logos01> But why would you *WANT* to not use LVM?
<morenoh150> it a headache. surprised you like it
<morenoh150> wanted to learn more about it and was told it could help me with my raid config. But it's endless deadends when anything goes wrong
<morenoh150> just gonna do rsync with a cron job to backup my data
<morenoh150> Logos01:
<Logos01> LVM is a vital part of any linux admin's toolkit.
<Logos01> It's also essential to any conventional Linux server setup.
<Logos01> A) It permits online filesystem growth
<Logos01> B) It permits arbitrary names of your block devices.
<morenoh150> okay I reinstalled ubuntu by wiping my first drive. How do I wipe the second from the terminal?
<Logos01> C) It's the core underpinning for almost all clustered storage solutions.
<Logos01> D) It's basically essential to STIG-DISA filesystem architecture compliance.
<Logos01> (Which has to do with adjusting the mount options for various directories of the operating system to ensure least privilege for any given file/event is maintained.)
<Logos01> I would never use it for RAID setups though. *that* is a headache.
<morenoh150> right. and that was the only reason I even explored it
<morenoh150> ah I see fdisk is for formating from the terminal
<Logos01> morenoh150: Yeah, if you just use "use full disk" that'll clear out that disk drive for you.
<Logos01> morenoh150: One caveat to the RAID thing.  If all you're doing is JBOD then yeah I'd use LVM for that.
<morenoh150> Logos01: I even abandoned the raid idea. was told that rsync+cron would do essentially the same thing (data backups)
<Logos01> ... RAID ... for ... backups ...
 * Logos01 sighs
<Logos01> I'm not meaning to be snarky, I apologize.
<morenoh150> well redundancy in my case. I just wanted some buffer against hardware failure. If I backup to the second disk that should be good enough
<Logos01> Oh.
<Logos01> What release of Ubuntu are you using? Also, what application is this for?
<morenoh150> just installed the latest desktop version. It my home server that I expose a personal web apps and irc bots
<morenoh150> plus I want to use it as a samba server to backup my laptop data
<Logos01> Latest meaning 14.10
<morenoh150> err no 14.04.1
<morenoh150> close enough
<cfhowlett_> Logos01, 14.10 is beta.  you break it, you fix it.
<Logos01> cfhowlett_: I'm not even on 14.04 everywhere yet.
<cfhowlett_> Logos01, PLUS: 9 month support cycle.  14.04 has 5 years ...
<cfhowlett_> Logos01, noted
<Logos01> cfhowlett_: He said "latest desktop version". I was getting clarification as to what he meant.
<morenoh150> exploring docker too
<cfhowlett_> :)
<Logos01> cfhowlett_: Yeah, my first Ubuntu version was 7.04.
<Logos01> Wasn't my first *linux* version.
<cfhowlett_> Logos01, so ubuntu ... so brown ... so circle of friends ...
<Logos01> The way it was meant to be.
<Logos01> morenoh150: So yeah, for your purposes may I suggest using a server build instead?
<Logos01> morenoh150: Suppelementally -- you're going to go through a lot of headache as you learn the mentality and thinking behind the tools used and how they work.
<Logos01> morenoh150: But it's worth the headache.
<Logos01> (With regards to LVM and so on)
<Logos01> ... also, if you're ready for a REAL headache you could always go ZFSonLinux as rootfs.
<Logos01> <_<
 * Logos01 may and or may do that on all the things.
<lordievader> Good morning.
<strixUK> last january, i tried to set up ubuntu 13.10 on a box with root on LVM on md RAID1.  it installed okay, but wouldn't boot, apparently because 'vgchange -a' got invoked before the md devices were ready.  hacking the udev scripts to add a 'sleep 1' before the 'vgchange -a' solved the problem, but it's an awfully hackish solution (and not one likely to survive a kernel upgrade unless i mess with initramfs-tools)
<strixUK> yesterday, i completely reinstalled with ubuntu 14.04.1, and much the same problem happened.  it expressed slightly differently (same error from the lvm mapper, followed by 'no such user root/group disk' from mdadm.  (there was also some odd message at boot from grub about diskfilter writes, but it didn't seem to actually be a problem)
<strixUK> is there a better solution than adding 'sleep's into udev scripts?
<strixUK> should i perhaps file a bug with canonical?
<jrwren> strixUK: definitely file a bug in launchpad. I wish you had last January.
<strixUK> jrwren: okay, i'll work on it.  yes, i should have filed a bug, but things got busy with other server work.
<strixUK> (and this box is a toy for me to learn about xen)
<jrwren> strixUK: I hear ya :)
<phix> hi, what are some webmin alternatives?
<ikonia> a google search will show some
<ikonia> then you can see if they have packages supported by ubuntu
<ikonia> make sure you check the support status of the repos they come from
<phix> I see
<pmatulis> phix: investigate zentyal, either the ISO or its individual packages
<aandy> hi guys. any easy way to make a pc speaker BEEP? i have a cronjob which, under a condition, should beep/alert
<DigiAngel> Afternoon all
<DigiAngel> Anyone up and alive?
<DigiAngel> Really need some help...production server died, trying to get dev box up
<DigiAngel> Wow
<teward> DigiAngel: patience.
<teward> DigiAngel: you also haven't made any actual questions.
<teward> other than "anyone here"?
<teward> the better thing to do is to actually ask your REAL question
<DigiAngel> Ok
<DigiAngel> So
<DigiAngel> Postfix and dovecot were working great with 12
<DigiAngel> After upgrade
<DigiAngel> Postfix says the mail was delivered, but dovecot says no messages
<DigiAngel> If I set /etc/dovecot/conf.d/10-mail.conf to use mail_location = maildir:~/Maildir
<DigiAngel> Dovecot segfaults Oct  4 13:25:01 gateway kernel: [18495.299750] pop3[18142]: segfault at 30 ip b77107f4 sp bfb528dc error 4 in libdovecot-storage.so.0.0.0[b764f000+10c000]
<hackeron> hey, is there a command to check how much ram is being used by the kernel for the network receive/transmit buffers?
<qman__> I'm having some trouble setting up an ubuntu server as a domain member (samba 4), I followed this: https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
<qman__> I got everything set up, wbinfo -u and wbinfo -g work, but id, getent don't
<qman__> I installed libnss-winbind and libpam-winbind, and configured nsswitch.conf, but that doesn't seem to work for some reason
<qman__> figured it out, needed backend = rid instead of backend = ad in the smb.conf
<phix> pmatulis: cheers
<phix> pmatulis: hmmm it is a distro, I am after an app for Ubuntu
<No_one_at_all> Hi, I have a question. We're running an ubuntu server with several large mysql DBs, and we're migrating to a new server. The new server has 32 GB of RAM (same as the old). I'm partitioning the drive right now, and I'm not sure how much swap space to give it. The old one had a 20GB (!) partition, but is currently using 4MB of that.
<No_one_at_all> What size should I use? I've researched it slightly, but I'm seeing conflicting stuff.
<ikonia> No_one_at_all: no more than 4GB
<ikonia> No_one_at_all: base it on how your machine is setup and the legacy use from the old machine
<No_one_at_all> ikonia: ok. I don't recall ever seeing it use even 1GB, but I haven't really been keeping tabs
#ubuntu-server 2014-10-05
<Jeeves_Moss> I think that after upgrading Bind9 through the Ubuntu repos, it's broken something.  what would cause the server not to report when pinging a domain?  Some of the domains work, some do not.  All the configs are copied from known working ones
<droidbuster> I was upgrading my server from 10 whatever to 12.04 and somehow when i read the details on a version to replace i didnt exit the changelog in text editor. so i accidently exited the upgrade midway through. i am only able to login to recovery and all the commands i have tried result in telling me i need to run sudo dpkg --configure -a
<droidbuster>  however i get an error dpkg error unable to access dpkg status area Read only... wtf
<Joe_Spencer> hello
<Sachiru> Yes?
<lordievader> Good morning.
<Joe_Spencer> morning
<ApplesInArrays> I have a few extra computers here and I'm thinking of installing Ubuntu Server Edition 14.04LTS to one of them via USB
<ApplesInArrays> I keep getting "Boot Error' after selecting the USB, though.
<lordievader> ApplesInArrays: How did you create the live-usb?
<ApplesInArrays> Universal USB Installer
<ApplesInArrays> The USB works on the machine I'm using now, but not another one.
<lordievader> Does it happen to be a UEFI machine?
<ApplesInArrays> Let me see how I check
<ApplesInArrays> I remember seeing EFI files when I ooted it on this computer.
<ApplesInArrays> It has a BIOS
<lordievader> Hmm, try recreating the live-usb with unetbootin. That program usually works ;)
<ApplesInArrays> I have that too
<ApplesInArrays> I'll try again.
<ApplesInArrays> I tried with ubuntu desktop and it didn't work.
<ApplesInArrays> unetbootin doesn't have Ubuntu 14.04LTS as an option
<lordievader> ApplesInArrays: Doesn't matter, you can give it any iso.
<ApplesInArrays> Great, thanks.
<ApplesInArrays> Also, could I develop with that machine and 'push' updates to my #digitalocean droplet?
<ApplesInArrays> or would I update to it with netBeans, then once I'm happy, push that to my droplet?
<cfhowlett> ApplesInArrays, download 14.04 LTS .iso and then use unetbootin
<ApplesInArrays> I've already tried that
<ApplesInArrays> Boot Error
<ikonia> there must be more detail than "boot error"
<cfhowlett> ApplesInArrays, then your .iso is funky.  you DID md5sum, right?
<ApplesInArrays> There isn't.
<ApplesInArrays> cfhowlett: yes
<ikonia> there is that error coming from
<ikonia> what point in the boot process
<ApplesInArrays> I tell BIOS to boot from USB, it says "Boot Error"
<ApplesInArrays> Then it starts up windows after about 5 seconds.
<ikonia> that suggests there is no boot sector on the usb disk
<ikonia> so it skips it and moves to the next boot option
<ApplesInArrays> I stick it in this machine, and it works.
<ikonia> that looks like a bios error
<ApplesInArrays> I just played around with it for a while.
<cfhowlett> ApplesInArrays, usb's do go bad.  frequently.  md5sum the usb to verify
<ApplesInArrays> I already have
<ApplesInArrays> on the image
<ApplesInArrays> and then I ran it on this machine
<ApplesInArrays> Alright, never mind, I'll figure it out.
<cfhowlett> ApplesInArrays, ?  2 step verification: the .iso AND the usb after you burn the iso
<ApplesInArrays> If it doesn't work on the 1st machine, but works on the 2nd machine, could it be the USB?
<cfhowlett> ApplesInArrays, no if it works at all, it's not the USB causing issues
<ApplesInArrays> That's... what I was getting at.
<cfhowlett> ApplesInArrays, noted.  I missed that detail.  sorry.
<ed8> I got a script run by apache that attempt to chown/chgrp a file but fail
<ed8>  I'm running: chown mast:www-data /var/log/mast/mast-alban.log
<ed8> 'www-data' user is already in 'mast' group â uid=33(www-data) gid=33(www-data) groups=33(www-data),999(mast)
<ikonia> thats nothing to do with changing ownerhip of a file, that's trying to add a user to a group it's already in
<ikonia> is there a user called "mast"
<ed8> ikonia: yep
<ed8> ikonia: the error is on the chown (or chgrp) command
<ikonia> so apache (the user running apache) won't be able to change the owner, as the owner is mast, and apache is not running as the user mast
<ikonia> that error looks very badly wored
<ikonia> worded
<ed8> ikonia: so who can change ownership ? I though being in the source and target group would allow that
<ikonia> no
<ikonia> the owner/super user can change the owner
<lordievader> ed8: Owner and root.
<ed8> ikonia: ok, then how can I create my file with a given ownership ?
<ikonia> how is the file getting created now ?
<ikonia> what is it you're actually trying to do
<ikonia> as having a web server change things on the file system is very very very bad
<lordievader> ikonia: +1
<ed8> ikonia: based on a template file, so using a 'cp template newfile'
<ikonia> ed8: is the webserver doing that or an interactive user
<ed8> ikonia: the webserver invoke a init script like: 'mast status'
<ikonia> that is a very very very bad idea
<ikonia> and not something I'd suggest you do
<ikonia> your webserver should not be controlling your system
<ed8> ikonia: how would you do it then?
<ed8> the project is to create a web interface for a init script
<ikonia> I have no idea what you are doing/why you are doing what you are doing, so it's impossible to say
<ikonia> thats a bad project and not something I'm interested in
<ed8> ikonia: what do you suggest to improve security ?
<ikonia> not using a web interface
<ed8> ikonia: as that's the goal of the project, this is not possible.
<ApplesInArrays> I could use Vagrant on my Windows machine and Ubuntu machine to make sure everything's identical?
<ikonia> ed8: thats fine, as I said it's not something I want to be part of/assist with
<ikonia> ApplesInArrays: not sure what value that would be
<ApplesInArrays> I will have a local server for dev, then copy files to main droplet for production.
<ApplesInArrays> Right now production=development, and I think this is not the best way to go about it.
<ikonia> no idea what you're on about
<ApplesInArrays> Oh, ok.
<ApplesInArrays> Not sure what you mean.
<lordievader> ApplesInArrays: NFS share? If it is a dev environment it should not matter that things break.
<ed8> ikonia: ok, thanks
<ApplesInArrays> lordievader: then I need to copy things to production
<ApplesInArrays> I'd like to make sure it works there
<lordievader> ApplesInArrays: Of coure you need to copy/push things to production. That is not a test environment...
<lordievader> And to make sure it works you have your dev environment.
<ApplesInArrays> and if it works in completely different environments, I wouldn't expect identical behavior all of the time.
<ApplesInArrays> So I'm trying to figure out if Vagrant could set up the same environment for testing before pushing.
<lordievader> That is why you try to keep your dev environment identical to the production environment.
<ApplesInArrays> Which is why I'm asking if Vagrant can do it.
<ApplesInArrays> I don't know if I can spell it out any simpler.
<ed8> why does 'cp --preserve=mode,ownership /etc/mast/template /etc/mast/alban' doesn't preserve ownership ?
<ed8> the file 'template' has the following permissions: -rwxrwx--- 1 mast www-data 1.5K Sep 23 21:26 template
<ed8> and the script is run by 'www-data'
<ed8> s/script/cp command/
<ed8> I was expecting to have 'mast' ownership preserved. Do I missed something?
<lordievader> ed8: The file is owned by mast?
<ed8> lordievader: yep
 * lordievader doesn't see the problem
<ed8> lordievader: new file is own by www-data:www-data instead of mast:www-data
<lordievader> Ah, you didn't say that ;)
<ed8> and 'www-data' user is in 'mast' group, so again I expected this to be enough
<lordievader> ed8: Likely because www-data is not mast, and therefore cannot change the ownership to mast without root rights.
<ikonia> ApplesInArrays
<ikonia> oops
<ghostfire> hi all, what is the best way to have a program launch when the server starts ?
<zzxc> Hey guys, Apache is giving me a message saying I have message saying "(98)Address already in use: AH00072: make_sock: could not bind to address [::]:80". I've checked and nothing is bound to port 80 right now.
<zzxc> This is a new install. Anyone have any ideas?
<ikonia> it means something is listening on port 80
<zzxc> I've check with both nc -l 80 and netstat -ltnp | grep ':80' neither returned anything.
<ikonia> that's not a check
<zzxc> How do you mean?
<ikonia> it will use the service name
<ikonia> port 80 will have a definition in /etc/services so will never show up in netstat
<zzxc> Ahhhhh alright. And that actually might be the issue. I have two entires in /etc/services for port 80.
<zzxc> Actually scrapt that. one is tcp the other is udp.
<ikonia> /etc/servies doesn't do anything
<ikonia> other than map ports to names
<ikonia> what is the name of the service in /etc/services for port 80
<zzxc> "http>>>>80/tcp>>>>www>>># WorldWideWeb HTTP" and "http>>>>80/udp>>>>>>>># HyperText Transfer Protocol"
<ikonia> zzxc: pastebin the output of the following command please "netstat -a | grep LIST"
<zzxc> ikonia: K one second.
<zzxc> ikonia, Here you go: http://pastebin.com/MEJFJ4Er
<ikonia> zzxc: looks like you have it listening on ipv6
<ikonia> which ties in with the [::]:80 error you pasted
<zzxc> ikonia: Oh http-alt. I missed that.
<tafa2> ufw is misbehaving for some reason
<tafa2> ive done this a million times.... but today apparently is a no go... how do I allow 53/tcp to ip 192.168.0.1 on eth0?
<zzxc> ikonia: Awesome thats some progress. Let me see if I can find out where to disable ip6.
<tafa2> does anyone know how to forward pptpd packes to a local dns server?
<tafa2> is there a firewall that allows connections for a specific process?
<bekks> iptables
<tafa2> really?
<tafa2> does that I mean I could do it using ufw
<bekks> Depends on what exactly you want to do.
<lordievader> Good evening.
<RoyK> lordievader: evening
<lordievader> Hey RoyK, how are you doing?
<RoyK> lordievader: stomach full of good food, relaxing
<lordievader> Sounds good ;)
<tafa2> would anyone be able to help with this? http://serverfault.com/questions/633715/configure-ufw-pptpd-and-dnsmasq-on-the-same-server
#ubuntu-server 2015-09-28
<jak2000> hi all i opened the port 8000 sudo ufw allow 8000 and try do a telnet localhost 8000 and get an error "connection refused" why? http://pastebin.com/zk7Qun19
<lordievader> Good morning.
<jamespage> coreycb, hey - I've synced and merged as much as possible from Debian exp - see tracking sheet for details
<jamespage> coreycb, a few core project uploads done as well - again on sheet
<jamespage> universe ones mainly as I know you can't upload those...
<coreycb> jamespage, awesome thanks
<jamespage> coreycb, trove baking now
<T3DYz> Im in college and bored as fuck, I have ssh to my ubuntu cluster and will do anything for some fun. Anyone know anything fun I can do with my ubuntu server or is ubuntu boring af?
<ogra_> T3DYz, can you tame your language a bit please
<T3DYz> From that reply I take it ubuntu is boring
<bancik> hi, I get the E: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem.
<bancik> when I run sudo apt-get update
<bancik> should I run the proposed command
<AvatarA> if it was interrupted, of course
<bancik> AvatarA, ok thanks
<lordievader> bancik: It gives that command for a reason ;)
<bancik> I am sure it does :)
<bancik> just I don't remember interrupting dpkg
<coreycb> beisner, can you promote juno-proposed to -updates when you have a chance?  regression testing completed successfully.
<beisner> coreycb, yep, will paste back here for you to confirm those pkg moves shortly
<beisner> coreycb, plz review and confirm juno proposed-to-updates:  http://paste.ubuntu.com/12602729/
<coreycb> beisner, looks good, thanks
<beisner> coreycb, thx for confirming.  pushed pkgs to updates for juno.
<coreycb> beisner, cool thanks
<beisner> coreycb, yw :-)
<tedmcox_> hello, everyone! i'm in cincinnati ohio for the openhelp documentation sprints
<tedmcox_> for the next three days i'm work on closing as many bugs as possible on the ubuntu server guide: https://bugs.launchpad.net/serverguide
<jrwren> tedmcox_: awesome! welcome to the midwest :)
<tedmcox_> i'll need help from subject matter experts
<tedmcox_> this is my first time running a documentation sprin
<tedmcox_> the plan is to find open bugs, post any questions here, and then hopefully submit branches to fix the bug or update the status
<tedmcox_> i'll start with typos. those should be pretty easy
<tedmcox_> here's one: https://bugs.launchpad.net/serverguide/+bug/1431034
<ubottu> Launchpad bug 1431034 in Ubuntu Server Guide "crontab typo in the Backups / Shell Sctipts / Executing the Script / Executing with cron section" [Undecided,New]
<tedmcox_> from that bug report, i fed the crontab file into a cron translator, and it looks like the sh file in the example would indeed run every day at 12:00 a.m.
<tedmcox_> so i'll mark this invalid
 * belkinsa pokes tedmcox_
<tedmcox_> hi, belkinsa!
<belkinsa> How are you and how is the spirits going for you?
<tedmcox_> ok, so far. working through them one by one.
<belkinsa> Are you with anyone else (in person or online)?
<tedmcox_> i'm in the same room as the gnome team and the other conference attendees. we're all plugging away on our laptops
<belkinsa> Ah.  Say "hi" to them from me.
<tedmcox_> i will :)
<belkinsa> Thanks.
<belkinsa> tedmcox_, question, do you remember what topics we talked about yesterday?  I remember, n00bs, site generators, feedback forums, meta docs, and virtual spirits. Am I missing one?
<tedmcox_> that was it for the discussions
<belkinsa> Gotcha, thanks.
<belkinsa> And do you have a link for bilp?
<tedmcox_> bilp? not sure what that is
<belkinsa> It was a doc status checker tool that Shaun shared.
<belkinsa> And I think I know why Jorge didn't come: http://insights.ubuntu.com/2015/09/28/executive-summary-from-the-juju-charmer-summit-2015/
<jcastro> I will be there on friday!
<coreycb> jamespage, software-properties was just released to trusty-updates
<belkinsa> jcastro, it's already past, but the OLF is this weekend
<jcastro> yeah that's what I am coming for
<bancik> I have Dell poweredge with PERC 6i with OS Ubuntu Server 14.04 and OMSA installed
<bancik> but I do not get anywhere tasks dropdown
<bancik> is it common
<belkinsa> Oh, I guess I miss understood you in the first place.
<tedmcox_> would someone comment on this bug: https://bugs.launchpad.net/serverguide/+bug/676777
<ubottu> Launchpad bug 676777 in Ubuntu Server Guide "need to add Ipv6 localhost address in /etc/postfix/main.cf to make mailman work" [Undecided,New]
<tedmcox_> i don't know if the fix suggested by the person who reported the bug is correct
<RoyK> damn - are people starting to use ipv6 these days? ;)
<jrwren> yes. been on it for years.
<arooni> about to upgrade my server from ubuntu 12.04 ==> 14.04 (server) ... anything I should keep in mind?
<shauno> tedmcox: my mailserver's on debian jessie, but I just testing that postfix thing and found his statement to be true, at least for postfix-2.11.3-1 in jessie
<shauno> if I have just 127.0.0.0/8, I can relay if I telnet 127.0.0.1 smtp, but not if I telnet localhost smtp, because it tries ::1 first (and should)
<sarnold> RoyK: 10% of facebook's traffic is over ipv6
<RoyK> sarnold: not bad
<sarnold> yeah
<sarnold> RoyK: it's helped along a bit by mobile users, 30% of their traffic from 4G cells is over ipv6
<RoyK> sarnold: I work for hioa.no, and we're the #1 on ipv6 amongst Norwegian colleges/universities
<RoyK> the network guys are always like "can we run this natively on ipv6?"
<tedmcox_> here's the current mailman configuration section: https://help.ubuntu.com/lts/serverguide/mailman.html#mailman-configuration
<sarnold> things feel different this year; it was always "oh that's ipv6, that's kind of neat, something to look into" and now it feels more like "oh you're not on ipv6 yet? hmm, that makes it harder for some users to get to your content"
<tedmcox_> should the suggested fix be added to the postfix section?
<RoyK> sarnold: North America IPv4 stock is |empty|
<RoyK> *empty* even
<shauno> I think it'd be more apt in https://help.ubuntu.com/lts/serverguide/postfix.html  as it's not specific to mailman
<sarnold> RoyK: I knew I should have asked for a class B a decade ago..
<RoyK> :P
<RoyK> or two
<RoyK> decades ago
<sarnold> yeah, even a /24 would have required some justification a decade ago
<RoyK> I don't think you would have gotten a /16 block ten years back
<jrwren> tedmcox_: no, that postfix config is specifically about associating the lists.example.com domain for postfix. It is right where it belongs IMO
<RoyK> we found an interesting issue with Android - it turns off IPv6 when the monitor blanks out, so if you receive a call on Lync^WSkype for Businness, and pick up the phone, put it to your ear, the monitor blanks and (oops)
<sarnold> RoyK, that's crazy o_O
<RoyK> sarnold: I know - possibly fixed now, though
<RoyK> sarnold: and android doesn't (or didn't) support DHCPv6, which raises some issues
<sarnold> I mean, i'm all for saving those precious mwh, but "wants to use networking while the screen is off" just makes sense..
<sarnold> RoyK: do people use dhcpv6 in production? is it just to distribute dns resolvers?
<RoyK> sarnold: we do, I don't remember why - some things weren't settable with ND
<RoyK> which might have been fixed now, really, I don't remember - I don't work with networking (mostly)
<tedmcox_> the server guide page for postgresql links to the administration documentation for postgresql 9.1: https://help.ubuntu.com/lts/serverguide/postgresql.html
<tedmcox_> but i think trusty is using postgres 9.3 and the link should be updated to that version
<opt1mal> There's an issue with OpenVPN on Ubuntu 15.04 that needs fixing. To start and stop OpenVPN clients individually on previous versions of Ubuntu, one used this type of line: "sudo service openvpn start/stop clientconfigfile". But now it's more like "systemctl start openvpn@myvpn.service"
<arooni> anyone using mr / vcsh  here?  i'm having trouble getting mr update to run and actually work.  i've got vcsh working.  i think its because of my mr config is a bit off.  also; if i added a config file on one machine and its setup on the config on mr... do i need to vcsh TOOLNAME first ?
<opt1mal> this isn't anywhere in documentation. I found the answer to the problem here: http://askubuntu.com/questions/639855/how-to-start-the-openvpn-client-service-on-ubuntu-15-04
<opt1mal> it would be great if there was some documentation for this for Ubuntu 15.04.
<ponyofdeath> hi, is there a way to make ubuntu install target disk a variable and determine that based on certain bash script?
<sarnold> opt1mal: it's not exactly "don't do this for openvpn but do that instead" but the vivid release notes do mention the change to systemd and provides links to more information about what it means https://wiki.ubuntu.com/VividVervet/ReleaseNotes
<opt1mal> sarnold, as you mention it's not explicit enough. I think what's really needed is a server guide for 15.04. I've really liked the guide for 12.04 and 14.04. This is the kind of thing the wiki should have. I've been surprised at lack of info throughout the Ubuntu wiki.
<opt1mal> and there's a lot of outdated info throughout the wiki
<sarnold> opt1mal: the bane of every wiki :(
<sarnold> opt1mal: just yesterday I was reading something that said "a known bug in lucid, maverick should have this fixed..."
<opt1mal> heh
<TJ-> opt1mal: The primary problem is we have no standardised way to tag info by release/package versions/date added, which would go a long way to flagging out-of-date info
<teward> anyone know if it's possible to run a small Landscape instance on 1GB of RAM, or whether I need to upgrade the system?
<sarnold> teward: hah, I read the question first, and thought "that suonds like just the sort of thing teward would know" :)
<teward> sarnold: you failed :)
<teward> sarnold: the server that Landscape *was* on was 2GB, then 8GB, but with a kaboom'd mobo... :/
<sarnold> oh man :(
<teward> sarnold: yeah.  i have two smaller slimline machines that were WinXP/WinVista, but they're *nix now xD
<sarnold> lucky machines got an upgrade :)
<teward> sarnold: they're also small refurb'd.  I ran out of barebones equipment and needed more.
<teward> :)
<arooni> hey everyone;  when i'm using tmux, how can i set the window title i see in ubuntu's terminal to something like, "user@hostname" ?
#ubuntu-server 2015-09-29
<pmatulis> opt1mal: yeah, the wiki is not to be trusted blindly
<pmatulis> opt1mal: and there won't be a server guide for non-LTS releases
<pmatulis> opt1mal: the server guide project is always looking for eager individuals to assist with reviews and new material
<ianorlin> pmatulis: will some stuff that deals with init need to be adapted to systemd instead of upstart
<sarnold> ianorlin: depending upon the task, significantly, see https://wiki.ubuntu.com/SystemdForUpstartUsers for a nice guideline to the transition
<tonyyarusso> sarnold: Is there a wiki page for SystemD for people who never got around to figuring out Upstart?  :P
<sarnold> tonyyarusso: hehehe :)
<JanC> tonyyarusso: https://en.wikipedia.org/wiki/System_D
 * dsmythies there is no #ubuntu-doc page on the irc logs page for today. I am wondering if making this entry will force the page on the next hour boundary.
 * dsmythies Opps - wrong channle
<linuxmint2> Is this a good channel for chroot help?
<linuxmint2> chroot doesn't work as per walkthrough. sftp access can still access the server's root directory http://www.thegeekstuff.com/2012/03/chroot-sftp-setup/
<lordievader> Good morning.
<shann> Hi, I have question with Juju and MAAS.
<shann> Online.Net purpose IaaS with scaleway.com (SSD BareMetal Server), deploy MAAS with this service is possible ?
<pitti> o/
<pitti>  /close
<jamespage> coreycb, urgh ryu
<coreycb> jamespage, yeah, I'm just working on that.  it's a bit of a pain.
<coreycb> jamespage, what's your opinion on an MIR?
<jamespage> coreycb, it looks unavoidable
<jamespage> but I've not dug in deep
<aijihz> b
<coreycb> jamespage, I agree, ovs openflow uses it now
<tedmcox> does anyone know if there are free ubuntu servers available for testing? while working on documentation, it would be nice to test out instructions or suggested bug fixes
<TJ-> tedmcox: use a virtual machine, or LXD container
<medberry> jamespage, at some point the openvswitch-datapath-dkms was eliminated (and looks like there is no openvswitch kernel module after taht)
<medberry> does OVS work fine without the kernel module?
<jamespage> medberry, erm
 * medberry fears he screwed up something
 * medberry waves at arosales
<jamespage> medberry, well there should still be a ovs kernel module - but just not a dkms one
<medberry> hmmm.
<medberry> 3.13.0-63 doesn't seem to have one.
<jamespage> medberry, >= 3.13 has enough goodness not to need dkms
<medberry> gotcha
<medberry> or maybe it was renamed
<medberry> ah jamespage I had to get rid of the dkms module and depmod -a and then reboot. all is well. sorry for the noise
<coreycb> jamespage, so even the latest release of ryu (3.25) requires pbr < 1.0 in setup.py.  seems a bit incompatible with the rest of openstack liberty.
<coreycb> jamespage, pbr is uncapped in master of ryu but not released.  I'll see if I can touch base with the maintainer and see if they're releasing anytime soon.
<jamespage> coreycb, hmm
<jamespage> coreycb, this all seems a bit sticky
<coreycb> jamespage, yeah..
<jamespage> coreycb, it might be easier to see if we can uncap it with a patch
<coreycb> jamespage, yeah.. I'll see what all that entails
<jvwjgames> My internet is not working
<TJ-> Looks fine from here :)
<jvwjgames> What is happening is I am getting a reply from my interface IP as the de
<jvwjgames> No matter what the destination is
<jvwjgames> Ping Google.com - Reply from 96.92.80.211 destination host unreachable
<jvwjgames> that 211 is my servers interface ip
<TJ->  jvwjgames that suggests there's a routing or netfilters issue
<jvwjgames> My static and gateway are fine I have this server direct connection to modem
<jvwjgames> It just stopped working one day
<jvwjgames> Unless a setting changed I don't know about
<jvwjgames> What do I check
<TJ-> You're currently showing an IPv6 address; you mention the return from an IPv4 address; could it be something to do with the local IPv6 config?
<jvwjgames> I am on my residential modem not my business modem right now
<jvwjgames> That's why you are seeing it
<jvwjgames> My business network has a proxy that blocks irc
<TJ-> jvwjgames: OK, good to know :)
<TJ-> Can the server itself (96.92.80.211) ping the same target ?
<jvwjgames> What do you mean same target
<TJ-> jvwjgames: you said you were trying "ping google.com" ... dies that work when done from the server?
<TJ-> jvwjgames: or, are you saying that is where it is failing from?
<jvwjgames> I should have explained better sorry my Ubuntu server is having the internet problem all other servers and computers work fine
<TJ-> jvwjgames: Ahhh, ok. It sounded as if it was a gateway/router issue. So the server is directly connected to the Internet with a public IP?
<jvwjgames> Yes
<TJ-> jvwjgames: is the server behind a switch/router of any kind?
<jvwjgames> No direct connection
<TJ-> jvwjgames: Is this a virtual machine or bare metal ?
<jvwjgames> So are other computers so I know it is not an issue with modem
<jrwren> no direct connection or no, it is a direct connection?
<jvwjgames> It is a direct connection sorry and bare metal
<TJ-> jvwjgames: Right, so Ethernet connection to an upstream router somewhere? Or via some kind of modem?
<jrwren> jvwjgames: sounds like you are missing a default route. can is the direct connected server using dhcp or static config?
<jvwjgames> Static and here is a pic of my setup
<jvwjgames> http://picpaste.com/pics/IMAG0137-94xHYCMl.1443542890.jpg
<jvwjgames> The bottom server is the server that is having the issue
<TJ-> jvwjgames: the server must be connected via Ethernet to a router, switch, modem or fibre port of some kind that connects to the ISP. What is that?
<jvwjgames> Ethernet to the modem on the left
<TJ-> jvwjgames: OK, so is the modem doing routing, or is the server using PPPTP to the ISP?
<jvwjgames> Modem is doing the routing but right now it is in bridge modem
<jvwjgames> OK I have a screenshot of traceroute and IP r command
<jvwjgames> http://picpaste.com/pics/IMAG0139-hgIGZXTK.1443543557.jpg
<jrwren> paste output of `ip -4 route`
<jvwjgames> See pic for info
<jvwjgames> jrwren: see pic for the info
<jrwren> can you ping 96.92.80.222 ?
<jvwjgames> http://picpaste.com/pics/IMAG0140-fYbcMTZL.1443544102.jpg
<coreycb> jamespage, can you sponsor my ryu changes?  https://code.launchpad.net/~corey.bryant/ubuntu/wily/ryu/3.24-updates/+merge/272820
<jamespage> coreycb, doing so now
<jamespage> coreycb, you might want to ping mterry and see if he has capacity to review
<jamespage> coreycb, i actually nacked ryu upstream when it was proposed
<jamespage> I felt that pulling an entire network controller framework for ovs control was dumb
<jrwren> jvwjgames: you may want to try another ethernet cable between that host and cable modem. What type of network chip is it? What kernel version?
<coreycb> jamespage, ok
<TJ-> jvwjgames: Have you had any other PCs connected to the modem/router?
<jamespage> coreycb, ok uploaded - good work btw
<coreycb> jamespage, ah, thanks!
<jvwjgames> Yes other computers are connected and working
<TJ-> jvwjgames: So that tends to tell you the server has a problem, either physical wiring or software misconfig
<TJ-> I noticed eth0 and eth1; could the interface names have swapped over?. Does "sudo tcpdump -ni eth0" show any packets coming in, such as ARP requests, on eth0 ?
<jvwjgames> Is the result s real time
<jvwjgames> Cause I did it and nothing just says listening on eth0
<jvwjgames> OK this is weird eth0 witch is connected no traffic eth1 lots of traffic
<TJ-> jvwjgames: what is eth1 connected to, the LAN?
<jamespage> coreycb, I've subscribed ubuntu-server/openstack to ryu bug traffic
<jamespage> coreycb, so just needs MIR and reviewer
<jvwjgames> Nothing cause right now I have eth0 connected but I guess my interfaces switched over
<jvwjgames> I have noticed then doing that they will switch every once in a while so I will lose connection
<jvwjgames> I thought I fixed that though
<jvwjgames> Should I make the configure for eth1 to see if it works
<jvwjgames> Nuke not make
<TJ-> jvwjgames: udevd is supposed to write permanent net names rules in /etc/udev/rules.d/ so that the same name is always assigned to the same MAC address
<jvwjgames> Actually in the interfaces file there is no eth1 so how the heck is it working
<TJ-> jvwjgames: it exists because there's a device present and the kernel names it
<jvwjgames> Oh ok
<TJ-> jvwjgames: it has been auto-configured to a private address range since no manual nor DHCP config was present
<jvwjgames> OK I switched the cables from eth0 to eth1
<jvwjgames> Let's see
<jvwjgames> http://picpaste.com/pics/IMAG0143-xhiYTLuN.1443546163.jpg
<TJ-> so you need to re-configure udevd's permanent net names. You must have disabled it at some point
<jvwjgames> Now that I have ash I will check
<jvwjgames> SSH*
<jvwjgames> Udev running
<jvwjgames> How do I reconfigure it
<TJ-> jvwjgames: check in "/etc/udev/rules.d/" for a "70-persistent-net.rules" or similar name; can't recall it exactly
<jvwjgames>   GNU nano 2.2.6        File: 70-persistent-net.rules                        # This file was automatically generated by the /lib/udev/write_net_rules
<jvwjgames> # program, run by the persistent-net-generator.rules rules file.             #                                                                            # You can modify it, as long as you keep each rule on a single
<jvwjgames> # line, and change only the value of the NAME= key.
<jvwjgames> # PCI device 0x14e4:/sys/devices/pci0000:00/0000:00:02.0/0000:05:00.0/0000:0$SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:15:c5:ec:$
<jvwjgames> # PCI device 0x14e4:/sys/devices/pci0000:00/0000:00:1c.0/0000:03:00.0/0000:0$SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:15:c5:ec:$
<jvwjgames> # PCI device 0x10de:0x0760 (forcedeth)
<jvwjgames> SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:26:18:3d:$
<teward> jvwjgames: pastes should be in a pastebin
<teward> (and copy/paste from Nano doesn't work when you go past the bounds of the edge of the window)
<jvwjgames> OK sorry
<jvwjgames> http://pastebin.com/WS33vHyv
<teward> [2015-09-29 13:26:26] <teward> (and copy/paste from Nano doesn't work when you go past the bounds of the edge of the window)
<Flong> Anyone here have luck getting 14.04 to install in an encrypted LVM?
<Flong> on a laptop...
<Flong> (I'm using it as a QEMU Guest Host)
<Flong> I'm using two SSD's
<Flong> The slower one for the host
<Flong> The faster one for guests, they're all going to be on an internal NAT
<Flong> So I'm using X11 forwarding to the host OS running OpenBox
<Flong> Sound good?
<jamespage> coreycb, we might need to be a little nicer with the drop of ceilometer-agent-central/compute/ipmi
<jamespage> coreycb, it is a unified daemon 'ceilometer-polling'
<jamespage> ?
<coreycb> jamespage, is there a nicer way?  upstream dropped the binaries I think
<jamespage> coreycb, transitional packages might be nice - but I think you can run ceilometer-polling in different modes
<jamespage> --namespace ipmi
<jamespage> for example
<jamespage> I may be wrong - let me poke at it tomorrow
<coreycb> jamespage, gotcha so maybe updating the init scripts to do something like ceilometer-polling --namespace
<Danny_> Hello, I would like to know if you could help me with an issue with setting services on my Ubuntu 14.04 server?
<Danny_> I have a Minecraft Server, and was trying to set it up as a service, but it seems to be very "tasking"
<Danny_> Anyone free to give me some help? I have stated the message above
<sarnold> Danny_: do you get error messages?
<Danny_> Unknown job minecraft sarnold
<Danny_> I even tried using like direct start stop commands
<sarnold> Danny_: alright, that's a start; what does your upstart configuration file for minecraft look like? what are the owner, group, and permissions of that file?
<Danny_> Erm, may I PM you? as the chat is hard to read on the web chat >.<
<sarnold> (if you don't have the pastebinit program installed yet, it's immensely useful for things like this; you could just pastebinit /etc/init/minecraft, for example)
<sarnold> i've never run minecraft, so if you talk with only me, you might miss someone else's advice that might be more useful than mine
<Danny_> Good point, but okay is that apt-get install pastebinit
<sarnold> i'm not bad at generic troubleshooting but have zero experience with minecraft itself :)
<Danny_> ?*
<sarnold> yes
<Danny_> Awesome, bare with me a moment
<Danny_> sarnold: Okay so as I was talking to you I renamed it, but it is currently at /etc/init.d/mc-proxy http://paste.ubuntu.com/12619097/
<sarnold> Danny_: aha :) try moving it to /etc/init/mc-proxy
<sarnold> init.d is for the old sysv-init scripts; this is an unstart configuration file, which are way easier to write, and those usually live in /etc/init/ instead
<Danny_> so shall I move that?
<Danny_> to init/
<sarnold> Danny_: oh, sorry, move it to /etc/init/mc-proxy.conf
<sarnold> the .conf is importan ttoo
<Danny_> sarnold: mc-proxy start/running, process 5844 << got that
<Danny_> is that running?
<sarnold> Danny_: yeah; check with ps auxw | grep java
<Danny_> What may I be looking for?
<sarnold> probably process 5844 -- just doublecheck that it's still there :)
<Danny_> dannysm+  5926  0.0  0.0  12224   928 pts/1    S+   00:28   0:00 grep --color=auto java
<Danny_> I get that :S
<teward> other than netstat -tulpn, what can I use to get the same data from my Ubuntu server?
<teward> Since I heard netstat's becoming obsolete
<sarnold> teward: ss
<sarnold> teward: though I've been hearing that about ifconfig for fifteen years now.
<ivoks> why would netstat be obsolete?
<sarnold> Danny_: dang that doesn't look like it's running.
<Danny_> Oh :/
<Danny_> sarnold: Any new ideas? xD
<ivoks> ifconfig is obsolete; it's actually wrong and doesn't show correct data
<sarnold> ivoks: iirc netstat uses /proc to get data; ss uses netlink
<ivoks> ah, ss
<sarnold> Danny_: check /var/log/upstart/mc-proxy -- there might be errors there
<teward> sarnold: i still use netstat... :P
<teward> sarnold: ss gives me unuseful data
<teward> extra duplicate cruft
<teward> I'll stick with netstat -tulpn    :)
<teward> ivoks: I know ifconfig's obsolete, although some things still use it
<sarnold> teward: you may be able to find a similar set of options..
<Danny_> sarnold: nope, empty file? I did sudo nano to it?
<teward> (`ifconfig -a` is a way to get network adapter info though, like mac address and such)
<ivoks> teward: those should have bugs reported
<ivoks> ip l
<ivoks> or ip a
<ivoks> ip r (for routes)
<sarnold> Danny_: it might be in /var/log/upstart/mc-proxy.log or /var/log/upstart/mc-proxy.log.0 or something similar; ls /var/log/upstart/mc-proxy* to see if it's there with a different name..
<ivoks> teward: intesreting... netstat -tulpn is exactly the same as ss -tulpn
<Danny_> sarnold: the only file is the mc-proxy.log but it is empty
<teward> ivoks: except i got a ton of UNCONN on a 14.094
<teward> lemme ssh to my other system
<teward> maybe this one's weirdish
<ivoks> udp's are unconn
<teward> oh, so they are
<teward> ivoks: interesting headache: it doesn't display right in 80x24 on my screen
<teward> maybe a bug
<ivoks> i would say it's a bug
<sarnold> Danny_: dang. does minecraft log anything? perhaps to /srv/minecraft/Proxy?
<ivoks> 'useless whitespace'
<Danny_> sarnold: having a look now, bare with me
<teward> sarnold: minecraft's a .jar... if it logs anywhere it logs to ~/.minecraft or a Java config folder
<teward> or stdout
<teward> (I came in late)
<Danny_> sarnold: what is the command to reload the init file again?
<sarnold> teward: how about this thing? http://paste.ubuntu.com/12619097/
<sarnold> Danny_: service mc-proxy restart   ought to do it
<teward> sarnold: if it's a modified .jar then perhaps, but no way for us to know without md5-summing
<teward> and mc-proxy might be a separate executable/service
<teward> (but if it's running as part of Minecraft, the problem is Minecraft)
<sarnold> teward: mc-proxy is http://paste.ubuntu.com/12619097/  :)
<teward> sarnold: then the logs need to be output and spat out to a folder somehow
<teward> perhaps a > redir?
<teward> hate to suggest it but...
<teward> exec /usr/bin/java -Xms4G -Xmx4G -jar minecraft_server.jar nogui 2&>1 > /some/logpath       <-- maybe for logging
<teward> but if it's inside of the minecraft_server.jar file the last time I messed with one even a modded one it stdout/stderr'd
<teward> (until I redir'd)
<sarnold> teward: could be. I would have epxected the 'console log' directive to do the same thing..
<Danny_> Okay thanks teward  and sarnold  I shall try your options, hoping it works >.<
<teward> sarnold: assuming Java processes correctly, or Upstart, or systemd, or w/e handles it
<teward> Danny_: i was talking to sarnold but OK
<Danny_> sarnold: It worked!
<teward> sarnold: i learned the hard way: don't mess with Minecraft unless you want to beat things with a hammer :)
<sarnold> teward: Danny_'s the guy running minecraft :)
<Danny_> teward: he was helping me
<sarnold> Danny_: nice :D
<teward> both of you: i know :)
<teward> i was merely talking to sarnold about the logging side :)
 * teward yawns
<ivoks> teward: lol, this is a bug. if you make terminal very narrow and run 'ss'; if you resize that terminal to 80x24, it will show just fine. output is tailored to screen size, but it's doing that badly.
<teward> someone give me coffee
<teward> ivoks: yeah, i need to finish config on my 15.04 box for further testing but meh
<Danny_> sarnold: seems it was a java error... needed to update it? xD
<teward> finally having barebones hardware is nice for testing xD
<teward> Danny_: ewwwwwwwwwwJava
<teward> java can give headaches like that yes
<Danny_> teward: I hate it too :( I like C personally, like imagine if Minecraft was coded in C...
<teward> Danny_: more likely C#, from what I heard from devels
<teward> but meh
<teward> in any case glad it's working
<teward> when in doubt, run on its own without a service, observe errors
<Danny_> teward: Never really used it tbh, and thanks
<teward> it's how I mess with nginx and test :)
<teward> given systemd noms the logs and doesn't give data easily
<Danny_> Yeah it was working before, but never gave the actual file a run itself
<teward> (applies to upstart even more)
<Danny_> teward: yeah I was finding it hard to figure out how things were like displayed if something goes wrong >.<
<teward> sarnold: remember the flurry of headachey bugs for nginx without debug data?
<sarnold> teward: yeah..
<Danny_> one more question
<sarnold> endless streams of "maaintainer script failed with exit code 1" stuff over and over again
<Danny_> How do I install cgilua or lua_mod on apache2?
<Danny_> and enable ssl_mod as well
<teward> sarnold: and now we fix it xD
 * genii slides teward a fresh mug of delicious coffee
<Danny_> I tried the mod_lua and broke apache2's configuration file
<teward> speaking of which I need to get a late SRU into Wily to fix a misspell on the apport hooks
<teward> meh, maybe i'll fix it for X and wait :)
<Danny_> I feel like a script kiddy... >.<
<teward> sarnold: you probably know more about Apache than me :)
<sarnold> Danny_: re: apache tls, a friend put this guide otgether a while ago, I recall liking it https://confluence.id.ubc.ca:8443/x/0pxvB
<Danny_> Okay thanks! sarnold
<ponyofdeath> anyone know how i can get this bug to get some love :) ? https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-perl2/+bug/898124
<ubottu> Launchpad bug 898124 in libapache2-mod-perl2 (Ubuntu) "Missing Files for Apache2::SizeLimit in libapache2-mod-perl2 (2.0.5-2 oneiric 2.0.5-5 precise)" [Medium,Triaged]
<holms> maybe anyone knows how to launch cron  in non-daemon mode?
<holms> i'm in docker container
<genii> with -f
<holms> that what i've found too
<holms> and it's no output or anything
<holms> although i've added a crontab file
<bekks> So adjust your script to provide output.
<holms> yeah it was actually sending output to file, removing that, checking :)
<holms> bekks: hmz.. nothing
<holms> http://paste.openstack.org/show/474752
<holms> dockerfile: http://paste.openstack.org/show/474753
<bekks> holms: use an absolute path to python in your crontab entry.
<holms> okay
<holms> still nothing
<holms> cron -f just gives blank output
<holms> script works as expected from cli
<bekks> holms: on cli, is there some output?
<holms> bekks: http://i.imgur.com/iDaidPG.png
<holms> http://paste.openstack.org/show/474754
<bekks> Looks like the pip invocation, right?
<bekks> Try using absolute paths in your actual script, too.
<holms> s'rsly?
<holms> then it won'twork locally
<holms> actually that's not even possible
<holms> or with hard hacks
<bekks> Isnt it possible to use an absolute path for pip, for apt-get, etc?
<holms> am
<bekks> Why would that break things?
<holms> why do we need pip in here?
<bekks> It's mentioned in your script, isnt it?
<holms> no?
<bekks> So this isnt your python script you are running from cron?: http://paste.openstack.org/show/474753/
<holms> it's a dockerfile
<holms> which prepares docker container
<holms> all environment is set, script works if launched manually
<holms> problem is with cron.. when launching it
<holms> nothing happens..
<bekks> The problem is, there is no environment defined when running it from cron.
<holms> crontab -e, actually does show a file
<holms> crontab file to edit, which is which i've copied
<bekks> So you have to use full paths to every executable you are using.
<holms> yeah so in crontab file
<holms> it's a full path is it?
<holms> crontab file: http://paste.openstack.org/show/474754
<bekks> errm, thats not a valid bash script, nor a valid crontab entry.
<holms> ah ok
<holms> so then this should be fixed
<holms> change to this> SHELL=/bin/bash
#ubuntu-server 2015-09-30
<bekks> The last line is a valid crontab entry, all the rest is a valid bash script so far.
<bekks> ??
<bekks> a crontab entry is a single line.
<holms> there's bin a man somewhere that it's allowed to pass env vars
<holms> in crontab file
<bekks> ??
<bekks> crontab -l should reflect a single line invoking your script.
<bekks> your python script.
<holms> ok
<holms> so they source a file
<holms> before command
<holms> http://serverfault.com/questions/673480/load-users-environment-variables-in-a-cronjob
<bekks> I suspect you do know https://help.ubuntu.com/community/CronHowto
<holms> are you offering to add env vars just with "env"?
<holms> sourcing from env.sh sounds better in this case, there's of them there
<holms> will be more latter on
<bekks> No. I am offering to either use a crontab file entry, OR a /etc/cron.*/ script
<holms> that what serverfault offers http://paste.openstack.org/show/474756
<holms> source it from file
<holms> crontab -f doesn't give no errors, or any other output
<holms> using crontab file entry. passing SHELL var in there is allowed in order cron to use bash instead of sh
<holms> sourcing is also allowed it says
<holms> what else :)
<keithzg> Hmm, have a BTRFS pool that's throwing an error on mounting on 14.04 during boot, but mounts fine after boot when invoked even just as part of "mount -a" or "mount /path/to/mountpoint". Am I just not able to use LABEL= during boot for BTRFS pools?
<keithzg> And if that isn't it, what else might be the problem?
<bananapie> when I call shutdown -h now, it does a bunch of work and at the end tells the kernel to powerdown. Is there a command line comand I can sent to the kernel to cause it to halt immediately without any other work ?
<bananapie> without using init, upstart, or systemd ? Like sending the command directly to the kernel bypassing all startup/shutdown actions without using the sysrq key?
<keithzg> bananapie: Perhaps "poweroff"
<keithzg> Ah, maybe not that low level.
<bananapie> thanks
<bananapie> poweroff -f
<bananapie> :D
<keithzg> aha, good good :)
<bananapie> I booted using init=/bin/bash, exiting bin/bash would cause a panic, and I was trying to find the "right" way to shutdown after I booted this way.
<bananapie> thx
<keithzg> No problem!
<bananapie> i'm setting up a computer for my kids. I replaced the gdm/lightdm/kdm/... with a script that calls startx which calls google-chrome. the next line in the script is shutdown -h now. So when the kids turn the computer on, bam! chrome! When they close chrome it shuts down
<bananapie> I love linux :d
<bananapie> unfortunately I made a mistake in my script and got stuck in an infinite reboot, so I had to emergency boot with init=/bin/bash :$
<keithzg> haha
<bananapie> actually, it was pretty funny. It would have been frustrating if I didn't know about the init parameter in grub :|
<bananapie> 12 years ago, I got a linux machine stuck in an infinite reboot loop, I just reinstalled the entire machine.
 * keithzg tends to just be lazy and boot from USB or such and just chroot
<lordievader> Good morning.
<Danny1> Hello, I was wondering if someone could help me figure out why my phpmyadmin is not working on my apache2? or anything I guess?
<Danny1> ?
<dannysmc95> Sorry say to this user
<lordievader> dannysmc95: Any errors?
<dannysmc95> lordievader: how do I find out?
<lordievader> First tell me what state you are in. 'Not working' is very vague.
<dannysmc95> State? what do you mean?
<lordievader> What do you see when you go to your phpmyadmin page.
<dannysmc95> nothing, does not exist lordievader
<lordievader> dannysmc95: So you get a 404?
<dannysmc95> lordievader: shinexusuk.tk/phpmyadmin
<dannysmc95> I get that
<lordievader> Yes, a 404. Is phpmyadmin installed? And if so, how?
<lordievader> Also, don't make it publicly available...
<dannysmc95> lordievader: what do you mean? it's not you have to login twice?
<dannysmc95> and Its a dedicated server that is not located near me, so I need to get to it via phpmyadmin
<dannysmc95> and yeah its installed
<dannysmc95> lordievader:
<lordievader> dannysmc95: How?
<dannysmc95> lordievader: how what?
<lordievader> How did you install phpmyadmin?
<dannysmc95> sudo apt-get install phpmyadmin
<lordievader> dannysmc95: Right, what do you see in your apache logs?
<lordievader> I get the feeling the phpmyadmin configuration ain't enabled.
<dannysmc95> Where are thet? lordievader (I am new the Ubuntu)
<dannysmc95> they*
<lordievader> The logs or the config? (logs: /var/log/apache2, config: /etc/apache2/
<lordievader> )
<dannysmc95> I have "access.log", "error.log", "other_vhosts_access.log"
<dannysmc95> lordievader:
<lordievader> dannysmc95: Could you pastebin the output of 'apache2ctl -S'?
<lordievader> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<dannysmc95> I know what that is, should I do pastebinit apache2ctl -S
<lordievader> apache2ctl -S |pastebinit
<dannysmc95> http://paste.ubuntu.com/12623253/
<lordievader> Hmm, right it doesn't list aliases.
<dannysmc95> So how do I fix that?
<lordievader> I'd dig around in the conf dirs to see where the phpmyadmin alias is configured.
<lordievader> Then see if it is enabled.
<dannysmc95> where would they be?
<lordievader> No idea, I don't have phpmyadmin installed.
<lordievader> I rather dislike it.
<dannysmc95> Oh, do you have a better version? that is easy to use?
<jpds> Command line is the way to go
<lordievader> ^that
<lordievader> Phpmyadmin is just another vulnerability waiting to happen.
<lordievader> Ssh to your sql server and connect locally.
<dannysmc95> Helpful, I need to be able to see what is in the database on screen
<dannysmc95> how?
<dannysmc95> I am new to this, I don't know how to do a lot of things, plus where would my sql server be hosted at?
<jpds> dannysmc95: show tables; select * from table_name;
<lordievader> dannysmc95: You should know that ;)
<dannysmc95> Maybe, but never used it on command line, do I need something installed?
<lordievader> If you ssh to your sql server likely everything is already installed.
<dannysmc95> Where is my sql server hosted?
<dannysmc95> It's the same server already?
<lordievader> You should know that. We don't.
<dannysmc95> do I ssh to a port?:S
<dannysmc95> I am on the dedicated server where it is
<lordievader> dannysmc95: Do you host the sql server?
<dannysmc95> Yeah it's hosted on my dedicated server
<jpds> dannysmc95: You've just answered your own question
<lordievader> So ssh to your dedicated server -> mysql -u <some user> -p
<dannysmc95> so it does mysql>
<jpds> That's what the my in phpmyadmin stands for
<dannysmc95> So how do I view databases? I used to have a web server, so I had one database, I do not know how to "create" and "view" databases >.<
<lordievader> You mean you now have a promt 'mysql>'? That means you are logged in.
<jpds> dannysmc95: "show databases;" after you get to the prompt
<lordievader> dannysmc95: http://www.w3schools.com/sql/
<dannysmc95> lordievader: yeah
<cyclobs> hi guys, anyone with some bind9 zone experience i can't work out why my local dns isn't resolving correctly
<jamespage> coreycb, yes please could you review the ceilometer-polling stuff
<jamespage> coreycb, I think we need all the binary packages that got dropped; we just needed to switch the daemon to use polling with appropriate flags
<coreycb> jamespage, I'll take care of hte ceilometer-polling bits today.  at a quick glance it seemed like updating init scripts to use ceilometer-polling with flags is what's needed.
<jamespage> coreycb, yeah - zigo did that in debian
<jamespage> coreycb, if you want me to review before upload +1
<jamespage> I can do that
<coreycb> jamespage, thanks I'll let you know when I'm done
<jamespage> coreycb, ok - I have 1hr back of my day
<jamespage> coreycb, if you want to look at the ceilometer stuff, I'll pickup why ryu ftbfs on i386
<coreycb> jamespage, I won't argue with that proposal
<jamespage> oslo utils and config also in the UNACCEPTED queue for wily
<RoyK> oslo utils?
 * RoyK lives in oslo
<jamespage> coreycb, ryu test failures resolved - uploading now
<coreycb> jamespage, cool thanks. so how does unaccepted affect us, as I see oslo-utils and config are in wily-proposed.
<jamespage> coreycb, they have been accepted now
<coreycb> jamespage, ok
<jamespage> it means we're still testing with the previous version
<jamespage> coreycb, ceilometer for some reason won't unit test on the jenkins backport-o-matic
<jamespage> I've been backporting and testing that one manually
<coreycb> jamespage, hmm ok I'll look into it
<jamespage> not a priority for now
<zburns> How can I add /dev/sdb (LVM) to existing Ubuntu install?
<zburns> fdisk shows as 8e (Linux LVM)
<zburns> can I just format that and add to fstab or do I have to do something special?
<RoyK> zburns: pvcreate /dev/sdb ; vgextend vgname /dev/sdb
<RoyK> zburns: then lvextend ...
<RoyK> see the manual
<zburns> RoyK: ok will do thanks
<coreycb> jamespage, ceilometer's pushed if you want to take a look
<coreycb> jamespage, hmm
<coreycb> jamespage, shoot I might need to restore the binary packages
<jamespage> coreycb, yup
<jamespage> sorry had to reboot
<jamespage> coreycb, your agent packages need to depend on ceilometer-polling I think
<jamespage> coreycb, and --namespaces -> --polling-namespaces
<jamespage> coreycb, also the pidof check in the autopkgtests won't work with the switch in underlying binary
<jamespage> coreycb, I also don't think we need a daemon running for ceilometer-polling
<jamespage> its just a binary imho
<jamespage> wait
<jamespage> hmm
<jamespage> coreycb, we might be better to move ceilometer-polling to ceilometer-common
<jamespage> coreycb, lemme tweak and push
<jamespage> coreycb, ok pushed
<jamespage> coreycb, testing a bit as well
<coreycb> jamespage, ok. I'll drop my add of the agent binaries then.
<coreycb> jamespage, nevermind my last comment, just looked at your updates
<jvwjgames> How do I configure udev
<jvwjgames> How do I configure the 70-persistent-net.rules file
<jamespage> coreycb, hmm I can't see DAEMON_ARGS being picked up
<jamespage> coreycb, ok so that approach does not work
<jamespage> we need to set DAEMON
<coreycb> jamespage, hmm, let me test it out, you're probably close to EOD
<coreycb> jamespage, ok yeah I just noticed that in another package..  my mistake
<coreycb> jamespage, I'll fix it up and install test to verify the init scripts are good
<jamespage> coreycb, I have a fixup
<jamespage> testing now
<coreycb> ok
<jamespage> pushed
<Dulcin> Hi
<Dulcin> What's the best way to set website permission/ownership
<Dulcin> I was once told it is bad to set ownership to www-data
<Dulcin> Is that so?
<teward> Dulcin: different web apps need different permissions.  I tend to give group access www-data and keep the site as root or some other ownership.
<teward> but meh
<teward> :)
<Dulcin> so root:www-data for all files, and then something like 775 except for cache/upload folders?
<shauno> I see no value in giving www-data write-access to anything it doesn't need to write to.
<teward> ^
<teward> Dulcin: as i said it depends on the web application
<Dulcin> I suppose you're right but could you run me through some scenarios?
<Dulcin> I want to get better/smarter at this
<Dulcin> but as you can see, I would simply do something like 775
<teward> wordpress needs 775 on its cache and upload dirs.  755 is typically what I see on web server directories, or 750 in cases where there's 'private' data that doesn't get exposed to the rest of the system
<teward> the problem is it deoends on the web application in use
<teward> and what *it* needs
<teward> (static content, 750 or 755 is typically what I use)
<Dulcin> Ok that makes sense
<jayjo> I have a ubuntu 14.04 server that is running very slow with mysql queries. Are there some very quick speed checks to see if something blatant is going on before I just try to upgrade my cores?
<dft> jayjo: check your disk IO
<dft> what sort of underlying storage are you running for your volumes
<dft> but....it could also be just inefficient queries too
<jayjo> dft: I don
<jayjo> sorry. I don't think it's the queries, I run the same on postgres on a different server and it's fine, I've been running these same queries for months.
<jayjo> do you mean iotop?
<jayjo> or is there a better tool
<dft> jayjo: a quick check on disk io would be to run top and look at your wait times.  If they're high, you typically have a iops issue
<dft> dstat works too
<dft> dstat --disk-util
<dft> do that before/while/after your queries are running and
<dft> see what's up
<dft> regarding same queries different server/rdbms
<dft> what is the storage backing on that postgresql box?
<dft> is there RAID involved?
<cpaelzer_> jayjo: dft: if those servers are supposed to be same HW same SW everything there should not only look good but also similar
<cpaelzer_> so if in all the tools you (dft) described nothing is obvious, jayjo can run them on both systems and spot the difference
<cpaelzer_> my favorite there would be to start with "iostat -xtdk 10" (especially avgrq-sz, avgqu-sz, and *await) but with Linux Performance Tools everyone has his own favorites and that is fine :-)
<dft> cpaelzer_: he's already identified different rdbms backends which can have nuances in query performance depending on how they're structured as well.
<dft> but like all investigations, start from the ground and work your way up the stack
<kyle__> Does anyone know what exactly the 'PCH Temp' reported by ipmi is?
<sarnold> kyle__: part of the chipset: https://en.wikipedia.org/wiki/Platform_Controller_Hub
<kyle__> Oh ok.  So it's the temp for the chipset.
<kyle__> I tried figuring out some of these from the super-micro docs.
<sarnold> heh, the supermicro docs I've read were fairly dissapointing
<kyle__> sarnold: Not as dissapointing as their hardware can be sometimes ;)
<sarnold> oww :)
<sarnold> I've never worked with it, I always had an impression they were pretty good
<kyle__> Heh.  I've got some great boxes from them, but their QC is nearly non-existant, so sometimes you get one that just won't work, and it's like pulling teeth to get them to swap it for you.
<sarnold> ow :(
<patdk-wk> you must not read supermicro docs, but the documents for the chips used :)
<genii> supermicro has documentation?
<kyle__> genii: Yup.  Not very good often.
<genii> Heh
<sarnold> genii: it's fun to watch firefox pdf.js draw the lines of the servers slowly when rendering the things..
<genii> I got 3 bad boards in a row from them and then decided not to use them anymore
<sarnold> genii: heh, this took about 40 seconds to progressively draw the server on the front page of http://www.supermicro.com/manuals/chassis/tower/SC846.pdf
 * genii twitches
<sarnold> it's almost as if they said "we want a cute little loading animation when downloading the docs"
<kyle__> genii: I got two preconfigured servers from them, that they forgot to apply the license to the BMC.
<genii> Ouch
<kyle__> genii: Using the tools they provide to the user, I could get it to claim it was licensed, but it would reset the system on almost every remote management comand, via IPMI or their web UI.
<kyle__> 'ipmi chassis power status' should not, under any circumstances, for any reason, reboot a server.
<patdk-wk> kyle, but what if it didn't know?
<patdk-wk> rebooting puts it into a known state
<patdk-wk> so it can answer
<sarnold> heh
<jge> Hey all. Anyone's got some spare cycles to help me make sense of these mysql logs in ubuntu: http://is.gd/uHvZU6
<jge> they keep getting logged, no idea what's causing it though..
<DannySMc> Hello, I have a question, I am running a server as a ubuntu service and once the server is loaded, when I tail the upstart log, the console is being spammed with unknown command, please do "/help" for more help options, this is running about 50 times a second, and I have no idea where it is coming from... it only happens when it runs a service... Here is the service code: http://paste.ubuntu.com/12628072/
<DannySMc> ^ as a service* and I ran it outside of the service and it does not have this problem
<DannySMc> Anyone? Even the smallest idea? does the respawn command send commands to the server? or is there something I am missing?
<sarnold> DannySMc: can you pastebin the /srv/minecraft/Survival/start.sh script?
<sarnold> DannySMc: line 4 of that file looks funny; it's probably unrelated, but try adding a space between the 'runlevel' and the '[' char
<DannySMc> sarnold: Added the space, and: http://paste.ubuntu.com/12628122/
<teward> sarnold: remember I asked if Landscape can run on 1GB of RAM?
<teward> (unrelated to support, but an observation)
<sarnold> DannySMc: okay, two thoughts from here: (a) perhaps that 'java' command isn't in the PATH that exists at this point -- try giving the full path to the java executable (b) make sure this file is set to be executable too
<sarnold> teward: yeah, any luck? :)
<teward> sarnold: well, i got it to run...... with severe limitations
<sarnold> aww :(
<teward> sarnold: either old hardware or too much resources needed, but i could get landscape-server up, with 1GB of RAM, but it only could handle 3 computers
<teward> HATE my laptop
<teward> sarnold: after the 4th computer connected, boom, death
<teward> so meh
<DannySMc> sarnold: I can actually run that start.sh script inside the directory and I get no log at all?
<sarnold> DannySMc: when you run it by hand it has a very different execution envirnment than when it is run by upstart
<DannySMc> Okay may I ask a silly question sarnold but what is the path to my java?
<sarnold> DannySMc: most programs fail because they expect to find an executable in the PATH that you use in your shell, but the services start with a much smaller PATH environment variable
<DannySMc> sarnold: but the thing is the server runs
<sarnold> DannySMc: run 'which java' to find out
<DannySMc> sarnold: the server runs, please beware slight lag: http://paste.ubuntu.com/12628010/
<DannySMc> sarnold: This is a fresh install so nothing else is prepacked with it
<sarnold> DannySMc: oh! it's a minecraft thing :)
<DannySMc> sarnold: yep, I was on yesterday :P
<DannySMc> sarnold: as you can see in the space of 4 minutes it called this unknown command just over 700,000 times
<teward> "unknown command" sounds like an internal failure
<sarnold> DannySMc: heh, I just meant that it's probably not upstart's fault then, if minecraft is actually running now..
<DannySMc> sarnold: no it is inaccesible
<sarnold> DannySMc: but there it is :) it's running and spewing endless errors about it :)
<DannySMc> sarnold: the server runs then seems to time out, because "I assume" the spam
<sarnold> DannySMc: what kind of config files does minecraft take? I suspect an error in one of those
<DannySMc> sarnold: It works without using upstart though
<DannySMc> sarnold: if I did ./start.sh in the directory it runs perfectly
<DannySMc> sarnold: only does it error when it runs with upstart
<DannySMc> sarnold: which is why I thought you guys may see if there is some kind of recursive part of the scripts I gave you, that is attempting to send a command to the server...?
<DannySMc> sarnold: and they mainly take either .properties or .yml
<tarpman> DannySMc: when you start it yourself with ./start.sh does it fork off to the background, or stay in the foreground until you ctrl-c it?
<tarpman> DannySMc: if the start script forks, that might not play as you expect with 'respawn' ...
#ubuntu-server 2015-10-01
<DannySMc> tarpman: it stays in the foreground hence why I want to use it as a service and try to stay clear of screen
 * patdk-lap loves forkbombs
<DannySMc> Any ideas? tarpman or sarnold
<DannySMc> patdk-lap: May I ask what a forkbomb is?
<patdk-lap> google can help there
<patdk-lap> when you do, ./start.sh, does start.sh stop? and let you type in more commands?
<tarpman> DannySMc: assuming you already fixed the runlevel line someone else mentioned, I'd be looking for differences between your user environment and the service environment
<tarpman> patdk-lap: I just asked about that :P
<patdk-lap> I didn't see the answer
 * patdk-lap cant read
<sarnold> DannySMc: when you run it by hand, are you running as user minecraft, group minecraft? or just your standard user account?
<DannySMc> Actually I do get a problem, that when I run the MC server via the service it seems to get slower and slower, as if the CPU has just put it at the bottom of the priority list... (this was my first attempt), so how would I find that out?
<DannySMc> standard user account currently
<DannySMc> Like find out differences?
<sarnold> try again with the user and group that you specified in the conf
<DannySMc> sarnold: how do I do that>
<DannySMc> like change user?
<DannySMc> su - minecraft?
<DannySMc> in the service script?
<sarnold> DannySMc: no, just do it right in your shell..
<sarnold> DannySMc: something like 'sudo -i -u minecraft -g minecraft' ought to do it
<DannySMc> This is hell sarnold
<DannySMc> sarnold: I tried doing it and it says cannot access .jar file?
<sarnold> DannySMc: aha :) check ls -l in the directory
<DannySMc> sarnold: okay?
<sarnold> DannySMc: do the permissions look like they shuold allow the minecraft user and group the ability to read and write what they need to?
<DannySMc> sarnold: they all seem to be root and like start.sh has 666
<DannySMc> I need these accessible to everyone who is logged in...
<DannySMc> I did sudo chmod -R 7777 /srv/minecraft/Survival
<DannySMc> and it still has done nothing >.< sarnold
<sarnold> first, that's too many sevens; the first 7 will mean to turn on sticky bit, sgid bit, and suid bit; you don't want any of those. second, these permissions are entirely too wide open; it's best to restrict privileges and permissions to only what is needed
<sarnold> why do you want every user on your system to be able to modify these at any time?
<DannySMc> Well I only want anyone with the group minecraft but it is hard to edit these as I am very inexperienced
<DannySMc> and when I do sudo start mc-survival
<DannySMc> It could be anyone logged in running it
<sarnold> normally you wouldn't care, it just gets run early in boot and stays running..
<DannySMc> sarnold: it would need to be restarted when we do updates and that, which is a problem
<DannySMc> especially now while we are building it
<sarnold> DannySMc: .. and if you're using sudo to manage the service anyway, that means you don't want e.g. your web server to have write access here..
<DannySMc> Okay well how do I set users with the group minecraft to be able to edit it?
<DannySMc> and that is ALL the files inside the /srv/minecraft folder
<DannySMc> and folders*
<sarnold> chown -R minecraft:minecraft /srv/minecraft ; find /srv/minecraft -type d -exec chmod 775 {} \; ; find /srv/minecraft -type f -exec chmod 664 {} \\;
<sarnold> oh, of course, resetting the start.sh to 775 at the end
<DannySMc> Well I seem to get errors like operation not permitted and missing arguments to exec
<DannySMc> sarnold:
<DannySMc> Yeah so every operation was not permitted
<DannySMc> sarnold: so changed to root, and it just says missing argument to exec
<DannySMc> to -exec sorry
<sarnold> DannySMc: gah that last command had an extra \ in it
<DannySMc> sarnold: that's done
<DannySMc> sarnold: I get permission denied now?
<sarnold> DannySMc: alright, so that should be everything in there readable and writable to members of the minecraft group, everyone else can read it
<DannySMc> sarnold: I have added my root account and dannysmc95 to the minecraft group, but I get permission denied?
<sarnold> DannySMc: did you login again or use newgrp minecraft in your shell to get a new shell with the new group permission?
<DannySMc> sarnold: sorry what? do I need to relogin?
<sarnold> group membership changes only happen at specific times, login through a service or via 'sg', 'newrgp', commands
<sarnold> relogin is easiest way tog et the change into all your processes, but it isn't necessary
<DannySMc> I did sg minecraft?
<DannySMc> sarnold: is that right ^
<sarnold> it probably looked like nothing changed; run 'id' to make sure the new group is ther
<DannySMc> sarnold:  yeah its in gid=1001(minecraft)
<sarnold> good good; now try to edit the config files again and make sure that it works
<DannySMc> yeah just added and removed a space and no errors?
<sarnold> nice :)
<sarnold> okay, back to the issue at hand.. try the sudo service ... start command and see what happens
<DannySMc> sarnold: same problem
<DannySMc> sarnold: unknown command
<DannySMc> sarnold: Look I am going to bed, as I have work tomorrow, thanks for your help I shall try and get on tomorrow! Unless I can fix it by then, thanks again for helping with my permissions!
<arooni> i thinkhey everyone ;  just upgraded from ubuntu 12.04 => 14.04... now i'd like to install nginx from ubuntu's package.  i think i installed nginx from source... can i just install the nginx package on ubuntu over the existing installation?  or do i need to do something in between?
<sarnold> arooni: it's usual to install self-compiled packages into /usr/local/ instead of into /usr -- when you install nginx, it may not overwrite the actual files you're using, and if you provided your own /etc/init.d/ script or /etc/init/ upstart configuration, the one from the package may not install cleanly
<sarnold> arooni: if there's an easy way to uninstall what you've done before, while still keeping your configuration, it might be worth doing that first, just to make the packaged version more predictable
<arooni> thanks sarnold
<arooni> looks like i at least need to remove the upstart scripts
<arooni> sarnold, it looks like there's a config file at /etc/init.d/nginx ... should i just remove it ; or do i need to run a command first to tell ubuntu not to use it anymore
<sarnold> arooni: depends.. if you just remove it, the currently running nginx won't cleanly shutdown at reboot or when it's time tos tart the new one
<sarnold> arooni: how much downtime on the server is acceptible?
<sarnold> wow, my poor brain. "acceptible". sheesh.
<arooni> minimal .. this is production but i coudl have some
<sarnold> alright; I think if it were me then I'd use it to shut down the currently running nginx, then move it out of the way, install the new one, and go from there..
<arooni> i removed the /etc/init.d/ script
<arooni> using update.rc
<arooni> i'm wondering if i  need to remove anything else?
<arooni> id like to use the same config stuff
<sarnold> nothing else comes to mind; back up the configs, perhaps..
<ubuntu804> Hey guys,, i'm trying netinstall of ubuntu server 14.04, and when i use apache web server it installs just fine.. but when i use IIS web server it fails to load few modules.. and throws errors while install step saying unable to install selected kernel.. linux-generic.. any suggestions..??
<ubuntu804> is there any dependecies with md5 sum?? how can i modify it if there is.?
<ubuntu804> anyone.??
<Darkfire2> Anyone here ever had this issue.... I use webmin to install a SSL Certificate to a virtual host on my Ubuntu 14.04 server. When i go to apply the changes it ends up crashing my server. I know i am selecting the correct Certificate/Key/and Authorities file... What would cause this. I had also tried installing it manually into sites-available/mysitename.conf and same results.
<jamespage> coreycb, I pushed a couple more tweaks to ceilometer - they can go with the next upload
<jamespage> restricting test execution to unit tests, using the upstream wrapper to generate the configuration file
<coreycb> jamespage, ok good catch on the config file
<Mark___> Are anyone here familiar with setting up a storage server with redudant data and failover fallback server? Cause I need help setting up so my 2 web servers can access my storage server, which should have a failover fallback to another storage server which are replicating to each other.
<halvors> Hi!.
<halvors> I've enabled ipv4 forwarding in sysctl.conf.
<halvors> But my server won't route packets.
<halvors> Isn't it possible to do this in ubutnu woithout NAT'ing?
<TJ-> halvors: Yes.
<lordievader> halvors: What are you trying to do exactly?
<halvors> lordievader: I'm trying to route between my 2 interfaces.
<halvors> 2 LAN interfaces in different subnets.
<TJ-> halvors: if forwarding is enabled, then there just need to be the correct entries in the routing table(s)
<halvors> Is there any way to do that based on the nic's name?
<TJ-> halvors: try "find /proc/sys/net -name forwarding -exec sh -c 'echo "{} $(cat {})"' \;  "
<halvors> TJ: My routing table is like this: http://pastebin.com/nLgT9Wrz
<halvors> Where eth1 is my outside interface and vlan10 is my inside interface.
<halvors> Whouldn't that do the trick?
<halvors> Result of the command you sent is: /proc/sys/net/ipv4/conf/all/forwarding 1
<halvors> /proc/sys/net/ipv4/conf/default/forwarding 1
<halvors> /proc/sys/net/ipv4/conf/eth0/forwarding 1
<halvors> /proc/sys/net/ipv4/conf/eth1/forwarding 1
<halvors> /proc/sys/net/ipv4/conf/lo/forwarding 1
<halvors> /proc/sys/net/ipv4/conf/vlan10/forwarding 1
<halvors> /proc/sys/net/ipv6/conf/all/forwarding 1
<halvors> /proc/sys/net/ipv6/conf/default/forwarding 1
<halvors> /proc/sys/net/ipv6/conf/eth0/forwarding 1
<halvors> /proc/sys/net/ipv6/conf/eth1/forwarding 1
<halvors> /proc/sys/net/ipv6/conf/lo/forwarding 1
<halvors> /proc/sys/net/ipv6/conf/vlan10/forwarding 1
<ratrace> boom
<halvors> Oh, sorry. Meant to pastebin that :(
<TJ-> halvors: how are you determining it is not working?
<TJ-> halvors: I'd run tcpdump on the VLAN interface to see if packets are going out. The problem may not be on the Linux side.
<halvors> TJ: Well i was asking if there is some obvious reason that it should not work.
<halvors> But a simple ping doesn't go thru from the inside.
<TJ-> clients on the VLAN can connect to the router host's VLAN IP address, but not anything on the eth0 subnet?
<halvors> TJ: I know my setup with vlan is some strange.
<halvors> But it legit.
<halvors> When i ping 8.8.8.8 i se the ping in tcpdump on the router but doesn't get any response on the client.
<halvors> Is there routes missing back to the client?
<lordievader> halvors: Does 8.8.8.8 know where to send the packet to get to your vlan?
<TJ-> halvors: are the clients configured to see the VLAN tagging on the returned packets?
<halvors> TJ: Yes :)
<jamespage> coreycb, http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
<jamespage> ceilometer regression for autopkgtests
<halvors> lordievader: 8.8.8.8 is google dns.
<halvors> The default route of the router is the route to the internet.
<jamespage> coreycb, looking at the tests, the bit of code that checks using pidof is not valid now that we use ceilometer-polling as the binary for lots of agents
<lordievader> halvors: That is not the question. The ping response needs to go somewhere, is there a route back to your vlan.
<lordievader> ?
<halvors> From my understanding it is: http://pastebin.com/nLgT9Wrz
<halvors> Route back to the 172.16.10.0/24 network thru vlan10 interface.
<lordievader> I don't think google has that route information.
<halvors> hahahha
<lordievader> I.e. google gets a packet from 172.16.10.1 (example), it sends a packet back to that ip...
<halvors> Well pinging google from the router works, so that far google have routing information.
<halvors> Yeah.
<halvors> I know.
<halvors> And then i should work.
<halvors> The issue here is why and how 172.16.10.1 routes the packet back to 172.16.10.2 :)
<lordievader> Why? Does google know where 172.16.10.0/24 is?
<halvors> It does not.
<TJ-> halvors: the point is, 172.16 is a private address range. You have to NAT that to the public address
<lordievader> So how can it send a packet to that range?
<halvors> Yeah i know, high potetically i does.
<halvors> There is a NAT server on the default gateway of my router.
<halvors> So that should work just fine ;)
<halvors> Right?
<halvors> Ah, now i see the issue here.
<halvors> Maybe my NAT server is only accepting packets from 10.216.8.0/23 :-S
<lordievader> So yes, you probably need a NAT. Or get your isp to accept bgp packets from you or something.
<coreycb> jamespage, ok looking
<halvors> lordievader: If that is the case, i should still be able to ping the gateway of my router which is 10.216.8.1.
<halvors> From the client behind my router, right?
<TJ-> halvors: if the default gateway is NATing, it needs the 172.16 route adding to its routing table to route those packets to the Linux router
<lordievader> halvors: No, same problem. Your router has no route to 172.16.something
<halvors> lordievader: Right ;)
<TJ-> halvors: presently it sounds like the gateway/NAT device doesn't know about that subnet so it will just drop the returning packets
<halvors> Thank you for your help.
<lordievader> Or at least, not by default.
<halvors> That makes sense.
<halvors> I am able to ping the 10.216.8.78 which is the IP adress eth1 interface of my router (outside).
<halvors> I shouldn't be able to do that if forwarding wasn't enabled right?
<ratrace> halvors: correct
<Mark___> Hey. Can I use UFW to allow a specific IP to access all ports?
<lordievader> Yes.
<Mark___> How would that command look like?
<halvors> Thank you guys for excellent help :)
<lordievader> No idea. Long time since I last used UFW. But since it is a frontend for iptables....
<halvors> Very much apriciated :D
<Mark___> Okay. Thanks. I will try to look it up.
<lordievader> Man page of ufw will probably tell you.
<Mark___> Found out for those interested, that you can allow an IP to access all IPs with the following command: sudo ufw allow from xxx.xxx.xxx.xxx
<Mark___> Thanks everyone
<coreycb> jamespage, ceilometer tests are updated and I added a systemd test: https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/ceilometer/commit/?id=a0e4845c90fddc83fba987686884d3e07087b004
<lordievader> Mark___: I'd recommend to learn iptables.
<lordievader> Ufw might be easy in the beginning but after a while it becomes restrictive.
<jdstrand> not that I'm biased, but if ufw does the job...
<jdstrand> plus you can use it with iptables rules if you need an extra rule or two by modifying /etc/ufw/*rules
<jamespage> coreycb, ok - just taking a run at those tests locally - are you faimilar with adt-run?
<coreycb> jamespage, yes but it seems to take way too long to run.  I tested these manually.
<jamespage> lemme try as well
<lordievader> jdstrand: You are the maintainer?
<jdstrand> I am
<lordievader> jdstrand: Ah, cool. Good to know ;)
<coreycb> jamespage, thanks.  do you typically run adt-run against debs?  --binary ./*.deb
<jamespage> coreycb, I build the package and then run using --changes
<coreycb> jamespage, ok
<jamespage> coreycb, you need to make sure you build the packages using the --source option with sbuild
<jamespage> so that source and binary can be accessed
<coreycb> jamespage, thanks good to know
<jamespage> coreycb, test-services needs to be added to d/t/control
<coreycb> jamespage, ok I just pushed that update
<jamespage> zul, https://bugs.launchpad.net/neutron/+bug/1501772
<ubottu> Launchpad bug 1501772 in neutron (Ubuntu) "Metadata proxy process errors with binary user_data" [Undecided,New]
<zul> jamespage: want me to get ttx to get someone to look at it?
<jamespage> zul, sure
<jamespage> zul, might be worth seeing if any other bugs exist first..
<jamespage> zul, and then I hit a nproc limit...
 * jamespage sighs
<zul> jamespage: sounds like you are having fun :)
<jamespage> coreycb, if its testing ok for you please upload
<coreycb> jamespage, eh... I'm getting an error that I think might be in adt-run http://paste.ubuntu.com/12631883/
<coreycb> jamespage, I think it's fairly safe to upload though based on manual tests
<jamespage> coreycb, running adt now - was waiting for a build
<coreycb> jamespage, ok I'm trying again with --output-dir
<jamespage> coreycb, I do
<jamespage> adt-run --changes ceilometer_5.0.0~rc1-0ubuntu3_amd64.changes -U --apt-pocket=proposed --- qemu ~/images/adt-wily-amd64-cloud.img
<coreycb> jamespage, ok that's pretty much what I was using
<jamespage> coreycb, lgtm upload away
<coreycb> jamespage, cool ok
<zul> jamespage,  shazbutt http://pastebin.ubuntu.com/12632075/
<m1dnight_> Hello guys. Somehow I have messed up my MOTD (over ssh). Is there any clearcut way to reset it to default settings?
<RoyK> m1dnight_: it's in /etc/motd
<m1dnight_> so if I copy those files from a fresh install and overwrite them it should be okay, right?
<RoyK> it's a textfile ;)
<m1dnight_> Yes well, I figured as much. But maybe there was some applicatoin logic or settings I might have broken.
<m1dnight_> Hence, my question.
<RoyK> http://manpages.ubuntu.com/manpages/raring/man5/update-motd.5.html perhaps?
<hallyn> wolsen: bug 1457517 , do you have the rights to upload the vivid debdiff for SRU?
<ubottu> bug 1457517 in nova (Ubuntu Vivid) "Unable to boot from volume when flavor disk too small" [Undecided,New] https://launchpad.net/bugs/1457517
<hallyn> if not do you want me to push it?
<hallyn> (i'll push it unless you say otherwise)
<hallyn> hm, actually coreycb is the one credited in changelog,
<hallyn> uh except someone broke debian/rules
<coreycb> hallyn, oh I think we were waiting on that to land upstream first if I remember
<hallyn> it is upstream
<hallyn> it's in wily
<hallyn> coreycb: but your change to debian/rules, ther'es no explanation why and no bug#.  I assume guessing deps broke something/
<hallyn> well, pushing
<m1dnight_> RoyK: I copied the files from a clean install and they seem to work fine. Thanks.
<coreycb> hallyn, sorry I was looking at it closer, yeah I think we can upload that.  I dont' recall exactly why we dindn't sru it.  Probably because there's a stable release next week for kilo.
<coreycb> hallyn, the d/rules explanation is in the changelog
<coreycb> that fix is for the cloud archive, where's it's been uploaded already for trusty-kilo.
<hallyn> ok
<RoyK> mikal: np (:
<hallyn> coreycb: ...   "Prevent dh_python2 from guessing dependencies." doesn't tell me why you need to prevent it from guessing dependencies :)
<hallyn> I'm left assuming that's a good thing, but wondering hwy, if it's a good thing, it isn't the default
<coreycb> hallyn, fair enough :)
<RoyK> m1dnight_: np :(
<coreycb> hallyn, old versions of dh_python2 guessed dependencies based on requirements.txt and new versions don't do that, and we want the new version behavior.
<hallyn> then why have requirements.txt?
<hallyn> (i'm not picking on you, i'm edumacating myself :)
<coreycb> hallyn, you'd use requirements.txt to install the package with pip
<coreycb> install deps that is
<hallyn> ah
<hallyn> thanks
<blib> anyone can help me with a networking issue? My machines' dns is working (dig xyz.com) - I can ssh into it. But I can't ssh from inside to outside?
<wolsen> hallyn: for the record I do not have upload rights - but thank you
<Wicaeed> Hey all, I'm trying to gather information from NFS client for debugging purposes, but I can't figure out what verbosity is even configured by default for the nfs client options
<Wicaeed> Is there a default NFS client config file on Ubu 14 where I can configure the logging verbosity?
<johnfg> I think I got the cart before the horse on cinnamon.
<johnfg> I'm running server 14.04.3, and just installed cinnamon.  But no X yet.
<johnfg> What's the best way to install what cinnamon needs?
<lordievader> Why would you want X on a server?
<johnfg> lordievader: because that's what I'm used to.
<lordievader> But it is a server...
<lordievader> Having X is just wasting resources.
<sarnold> johnfg: you can always ssh -XY server   to forward X11 connections to run whatever gui you might need on it
<johnfg> true, i'll keep that in mind folks.  thanks
<coreycb> beisner, can you promote kilo-proposed to kilo-updates in the cloud archive?
<keithzg> lordievader: I think with most servers these days (assuming they aren't just containers), the hardware resources required for X are just a drop in the bucket. But that being said, I'd say the resource that it's wasting then is actually sysadmin attention. The less that's running, the easier it is to keep track of and to diagnose if something's failing!
<StathisA> is there a way to check if sourced in /etc/apt/sources.list.d are honored or not?
<StathisA> *sources
<pmatulis> StathisA: sure, update your package files (sudo apt update)
<StathisA> pmatulis,  I've tried that, theres some "Err http://ppa.launchpad.net vivid/main amd64 Packages
<StathisA> " which I cannot find which of the added ppa's are triggering
<StathisA> thats why I ask, I cant find which is NOT working in sudo apt update
<pmatulis> StathisA: it should state what it was at the end of the output. at least it does for me (on wily)
<pmatulis> http://askubuntu.com/questions/135932/apt-get-update-failure-to-fetch-cant-connect-to-any-sources
<StathisA> ok thanks!
<bananapie> I am playing with compiling my own kernel ( for the sake of learning ), I ran localyesconfig, and it breaks X horribly because my graphics card only works properly when loaded as a module. Is it a bug because it should have set my graphics card driver to M or is it a feature because I say 'localYESconfig' ?
<bekks> It'S because you used localyesconfig
<bananapie> ok.
<teward> stupid question, but is it possible to run landscape-client on one computer in 'monitor' mode only, so that it isn't depending on the management features?  (i.e. an 'unmanaged' but 'monitored' system)
#ubuntu-server 2015-10-02
<pmatulis> teward: not sure what you mean by 'isn't depending on the management features'. nothing is forcing you to send it management commands
<ksx4system> what would be safest possible disk pool solution without hardware RAID controller? what would be safest filesystem?
<ksx4system> (preferably something that works on 14.04 LTS)
<sarnold> ksx4system: it's not exactly easy or transparent, but zfs provides checksums, compression, multiple redundancy methods to choose from
<ksx4system> sarnold: unfortunately ZFS is insanely resource hungry :(
<sarnold> ksx4system: there's a lot to learn about zfs before jumping in, http://zfsonlinux.org/ https://pthree.org/2012/12/04/zfs-administration-part-i-vdevs/ good starting points..
<sarnold> ksx4system: oh? granted you do currently want a 64 bit system, but if you don't use dedup (and you shuoldn't use dedup) it shouldn't be too bad; lots of folks use it in 4 or 8 gig machines..
<ksx4system> I'd like to build a server which eats up under 100W at full load (so some kind of 64-bit Atom board with 2-4GB of ram and four 2TB critical appliance grade disks)
<ksx4system> is ZFS only solution (given that I'm going to build that array of super-expensive critical appliance grade disks)
<sarnold> yeah that sounds like something zfs should do alright; you could do raidz2 if you want any two drives to die and IOPS aren't too important, or mirrors if iops are more important, but with mirrors only the 'right' two drives could die, hehe
<sarnold> no, you could also use mdadm to build your system, but it doesn't do checksums; it's more designed to handle disks outright dying, rather than corrupting data slowly via cosmic rays
<ksx4system> IOPS are quite important (it'll act as NAS for 3-4 of my desktop computers for nearly everything)
<sarnold> I went right to zfs because you started with "safest" :)
<ksx4system> I know, I know
<ksx4system> but I don't want to wreck my ultra low power home with loud and extremely power hungry server to handle ZFS properly
<sarnold> to be fair there's more people using mdadm than zfs on linux, but checksums and compression are good stuff..
<sarnold> amen.
<ksx4system> sarnold: if I don't really want ZFS (because of its requirements) - what else? mdadm with ext4?
<sarnold> ksx4system: yeah, that's a decent second choice
<ksx4system> how many drives could die in 4 disk array with this one?
<ksx4system> (one for sure, two maybe?)
<sarnold> two, if the right two die
<ksx4system> yeah, not the 1+mirror1 drive
<ksx4system> isn't it better to run ZFS on Solaris anyway?
<sarnold> aha, here's the guide on md method, https://help.ubuntu.com/lts/serverguide/advanced-installation.html
<ksx4system> oh, one more thing: OS will not sit on data array
<ksx4system> dedicated SSD for this
<sarnold> perhaps; but the zfsonlinux software is storing unfathomable amounts of data at the moment and the devs only know a few data-loss events that were caused by the software
<sarnold> that really helps, I think ubuntu's installer or boot or something is cranky with some kinds of md raid, and getting rpool on zfs is possible but looksl ike more effort than I want to spend :)
<ksx4system> would it be safer to just buy hardware RAID card for PCI-express and run two RAID1/one RAID10/one RAID5 or even 6?
<sarnold> I don't much like the hardware raid solutions, I've heard of too many cases of the raid card dying and the resulting pile of disks not reassembling when the card is replaced
<ksx4system> sarnold: while music, those ultra large backup tarballs and other non-exec stuff could live on HDD operating systems are unsusably slow without SSD
<ksx4system> and 16-32Gb ones are really cheap
<sarnold> other people swear by them, of course, they sell like hotcakes :) -- but I'd rather have something that is software only so I stand a chance of rebuilding it without exotic or expensive or high-end services..
<sarnold> hehe, I've had my eye on those pcie intel 750 ssd monsters for a while.. $950 for 1.2 tb of 400kiops.
<ksx4system> an example: server dies, I move disks to new identical one (software RAID) - do I have 100% chance to access my data again?
<ksx4system> (ofc given that hard drives are ok)
<sarnold> ksx4system: yeah, assuming the drives survive
<ksx4system> ok, so I don't care about hardware cards (more money to build server, less reliable solution)
<sarnold> right
 * ksx4system will backup most important stuff to some cheapskate board like Orange Pi/Banana Pi with 1Tb 2,5" drive on SATA anyway 
<ksx4system> and the uber important stuff on DVDs also
<ksx4system> is there anything to improve?
<sarnold> good plan, raid is for availability, not to avoid backups :)
<ksx4system> I never really did backups
<ksx4system> after another lost drive (80% data retrieved, the rest... well, fsck it) I've decided to backup *everything possible*
<ksx4system> daily
<sarnold> you may wish to look into systems with multiple NICs that you can gang together to get e.g. 2gig ethernet out of them; doing LACP may require a nicer switch, too, but might be worth it i fyou'v egot several machines doing IO to it at once
<ksx4system> well, those will be 100Base-T boxes (two Raspberry Pis, one Intel Compute Stick with USB 100Base-T and another Raspberry Pi)
<sarnold> one nice thing about zfs is you can use an ssd as both l2arc and slog, to handle data that hasn't fallen out of RAM and to take bursts of synchronous storage requests faster than spinning metal drives can keep up
<ksx4system> single gigabit will handle it without even hitting 50% load
<sarnold> ohhh, so the l2arc and slog probably aren't a big deal either :)
<ksx4system> laptops will sync over Wi-Fi so the same crappy performance
<ksx4system> still, I have quad 100Base-T nic - I could use it for those tiny computers on desktop
<sarnold> do you use those little pis and intel compute stick as desktops? server things? bridges to devices?
<ksx4system> desktops
<sarnold> how do they work out for that?
<ksx4system> ICS is wonderful for low resource stuff (LibreOffice, Spotify, HexChat, Cygwin, modern browser)
<sarnold> when I installed my pandaboard es I played in the desktop for ten minutes and thought it did well enough but I never _used_ it..
<ksx4system> one Pi runs RISC OS (B+ and it's blazing fast)
<ksx4system> but RISC OS will be blazing fast on anything 200MHz+
<ksx4system> another one will run... some kind of Linux, i've got to install stuff there (probably bare-bones Ubuntu/Debian with Fluxbox)
<ksx4system> for more demanding tasks (audio editing) I still have that old quadcore/16Gb RAM/500+1000 HDDs/60 SSD
<ksx4system> 90% of time I'm happy with those ultra low power boxes :)
<ksx4system> btw ICS feels faster than dual core AMD box with 5Gb ram but only HDD (320Gb, for system and data)
<sarnold> wow
<ksx4system> this one is ultra-sluggish and will retire as soon as I'll finish with Pi2
<sarnold> it's been so long since I used hard-drive based OS, it's hard to even remember those days..
<ksx4system> I was forced to do so (failed power supply in quad core monster, failed motherboard in monster ThinkPad)
<ianorlin> sarnold: yeah I can relate to that I have an ssd in my core 2 duo laptop and it feels much more responsive than a junky hp laptop with a 5400 rpm drive
<sarnold> ksx4system: ouch :/
<ksx4system> ianorlin: good SD card is faster than 5400k drive...
<sarnold> ianorlin: yeah, an ssd is a cheap way to bring an older system back to life for a while..
<ksx4system> i3 dual 1,33GHz laptop with two gigs of ram and SSD faster than its SATA bus = this thing fscking flies
<sarnold> my panda killed an sd card in ~one year of light torrenting, package updates, light logging..
<ksx4system> I log to ram (and copy periodically to USB drive)
<ksx4system> noatime mounts
<ksx4system> cards live more than two years without problems
<ianorlin> yeah but it won't magically give it vt-x so I still can't host virtual machines on my laptop, I can however over ssh use virt0manager and even create them with that
<ksx4system> ianorlin, omg no vt-x/amdv
 * ksx4system doesn't even remember seeing desktop/laptop box that old
<sarnold> ksx4system: yeah.. no more torrenting on that machine for me, and the second card seems to hav elsated 1.2 years or so now :)
<ianorlin> althogh since I got this beast desktop I have done so many testcases in virtual machines to help quality
<ksx4system> even ICS has vt-x (but it's useless with two gigs of ram)
<ianorlin> is setting up vnc on the ICS hard? putting it in the back of a tv and running like inkscape on it could do interesting stuff like dnd maps in inkscape
<ksx4system> ianorlin: no, just install your VNC server of choice :) quadcore Atom will take care
<ksx4system> but it might not support your TV (only goes up to 1920x1080, nothing higher)
<ksx4system> not even 1920x1440 (those huge LCDs)
<ianorlin> ksx4system: unfortaenly my tvs are ancient it doesn't have component out
<ksx4system> only HDMI :( but accepts HDMI-DVI dumb converter (but then you have to use USB soundcard/DAC)
<ksx4system> and yes, afaik it will boot Linux (but it'll break warranty to install it on eMMC instead of Windows 8)
 * ksx4system runs his desktop on three identical XGA 15" LCDs, ultra low power (around 10-12W/piece)
<arooni> Awould like to run to vhosts on the same vps using ubuntu 14.04 and nginx.... but now getting "[emerg] 19896#0: duplicate listen options for [::]:80 in /etc/nginx/sites-enabled/sitename"  ... can i have no default server listed?
<sarnold> virtual hosts share an ip address, listening socket, etc
<sarnold> they only notice which virtual host to use when they aceept and then read from the socket
<sarnold> you'll need to have exactly one listen config option in the entire process
<lordievader> Good morning.
<penw> hello beautiful people
<penw> how can I go about running a cronjob every 30 minutes between hours
<penw> e.g 8-14
<penw> on one line
<penw> if I specify 30 8-14 it will run on 14:30 as well
<penw> well 0,30 :^)
<penw> after 3 minutes of using the powerful search engine named Google the cleanest option would be to just have two lines
<penw> oh well
<jamespage> coreycb, just testing to see if we can patch out ryu from the neutron deps
<coreycb> jamespage, ok, tough go getting it into main I see
<jamespage> coreycb, I have a hunch that the test suite is patch-tastic
<jamespage> coreycb, and its for an experimental driver anyway
<jamespage> alternative to the command line driver for ovs
<jamespage> so its not default
<coreycb> jamespage, ok
<jamespage> coreycb, testr did not crap out with an import error so fingers crossed
<coreycb> jamespage, cool
#ubuntu-server 2015-10-03
<skrp> i run an nfs server on freebsd. i can mount it on my other freebsd box but when i try to mount on ubuntu i get " Access denied by server
<lordievader> Good morning.
<jdv> oooook. What could cause APFs deny_hosts.rules to flush out rules I add?
<jdv> there is no cron
<bithon> Hello
<bithon> Is anyone here in a mood to help another fellow newbie in need of help :D
<bithon> in mood*
<bithon> Ill state my problem anyway so if anyone's in mood to help I'd appreciate it
<bithon> So I'm trying to configure a web server in VirtualBox and so far I've been quite succesful
<bithon> the only problem that I face right now is permissions and such
<bithon> You see, I use this VM as my dev box. I ssh to it and write code directly from it in vim
<bithon> so I setup a wordpress blog and I wish to modify some code but
<bithon> I constantly have to switch file permissions of my virtualhost's folder
<bithon> from www-data to my account's group
<bithon> and it's annoying
<bithon> does anyone know a way to bypass this
<bithon> ?
<bithon> so that wordpress's happy and is able to modify whatever it pleases dynamically without me interfering and at the same time allow me to modify code with my own account
<lordievader> bithon: Acl's or a shared group.
<bithon> Oh
<bithon> I tried placing my account (bithon) to www-data group
<bithon> but that doesn't work :S
<lordievader> Does the group have rw access?
<bithon> yeah
<bithon>  -rwxrwxr-x
<lordievader> Then it should work.
<bithon> There are the permissions
<bithon> These*
<bithon> I don't like using chmod 775
<bithon> Is there a way around it ?
<bithon> oh and I'm running apache 2.4 if anyone's wondering
<lordievader> bithon: See what I said above.
<bithon> Okay I'll look into it and get back to you in a bit. Thanks
<bithon> Hmm ACL seems overly complicated
<bithon> on Arch Linux wiki it states that I have to mount my partition with ACL
<bithon> which complicates a really simple thing that I'm trying to accomplish
<andrewjs18> hi all, any iptables gurus in here?
<teward> andrewjs18: depends on what you define as a 'guru' and what you want to achieve :P
<andrewjs18> teward, I'm still a newb, so I'm sure anyone better than me will suffice.
<andrewjs18> anyways, I'm trying to block China through iptables but I'm getting some errors, and I'm not sure why
<andrewjs18> I'm using this guide: https://mattwilcox.net/web-development/unexpected-ddos-blocking-china-with-ipset-and-iptables
<teward> blocking countries by iptables is incredibly difficult
<andrewjs18> I'm using ipset to do it
<andrewjs18> let me test something real fast though
<andrewjs18> adding this bit of code to the file I load for my iptables rules is causing it to fail: -A INPUT -p tcp -m set --match-set china src -j DROP
<andrewjs18> if I comment it out and then load the rules, no issues.
<Sling> andrewjs18: what kind of requests do you want to block? remember that if you put all of this in iptables, it will need to be parsed for every incoming packet on every port/protocol
<Sling> for a lot of subnets (think thousands or more) this might cost valuable CPU%
#ubuntu-server 2015-10-04
<CyborgCygnus> On 14.04.3 how do I change the software sources mirror to an Australian one? Surely there's a way to view the available mirrors from the terminal & then set it?
<teward> CyborgCygnus: /etc/apt/sources.list
<teward> edit the URLs in there to point to an Australian mirror
<CyborgCygnus> teward, okay kind of helps, not sure how to add the one I want however :S
<teward> do you know which one you want?
<teward> (the problem is there's several official mirrors but then many unofficial ones)
<teward> and I suck with country codes so I couldn't begin to fathom the mirror you should use for Australia
<teward> (in theory, http://au.archive.ubuntu.com/ may work)
<teward> CyborgCygnus: unfortunately, as far as I know, there's no way to just 'select' mirrors unfortunately, via the terminal...
<CyborgCygnus> teward, yeah would be nice to see a list but I guess tough for me. http://mirror.aarnet.edu.au/pub/ubuntu/releases/trusty/, hand tryping that in multiple times is a pain
<teward> CyborgCygnus: sed is your friend ;)
<teward> (IMO)
<CyborgCygnus> teward, what's sed lol?
<teward> !sed
<ubottu> The linux terminal or command-line interface is very powerful. Open a terminal via Applications -> Accessories -> Terminal (Gnome), K-menu -> System -> Konsole (KDE), or Menu -> Accessories -> LXTerminal (LXDE). Guide: https://help.ubuntu.com/community/UsingTheTerminal
<teward> bah
<teward> you evil ubottu
<teward> lets you find/replace items easier :P
<CyborgCygnus> teward, oookaay, I'll look on that link & see what it tells me, thanks
<teward> CyborgCygnus: ignore it, the problem is that sed is hard to explain from my perspective
<teward> given i'm also realllly tired :/
<CyborgCygnus> teward, go to bed mate
<teward> about to
<teward> after i finish uploading some packages to a personal debian repository server :P
<CyborgCygnus> teward, you're so cheeky
<jvwjgames> Hi again
<jvwjgames> My internet on my Server went down again >:(
<tonyyarusso> You should be more careful if you're hosting the entire Internet on your server.
<arooni> is leaving password auth over on a stupid idea ?  or an ok idea?  i know obviously removing password logins over ssh is better than not doing it.
<arooni> over ssh i mean
<andol> arooni: The short answer is (obviously) that it depends. As everything related to security it's a tradeoff, depends on whatever meassures you have in place, etc.
<arooni> my ssh port isnt standard and i have fail2ban and a ufw firewall... but my password isnt very strong
<arooni> i cant see why id want to allow password ssh logins
<arooni> and obviously no root login
<andol> arooni: If you can't see why you would want it, then you don't need it, and then you should obviosly remove the ability to ssh-login by way of password.
<arooni> i usually connect from the same machines
<arooni> or if i need to connect from a different one; i can always drop a ssh key in auth'd keys
<arooni> if it becomes annoying; i can always loosen up security;  better to be safe than sorry
<andol> The tradeoffs becomes more complicated in a larger multiuser environment, if you haven't gotten around to a good method of keeping ssh keys in sync, etc.
<arooni> i'm just a solo developer right now
<arooni> so its not an issue;  if one of my apps/products takes off it'll be a nice problem to have
<andol> Yeah, then it's an easy choice, just disable password auth.
<arooni> ok i will thanks
<arooni> also; ive enabled unattended security updates... does it make sense to have ubuntu do regular software updates unattended as well?
<andol> arooni: Again, it's a tradeoff. It saves you a bit of work, while potentially increasing the risk of automatic upgrades a bit.
<andol> You could really go either way on that one.
<arooni> i just always forget to do it
<andol> arooni: One decided factor could be whatever you have any extra repository/ppas added. The regular Ubuntu repositories are fairly stable, where also the non-security upgrades being fairly conservative. If you on the other hand have a bunch of 3rd party repositoies added they might be intorducing larger chages, and hence increasing the risk.
<m1dnight> Hello guys. I have just installed ubuntu server 14 and Im having locale issues. I have googled a lot and found a lot of solutions but as usual im unsure if all these solutions are "good" (i.e., not hacks)
<m1dnight> Let me show you the error and what I have done so far. sec.
<m1dnight> http://pastebin.com/QmGywE0D
<m1dnight> This is the error.
<m1dnight> http://pastebin.com/Z8LWHU3i That is the output of `locale`
<m1dnight> and wat I have done so far is `sudo locale-gen "en_US.UTF-8"` followed by `dpkg-reconfigure locales`
<m1dnight> what am I missing here?
<virtuaposta> m1dnight, sudo update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8
<virtuaposta> see if that helps
<m1dnight> hmm still the same error.
<m1dnight> I know I fixed it before :<
<m1dnight> (on a different installation, that is)
<m1dnight> is it okay to modify the /etc/default/locale?
<m1dnight> Those solutions seem like hacks because Im unsure if its "the way to do it"
<virtuaposta> backup and modify
<m1dnight> oh it seems to be fixed
<m1dnight> I did a reboot (which would be a login, I guesS)
<m1dnight> now the question is, what did I do :p
<virtuaposta> if locale is edited then for sure that fixed it.. otherwise good to think about :)
<xubuntu20w> hello, server lost network connectivity after update. Intranet and internet. Looked at network configuration and everything is set up as it should be. Has anyone encountered this problem or have a clue how to solve this? Thank You.
<dork> maybe, ask your question i'm sure someone can help
<dork> woops, wrong channel
<dork> xubuntu20w: can you ping any other endpoints?
<dork> network interfaces showing they're bound to the right ip/subnet?
<xubuntu20w> dork: guy who set up server made one entry, from provider modem, and one exit point, to switch. Both are correctly configured yet not even intranet is working. Dhcp is correctly assigning everything
<xubuntu20w> i can ping every assigned ip addresses
<xubuntu20w> dork: also, switch is not an issue because telephony works just fine, one that is connected through swithc
<dork> is the ubuntu server the router too?
<dork> router/dhcp server?
<dork> ping the router make sure you can talk to whatever is routing for the local/public intefaces
<xubuntu20w> really dont know, it may be. It has autoassign turned on in network config
<xubuntu20w> will try jsec
<dork> type route -n
<dork> find the route that say 0.0.0.0
<dork> ping the gateway for that
<dork> it's called the default route
<dork> make sure you can talk to the router
<xubuntu20w> dork: pinged incoming ip address with no loss
<dork> can you ping other local hosts like printers/workstations
<dork> stuff on the intranet
<dork> can you ping 8.8.8.8
<dork> ?
<xubuntu20w> dork: tried route -n and 169.254.x.x address too is there which is unreachable. 8.8.8.8 is also unreachable
<dork> sounds like you can not talk to the router
<dork> maybe old network information?
<dork> it happened after the reboot?
<xubuntu20w> yes immediately after updates. It was working fine up to that point
<dork> vpn missing?
<xubuntu20w> As far as I know, no vpns were set up.
<dork> if you can not ping the default gateway you can't route packets
<dork> unless it's a direct route
<xubuntu20w> Wait. I did have to use vpn to connect to server remotely
<dork> vpn or sshd?
<xubuntu20w> openvpn to be precise
<dork> intranet might require vpn client
<dork> to be started
<xubuntu20w> locally it worked without vpn, just when i had to connect from home
<m1dnight_> Guys, I have some samba server log cruft upon login (sometimes). Aain, I know I fixed it before by disabling some auth method in a purple terminal window but im unsure what it was again.
<m1dnight_> http://pastebin.com/MdnU2GUb
<m1dnight_> This is the output i see when I log in
<m1dnight_> something about libpam or such? I had to uncheck one thing that would make it go away.
<m1dnight_> Hmm, to be more exact, its when I change to root user.
<m1dnight_> hmmm anyone about the samba thing? I got d/cd
<xubuntu98w> Hi, last update messed up my network configuration. DHCP assignation doesnt work as it should and entire network intra and inter not working as consequence. Has someone had this problem or know how to handle this, untangle serves as dhcp server
<lordievader> xubuntu98w: Set a static ip then fix your dhcp issues.
<xubuntu98w> lordievader: where do set static ip?
<lordievader> xubuntu98w: https://help.ubuntu.com/lts/serverguide/network-configuration.html#ip-addressing
<TJ-> What the heck is untangle? I don't see it in the package list
<xubuntu98w> TJ: firewall
<lordievader> Firewalls do DHCP nowadays?
<lordievader> xubuntu98w: This thing http://www.untangle.com/untangle-ng-firewall/appliances/ ?
<xubuntu98w> lordievader: will this work, found it as answer on forum interface should be changed to this: auto eth0 iface eth0 inet static     post-up ethtool -s $IFACE speed 100 duplex full autoneg off     address x.x.x.x #Internal IP     netmask 255.255.255.0     gateway x.x.x.y #Gateway IP     dns-nameservers 8.8.8.8 #Google DNS
<TJ-> xubuntu98w: First thing to do is consult the syslog to discover *why* DHCP client isn't obtaining a lease
<lordievader> ^ is likely a better idea, yeah.
<xubuntu98w> tj- & lordievader: lots of unmanaged devices in the syslog
<xubuntu98w> hey are forced into connected state
<xubuntu98w> they
<TJ-> Well that made absolutely zero sense!
#ubuntu-server 2016-10-03
<tjbiddle> Hi all. What would be the best way to have a server continuously attempt to mount a NFS file system, until itâs available, but without holding up boot?
<hateball> you could use autofs
<tjbiddle> hateball: That looks like it may be perfect - thanks!
<Village> Hello, maybe someone try run DC++ server on Ubuntu..?
<lordievader> Good morning.
<Village> Good morning, lordievader
<lordievader> Hey Village, how are you doing?
<Village> Not bad, thanks, looking how to run dc++ hub server on ubuntu, you don't try it?
<lordievader> Nope, never done anything with that.
<Village> Maybe someone try, but looks like american peoples sleep now, and there are morest american peoples
<jamespage> coreycb, ddellav: aodh and ceilometer are still foobar
<jamespage> they both now listen on port 8000 rather than the configured port in /etc/<pkg>/<pkg>.conf
<tjbiddle> hateball: Took some fiddling - but works beautifully, thank you!
<jamespage> coreycb, ddellav: https://bugs.launchpad.net/aodh/+bug/1629796
<ubottu> Launchpad bug 1629796 in ceilometer (Ubuntu) "wsgi_script generated binaries listen on (incorrect) default port 8000" [Undecided,New]
<gargsms> Using Apache2 on AWS on Ubuntu 14.04. I need to include an environment variable in my log file. I tried export VARIABLE="something" and then add %{VARIABLE}e to my log formats. The variable is empty in the logs, though
<xnox> percona-galera 50%: Checks: 2, Failures: 0, Errors: 1
<xnox> galera/tests/write_set_ng_check.cpp:246:E:WriteSet:ver3_basic:0: (after this point) Received signal 7 (Bus error)
<xnox> on armhf =(
<LostSoul> Hi
<leangjia> hello.
<LostSoul> I'm kinda noob if it comes to DNS
<LostSoul> So my question is, if I have zone file, how to redirect it (cname this domain) to another domain?
<LostSoul> When I'm trying to use cname, I'm getting: loading from master file XXX failed: CNAME and other data
<maswan> you can only cname individual records, not the entire domain
<LostSoul> Any idea how to do it?
<LostSoul> In best possible way?
<bekks> LostSoul: you cannot do that, you can only redirect individual records.
<_ruben> cnames are probably the most misunderstood records within dns :)
<LostSoul> bekks: So I have domain X and I want it to redirect to domain Y
<_ruben> define "redirect"
<LostSoul> Ok, so there is no easy way to give all domain in certain zone IP/redirect/cname of other adres?
<rbasak> Not at the DNS protocol level. It may be possible to configure a nameserver to do it dynamically or something like that, but I don't know of a specific example.
<_ruben> one example would be: https://doc.powerdns.com/md/authoritative/howtos/#using-alias-records
<coreycb> jamespage, urgh, thanks. hopefully we're good now on aodh/ceilometer.
<jamespage> coreycb, aodh tested OK - have a charm change up for that
<jamespage> doing the same with ceilometer - package is OK now
<jamespage> coreycb, next cycle we switch to apache2+mod_wsgi (<< EmilienM you'll probably be interested in that switch)
<EmilienM> like you did for keystone?
<EmilienM> creating default enabled vhosts, etc
<jamespage> EmilienM, yup
<jamespage> same model
<EmilienM> ok
<Village> Maybe someone try, but looks like american peoples sleep now, and there are morest american peoples
<Village> maybe someone try run DC++ server on Ubuntu..?
<coreycb> ddellav, I synced magnum, gnocchi, and sahara
<ddellav> coreycb ack
<rockstar> coreycb: nova-lxd rc1 is out. https://pypi.python.org/pypi?:action=display&name=nova-lxd&version=14.0.0.0rc1
<coreycb> rockstar, nova-lxd uploaded
<ndboost> hey
<rockstar> coreycb: ta
<ndboost> im trying to setup an apt-mirror of ubuntu
<ndboost> with the pxe stuff
<ndboost> for 14.04 i used debian-installer
<ndboost> what is it for 16.04?
<gargsms> Trying to make different log file for status code 200 with Apache.2 Is it possible?
<ThiagoCMC> Hey guys, where can I found the docs to setup OVS-2.6 with DPDK-16.07 from Newton Cloud Archive?
<ThiagoCMC> I managed to make it work with plain Xenial (OVS-2.5 / DPDK 2.2) but, super unstable, trying it again this week...
<sarnold> ThiagoCMC: hah, your name was the first thing that came to mind.. "sounds like something thiago would have done" :)
<ThiagoCMC> LOL
<nacc> heh
<holocron> I'm fooling with juju lxd here, and following a reboot, none of my lxc containers will start properly. With no lxc processes running, I can run lxc list without issue, but "lxc start <container>" hangs. If I CTRL-C and check ps, there's something called "forkstart" still running, and two more processes of [lxc monitor] on the specific container..
<holocron> Things were running okay before I rebooted, following a reboot I had to kill all my LXC processes before I could basic functionality back.
<PCdude> hey all :)
<PCdude> I have some questions about openstack, to prevent myself from spamming this IRC channel, I have put it in an askubuntu question
<PCdude> http://askubuntu.com/questions/832736/openstack-with-autopilot-some-networking-clear-up
<PCdude> I hope the questions make sense and imo this could very help other people too
<PCdude> (some upvotes would help too ;) )
<sarnold> PCdude: oy that's a huge series of questions :)
<PCdude> sarnold: haha sorry, I even picked out the important ones, I could add more if u like? haha
<sarnold> :)
<PCdude> sarnold: I did some serious digging around, before posting those questions. Therefore maybe the answers could be added to the documentation for others
<RoyK> PCdude: I beleive there's an #openstack channel - might be more appropriate
<PCdude> RoyK: some questions are specific to ubuntu,therefore I went here
<sarnold> PCdude: I can guess that the two nics are required for the maas layer vs the openstack layer
<sarnold> PCdude: and I suspect the two hard drives is just to have raid on the things, but maybe one of them -is- devoted to the clients or something. seems strange.
<PCdude> sarnold: yeah, I thought the same thing too about the RAID setup at first, but after installing it seems in MAAS that no RAID is applied.
<sarnold> there's also a #maas, they may be able to answer the more ubuntu-specific portions of your questions
<PCdude> It would be strange for the MAAS layer and the openstack layer to be seperated, why not all the machines? They all are controlled by MAAS
<holocron> PCdude: the canonical team took some liberty with how openstack is installed and configured
<holocron> PCdude: the 2nd disk is for a ceph cluster used by cinder
<holocron> PCdude: the 2nd nic is for neutron to segregate data and mgmt traffic (I think)
<PCdude> holocron: ah ok, the 2nd disk kind of makes sense, but what will happen if I add 15 disks will it only add the second disk? Can I add it manually?
<bekks> Is there some issue known with the 14.04.5 server ISO, for not being able to autoconfigure (dhcp) a network interface?
<bekks> This has been working for a lot of machine deployed with the 14.04 iso, and without any network change the .5 iso isnt able to detect a dhcp config.
<bekks> Where can I get a stock 14.04 server iso?
<PCdude> holocron: the 2nd NIC for data and mgmt seperation looks weird to me, simply coz there are more then 2 networks that are used by openstack, what about the others?
<holocron> PCdude: sorry, I don't know.. out of the box it won't do anything I think
<holocron> PCdude: you're going to have to ask someone else more knowledgeable.. i've only just started looking at this myself.
<tarpman> bekks: releases.ubuntu.com seems to still host 14.04.4 images. for older that that, http://old-releases.ubuntu.com/releases/trusty/
<sarnold> I suspect "N computers with five NICs" would be a non-starter for most places even if it would make sense to have maas vs block layer vs openstack management vs application ...
<bekks> tarpman: 14.04.4 has the same issues for me, I'll try an older release, thank you
<tomreyn> bekks: http://cdimages.ubuntu.com/releases/
<sarnold> tarpman: ah, crazy, I wondered where the 14.04 LTS releases were stored, funny that they're not on cdimages..
<PCdude> holocron: will do
<holocron> Most of the networks are segregated via VLAN, openvswitch, linux bridges, etc etc etc depending on what layer of the stack you're at
<PCdude> sarnold: good point, of course. I think I would like some more freedom here and there, but the whole thing is pretty complicated to do it all urself
<tomreyn> older point releases: http://old-releases.ubuntu.com/releases/
<tomreyn> oh, i'm late
<bekks> tomreyn: thx, downloading a 14.04 now.
<holocron> PCdude: amen -- do you know if autopilot uses juju openstack-base charm? I have a suspicion that it does
<holocron> openstack-base charm bundle*?
<PCdude> holocron: yeah, I am 95% sure that it does. I am still in the learning process of JUJU, maybe I can tweak the standard openstack version in JUJU and edit it to how I like it
<holocron> PCdude: that's what I was thinking. I know that the various charms that make up that bundle have lots of configuration options exposed, but you cannot edit the openstack config files directly as they will get changed back (ala chef)
<sarnold> PCdude: if I've understood the autopilot thing correctly, you should be able to change some of the chargm settings from e.g. https://jujucharms.com/nova-compute/xenial/3 and be able to configure things more as you wish
<sarnold> PCdude: but the autopilot tool itself may make some assumptions about configurations that are available in the charms
<PCdude> holocron: sarnold good point about JUJU, maybe its even better keep it in JUJU and leave autopilot out of it
<holocron> PCdude: I'm actually running juju with MAAS but all my MAAS machines are KVM VMs ^^ It's not super performant but I get to see how some of it's plumbed out
<holocron> PCdude: i put that project on the back burner and just started messing around with the pure LXD openstack bundle
<PCdude> holocron: I have it running in some VM's in ESXI right now, not very performing too. I really wanna put it on real hardware, but mostly the cost of it all holds me back
<holocron> LXC on bare metal is <supposed to be> performant
<holocron> PCDude: i had a 16G machine with it running, but it was swapping heavily.. i'm working on another install with 32G
<Ussat> Honestly we avoid bare metal here as much as possible. Unless you need special hardware, VM is the way to go
<RoyK> Ussat++
<holocron> Ussat: >< I'm on s390x and will have more special hardware
<Ussat> With VMware I get redundancy, backups, HA...
<Ussat> everything I have is HA'd between two datacenters..................
<holocron> congrats?
<RoyK> holocron: that's nice - what are the specs of such a machine?
<PCdude> holocron: I tried deploying on a machine with 8gb, did not work out very well haha
<PCdude> I have now a machine with 24gb and it all works pretty ok-ish
<PCdude> not good, but workable
<RoyK> PCdude: monitor it with something useful, like munin or zabbix, to see where the bottleneck is
<RoyK> PCdude: better monitor the hosts too
<holocron> RoyK hmm, perhaps you've seen it..  http://www-03.ibm.com/systems/linuxone/enterprise-linux-systems/emperor-product-details.html
<sarnold> what's the point of openstack overhead when you've got one machine though? wouldn't libvirt get you 60-70% of the way there and be less overhead?
<RoyK> holocron: which model?
<holocron> sarnold: libvirt gets me 100% of the way there, it's the interop that's missing
<holocron> RoyK hmm, i'm not sure, we've got 3 on the floor and they get swapped often
<PCdude> RoyK: well, I have a mid range CPU with 4 cores. That is seriously to little for this
<RoyK> I like the thing about current POWER CPUs allow for sub-allocation of CPU cores
<Ussat> nice systems holocron
<PCdude> RoyK: I have done some monitoring, I was mainly focusing on getting openstack more in the way I want it. The tweaking part
<Ussat> RoyK, we have about 20 LPARS of RHEL on P8 at the moment, about 100 other VM;s on VMware
<Ussat> POWER riocks
<Ussat> We are mostly AIX on POWER except for those RHEL systems
<holocron> Ussat: thanks, yeah s390x is always a bit strange, but it's fun
<holocron> Plus, i can be a middling linux admin and look like a hero because 90% of mainframers know diddly about linux ;)
<sarnold> :)
<RoyK> Ussat: ok, how much does that hardware cost?
<RoyK> Ussat: and btw, what sort of storage?
<Ussat> Well, I am not involved in that aspect, but we have 4 870's. And all our storage for prod is IBM V9000in a streached cluster with encryption and V840 for non prod
<Ussat> as for the price...I have no clue, I dont even see that part of the deals
<Ussat> thats all director level stuff
<Ussat> OUr windows storage is all on isilon
<RoyK> IIRC we have around 200 VMs on ESXi with 10 or 12 hosts from dell with some Dell Equallogic crap for storage (around 150TiB)
<Ussat> we have multiple SVC's in front of the V9000 and V840
<Ussat> OUr shit is WAY over engineered though, multiple datacenters , fully redundant, can run from either. We are a hospital so....
<RoyK> some of it is rather old (3+ years) and I guess a pricetag of around USD 300k for the lot (or a bit more)
<RoyK> perhaps 400
<RoyK> I guess that s390x costs a wee bit more :D
<Ussat> heh
<holocron> s390x is definitely only for certain use cases...
<holocron> you know, Walmart-scale
<holocron> just fyi though, if you wanted to play around on one, you can check out the linuxone community cloud
<trippeh> had tons of POWER at $oldjob
<trippeh> I was always underwhelmed, but it was very robust at least.
<holocron> power + nvidia looks like a nifty solution... i always figured power was fit for scientific computing and couldn't really understand why anybody'd run business on it
<trippeh> single thread perf and latency wasnt very good, but overall throughput was not too shabby.
<trippeh> not great, but
<holocron> now, i/o and single thread performance is where s390x beats all hands down
<trippeh> this was a few gens ago anyhow.
<trippeh> we had some s390(x?), but I never really touched it other than some light integration work.
<trippeh> so no idea
<sarnold> trippeh: how's it compare to your home rigs? :)
<trippeh> POWER, s390x, Itaniums, SPARCs, MIPS (SGI), we had most things that could run "UNIX"
<trippeh> ;)
<trippeh> sarnold: spinning rust SAN sure didnt help
<sarnold> trippeh: heh, not great for latency but depending upon how many of them you've got maybe good for throughput despite spinning... :)
<trippeh> was always fighting with the san people for iops ;-)
<sarnold> hah :)
<trippeh> home rig totally crushes them, I'm sure, but age difference helps
<sarnold> :)
<trippeh> most of them got canned after the Big Merger(tm)
<trippeh> non-windows systems that is ;)
<trippeh> man, so much $$$ saved just not having to fight the SAN people for iops with modern SSD SANs ;)
<sarnold> hah
<sarnold> and here I'm slightly dissapointed that my pcie nvme card can only do ~4k iops for my use rather than the 400k iops that I was expecting
<trippeh> hah, yeah, current nvme likes parallelism
<sarnold> I thought that something like ag --workers 300 or something would be able to generate enough parallelism in the filesystem to actually -use- all those iops. no such luck :(
<trippeh> fio had no problems for me :-)
<sarnold> if your workload matches fio, well.. .:)
<sarnold> but ag -is- the workload I wanted to scream, haha
<trippeh> heheh
<RoyK> sarnold: wha block sizes did you test it with?
<RoyK> s/wha/what/
<sarnold> RoyK: I'm using it as an l2arc for zfs; afaik there's no way to set an explicit block size for l2arc devices, only for vdevs
<trippeh> so it is a caching drive?
<RoyK> sarnold: guess it just uses the block size from the pool
<sarnold> trippeh: yeah
<RoyK> sarnold: did you do a zdb check on how large the records were?
<sarnold> RoyK: I -assume- that the blocks are whatever sizes the data elements are when they're read..
<RoyK> sarnold: possibly - I don't know the code
#ubuntu-server 2016-10-04
<seyeongkim> how can I do SRU process with Trusty Icehouse pkg? ( python-glanceclient, cinder) , I checked https://wiki.ubuntu.com/OpenStack/StableReleaseUpdates but link https://wiki.ubuntu.com/ServerTeam/OpenStack is down
<sarnold> seyeongkim: probably you can start with a bug first, that's liable to get noticed..
<seyeongkim> There are already. https://bugs.launchpad.net/ubuntu/+source/python-glanceclient/+bug/1323660
<ubottu> Launchpad bug 1323660 in python-glanceclient (Ubuntu Trusty) "Glance image properties not copied to cinder volume with glance V2 API" [Undecided,New]
<sarnold> I can't make heads or tails of any of that... ow
<sarnold> It looks a bit like an upstream author gave up on the fix
<sarnold> is there a fix? any idea how well it works? does it introduce any new regressiosn?
<seyeongkim> for kilo yes,
<seyeongkim> I'm not sure whether it can be backported to icehouse.
<seyeongkim> https://review.openstack.org/gitweb?p=openstack/python-glanceclient.git;a=commit;h=90407d9e473014c24eeab294192f9d3208f58ea7
<seyeongkim> hmm.. so far no regressions..
<seyeongkim> but need to be checked because this is accepted from liberty or reject backporting
<sarnold> the patch is tiny... is that sufficient?
<seyeongkim> yes for glanceclient, and for cinder, https://review.openstack.org/gitweb?p=openstack/cinder.git;a=commit;h=7470b1d66491042909e9a191a884cae2fa8a3838
<sarnold> hey that looks complicted enogh to match the complicated bug :)
<seyeongkim> I downloaded pkg using pull-lp-source and did patch with quilt-import but debuild -S show me error..
<sarnold> seyeongkim: so do you need both patches to be applied simultaneously? do either one in isolation break anything?
<seyeongkim> both needed for each pkgs... 1 for glanceclient, 1 for cinder.
<seyeongkim> it's seprated.
<RustyShackleford> i'm going to set up plex server
<RustyShackleford> what do you think about sharing /var/lib/plexmediaserver in a samba share as well?
<RustyShackleford> to clarify, is it risky to share that folder with two services?
<sikun> RustyShackleford, define risky.
<cpaelzer> jamespage: since the DPDK configuration for openvswitch changed so much I'd want to propose some changes to the package
<cpaelzer> jamespage: I only start to work but wanted to ask what you'd want
<cpaelzer> jamespage: commits into the ovs git you have
<cpaelzer> jamespage: same thing as LP merge proposal
<cpaelzer> jamespage: debdiffs ...
<jamespage> cpaelzer, you're ubuntu-server-dev now right?
<cpaelzer> yeah I could commit to the git
<cpaelzer> at least I assume so, I never checked what the permissions on it actually are
<cpaelzer> jamespage: ^^
<cpaelzer> yeah the path is under server-dev
<cpaelzer> jamespage: I will prep something there - do you have any in flight changes that I should consider?
<jamespage> cpaelzer, that's the one
<jamespage> cpaelzer, no I'm all done for this release
<cpaelzer> jamespage: ok, I'll ping you once I have something ready for review
<cpaelzer> jamespage: do I need beisner for testing a potential upload ?
<Village> maybe someone try run DC++ server on Ubuntu..?
<jamespage> cpaelzer, no
<PCdude> Hi all
<PCdude> I have some questions about openstack on ubuntu
<PCdude> I have put it in an askubuntu question
<PCdude> http://askubuntu.com/questions/832736/openstack-with-autopilot-some-networking-clear-up
<sikun> PCdude, so the requirements for OpenStack is actually 5 machines with two hard drives, two machines need dual NICs
<sikun> meaning two of the 5 need to have two NICs
<RoyK> sikun: shouldn't it work well with VLAN?
<RoyK> for Linux it's just another NIC, just named eth0.10 or something and if the bandwidth is sufficient and the switch does its job, well, there you go
<sikun> yes, but most guest operating systems still need to fill in the blank for the most part driver wise which is ok but as these VMs will boot via PXE that can be a pain in the ass sometimes when using vlan tagging
<RoyK> the host does the tagging
<RoyK> it's all L2 stuff
<sikun> yes, I know that. Yes, it will work, is it best practice? no.
<RoyK> sikun: why not?
<RoyK> sikun: if the bandwidth is sufficient... why not?
<RoyK> sikun: we have 200 VMs or so on vmware and the hosts all use VLAN tagging on 10+ VLANs
<sikun> it's best to separate public/private traffic.
<sikun> We have over 500 VMs, public traffic goes on specified NICs for public traffic while private does the same. We also backup utilizing private networking, and if we did that while it was all using a single NIC for public/private it'd bottleneck.
<sikun> I say single nic in a broad generalization, of course there is NIC teaming in play.
<RoyK> sikun: that's really nonsense - VLAN security is good these days, you really can't break out from a VM
<sikun> private networking is in use for management purposes not security
<gargsms> I am trying to use CustomLog directive for Apache logs. This is what my declaration looks like `CustomLog "| /bin/grep -E --invert-match --line-buffered 'status:(200|206|302|304)' | sed -r 's/status:(\d*)/\1/' | cat >> /var/log/err.log" combined` This is never written to the file err.log
<gargsms> I tried replacing the custom log file names to the ${APACHE_LOG_DIR}/access.log but then it outputs the logs when I restart the apache2 service
<Ussat> \o/ patch day done
<rbasak> smoser: do you have a simple example of real world use of ssh-attach where not using ssh-attach is obviously more painful? I believe that it's useful, but I'm struggling to think of examples.
<smoser> rbasak, of course.
<smoser> $ ssh-attach brickies.net -- bash -c 'i=0; while [ $# -ne 0 ]; do echo "$i: $1"; shift; i=$(($i+1)); done' -- "one 1" "two 2" "three 3"
<smoser> 0: one 1
<smoser> 1: two 2
<smoser> 2: three 3
<smoser> that gives you the same result as if you'd copied and pasted that 'bash -c...' portion on the remote system.
<smoser> try to do something like that without ssh-attach.
<smoser> or even "real world" like
<smoser> https://gist.github.com/smoser/88a5a77ab0debf268b945d46314ea447
<smoser> ussh $name sudo sh -c 'echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-proposed main" >/etc/apt/sources.list.d/proposed.list && apt-get update -qy'
<smoser> or, i guess along those lines...
<smoser> ssh-attach foo -- sh -c 'for line in "$@"; do echo "$line"; done > /etc/apt/sources.list.d/my-sources.list' -- "deb http://archive.1/ trusty main" "archive 2 another".
<smoser> you can certainly re-write that to fight the quoting that occurs under you by ssh throwing all argumenst into a single string and feeding it to shell. .but it becomes hard when you have quotes or spaces or single-quote in your input.
<rbasak> Why would that last example not just work using ssh without ssh-attach?
<rbasak> Your first example I don't really follow, as I'd never type that at the CLI in the real world :)
<rbasak> Anyway, I'd be happy to stick this into a contrib/ussh/ directory or something in uvtool git, and then ship it in usr/share/doc/uvtool/examples/ or something? Then it can be maintained and available to others in one place.
<rbasak> I wanted to understand it better separately to think about how to make "uvt-kvm ssh" better (or provide an alternative differently behaving command or whatever). But I still don't really follow your use case.
<frickler> coreycb: jamespage: seems like you didn't package neutron-dynamic-routing for newton, do you intend to do this at a later stage or will it just drop out of UCA after having been split into a new project upstream?
<jamespage> frickler, tbh it did not get on the list
<jamespage> frickler, will look at it early next cycle and look to backport for newton
<jamespage> frickler, but +1 month away as yet should think
<frickler> jamespage: hmm, too bad, so we'll have to take a look at building it ourselves. but thx for confirming
<jamespage> frickler, apologies
<smoser> rbasak, the basic issue with ssh is that its params are: ssh host "command"
<smoser> ssh-attach changes that to:
<smoser>  ssh host command [arg1 [arg2 ...]]
<smoser> from ssh whatever you pass it as the command to run gets shoved into the users shell on the other side and thus is exposed to that shells quoting rules
<rbasak> That's not my experience
<smoser> in addition to the quoting rules of the shell you are pasting into
<smoser> it most certainly is true.
<rbasak> ssh foo echo a b c\; echo d
<rbasak> a b c
<rbasak> d
<rbasak> If command were quoted, I'd expect an "echo" in the output.
<rbasak> AIUI, ssh hands everything to "sh -c"
<smoser> right
<smoser> which means it gets interpreted by the shell
<smoser> in addition to the shell on the local system
<smoser> actually, rbasak your example is good
<smoser> if you paste : echo a b c\; echo d
<smoser> or type it on your local shell
<smoser> you'll get
<smoser> a b c; echo d
<smoser> but if you feed it to ssh:
<smoser> ssh sstack-185 echo a b c\; echo d
<smoser> then you get
<smoser> a b c
<smoser> d
<nacc> rbasak: did you want to continue on our converstaion today? not urgent by any means
<rbasak> nacc: bit short of time today, sorry.
<nacc> rbasak: nothing to apologize for!
<nacc> rbasak: i was planning on maybe seeing if we could use clamav as a testbed for the process? caribou has a new MR, which we could tag and i could see if we pick it up properly
<smoser> but:
<smoser> ssh-attach sstack-185 -- echo a b c\; echo d
<nacc> rbasak: locally, before I push it to the git tree
<smoser> a b c; echo d
<rbasak> nacc: sure, but I think we should discuss further what we're doing with the upload tags.
<nacc> rbasak: ack
<smoser> rbasak, that make sense? your example is actually perfect.
<rbasak> smoser: interesting, thanks. I see what you mean.
<rbasak> Interesting because I'm so used to what ssh does, I didn't think it wrong :)
<smoser> its the same as 'sg' or 'su' versus 'sudo'
<smoser> sudo == ssh-attach == lxc exec
<smoser> sg == su == ssh
<coreycb> jamespage, was pykmip intended to go under barbican Suggests vs Recommends?
<kyle__> Is there official documentation for how to get rc.local to work in 16.04, or a more systemdish approach to something working like that?
<trippeh> kyle__: rc.local seems to work on my 16.04 systems
<trippeh> but yeah write systemd services/units if you can
<trippeh> rc-local.service - /etc/rc.local Compatibility
<trippeh>    Loaded: loaded (/lib/systemd/system/rc-local.service; static; vendor preset: enabled)
<kyle__> systemctl status rc.local.service is telling me it's loaded, but nothing in it is run.  Nor are there any logs even referencing it.
<gargsms> I am filtering my Apache logs by piping the output using grep --line-buffered. I get the output written to the file in chunks of 4KB. Is there a way for it to be written continuously? Writing 4KB at a time causes me to lose at least 2 log lines per chunk as they don't confirm to the standard of my parser, mostly
<trippeh> kyle__: does it say it ran at all in status? eg active (exited) or somesuch
<trippeh> Active: active (exited) since fr. 2016-09-30 00:14:35 CEST; 4 days ago -- on my system
<kyle__> It says status.. err
<kyle__> inactive (dead)
<trippeh> could try systemctl enable rc-local.service
<trippeh> then reboot and see if it works
<kyle__> I did that one other time, but OK :) Willing to try it again.
<trippeh> pretty sure I never had to do that, tho.
<kyle__> Hum.  Same thing.  Didn't run, and status ends witH:
<kyle__>   Active: inactive (dead)
<trippeh> kyle__: is the rc.local file executable?
<trippeh> and has the sh shebang at the top
<kyle__> no... no it's ot.  ALthough I didn't know it generally had to be.
<kyle__> Yeah, already has the shebang
<kyle__> Gahh.  OK.  It was just misstng the execute.  Weird that it didn't even say peep about it in the logs.
<kyle__> Thank you.
<trippeh> yeah, I think thats new with the systemd wrapping
<trippeh> (not checked)
 * kyle__ sighs
<kyle__> I know sysv init and upstart had their own problems, but this doesn't feel better
<trippeh> odd that it is would not flag as failing when ExecStart= is not executable. I need to try that out
<trippeh> but now -> work
<kyle__> heh.  Same here.  This was for a user who 'just had to' use 16.04 and rc.local.
#ubuntu-server 2016-10-05
<hallyn> upstart had problems?  bah!
<RustyShackleford> well this is more an osx question, but regarding ssh
<RustyShackleford> I am setting up a dotfiles repo to back up and share my dotfiles between computers
<RustyShackleford> attemping to ln -s ~/dotfiles/sshconfig ~/.ssh/config
<RustyShackleford> if I instead cp the file, it works as expected. But with the symlink, it doesn't seem to follow the symlink
<sarnold> RustyShackleford: ssh is picky about permissions. make sure the file is chmod 600, and the directory is 700. Even then it may not work, but that might help.
<RustyShackleford> I will double check
<RustyShackleford> yeah those are the permissions
<RustyShackleford> I suppose copying it isn't the worst thing every
<RustyShackleford> but it would be nice to edit it, have the changes reflected in my git repo, and then push it up
<sarnold> RustyShackleford: okay, next step, tracing the thing
<sarnold> RustyShackleford: I can't remember os x very well, it's probalby something like "kdump ssh localhost" followed by "ktrace"
<sarnold> RustyShackleford: look for the open() systemcall that refers to the ~/.ssh/config file
<sarnold> (searching for "config" is probably the best bet)
<sarnold> I'm curious if your ssh client uses the O_NOFOLLOW open flag. (mine doesn't.)
<RustyShackleford> hm kdump is not found
<RustyShackleford> okay what the heck is going on here?!
<RustyShackleford> well it works lol
<RustyShackleford> I had tried this a week ago, gave up when it was not working. So I just set it up again and this time it works :/
<sarnold> hah :)
<sarnold> maybe you need to install some developer's kit to get decent syscall tracing tools on OS X?
<RustyShackleford> how would you feel about keeping private keys in a (private) dotfiles repo as well
<sarnold> if your passphrase on the keys is decent, it's alright
<RustyShackleford> I usually use no passphrase hah
<RustyShackleford> i'm not so secure sometimes for the sake of convenience. I should also find a more secure way to store my passwords
<nastronaut> RustyShackleford: have you tried verifying that the symlink actually worked? if you do an `ls -al` should return something like this:
<nastronaut> lrwxr-xr-x   1 user staff   37 Aug 25 11:31 config -> /Users/user/dotfiles/ssh_config
<ndboost> evening folks
<ndboost> regarding an iptables question, using s3 what do i need to allow inbound for it to work
<RustyShackleford> do you think home internet connections throttle port 22?
<teward> RustyShackleford: depends on the ISP
<RustyShackleford> comcast
<RustyShackleford> just curious how I could test that
<RustyShackleford> also curious if you get less spambots if you use an alternate port
<teward> RustyShackleford: IIRC they don't filter traffic in/out or throttle things on those ports, but only Comcast would have the answer
<sarnold> it'd be easier to just test rather than trying to -talk- to someone there who would know
<teward> RustyShackleford: security through obscurity only works... for a little bit.  OBscuring the port is fine, but disable password auth, use key auth, etc.
<teward> yep.
<RustyShackleford> sarnold: you need to be on hold for an hour before you can speak to someone worth a damn
<sarnold> RustyShackleford: only an hour? that's better than I expected :)
<RustyShackleford> I had a server exposed to the internet for a while
<teward> RustyShackleford: Really?  I have at least twenty :P
<RustyShackleford> its crazy how many people try to log into my random ip address
<teward> RustyShackleford: service scanners, brute forcers, botnets, etc.  drivebys most likely
<RustyShackleford> fail2ban helps a bit
<teward> RustyShackleford: though, that's *anything* connected to the internet.
<RustyShackleford> do you think they scan only 22, 80 and the obvious ones?
<RustyShackleford> I wonder how much using 22000 or something would cut down on drive-bys
<sarnold> I put mine up on 2222 when I travel, and it gets plenty of scans; don't pretend it'll be silent up there
<sarnold> it may be less, but whole-internet scanning is commonplace and cheap these days
<Ben64> they don't scan every port though
<RustyShackleford> can't remember if the ssh logs show which port they attempt to connect on
<RustyShackleford> I could enable them both and see which gets more hits
<RustyShackleford> er, the difference in the number of hits
<Ben64> 22 wins for sure
<Ben64> over 2000 hits on my ssh in the past 24 hrs
<Ben64> 99.3% for root
<Ben64> don't even have root ssh enabled, you silly bots
<RustyShackleford> I need a domain for this server
<RustyShackleford> i'm so uncreative
<Seveas> RustyShackleford: uncreative.space :P
<Choups>  how do i run tor, in a ubuntu 16.04 ?
<Choups> i need an app to use tor as proxy
<Choups> so i need tor to be runing on the machine
<Choups> how do i do it?
<jamespage> coreycb, I remember that it was suggested that was a good idea
<cpaelzer> jamespage: I pushed the openvswitch changes to the repo and uploaded
<cpaelzer> jamespage: I also added the ubuntu1 release you had in the repo and tagged yours and mine so that repo matches reality
<jamespage> cpaelzer, good morning!
<jamespage> sorry yesterday was frenetic for a number of reasons
 * jamespage looks
<cpaelzer> jamespage: totally fine - as I said I want to help not to disturb :-)
<cpaelzer> jamespage: so I did what I announced to you and know that in case of blergh we can still fix and upload more if needed
<cpaelzer> jamespage: I also have something written up for the ovs-dpdk charming that I'm about to send
<cpaelzer> jamespage: anyone but you to add as CC on that?
<cpaelzer> a.k.a did get that work to be done by somebody else?
<jamespage> cpaelzer, no it will get in the right queue
<Pjusur> Whats the major difference between a standard Ubuntu server install and a minimal one? just fewer packages install by default?
<rbasak> Pjusur: if you're referring to the options in the traditional installer, then that's the only difference.
<Pjusur> rbasak: Yes :), the F4 option after boot before install, tnx mate
<rbasak> powersj: for bug 1629890, my understanding of the typical use case for mongodb says that it's more than wishlist for the process limit to be so low - I'd make it High rather than Wishlist
<ubottu> bug 1629890 in mongodb (Ubuntu) "/lib/systemd/system/mongodb.service should set LimitNOFILE" [Wishlist,Triaged] https://launchpad.net/bugs/1629890
<rbasak> Also bitesize perhaps?
<zioproto> hello
<coreycb> jamespage, is network access in unit tests limited to ppas?  python-k8sclient tests are getting 404's when backporting to the staging ppa, but ran ok on yakkety.
<coreycb> lack of network access, that is
<jamespage> coreycb, hmm
<jamespage> the builders all have limited egress
<coreycb> jamespage, ok, interesting
<gargsms> I am trying to write a custom log for Apache. For any log entry ending with 0, I am using this declaration, just to test ```CustomLog "|/bin/bash -c 'if [ awk \'{print $NF}\'` -eq 0 ]; then logger -s ; fi" combined``` Nothing gets logged to syslog in this case. However, if I just do logger -s, then the entry is logged completely.
<powersj> rbasak, ok - however the link you provided makes me think we shouldn't yet
<rbasak> powersj: I stuck it in the backlog. Perhaps we should just check deeper that mongodb doesn't use FD_SET.
<rbasak> (it seems unlikely)
<kaslcrof> Does anybody know the way to propose changes to UCA(Ubuntu Cloud Archive). There is problem with file io.murano.zip [1] which is contained in murano-common package [2] . The problem is file io.murano.zip exist in package (murano-common) but it is in the wrong directory(/usr/share/murano-common/ but should be in /var/cache/murano/meta/).[1] https://review.openstack.org/#/c/250436/ [2] http://mirror.regionone.osic-cloud1.openstack.org/ubuntu-clou
<kaslcrof> <kaslcrof> d-archive/pool/main/m/murano/
<jgrimm> coreycb maybe ^^
<coreycb> kaslcrof, hi which release of openstack is this for?
<kaslcrof> coreycb, it is for newton
<coreycb> kaslcrof, I think it makes sense where it is stored in /usr/share/murano-common.  but if you want we can switch over to #openstack-pkg and we can chat with zigo to get his thoughts (since this package originates in debian).
<jgrimm> thanks coreycb
<kaslcrof> coreycb, many thanks.
<zul> coreycb: barbican uploaded
<coreycb> zul, thanks
<dannf> smb: thx for the libvirt SRU upload! will verify asap
<coreycb> jamespage, zul, ddellav: I had to manually backport python-k8sclient to newton-staging.  for some reason backport_package couldn't backport it successfully (maybe interference with port 8080?).
<zul> coreycb: ack
<zul> coreycb: bug deweeding is so much fun
<coreycb> zul, what are you up to?
<zul> coreycb: deweeding ubuntu/nova bugs on launchpad
<coreycb> zul, awesome
#ubuntu-server 2016-10-06
<ndboost> hey anyone on to help with a iptables /aws s3 question?
<ndboost> http://serverfault.com/questions/807122/what-rules-am-i-missing-for-aws-s3-allow-via-iptables?noredirect=1#comment1024903_807122
<sarnold> ndboost: are you confident your AWS security groups are configured correctly?
<ndboost> yes
<ndboost> without the iptables enabled i get straight in
<ndboost> without, i dont
<ndboost> er with i dont
<sarnold> aha
<sarnold> can you add relevant -jLOG or something entries to your iptables?
<ndboost> sure
<ndboost> one sec
<ndboost> viovim for whioch rulese?
<sarnold> hehe, I wsa thinking nearly everything :)
<ndboost> lol waht does LOG do?
<ndboost> tells me its invalid
<sarnold> I'm hoping it'd tell you what you still need to allow..
<ndboost> iptables-restore v1.6.0: Bad ctstate "LOG,NEW,ESTABLISHED"
<ndboost> Error occurred at line: 36
<ndboost> i think its DNS
<ndboost> hoping thats it
<patdk-lap> dns?
<patdk-lap> dns should have nothing to do with iptables
<ndboost> yeah cant resolve the DNS
<ndboost> so s3 bombs out
<ndboost> i noticed with the rules in place i cant dig some domains
<ndboost> but wget wworks for google.com
<patdk-lap> you have no rules to allow dns
<patdk-lap> that is a crazy ruleset
<ndboost> lol i know it is
<ndboost> who needs DNS :P
<sarnold> there's not even four billion IPs to remember, all shorter than 32 bits. piece of cake. :)
<patdk-lap> I totally don't understand the -A OUTPUT --sport -m conntrack rules
<ndboost> allowing 80/443/22
<ndboost> web server running
<patdk-lap> those don't allow that
<patdk-lap> that is what the INPUT rules did
<ndboost> poh derp lol
<ndboost> i put those in late last night for a hope
<ndboost> lol
<patdk-lap> personally, I would highly recommend you don't do iptables raw like that
<patdk-lap> use ufw, shorewall, ....
<patdk-lap> to build a sane ruleset
<patdk-lap> actually, this is on aws
<patdk-lap> why bother with iptables at all?
<patdk-lap> the security groups do a much better job
<ndboost> no its not aws
<ndboost> s3 is
<ndboost> this is on DigitalOcean
<ndboost> :P
<patdk-lap> ah
<patdk-lap> you only need port 443 tcp for s3
<patdk-lap> and working dns
<patdk-lap> and those fun, -A INPUT --sport xxxx rules are a huge security hole
<ndboost> ill use ufw lol
<patdk-lap> those two rules will let me completely bypass your whole firewall, except for mysql access
<ndboost> lol
<sarnold> patdk-lap: how's that work?
<patdk-lap> heh?
<patdk-lap> I make a tcp connection from my port 10011, and to any dport I want on his side
<ndboost> ufw is a lot easier
<sarnold> patdk-lap: but why 'except for mysql'?
<patdk-lap> it's excepted, except for port 3306 that is reject above
<patdk-lap> cause there is only one reject rule before it
<sarnold> thanks :)
<patdk-lap> that ruleset so wants to be stateful, but isn't
<ndboost> moving to ufw fixed my issyue
<ndboost> thanks
<sarnold> excellent :)
<ndboost> too many damn stupid rules lol
<ndboost> ufw was way simpler
<northcode> Hey guys
<northcode> has anyone had problems installing/upgrading mariadb-server on ubuntu 16.04 lately?
<northcode> I just upgraded my packages today and mariadb-server-10 "fails" to install, in that it still runs fine but the post-install script fails, so apt thinks its broken
<northcode> and there also seems to be a dep-error with mariadb-server and mariadb-server-10
<sarnold> northcode: please file bugs, the community maintainer for mariadb cares :)
<cpaelzer> jamespage: hi, the current openvswitch upload is blocked by a fail in the neutron autopkgtest which can't be due to the changes that got uploaded
<cpaelzer> jamespage: yesterday coreycb mentioned a timing based issue on autopkgtests which could be just that
<cpaelzer> jamespage: coreycb: the log is this https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-yakkety/yakkety/s390x/n/neutron/20161006_055450@/log.gz
<cpaelzer> jamespage: coreycb: I already retried it once, but I don't want to buzz the retry button over and over
<cpaelzer> jamespage: coreycb: could one of you confirm this is the same issue and in case yes let me know how you resolved it on your end?
<jamespage> cpaelzer, did I just see ovs pass to updates?
<cpaelzer> jamespage: checking ...
<cpaelzer> jamespage: well yes, somthing/somebody changed it to ignored failure
<jamespage> cpaelzer, hmm
<cpaelzer> it is still visible in http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
<jamespage> tbh that's not one that's raced in the past
<jamespage> so a bit worried about that
<cpaelzer> that is why I'm asking around
<cpaelzer> I downloaded the artifacts but they are totally useless
<cpaelzer> a full journalctl output as artifact might have helped
<cpaelzer> jamespage: but you must admit that changing a readme and a conffile comment can't trigger a failure :-)
<cpaelzer> jamespage: so I wonder what caused this now
<jamespage> cpaelzer, somehting s390x ish
<cpaelzer> jamespage: I'll run it on my lpar just to see if I could find more of its status with a shell-fail on the autopkgtest
<cpaelzer> jamespage: any more steps that would help reestablishing a good feeling?
 * cpaelzer urges lpar down? ...
 * cpaelzer realizes that all the recabling killed the vpn dialin *facepalm*
<jamespage> cpaelzer, don't worry to much
<cpaelzer> now it is already running :-)
<cpaelzer> well my adt does seem to need some special care to take off, so I stop worrying a bit in case that turns out to be too much to get it running
<coreycb> jamespage, cpaelzer: the nova autopkgtest s390 error that was surfacing on s390x is fixed by adding sqlite connection strings to nova.conf.  maybe it's a similar issue for neutron.
<jamespage> coreycb, neutron uses mysql for autopkgtest so not sure
<jamespage> coreycb, anyway - I just tripped on a new neutron problem
<jamespage> coreycb, https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1630968
<ubottu> Launchpad bug 1630968 in neutron (Ubuntu) "neutron-openvswitch-agent - error on startup" [Undecided,New]
<cpaelzer> I failed to recreate on s390 driving to autopkg issues with pitti
<cpaelzer> coreycb: what did you use to recreate yesterday instead?
<coreycb> cpaelzer, I used an s390x instance and noticed the service was flopping up and down due to the config error
<cpaelzer> s/to/two/
<cpaelzer> coreycb: ah ok, so you just ran it as-is and not within a adt environment?
<coreycb> cpaelzer, I've also been using this to test autopkgtest fixes in PPAs: https://bileto.ubuntu.com
<cpaelzer> I don't have the bileto superpower yet, at least I didn't a few weeks ago
<coreycb> cpaelzer, do you have upload rights?
<cpaelzer> coreycb: only server-deve
<coreycb> cpaelzer, I wonder if xnox can change the perms to allow you to use it
<xnox> yo
<coreycb> xnox, any chance per package uploaders can get perms to use bilto?
<xnox> jamespage, coreycb, cpaelzer: what I have noticed is that upon package installation, the following happens:
<xnox> postinst running
<xnox> -> service starting, crashing, restarting
<xnox> dpkg ends
<xnox> check that service is running fails
<xnox> -> service manages to start without crashing
<xnox> autopkgtest has failed by now
<xnox> -> service running fine
<xnox> and i changed autopkgtests to loop with a sleep/wait/timeout waiting for things to /eventually/ come up fine. However, imho, dpkg postinst should not return until service is started.
<xnox> (as in permamemently fails, or after restarts manages to start fully)
 * xnox wishes openstack service used systemd notify protocol to fully state "yeah, READY=1 for realz now"
<coreycb> xnox, thanks for the insight, I was curious more about bileto permissions for per package uploaders. :)
<xnox> coreycb, right. I am core-dev and I can do anything in bileto. No idea about others. I think anybody can create ticket, but e.g. a core-dev is still needed if you want to upload raw source packages, rather than use the crazy "release from upstream branch thing"
<xnox> coreycb, i'm happy to sponsor any source packages into biletos targetting the archive for you.
<xnox> jamespage, coreycb - looking at the bug, note that s390x autopkgtests are done in an LXD container, thus one cannot modprobe packages =/
<coreycb> xnox, interesting..
<coreycb> xnox, I'm hitting a new nova failure with kvm, I wonder if it's similar and can't modprobe
<coreycb> on armh ^
<xnox> as in one should probably use $ ! systemd-detect-virt --container && exit 0
<xnox> coreycb, i believe autopkgtest runners on armhf & s390x are LXD containers, everything else is KVM virtual machines, and we have no infra for powerpc (old 32 bit big endian)
<coreycb> xnox, ok that explains one of my failures!  thanks.
<coreycb> xnox, any idea who's in charge of acls for bileto.ubuntu.com?  it'd be useful if per package uploaders like cpaelzer could get full access to debug failures and test fixes in PPAS.
<xnox> coreycb, talk to <sil2100> or <robru> or <slangasek> on #ubuntu-devel or some such
<coreycb> xnox, will do, thanks
<EmilienM> coreycb, jamespage: hello - fyi, neutron/linuxbridge is still broken since last time I reported to you, we're using latest newton, you can see logs if you want to look https://review.openstack.org/#/c/382661/
<jamespage> EmilienM, it would appear to be broken in a different way now
<jamespage> EmilienM, hmm
<cpaelzer> coreycb: thanks for kicking that discussion
<BioKey> Hello, I'm currently trying to manage Windows accounts via Ubuntu Server. What are my options here ? Do I have to go with Samba and an AD or is there any other alternatives ? Thanks !
<rbasak> You mean you want to manage Windows desktops without a Windows server? Or something else?
<BioKey> Absolutely !
<BioKey> Something similar to Novell Groupewise. Is this even possible ?
<rbasak> I used to do this kind of thing for a living. IMHO, it stopped being worth it. I would consider using (and managing and supporting) a real Windows server as part of the cost of running Windows desktops and do it that way.
<rbasak> Samba is the only other thing that I know about that can do it. It's an excellent project and has a very high quality codebase.
<rbasak> But for actually running a domain, I'm not sure it's worth it any more. Certainly you'll find it much more of a struggle, and with loss of functionality, compared to just using a Windows server.
<BioKey> Thank you for your answer, that's what I feared seeing all the abandoned projects.
<BioKey> I'm really new to all this but even file sharing with Samba looks like a pain
<rbasak> Plain file sharing is fine with Samba once auth is sorted out.
<rbasak> The last time I looked (it's been a while), Samba still integrated with a Windows domain really well, eg. as a domain member, file sharing, even ACLs.
<rbasak> There is an impedence mismatch of course, which Samba tackles admirably. But it does necessitate quite some understanding. It is well documented, but expect to do a lot of reading.
<rbasak> (understanding of both Unix and Windows models of things)
<_Wise_> hi *
<BioKey> Indeed ! I think I understimated that part ;)
<_Wise_> I have an armada of Ubuntu Server 14.04 LTS instantiated on Azure, I thought about upgrading them to 16.04 LTS next year
<_Wise_> but when I look at this page: https://assets.ubuntu.com/v1/65d114f8-release-chart-desktop.png?w=800
<_Wise_> it turns out that 14.04 LTS *HARDWARE* updates stops soon
<_Wise_> am I in danger ?
<rbasak> _Wise_: where was that linked from please, so I have some context?
<_Wise_> rbasak: from there: http://www.ubuntu.com/info/release-end-of-life
<rbasak> What they mean is new kernels, essentially (X.org stack doesn't matter for server).
<_Wise_> for me it's quite obscure what Hardware Update is
<rbasak> See https://wiki.ubuntu.com/Kernel/LTSEnablementStack for details, but for cloud instances on Azure, it won't matter.
<Ussat> So, ubuntu 16.04 LTS comes with gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.2) , I have a package that ewquires 4.7 to compile. How backward compatiable is gcc5 ?
<Ussat> next question would it be possible to install the gcc 4.7 along side 5.0 if I need ?
<teward> Ussat: how is the requirement defined?  Exactly 4.7, or 4.7 or higher?
<Ussat> To build bcl2fastq2 Conversion Software v2.17, you need the following software.
<Ussat> Versions listed are tested and supported; newer versions are untested.
<Ussat> } gcc 4.7 (with support for c++11)
<Ussat> I wish was higher....
<ikonia> does it actually say it will not work with 5.0
<Ussat> No, it does not
<teward> ^ that (ninja'd)
<teward> Ussat: 5.0 might work, I would suggest starting with that first
<Ussat> it says untested
<teward> before trying to coinstall multiple compilers
<ikonia> have you tried it with 5 ?
<Ussat> not yet
<Ussat> I might just spin up a test VM and test this shit
<Ussat> I just hate the way these docs are written
<Ussat> my day just got more complicated
<ikonia> please don't swear
<ikonia> there isn't a need for it
<ikonia> you'll find it a lower risk to build with 5 than maintain multiple compilers and linker objects on the same box
<Ussat> Oh I totally agree
<ikonia> more so when the chances are there is not a 4.7 gcc install package for your ubuntu version
<ikonia> so no idea where you expect to get it
<Ussat> I =am waiting for a tech contact at the company to call me back to ask them some questions
<ikonia> why not just try it ?
<Ussat> There is a gcc4.7 actually
<ikonia> see what happens
<ikonia> ahhh so where is 5 coming from then ?
<Ussat> on my ubuntu system, but I can get a 4.7 for it also, was just wondering if I could side by side install, just exploring options
<Ussat> I like to lay out all my options before jumping into a test
<ikonia> how can you get 4.7 for it
<ikonia> what version of ubuntu is this ?
<Ussat> 16.04 LTS
<_Wise_> rbasak: thanks
<ikonia> is there a 4.7 package in the 16.04 repo ?
<Ussat> yes
<Ussat> Like I said, I just like to lay out all my options
<Ussat> before I decide which to test
<coreycb> EmilienM, I see a lot of ACCESS_REFUSED amqp errors in your logs, do you also get those with ovs?
<EmilienM> coreycb: no
<zul> coreycb: its out
<coreycb> zul, cool want to get started?  let's not release neutron quite yet.
<zul> coreycb: sure
<coreycb> zul, did you bump tooz yesterday?
<zul> coreycb: i didnt...its not bumped in debian
<coreycb> zul, yeah they're mostly behind us. I think we should try to get to 1.43.0 since that's what upper constraints is at.
<zul> coreycb: ack...
<coreycb> EmilienM, seems that your rmq logs also have invalid credentials errors: http://logs.openstack.org/61/382661/1/check/gate-puppet-openstack-integration-4-scenario003-tempest-ubuntu-xenial/1f52421/logs/rabbitmq/rabbit@ubuntu-xenial-osic-cloud1-s3700-4770556.txt.gz
<coreycb> not sure if that's a red herring or not
<zul> coreycb: taking aodh
<coreycb> zul, also hold off on nova. I'm sorting out dep8 failures.
<zul> yes master
<coreycb> zul, taking cinder
<coreycb> zul, taking barbican
<epinky> is senderid needed to be configure to send to hotmail? I've got my messages bouncing from hotmail domain
<zul> coreycb: aodh uploaded
<zul> coreycb: taking glance
<coreycb> zul, ack, cinder and barbican uploaded.  want me to grab tooz?
<zul> coreycb:yeah go ahead
<coreycb> zul, on it
<jamespage> frickler, you should get neutron-dynamic-routing for newton
<jamespage> frickler, zigo packaged it for Debian (not in freeze) so we should be able to sync it
<jamespage> thanks zigo ;)
<frickler> jamespage: yep, I'm already testing it, thanks for the headsup. sometimes it is useful to be upstream and operator at the same time ;)
<jamespage> frickler, lol
<jamespage> frickler, ppa:james-page/newton
<zul> coreycb: glance uploaded
<zul> coreycb: taking heat...not literally
<coreycb> zul, hah, what a comedian
<coreycb> zul, taking designate
<coreycb> zul, tooz and designate uploaded.  taking horizon.
<coreycb> zul, horizon uploaded, taking keystone
<zul> coreycb: trying to speed myself up
<zul> coreycb: heat uploaded
<zul> coreycb: getting manila
<coreycb> zul, ack, getting networking-ovn.  keystone uploaded.
<frickler> jamespage: I had built my own already, just tested on an allinone deployment, works pretty well.
<zul> coreycb:manila uploaded
<zul> coreycb: i think we should skip neturon-* since neutron isnt uploaded yet
<coreycb> zul, agreed
<coreycb> zul, networking-ovn uploaded
<zul> coreycb: grabbing trove
<zul> coreycb: trove uploaded
<zul> coreycb: do you want to handle nova and neutron?
<coreycb> zul, sure, thanks for the help!
<apb1963> Ubuntu 16.01 My printer is only printing magenta and black.  Any ideas?  HP 1010 inkjet.  hp-toolbox reports ink levels are OK.
<PCdude> apb1963: I guess u mean 16.04? I would advice u to go to the "ubuntu" channel
<ws2k3> is the network install of ubuntu 12.04 broken?
<ws2k3> it refuses to continue after i thosen the repository
<sarnold> ws2k3: what error messages do you get?
<nacc> ws2k3: i don't think it's 'known broken'
<sarnold> apb1963: some advice on debugging printers is at https://wiki.ubuntu.com/DebuggingPrintingProblems
<apb1963> sarnold, ty
<apb1963> sarnold, sadly... there's only 1 mention of color and it's not the problem I have.  I'm tempted to go get some more ink since it's low to the eye even though it reports OK.  But I hate to spend the money if I'm just going to get more of the same behavior :/
<nacc> apb1963: i take it the printer doesn't have a non-OS driven test page mode?
<sarnold> be aware that it's easy to spend more on ink debugging an hp printer than it costs to buy a new printer froma different vendor
<nacc> heh
<apb1963> nacc, I didn't think to look... let me check.
<ws2k3> nacc no error message it just hangs after chosing the repository
<torak> are private chats logged in freenode? And are they publicly visible?
<Pici> torak: If you mean private messages, no. If you mean channels, then its on a channel by channel basis, but its not something that freenode itself provides.
<Pici> !logs
<ubottu> Official channel logs can be found at https://irclogs.ubuntu.com/ . LoCo channels are now logged there too. Meeting logs from meetingology at http://ubottu.com/meetingology/logs/
<sarnold> freenode does not maintain logs of private chats, but you should be aware that contents of chats are available unencrypted in ircd memory, so if you don't trust the network operators or server admins then you should use another layer like OTR or gpg on top to provide end-to-end encryption
<Pici> torak: if you need more info, ask #freenode
<torak> sarnold: you mean freenode admins by server admins right? Not channel admins?
<torak> Pici: thank you i will check that out.
<blizzow> Can anyone here explain the reasoning behind setting VHOST_NET_ENABLED=0 in the default kvm virtualization settings?  This article says it's a bad default setting, but I'm assuming ubuntu-server devs have a reason for setting it that way. https://blog.codecentric.de/en/2014/09/openstack-crime-story-solved-tcpdump-sysdig-iostat-episode-3/
<sarnold> torak: correct, server admins
<rbasak> jgrimm: ^
<lunaphyte> hi.  i have a 16.04 computer that includes an nfs mount in fstab.  sometimes, the network sucks, and during boot, the share fails to mount.  there is a long, long, timeout when this happens.  how can i change this timeout?
<jgrimm> rbasak:  rharper, cpaelzer possibly
<PCdude> hi all :)
<shamurai> Is Conjure-up the preferred method for deploying single node openstack?
<stokachu> shamurai: yes
<shamurai> stokachu: Thanks, so many different methods...
<stokachu> shamurai: well it's conjure-up for xenial and above from here on out
<stokachu> shamurai: trusty is still openstack-installer
<stokachu> shamurai: and trusty only allows installing autopilot
<shamurai> stokachu: Hardware requirements are still a bit steep. Does conjure-up allow for deploying just swift?
<stokachu> shamurai: no
<stokachu> you are deploying OpenStack to a single machine, the hardware requirements are pretty reasonable for that
<shamurai> stokachu: Well I'm really just trying to test swift, was thinking about using it with Backup Exec S3 Cloud Connector and the swift3 api
<stokachu> shamurai: feel free to fork and modify https://github.com/conjure-up/spells/tree/master/openstack-novalxd
<stokachu> you can update the bundle and deploy with conjure-up
<shamurai> stokachu: thanks
<PCdude> hi all
<PCdude> I have a couple of questions about openstack on ubuntu
<PCdude> I have put them in a askubuntu question
<PCdude> http://askubuntu.com/questions/832736/openstack-with-autopilot-some-networking-clear-up
<stokachu> PCdude: add the autopilot tag so the landscape guys will see it
<stokachu> PCdude: sorry openstack-autopilot
<PCdude> stokachu: done
<stokachu> PCdude: to answer your first question you can do 'JUJU_BOOTSTRAP_TO=host.maas sudo -E openstack-install'
<PCdude> stokachu: thanks awesome, I think the best way is to add an answer and slowly add the pieces in there when all are answered?
<blizzow> I am setting an ubuntu-server and I want to do some disk modifications before the partitioner starts up.  Is there a way to use parted from the console that activates if I press ctrl+alt+f2?
<nacc> blizzow: what kind of modifications?
<tarpman> blizzow: anna-install parted-udeb
#ubuntu-server 2016-10-07
<t2mkn> hello
<iliv> test test one two one two
<t2mkn> Test successful
<Gorian> I'm always surprised at how dead this IRC is for how popular and un-niche ubuntu server is
<Gorian> compared to like, #reddit-sysadmin or #datahoarder
<jamespage> coreycb, zul, ddellav: I did the ceilometer and nova uploads for release
<rbasak> Gorian: apparently it's cooler to slate the devs rather than talk to them :-/
<jamespage> coreycb, ddellav, zul: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1631304
<ubottu> Launchpad bug 1631304 in nova (Ubuntu) "apt-get install nova-compute has odd configuration order" [Medium,Triaged]
<coreycb> jamespage, that would explain the autopkgtest failure on arm
<jamespage> coreycb, i hit it on amd64 testing locally
<coreycb> jamespage, thanks for the fix. I couldn't figure out what was going on there.
<zul> coreycb/jamespage/dddav: i synched magnum
<coreycb> zul, thanks. I'm taking a look at sahara and zaqar syncs.
<zul> coreycb: ill take mistral
<coreycb> zul, +1
<coreycb> zul, sahara and zaqar synced
<coreycb> zul, looking at syncing pandas for gnocchi
<zul> pandas?
<coreycb> zul, yes, but not the fuzzy ones
<coreycb> zul, looking at congress and ironic-inspector
<coreycb> zul, pandas is synced
<coreycb> appears to be too early for congress
<zul> coreycb: k
<coreycb> zul, looking at murano
<zul> coreycb: synched mistral
<zul> coreycb: senlin isnt updated either
<coreycb> zul, ok
<coreycb> zul, murano and ironic-inspector synced, looking at murano-agent
<coreycb> jamespage, did you sync neutron-dynamic-routing?
<coreycb> zul, murano-agent synced
<jamespage> coreycb, not yet
<jamespage> coreycb, lp has not noticed in unstable
<coreycb> jamespage, ok
<lucidguy> What do you guys use for IDS/IPS?
<georgios> hello
<georgios> i see there exist userspace utils related to grsecurity, but where is the kernel?
<blablablabla> hi all :)
<btorch> hi is there someway to still upgrade from lucid -> precise -> trusty ? I see that lucid is no longer on archive
<btorch> so do-release-upgrade fails due to that
<nacc> !eol | btorch
<ubottu> btorch: End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<btorch> thanks
<btorch> hmm still getting the WARNING: Failed to read mirror file even after the EOL changes
<btorch> yeah this isn't working well https://help.ubuntu.com/community/EOLUpgrades
<btorch> Err http://old-releases.ubuntu.com lucid/main Translation-en
<rbasak> btorch: are you asking for help? If so I suggest you present your entire problem rather than just snippets. Eg. pastebin your sources.list, explain the command you're typing, and so on.
<btorch> yeah sorry , will do so
<btorch> so this is the issue I'm seeing http://pastebin.ca/3726205 and I'm wondering if there is another way around it or if it might be ok to proceed with only having the main sources.list repo
<blizzow> What's the tool that runs during a server install that allows you to choose various roles (ssh server, virtualization server, samba server...)? I'd like to run it post-install if possible.
<rbasak> blizzow: tasksel
<blizzow> rbasak: thanks.
<Gorian> rbasak that's sad
<Gorian> also, I just realized you said that to me like, 10 hours ago :p
<rbasak> Gorian: :)
<Gorian> bouncer pinged me as soon as I logged :p
<rbasak> Gorian: it was shortly after I saw a blog post about an investigation into an apparent bug in Ubuntu, but to my knowledge no bug report
<rbasak> Maybe I was a bit harsh at the time.
<Gorian> meh, I get that. People can be super opinionated about things they could never do themselves
<Gorian> lol
<rbasak> I don't mind people blogging about disagreeing with us.
<rbasak> People have opinions, we can only choose one default, people will disagree and that's fine.
<rbasak> It's when they rant about an issue they don't bother to even tell us about that bugs me.
<Gorian> yeah, I get that
<cpaelzer> I have a mac and know the host that has it is alive - can I force it to reveal its IP?
<cpaelzer> might get too late :-/
<Gorian> are you an Ubuntu dev?
<rbasak> Yes, as is cpaelzer. All the Ubuntu server devs hang out here :)
<Gorian> rbasak: I try to be that person that makes pull requests, finds solutions to bugs I complain about, etc. if I can
<cpaelzer> yep
<Gorian> rbasak: oh cool!
<Gorian> rbasak, cpaelzer thank you :)
<Gorian> I use Ubuntu all the time ,3
<Gorian> * <3
<rbasak> You're welcome :)
<Gorian> now, go get me zfs in the server installer! :P
<Gorian> lol
<rbasak> Good quality pull requests, bug reports and commentary are also always welcome :)
<cpaelzer> what did you say about pull requests :-)
<Gorian> haha. I'm a DevOps engineer. Changing a script in a web application is more in my skillset than changing OS code :(
<Gorian> but, I was joking when I said that :p
<rbasak> We do have to deal with a ton of poor quality reports too, so if you do happen to get lost in the noise, please do bring it up here. We're striving to give a clear answer to every report, even if that's "sorry, too low a priority in general, we probably won't get to it, patches welcome".
<rbasak> OTOH, we've been prioritising landing actual patch submissions.
<Gorian> heh, will do. I haven't actually encountered anything to report in Ubuntu ever, personally
<Gorian> but, right now, I have 4 servers I'm having to boot into with a livecd, and then install on top of zfs with debootstrap
<georgios> i see there exist userspace utils related to grsecurity, but where is the kernel?
<rbasak> georgios: AFAIK, we don't carry a grsecurity kernel (does any major distro?) but you can ask the kernel team in #ubuntu-kernel
<georgios> ok
<cpaelzer> georgios: and also despite all flame wars quite some grsec feats went mainline, so the tools get more and more applicable even in non-special environments
<georgios> ok. i was ready to ask about that
<Gorian> rbasak: so, what do you think of btrfs vs. zfs?
<rbasak> I think that both are available on Ubuntu :-)
<Gorian> technically, yes
<Gorian> I was just asking your opinion though :p
<Gorian> you can't easily install Ubuntu 16.04 on top of zfs as root
<rbasak> I wouldn't try too hard to get a zfs root. Far easier just to mount /srv for a workload or whatever.
<rbasak> I don't think I know enough about modern btrfs vs. zfs to have a qualified opinion.
<Gorian> fair enough
<Gorian> but, the whole point of using one was to use it as a root filesystem :p
<rbasak> Why do you need one as a root filesystem?
<Gorian> well, other option is ext4+mdraid for a software mirror
<Gorian> decided I like btrfs or zfs better:p
<Gorian> but btrfs was being grumpier than zfs when trying to manually install with debootstrap, because my servers don't want to work right and install from a cd
<rbasak> Personally, I'd still use ext4+mdraid unless you actually need zfs/btrfs features.
<Gorian> interesting
<Gorian> so, is it sad that I only recently found out about using apt instead of apt-get?
<rbasak> It's not possible for everyone to keep up with everything. Every so often I catch up on something, but there are always plenty of things I haven't caught up on yet.
<rbasak> I only stated *using* apt instead of apt-get in the last month or so, though obviously with my job I knew about it a long time ago.
<rbasak> I still haven't learnt tmux and don't use byobu regularly because screen works fine for me in most cases.
<Gorian> I barely use tmux
<rbasak> (though I fire up byobu whenever sharing with someone else because that's far easier)
<Gorian> I'm never at a linux GUI and just use multiple ssh sessions
<Gorian> byobu?
<rbasak> It's a friendly wrapper around screen/tmux
<rbasak> Great for sharing a screen with someone else, since it Just Works for that without requiring the other person to know how to use anything.
<Gorian> Bring Your Own Butter and Unagi?
<Gorian> inetersting
<Gorian> *interesting
<compdoc>  I started using apt instead of apt-get too
#ubuntu-server 2016-10-08
<lucas_ai> When I ask ubuntu to hibernate, it won't do it. It'll go into a weird hung state. What do I do?
<patdk-lap> why do you want to hibernate a server?
<hallyn> oh GOOOOD.   so we've decided to double down on the timeout for unplugged network interfaces have we?  2 mins wasn't enough, now it has to be 5 minutes?  good good.
<hallyn> oh i guess it was bluffing
<hallyn> no, it just found something that satisfied it.  well better than nothing
<sarthor> HI, How to check if my isp is blocking sip ports?
<teward> sarthor: ask the ISP.
<teward> might also help to indicate which direction you're trying to check (your computer outbound to a SIP server by your network, or somewhere else coming inbound to your network via your ISP)
<sarthor> teward: I have voip server running in home, Want to connected extensions from outside.
<teward> sarthor: if you've ruled out your firewall or your router (port forwarding), and it's still not able to connect then you *might* have a case with the ISP blocking, but if you assume that then you should contact the ISP to see whether they are
<teward> ISP is really the only one going to be able to say whether they're blocking a port
<LeMike> hello. I need to register a new subdomain with some DNS settings. can I do it on my own server somehow?
<tomreyn> LeMike: only if your server acts as the authoritative dns server for this domain name.
<tomreyn> most people who don't know how this works exactly tend to use the DNS service provided by the domain name registrar.
<Gorian> so, I have a disk that has two "ids" - I.E. ls /dev/disk/by-id | grep "/dev/sdb$" returns 2 different results. I would suppose it doesn't matter which I use?
<rypervenche> Gorian: That's normal. Use the one that is more descriptive to you.
<Gorian> okay, good to know
<Gorian> now if I can figure out why it's impossible to select only line one out of two lines
<Gorian> like, what the hell? http://i.imgur.com/1biQmEk.png
<rypervenche> Gorian: Because you're doing a loop. just manually pick one of them or if you need to find one in an automated way, use the find command.
<Gorian> what does that have to do with anything though? If I add "awk '{print $1]'" it returns the first field only just fine
<Gorian> so, why wouldn't head be able to just display the first line? It doesn't make any sense
<Gorian> and, It's part of a script, I can't just manually pick one
<ws2k3> is there something wrong with the ubuntu 12.04 installer?
<ws2k3> im installing ubuntu 12.04 but the installer seems to be stuck
<tomreyn> ws2k3: maybe something is wrong with the (non exact?) copy of it you downloaded
<tomreyn> where did you download it from, what is the md5 checksum?
<tomreyn> !md5 | ws2k3
<ubottu> ws2k3: To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<tomreyn> !md5sums
<ubottu> See https://help.ubuntu.com/community/UbuntuHashes for the md5sums of Ubuntu discs.
<Gorian> rypervenche, got some food and coffee so my brain works now. Fixed it :P http://pastebin.com/ei6xTRRn
<ws2k3> tomreyn this one i used http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/mini.iso
<ws2k3> tomreyn i didnt check the md5 but i just downloaded it
<rypervenche> Gorian: What is your goal here?
<tomreyn> ws2k3: well you can check it now if you still have the iso?
<tomreyn> Ubuntu 12.04 LTS "Precise Pangolin" 30MB (MD5: 1278936cb0ee9d9a32961dd7743fa75c, SHA1: f91282c671b5ac52163d5cb925ac71b7e20420bc)
<tomreyn> this is for the 64-bit PC (amd64, x86_64) variant
<ws2k3> tomreyn i checked md5 matches
<tomreyn> ws2k3: where does it get stuck then?
<ws2k3> tomreyn after i selected my repo
<Gorian> rypervenche, well, that accomplished that goal, to input a space-delimated list of disks by /dev/sd* and get back their /dev/disk/by-id
<ws2k3> tomreyn it just shows a purple screen with one grey line in the bottom
<Gorian> the larger goal, is that I'm automating a debootstrap install of Ubuntu 16.04 on a ZFS mirror, following https://github.com/zfsonlinux/zfs/wiki/Ubuntu-16.04-Root-on-ZFS
<Gorian> so I need the disk ids to use
<tomreyn> ws2k3: which repo do you mean?
<ws2k3> tomreyn nl.archive.ubuntu.com
<tomreyn> ws2k3: try hitting escape, wait 2 minutes, see if you get back to a menu, if so select the option to start a shell, and find and review the log file and try to download a web page using wget.
<tomreyn> if not, try ctrl-alt-f1 and see if you can do the same there
<ws2k3> tomreyn it shows me gpgv: Good signature from "Ubuntu Archive Automatic Signing key"
<tomreyn> ws2k3: and wget works, i assume?
<ws2k3> tomreyn yes
<tomreyn> ws2k3: whats the hardware you're installing on?
<ws2k3> tomreyn vm
<ws2k3> tomreyn in xen
<ws2k3> tomreyn i managed to pastebin my syslog. http://termbin.com/9qdx
<tomreyn> i guess this dsounds wrong: Oct  8 22:30:06 kernel: [ 1695.034563] frontend[57240]: segfault at 78 ip 0000000000401956 sp 00007fffbde52ea0 error 4 in debconf[400000+2000]
<tomreyn> ws2k3: i just tried it, too, using virtualbox. and i get the same result.
<ws2k3> tomreyn yeah. i got the same issue when i tryed yesterday.
<tomreyn> ws2k3: you should probably file a bug report on this
<ws2k3> tomreyn how should i do that? nver done that before
<tomreyn> ws2k3: https://help.ubuntu.com/community/ReportingBugs
<ws2k3> tomreyn and chance another repo will work?
<ws2k3> tomreyn or which repo did you use?
<tomreyn> ws2k3: i used the same as you. but i think it'S the installer iso. try this one instead: http://archive.ubuntu.com/ubuntu/dists/precise-updates/main/installer-amd64/current/images/trusty-netboot/mini.iso
<Gorian> rypervenche, lol, you disappeared
<tomreyn> ws2k3: or if you dont like the HWE kernel, use this instead: http://archive.ubuntu.com/ubuntu/dists/precise-updates/main/installer-amd64/current/images/netboot/
<tomreyn> the HWE one from precise-updates work for me, haven't tried the non HWE one from precise-updates, yet
<tomreyn> ws2k3: ^
<tomreyn> okay, both mini.iso's from precise-update work for me
<tomreyn> https://bugs.launchpad.net/ubuntu/+source/net-retriever/+bug/1067934
<ubottu> Launchpad bug 1067934 in net-retriever (Ubuntu Saucy) "spends 10+ minutes deduplicating Package lists" [High,Fix released]
<ws2k3> tomreyn what means HWE kernel?
<tomreyn> !hwe
<ubottu> The Ubuntu LTS enablement stacks provide newer kernel and X support for existing LTS releases, see https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<ws2k3> tomreyn thx
<tomreyn> welcome
<trippeh> omg Accepted xz-utils 5.2.2-1.1 (source) into unstable
<trippeh> thats almost worthy of yakkety freeze exception ;)
<ws2k3> tomreyn the mini.iso you gave is ubuntu desktop not ubuntu server i think
<tomreyn> ws2k3: what makes you think so?
<ws2k3> tomreyn cause it shows me ubuntu desktop in the pick packages window
<tomreyn> ws2k3: and that is enabled by default?
<ws2k3> tomreyn yes. i disabled it
<tomreyn> ws2k3: and the pick packages screen shows by default, too? i'm not sure about that either.
<ws2k3> tomreyn ubuntu server mini.iso doesnt show that option
<remote> hi
<remote> can I access the "boot log" as it is shown at boot-time?
<tomreyn> ws2k3: so either you're right thta those a different netinstall targets, or this is a functional change introduced during  12.04 point releases
<remote> some service indicated failure but i'm unable to find it back without the big red fail flag in my face
<ws2k3> tomreyn also after install it doesnt boot
<tomreyn> remote: "dmesg -T | less" and "sudo less /var/log/syslog" is probably the closest you will get.
<tomreyn> ws2k3: :-/ i didnt try to push it that far. maybe tomorrow.
<remote> tomreyn: ok! I'll get my shovel
<tomreyn> digging a grave?
<ws2k3> lol xD
<tomreyn> :)
<tomreyn> i'll slip into my coffin for the day now. ttyl.
#ubuntu-server 2016-10-09
<remote> i mean, the boot process is clearly saying something like "starting haflskuhsldaihudl [FAILED]" and I'm stuck with nothing relevant in dmesg
<remote> systemd failed to start load kernel modules
<rypervenche> Gorian: Yeah, sorry, I went out.
<Gorian> lol, no problem
<Gorian> if you were still interested, this is what I have so far, but it's not done or tested with the latest additions :P
<Gorian> http://pastebin.com/nU1STFwj
<rypervenche> Gorian: You could do something like: ls -l /dev/disk/by-id/ | awk '{print $NF"\t"$9}' | sed 's|../../||' | sort | grep -v ^0
<Gorian> I always read that you should NOT rely on ls output for any automation
<Gorian> opinion?
<rypervenche> Oh, you didn't say this was for building machines when I asked what your goal was.
<rypervenche> I would agree with that, but I was just giving you something much shorter.
<Gorian> sorry, I thought I did
<Gorian> it's rough atm, obviously I have no argument checking or anyting
<Gorian> *anything
<Gorian> I just need it to work right now, I can polish it later :P
<rypervenche> find /dev/disk/by-id/ -type l -printf '%l: %p\n'
<rypervenche> That's even better.
<rypervenche> I'd make it prettier, but the idea is there.
<rypervenche> Gorian: So this is for making chrooted environments?
<Gorian> no
<Gorian> hang on
<Gorian> https://github.com/zfsonlinux/zfs/wiki/Ubuntu-16.04-Root-on-ZFS
<Gorian> I'm installing Ubuntu j16.04 LTS on top of a root ZFS mirror, on multiple servers
<Gorian> so I'm writing a script to automate the process
<Gorian> I've done it successfully manually before, but it's too long and annoying to do it that way multiple times
<rypervenche> Ahh, gotcha.
<Gorian> so, I've decided that my script would work better if I told it to mirror two DIFFERENT disks... instead of the same ones...
<Gorian> *one
<Gorian> I made a typo and it tried to tell zfs to make a mirror from /dev/<sda> and /dev/<sda>
<Gorian> and ZFS was all like "WTF? no"
<Gorian> grub-install: error: filesystem 'zfs' doesn't support blocklists
<Gorian> :/
<Gorian> why broken?
<k2gremlin> Hello all, I have a friend that is going to be deploying soon. I am trying to setup a VM server for him to remote access. What is the most secure way to give him remote access?
<cooldharma06> Hi all
<cooldharma06> While installing Ubuntu server from usb facing loading modules usb-storahe..
<remote> k2gremlin: disabling TOFU for ssh keys and using 3rd factor authentication
<k2gremlin> TOFU?
<cooldharma06> I am trying to install Ubuntu server along with windows 10 and via USB I am doing
<k2gremlin> How would I setup 3rd factor auth?
<remote> k2gremlin: one way is via pam
<k2gremlin> like an RSA key?
<remote> k2gremlin: I didn't mean what I said for SSH, just don't accept unknown keys for the account
<remote> k2gremlin: when asking your question you said "the most secure way"
<remote> that's not it but it's the best I can do
<k2gremlin> remote, lol I see. Sorry, the most practical way that is pretty secure.. I mean not trying to secure a NASA server or anything lol
<k2gremlin> I should generate an SSH key and give that to him.. eh?
<k2gremlin> At least it will be somewhat secure lol
<remote> nah, just start the ssh server, make sure he uses a strong password, see that you disable his account when appropriate if need be
<k2gremlin> Couldn't really see the need to disable it. If it gets compromised ill just kill the server. However, this guy is a fking rock star when it comes to IT stuff so I am sure I would have a problem. Just trying to do him a favor :)
<remote> awesome
<remote> maybe he can help you if you have problems
<k2gremlin> Yea he was meaning to setup his VPN again before deploying.. but he just ran out of time.. So he will probably use it for that.
<remote> make sure to append the following line to his bashrc file:
<remote> alias ls="echo wut?"
<remote> if he can't figure it out you can call him off for drunk deployment
<k2gremlin> hahaha
<k2gremlin> more like "echo WTF? You think this is linux?"
<k2gremlin> I consider myself an entry level linux user... he blows me away. If I did something like that, he might break out of the VM and sabotage my media server or something lol
<cooldharma06> Any suggestions regarding my query
<cooldharma06> Is xenial is missing usb-storage kernel module.
<halvors> Any idea why i'm getting this when trying to use "netstat-net"? http://pastebin.com/JLXqNHdv
<remote> halvors: https://bugs.launchpad.net/ubuntu/+source/netstat-nat/+bug/1631399
<ubottu> Launchpad bug 1631399 in netstat-nat (Ubuntu) "Could not read info about connections from the kernel, make sure netfilter is enabled in kernel or by modules." [Undecided,New]
<remote> halvors: i hadn't realized you submitted that
<remote> halvors: are you missing access privileges or is netfilter disabled?
<remote>  
<remote> halvors: paste the output of `strace -fvo output.log netstat-nat'
<k2gremlin> remote,
<remote> hi
<k2gremlin> I can access the server from my phone on carrier...
<k2gremlin> but he cant on his mac
<remote> tell him to get a phone
<k2gremlin> He can ping my domain but its telling him cannot resolve hostname
<k2gremlin> when he tris to ssh
<remote> try the mac address
<cooldharma06> Any ppl from Ubuntu facing some issue with Ubuntu server installation missing some kernel modules in image
<halvors> remote: Here you go: http://pastebin.com/XJxfFQsD
<halvors> remote: Maybe the filepath to the files it's trying to reach has changed?
<remote> halvors: look at line 29 and 30
<halvors> remote: Yeah i know, but how can i do nat if those files doesn't exist? Something must have been changed here.
<remote> i think what's affecting your nat is a human factor
<remote> what do you think about searching for a solution before asking and providing more details instead of just a problem when asking for help?
<remote> i mean, i can't help you, but i'm sure you can find out more on your own
<k2gremlin> remote, LMFAO! Hes in on his phone.. His MAC is jacked up.. lol
<remote> k2gremlin: make sure he doesn't jackit up too deep or you might need medical assistance
<remote> s/you/he/
<cooldharma06> Anyone installed Ubuntu server 16.04 from usb
<k2gremlin> lol remote.
<remote> cooldharma06: i did that earlier
<cooldharma06> Facing some issue as error loading modules 'modprobe -v usb-storage'
<remote> cooldharma06: when? in what context?
<cooldharma06> Remote give some mins I ll share screenshot
<cooldharma06> remote plz check this image..
<cooldharma06> http://picpaste.com/IMG_20161009_091003070-C45BhM9L.jpg
<cooldharma06> Any suggestions dude
<remote> that's not an image it's an html file
<halvors> remote: I've done a lot of reasearch on this, not found any sources that have got netstat-nat working after 14.04.
<remote> who serves html as .jpg ?
<remote> cooldharma06: open a console and run the command manually and paste the output
<cooldharma06> While installing os itself facing this error
<remote> cooldharma06: i'm assuming you can't complete the install once you press continue?
<remote>  
<tsimonq2>  
<cooldharma06> That is image link only
<cooldharma06> remote http://picpaste.com/pics/IMG_20161009_091003070-C45BhM9L.1475985139.jpg
<remote> cooldharma06: what happens when you run the command manually?
<cooldharma06> I am having windows as my primary. Trying dual os with Ubuntu server facing this error
<cooldharma06> remote: while installing os from usb facing this error.
<k2gremlin> bad iso on the USB would be my guess
<k2gremlin> reimage the USB drive with the os
<remote> from the computer you are installing ubuntu on, press ALT+F2
<remote> execute the command and tell us what the output is
<remote> k2gremlin: it may be a problem with the installer
<k2gremlin> Could be a problem with the download he got as well :)
<cooldharma06> 'Modprobe Error: could not insert usb_storage : Required key not available
<cooldharma06> But I tried to install as vm it working fine when trying with USB facing this error
<cooldharma06> remote k2gremlin is there any way can I import that module into my system through console
<remote> modprobe usb-storage
<remote> paste the output
<cooldharma06> I am gng to try with dvd
<cooldharma06> Same error dude
<PCdude> hi all :)
<PCdude> I have setup openstack, but have still some questions about it
<PCdude> I have made a convenient askubuntu.com post
<PCdude> http://askubuntu.com/questions/832736/openstack-with-autopilot-some-networking-clear-up
<sliddddis> If I download the 16.10 beta 2 today, how hard will it be to get up to date normal 16.10 in 4 days?
<bekks> As hard as typing a two commands.
<remote> sliddddis: at least a bit easier than how hard it would need to be to dissuade you from running the beta today
<sliddddis> bekks just update and upgrade?
<bekks> Yes.
<linux_user> In succession to the instantiation of a CentOS/RHEL installation, within the /root directory, there exists a residual file in kickstart format indicative of all the options selected during the course of the GUI install. Whence Ubuntu is installed, where is just such a residual file located in succession to the installation that is in kickstart format?
<ikonia> linux_user: are you using kickstart to install ubuntu
<ikonia> linux_user: it's actually anaconda that creates that file, not kickstart
<linux_user> no, the GUI (just like I did a CentOS GUI install and the file was residual)
<linux_user> I know
<ikonia> ubuntu will not create that file
<linux_user> does Ubuntu generate such a file in succession to its install?
<ikonia> no
<linux_user> oh
<linux_user> that blows
<ikonia> not really
<linux_user> sure it does, with CentOS you can do a full install and have a residual kickstart file to start with for changing it
<ikonia> linux_user: but has ubuntu normally uses preseed based automated installs that would be worthless
<linux_user> I do not know what preseed is, but what I want to do is do a gui install and have a starting kickstart file to use to modify or just repeat the install absent the GUI the second time around. Why would that ever be worthless? Surely that must be some joke.
<linux_user> I appreciate your assistance none the less.
<ikonia> why do you want a kickstart file
<ikonia> (for ubuntu)
<ikonia> you'd be better building a preseed config that has full support of all the options
<linux_user> Indeed I disagree, what would be better for me is kickstart since I already use them for CentOS, unless you are suggesting preseed exists for CentOS/RHEL, does it? Why would I wish to use an entirely different and non-standard system?
<linux_user> At any rate, I found the system-config-kickstart thingy and plan to use it in combination with merging some statements from my CentOS generated kickstart file to try to generate one for Ubuntu
<ikonia> linux_user: what has centos got to do with anything
<ikonia> you're using ubuntu/trying to install ubuntu
<ikonia> use the ubuntu tools such as pressed
<linux_user> You are asking that because you did not read entirely my initial question, now I get it! Let me repaste it! âIn succession to the instantiation of a CentOS/RHEL installation, within the /root directory, there exists a residual file in kickstart format indicative of all the options selected during the course of the GUI install. Whence Ubuntu is installed, where is just such a residual file located in succession to the
<linux_user> installation that is in kickstart format?â I work in a CentOS environment and some jackass executive is demanding Ubuntu, so we are trying to make it work, but we USE kickstart and CentOS. The better question is why is kickstart so unusable for Ubuntu when the business world uses CentOS and Kickstart and Ubuntu is trying to enter that fold? Why force people to learn and use another technology, its not required and waste
<linux_user> time and money. That is why.
<ikonia> of course it's not a waste of time and a money
<linux_user> So can we get back to my question now you know why?
<ikonia> no, I'll leave you to it, you seem to think you know the answers already, so carry on
<linux_user> thank you. If you do not know how to use Kickstart I understand that, totally cool on that, but I am not interested in changing the question to fit the answers you have. Thanks though.
<ikonia> I use kickstart every day
<tomreyn> lol, that attitude
<Anonymes> Hi
<pmatulis> linux_user, redhat/centos uses kickstart and debian/ubuntu uses preseed. however, ubuntu does have rudimentary support for kickstart files but i don't think it creates the file you're after. beyond that information, what's the use of asking 'why doesn't ubuntu fully support kickstart?'? it just doesn't. just like redhat does not support preseed
<pmatulis> (at all)
<JanC> also, if you want better kickstart support, you can look into adding it, I guess...
#ubuntu-server 2017-10-02
<pankaj> I know that sed and awk are streamline editors. What are the most important uses of them in programing world?
<pankaj> Can anybody please tell me the most important usage of sed and awk in the programming world. What amazing and important things can I do with them?
<ChmEarl> start reading code & make files, then it will become clear
<zioproto> I have a question about the Ubuntu packaging of Openstack Cinder
<zioproto> coreycb or jamespage are you guys around here ??
<coreycb> zioproto: hi
<zioproto> hi coreycb
<zioproto> do we meetup in Sidney ?
<zioproto> I am doing a change in our cinder, version 2:9.1.4-0ubuntu1~cloud0
<coreycb> zioproto: no but i think james will be there
<coreycb> zioproto: ok
<zioproto> because puppet is not the best tool, but is what we have at the moment, I need to test our puppet code to start with the cinder.conf provided from the packaging
<zioproto> so I delete my cinder.conf
<zioproto> and I do
<zioproto> sudo apt-get -o Dpkg::Options::="--force-confmiss" install --reinstall cinder-common
<zioproto> I think this should be the right way to restore the original cinder.conf file
<zioproto> from the package distribution
<zioproto> but I noticed that the package scripts require database access, that is not present yet in the cinder.conf file
<zioproto> I get this error
<coreycb> zioproto: yes that seems like it should do it
<zioproto> https://pastebin.com/QUaNNegp
<coreycb> zioproto: ok taking a look at the package
<zioproto> to my understanding the packages scripts try to do something in the database during the package installation, giving for granted that info to access the database are in cinder.conf
<zioproto> of course I just added these info to cinder.conf and I was able to finish the package installation
<zioproto> I could not test what happens on a fresh install
<coreycb> zioproto: ok we actually removed execution of 'cinder manage db-sync' in pike packages
<coreycb> zioproto: we were setting up an sqlite db by default
<zioproto> ok I see
<zioproto> maybe I ended up in a corner case
<smoser> hallyn, i've not used in a long time. you did you use the livecd or the d-i ?  upgrade ? fresh install ?
<zioproto> so if this is removed in Pike I guess we are fine
<hallyn> smoser: fresh install, server cd
<smoser> hallyn, i'd have to look. you install from preseed or something ? or interactive
<drab> hi .o/ and welcome to odd question of the week
<drab> who wants to play?
<drab> 10K for "cups"
<hallyn> smoser: interactive
<drab> eeer, pam even, not cups
<drab> trying to get pam_mount to work
<drab> I found a bug in launchpad I can't get around, but it makes pretty much pam_mount useless
<drab> https://bugs.launchpad.net/ubuntu/+source/libpam-mount/+bug/117736
<ubottu> Launchpad bug 117736 in PAM "pam_mount unable to unmount needs root priv" [Unknown,In progress]
<drab> sarnold: ^^^ this seems to be a security thing, maybe you have a sense of what could be done?
<drab> the talk page for pam_mount on arch has some more info, but their workaround doesn't work
<drab> https://wiki.archlinux.org/index.php/Talk:Pam_mount
<drab> I'm suspecting the way ubuntu and arch integrate with systemd is different, hence the issue
<tafa2> what is going on with the repos?
<tafa2> all my servers on diff providers in different DC's are super slow fetching apt update and upgrades?
<tafa2> even different countries?
<Ussat> Just finished a few hrs ago updating my systems, did not notice slowness
<zioproto> coreycb: is anyone on this dnsmasq security problem that emerged today ?
<zioproto> coreycb: ubuntu cloud archive ships his dnsmasq package that needs to be patched asap
<Ussat> I dont use that on any of my systems, but herd all about it
<zioproto> coreycb: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
<zioproto> for the dnsmasq in xenial there is already a patch
<zioproto> 2.75-1ubuntu0.16.04.3
<zioproto> this is from http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
<zioproto> but cloud archive has
<zioproto> 2.76-4ubuntu0.1~cloud0
<zioproto> and I think this version does not have the patch
<zioproto> jamespage: heads up also for you :)
<zioproto> because dnsmasq runs on the network node
<zioproto> using remote code execution vulnerability any user of the cloud could exploit the network node
<jamespage> zioproto, coreycb: ta
<jamespage> zioproto: xenial/mitaka, xenial/ocata and xenial/pike updates are in the pipe; need to sort out newton
<coreycb> beisner: hello sir, can you promote dnsmasq - 2.76-4ubuntu0.1~cloud1 to newton-proposed? this is for https://usn.ubuntu.com/usn/usn-3430-1/
<coreycb> jamespage: zioproto: fyi ^
<zioproto> thanks ! it is already night here in Europe, I guess we will patch tomorrow first thing in the morning
<zioproto> at the moment I still see 2.76-4ubuntu0.1~cloud0
<zioproto> I am using http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/newton/main amd64 Packages
<beisner> hi coreycb - ack re: dnsmasq thx
<coreycb> beisner: thanks
#ubuntu-server 2017-10-03
<eagles0513875> hi all I am running 16.04 on a vm and I am having issues finding the mysql module for apache what is it called please
<eagles0513875> tried googling but to no avail
<eagles0513875> disregard got it working
<N3X15> Been running into https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1583182 Since there hasn't been any apparent movement on that since 2016, any workarounds?
<ubottu> Launchpad bug 1583182 in network-manager (Ubuntu) "error on 01ifupdown script" [High,Confirmed]
<lordievader> Good morning
<zioproto> jamespage: cloud archive for Newton still has the old dnsmasq package. Is there a release coming out ?
<coreycb> zioproto: we're regression testing atm
<coreycb> zioproto: it's in newton-proposed now
<ahasenack> hi guys, any idea why the libvirt-qemu user uid is in the 64k range? Specifically, mine is 64055
<ahasenack> shouldn't that be a "system user", and be between 100 and 999?
<ahasenack> as it is, it's showing up as a regular user in the artful user management tool (GUI)
<ahasenack> 64055 is in the 60000-64999 range which does have a special meaning in debian/ubuntu, but with this remark: "These ids are for packages which are obscure or which require many statically-allocated ids. "
<ahasenack> libvirt isn't "obscure" last I checked :)
<ahasenack> I can file a bug, was just wondering if somebody had a quick answer
<jamespage> ahasenack: its probably to ensure a consistent uid/gid across a deployment - we did the same with ceph
<ahasenack> jamespage: and on that range (64k) specifically?
<jamespage> somewhere in that range yes
<ahasenack> "The ids are allocated centrally and statically, but the actual accounts are only created on usersâ systems on demand."
<ahasenack> I see
<ahasenack> that would also explain why I've seen the "ceph" user in my gdm login screen sometime ago, I always meant to chase that down
<coreycb> jamespage: regression testing on newton-proposed is complete and successful for dnsmasq.
<coreycb> jamespage: that also included the newton point release, bug 033
<ubottu> Error: Could not gather data from Launchpad for bug #33 (https://launchpad.net/bugs/33). The error has been logged
<coreycb> nope
<coreycb> bug 1718033
<ubottu> bug 1718033 in Ubuntu Cloud Archive newton "[SRU] newton stable releases" [Medium,Fix committed] https://launchpad.net/bugs/1718033
<coreycb> jamespage: python-k8sclient 0.4.0 is ready to promote to pike-proposed.
<Epx998> forced to work on windows servers today, meh
#ubuntu-server 2017-10-04
<CyberpunkZombie> hello all, can anyone recommend a good wireless pci card?
<lordievader> Good morning
<jamespage> coreycb: oh not nice - 1720887
<jamespage> bug 1720887
<ubottu> bug 1720887 in libvirt (Ubuntu) "Default settings for virtlogd results in "too many open files" errors" [Undecided,New] https://launchpad.net/bugs/1720887
<coreycb> jamespage: is that on cpaelzer's radar?
<coreycb> jamespage: fwding to him nonetheless
<Jenshae> tomreyn and sarnold thank you for the help with hard drives and ZFS. I have managed to boot up a 4x 500GB RAID on one machine and 3x160GB RAID5 on another with Ubuntu server. The 160 machine is being used as a desktop.
<Jenshae> I still need to configure the 500 one. At home, Ubuntu server with a desktop installed was giving me a lot of lag spikes, quirks and graphics failures, Xorg crashing. I have resorted to a standard SATA 500GB that is booting then it mounts a zpool of 3x 500GB SSHDs, which do seem to be improving my games performance and coding environments.
<trippeh> "oh no", Slack is segfaulting on my Ubuntu 17.10
<drab> Jenshae: were you doing root on zfs?
<drab> I still have not dared to do that, seems a sketchy process
<joelio> trippeh: wfm in ff, not using client
<drab> also what SSHDs do you have? I'm running a bunch of standard HDs + a SSD for SLOG, but wondering if a few SSHDs would make a difference
<soahccc> Is it normal that smart values go down? I mean the ones that normally only go up, do I have a self healing disk? got a bunch of these:  SMART Prefailure Attribute: 5 Reallocated_Sector_Ct changed from 93 to 92
<drab> soahccc: smart values normally go down afaik, at least a large chunk of them
<drab> so in your case it's saying current value went down from 93 ot 92, when it gets to 5 your disk is toasted.
<drab> alho ime I consider it to be replaced far before it gets to the threshold
<drab> especially for key attributes like Realloc Sect
<trippeh> ah hm. it seems to be crashing in glib, and glib did get upgraded earlier today.
<soahccc> drab: well the disk had a very high Raw_Read_Error_Rate (65 million) but I figured this value is BS for most disk vendors. I let the provider check the disk, they said no error but I don't quite believe that. Smart long test goes through but the IO issues speak another language :/
<drab> soahccc: I'd agree on Raw_read error to be BS, most stuff I read when I was trying to figure smart out said the same. normally it's only 3 or 4 attribue that's worth paying attention to and that's not one of them
<drab> to be perfectly honest, unless it's some extreme case, I take all smart values with a bag, not a grain, of salt
<soahccc> at least arguably sda (0 realloc) is way better of than sdb (325 reallocated sectors count)
<trippeh> joelio: I'm using the electron clusterfuck. So I guess I'll be on the web thing for a bit. :)
<soahccc> drab: the weird thing is that IO is very slow (e.g. database is waiting for IO a lot) and I'm guessing it's due to mdadm and one disk kinda dying
<Jenshae> drab First step was, normal Ubuntu on normal 500GB Sata drive, pure magnetic.
<Jenshae> Then I installed ZFS, just with apt install zfs
<Jenshae> From there, I did a zfs create raidz /dev/disk/by-id/(x3)
<Jenshae> Then using just used create to make folders and zfs mountpoint=/home/user/steampath/steamapps pool/steamapps
<Jenshae> I hope that is enough for you to find your way, giving you a rough guide from memory
<Jenshae> You need to use UUIDs with ZFS or it can get a bit hinky it seems.
<drab> thanks, I have zfs going on several boxes, the question was about root on zfs
<drab> which sounds like you're not using
<Jenshae> I did use sudo -i to do it all, yes.
<drab> k, thanks
<Jenshae> What I wanted to do and couldn't manage was getting grub to boot the pool and run everything off it.
<drab> soahccc: if you can afford it I'd replace the drive. most ppl I've talked about this with seem to replace the drive at around 100 tops, so 325 is pretty bad if you take their thresholds
<soahccc> drab: yeah I'm going to monitor these counts for a couple of days and give that to my provider so I get the replacement for free :D
<Jenshae> Sometimes it is fun to see how far something can go before it breaks completely ;)
<Jenshae> Just have backups.
<joelio> trippeh: yea, never understood that electron stuff tbh, there's already a browser on the machine! :)
<drab> but but, it's a desktop app, you know, like, a desktop app, desktop apps are cool
<trippeh> but I hate having free memory
<trippeh> ;)
<drab> lol
<drab> take some sticks out and send them over :P
<Jenshae> It sounds obvious but I found out this year that the benefits of 4x4GB are better than 2x8GB RAM sticks.
<Jenshae> Ciao o7
<soahccc> Hehe I think this is going way faster than thought, I'm at 340 (+15) Reallocated_Sector_Ct already... oh one more 341 ._.
<trajik> Is there any trick to getting static ip configured in Ubuntu 17.10 Server?  Do you have to use netplan, or /etc/network/interfaces still works?
<Epx998> Is there an apt repo that houses packages from https://packages.ubuntu.com/trusty-updates/debian-installer/ ?
<maxb> Epx998: Um, the main Ubuntu archive itself?
<drab> Epx998: I have "main/debian-installer" in my debmirror script and like maxb said it comes from the main ubuntu archive itself
<Epx998> hmm
<Epx998> and now my ixgbe driver wont compile buh
<Village> Hello Guys, whats packages can be simulate with this python2-gevent python2-psutil ?
<nacc> Village: can you rephrase your questio?
<Village> nacc, ok
<Village> i try sudo apt-get install python2-gevent python2-psutil
<Village> and get error that this packages not existed
<Village> its normaly?
<nacc> Village: what versio of ubuntu?
<nacc> Village: and yes, those packages don't exist on Ubuntu
<sarnold> all the python2 versions of packages are named 'python-foo' and the python3 versions are named 'python3-foo'
<Village> nacc, 16.04 (64bit)
<nacc> Village: then what sarnold said
<sarnold> it'd have saved everyone a load of trouble if they had used 'boa' or 'constrictor' or 'mamba' or something rather than 'python3' but what are you going to do? :(
<Village> So python-foo isntalls al phyton2 packages?
<sarnold> well, no, but if you want gevent for python2 then you install the 'python-gevent' package
<Village> and what about psutil ?
<sarnold> same thing, python-psutil
<sarnold> try running 'apt-cache search python psutil' and see the output :)
<Village> Ok, thank you Guys, what i need know now i know
<Village> python-foo package does not exist
<Village> seems like i not understand you good
<nacc> Village: that was just an example, there is no python package named foo
<Village> understand now this, nacc, ok
<Village> good luck, guys,until
<sarnold> Village: "foo", "bar", and "baz" are often used as stand-ins for real things
<Village> now i know:)
<sarnold> http://catb.org/jargon/html/M/metasyntactic-variable.html
<Village> you light me
<nacc> rbasak: fyi, glibc 2.19-13ubuntu1 has a patch that doesn't apply (quilt push fails). `pull-lp-source` of the same also fails. I think this relates to historic fuzz allowance, but not 100%. But I also can't recall what we decided to do to work around this
<Epx998> is it possible to prevent a kernel upgrade after a install, so that the final kernel is the same as the installer?
<nacc> Epx998: you'd need to update evenntually anyways?
<Epx998> not nessessarily
<Epx998> the ixgbe driver all of a sudden is failing to compile on fresh ubuntu images
<nacc> Epx998: i mean, for security purposes, you do want to
<nacc> isn't the ixgbe driver upstream?
<Epx998> right, but still - not nessessarily
<Epx998> and no its not
<nacc> uh ... are you sure? apt-file says it is
<Epx998> what version in the apt-file?
<nacc> net/ethernet/intel/ixgbe/ixgbe.ko
<Epx998> right but what version
<nacc> I dunno
<Epx998> 3.1.x something oro ther
<nacc> but you said it was't upstream
<nacc> it is.
<Epx998> intel is on 5.2.x
<Epx998> newer intel gbe cards dont work with ubuntu out the box
<nacc> version=5.1.0-k
<nacc> that's on 17.10
<nacc> (4.13 base kernel)
<Epx998> but on 14 and 16 its the old driver
<nacc> soudns like a crappy vendor :)
<trippeh> the version numbers are mostly just confusing
<nacc> not sure why you'd think brand new hardware would work on an OS that is 4 years old
<nacc> even with HWE
<Epx998> no reason to not ship with an updated driver
<Epx998> not all code is always built on the latest and greatest either
 * nacc doesn't have time for this
<Epx998> just saying ;P
<trippeh> the linux mainline ixgbe driver tends to be more or less in sync with the intel one at the time of release
<Epx998> trippeh: intel x550's dont work out the box with 14 or 16, shrug
<trippeh> intel is just mostly lazy about updating the in-kernel version string
<trippeh> Epx998: yes - at the time of release beeing the key point here
<Epx998> i like ubuntu, but we dont have these problems in our centos farm
<trippeh> yes, it is easier for intel to target ancient kernels with their out-of-tree driver :)
<Epx998> our version of ubuntu is dictated by google I think, for our mobile stuff that uses android.
<Epx998> not like my team personally wants to run these old releases
<trippeh> did the out-of-tree driver stop building on newer 16.04 point releases, is that what you are saying?
<trippeh> because x550 is supported out of the box on say 17.04
<Epx998> thats great, but doesnt help on this farm im forced to run 12/14 on :D
<Epx998> hmm gives me an ide tho
<nacc> uh, run a modern OS as the host, and use VMs/containers?
<trippeh> 12 is EOL though ;)
<nacc> and that
<Epx998> oh i know - its frigging silly
<trippeh> if the out-of-tree driver is not building properly, you may be missing some header package for the newer images or intel needs to fix their release
<trippeh> pastebin the error?
<Epx998> it worked eariler, not sure what has changed.
<Epx998> https://gist.github.com/anonymous/09b14e69e2f51d45f9061c65c977c004
<trippeh> right, driver is def not expecting that kernel version
<trippeh> seems like a poke intel problem :p
<Epx998> ok so its something i am doing when i downgrade the kernel
<Epx998> id just stick a updated kernel on the netboot installer, but that hasnt worked for me yet
<rbasak> nacc: worst case: unless there's an easier way, we can apply (package, version) patching again.
<Epx998> yeah its the downgraded kernel hmm
<nacc> rbasak: yeah, i could recall if we had a different workaround than source patching for dealign with patches-applied failing
<rbasak> I don't remember. I'm open to any better way :)
<nacc> rbasak: well, we had talked about skipping patches-applied that don't apply
<rbasak> Yeah
<nacc> rbasak: which would lead to breaks in the history
<nacc> but if we dont' have publishig parents anymore
<rbasak> Maybe an opportunity to see if the history correctly resumes again?
<nacc> that is a little less relevant
<nacc> yeah
<rbasak> If so, I don't think I particularly mind if we leave a hole in history or patch the source.
<rbasak> I suppose for hash stability we can't change it later.
<rbasak> So perhaps patching the source would be inconsistent with that.
<nacc> rbasak: yeah, we just need to decide -- it feels weird to patch the source for a behavior change in dpkg (presumably)
<rbasak> The more general issue will be a constant matter for us to deal with I think - changes in dpkg or related tooling that cause historical imports to behave differently.
<nacc> yeah
<rbasak> (whether by failing where it previously succeeded, succeeding where it previously failed, or changing the import result)
<rbasak> All of those will mutate the hashes.
<nacc> it is technically only valid to 'build' somethig in the release in which it built, right?
<nacc> (where source extraction is just a pre-step to building)
<rbasak> I think I have a bug on noting the "build" used to try and stabilise that.
<rbasak> I hadn't thought of that, but I suppose that's the expectation that Debian and Ubuntu both try to enforce, yes.
<nacc> well, what is technically nice is we *can* carry every dpkg version i the snap :)
<rbasak> (and rarely further)
<nacc> it's a bit madness
<nacc> but it's technically possible for the bits we use (dpkg-source)
<nacc> getting the build-deps right would be tricky, though
<rbasak> Building really old versions may prove difficult too.
<nacc> yeah
<nacc> i mean it's possible, it may not work :)
<rbasak> :)
<rbasak> My feeling is that it's probably not worth it.
<nacc> for now, let me see how it goes to skip a patches-applied failure
<rbasak> I would like to log in the commit message what was used, though, so that we can reproduce it later.
<nacc> and see how glibc at least looks
<nacc> yeah
<nacc> you mean like a dpkg version?
 * rbasak heads for bed
<nacc> rbasak: have a good evening
<rbasak> Not just the dpkg version, but the everything version.
<rbasak> Which might be better described as a snap version, for example, with separate tooling to be able to reproduce the snap version's build dependencies so we can later rebuild an equivalent snap.
<rbasak> snap needs reproducible build support :)
<nacc> heh, yeah well that's a whole other topic, rbasak :)
<Village> Good evening,
<Village> what's can be that i can't user sudo command?
<Village> sudo: /etc/sudoers is owned by uid 1001, should be 0
<Village> sudo: no valid sudoers sources found, quitting
<Village> sudo: unable to initialize policy plugin
<nacc> Village: pretty explicit error message there
<Village> how fix it?
<Village> maybe i ser chown -R for other user
<Village> and other user cant use sudo
<Village> how fix it you don't know?
<nacc> Village: why is /etc/sudoers owned by 1001?
<Village> i don't know what is 1001 but i use command with root chown -R User /etc/
<genii> Ouch
<nacc> Village: that was not very smart on your part
<sarnold> ALWAYS use 'visudo' to edit the sudoers file
<sarnold> NEVER use anything else
<genii> A reinstall will be required.
<genii> sarnold: He didn't edit it, he chowned it
<Village> Ok, from now i know that need set chown only folder what you need now father folders
<nacc> Village: I really cant' understand what you're writing
<sarnold> holy cow .. chown -R user /etc/ .... yeah. definitely a re-install will be your easiest solution.
<nacc> Village: you should not be chown'ing any system directories
<genii> If you just boot to recovery and chown it back to root, there are various ones in there that normally are not owned by root. so a reinstall is best
<nacc> yeah, i would also recommend a reinstall
<nacc> and perhaps taking some sysadmin-y courses
<Village> nacc, i use FTP and primary FTP user (ex. User), so sometimes need touch folders with via ftp
<nacc> (that's not meant as derisive, Village, but it should really be obvious why you should not have done what you did)
<nacc> Village:  you have no reason for *anyone* to ftp into /etc
<nacc> might as well throw your machine into the trash
<nacc> (now i'm being derisive)
<sarnold> hehe
<Village> hm..
<Village> so dolution reinastall ubuntu
<sarnold> yes
<sarnold> and once you do, _please_ figure out a better way to administer the machine than FTP. Please. PLEASE. :)
<Village> but if i boot it too rescue mode and chown -R root /etc/
<sarnold> you could either spend an hour comparing ls -laR output on two machines and running a hundred chmod commands
<sarnold> or you could just reinstall it and be sure it's configured correctly from the start
<Village> oh, it's need time:/
<Village> i first anyway try boot rescue mode and chown -R root /etc/
<nacc> Village: as you've been told, that is also wrong.
<nacc> Village: please listen to us and reisntall your machine
<nacc> and then spend some time learning why a) administering your machine with FTP is incredibly wrong and b) why doing any kind of recursive chown in system directories could break things.
<sarnold> actually, this might not be so bad
<sarnold> here's the list of things in my /etc/ that aren't root:root http://paste.ubuntu.com/25676213/
<genii> What might also work is in recovery, mount read-write, make a list of all the packages currently installed on your system, then do a reinstall on all those packages
<sarnold> who knows what you had on _your_ machine, but this list is way smaller than I expected.
<genii> Notably, the cups dir should be group lp, and shadow file and gshadow file to group shadow
<Village> half day i install from zero, and now again
<Village> i need tea and smoke el cigarette
<Village> and thank you guys, need reinstall server
<sarnold> good luck Village :)
<Village> :) Thank you, Guys
<nacc> rbasak: looks like it is able to move ahead with the just proposed MP (for review, not merging yet)
<nacc> mdeslaur: do you want me to prepare an update for php7.0 to address https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2017-093/ by bumping to 7.0.24?
<nacc> mdeslaur: possibly you're already on it
<drab> urm, they say test everything with virtual machines, it'll make things easier...
 * drab shrugs
<drab> for whatever reason ssh works from host to lxc container and to virtual box VM on the same desktop
<drab> and viceversa
<drab> ping works between vbox and lxc, but ssh does not
<drab> but vbox has its if set up on the same bridge lxc is, hence the ping working
<tafa2> so I added an extra source/ppa, when I delete it from sources.d on login ubuntu tells me there are 44 packages for me to update - these were obviously on the repo I deleted, since apt list upgradable now returns nothing. How can I clear this?
<sarnold> tafa2: the ppa-purge package may help
<tafa2> .google ppa-purge
<tafa2> thanks sarnold
<sarnold> tafa2: if you're sure there's no overlap between the ppa packages and the archive-provided packages, you can just delete the lists in /var/lib/apt/lists/
<tafa2> cool!
<tafa2> basically I've got a custom repo to install older PHP versions
<tafa2> but it's also got newer php versions
<tafa2> Is there a way for me to tell it to ignore those packages without having to type them all out individually?
<tafa2> I suspect just removing it is easier - php 5.3 isn't going to get an update anytime soon I don't think.
<tafa2> sarnold ppa purge removes all installed packages as well haha
<tafa2> glad i ran that on a test system first.... phoooooo
<drab> this is the weirdest thing...
<drab> tcpdump shows SYNs making it on both ends and back
<drab> but nothing else
<drab> it's like never completing the TCP handshake
#ubuntu-server 2017-10-05
<drab> different question, is there a way to see what altered a file from apt?
<drab> an automatic upgrade seems to have undone some of our customizations
<drab> but I can't tell if that's really the case and what exactly
<drab> however it happened on multiple machines at the same time so it definitely points to an update, a security update specifically since that's the only thing we install automatically
<drab> but that seems at the same time strange so I'd like to verify
<sarnold> drab: fatrace may help
<sarnold> drab: or you could install auditctl file watch rules
<drab> well it
<drab> 's happened already
<drab> I was thinking something along the lines of /var/log/apt/history.log
<sarnold> you could try reading the /var/lib/dpkg/info/ files for the filename in question
<sarnold> if you suspect a package maintainer script..
<drab> well I'm just guessing, but it's peculiar that they all started having a problem at the same time and the link we manually created was gone
<drab> I guess we're doing something "non standard", so there's a chance we collided with something else
<drab> (it's surprisingly difficult to get browsers to respect your own CA it turns out...)
<drab> shokingly difficult I should say... they basically all ship with their own thing and don't respect the OS certs, which I could understand in a way, but then it'd make sense to support some way to do so without having to mess with pki libs links
<sarnold> I'm a bit surprised, there's mention of windows registry keys that cause firefox to use the system registry, but nothing similar for linux
<drab> there's literally *1* post on the entire web that I could find that figured it out
<drab> which I guess is all I needed since I couldn't figure it out myself... but even finding that took a looong time
<drab> and it basically involves installing a "standard" pki lib and relinking the browsers to use that
<drab> and that will check the OS's CAs repo in /etc/ssl
<drab> the one that update-ca-certificates generates I mean
<sarnold> what pki lib is that?
<drab> there's bugs dating back to 2000 I found about this behavior
<drab> sec, I forgot the name, lemme look at ansible
<drab> sarnold: p11-kit-modules + libp11-kit0
<drab> and then you need to change the symlinks to repoint to p11-kit-trust.so
<sarnold> drab: eww.
<drab> instead of libnssckbi.so , of which multiple copies are shipped... crazy stuff
<sarnold> drab: i'm surprised it worked at all.
<sarnold> someone went to a huge amount of effort for absolutely no one to know about this :)
<drab> lol
<drab> well without is basically impossible for an organization to have a self signed CA
<drab> working through all desktops
<drab> independently on the browser ppl choose to use
<drab> unless you force each person to manually install the cert on their own
<drab> but we wanted to be able to distribute the cert with ansible to all hosts and have them all working right off the bat with no user action
<drab> and that was the *only* way
<drab> https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1647285
<ubottu> Launchpad bug 1647285 in nss (Ubuntu) "SSL trust not system-wide" [Wishlist,Confirmed]
<sarnold> I love dwmw2's bug reports
<drab> fwiw experiment with samba homes shares for workstations was a semi-success
<sarnold> yeah?
<drab> good enough to replace nfs so that we can have evreything in containers
<drab> but crappy enough that I'd be somewhat ashamed of talking about it in public
<sarnold> nice
<drab> :P
<sarnold> hahah
<drab> basically pam_mount is broken
<drab> so you can't have the cake and eat it
<sarnold> oh? what's broken about it?
<drab> and actually even if that worked ssh key based auth breaks that setup and there's really no way around it
<drab> other than doing it "the right way" with kerberos tix
<drab> sarnold: share is not unmounted on logout. general consensous seems that pam in ubuntu drops privs after login is sucessful
<drab> so by the time you log out and it tries to unmount it tha fails
<sarnold> drab: you could probably use AuthorizedKeysFile to set a non-smb-path to the user files and have some way to copy over authorized_keys to the other file on logout or on demand or something
<drab> what's more, the code is broken in so far as not checking if a mount already exists, so when you log back in it mounts stuff on top of the previous mounts
<sarnold> ew.
<sarnold> how about autofs?
<drab> sarnold: that's one thing, but you also have the issue of pam auth, when you use keys there's no pam auth invoked
<drab> yes, that's what I'm suing (which I was also using with nfs)
<drab> which is the ok but not really good solution...
<drab> reason being, samba shares are authenticated and by the time you're logged in and cd'ed into the dir, your pwd is nowhere...
<drab> so you can't pass it to autofs
<drab> that's why ppl normally do it with pam_mount
<drab> so what ppl do, in a moment of desperation i guess... they put ppl's passwords in clear in a file...
<drab> yay
<drab> I did not do that...
<sarnold> can you pre-mount all the homedirs?
<sarnold> hrm that'd probably have the same problem wouldn't
<drab> yep, well, sorta
<drab> what I ended up doing si something in between...
<drab> becasue samab has its own user db, which normally is the source of a lot of pain keeping things in sync
<drab> in this case it saved the day
<drab> since I could set all samba's users pwd to a shared secret and have that only with autofs
<drab> and file permissions pervent somebody from cd'ing into someone else's dif, so that part still works
<drab> it's not very nice because if the day comes that users want to access their own share on their own computer or something their normal login password won't work, they'll need the shared secret
<sarnold> alright, that sounds workable
<drab> but like a wise man said, why solving a problem today when someone else can solve it tomorrow
<drab> so I left a note for whoever will be asked to do this one day :P
<sarnold> "I'M SO SORRY #YOLO ur pal drab"
<drab> pretty much
<drab> in a sense is a step forward from nfs actually, even a couple
<sarnold> I remember having hopes of plan9fs being able to do some of this stuff better. I wonder what came of that.
<drab> with nfs you can't prevent listing, so in theory something on the lan could just scan all hosts for shares and find it
<drab> and then mount it
<drab> with samba you can set browsing to no, so the share's path are not reveabled
<drab> and you still need the secret to access them
<drab> so overall, coupled with the fact that we can be 100% lxc and nobody has to learn about kvm, it's a big win
<sarnold> :)
<mdeslaur> nacc: oh! I missed that. Could you do artful, yes?
<nacc> mdeslaur: yeah, artful will need 7.1.10 (i think)
<nacc> mdeslaur: i can do them tmrw
<nacc> rbasak: hrm, so must_build=True for all of our search entries
<nacc> can it be dropped?
<nacc> rbasak: or what is the logic to allow a failing build
<rbasak> nacc: IIRC, it was for the first and almost noop entries. For example "does an orig tarball exist in the parent directory". If the search finds an orig tarball in the parent directory, I assumed it must be must_build=True, since even if it doesn't build we don't want to overwrite it. IIRC.
<ShellcatZero> Does anyone here use serial console connections?  I don't have any of those 9-pin serial ports, but I've seen serial console cables sold online which use USB ports and I'm curious if this works.  This would be great for admin'ing my headless Ubuntu servers.
<sarnold> I bought one years ago when I thought I might need it to install ubuntu on a pandaboard es (arm dev board), but the installer worked no trouble, so I returned the thing unopened :)
<sarnold> for me the usb was going to be plugged into the laptop, and the serial end into the dev board, so I expect it would have worked pretty well
<sarnold> I'm less sure about the usb being plugged into the headless end
<sarnold> note that there's no standardized usb/serial interface, microsoft wanted serial DEAD way back when and stopped the usb group from standardizing one, so it's probably worth trying to find a known-good cable if you're going to try
<ShellcatZero> Hmm, ok, I have to do some more research on this but the setup I imagined was having the console cable plugged into my router for general access to the headless system on the LAN
<ShellcatZero> The IPMI serial-over-LAN might be what I've been looking for, still unsure about the USB cable though: http://manpages.ubuntu.com/manpages/xenial/man8/isol.8.html
<ShellcatZero> Does anyone else here use serial-over-LAN?
<lordievader> Good morning
<Village> Hello,
<Village> ... can't find package json
<Village> So maybe someone knows what package i need?
<oerheks> "JSON support comes pre-compiled with current php versions" you can check with php -m >> https://askubuntu.com/a/919921
<mdeslaur> nacc: I can't see any actual security issues in the php changelogs
<mdeslaur> nacc: nothing is tagged as security
<mdeslaur> nacc: are you sure the cisecurity.org text isn't just placeholder?
<Village> i try install now php-json
<Village> bus error same
<Village> i try run eggdrop and get error:
<Village> [15:45:08] can't find package json
<Village>     while executing
<Village> "package require json"
<Village> ...
<Village> ...
<Village> so what package i exactlly need? Maybe someone knows?
<Village> guys, i found json.tcl and need one more tdom found and it and now working, thank you
<Jenshae> Salutations
<coreycb> jamespage: beisner: the pike stable releases for bug 1719728 are ready to release to pike-updates
<ubottu> bug 1719728 in Ubuntu Cloud Archive pike "[SRU] pike stable releases" [Undecided,Fix committed] https://launchpad.net/bugs/1719728
<coreycb> jamespage: beisner: also can you promote python-k8sclient 0.4.0-0ubuntu1~cloud0 to pike-proposed please? that's for bug 1659420 and mr wolsen.
<ubottu> bug 1659420 in Ubuntu Cloud Archive pike "Traceback when getting capacity in k8s_monitor" [High,Triaged] https://launchpad.net/bugs/1659420
<ahasenack> does anybody have a working tip in "converting" a bootable iso file into something I can dd into a pendrive?
<ahasenack> I tried a few tricks already (dd into device, or into a partition of the device, or using geteltorito to extract bits), none worked
<ahasenack> I'm about to try unetbootin (http://unetbootin.github.io/)
<ahasenack> it's an iso from intel to update/scan/check their SSDs
<dpb1> I downloaded something similiar from samsung
<ahasenack> and it's actually linux (I checked by booting it with kvm)
<ahasenack> has a boot menu, starts X even
<dpb1> ahasenack: do they give instructions for what to do?
<ahasenack> why they keep providing iso images I don't know. They provide an iso image, and alongside it a tool to record it into a pendrive :) But windows only (the tool)
<joelio> if it's el torrito, you can *just* dd it (I like to use pv in a pipe too)
<Jenshae> I use guidus and haven't had a problem with any boot image yet.
<ahasenack> dpb1: they tell to use the windows tool to save it into a pendrive and boot from that :)
<joelio> alternatively if it's not supported, you can convert it with genisoimage fu
<ahasenack> joelio: I don't think it's eltorito. geteltorito extracts just about 2kbytes from it
<ahasenack> I used geteltorito with lenovo's bios update iso, there it worked
<joelio> what is the media? can you say?
<Jenshae> Tried Wine on the tool?
<ahasenack> $ file issdfut_2.2.3.iso
<ahasenack> issdfut_2.2.3.iso: DOS/MBR boot sector; partition 1 : ID=0x17, active, start-CHS (0x0,0,1), end-CHS (0x37,63,32), startsector 0, 114688 sectors
<ahasenack> Jenshae: guidus?
 * ahasenack searches
<joelio> I'm not sure unetbootin will work there tbh, it's more geared to making linux iso's bootable
<joelio> might do though, so try if you can
<Jenshae> I think there is a dus that guidus has been slapped onto.
<ahasenack> hm, I can fdisk -l that iso file
<ahasenack> issdfut_2.2.3.iso1 *        0 114687  114688  56M 17 Hidden HPFS/NTFS
<ahasenack> is what it shows
<joelio> yea, I'm not sure that'll work in unetbootin - have you tried the Dell BIOS -> linux conversion method
<dpb1> ahasenack: not to dissuade you, but... msft makes vm test images available free of charge for virtualbox. :)
<ahasenack> dpb1: I know, but this is a knowledge hole I have and I get annoyed by it
<dpb1> yes
<ahasenack> so many times I had an iso and no way to "convert" it into a bootable pendrive
<dpb1> I understand that part, heh
<ahasenack> sounds like it should be simpler
<joelio> http://taint.org/2007/04/23/153737a.html kinda thing
<ahasenack> intel suggested pendrivelinux.com (!)
<joelio> otherwise go down the rabbit hole https://wiki.archlinux.org/index.php/Flashing_BIOS_from_Linux
<joelio> look for bootable disk emulation at the end perhaps
<dpb1> ahasenack: smh
<joelio> or syslinux lol
<ahasenack> got it
<ahasenack> dd was enough
<ahasenack> I had the bios on that laptop set to uefi only, that was the problem
<ahasenack> switched it to "both" (uefi and legacy) and now the pendrive boots
<coreycb> jamespage, beisner: the ocata point releases for bug 1718730 are also ready to promote to ocata-updates
<ubottu> bug 1718730 in Ubuntu Cloud Archive ocata "[SRU] ocata stable releases" [Undecided,Fix committed] https://launchpad.net/bugs/1718730
<joelio> ahasenack: lol, glad you cracked it
<joelio> also, etcher.io is a nice gui tool (fwiw)
<ahasenack> interesting
<joelio> ahasenack: yea, comes from resin.io guys doing docker on arm
<ahasenack> I see they have their own dep repo
<joelio> used it on osx quite a bit, really neat.. (although gimme `pv {file} | dd of={blah} bs=64k` any day :D
<nacc> mdeslaur: i'm not 100% myself -- i'll check up on it today
<drab> lol, js to burn an iso...
<drab> sarnold: I actually figured out a decent way to solve the shared pwd thing
<drab> felt too bad for the next guy :)
<drab> sarnold: I'm gonna add a second ip to that host and run another samba instance on that different interface/ip pointing to the same share but auth'ing against ldap
<drab> that way workstations can mount with the shared pwd while if ppl want to mount their own homedir elsewhere can access it with their normal account pwd (even from their windows laptop)
<drab> seems clean enough
<joelio> drab: yea, it's not designed for admins who know how to dd, more for people who don't :)
<joelio> it's kinda cute though, does verification and some other stuff dd doesn't necessarily
<nacc> rbasak: around?
<rbasak> o/
<nacc> rbasak: could you hop on the standup HO?
<nacc> rbasak: as you have time, not necessarily right away
<rbasak> nacc: just got a snack. Can you give me ten minutes?
<nacc> rbasak: yep
<rbasak> o/
<rbasak> nacc: in the hangout
<beisner> hi coreycb jamespage - promoted nova (2:15.0.7-0ubuntu1) to uca ocata-updates re: bug 1718730
<ubottu> bug 1718730 in Ubuntu Cloud Archive ocata "[SRU] ocata stable releases" [Undecided,Fix committed] https://launchpad.net/bugs/1718730
<sarnold> drab: oy :) sounds a bit .. fragile?
<coreycb> thanks beisner
<coreycb> beisner: that whole slew of packages can be promoted for 1718730
<beisner> coreycb: they only other one I see in ocata-staging for that is neutron - does that jive with your view?
<coreycb> beisner: the stable releases is ready to go from proposed->updates for ocata
<coreycb> beisner: but yes, staging should all be ready to promte after that though
<coreycb> beisner: ah looks like nova missed the original promotion
<beisner> coreycb yeah, crap
<coreycb> beisner: well, everything else that is in proposed is ready to go to updates
<coreycb> beisner: i'll sort out what's left-over
<coreycb> beisner: ie. re-test
<beisner> yeah, sorry about that coreycb & thanks
<coreycb> beisner: np, thanks for promotions
<beisner> coreycb: so nova 15.0.6-0ubuntu1.1 from proposed didn't go to updates in uca ocata.  do we need to redo that one in proposed?
<coreycb> beisner: i think it can stay in proposed a little longer if 15.0.7 is on it's way to proposed
<beisner> ok cool thx coreycb
<drab> sarnold: I got hold of the original dev for pam-cifs, maybe we can manage to fix that
<drab> if that turns out to work, then we have a clean viable path forward
<drab> and mounts can be mounted at login time as it should and no need for any hacks
<sarnold> drab: ooh! :D
<drab> I'd like to package that for xenial if it works
<drab> then we can have it, apparently they use it actively on archs in his lab (he's some professor at a uny in .de)
<drab> and it's much much simpler than pam_mount so codebase should be easy to review and maintain
<drab> it's 3K LOC including test utilities
<sarnold> sounds promising
<drab> also fwiw big stuff is happening in E2guardian, which means linux content filter for schools might finally become viable
<drab> event tho schools right now are all being sold in cloud content filtering...
<genii> dansguardian was ok
<drab> I'll have to disagree with that, but I'm ok with disagreeing with people :)
<drab> dg didn't do any ssl filtering, which basically rendered it useless as 99% of the http proxy sites have moved to https and you can't block https blanket
<sarnold> hows the e2guardian ssl filtering work?
<sarnold> or is taht the horrible CA thing you were deal;ing with?
<drab> it works in the only possible way it could work, MITM
<drab> you give it your CA, install it on all clients and it gens new certs on the fly with that
<drab> while using the dst's cert and standard CAs for the upstream connection
<drab> it'sa ctually not that bad once you figure out the CA distribution
<drab> the server side part is pretty painless
<drab> the existing gotcha with v4 is that it had to be explicit proxying, so not only you have to ge the CA everywhere, but you hvae to convince all the browsers to use the proxy
<drab> and tha's another world of pain as there's no standard way... WPAD is broken and firefox won't expect /etc/environment
<drab> and fundamentally you just need to start your own process unsetting the vars to work around it, so then ports need to be blocked on the fw, which I guess it's ok
<drab> the problem is with phones and whatnot, mobile devices are a pita. luckily v5 solves that adding suppor for transparent ssl proxying
<sarnold> _transparent_ ssl proxying? that's a pretty good trick
<disposable> can somebody please share their /etc/network/interfaces file with bond+bridge+vlan config? every single piece of docs i've read does it differently. the only thing they've in common is that nothing works for me (on 16.04).
<sarnold> disposable: hah, nice to know that at least there's something in common among them all :) sorry, I haven't done this myself thoguh :(
<nacc> rbasak: annoying, `dpkg-source --commit` unconditionally fires off an editor
<nacc> rbasak: we can patch our snap's version
#ubuntu-server 2017-10-06
<nacc> rbasak: hrm, nope -- it's not as easy as we hoped :)
<nacc> rbasak: more tmrw
<nacc>  /query rbasak
<drab> disposable: I don't do vlan but in case it helps, here's my bond+bridge: http://dpaste.com/1YCGWKR
<drab> if you figure out the vlan bit, I'd love o hear back, I'll probably need to implement that too some time soon
<lordievader> Good morning
<Jenshae> Salutations. I am still very new to Ubuntu server. Where would I look for fixes or work arounds? Having the shutdown bug, where it times out at the end and gets stuck. How would I get the log for that? Can I help by submitting the log somewhere?
<jenshae> Why are Ubuntu desktop and server so seemingly separate? Desktop has a kernal bug with fake and software raid, especially RAID5 and Server has a problem shutting down. Can they not give each other solutions to fix these problems? Copy and alter code rather than re-invent the wheel?
<dasjoe> They're not actually different
<Jenshae> I installed server then a desktop and the graphics kept failing. Same Mesa version then same AMD proprietry version as Desktop and ended back on desktop (this is as home)
<Jenshae> Is it two groups of people who aren't talking to each other?
<lordievader> Jenshae: Desktop stuff is not really the speciality of this channel, #ubuntu is better suited for desktop questions.
<Jenshae> lordievader: This is all stemmed off "Why is the Ubuntu Server sitting next to me unable to soft reboot?"
<lordievader> Does it give an error?
<Jenshae> Hang on, will do it again now and copy the errors verbatim
<lordievader> Please post them via a pastebin if multiple lines.
<Jenshae> " [ OK ] Reached target Shutdown. " That is the last thing it says until it starts giving errors about "Waited 120 seconds without response"
<lordievader> What command do you use to shut it down/reboot?
<jenshae> Apologies, the wireless is bad today.
<jenshae> What was my last message?
<lordievader> jenshae: The console output. I asked what command you used to shut the machine down.
<jenshae> sudo poweroff / reboot
<jenshae> I have added a -f flag with 50% success
<lordievader> What version of ubuntu are you running?
<jenshae> 16.04.3 LTS 4.4.0-96-generic x86_64
<lordievader> Does it work better when you use the systemd commands? (sudo systemctl reboot)
<jenshae> It is a fresh install and updated. Nothing changed, haven't got around to configuring it yet.
<jenshae> Trying it now
<jenshae> That worked.
<jenshae> Why would that work?
<lordievader> Systemctl is used to talk directly to the init system. Not really sure how poweroff nowadays works.
<jenshae> i.e. what is the difference?
<jenshae> Oh
<jenshae> What about shutdown vs poweroff?
<lordievader> For as far as I know one is a wrapper around the other.
<jenshae> Another oddity is "login:" and then the username types over that.
<jenshae> 0Thank you lordievader, at least now I feel I am not hard kicking it when I shut it down for the night or weekend. :
<jenshae> Going AFK for lunch.
<Prokto> shutdown now works fine for me
<roaksoax> . s/win 4
<jenshae> ?
<jenshae> Would a journal of the steps I take with this server help for making Ubuntu Server more new admin friendly? I have been self teaching since end of 2015 but it was only a month ago that I learnt about cd -
<mdeslaur> jenshae: wow, I didn't even know about cd -
<mdeslaur> thanks :)
<jenshae> Like would anyone touch a basic Samba config with a barge pole? "Domain name?" "Folders + permissions?" "Network access password?" and populate the config file.
<jenshae> You are welcome :)
<jenshae> There is also cd ~/Documents and obviously cd .. like Windohs
<jenshae> You can also ssh <ip address> without the username@ if you are using the same one via terminal.
<ahasenack> I have a quesiton when a package has both a systemd service file and a sysv initscript
<ahasenack> it's my understanding systemd takes precedence, and if the action isn't available there, it falls back to the sysv script
<ahasenack> example: service <foo> reload
<ahasenack> if there is no ExecReload in the systemd service file, it uses the initscript's reload action
<ahasenack> and so on
<rbasak> I was under the impression that if a systemd service unit is defined, the sysv script is never used.
<ahasenack> nope :/
<rbasak> That may be a bug
<ahasenack> see https://bugs.launchpad.net/ubuntu/+source/lighttpd/+bug/1707312/comments/23
<ubottu> Launchpad bug 1707312 in lighttpd (Ubuntu) "reload does not shut down lighttpd gracefully" [Medium,In progress]
<ahasenack> if I have ExecReload in the systemd service file, that's what is used
<rbasak> I would argue that it's an error to ever mix the two on the same system.
<ahasenack> if I do not have it, then it calls the sysv reload
<ahasenack> yeah, it leads to pain
<ahasenack> and unexpected behavior
<ahasenack> so here is my real world example
<ahasenack> force-reload
<rbasak> I believe systemd catches direct calls to a sysv script somehow if a service unit is in use instead
<rbasak> Perhaps the "service" wrapper is broken?
<ahasenack> the same happens if I call /etc/init.d/<script> directly
<ahasenack> it will use the systemd service if the action is defined there
<ahasenack> even if I remove /lib/systemd/system/<foo>.service, I believe it's just generated again
<ahasenack> initially I thought that this decision of what to use was simpler: if systemd service file is there, completely ignore the sysv one
<ahasenack> but the fact that it's using a mix: try systemd, if action isn't there, try the sysv one, that was surprising
<rbasak> Perhaps systemd upstream viewed "custom" sysv actions as actionable via the sysv init script even if a systemd service unit is defined, and that's colliding somewhat with Debian's force-reload action?
<ahasenack> yeah, it might seem like a good idea
<ahasenack> but here is the problem
<ahasenack> at least with force-reload
<ahasenack> since force-reload can restart the service, and do that without systemd knowing
<ahasenack> what happens is that after you do "service <foo> force-reload"
<rbasak> Sounds like you found a rabbit hole :-/
<ahasenack> "service <foo> status/stop/start/restart" become broken
<ahasenack> because systemd thinks the service is dead (it changed pid)
<ahasenack> and stop/start/status/restart actions are well defined in systemd, so their sysv counterparts are never used
<ahasenack> I just filed a deb bug about this in this specific service
<rbasak> I think this might be a general issue
<rbasak> Perhaps something for ubuntu-devel@
<ahasenack> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877870
<ubottu> Debian bug 877870 in lighttpd "lighttpd: "reload" action breaks further actions" [Normal,Open]
<ahasenack> indeed
<ahasenack> the other bug there is that reload is aliased to force-reload
<rbasak> And I'd want to call Steve's attention to it. Perhaps xnox? ^
<rbasak> Pehraps /etc/init.d/... force-reload should always be considered broken if a systemd service unit exists.
<rbasak> Just like start/stop/restart, except this time systemd isn't really wrapping it for us.
<rbasak> And perhaps the "service" wrapper needs to handle this more gracefully.
<rbasak> Perhaps both.
<ahasenack> I tried adding PIDFile to the systemd service file, thinking that maybe it would monitor the pid in there and realize it changed, but that didn't happen
<rbasak> I'm almost certain that we definitely don't want both the sysv init script and the systemd service unit both handling the daemon in any case.
<rbasak> Even if it could be made to work here.
<xnox> rbasak, i wish we could kill init.d script when systemd unit exists
<ahasenack> it indeed sounds like a source of unexpected behavior
<xnox> rbasak, because they are annoying and confusing
<xnox> like not have it on disk at all
<ahasenack> sysv can have generic actions, maybe that should have been blocked
<ahasenack> like this one that has "service <foo> reopen-logs" (!)
<ahasenack> it just sends HUP
<ahasenack> thing is, HUP really only reopens logs, it doesn't reload the config
<ahasenack> maybe that's why it wasn't used for the reload action
<ahasenack> anyway, systemd at least tries to enforce some sort of standardization, where the policy failed
<rbasak> Debian standardised sysv too - but didn't preclude custom actions, that's all
<ahasenack> ah
<jenshae> Small tangent and your opinions would differ from those of a #debian channel - "I have a desktop that on the day I wanted to install it, I didn't have a large USB with me, so I went with Debian ... why is it so under developed? I had to compile Mesa from make files?"
<ahasenack> looks like I jumped the gun with force-reload. It is redirected to systemd
<ahasenack> can't find a mention of an alias or something like that in the manpages, though
<ahasenack> systemctl takes it just fine
<ahasenack> hm
 * jenshae is fairly lost
<jenshae> Wouldn't having two sets of system command potentially create vulnerabilities in conflicts that can be exploited?
<jenshae> commands*
<ahasenack> bugs yeah, exploits would depend
<ahasenack> a concrete bug is that if you call "service lighttpd reload", all other actions break (service lighttpd stop, start, status)
<jenshae> Is it not better then to just link to the original sysv with a shortcut command?
<ahasenack> same happens if you call it directly via /etc/init.d/lighttpd
<ahasenack> systemd intercepts it, because the sysv script sources files elsewhere
<ahasenack> ". /lib/lsb/init-functions"
<jenshae> I mean if you were to remove systemd, have sysv and link the command "poweroff" to it, for example.
<ahasenack> that's a lof of "ifs" that require root anyway
<Prokto> Hi, does anyone know a way to increase the verbosity of debootstrap during base system installation?
<ahasenack> Prokto: if you are calling it yourselv, you can add --verbose
<Prokto> I keep getting an error about packages not being configured correctly but the log isn't helping me much.
<jenshae> Not sure root is difficult to get. Been noticing that people use the same password for their keyring as their root password and that you can capture focus from the keyring dialogue.
<Prokto> ahasenack, it's an unattended isntallation
<ahasenack> ok
<nacc> rbasak: around? want to start HO early?
<rbasak> Sorry, just seen this. omw.
<nacc> rbasak: thanks
<jenshae> HO = ?
<nacc> jenshae: a HangOut (google)
<jenshae> HO ... for a podcast? ;P
<jenshae> Have a good weekend everyone. o7
<drab> hello folks, question for the good people making packages...
<drab> I need to mess wih a link created by a package
<drab> what happened a few nights ago is that the pkg was updated and the link recreated to be what the pkg expect it to be
<drab> how can I protect that link so that this doesn't happen again?
<drab> I was thinking something like "alternatives", but the change of link doesn't happen from another pkg
<nacc> drab: what link and what package? an ubuntu one?
<drab> nacc: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1647285
<ubottu> Launchpad bug 1647285 in nss (Ubuntu) "SSL trust not system-wide" [Wishlist,Confirmed]
<drab> to fix that I manually relink libnssckbi.so
<drab> however when libnss3 gets update that link gets restored to the original one
<drab> which is what happened a few nights ago
<drab> breaking all our workstations...
<drab> basically what dwmw2 suggested: (With 'alternatives' to let you substitute p11-kit-trust.so for the original NSS libnssckbi.so, etc.)
<drab> I guess that'd be he correct solution, I could probably make my own pkg and pin it or something so take precedence over libnss3, but no sure how to go about the whole process
<drab> don't know debs too well
<nacc> sarnold: --^ could you look at that bug?
<drab> that said that is not quite correct tho, because the problem is no just with /usr/lib/x86_64-linux-gnu/nss/libnssckbi.so , there can be multiple versions of libnssckbi.so
<drab> for example on a system with ff installed you also have: /usr/lib/firefox/libnssckbi.so
<drab> so right now our ansible task runs: locate -b '\libnssckbi.so' | xargs -I{} sh -c 'if [ ! -L {} ]; then cp -p {} {}.orig ; fi ; ln -f -s /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so {}'
<drab> to replace them all so they all correctly end up using the system wide's CA
<sarnold> nacc, heh, drab showed me that bug the other day :/ I think dwmw2's right that the Right Solution is probably to use the alternatives tool to let it be selected, but (a) I don't know if alternatives actually works for _libraries_ -- it might conflict with ldconfig's standard operating procedure (b) that probably ought to be handled in conjunction with debian
<nacc> sarnold: ack
<drab> in the meantime is thre something I can do?
<drab> that is not making the file immutable which would make the install/upgrade fail
<drab> could I ping the libnss pkg to be held back or something?
<drab> pin*
<drab> so that it doesn't get installed automatically and we can handle it with ansible
<sarnold> drab: good idea. dpkg-hold should do it.
<nacc> rbasak: http://paste.ubuntu.com/25687713/
<nacc> rbasak: automatically generated from a git commit that looks like: http://paste.ubuntu.com/25687723/
<rbasak> nacc: nice!
<rbasak> nacc: automatic insertion of Author and Bug-Ubuntu seems a bit wrong. Was that dpkg-source magic?
<rbasak> Perhaps it grabbed the top changelog entry that wasn't written yet?
<rbasak> Also can we use a version in between ubuntu1 and ubuntu2 somehow?
<rbasak> gbp dch --snapshot might do the right thing for us here.
<nacc> rbasak: yes to both
<nacc> rbasak: that's just what dpkg-source 's template does
<nacc> rbasak: as to the versionn insertion, yes, i wanted to know what you wanted to do
<truelai> Hey everyone. I have a network interface situation. I can't ping my second bridge, even from the host. what am I getting wrong?
<truelai> # The loopback network interface
<truelai> auto lo
<truelai> iface lo inet loopback
<truelai> # The primary network interface
<truelai> auto eno1
<truelai> iface eno1 inet manual
<truelai> bond-master bond0
<truelai> # Other physical interfaces
<truelai> auto eno2
<truelai> iface eno2 inet manual
<truelai> bond-master bond0
<truelai> auto eno3
<truelai> iface eno3 inet manual
<truelai> bond-master bond1
<truelai> auto eno4
<truelai> iface eno4 inet manual
<truelai> bond-master bond1
<truelai> # Bonded Interfaces
<truelai> auto bond0
<truelai> iface bond0 inet manual
<truelai>         bond-mode 4
<truelai>         bond-miimon 100
<truelai>         bond-lacp-rate 1
<truelai>         bond-slaves eno1 eno2
<truelai>         bond-downdelay 200
<truelai>         bond-updelay 200
<truelai>         bond-xmit-hash-policy layer2+3
<truelai> auto bond1
<truelai> iface bond1 inet manual
<truelai>         bond-mode 4
<truelai>         bond-miimon 100
<truelai>         bond-lacp-rate 1
<truelai>         bond-slaves eno3 eno4
<truelai>         bond-downdelay 200
<truelai>         bond-updelay 200
<truelai>         bond-xmit-hash-policy layer2+3
<truelai> auto br0
<truelai> iface br0 inet static
<truelai>         bridge_ports bond0
<truelai>         bridge_maxwait 10
<truelai>         address 10.1.1.139
<truelai>         netmask 24
<nacc> truelai: please don't do that.
<truelai>         gateway 10.1.1.5
<truelai> auto br1
<nacc> truelai: use a pastebin
<truelai> iface br1 inet manual
<truelai>         bridge_ports bond1
<truelai>         bridge_maxwait 10
<truelai>         address 10.1.1.140
<truelai>         netmask 24
<truelai> omg
<truelai> oops
<truelai> was supposed to be the paste
<truelai> sorry guys
<truelai> Hey everyone. I have a network interface situation. I can't ping my second bridge, even from the host. what am I getting wrong? http://pasted.co/78c9ed47
<truelai> was an accident
<truelai> as I said
<truelai> the paste is in my corrected line
<Ussat> FFS
<truelai> sometimes you forget if you should use ctl-v or the scroll click
<nacc> rbasak: what i'd like to know from you (as architect :) is a) what do you want to be in the default patch file generated by our quiltify and b) what version would you like to see generated?
<sarnold> truelai: what does 'ip route get ....' report for the IP address in qwuestion?
<sarnold> truelai: (note that I know next to nothing about bonding, bridging, etc)
<truelai> Hi sarnold: 10.1.1.140 dev br0  src 10.1.1.139
<truelai>     cache
<truelai> It should be noted that ifconfig shows that that interface (br1) has no IPV4 adr
<sarnold> I don't know if I'd trust ifconfig to this task
<sarnold> it's not received the same care and attention that ip has
<truelai> gotcha. anything else to try?
<truelai> not knowing about bridges is probably gonna hurt your ability to help me but I'm open
<sarnold> indeed :) all I've got are asking Obvious Questions and suggesting to look at logs when those might help
<sarnold> truelai: how about using ping -I to select different source addresses?
<rbasak> nacc: a) the default should be fine, except that I think we need to remove anything grabbed from the previous changelog entry as that's misleading (and misattributes the previous uploader for any errors introduced by the contributor).
<truelai> sarnold: bind: Cannot assign requested address
<sarnold> truelai: hrm. maybe that one requires running as root?
<rbasak> nacc: so the invariant template text should be fine I think. The dynamically generated stuff needs to be removed (at lesat).
<truelai> same
<rbasak> nacc: I don't really mind much beyond that. Feel free to tweak. Maybe it's easier to drop the entire header (we can do that fairly reliably programmatically I think) and rewrite our own template?
<rbasak> If you copy the invariant dpkg-source template I have no objection.
 * rbasak looks into the second question
<nacc> rbasak: i'll need to see how easy that is to do -- it's all internal to dpkg-source
<nacc> rbasak: and i'm hesitant to patch our dpkg if we can avoid it
<rbasak> nacc: yeah so what I'm thinking is that you can take the output and then strip the header
<nacc> ah sure
<rbasak> Or otherwise alter the header
<nacc> yeah, that's easy enough (I think)
<rbasak> nacc: while I'm looking
<rbasak> The generated isn't "normative" in the sense of the standard quilt settings
<rbasak> I've intended to write a separate lint check for that, since it helps with future quilt refreshes, etc.
<rbasak> So perhaps strip everything before /^---/, "quilt refresh", and then write our own header in?
<nacc> rbasak: you're referring to things like '-p ab', etc?
<rbasak> Right
<rbasak> My regexp may be insufficient
<nacc> rbasak: sure, but something like that
<rbasak> /^---\s+\w/ maybe
<rbasak> Yeah
<rbasak>  /^---\s+\w/ maybe
<nacc> looking at the generator for this (in /usr/share/perl5/Dpkg/Source/Package/V2.pm), the generated line (since we control the source, in this case) is "\n---<implicit newline>"
<nacc> but yeah, yours would catch it too
<rbasak> For the second question, I just tried gbp dch --snapshot
<rbasak> http://paste.ubuntu.com/25688418/ was the result
<nacc> rbasak: do you want me to use gbp for that?
<nacc> rbasak: or just for comparison?
<rbasak> I was going to ask - is it already a dependency I think?
<nacc> yeah, it's in the snap
<rbasak> I would be happy to use gbp for that, certainly for now, if it works.
<rbasak> But one catch is that I needed to give it a --since=<commitish> option
<nacc> ok, so we'd then require the user to tell us they are building for release?
<nacc> rbasak: right,b ecuase we're not usinng gbp to maintain the source?
<rbasak> Yes. gbp can do its own heuristics. I think it may look for the tag matching the second changelog entry or similar.
<rbasak> I think we have no choice but to do something similar.
<rbasak> So perhaps we can figure out what we need to base from and give --since as that.
<rbasak> If we don't commit the resultant debian/changelog, I think it may work correctly after the contributor adds more commits.
<rbasak> Ordering will break if the contributor rebases, but I think that's reasonable.
<nacc> yeah, we donn't commit any of this yet
<nacc> it's all in a treeish
<nacc> (that is, the genreated patch isn't available to the user yet)
<nacc> my concern is this 'snapshot mode' will break the general case
<nacc> or would we only use it when doing the quiltify?
<nacc> rbasak: i think i need to sit down with you and figure out what the goal is :)
<rbasak> I think I can define my goal
<nacc> (or maybe s/goal/defaults/)
<nacc> I don't wnat to ahve to pass --release all the time just to do normal work
<rbasak> I want "git ubuntu clone ...; <commit upstream changes>; git ubuntu build" to provide something reasonable for local install.
<rbasak> And a subsequent "git ubuntu lint" and "git ubuntu submit" to be reasonable, even if the lint indicates that work needs to be done (rebase onto unapplied branch, write proper changelog, etc)
<rbasak> And I'd like, if possible, for that all to happen by default.
<rbasak> That's make a great first time drive-by contributor UX
<nacc> ok
<nacc> but also, if i do the work to make my own d/changelog, i don't want this garbage snapshot to occur :)
<rbasak> I don't think it's necessary for this to work if on the unapplied branch.
<nacc> ok, so that's the toggle to you?
<rbasak> I'm leaning that way. I'm not sure I've thought it through fully yet.
<nacc> where "being on the unapplied branch" is about the ancestor branch type in pkg
<rbasak> How about this.
<nacc> i think that's workable, at least
<rbasak> quiltify (let's call it that) is independent of whether we're on applied or unapplied, but doesn't touch the changelog.
<rbasak> It also only happens automatically if you have not fixed up quilt yourself.
<nacc> yep, I think that all makes sense to me
<rbasak> Also, notably, it happens independent of the commit graph according to our algorithm.
<nacc> right, it doesn't use the graph onw
<rbasak> So we don't differentiate, can't differentiate, and that's fine.
<nacc> *now
<rbasak> changelogify (let's call it that), if we use "gbp dch", _must_ use the commit graph, since it needs to know what changelog entries to add from the commits.
<rbasak> Let's assume for now then that we're happy to use "gbp dch" and use the commit graph.
<nacc> +1
<rbasak> In that case, we might try to identify the --since parameter by matching the top changelog entry version string against existing tags.
<nacc> yep
<nacc> although ... that isn't quite right
<rbasak> If we do that, as a side effect we'll have detected whether we're on applied or unapplied.
<nacc> ok, keep goingn
<rbasak> Look for import/$version and applied/$version in parent commits.
<rbasak> If you see applied/$version, we're based on applied.
<rbasak> If you see import/$version without applied/$version, we're based on unapplied.
<rbasak> I think.
<rbasak> Something like that anyway.
<nacc> yeah, it's ancestor check
<nacc> i think we can actually use our 'nearest' applied/import ancestor lookups
<nacc> which walk the commit graph currently
<rbasak> If we see nothing, but the second changelog entry does match, then we know that the contributor probably added a changelog entry.
<rbasak> Perhaps we can verify that with an assertion that debian/changelog has changed between that identified commit and HEAD.
<nacc> yeah
<rbasak> And in addition, by identifying that commit we do know whether we're on applied or unapplied.
<rbasak> However, since we also know if the user did or did not add a changelog entry, we know whether or not to changelogify.
<nacc> yep
<rbasak> Edge case: the user added multiple changelog entries.
<rbasak> I definitely want to changelogify if on applied.
<rbasak> I'm not sure what we should do if on unapplied.
<rbasak> Automatic might be nice if it works.
<rbasak> If no match, then perhaps on applied we can fail and on unapplied we can warn and not do it or something.
<nacc> rbasak: i think i follow (sorry, i'm fixing two bugs in the snap at the same time)
<rbasak> I'd prefer the behaviour to be the same if possible though (always detect if changelogify is needed and always do it if it is). If we can do that reliably, that'd be less surprising I think.
<rbasak> nacc: so I think I've defined what to do in the applied case, and left it open on the unapplied case but we should be able to do something reasonable.
<rbasak> And of course we could always have a --no-changelogify and/or --no-quiltify (using better names) for advanced edge cases.
<nacc> yes, i think my concern was our earlier conversation didn't clarify it to this degree
<gunix> does lxd have any sort of default password for ubuntu images? cause i see they havess
<gunix> ssh
<nacc> gunix: no, I do not believe so. You can use cloud-init to setup keys
<rbasak> gunix: no. Ubuntu images are supposed to behave the same as much as possible everywhere, and obviously we couldn't do that in EC2 etc.
<nacc> (and lxd images are cloud images)
<nacc> (iirc)
<gunix> ok so i have to manually create user and add keys
<gunix> thanks!
<rbasak> gunix: as nacc said. You can use "lxc profile ..." to set up lxd profiles that will put your key in correctly, including for the default profile.
<nacc> gunix: using cloud-init, it's not that manual
<nacc> gunix: although adding a specific user might be manual, yes, not sure how it couldn't be
<nacc> (where manual again is cloud-init :)
<gunix> rbasak: how can you do this with lxd profile/
<gunix> ?
<rbasak> gunix: run "lxc profile edit default"
<rbasak> gunix: then add this:
<rbasak> http://paste.ubuntu.com/25688560/
<rbasak> Merge it in with any keys there already, for example if you have a config section already.
<gunix> rbasak: i think i figured. i can add via github keys. i add my keys from github, and they get downloaded automatially
<rbasak> gunix: you can do all kinds of things. See http://cloudinit.readthedocs.io/en/latest/topics/examples.html#
<rbasak> gunix: automatic download from GitHub: http://cloudinit.readthedocs.io/en/latest/topics/modules.html#ssh-import-id
<gunix> omg, lxc default edit opened with nano. any way i can open with vim?
<rbasak> export EDITOR=vim
<rbasak> I hate that too, but vim is no place to throw in an unprepared beginner by default :)
<gunix> rbasak: yea, i figure. it's good that ubuntu cares about noobs. helps linux grow.
<gunix> rbasak: got it to work with github key. i love this. thank you
<rbasak> \o/
<rbasak> Enjoy cloud-init :)
<gunix> rbasak: it's fkin genius. i love it.
<sarnold> apt-get purge nano
<sarnold> easier than figuring out how to drive alternatives to fix it :)
<gunix> sarnold: why -get ?
<sarnold> gunix: twenty years of finger macros are hard to undo
<rbasak> He's not down with the kids :)
<rbasak> I've tended not to touch alternatives as I see vim as a user choice rather than a system-wide choice.
<gunix> twenty. nice. i used linux the last 11 years.
<rbasak> It occurs to me that I don't really sysadmin multi-user systems any more.
<gunix> rbasak: i usually touch everything linux related. it's females i have a problem with. you wand to laugh, but you should not. i am actually married so linux is helping me live healthy.
<gunix> rbasak: multi-user systems are sooo 2005. so is ad. ansible share ssh keys.
<rbasak> multi-uid or just multi-user on the same uid, someone will still get stuck in vi/vim sooner or later :)
<gunix> oh i feel so bad for them. wait. nope. no. i don't
<gunix> rbasak: don't worry, i am joking atm. with students and new employees i always promote the easy route so that they get used to linux and start loving it
<sarnold> when I first tried vi I thought I was ready for it .. and got stuck pretty bad. I used 'talk' to ask another ISP user how the hell to get out of it :)
<gunix> rbasak: when they ask me about vim, i tell me "well, if you want to sacrifice 2 weeks of your life to be happy the rest of your life, go for vim"
<drab> sarnold: funny you said that, that was my emacs experience, at least in vi C-c gets you out of it (at least it did back in the days, now it seems to tell you how to quit)
<sarnold> drab: hehe yeah I never got my head around emacs
<drab> I used to make stickers out of this: http://www.darryl.com/viman.gif :P
#ubuntu-server 2017-10-07
<hwpplayer1> Hi do you talk about high performance computing ?
<tomreyn> hwpplayer1: i guess there's no reason not to
<tomreyn> ...as long as it's based on ubuntu-server
<hwpplayer1> tomreyn : run that command on your Ubuntu OS -->  sudo apt-cache search quantum | more > quantum.ubuntu.txt on your playground folder ofcourse
<tomreyn> hwpplayer1: why?
<hwpplayer1> tomreyn : i just want to talk about these packages and their sources , it is related with science , machine learning and high performance computing
<tomreyn> hwpplayer1: okay, what's your goal?
<hwpplayer1> tomreyn : to deploy them in a more comfortable environment
<hwpplayer1> there is a channel for that #ubuntu-science
<tomreyn> hwpplayer1: yes i guess it's best discussed there.
<tomreyn> see also https://help.ubuntu.com/community/UbuntuScience
<hwpplayer1> But no one is there , hope Canonical didnt left there
<tomreyn> if you are trying to improve on the packaging of these softwares you'd best read up on ubuntu package development (see also #ubuntu-devel and it's channel topic)
<hwpplayer1> tomreyn : not only packaging but development and service contiunity
<tomreyn> if you'd like to get involved with software development you'd best contact the developers of the existing softwares directly (i.e. outside of ubuntu).
<hwpplayer1> i'll make it up to you , a platform may be
<hwpplayer1> I want to make an IRC Meeting on #ubuntu-science at UTC+3 19:00 Istanbul who wants to join are welcome
<gunix> guys, i need some help :(
<gunix> when using mariadb on lxd containers, mariadb won't start the nodes when using galera
<gunix> i can start the first node with new glaera cluster
<gunix> aand i can start any db as long as i disable the galera conf
<gunix> hmm ... i think this might be related to the fact that connections between containers default to ipv6. i have to test this.
<gunix> well, i disabled ipv6 on all nodes, AND i also rebooted the hypervizor and it seems to work now
<tafa2> can anyone recommend a dnsbl other than bl.spamcop.net, zen.spamhaus.org and cbl.abuseat.org ?
<keithzg[m]> tafa2: I also use truncate.gbudb.net, although in my postfix conf it's after the three you mentioned, heh.
<keithzg[m]> IIRC it does catch some things the others don't from time to time
<tafa2> thanks keithzg[m]
<tafa2> added it looks good
<keithzg[m]> No problem :)
#ubuntu-server 2017-10-08
<andol> tafa2: You know that cbl.abuseat.org is included in zen.spamhaus.org, right?
<Lehthanis> evening!  anyone in here good with web control panels?
<SupaYoshi> Anyone an idea of a good application to bring disk usage into a a piechart? :)
<rbasak> SupaYoshi: baobab?
<rbasak> Or du will give you the data and then you can use whatever charting program you like.
<SupaYoshi> That looks great, but I'm on a headless system.
<SupaYoshi> so there is no Gui on it.
<rbasak> baobab can use ssh to chart the usage on remote systems
<SupaYoshi> I had Pisight or somehting but not that happy about it.
<SupaYoshi> really?
<SupaYoshi> Oh that's pretty neat.
<SupaYoshi> tutorial?
<rbasak> It's a GUI desktop app. Just run it. I believe it's installed by default.
<Smokie> hey guys, im trying to mount a windows share folder to my ubuntu server, i created a directory called Media/Share, then i ran this command "sudo mount.cifs //192.168.1.101/VMMedia /home/media/Media/VMMedia -o user=wmedia"
<Smokie> the share is mounted correctly but my local user doesnt have access to the Media/Share folder, only root does
<Smokie> when i try to run chown it gives me permission denied
<Smokie> i did "sudo chown myuser:myuser  Share/"
<Smokie> any reason why it would give me permission denied?
<qman__> Windows uses ACLs only and does not support unix-style owners, as such you cannot set the ownership with chown
<Smokie> qman__, how can i give access to my user then? the root has read/write permission but my user only has read permission
<qman__> first, you have to specify permissions for your user to access the directory unmounted - I'm guessing you already have that as you can see the share
<qman__> then you must mount the share with credentials that have read/write access
<Smokie> yeah, thats the windows user, it does have read/write
<qman__> you need to set the mount options, this post explains it well https://unix.stackexchange.com/questions/68079/mount-cifs-network-drive-write-permissions-and-chown
<qman__> you set which uid and gid own the mounted share, which you can set the gid to a local group that your user is a member of
<Smokie> i can try this out
<Smokie> i feel kinda stupid, but it keeps telling me "Couldn't chdir to /media/share: No such file or directory" even though i created it and exists
#ubuntu-server 2018-10-01
<lordievader> Good morning
<ZPQ> morrn
<Jenshae> Hi. I am trying to connect remotely to a Ubuntu server. Between me and it, there is a UTM + Windows domain controller. Currently, I can get into it via Windows RDP -> Win terminal session -> Putty -> SSH. Ideally, I would like to have a graphical session via freerdp. Any config / guides that you can recommend to help?
<jamespage> coreycb: hey do you have any bionic-proposed updates pending testing? running a regression test now so may as well mark any other bugs pending as tested
<jamespage> Jenshae: erm well
<jamespage> Jenshae: ubuntu server does not come with any sort of graphical environment installed by default that you can connect to
<jamespage> SSH is the default method
<coreycb> jamespage: no, nothing in particular. if you're also testing queens-proposed there are security updates that need regression testing.
<jamespage> coreycb: I will be doing the UCA next
<coreycb> jamespage: great, thanks
<jamespage> coreycb: np
<aruns> Hey guys, need some help, working on a dedicated backup server running on Ubuntu 18.04 for a client, and cannot connect to an ethernet interface named ens1f1 - it shows up under ip link show and when I do dmesg | grep 'ens1f1' - but not sure how to proceed. If I try to SSH into the machine, I get the following: nc: getaddrinfo: Servname not supported for ai_socktype
<aruns> So I presume that I cannot SSH into the machine because it has no network connectivity.
<aruns> I can bring up the contents of /etc/network/interfaces if needed.
<avu> aruns: does `ip a` show valid addresses for the interface?
<aruns> Yes.
<aruns> A static IP of 192.168.111.25 has been set for the interface.
<aruns> ip a shows both 192.168.111.25/24 and 192.168.111.202/24
<aruns> For the ens1f1 interface.
<aruns> Does that seem correct?
<avu> having two different IPs in the same subnet doesn't seem correct, no
<Ussat> why not ? you can have multiple IP's in same subnet
<avu> sure, if you do it on purpose and set up the system to know which address to use in which case
<avu> since aruns only mentioned a static IP being configured, I assumed that the second one didn't happen on purpose which leads me to believe that the configuration of the interface is not reflecting what the user wants to achieve
<aruns> Yeah, it's a client server as well, they gave us carte blanche to do what we want but also a limited deadline :/
<avu> aruns: not sure how that relates. Did you mean to give the machine two different IPs on the same subnet on the same interface?
<TJ-> Unexpected issue on 18.04 - adding a gretap interface also creates an erspan interface, and then "ip link del XXXX" seems to silently fail for each of the erspan/gretap/gre interfaces that were created. Anyone have experience of this or suggestions on what's going on?
<Jenshae> jamespage: I did install LXDE and x2goserver, I can connect to it on the LAN. It is routing a connection from a remote site to it that I am struggling with. Is there some sort of config for it to listen to connection from the UTM, etc that I need to do?
<Jenshae> Oh and on an 18.04 note, I couldn't install it via manual partitioning. I ended up using a desktop persistent USB to use gparted, then I could only install 16.04, upgraded to 18.04 and now things like NetworkManager doesn't work.
<Jenshae> Can't remember the new thing, some nmap config thing that search results are returning?
<sarnold> Jenshae: there's some known issues mentioned in the release notes that might be related to your partitioning problem https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#Known_issues
<Jenshae> sarnold: It was to do with swap space, it kept trying to grab space that I wanted to leave and use in ZFS raid and then it wanted an encrypted space but couldn't mount the partitions I allocated to it after encrypting them. That was raw.
<Jenshae> I was trying to have Drive 1: 5.5GB for /boot, 10GB for LVM / Raid 5 /root, the rest of the space as a software raid.
<Jenshae> Drives 2-3, the first partition was LVM swap, then I tried having the first partitions as raw.
<nacc> 5.5 GB /boot ??
<teward> um... that's huge
<nacc> and a waste of space in general, I'd think
<nacc> a 10GB /root is also ... weird
<teward> nacc: I can understand a 512MB or 1GB /boot if you don't want to have to autoremove old kernels regularly, but 5GB is obscene :|
<nacc> teward: agreed
<Ussat> I do 2GB
<Ussat> 5 is ...big
<jelly> I always put a 4GB recovery live .iso in /boot, you don't?
 * jelly hides
<teward> *finds jelly, drags jelly out into the desert, ties them to a pole, then returns, leaving jelly in the desert alone*
<teward> (just kidding!)
<jelly> you can't drag a jelly anyway
<nacc> Jenshae: --^ fwiw, those comments were for you :) [not the stuff about jelly, before that]
<jelly> well they weren't for them as much as about their unusual specs
<jelly> (grml-rescueboot is neat tho, even if not completely serious)
<sarnold> when the drives are 10tb fiddling over a few gigs here or there feels a bit funny :)
<Jenshae> nacc 10GBx4 /root and the 5.5GB /boot is because sometimes for some reason apt will use /boot to temporarily store files + symmetry with the other drives.
<nacc> sarnold: ah, sorry, missed that context
<sarnold> nacc: I don't know how large Jenshae's drives *actually* are.. it's just amused me in the past that this problem feels easy enough to address by the application of more money :)
<jelly> using raid5 for / seems silly as well, in that case
<nacc> sarnold: absolutely
<jelly> nothing wrong with raid10 or raid1
<Jenshae> Well, in the end I resorted to getting another drives, setting it up as the boot one, nothing interesting, no RAID config, etc. Then just attached the four drives as ZFS pool.
#ubuntu-server 2018-10-02
<deemand> Hello there. May anybody give me a rough estimation of the license fees for a Cisco IOU or IOL commercial license? Is it even possible to acquire such a license?
<deemand> Oh, wrong window. I apologise.
<adityaduggal> Hi people, I am facing an issue with my ubuntu server box, I have just installed a new network card and due to this I am unable to connect to my server
<lordievader> Good morning
<adityaduggal> lordievader, Good Morning
<adityaduggal> Can any one let me know why my running network is now not working by just installing a new network card which does not even have a wire connected to it as of now
<lordievader> What version are you running?
<Jenshae> adityaduggal: Is it in a machine that is connected to the network via another NIC?
<adityaduggal> lordievader, I am running ubuntu 16.04.4 LTS
<lordievader> Hmm, that should have a new enough udev  which uses bios devnames.
<adityaduggal> Jenshae, basically I was using this machine as a media server and I just installed a new network card on that machine and after that its not connecting to the network did not change a thing except that I installed a new network card
<lordievader> How was your network configured? Simply through /etc/networking/interfaces?
<lotus|NUC> adityaduggal: .5 for xenial is out, its unsafe to keep running older ubuntu/kernel like that
<adityaduggal> lotus|NUC, If only I can connect my machine to the internet I would be in a position to upgrade it correct?
<Jenshae> Experience wise, I had a faulty printer's NIC blasting the network with noise. Guessing, I was going along lordievader 's line of thinking I suspect, where your machine was confused about what NIC it might be using or be expecting to bridge them / trying to send the signal over both devices, so only half actually goes.
<adityaduggal> lordievader, I think the answer to your question is yes. Since I cannot recall setting anything else. And also `cat /etc/network/interfaces` shows correct settings
<adityaduggal> I have even tried to disable the second NIC by `sudo ifconfig virbr0 down` so that the system is not confused with the 2 NICs
<lordievader> The second nic is called virbr0?
<lordievader> Wait a minute, your secondary nic is virtual?
<adityaduggal> well ifconfig is giving me 3 address one for enp2s0 which is for the network I was connecting earlier, second lo (loopback), 3rd is virbr0 which has a inet addr: 192.168.122.1
<adityaduggal> I don't even know if the 2nd NIC is installed properly but since my system has stopped working I am sure the OS is confused as to which nic to use and since earlier settings were keeping in mind only 1 nic I am guessing that its causing an issue but the real question is that how do I resolve it.
<lordievader> What you are describing sounds like a single real network interface.
<lordievader> adityaduggal: What does `ip link show` tell you?
<adityaduggal> lordievader, even I just read that but how is it possible that the system creates a virtual bridge the moment I install a new nic adapter
<lordievader> That is very strange.
<adityaduggal> lordievader, I would try and type since I cannot copy paste from the other machine right now
<adityaduggal> ip link show give the below output
<lordievader> You don't need everything
<lordievader> Just the interface names ;)
<adityaduggal> lo: UP
<adityaduggal> enp2s0 UP
<adityaduggal> enp3s0
<adityaduggal> virbr0 UP
<adityaduggal> virbr0-nic
<adityaduggal> So basically the system has automatically created a bridge when I installed enp3s0
<adityaduggal> SO I need to delete virbr0 would this be a good solution: https://askubuntu.com/questions/246343/what-is-the-virbr0-interface-used-for
<lordievader> Do you have a /etc/systemd/network folder with configuration files inside?
<adityaduggal> That folder is empty
 * lordievader is really starting to wonder how adityaduggal network is configged.
<lotus|NUC> where is etherape when you need it :p
<lordievader> adityaduggal: To answer your question, sure you can remove it manually but if you have configuration which  creates it, it is going to be back after the next reboot.
<lordievader> So it is better to look at your network configuration and make sure it is set up correctly.
<adityaduggal> Ok so how do I do that, I am kind of confused myself that why just adding a network card would make it trouble the existing network, I think I should remove the network card and try to connect to the network again
<adityaduggal> lordievader, I am going to remove the newly installed nic and check if the problem persists
<adityaduggal> lordievader, just checked and removing the nic indeed works like a charm. Now the question is why is it not working with the 2nd nic installed even though the nic is not connected to any network
<adityaduggal> lordievader, so it seems that virbr0 is not the trouble maker as of now. Here is the output of my ifconfig https://paste.ubuntu.com/p/wFS3KhRTZx/
<adityaduggal> Also `ip link show` the output is here: https://paste.ubuntu.com/p/WXTbqTqKVS/
<adityaduggal> I was planning to use this media server as a firewall as well for my home network but I guess since the second nic is creating issues I cannot do that?
<adityaduggal> lordievader, Also the output of command `cat /etc/network/interfaces ` is here: https://paste.ubuntu.com/p/wJ7Y4ZFpw8/
<adityaduggal> Anyone who can help me?
<lotus|NUC> patience adityaduggal
<lordievader> adityaduggal: When the second nic is inserted the first doesn't get an IP anymore?
<adityaduggal> well the ping to the gateway is destination host unreachable instead of request timed out. Now does that mean its not getting an IP, I guess that should be the case.
<adityaduggal> Just to give another information my router (gateway) is assigning the ip address based on HW address (MAC-Address). Could it be that inserting the 2nd nic can change the HW address of the first Nic (highly unlikely though)
<adityaduggal> lordievader, I think I would try it once again with inserting the 2nd nic. The other thing I am thinking is that what if the 2nd nic was not inserted properly and hence the issue was coming. Let me install the 2nd nic again and check.
<lordievader> The  first nic is doing DHCP, I assume?
<lordievader> adityaduggal: ^
<adityaduggal> lordievader, Well just checked after installing the 2nd nic again and same issue that the server is not getting the IP address
<adityaduggal> So surely its not an issue with my installing the HW wrongly but just a peculiar issue with ubuntu-server or maybe the way I have done my settings, now the thing is to find the real reason and resolve it.
<lordievader> Does the logs (syslog, dmesg) show anything why it is not setting the ip address?
<adityaduggal> lordievader, Voila FOUND the reason
<adityaduggal> Well I just check ifconfig and found that the HW Addr of my enp2s0 is changed when I install the 2nd nic, that is very STRANGE indeed, why is this happening
<adityaduggal> Now since my router has reserved the ip address of my server for a particular HW addr it just does not allow the server to take the IP 10.3.0.99 as its reserved for the HW addr
<guardian> hello, I just installed ubuntu server and I discovered (thanks to etckeeper) that during the night the system refreshed snap core. With trial and error I realized it did "snap refresh"
<guardian> when doing snap refresh manually, I get
<guardian> Download snap "core" (5328) from channel "stable"
<guardian> what's this? and why do I need this?
<guardian> I'm annoyed systemd is going to download and mess with /etc at night :(
<lordievader> adityaduggal: Does enp3s0 have the mac address of the previous enp2s0?
<adityaduggal> lordievader, yes why is this happening
<lordievader> The first nic is probably not in the first slot on the motherboard ;)
<lordievader> Empty pci slots are skipped in the counting.
<adityaduggal> OK so this is the issue, the first nic is basically the inbuilt one and the second one is now being considered as the first one.
<lordievader> Hmm. that is strange.
<lordievader> Anyhow, edit your config appropriatly and things should work again.
<adityaduggal> So basically this is what is causing the issue now I need to do the settings on enp3s0 instead of enp2s0
<adityaduggal> Yeah, thanks lordievader for being this is a very strange thing that the inbuilt nic is counted after the one added later on the slot in motherboard
<adityaduggal> lordievader, Well now everything is working as expected, just wanted to know if you know can I use this media server of mine as a firewall as well, basically that was the intent of installing the 2nd nic.
<lordievader> Ofcourse you can ð
<Futurian> Hi All.
<Futurian> It's do-release-upgrade day today, wish me luck...
 * Futurian dives over grenade proof wall as he hits the enter key..
<ahasenack> good morning
<rbasak> ahasenack: are you affected by the git-ubuntu submit breakage?
<ahasenack> no, not submit, just build{,-source}, a problem with libraries
<ahasenack> rbasak: related? https://pastebin.ubuntu.com/p/FVByWb4TxX/
<rbasak> Hmm. No, that's different.
<ahasenack> rbasak: that's with r434, edge
<ahasenack> rbasak: in another topic, lars filed a couple of ftbfs buts about mysql 8.0, I presume that's forward looking, and not something for cosmic, right?
<ahasenack> rbasak: example: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1795304
<ubottu> Launchpad bug 1795304 in asterisk (Ubuntu) "FTBFS with MySQL 8.0" [Undecided,New]
<ahasenack> the other one is bacula
<rbasak> That'll be for cosmic+1, yeah
<ahasenack> ok
<coreycb> jamespage: neutron is in the bionic unapproved queue and i've added the sru template to bug 1790598. can you fill in the rest of the template details?
<ubottu> bug 1790598 in neutron (Ubuntu Bionic) "metadata service calls to nova-api-metadata with IP based SAN's fails" [High,Triaged] https://launchpad.net/bugs/1790598
<rbasak> ahasenack: do you have steps to reproduce your pastebin failure please? build-source worked for me
<rbasak> (might be related to the host release in use)
<rbasak> ahasenack: or to start with, what release is your host using?
<ahasenack> rbasak: depends on the package, quilt has to be invoked, and then we have that {m,g}awk confusion
<ahasenack> rbasak: try with ipsec-tools, that's where the pastebin came from
<ahasenack> rbasak: and host is bionic
<ahasenack> rbasak: and I have just mawk installed
<ahasenack> rbasak: my core snap is 16-2.35.2 r5548 from the beta channel
<rbasak> ahasenack: the mawk/gawk thing is a bug in the core snap and only edge regressed. So beta should definitely work, and edge when they have landed the fix. The readline error is different though I think?
<ahasenack> yeah, but it's around the same area, awk definitely rang a bell
<ahasenack> same happens when I use gawk, btw
<ahasenack> coreycb: hey, I see you are familiar with keepalived? :)
<ahasenack> coreycb: this showed up in triage today: https://bugs.launchpad.net/ubuntu/+source/keepalived/+bug/1795420
<ubottu> Launchpad bug 1795420 in keepalived (Ubuntu) "Keepalived update from 1.2.19 to 1.2.24 breaks support for /dev/tcp health check" [High,Triaged]
<ahasenack> rbasak: have you seen this mysql error before:
<ahasenack> 2018-10-01T07:00:11.667268Z 0 [ERROR] unknown variable 'myisam_recover=BACKUP'
<ahasenack> I don't know if BACKUP is a special term here, or just a syntax error
<ahasenack> hm, looks like it's a valid value
<ahasenack> hmm
<ahasenack> Renaming removed key_buffer and myisam-recover options (if present)
<ahasenack> looks like the name changed
 * ahasenack checks release notes
<ahasenack> wow, this was a good one
<ahasenack> https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1795332/comments/2
<ubottu> Launchpad bug 1795332 in mysql-5.7 (Ubuntu) "package mysql-server-5.7 5.7.23-0ubuntu0.16.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid]
<ahasenack> hi, can a channel op please change the "docs and resources" url from the #topic to point at 18.04? https://help.ubuntu.com/18.04/serverguide/
<lotus|NUC> ahasenack: try #ubuntu-ops perhaps for that request
<lotus|NUC> !server
<ubottu> Ubuntu Server Edition is a release of Ubuntu designed especially for server environments, including a server specific !kernel and no !GUI. The install CD contains many server applications. Current !LTS version is !Bionic (Bionic Beaver 18.04) - More info: http://www.ubuntu.com/products/whatisubuntu/serveredition - Guide: https://help.ubuntu.com/lts/serverguide - Support in #ubuntu-server
<lotus|NUC> ahasenack: also usefull ^
<muhaha> Can anyone help? I am using prepend in dhcpclient.conf but seems that my /etc/resolv.conf is still same https://pastebin.com/9xD5bMen . Iam using 18.04. Thanks
<muhaha> how to restart network service in ubntu 18.04 ?
<muhaha>  sudo systemctl restart systemd-networkd ?
<xnox> muhaha, i think you want to edit /etc/systemd/resolved.conf
<xnox> muhaha, and restart systemd-resolved
<xnox> muhaha, dhclient is not used by default
<muhaha> xnox: i did echo "Domains=foo.bar" >> /etc/systemd/resolved.conf && systemctl restart systemd-networkd, but it does not work
<xnox> muhaha, can you pastebin all of your /etc/systemd/resolved.conf ?
<xnox> muhaha, output of $ systemd-resolve --status ?
<muhaha> https://pastebin.com/vkhf5vsf
<xnox> how do you configure your network? is it netplan based? in that case you may need to / want to adjust /etc/netplan/* files instead of fiddling with the /etc/systemd/resolved.conf.
<xnox> or change your dhcp _server_ to send those search domains.
<muhaha> wait a moment
<muhaha> iam using vagrant, there is by default some cloud init in netplan, but seems that my oneline works... I need to redeploy and retest it
<xnox> muhaha, testing locally, it seems to work for me (the foo.bar stanza)
<xnox> muhaha, yeah, maybe you have some other debug / fix attempts that are in the way.
<muhaha> is resolved reloaded by systemctl restart systemd-networkd ?
<xnox> no
<xnox> restart systemd-networkd.... restarts systemd-networkd....
<xnox> systemd-resolved is separate....
<xnox> systemd-resolved does monitor what networkd has acquired via dhcp, but that's about it, in terms of integration between the two.
<xnox> one creates and configured networking interfaces; the other configures and queries nameservers
<muhaha> well. echo "Domains=foo.bar" >> /etc/systemd/resolved.conf && systemctl restart systemd-resolved works. Thanks
<ahasenack> rbasak: a git question, if I may
<ahasenack> rbasak: I want to bring in a range of commits from another remote
<ahasenack> rbasak: to the branch I'm sitting on
<ahasenack> rbasak: I used "git rebase --onto HEAD c1 c10"
<ahasenack> rbasak: it worked, I got all commits from that range applied to my local branch
<ahasenack> rbasak: but it didn't move my branch pointer
<ahasenack> rbasak: git log now shows, from top to bottom, HEAD, then all the c1 c10 commits, and then my branch
<ahasenack> rbasak: like so: https://pastebin.ubuntu.com/p/9PhstzTXD6/
<ahasenack> I was expecting to see "debian-sssd-dep8-tests" alongside "HEAD" at the top, because that's where I was before I issued the rebase
<rbasak> AFAIK, rebase assumes that "c10" in your example is your branch pointer and that's where it starts from. Since that's not a branch ref, it couldn't move it.
<rbasak> But you can use git reset --hard to move any branch pointer you want
<rbasak> git checkout debian-sssd-dep8-tests && git reset --hard HEAD@{1} I think
<ahasenack> you mean before the rebase, or after?
<rbasak> After
<ahasenack> that's some git-fu
<ahasenack> nacc: remember pmdk/ndctl?
<ahasenack> nacc: sru into bionic completed
<nacc> ahasenack: nice! :)
<nacc> congratulations
<ahasenack> so many people worked on that :)
<nacc> ahasenack: i remember mostly being in your way :)
<ahasenack> nah
<ahasenack> that was step by step work
<ahasenack> incrementally getting better
<muhaha> xnox:ping
<xnox> muhaha, yeah?!
<muhaha> xnox: I guess that is not possible to update resolv.conf from another resolv.conf in systemd-resolved? I have a binary (checkpoint snx vpn) which edits /etc/resolv.conf, but of course this is not working for systemd-resolved. Its closed source
<xnox> muhaha, systemd-resolved does have resolvconf compatibility interface which knows how to read and consume resolv.conf
<xnox> muhaha, however, it's not yet available or exposed by default.
<xnox> muhaha, you can install resolvconf package, and feed your resolv.conf to it via command-line, and it should end up in the resolved's brain.... but it is a bit fragile.
<xnox> in the future there will be an interface to do what you want =/
<muhaha> i have no other choice, becuase SNX binary will always populate resolv.conf for me and I need to use this as /etc/resolv,conf
<xnox> muhaha, rm /etc/resolv.conf (it is a symlink anyway)
<xnox> muhaha, touch /etc/resolv.conf -> such that it becomes regular file
<xnox> muhaha, let SNX binary do whatever it wants with /etc/resolv.conf
<xnox> muhaha, $ sudo apt install libnss-resolve
<xnox> muhaha, that should do mostly what you want.... i.e. if you do $ systemd-resolve --status -> the stuff from static /etc/resolv.conf will be there.
<muhaha> but this will work only if I do it manually, right ?
<xnox> muhaha, and because of the libnss-resolve module.... things will be queried via systemd-resolved which would also have any other settings from /etc/systemd/resolved.conf and from networkd picked up.
<xnox> muhaha, systemd-resolved reads /etc/resolv.conf --- if and only if, it is not a symlink, back to an systemd-resolved managed file.
<xnox> it's a little known detail.
<xnox> muhaha, https://github.com/systemd/systemd/blob/master/src/resolve/resolved-resolv-conf.c#L89
<muhaha> ah, so if I remove /etc/resolv.conf symlink , let SNX populate /etc/resolv.conf -> profit  .. when is VPN off, there will be fallback resolution with libnss-resolve, right ?
<xnox> yes
<xnox> muhaha, but it is fragile, as you can tell =)
<xnox> muhaha, cause there are softwares that do not use NSS resolution. and actually try to read /etc/resolv.conf
<xnox> muhaha, maybe you can have a "hook" in your VPN thing, such that in pre-start it like moves /etc/resolv.conf to /etc/resolv.conf.back; and then on stop moves it back, or some such.
<xnox> cause in normal cases you want /etc/resolv.conf to be the symlink to systemd-resolved managed file.
<blackflow> ahasenack: oh hey, congrats on uh... coredevship! :)  reading the server dev summary mail.
<muhaha> hmm. Thanks. SNX is very obscure old binary, maybe some wrapper should be a good solution, still I will try to use libnss-resolve... Its for Vagrantbox so there will be no harm I guess
<ahasenack> blackflow: :)
<shubjero> Anyone have any issues adding the ceph luminous repo to Ubuntu 18.04 (bionic)? I've added the repo but apt is never considering packages from that repo, its preferring ones from the default ubuntu repo. I've even pinned the ceph repo to a higher priority.  Here's some apt output: https://hastebin.com/uzumecised.rb
<shubjero> Asking in here because of general apt support :)
<nacc> shubjero: apt-cache policy <specific pkg> ?
<jelly> so your repo does not contain a "ceph-common"
<jelly> nacc: they did.  Scroll down.
<xnox> shubjero, which one of those urls supposed to have ceph packages? i have no idea which one is luminous
<xnox> never mind
<xnox> i see it now.
<nacc> jelly: ah thanks
<nacc> shubjero: it's what jelly said
<xnox> shubjero, that repo only has one package "ceph-deploy" for bionic.
<xnox> shubjero, it's quite ceph-less, at least for bionic....
<xnox> shubjero, see https://download.ceph.com/debian-luminous/dists/bionic/main/binary-amd64/Packages
<shubjero> oh yeah, what the heck
<shubjero> thanks all
<shubjero> thats odd :S
<xnox> shubjero, vs eg. xenial https://download.ceph.com/debian-luminous/dists/xenial/main/binary-amd64/Packages
<xnox> which has a lot.
<xnox> i'd say they did not do bionic packages yet. or distro ones are good enough.
<shubjero> yeah, thats right actually.. the stock repo for bionic does contain ceph luminous.. but its a few releases old
<shubjero> you were all a great help, thank you
<jelly> version numbers being old doesn't matter if it's in "main", the supported branch
<shubjero> Well the main ubuntu repo for ceph luminous is only serving 12.2.4 with 12.2.8 being the latest
<sarnold> I think there were kitten-killer bugs in newer ceph releases
<sarnold> if you run into problems with what's in the repos, please file bugs
<shubjero> yep, i always try to contibute
<shubjero> *contribute, sorry
<shubjero> 12.2.8 is a pretty good release as far as i can tell. No major problems on the mailing list and such.. nor in our 9PB cluster :)
<Jenshae> I have had problems with the "universe" repo, commented them all out, re-added them one by one and was definitely that one. The universe updates one was no problem.
<muhaha> xnox: one more question
<xnox> which is?
 * xnox wonders if you are typing or not
<muhaha> resolv.conf https://pastebin.com/utvfUskw , why system resolving domain lan? https://pastebin.com/f25tsMUT
<muhaha> and not gitlab.foo.bar?
<muhaha> lan is appended from my router (dhcp dnsmasq)
<muhaha> but I just want to prepend foo.bar search domain to be able to resolve gitlab.foo.bar
<kinghat> is there a simple way to log out of a ssh session to  my server?
<muhaha> maybe theres is some mismatch between search domain and domain in /etc/systemd/resolv.conf?
<Jenshae> kinghat: "logout" just type it.
<kinghat> im dumb. tyvm
<sarnold> kinghat: once you get tired of that, hit ^D
<Jenshae> np, half of people try logoff
<kinghat> thanks guys.
#ubuntu-server 2018-10-03
<lordievader> Good morning
<muhaha> xnox: ping
<muhaha> I am still wrestling with resolv.conf, seems that if I delete/recreate /etc/resolv.conf, install libnss-resolve everything works ok, except snx binary, seems that this binary can not use libnss-resolve to look inside systemd-resolved and can not connect. Is there any fallback solution like replace whole systemd-resolved ?  Thanks
<muhaha> can https://packages.ubuntu.com/bionic/resolvconf replace systemd-resolved ? like: systemctl stop systemd-resolved.service; systemctl disable systemd-resolved.service; systemctl mask systemd-resolved; apt install -y resolvconf
<muhaha>  ?
<muhaha> Seems that I need also dnsqmasq if stub resolver will be disabled, right?
<andol> muhaha: resolvconf and systemd-resolved are not equivelent in any way. dnsmasq makes more sense as a possible replacement for systemd-resolved.
<andol> muhaha: But really, reading some more of the backlog, what is your end goal, and what do you want to accomplish which you can't accomplish with your current setup?
<Vic2> I see nothing that offers any information concerning virtual ethernet ... we have several IP addresses on the server and in the past created virtual ethernet for each ... how to accomplish now?
<Vic2> Ubuntu 18.04 uses "netplan" instead of "ifupdown" to configure network devices / IP addresses. I've not found sufficient documentation to demonstrate how to configure multiple IPs such as we have on Ubuntu 14.04.  Can you offer a link or practical advice please?
<Vic2> Sorry ... copy/pasted those two lines from another channel out of order.
<andol> Vic2: You basicially provide a list of addresses. There is an example in netplan(5) man page which among other thing has such an example.
<muhaha> andol: Iam using SNX binary (VPN client) which modifies /etc/resolv.conf. Problem is that SNX can not edit /etc/resolv.conf directly ( I found /etc/resolv.conf.bak created by SNX), so VPN connection is established (routes are ok), but nameservers and search-domains are not updated...
<antal> muhaha: nothing can modify resolv.conf in 18.04, netplan rewrites it on every occasion
<muhaha> Thats the problem
<antal> yes I've been pulling my hair out because of netplan.... and everyone else does too based on last week's IRC activity, it's been a common topic
<rbasak> I don't think netplan writes resolv.conf. Isn't that systemd-resolved?
<antal> muhaha: did you edit your .yaml file correctly?
<antal> if you did simply "netplan apply" should update those settings
<muhaha> antal: I am using Vagrant, which uses some cloud-init.yml and another custom one
<antal> I mean netplan's .yaml config
<antal> you can declare namservers and search-domain there
<muhaha> I would have to use some kind of wrapper and parsing method to populate netplans.yaml based on results from VPN client
<antal> also, if you have multiple entires.... the trick is the /etc/nsswitch.conf file
<rbasak> In a systemd-resolved world the VPN client should tell resolved the nameservers needed over the VPN
<muhaha> yea, but its obsucre binary blob...
<rbasak> It's pretty well documented
<rbasak> Oh, you mean the VPN client?
<muhaha> yes
<rbasak> Seems to me that you're struggling with systemd/networkd/resolved though, rather than netplan
<antal> netplan forces a lot of things sadly :/
<muhaha> Its Checkpoint SNX (x86) client -> I can not modify its behavior. Its just setting /etc/resolv.conf directly..
<muhaha> So unless systemd-resolved can not handle loading different /etc/resolv.conf .. i am screwed
<rbasak> It does according to the manpage - if you make it a plain text file and not a symlink
<rbasak> I don't know what else might interfere with that though
<rbasak> resolvconf perhaps, which might need removing
<rbasak> Then your VPN client can be in charge of maintaining /etc/resolv.conf.
<antal> and then your netplan doesn't give a damn about resolv.conf and just rewrites it to default on every  occasion :P
<muhaha> I am not using resolvconf
<rbasak> File a bug against netplan then please
<rbasak> Though a workaround is to not use netplan. Write your .network files for networkd directly
<antal> sadly, this a feature
<blackflow> netplan is just config abstraction using a backend - networkd or NM. it's so easy to just not use netplan if it doesn't work for your use case.
<blackflow> personally, netplan and systemd-resolved are two things nuked out first on every new installation.
<Ussat> I like netplan
<rbasak> Unfortunately more complex use cases need something more advanced to manage things.
<rbasak> DNS resolution is an example - on complex networks, it matters where your name queries are going
<Ussat> rbasak, more advanced than netplan ?
<Ussat> I know came in late
<rbasak> More advanced than ifupdown
<Ussat> ahh yes
<rbasak> And resolvconf, etc
<Ussat> I have been very happy since netplan hit
<lordievader> > personally, netplan and systemd-resolved are two things nuked out first on every new installation.
<lordievader> Same here, along with lx{c,d} and snapd.
<rbasak> lxd is _really_ handy for finding reproducers and bugs
<rbasak> (and on the production side, for testing deployment snippets)
<muhaha> blackflow: So what is proper replacement for systemd-resolved? Not use netplan and .. ?
<rbasak> You could install ifupdown. Don't configure netplan. Remove resolvconf (if it's installed). And manage /etc/resolv.conf yourself.
<rbasak> Or with the nameservers stanza in ifupdown, though I don't remember how that works exactly. Does ifupdown edit /etc/resolv.conf in that case?
<muhaha> dnsmasq can populate resolv.conf from dhcpclient?
<rbasak> There are a ton of options available.
<rbasak> Getting help will become harder the more obscure you go of course.
<blackflow> muhaha: everyhting that existed before systemd-resolved. for starters, you don't need a local resolver at all. dhcp and resolvconf worked and still work. glibc can resolve just fine based on resolv.conf nameserver entries.
<blackflow> muhaha: granted, systemd-resolved has additional APIs, based on dbus, but this chan and discussion being about servers, question is do you need dbus api activated resolving on your server.
<blackflow> typically, you'll have static network setup and upstream resolver ips you stick into resolv.conf and then no need for dhcp, resolvconf, dnsmasq or anything like that.
<muhaha> I just want to have backward compatibility from upstream (dhcp server) and also have an option to directly populate /etc/resolv.conf
<blackflow> muhaha: "backward compatibility"?  either you do dhcp or static config. and the two are mutually exclusive wrt "directly populating /etc/resolv.conf"
<blackflow> in that you either manually manage resolv.conf or via dhcp (including forcing nameserver entries via dhcp config)
<muhaha> resolvconf is enough then, its symlinked after instalation, resolv.conf is populated from my VPN client, and has STUB listener entry... , problem can be if nameservers are used with round robin algo, cuz, first 2 nameservers are populated by VPN client, last one is localhost from systemd-resolved....
<blackflow> too much trouble. if I needed VPN I'd run bind or unbound locally on that machine. much less hassle and much less things can go wrong.
<muhaha> hm, anyway thanks
 * ahasenack tries to remember what he did with brotli
<ahasenack> rbasak: checking brotli
<sdeziel> speaking of brotli, I wonder if having it in main would make it easier to have nginx support it
<sdeziel> teward: ^ any idea?
<ahasenack> sdeziel: there is a mir for it
<sdeziel> ahasenack: yep, saw it :)
<ahasenack> it looks like it's in main
<sdeziel> it is
<ahasenack> rmadison shows src in main, but binaries still in universe
<sdeziel> was pulled in this AM with Firefox update
<sdeziel> ahasenack: I think the src in main and binary in universe is because only libbrotli1 was needed in main
<ahasenack> sdeziel: ah, sure
<ahasenack> rbasak: I think I checked on brotli when an apache2 merge came along, as debian added it as a build-depends
<ahasenack> but it's in main now
<rbasak> OK, thanks
<ahasenack> rbasak: for a non-merge git-ubuntu branch, how do I push the upload tag? Does git ubuntu tag --upload do the right thing?
<rbasak> ahasenack: it should do the right thing, yes. That'll create the tag locally. Then you can check and push the tag to pkg.
<ahasenack> ok
<ahasenack> rbasak: so I'm on karl's branch, I ran the tag command, it created the right tag, then I "git push pkg <upload-tag-name>", right?
<rbasak> ahasenack: correct
<ahasenack> rbasak: since it's seeded, the upload was held for approval, should I push the tag anyway? I guess we can easily fix/remove tags if needed
<rbasak> ahasenack: yeah push the tag anyway. I'd do it before dput to avoid a race. Being held in the queue is an unfortunate edge case for which we have no current solution, except to remove/replace the tag later if needed.
<ahasenack> ok
<teward> sdeziel: ERR: No Scrollback, can you provide me more details?
<teward> i'm confused by context / question
<teward> no scrollback before [2018-10-03 10:02:25] <ahasenack> rbasak: checking brotli  <--- that
<teward> so :|
<teward> ahasenack: rbasak: sdeziel: is brotli a compression algo or something?
<teward> ahasenack: rbasak: sdeziel: if you intend to ship it in nginx-core then yes it *must* be in main assuming it adds additional runtime deps
<teward> if we don't intend to ship it in nginx core but in nginx-light, nginx-full, or nginx-extras, then we don't have to worry
<teward> but if we want to include in nginx-core we'll need the security team to ack it
<teward> (cc sarnold)
<teward> sdeziel: rbasak: third party modules were previously NACK'd on the MIR for 14.04
<teward> because of wildly different coding styles
<teward> which is why we created nginx-core without third party modules.  if ngx_brotli is the plugin we need to add, then it needs security team audit first
<teward> if they NACK it then it can only go in the Universe flavors
<teward> but it probably wouldn't be for this cycle, it'd probably be for next.
<ahasenack> teward: libbrotli1 is in main
<ahasenack> (cosmic)
<ahasenack> I was just looking at it because there is an sru request
<teward> ahasenack: ah.  well AFAICT to get Brotli into NGINX it needs a third party module
<teward> that'd require MIR / security team review if we want it in nginx-core
<teward> less of a concern for the non-Main flavors
<teward> but the only plugin I can find for it is 3 years old without any development changes currently,.
<ahasenack> the sru is about brotli for xenial iirc, it would be a NEW package there
<ahasenack> then someone remembered nginx could use it, that's all
<teward> ahasenack: with a plugin, yes, it can.
<teward> but it'd still need sarnold's review first
<teward> and it'd need a HELL of a good reason to be added to Xenial given it doesn't really fit the SRU to add that into NGINX on Xenial
<teward> at least, per SRU policy it doesn't fit
<teward> for Cosmic, it's a bit late in the cycle to add it to nginx, for 19.04 I could look into it
<teward> but it'd still need sec team review - sdeziel rbasak ^
<teward> sdeziel: rbasak: note that it'd add a significant delta from Debian, perhaps this should be requested there first?
<teward> I know we already have a pretty substantial delta already, but.
<sdeziel> teward: sorry, was out for lunch. I just wanted to know if you had plan for brotli support in nginx. Yeah, getting it from Debian would make sense
<teward> sdeziel: getting it from Debian would make sense...
<teward> sdeziel: but given the only code I can find that adds that support is from Google and hasn't had any code changes for 3 years
<teward> it'd need sarnold to give it a thorough review for Main consideration
<teward> even if it originated in Debian
<teward> I'd still suggest it for Debian
<teward> and then we'll determine later if Debian adds it
<sdeziel> teward: I was not asking for MIR specifically
<teward> sdeziel: well, that's the thing
<teward> sdeziel: it's not a dynamic module
<teward> sdeziel: so it has to be compiled into the executable at compile time.  for which flavors of the NGINX binary would you want this to target?
<teward> or rather, be included in?
<sdeziel> teward: right, would that mean it should go upstream first ? (in an ideal world)?
<teward> sdeziel: in the ideal world, yes.
<teward> it wouldn't go into nginx-core which is Ubuntu specific without sarnold reviewing it
<sdeziel> teward: OK so I know where to take it next if I really feel like having brotli ;)
<teward> sdeziel: Debian.
<teward> :P
<sdeziel> or NGINX
<teward> sdeziel: NGINX if you want it included as a core module
<teward> Debian if you want https://github.com/google/ngx_brotli included directly
<teward> but if you ask NGINX to add it, expect it to be "An Eternity" before it's available
<teward> or for them to NACK it.
<teward> sdeziel: you could probably gauge upstream's care about it by emailing nginx-devel's mailing list
<sdeziel> I'm surprised that Cloudflare didn't push for upstream inclusion
<teward> sdeziel: but consider a headache here - there used to be gzip encryption - it's disabled by default thanks to CVEs
<teward> which is another consideration factor if you intend to use brotli in-line with HTTP for compression
<teward> (Just saying)
<sdeziel> I'd have to revisit this as I don't see how compressing just .css and .js would be dangerous
<teward> sdeziel: do you have a comparison spec for brotli vs. gzio?
<teward> sdeziel: https://trac.nginx.org/nginx/ticket/798
<teward> ^ that's the nginx trac ticket asking for it
<teward> google preempted by releasing ngx_brotli
<teward> 3 years ago
<sdeziel> teward: thanks. No specific benchmark but found this https://hacks.mozilla.org/2015/11/better-than-gzip-compression-with-brotli/
<teward> been untouched since 10 months ago, that ticket.
<sdeziel> yeah, that pretty much answers my question, thanks again
 * Jenshae blinks like a cow and chews a snack.
<Jenshae> What was all of that about in a simple version?
<teward> Jenshae: sdeziel was asking how hard it'd be to get NGINX to support Brotli, and then we went on a tirade about how there's only third party plugin support that may not even build because it hasn't been changed in 3 years
<teward> (and sarnold has said he'd cursory review the code if it doesn't expldoe violently on compile...)
<Jenshae> What essentially is NGINX and Brotli and what is Brotli meant to do?
<teward> NGINX is a web server software
<teward> i'll let sdeziel explain brotli
<sarnold> brotli's yet another compression tool
<sdeziel> one that's supported by most browser
<sdeziel> but yeah, possibly just another in the big lot :)
<Jenshae> Compression for video and images?
<sdeziel> Jenshae: no, generic compression algo
<sdeziel> for gory details https://tools.ietf.org/html/rfc7932
<teward> ewwwww this is ugly
<teward> sarnold: ^
<Jenshae> How would you apply it and why is it needed? For slow connections then the browser decompresses it?
<teward> sarnold: it looks like it pulls in a lot of extra brotli deps
<teward> into the source tree
<teward> which breaks debian
<teward> since it pulls the brotli deps in via git submodules and not libbrotli
<sarnold> teward: o_O it's not just a -lbrotli kind of thing?
<teward> which means I personally am NACKing it
<teward> sarnold: correct.
<sarnold> yeah. not interested in yet another embedded code copy :)
<teward> which means Google needs to learn how to actually write plugins.
<teward> sdeziel: NACK'd for NGINX
<sdeziel> I had already forgotten about it ;)
<teward> :P
<Jenshae> (Sorry, I am just curious, I did a bit of XML 15 years ago and 6 month contract of PHP coding a handful of years ago, both for intranets. That is the closest I have come to web development)
<teward> *returns to kicking around a firewall*
<sarnold> Jenshae: in this case it's probably a transparent server-applied compression that the clients then decompress.. the clients send up a header on requests to indicate which compression schemes they can cope with
<teward> ahah wait a second
<teward> sarnold: i think i found a fork that'd work
<sarnold> Jenshae: zlib's been around forever and everything on the planet supports it, but there are faster systems and there are better compressing systems and sometimes both :)
<Jenshae> Cheers. How is default SNI encryption coming along?
<sarnold> I think it's still in the "oh god cloudflare what are you breaking *this* time?" stage. maybe it'll come along.
<Jenshae> Hehehe :D
<sdeziel> teward: the "surviving" fork appears to be https://github.com/eustas/ngx_brotli
<Jenshae> GitHub still kicking or is there still a steady stream of devs over to GitLab?
<sdeziel> I like what I understood from SNI encryption... leveraging DNSSEC is nice IMHO
<teward> sdeziel: yes i'm working with that now
<teward> sdeziel: or trying to
<teward> sdeziel: if it explodes because it's missing deps/brotli/* then it's still NACK'd
<teward> if it doesn't fail, sarnold gets asked to do a cursory code review ;P
<sarnold> "add ubuntu 18.04 libbrotli-dev path " -- that's a good start, heh
<sdeziel> teward: don't lose time on this, I was just _wondering_/asking if... :P
<Jenshae> I also like the theory of eSNI and hope it puts a finger in the eye of snooping government officials. (They really want *everything* in the UK and to distribute it across 49 agencies, which would mean leaks galore.)
<teward> not a problem :P
<teward> sdeziel: ^
<teward> sdeziel: well, it didn't FTBFS
<Jenshae> FTBFS = ?
<sarnold> fail to build from source
<Jenshae> Thanks
<teward> sdeziel: going to see if it works in runtime with their examples.
<teward> if it doesn't, then it won't work, if it does, sarnold gets the link next :p
<teward> sdeziel: i'm going to run a PPA build on this so I can test in containers more easily.  It'll take a bit though, sorry.
<teward> sarnold: if you want to review in the interim... https://github.com/eustas/ngx_brotli is the codebase :P
<teward> sarnold: thoug hI'm assuming we're going to NACK it for main because third-party :P
<teward> (but it never hurts to ask, no?)
<sdeziel> teward: no need to be sorry, I have no pressing need for brotli, merely some interest in the tech
<teward> sdeziel: indeed.
<teward> ERR:INTERNETDIED666THEENDISCOMEAPOCALYPSENOW  *goes to fix his internet*
<sarnold> teward: maintaining an ubuntu delta from debian to add features or remove features isn't exactly *new*.. but you'd probably need server team interest in it too. :)
<teward> sarnold: :P
<teward> sarnold: true statement, though.
<teward> (my IRC connection runs on my phone's internet, it's why i'm still here lol)
<sarnold> teward: 90% of it looks pretty good. I'll pop open some issues and see what the responses are..
<teward> sarnold: 'cept for the license part
<kstenerud> in https://dep-team.pages.debian.net/deps/dep3/ what do "forwarded" and "forwarded upstream" mean?
<teward> kstenerud: if you would read it it would explain what the forwarded tag means
<teward> 'forwarded upstream' means the patch has been relayed to the upstream developers of the code/program typically
<ahasenack> kstenerud: about my email, I meant http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#postfix
<ahasenack> to keep an eye on that
<ahasenack> I was on my phone and didn't have the url at hand
#ubuntu-server 2018-10-04
<keithzg[m]> Hmm, running a 16.04 -> 18.04 upgrade I'm seeing a whole whack of "no candidate ver:" listings for ancient packages that I haven't had installed for good reason for quite some time (ex. a whole bunch of 3.x kernels).  Is there some way to clear out those old listings?
<tomreyn> keithzg[m]: you must have packages installed which still reference these
<tomreyn> may i suggest https://github.com/tomreyn/scripts#foreign_packages to sort out leftover packages (after cleaning up your apt sources, i.e. removing those you no longer need).
<keithzg[m]> tomreyn: Thanks!  I'll definitely give that a shot once I'm done the upgrade. I'd be somewhat surprised if there was anything really, but then again this is a VM I actually inherited from the previous sysadmin so who knows what skeletons are in its closet, hah
<tomreyn> a good idea then. also "ubuntu-support-status"
<tomreyn> keithzg[m]: ^ and maybe debsums -as
<tomreyn> + deborphan ;)
<keithzg[m]> Huh, fail2ban is "unsupported" these days? Even more surprising, lazily searching packages.ubuntu.com returns no results for it, but that just seems to be that the website search isn't working (a local `apt policy fail2ban` shows that it's in universe, which I suppose would be the reason for ubuntu-support-status to report it as "unsupported" even though that seems misleading).
<tomreyn> !info fail2ban
<ubottu> fail2ban (source: fail2ban): ban hosts that cause multiple authentication errors. In component universe, is optional. Version 0.10.2-2 (bionic), package size 321 kB, installed size 1698 kB
<tomreyn> keithzg[m]: https://help.ubuntu.com/community/Repositories#Universe
<keithzg[m]> tomreyn: Oh I know what 'universe' means for the Ubuntu repos. It's just that "supported" or "unsupported" seems like a misleading binary state to me in this case; that it's from a maintained package in the repos is surely at least *some* level of support, particularly compared to, say, if it was installed from a third-party repository that's no longer configured on the system.
<tomreyn> here 'supported' refers to 'canonical provides security support for it'
<sarnold> fail2ban has been in universe since at least precise, probably earlier
<keithzg[m]> Like, the distinction makes sense, it just means that `ubuntu-support-status` isn't necessarily too useful to me.
<sarnold> keithzg[m]: the important takeaway here is that if there's a bug in it that you want fixed, *you're* the one supporting it :)
<keithzg[m]> sarnold: Eh, that's not the takeaway is it? Surely it's just, if there's a bug in it that I want fixed, it just isn't *Canonical's* problem :D
<sarnold> keithzg[m]: yeah :) it's just that all too often folks expect Someone Else to solve their problems..
<keithzg[m]> sarnold: Yeah, fair! Although I can't imagine such folks would let a package being in "universe" stop them, hell I bet rarely would "I downloaded this from some random website and half-followed the instructions" stop 'em ;)
<sarnold> keithzg[m]: too right you are ;)
<lordievader> Good morning
<jelly> keithzg[m]: what else would you have "unsupported" mean but "unsupported by distro vendor"
<ahasenack> good morning
<ahasenack> rbasak: thanks for the reviews. Could you take a quick look at https://code.launchpad.net/~ahasenack/ubuntu/+source/squid/+git/squid/+merge/356100/comments/926735 for one extra commit I added to squid? It's on top of what you reviewd already, I just had to regenerate the changelog after it
<rbasak> ahasenack: +1 (commented)
<ahasenack> rbasak: thanks
<ahasenack> rbasak: I think I'll take over https://code.launchpad.net/~paelzer/ubuntu/+source/strongswan/+git/strongswan/+merge/355589
<ahasenack> it was trumped by two security updates in the meantime, and the upload was rejected (https://launchpad.net/ubuntu/cosmic/+queue?queue_state=4&queue_text=strongswan)
<ahasenack> rbasak: is there a place to see why it was rejected, although in this case I think that was the reason?
<rbasak> ahasenack: only the uploader gets the reject message unfortunately
<ahasenack> ok
<rbasak> Ask in #ubuntu-release perhaps?
<ahasenack> checked, it was the secteam's upload
<ahasenack> I'll resubmit
<ahasenack> rbasak: what happens with the git tree in this case?
<ahasenack> I guess since it was never uploaded, it will never be imported
<ahasenack> so the changes will never show up in the pkg git tree, just the upload tag
<ahasenack> which won't match what was actually uploaded as that version/release
<rbasak> ahasenack: correct. Best to delete the upload tag to avoid confusion.
<rbasak> (which is the ugly part, but it's the least worst option IMHO)
<ahasenack> rbasak: https://code.launchpad.net/~ahasenack/ubuntu/+source/strongswan/+git/strongswan/+merge/356135 3rd mp about this :)
<rbasak> ack
<Slashman> hello, am I missing some kind of package to have libvirt support zfs pool on 18.04? trying "virsh pool-define-as nvme1 zfs --source-path /dev/zvol/nvme1" gives me "error: internal error: missing backend for pool type 11 (zfs)"
<Slashman> it works on 16.04, I don't remember that I had to install something special
<ahasenack> hm
<ahasenack> Slashman: try installing libvirt-daemon-driver-storage-zfs
<Slashman> ahasenack: thanks! this package does not exist on 16.04
<Slashman> ahasenack: hm, same error, do I have to restart something or modify a config somewhere ?
<ahasenack> try restarting libvirtd-bin (iirc)
<Slashman> ahasenack: "libvirtd.service", and it works now, thanks! time to update my ansible role
<ahasenack> cool
<mason> Does libvirt-daemon-driver-storage-zfs end up setting up zvols per VM?
<mason> I've been doing this by hand, and I like the idea of it automatically happening.
<ahasenack> are there particular advantages in using zvols instead of plain image files on a zfs dataset?
<ahasenack> I find the image file quite convenient, mainly because of its name and ease of moving around if needed
<Slashman> ahasenack: very useful to transfer, clone, backup, etc
<ahasenack> well, that's about zfs, not zvols in particular
<mason> ahasenack: Yes. send/receive/snapshot per VM
<ahasenack> hm, per vm, instead of per directory where all vms are you mean?
<mason> Sorry, I should have said "per VM"
<Slashman> yes, datasets per VM is great, you can have several per VM too, I usually have at least one for the OS and an other for the data
<sdeziel> ahasenack: I didn't benchmark it but I'd expect better performance from zvol when compared to raw|qcow2 on zfs
<ahasenack> there are benchmarks out there comparing the two, and it's not that clear cut
<Slashman> you can snapshot the tree too, eg: "tank/VM/xenial/root and tank/VM/xenial/data", "zfs snapshot -r tank/VM/xenial"
<Slashman> or make a different tree to snapshot only the data
<ahasenack> http://jrs-s.net/2018/03/13/zvol-vs-qcow2-with-kvm/
<Slashman> tank/VM/root/vm1 tank/VM/root/vm2 tank/VM/data/vm1 tank/VM/data/vm2 => zfs snapshot -r tank/VM/data
<sdeziel> ahasenack: interesting, thanks
<sdeziel> the per VM snapshot is just too nice for me to abandon zvols though
<ahasenack> yeah, I can see that
<Slashman> on a side note, using "ashift=13" on ssd is not a good idea in reality
<sdeziel> this becomes especially nice when coupled with pre-boot snapshort that a qemu hook can do :)
<Slashman> it destroys the compressratio and the performance is basically the same
<Slashman> backups and migration of VM are also much more easier with zvol per VMs
<ahasenack> rbasak: I applied your suggestions and ran the tests again, all good. Could you take another look? https://code.launchpad.net/~ahasenack/ubuntu/+source/sssd/+git/sssd/+merge/355524
<mason> I'm kind of excited about libvirt-daemon-driver-storage-zfs now.
<ahasenack> rbasak: and, do you have a preference whether to squash it all now or later? I think it's easier to review leaving as is
<mason> And since my hypervisors are Bionic, I can leap right in.
<ahasenack> mason: does it create the zvol, or do you have to hand it one already created?
<ahasenack> (if you have tried it already)
<Slashman> seems like libvirt-daemon-driver-storage-zfs is only the driver and does nothing else
<mason> ahasenack: We'll find out! I assume it creates it, because if it doesn't, the package doesn't do much.
<mason> Hrm. In that case, what's it actually do? I'm creating zvols by hand and passing them in as block devices.
<Slashman> mason: it activate the zfs pool storage, you cannot have one if you don't have it
<ahasenack> you can create a pool with a random block device, no? Then what would be the difference indeed between that and a zvol?
<mason> Slashman: I can say for sure that I can have one without that package. :P
<Slashman> mason: I can't
<Slashman> mason: I tried before
<Slashman> see above
<mason> Slashman: Worked fine for me in Xenial, continues to work fine in Bionic...
<rbasak> ahasenack: +1 - commented
<Slashman> mason: it worked in xenial fine, this machine was installed with bionic, it was not upgraded
<Slashman> the nuance may be here
<mason> Slashman: Same here. I redid my hypervisor from scratch.
<rbasak> ahasenack: I'm caught up with you now I think? Anything else pending review for you right nwo?
<mason> Slashman: I have both cases. Desktop/hypervisor is an upgrade, and dedicated hypervisor was a fresh install.
<mason> Slashman: screenshot incoming
<ahasenack> rbasak: nope, you've been stellar, thanks
<Slashman> mason: well, I had "error: internal error: missing backend for pool type 11 (zfs)" before I installed libvirt-daemon-driver-storage-zfs
<Slashman> I tried to define it via xml, via virsh pool-define-as and via virt-manager, same error
<mason> Slashman: https://imgur.com/a/E8jyKQp
<Slashman> mason: this is a raw disk
<mason> Slashman: And I don't have libvirt-daemon-driver-storage-zfs on either system.
<mason> Slashman: Yes.
<Slashman> that's not the same
<mason> Slashman: How so?
<Slashman> you can have pool of type zfs
<mason> Slashman: What's that buy me if zvols aren't autogenerated when I create a VM?
<Slashman> mason: maybe then, I have never used the autogeneration of storage
<Slashman> I have scripts that create everything and then define the VM
<mason> Slashman: I'm curious now. What does a "pool type of zfs" mean, tactically?
<rbasak> ahasenack: do you want to continue with triage for bug 1787739? I have some questions I'd like answered but I don't want to pull the reporter in two different directions at once.
<ubottu> bug 1787739 in bind9 (Ubuntu) "postfix name lookup failed after dist-upgrade (Aug-2018)" [Undecided,Incomplete] https://launchpad.net/bugs/1787739
<ahasenack> hm, I got that email
<rbasak> (I see you're subscribed but it came up in my triage today)
<Slashman> mason: https://apaste.info/cwL1
<ahasenack> rbasak: let me take a quick look
<Slashman> damn, no type
<rbasak> ahasenack: no rush - just don't want it to get lost if I leave it
<ahasenack> rbasak: I still think it's something on his setup, the vagrant image doesn't help
<mason> Slashman: Well. But what does it do for you that I don't have passing in zvols as raw disks?
<ahasenack> rbasak: this is now falling under support I think. Asking for tcpdump packet captures and the like
<ahasenack> I have never used vagrant, though
<rbasak> ahasenack: yeah I'd ask him for reproduction instructions (rather than an image) and that hit public infrastructure
<Slashman> mason: well, in virt manager, you see a pool and can select the drives, etc, not sure about the definition of the host themselves
<ahasenack> rbasak: I'd say we can't reproduce it
<ahasenack> maybe suggest that he inspect the traffic with tcpdump, and bump the logs on his 192.168.0.130 nameserver
<ahasenack> rbasak: ^
<Slashman> mason: but you make a good point, I'm not really using that, I guess that you have a driver type "zfs" that should have bnetter perf than the "raw" one
<rbasak> ahasenack: I'd avoid going into support detail. That encourages a more-support-help response and he's better of getting that from askubuntu.com or Ubuntu forums or wherever rather than in a bug.
<rbasak> ahasenack: I wonder if this is https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-5738.html
<rbasak> (ie. deliberate somehow)
<ahasenack> rbasak: you mean as a regression, or that he hasn't updated? (didn't check the version number)
<rbasak> I mean that a security hole was closed and he's noticed
<rbasak> (I haven't looked in detail, but he seems to be claiming a regression-update?)
<ahasenack> I think not, because he does get a correct response, but with an error status
<rbasak> At the least he can pin it down to a specific update for us.
<ahasenack> it's odd. That's why I thought it was some sort of truncation
<rbasak> Yeah I don't know why that would be SERVFAIL rather than refused.
<mdeslaur> jamespage: hi! what's up with openvswitch (2.5.5-0ubuntu0.16.04.1) xenial?
<rbasak> ahasenack: you want me to reply?
<mdeslaur> jamespage: I want to fix some cves, and wonder if that's going to get released soon or not
<mason> Slashman: I'll compare performance sometime, as that's a fair bet.
<Slashman> mason: "zfs" driver type doesn't exists at least on xenial
<ahasenack> rbasak: I think we should at least try his vagrant config, since he went through so much effort to try to help and give a reproducer
<sdeziel> mason: Slashman: having a pool in libvirt (be it a zpool or a lvm one) means one can create new disks with only virsh access, no direct SSH required
<ahasenack> rbasak: leave it to me
<rbasak> Thanks]
<Slashman> sdeziel: okay, that make sense
<mason> sdeziel: Okay. Okay, that's also reasonable.
<teward> sdeziel: just an FYI, ngx_brotli will only work over HTTPS :|
<teward> so it has no benefit for non-https connections
<Slashman> since I'm always creating the VM and their disk via automation, I never really looked at that, I just found useful to see the zpool with the volume in virt-manager when I needed to debug something
<sdeziel> teward: I don't maintain a single HTTP only site ;)
<sdeziel> teward: I looked at BREACH and the compression with HTTPS is only problematic when you compress stuff with secrets inside (like CSRF tocken)
<Slashman> teward: ideally your http site should only be here to redirect to https
<Slashman> teward: interesting, do you have a source for the BREACH stuff about secret? also from my researches, brotli uses a lot of CPU unless you compress in advance your content
<teward> Slashman: as that's its own discussion in itself, we'll store this argument later.
<teward> for later*
<sdeziel> teward: so I _think_ I'm safe to use (gzip|br) for only CSS and JS
<teward> sdeziel: indeed.  There's a headache in the brotli code though, if you give it text/html and a list of other MIMEtypes it throws a warning
<teward> sdeziel: but yeah all 'should' be OK.
<teward> sdeziel: basic tests seem to work in a container, so it'd work, but as there's some... code issues... that sarnold found, it wouldn't be in main
<teward> there's some overflow / out of bounds concerns
<teward> which could cause segv
<sdeziel> teward: thanks for looking into this
<Slashman> you need much more mime type if you want to have a real gain, depending on your applciation
<teward> sdeziel: thank sarnold as well
<sdeziel> sarnold: yeah, thank you indeed
<teward> sdeziel: one concern is text/html is *always* compressed
<teward> even if you only want to compress css and js
<teward> so unless you configure properly there may be a risk
<teward> I don't have details on how BREACH works, the Security team might know more than me on that for testing
<teward> sdeziel: but yeah it should be doable, provided that the issues sarnold found are non-issues
<teward> (we're waiting for upstream responses)
<Slashman> teward: what do you think of something like that for compression: https://paste.ubuntu.com/p/54fCqsc883/ (in httpd format)
<teward> sdeziel: it wouldn't be added until next cycle though
<teward> a bit late in the cosmic cycle to add L|
<teward> Slashman: i'm not sure how this got onto a discussion of "Is this sane" or not
<teward> I was following up with sdeziel on something from yesterday
<sdeziel> teward: indeed, upstream doc confirms that text/html is always compressed when gzip is enabled
<teward> sdeziel: issues 21 and 22 are Seth's discoveries
<Slashman> teward: okay, but you seem to have some experience in compression for httpd servers
<teward> and those are what i'd wait on first :p
<teward> Slashman: not necessarily?
<teward> Slashman: i'm the nginx package maintainer
<teward> sdeziel asked me if getting brotli support in NGINX was doable
<sdeziel> teward: EMISSINGREFERENCE, is there a bug I should be looking at?
<teward> sdeziel: upstream bugtracker, on the repo
<sdeziel> thx
<teward> https://github.com/eustas/ngx_brotli/issues, 21 and 22
<teward> code level concerns
<Slashman> teward: okay, I'm also interested in brotli for nginx
<teward> sdeziel: if sarnold ACKs for Main inclusion then I can add this to the standard module set for all the flavors
<teward> if he doesn't then it's stuck to -extras at the least
<teward> (because 'all the flavors' would include -core)
<teward> (for nginx, anyways)
<teward> sdeziel: TL;DR, there's a conditional ACK on this because of the code problems/risks
<teward> if there's no issues then all it determines is whether we want to MIR that plugin *into* the nginx-core flavor :P
<sdeziel> I understood as much
<teward> *yawns, and goes to find more coffee*
<sdeziel> Slashman: re your compression config for apache httpd, it includes text/html which opens a BREACH when using HTTPS
<sdeziel> Slashman: for details see http://www.breachattack.com/ and more specifically the "Am I affected" section as more conditions are needed to be vulnerable
<teward> sdeziel: I wonder if that's a risk with brotli then as well, because it always compresses text/html?
<teward> not sure but thought I'd ask.
<teward> s/ask/mention it/
<sdeziel> teward: the way I understood this applies to every compression algo
<teward> sdeziel: then this would introduce another BREACH risk if left on the defaults (cc sarnold)
<sdeziel> teward: anything that compresses the HTML body containing a secret thing
<sdeziel> teward: well, same caveat as with gzip
<teward> indeed.  with nginx you can configure brotli in a location block that matches only .css and .js or such to be enabled, thereby protecting against BREACH =
<teward> but that gets complex fast heh
<sdeziel> teward: I must admit I don't like the always on compression for text/html
<teward> sdeziel: agreed
<teward> sdeziel: upstream issue 23 about breach opened.
<Slashman> sdeziel: okay thanks, I'll check with the dev team if we have all the condition to be vulnerable
<sdeziel> teward: for the gzip part there is this bug already https://trac.nginx.org/nginx/ticket/1083
<teward> sdeziel: yes, I know, but gzip_types actually lets you override to ignore text/html in NGINX code
<teward> that's the workaround
<teward> and it works
<teward> but brotli doesn't have that workaround
<teward> so it's a risk
<sdeziel> teward: what I understood from the doc, is that gzip_types has an implied text/html
<teward> sdeziel: if you don't specify `gzip_types` and override it, yes.
<teward> but that's easily overridden
<teward> my point is that the workaround which protects against text/html that is adjusting the config.
<teward> if you provide it, say, `gzip_types application/javascript text/css;` it ignores text/html
<teward> that isn't the case in the brotli plugin
<sdeziel> teward: please re-read https://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_types
<teward> oop you're right i reread
<teward> i need to bump this i think
<teward> sdeziel: the other way is to just shut off gzip which is actually a default change I think
<teward> at least, for the configs we ship... *double checks*
<teward> sdeziel: given that the default is `gzip off;` this is only really a risk for people who use GZIP on their site
<teward> but you're not wrong
<teward> it's still a risk
<sdeziel> teward: yup
<jamespage> mdeslaur: I'll kickoff the testing now and clear the way for your CVE's
<mdeslaur> thanks jamespage!
<teward> sarnold: lol, apparently I get a faster response to my "BREACH Risk" issue on ngx_brotli than your code related questions get a reply to lol
<sarnold> teward: nice find.
<teward> sarnold: thanks.  yeah it was a "WTF" for a moment, but it looks like NGINX Upstream has the same problem and didn't do anything about it
<sarnold> cute.
<petershaw> How to install XEN on Ubuntu 18.04. Seams that the repo is not installed by default. Any ideas?
<ahasenack> petershaw: can you check if you have universe enabled in /etc/apt/sources.list?
<ahasenack> petershaw: the 18.04 server installer had a bug where it would only enable the main repository
<petershaw> Ah. yes only main
<petershaw> Thank you very much, ahasenack
<ahasenack> petershaw: welcome, sorry about the bug
<ahasenack> it's fixed in the last release
<teward> ahasenack: it still has that bug, actually.
<teward> unless you mean the 18.04.1 ISO?
<ahasenack> I thought 18.04.1
<ahasenack> but *could* be mistaken
<ahasenack> 18.10 is fixed for sure, I tested that recently
<teward> ahasenack: just tested with the copy that got synced down on my local mirror, it only enabled main
<teward> so hopefully for 18.04.2 that'll be fixed?
<ahasenack> :(
<ahasenack> no reason why not, since 18.10 is fixed
<ahasenack> teward: if you are curious, you may get the fixed version even with the 18.04.1 iso
<ahasenack> just switch to a terminal and issue snap refresh, if networking is up already
<ahasenack> "snap refresh subiquity" probably
<ahasenack> I haven't tried that, but heard it should be possible
<teward> ahasenack: maybe.  I have a script that I run to update everything currently to get what I need in terms of repos.
<teward> so heh
<jak2000> sorry i asked before but not found the answer, how to do this: AFTER only  AFTER start the server (after 2 minutes execute a command stored in: /usr/scripts/reloadApplication.sh)  of course the script have +x any advice?
<petershaw> jak2000 it is not really ubuntu related, but what is about a good old init.d script in combination with a sleep 120?
<jak2000> petershaw thanks, and sorry  why not ubuntu related?
<jak2000> apply to any distro?
<genii> ... that uses sysvinit scripts still, yes
<genii> You could also use some method like rc.local script which measures result of uptime against the timestamp of the last dmesg entry
<genii> ( or just also waits the 120 seconds, etc)
<sarnold> or cron @reboot sleep 120; /usr/local/bin/blah
<genii> ..since rc.local is ran after system is otherwise fully booted
 * genii slides sarnold a fresh mug
<sarnold> awwwwww yissss
<genii> hehe
<jak2000> interesting cron...
<jak2000> i want restart the server every Friday (it do)......
<jak2000> and after boot up, run the script: /usr/scripts/reloadApplication.sh
<jak2000> sarnold, then: crontab -e and write: 30 1  *    *    5 /sbin/shutdown -r now
<jak2000> and ?
<petershaw> Does someone has a tutorial-link for xen with netplan? I can't get the link working in my guest system. Since hours. I am getting mad.
<sarnold> and @reboot sleep 120 ; /usr/scripts/reloadApplication.sh
<sarnold> petershaw :(
<cyphermox> petershaw: not sure what you mean exactly, what kind of link?
<sarnold> petershaw: most folks using ubuntu for virtualization either go with full openstack or libvirt.. xen's just not getting much love
<sarnold> petershaw: where are you stuck? maybe someone's seen it..
<jak2000> 30 1  *    *    5  @reboot sleep 120 ; /usr/scripts/reloadApplication.sh          <--- reboot and after 120 seconds run the script?
<petershaw> sarnold i have a xenbr0 and a vlan, but my guest does not get a connection while installation.
<cyphermox> is the guest the one you're trying to configure with netplan, or the host?
<sarnold> jak2000: no, the @reboot takes the place of the time/date/dow/dom specification entirely
<petershaw> sarnold  this is my netplan conf https://pastebin.com/a9WGsANp
<cyphermox> ok, the host.
<cyphermox> petershaw: I guess the guest is getting connected on xenbr0?
<petershaw> should be.
<cyphermox> my guess is the subnet is wrong
<cyphermox> in your config for enp4s0f0 you use /19
<petershaw> jap. that is correct. it is a /19 net.
<cyphermox> in xenbr0 you use /24, there's possibly some mess there, where the dhcp server on that network can't reach the devices behind the bridge?
<cyphermox> those look to be on the same network -- enp4s0f0 and vlan 1 are both on "vlan 1"
<cyphermox> unless you do some magic with vlan tagging, that is
<petershaw> ah... I do not understand bridges, i guess.
<petershaw> What ip shoud the bridge have?
<cyphermox> you might also need to set ip forwarding, if the main network is supposed to give DHCP
<petershaw> ip forwarding is enabled, also (network-script network-bridge) is incommented
<cyphermox> petershaw: I don't know, it depends on your network setup, but it's one number off from the IP you set for enp4s0f0, except in /24 instead of /19
<cyphermox> so that /24 looks like it probably should be a /19?
<jak2000> for testing purposes:
<sarnold> petershaw: I don't know bridges either but it kind of looks like you've assigned an ip address to the interface that's attached to the bridge; I thought linux required the interface to not have an address, but give the bridge the address?
<jak2000> @reboot sleep 120 ; /home/jak/ftp/c.sh
<jak2000> 03 17 * * * /sbin/shutdown -r now
<jak2000> its ok?
<sarnold> jak2000: I'm pretty sure that'll reboot your machine every day. is that what you want?
<jak2000> yes
<jak2000> 17:03
<jak2000> restarted :)
<jak2000> how to know if run my script: /usr/scripts/reloadApplication.sh
<jak2000> ?
<jak2000> see:
<jak2000> jak@vmi103461:~$ date
<jak2000> jue oct  4 17:05:47 MDT 2018
<jak2000> and:
<jak2000> jak@vmi103461:~$ uptime
<jak2000>  17:05:49 up 1 min,  1 user,  load average: 3.40, 1.55, 0.58
<jak2000> sorry how to know if: /home/jak/ftp/c.sh    was exxecuted?
<sarnold> what does it *do*? :)
<jak2000> i use glassfish... and every restart need restart the domain (the Glassfish server)....
#ubuntu-server 2018-10-05
<CarlenWhite> Is the ubuntu repository acting slow for anyone else?
<sarnold> CarlenWhite: hrm, I don't see anything particularly surprising on our bandwitdh pages..
<sarnold> CarlenWhite: what specifically is going slow?
<CarlenWhite> Trying to install a package but there might be some interference outside the scope of my desktop and router. Wasn't expecting slow network and browsing normally seems fine. I'll have to poke around.
<CarlenWhite> I guess the Chromecast is active...?
<sarnold> netflix apparently says 4k 60hz video takes ~25Mbps
<sarnold> so depending uponm what you're doing with chromecast, maybe it is or maybe it isn't a factor..
<CarlenWhite> We rural. Max we get here is 15Mbps down over DSL.
<sarnold> aha, then chromecasting something might have a very real impact on what you can get from the ubuntu archive servers
<CarlenWhite> I think my QoS setting might be acting weird. A bolt on page for DD-WRT is reporting 500KiB as 30% used capacity.
<CarlenWhite> Actually after I said that it's down 130KiB. I'm getting conflicting reports on different pages of my router.
<CarlenWhite> As much as I love DD-WRT, it really could use a built in method to help figure out which device is being overzealous.
<CarlenWhite> Then again, any router would be better with that information.
<sarnold> I'm surprised ddwrt doesn't already have that
<sarnold> it almost seems like the first thing that would have been implemented :) hehe
<CarlenWhite> You can bolt something on but it hasn't been maintain for a few years and takes ~30s until it collects enough information to show usage and refreshes slowly. Not exactly ideal for finding bursts of when slowdowns happen.
 * CarlenWhite is apparently at war with the various internet connected devices in his home.
<CarlenWhite> Testing upload speed.................................................. Upload: 0.00 Mbit/s
<CarlenWhite> That isn't good.
<sarnold> that's enough to make me think it's busted entirely :)
<sarnold> try https://fast.com/# -- after the primary test you can click on the upload portion to see your upload speed
<CarlenWhite> I guess the speedtest-cli is being weird.
<CarlenWhite> Oh I guess I could also open the Home app and see that one of the Chromecasts is indeed being used for Netflix.
<CarlenWhite> That could've been a more sane course of action.
<CarlenWhite> Probably made my sister's viewing experience become a mess of pixels from trying to figure out what was going on.
<CarlenWhite> Well good knowing the QoS settings are doing it's job. It has effectively made my network go at a snails pace for anything that isn't video streaming.
<sarnold> CarlenWhite: hah, poor sister.. "why does it look like 64x48 at 2hz?!?" :)
<CarlenWhite> Well actually if it worked correctly, she should notice little quality loss.
<zzarr> hello!
<zzarr> I have installed Ubuntu server on a machine with LVM
<zzarr> how do I resize the root partition?
<blackflow> zzarr: using your filesystem specific tools (eg. resize2fs for ext*), offline (not booted into that root). don't forget to resize the LV too, after you've resized teh filesystem. Of course, back up all the data first.
<zzarr> I meant to resize the LVM partiton
<blackflow> zzarr: you need to specify what you mean as "LVM partition"?  The underlying pv? The vg? the LV for the root fs?
<zzarr> ohh, sorry, I'm new to LVM's
<zzarr> the LV
<zzarr> I wish to make /dev/mapper/ubuntu--vg-ubuntu--lv bigger
<blackflow> so then exactly what I said :) you first need to resize the fs, then the LV under it
<blackflow> oh bigger, then you enlarge the LV first, then the fs on it. To enalrge the LV look into lvextend command
<zzarr> I resize the fs first?
<blackflow> you enlarge the LV first, then the fs
<blackflow> you shrink the fs first, then the LV
<zzarr> that's what I thought
<zzarr> can I list GV's and LV's?
<blackflow> sure. lvscan, vgscan.
<zzarr> nice, that's my biggest problem, not knowing the names
<blackflow> there are plenty of LVM primers online, if you need one to get through all the concepts and commands ;)
<zzarr> yes, I have been reading the official LVM guide, but I felt that I didn't get the hang of it
<zzarr> I just realized the machine I got have 4 GB RAM, not 2 GB as I thought
<zzarr> success, the root partition is now 60GB instead of 4GB
<zzarr> nice, thank you
<zzarr> fs resized as well, it's easy when I understand :)
<blackflow> zzarr: if you're still learning these concepts, I wholeheartedly suggest you to look into ZFS. it's so advanced and integrates filesystem, raid and volume management, into one technology. it is a pooled FS, so it behaves like LVM when it comes to provisioning PVs.
<zzarr> ZFS is nice, but I don't have any interesting hardware to use it on
<blackflow> zzarr: you have a server, right? :)
<zzarr> yepp, but only one drive (240GB SSD)
<blackflow> so? you won't need the raid capabilities, but there's still: pooled fs, snapshots, data checksums, compression.
<blackflow> although... zfs on linux still doesn't support TRIM, if that's important to you, so that might be a deal breaker.
<zzarr> wouldn't that require a reinstall?
<blackflow> it would, yes. plus the installer can't do zfs, so you'd have to debootstrap it from liveusb
<zzarr> I need trim
<zzarr> I see, I might buy some other hardware to do that with
<blackflow> are you sure? modern SSDs do wear leveling just fine. TRIM was important in the past, not so much today.  but okay, if you don't want ZFS, I'm not trying to coerce you :)  just saying ZFS is worth all the trouble to get it under your (important) data ;)
<zzarr> by the way, is single system image possible in a cluster of Ubuntu server machines?
<zzarr> I'm planing on building a Ceph SAN later
<blackflow> not sure what you're asking
<blackflow> one SAN-based rootfs shared by multiple compute nodes?
<zzarr> yes it will be shared among many nodes
<zzarr> I have one of these http://www.banana-pi.org/r2.html it will make my SAN look like a NAS from the outside
<blackflow> well... not sure. Me and Ceph are not uh.... on good terms :)
<blackflow> *Ceph and I
<zzarr> I see, I have not tested it yet, but I have a friend that works with it and he can help me
<zzarr> not sure if you answered my question about single system image
<zzarr> is it possible in Ubuntu server?
<blackflow> zzarr: oh I answered, I'm not sure because I'm not good with Ceph. We don't talk. :)
<blackflow> otherwise I don't see why not. if by system image you mean the rootfs, I suppose it can be easily shared in read only mode.
<zzarr> single system image have nothin with ceph to do
<blackflow> well there are a lot of aspects to SSI, and I'm guessing you're asking about the rootfs (since you mentioned ceph - which is storage, and not, say, IPC shared in teh cluster)
<zzarr> single system image is a type of cluster
<blackflow> yeah, I know. But I don't know how well ubuntu supports it. as for shared rootfs, which I initially commented for, it should be doable.
<zzarr> I see
<zzarr> single system image is more then just sharing filesystem, it's a cluster which if you log in to it your shell ends up on one node and if you start an application it might end up on another depending on load
<jak2000> hi all
<jak2000> anyone here have experience with mysql?
<blackflow> jak2000: maybe, ask and wait if someone might know. there's also #mysql, if your problem is not ubuntu specific.
<jak2000> sorry and escuse me:    always that i restart my server with: shutdown -r now      after restarted if i try access to mysql i get the error: "ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)" and i need type: sudo mysqld_safe --tc-heuristic-recover=COMMIT    because i cant connect immediatly, why? (need stop the service before the
<jak2000> restart?) any advice?
<blackflow> jak2000: is the mysql service running, on boot? which ubuntu is this?
<rbasak> jak2000: also, how did you install MySQL? Are you using the package shipped with Ubuntu, or are you using a third party package?
<compdoc> an update once broke my mysql. had to mess with the .conf files and put them in the right places
<jak2000> installed: apt get install mysql
<jak2000> how to check i if is running on boot?
<blackflow> jak2000: systemctl status mysql.service     (or whichever the service unit name is)          (I'm asuming Ubuntu 16.04 or newer)
<jak2020> blackflow thanks
<sandstrom> I installed the package `1.14.0-0ubuntu1` a few weeks ago on 18.04, worked smoothly. Then I spun up a new Ubuntu 18.04 machine today and tried the same thing. Didn't work, because of this error:
<sandstrom> The following packages have unmet dependencies:
<sandstrom>  nginx-extras : Depends: libnginx-mod-http-auth-pam (= 1.14.0-0ubuntu1) but 1.14.0-0ubuntu1.1 is to be installed
<sandstrom> [â¦}
<rbasak> jak2020: if you can reproduce, please could you show us (pastebin) /var/log/mysql/error.log straight after a reboot, and straight after a manual start attempt following the reboot? Please identify the time of the reboot so we know where that happened in the log.
<sandstrom> Anyone know what has caused this? Seems like the dependencies are somehow pointing at the wrong thing now?
<rbasak> jak2020: the "pastebinit" command is handy :)
<mybalzitch> rbasak: I do enjoy that command with a few arguments
<rbasak> sandstrom: have you tried an "apt update"?
<sandstrom> Yes
<sandstrom> It works if I change to the package name with extra `.1` at the end
<sandstrom> "1.14.0-0ubuntu1.1"
<rbasak> Are you confusing package names with package versions?
<rbasak> I don't follow what you're doing exactly.
<sandstrom> Perhaps :)
<rbasak> What command are you typing?
<sandstrom> `sudo apt install nginx-extras=1.14.0-0ubuntu1`
<rbasak> Why are you forcing the version string there?
<rbasak> Why not just "sudo apt install nginx-extras"?
<sandstrom> To avoid updates that we aren't aware of
<rbasak> Your problem is that you've already picked up something that wants 1.14.0-0ubuntu1.1 - probably you already have an update that you aren't aware of.
<sandstrom> This is for a provisioning script, so if we are spinning up many machines over the course of 1-2 months we want them all to run the same version
<rbasak> Don't use apt then.
<rbasak> If you want them all the same, get all the debs and throw them at dpkg -i directly.
<rbasak> Or manage your own repo
<sandstrom> I thought apt could handle version-pinning, but perhaps I've misunderstood something
<rbasak> It can but only if you don't give it an impossible to fulfil request, which is what you've managed to do.
<sandstrom> Hehe :)
<rbasak> Generally apt tries to keep you up to date.
<sdeziel> with security patches you know :)
<rbasak> If you don't want to be up to date against what you're pointing it to then you don't need apt.
<sandstrom> I'm fine with allowing minor updates, but would like to ensure that the major isn't bumped
<rbasak> See https://wiki.ubuntu.com/StableReleaseUpdates
<rbasak> That's what we try to do for stable releases.
<rbasak> You can see actual updates as they are published here: https://lists.ubuntu.com/archives/bionic-changes/
<rbasak> Or you can enable the security pocket only, disabling the updates pocket. Then you'll get security updates only.
<blackflow> apt-get changelog <packagename> is very valuable too. I use that before running upgrades
<rbasak> (though security updates are based on the latest SRUs, so if there's a security update in a package that has been SRU'd, you'll end up with SRU + security update)
<sandstrom> Thanks for explaining. My primarily knowledge about dependency management and repositories is node packages and ruby gems, where it's fairly straight-forward with version-pinning.
<rbasak> It's also fundamentally broken :)
<blackflow> sandstrom: yeah but you can't do that with a integrated system like Ubuntu Linux distro is. can't pick'n'choose package versions.
<rbasak> The problem comes when you have a complex dependency tree with versioned dependencies
<sdeziel> I'd recommend setting up apt-listchanges, will show you the changelog related to the update you are about to pull and ask you to proceed or not
<blackflow> if you need that, a custom repo and build from srcdebs is your only sane choice
<rbasak> You absolutely can pick'n'choose package versions, but you'll find it extremely difficult to not end up in an impossible situation.
<sandstrom> Hehe :) Great input, this is helpful
<sandstrom> I'll look at disabling the updates pocket and then drop the versions altogether.
<blackflow> rbasak: sure you can but only from list of versions in the repos, not the entire version range form upstrea,
<blackflow> *upstram
<blackflow> ohgodawfulkeyboardthing
<sandstrom> Then we'll just rely on the stable to be just that. And hope that machines provisioned over the next year will work even though they may use slightly different versions of nginx (and other packages)
<blackflow> sandstrom: why wouldn't they?
<blackflow> the "slightly different" is mostly about security and bugfixes. the base version of a package is baked in for the duration of LTS, withsome rare exceptions
<blackflow> but anyway, at any point in time, all your installations would have the same version (if you keep them all up to date)
<blackflow> you should really trust the S in LTS, it helps a lot in maintaining the packages in a stable fashion, so your own testing should be minimized (compared to running everything yourself straight from the upstream)
<sandstrom> blackflow makes sense!
<sandstrom> We're very happy with Ubuntu, it's just that some concepts around versioning strings for the packages are new to me.
<sandstrom> It's different from what I'm used to with ruby/node/rust
<rbasak> We're much more rigid than the language-specific module communites on stable meaning stable.
<blackflow> ruby/node/rust don't have that versioning scheme, because they're the origin
<rbasak> We also welcome participation in testing updates before they're released.
<rbasak> They appear in the proposed pocket, and if it breaks you and you tell us, we won't release the update.
<rbasak> See https://wiki.ubuntu.com/StableReleaseUpdates for all the details.
<jak2020> thanks.... all for help
<jak2020> rbtask, when have the problem i check the log file, thanks
<teward> ahasenack: if you're around do you have the bug number or link for the repositories enablement problem?
<teward> (that was present in the ISOs)
<powersj> teward, https://bugs.launchpad.net/subiquity/+bug/1783129 that one?
<ubottu> Launchpad bug 1783129 in subiquity "Only "main" component enabled after install" [High,Confirmed]
<teward> powersj: yep that one, thanks
#ubuntu-server 2018-10-06
<plm> Hi all
<plm> people, I would like to run Ubuntu ARM 18.4 in a VM, what is the best choice?
<blackflow> !crosspost
<ubottu> Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<plm> blackflow: I need no GUI, so is just server, because this I post here too. Sorry
<blackflow> plm: so you want ARM on non-ARM harware?
<blackflow> qemu. in fact, always qemu. whether it uses kvm or not, is a different question. :)
<plm> blackflow: yes.
<plm> blackflow: actually I have the 14.4 running on qemu
<plm> blackflow: I dont know how that image was made. But I need a newer version of python
<plm> blackflow: I tryed a ppa, works installing a new python version (python3.6), but erros when installing python3.6-venv
<plm> blackflow: I tryied too to upgrade from 14.4 directaly to 18.4, but have errors
<blackflow> yeah go through 16.04 first
<blackflow> but be aware there's plenty of radically different stuff now, since 14.04
<blackflow> as for your actual problem not sure I understand it. and personally I have zero exp. with ARM. Was jsut saying that for any virtualization solutions, same arch or cross arch, qemu is your tool of choice.
<plm> blackflow: ok. I will to try go to 16.4 and after to 18.4. Will try that now.
<plm> blackflow: all right, using qemu =D
<plm> blackflow: hey
<plm> blackflow: sorry. I did to you a wrong information.
<plm> I tried update  14.4 to 16.4 and I have error too, but...
<plm> blackflow: I tried again, without apt-get -f dist-upgrade, but just install the new python version (python3.5) and works
<plm> blackflow: 16.4 dont have python 3.6
<plm> so I will to try chances sources.list to install 3.5
<plm> and after installed I will change sources.list to use bionic, and try apt-get install python3.6
<blackflow> plm: yeah that's totall not advisable. don't install packages from different releases.
<blackflow> *totally
<plm> blackflow: was the unique form to hace success
<plm> upagrade 14.4 to 16.4 I have error
<blackflow> what error?
<plm> blackflow: moment, I will try again and post here the error.
<plm> blackflow: the qemu is very slow, just wait more a moment =D
<blackflow> you can post it, someone might help, I have to step out for a while
<plm> blackflow: :(
<plm> blackflow: all right
<plm> blackflow: anyway, thanks
<plm> blackflow: are yoy there? This is the error doing upgrade from 14.4 to 16.4:
<plm> /var/lib/dpkg/info/debconf.prerm: 12: /var/lib/dpkg/info/debconf.prerm: pyclean: not found
<plm> dpkg: warning: subprocess old pre-removal script returned error exit status 127
<plm> dpkg: trying script from the new package instead ...
<plm> blackflow: complete log error: http://dpaste.com/0XQF5PZ
<plm> anyone more can help me with this upgrade error?
<_KaszpiR_> pycompile: not found
<plm> _KaszpiR_: yes, I see that.
<_KaszpiR_> https://stackoverflow.com/questions/30962402/dpkg-error-pycompile-not-found
<plm> _KaszpiR_: I did *exactally* that that thared recommend, and not works
<plm> _KaszpiR_: sudo apt-get  -f install; sudo dpkg --configure -a; sudo apt install -f --reinstall python3-minimal
<plm> _KaszpiR_: I tried too that alternative above there
<TJ-> plm: see if there is a file in the system already with "dpkg -S pyclean" and "dpkg -S pycompile"
<plm> TJ-: all right. Please, give me a momento, I crating that scenario again.
<TJ-> plm: it's possible the files are there but they have a shebang line that refers to an executable that is missing (such as the python 2.x vs 3.x issue)
<plm> TJ-: all right. If necessary, and better to upgrade from 14.4 to 16.4, I can remove any packages, and after upgraded to 16.4, install again. Anyway, please, wait, I creating that scenario again to do that commands that yuy paste me.
<plm> TJ-: more some minutes =D
<plm> TJ-: done
<plm> TJ-: root@mintboxa:~# dpkg -S pyclean
<plm> dh-python: /usr/share/debhelper/autoscripts/prerm-pypyclean
<plm> TJ-: python-minimal: /usr/bin/pycompile
<plm> python: /usr/share/debhelper/autoscripts/postinst-pycompile
<plm> TJ-: there are more lines. Complete log is here: http://dpaste.com/174STZ6
<plm> TJ-: and now, what I need to do?
<TJ-> plm: what does "head /usr/bin/pyclean" report?
<TJ-> plm: first line only - the shebang
<plm> TJ-: http://dpaste.com/37MF6BP
<plm> TJ-: root@mintboxa:~# head /usr/bin/pyclean
<plm> #! /usr/bin/python
<plm> # -*- coding: UTF-8 -*- vim: et ts=4 sw=4
<plm> TJ-: I need to change that "#! /usr/bin/python"?
<TJ-> plm: no, I'm trying to check on what to expect. What does "readlink -e /usr/bin/python" report?
<plm> TJ-: root@mintboxa:~# readlink -e /usr/bin/python
<plm> root@mintboxa:~#
<TJ-> plm: also check for "head /usr/bin/pycompile" and use readlink -e on what it shows, too. Ensure both point to executables
<plm> root@mintboxa:~# head /usr/bin/pycompile
<plm> #! /usr/bin/python
<plm> # -*- coding: utf-8 -*- vim: et ts=4 sw=4
<TJ-> plm: what does "file /usr/bin/python" report ?
<plm> root@mintboxa:~# readlink -e /usr/bin/pycompile
<plm> /usr/bin/pycompile
<plm> root@mintboxa:~#
<plm> root@mintboxa:~# file /usr/bin/python
<plm> /usr/bin/python: ERROR: cannot open `/usr/bin/python' (No such file or directory)
<plm> root@mintboxa:~#
<TJ-> plm: there is your problem
<TJ-> plm: what does "ls -l /usr/bin/python*" report? It might just be a missing symlink
<plm> TJ-: there is no python.
<TJ-> plm: there should be!
<plm> TJ-: http://dpaste.com/2JFK0GH
<plm> TJ-: many lines, I paste ^
<TJ-> plm: so there is both python2.7 and python3.4 installed but nothing is symlinking from /usr/bin/python. Let's fix that manually with "sudo ln -s python2.7 /usr/bin/python"
<TJ-> plm: now your upgrade problems should be solved
<plm> TJ-: =D Trying again apt-get -f dist-upgrade
<plm> TJ-: debconf pass =D  upgrading...
<plm> TJ-: still upgrading. Is possible to give more power to qemu? Qemu is very slow :(
<TJ-> plm: shouldn't be if you're using KVM hardware accelearion
<TJ-> plm: unless it needs more cores or more RAM of course
<plm> TJ-: this is my qemu start.sh http://dpaste.com/3GRCB9Z
<plm> TJ-: There that ai put more RAM/core dedicated to qemu, or qemu get automatically from my system. My ssytem has 12GB RAM and many cores
<plm> I think is that "-m 1024" that is 1024MB, right?
<TJ-> plm: yes
<plm> "-smp <NUMBER> - Specify the number of cores the guest is permitted to use. The number can be higher than the available cores on the host system"
<plm> I will to try use after upgrade, the "-smp 4" =D
<TJ-> plm: it's an ARM cortex, so can't expect it to be fast. But, is it I/O bound to a slow device such as SDcard?
<plm> TJ-: no, is in MY SATA HD, very fast
<TJ-> plm: ok, what's the device ?
<plm> TJ-: I think is RAM just 1024 the problem, and maybe without -smp param, it get just one core.
<plm> TJ-: Disk /dev/sda: 931,5 GiB, 1000204886016 bytes, 1953525168 sectors
<plm> TJ-: Model Family:     Western Digital Blue
<plm> Device Model:     WDC WD10EZEX-00BN5A0
<TJ-> plm: it's not SATA, the VM says root=/dev/mmcblk0p1 -- mmc is likely an SD card
<plm> TJ-: I dont know why that "root=/dev/mmcblk0p1" I have just one disc in my PC
<TJ-> plm: is it mapping the boot files inside the VM guest as an SD card then?
<TJ-> plm: Ah, further on I see "-sd rootfs.img"
<TJ-> plm: you can use 'iotop' on the host to see if there's a bottleneck there.
<plm> 13391 be/4 root        3.47 K/s  114.65 K/s  0.00 %  1.00 % qemu-system-arm -M realview-pb-a8 -cpu cortex-a8 -m 1024 -ke~.1.1:255.0.0.0:armqemu -sd rootfs.img -initrd initrd.img -usb
<plm> TJ-: ^
<TJ-> plm: maybe it is doing full emulation - not providing any hardware support like KVM does on x86 ?
<plm> pi@deskdev-pi:~$ cat /proc/cpuinfo  | grep -i kvm
<plm> pi@deskdev-pi:~$
<plm> TJ-: ^
<TJ-> plm: there you go then; I know there is kvm support for HYP on ARM - not sure if it is baked in though or you need external (self-built) binaries for that
<TJ-> plm: i see 'kvmtool' is in the Ubuntu archives, so you could install that and use "lkvm" to run the guests
<TJ-> plm: you might also check the kernel was built with CONFIG_KVM
<plm> TJ-: in the host: root@deskdev-pi:~# apt-cache search kvmtool
<plm> kvmtool - Native Linux KVM TOOL
<plm> just install kvmtool in the host?
<plm> and how I call "lkvm" for the qemu guests?
<TJ-> plm: well not 'just' - that's the userspace handler. You need to ensure the CPU/kernel support HYP mode and can load the kvm module
<plm> "CONFIG_KVM" are there easy waty (cat) to check?
<TJ-> plm: you'd need to install kvmtool and "man lkvm"
<plm> ok
<TJ-> plm: "grep KVM /boot/config-$(uname -r)" usually
<plm> CONFIG_KVM_GUEST=y
<plm> many lines, will put on dpaste
<plm> TJ-: http://dpaste.com/0Z4WB3H
<TJ-> plm: the host is ARM yes?
<plm> TJ-: no, is a x86, intel
<plm> model name	: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
<TJ-> Oh! I thought you said it was an ARM coretex
<plm> 3 cores
<plm> sorry if I say wrong
<plm> the guest (qemu) are running the arm
<TJ-> so everything is as expected. you cannot get hardware acceleration (KVM) support for another foreign architecture like ARM
<plm> ohh
<TJ-> so qemu is running in software emulation mode, which is why it is slow
<plm> mut if my qemu was runing a x86, I can get acceleration, right?
<plm> but maybe confifgure more RAM and -smp 3 help =D
<TJ-> when you run a guest of the same architecture as the host, qemu can use KVM to allow the host CPU to safely execute most instructions with 0 delay. With a different arch, the host has to simulate every machine instruction
<plm> TJ-: Understood.
<plm> TJ-: well, I think is finishing the upgrade to 16.4. after I will upgrade to 18.4 =D
<plm> TJ-: as python problem was fixed, to 18.4 will have no problems, right?
<TJ-> That's one reason I like the PC Engines APU series - based on x86 AMD CPUs - and designed to be routers but can support much more. I've got SSD in one, as well as SD-card, with 4 gigabit ports, and 2 spare mini-pcie slots
<TJ-> plm: I'd hope so :)
<plm> TJ-: please, what model did you bought? I would like to check price on the internet =D
<plm> TJ-: finished upgrade. doing a reboot to check if boot ok
<plm> TJ-:
<plm> TJ-: error after reboot mounting filesystem
<plm> TJ-: I will paste de image becouse is not possible to copy from qemu window
<plm> TJ-: https://paste.pics/3V0PK
<plm> TJ-: are you there
<plm> ?
<plm> TJ-: ping =D
<TJ-> plm: sorry, was at dinner. APU2C4  https://pcengines.ch/apu2c4.htm
<plm> TJ-: hey =D
<TJ-> plm: with this case https://pcengines.ch/case1d2bluu.htm
<plm> I will check later =D Did you see my image with erros?
<plm> *picture
<plm> TJ-: I just did reboot after upgraded
<TJ-> plm: was that when running the guest with qemu?
<plm> TJ-: yes
<plm> TJ-: that picture is just of guest. I have the qemu running on host x86 linux
<TJ-> plm: the only causes of those messages is in containers, not virtual machines
<plm> TJ-: look a new picure
<TJ-> plm ^^^ that I could find, so I'm not sure what is going on there.
<plm> TJ-: https://i.paste.pics/3V0TM.png
<TJ-> plm: "failed to mount tmpfs at/sys/fs/cgroup" suggest sysfs isn't mounted at /sys/
<TJ-> plm: so I suspect something wrong with how systemd is starting up, or on some config it is relying on
<plm> TJ-: but before upgrade boot ok
<plm> was the upgrade make that problem, right?
<plm> maybe to do something before reboot, after upgraded?
<TJ-> plm: I'd doubt it - this shouldall happen automatically
<plm> shit :(
<plm> that was my hope =D
<plm> Are there something to do to change that, maybe before booting?
<TJ-> plm: not sure what is going on. systemd (the init daemon that runs as PID 1) has internal logic to mount sysfs, so maybe that is there but it fails to create cgroup part - there isn't enough info. Can you boot it with "systemd.log_level=debug" on the guest kernel's command line ?
<plm> TJ-: yes
<plm> TJ-: qemu-system-arm: -usb: Could not open 'systemd.log_level=debug': No such file or directory
<plm> TJ-: I did:
<TJ-> plm: you might want to add a serial console to the guest so you can capture the text output, rather than trying to screenshot what may be a LOT of output
<plm> function run_qemu ()
<plm> {
<plm>         qemu-system-arm -M realview-pb-a8 -cpu cortex-a8 -m 1024 -kernel uImage.realview-vm.kernel -net  nic -net tap,ifname=tap0 -append "root=/dev/mmcblk0p1 rootwait rw ip=${QEMU_IP}:${IP}:${IP}:255.0.0.0:armqemu" -sd rootfs.img -initrd initrd.img -usb systemd.log_level=debug
<plm> }
<TJ-> plm: !!!! silly
<TJ-> plm: you have to add inside the quotes for the -append "..." !!
<plm> ohh
<plm> right
<plm> TJ-:         qemu-system-arm -M realview-pb-a8 -cpu cortex-a8 -m 1024 -kernel uImage.realview-vm.kernel -net  nic -net tap,ifname=tap0 -append "root=/dev/mmcblk0p1 rootwait rw ip=${QEMU_IP}:${IP}:${IP}:255.0.0.0:armqemu systemd.log_level=debug" -sd rootfs.img -initrd initrd.img -usb
<plm> TJ-: I tried to run with that conf above ^, but not show more error than last time
<TJ-> plm: so it is failing VERY early then
<plm> plm: :( I was take a look on this: https://github.com/nongiach/arm_now]
<plm> https://github.com/nongiach/arm_now
<plm> TJ-: what do you think ^?
<plm> ubuntu 18.4 on that ^
<plm> arm_now works here, but is not possible install python, and other apps :(
<TJ-> plm: are you doing exploit testing? It doesn't seem ideal for much else
<plm> TJ-: you are rith, I need a full system
<plm> TJ-: look this :
<plm> TJ-: https://gist.github.com/Liryna/10710751
<plm> That ^ I think will works right? I see arm_now in this url, but as comment, o the bottom of page
<TJ-> plm: you could boot the guest as far as the end of the initial ramdisk init script, before it calls the systemd init on the real rootfs - that should give you a busybox shell to investigate from. in that -append="..." add "break=init"
<plm> TJ-: doing now, moment
<plm> TJ-: qemu-system-arm -M realview-pb-a8 -cpu cortex-a8 -m 1024 -kernel uImage.realview-vm.kernel -net  nic -net tap,ifname=tap0 -append "root=/dev/mmcblk0p1 rootwait rw ip=${QEMU_IP}:${IP}:${IP}:255.0.0.0:armqemu systemd.log_level=debug break=init" -sd rootfs.img -initrd initrd.img -usb
<plm> TJ-: pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ sudo ./qemu_start.sh
<plm> Configuring NAT
<plm> TUNSETIFF: Device or resource busy
<plm> qemu-system-arm: -net tap,ifname=tap0: could not configure /dev/net/tun (tap0): Device or resource busy
<plm> TJ-: sorry
<plm> two qemu session
<TJ-> plm: I was about to say that :)
<plm> TJ-:
<plm> works
<plm> Busysbox line
<plm> TJ-: (iniramfs)
<TJ-> plm: right, so "mount" - is there a sysfs at /sys ?
<plm> https://paste.pics/3V0YL
<plm> no
<plm> "mount" show just "mount: no  /proc/mounts"
<plm> TJ-: ^
<TJ-> plm: hmmm
<TJ-> plm: "cat /proc/mounts" ?
<plm> TJ-: https://paste.pics/3V0YW
<TJ-> plm: so it's not pivoted yet.. so we need to track down where the rootfs is right now. do "ls -la" and show me
<plm> TJ-: https://paste.pics/3V101
<TJ-> plm: ahhh, under /root/ I think. Show me "ls -la /root/" please
<plm> TJ-: https://paste.pics/3V108
<TJ-> plm: aha! there's the rootfs! OK "cat /root/proc/mounts"
<plm> TJ-: https://paste.pics/3V10G
<TJ-> plm: we're making progress, there's the sysfs. lets see what is in it "ls -l /root/sys/fs/"
<plm> TJ-: https://paste.pics/3V10T
<TJ-> plm: so the node is there but nothing else in it yet. So it must be systemd's job to mount the cgroup fs there, and then add its other file-systems.
<TJ-> plm: I'm not sure why it isn't doing that then - the initrd is preparing the ground correctly
<plm> hmm
<TJ-> plm: try getting the init to continue to boot to systemd with "exit"
<plm> ok
<plm> TJ-: https://paste.pics/3V112
<TJ-> plm: I wonder if this "autofs4" is the root cause?
<plm> I dont know :(
<TJ-> plm: restart the guest - let it drop to the shell again, then try "modprobe autofs4"
<plm> ok
<TJ-> plm: I suspect that will fail with the same error and so we'll need to search the file-system for it. I'm wondering if it is missing
<plm> TJ-: done, and now?
<plm> "modprobe autofs4" just pass to next line
<TJ-> that suggests it loaded!
<TJ-> try "lsmod | grep autofs"
<plm> "exit"?
<plm> ok
<TJ-> plm: that ought to show the module is loaded
<plm> dont have lsmod
<plm> lsmod: not found
<plm> "lsmod: not found"
<TJ-> oh phooey of course!
<TJ-> because we're not in the real rootfs yet
<plm> TJ-: "/bin/sh: lsmod: not found"
<plm> ok
<TJ-> plm: this may work: "/root/sbin/lsmod | grep autofs"
<plm> TJ-: https://paste.pics/3V11T
<TJ-> plm: lol - so we got the command to work but it expects /proc/modules, and we're at /root/proc/modules! let's do it manually: "grep autofs4 /root/proc/modules"
<plm> TJ-: "grep autofs4 /root/proc/modules" just pass to next line
<TJ-> plm: so no match then.
<TJ-> plm: ok, lets try "find /root/lib/modules -name 'autofs4.ko' "
<plm> "/root/lib/modules" do not exists
<plm> "/root/lib/modprobe.d" exists
<TJ-> plm: eeek, that'd cause the problems alright!
<plm> hmmm
<TJ-> plm: show me "ls /root/lib/modules/"
<plm> :)
<TJ-> plm: all the modules for each kernel version should be under that path
<TJ-> plm: which suggests the dist-upgrade didn't complete correctly
<plm> "ls /root/lib/modules/" show "not file or directory"
<plm> TJ-: I did "apt-get -f dist-ugprade"
<TJ-> plm: now I'm really concerned; that is very broken
<plm> TJ-: after that no error show for me
<TJ-> plm how about "find /root/lib/"
<TJ-> plm: I want to see what IS found
<plm> "find /root/lib/" show many many lines, need to paste?
<TJ-> plm: I think you need to fix this using qemu-static and a chroot, not a virtual machine.
<TJ-> plm: screenshot what you can see, that'll give me an idea
<plm> TJ-: "find /root/lib/" show more than a page, I cant copy more than a page, becouse past in qemu window
<plm> ok
<TJ-> plm: show me the last page
<TJ-> plm: actually no, hang on
<TJ-> plm: show me this instead: "find /root/lib -type d"
<plm> TJ-: https://paste.pics/3V136
<plm> TJ-: https://paste.pics/3V139 "find /root/lib -type d"
<plm> TJ-: https://paste.pics/3V13G "find /root/lib -type d" - page 1
<TJ-> plm: can you remind me of the content of the script on the host that starts qemu?
<plm> TJ-: 	qemu-system-arm -M realview-pb-a8 -cpu cortex-a8 -m 1024 -kernel uImage.realview-vm.kernel -net  nic -net tap,ifname=tap0 -append "root=/dev/mmcblk0p1 rootwait rw ip=${QEMU_IP}:${IP}:${IP}:255.0.0.0:armqemu systemd.log_level=debug break=init" -sd rootfs.img -initrd initrd.img -usb
<plm> TJ-: function run_qemu ()
<plm> {
<plm> 	qemu-system-arm -M realview-pb-a8 -cpu cortex-a8 -m 1024 -kernel uImage.realview-vm.kernel -net  nic -net tap,ifname=tap0 -append "root=/dev/mmcblk0p1 rootwait rw ip=${QEMU_IP}:${IP}:${IP}:255.0.0.0:armqemu systemd.log_level=debug break=init" -sd rootfs.img -initrd initrd.img -usb
<TJ-> plm: the problem seems to be there are no kernel (modules) installed, which means the linux-image-$VERSION-generic packages are missing
<plm> hmm
<plm> Is possible to copy from original qemu image?
<TJ-> plm: ahhh, there is the problem! you're loading the kernel image external to the rootfs, so you've not installed the matching kernel modules
<TJ-> plm: you need the modules that were built with that kernel ("uImage.realview-vm.kernel") so the versions match
<plm> TJ-: http://dpaste.com/0MCCHK1
<TJ-> plm: it's not a 'true' virtual machine
<plm> this is complete start.sh qemu ^
<plm> hmm
<TJ-> plm: as in you're providing the kernel and initrd so the OS in the rootfs doesn't have them, and so it likely doesn't even have access to the correct packages that contain the modules
<plm> TJ-: but how before upgrade that works?
<TJ-> plm: when the system was 14.04 this didn't matter because the init system was upstart and it didn't try to insmod any kernel modules. But systemd expects to be able to
<plm> TJ-: pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ ls
<plm> initrd.img  qemu_start.sh  rootfs.img  uImage.realview-vm.kernel
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<plm> understood
<TJ-> plm: the OS inside the rootfs has no control over its boot device, its kernel, or its initial ramdisk
<plm> what we can to do to fix that?
<plm> TJ-: how is possible to fix that?
<TJ-> plm: usually the OS installs the linux-image-$VERSION-generic (contains kernel + modules) and linux-headers-$VERSION-generic (contains files required to build other modules for that  kernel) and the modules are stored at /lib/modules/$VERSION/ - but your rootfs is mssing all those
<plm> TJ-: are there something to do in qemu config, like as, I will start again 14.4 and upgrade again to 16.4
<TJ-> plm: you need to find the built modules matching that kernel you are using, then install them into the rootfs at /lib/modules/$VERSION/  and then run "depmod --all" to fill the module cache
<TJ-> plm: with the external kernel/initrd there's not a lot you can do - they are not Ubuntu kernels
<plm> TJ-: now, or before upgrade to 16.4?
<plm> hmm
<plm> TJ-: so, are there no solution for this case?
<TJ-> plm: is there not an Ubuntu kernel image that you can use?
<plm> plm: I can use any kernel.
<plm> but that is what I have
<TJ-> plm: where did you get that uImage.realview-vm.kernel ?
<TJ-> plm: because that's where you would need to get the matching modules / headers
<plm> plm: I dont know, this are here many years, i think :(
<plm> TJ-: I dont know, this are here many years, i think :(
<TJ-> plm: is that guest image every run on real hardware, or always as a virtual machine?
<plm> hmm
<plm> TJ-: always ion VM
<plm> TJ-: just after i complete my python app, I generate a package in this arm VM and after send to run in a real armv7
<TJ-> plm: ok, so you could change things then. I'd suggest installing qemu-user-static and binfmt-support on the host, loop-mounting that rootfs and using qemu-user-static to chroot into it
<plm> all right, doing now
<TJ-> that package contains "/usr/bin/qemu-arm-static" which you should be able to call on (automatically if you install binfmt-support)
<plm> TJ-: binfmt-support already installed and now I installed the "qemu-user-static"
<plm> TJ-:  and now?
<plm> "loop-mounting that rootfs and using qemu-user-static to chroot into it" how to do that?
<TJ-> plm: hmm, it is a while since I had to do this, can't recall all the steps now
<plm> TJ-: "mount -o loop rootfs.img /mnt/rootfs"
<plm> ?
<plm> mount -o loop rootfs.img /mnt/rootfs
<plm> https://stackoverflow.com/questions/75862/mount-rootfs-on-loopback
<TJ-> plm: "sudo mkdir /target" then "sudo chroot /target /bin/bash" - if that works you'll be running the *ARM* binaries
<plm> ok
<TJ-> plm: oh yeah, mount loop first!!!
<plm> TJ-: I will stop that lat vm busibox, ok?
<TJ-> plm: "sudo mkdir /target", "sudo mount -o loop rootfs.img /target", then  "sudo chroot /target /bin/bash" - if that works you'll be running the *ARM* binaries
<TJ-> plm: tes
<TJ-> yes
<plm> ok
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ sudo mount -o loop rootfs.img /target
<plm> mount: wrong fs type, bad option, bad superblock on /dev/loop0,
<plm>        missing codepage or helper program, or other error
<plm> TJ-: ^
<plm> oh
<TJ-> plm: hmm, it is ext4 isn't it?
<TJ-> plm: maybe it's due to the OMAP - is it big-endian or little-endian?
<plm> TJ-: good question
<plm> :)
<plm> I think is little endiar
<plm> cortex a8 (armv7)
<TJ-> plm: "file rootfs.img"
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ file rootfs.img
<plm> rootfs.img: DOS/MBR boot sector; partition 1 : ID=0x83, active, start-CHS (0x0,32,33), end-CHS (0x17e,113,51), startsector 2048, 6141952 sectors
<plm> TJ-: ^
<TJ-> plm: hmmm, not much help was it!
<TJ-> plm: it looks like a raw disk image though, mentioning partitions, so you need to do "sudo losetup --partscan /dev/loop0 rootfs.img"
<TJ-> plm: then you should have some /dev/loop0pX nodes, probablly just loop0p1 ?
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ sudo losetup --partscan /dev/loop0 rootfs.img
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ ls /dev/loop0p1
<plm> /dev/loop0p1
<plm> Yes
<TJ-> plm: yay! so then "mount /dev/loop0p1 /target"
<TJ-> with 'sudo' of course
<plm> done
<plm> =D
<plm> mounted
<plm> TJ-: ^
<TJ-> plm: OK, acid test now. "sudo chroot /target /bin/bash" - if this works are you get a root shell (# not $ prompt) then it worked
<TJ-> s/are/and/
<plm> pi@deskdev-pi:~$ sudo chroot /target /bin/bash
<plm> chroot: failed to run command â/bin/bashâ: No such file or directory
<plm> TJ-: ^
<plm> pi@deskdev-pi:~$ sudo chroot /target
<plm> chroot: failed to run command â/bin/bashâ: No such file or directory
<TJ-> plm: OK, check if one exists first: "ls /target/bin/bash"
<plm> pi@deskdev-pi:~$ ls /target/bin/bash
<plm> /target/bin/bash
<plm> TJ-: yes, exists
<TJ-> plm: now we'll check it is ARM format: "file /target/bin/bash"
<plm> TJ-: pi@deskdev-pi:~$ file /target/bin/bash
<plm> /target/bin/bash: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 2.6.32, BuildID[sha1]=3b053d97ab6f0b39d06f6a7dc204f5398b29cb68, stripped
<TJ-> plm: good, so the problem here then must be qemu-arm-static not being called
<plm> TJ-: "qemu-user-static" was what you say to me install
<plm> "qemu-arm-static" do not exists
<TJ-> plm: "pastebinit <( update-binfmts --display | grep -C 6 qemu-arm )"
<plm> TJ-: pi@deskdev-pi:~$ pastebinit <( update-binfmts --display | grep -C 6 qemu-arm )
<plm> http://paste.ubuntu.com/p/VfCfMQRFFH/
<TJ-> so they're there and installed
<plm> TJ-: root@deskdev-pi:~# apt-cache search qemu-arm-static
<plm> root@deskdev-pi:~#
<plm> root@deskdev-pi:~# apt-cache search qemu-user-static
<plm> qemu-user - QEMU user mode emulation binaries
<plm> qemu-user-static - QEMU user mode emulation binaries (static version)
<plm> "qemu-user-static" already installed
<TJ-> it' so long since I needed to do this I can't recall all the nuances, but everything looks correct
<plm> TJ-: maybe change in the /target to have a bash
<plm> TJ-: pi@deskdev-pi:/target$ ls
<plm> bin  boot  dev  etc  home  lib  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
<plm> pi@deskdev-pi:/target$
<TJ-> plm: show me "ls /proc/sys/fs/binfmt_misc"
<plm> TJ-: on the target ou host?
<plm> pi@deskdev-pi:~$ ls /proc/sys/fs/binfmt_misc
<plm> cli  jarwrapper  python3.5  qemu-aarch64  qemu-arm    qemu-cris  qemu-microblaze  qemu-mips64    qemu-mipsel  qemu-ppc64       qemu-ppc64le  qemu-sh4    qemu-sparc        qemu-sparc64  status
<plm> jar  python2.7   python3.6  qemu-alpha    qemu-armeb  qemu-m68k  qemu-mips        qemu-mips64el  qemu-ppc     qemu-ppc64abi32  qemu-s390x    qemu-sh4eb  qemu-sparc32plus  register      wine
<plm> pi@deskdev-pi:~$
<plm> TJ-: host ^
<TJ-> plm: goood
<TJ-> aha!
<plm> what? =D
<TJ-> plm: "sudo cp /usr/bin/qemu-armeb-static /target/usr/bin/"
<TJ-> plm: "sudo cp /usr/bin/qemu-arm-static /target/usr/bin/"
<TJ-> plm: then "sudo chroot /target /bin/bash"
<plm> TJ-: works
<plm> =D
<TJ-> plm: want me to explain why?
<plm> TJ-: becuse guest do not know that is a static arm?
<TJ-> well no.. you recall we did "update-binfmts --display" and part of that showed "interpreter = /usr/bin/qemu-arm-static"
<plm>  interpreter = /usr/bin/qemu-arm-static
<plm> line 33
<computa_mike> Hi - I'm running festival on a virtual Ubuntu Server - Is there a virtual soundcard device I can use that will allow me to render test to speech on the server?  See reference to snd_dummy.  Is this the right way to go?
<plm> instead /bin/bash is /usr/bin/qemu-arm-static?
<TJ-> so, when we chroot the into /target/ that becomes the new root dir, so when the kernel recognises the 'magic' bytes of /bin/bash as being for ARM it tries to execute /usr/bin/qemu-arm-static *inside* the chroot - so we had to copy those in
<plm> TJ-: ohh, now in a real "system"
<TJ-> plm: you still don't have the proc sys dev file-systems so the guest won't have any network right now I doubt, so we'll need to do that now we have the chroot working
<plm> ok
<TJ-> plm: try "ping 1.1.1.1" - I expect it to fail :)
<plm> root@deskdev-pi:/# ping 1.1.1.1
<plm> PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
<plm> Unsupported ioctl: cmd=0x8906
<plm> 64 bytes from 1.1.1.1: icmp_seq=1 ttl=55 time=17.9 ms
<plm> TJ-: ^
<TJ-> plm: eeek! I didn't expect that :D
<TJ-> plm: let's test DNS. "ping iam.tj"
<plm> TJ-: but a ioctl problem
<plm> root@deskdev-pi:/# ping iam.tj
<plm> ping: unknown host iam.tj
<TJ-> plm: right, no DNS as yet
<plm> TJ-: change the resolv.conf?
<TJ-> without DNS we can't use apt to install packages
<plm> TJ-: ok, I will put "nameserver 8.8.8.8" on /etc/resolv.conf, right?
<TJ-> no, do "exit" to return to the host
<plm> TJ-: ok
<plm> TJ-: after exist /target continuit mounted
<TJ-> then do "sudo mount --bind /etc/resolv.conf /target/etc/resolv.conf" - this puts the host's dns config inside the guest.
<plm> TJ-: df show mounted
<TJ-> then do "chroot /target /bin/bash" again, and try "ping iam.tj"
<plm> ok
<plm> TJ-: pi@deskdev-pi:~$ sudo mount --bind /etc/resolv.conf /target/etc/resolv.conf
<plm> pi@deskdev-pi:~$ chroot /target /bin/bash
<plm> chroot: cannot change root directory to '/target': Operation not permitted
<plm> pi@deskdev-pi:~$
<TJ-> 'sudo'
<plm> ohh
<plm> TJ-: done
<TJ-> sorry, I forget it sometimes
<TJ-> test the ping
<plm> TJ-: root@deskdev-pi:/# ping iam.tj
<plm> PING iam.tj (109.74.197.122) 56(84) bytes of data.
<plm> Unsupported ioctl: cmd=0x8906
<plm> 64 bytes from astute.ly (109.74.197.122): icmp_seq=1 ttl=50 time=210 ms
<TJ-> plm: OK we'll ignore that ioctl for now
<TJ-> we have DNS
<TJ-> so you can do "apt update"
<plm> TJ-: doing "apt update"
<plm> TJ-: done
<TJ-> which means you can then do "apt install linux-image-generic linux-headers-generic"
<plm> TJ-: ok, doing
<plm> TJ-: downloading
<plm> 0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded.
<plm> After this operation, 384 MB of additional disk space will be used.
<TJ-> this may break because it'll want to install GRUB boot-loader I think - which may mean we need the devtmps mounting (from outside)
<TJ-> cancel it for now with Ctrl+C if you haven't already said "yes"
<plm> ok
<plm> ok, canceled
<plm> yes, I did yes
<TJ-> because the VM was using mmcblk device, and now we're using a loop, we may have problems configuring this
<plm> TJ-: problem just with grup?
<TJ-> plm: but.. now you can use the rootfs in this way (with qemu-arm-static) do you need to run this as a VM any more?
<plm> *grub
<plm> TJ-: anymore?
<plm> TJ-: I not understand. we can do anything with this VM
<plm> TJ-: I have original saved
<plm> TJ-: original with 14.4
<TJ-> plm: no, I mean something different.
<TJ-> What I mean is, now you are able to directly run programs (using this chroot method) in the ARM rootfs, will you still need to run it as a virtual machine with QEMU ?
<plm> TJ-: oh, do you say if I need to run like as befode, starting start.sh on qemu?
<plm> TJ-: no, this way is fine if I can run everything like as a qemu MACHINE
<plm> TJ-: maybe just fix that ioctl =D
<TJ-> plm: right now the only different is, mounting via chroot, the init system doesn't run, so it doesn't start like a 'real' PC or virtual machine does
<TJ-> plm: if you need it to start system services we'd need to do some more work for that.
<plm> TJ-: all right, it dont have a IP addres too.
<TJ-> plm: correct, it's part of the host, not a separate 'pc'
<plm> TJ-: no, this is fine. Can I use full apt-get etc etc, right?
<plm> Thumpxr: no prlbmea about not ipadress, I copy via cp the files com guest to host and vice versa
<TJ-> plm: yes, as long as you do that mount --bind for /etc/resolv.conf
<plm> TJ-: so, now can I upgrade to 18.4?
<TJ-> plm: errrrrr! you really like trying to break things don't you!? :D
<plm> TJ-: hahaah
<TJ-> plm: do you have a snapshot of it as it is now, in case it goes wrong ?
<plm> TJ-: I need python3.6
<plm> 16.4 has just python3.5
<TJ-> plm: if you have a snapshot/copy of the current rootfs then sure, try a do-release-upgrade
<plm> "do you have a snapshot of it as it is now, in case it goes wrong ?" not yet. Bu I can save this vm that we are working.
<TJ-> plm: if you need to make a snapshot you'll need to exit the chroot and unmount and close the loop device first
<plm> I do a copy and upgrade to 18.4 in the new copy
<plm> TJ-: allright, trying that now
<TJ-> plm: so you'd do "exit"  then "sudo umount /target/etc/resolv.conf; sudo umount /target; sudo losetup -d /dev/loop0"
<TJ-> plm: if all that works you can safely make a copy of the rootfs.img
<plm> pi@deskdev-pi:~$ sudo umount /target/etc/resolv.conf
<plm> pi@deskdev-pi:~$ sudo umount /target
<plm> pi@deskdev-pi:~$ sudo losetup -d /dev/loop0
<plm> pi@deskdev-pi:~$
<plm> TJ-: doing a copy
<plm> TJ-: done, now go to chroot again right?
<TJ-> plm: once you've made a copy, then "sudo losetup -P /dev/loop0 rootfs.img; sudo mount /dev/loop0p1 /target; sudo mount --bind /etc/resolv.conf /target/etc/resolv.conf" then "sudo  chroot /target /bin/bash"
<plm> TJ-: i@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ sudo losetup -P /dev/loop0 rootfs.img
<plm> losetup: rootfs.img: failed to set up loop device: Device or resource busy
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<TJ-> plm: did you check it was correcly detached before you did the copy? use "losetup -a" to list the active loops
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ losetup -a
<plm> /dev/loop0: []: (/home/pi/tmp/tmp/vm-cortex_a8_omap3/rootfs.img)
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<plm> TJ-: ^
<TJ-> plm: right so it wasn't detached earlier. OK. best to make sure it gets detached, and redo the copy
<plm> TJ-: ok
<TJ-> try "sudo losetup -v -d /dev/loop0" then check it has gone with "losetup -a"
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ sudo losetup -v -d /dev/loop0
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ losetup -a
<plm> /dev/loop0: []: (/home/pi/tmp/tmp/vm-cortex_a8_omap3/rootfs.img)
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<plm> TJ-: ^
<TJ-> plm: something still has a handle to it, we need to find out what.
<TJ-> plm: try "mount | grep target"
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ mount | grep target
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<TJ-> plm: strange! how about "sudo lsof /dev/loop0p1"
<TJ-> plm: actually, does "ls /dev/loop0p1" list the node?
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ sudo lsof /dev/loop0p1
<plm> lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
<plm>       Output information may be incomplete.
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ ls /dev/loop0p1
<plm> /dev/loop0p1
<TJ-> plm: right, so "losetup -d" didn't remove it - meaning something has it open
<TJ-> plm:  try "sudo lsof | grep target"
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ sudo lsof | grep target
<plm> lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
<plm>       Output information may be incomplete.
<plm> TJ-: ^
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<plm> ohh
<plm> my GUI
<TJ-> plm: oh grrrr!
<TJ-> plm: *shoot* it :D
<plm> TJ-: when that command was start, the GUI show the mount point
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$ losetup -a
<TJ-> plm: of course, those interfering GUIs
<plm> pi@deskdev-pi:~/tmp/tmp/vm-cortex_a8_omap3$
<plm> doing backup again
<TJ-> plm: yay! so copy then rebuild
<plm> *snapchot
<TJ-> plm: once you've made a copy, then "sudo losetup -P /dev/loop0 rootfs.img; sudo mount /dev/loop0p1 /target; sudo mount --bind /etc/resolv.conf /target/etc/resolv.conf" then "sudo  chroot /target /bin/bash"
<plm> TJ-: done =D
<plm> root@deskdev-pi:/# uname -a
<plm> Linux deskdev-pi 4.4.0-101-generic #124-Ubuntu SMP Fri Nov 10 18:29:59 UTC 2017 armv7l armv7l armv7l GNU/Linux
<plm> root@deskdev-pi:/#
<plm> root@deskdev-pi:/# ping 8.8.8.8
<plm> PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
<plm> Unsupported ioctl: cmd=0x8906
<plm> that ioctl is a problem?
<TJ-> not sure, but is the ping not working now?
<plm> root@deskdev-pi:/# cat /etc/apt/sources.list
<plm> deb http://ports.ubuntu.com/ubuntu-ports/ xenial main universe
<plm> deb http://ports.ubuntu.com/ xenial main restricted universe multiverse
<plm> ok, changing to bionic and upgrade
<plm> all right?
<plm> TJ-: ^?
<TJ-> plm: that ioctl warning - could be 16.04 specific. This issue seems to suggest 18.04 will be OK: https://github.com/ryankurte/docker-rpi-emu/issues/11
<TJ-> plm: yes. do "do-release-upgrade"
<plm> "do-release-upgrade" instead "apt-get update; apt-get -f dist-upgrade"?
<TJ-> plm: yes
<plm> "/etc/apt/sources.list" 3L, 136C written
<plm> E138: Can't write viminfo file /home/pi/.viminfo!
<plm> Press ENTER or type command to continue
<TJ-> d-r-u looks for the release files correctly
<TJ-> plm: did you alter /etc/apt/sources.list ? You shouldn't - d-r-u will do that correctly
<plm> TJ-: save file, but show that error, why?
<plm> root@deskdev-pi:/# ls -l /etc/apt/sources.list
<TJ-> plm: because there is no user 'pi' inside the chroot?
<plm> -rw-r--r-- 1 root root 136 Oct  6 22:52 /etc/apt/sources.list
<plm> ohh
<TJ-> plm: I suspect your host environment copied something over about the 'pi' user. You can check with "env |  grep pi"
<plm> TJ-: http://dpaste.com/253DD9W
<plm> TJ-: I copy just that qemu-static.. to bash remember?
<TJ-> right, that was why
<TJ-> you can do "export HOME=/root/" to fix that up whilst inside the chroot
<plm> TJ-: "export HOME=/root/" not show more the error, yes
<plm> TJ-: doing "do-release-upgrade"
<plm> TJ-: root@deskdev-pi:/# do-release-upgrade
<plm> bash: do-release-upgrade: command not found
<plm> root@deskdev-pi:/# apt-get install do-release-upgrade
<plm> E: Unable to locate package do-release-upgrade
<plm> TJ-: are you sure that is "do-release-upgrade"?
<TJ-> hang on
<TJ-> plm: "apt install ubuntu-release-upgrader-core"
<plm> TJ-: ohh, in my host that is the "16.4" has "do-release-upgrade", but the host is x86
<plm> ok
<plm> E: Unable to locate package ubuntu-release-upgrader-core
<plm> TJ-: ^
<plm> ohh
<plm> TJ-: I need back to sources.list to xenial
<plm> ?
<TJ-> plm: grrr, on the host do "dpkg -S do-release-upgrade" and see what package it is
<TJ-> plm: YES!!!!
<plm> root@deskdev-pi:~# dpkg -S do-release-upgrade
<plm> ubuntu-release-upgrader-core: /usr/share/man/man8/do-release-upgrade.8.gz
<plm> ubuntu-release-upgrader-core: /usr/bin/do-release-upgrade
<plm> TJ-: do-release-upgrade dont have on guest (ARM)
<TJ-> plm: right, so correct sources.list and try again
<plm> TJ-: maybe dont have that for arm?
<TJ-> plm: it's python code I think so should be :)
<plm> root@deskdev-pi:/# cat /etc/apt/sources.list
<plm> deb http://ports.ubuntu.com/ubuntu-ports/ xenial main universe
<plm> deb http://ports.ubuntu.com/ xenial main restricted universe multiverse
<plm> "apt-get update" done
<plm> root@deskdev-pi:/# apt-get install do-release-upgrade
<plm> E: Unable to locate package do-release-upgrade
<TJ-> plm: "apt install ubuntu-release-upgrader-core"
<plm> TJ-: ^
<plm> works
<plm> =D
<TJ-> plm finally :D
<TJ-> plm: you sure know how to break things :p
<plm> TJ-: hahaa, 16.4 to 18.4 cant break, ubuntu rocks
<plm> TJ-: ubuntu can't break one LTS to another, think about stable servers
<plm> TJ-: installed
<plm> doing "do-release-upgrade"
<plm> what is the diferrence between "do-release-upgrade" and "apt-get -f distyr-upgrade"?
<TJ-> I'm going to go soon, it is past midnight here and my eyes are dying
<TJ-> plm: d-r-u takes care of some corner-case issues
<plm> TJ-: ohh, what time is it?
<TJ-> plm: but other than that it calls dist-upgrade under the hood
<plm> Here is 20PM
<TJ-> I'm in England
<plm> "d-r-u" I not understand this, where you see this?
<plm> TJ-: I'm Brazil.
<TJ-> plm: d-r-u == do-release-upgrade - we often shorten these long names to single-letters like that
<plm> TJ-: ohh
<plm> TJ-: now is very fast
<plm> TJ-: now is faster than inside VM
<TJ-> plm: your ARM image should be now it isn't doing virtual machine emulation
<TJ-> plm: with a VM it has to pretend to have all that hardware too and simulate the way it behaves
<plm> TJ-: but now I have a ARMv7 running?
<plm> the static-qemu dont have the same with chroot?
<TJ-> plm: I suspect it may be possible to use LXD (the container technology) to run a full proper ARM container on your x96 host - but I've never seen anyone do that. I'll investigate that tomorrow
<TJ-> plm: yes, but it only has to simulate the ARM instructions in the binaries, not a whole load of hardware
<plm> TJ-: hmm
<plm> TJ-: now, after upgraded (if no erros) to 18.4, i have a no a "reboot", right? +D
<plm> TJ-: http://dpaste.com/2QQDZBK
<plm> TJ-: look this error ^
<TJ-> plm, no reboot required, correct
<plm> TJ-: yesterday  I tried a updagrade 14.4 to 18.4 and downloaded. Doing fo course, with apt-get -f dist-upgrade.
<TJ-> plm: and you CAN run an LXD  ARM container on X86. See  https://askubuntu.com/questions/816886/how-do-run-an-arm-lxd-container-on-my-intel-host#816887
<TJ-> plm: Answer "no" to that question whilst we investigate it
<TJ-> plm: show me the content of /etc/apt/sources.list (from the 'guest' chroot)
<plm> TJ-: ok, "no" say
<plm> Aborting
<plm> Reading package lists... Done
<plm> Building dependency tree
<plm> Reading state information... Done
<plm> root@deskdev-pi:/# cat /etc/apt/sources.list
<plm> deb http://ports.ubuntu.com/ubuntu-ports/ bionic main universe
<plm> deb http://ports.ubuntu.com/ bionic main restricted universe multiverse
<TJ-> plm: did you change it back to xenial earlier?
<plm> TJ-: yes, just to install the d-r-u
<plm> aftet I nack to bionic
<TJ-> plm: "sed -i 's/bionic/xenial/g' /etc/apt/sources.list "
<plm> After I back to bionic
<plm> root@deskdev-pi:/# sed -i 's/bionic/xenial/g' /etc/apt/sources.list
<plm> root@deskdev-pi:/#
<plm> TJ-: ^
<TJ-> plm: then "cat /etc/apt/sources.list" you should see it is now xenial
<plm> root@deskdev-pi:/# cat /etc/apt/sources.list
<plm> deb http://ports.ubuntu.com/ubuntu-ports/ xenial main universe
<plm> deb http://ports.ubuntu.com/ xenial main restricted universe multiverse
<TJ-> plm: OK, now retry "do-release-upgrade"
<plm> TJ-: doing
<plm> TJ-: stopped in "Reading state information... Done", but before stopped a time in this line too.
<TJ-> give it chance, it should be figuring out what needs doing
<plm> working
<plm> TJ-: done
<plm> TJ-: http://dpaste.com/3JJT5HR
<TJ-> plm: it's not done any package upgrades!
<plm> TJ-: yes, becaouse already with xenial, since last upgrade
<plm> last when I did from 14.4
<TJ-> but it's supposed to be installing the 18.04 bionic packages
<TJ-> what does "dpkg --print-architecture" report?
<plm> TJ-: root@deskdev-pi:/# dpkg --print-architecture
<plm> armhf
<TJ-> that's available in the ports archive too
<TJ-> try "sudo apt update && sudo apt full-upgrade" - see if that suggest package upgrades
<plm> TJ-: http://dpaste.com/2H6PH5B
<TJ-> that's more like it! go ahead :)
<TJ-> looks like d-r-u is broken for armhf
<plm> TJ-: d-r-u change automatically the sources.list right?:
<TJ-> Yes which is why you've got that long list of new packages
<plm> TJ-: ok, "sudo apt update && sudo apt full-upgrade" will be fine to go 18.4?
<plm> =D
<TJ-> yes
<plm> TJ-: so, doing =D
<plm> TJ-: uhull, going to 18.4 ARMv7 =D
<plm> 3 minutes =D
<TJ-> I'm going to leave now before any more errors pop up - I need sleep!
<TJ-> good luck with it. I should be around tomorrow if you need any more help
<plm> TJ-: hey! Thank you so much for today!
<plm> TJ-: you help me so, so much!
<plm> TJ-:Good night, and tomorrow I piong you ifI need more help =D
<TJ-> g'night :)
#ubuntu-server 2018-10-07
<plus2equalsme> Got an odd problem with a fresh install of 18.04.1 server. It's seeing an ntfs drive as vfat.
<plus2equalsme> (ntfs format confirmed in windows and debian desktop)
<ChmEarl> plus2equalsme, ntfs-3g is installed?
<plus2equalsme> ChmEarl yes, result of install attempt is "ntfs-3g is already the newest version (1:2017.3.23-2)."
<ChmEarl> sudo fdisk -l /dev/sdX  <-- see if there is an ESP and an NTFS
<plus2equalsme> Standby, need a couple minutes (drive currently disconnected, stupid of me)
<plus2equalsme> hmmmmm, odd response, stand by while I check a few more things
<plus2equalsme> ChmEarl sudo fdisk -l shows "/dev/sdb1 63 3906963395 3906963333  1.8T  7 HPFS/NTFS/exFAT"
<plus2equalsme> blkid though shows it as type vfat, but, I also got a number of errors when I connected the drive (usb)
<plus2equalsme> I can get the errors into a pastebin of some sort if you need to see them
<ChmEarl> plus2equalsme,  id=7 is ntfs
<plus2equalsme> That's why I got confused. Let me get the errors on device attach into a paste, I'm starting to suspect that's part of the cause.
<plus2equalsme> ChmEarl from dmesg as I plugged the device in https://paste.ubuntu.com/p/JdRzGdgrsH/
<ChmEarl> mount /dev/sdb1 /windows/D -t ntfs-3g
<ChmEarl> prep /windows/D first
<ChmEarl> mkdir -p /windows/D
<ChmEarl> plus2equalsme, if it mounts as ^^ then you can dial in some options for user perms
<plus2equalsme> Getting permission denied on mkdir
<ChmEarl> plus2equalsme, you can use /mnt, I'm used to OpenSuSe conventions
<plus2equalsme> no worries. I did get it to mount using sudo on the commands
<ChmEarl> plus2equalsme, sdb1 is a data drive already populated? or its new and empty?
<plus2equalsme> Already populated
<plus2equalsme> ChmEarl I do have enough disk space elsewhere to temporarily move the data if a format is necessary, but I'd like to keep it as NTFS if possible
<plus2equalsme> Should I be able to use fstab to mount it even with these errors?
<ChmEarl> plus2equalsme, once you mounted it as above did the filesystem look/behave as you expected?
<ChmEarl> plus2equalsme, what you showed in the pastebin is normal when there is no automount
<plus2equalsme> ChmEarl There were two directories that I didn't expect, one a windows trashcan (understandable, it was recently on a windows system) and the other is called 'System Volume Information'
<plus2equalsme> Good to know the pastebin is normal
<ChmEarl> plus2equalsme, try using fstab with noauto so `mount windows/D` does the job
<plus2equalsme> ChmEarl just to make sure I understand, if I use noauto in an fstab I would have to manually remount any time I have to reboot the machine?
<ChmEarl> I use this with a data drive:/dev/sdb1       /windows/D      ntfs-3g rw,users,gid=users,umask=0002,nosuid,noauto 0 0
<ChmEarl> note the `noauto`
<ChmEarl> and I put target user in group users
<plus2equalsme> understand
<plus2equalsme> I'm going to have to finish working on this tomorrow though. Thank you for the help.
<ChmEarl> plus2equalsme, manually remount: yes.. a data drive is always needed
<ChmEarl> isn't always needed
<plus2equalsme> ChmEarl, for my usecase, it is. But, it is easy enough to ssh and remount, just wanted to make sure I knew that it'd be necessary
<chiiiiiz> Hello
<chiiiiiz> I need help with lvm backup
<chiiiiiz> We have a server with 1 hd, 931 Gb. 1 Partition for swap, 1 partition for /boot and the rest is a vg.
<chiiiiiz> No, sorry, swap is part of the vg
<chiiiiiz> 2 lv : swap and /. / ist 903 Gb!!!
<chiiiiiz> We have important data to backup before everything will be virtualized. We can't reboot, since we have jenkins running on the server, and the last time we had an update and a reboot, everything went down, jenkins did not work.
<chiiiiiz> My question is: how can I backup the data. Given that 33% of the/ is used. I read about snapshots, but I do not understand were the snapshots are stored.
<chiiiiiz> I have no choice, I did not setup the server, and I have to cope with that.
<chiiiiiz> can I store the snapshot on a USB HDD? And then mount it and backup the data as an image and as a tar file?
<chiiiiiz> Thanks for your insights
<chiiiiiz> I have thought about shrinking the / lv, but since there is (according to the doc on the internet) a risk af data loss, I 'd rather not try this.
<blackflow> chiiiiiz: first on google for "LVM snapshots"  http://tldp.org/HOWTO/LVM-HOWTO/snapshots_backup.html
<blackflow> meanwhile, I'd make a rsync backup too.
<blackflow> btw... LVM snapshots are to make an atomic copy of the data, not for moving somewhere else by itself
<blackflow> so with rsync, you make a LVM snapshot and then rsync it elsewhere
<chiiiiiz> @blackflow: THanks, I already read this. What is not clear to me, is if the snapshot is stored somewhere on the volume you are "snapshooting", or if you do have to store it somewhere else.
<chiiiiiz> what is the advantage of rsync over other methods?
<chiiiiiz> I will have a USB HD available tomorrow with 1Tb of space.
<TJ-> chiiiiiz: a snapshot is a list of all the extents used by the LV at a point in time. From then on, if the original volume writes anything then it uses Copy-On-Write which allocates a new block for the new data in the original LV - the blocks pointed to by the snapshot remain the same
<TJ-> chiiiiiz: so space will only be consumed if the original LV is writing data because copies of the blocks need to be made
<TJ-> chiiiiiz: so, you could snapshot, mount the snapshot, and use rsync to copy files out of it to your USB mass storage
<chiiiiiz> so I do it directly from the / lv. No need to do the snapshot from another mount or partition. I will only need another mount or partition when backing up the data after mounting the snapshot
<chiiiiiz> TJ-: thanks, it is clearer now. But a rsync of the / does not allow me to 'reuse' the backup for another /, if need be. It is not like a dd.
<TJ-> chiiiiiz: correct. the snapshot is another LV as far as the system is concerned, so you can mount that somewhere and do what you need with it
<chiiiiiz> I fear a dd of 300 Gb lasts days...
<chiiiiiz> dd make an image only as big as the data, or as big as the partition it backs up?
<TJ-> chiiiiiz: what you could do, if the VG has the free space, is shrink the file-system inside the snapshot, and the snapshot LV itself, then copy the result over
<TJ-> chiiiiiz: there's another, sneaky, way to do this you know
<chiiiiiz> The VG is 903 Gb, the lv is 903 Gb, and only used up to 33%
<TJ-> chiiiiiz: instead of a snapshot, wait until you've got the USB drive connected, make it a PV (physical volume), add it to the existing VG, then change the rootfs LV to be a mirror with the USB PV used as the other 1/2 of the mirror. Give it time to sync across fully to the USB, then temporarily freeze the rootfs LV, break the mirror, and unfreeze. You'd get an exact copy of the LV on the USB
<chiiiiiz> So it has the space. As said, I do not want to restart. So if shrinking the LV/FS does not need a restart, I am go for it.
<TJ-> chiiiiiz: I'd suggest experimenting on another PC for either snapshot or mirror sceanrios first, using smaller data sizes, to practice the commands and checking the results, though
<TJ-> chiiiiiz: what file-system does the rootfs use? Generally, you can extend, but not shrink, a live file-system online
<chiiiiiz> OK  I see the logic, but I need to have iot done until tomorrow, no time to experiment...
<chiiiiiz> ext4. It is a ubuntu-server, quite standard, albeit the lvm thing.
<TJ-> chiiiiiz: take the snapshot then, use it as the basis for whatever method you decide on
<chiiiiiz> can a dd run on a live system?
<TJ-> chiiiiiz: right, so you could snapshot, "resize2fs -M /dev/mapper/VG-snapshot", "lvreduce --size XXX /dev/mapper/VG-snapshot" .. read "man lvreduce" for the details. You would need to ensure you do not shrink it smaller than the ext4 file-system
<chiiiiiz> I do not think so
<TJ-> chiiiiiz: it can run yes but you'll get an inconsistent image. dd from a read-only snapshot would be OK though
<chiiiiiz> I think I'll go for a dd of a snapshot, to be able to reuse the dd image to recreate a partition if need be.
<chiiiiiz> TJ-:again my question. If a dd my /, will my image be 903Gb or 350 Gb (33% of it).
<TJ-> chiiiiiz: word of warning - transferring that amount of data in one go over USB could cause corruption - depends on the USB<>SATA bridge, but I've seen LOTS of those devices overheat and fail when doing large continuous transfers
<TJ-> chiiiiiz: the image size will be whatever the size of the containing block device is - in your case, the size of the LV containting the rootfs
<chiiiiiz> TJ-, I feared this would be an issue too...
<TJ-> chiiiiiz: this is why shrinking first is so useful when you've a large file-system that is only partially used
<chiiiiiz> TJ-: so rsync  is in this optic a much better solution. Although in case of a crash we would have to reinstall the server.
<chiiiiiz> and maybe rsync is also faster??
<chiiiiiz> if I format my USB HDD in ext4, does rsync copy the permissions?
<chiiiiiz> or will I have to use a ACL tool to copy the permissions in order to recreate them if need be?
<TJ-> chiiiiiz: yes, rsync can/will copy onwership and modes
<chiiiiiz> OK, rsync it is!!!
<chiiiiiz> Thanks a lot.
<TJ-> chiiiiiz: make sure to read the man-page and test on a small samlpe first :)
<chiiiiiz> I want to format a encrypted partition ( I know the passphrase), so that the partition is not encrypted any longer. Shall i simply mount it, decrypt with the passphrase, start gparted and reformat my partition? I have read about it but I am not sure this change the encrypting... only that it changes the FS.
<mybalzitch> you should be able to just newfs the partition. no need to mount it/decrypt it. Just blow it away
<mybalzitch> if you want to retain the data, you'll have to mount it, decrypt it, copy the data to a place holder, then blow away the partition and copy the data back
<chiiiiiz> mybalzitch: no need to retain any data, only need to remove the cryptage.
<TJ-> chiiiiiz: is it LUKS/dmcrypt? you can use "cryptsetup luksErase/erase ..." respectively
<TJ-> chiiiiiz: you'd also likely need to remove the associated entry from /etc/crypttab and /etc/fstab
<chiiiiiz> TJ-:no entries in /etc/fstab or /etc/crypttab... it was a USB HDD
<chiiiiiz> does ntfs FS store permissions? Still not I guess...
<TJ-> chiiiiiz: ntfs uses ACLs
<chiiiiiz> so if I make my backup on a ntfs formated USB HDD, I can still use the backup with the permissions to restore some data... I have been asked to store the backup on a Windows server... meaning formatting my USB disk in ntfs...
<chiiiiiz> or I create 2 partitions on my USB disk. The first in ntfs, and a second in ext4.. just in case...
<TJ-> charlton: it won't map Linux ownership/modes, no. I thought you were asking if NTFS supports such things
<TJ-> grrr
<TJ-> chiiiiz: it won't map Linux ownership/modes, no. I thought you were asking if NTFS supports such things
