#ubuntu-server 2006-06-19
<A-Kaser> poy poy
<thefish> anyone had any success with xen on dapper?
<thefish> i have booted a xen0 domain, but i cant mount any disks apart from hda!
<A-Kaser> I would like to try yesterday :)
<edneymatias> hello!
<edneymatias> does anybody here know anything about the ubuntu server development and launchpad?
<edneymatias> i wonder where the ubuntu server stuffs are on the launchpad...
<edneymatias> ...or there isn't any separation from the desktop development?
<lionelp> edneymatias: there is no separation from the desktop development
<lionelp> some packages concern desktop, other server
<lionelp> The "server" part, is just a different kernel, different packages ship on the CD, and a longer support for packages labeled "server"
<edneymatias> the same for specifications?
<edneymatias> bugs and so on...
<lionelp> some specifications are proper for server
<lionelp> bugs are in the same repo
<lionelp> packages are in the same repo
<lionelp> like in Debian
<edneymatias> thank you lionelp
<lionelp> you're welcome
<edneymatias> neuralis, ae?
<neuralis> edneymatias: hm?
<edneymatias> neuralis, did you write that spec about desktop management system?
<neuralis> edneymatias: i don't think you're talking to the right person
<edneymatias> neuralis, maybe i don't, in that case i'm so sorry
<edneymatias> :(
<neuralis> no problem
<neuralis> infinity: ping
<edneymatias> see ya
#ubuntu-server 2006-06-20
<infinity> neuralis: Pong, if you're still awake...
<neuralis> infinity: wanted to propose a beer and server talk bof earlier, but that's postponeable
<infinity> It's likely a bit late now, yes.
<infinity> But if you have server specs to propose that you never got in, you should really get some in, we can always get them scheduled for the end of the week.
<neuralis> infinity: ok, good. i have a bunch on standby, and have heard conflicting information on whether we're posting new specs or not. i'll put them up.
<ajmitch> hi infinity, neuralis
<neuralis> ajmitch: hey
<infinity> neuralis: It won't hurt to post them.  Whether or not they can get scheduled depends on time and a bit of luck.
<infinity> neuralis: But having them there is not a bad thing.
<spike> there can be any use for ubuntu of a script able to distribute ssl root certs basically on most of the browsers and OSes?
<spike> had to distrubute certs to quite a lot of workstation so needed some  unattended way to do it and I couldnt find one
<infinity> Patch "ca-certificates" to include your root cert, and pop it in a local archive?
<infinity> Though I'm not sure if it plays nicely with web browsers.
<spike> oh, true, there's that on deb. well, clients here are quire different, so are browsers, so I had to come up with something that worked on any sort of OS/browser
<spike> well, most common, FF, konqueror, opera,ie (on windows and linux where available)
<thefish> im getting mount: /dev/hdb1 already mounted or /vms busy when trying to mount a disk after installing and booting a xen kernel, in dmesg i get a line device-mapper: dm-linear: Device lookup failed which could be related, and i can mount the disk with -o,loop
<thefish> any ideas?
* asw waves - anyone using Ubuntu on the multicore UltraSPARC T1 ("Niagara") processors? 
#ubuntu-server 2006-06-21
<fabbione> asw: i do
<asw> fabbione - OK.  I have a t2000, 8 cores, 16gb RAM sitting in a box (evaluation unit).  I'm thinking of trying Ubuntu on it.
<fabbione> asw: well just do it..
<tmarble> today one of the things I'm debating is whether I should use silo to dual boot or grub....
<fabbione> did they port grub to sparc?
<fabbione> silo is known to work
<tmarble> pretty sure we contributed some stuff specifically so it would work on sparc
<fabbione> ah
<tmarble> don't know if you can do this with silo, but what I want to do with grub is take advantage of "default saved" so that you can select which OS boots next time (without user interaction)
<fabbione> no need for that in linux :)
<fabbione> echo "$bootoption" > /proc/sys/kernel/reboot-cmd && reboot
<fabbione> and you basically echo in there anything that goes after boot
<fabbione> boot disk
<fabbione> echo "disk"
<fabbione> if you want to boot an old linux image
<fabbione> echo "LinuxOLD" >..
<fabbione> since LinuxOLD is not a device, it will pass it to silo as image
<fabbione> and so on...
<tmarble> you mean, in the case of T2000, that magic-fu sends commends to OBP?
<tmarble> commands
<fabbione> if no images matches attempts to pass it as kernel boot option
<fabbione> exaclty
<tmarble> so, I can say echo "disk1"  > /proc/sys/kernel/reboot-cmd && init 6
<fabbione> in linux you can.. yes
<tmarble> and that will reboot as if I did {0} ok boot disk1
<tmarble> ?
<fabbione> yeps
<tmarble> wow
<fabbione> if diskX is not a device, the default device will be used...
<fabbione> passing that as first arg
<tmarble> cool beans... trouble is once i'm Solaris... getting back may be tricky (unless silo ALWAYS boots to linux!)
<fabbione> in case of lilo the image to boot
<fabbione> why do you need solaris anyway ;)
<fabbione> anyway i need to take off
<fabbione> ttyl
<tmarble> ok.. have fun
* fabbione -> car dealer
<tmarble> 'cause some of us have to do cross-platform stuff ;-)
<fabbione> s/sport car/family car/
<fabbione> sucks to be you :P
<tmarble> understand that dk charges lot's of $$$ to drive
<edneymatias> morning all!
<tmarble> edneymatias, como estavo se?
<asw> fabbione - yah.  How well does it run for you?  Do you have a contact person at Sun?  So far I've been talking to five people and I'd like to say "I want ot use this evaluation unit to try Ubuntu".
<tmarble> asw: umm... I work for Sun ;-)
<neuralis> asw: what you want to try makes no difference to the try and buy program
<neuralis> fabbione: i requested a server for some testing and ubuntu-server development.. it seems like there's only what, one or two people on the team that have sparcs to work on
<asw> tmbarbe - great.  We don't have a lot of staff to try random things.  I was talking to the Sun reps about cost (specifically mentioned I didn't want a node now but here it is.)
<edneymatias> tmarble, tranquilo :)
<tmarble> edneymatias, sorry that's the limit of my portuguese.. ;-)
<asw> neuralis - do you have one yet?
<edneymatias> tmable, :) i'm ok ...while you portuguese ...it's equal to my english...huhuh
<TrioTorus> hmm, even thought /etc/timezone is set to Europe/Brussels, the date command returns a CDT (Central Daylight Time) used in the states.
<TrioTorus> dries@adam:~$ date
<TrioTorus> Wed Jun 21 09:14:13 CDT 2006
<TrioTorus> dries@adam:~$ cat /etc/timezone
<TrioTorus> Europe/Brussels
<TrioTorus> Is there something I'm overlooking that influences date setting? I'm on a non gui server.
<neuralis> TrioTorus: you're overlooking /etc/localtime
<neuralis> TrioTorus: use tzconfig(8)
<neuralis> it'll handle the symlink update for you..
<TrioTorus> neuralis, just figured. Thanks.
<TrioTorus> neuralis, didn't know about tzconfig though
<TrioTorus> Think I'll put in the wiki and update the current settime page cause that only handles gui
<edneymatias> tmarble, where did you learn that?
<tmarble> way, way back when I met some Brazilians at a party...
<tmarble> these days I get my coaching from JavaMan: http://www.javaman.com.br/
<asw> tmarble - maybe you can drop me a line?  await @ genetics.med.harvard.edu
<asw> basically I'd like to get the people that sent me the t2000 talking to the people (at Sun) interested in Ubuntu on Sparc
<fabbione> neuralis: untrue... all the team has access to faure.ubuntu.com for porting tasks
<fabbione> neuralis: and there will be more machines available soon for heavy debugging
<fabbione> neuralis: the one or two are the one that have sparcs at home
<fabbione> but usually -server development doesn't need that
<fabbione> assuming you are a real sysadm that doesn't local access to the machine
<fabbione> doesn't + need
<neuralis> fabbione: even better. then i can run some of these applications i want to test and be done with it.
* fabbione takes off again
<fabbione> now i have a family car and less than 3 weeks to enjoy my sport car :)
<jsgotangco> a family is always a good thing
<neuralis> jsgotangco: so is a sports car :)
<jsgotangco> lol i used to drive 4WD before
<spike> what about a free tank? ;)
<spike> cant remember where I read that article, maybe linuxjournal, but someone came up with something like ms being a family car, OSX a sport car, and linux a free tank
<spike> off, later
<erchache> hi
<erchache> i have a little farm of servers
<erchache> they have 2 nics but i only use 1
<erchache> im thinking to use second for backup
<erchache> because i think will be fast
<erchache> i never use a linux system with 2 nics....
<erchache> are transparent to user?
<erchache> Can i access to two nic resources on same terminal or need to config special thing?
<Dragoonz> hello everyone
<Dragoonz> is there  a place i need to go to get kde for ubuntu server?
<Dragoonz> i'm having trouble with dselect and apt-get install KDE
<lionelp> Dragoonz: this is not a server relative question
<lionelp> you should apt-get install kubuntu-desktop
<lionelp> this is more a #ubuntu question :)
<Dragoonz> kk thank you
<chrish01> anyone know how to disable system beep? i only know how to from the gui :(
<chrish01> found it ... setterm -blength 0
#ubuntu-server 2006-06-22
<bintut> any fai users here?
<bintut> I'm planning to make use of my laptop running Gentoo Linux as my FAI install server and the distribution to be installed to the fresh computers through FAI will either be Ubuntu Dapper or Debian Sarge. Would it be possible and practical?  As much as possible, I don't want to format my system and install either Ubuntu Dapper or Debian Sarge just to make it as a FAI install server.
<A-Kaser> nop
<bintut> nop?
<A-Kaser> never used
<A-Kaser> just used PXE install
<bintut> ah..
<TrioTorus> I'm trying to get webdav to work, would anybody care for a look at my apache config?
<TrioTorus> It's here http://paste.ubuntu-nl.org/16260
<TrioTorus> I'm trying to get a group member read acces, but a user read and write acces
<TrioTorus> but 'Connect to Server' seems to skip "Password for read acces" realm
<TrioTorus> hmm okay, so changing owner and group to www-data seems to work, but what if I want to share content that is not www-data? Do I have to chown manually all of it?
<neuralis> TrioTorus: last i heard, apache+webdav just plain didn't support per-user authentication
<TrioTorus> neuralis, well, it seems to be sucky to say the least.
<TrioTorus> I'm quite disappointed in setting up apache the first time round. Is there any gui config tool that is good out there? I heared webmin doesn't support ubuntu any longer.
<A-Kaser> :)
<TrioTorus> ?
<A-Kaser> apache2-utils can help you
<A-Kaser> but it's not a frontend
<A-Kaser> you have some other web frontend
<A-Kaser> as ispconfig
<A-Kaser> but apache2 is very simple now
<A-Kaser> all the files are splitted
<TrioTorus> yes, I quite like the way it is represented now, but still, I find the permissions hard to get right. Mainly because there seem to be many example config files on the web, but they all differ
<TrioTorus> but I'll check out your pointers.
<A-Kaser> many example ?
<TrioTorus> I mean scattered out on the web
<A-Kaser> what are you doing with  your apache ? or will do ?
<edneymatias> hello all!
<TrioTorus> I'm just trying to get webdav working for clients I have to deliver image sequences to.
<TrioTorus> I should be able to easily allow them upload as well.
<A-Kaser> oh yes
<TrioTorus> Recenlty I read about zope
<A-Kaser> a2enmod dav
<TrioTorus> A-Kaser, yeah, I followed this thread: http://ubuntuforums.org/showthread.php?t=119228&highlight=webdav
<TrioTorus> first thing was: <Location> didn't work for me because my files are actually in the document tree
<TrioTorus> (or at least I think that's the reason)
<TrioTorus> so I changed to <Directory> which worked.
<A-Kaser>         <Directory /home/imagenbib/www/>
<A-Kaser>         AddDefaultCharset Off
<A-Kaser>                 Options FollowSymLinks ExecCGI Includes
<A-Kaser>                 AllowOverride AuthConfig
<A-Kaser>                 <Limit POST GET>
<A-Kaser>                         Order allow,deny
<A-Kaser>                         Allow from all
<A-Kaser>                 </Limit>
<A-Kaser>                 <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
<A-Kaser>                         Order deny,allow
<A-Kaser>                         Deny from all
<A-Kaser>                 </Limit>
<A-Kaser>         </Directory>
<A-Kaser> I have this to disable webdav
<A-Kaser> so replace Deny from all to Allow from all :)
<fabbione> A-Kaser: please don't flood the channel and use pastebin
<A-Kaser> Directory can be changed without problem it's just a virtualhost configuration
<A-Kaser> sorrry fabbione
<A-Kaser> pastebin is too too too slow from Belgium
<A-Kaser> si I miss to you use it
<TrioTorus> A-Kaser, u in Belgium?
<A-Kaser> yes
<A-Kaser> it's bad ?
<TrioTorus> ha, me too
<A-Kaser> :) lol
<TrioTorus> I'm in Gent
<A-Kaser> Mons / Bergen
<TrioTorus> yup
<TrioTorus> I use http://paste.ubuntu-nl.org/ if you care
<A-Kaser> oh yes better :)
<A-Kaser> yesterday pastebin make 2 - 3 mins ...
<TrioTorus> I'm also very confused as to why all of the stuff in my document tree has to belong to group www-data
<A-Kaser> because apache may be able to write on the documents
<TrioTorus> that group isn't my default gid, so everytime I want to make something visible on my webserver, I have to change permissions
<TrioTorus> is there more elegant way?
<A-Kaser> hum
<A-Kaser> change your default umask
<A-Kaser> and add your user to the www-data group
<A-Kaser> and when you make a file user this group
<gapz> hello
<A-Kaser> so all your files will be used with the umask ( 775 )
<TrioTorus> A-Kaser, I have a group urga, which is my company name, and collegues need to acces these files, so my default group has to stay urga
<A-Kaser> you can have more than one group
<TrioTorus> so, although I can add myself to the www-data group, I still have to change permissions when I want to make stuff visible for web surfers.
<spike> ghent?
<spike> who's in Ghent?
<TrioTorus> spike, I am
<spike> cool
<spike> something OT :)
<spike> there should be a huge music festival on the river at some point this summer, have you any idea about it?
<TrioTorus> yes, you probably mean 'Gentse Feesten'
* spike googles
<spike> oh, bollocks, 15-24 :(
<TrioTorus> spike, yup
<TrioTorus> spike, where r u based?
<TrioTorus> It's worth coming down for it.
<spike> yeah, I was sure it was, I met this guy from ghent last summer that told me amazing things about it
<spike> but thought it was in Aug, I'm busy those days in Jul :(
<spike> TrioTorus: .uk
<TrioTorus> It's supposed to be the biggest folk party in Europe
<TrioTorus> (I used to live .uk, only for 3 years or so, London)
<spike> damn, new job is great but 10 days holidays sux :(
<spike> I could be there weekend 15th-16th but those days I'm gonna see bob dylan and ben harper.. already bought the tickets and everything
<TrioTorus> hey, I saw Ben Harper in Brixton Academy 2 years back
<TrioTorus> amazing
<spike> TrioTorus: actually it's kinda weird the festival ends on the 24th.. it's a sat...
<spike> it if it last to sunday I might come over that weekend...
<TrioTorus> 24th is a monday
<TrioTorus> it always ends on a monday, it's called the day-when-wallets-are-empty
<spike> uh, oops, I was looking at jun on the calendar :)
<spike> lovely, I'll see if I manage to find decent flight tickets for that weekend
<spike> TrioTorus: any hint about connections? I guess you still fly to bruxelles then get there by train, eh?
<TrioTorus> spike, got any webpage where I can get to know you a bit better? I'm pretty new around here, would be cool to work myself in a bit.
<TrioTorus> spike, yes, Brussels is only 40 minutes away from Ghent by train.
<spike> a bit better about what? ubuntu-server? stuff available in on the wiki, there's a ServerFAQ + all the specs
<spike> s/in on/is on/
<TrioTorus> spike, if you're in London your best bet is to take Eurostar
<TrioTorus> Is there a command to disconnect all authenticated users from apache?
<TrioTorus> nautilus' 'Connect to server' seems to remember connections authenticated sessions.
<A-Kaser> lol
<A-Kaser> I don't think
<lionelp> TrioTorus: you mean with a basic authentication ?
<TrioTorus> lionelp, Hi, yes, basic authentication
<lionelp> so, there is no memory on the Apache side
<lionelp> the client resend the authentication on each request
<TrioTorus> I'm connecting to a webdav share
<lionelp> the memory is on the client
<TrioTorus> probably yes. Any way to reset it?
<TrioTorus> it's actually gnome-vfs that seems to remember how it was authenticated before.
<TrioTorus> when I enter 'connect to server' and fill in the dialog with the same entries as before, it doesn't come up with the authentication dialog box, even though I did a 'umount volume' right before.
<TrioTorus> This might be wanted behaviour and it could time out, but can I disable it?
<lionelp> The way te reset is linked to the client
<TrioTorus> lionelp, yes, so any way to reset the gnome 'connect to server' thingy?
<lionelp> I do not know, I never used it with webdav (nor http)
<TrioTorus> lionelp, np
<amee2k> hi all
<amee2k> i just installed phpmyadmin-2.8.0.3-debian-1 from the repo. why isn't it possible to execute queries from files?
<A-Kaser> ?
<amee2k> i'll make a screenshot...
<amee2k> http://img221.imageshack.us/my.php?image=sshot1qn.png
<A-Kaser> you have "import"
<A-Kaser> it's not debian
<A-Kaser> it's the news phpmyuadmin release :)
<amee2k> aic
<amee2k> btw the older version was directly from their project page, it is just older
<amee2k> ;)
<Detox> oh boy this is not going well
<Detox> am setting up ubuntu server 6.06 and cannopt find saslauthd file
<lionelp> Detox: what do you mean by "sasalauthd file" ? You mean package ?
<Detox> following the tutorial ,,, everything wenk ok despite typos,,, but now am suppost to ecit /etc/default/saslauthd
<Detox> and it is not there
<lionelp> Which tutorial are you refering to ?
<Detox>  Now we have to edit /etc/default/saslauthd  in order to activate saslauthd. Remove #  in front of START=yes  and add the line PARAMS="-m /var/spool/postfix/var/run/saslauthd -r":
<Detox> vi /etc/default/saslauthd
<Detox> the perfect setup ...
<Detox> on howtoforge
<lionelp> Yep, i understood
<Detox> ok,,,
<lionelp> did you install sasl2-bin package ?
<Detox> where is it hiding?
<Detox> no
<Detox> apt that?
<lionelp> hum... I think this is a good option (at least because /etc/default/saslauthd and the saslauthd daemon are in this package)
<lionelp> Detox: yes
<Detox> ok file is exactly as written>> sas12-bin
<lionelp> it is a L not a 1
<lionelp> yes, it is exactly as written
<Detox> ok doing now .....
<Detox> now ,,,,, am I going to need to restart the sequesnce of configuring or start where i am?
<Detox> would you like to see the page I am at in the isntall?
<Detox> http://howtoforge.com/book/print/1332
<lionelp> you can go on with the edition of /etc/default/saslauthd
<Detox> is installed
<Detox> ok
<Detox> thanks that did the trick
<jeldert> I just installed OpenSSH-server
<jeldert> can i set PermitRootLogin to No? And still login with my "normal" account?
<ajmitch> certainly
<Detox> I am now installing courier pop3 ,, it wants to know if I will be using ISPConfig... do I wnt to do this?
<jeldert> ok, because Ubuntu doesn't have a root account enabled
<jeldert> why is it on by default then?
<ajmitch> I don't know why it's on, really
<A-Kaser> jeldert, because most of people enable it :-)
<A-Kaser> Detox, non
<A-Kaser> ISPConfig is webbases interface to manage some services as email
<Detox> oops I messed up....
<Detox> it asked me if I wanted web-based admin and I said yes
<Detox> will that be a prob?
<A-Kaser> no
<Detox> ok
<Detox> then I wil go on to th next section
<Detox> wow this takes a long time doing all by hand....
<Detox> once I get it all on ,,, wont I still need to have a browser?
<Detox> and a window manager for ease of use?
<A-Kaser> hum
<A-Kaser> don't know
<Detox> I dont mind doing all by comamnd line , but once I put a site on it .. how will I be able to view?
<A-Kaser> are you installing courrier pop3 ?
<Detox> yes did
<Detox> am getting apache2 now
<Detox> then php5
<A-Kaser> I'm not sure if courrier have a webbased interface :)
<Detox> ok , well when I get that far ,, we can tackle it
<Detox> for now ,, jhsut knowing the isntructions are ok will  help a lot
<Detox> as far as email server text will be ok
<Detox> moved on to php5 apt-get ,, said php5-pear is unknown or part of something else .. deleted taht part ans is now geting and isntalling all the rest
<Detox> hello?
<Detox> have ubuntu server installed,,,, now can I isntall a WM without goovering it up?
<Detox> just to make it easier on me?
<jeldert> WM?
<Detox> gnome , fluxbox, etc
<spike> why didnt you install the desktop version then?
<spike> a window manager on a sever is uhm, just wrong
<Detox> was following isntructions on  how to isntall ubuntu server 6.06
<spike> O_O
<Detox> figured it would have at least gnome on it
<spike> and the instructions tell you to install a window manager?
<Detox> no
<Detox> jsut the server functions
<spike> oh, tnx, I ws gonna collapse
<Detox> this is a new thing for me
<Detox> and following docs as written
<Detox> when I put free bsd on a couple of months ago ,, it had gnome so i figured ubuntu would aslo
<spike> Detox: in fact ubuntu provides gnome by default. this is ubuntu-server, doesnt that ring a bell?
<nictuku> :-)
<Detox> when i typed gnome at  term nothing happened
<Detox> and yes I am VERY new
<Detox> so please be gentle
<Zambezi> Detox, startgnome?
<Detox> ok
<Detox> brb
<Detox> command not found
<Zambezi> Detox, Try startx too if it doesn't work. I think it will work with one of them.
<Detox> nope
<Zambezi> Detox, Is xclient-system-core installed and xserver-xorg?
<spike> Detox: if you are very new install ubuntu, NOT ubuntu-server
<Detox> doubt it,,, only files lsited in turorial and i dont remenber those
<spike> it's easy
<Detox> ok so apt-get those 2 then?
<spike> ubuntu-server is for servers, and no WM is of course installed by default
<Zambezi> Detox, Try too install the packages I mentioned.
<Detox> k
<Zambezi> Detox, You can install ubuntu-desktop and you'll get a complete desktop.
<Detox> xclietn not found with apt
<Detox> ok apt-get install ubuntu-desktop right?
<Zambezi> Detox, Yes.
<Detox> me thinks this will take a bit
<Zambezi> Detox, sudo apt-get install ubuntu-desktop. It'll take a little time.
<Detox> is working now
<Zambezi> Detox, And one thing. If you're new a Linux, you got to be patient. Linux is diffrent compare too Windows.
<A-Kaser> h h:)
<spike> Zambezi: to me the word "server" compared to "desktop" isnt really about linux and windows...
<Detox> I was going to build a server on debian, but the google I did recommended ubuntu server
<Detox> oh well learning is fun
<Detox> I had a good working debian box
<Detox> but I dl'd ubuntu server cause the google said so
<Detox> instead of jsut doing everything on my exixting debian box
<A-Kaser> why not
<Zambezi> When I install Dapper serverinstall I can't install cryptsetup-luks from http://einsteinmg.dyndns.org/debian/. Anyone know why? I have Breezy for now, but I would like to have Dapper.
<Detox> I have used linux for about a year now ,, burt nver built a server
<Detox> thought it would be fun
<Detox> two days now into this project
<Detox> hope this apt-get ubuntu-desktop will not mess up alll the wrok i did to build the server
<A-Kaser> Zambezi, what is the error ?
<Zambezi> A-Kaser, Oh, I don't remember. It something that the packages is damage.
<Detox> oh boy ,,, this will rally take a while ,,, my bleeding edge sprint DSL ,,,, almost as good as dial-up
<Detox> 10% complete  yahoooo
<jeldert> I'm configuring openssh-server but I want only local IP's to be able to connect. I've added the option "ListenAddress 192.168.1.10", but now I cannot connect to it
<jeldert> nevermind. I thought it was which host where allowed to connect to it, but it is what IP address the server uses
#ubuntu-server 2006-06-23
<hyperspace> howdy ;)
<hyperspace> anyone alive?
<A-Kaser> oi
<mpathy> Hi there
<mpathy> What would be the best way to install Ubuntu-Server on a rootserver without physical access? I could debootstrap, which leads into a very basic ubuntu, and I could change the sources.list of my minimal debian installation to ubuntu repositorys.. But what would be the best way, to end up in a installation similar to the ubuntu-server cd installation?
<mpathy> Or are there scripts like for Suse?
<lionelp> Hi mpathy
<lionelp> You can debootstrap an Ubuntu (no needs to debootstrap a debian and change your source.lsit to Ubuntu)
<lionelp> I would debootstrap and apt-get ubuntu-base and ubuntu-minimal
<lionelp> What scripts in Suse do ?
<mpathy> lionelp: No its because i have a minimal debian also per default so that would be more convinient
<mpathy> lionelp: you said ubuntu-base and ubuntu-minimal - why is there no ubuntu-server which would lead into the same configuration like from cd? ;)
<lionelp> hum... Good question :)
<mpathy> lionelp: I heard there are scripts who do the exactly same like cd-installations its some kind of shell script startable from a remote console..?
<mpathy> lionelp: thanks :P :)
<lionelp> mpathy: I am not aware of such scripts, but that does not means they does not exists
<mpathy> because like the half of people who have a server only have access to it via ssh and a emerceny console.. and providers who are affordable only offer Suse or Debian
<lionelp> Your emergency console only provide a shell console ? It does not provide a rescue system ?
<infinity> mpathy: There's no "ubuntu-server" package because the server CD doens't install anything more than minimal by default.
<infinity> (Or minimal and standard?  I keep forgetting)
<lionelp> I would say minimal and standard
<lionelp> infinity: as you are here, I have a weird problem, and I do not know how / to who report it
<lionelp> I use autofs-ldap on the workstations on my network
<lionelp> and when they boot, sometimes, on rescent computers, autofs-ldap start before stations get an IP by DHCP
<lionelp> and it does not work :-(
<lionelp> (needs to restart autofs after boot phase)
<infinity> Right, if it can't work until the network is settled, it should be done in /etc/network/if-up.d/ scripts instead of init scripts.
<lionelp> That's a good idea
<lionelp> I will open a bug on autofs so to suggest it
<lionelp> Thanks
<mpathy> sorry was away..
<mpathy> lionelp: I have a shell and also a web frontend where I can choose Suse or Debian Sarge minimal for a reinstallation
<mpathy> infinity: But there are differencies between a ubuntu-server-cd-installation and a ubuntu-cd-installation with the option to have no X11.. ?!?
<lionelp> mpathy: the only differences are the kernel installed by default and the content of the CD
<mpathy> lionelp: No special scripts running after installation?
<lionelp> no special scripts
<mpathy> lionelp: But I thought I have seen a difference between ubuntu installation done with normal ubuntu cd and with ubuntu-server cd
<lionelp> the kernel yes (and sure, it depends on the option you selected in the menu of the alternate CD)
<mpathy> lionelp: Okay then perhaps I will only rewrite the sources.list of my Debian Minimal. Where can I find infos about the kernel they use on Ubuntu-Server and where I find the packages it installs to have a look?
<lionelp> packages.ubuntu.com search for ubuntu-minimal and ubuntu-standard
<mpathy> But hey, okay, I am already lucky when I can use the up-to-date packages plus security updates for them for my server :)
<lionelp> For the kernel, search on packages.ubuntu.com for "linux-image" and have a look on the packages that ends with -server
<lionelp> (the full name depends on your arch)
<mpathy> Thanks - I also read something about a bunch of metapackages for server needs - I really looking forward for them :)
<mpathy> I also was happy to see your server guide describes the dream team postfix and dovecot :) http://doc.ubuntu.com/ubuntu/serverguide/C/email-services.html :)
<screeb> Hi, is the Ubuntu Server Team aware of this thread: http://www.ubuntuforums.org/showthread.php?t=191858 ?
<screeb> It seems like a fork at this time :(
<fabbione> nothing new that hasn't been discussed yet
<fabbione> there was a project to do something similar that died after a week
<fabbione> nobody is willing to do the real work
<fabbione> so people rants and complain..
<fabbione> and there is nothing new about it either
<screeb> where can we find about this project?
<fabbione> server mailing list
<fabbione> the project was callled server express or something
<screeb> ok
<screeb> do you think we can find motived ones about this project?
<screeb> maybe with more people, there will be more motivation :)
<fabbione> that's up to the people.. everybody is welcome to do stuff
<TrioTorus> screeb, u talking about the small business server spec?
<TrioTorus> I just read your http://ubuntuforums.org/showthread.php?p=1172640&posted=1#post1172640
<TrioTorus> I'm also wondering why the sbs spec is still under UbuntuDownUnder/Bof? Wasn't that because of an event that ended long time ago?
<TrioTorus> (on wiki I mean)
<screeb> several specs are linked to this, but here this is the "Web based tools to manage server through web interface" spec
<screeb> https://launchpad.net/distros/ubuntu/+spec/administer-server-via-web-interface
<screeb> but, I agree this is very linked :)
<screeb> is Ubuntu SBS dead?
<TrioTorus> I hope not
<TrioTorus> just discovered this spec, think it needs interlinking with other specs badly. https://launchpad.net/distros/ubuntu/+spec/ubuntu-small-business-server
<TrioTorus> Anybody know Mark Ramm who initiated the spec?
<TrioTorus> not much of a community spirit going on here unfortunately :-(
<infinity> SBS is a worthless spec without first having the software to back it up.
<infinity> If people want to go out and write cute GUI management tools that actually WORK, I'll happily resurrect SBS and make it go.
<infinity> But giving people an install with a bunch of daemons they don't know how to use and a GUI whose sole purpose is to fire up a terminal to manage the system is really silly.
<TrioTorus> infinity, so what do you reccon is the first thing that should happen next?
<screeb> So you think webmin is incomplete, or you think it has to be fully rewrite?
<screeb> s/rewrite/rewrited
<infinity> webmin is poorly-concieved, broken-by-design, and not even included in Ubuntu anymore.
<screeb> ok
<TrioTorus> infinity, what is your idea on using fds as a start
<screeb> and do you think there is a project we can use to begin?
<infinity> TrioTorus: Getting FDS packaged and included in the archive is a goal, but installing it by default isn't going to help any "small business" users withough simple ways to manage it.
<screeb> yes, I think the point is to have a (web?) managment tool
<TrioTorus> infinity, okay, but it currently doesn't have a package maintainer even. Wouldn't it be good to assign one, so a small team could see where it is now and start wrapping it.
<screeb> then why not managing FDS from this tool, but this is not where we have to start from...
<TrioTorus> screeb, not too sure. I think an LDAP implementation would be a good point to start from.
<screeb> we could have a web managment tool that support both OpenLDAP and FDS
<screeb> yes, but this should only be a feature of our managment tool
<TrioTorus> We need to gahter a group that can start on one of the two: fds or openldap, but right now, there is no directionl
<TrioTorus> screeb, network authentication is a pretty basic service a SBS should offer. I don't think there is any doubt that LDAP is the way for that. Since of its growing services that hook onto it, it should be the core thing.
<TrioTorus> of a sbs
<screeb> I think we should have a modular web inteface, then the user could chose the ones he whants to activate.
<TrioTorus> say we want to activate DHCP, NFS, Authentication just by clicking 'enable'. Good, I agree, but doesn't it get silly if after all that he want to implement LDAP?
<TrioTorus> s/want/wants/
<TrioTorus> I think there should be some basic core system there, and hook all the other onto it. The very nature of LDAP.
<screeb> the user could click 'enable LDAP' :)
<TrioTorus> screeb, I think the discussion in the thread leans more towards an easy installable small business server. The users of that shouldn't even need to know exactly what ldap is.
<screeb> I agree such a tool needs to support LDAP, but I think the user should be able not to use it
<TrioTorus> by 'user' I actualy ment 'deployer'
<screeb> well, I have to go
<TrioTorus> oh that 's a pity
<TrioTorus> but hey, keep on discussing
<screeb> yes, but later ;)
<TrioTorus> no probs
<Zambezi> Do you know why cryptsetup-luks can't be installed on Dapperserver? "The packages is broke" or something like that was the errormessages.
<TrioTorus> infinity, would it be possible to schedule a discussion in this forum on SBS?
<infinity> At some point, but certainly not right now.  I'm busy in Paris now, then travelling home, then taking a week vacation at the beginning of July.
<infinity> After all that, I'd be open to sitting down with some people on IRC and discussing SBS stuff.  it came up a bit here in Paris, and my "not worth it until people write management tools that don't suck" opinion was solidified.
<TrioTorus> infinity, okay, I agree it is solidified, but to motivate people to achieve that, some kind of roadmap would be nice.
<TrioTorus> as someone mentioned in the thread 'eat the elephant one bit at a time'
<TrioTorus> s/bit/bite
<TrioTorus> Actually the server specs (braindumps) in launchpad that are already there, are they going to be assigned to the 'edgy' release or is this going to be an 'edgy_server' release?
<infinity> TrioTorus: We always release ubuntu and ubuntu-server simultaenously, since they share the same archive.
<screeb> infinity: what is your point of view? Do you think LDAP should be the core system of SBS?
<TrioTorus> infinity, thx. Actually I think that is great. It means that you would always be able to make the transtion between a desktop and a server system just by choosing packages.
<screeb> And if LDAP is the core of SBS, should all confs be in LDAP server, or should it be possible to configure services from an other way (config files for exemple)?
<screeb> TrioTorus: do you think all services confs have to be in ldap?
<infinity> Oh, eww.  No.
<TrioTorus> screeb, well, LDAP is just a way of storing data in a tree.
<infinity> Making people's config files move to a corruptible LDAP databse is really, really dumb.
<edneymatias> hello all there
<infinity> Use LDAP for what it's good for: Managing individual records (like users and groups), don't try to reimplement the Windows registry in LDAP.
<infinity> There's a reason we don't have a registry, and it's not because we don't know how.
<screeb> I agree ;)
<TrioTorus> well, configuring all different textfiles isn't exactly fun
<TrioTorus> a central registry is not necessarily rejectable, if it is well done and not easily corruptable, why not?
<TrioTorus> do stuff in ldap server --> stream that down to a system conffiles, if ldap is corrupt, protect and keep on using conffiles.
* neuralis cry
<neuralis> TrioTorus: i have a better idea: how about you keep those filthy ldap tentacles miles away from my ages-old, tried and true, perfectly adequate conf files?
<neuralis> if you think centrally managing conf files is a problem, and think "i know, i'll use ldap!", now you have two problems.
<neuralis> for people who need this kind of stuff, cfengine2 et al ar the way to go. indiscriminately choosing to stick things into a database and hope really hard that everything gets easier to manage is.. well, is simply not going to happen in ubuntu server.
<TrioTorus> neuralis, you're not giving reasons.
<neuralis> TrioTorus: i don't have to; you're proposing a change in the way something has worked for thirty or forty years, in the name of handwavy nonsense about ease of management. the burden of proof lies solely on you to prove why this is not a terrible idea, not at all on me to prove why it is.
<neuralis> TrioTorus: as for FDS, ajmitch plans to package it for edgy, last i heard.
<neuralis> ajmitch: can you confirm? --^
<TrioTorus> neuralis, you think different syntax on conffiles is actually a good thing? Isn't that what keeps people to write good admin tools?
<neuralis> TrioTorus: no, i think living in the real world is actually a good thing. you know what the "enterprise architect" and "IT thought leader" crowds were saying when xml rolled around? that it would be the LAST word on config files. that we are soon entering configuration and interoperability nirvana.
<TrioTorus> okay, so it hasn't happened yet. Should we not look any further?
<neuralis> TrioTorus: this massive self-congratulatory xml circlewank aside, somehow i don't see very many xml config files these days. those that i do don't care much at all in the way of any interoperability.
<infinity> We're not going to rewrite the configuration for every single piece of free software in the world.
<neuralis> TrioTorus: the point is that you're proposing blue-sky solutions that would be really nice if they worked, except they can't possibly.
<TrioTorus> infinity, of course not, once there is a good base, people who write a too will adopt the initial idea
<infinity> And if you propose an LDAP<->conffile translator that makes sure they're always in sync, YOU JUST WROTE PARSERS FOR ALL THE CONFIG FILES, so why have them in LDAP as well?
<neuralis> TrioTorus: different software makes (often subtly, but irreconcileably) different demands of their configuration systems; trying to unify them is a battle that you lost before you ever start fighting it.
<infinity> TrioTorus: As an apache upstream maintainer, I can guarantee we wouldn't go and change how apache is configured just because others decided that some new whizbang thing was the standard.
<infinity> Same goes for ISC stuff (like dhcpd and bind)
<TrioTorus> neuralis, okay, so you're putting my feet back on the ground. Fine. But still think there is room for improvement.
<screeb> well, I also think we can not changes erveythings like you say TrioTorus, and I think it would be a bad idea
<neuralis> TrioTorus: by all means, improve away. but before you do, convince yourself that there's no magic bullet.
<TrioTorus> infinity, indeed, whether to have them in ldap or just keep them as textfiles is not relevant.
<screeb> I don't have much time today, I will try to write a paper on who I see the things
<neuralis> TrioTorus: it is relevant; keeping conf files in ldap for no good reason is nuts.
<TrioTorus> okay, conf files shouldn't be in ldap. They don't need to be as they are never going to be queried by other systems. I see that now.
<TrioTorus> the 'write a new parser for every conf file' is still there, and that seems to be the situation linux is in. Forgive me for thinking about blue skies.
<TrioTorus> but those blue skies are the direction that people new to linux/ubuntu are thinking in.
<TrioTorus> I think Ubuntu Desktop does fullfill promises. At this point, easily setting up and managing a server is not a promise of Ubuntu. It can't be right now, but trying to promise that in the future, we could.
<eanders> hi all,
<eanders> does anyone know how to upgrade a server to have a basic xwindows gui?
<lionelp> what a basic xwindows gui is ?
<lionelp> apt-get install xubuntu-desktop to get an XUbuntu desktop
<lionelp> same with ubuntu-desktop or kubuntu-desktop to get a more eavy desktop with Gnome or KDE
<Detox_Elive> hey folks got a prob.....
<Detox_Elive> set up a ubuntu server ,, can access web fine , but my router does not see it
<Detox_Elive> would like to review settings of /etc/network/interfaces ??
<lionelp> Detox_Elive: this is not a #ubuntu-server question, this is a #ubuntu question :)
<Detox_Elive> ok so I ned to go to that room?
<lionelp> yep, that's what you did :)
<Detox_Elive> oki
<edneymatias> how can i manage x to accept remote client connections?
<lionelp> edneymatias: I personnaly do not know, but this is a #ubuntu question, not relative to server
<edneymatias> ok lionelp..thank you...i will also try it there...but...better go to #xorg ;)
<jeldert> How do I add my HP Deskjet (USB) printer to Ubuntu server? I cannot find how to do it anywhere.
<andyakadum> anyone know how to install headless?
<dts> What's the best approach to modify the install CD to include a couple more packages and run a few set up scripts once it's done?
<Detox_Elive> hello folks ,,, got my apache working,, and now am beginning to build my site ,, the question I have is this.... where do I put the actual website?  in the /var/www folder or in my home/ as subfolder?
<MystaMax> if you set it up as /var/www as the default directory then it'll be there
<MystaMax> but you can specify where ever via the .conf file
<MystaMax> but you should ask these questions in #ubuntu. this channel is for server development questions
<Detox_Elive> ok thanks
#ubuntu-server 2006-06-24
<cbx33> hi all
<cbx33> I've just installwed a LAMP server
<cbx33> do I need to setup the user/pass for MYSQL, and if so how?
<neuralis> cbx33: by default, user root has no mysql password; you obviously want to change that for production
<neuralis> cbx33: look at the mysql documentation on dev.mysql.com, use google, or ask on #ubuntu to find out how to do that; this is a development channel.
<Balachmar> Hi I want to downgrade Mysqlserver5 to 4.1, but I can't do that using synaptic
<neuralis> Balachmar: why do you want to do that?
<neuralis> and yes, you can do it in synaptic, but 4.1 isn't security-supported.
<Balachmar> I don't care... I have to get it running before monday, afterwards I will try and port the database to 5.x
<Balachmar> but synaptic causes this error:
<Balachmar> Aborting downgrade from (at least) 5.0 to 4.1.
<Balachmar> dpkg: error processing /var/cache/apt/archives/mysql-server-4.1_4.1.15-1ubuntu5_i386.deb (--unpack):
<Balachmar>  subprocess pre-installation script returned error exit status 1
<Balachmar> Errors were encountered while processing:
<Balachmar>  /var/cache/apt/archives/mysql-server-4.1_4.1.15-1ubuntu5_i386.deb
<Balachmar> E: Sub-process /usr/bin/dpkg returned an error code (1)
<Balachmar> A package failed to install.  Trying to recover:
<neuralis> they're separate packages, as opposed to downgrades in the same-package, different-version sense.
<neuralis> remove mysql-server-5.0, install mysql-server-4.1.
<Balachmar> that is basically what Synaptic is trying to do but fails
<Balachmar> because I had mysql5 server installed, then I selected 4.1 to be installed it then removed 5.0 first (which went ok) but then fails to install 4.1
<Balachmar> I have now reinstalled 5.0 and am now trying to do a complete removal
<neuralis> it should just work. if it doesn't, poke at the preinst, see where it breaks.
<neuralis> i'm on a slow connection, and don't want to suck down both mysql-server packages to test.
<Balachmar> I'm now trying to install 4.1 again
<Balachmar> it seems to have worked
<neuralis> good.
<Balachmar> Hi, I have the following problem: I have written a program, that uses a mysql database
<Balachmar> I have that database running on 2 machines. One is a FC3 with Mysql 4.1.18, the other is Ubuntu 6.06 running 4.1.15
<Balachmar> And the weird thing is, that if I use the FC3 computer as the server everything works fine
<Balachmar> But if I want to use the Ubuntu as the database server it doesn't work
<Balachmar> It logs in, but it returns an empty set, where the FC3 server does return a filled set
<Balachmar> Does anybody have an idea on where the problem might be?
<Balachmar> The ubuntu computer is by the way the same computer as I run the program on, I want to give a demo without having to be connected to the internet
<neuralis> did you actually import your data into the ubuntu database?
<Balachmar> yes
<Balachmar> :)
<Balachmar> Hi again :)
<Balachmar> and I can login to the database from commandline
<Balachmar> I can even login from commandline from antoher computer
<neuralis> okay, and does the mysql CLI client show you the data you expect?
<Balachmar> yes
<neuralis> then obviously it's not the database that's at issue. check your program.
<Balachmar> well, the only thing that I change in a config file, is the server
<Balachmar> so it cannot be anything else
<neuralis> okay, how do you explain what you're seeing then? the database has the data, it's showing you that it has the data, and your program isn't returning it.
<Balachmar> Maybe it is because the database is on localhost this time
<neuralis> and that matters how, exactly?
<Balachmar> although I did change nolisten tcp in gdm.conf
<Balachmar> well, in the standard configuration you are not allowed to connect to localhost using tcp
<neuralis> what does XDMCP *possibly* have to do with your mysql database?
<Balachmar> ghe ghe dunno, I had to change that once, but that was for another databaseprogram
<Balachmar> so that should not be any problem... then
<neuralis> uh, no. no database program will ask you to go and change xdmcp settings.
<neuralis> now, you said your program logs in and then returns empty resultsets. do you KNOW it logs in, or did you just guess that?
<Balachmar> Well, if I fill in another random server name, it will says that it is timed out 3 times
<neuralis> ...
<Balachmar> and with localhost I get no errors except the empty resultset
<neuralis> okay, please take this to #ubuntu or the forums.
<neuralis> it's not a mysql or ubuntu-server problem. most likely diagnosis is pebkac.
<Balachmar> pebkac?
<neuralis> yes.
<Balachmar> what is that?
<Balachmar> Well, thanks for your time anyway!
<Balachmar> Cya
<d3vice> i cant find ubuntu-server at http://lists.ubuntu.com, is it up ?
<neuralis> d3vice: http://lists.ubuntu.com/mailman/listinfo/ubuntu-server
<d3vice> thx neuralis
* ..[topic/#ubuntu-server:neuralis] : Ubuntu Server development discussions | for general support please use #ubuntu | mailing list: http://ln-s.net/B+P | forum: http://ln-s.net/B+Q | CD download: http://releases.ubuntu.com/dapper/
#ubuntu-server 2006-06-25
* ..[topic/#ubuntu-server:irc.freenode.net] : Ubuntu Server development discussions | for general support please use #ubuntu | mailing list: http://ln-s.net/B+P | forum: http://ln-s.net/B+Q | CD download: http://releases.ubuntu.com/dapper/
<J_P> hi all
<J_P> people, what are the sources.list that I need to server ?
<lionelp> J_P: Ubuntu sources.list
<lionelp> Desktop and server share the same repository
<J_P> lionelp: ok.
<J_P> lionelp: when I install ubunu-server it install kernel : root@concord:/etc/apt# uname -a
<J_P> Linux concord 2.6.15-23-server #1 SMP Tue May 23 15:10:35 UTC 2006 i686 GNU/Linux. But my server is a P4 HT, how I know if this kernel is for p4 or AMD ?
<lionelp> J_P: you have "i686" in your uname -a output
<lionelp> it is for 686 arch
<neuralis> J_P: it's the right kernel. please move along.
<lionelp> For AMD, you would see x86_64 (instead of i686)
<J_P> lionelp: for example, if I change my motherboard and CPU and use this d, and new cpu is adm k7. what kenel i install ?
<neuralis> lionelp: actualy, for AMD64 you would. AMD makes x86 processors.
<neuralis> J_P: this is not the appropriate channel. please ask on #ubuntu.
<neuralis> *actually.
<J_P> neuralis: ok, thanks
<lionelp> neuralis: yes sorry it was for AMD64
<J_P> lionelp: there are only two kernel-image for servers : linux-image-server - Linux kernel image on Server Equipment.
<J_P> linux-image-server-bigiron - Linux kernel image on BigIron Server Equipment.
<J_P> The first for example, can I use for amd and p4 ?
<J_P> lionelp: I not understand, becouse has linux-image-2.6.15-25-XXX for 686, amd etc..
<J_P> but if is the server i need user .-server right.. ?
<J_P> but this unic ..-server.. there aren't one ...-server for each arquitecture.. can you examplain me that ?
<J_P> anyone can help me ?
<lionelp> I dot not understand everything, but yes, there is only one -server kernel for each arch
<lionelp> for k7 (AMD x86processor), you need to use the  linux-image-server kernel
<J_P> lionelp: so if I get out this hd (is on p4) and inserto in oterhet machine (server) where is a (amd k7) I dont need change the kernel ?
<lionelp> no
<J_P> what kernel I install then ?
<J_P> lionelp: I not understand what needs that linux-image-2.6.15-25-server on my p4 if there are the linux-image-2.6.15-25-686 (for p4).
<lionelp> J_P: it is a joke isn't it ? We have told you three times what kernel you need :)
<lionelp> Just install linux-image-server
<J_P> lionelp: wiat, calm, i only not understand that..
<J_P> I would like udnerstand..
<neuralis> J_P: please go to #ubuntu to understand this. this channel is for development discussions ONLY, as made abundantly clear by the /topic.
<J_P> neuralis: ok
#ubuntu-server 2007-06-18
<Burgundavia> shawarma: you still around?
<froud> is there an option I can use in dhcp.conf to configure clients with the proxy settings?
<Burgundavia> I have no idea
<Burgundavia> hey froud
<froud> Burgundavia: hey dude
<froud> ;-) good to see you
<froud> Surely there must be a simpler method that WPAD
<froud> s/that/than
<shawarma> Burgundavia: At 5:23 AM, I tend to be asleep. :)
<Burgundavia> shawarma: right, good morning then
<Burgundavia> had a good chat with somebody about mass config, ebox, etc.
<shawarma> Burgundavia: Yes, good morning.
<Burgundavia> does ebox do multiple machine config yet?
<shawarma> Burgundavia: Yup, got an e-mail from him.
<shawarma> Burgundavia: No, it doesn't. Yet. It's planned, but not milestoned.
<Burgundavia> ok, just wondering
<Burgundavia> what else are you working on?
<shawarma> Right now, i'm trying to get iptables to compile again.
<Burgundavia> ahh
<Burgundavia> hey ivoks
<ivoks> hi
<ivoks> and bye :)
<ivoks> bbl
<[miles] > morning guys
<[miles] > anyone know where I can limit the number of terminals that are created on boot please?
<Kamping_Kaiser> inittab probably
* [miles]  will check
<fabbione> [miles] : what release?
<[miles] > 6.06lts
<fabbione> inittab
<shawarma> [miles] : Yes, then inittab is right.
<shawarma> [miles] : For edgy and onwards it would be /etc/event.d/tty*
<[miles] > thanks guys :)
<shawarma> [miles] : np
<Kamping_Kaiser> shawarma, hm. i'll have to try and remember that
<[miles] > damn, I bought $20 of gizmo credit yesterday, confirmed by PP.... but it has not been credited to the gizmo account
<[miles] > fub
<shawarma> gizmo?
<[miles] > nod
<[miles] > www.gizmoproject.com
<[miles] > like Skype, it's client software is pretty shite...
<[miles] > OpenWengo has the best client
<[miles] > but.. it does not support my USB Phone
<shawarma> Go figure. Never heard of it.
<Kamping_Kaiser> dont remember, wengo or gizmo stored the user password in plaintext in gconf. i forget wheich though
* Starting logfile irclogs/ubuntu-server.log
<levander> I've got two links in /etc/apache2/sites-enabled named default and 000-default whose targets is /etc/apache2/sites-available/default.  Is that normal?  
<levander> I'm thinking I should remove one.  What's the standard convention in Ubuntu, to have the link in /etc/apache2/sites-enabled be named default or 000-default?
<levander> I just looked in my svk repository of /etc.  000-default was added during the Feisty upgrade.  default has always been there.
<shawarma> levander: It should be the 000-one.
<shawarma> levander: apache uses the first configured virtualhost as the default, so we prepend 000 to be (almost) sure that it'll be included as the first one.
<levander> shawarma: cool thanks
<levander> should i file a bug saying the upgrade process doesn't delete the old /etc/apache2/sites-enabled/default file doesn't get deleted?
<levander> It just that since feisty has already been frozen, I dunno if official policies would even let anybody fix that bug.
<shawarma> Seeing as including it twice doesn't have any effect at all, I wouldn't bother.
<shawarma> It's safer to leave it around that to try to take all the variablees into account.
<shawarma> Um.. It's safer to leave it around *than* to try to take all the variablees into account.
<levander> With sites-available/default linked to twice, that "NamedVirtualHost *" directive in included twice in the Apache config, and you get some warning during restart about "* not having any Virtual Hosts in it"
<levander> That's the only thing.  I had to google for an hour or so to find out what the problem was.  Finally figured out that it was because of having NameVirtualHost twice, and that it was in there twice because of the two links.
<KennyTheGeek> shawarma: any spare time? :P i got 2 nics now, and a cable...
<KennyTheGeek> the problem is... i can't get it to assign me an adress from it, so i couldnt check if the other part worked :P
<KennyTheGeek> and if i got no IP, i have no chance of doing ANYTHING
<ivoks> ?
<KennyTheGeek> Trying to make my server replace my router.
<KennyTheGeek> my router is locked by my isp, and theres no longer any web interface for it.
<ivoks> eh :/
<KennyTheGeek> and guess what? theres only 6 open, but filtered ports
<KennyTheGeek> so i can't get my server online, outside my network
<KennyTheGeek> so my idea: why not let my server replace it? it should be able to run a dhcp server, and funtion as a roui
<KennyTheGeek> *router
<ivoks> you think ports are blocked on router?
<KennyTheGeek> i KNOW ports a blocked :P
<KennyTheGeek> did a port scan
<ivoks> but... on router at your home?
<KennyTheGeek> yeah
<ivoks> they could be blocked at ISP (this is what my ISP does)
<KennyTheGeek> i got it with my internet connection from my ISP
<KennyTheGeek> mine doesn't
<KennyTheGeek> my ISP allows any sort of communication on any ports
<ivoks> you have to find out IP address of router and it's routing table
<shawarma> ivoks: They're blocked in the router.
<shawarma> ivoks: I've dealt with this particular ISP before.
<ivoks> ok :)
<KennyTheGeek> ivoks: i know the IP, and they locked the routers interface with a serial interface on the back
<shawarma> KennyTheGeek: I don't have time to help you, I'm afraid.
<KennyTheGeek> shawarma: okay then...
<shawarma> KennyTheGeek: Someone else might
<ivoks> KennyTheGeek: use traceroute to find out gateway's IP of your gateway :)
<KennyTheGeek> yeah... but then again. this channel is... a lazy channel
<ivoks> hm
<ivoks> this channel isn't solution provider :)
<ivoks> and your questions aren't about ubuntu-server, but about fooling with your ISP :)
<KennyTheGeek> no, the question is about how i make my Ubuntu driven server replace my router. i got dhcp3-server installed, and webmin to configure it, but it just won't work
<ivoks> do you know how it should work?
<KennyTheGeek> yes
<ivoks> you can't just replace one box with another
<ivoks> and expect it to work, magicaly :)
<ivoks> so, how is your server connected to ISP? over modem?
<KennyTheGeek> i've configured the dhcp3-server and firewall
<KennyTheGeek> yes
<KennyTheGeek> ADSL modem
<ivoks> forget about dhcp server and firewall
<KennyTheGeek> and no, i expect nothing to work "magically"
<ivoks> you have to establish connection to yout ISP first
<KennyTheGeek> no, i need to get an IP, and get connection to my server again as fast as possible, as it is only controlled with SSH and web interfaces. no screens or keyboards
<ivoks> ok
<ivoks> then you need ssh and dhcp3-server
<ivoks> you installed that?
<KennyTheGeek> yes, i got ssh, that's my main means of controlling the server
<KennyTheGeek> and yes, dhcp3-server is installed, but not happy >_>
<ivoks> then you've misconfigured it :)
<KennyTheGeek> i've followed a guide
<ivoks> which one?
<KennyTheGeek> eh...
<KennyTheGeek> moment...
<KennyTheGeek> http://ubuntulinuxhowto.blogspot.com/2006/06/setup-your-computer-to-be-router.html
<KennyTheGeek> that should have made the magical stuff, and making it work :P
<ivoks> omg, webmin
<KennyTheGeek> yeah...
<KennyTheGeek> whats wrong with webmin?
<ivoks> it's no wonder it doesn't work :)
<KennyTheGeek> okay...
<ivoks> ssh to your server
<KennyTheGeek> already done :P
<ivoks> and forget about webmin and 'magic' stuff
<KennyTheGeek> i forgot about magic when i tried Windows 3.11 for the first time >_>
<ivoks> you have two network cards?
<KennyTheGeek> yes
<KennyTheGeek> 1 to the current router, and 1 not connected atm
<ivoks> local network is connected to which one?
<KennyTheGeek> eth0 (onboard)
<ivoks> ok, open /etc/default/dhcp3-server with your favourite editor (vim)
<KennyTheGeek> nano :P
<ivoks> pih...
<ivoks> lazy people :D
<ivoks> there's INTERFACES
<KennyTheGeek> INTERFACES=eth0
<ivoks> add eth0 to it
<ivoks> INTERFACES="eth0"
<KennyTheGeek> its already there
<ivoks> with "?
<KennyTheGeek> ?
<KennyTheGeek> no
<KennyTheGeek> just eth0
<ivoks> add " before and after eth0
<KennyTheGeek> lazy webmin >_>
<ivoks> just to be sure...
<KennyTheGeek> already done
<KennyTheGeek> whats next?
<ivoks> try restarting your dhcp
<ivoks>  /etc/init.d/dhcp3-server restart
<ivoks> does it start?
<KennyTheGeek> yes
<KennyTheGeek> also did before, just didn't work
<KennyTheGeek> when i connected my laptop to eth0, and requested an ip through DHCP, i didn't get one
<ivoks> open /var/log/syslog (less /var/log/syslog)
<ivoks> and go to the end (shift g)
<KennyTheGeek> Wrote 2 leases to file
<KennyTheGeek> all rights reserved
<ivoks> great, then it works :)
<KennyTheGeek> For info go to, nothing of interest
<KennyTheGeek> before it said "Sending on "LPF/eth0/a-long-mac-adress/24"
<KennyTheGeek> and Listening on the same one
<KennyTheGeek> nothing about that now
<ivoks> quit that (q)
<ivoks> and do tail -f /var/log/syslog
<ivoks> on other linux computer, start dhclient eth0:1 or eth1:1
<ivoks> whatever you have
<KennyTheGeek> it started twice, so 2 sets of copyright lines, "for info" lines, and one "Wrote 2 leases to file"
<KennyTheGeek> dhclient?
<ivoks> that's what i said, yes
<KennyTheGeek> dhclient eth0:1 << send dhcprequest?
<ivoks> did your server get dhcp request?
<KennyTheGeek> the problem is, im on the 1st floor, the router is in the basement
<KennyTheGeek> *server
<KennyTheGeek> not router...
<KennyTheGeek> ill have to walk down again >_>
<ivoks> you are connected to your server, right?
<ivoks> you're connected with windows or linux or osx?
<KennyTheGeek> wireless >> wifi router >> router >> server && internet
<KennyTheGeek> Linux on my computers, windows on my sisters/parents
<ivoks> ok, wifi interface is eth1?
<ivoks> run iwconfig on your local computer, not server
<KennyTheGeek> ...
<ivoks> what?
<ivoks> you don't understand me?
<KennyTheGeek> i do
<ivoks> so, can you start dhcp request on your computer or some other computer?
<KennyTheGeek> but im not directly connected, and currently, the server is connected to a port on the router i want to replace
<KennyTheGeek> in a moment
<KennyTheGeek> ill have to walk down, and cable connect
<ivoks> why?
<ivoks> just open your sister's computer and choose your wifi connection, with dynamic IP
<ivoks> anyway...
<KennyTheGeek> that would get it from our WIFI router
<ivoks> your dhcp server on your server is working
<KennyTheGeek> not from the router i want to replace (non wifi)
<ivoks> your problem is that you have wifi router which blocks your's server dhcp
<KennyTheGeek> ill be able to check in a moment
<KennyTheGeek> no
<KennyTheGeek> its not my wifi router >_>
<ivoks> yes it is, if it's also serving DHCP service
<KennyTheGeek> My laptop is connected to a wifi router, which is connected to my other (stupid router) which got internet. the server is also connected to this router
<ivoks> your router is just a switch for local network
<KennyTheGeek> no
<ivoks> yes, it is...
<ivoks> it's gateway for internet
<KennyTheGeek> my WiFi ips are 10.60.61.100-199 and the subnet is 255.0.0.0
<ivoks> but that's not important now... for local computers, it's just a switch
<ivoks> ufff
<ivoks> 255.0.0.0?!
<KennyTheGeek> the other routers subnet is 255.255.255.0, and th ips are 192.168.1.2-192.168.1.something i dont know
<KennyTheGeek> yes
<KennyTheGeek> whats wrong?
<KennyTheGeek> the dhcp server didn't like that adress when i tried it either >_>
<ivoks> 255.0.0.0 could be too much for crapy wifi routers :)
<mralphabet> that's most of the internets!
<KennyTheGeek> the wifi router is fine!!!
<ivoks> :)
<ivoks> mralphabet: ?
<mralphabet> 255.0.0.0 = most of the interwebs
<KennyTheGeek> the router i got from my isp is the problem
<KennyTheGeek> wow :S
<KennyTheGeek> now im in the basement
<ivoks> ok
<ivoks> disconnect server from router
<ivoks> and connect it to your laptops' ethernet
<KennyTheGeek> i just connected it directly to my laptop, and ran sudo dhclient eth0
<KennyTheGeek> DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5
<KennyTheGeek> DHCPOFFER from 192.168.1.16
<KennyTheGeek> DHCPREQUEST on eth0 to 255.255.255.255 port 67
<KennyTheGeek> DHCPACK from 192.168.1.16
<KennyTheGeek> bound to 192.168.1.17 -- renewal in 19111 seconds.
<ivoks> don't do that
<ivoks> as i said, it works
<KennyTheGeek> okay then >_>
<KennyTheGeek> what then?
<ivoks> what kind of connection you have from your ISP?
<KennyTheGeek> im not sure, static IP or dhcp
<ivoks> pppoe or cable?
<KennyTheGeek> DSL, cable
<ivoks> dsl is pppoe :)
<KennyTheGeek> >_>
<fabbione> ivoks: not necessarely
<fabbione> ivoks: i have pppoa adsl
<ivoks> fabbione: right :)
<KennyTheGeek> shawarma: tdc dsl... isnt that cable?
<ivoks> KennyTheGeek: well, you should know what you've buyed from ISP, so we can continue this...
<KennyTheGeek> i didnt buy it
<fabbione> KennyTheGeek: oh you are on TDC
<fabbione> you have dynamic ip
<KennyTheGeek> fabbione: dane?
<fabbione> KennyTheGeek: no, but i live in cph
<KennyTheGeek> i thought so
<ivoks> yay!
<KennyTheGeek> fabbione: cool
<fabbione> KennyTheGeek: tdc gives you a router.. eth/adsl
<ivoks> fabbione: would you be so kind... ?:)
<fabbione> you *usually* have dynamic ip on the adsl port
<fabbione> and then on the internal ethernet a pool of 10.0.0.0/24 addresses assigned via dhcp
<KennyTheGeek> fabbione: they gave me a stupid router, a adsl modem, and a phone connection filter
<fabbione> what kind of adsl modem?
<KennyTheGeek> that can be true, i only know what happens after that stupid router
<KennyTheGeek> Siemens Speedstream 4100
<KennyTheGeek> "Ethernet ADSL Modem"
<fabbione> so you have...
<KennyTheGeek> yes, what do i have? :S
<fabbione> TDC cable -> filter -> modem -> router?
<fabbione> and after the router the pc i guess
<KennyTheGeek> Normal phone line -> filter -> my phone and adsl modem -> router -> another router, my server, and 2 printers
<fabbione> ok... right...
<fabbione> TDC cable = normal phone line
<KennyTheGeek> yeah
<fabbione> we don't care about your phone :)
<fabbione> why 2 routers?
<mralphabet> ethernet router --> ethernet + wireless router
<KennyTheGeek> cause my dad purchased the wifi router. he asked in the shop for WiFi, and thats what he gave him
<mralphabet> --> network
<fabbione> oh i see
<KennyTheGeek> *they
<fabbione> feh that's annoying
<KennyTheGeek> yeah
<fabbione> KennyTheGeek: i suggest you do one step back
<KennyTheGeek> what?
<fabbione> remove the wireless router for now
<KennyTheGeek> then i would loose internet, not a good idea
<fabbione> KennyTheGeek: ok let me explain...
<KennyTheGeek> my laptop is currently connected through that
<fabbione> adsl modem -> router -> pc
<fabbione> get to this setup
<fabbione> you will see that your pc will get ip from the router
<fabbione> in the 10.0.0.0/24 network 
<fabbione> (if they didn't change too much)
<fabbione> that will still work
<KennyTheGeek> no, my stupid router delivers addresses above 192.168.1.2
<fabbione> oh hold on a sec
<fabbione> you are doing all of this because of the TDC router?
<ivoks> he wants to replace it with his own server
<ivoks> cause they are blocking ports
<fabbione> ivoks: yes i am reading the scrollback
<ivoks> but i still think ports are blocked somewhere else, not on the router... but it is possible that they are blocked on the router
<fabbione> KennyTheGeek: you know that if you call up TDC they can unlock it for you but you need to pay something and you lose sw configuration support?
<fabbione> ivoks: they are blocked on the router
<fabbione> ivoks: i know people working at his ISP :)
<ivoks> sounds to me that TDC is lame company :)
<fabbione> ivoks: no, it's a just another money making machine... like any other big telco
<fabbione> they ask money to unlock the router and more money if you mess up
<ivoks> but... it would be easier to maintain it on one place...
<ivoks> well, looking from that angle, sounds like an money-making-idea :)
<fabbione> anyway what KennyTheGeek wants to do strictly assume that the adsl modem will work without the TDC router
<mralphabet> so you want it to be dsl modem --> (eth0)Ubuntu Box(eth1) --> wireless router --> rest of network
<mralphabet> it is very possible that they have mac filtering
* fabbione -> movie
<mralphabet> you may need to find the external mac address of the TDC router and spoof it on eth0 (or eth1, whichever is connected to the dsl modem)
<ivoks> why don't we compile freeradius with openssl support?
<ivoks> ah, never mind :)
<mralphabet> what was the answer?
<KennyTheGeek> but i just wired me to the router, but wifi is priotized over ethernet
<KennyTheGeek> i only got 20 minuttes of batt left
<KennyTheGeek> wait... 10
<KennyTheGeek> fabbione: are you there?
<KennyTheGeek> hello?
<ivoks> mralphabet: license
<KennyTheGeek> ill soon have to run upstairs to charge...
<KennyTheGeek> but when theyre done using the wifi (my sisters/parents) i can connect directly with the wifi routers cable...
<KennyTheGeek> soon is... not
<KennyTheGeek> *now
<mralphabet> ivoks: ahhh
<KennyTheGeek> back
<mralphabet> KennyTheGeek: was I right?
<mralphabet> 14:05 < mralphabet> so you want it to be dsl modem --> (eth0)Ubuntu Box(eth1) --> wireless router --> rest of network
<KennyTheGeek> yes, basicly
<KennyTheGeek> the wifi router should be connected to a switch which my printers in the basement also is connected to
<mralphabet> aren't you the one with a router hanging off the ceiling from an ethernet cable and the server sitting on the floor?
<KennyTheGeek> yeah
<KennyTheGeek> now i replaced it with a longer wire, and got another nic /w long wire
<mralphabet> k, something about this whole situation sounded familiar
<KennyTheGeek> hehe
<KennyTheGeek> but i don't think it uses spoofing, i replaced the router before (not ours, but another companys that wanted a new network... they had tdc, and same modem)
<KennyTheGeek> *mac filtering
<KennyTheGeek> not spoofing
<mralphabet> yeah, k
* KennyTheGeek is tired
<KennyTheGeek> i also, for yet another company, used a LinkSys WiFi router as the router, so they don't use mac filtering :P
<KennyTheGeek> in a moment, ill be back
<KennyTheGeek> thats another reason i don't like that router >_>
* KennyTheGeek wants the command, makeitwork
<KennyTheGeek> someone still here?
* KennyTheGeek legs hurt like s**t...
* dendrobates I'm here
<KennyTheGeek> dondrobates: i meant fabbione, mralphabet or ivok... they where the ones guiding me before...
<KennyTheGeek> this stupid server Just Won't Work(tm)
#ubuntu-server 2007-06-19
<qhartman> Has anyone had success getting HP's various tools and utilities for Proliant machines (which are supported under Debian) working with Ubuntu?
<appellation> To somebody: I'm trying to find out the latest news on porting Edgy to PowerPC (if there is any). Having trouble finding it. Anyone know where to look?
<mralphabet> I am by no means the expert, but it's not something I have seen
<mralphabet> Have you looked in launchpad for any powerpc references?
<shawarma> appellation: Porting it to powerpc? It alread runs there?
<appellation> Right. Good idea. Launchpad is new to me...
<shawarma> appellation: And why edgy? 
<appellation> shawarma: I thought PowerPC isn't supported in Fawn yet.
<shawarma> appellation: Um... You said Edgy.
<shawarma> appellation: And "yet" and "fawn" do not belong in the same sentence. :)
<appellation> Right. So, I was looking for documentation on Edgy, and I'm having trouble finding it.
<shawarma> appellation: Feisty Fawn was released back in April.
<shawarma> appellation: Why are you trying to run edgy?
<shawarma> appellation: If that's what you really want, the iso's are here: http://releases.ubuntu.com/edgy/
<shawarma> appellation: there's powerpc iso's as well.
<appellation> shawarma: Let's clear some things up first. Am I right or wrong: Fawn does NOT run on Fawn.
<appellation> typing too early..ugh
<shawarma> appellation: Um..
<shawarma> :)
<appellation> by which I mean: Fawn does NOT run on PowerPC
<shawarma> appellation: Sure it does.
<appellation> OK
<shawarma> http://cdimage.ubuntu.com/ports/releases/7.04/release/
<appellation> That's great. The documentation I found did not indicate it was supported. Thank you.
<shawarma> It's not an officially supported platform anymore, though (you will not be able to buy support for it).
<shawarma> It works, and there are several core developers using iBooks, so it's not going to be dropped anytime soon.
<appellation> Ah...that's why I was confused. Excellent. I'll go get some coffee now.
<kronus> hi, I have a fresh install of ubuntu server, is mysql set up with a root password out of the box, or do I still have to edit my.conf and set a root pass?
<mralphabet> kronus: you need to set it
#ubuntu-server 2007-06-20
* Starting logfile irclogs/ubuntu-server.log
<ivoks> hi
<stephanbuys> anyone know if Xen virtualization is planned for upcoming server releases?
<ivoks> xen is being worked on and it is in ubuntu universe
<ivoks> it will get into main when it is ready :)
<ivoks> otoh, kernel support for KVM is already included
<stephanbuys> ivoks, I didn't know it was in universe - will check it out. thanks
<cmdln> ive got an issue with apache virtual hosts ... it keeps serving the default page instead of what I have configured in the vhost
<cmdln> any ideas?
<mathiaz> cmdln: how did you configure your virtual host ?
<mathiaz> cmdln: did you configure them in /etc/apache2/sites-available ?
<cmdln> Yes
<cmdln> then ran a2ensite vhostfilename
<mathiaz> cmdln: and there a link in /etc/apache2/sites-enabled ?
<cmdln> yes
<mathiaz> cmdln: did you reload apache ?
<cmdln> yes
<cmdln> nm
<cmdln> i am an idiot
<cmdln> i had dns pointing to the wrong host
<bsdunix> hello?
<coNP> hello!
<bsdunix> my apache2 won't run
<bsdunix> i had apache 1.13 running then removed , purged it, installed apache2 like 5 times...
<bsdunix> sudo /etc/init.d/apache2 start just gives me back my command shell
<coNP> what do the logfiles under /var/log/apache2/ say?
<bsdunix> it is empty
<bsdunix> error.log is blank
<bsdunix> i could start up ssh and give you passwd...
<bsdunix> if only i knew HOW to get ubuntu to dl or start up sshd
<bsdunix> !?
<bsdunix> doing it now
<bsdunix> okay... coNP, you still here?
<coNP> yep
<bsdunix> would you care to ssh into my server and see if you can find problem with my apache2?
* coNP would if you trust me :)
<coNP> put better PM auth. details
<bsdunix> it's only a test run new install
<bsdunix> this sucks
<gnychis> I can print test pages from the CUPS webconfig, and I can print from openoffice, but I cannot print from LPR or any other application... i would greatly appreciate any help
<ivoks> hi
<ivoks> we need aditional kernel modules for LTS
<ivoks> current kernel is too old in dapper
<ivoks> almost every new server i get is unsupported by dapper
<shawarma> ivoks: Which driver are you missing?
<ivoks> new e1000 3w-9xxx
<ivoks> we should have some backporting method
<ivoks> of modules
<shawarma> ivoks: I remeber it was discussed at UDS in Paris. I don't remember the outcome.
<ivoks> well, i guess this is that:
<ivoks> linux-backports-modules-server - Backported drivers for server kernel image
<shawarma> sOunds just about right.
<ivoks> if only it would work :)
<ivoks> i'm looking in feisty
<ivoks> linux-backports-modules-2.6.20-15 is ok, but -16 is not
<ivoks> for -generic
<ivoks> interesting
<ivoks> but there is http://hr.archive.ubuntu.com/ubuntu/pool/main/l/linux-meta/linux-backports-modules-generic_2.6.20.16.28.1_i386.deb
<shawarma> ivoks: Man.. I'm at my in-laws' house. I've found an open wifi nearby, but it's *very* unstable => very frustrating. I may be back later.
<ivoks> :)
<ivoks> does free wifi connection, you can't find stable connection these days :/
<ivoks> s/does/those/
#ubuntu-server 2007-06-21
<leonel> is there a CD  version with  universe ?  I mean  if I need a Server in a Local LAN  with No internet access  how can I install universe Packages  ? 
<malakhi> leonel: you could try https://help.ubuntu.com/community/PackageCDs
<leonel> too easy  ... I overlooked the problem   thanks 
<leonel> malakhi: :)
<malakhi> np
<[miles] > morning guys
<[miles] > fuck, has anyone every seen a problem, that when you use sudo xxxx it gives a resolve error
<Burgundavia> what sort of error?
<[miles] > gethostbyname()
<[miles] > Sudo: unable to lookup xxxxxxxx via gethostbyname()
<shawarma> [miles] : Yes.
<[miles] > shawarma: the hosts is correct...
<[miles] > however..
<[miles] > I notice when I do a hostname -f
<[miles] > it errors
<shawarma> With the same error, I suppose?
<shawarma> [miles] : What does "grep `hostname` /etc/hosts" give?
<[miles] > seems to be working now
<shawarma> \o/
<[miles] > I think the guy had spaces, or something in the file
<[miles] > I did not set up the box
<[miles] > bbias
<ajmitch> usually that's when /etc/hostname isn't setup
<shawarma> ajmitch: Yes, that's bound to cause trouble.
<ajmitch> happened to me yesterday, fresh install on linode
<[miles] > ah all sorted now
<ajmitch> easily fixed
<[miles] > the guy was sweating buckets
<ajmitch> doesn't stop sudo working, usually
<[miles] > trying to migrate him from ShitOS to Ubuntu Server
<[miles] > sorry, CentOS
<shawarma> Honest mistake. :)
<Nafallo> hehe. I've heard something fun about CentOS yesterday that nearly killed me :-)
<[miles] > tell
<shawarma> Nafallo: Yeah, tell us. I've been holding my breath.
<Nafallo> a friend discovered that the damn thing sets the tcp window-size through env WINDOW
* [miles]  is about to pass out from holding his breath
<Nafallo> and he set WINDOW=2 and wondered why things were slow... :-P
<shawarma> O_O
<shawarma> omg..
<Nafallo> :-)
<Nafallo> windowmaker probably uses env WINDOW ;-)
<Nafallo> I really like that the networkthingies took the env from his account :-P
<shawarma> Nafallo: I can't any mention of this anywhere.. How did he find out?
<Nafallo> shawarma: debugging? :-)
<Nafallo> shawarma: spent an hour on it :-P
<ham1979> Hello
<ham1979> I have just upgraded from breezy badger to dapper and my postfix/mailmain/amavis /clamav server has stopped delivering mail
<ham1979> in the log there is postfix/qmgr delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1] :
<shawarma> I can't believe I'm about to say this..
<shawarma> ham1979: have you tried rebooting it?
<shawarma> ham1979: Lots of stuff happens during upgrades and postfix/mailman/amavis/clamav is quite an involved setup..
<ham1979> yep tried rebooting
<ham1979> my amavis was renamed .conf.disabled i think
<shawarma> I've got to go and get some lunch. I can't think properly anymore.
<Tomasz_svk> hi, I have Ubuntu 7.04 Server. I have installed MySQL server there. But if i want to connect there throught PHPMyAdmin at another server, it write Error: #1130 - Host 'support11.cust.nextra.sk' is not allowed to connect to this MySQL server
<mat1980> Tomasz_svk: did you gave access priviledge to the user you use from other host? maybe it has access only from localhost.
<Tomasz_svk> i commented line #bind-address  ... but it nothing done
<Tomasz_svk> If it was allowed, PhpMyAdmin wrote something as Server not respond
<Tomasz_svk> But I don not want to install there Apache + PHP, because it is only game server, I need only MySQL
<mat1980> Tomasz_svk: sorry... I'm not very experienced with mysql.
<Tomasz_svk> is special only mysql support channel?
<Tomasz_svk> thank you for your time
<Tomasz_svk> is special only mysql support channel?
<Tomasz_svk> thank you
<ham1979> I am having trouble with amavis since upgrading from Breezy Badger to Dapper
<ham1979> I realised that the config files are now separate I have copied some changes across but am getting same message delivery temporarily suspended
<shawarma> ham1979: This is amavisd-new?
<hansin321> I forget, but what is the 'standard/usual' location/path where to download and unpack source code to for compilation?  /usr/src?  Thanks.
<ham1979> shawarma - yes amavisd-new 
<ham1979> shouldn't have bothered upgrading!
<malakhi> hansin321: depends on your environment. /usr/src would be where you would put deb sources. /usr/local/src would be raw sources, i think.
<shawarma> hansin321: Your home directory, I suppose.
<shawarma> malakhi: no.
<malakhi> shawarma: oh?
<shawarma> Why would you put source in /usr/src where noone can write?
<hansin321> Thanks malakhi & shawarma.  I suppose either would do.  Good info on .deb vs. .tar.gz
<malakhi> shawarma: root can. That's why I said it depends. If you're compiling for the entire system, then root is obviously doing the work.
<shawarma> No.
<shawarma> You should never log in as root.
<shawarma> You should fiddle with the source as your normal user and when you want to install stuff, you "sudo make install" or whatever.
<shawarma> There's no reason at all why root would be doing the compiling.
<hansin321> shawarma: I have had the same issue.  If you compile from home directory that works, but I have also been told before that /usr/local/src is where a lot of people compile from.  But the root issue makes sense, especially since you only need to be root usually for 'make install'.
<shawarma> hansin321: It used to be very normal for new Linux users to log in as root and do all their work that way. If you're doing that, you've lost already, but in that case it may *feel* right to be doing stuff in /usr/(local)/src, but it's really not.
<malakhi> shawarma: I guess what I should say is that /usr/src, etc are where source code is supposed to be stored, with working occurring in /home
<shawarma> hansin321: Yes, you should. Breezy is ancient and entirely unsupported.
<shawarma> malakhi: In rare cases, yes.
<malakhi> shawarma: that's the FHS standard
<shawarma> hansin321: Sorry. That wasn't for you.
<hansin321> shawarma: Ok, thanks.  So maybe making a ~/src or ~/.src directory for onself might not be a bad idea.
<malakhi> hansin321: despite my debate, that's what I do.
<shawarma> hansin321: I have a src/ directory in my homedir where I do all my work.
<hansin321> Thanks all.  Learned a little more new today.
<shawarma> malakhi: "Source code may be place placed in this subdirectory, only for reference purposes. [35] "
<shawarma> malakhi: From fhs.
<shawarma> malakhi: You can put a reference version of the linux kernel source there, for instance.
<malakhi> shawarma: which is what I just said. You place the source there, and pull a local copy to /home for actual use.
<shawarma> malakhi: You're not supposed to put all that tarballs of source you find everywhere in /usr/src and pull them from there when you need them.
<shawarma> malakhi: That's not what it's for.
<shawarma> ham1979: Yes, you should. Breezy is ancient and entirely unsupported.
<shawarma> ham1979: Was it a very specialized amavisd setup?
<malakhi> shawarma: Well, I'll just agree to disagree with you then.
<shawarma> malakhi: Why, oh why, would you put all the  source code you find in random places in /usr/src ?
<malakhi> shawarma: because multiple people need access to the same source. I know that revision control would be preferred, but sometimes that sort of overhead is unnecessary.
<malakhi> shawarma: And I'm not talking about random source. I'm talking about a package that is frequently recompiled for use by the whole system, and all its users.
<shawarma> malakhi: Right. those are the rare cases I mentioned. :)
<ham1979> shawarma: Not especially - i used http://flurdy.com/docs/postfix/ which doesn't seem too tricky!
<shawarma> malakhi: And even then, revision control is really the way to do it.
<malakhi> shawarma: I guess the misunderstanding is that I use it that way pretty regularly, so it's not rare to me :)
<shawarma> ham1979: I really don't remember what changed from breezy->dapper anymore.
<shawarma> malakhi: Why on earth are you not using a vcs?
<malakhi> shawarma: not worth the hastle. We're not actually altering the source code. Just recompiling against new deps, etc.
<shawarma> ham1979: To be honest, I'd recommend just storing your current config for reference and starting over.
<hansin321> Do any of you know, if I build/compile Asterisk if I need the package 'linux-source' or is 'linux-headers-server' probably enough?
<shawarma> ham1979: I'm pretty sure it's going to be a less painful procedure.
<shawarma> hansin321: neither
<shawarma> hansin321: linux-libc-dev
<hansin321> is that part of 'build-essential'?
<shawarma> hansin321: I believe so, yes.
<shawarma> hansin321: indirecly, yes.
<shawarma> hansin321: It's a dependency of libc6-dev which is a dependency of build-essential.
<hansin321> shawarma: When I compiled before, I think I got an error that was corrected by 'linux-headers-xxx', or at least that is what I remember. 
<shawarma> hansin321: Possibly something about compiler.h?
<hansin321> Well, some of the fine details of this stuff is a little over my head, so not sure why.  It may have been for compiling Zaptel which creates a kernel driver.  That mean a little more?
<shawarma> hansin321: Yes, that's something entirely different. :)
<shawarma> hansin321: In that case, you need the kernel headers.
<shawarma> hansin321: Are the zaptel drivers in Ubuntu not sufficient?
<hansin321> Thought so (once I thout about it).  But still don't need full kernel source, right?
<shawarma> hansin321: Just the headers. linux-headers-`uname -r` probably.
<hansin321> shawarma: Ubuntu stuff is 1.2.X series, and current is 1.4.x.  Asterisk compiles very nice and easy and I wan't to run 1.4.x series.
<shawarma> hansin321: zaptel-source | 1:1.4.3~dfsg-2 | http://archive.ubuntu.com gutsy/universe Packages
<shawarma> hansin321: You could grab that, do the module-assistant dance and be happy. :)
<hansin321> shawarma: That is an option I suppose.  1.4.3 is the latest...  Not sure how to do the module-assistant dancce; Is it anything like the 'Twist' or the 'Hammer-Time' dance ;)
<shawarma> hansin321: almost. :)
<hansin321> I look it up.  Thanks for pointing it out for me...
<shawarma> hansin321: You grab the zaptel-source package from gutsy, install it, run 'module-assistant build zapel' or something to that effect.
<shawarma> hansin321: And then you dance.
<hansin321> shawarma: Thanks.  I'll do the Geico 'Its my birthday, got my car fixed' thingy ;)
<shawarma> hansin321: :)
<hansin321> Thanks all for the help, off to work for me...
<phil_> hello all, I'm having some problems with my LAMP server. keep getting buffer I/O errors on the /home partition and its affecting the servers ability to serve files to the network. anyone able to help?
<dendrobates> phil_: what is the exact error
<phil_> buffer I/O error on device sda2, logical block2129920, then ata1: command 0x25 timeout, stat 0x0d host_stat 0x21, then ata1 translated stat_err 0x0d0/00 to scsi SK/ASC?ASCQ 0xb/47/00
<nictuku> phil_: check dmesg. may be faulty hardware
<nictuku> hm
<phil_> where 'then' is a line break
<phil_> I can't really get to a prompt, when I change screens it just keep filling up with these errors and although I can type stuff, I can't type it at a prompt
<phil_> does that make sense?
<phil_> also, these errors don't show up when I access the box through slogin from another machine. I only see them when I plug a monitor into the server
<dendrobates> phil_: timeout waiting on device sound lise a hardware error to me.  I've had similar problems when a fan nicked a SCSI cable.  
<dendrobates> phil_: You see them when you plug a monitor in because they are being echoed to the console.
<dendrobates> phil_: if you type 'dmesg' from a remote login you will see them as well.
<phil_> ok. I just changed the cables today thinking it might be something like that. I wouldn't be surprised if it was a bust drive considering the bloody thing is only 6 months old!
<dendrobates> phil_: unmount that filesystem and run do an fsck and check for bad blocks.
<phil_> okay, I'll check through dmesg and see if that throws up anything else. Do you think it would be worth checking the drives SMART status? I already did a fsck check and it came out fine.
<mathiaz> phil_: SMART status may be worth checking. It should give you some indication about errors reported by the drive.
<phil_> ok, will do. thanks for the help dendrobates & mathiaz
<dendrobates> phil_:  I forgot badblocks was decoupled from fsck.  you could also try 'badblocks -n /dev/sda2' 
<phil_> ah, okay, I'll try that as well. thanks : )
<bsdunix> anyone here?
<mralphabet> nope
<Triumph|TK> anyone alive?
<shawarma> Triumph|TK: Just ask.
<Triumph|TK> lol
<Triumph|TK> i hate just asking it seems rude
<Triumph|TK> i like to say hi first
<Triumph|TK> my ssh server is giving me connection refused when i try to access it
<Triumph|TK> i went through the config a few times
<Triumph|TK> i have the ports forwarded
<shawarma> It's ok to say hi first, but the asking to ask bit is more annoying than just plain rudeness :)
<shawarma> Triumph|TK: brb
<Triumph|TK> ok
<TK2> lost connection there
<shawarma> Triumph|TK: Can you connect from the machine itself?
<TK2> i havn't tried but i have tried connecting from another computer inside my network using the network ip
<TK2> and that does work
<qhartman> Anyone here have experience with the Proliant DL360s?
<qhartman> the new ones with the 6 SFF SAS drives
<shawarma> TK2: Um... then what is it that doesn't work?
<TK2> external ip
<shawarma> I see. Well.. Does your router run Ubuntu?
<TK2> does my router run ubuntu? sorry i dont understand
<shawarma> TK2: I'm not sure I can ask any clearer.. Do you have a router?
<TK2> yes
<TK2> is my ubuntu server on my router?
<TK2> yes
<shawarma> What kind of router is it?
<TK2> westell
<TK2> when i try to connect externally it says connection refused not connection timed out
<TK2> so its making a connection the server is just refusing it
<shawarma> You router can reject connections as well.
<TK2> i forwarded port 22
<mralphabet> so dsl modem / router ---> ubuntu box --> network ?
<mralphabet> or dsl modem / router ---> network --> ubuntu box ?
<TK2> 2nd one
<TK2> the ubuntu box is just on the switch
<TK2> with the network
<mralphabet> k
<TK2> is that wrong?
<mralphabet> so you are trying to connect from the outside to the ubuntu box?
<TK2> im trying to make my web server and my ssh server accessable via my external ip outside my network , my ftp server for some reason DOES work from outsdie my network but the others don't
<TK2> the apache server might be a whole different issue but im concentrating on 1 at a time
<TK2> although i am testing the ssh server from inside my network using my external ip
<TK2> trying to give as many details as possible
<mralphabet> that's fine, I'm looking at 2 or 3 different things atm, so slow to respond ;)
<TK2> not a problem
<mralphabet> not wrong, by the way, that's a normal setup
<mralphabet> it is also quite common for ISP's to block port 22 and port 80
<TK2> really
<TK2> hmm
<TK2> maybe i should try changing the ports
<mralphabet> to be honost, I'm surprised ftp works
<mralphabet> my ISP used to block anything < 1024
<TK2> im on verizon dsl =O
<mralphabet> then they moved to selective ports, IE 21 80 53 88, others
<TK2> im going to change my ssh port to 420 and try it
<TK2> same error connection refused
<TK2> oh wait forgot to forward new port
<TK2> same error connection refused
<TK2> i think it might be that i set up my hosts config wrong but then again my ftp works
<TK2> mr.alphabet could i ask you some questions about my host config
<TK2> please
<skreet> exit
<mralphabet> sure
<TK2> ok in /etc/hosts
<TK2> my 1st line should be 127.0.0.1 localhost
<TK2> what should my 2nd line be
<mralphabet> 127.0.1.1       Dominus.stp.wi.charter.com      Dominus
<mralphabet> that's mine
<TK2> ok mine is similar
<mralphabet> IP    FQDN    Machine Name
<TK2> 192.168.1.46 server.myhome.westell.com server
<mralphabet> yeah
<mralphabet> no
<mralphabet> no
<TK2> =O
<mralphabet> the 127.0.1.1 is important
<mralphabet> 127.0.0.1       localhost
<mralphabet> 127.0.1.1       Dominus.stp.wi.charter.com      Dominus
<TK2> ok
<TK2> ill put the 127.0.1.1
<mralphabet> the 192.168.1.46 server.myhome.westell.com server
<mralphabet> is a third line
<TK2> so my 2nd line should be 127.0.1.1 server.myhome.westll.com server
<mralphabet> yes
<TK2> gotcha
<mralphabet> well, westell
<mralphabet> with the e ;)
<TK2> k restarting my network
<TK2> still refused
<mralphabet> try something above 10k
<TK2> ok
<mralphabet> you have a connection on the outside world you are trying from, right?
<TK2> nop
<TK2> is that a problem
<mralphabet> usually you aren't able to use the external IP address to engage the port forwarding on the westell unless you are outside the network
<mralphabet> can you ssh or http to the box from inside your network?
<TK2> http no, ive had friends try
<mralphabet> k
<mralphabet> let's back up a step
<TK2> all ears
<TK2> your help is much appreciated
<mralphabet> these services you are trying to reach on the ubuntu machine, can you connect to them at all from _inside_ your network, IE using the 192 address
<TK2> yes
<mralphabet> okay, so you have somebody outside your network trying to hit whatever.your.ip.address:port is and they are getting a connection refused
<TK2> i have not had them try to connect via ssh but when trying to connect to the web server they are getting page cannot be displayed
<mralphabet> and they are trying 123.456.789.123:450
<mralphabet> *fill in your ip address and port here*
<TK2> port is 80 i never added the port for them
<TK2> but yes http://myip
<mralphabet> k
<TK2> and i have had them succesfully access the ftp server in the same way
<mralphabet> If you are using port forwarding on the westell to get around the port 80 limitation, the outside world needs to refernce that port in the address bar
<mralphabet> IE my http port is 8888
<mralphabet> so to visit my home web server from outside, I need http://123.456.789.32:8888
<mralphabet> my router translates 8888 on the outside to 80 on the inside and forwards it to my webserver
<mralphabet> so 123.456.789.32:8888  -->  8888-router with NAT-80 --> 192.168.1.10:80
<TK2> ok and that is all set up through the router
<mralphabet> through my router, yes
<mralphabet> I don't know if the westell can do that kind of translation
<TK2> ok this information is very helpful
<TK2> is that called trigger ports by any chance?
<TK2> Forward a range of ports to an IP
<TK2> address on the LAN only after
<TK2> specific outbound traffic
<mralphabet> if the westell *can't* do port to different port translation, you will need to get your apache to answer on the different port as well
<mralphabet> IE 123.456.789.32:8888  -->  8888-router with NAT-8888 --> 192.168.1.10:8888
<TK2> what is the service called in your router
<mralphabet> port forwarding ;)
<mralphabet> I don't run a westell
<TK2> thank god for you
<TK2> its a modem / router
<TK2> i have another linksys i could use also
<TK2> but this way is easier
<mralphabet> http://www.google.com/search?q=westell+port+forwarding
<mralphabet> putting a linksys in place would not solve your problem
<mralphabet> that would only mean modem/westell(NAT) --> linksys(NAT) --> network
<TK2> IE 123.456.789.32:80 --> 80-router with NAT-80 --> 192.168.1.10:80
<mralphabet> level of complexity x2
<TK2> i have this set up as of now, is this wrong?
<mralphabet> that should be right, as long as verizon doesn't block port 80
<TK2> ohhh i see what ur saying now
<TK2> this is just to see if that port is being blocked
<TK2> excuse my ignorance
<mralphabet> It's really  Verizon Router serving IP to you --> modem/westel blah blah blah
<mralphabet> in the Verizon Router they can block whatever they want and it will not reach you
<TK2> in my port forwarding options i have global port range and base port range im thinking the 8888 should be the global and 80 should be the base
* mralphabet doesn't think so
<TK2> ok then ill just change the apache port to 8888 to test it
<mralphabet> http://www.voip.com/help/Residential/Installation/Networking/westell_port_fwd.aspx
<mralphabet> ^^ similar configuration
<mralphabet> http://www.portforward.com/
<TK2> i know how to port forward though
<TK2> im gunna change the apache listen port to 8888 and forward 8888 on my router then ill let ya know what happens
<TK2> again thanks for your time
<mpathy> Hi there..
<mpathy> Having problems with an dist-upgrade..
<mpathy> From Dapper to Edgy worked
<mpathy> Now after another reboot started dist-upgrade Edgy to Feisty, and now I got this: http://pastie.caboo.se/72487.txt
<TK2> mralphabet
<TK2> mralphabet
<TK2> it works
<TK2> it works
<mralphabet> grats
<TK2> :)
<TK2> port 8888 did the trick
<TK2> :) :_) :) :)
<TK2> thank you so much
<mpathy> I looks like Ubuntu only works good with Grub - isnt that some kind of bad?
<mralphabet> TK2: no problem
<mpathy> hmm
<mralphabet> mpathy: dist-upgrade may not be the recommended path up to feisty
<mralphabet> mpathy: sudo apt-get install update-manager-core
<mralphabet> mpathy: sudo do-release-upgrade
<mpathy> ?
<mralphabet> that's the recommended upgrade method to feisty (from edgy)
<mpathy> Why I didnt get at least one simple warning on that somewhere..? Which person think of that who works with debian based systems for years?
<mpathy> can I do it yet altough?
<mralphabet> well, it's listed on http://www.ubuntu.com/getubuntu/upgrading
<mralphabet> it was listed in the documentation for months
<ajmitch> mpathy: if you want to stick with lilo, check /etc/kernel-img.conf to see what bootloader it's trying to setup on kernel install
<ajmitch> most likely it has postinst hooks there to run update-grub
<mpathy> ajmitch: it works until I did dist-upgrade also with liko
<mpathy> ajmitch: yes.. as lilo does never exist..
<mpathy> do I have to edit the post-inst file now forever?
<ajmitch> no
<mpathy> but?
<mpathy> I run lilo after every new kernel thats not the problem.. but if ubuntu tries every time to do update-grub, it would be really annoying
<ajmitch> and I told you where it says what gets run
<mpathy> ajmitch: I changed it and he puts out the help text on sudo apt-get -f install
<mpathy> ajmitch: but there are no parameters, you update with only "lilo"
<ajmitch> so what do you have for postinst_hook in /etc/kernel-img.conf now?
#ubuntu-server 2007-06-22
<mpathy> ajmitch: postinst_hook = /sbin/lilo
<mpathy> whereis lilo => lilo: /sbin/lilo.real /sbin/lilo /etc/lilo.conf /usr/lib/lilo /usr/share/lilo /usr/share/man/man8/lilo.8.gz
<ajmitch> ok, and is this not working?
<mpathy> if it would I wouldnt write anything ;)
<ajmitch> but you haven't written what it is doing
<mpathy> (00:07:25) mpathy: ajmitch: I changed it and he puts out the help text on sudo apt-get -f install
<mpathy> the help text of lilo, as it would run wrong configured
<mpathy> but lilo doesnt need parameters
<ajmitch> pastebin, I don't know what you're referring to
<ajmitch> I haven't seriously used lilo for years
<mpathy> http://pastie.caboo.se/72501.txt
<ajmitch> ok, try dropping the postinst_hook line, and changing do_bootloader = no to do_bootloader = yes
<mpathy> dropping? you mean commenting out?
<ajmitch> yeah, that should work
<mpathy> its a server who is somewhere other.. if it wont boot it would be bad..
<ajmitch> I know that feeling
<ajmitch> is there a reason to use lilo, apart from that it usually just works?
<mpathy> ajmitch: yeah it was because of some weird kind of config of the partitions and filesystems where my colleague said I HAVE to use it, because Grub doesnt work properly there.. I dont remember what exactly the problem was..
<ajmitch> exciting
<mpathy> what means do_bootloader? shouldnt it do it every time?
<mpathy> but it worked. i try to restart it now..
<ajmitch> do_bootloader is just an option for the complicated perl script that makes up the postinst
<ajmitch> I don't follow most of it
<mpathy> or, if I have solved the other weird things.. I have two mdadm.conf in two different places.. /etc/mdadm.conf and /etc/mdadm/mdadm.conf
<mpathy> oh okay
<ajmitch> iirc it's been replaced in gutsy
<mpathy> will gutsy be a LTR?
<ajmitch> nope
<ajmitch> (and nope, the same postinst is still used, just other parts of the build system replaced)
<ajmitch> gutsy+1 may be LTS
<mpathy> okay, than it was a good idea to upgrade to feisty.. need some new stuff on the server..
<mpathy> ajmitch: do you know why I have two mdadm.conf? what is the redundant one and why its there? ;)
<ajmitch> I only have one (/etc/mdadm/mdadm.conf)
<ajmitch> and this has been upgraded from somewhere near dapper to current gutsy
<ajmitch> same file on the debian box here
<mpathy> near dapper?
<ajmitch> yeah, I installed initially from a daily testing iso of dapper
<mpathy> okay.. I will note it.. if I got a not working system perhaps it was written in the wrong place
<ajmitch> it appears that /etc/mdadm/mdadm.conf takes priority if both exist
<mpathy> yeah
<mpathy> I will reboot.. Wish me luck..
<ajmitch> heh
<mpathy> ajmitch: another funny thing.. dist-upgrade installed apache2! I didnt wanted that because I use now fat apache on my server
<mpathy> perhaps some meta-package did it.. but it shouldnt be
<ajmitch> if something wanted apache2 | httpd, and you didn't have another webserver installed that provides 'httpd', it'd install it
<mpathy> ajmitch: But today, the thoughts have changed, and people know that Apache isnt the only httpd ;) so I wonder why Lighttpd isnt in this metapackage
<mpathy> however.. I deinstalled Apache
<ajmitch> because any httpd package can provide the virtual package 'httpd', and lighttpd does
<J-_>  after installing php, what should I increase my memory_limit to?
<gejr> I've lost connection to my ubuntu server. It was connected through wireless (doh..)..my question is..is ifplugd loaded by default on ubuntu servers?
<gejr> cause then i should be able to get in touch with it just by plugging in a network cable, right?
<gejr> i reaaally don't want to reboot it, and i haven't got a monitor for it
<gejr> so ssh'ing in is my only option
<gejr> but for some odd reason it's gone offline :/
<gejr> it's been on for 4 months straight now
<gejr> can't anyone please take a look at their ubuntu-server's and see if ifplugd is running and if it's running as default.
<ivoks> not running
<gejr> I have a problem if it isn't...i'll have to get a new monitor and hope it'll be detected as soon as i plug it in..
<gejr> doh :S
<gejr> thanks ivoks
<ivoks> ?
<ivoks> monitor?
<ivoks> ifplugd is just for ethernet devices
<gejr> yea..i've lost connection to my server..it was connected with wireless and has been up for 4 months
<gejr> it doesn't have a monitor, so i can't connect to it and see what's causing the error
<ivoks> ah...
<gejr> but if ifplugd was running it'd be easy to just plug in a network cable and check it out
<ivoks> connections are automaticaly brought up, if it's so configured
<gejr> now i'll need to pass some commands to it to get it up&running..
<gejr> i guess i'll need to carry a monitor around :(
<gejr> which log file is most likely to reveal the reason why the wireless net went down?
<ivoks> syslog
<gejr> i thought i needed ifplugd to get wired network working instantly?
<gejr> syslog..ok thanks:*
<ivoks> if your ethernet is configured as auto and dhcp in /etc/network/interfaces, then you just need to plug in cable
<ivoks> i'm not sure for static...
<gejr> i haven't touched the /etc/network/interfaces i think..so if default is to have it running with dhcp then i guess i'm in luck
<ivoks> default is how you set it up during installation
<gejr> if i only could remember ;)
<gejr> i tried plugging in a usb keyboard this morning..and running things like "dhclient ath0"
<gejr> but i'm not really sure what state it's in at all
<gejr> didn't seem to bring it up at least
<gejr> it's weird..none of the other computers in the vicinity has lost their connection
<ivoks> you have to log in first :)
<ivoks> you can do one simple test;
<ivoks> log in
<ivoks> and run find /
<gejr> i started by typing in username and password..
<ivoks> if your hear disk working or led blinking, then your computer is running
<ivoks> if not, it's dead
<gejr> good idea
<gejr> is find / the most resource intensive command i could run?:)
<ivoks> it's easiest to type :)
<gejr> hehe great stuff..i'll try it as soon as i get home :)
<gejr> thanks a lot for your help mr.
<ivoks> np
<CrummyGummy> hi, should mysqls basedir be /usr?
<`6og> CrummyGummy, no
<`6og> /usr/local
<`6og> or /usr/local/mysqlversion, depending on your preference
<CrummyGummy> `6og, Thats wierd. So its a bad default?
<`6og> CrummyGummy, i assumed you were buildign from source
<`6og> CrummyGummy, packages should use /usr yes
<ivoks> everything outside packages, should go in /usr/local/
<CrummyGummy> Cool, thanks.
<ivoks> http://www.pathname.com/fhs/pub/fhs-2.3.html#THEUSRHIERARCHY
<ivoks> The /usr/local hierarchy is for use by the system administrator when installing software locally.
<CrummyGummy> Yeah, I'm just trying to solve a real wierd problem and looking in all the wrong places. I though that var might need to point to one of the mysql dirs.
<CrummyGummy> I'm running circular replication between two servers and have been running 
<CrummyGummy> quite well up till now. I have developed a wierd problem. When I update a 
<CrummyGummy> field on server A server B gets updated and then both get reset to the 
<CrummyGummy> original values. Also, the slave that gets started second doesn't catch up 
<CrummyGummy> with the master ever.
<CrummyGummy> This has just started happening since moving to Feisty.
<ivoks> mysql?
<CrummyGummy> yup
<ivoks> http://bugs.mysql.com/bug.php?id=28850
<ivoks> this is probably not related to your problem :/
<CrummyGummy> hehe, thats me at the bottom of that page. 
<CrummyGummy> adding relay_log       =       /var/lib/mysql/mysqld-relay-bin to the my.cnf file fixed that.
<r00tintheb0x> Hey guys... what do you think is a better FTPd. Pure or VSFTPd?
<r00tintheb0x> Hey guys... what do you think is a better FTPd. PureFTPD or VSFTPD?*
<dendrobates> I haven't used pureftpd, but vsftpd was alright.
<r00tintheb0x> Anyone know how i can do SSL over FTP?
<coNP> it is not an usual scenario
<dendrobates> why not use sftp is a part of ssh
<coNP> usually ftp is done over ssl
<leonel> r00tintheb0x:  the one that is supported ...  in this  case  vsftpf   proftpd  is in universe
<r00tintheb0x> so proftpd or vsftpd will encrypt data over SSL?
<dendrobates> r00tintheb0x: vsftpd does, by why use ftp and not sftp provided by sshd?
<leonel> r00tintheb0x: and if the client is on windows there are sftp clients
<r00tintheb0x> WinSCP is what we're using.
<dendrobates> r00tintheb0x: WinSCP works great with both sftp and scp, both of which part of sshd
<r00tintheb0x> heck yah :D
<r00tintheb0x> SFTP is part of SSHd?
<r00tintheb0x> I thought it'd be a FTPd.
<dendrobates> nope, part oh ssh-server package.
<dendrobates> infact it is enabled by default.
<dendrobates> nothing to do except 'sudo apt-get install ssh'
#ubuntu-server 2007-06-23
<okaratas> hello
<mathiaz> okaratas: hi
<necrite> hi .. 
<necrite> there is any way to see the mac address of one qlogic fiber chanel card from one linux(ubuntu server) box?
<leonel> necrite: arp ?
<necrite> is a fiber channel card.. not ehternet
<necrite> fabbione, help me once :) 
<Elazar> Anyone know why linux-image-server and linux-server updates are held back in Server Feisty?
<Burgundavia> Elazar: likely waiting for a new restricted
<Elazar> Burgundavia: Er... come again?
<Burgundavia> the meta package depends on a -restricted-modules component
<Elazar> Mmkay.
<Elazar> So... all I can do is wait? :P
<Burgundavia> wait a day, yes
<Elazar> Been waiting a while on this one. :P
<Burgundavia> what does a dist-upgrade tell you?
<Elazar> Looks like that was all I had to do. :P
<Elazar> Not used to doing package management through apt-get yet. Used to Ubuntu Desktop.
<Elazar> Getting there, though. Thanks for the tip.
<Tom47_> mentin is made of different kernel in6.06 LTS from desktop .... http://www.ubuntu.com/getubuntu/releasenotes/606#head-925351b68ef736bd8a21f7c80d4282a638aa4d2f .... what are the implications for application repositories ie are theredifferent ones for the server?
<Tom47_> server vs desktop kernesl ...
<TheCougar> has any one used surgemail ( http://www.netwinsite.com/surgemail/integrated.htm ) that could give me some information?
<Burgundavia> never even heard of it
<TheCougar> i'm trying to find something where I can download all my e-mail from various pop3 accounts and then access it all with a web interface or using outlook and be able to send mail out on the correct account
<Burgundavia> ah, interesting problem
<mralphabet> TheCougar: gmail will pop other accounts now
<gejr> my wireless card is found in lspci but it's not in ifconfig
<gejr> what could cause this?
<juliux> hi
<lionel> hi juliux
<juliux> it is possible to restart a server if a new install kernel hangs?
<lionel> you should check if everything is allright before rebooting
<juliux> hehe
<juliux> but you never know;)
<lionel> it should not hang on kernel install :(
<lionel> keep a livecd with you :)
<juliux> the server is 600km away from me;)
<juliux> it is in datacenter
<lionel> :-(
<juliux> hmm
<juliux> but i think i should use the new kernel on my server
<juliux> there is a 1,5 year old kernel running
<levander> Does the dovecot version which ships with Feisty support sieve?  I see on dovecot.org that dovecot does support sieve now via a plugin.  But, can't find a package for that plugin with 'apt-cache search'.
<lionel> levander: dpkg -L dovecot-common | grep -i sieve
<lionel> /usr/share/doc/dovecot-common/wiki/LDA.Sieve.txt.gz
<lionel> /usr/lib/dovecot/modules/lda/lib90_cmusieve_plugin.so
<lionel> /usr/lib/dovecot/modules/lda/lib90_cmusieve_plugin.la
<lionel> /usr/lib/dovecot/modules/lda/lib90_cmusieve_plugin.a
<lionel> /usr/lib/dovecot/sievec
<lionel> /usr/lib/dovecot/sieved
<lionel> I've never tried
<lionel> But I plan to do :)
<levander> lionel: I'm looking around, haven't tried them yet, but it looks like emacs, dovecot, and thunderbird all have sieve support.  Now *may* be the time to take the plunge.
<levander> And, I've never set up procmail even though I've been meaning to....
<lionel> thunderbird now support sieve ?
<levander> lionel: I haven't read this yet: http://sieve.mozdev.org/
<levander> Right now I'm reading about dovecot.
<lionel> (kmail support it, but I don't run KDE)
<statux> Can you install GUI to server?
<andrew____> I'm a newbie scoping out Ubuntu and LDAP to run a school computer network...but I've hit a very steep wall in trying to get LDAP to run...all kinds of problems getting the configuration right.  Any LDAP experience in the house?
<Ali_ix> hi channel
<Ali_ix> i am messign around a network model about squid and ssh tunnel
<Ali_ix> i have a asmall network and internet connections is shared through a gateway
<Ali_ix> gateway has squid installed as cache server
<Ali_ix> now, i need to run squid behind a ssh tunnel to internet
<Ali_ix> how can i make squid to use sock5 proxy connection through ssh tunnel to access internet (instead of direct connections)
<Ali_ix> ?
<nealmcb> this fails for me ("broken packages") on a dapper machine: `sudo apt-get install krb5-kdc`   -  The following packages have unmet dependencies:   krb5-kdc: Depends: libkrb53 (= 1.4.3-5) but 1.4.3-5ubuntu0.3 is to be installed
<nealmcb> any tips?
<nealmcb> or should I file a bug?
<Burgundavia> file a bug
<Jester45> anyone here know how to set up torrentflux
<Jester45> from the repo? im lost
<nealmcb> Burgundavia: Here it is:  https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/121923
#ubuntu-server 2007-06-24
* nealmcb listens to David on the radio: http://www.helpmerick.com/node/1529 and  http://www.helpmerick.com/node/1530 - good stuff!  But you still really can't listen to many typical videos out of the box with the base installation....
<nealmcb> oops - wrong channel - that's the colorado loco team lead doing an interview on ubuntu on a web radio station....
<nealmcb> I installed krb5-kdc on feisty, and can't get past this error on any command: Improper format of Kerberos configuration file while initializing context
<nealmcb> initially the /etc/krb5kdc/kdc.conf did seem invalid, with a missing realm name, but I changed it to be identical to /usr/share/doc/krb5-kdc/examples/kdc.conf and still run into problems
<trappist> is there some trick to making sasl auth with pam work with postfix chrooted?  I can't seem to make it work.
<trappist> no errors, just authentication failures with known-good credentials
<trappist> ok now I'm beginning to suspect my MUA.
<nealmcb> aha - the config file that kadmin.local is complaining about is /etc/krb5.conf not /etc/krb5kdc/kdc.conf - hmmm
<PureEvilGeek> I want to build an ubuntu server that can pull in my pop3 e-mails from various accounts and then either let me access that through evolution/outlook or through a web interface. what program would I want to use with the server to do this?
<`6og> PureEvilGeek, you'd probal y need a few thigns working together
<PureEvilGeek> you have any idea how to say what i want in a better way then i am?:)
<PureEvilGeek> i was looking at opengroupware.org but i'm not even sure if thats what i want
<`6og> i dont know a better way of saying it, i just dont know of anything that does what you want
<nealmcb> aha - giving a valid realm name in both /etc/krb5.conf and /etc/krb5kdc/kdc.conf lets me run krb5_newrealm so I'm off and running....  I think the default contents of those files should document this - so it is probably time for a bug....
<nevets> hi
<nevets> Hi
<apetrescu> Hey guys :)
<apetrescu> I'm having a strange problem. I'm trying to install the server edition on a somewhat old pc. Partway through the install it "searches hardware for cd-rom devices"; and then after a while it complains that it found no CD drive, which is odd, because the installer is currently running off of that CD drive!
<apetrescu> Is there anything I can do? I don't know which module it is supposed to be to pick it manually.
<apetrescu> Note that I had no such problems installing Gentoo
<apetrescu> (On the same hardware)
<apetrescu> Anyone...?
<`6og> use a different cd drive is the cure i know
<apetrescu> `6og: It's the only CD drive I've got =/
<`6og> :\
<`6og> i think i can tell you why it happens, but that wont help much i suspect
<apetrescu> The installer is loaded onto RAMdisk by the BIOS, and Linux does not have the right module to access it as a filesystem to grab other components?
<apetrescu> That's my guess.
<apetrescu> I know that my hardware isn't really obscure or anything, because Gentoo had no problem installing on it.
<`6og> cd boots in floppy compatability mode (ie the computer boots "a floppy disc"), then when it looks for the cd drive it cant find it
<apetrescu> I may boot up Gentoo, do an 'lsmod' to see what module it loaded for the cdrom, and tell Ubuntu to use that
<apetrescu> But that'll take sooo looong (slow computer) and it's already almost 3:00 AM here >_<
<`6og> :|
<apetrescu> So, nobody has any ideas? =/
<`6og> go to sleep :)
<chila> I'm having some trouble with my postfix server
<chila> I can't send emails or login to the UebiMiau webmail front
<chila> can anyone help with that
<slackwarelife> chila: what have you ???
<chila> 6.06
<chila> postfix
<chila> ispconfig
<slackwarelife> chila: postfix, let me know
<chila> what do you mean
<slackwarelife> chila: what is your problem ???
<chila> I can't send mail
<chila> or recieve mail
<chila> well recieving isnt the prpblem yet
<slackwarelife> chila: send is your problem
<chila> yes
<chila> I can't send anything
<slackwarelife> chila: you are using postfix with php
<chila> I believe so...
<chila> I have ISPCongig installed
<chila> and thats all setup
<chila> I didnt configure php with postfix
<slackwarelife> chila: in your /etc/postfix/main.cf there is this line: relayhost = "your provider smtp server"
<chila> it is blank
<slackwarelife> chila: it is your problem
<chila> really?
<chila> what should be there
<slackwarelife> chila: do "sudo dpkg-reconfigure postfix" and remply this:
<chila> I did this yesterday but where did I go wrong
<slackwarelife> - Ok - Internet site - NONE - mail.mydomain.com - mail.mydomain.com, localhost, localhost.localdomain - No - 127.0.0.0/8 - Yes - 0 - + - All
<slackwarelife> This "-" is for change the line reply 
<slackwarelife> When you had installed postfix you didn't have reply to all question
<chila> I used all the setting from here http://www.howtoforge.com/perfect_setup_ubuntu_6.06_p5
<chila> and I believe these are all the settings you have just listed
<chila> also do I need to do all the after 'postconf -e' stuff?
<slackwarelife> chila: but you want TLS ???
<chila> yeah
<chila> but not by defualt
<slackwarelife> chila: but you want it now ???
<chila> well right now no
<chila> I just want it to work
<chila> and then later I will configure TLS
<chila> but it should work anyway if I configure it right
<slackwarelife> chila: for easy reconfigure of postfix you can do "sudo dpkg-reconfigure postfix"
<slackwarelife> chila: this will ask some question
<slackwarelife> chila: you can reply with the string I posted before (remember "-" this is a change question)
<slackwarelife> chila: after this you will have a /etc/postfix/main.cf
<slackwarelife> but before you must restart the postfix: "sudo /etc/init.d/postfix reload"
<chila> one sec
<slackwarelife> chila: after restart you can change the main.cf file with: "sudo nano /etc/postfix/main.cf" or "sudo gedit /etc/postfix/main.cf" 
<slackwarelife> chila: and insert this line: relayhost = your smtp provider server
<slackwarelife> chila: save all
<slackwarelife> chila: after you can configure /etc/php5/apache2/php.ini (use your prefer text editor) and add this line (or change this line): sendmail_path = "/usr/sbin/sendmail -t -i" (don't worry this line will use postfix). Reload apache2 "sudo /etc/init.d/apache2 reload". Now if you haven't a sendmail path you can do this: "sudo ln -a /usr/sbin/postfix /usr/sbin/sendmail". Try. Now I must will go out. But you can
<chila> im still having problems after reloading everything
<chila> can anyone help
<chila_> I can send mail but I cant recieve mail
<chila_> I am using postfix
<chila_> and I cant log into UEBimiau
<PureEvilGeek> is any one using zimbra on there ubuntu server that could see how easily it intergrates?
<PureEvilGeek> is any one running zimbra on ubuntu server 7.04?
<ivoks> hi
<ivoks> PureEvilGeek: i've set it up once, but on 6.06
<PureEvilGeek> ivoks: hum. on there site it says it supports 6.x but i'm setting up a 7.x server and was just wondering if my attempt was going to be useless.
<PureEvilGeek> we will see i guess:)
<ivoks> i would recommend 6.06
<PureEvilGeek> ivoks: did you like it? i'm just looking for something to replace my desktop mail client so I can access multiple e-mail accounts on different systems
<ivoks> since it is long term supported version
<PureEvilGeek> why is that?
<PureEvilGeek> no features in 7.04 that are worth looking into?
<ivoks> zimbra is not desktop mail client replacement
<ivoks> it's a service
<ivoks> it does have web client, but it's a service
<PureEvilGeek> hum i'm getting it for its web client
<ivoks> zimbra is email server
<ivoks> not a client
<ivoks> when you install it, you get smtp/imap/pop/ldap/web services
<PureEvilGeek> right
<PureEvilGeek> but from what I saw of the demo I could setup the web client to access multiple pop accounts on other locations. is this wrong?
<ivoks> it's meant for people from other computers to connect to it, and share contacts...
<PureEvilGeek> ivoks: ok if i wanted a web based client server (basicly outlook express / evolution but web based) what would I want to get?
<ivoks> uff...
<PureEvilGeek> uff?
<ivoks> webmail is a service that ISPs provide
<ivoks> having webmail on local computer is possible, but... i never seen antone using it on local computer :)
<PureEvilGeek> i'm not looking to use it on the local computer (not the server end of it at least). i'm looking to use it on my server
<ivoks> try squirrelmail
<PureEvilGeek> to access multiple pop accounts. i'm not looking for an e-mail account with webmial i'm looking for webmail for my email accounts
<ivoks> squirrelmail is a program
<ivoks> webmail program
<PureEvilGeek> isn't squirrelmail just a smtp/imap/pop server with a webmail interface?
<ivoks> it's not a server, it's web application
<ivoks> you are looking for 'web evolution/outlook'?
<PureEvilGeek> basicly
<PureEvilGeek> after i get ubuntu server on my vm i'll download the package and check it out
<ivoks> i just saw... squirrelmail doesn't support multiple imap servers
<PureEvilGeek> i'm pretty sure zimbra will do what i want
<PureEvilGeek> since while I was on the demo it had specificly the option to do what iw ant
<PureEvilGeek> unless i miss read it
<ivoks> ok, go with zimbra...
<ivoks> but that's like taking a 3.5t truck for couple of bricks
<PureEvilGeek> yeah i realize that
<PureEvilGeek> but since i don't have to pay for the gas...
<PureEvilGeek> i'll be trying both out
<ivoks> will you do anything else on that server?
<PureEvilGeek> on the zimba server or the system itself?
<ivoks> IIRC, zimbra installs it's own packages, making system almost unusable for any other business :/
<PureEvilGeek> I can set up a system for just the mail app if i need to. have plenty of them around to do so
<ivoks> ok :)
<PureEvilGeek> Wish i could find a squirrelmail demo to try it out to see what it has
<PureEvilGeek> I can also work inside a VM
<ivoks> it's a webmail client
<nox-Hand> Hiya!
<nox-Hand> Where do I change the message printed at login on my server?
<ivoks>  /etc/motd
<nox-Hand> Awesome, thanks ivoks  :)
<KennyTheGeek> Do i need x to do x forwarding through ssh
<coNP> I don't think so
<KennyTheGeek> my thought aswell... just a confused server then
<ivoks> you don't
<ivoks> you need X libs
<coNP> actually you might need some X programs to make this whole issue useful
<coNP> unless it is a third machine between the X server and X clients
<ivoks> you don't need started X, but you need xlibs and progs
<KennyTheGeek> my friend got a thin client he uses as server... the storage device is a memstick, so he don't have ressources for X.org
<teknoboi> hey i was wondering if someone might be able to help me out...in the process of me trying to install ravencore, it somehow created a folder with root that i cant delete or change permissions to
<teknoboi> and i need to delete it so i can use alien to create the debian file to install
<teknoboi> anyone around?
<nealmcb> teknoboi: howdy - what folder?
<teknoboi> its on my desktop...the ravencore folder (which is the software im trying to install)
<nealmcb> sudo rm -f /the/folder
<teknoboi> its telling me access is denied
<teknoboi> it was created by the root account
<nealmcb> ls -ld folder ==?
<teknoboi> ?
<nealmcb> what does "ls -ld folder" say?
<teknoboi> drwxr-xr-x 5 root root 4096 2007-06-24 12:45 ravencore-0.3.2
<nealmcb> is there anything in it?
<teknoboi> yes
<nealmcb> sudo rm -fr ravencore-0.3.2
<nealmcb> the "r" deletes the things inside also
<nealmcb> recursively - use with care!
<teknoboi> and i have no rights to those files and folders either
<nealmcb> the "sudo" runs it as root
<teknoboi> omg it worked
<teknoboi> i could kiss you
<nealmcb> :-)
<teknoboi> ive spent two hours on this damned thing lol
<nealmcb> just be careful with sudo :-)
<teknoboi> why is that
<nealmcb> you can really foul the system up by using the admin powers of sudo
<teknoboi> yeah
<teknoboi> understood
<teknoboi> so i have another question
<nealmcb> but a directory in your desktop like that when you want to delete the package anyway....  seems fine.  but I
<teknoboi> any suggestions as far as webhosting administration software that you might recommend for ubuntu server?
<nealmcb> ...i'm curious and should probably ask more about what the problem with ravencore was in the first place, and what it does :-)
<teknoboi> ravencore is an open source web hosting administration tool used to administer web servers or server stacks
<nealmcb> I've played with several over the years but am not up-to-speed
<teknoboi> i gave webmin a shot and hate it
<nealmcb> because?
<teknoboi> too complex and would take weeks to train people on how to use and set up new accounts
<ivoks> ispconfig
<teknoboi> ispconfig?
<teknoboi> the problem is (with ravencore) that i wasnt sure how to install rpm packages until a friend of mine suggested using alien
<teknoboi> so im going to make a new attempt at installing it
<PureEvilGeek> is there a plcae I could get an already setup vmware image of ubuntu server?
<teknoboi> im new to the whole linux bit and its complicated lol
<nealmcb> http://www.ispconfig.org/ is what ivoks mentioned
<teknoboi> okay
<PureEvilGeek> linux is complicated, wanting a web based e-mail client is like trying to solve world hunger
<nealmcb> last I heard it wasn't a package, and it pulls in its own versions of apache, php, spamassassin, etc
<teknoboi> so after i use alien to create the folder what am i supposed to do next
<ivoks> PureEvilGeek: ?
<ivoks> welll
<ivoks> ispconfig uses apache & php for administration
<nealmcb> so ravencore isn't packaged for ubuntu?  you have an rpm?
<PureEvilGeek> lol ubuntu server won't install on my vmware
<teknoboi> correct neal
<ivoks> but it uses distribution's apache for clients
<teknoboi> i also have the source package if i nedd it
<nealmcb> that would make it all more complicated, especially for upgrades.   hmmmm
<teknoboi> the source package would?
<ivoks> nealmcb: ispconfig?
<nealmcb> i'm saying that using ravencore via rpm would be complicate4d
<ivoks> right
<dendrobates> you'd be better off downloading the ravencore tarball and following the instructions.
<ivoks> i think ispconfig is best solution
<teknoboi> i have the tarball
<dendrobates> http://www.ravencore.com/installguide.php
<teknoboi> i have that
<dendrobates> should work fine in ubuntu.
<teknoboi> okay ill give this a shot brb
<dendrobates> so what is all the talk about rpm then?
<teknoboi> i tried to install the rpm twice and it didnt work so thats what i was asking
<dendrobates> is this a popular package?  should we package it in ubuntu?
<nealmcb> teknoboi: ubuntu developers are also working on making server admin easier in future releases.  anyone know the latest status?  My launchpad page points to a bunch of different specs on the issue :-)
<dendrobates> I'm on the server team.  
<ivoks> dendrobates: ispconfig is much better solution
<dendrobates> I'll take a look at them.  thanks.
<teknoboi> have u tried ravencore, ivoks?
<ivoks> i just took a look at online demo
<teknoboi> okay so im lost in this already
<teknoboi> when i run the tar command, it extracts the package into a folder and where to go in that has confused me
<teknoboi> after*
<teknoboi> ooo wait i missed a step
<ivoks> 'night all
<teknoboi> make: *** No rule to make target `build'.  Stop.
<teknoboi> make: *** No rule to make target `install'.  Stop.
<teknoboi> ? :(
<nealmcb> https://wiki.ubuntu.com/ServerTeam
<nealmcb> teknoboi: if you haven't built this sort of software from source before, there will be a bigger learning curve than webmin or ispconfig, I'm guessing
<teknoboi> ive never built any software from source before
<teknoboi> im new to linux remember
* nealmcb nods
<nealmcb> perhaps if you talked a bit more about exactly what you want to do and what you'll use it for we can help better
<teknoboi> im going to be using ravencore to administer my webserver platform and lamp installation
<teknoboi> helping to streamline user setup for customer service associates
<teknoboi> i originally went with windows advanced server platform but it was even more complicated that this as far as setup
<nealmcb> what sorts of apps?  small business?
<teknoboi> im starting a small hosting company
<nealmcb> I've also heard good things about ispconfig, but haven't tried it
<teknoboi> well im willing to give it a shot if its easier to install than ravencore
<teknoboi> lol
<nealmcb> Given your goals, I'd guess that long-term support and easy upgrades are more important than the learning curve of the initial install....
<teknoboi> hey, if learning is what it will require to achieve an easy-to-use, powerful platform from which i can adminster my server than so be it...ill need to learn sometime
<nealmcb> teknoboi: right on
<teknoboi> nealmcb: http://www.howtoforge.com/perfect_setup_ubuntu704_p7 <<< can u look over that and tell me how it looks...is it for real or is it crap
<PureEvilGeek> doesn't the server version of ubuntu have a GUI to it out of the box?
<teknoboi> i had to install gnome
<PureEvilGeek> that... i had oddly not expected
<teknoboi> ah
* PureEvilGeek just removes it from the vm and installs bsd since he already knows how that works
<nealmcb> PureEvilGeek: there are a lot of good reasons to not have the extra bulk and security issues of running x/gnome/etc on a server.  that's one reason folks like linux for servers over windows
<shawarma> PureEvilGeek: No, we don't have any gui on our servers.
<shawarma> PureEvilGeek: Why would we?
<nealmcb> and you can manage a server via a gui using the web of course
#ubuntu-server 2008-06-16
<android6011> i am looking for some guidance in being able to create a php page that allows me to read from an external imap mailbox, how can I allow php to read imap mailboxes?
<InsomniaCity> have you asked #php?
<LeChacal> i need to copy files to a from my server remotely from a windows machine, i use putty to ssh in and do thing. I was looking at filezilla for copying files, is that good program and it looks like i just have to have ssh installed on the server to use it, is that right?
<owh> LeChacal: On the same LAN, or across the Internet?
<LeChacal> owh: accross the internet
<owh> LeChacal: On your server to install ssh you will need to install openssh-server, there is also an ssh client/server available for Windows if you want to stay within ssh. I'm not familiar with filezilla.
 * owh is just trying to find the name of the Windows client/server for you.
<LeChacal> owh: filezilla will use ssh you just have to do some set up
<owh> LeChacal: Well, then you're ready to go.
<LeChacal> owh: let me ask you then how would you copy files to a server across the Internet from a normal ubuntu i just use scp now. is there something better or i should use differnt?
<owh> scp is the "same" as ssh.
<owh> (same, as in, it uses ssh to get the data across.)
<LeChacal> owh: i knew read that in the scp man files, so you are saying just stick with scp then?
<owh> Yup
<LeChacal> owh: ok will do that thank you.
 * owh actually uses rsync over ssh for keeping things synchronised.
<owh> But for a straight copy, scp is just fine.
<LeChacal> i do just more strait copying of picture and files synchronizing would be a waste i think
<owh> Well, rsync will only copy the changed parts, so if you are copying mostly the same structure across, it will be faster than scp.
<LeChacal> maybe i will look into rsync then
<owh> It really depends on your actual needs,  but quick and dirty, scp is the tool.
<stacman> i've want to set up a raid-5 array with MDADM.  I have 3 500gb drives and 2 250gb drives.  Is it possible/advisable to assemble the 2 250gb drives in RAID-0 and present them to mdadm as the "fourth" 500gb drive?
<Baron1984> http://ubuntuforums.org/showthread.php?p=5194590#post5194590
<labsgraphica> I'm getting 404's when running apt-get update on a server running 6.10
<bimberi> labsgraphica: 6.10 is no longer supported.
<labsgraphica> OK, my goal for tonight was upgrade to Hardy, but I dont have update-manager-core
<bimberi> hm, finding the 6.10 version of update-manager-core could be interesting
<labsgraphica> yeah, my understanding is I have to go edgy -> feisty -> gutsy -> hardy
<lukitas> hola alguien podra ayudarme
<bimberi> labsgraphica: yes that's right
<lukitas> quiero montar un server de open arena
<labsgraphica> but, I'm not sure how to progress without update-manager-core
<labsgraphica> unless im overlooking something
<hads> Try installing the package and see what version it's trying to find. Then you may be able to find it on a mirror somewhere.
<flyback> is there any way to script kickstart
<flyback> that instead of like starting to install packages etc
<flyback> mount a remote fs, and dd a disk image to hd
<flyback> with ubuntu
<flyback> cause so far it's the only kernel that boots properly on the headless blades we have
 * flyback bbl
<bimberi> labsgraphica: From what I can tell, 0.56~edgy5 was the latest version.  Googling for  update-manager-core_0.56~edgy5_all.deb  has plenty of hits.
<labsgraphica> yeah, did that. had some dependancies. I was told I could edit my source list (changing edgy to feisty) and then run  apt-get update, then apt-get dist-upgrade
<bimberi> labsgraphica: You'll probably find the dependencies on the same mirror.
<bimberi> labsgraphica: Yes that (update, dist-upgrade) might work.  If the server is non-critical and I had good backups, I'd be happy trying it.
<labsgraphica> yes, its a VPS, have a few recent snapshots. update, dist-upgrade appeared to work
<bimberi> cool :)
<labsgraphica> yeah. now onto gutsy, then hardy
 * flyback bites slicslak 
<flyback> CANUCK
<flyback> CANUCK
<AnAnt> Hello, what's the difference between ecryptfs-utils & encfs ?
<hads> ecryptfs and encfs are two different products
<AnAnt_> ok, but both do same thing at the end, right ?
<AnAnt_> except encfs is FUSE
<hads> Yes encfs is based on fuse and ecryptfs isn't. And they do both do similar things yes.
<AnAnt_> ok, thanks
<spiekey> hi
<spiekey> is there a way to find out what type of RAM i have got (DDR-XX) ?
<spiekey> my Server is like 200miles away :-/
<kraut> moin
<spiekey> moin :)
<kshah> Heron (+gnome) is freezing when I connect my external HDD via eSATA, can someone suggest anything? I'm sorry to ask this here, but the main channel is a mess
<Kamping_Kaiser> spiekey, look up the motherboard online?
<RockHound> hi everyone ... I have noticed wierd behavior of the php5-ldap module in regards to "start tls" on 8.04 ... I am no newby in this field but ever since I switched from gentoo to 8.04, I have sporadic failures of the start_tls() funktion calls. Is the module faulty and how might I debug this?
<captbaritone> Would someone who does not mind me seeing their ip address go to a website of mine so I can see if external ip logging is working? (p.s. can I type my link in here without getting banned?)
<hads> captbaritone: Shouldn't be an issue.
<Kamping_Kaiser> captbaritone, you can paste it here if its part of a help request
<Kamping_Kaiser> captbaritone, and your welcome to my ip (its dynamic)
<captbaritone> okay: http://www.classicalcode.com/music/
<captbaritone> just a click on that should tell me if logging is working
<hads> Done
<Kamping_Kaiser> loaded
<captbaritone> works :)
<captbaritone> thanks!
<hads> np
<Kamping_Kaiser> :) \o/
<RockHound> anyone else here use php5-ldap?
<RockHound> without a hitch, I must add
 * flyback had another dream about a girl in hs he liked 15-16 yrs ago and wonders how long he's going to be tortured :(
<zul> morning
<r4f> hello...
<sommer_> zul: happy monday!
<r4f> thankyou... I have a question, after one has installed the server edition, is there any graphical (eg. webbased) entry into the server from another box?
<r4f> I am thinking of a graphical controlpanel of the server
<hads> Not by default
<zul> sommer_: meh :)
<r4f> is there one, you can install from the package rep ?
<hads> I think maybe ebox or something. I'm not sure - I don't use any.
<r4f> hads: so if you want to install another user for you mail-server and another mail-box, you just use the console?
<hads> Sure
<r4f> hmm... it's good I guess, but would be nicely with a little user-friendly gui :D hehe
<spiekey> hey... :)
<spiekey> what do they mean with max memory capacity here? http://www.asrock.com/manual/P4i65G.pdf
<spiekey> 2GB per slot or together?
<ScottK> zul: Do we have any remaining changes in apache2?  Reading your last debian/changelog entry it would seem not.
<zul> ScottK: nope just the maintainer field change
<ScottK> zul: Then why didn't you sync it?
<zul> ScottK: because I havent had any coffee yet
<ScottK> Ah.
<youngmusic> hey, is there a channel for heartbeat questions?
<youngmusic> ok, found it :-)
<spiekey> could maybe someone check out this moderboard pdf for me? :)
<spiekey> i am nut quite sure
<spiekey> soren: you there? :)
<lukehasnoname> spiekey: He's never there.
<spiekey> how come?
<spiekey> i always has been
<eclipse_mint> hi, i am looking to install ubuntu on a computer that has no monitor (but has a CD Drive). I only have a laptop. How do I go about installing ubuntu server on it remotely to make it a webserver? can someone link me to a guide?
<draco2002> Any know a file replication/syncing system that can handle 4million files? rysnc just can't cut it. Been looking around at distributed filesystems and things like that but nothing has jumped out as a viable solution.
<lukehasnoname> eclipse_mint: I think you need a monitor to at least install the OS. draco2002: I have no idea.
<draco2002> lukehasnoname: thanks
<melter> i have a hard drive with no partitions; when i add 1 partition, the rest of the free space is labeled as "unusable"; does anyone know why?
<mthode> can anyone teach me what a line means in a zone fine?
<zul> mathiaz: did you have any problems uploading openldap2.3?
<mathiaz> zul: nope - it was accepted
<zul> mathiaz: cool
<nealmcb> a media streaming organization I work with is currently using serverbeach for hosting a debian server.  they don't (yet?) seem to offer ubuntu.  what other similar (i.e. inexpensive, high-bandwidth) hosting organizations are supporting hardy?
<mathiaz> zul: re bug 240353 - why did you set it to incomplete ?
<ScottK> nealmcb: You want a dedicated box?
<nealmcb> yeah
<ScottK> softlayer.com was recommended to me by someone I trust.  I leased a server there a few weeks ago.  So far really good.
<ScottK> Urgh.  Where 'few' == 1.
<zul> mathiaz: must have hit something when I was writing it
<nealmcb> ScottK: thanks - looks like they have a lot of nice features, and not too much more cost.
<ScottK> nealmcb: And you've got complete root access to the box.  Just make sure you understand their customizations before you fire up your standard firewall script.  They also enable root by default.
<lukehasnoname> props ScottK for the luke
<lukehasnoname> ACK
<lukehasnoname> softlayer link
<Flare183> Can I run Ubuntu Server on a old computer?
<lukehasnoname> how old
<Flare183> umm, it has Windows 98 on it now.
<lukehasnoname> The server probably couldn't take a heavy load
<lukehasnoname> but for simple stuff, it could be a useful box.
<Flare183> ok
<kirkland> zul: ping
<kirkland> zul: regarding Bug #203169
<zul> yep
<zul> gimme a sec
<kirkland> zul: i don't think that bug should be marked fixed
<kirkland> zul: oh, wait, maybe i misunderstood your comment....
<kirkland> zul: are you giving the green light to go off and fix the other initscripts now, to use the function?
<zul> kirkland: debian accepted your patch for apache at least
<zul> kirkland: no green light here :)
<kirkland> zul: ah, gotcha, so you marked just the apache2 one "fix released"
<kirkland> zul: i see now
<kirkland> zul: okay, perhaps Onno can update his patches and make another push, now that we have our function in the lsb-functions file sourced
<kirkland> zul: thanks.
<zul> kirkland: no problem
<kirkland> zul: ta
<zul> mathiaz: any update on the sni stuff?
<nealmcb> Re: my serverbeach question: they just responded that "We are not currently offering Unbuntu, we should be offering this by end of year unless our road map is changed."  Hopefully their techs can spell better than their account managers :)
<cxo> Whats wrong with VIM?
<cxo> it gives me an error when i try to turn on syntax highlighting
<cxo> its like broken or something....
<nealmcb> cxo: you'll have to provide a lot more info there - version, release, and exactly what errors you're seeing
<Deeps> do you have vim-full installed, or vim-tiny?
<nealmcb> Deeps: good point....
<mathiaz> zul: last time I looked into that, the sni patch wasn't good
<crackintosh> Is there a list of companies that provide ubuntu server hosting? I could do debian, but my office machines are ubuntu and I would like to keep the same linux vendor
<cxo> looks like i dont even have vim installed, i got something called vim-tiny
<Deeps> vim-tiny is precisely that, tiny
<cxo> nealmcb, fixed it, by installing vim, instead of vim-tiny
<mathiaz> zul: there was issues with the code that may have been fixed in 2.4 but not backported to 2.2
<nealmcb> cxo: great
<zul> mathiaz: coolio
<nealmcb> cxo: and note that there has been discussion of shipping with a fuller version of vim in future ubuntu server releases - I forget the outcome
<cxo> whats the effective footprint?
<nealmcb> not sure
<cxo> i know people like the server install to be minimal...
<LMJ> hello the chan
<cxo> Is there a yum groupinstall "Development Tools" for ubuntu?
<lukehasnoname> Someone asked that a few days ago, this should be in a FAQ perhaps
<lukehasnoname> I can't answer that
<cxo> its a very typical thing a dev from the redhat/fedora world looks for
<jussi01> cxo: what do you mean by development tools?
<jussi01> !info build-essential
<cxo> some basics, gcc, m4, lex, yacc, make, autoconf, automake etc...
<ubottu> build-essential (source: build-essential): informational list of build-essential packages. In component main, is optional. Version 11.3ubuntu1 (hardy), package size 6 kB, installed size 48 kB
<jussi01> cxo: the package build-essential is what you are after methinks
<jussi01> most of the basics for compiling etc are in there
<cxo> yeah, i'm installing it now
<jussi01> :)
<cxo> i wonder if yum can be used in conjunction with .deb stuff
<lukehasnoname> It's recommended to stick with Ubuntu's packages
<lukehasnoname> when possible
<cxo> well yeah, just the interface i meant
<lukehasnoname> hm
<a13x> i have via vt6421 fake raid card.  after running dmraid -ay (https://help.ubuntu.com/community/FakeRaidHowto) i cant boot, "mount: Mounting /dev/sda1 on /root failed: Device or resource busy"
<a13x> anybody have any idea whats wrong?
<cxo> Is fake raid the same as software raid?
<a13x> no, there is a fake raid card
<cxo> oh i just read that link
<cxo> kinda weird how its called "fake"
<cxo> the hardware does the striping, so it shouldnt be called fake
<a13x> fake because drivers in the kernel are doing the work
<a13x> anybody have any idea what is wrong with my system?
<a13x> oh, interesting, i have new devices, /dev/via_bdhgjaabba1, ...
<cxo> cat /proc/partitions
<a13x> sda, sda1, ... sdb, sdb1,..., dm-1, dm-2
<a13x> dm-0
<a13x> now how do i boot from (initramfs) prompt from /dev/via...?
<cxo> could you explain your partition/boot setup?
<a13x> one raid card
<a13x> 2 sata hard drives
<a13x> everything installed on sda1 (/) sda5 (swap)
<a13x> boot record on sda
<a13x> initramfs is booting from sda1
<a13x> but it is busy (i am guessing due to fakeraid)
<a13x> after running dmraid
<cxo> do you need to init the raid before you mount the rootfs?
<cxo> you could just juggle around the stuff in your initrd
<a13x> rootfs on sda1 can't be mounted because it says its busy
<cxo> extract the initrd and play around with it
<a13x> ok, right now i am at (initramfs) boot screen
<cxo> initramfs boot screen? whats that?
<a13x> sorry, boot prompt
<cxo> grub boot prompt?
<a13x> boot loader start booting, then it says it can't boot because it cant mount  sda1
<a13x> and (initramfs) prompt came up
<a13x> now,
<cxo> oh thats just /bin/sh i think
<a13x> i mounted new (fakeraid?) /dev/via_b...a1
<a13x> and it has my file sistem
<a13x> system
<cxo> i thought sda1 has your rootfs?
<a13x> yes
<a13x> but it is now BUSY
<a13x> my guess is by fakeraid driver
<a13x> how do i boot into the sys from the new device
<a13x> (my guess) it has the same file system on it
<cxo> sorry, i think i
<cxo> i'm confused, you have 2 rootfs?
<cxo> one on sda1 and one on the fakeraid?
<a13x> fakeraid created a new device
<a13x> virtual device
<cxo> yes
<a13x> which (my guess) is the actual thing that i need to use (za raid)
<cxo> how big is sda1?
<a13x> sda1 is busy (obviously, because it is mounted with sdb1 to fakeraid into the new device via_...a1)
<a13x> why does it matter, 100 gbs
<a13x> now, i have already mounted via_...a1
<cxo> oh... sda1 and sdb1 make up your fake raid?
<a13x> and i can see my filessystem
<a13x> that is my guess, correct
<cxo> duh that makes sense
<a13x> the question is how do i resume the booting but now from the new device?
<cxo> you have to tell the "init" script in the initrd not to mount /dev/sda1 as rootfs but /dev/via-blahblah/fakeraid
<cxo> chroot into it
<cxo> and init 3
<cxo> a13x, mount /dev/fakeraid /sysimage ; chroot /sysimage ; init 3
<a13x> mounted it into /root, running chroot /root
<a13x> the system is frozen
<a13x> let me retry
<darthmarth37|Wk> Is there a guide on how to create a local mirror without using apt-mirror?
<cxo> dont use /root it may not like that, try another folder name </guess>
<lukehasnoname> darthmarth37|Wk: Why not use apt-mirror? Just curious
<darthmarth37|Wk> The server runs rhel.
<lukehasnoname> touchÃ©
<a13x> cxo: chroot gets frozen
<lukehasnoname> apt-mirror is open source. You could compile it and it would run correctly, I believe. Pure speculation
<cxo> a13x, better still, fix the problem
<cxo> a13x, mount your rootfs somewhere, extract the initrd and fix the init script
<a13x> i see, good idea
<a13x> is there any good walkthrough anywhere on how to do that?
<darthmarth37|Wk> To make matters more interesting, I would ideally like to only mirror one architecture, although judging by archive.ubuntu.com's directory layout it looks like it's difficult to do.
<darthmarth37|Wk> It's worth a shot to try it locally, I guess.
<cxo> a13x, the initrd.img is basically a bzipped or gzipped cpio archive, so first copy it to initrd.img.bz2 and bunzip it, then use cpio to extract it, inside you will file a script called "init" there you will remove the attempt to mount sda1 with your fakeroot
<darthmarth37|Wk> Now that I think about it, using apt-mirror at all would probably be a bad idea since I'm trying to mirror it using cobbler.
<a13x> i am guessing i will have to copy sda1 into sdb1 after updating it
<a13x> (raid 1)
<cxo> ? that doesnt make sense
<a13x> sdb1 is supposed to be a copy of sda1, right?
<cxo> yes, but not like you think
<a13x> what do you mean?
<cxo> you write the filesystem on top of the dmraid, not directly to disk
<sayotte> actually
<sayotte> how do you attach a second disk to an md mirror that was created with one disk "missing" ?
<a13x> i can't do much in the (initramfs) prompt
<cxo> sayotte, there is an example in the man page
<sayotte> for mdadm?
<a13x> cxo, i have to start from live cd, where fakeraid is not available
<a13x> but maybe i can make it available temporarily
<cxo> dont try and access the disk independently
<cxo> sayotte, mdadd or hotadd or something like that...
<cxo> a13x, can you show me the exact command you use to mount your fakeraid device ?
<a13x> i installed the system from scratch
<a13x> installed dmraid
<a13x> sudo dmraid -ay
<a13x> reboot
<a13x> crash into (initramfs)
<cxo> yeah i could have guessed
<cxo> fakeraid isnt built into the ubuntu kernel?
<a13x> i have no idea, this is my first time dealing with raid at all
<cxo> oh
<cxo> in this shell init dropped you into, how do you access your drives?
<a13x> well, i tried mounting /dev/sda1
<a13x> it said it was busy
<a13x> then i realized that maybe the raid is working, so i ls /dev/mapper
<cxo> cat /proc/mdstat
<a13x> and there was via_..a, via_..a1, via_..a5
<cxo> pastebin the output, or if its not more than 3 or 4 lines, throw it into irc
<a13x> i already booted into livecd
<cxo> oh, i wonder if the livecd kernel has support for fakeraid
<a13x> i just ran dmraid
<a13x> worked fine (i had to apt-get it)
<cxo> nevertheless, try the cat command i gave you
<a13x> no such file
<a13x> mapper doesn't have the devices
<cxo> then the kernel on the livecd doesnt have support
<cxo> try and use the primitive shell that initrd gives you
<cxo> i will try and walk you through it
<a13x> actually, the same happened with the installed system, that is why i rebooted
<a13x> rebooting...
<cxo> so you installed your system onto /dev/sda1? and you tried to mirror it with sdb1 after installing the fakeraid driver?
<a13x> there is no /proc/mdstat file at (initramfs) prompt
<cxo> lsmod | grep md
<a13x> actually, i did multiple installs & tries, (and i didn't mirror it the last time i reinstalled, which i should have, but it takes forever)
<a13x> no lsmod either
<a13x> there are two things i can do: 1. first mirror, then fix init; 2. fix init, see if this works, mirror
<cxo> are you following the guide you posted?
<a13x> not really, because it is for separate raid
<a13x> i have the system installed on the drives that i am trying to set up raid for
<jdstrand> zul, mathiaz: wasn't there a samba bug about it only listing some folders/files in a directory?
<jdstrand> (hardy)
<cxo> you cannot do that
<cxo> you cannot install stuff to a drive, then suddenly create a raid1 with it
<a13x> really?
<cxo> the guide you posted is pretty correct
<cxo> follow it verbatim
<a13x> the guide doesn't work because after i run dmraid it doesn't create device in mapper
<cxo> which part of the guide
<a13x> i am trying to install ubuntu server
<a13x> the first step is off base
<zul> jdstrand: yep its fixed in hardy-updates now I think
<a13x> cxo: however, i could do it in text mode i guess
<jdstrand> zul: do you happen to remember the low end of that number. eg, it would show 100, but not 150?
<a13x> but i think i will hit the same problem
<zul> gimme a sec
<zul> 200 I think
<jdstrand> zul: ok thanks
<jdstrand> zul: I am adding some checks to test-samba.py and want to make sure I am up high enough :)
<cxo> the guide makes you install a very basic system onto a small partition on your system, it then makes you setup the fakeraid, and then gets you to copy your minimal system onto it, which you can then boot into and continue
<a13x> cxo: how do i install ubuntu server on a fakeraid
<a13x> there is no apt-get to get dmraid
<a13x> no dmraid
<a13x> (in installation console)
<cxo> the kernel that the installer uses my support fakeraid for you to install directly to it
<cxo> i'm not really a ubuntu user so i'm not sure of the details, on fedora its rather trivial
<a13x> i don't think so
<cxo> s/my/must
<cxo> the fedora installer (anaconda) allows you to setup raid during install, and i'm sure the ubuntu installer allows the same, but whether it support fakeraid in particular i'm not sure
<a13x> dmraid command is not availabe in the installer
<cxo> but like the guide says, it is better to use regular software raid if you are not using a dual boot
<a13x> ubuntu server installer
<a13x> with regular raid, i read, you need to type commands to replace a hard drive
<a13x> i would like to make it work on its own
<a13x> s/regular/linux
<cxo> i doubt the fakeraid will allow that
<cxo> unless there is some acpi event being sent from the bus
<a13x> i suspected that, however, i will try it out
<a13x> the fakeraid card is supposedly ran by its driver
<a13x> so, it is very possible
<cxo> i wouldnt waste my time with the fakeraid
<cxo> linux raid is so much easier to setup and use, and will give you the same performance
<cxo> and perhaps better reliability
<a13x> i scoff at linux raid
<a13x> and software raid in general
<cxo> i actually think linux raid is better than hw raid
<a13x> what if something goes wrong?
<cxo> in what sense?
<a13x> a bug?
<cxo> its been around for a decade
<cxo> its a standard, unlike hw raid, which has no standard
<a13x> i don't know, it feels kind of unsafe
<cxo> i'd trust linux soft raid over a hw raid controller any day, because i can replace the kernel, but replacing the raid card is not that easy
<Brazen> linux raid is problem the most stable, high-quality raid there is.
<cxo> s/problem/probably
<Brazen> *probably
<Brazen> yes, thanks
<a13x> if i swap out a drive i will have to type commands
<cxo> a13x, if you are using hw raid, what do you do if the raid controller dies one day?
<a13x> replace?
<cxo> you will need the exact same model and bios
<cxo> do you think you will be able to find it?
<a13x> i am newbe to raid, but if i understand this correctly, i can use any other card (in case of raid 1)
<a13x> mirroring
<cxo> raid1 might be the special case, but i'm not 100% sure about that
<cxo> actually i dont think it is, because the raid meta header might be different across controllers
<a13x> there is no stripping, so there is only one way to do it
<mstrobert> Does Ubuntu Server use the same repository as Ubuntu (Desktop)? If I manually debootstrap and install only packages from the main Ubuntu repository that are also used by Ubuntu Server, will those packages receive security updates for the 5 years of the LTS Server support life?
<mathiaz> mstrobert: yest
<mstrobert> mathiaz: Great, thanks.
<Brazen> mstrobert: just make sure you also get the server kernel, instead of the desktop kernel.
<mstrobert> Brazen: Yes, thank you. Though in this case it will be a vserver guest, and thus share the host's kernel which will be updated separately.
<a13x> according to this guide: https://help.ubuntu.com/community/FakeRaidHowto ; i should be able to access /dev/mapper/via_* after running dmraid -ay
<a13x> that is not the case
<a13x> does anyone have ideas how to make it work?
<a13x> how do i use cpio with initrd.img?
<zul> jdstrand: coolio
#ubuntu-server 2008-06-17
<macGerhard> hey guys, I'm running 8.04 on a server, fresh install, I can't sudo or su, it just stalls any ideas?
<macGerhard> anyone?
<teamcobra> is anyone here well-versed in the ways of imap maildir structure?
<teamcobra> mac: url of the issue? (sorry, missed your question)
<macGerhard> teamcobra: do you mean me?
<teamcobra> yes
<macGerhard> oh, ok :). I have a clean 8.04 install on a server, sudo nor su will work
<macGerhard> did something change in 8.04?
<teamcobra> woah...
<macGerhard> I remember it working in the previous versions...
<teamcobra> no, sudo should work... only for the first user you create
<teamcobra> the others won't be in the sudoers list
<macGerhard> yep, well I am the only user on the machine
<macGerhard> created at install
<teamcobra> su won't work until you assign a root passwd w/ sudo passwd (not recommended)
<teamcobra> hrmmmm.....
<macGerhard> could it be because of the hostname?
<teamcobra> kind of a pickle, because you need to be root to edit /etc/sudoers ;p
<macGerhard> yeah, pretty much
<teamcobra> possibly, but that really shouldn't be happening
<macGerhard> I can't even cat it or something
<macGerhard> reboot?
<teamcobra> yeh, looks almost like a reinstall :/
<macGerhard> crap, root as well
<macGerhard> hmmm, ok, something must have gotten screwed then
<macGerhard> cheers anyways :)
<teamcobra> yea, check the install media too
<macGerhard> teamcobra: that's an iso
<macGerhard> a server-only image
<macGerhard> will double-check
<Wicky656> nagios or zabbix? which is the bigger pain in the rear to deal with?
<mindframe> can someone help me with cryptsetup... i created two keys for this device, one using a passphrase and one using a keyfile.  i want to delete the passphrase key slot 0.  when i run 'cryptsetup luksDelKey /dev/sda1 0' it asks me to 'Enter any remaining LUKS passphrase:'    what passphrase should i enter here?
<erichammond> mindframe: Is slot 0 your passphrase or the keyfile?
<erichammond> mindframe: reading closer, looks like you're saying it's your passphrase.
<mindframe> erichammond, i used luksformat to create it with a passphrase so i assume 0 is the passphrase
<erichammond> mindframe: Try using this option: cryptsetup luksDelKey --key-file KEYFILE ...
<mindframe> erichammond, i used the same passphrase when i added the key... so could that cause problem?
<mindframe> erichammond, where is the keyfile located for the passphrase?
<mindframe> i assume there isnt one
<mindframe> *added the keyfile
<mindframe> i wish luksformat would let me specify a keyfile instead of passphrase
<erichammond> mindframe: I hate to hear "assume" when dealing with encrypted data :)  Try using luksDump to see if it gives you info.
<mindframe> it shows two enabled keys
<mindframe> 0 and 1
<mindframe> slot 1 shows Key material offset:	264
<mindframe> so i think thats the keyfile
<mindframe> ok im going to start over
<erichammond> mindframe: According to the cryptsetup manpage it does support a key file in luksFormat, just using a different calling method
<mindframe> yeah i just saw that
<mindframe> heh
<mindframe> thanks
<erichammond> mindframe: When you want to remove a slot, you need to authenticate with a *different* slot so that it knows you will still have access to the encrypted data.
<mindframe> thats what i thought... so i thought it wanted the passphrase i used when creating that keyfile
<mindframe> but it said there were no remaining keys that would use that passphrase
<erichammond> mindframe: ï»¿cryptsetup luksDelKey --key-file YOURKEYFILEFROMSLOT1 /dev/sda1 0
<mindframe> but i want to delete 0 and keep 1
<mindframe> hrmm next problem, i dont see a way to specify FS type with cryptsetup luksFormat
<erichammond> mindframe: RIght, You're deleting 0 and telling it you'll still have access with keyfile from 1.  Worth trying if you're going to throw it away anyway.
<mindframe> ah okay
<erichammond> You can use a different command: luksformat -t FSTYPE /dev/...
<mindframe> how do i specify keyfile with that one?
<mindframe> --key-file still?
<erichammond> mindframe: dunno
<a13x> anybody know which package jarsigner is part of?
<docta_v> i'm trying to build an i386 package on a amd64 system
<docta_v> i use dpkg-buildpackage -ai386 but it still builds a 64 bit package
<docta_v> any tricks i'm missing here?
<erichammond> a13x: In Ubuntu 8.04 Hardy, jarsigner appears to be part of openjdk-6-jdk
<erichammond> a13x: Here's how I found it: sudo apt-get install -y apt-file; sudo apt-file update; apt-file search jarsigner
<erichammond> a13x: jarsigner is also in sun-java5-jdk and sun-java6-jdk
<a13x> thanks a lot, forgot to restart shell after installation
<chmac> Anyone know which package vim PHP syntax highlighting is contained in?
<leonel> do you have    syntax on ??
<chmac> leonel: That was indeed the fix :)
<chmac> leonel: Thanks
<leonel> chmac: set that  in /etc/vim/vimrc
<chmac> leonel: I added it to ~/.vimrc which also works
<chmac> leonel: It seems like a sensible default, but whatever, it's on now :)
<a13x> cxo, (if you are still there) i think i set up the raid that i was talking
<a13x> *about
<a13x> however, when i disconnect one of the drives it freezes kernel until i reconnect and there is some file system corruption
<a13x> is fakeraid hot-swappable?
<Twigathy> I have a strange problem.
<Twigathy> 2 ethernet interfaces, eth0 and eth2. Both DHCP. One internet facing, one facing a private chunk of LAN (Not internet facing). Bringing up both eth0 and eth2 results in 2 "default" linus in the 'route' command, and connectivity is...weird at best. Anyone got clues as to how to fix this?
<Twigathy> My current fix is "route del default" and hope it whacks the right one
<a13x> is there a dhcp server on the LAN?
<Twigathy> There's DHCP on both sides
<Twigathy> I suspect what is happening is both dhcp servers give the thing a default gateway and it gets confused...
<a13x> set static ip on lan side
<a13x> you will also have to set the lan dhcp server to give out that static ip as the gateway
<a13x> and you will also have to set ipv6_forward to 1
<Twigathy> Any way to make that persist across reboots? (The ipv6 forward stuff)
<a13x> and i if am not wrong you will have to set up nat rules in ip tables
<Twigathy> yuck :<
<a13x> only 3 rules
<a13x> very simple
<a13x> although, one ftp mode will not work
<Twigathy> I've not got an ftpd running
<a13x> commercial routers mangle with ftp traffic
<a13x> i am not sure if those rules will take care of ftp
<Twigathy> hmm, I wonder if it'd be easier to give the LAN a net connection.
<a13x> its not that bad, i've done it
<Twigathy> Then I could have a default gateway on both interfaces, but it might get even more confused!
<a13x> plus, if you install squid transparent proxy you can do all kinds of fun things
<Twigathy> Upsidedownternet? ;)
<a13x> maybe
<Twigathy> well, cheers - I will try fiddling with a static IP :)
<meoblast001> hi
<meoblast001> im in some serious need of help
<meoblast001> my IRC server wont allow clients to connect
<meoblast001> im using IRCd-Hybrid
<meoblast001> heres my configureation file
<meoblast001> http://pastebin.com/dbe551e5
<meoblast001> im desperate for help
<kraut> moin
<exot> hello all, any idea to make a copy of my ubuntu server Hardy, as a backup, I mean a full copy of the file system and it's packages and configs
<ivoks> dd
<ivoks> dd into an image
<exot> hmm ?
<ivoks> dd if=/dev/yourpartition of=/mnt/other_disk/backup.iso
<exot> is it restore-able  easily ?
<ivoks> dd if=/mnt/other_disk/backup.iso of=/dev/yourpartition
<ivoks> :D
<exot> haha
<ivoks> this probably isn't what you are looking for
<CrummyGummy> exot: What Raid are you using?
<exot> no raid
<CrummyGummy> Never mind then...
<exot> okay great .. but is it possible to copy the partition while the server is up ?
<ivoks> why noy? you are reading it... i've never tried, tough...
<CrummyGummy> It will slow things horribly.
<CrummyGummy> exot: Are you using LVM?
<exot> no I don't use LVM
<ivoks> you should :D
<exot> yeah .. it's late now :)
<ivoks> fwiw, i never do bit-for-bit copies of data
<ivoks> i always do logic backup; list of installed packages, dumps of databases and ldifs and configuration
<exot> hmm.. I started to be worry
<CrummyGummy> that would make things easy. Just make a snapshot. raid 1 also makes things eay. Just replace the hdd every now and again.
<ivoks> argghhhh dbmail is crap
<captbaritone> is it possible to use the zip utility to create a zip file where the paths inside the zip file are different than what they were in the file system?
<captbaritone> For example zip a deep list of files to a flat structure in the zip file?
<exot> CrummyGummy, ivoks when restoring the image, is it possible to restore while the another machine is up ?
<exot> I mean the destination machine
<ivoks> you would restore it from live cd
<ivoks> cause image would contain partition table, and everything
<exot> yeah .. I see
<exot> hmm .. another question please
<ivoks> so, you have to restore on to exactly the same hard disk
<exot> is it possible to use dd for incremental backup ?
<ivoks> no
<ivoks> dd isn't a backup tool
<exot> yes I know
<ivoks> it was a smart-ass suggestion :D
<exot> just a stupid question ;)
<exot> lol
<exot> so .. any suggestions ?
<ivoks> you want bare metal restore?
<exot> I'm sorry, I don't understand ,, what bare metal ?
<CrummyGummy> run backuppc.
<ivoks> bare metal restore means - my server died and i have blank hard disks, i'll just plug the power cord, put this CD in it and wait untill everything restore
<CrummyGummy> on a seperate server. It
<ivoks> if you want that, check out mondo
<exot> yeah yeah
<exot> thaaaaaanks!
<ivoks> backuppc is normal backup
<ivoks> exot: i don't think mondo support incremental backup
<exot> ops!
<ivoks> there's always bacula
<exot> ahm .. googling
<ivoks> full enterprise solution, has incremental backup, supports bare metal restora
<ivoks> restore
<ivoks> but... it's very hard to setup :)
<exot> damit .. nothing in free!
<ivoks> bacula is free
<exot> free in efforts
<ivoks> eh... no pain no gain
<exot> hehe
<ivoks> you can't have flexibile solution without interaction
<exot> okay
<exot> then I have dd of full image backup
<exot> and then I will run bacula
<exot> I don't have time!
<ivoks> pay someone to do it
<exot> yeah ... thanks for the advice
<blackdiamond> hi there, i write from Italy. I've create on my ubuntu a little ftp where anonymous can download files.  I try to test it but my friends say that it doesn't work.. is there someone that can help me to test it?
<blackdiamond> i use vsftpd
<blackdiamond> noone?
<blackdiamond> ??
<ivoks> it doesn't work?
<ivoks> more details?
<blackdiamond> yeh, friends say that they can't view any files..
<blackdiamond> this is my ip and ftp is active now..
<blackdiamond> 151.59.83.74
<blackdiamond> i've got a file pdf for test..do you see?
<ivoks> i can't even connect to it
<ivoks> where did you put that file on your filesystem?
<ivoks> how to fix dbmail memory leak:
<blackdiamond> i put on the directory create with vsftpd that is located uder the home
<ivoks> */10 ** * *root/etc/init.d/dbmail-imapd stop ; sleep 1 ; killall -9 dbmail-imapd ;sleep 1 ; /etc/init.d/dbmail-imapd start
<ivoks> blackdiamond: could you just paste that path, i didn't understand you quite well...
<blackdiamond> in the filesystem i got /home/ftp (was created by default installing vsftpd)
<ivoks> right
<blackdiamond> ok
<ivoks> now i see it...
<blackdiamond> what do you see? i0ve got two files
<ivoks> i don't see files, but it did connect
<blackdiamond> yeh, same of my friends, but as you they see nothing..but i don't know where is the problem
<ivoks> it should work
<blackdiamond> in vsftpd.conf i put anonymous , and only download parameter
<ivoks> do 'sudo touch /home/ftp/test'
<blackdiamond> wait
<blackdiamond> ok..it give me nothing
<ivoks> tail -f /var/log/vsftpd.log
<ivoks> and check if anyone is connecting
<blackdiamond> from root?
<ivoks> as root, yes
<blackdiamond> sprry for the stupid question
<blackdiamond> ok
<blackdiamond> tail: cannot open `/var/log/vsftpd.log' for reading: No such file or directory
<blackdiamond> tail: no files remaining
<ivoks> so, you don't have vsftpd?
<blackdiamond> yeh i have it
<ivoks> then there should be that file
<blackdiamond> maybe i have to create that log file configuring some parameters on vsftpd.conf?
<ivoks> installation of package creates it
<ivoks> which ubuntu you have?
<blackdiamond> i have installed it on intrepid testing
<ivoks> ...
<ivoks> intrepid is work in progress
<blackdiamond> so think that is this the problem?
<ivoks> you shouldn't use it if you aren'y very familliar with linux
<ivoks> aren't even
<blackdiamond> personally i test also hardy from the beginning..
<blackdiamond> so i'll try to install it on my hardy..
<ivoks> if you think it's a bug in intrepid, do report it
<ivoks> i still don't have intrepid, so i can't test it
<blackdiamond> and.. do you think it is?
<blackdiamond> now i'll take a look at the launchpad..
<ivoks> i don't know; i can't test it... report it and someone will take a look at it
<blackdiamond> yeh.. now i find out that there are no bug report yet for this package.. thanks you very much man!!! really thanks
<ivoks> but i'm quite sure that it isn't a bug...
<ivoks> someone would notice such huge bug in debian
<blackdiamond> if you want i cant post my vsftpd.conf if you want to see what i get..
<blackdiamond> if not don't worry man
<ivoks> you can, on pastebin.ubuntu.com
<ivoks> not here
<blackdiamond> that's it http://pastebin.ubuntu.com/20826/
<ivoks> i guess you noticed that file is... strange
<ivoks> it starts with:
<ivoks> # has an effect if the above global write enable is activated.
<ivoks> you are missing 35 lines from the begining of the file
<ivoks> and download_enable doesn't exist on hardy
<blackdiamond> download_enable and anon_max_rate=0 i find that values using a guide..
<blackdiamond> mmm.. i think that i have to read more about that...
<blackdiamond> now it must be complete, sorry man http://pastebin.ubuntu.com/20829/
<ivoks> ok... so loging is enabled
<ivoks> and there should be a log
<blackdiamond> so?
<ivoks> ls -dl /var/log/vsftp*
<ivoks> this results with nothing?
<blackdiamond> do you mean /var/log/vsftpd?
<blackdiamond> it say me "no such file or directory"
<ivoks> sudo apt-get --reinstall install vsftpd
<blackdiamond> ok done
<ivoks> now check if file is there
<blackdiamond> no
<blackdiamond> :-(
<ivoks> report a bug
<blackdiamond> so the bug reporting is that "there is no /var/log/vsftpd.log by default?
<blackdiamond> after installing it..
<ivoks> no
<blackdiamond> opsss
<ivoks> bug is 'vsftpd doesn't work'
<blackdiamond> ah oh yes
<blackdiamond> but the think that is strange is that there is the log file right?
<blackdiamond> i mean that
<blackdiamond> there isnt' the log file sorry for my englis language
<ivoks> i'm not convinced
<ivoks> the same package is in hardy
<ivoks> hardy and intrepid have the same packages
<blackdiamond> yeh
<ivoks> how about leaving the default file?
<ivoks> the default configuration file is configured for anonymous read-only
<blackdiamond> i chose that configuration to let me people download linux pakages and so on without uploading any files
<ivoks> that's the default configuration
<blackdiamond> so i should be work
<ivoks> if you don't touch it, yes
<blackdiamond> yeh
<ivoks> so, for start, purge vsftpd
<ivoks> apt-get --purge remove vsftpd
<blackdiamond> yeh think to do the same
<blackdiamond> man, thank you very much for your patience
<blackdiamond> really geltle
<blackdiamond> gentle
<blackdiamond> if you are here next days i'll let you know something if you want, now i'll go out to do some stuffs..
<blackdiamond> thank you very much!
<ivoks> np
<blackdiamond> bye
<sommer_> morning all
<Nafallo> morning sommer_
<zul> hi sommer_
<zul> Koon: ping
<Koon> zul: pong
<zul> Koon: need a sponsor to upload your dnsmasq fix?
<Koon> zul: for bug 235868 ?
<zul> yep
<zul> er...239404
<Koon> zul: ah, the merge one. Yes, but mathiaz hs already looked at it
<zul> what about 235868
<Koon> for that one I sshould have an SRU ack first, I suppose
<zul> I just upload it and wait for an accepted
<Koon> the patch is a no-brainer anyway, just fixing soren's typo :)
<zul> yep Ill upload it for you
<zul> done
<lukehasnoname_> !packaging
<ubottu> The packaging guide is at http://wiki.ubuntu.com/PackagingGuide - See https://wiki.ubuntu.com/UbuntuDevelopment/NewPackages for information on getting a package integrated into Ubuntu - Other developer resources are at https://wiki.ubuntu.com/UbuntuDevelopment - See also !backports
<exot> hello, I have installed DNS server and configured zones correctly, but the server doesn't resolve internet domains. only mine, any ideas ?
<sommer_> exot: did you setup a forward to an outside dns server?  usually your ISPs
<exot> sommer_, I set the forwarders is my local router address
<sommer_> exot: and your local router can forward?  most can... did you change /etc/resolv.conf?
<exot> yes it can
<exot> if I set the dhcp.conf to give only ther router, it can resolve
<sommer_> any errors in /var/log/syslog from named?
<exot> no
<sommer_> you might try setting the forwarder to you ISPs DNS and see if that helps
<exot> hmm .. okay
<exot> I will try
<exot> sommer_, it does .. but very very slow
<exot> is there any idea if we can make to DNS servers, my local and the router ?
<exot> two*
<sommer_> exot: you mean in your dhcp?  if so then yes you can
<exot> sommer_, yes
<exot> I added them both
<exot> but if I set the router's first,  the browser forwards to google search, if I set the loca dns, it's very slow
<sommer_> exot: you might try upping the logging, there are some details here: https://help.ubuntu.com/8.04/serverguide/C/dns.html
<sommer_> that's strange that its slower than the router
<exot> hmm .. yes, it's very quick if the router is the only dns server
<mathiaz> Koon: re bug 206763 - ubuntu-vm-builder is maintained in a bzr branch
<mathiaz> Koon: so I'd suggest that you branch ubuntu-vm-builder, make your modification and submit your branch for merging with a reference to the bug
<Koon> mathiaz: ok, I already maintain my changes in a branch, I just have to figure out how to "submit my branch for merging"
<mathiaz> Koon: well - in the bug view, there is a link on the left that says - link to a branch
<mathiaz> Koon: or something like that
<mathiaz> Koon: you can use that instead of attaching a patch
<mathiaz> Koon: as for proposing your branch, you first need to push your branch to LP
<Koon> mathiaz: that was the missing step ;)
<mathiaz> Koon: once there, when you select your branch in your code view, there is a link that says Propose for merging
<mathiaz> Koon: ask nijaba about it - he's been doing that a lot lately :)
<nijaba> mathiaz: I love gaining karma in LP ;)
<darthmarth37|Wk> Any thoughts on how to go about mirroring an APT repository without using apt-mirror?
<lukehasnoname_> Compile apt-mirror on RHEL and use apt-mirror
<lukehasnoname_> >_>
<cxo> Can a transparent mirror be created?
<cxo> like you throw in a rule/script to catch any request for a mirror index file (not sure what its called in ubuntu, its file.xml or something on fedora) and then dnat traffic for that host to your server untill the connection drops or something
<darthmarth37|Wk> I'm just not sure how well cobbler will work with apt-mirror.
<zul> mathiaz: so just to bug you the idea behind the ppa would be here is an unoffical fix for you bug can you add the server team ppa to try it out
<mathiaz> zul: wouldn't you use your ppa for that ?
<zul> mathiaz: true but if it comes from the server team it would probably be percieved as more official then me
<mathiaz> zul: well - there won't be an official review or something like that
<zul> kernel team does it now I believe as well
<Brazen> So, any thoughts on using dpkg-reconfigure as a management backend, rather than Augeas?
<zul> mathiaz: of course
<mathiaz> zul: I'm not sure that having ubuntu-server in the URL would help
<mathiaz> zul: for the kernel team, they only have a small set of packages
<Brazen> I think nealmcb did have a good point in that contributing to something that is cross-distro would be better
<mathiaz> zul: it may fit in their workflow - we could ask them why and how they're using their ppa
<zul> mathiaz: sure Ill ask
<ScottK> zul: I think not being perceived as official is a feature, not a bug.
<mathiaz> zul: but I'm not convinced of the value of having yet another location to look for packages
<zul> mathiaz: lemme think about it a bit more
<mathiaz> zul: if you come accross a package that would fit in the new scheme, let me know
<zul> I will oh and that samba and suspending your laptop bug is fixed now
<mathiaz> zul: awesome
<zul> Ill file an SRU for it after I grab some lunch
<mathiaz> zul: would it make sense to do a SRU for hardy for samba and upload 3.0.30 ?
<zul> probably not right now since we are gettng closer to 8.04.1
<nealmcb> Brazen: yeah - I can imagine lots of different aspects to choosing a backend....  a big discussion - would be nice to have someone who has looked a lot at the different options lay out some useful comparisons
<mathiaz> zul: oh I don't think about 8.04.1
<mathiaz> zul: just to get 3.0.30 in hardy at some point
<zul> mathiaz: I do :)
<zul> mathiaz: yeah that would be fine but at some point :)
<zul> but this would be a good case for the ppa then here is a backport that we want users to test before uploading to -proposed
<Brazen> nealmcb: it was really just something that popped into my head.  I typically prefer to edit config files, but sometimes, like if I don't really care to learn the config file :D, then I just use dpkg-reconfigure, which really is already the gui-frontend we've been talking about
<ScottK> On a package specifc basis, yes.
<ScottK> That requires the maintainer to have set up debconf questions.
<ScottK> A lot of packages provide a sane default and then expect you to edit the config file.
<Brazen> true, just wondering if maybe it would be easier to expand on that, than start over
<Brazen> I can see some advantages to the debconf way, too (as there are indeed disadvantages)
<Brazen> such as each packages maintainer being responsible for making sure config file changes are updated in the debconf questions
<ScottK> Setting up debconf is non-trivial.
<ScottK> If you want to require it for all server packages, there will be a lot fewer of them.
<nealmcb> For admin changes that require config changes to multiple packages I can imagine a system that coordinates them and uses dpkg-reconfigure to implement them.  but I have a fertile and sometimes inconsistent imagination :)
<Brazen> Is creating and maintaining a whole nuther application to do this trivial?
<Brazen> I don't think it's a great epiphany or anything, just thought it might something worth mulling over.
<nealmcb> I do like the idea of pushing some of the config stuff back upstream, and wonder if augeas is doing that in any way
<Brazen> Besides, I'm a sysadmin, not a developer, and this is probably more a question of which is going to be easier on the developers.
<ScottK> Personally I like stuff like postconf in postfix.  I'd much rather use that than dpkg-reconfigure.
<nealmcb> well, I think we need a lot of savvy sysadmin input - they are the customers.  it has to work for both developers and admins
<ScottK> I think it packages want to be generally externally configurable, then they ought to provide a good mechanism like that.
<Brazen> Funny you should bring up postfix, that's the only think I can think of that I ever use dpkg-reconfigure for :D
<ScottK> Odd.  I think it has very easy to read and accesible config files.
<Brazen> nealmcb: true, but I try to keep my jihads confined to things that will actually affect me as a sysadmin.  "backend" stuff usually affects the developers more than the sysadmins.
<lamont> Brazen: and people using a mixture of the two methods has been the source of great pain for me
<ScottK> Brazen: ^^^^ postfix maintainer for debian/ubuntu.
<Brazen> ScottK: well, it probably does.  It's just one of those things that dpkg-reconfigure got it working just how I needed, so I never bothered to learn the config files.
<nealmcb> Brazen: true.  So what is your input on the frontend?  Have you tried ebox?
<Brazen> I HATE ebox
<Brazen> I've brought this up before, but it is WAY too heavy.
<ScottK> Because it uses Apache?
<Brazen> yes
<nealmcb> Brazen: is there something you like better?
<Brazen> Webmin.... yes yes I know it has problems too
<ScottK> nealmcb: I think 'needs apache' is a valid complaint.
<Brazen> somebody mentioned, somewhere, that ebox has plans to embed their own webserver
<ScottK> nealmcb: I think it would be useful if they were web server independent so if someone wanted to run it with lighttpd they could.
<cxo> its not like its a big deal grade 10s dish out 1000 line http serves everyday
<Brazen> even on a web server that will have apache anyway, I would prefer my management app to function independent of apache
<cxo> s/serves/servers
<nealmcb> grade 10s?
<Brazen> yeah, grade 10s, what?
<nealmcb> but having a secure, compliant http server is nontrivial
<Brazen> rewrite it in Ruby and use Mongrel :D
<Brazen> ok, here is one thing though: the ebox way may be a good way to do it, IF you could install ebox on one webserver, and then use it to administer hundreds of other servers through some other lightweight management backend.
<sommer_> Brazen: I think that's in the works for a future version... maybe not intrepid, but there was mention of it at fosscamp
<Brazen> that's why I think splitting out a fontend and backed to management is important (ie Augeas).  Although it will need to be network accessible, either built-in, or possible over ssh ( <-- I like over ssh, because it's already there, and secure)
 * lamont has yet to see any web management interface that doesn't make him cry
<ivoks> lamont: java vim applet
<ivoks> or, even better, java console applet :D
<lamont> ivoks: heh
<lamont> ivoks: ssh avoids the java weight
<ivoks> but we are talking about web interfaces, so ssh isn't an option :)
<kees> mathiaz, jdstrand: since 2.6.26 is now the default in intrepid, I'm going to upload the new AppArmor userspace tools.
<mathiaz> kees: \o/
<jdstrand> kees: sounds good
<mathiaz> kees: have you read the paper about smacks ?
<kees> (i.e. AA isn't enabled in the intrepid kernel, so the "breaks the world" userspace tools won't be a problem, but will be ready for testing with new kernels when AA is merged)
<kees> mathiaz: I skimmed it
<kees> mathiaz: did you?
<mathiaz> kees: not in-depth
<cxo> 2.6.26 thats a cool kernel version
<kees> cxo: hehe, yeah -- I was thinking the same thing while I typed that.  :)
<ivoks> 2.6.66 will be even better :)
<zul> ivoks: im waiting for  6.6.66 myself :)
<ivoks_> zul: uff... high hopes :D
<zul> ivoks: heh
<lukehasnoname> Damnit! I missed the server meeting.
<cxo> i doubt we will go passed 2.6.40
<cxo> at least looking at 2.4.x and 2.2.x its not likely
<ivoks_> well, 2.6 doesn't have 'testing' tree
<ivoks_> as 2.3 and 2.5 were
<ScottK> Yes.  The development model is entirely different now.
<ivoks_> has anyone played with adding collation definitions for mysql?
<ivoks_> oh, france vs. italy in 40 minutes...
<ivoks_> tak care everyone :)
<cxo> is the match streamed online?
<ivoks_> cxo: probably
<sommer_> ivoks_: ya, the euros are awesome, heh
<ivoks_> sommer_: who's the best, ha? :D
<sommer_> I've only watched up till friday, recorded the rest, but I like Spain
<ivoks_> sommer_: spain always has a good start and then fails very early, sometimes even end up third in group
<sommer_> croatia v. germany was really good match :)
<ivoks_> nah... i liked our match against poland, cause we had only substitudes playing :)
<sommer_> don't think I've watched that one yet, was it saturday?
<ivoks_> yesterday
<sommer_> ah, ya I should get to that match this week... sigh, so much to do, heh
<ivoks_> i think france and itlay will play for prestige... romania will win against netherland's 'b' team
<lukehasnoname> firefox.com is down
<ivoks_> i didn't even know there's firefox.com
<sommer_> ivoks_: heh, the dutch are pretty dang good too
<sommer_> just saw the ff3 announcment... nice!
<ivoks_> sommer_: yes, they are my favourite, whenever croatia drops out :)
<ivoks_> http://mozilla.com/
<ivoks_> nice :)
 * delcoyote hi
<nxvl> nealmcb: i was just about to send you an email
<nxvl> nealmcb: i have some minutes to chat since i'm having lunch at home
<nxvl> nealmcb: i think you are looking for ebox-ucsa integration, didn't you?
<zul> mathiaz: samba fix uploaded
<jdstrand> zul: is that a -proposed fix?
<zul> jdstrand: yep
<jdstrand> zul: what is the bug number?
<zul> jdstrand: hold on
<zul> jdstrand: #180493, #172541
<jdstrand> zul: I just uploaded samba to -security, and will add notes to those when published
<zul> jdstrand: thanks
<jdstrand> zul: this is for CVE-2008-1105
<zul> gotcha
<zul> mathiaz: ping
<lukehasnoname> zul: ping - send ICMP ECHO_REQUEST packets to network hosts
<lukehasnoname> See "ping --help" for more options
<sommer_> heh
<zul> infinity: sybase support seems to have disapeared in favor of mssql support in hardy any idea why?
<infinity> zul: I didn't do it.  But we'd long ago talked about merging them into one module, once one clearly supported all the features of the other.
<zul> infinity: ah because I think people are complainnig about it now
<infinity> zul: People like to do that. :/
<zul> infinity: oh I know :P
<a13x> question: what is the best timer frequency for a server
<jetsaredim> anyone have any ideas as to why my install would stop at "Storing language"?
<jetsaredim> ok - lemmie try a different question...  anyone have any suggestions on installing ubuntu server on a really, really old system?
<ScottK> jetsaredim: How old?
<lukehasnoname> jetsaredim: Like, Michael Caine old, or John Wayne old, or Martin Van Buren old?
<mathiaz> zul: wazzup ?
<nxvl> soren: ping
<tjaalton> seems that redhat openened the RHN upstream: http://www.redhat.com/spacewalk/
<nxvl> soren: did you know any easy and quick way to emulate a rpm based system?
<nxvl> soren: i just need the rpm tool to check some src.rpm's
<ScottK> nxvl: What are you trying to do with the srcrpms?
<nxvl> ScottK: just want to check how they package a program to use it as base
<nxvl> s/base/example
<ScottK> I'd use alien to turn it into a tar.gz (don't turn it into a .deb) and have a look.
<nxvl> right!
<nxvl> i forgot about alien
 * nxvl mans
 * nxvl HUGS ScottK 
<mathiaz> nijaba: check this out - https://fedorahosted.org/pulp
<nxvl> damn
 * nxvl has just remember why he hates rpms
<nxvl> mathiaz: it sounds very cool
<nxvl> mathiaz: i have dive into it's documentation after UDS since i don't remember who mention it
<nxvl> btw
<nxvl> is there any guide about library packaging for ubuntu?
<nxvl> or just the debian library guide?
<mathiaz> nxvl: the debian library guide is a good starting point
<mathiaz> nxvl: there are also a couple of session about library packaging that were givin during the developer week back in february
<nxvl> mathiaz: that's what i thought
<nxvl> oh right!
<nxvl> i hate to work and study
<nxvl> i don't know where is my mind anymore
<nxvl> it should be the kelly boundy syndrome
<ScottK> nxvl: There's also a recent motu-school session that was very good.
<nxvl> ScottK: yes, there are a lot of session, i just don't know where is mi mind now
<nxvl> ScottK: after UDS i needed to catch up at work and university and i have just finished all the stuff i needed to do yesterday, so i'm kind of out of my mind
 * nxvl HUGS mathiaz and ScottK 
<nxvl> mmm
<nxvl> does it would be a problem to include a lgpl file copyrighted by redhat?
<nxvl> s/file/lib
<ScottK> Not at all.  LGPL is LGPL no matter who copyrighted it.
<nxvl> well i have just go into a NIGHTMARE
<nxvl> it includes a LOT of software from other licenses and copyrights
<nxvl> :S
 * nxvl will suffer
 * ScottK doesn't mind ;-)
<ajmitch> licences are great fun
<nxvl> ajmitch: no, they don't :D
<nxvl> btw
<nxvl> if a package includes some libraries, which are already in other packages is it a good practice to just remove them and include as dependencies?
<ScottK> Yes.  It's practically mandatory.
<ScottK> Not to bad.  18 minutes from sudo do-release-upgrade to the reboot on a dual PIII 450 w/512MB ram server.
<jetsaredim> ScottK: re: age of my server - 1994 or so
<jetsaredim> I thought it was hung, but just taking forever - it finally got past that and seems to be chugging along
<ScottK> jetsaredim: What CPU?
<jetsaredim> pentium 166
<ScottK> jetsaredim: I think i386 is the oldest we support.
<mindframe> anyone have an idea why fdisk and cfdisk don't want to create anything larger than a 2.5TB disk on a disk that shows up at 3.5 TB?
<mindframe> Disk /dev/sdb: 3499.9 GB, 3499925438464 bytes
<mindframe> First cylinder (1-425508, default 1): 1
<mindframe> Last cylinder or +size or +sizeM or +sizeK (1-267349, default 267349): 425508
<mindframe> :(
<mindframe> running 64bit so there shouldnt be any limitations there
#ubuntu-server 2008-06-18
<nealmcb> can anyone compare the diagnostics available for a dell PowerEdge 2850 on ubuntu vs centos?  My buddy wants to switch to centos from a really old ubuntu distro.  I recall hearing that dell had opensourced some management software for their stuff but he seems to think that at least the diagnostics are only rpm-based and the alien stuff didn't seem to work for him
<jetsaredim> is there something special that needs to be done to be able to install from scratch with a pppoe connection?  why are these tools not built-in to the install cd
<nealmcb> !pppoe
<ubottu> Setting up an ADSL/PPPoE connection? Look at https://help.ubuntu.com/community/ADSLPPPoE
<nealmcb> jetsaredim: ^
<nealmcb> though I haven't tried it... and I have to run now.....
<nealmcb> back to poweredge and diagnostics - as I heard it, the diagnostics are on a cd that came with the system a few years ago.  I don't know if it is part of the omsa/openmanage or the ipmi stuff they're doing
<nxvl> nealmcb: around?
<nxvl> nealmcb: i think it will be kind of hard for ebox to use augeas
<nxvl> nealmcb: ebox is writting in perl, while augeas is a C library with bindings for python and ruby only
<ryoohki> anyone seen this when kick starting hardy server 8.04 amd64 "Loading kickseed-common failed for unknown reasons"?
<captbaritone> phpmyadmin seems to be stuck running a query and I can't get it to load. Is there a way to have it stop?
<zul> nealmcb: ebox written in perl not a good thing
<emgent> morning
<ScottK> Depends on the Perl.  Lots of good stuff in Perl.  Lots of bad.
<Colin_> Hey, how do I get my server to give out internet.  It has three network cards, two are in use atm.  One is internet from the dsl modem, the other goes out to the LAN. The server has internet, but it won't distribute it, although dhcp is working becauseit is distributing ip addresses
<nealmcb> nxvl, zul: offhand it seems like adding perl bindings for augeas would be a lot less work than maintaining a backend for all the interesting services, if augeas is indeed useful in that regard.....  I'd prefer python all things being equal, but reinventing things because of language preferences can be a big step backwards.
<hads> Colin_: You'll need to setup NAT on the gateway box. This can be done quite a few ways, I'd recommend using something like firehol as it will make your like easier.
<hads> If your DSL modem is also doing nat then you'll be behind double nat which isn't so nice but it may not be a problem for you.
<Colin_> hads, ah ok so using IPtables
<Colin_> i should have known it wouldn't be simple
<Colin_> the modem isn't doing NAT though
<hads> So your public IP is on the linux box?
<Colin_> correct
<hads> Nice one
<hads> Hope you've got a firewall already then :)
<Colin_> no, but I'm working on it right now, haha
<hads> I'd really recommend something like firehol, you should be able to setup NAT with one or two lines.
<Colin_> ok ill check into that
<Colin_> i've heard about others like smoothwall and shorewall, what do you think about those
<hads> If you run 'firehol helpme' it will try to guess a config for you even :)
<Colin_> oh thats nice
<Colin_> well I think i'll try that out then
<nxvl> nealmcb: i was talking about ebox using augeas
<hads> Colin_: At http://firehol.sourceforge.net/ scroll down there is an example config there, that will show you the jist of it.
<nxvl> nealmcb: i've been thinking in writing ucsa in C because of augeas
<Colin_> hads, I'm actually looking at that right now =)
<nealmcb> nxvl: I was also - and it would seem that ebox could use augeas if there were some perl bindings, which wouldn't be too hard, would it?
<Colin_> I set up firehol according to the documentation, and then started it, but I still don't get internet
<nxvl> nealmcb: dunno, i don't write perl code for a loooong time
 * jetsaredim ponders why the installer would not mark / as bootable
<kraut> moin
<Kamping_Kaiser> ubottu, ntfs
<ubottu> To view your Windows/Mac partitions see https://help.ubuntu.com/community/AutomaticallyMountPartitions - For write access, see /msg ubottu NTFS-3g or /msg ubottu FUSE
<\sh> whoever is interested: adobe flash media server version 3 runs on ubuntu :)
<lukehasnoname> IBM considers open-sourcing DB2
<kerberos> hi all
<lukehasnoname> hi, network authentication protocol
<kerberos> can anybody here help me
<kerberos> how can I ssh or ftp my home server from my university
<kerberos> how to do all the NAT stuff
<lukehasnoname> Is your home server behind a router?
<kerberos> yaa
<kerberos> I got 1 modem and 1 wireless router
<lukehasnoname> You'll have to login to your router's config for port forwarding
<kerberos> my local home server connected to my wireless router
<lukehasnoname> get your server's internal IP and forward port 22 to that IP
<kerberos> that is the part that I dont understand
<lukehasnoname> so when you connect to your home's public IP through port 22, your router will send traffic to your server
<lukehasnoname> well
<kerberos> hold on let me try
<lukehasnoname> your router's IP on your LAN will be 192.168.x.x
<lukehasnoname> 0.1 usually
<kerberos> ya correct
<kerberos> I already login to my router
<lukehasnoname> k there will be a tab or link to port forwarding, "special apps" or something like that
<kerberos> I used level one router
<kerberos> yaa
<kerberos> forwding rules
<kerberos> from there I have virtual server/special AP/MISC
<lukehasnoname> right, find your server's LAN IP and use that, then say forward "port 22" to that LAN IP
<kerberos> ok done
<lukehasnoname> now when you connect to your home's public IP using SSH/port 22, your router will send traffic to your server
<lukehasnoname> if you did it rihgt
<kerberos> I can try to connect to my  public IP from my home
<kerberos> how about ubuntu server
<kerberos> do I need to modify the iptables
<kerberos> do I need to activate the NAT
<lukehasnoname> I'm not that experienced, but I think you should be fine.
<lukehasnoname> make sure sshd is running
<lukehasnoname> (your ssh server)
<kerberos> yaa
<kerberos> ssh and ftp is running
<kerberos> cant connect
<lukehasnoname> hm
<the_messenger> have you verified that you can connect to it from inside first?
<kerberos> yaa
<kerberos> the_messenger --> can connect from inside
<the_messenger> k
<kerberos> connection closed when try to connect to my public IP
<kerberos> I nmap to my public IP
<kerberos> all the services are there
<lukehasnoname> either you configured it wrong, or your ISP blocks incomeing traffice on that port
<kerberos> port 21 and port 22
<the_messenger> are you testing the public address from behind or infront of your router?
<kerberos> hold on
<kerberos> let me verify
<kerberos> behind the router
<the_messenger> some routers won't route that back in
<the_messenger> try it from outside
<kerberos> any extra setting
<the_messenger> i don't know of any setting to allow it
<the_messenger> when you are inside use the internal address when you are outside use the public address
<kerberos> how about the ubunter server itself
<kerberos> any iptables setting
<the_messenger> from how I understand it it's a limitation of the device routing your nat, so i don't think the routing on the server would be able to do anything
<the_messenger> it doesn't know how to go out and nat back in
<the_messenger> there may be a way to make the router understand it but I haven't found it yet (i'm using a cisco for my router)
<kerberos> ic
<the_messenger> but if you have the port forwarded properly and the service works from inside then it should work fine externally
<kerberos> when I nmap
<kerberos> sorry
<kerberos> when I try to nslookup
<kerberos> can't find server name
<kerberos> ...
<LMJ> Did anyone made his homework : download firefox 3 and crontibute to the world largest amount of download in 24h ? http://www.mozilla-europe.org  ;)
<the_messenger> nslookup is checking dns registration, not service availability
<kerberos> ic
<kerberos> nmap
<kerberos> and I'm using dynamic ip
<the_messenger> there are several services for doing dynamic dns. I've used www.dyndns.com in the past
<zul> emgent: how does rapache handle it if you modify the configuration files directly and then use rapache again
 * jetsaredim is really getting torqued off at the installer
<jetsaredim> tried to install ubuntu-server twice - both times I've had to force detection of ide_generic to get the cdrom drive recognized and also after the reboot the system fails to boot
<jetsaredim> anyone have an idea as to why this would be?
<nijaba> jetsaredim: file a bug with details about your hardware if you have not done so already
<jetsaredim> nijaba: on my way there
<jetsaredim> nijaba: any suggestion about which specific package to file against?
<nijaba> jetsaredim: kernel ?
<lukehasnoname> Guys, I have some bad news. My bosses a few levels up have decided to make me do work at my job, so I might not be able to sit on the IRC all day and read the mailing list as it trickles in. I'll still be around a little....sometimes.
<mathiaz> nijaba: yeah -pulp looks interesting
<mathiaz> nijaba: have you looked at the interface ?
<nijaba> yes, that's the cool part
<mathiaz> nijaba: it uses turbogears IIRC
<nijaba> mathiaz: but I looked a bit at the code and I trying to see if the backend could be ok for debian packages
<nijaba> mathiaz: yes turbogears it is
<nijaba> Koon: https://fedorahosted.org/pulp/
 * delcoyote hi
 * nijaba takes a break
<mathiaz> zul: re bug 240519 - is that a regression from gutsy ?
<mathiaz> Koon: re bug https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/192643 - I'd assign the bug to the network-manager package
<Koon> mathiaz: yes, I was considering doin g it but I'm not sure it is a bug... like I said it's a missing feature, except if the reporter can find his expected behavior documented somewhere...
<mathiaz> Koon: if it's a missing feature, then you can set the importance to whishlist
<Koon> mathiaz: I need bug-Control power for that ;)
<mathiaz> Koon: you can ask for membership in #ubuntu-bugs
<mathiaz> Koon: or bdmurray
<Koon> mathiaz: ok, will do
<mathiaz> Koon: and even if you don't have bug-control power, assigning to the NetworkManager package doesn't hurt
<mathiaz> Koon: it seems that it's a legitimate request
<mathiaz> Koon: so bringing this up to the network-manager packager is a good thing
<Koon> doing it right now.
<zul> mathiaz: yep
<zul> looks like it
<mathiaz> zul: ok - then it qualifies for an SRU
<zul> mathiaz: ok i was going to split the sybase and mssql into their own seperate package
<zul> intrepid suffers from the same regression but the build system has changed from what it looks like
<mathiaz> zul: splitting the packages would probably work for intrepid
<mathiaz> zul: for hardy, you'd have to keep the same package in place
<zul> mathiaz: thats a bit difficult :)
<zul> but ill try
<mathiaz> zul: has the hardy packaging changed a lot from gutsy Ã
<mathiaz> zul: ?
<zul> mathiaz: no but in hardy it uses sed to change the librabry from sybase to mssql
<zul> mathiaz: basically the extension has been changed from sybase to mssql if the version is lessed that 5.2.3-2
<nxvl> i having problems packaging augeas
<nxvl> it ships with gnulib
<nxvl> so i'm trying to remove it from the source and have it as build-depend
<nxvl> but it's kind of hard coded on the Makefile and configure script
<nxvl> did anyone can point me to the best way to deal with this?
<mathiaz> nxvl: try to ask in ubuntu-motu or ubuntu-devel - there is more packaging expertise there
<nxvl> mathiaz: ok, thnks
<zul> mathiaz: can the php5-sybase package have both the mssql.ini files and sybase files
<cbeckley> I have a ubuntu-server machine and I need it to be able to accept 2 separate dsl lines, and output to the LAN.  Would balanceNG help me accomplish load balancing with multiple connections? And also, does anyone know of any good tutorials for setting up systems with two internet connections?
<[diablo]> evening guys
<[diablo]> is there no 64 bit version of JeOS?
<JanC> no
<[diablo]> ok
<lukehasnoname> [diablo]: I know, it's sad
<sommer_> [diablo]: you can create a KVM/Qemu image using ubuntu-vm-builder... it'll take a few minutes, but probably less time than downloading an ISO
<[diablo]> atm I have KVM-70 in my Ubuntu 8.04 x64 desktop ... with a Ubuntu 8.04 Server x64 guest
<JanC> you need a VM with more than 4 GiB RAM?
<sommer_> [diablo]: https://help.ubuntu.com/8.04/serverguide/C/ubuntu-vm-builder.html
<[diablo]> well, the box has a Q6600 and 4GB of DDR
<sommer_> JanC: not necessarily, I've seen it work great with 2G
<[diablo]> I give my kvm guests 1GB or less
<sommer_> heh, you should be good to go :)
<JanC> why would you want a 64-bit guest kernel if your host system is only 4 GiB RAM?
<lukehasnoname> JanC: Consistency
<sommer_> isn't more always better?  heeh
<[diablo]> I like the idea of a pimped kernel for the virtual server
<[diablo]> sounds nice
<JanC> 64-bit will use more memory in most cases, and might even be slower in some cases...
<[diablo]> JanC, you referring to KVM guests?
<JanC> kvm or vmware or whatever (I use kvm)
<[diablo]> I have not heard of any preformance  loss using a x64 guest on a x64 host
<JanC> 64-bit software uses 64-bit pointers, which are double the size of 32-bit pointers...   ;)
<[diablo]> yes
<[diablo]> but your said might be slower
<JanC> this also means that less of them fit into the CPU caches, so more cache misses & more memory fetches _might_ be the result..
<lukehasnoname> can ubuntu-vm-builder be used to create an ISO? I mean, what is the output?
<sommer_> lukehasnoname: the output is a vm disk (not sure of the exact terminology), basically what you'd use a jeos iso to create
<jjesse> vmdk?
<sommer_> virtual disk file
<sommer_> jjesse: heh, ya
<JanC> .vmdk or .img or .qcow or whatever you prefer, I suppose
<lukehasnoname> sommer_: Hmmm. Ok. I haven't had a chance to throw up a virtual environment because apt-mirror SUCKS
<sommer_> not sure what virtual environment has to do with apt-mirror?
<lukehasnoname> I tried to tell it to only download certain 64-bit repos, not an entire mirror, and it still told me it was a 44GB download when I know it should have been like 20
<lukehasnoname> and I have no internet at home so I can't get files for my server so I was tryingto download a mirror onto my laptop at a friend's house
<lukehasnoname> but I didn't have time
<sommer_> ah gotcha, ya the internets comes in handy when usign u-v-m
<[diablo]> this JeOS idea is very niffty indeed
<[diablo]> installing a guest now
<lukehasnoname> What does JeOS have going for it against ubuntu-vm-builder?
<lukehasnoname> I mean, how is it tweaked for VM usage?
<sommer_> ubuntu-vm-builder was originally created to make the jeos iso files, but then they releazied it was a great tool
<[diablo]> from what I read the kernel only contains what is required
<sommer_> so using u-v-m or downloading a jeos iso basically gets you to the same place, a stripped down ubuntu vm :)
<mgsmx> i suppose there are some people who write the server guide here, I have a suggestion for the Samba-section: rewrite it from scratch! I think it's a strange-written, unclear document with a lot of superflues information, it cost me ages to get my samba working, while i know see it was just typing two lines in de CLI... :(
<jjesse> mgsmx: thanks for your feedback, could you report a bug with suggestions against ubuntu-doc?
<sommer_> mgsmx: that's in progress actually :), should have drafts up next week probably
<jjesse> that way it deosn't get lost in the channel
<mgsmx> oh :) alright
<jjesse> mgsmx: thanks, soemtimes the people who work on the guide forget what is said in the channel and work better against a bug
<mgsmx> ah, i see
<[diablo]> damn that boots quick as hell, and it's a qcow2 image
<lukehasnoname> sommer_: For Samba or for the entire guide?
<sommer_> lukehasnoname: here's the spec: https://wiki.ubuntu.com/IntrepidServerGuide
<sommer_> lukehasnoname: most of the sections were update/expanded for hardy, but there wasn't time for the windows networking section
<lukehasnoname> Come later in the year (September?) I wouldn't mind QA testing those docs
<sommer_> lukehasnoname: that'd be awesome... the more feedback the better
<lukehasnoname> oh my freaking GOD there is a beautiful woman standing at the cubicle next to me
<lukehasnoname> Some of the sexiest outfits a woman can wear are business pants and a white shirt
<lukehasnoname> Not at the same time, though. <_< </offtopic>
<[diablo]> lol
<tekteen> anyone know how to find out what program is listening on a port? like port 80?
<daanemanz> does anyone know why my browser is trying to download a php file from my webserver when I'd like to see a php page?
<sommer_> tekteen: netstat can, but I'm not sure of the exact switches
<tekteen> you do not have the apache pgp mod
<tekteen> php*
<sommer_> daanemanz: did you restart apache
<daanemanz> I did, but still to no avail
<JanC> tekteen: lsof or netstat ?
<tekteen> thanks
<daanemanz> it's borked since I accidentally removed LAMP server with tasksel
<gatewayer> tekteen: netstat -plutn does the job ^^
<ScottK> netstat -a|less is a good place to start.
<tekteen> thanks again
<sommer_> daanemanz: make sure you have the libapache2-mod-php5 package
<tekteen> gatewayer: it does not tell me what program
<gatewayer> of course?
<gatewayer> it tells you pid?
<daanemanz> already installed...
<gatewayer> and program name
<tekteen> where?
<JanC> netstat might need root rights to find the program name
<gatewayer> last column
<tekteen> ok
<JanC> so put sudo before it  ;)
<gatewayer> jepp sorry
<gatewayer> ^^
<tekteen> I will run as root
<gatewayer> root of course ^^
<daanemanz> wait... it works!
<tekteen> :-\ what I wanted to was running. But lighttpd is giving me a 500
<daanemanz> thanks anyway for the hints
<JanC> tekteen: configuration error maybe?
<JanC> or if you use fastcgi, there might be an issue with that...
<tekteen> ok
<tekteen> how about scgi?
<JanC> well, I guess it can go wrong too?  ã
<tekteen> :-(
<JanC> check the log files...
<tekteen> I did
<JanC> I'm sure lighttpd will tell you something?
<tekteen> oh
<tekteen> I feel stupid right now
<tekteen> You would think I would look at this stuff by now
<tekteen> I need to install php5-cgi
<tekteen> g2g
<tekteen> thanks janC
<DustWolf> I have configured a HTTP proxy durring setup, how do I change this setting?
 * kees loves rebooting 6 kvms simultaneously.  *thrash*
<mathiaz> kees: do you have intrepid vms ?
<kees> mathiaz: I don't have intrepid as kvm yet (I have schroots).  I was going to set them up soon so I could start playing with apparmor updates
<mathiaz> kees: ok - I've updated my intrepid vm to 2.6.26 and it doesn't boot anymore :/
<kees> mathiaz: lvm?
<kees> mathiaz: I fixed a devmapper regression last night, so you might need to boot with root=/dev/mapper/$VG-$ROOTLV (fill in your $VG and $ROOTLV) to avoid the broken UUID symlinks
<kees> then grab the new dmsetup and initramfs should regen
<mathiaz> kees: yes - I'm using lvs for the root disk
<mathiaz> kees: but the host is running hardy
<kees> mathiaz: ... I'm confused... your _host_ doesn't boot any more after the client was upgraded to intrepid?
<mathiaz> kees: my intrepid guest/vm doesn't boot anymore
<mathiaz> kees: but I'm running hardy on the host server
<kees> mathiaz: but the intrepid guest uses lvm for its rootfs?
<mathiaz> kees: nope
<kees> okay, then I'm not sure-- probably a kernel issue?  I saw a mess of things failing when I booted intrepid on bare metal
<mathiaz> kees: ok - I'll check with soren when he is back
<RabidLockerGnome> Hey guys, I just installed ubuntu server, but it won't see my wireless access point, any ideas?
#ubuntu-server 2008-06-19
<zul> mathiaz: I did a thinko when uploading the system-config-samba to proposed
<emgent> zul: rapache read hand edit and add it in the list.
<emgent> anyway if you like, you will see docs quickly in rapache.org :)
<emgent> (sorry for reply delay)
<emgent> zul: now i go to sleep, if you have more other question, feel free to mail me :)
<emgent> night people
<Colin__> I have three NIC's in my ubuntu server, I have one that goes to the LAN and the other two are for two separate dsl lines, does anyone know how I go about setting that up???  The server is up, and it has one line already connected. DHCP is working as well as the firewall.
<nxvl> emgent: are you still around?
<hansin> clear
<dbbolton> does ubuntu server come with X ?
<hads> It's not installed by default, no.
<mathiaz> ScottK: have you heard about bogofilter-tokyocabinet ?
<mathiaz> ScottK: I'm looking at bogofilter merge and the new version in debian added a new package, bogofilter-tokyocabinet
<mathiaz> ScottK: which adds a tokyocabinet backend to bogofilter IIUC
<mathiaz> ScottK: we're already disabling the qdbm backend in ubuntu
<ScottK> mathiaz: I have no ideas about bogofilter.
<ScottK> Without looking, I'm going to guess that would require promoting some new depends.
<nxvl> mathiaz: i already packaged augeas (if you haven't noticed it already)
<mathiaz> ScottK: yes - tokyocabinet
<mathiaz> ScottK: I wonder why qdbm has been disabled though
<mathiaz> ScottK: it's been disabled since breezy (or even hoary)
<mathiaz> nxvl: awesome - I hadn't noticed
<nxvl> mathiaz: it's on revu
<nxvl> mathiaz: and on planet ubuntu
<ajmitch> if it's a library, that's interesting package naming
<nxvl> ajmitch: augeas?
<ajmitch> yes
<nxvl> yes, it's a library
<nxvl> and yes, it's a funny name
<ajmitch> so why isn't is libaugeas0? :)
<nxvl> but, it's redhat people, you never know
<nxvl> ajmitch: i have package it as libaugeas0
<ajmitch> not according to debian/control
<nxvl> oh
<nxvl> you mean the source
<nxvl> oh no
<nxvl> i just saw it
 * nxvl changes 
<nxvl> mmm
<nxvl> i have noticed a LOT of errors
<ajmitch> yeah
<ajmitch> like dh_makeshlibs being commented out
<ajmitch> that's a small problem there )
<ajmitch> :)
<nxvl> also i forgot that it's kind of mixed package
<nxvl> since it has library and binary parts
<ajmitch> that's fine, it's not uncommon to have that
<nxvl> ajmitch: yes, but i didn't package it that way
<nxvl> well
<nxvl> kind of
<ScottK> I thought the source of the name was pretty obvious.
<ajmitch> well that's what I grabbed off revu :)
<ajmitch> ScottK: I was just commenting on the binary package names, mainly that it wasn't libaugeas0
<ScottK> Ah.
<ScottK> I like the reference to the Augean Stables given what it does.
 * ajmitch wonders if debian/copyright should refer to the LGPL-2.1 file
<nxvl> ajmitch: i'm uploading a new version to revu
<ajmitch> nxvl: need to rename the .dirs & .install files if you're renaming the binary package in debian/control
<ajmitch> should also be libaugeas-dev, and possibly a libaugeas-bin if there are additional binaries
 * ajmitch doesn't know if the latter requires the lib- prefix
<nxvl> ajmitch: yes, i have just pushed a new version
<nxvl> ajmitch: including the binary package
<mathiaz> nxvl: I'd use augeas-bin rather then libaugeas-bin
<mathiaz> nxvl: or even augeas
<ajmitch> ah, latest policy suggests libraryname-tools
<AnRkey> how can i get all email for the admin account to go to one of my users? I have Postfix, Dovecot-Imapd, Procmail, and Fetchmail running off a catchall account running.
<AnRkey> bleh.... - the extra running :D
<hads> /etc/aliases ?
<AnRkey> ta
<AnRkey> one more question. There is an admin group, so i can't create a user for the admin email. will an alias be a problem for same reason?
<Koon> jdstrand: on bug 220208, I almost pinned the problem down. Could you have alook at the last comment and tell me what you think of it ?
<chmac> Generic dns question. Is _ a valid character in a hostname? I'm getting errors trying to add a dkim hostname...
<hads> Nope
<chmac> hads: Know anything about DKIM?
<hads> No sorry
<chmac> Neither do I! :)
<ScottK> chmac: It's a valid domain name, but not a valid hostname.  That's the whole point.
<ScottK> chmac: If some DNS package or some DNS provider doesn't allow it, it's a bug.
<ScottK> chmac: I'm familiar with DKIM.
<chmac> ScottK: Aha, ok, cool
<chmac> So should `dig blah._domainkey.domain.com` resolve?
<chmac> Or how are the names looked up?
 * ScottK hands chmac dig txt 2007-00._domainkey.kitterman.com as an example.
<chmac> ScottK: Oh la la :)
<chmac> So _ should be valid in a cname record also right?
<chmac> Our provider is asking us to set up dkim._domainkey.ourdomain.com to cname to their domain
<ScottK> chmac: Yes.
<ScottK> That's needed so they can dkim sign your mail as coming from your domain.
<chmac> ScottK: Ok, getting a handle on it now, cool, thanks :)
<ScottK> chmac: Before you do it, ask how they make sure they don't sign mail from some other customer of theirs that forges your domain.
<ScottK> DKIM can only say the MTA signed it.  It's up to the provider to make sure the message came from a source authorized for that domain.
<chmac> ScottK: Hehe, that would definitely be bad! They're pretty straight up I believe (I hope!)
<ScottK> Generally large providers tend to just assume their customers won't do that.
<chmac> ScottK: Hmm, good point
<ScottK> It's a significant security consideration for both SPF and DKIM that isn't well dealt with by and large.
 * ScottK manages to run a small mail service on the basis of making darn sure that doesn't happen.
<chmac> ScottK: What's your business?
<ScottK> I'm primarily a consultant, but I also have a small mail service I run (that's what the cname was to in the example I gave you).
<ScottK> Email authorization and authentication technolgoies is one of my areas of specialty.
<chmac> ScottK: Now that sounds like proper geek stuff! :)
<ScottK> If you look, no need to tell me the web site sucks.  I'm well aware of that.  Web design is NOT one of my areas of speciality.
<chmac> lol
<chmac> ScottK: No, seriously, that site needs feedback. If nothing else, you could drop the background colour, I feel like my eyes are in pain!
<chmac> ControlledMail looks fine, there's no background. It's straight text, but it looks ok.
 * ScottK really does need to work on it.
 * ScottK says what the heck and goes and at least does that.
<chmac> ScottK: :) I'm glad I've made a positive impact on your web site today :)
<chmac> ScottK: Impressive service, I like it. 50 emails a day sounds a little low, but I like the idea.
<ScottK> That needs to be updated too as I changed the way I measure it.
<ScottK> It's actually 2500 recipients / 24 hours now.
<chmac> ScottK: Ok, that's waaaay more attract :)
<chmac> $60 for a year of reliable email, not bad
<chmac> ScottK: Do you offer an alternative to port 25 for ISP who block that port?
<ScottK> 465 (for smtps) and 587 (for starttls).
<marc-andre> hiho
<lukehasnoname_> morning
<jdstrand> Koon: re bug #220208
<jdstrand> Koon: is it possible to install gutsy's nagios packages on hardy, just for the sake of the upgrade?
<marc-andre> i try to set my server to UTF-8, but the env var LANG stays at "en_GB.ISO-8859-15"... i've putted LANG=en_GB.UTF-8 into /etc/environment and i did dpgk-reconfigure locales, do i miss something?
<Koon> jdstrand: I will do that.
<jdstrand> Koon: eg, install 2.9 on hardy, verify it's running, then apt-get upgrade to 2.11
<jdstrand> Koon: it would be a lot less painful :)
<jdstrand> Koon: and if it doesn't work, a simple debuild of the gutsy source package on hardy would still be easier than the dist-upgrade
<jdstrand> where's ubottu?
<jdstrand> ubottu: hey-- why aren't you showing me bug #220208 ?
 * jdstrand kicks ubottu 
<Koon> jdstrand: i can reproduce it on hardy by upgrading from nagios gutsy packages
<jdstrand> Koon: great!
<jdstrand> Koon: have you tried rebuilding hardy's with 'set -x'-- that might get you everything
<Koon> jdstrand: no -- but upgrading to my own built packages using dpkg -i, I don't remember hitting the bug.
<Koon> the sequence of events must be slightly different
<jdstrand> Koon: interesting
<jdstrand> Koon: do you know how to build your on apt repo?
<Koon> jdstrand: no.
<jdstrand> Koon: ok, let me get you some info
<Koon> but I can look it up ;)
<jdstrand> ...
<jdstrand> Koon: it isn't always as straightforward as one would hope. I mean technically, it is, but I have a setup that works pretty well now
<Koon> I could use a PPA but that may be overkill
<jdstrand> Koon: well, I find a local repository is very convenient for doing upgrade testing with my -security updates and VMs. It's up to you how you want to proceed of course.
<jdstrand> Koon: here is an overview http://paste.ubuntu.com/21390/
<jdstrand> Koon: and a little helper script to do a lot of the leg work: http://paste.ubuntu.com/21391/
<Koon> thanks
<jdstrand> Koon: np
<jdstrand> Koon: basically, you can dput or copy the debs in /var/www/debs/testing/<release>, then do 'update_repo <release>'
<jdstrand> s/in/into/
<jdstrand> Koon: keep in mind that if you have two versions of the same package in the <release> directory, apt-ftparchive may choose the earlier version, so 'apt-get update && apt-get -u upgrade' won't work as expected. You'll just want to clear out the old version in that case
<jdstrand> Koon: and while it goes without saying, you'll need a functioning apache2/webserver install ;)
<Koon> hehe :)
<hansin> Not sure if this is a dumb question, but I installed Ubuntu Server 8.04, and I noticed that SSH listens on IPv6 port 22 (:::22).  When I connect via an IPv4 address netstat still states it is connected via tcp6.  No other services are doing this.  No functionality issue, just curious about this.  An input?  Thanks.
<lukehasnoname> Anyone else think that three new kernels in two months is a little much?
<jdstrand> lukehasnoname: if you are referring to hardy, it'll calm down once .1 is released
<lukehasnoname> I sure hope
<lukehasnoname> I've had to recompile my video driver every time that happens
<lukehasnoname> er
<jdstrand> it's not just the kernel, but all kinds of SRUs
<lukehasnoname> reinstall, its a binary
<jdstrand> of course, those don't require you to recompile your video driver
<ogra> well, nothing should require him to do that if he uses the packages for his driver instead :)
<lukehasnoname> so jdstrand, are they just squeezing out updates to make sure everything is stable for a point release?
<jdstrand> lukehasnoname: that is my understanding-- there was one -security update, and the others are SRUs
<jdstrand> lukehasnoname: the SRU process was slightly relaxed to try to get in fixes for .1 since hardy is LTS
<Koon> jdstrand: when you said "rebuild with set -x" you meant in which file ? the init ?
<jdstrand> Koon: postinst or preinst-- whichever you think is failing
<jdstrand> or both
<Koon> I thought prerm was failing but that's the old one that gets executed
 * Koon digs further in between
<jdstrand> Koon: yes, but then the new one is tried
<jdstrand> Koon: that's how maintainer scripts work. http://women.debian.org/wiki/English/MaintainerScripts
<emgent> argh.. another xss in drupal..
 * Koon grumbles.
 * ivoks hates smart printers
<zul> ivoks: hey
<ivoks> zul: hello!
<zul> ivoks: drbd question for you will the 8.2.6 kernel modules work with 8.0.12?
<ivoks> huh... most probably not
<zul> dang...
<zul> thanks..
<ivoks> what are you trying to do?
<zul> ivoks: i just merged 8.0.12 and there is 8.2.6 modules in the ubuntu-intrepid tree
<ivoks> there's 8.2.6 in kernel source?
<ivoks> drbd is accepted in main kernel tree?
<ivoks> wow! :D
<zul> ivoks: no its the one from drbd.org in linux-ubuntu-modules
<ivoks> oh, ok
<ivoks> then we will have to package userspace tools to
 * ivoks still doesn't have intrepid buildd :((
<zul> ivoks: im in the process of doing that dont worry about it :)
<melter> what's the difference between the geo-ip-perl and geo-ipfree-perl?
<AlexC_> hey
<ivoks> belive it or not...
<ivoks> my printer decided that my colors have expired
<AlexC_> when using 'top', the amount of memory a process is taken out is under 'res' or 'virt'?
<ivoks> and refuses to print until i replace them
<AlexC_> s/out/up
<MrJDeaL> hi
<lukehasnoname> hi
 * lukehasnoname waves
<lukehasnoname>  /dance
<MrJDeaL> :)
<Koon> jdstrand: in fact it's the nagios2-common.prerm script that fails. it's partly autogenerated by dh_installinit and uses the "|| exit $?" stanza. When upgrading the prerm script from nagios2-common is executed after the nagios2 one.
<Koon> I'm searching for the right way to fix it
 * jdstrand nods
<sommer_> mathiaz: I was working on the ldap documentation and was wondering if there are any ldap cli tools to mange users, groups, etc ?
<sommer_> mathiaz: or at least ones that are integrated with ubuntu
<jdstrand> sommer_: ldapscripts
<sommer_> mathiaz: I took a look at the ldapscripts package, and it look promising
<mathiaz> sommer_: not that I know of
<jdstrand> sommer_: IIRC they need to be edited somewhat
 * delcoyote hi
<sommer_> jdstrand: ya, that's what I noticed, and I was wondering if they handle samba attributes?
<sommer_> jdstrand: I use some custom ruby scripts myself, but I think that wouldn't be the best way to document it :)
<sommer_> any plans to better integrate ldapscripts?
<mathiaz> sommer_: that could be an option
<jdstrand> sommer_: this is in my notes:
<jdstrand> Because ldapscripts use getent to resolve a group name to a gid, if don't have
<mathiaz> sommer_: I haven't looked into these scripts
<jdstrand> nsswitch.conf and libnss-ldap setup on the authorization (ie ldap) server, then
<jdstrand> may need to do:
<jdstrand> $ ldapsearch -b ...
<jdstrand> $ ldapadduser foobar <gidNumber>
<jdstrand> (if configure BASE in /etc/ldap/ldap.conf, then don't need to specify the '-b ...'
<jdstrand> )
<sommer_> jdstrand: ya, they didn't work out of the box for me, even after adjusting the configs, for me there was also some awkwardness with the cli options
<jdstrand> sommer_: will likely also want to edit /etc/ldapscripts/ldapscripts.conf
<sommer_> jdstrand: yep did that, didn't spend too much time on it yet so the config probably just needs tweeked
<jdstrand> sommer_: I think the overall plan is to get adduser to do some of this, once the heirarchy et al is implemented. mathiaz knows more about that
<jdstrand> sommer_: are you using GSSAPI perchance?
<sommer_> ah, I was thinking that may be a better aproach :)
<sommer_> jdstrand: I don't think I'm using gssapi... unless it's on by default
<jdstrand> sommer_: no. I did some patches to /usr/share/ldapscripts/runtime to specify different bind mechanisms
<jdstrand> (just locally)
<mathiaz> sommer_: well - one option is to add ldap support to adduser - whether that will be part of intrepid is a good question
<sommer_> jdstrand: ah cool
<sommer_> mathiaz: I see... just fyi I'd be very willing to help with that
<sommer_> my ruby scripts are to be honest pretty hacky
<mathiaz> sommer_: yeah - I think that everyone has their own hacky scripts
<mathiaz> sommer_: providing a standard way would help a lot
<sommer_> seems like everyone is caught up in finding a gui tool for this kind of thing, but a cli ldap user management utility is needed as well, at least a well intergrated one, heh
<mathiaz> sommer_: yes - the issue IMO is how flexible it is with the schema
<sommer_> mathiaz: sure, that's a good point... the cool thing about smbpasswd is that it adds the samba attributes for you
<sommer_> I like the way ldapscripts allows you to use custimized templates
<mathiaz> sommer_: yes - I should have a look into the ldapscripts
<mathiaz> sommer_: once we have the cli - then we could build/integrate gui
<lukehasnoname> Ah, nothing like watching a package-manager debate on ##freebsd
<sommer_> mathiaz: cool, well just let me know if there's anything I can help with, test, etc
<sommer_> mathiaz: in the mean time I'll work on documenting ldapscripts as way to manage users
<hansin> IRC question, what does the double pound symbols (##) vs. the single pound (#) symbol mean for a channel, as represented above?
<mathiaz> sommer_: great - file bug reports if things are not working correclty
<lukehasnoname> ## is for non-official chats, # is for channels verified to be associated with an organization
<lukehasnoname> although ##freebsd is the FreeBSD channel. </offtopic>
<hansin> Thanks, that helps.
<lukehasnoname> Hey guys, for a repo mirror, can I just download the entire directory of the ubuntu U.S. repo instead of using apt-mirror?
<hansin> My screen session locked up, and I had to reset irssi, so I lost a question I accessed earlier.  Does anyone know why SSH runs as IPv6, and does it even matter?  Thanks.
<hansin> s/asked
<Koon> jdstrand: the idea is to fix it by having nagios2-common.prerm gracefully fail if nagios2 was already stopped. I have two ways to fix it :
<Koon> jdstrand: 1/  just patch nagios2-common.prerm so that it contains what we want (lintian will complain that it does not contain #DEBHELPER#)
<Koon> jdstrand: 2/ make use of --error-handler in dh_installinit (required mods in rules and nagios2-common.prerm so slightly heavier patch)
<Koon> jdstrand: which one do you prefer for a security patch ?
<jdstrand> Koon: for -security the smaller patch wins
<Koon> jdstrand: ok, will post it on the bug.
<jdstrand> Koon: for intrepid, whatever is best, and then forward to debian
<ivoks> Koon: hi
<Koon> jdstrand: no nagios2 fopr intrepid, will see if it's in nagios3
<mathiaz> Koon: the second option is probably the best one
<Koon> mathiaz: yes
<jdstrand> Koon: how small are the changes for --error-handler?
<Koon> very small... I'll post the two, make your choice
<jdstrand> Koon: just a one line change in rules? I'd be ok with that.
<mathiaz> jdstrand: usually - just one line in debian/rules
<jdstrand> Koon: well, that is probably fine then
<Koon> mathiaz: I still have to implement the error_handling function ?
<jdstrand> Koon: cool. just ping me when ready
<Koon> mathiaz: in the prerm file ?
<zul> mathiaz: im going to keep a list of things to fix for 8.04.2
<mathiaz> Koon: well - it depends what function should be the error_handling
<mathiaz> Koon: I've used true sometime
<mathiaz> Koon: so you don't have to implement a specific function
<Koon> echo "Nagios was probably already stopped"; exit 0
<mathiaz> Koon: well - then true works in that case
<mathiaz> Koon: is there real value to add a message in a prerm script ?
<mathiaz> Koon: add *that* message
<Koon> mathiaz: well... see the output during the update on https://bugs.launchpad.net/ubuntu/+source/nagios2/+bug/220208/comments/7
<mathiaz> Koon: if the goal is to fail if the daemon has already stopped, then you can just use true as the error handler
<Koon> mathiaz: it looks a little strange to say "failed -- looks like it went ok"
<Koon> mathiaz: but you're the expert ;)
<mathiaz> Koon: well - you're attached patch looks okay to me - but you can replace it with --error-handler=true
<mathiaz> Koon: it will generate exactly the same code :)
<Koon> and avoid the lintian warning.
<mathiaz> Koon: We're doing the same thing in apparmor
<Koon> ok then.
<mathiaz> Koon: when we upgrade the profiles but the kernel is not updated yet, the apparmor init script fails to reload the profiles
<mathiaz> Koon: so to avoid an upgrade failure we just ignore the init script failure
<mathiaz> Koon: in that case it's a legitimate thing to do
<mathiaz> Koon: glancing through the bug report, it seems that it's legitimate to ignore the failure to stop the daemon in nagios-common
<zul> mathiaz: ping
<Koon> jdstrand: smaller/better patch posted on the bug. Tested ok.
 * jdstrand looking
<jdstrand> Koon: so that's it-- a one-liner?
<Koon> well. hm. yes. Lots of hours to produce that, I know ;)
<jdstrand> Koon: heh. nice work! I will get this rolling and pushed out today
<ScottK> Sometimes it's really hard to create a simple solution.
<cara> Hi all
<cara> I'm having an issue with my server and its clients.  I set up my server as a router/dhcp ... it gives my clients addresses but when I look in their routing tables I see that they are getting my previous server's name as the gateway.  Where could they get this name from?
<zul> mathiaz: im about to head for lunch but I begin tracking stuff for after 8.04.1 is relased on a seperate page
<zul> https://wiki.ubuntu.com/ServerTeam/StableReleaseTracker
<mathiaz> zul: what is currenttracking ?
<mathiaz> zul: is this material for 8.04.2 ?
<mathiaz> zul: if so, I'd rename it to StableTracker8042
<mathiaz> zul: the same way as 8.04.1
<cara> can anyone help me?
<jdstrand> kirkland: oh, fyi, I updated the initscript and added a manpage for nssldap-update-ignoreusers when doing the libnss-ldap update
<kirkland> jdstrand: oh, cool
<kirkland> jdstrand: i forgot that was a work item
<kirkland> jdstrand: or, rather, i may not have ever realized that was a work item :-/
<jdstrand> kirkland: well, I was the last to touch it, so I got to merge it
<kirkland> jdstrand: ;-)
<jdstrand> I ran lintian on it and those two things popped up
<cxo> what is the initrd.img link in / used for?
<zul> mathiaz: done
<mathiaz> jdstrand: hm - whenever I try to install libnss-ldap/libpamldap nscd is installed by default
<mathiaz> jdstrand: I'm currently merging libpam-ldap
<mathiaz> jdstrand: does it make sense to have nscd pulled in by default ?
<jdstrand> mathiaz: I saw that too-- it's because of mvo's apt change to pull in Recommends automatically
<jdstrand> mathiaz: ultimately, it is probably a good thing. for initially configuring it, perhaps not
<jdstrand> mathiaz: I thought it might be worth discussing, so didn't incorporate changing it to Suggests into my merge (which also Recommends nscd)
<mathiaz> jdstrand: right - have you seen the latest comment from the debian maintainer ?
<jdstrand> mathiaz: the 'from your friendly debian maintainer' comment?
<mathiaz> jdstrand: yeah
<jdstrand> mathiaz: yeah
<jdstrand> mathiaz: without having looked at any of the code, the openldap stuff sounds like it be rally good, if we can get it in
<mathiaz> jdstrand: one of the item for intrepid is to get the new nss ldap overlay in shape
<jdstrand> s/rally/really/
 * jdstrand nods
<mathiaz> jdstrand: yes - this is why I skipped the libnss-ldap merge
<mathiaz> jdstrand: I wonder if it's worth spending time on doing merge with the mid-term plan is to drop it
<jdstrand> mathiaz: merge is done
<mathiaz> jdstrand: well - the question is no more then :)
<mathiaz> jdstrand: I've just uploaded libpam-ldap
<jdstrand> mathiaz: 260-1ubuntu1 is uploaded and in intrepid :)
<mathiaz> jdstrand: do you have an ldap server for your testing ?
<jdstrand> mathiaz: 260 was supposed to fix stuff, so I just merged it
<jdstrand> mathiaz: I do, but I haven't been doing much with it lately
<mathiaz> jdstrand: I've tried to use ldapscripts in intrepid but it wasn't working
<mathiaz> jdstrand: first it still uses /etc/pam_ldap.conf - but then the ldapaddgrp script wasn't working with neither dash nor bash
<jdstrand> mathiaz: I haven't tried them lately
<jdstrand> mathiaz: sounds like the need some love
<sommer_> mathiaz: found the same issue with hardy ldapscripts
<sommer_> mathiaz: haven't had time to file a bug yest though
<sommer_> er yet
<mathiaz> sommer_: issue == ?
<mathiaz> sommer_: not working with a POSIX shell ?
<sommer_> sorry, looking for /etc/pam_ldap.conf... has several egrep errors at least ldapadduser did
<mathiaz> sommer_: right - this is something that is different between debian and ubuntu
<sommer_> mathiaz: yep, just wanted to fyi when I noticed you talking about it
<mathiaz> sommer_: once ln -s /etc/ldap.conf /etc/pam_ldap.conf scripts complain about trap
<sommer_> ah, I'll give that a try
<lukehasnoname> hey, where is the gui spec on the wiki? don't we have an outline of what we're trying to achieve/
<kees> kirkland: can you untag "bitesize" from 64064 since it isn't?  ;)
<kirkland> kees: :-)  sure
<kirkland> kees: untagged "bitesize"
<kees> kirkland: cool, thanks.
<kirkland> kees: i did submit a "bitesize" patch to that one, doesn't address your network filesystem concerns, though
<kirkland> kees: (which i must admit, i do not entirely grasp atm)
<Arrick> hey all
<Arrick> hey, anyone know how to import a mysql.sql db into mysql from terminal on a server setup?
<zul> mathiaz:  so should php5 depend on libdb4.6-db rather than libdb-dev because it looks like its pointing to libdb4.7-dev right now
<zul> The following packages have unmet dependencies:
<zul>   libdb-dev: Depends: libdb4.7-dev (= 4.7.25-0ubuntu2) but it is not going to be installed
<zul>              Conflicts: libdb4.6-dev but 4.6.21-10 is to be installed
<Arrick> hey, anyone know how to import a mysql.sql db into mysql from terminal on a server setup?
<zul> Arrick: couldnt you do mysql -u root -p < databasefile
<Arrick> dunno, im not an sql guy lol
<Arrick> I can try
<ScottK> zul: As long as you are consistent about build-dep libdb4.x-dev and depends  libdb4.6y where x == y I don't think it matters which.
<Arrick> nope, it says no DB selected
<infinity> zul: Perl, apache, python, and PHP should always build-dep on the same version of libdb-dev
<infinity> zul: (Generally updated in roughly that order)
<infinity> zul: libapache2-mod-perl2 in that list, too.
<zul> infinity: arrgh..
<infinity> zul: Oh, and subversion.
<zul> infinity: I was going to use Build-Depends on libdb4.6-dev
<infinity> zul: Subversion being the most annoying of the bunch, because it uses transactions, and needs migration code.  But I think David and I sorted that out long ago with db4.2->db4.3 or so.
<infinity> zul: libdb4.6-dev should be fine, if that's what we've settled on for this cycle, just make sure it's the same for all of the above.
<infinity> zul: (and anything else you can find in that mess of "interpreted languages and apache modules")
<zul> I dont think we have settled on any for this cycle bug that can be bumped when it comes to it
<infinity> zul: The key being that you never want to have more than one libdb version loaded into apache's memory space at the same time.
<ScottK> zul: I'd suggest you do a survey and then write ubuntu-devel with the right answer.
<zul> infinity: apr-util uses libdb4.6-dev still though
<infinity> zul: Right, then the rest of them should use libdb4.6 as well, until someone decides to do otherwise.
<zul> infinity: cool
<infinity> zul: Note that if distro has decided to rev perl to 4.7 (Perl's usually the first to bump), then apr-util/apache/php/python/subversion/etc all need to follow ASAP.
<zul> infinity: cool Ill make a note of it
<Arrick> zul, I installed phpmyadmin and got it, thanks though
<Arrick> now to figure out how to fine where the mysql(i).so file is so I can config apache to work with it
<Arrick> hrm, nevermind
<hansin> I was curious about US 8.04 running exim4 by default.  I am no expert here, but I assume it is set to only be used for local services to route emails.  Does anyone know anything about this?  I don't see it listening to any ports.  Sorry about my novice status in this areas.  Thanks.
<mathiaz> zul: why is that nagios-plugins is in main, but neither nagios2 nor nagios3 are in main ?
<enaner> what are somet hings i can do with the ubuntu server edition
<mathiaz> enaner: https://help.ubuntu.com/8.04/serverguide/C/index.html
<enaner> mathiaz can u tell me briefly
<enaner> theres a lotta info in that page
<enaner> whats a openssh server
<enaner> i just wanna toy with a spare comptuer
<enaner> what do u suggest
<enaner> i want to run a IRC server
<jjesse> if i was going to stand up a simple email server for pop and smtp what would be the reommendation?
<jjesse> internal only for demoing something for work
<hansin> enaner: You can do a lot.  The SSH server allows you to access that computer via another computer using the SSH protocol.  I run US 8.04 on an older PC headless (no monitor) and access it via SSH (I use putty as an SSH client on XP, and SSH via the shell when in Linux).  You can run all sorts of "services" via Ubuntu Server.  The cool thing about Ubuntu Server is that by default it does not install and run all sorts of services th
<ScottK> jjesse: Postfix + Dovecot.
<jjesse> ScottK: simple install and config?
<jjesse> never done it before
<jjesse> apt-get install postfix apt-get install dovecot?
<ScottK> Server guide has good docs on it.
<jjesse> awesome will work on it
<ScottK> Basic postfix setup is pretty easy.
<lukehasnoname> var/: Contains variable files. These include runtime files used by programs, log files, spool directories, databases, and other items that change with the normal operation of the system and its applications.
<lukehasnoname> Why do (likely to be) static web pages go in a subdir of /var?
<ScottK> Because they are data for the web server package.
<mathiaz> lukehasnoname: http://pathname.com/fhs/pub/fhs-2.3.html
<mathiaz> lukehasnoname: I think /var/www/ is for historical reasons
<mathiaz> lukehasnoname: according to FHS, it could be moved to /srv
<lukehasnoname>  /var/www isn't even in that document, 1994-2004. /srv would make sense under that definition, or under a different logic, so would /usr/local/apache
<lukehasnoname> nah, /srv would make sense
<lukehasnoname> rather, /srv/www
<enaner> hansin: can i install the desktop edition on my headless computer and access it thru SSH?
 * lukehasnoname goes to /Meeting
<jjesse> ScottK: once i install, how do i add new mailboxes?
<jjesse> nerver mind will read the documentation :)
<hansin> enaner: You should be able to as long as you install the SSH server (I know it installs the SSH client by default, but can't remember if it installs the SSH server and has it start up automatically).  I installed my server edition using a monitor and keyboard for install, then shut it down and pull the monitor and keyboard and installed it on my network and booted it back up.  But, yes it is possible, just not sure if you need to 
<enaner> hansin can you guide me through it
<enaner> i am almost finished with the installation of the server edition
<jjesse> enaner: have you installed the ssh server?
<jjesse> if i recall correctly there was an option during installation
<enaner> i installed like all the servers
<enaner> i selected all of em
<jjesse> when ssh is installed
<jjesse> if you are using putty then you open a new session and putin the address and make sure ssh is chosen
<hansin> enaner: Yes, it is one of the install options.  I think in the past you got SSH server by default, but now you hvae to pick it.  I don't know what happens if you don't, because I chose it (like I said, I think it used to be default).  I did NOT install LAMP, email server, etc.  Just SSH.  I can add the rest later, but if you installed these it isn't too big of a deal, especially if you are looking to learn things.
<hansin> enaner: Are you trying to run all this on an internal network?  At home?
<enaner> hansin but when i access it with the SSH, what are some things ill b able to do?
<jjesse> enaner: everything you can do from the console
<enaner> what exactly can i do from the console
<enaner> can i run a irc network
<jjesse> what are you trying to do?
<enaner> or a website
<jjesse> enaner: yes you can with the right packages installed, have you read through the server guide?
<jjesse> anyone else having problems getting to the dovecot site?  www.dovecot.org
<hansin> enaner: I take you are pretty new to this.  That is okay, it just means you are going to go through a bit of a learning curve.  I personally like the simplicty of Ubuntu Server (not that it can't be set up to do powerful things), and think it is a great way to learn about using a server based Linux installation.  I am by no means an expert, but I can navigate the CLI (command prompt) pretty well.  Yes, you can run a web server (ma
<hansin> Right now I am at work and am using SSH to log into my box, and have irssi (IRC chat client) running in screen (a console "mulitplexer).  I have MySQL installed and also Lighttp and nginx, but I am not really doing anything with them right now.  My internet provider leaves all ports open, so I can in theory make available all sorts of services as long as the don't generate too much incoming traffic.
<lukehasnoname> hansin what ISP you have
<lukehasnoname> where you live, is the better question
<hansin> Comcast cable ;)  In Colorado.  They seem to leave all ports open as long as you don't abuse it, which I intend not to do (maybe they block 25; not sure).  I know there was the whole bittorrent traffic issue, but that hasn't affected me.
<enaner> hansin what im trying to do right now is ... be able to access that computer from this one that im using ... basically not use ne keyboard mouse or monitor for the server computer
<enaner> i need your help to set this up
<enaner> after that ill set things up
<enaner> by reading stuff
<jjesse> enaner: then use ssh
<jjesse> it will give you "console" access
<enaner> yes but how?
<lukehasnoname> hansin: They throttle BT and such and I hate them
<enaner> type ssh on the server comp?
<jjesse> enaner: from what computer are you going to be accessing the server?
<jjesse> what operating system?
<hansin> But it is coole (and why I don't use DSL) because I get a public IP address (sure, dynamic, buy I can use dynamic DNS, and it really doesn't change often) and I can test and play with all sorts of services from home.  Works for me.  I know if the BT issue, and I use BT a bit, but the other stuff I state here is much more important to me.
<enaner> both ubuntu
<enaner> one desktop and one server
<jjesse> then open up a terminal session adn type ssh ip address
<hansin> enaner: do you have both PCs connected directly together, or are both plugged into a router?
<enaner> router
<hansin> okay, and you will need to know the IP address of the ubuntu server PC.  I assume it is set for DHCP, but then you need to know what IP address your router assigned it in order to SSH into (you need to know its "telephone number" so to speak).
<enaner> yea
<enaner> the ip addresses are going to be different i assume
<enaner> is there a command i can type inthe server comp to get its ip
<hansin> okay, and what OS are you running on you desktop?  I don't care, just need to know (yes, the router should assign a uniqe IP address for each).
<enaner> Ubuntu 8.04
<hansin> okay, do you know how to open a terminal from your desktop?
<enaner> hardy for both server and desktop
<enaner> no clue
<enaner> o yea
<enaner> i noe
<enaner> lol
<hansin> open one up...
<enaner> done
<hansin> type in "ifconfig".  What does it say (just need the IP address it returns)?
<hansin> for example: 192.168.1.xxx
<enaner> yea
<enaner> got it
<hansin> but that is the IP address for your desktop, not your server...
<enaner>  inet addr:
<enaner> Bcast:1
<enaner> Bcast:1
<enaner> and mask
<enaner> it shud b the inet addr:
<enaner> right
<hansin> just inet address:
<hansin> yes
<hansin> enaner: who do you get internet from?
<enaner> cable vision
<enaner> optimum
<hansin> Are you connected to you router via Ethernet cables for both PCs?  No wirelss?
<enaner> ethernet for both
<hansin> So what I need is the entry for inet addr: to help
<enaner> well i have 3 comps in total connected to router thru ethernet
<hansin> Most likely 192.168.1.xxx (this is called a Private IP address, and is not accessable through the internet like a Public IP address would be).
<enaner> http://pastebin.ubuntu.com/21493/
<enaner> wud it b dangerous
<enaner> if someone gets this info
<enaner> hansin: ?
<hansin> enaner: No worries about this, because this is a Private IP address.  No one can hit your PC/network with a 192.168.1 IP address...
<enaner> ok
<enaner> ok so what shud i do next hansin
<hansin> So what you need to figure out is what the server IP address, but without having a keyboard or monitor connected to the server PC, you can not run "ifconfig" on the server directly to figure this out...  Give me a sec here to think what I would do (I'm thinking ping...)
<hansin> One last quick question, did you set both the desktop and server boxed up with the same account name?
<hansin> enaner: You said you had 3 PCs plugged into the router.  Was the server the third one added?  FYI, 192.168.1.1 is VERY much likely your router's IP address for the interface that is facing LAN side (your internal network).
<hansin> I am assuming the extra PC (not the ones we are talking about here; you desktop and server) was the first one that was attached to your router?
<hansin> enaner: You still here?  I am at work so I will have to jump back in and out, but I am guess your IP address for you server is 192.168.1.4; but would need to test.  Maybe you are already in.
<Ballena> To get write access to the /var/www owned by www-data; is the only thing I have to do adding me self as a member of that group?
<enaner> yea im here hansin
<enaner> what shud i do
<enaner> ne one here?
<enaner> ï»¿slayton: I would like to access a PC(ubuntu-server) that is connected to the same router as the one I am currently using (ubuntu hard). What should I do if I want to use the server computer headless aka from this computer through SSH. I have no idea, and I will have to do it now, as I will have to return my brothers keyboard and Monitor ASAP .. thanks in advance for your help. :)
<hansin> enaner: If you are around and have a few minutes, I can help, but I am at work so need to go "boom, boom, boom" and get it done.
<enaner> yea
<enaner> im around
<enaner> im waiting for you actually
<enaner> 127.0.0.1 < could this be the ip address of my server pc? thats wat it says after i type ifconfig
<enaner> so then i tried
<enaner> "ssh murgi@127.0.01"
<enaner> root@enaner-desktop:~# sudo ssh murgi-server@127.0.0.1
<enaner> ssh: connect to host 127.0.0.1 port 22: Connection refused
<hansin> enaner: 127.0.0.1 is what is called the loopback address.  It is basically a way for the computer to communicate with itself.  You didn't see any entery for eth0 or ethX (1,2,3 whatever)?
<hansin> enaner: learn about using sudo.  Looks like you are logged in as root on your desktop.  Just search "root" and "ubuntu" when you have time...
<enaner> yea
<hansin> enaner: so your 127.0.0.1 entry for "ifconfig" is for device "lo".  That is your loopback device and is only used for internal communication for a single PC.  Seach "loopback device" to learn more when you can.
<enaner> k
<enaner> so how do i find the ip
<hansin> enaner: So try running "ping 192.168.1.2" and let me know sort of what it says (does it say host unreachable?"
<hansin> From 192.168.1.100 icmp_seq=1 Destination Host Unreachable
<enaner> unreachable
<hansin> not what you want...
<enaner> root@enaner-desktop:~# sudo ssh murgi-server@127.0.0.1
<enaner> ssh: connect to host 127.0.0.1 port 22: Connection refused
<hansin> try "ping 192.168.1.4"
<enaner> same thing
<enaner> unreachable
<hansin> enaner: you don't want to ping or SSH to 127.0.0.1...  You woud be in essence hitting the same machine you are running these on...
<hansin> My guess is your server box hasn't aquired an IP address, since you are only getting back 127.0.0.1 (I assume you plugged your monitor and keyboard into the server and ran"ifconfig")
<enaner> yea
<qman__> Hi guys, I was wondering if someone could help me write an init script. I installed srcds on a ubuntu box, and am going to use it to run a Counter Strike Source game server. I created a user just for this purpose, and got the server functional and all.
<enaner> well its currently plugged into my brothers monitor+keyboard+mouse
<qman__> I want to create an init script that runs the server as that user, for security purposes
<hansin> enaner: okay, run "ifconfig" and tell me if it has only an entry for "lo" or if there is one for "eth0" as well.
<hansin> enaner: Any luck??
<enane1> sorry
<hansin> enaner: I'm out of here in about 15 minutes...  So let me know if you want to try this...
<enaner> yea
<enaner> ill do wateva u say
<enaner> go ahead
<hansin> do you have keyboard+monitor access to the server PC?
<enaner> yea
<hansin> enaner: okay, run "ifconfig" and tell me if it has only an entry for "lo" or if there is one for "eth0" as well.
<enaner> only for lo
<enaner> i just checked
<enaner> but if i type ifconfig eth
<enaner> then something does come up
<enaner> but nothing that looks like a ipnumber
<hansin> on server type "cat /etc/network/interfaces"
<enaner> ok
#ubuntu-server 2008-06-20
<hansin> you will see something like "auto lo".  what about "auto eth0" (or eth1, eth2...)?
<enaner> yea
<hansin> eth0?
<enaner> no etho
<hansin> just "lo"?
<hansin> "auto lo"?
<enaner> yea
<enaner> lo
<enaner> and then auto lo
<enaner> actually
<enaner> auto lo
<hansin> okay.  you have an ethernet cable plugged into your router right? (just makeing sure there is an ethernet card/jack in server)
<enaner> yea
<enaner> i just unplugged it from the server and then repluged it
<enaner> the green and orange light is on
<hansin> okay, do this... "cd /etc/network"
<hansin> by the way, what user are you logged onto the server as?
<enaner> then
<enaner> murgi
<hansin> okay.  type "ls".  do you see a file called interfaces?
<enaner> yea
<enaner> itsthe only one thats white
<hansin> we are going back it up before editing it.  type "sudo cp interfaces interface.bak"
<enaner> rest of the results are blue/purplish
<enaner> done
<enaner> then?
<hansin> type "sudo nano interfaces" (nano is a text editor)
<hansin> tell me when it has loaded...
<enaner> ok
<enaner> then
<enaner> its loaded
<hansin> down arrow to the botton, below the "auto lo" entry...
<enaner> then
<hansin> type "# eth0" and press return (this is a comment)
<enaner> then
<hansin> type "auto eth0" and press return
<enaner> then
<hansin> type "iface eth0 inet dhcp"
<enaner> then
<hansin> hit "cntl-x" and nano should then ask you if you want to save/write file.  hit "y" for yes.
<enaner> then
<hansin> gimme a sec...
<hansin> type "cd /etc/init.d"
<enaner> then
<hansin> cross finger... no, wait, do this...
<hansin> type "./networking restart" and pay attention to output messages.
<enaner> it says unknown methods
<enaner> couldn't read interfaces
<enaner> etc/network/interfaces
<hansin> boo.. I am wondering if it doesn't recognize eth0.  type "lspci" and see if it repsond with a network card.
<enaner> ethernet controller does show up
<hansin> also try "dmesg | grep eth0" though probably no entries...
<enaner> btw
<enaner> the server comp is in another room
<enaner> so im runnin bak n forth
<enaner> so i dun think this will work
<enaner> can i run ubuntu desktop edition
<enaner> and still run a irc and http server?
<hansin> you have a good pair of shoes??  sorry, didn't know you were running back and forth.  what kind/make/model of PC is the server?
<hansin> I would really check "dmesg | grep -i eth" though and see if you get anything.  It could help if it is setting you card as ethX
<hansin> on the bright side, hopefully you are learning a bit here.  even if you don't immediately retain all this, you are troubleshooting and developing that as a skill...
<enaner> yea
<enaner> but i gotta run now
<enaner> thankx for all ur help
<enaner> :)
<hansin> okay, catch later if you want to try more.  need to figure out what you NIC card is registering as...
<AtomicSpark> heh. the urge to restart an ubuntu server after updating it is still there. :3 been using windows too long.
<Insomnia1ity> kernel update? :P
<c1|freaky> ^^
<zul> mathiaz: no idea
<saltedlight> hi. is there any way to stop icmp replys using ufw? i have used "net/ipv4/icmp_echo_ignore_broadcasts = 1" on /etc/sysctl.conf but this is not working if ufw is enabled.
<pubo> Hi
<pubo> I'm looking for a wikiwikiweb clone to use in my office... do you know what is the best?
<pubo> phpwiki? groupware-wiki? mediawiki?
<Arrick> anyone know how to get the video in a Virtual PC 2007 VM to permanently start at vga=771 ?
<Arrick> (server install for development)
<Arrick> right now the video is way to large to read the login section, so its really hard to do anything on the local machine
<qman__> if you edit the boot line during startup and add vga=771, it loads correctly?
<qman__> if so, once it's booted, just edit /boot/grub/menu.lst and modify the boot line
<qman__> make sure to change it in the commented section too, so the automagic kernel generator will update it with that option
<ckad> help
<hads> !ask
<ubottu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<dbbolton> if the integrity check  on the cd gets 90-some percent through before finding a problem, how risky is it to go ahead with installation?
<lukehasnoname> Run it again, if it fails again, trash it
<lukehasnoname> unless it's a play server for testing
<hads> And you don't care if your test might fail ;)
<dbbolton> i checked the md5sum before burning it. is it possible that the disc was bad?
<lukehasnoname> I don't know, perhaps
<dbbolton> all right. i'm going to check it again. thanks
<lukehasnoname> good luck
<lukehasnoname> heh
<nxvl> zul: ping
<macGerhard> how do I set the default shell for a new user to bash?
<kees> macGerhard: that should be the defaul.t
<kees> check /etc/adduser.conf
<uvirtbot> New bug: #239129 in ucd-snmp "[CVE-2008-0960] Multiple SNMP implementations HMAC authentication spoofing" [Undecided,New] https://launchpad.net/bugs/239129
<uvirtbot> New bug: #239513 in php5 (main) "stack smashing detected when calling xmlrpc_set_type " [Undecided,Incomplete] https://launchpad.net/bugs/239513
<uvirtbot> New bug: #239627 in mysql-dfsg-5.0 (main) "package mysql-server None [modified: /var/lib/dpkg/info/mysql-server.list] failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/239627
<uvirtbot> New bug: #235868 in dnsmasq (main) "dnsmasq 2.41-2ubuntu1 init script typo: log_msg_end" [Low,Fix released] https://launchpad.net/bugs/235868
<uvirtbot> New bug: #239404 in dnsmasq (main) "Please merge dnsmasq 2.42-3 (main) from Debian unstable (main)" [Wishlist,Fix released] https://launchpad.net/bugs/239404
<uvirtbot> New bug: #239668 in mysql-dfsg-5.0 (main) "no postinst script" [Undecided,New] https://launchpad.net/bugs/239668
<uvirtbot> New bug: #239704 in openldap2.3 (main) "slapd fails to upgrade if included schema files are no longer available" [Wishlist,Incomplete] https://launchpad.net/bugs/239704
<uvirtbot> New bug: #239752 in dovecot (main) "package dovecot-common 1:1.0.10-1ubuntu5.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/239752
<ivoks> uvirtbot: relax, it's friday :D
<uvirtbot> ivoks: Error: "relax," is not a valid command.
<soren> Heh... Yeah, sorry about that. I messued its network settings a few days ago, and I've been traveling so unable to fix it until just now.
<uvirtbot> New bug: #239894 in apache2 (main) "CVE-2008-2364 Apache2 mod_proxy_http.c DOS" [High,In progress] https://launchpad.net/bugs/239894
<uvirtbot> New bug: #239947 in samba (main) "HAL crashes with generated smb.conf" [Undecided,New] https://launchpad.net/bugs/239947
<uvirtbot> New bug: #240089 in bacula (main) "package bacula-director-mysql 2.2.8-5ubuntu7.1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Medium,Invalid] https://launchpad.net/bugs/240089
<soren> I doubt that's the last ones.. :)
<ivoks> :)
<ivoks> don't worry, we'll just ignore it, as we do will all other bugs :DD
<uvirtbot> New bug: #240095 in php5 (main) "in php5-sybase, file sybase_ct.so is lost (dup-of: 240519)" [Undecided,New] https://launchpad.net/bugs/240095
<uvirtbot> New bug: #240108 in quagga (main) "package quagga 0.99.9-1ubuntu2 failed to install/upgrade: " [Undecided,Incomplete] https://launchpad.net/bugs/240108
<uvirtbot> New bug: #240239 in mysql-dfsg-5.0 (main) "MySQL replication - Debian quirks undocumented" [Wishlist,Triaged] https://launchpad.net/bugs/240239
<ivoks> s/will/with/
<soren> ivoks: :)
<uvirtbot> New bug: #240353 in samba (main) "Can not add user/macine accounts to Samba PDC if the "ldap idmap alloc" backend is used" [Undecided,Incomplete] https://launchpad.net/bugs/240353
<uvirtbot> New bug: #240387 in php5 (main) "php5-ldap TLS (start_tls) quirks" [Undecided,Incomplete] https://launchpad.net/bugs/240387
<uvirtbot> New bug: #232203 in net-snmp (main) "libsnmp15 depends on libperl5.8 instead of libperl5.10" [Undecided,Fix released] https://launchpad.net/bugs/232203
<uvirtbot> New bug: #234155 in net-snmp (main) "net-snmp-5.4.1~dfsg can not be rebuild" [Undecided,Incomplete] https://launchpad.net/bugs/234155
<uvirtbot> New bug: #240519 in php5 (main) "sybase_* functions missing in php5-sybase for hardy" [Wishlist,Fix released] https://launchpad.net/bugs/240519
<uvirtbot> New bug: #240521 in amavisd-new (main) "amavis-new floods harddisk" [Undecided,New] https://launchpad.net/bugs/240521
<soren> Looks like we've got a lot of work to do... :/
<uvirtbot> New bug: #240746 in samba (main) "winbind cannot be installed because it depends upon an older version of samba-common" [Undecided,Invalid] https://launchpad.net/bugs/240746
<uvirtbot> New bug: #231060 in libvirt (main) "packages dnsmasq and libvirt-bin conflict with each other" [Undecided,New] https://launchpad.net/bugs/231060
<uvirtbot> New bug: #234166 in ipsec-tools (main) "Wrong ID type sent when configured for Xauth and U-FQDN" [Undecided,Fix released] https://launchpad.net/bugs/234166
<uvirtbot> New bug: #241079 in system-config-samba (main) "In Samba Server Configuration, clicking help causes a crash." [Undecided,New] https://launchpad.net/bugs/241079
<uvirtbot> New bug: #241128 in libnss-ldap (main) "SSL Certificates not recognized properly with certain LDAP configuration choices" [Undecided,New] https://launchpad.net/bugs/241128
<uvirtbot> New bug: #241139 in nautilus (main) "Intrepid Ibex: Cannot access samba share "Unable to mount location"" [Undecided,New] https://launchpad.net/bugs/241139
<uvirtbot> New bug: #241144 in bind9 (main) "Please sync bind9 1:9.5.0.dfsg-3 (main) from Debian unstable (main)." [Wishlist,Fix released] https://launchpad.net/bugs/241144
<uvirtbot> New bug: #241440 in bacula (main) "bacula catalog fails due to missing script" [Medium,Triaged] https://launchpad.net/bugs/241440
<ivoks> what?
<ivoks> bacula doesn't fail
<ivoks> ever.
<ivoks> oh, that's the one i triaged already
<uvirtbot> New bug: #241461 in openvpn (main) "OpenVPN deletes its own user group in Hardy." [Undecided,New] https://launchpad.net/bugs/241461
<uvirtbot> New bug: #241480 in bacula (main) "bacula-fd does not start when installed via bacula-client" [Medium,Triaged] https://launchpad.net/bugs/241480
<uvirtbot> New bug: #241550 in openvpn (main) "package openvpn 2.1~rc7-4build1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/241550
<macGerhard> kees: hey mate, sorry, had to leave
<macGerhard> ok, so when I create a new user
<macGerhard> although in adduser.conf
<macGerhard> the default shell is set to bash
<kraut> moin
<macGerhard> the user that I have created has sh as the default shell
<macGerhard> how can I change this to bash?
<macGerhard> Nafallo: hey, you alive and kicking?
<macGerhard> anyone? how do I change the default shell for user?
<Nafallo> macGerhard: chsh
<macGerhard> Nafallo: yep, figured it out eventually
<macGerhard> how's the new job treating you?
<Nafallo> macGerhard: busy busy
<macGerhard> at least it's all ubuntu busy ;)
<macGerhard> I got a new VM as well, decided to go with gutsy
<macGerhard> hope I won't regret it
<macGerhard> it's different from centos
<macGerhard> and apache has a different conf
<macGerhard> but it's just a new system I suppose
<macGerhard> will you be around for tips and tricks :)
<macGerhard> Nafallo: I didn't ask, but you do know who I am, don't you?
<Nafallo> macGerhard: ya
<Nafallo> macGerhard: like in, ya I know who you are.
<macGerhard> Nafallo: ok, that's good then ;)
<macGerhard> you'll be seeing me in this channel often, asking for help with ubuntu
<macGerhard> just until I get my head around it ;)
<macGerhard> cheers Nafallo, I must shoot now
<macGerhard> catch you later mate ;)
<sommer_> morning all
<kaloyan> hi can someone tell me what the timestamp in dmesg and the logs represent
<zul> hi sommer_
<ScottK> soren: Is there a particular reason why network-manager-openvpn can't be updated in Debian and sync'ed?
<soren> ScottK: Apart from availability of time, no.
<soren> Oh..
<soren> Er... That's not entirely true, actually.
<soren> I believe Debian has a /etc/init.d/NetworkManager script, while we have a /etc/dbus-blah/blah/NetworkManager script..
<ScottK> Yes, but it'd trivial to check for existance and use what exists.
<soren> ScottK: Sure.
<soren> ScottK: It not complicated at all. It's just a simple gotcha that one should keep in mind.
<jjesse> anyone else having problems getting to the dovecot website?
<sommer_> jjesse: works fine for me :)
<jjesse> seriously?
<sommer_> yep, no issues that I can see
<jjesse> it times out for me
<jjesse> tried it on 3 different boxes
<sommer_> hmmm... maybe a dns issue?
<jjesse> maybe, but other pages work
<jjesse> i bet i'm not suppposed to be looking up other mail servers here :)
<jjesse> i'll blame microsoft
<sommer_> heh, they're probably out to get you... it happens
 * delcoyote hi
<Deeps> !webmin
<Deeps> !exbox
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<ubottu> Factoid exbox not found
<Deeps> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Insomnia1ity> http://gb.archive.ubuntu.com/ubuntu/pool/universe/s/samba/
<Insomnia1ity> lol
<lukehasnoname> hello
<drekk1> http://www.expressen.se/nyheter/1.1205194/han-svek-sitt-lofte-till-mig
<drekk1> sorry, wrong window :)
<mweichert> hello! I use Intel Core 2 Duo processors... should I use the AMD64-bit edition of Ubuntu?
<RoAkSoAx> mweichert, ia64 supports amd64 and EM64
<mweichert> RoAkSoAx: okay, I just noticed that the ISO image ends with amd64
<mweichert> second, is there a 64-bit version of JeOS?
<RoAkSoAx> mweichert, it does, but it really is for ia64. And about JeOS i don't know for sure...
<infinity> RoAkSoAx: ia64 != amd64.
<infinity> RoAkSoAx: Please don't confuse them.
<infinity> RoAkSoAx: It confuses others. :)
<infinity> RoAkSoAx: ia64 is the Intel Itanium architecture.  amd64 is x86_64, aka "AMD Athlon", and "Intel Core2".
<jjesse> there is not a 64 bit version of jeos
<mweichert> jjesse: why not? :)
<lukehasnoname> mweichert: The theory is that VMs won't use more than 4GB, I guess
<lukehasnoname> kinda stupid.
<lukehasnoname> Also, you can use standard server iso's for a guest OS
<jjesse> i just thought thye hadn't built it yet
<jjesse> <shrug>
<mweichert> lukehasnoname: I put my all servers in VMs just for flexibility sake... it's easy to move them around and such
<mweichert> lukehasnoname: wouldn't there be a bit of overhead in running x86 though... isn't the x86 instructions emulated on the 64-bit processors?
<lukehasnoname> I'm no expert, but I don't think so
<lukehasnoname> 64 bit is an extension of x86
<infinity> mweichert: x86_64 CPUs run 32-bit code with no penalty.
<infinity> (Well, the penalty is access to fewer register, so it's a tiny bit slower than x86_64 code, but that's because x86 sucks, not something that would be improved running in 32-bit mode natively, which would still ignore the extra registers)
<infinity> mweichert: The emulation you're thinking of would be ia64 (Itanium) CPUs emulating i386, which is precisely the confusion I was trying to steer RoAkSoAx away from. :)
<ScottK> The other penalty is you don't get to experience any 64 bit unique bugs.
<infinity> mweichert: x86_64 is just an extension of x86 so, by definition, runs x86 code at native speeds.
<infinity> ScottK: Those are part of the fun!
<RoAkSoAx> infinity, yeah my bad ;)
<infinity> ScottK: And, to be fair, I've been running amd64 Ubuntu on my Core2 for a while now, and things have very much improved since the bad old days.
<infinity> ScottK: Heck, we even have cute wrappers for binary-only 32-bit browser plugins and stuff.
<mweichert> well thanks for the help guys, that helps a lot
<ScottK> And on a server, I'd expect it to be better than on the desktop.
<ScottK> Personally I view it as some risk for infintesimal gain, so I don't bother.
<mweichert> would jeos serve well as a host?
<Brazen> From the way I understand it, JEOS strips out a lot of hardware support because it expects to be run as a vm guest (which has a limited set of virtual hardware)
<Brazen> So, unless your physical hardware is the equivalent of the virtual hardware that gets presented to guests, you will probably be out of luck
<lukehasnoname> Brazen: awesome
<Brazen> lh(n^2): they do that for performance improvements :D
<lukehasnoname> so how do I check if php is running from console?
<lukehasnoname> hm actually I bet I should reboot
<thenewguy> leo
<thenewguy> he and moving stuff
<nxvl> soren: around?
<Brazen> nxvl: more of an oblong
<Brazen> lukehasnoname: don't reboot, just do a "sudo apachectl reload-config" or something like that, so there's no downtime
 * Brazen leaves
<mweichert> anyone here use VmWare?
<RoAkSoAx> mweichert, i do
<mweichert> RoAkSoAx: do you create virtual disks or allocate real partitions?
<RoAkSoAx> mweichert, virtual Disks
<mweichert> RoAkSoAx: hmm, and you don't have any performance issues?
<uvirtbot> New bug: #241448 in totem (main) "Playing from Samba SMB shared folder now is not possible (it could be done until last upgrade)." [Undecided,Confirmed] https://launchpad.net/bugs/241448
<RoAkSoAx> mweichert, haven't test that but i run from 4 to 6 VM's on my Desktop and work just fine
#ubuntu-server 2008-06-21
<captbaritone> I just bought my first sata drives (three of them) and created a raid 5. Now one is failing. How do I know which physical drive it is? Its /dev/sdb
<uvirtbot> New bug: #241796 in openssh (main) "sshd doesn't start properly" [Undecided,New] https://launchpad.net/bugs/241796
<lukehasnoname> captbaritone: Are you sure it's failing or you just didn't configure it correctly? If you jsut bought it, you must have bought a gimp drive
<lukehasnoname> I don't know the answer to your question, however
<captbaritone> I got some help in ubuntu-california
<captbaritone> I am investigating the posibility of a gimp drive
<captbaritone> but as I do hdparm -i /dev/sdb will tell me its serial number
<uvirtbot> New bug: #241802 in mysql-dfsg-5.0 "mysql clients ignore port specification when connecting to "localhost"" [Undecided,New] https://launchpad.net/bugs/241802
<hads> Because it's using a socket?
<Bashew> Hi, I'm running into a few issues here with Ubuntu Server and removing a few packages. When I installed xfce4 and xorg-xserver, and ubuntu-xen-server package, it tried to install policykit, xserver-xorg-input-wacom and xen-utils-3.2 which are all reporting Segmentation Faults
<Bashew> Later on, I had tried to install Konqueror, and the dependency konqueror-nsplugins is also causing a segmentation fault. it was originally installed as Ubuntu Feisty, but I used some console update-manager script to upgrade to Ubuntu Hardy
<ScottK-laptop> Bashew: Did you upgrade Feisty -> Gutsy -> Hardy or direct to Hardy?
<Bashew> I'm not entirely sure, hold on, let me find that package i used, really quick
<Bashew> I ran do-release-upgrade
<Bashew> and I think it went direct to Hardy
<ScottK-laptop> That's a problem in and of itself.  It shouldn't do that.
<Bashew> there weren't any problems then, so I installed linux-xen, and that went successfully, but then later I read on a tutorial site that I could install ubuntu-xen-server, which would install several other packages
<Bashew> and on top of other things, my dedi provider's techs are all out for the night, so would there be any alternative that I could try before getting it wiped clean?
<ScottK-laptop> You should probably want an xfce desktop or a kde desktop and install them or if you want to run a server.
<ScottK-laptop> Sure.
<ScottK-laptop> I'd suggest starting to remove stuff that's giving your problems.
<Bashew> I tried that, and thats also causing segmentation faults :/
<ScottK-laptop> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<ScottK-laptop> Please pastebin the exact error you're getting.
<Bashew> OK
<Bashew> http://paste.ubuntu.com/21730/
 * ScottK-laptop looks
<Bashew> I'm not sure if I should have tried to remove Hal, but it was causing issues
<ScottK-laptop> what happens if you try "sudo apt-get -f install" (don't hit Y, just tell me what it says it's going to do)?
<Bashew> says the new packages are going ot be installed: "cryptsetup kdebase-kio-plugins konqueror-nsplugins", and reccomended packages are hal, kamera, kdemultimedia-kio-plugins and pmount
<ScottK-laptop> At this point we will probably have to install a bunch of crap to get your system back to a consistent state, so I'd try that.
<Bashew> OK
<Bashew> is there any metapackage to simplify this?
<ScottK-laptop> You've got bits of two, so probably not.
<ScottK-laptop> Normally that's better, but we're goint to have to find the path out of your current mess and I don't forsee a shortcut workin.
<ScottK-laptop> This will probably fail again in an interesting way.  Pastebin that please.
<Bashew> OK
<Bashew> hold on, sorry im a bit confused, do you want me to run the apt-get -f again
<ScottK-laptop> It should ask you if you want to go ahead.  Say yes.
<ScottK-laptop> If you said no the first time, do it again.
<Bashew> OK
<Bashew> let me pastebin this, just a sec
<Bashew> http://paste.ubuntu.com/21734/
<ScottK-laptop> Looking
<Bashew> it ran into a few errors, as you guessed
<ScottK-laptop> I've not seen Konqueror do that, but I don't run it without a kubuntu-desktop.
<Bashew> i didn't run an install for Kubuntu-desktop
<Bashew> I just tried to install konqueror by itself
<ScottK-laptop> In theory that should work.
<Bashew> OK, so i'll try installing kubuntu desktop
<ScottK-laptop> That's what I was about to suggest.
<Bashew> OK
<Bashew> just waiting for it to download
<ScottK-laptop> I'm suprised at the segfaults.  I think it suggests something more fundamentally wrong with the system, but let's see.
<ScottK-laptop> Are you confident that the hardware is in good shape?
<Bashew> i'm not entirely sure, as the hardware is new
<Bashew> if this keeps up, tomorrow I'll ask the provider to slap a KVMoIP on it, and I'll run Memtest
<ScottK-laptop> In general you ought to avoid putting X and such things on a server.
<Bashew> I was planning to do it was a temp. fix, as I needed to copy a few folders of info from the old dedi
<Bashew> and to be honest im not too skilled in SCP
<ScottK-laptop> Do you run Kubuntu or Ubuntu on your desktop?
<Bashew> Ubuntu
<Bashew> and 3 mins eta on the server
<ScottK-laptop> I'm not sure how you do it with Ubuntu (I use Kubuntu) but with Konqueror you can run it on the desktop and manipulate the remote file system with SFTP.
<ScottK-laptop> No need to install X and such on the server itself.
<Bashew> well I mean, my provider has this LAN system setup between my two servers, and i didn't want to blow through 60GB of bandwidth both ways :/
<Bashew> then again, I could have tried using it over X11 Forwarding
<ScottK-laptop> There's also rsync too.  It's not so hard to do and doesn't need a gui.
<Bashew> ive never considered that, honestly
<ScottK-laptop> ssh into one server and rsync to/from the other.  No trouble at all.
<Bashew> OK, it finished, but there are still some Segfaults
<ScottK-laptop> Same ones?
<Bashew> yeah, konqueror
<ScottK-laptop> I wonder if somehow your copy is corrupted.
<Bashew> I cleared the cache
<ScottK-laptop> What architecture is the install (i386?)
<Bashew> i386
<Bashew> i'm curious though
<Bashew> if Xen might be causing some of this, but i don't want to ptu blame on it yet
<ScottK-laptop> Considering you've modified the kernel by installing it, it's a good bet.
<ScottK-laptop> can you wget http://launchpadlibrarian.net/14327368/konqueror_3.5.9-0ubuntu7.2_i386.deb
<Bashew> OK
<ScottK-laptop> Then sudo dkpkg -i konqueror_3.5.9-0ubuntu7.2_i386.deb
<ScottK-laptop> urgh
<Bashew> same problem, Segfault
<ScottK-laptop> dpkg
<ScottK-laptop> I'm gonna start to blame your kernel.
<ScottK-laptop> What Xen packages do you have installed.
<Bashew> uh, xen-tools-3.1, the newest initrd and newest kernel
<ScottK-laptop> I didn't think it was out for 2.6.24 yet
<Bashew> 2.6.24-19-xen
<Bashew> thats what uname reports
<ScottK-laptop> OK.
<ScottK-laptop> Konqueror and policykit don't generally segault all over the place.
<ScottK-laptop> I'd get Xen off if it was me and get your kernel as back to normal as possible.
<Bashew> OK
<Bashew> ...this has got to be kidding me
<Bashew> the Xen packages are broken, I'll go reorder the grub entries to put the normal one on top
<Bashew> ScottK-laptop: Removing Xen seems to work
<Bashew> Thank you very much :D
<ScottK-laptop> Bashew: Now that it's working, remove all that X crap off your server.  It'll only cause you pain there.
<Bashew> Yeah
<Bashew> would running aptitude purge kubuntu-desktop take out most of the packages?
<ScottK-laptop> Probably, you'll also need to remove the xfce4 stuff too.
<Bashew> I was able to remove that earlier, luckily
<Bashew> then again, while I do have X working and Konqueror working, I might as well transfer the data
<uvirtbot> New bug: #241427 in network-manager-openvpn (universe) "package network-manager-openvpn 0.3.2svn2342-1ubuntu4 failed to install/upgrade: problemi con le dipendenze - lasciato non configurato (dup-of: 241550)" [Undecided,New] https://launchpad.net/bugs/241427
<hedge-ho1> Hi, I'm not a linux/sysadmin guru, but I have some Q's related to Ubuntu-server, Amazon's AWS EC2 service, Condor and Redhat's MRG effort... anyone willing/able to chat?
<Kamping_Kaiser> if you have specific questions ...
<hedge-ho1> OK, is there an ubuntu effort comparable to Redhat's MRG?
<Kamping_Kaiser> whats is that?
<hedge-ho1> Kamping_Kaiser: The following says it better than I could :) http://www.redhat.com/mrg/
<hedge-ho1> MRG: Messaging-Relatime-Grid
 * Kamping_Kaiser waits for it to load
<Kamping_Kaiser> theres not one that i'm aware of
<hedge-ho1> Is anyone using Ubuntu-AMI's with Condor?
<hedge-ho1> How would I find if Condor is a fully maintained package on Ubuntu?  I see a page that lists 'common packages' but Condor is not listed...
<Kamping_Kaiser> depends what 'fully maintained' means. but packages.ubuntu.com could tell you where it is.
<Kamping_Kaiser> i guess 'fully maintained' in ubuntu would mean 'main'
<hedge-ho1> Hmm, Condor isn't listed for hardy on packages.ubuntu.com.  So what do people use for a batch-job manager?
<Kamping_Kaiser> unless i misunderstand ... cron?
<hedge-ho1> Thinking more of 'industrial' scale.  Say manage 10's of 1000's of heterogenous jobs amongst 10's of machines
<bestpvp> hello
<bestpvp> anyone here know about converting hard raid?
<Kamping_Kaiser> cluserssh perhaps (but i'll let people who have experiance with such things speak up)
<nijaba> hedge-ho1: https://help.ubuntu.com/community/UbuntuOnCluster
<hedge-ho1> nijaba: Thanks, I was digging, without luck, through https://answers.launchpad.net/ubuntu
<nijaba> hedge-ho1: hmm... might have been too quick, not sure there is what you need there
<hedge-ho1> nijaba: That's OK.  That looks like a effort similar to Rocks.  My use case would be on Amazons EC2. Which is my next question...
<hedge-ho1> Are people using Ubuntu server AMIs on EC2, is it supported?
<nijaba> hedge-ho1: we are working to have something for EC2 in 8.10, at the moment there is a cludge that runs but is not supported.  Cannot tell more ate the moment
<nijaba> s/ate/at
<hedge-ho1> nijaba: Who is 'we': Canonical, another firm or some community?
<nijaba> hedge-ho1: canonical
<hedge-ho1> OK sounds promising.  Does this effort involve merging Redhats MRG results?  Or is something seperate?
<nijaba> hedge-ho1: if you send me an email address, I'll send you more info as soon as I can
<bestpvp> anyone know how to convery raid1 hard to raid0?
<Kamping_Kaiser> bestpvp, via backup would be my suggestion :)
<nijaba> bestpvp: yep, going from one to the other implies killing all data in between.
<bestpvp> np
<bestpvp> well let me show u what it looks like
<bestpvp> p0     OK               u0     698.63 GB   1465149168    5QD1125A
<bestpvp> p1     OK               u0     698.63 GB   1465149168    5QD18D97
<bestpvp> thats hardware raid ppl say
<bestpvp> but u can convert it to raid0?
 * delcoyote hi
<kraut> moin
<uvirtbot> New bug: #241892 in net-snmp (main) "[CVE-2008-2292] Buffer overflow in __snprint_value() in snmp_get" [Undecided,New] https://launchpad.net/bugs/241892
<incorrect> hello, i am trying to configure n-node replication with slapd
<GeekSquadSF> new guy... looking to find out possibilites about server
<GeekSquadSF> is it possible to build a domain with an AD type of layout
<incorrect> i have two ldap servers i would like to replicate info between them, what is the best way?
<tharis20> hey, I'm trying to install ubuntu server 8.04 in a P2 and after it saying that is launching the partioner, it stops with the bluescreen and in the bottom a single gray line
<tharis20> any help?
<nealmcb> tharis20: how much disk space do you have?
<tharis20> nealmcb, 6GB in total with 700MB from Windows that I don't need
<tharis20> the PC is old
<tharis20> P2 350Mhz with 64MB ram
<sethalton> wow
<nealmcb> hitting cntl-alt-f1 and/or f2 might show you some more info - I forget
<tharis20> sergevn, lol, it is old, I know
<tharis20> now i pressed alt+F4
<tharis20> and it shows a log
<tharis20> Jun 21 16:43:54 partman:   Reading all physical volumes. This may take a while
<tharis20> i think that 9 minutes are more than a while
<Ali_ix> tharis20: check /var/log, there might be two files, system and partman, check if there is any strange log there
<Tharis_> Ali_ix, how will i do that if the system isn't installed?
<GeekSquadSF> do you guys know if it's possible to use ubuntu server as a AD structure?
<Ali_ix> GeekSquadSF: if by AD you mean ActiveDirectory you should take a look at Samba
<Ali_ix> Tharis_ check that in virtual terminals (ctrl+alt+f2-f8)
<nealmcb> GeekSquadSF: we're making progress - look at the blueprints - but not all the way there yet
<nealmcb> e.g. I think there are ways to have samba be the interface between clients and an AD master, but samba can't yet do everything that some clients want
<Tharis_> Ali_ix, i'm goin' to do this from the beggining
<nealmcb> Tharis_: the alternate installer cd can also deal better with smaller systems
<Tharis_> what alternate?
<nealmcb> look at the download page - that's the name
<viperserv2> anyone know how to convert raid1 to raid0
<Ballena> Hi
<Ballena> Is it possible to make the system auto start a script after boot and run it from my user?
<Ballena> I have a script that startas some services but they must be started from my user.
<nealmcb> Ballena: you can put it in /etc/rc.local, with an su -u username
<nealmcb> sorry - no "-u" option - that's for sudo...
<nealmcb> just su username
<Ballena> nealmcb: ok. So in the /etc/r.local file i write liek this "/home/ballena/.start-script.sh su ballena" ?
<Ballena> like*
<nealmcb> su -c ï»¿/home/ballena/.start-script.sh  ballena
<Ballena> nealmcb: sounds like magic, I hope it works. I'm going to try that. Thanks!
<nealmcb> :)
<nealmcb> you probably want to test it first, remembering that the environment it gets won't have much in it
<Ballena> environment?
<nealmcb> what does the script do?
<nealmcb> see the "env" command
<Ballena> nealmcb: it starts a session of screen. and in the screen session it start: rtorrent, irssi, tmsnc and top.
<nealmcb> seems reasonable - so long as it isn't expecting ssh keys, $DISPLAY, etc
<Ballena> I don't think so.
<Ballena> About the environment. # man env did not tell me so much. But do you mean that when you start something with su -c X ballena it does not start with all privileges that the user ballena usually have?
<nealmcb> it is about information, not really privileges, if you type just "env" you'll see lots of settings.  those setting are inherited from parent processes.  you won't have common settings for things like DISPLAY when started from rc.local
<Ballena> ok. The $DISPLAY you mentioned, what is that? I get nothing when I type 'echo $DISPLAY'
<nealmcb> you only see that when you use X11 - and we have plenty of visitors who assume that servers run guis :/
<nealmcb> (or gnome, etc)
<Ballena> ok :) As far as I know I don't have X installed so then the $DISPLAy is probably nothing to worry about.
 * nealmcb nods
<Ballena> going to try the /etc/r.local method now. brb
<mweichert> hi guys, I'm using capistrano to setup my Ubuntu server using scripts. I want to install a package like mysql-server using apt-get, but dpkg-configure I think launches a process called whiplash which displays a curses-like GUI asking me to set the root password. Is there any way I can tell apt-get to ignore that step?
<nealmcb> mweichert: hmm - there are ways to set the priority level for debconf
<mweichert> nealmcb: oh?
<uvirtbot> New bug: #241952 in nagios-plugins (main) "check_disk_smb doesn't deal with special characters in the password fields correctly" [Undecided,New] https://launchpad.net/bugs/241952
<nealmcb> mweichert: tell me more about how you're using capistrano, what sorts of scripts etc
<mweichert> nealmcb: well capistrano connects to my server using ssh, and runs apt-get to install packages required for the deployment of an application. Some of the necessary packages include apache, build-essential, and mysql-server. The first two (and their dependencies) get installed no problem, but I get hung up at mysql-server because of debconf
<nealmcb> hmmm - apt-get man pages says nothing about debconf priorities....
<mweichert> I'll brb, I'm gonna try just sending across the channels the password
<nealmcb> mweichert: you can also use a preseed configuration, but I haven't done much of that
<mweichert> nealmcb: yeah, I've done that in the past...
<mweichert> nealmcb: I could do that I suppose, but if there was a way to preseed apt-get I'd be much happier :)
<Ballena> nealmcb: when I run 'su -c /home/ballena/.screen-start.sh ballena' in a normal terminal it prompts for a password. Wouldent it be the same if you put that command in the /etc/rc.local? because it did not work.
<mweichert> hmm, it seems that whiptail isn't sent across the ssh channel, so I can't send the password and a carriage return or newline to get by it
<nealmcb> Ballena: ahh - prompting for passwords is another of those tricky things - the process probably doesn't really know which terminal to use
<fdg> hi. anyone here having kolab running on 8.04?
<Ballena> nealmcb: hmm ok
<nealmcb> Ballena: which apps are asking for what kinds of passwords?
<Ballena> nealmcb: probably the su, but I don't know. http://paste.ubuntu.com/21885/
<nealmcb> Ballena: no - you're already root so su shouldn't need a pw
<Ballena> nealmcb: sure? i'm root but I'm trying to run something for the user erikw.
<nealmcb> root can do anything
<nealmcb> except know passwords for random commands.  one of the scripts may depend on $HOME or something like that
<nealmcb> the "-l" argument to su may also help - it gives a login environment
<Ballena> nealmcb:  ! you probably right. I'm using  ~ in some paths in the scripts
<Ballena> and that will refer to the roots home when i run it from rc.local.
 * nealmcb notes a slightly faster return this time around for Ballena
<captbaritone> My server is a rather old computer and I am afraid its built in usb ports might be usb one, is there a way to find out?
<Ballena> nealmcb: Works like a charm. Thank you 1000 times!
<nealmcb> :))
<Insomnia1ity> captbaritone: lsusb might tell you
<nealmcb> captbaritone: or dmesg|grep usb
<fdg> anyone here having kolab running on ubuntu 8.04 server?
<nealmcb> fdg: if you're having problems with it, go ahead and ask more specific questions
<fdg> ok. i sat up the server, on which bind and samba works fine. when i install slapd, that can bei started by "/etc/init.d/slapd start" - a "ps ax" shows it running. then i stop it again and run "kolab_bootstrap -b", which after having entered the deafult values stops whith "chown: cannot access `/var/lib/ldap/*': No such file or directory".
<fdg> after that trying to start slapd doesn't work anymore
<captbaritone> Insomnia1ity, nealmcb: no luck
<captbaritone> well
<captbaritone> dmesg did refer to it as a "full speed usb devce" whatever that means
<incorrect> i am trying to configure slapd to replicate from a master server but when i start it it just dies
<RoAkSoAx> incorrect, you using heartbeat or something like that?
<incorrect> i was being dumb, its a parse error in the config
<RoAkSoAx> ok :)
<incorrect> i had been using suse at work, sigh and was looking in messages
<incorrect> wish i could figure out this n-way replication
<RoAkSoAx> incorrect, what do you wan't to replicate?
<incorrect> ldap
<RoAkSoAx> incorrect, the server config files or data?
<incorrect> data
<RoAkSoAx> incorrect, try DRBD
<incorrect> no no, openldap 2.4 supports multi master replication now
<incorrect> drdb is way too heavy over my vpn
<RoAkSoAx> incorrect, http://www.highlandsun.com/hyc/ldapguide/replication.html
<RoAkSoAx> that miught help ya
<incorrect> no
<incorrect> that is slurpd that is cack
<incorrect> that is version 2.2
<incorrect> hardy is shipping with 2.4 that does n-way replication
<incorrect> however i can't create the objects needed
<RoAkSoAx> i wouldn't know, i don't really use ldap
<incorrect> ldap is awesome for system admin
<incorrect> just for some reason i can't get replication working in ubuntu
<incorrect> used to have it in rhel
<RoAkSoAx> maybe there's a bug or something
<incorrect> well rhel was using 2.3 at the time
<incorrect> 2.4 is a big update ditching all the old replication methods
<incorrect> thank you for listening :) i understood why :)
<incorrect> i am such a retard, i only ever understand a problem if i talk about it
<incorrect> w00t :) whatever that means :)
<nxvl> soren: empty packages?
<soren> nxvl: Only the stuff from /usr/share/doc is in there.
<soren> nxvl: You've commented out dh_install in debian/rules.
<soren> So the files are never moved into the package directories.
<nxvl> mm
 * nxvl looks
<soren> I replaced it, added --sourcedir=debian/tmp, and prefixed /usr in debian/augeas-tools.install, and it seems to work now.
<nxvl> heh
<nxvl> :D
<soren> You should rename augeas-dev to libaugeas-dev
<nxvl> yes
<nxvl> i was having some doubt's on the binary names
<soren> The package descriptions are the same for all three packages. That's not right. You can look at something like libvirt for inpiration.
<nxvl> soren: i used the rpm package as base and example and it was this way :P and i was a little busy and lazy
<soren> lintian gives me a bunch of errors, when I run it on the .deb's. You should fix those.
<soren> No worries :)
<nxvl> lintian?
<nxvl> mm
 * nxvl chacks
<nxvl> i hade clean lintian
<nxvl> had*
<soren> Well, with empty packages, you would :)
<nxvl> well i think i don't run lintian on the packages
<soren> None of the packages contain augeas' lenses.
<nxvl> mm
<nxvl> i knew i should't trust on the rpm packagin
<soren> You probably want to either ship those in libaugeas0 or in a separate augeas-lenses package and have libaugeas0 depend on it.
<nxvl> mmm
<nxvl> i think augeas-lenses it's a cool one, don't you
<nxvl> ?
<soren> I think that's what I'd do, yes.
<nxvl> and the section for -lenses would be? libs also
<soren> misc, I guess.
<nxvl> it's my first time packaging a multibinary and mixed package
<nxvl> (as in binary + lib)
<nxvl> so i'm kind of suffering with it
<soren> Well, feel free to ask.
<nxvl> soren: datadir is /usr/share, didn't it?
<soren> Yes.
<nxvl> soren: how do you see they where empty? using less?
<nxvl> soren: i have just uploaded a new version of the package
<nxvl> soren: can you please take a look and send me an e-mail please, since i need to run
 * nxvl HUGS soren 
<nxvl> soren: thanks for your help!
#ubuntu-server 2008-06-22
<uvirtbot> New bug: #242020 in dhcp3 (main) "dhcp3-server fails to issue lease after computer has gone to sleep and woken back up" [Undecided,New] https://launchpad.net/bugs/242020
<ir8> Hello I have a few question about hardware and where can i get a list of supported hardware.
<uvirtbot> New bug: #242027 in update-manager (main) "bug to be reported against update manager" [Undecided,Triaged] https://launchpad.net/bugs/242027
<mrhanky> ok guys i need some help
<mrhanky> uhm.. i have a server ubuntu server
<mrhanky> and i have a backup server with ubuntu server
<mrhanky> it backs up my main server every morn at 6am
<mrhanky> now, i want to save on energy
<mrhanky> so can i make my backup server hibernate, then make my main server tell it to wake up?
<mrhanky> is that possible?
<mrhanky> id really like to know :)
<iRRV1> WOL?
<mrhanky> WOL? uhm not sure what that is
<iRRV1> i dont know much about WOL (Wake On Lan) but sounds like what you would want
<mrhanky> oohhh
<mrhanky> yeah that is
<mrhanky> do you know of a tutorial or something?
<mrhanky> :)
<iRRV1> i think it differs bios-to-bios
<iRRV1> but i have never done it and know next to nothing about it
<Kamping_Kaiser> you need something that can send custom icmp packets to the powered off system
<Kamping_Kaiser> and a bios that supports wol.
<mrhanky> i can do that
<mrhanky> let me see if my bois does... i have 3 backup server candidates so im sure one of them does! :)
<mrhanky> thanks guys! :D
<iRRV1> np
<Kamping_Kaiser> gl
<iRRV1> im still deciding what kind of a game i should host on my server (originally was gunna be a MUD...then i wanted to do some sort of something that would actually get users...) ...any suggestions?
<Kamping_Kaiser> dont knock mud players ;P
<iRRV1> im not
<iRRV1> just saying theres too many good muds out there and im coming in too late in the game to get any users
<Kamping_Kaiser> guess the amount of bandwidht you have to your server affects what you want to runon it
<iRRV1> 300 Mb/month iirc
<iRRV1> errr....
<iRRV1> that sounded pretty low...good thing its 300 Gb/month
<Kamping_Kaiser> ;)
<iRRV1> but its a cheap vps so its likie 256 MB ram and 10 gigs hdd and such
<iRRV1> and i mean if i could get any builders to help me with my MUD i would stay at it...but i've been working at this for about a week or 2 and only got a fraction of a city
<iRRV1> well...probably a week
<iRRV1> (and i'll shutup if this is too offtopic, btw)
<iRRV1> but if anyone has any suggestions for what to run on my server, they would be much appreciated (and yes, it is a ubuntu server :D)
<Kamping_Kaiser> shouldnt you get an idea before a server ? :P
<iRRV1> i had one
<iRRV1> then i after i got the server, i had a realization
<iRRV1> so im running a MUD server and a crossfire server on there currently...but im prolly gunna take em both down if i can get a half decent idea for a server
 * delcoyote hi
<mindframe> is it possible to control access to usb devices in linux?  example: I want to block all USB IDs except for 046d:c51a
<sergevn> mindframe: this can be done in udev
<uvirtbot> New bug: #242139 in net-snmp (main) "snmpd caused a lot error messages in dmesg" [Undecided,New] https://launchpad.net/bugs/242139
<sergevn> mindframe: look in /etc/udev/rules.d
<sergevn> mindframe: been a while since I played with that, there is good documentation about this on https://wiki.ubuntu.com and https://help.ubuntu.com
<ZeeshanQ> hey
<ZeeshanQ> can anyone suggest me a book to start linux from the command line
<AtomicSpark> is there anyway to easily search for and delete a file in a bunch of folders without manually deleting each one?
<nxvl> find?
<AtomicSpark> nvm. i figured out i can search the mounted folder. :P
<AtomicSpark> that was quick.
<nxvl> bash scripting is always cool
<AtomicSpark> i'm getting rid of all the thumbs.db. silly windows files.
<AtomicSpark> have you worked with samba at all?
<nxvl> yep
<AtomicSpark> i have this weird inconsistency with my samba share. right now i'm just sharing a users home as one main collection of files. i can manually type in the address. smb://server/username
<AtomicSpark> but when i try to find it via the network option in ubuntu it just has two shares on it. homes and print$
<AtomicSpark> homes doesnt mount. i'm thinking it might either be configured wrong or its trying to use the user name i'm logged into on the local machine
<AtomicSpark> hmm. now my workgroup is empty. smb protocol is very random. even on windows.
<sommer_> ScottK: just an fyi, I got a notice from LP saying I'm about to expire from the clamav team :(
<thenewguy> how secure is Ubuntu server? if i put a stock Ubuntu box on the web with LAMP how safe am i? i will have it behind a Hardware firewall
<ivoks> you'll have only http port open to the public
<ivoks> fwiw, php is patched with suhosin patch from http://www.hardened-php.net/
<Nafallo> if the P is PHP, you are as secure as your applications ;-)
<ivoks> right
<ivoks> and you can apply that rule to any other language
<Nafallo> yepp. but there is only one language I mistrust on principle ;-)
<Nafallo> anyway. lets not get into that discussion :-)
<ivoks> Nafallo: i agree with you, but when you think of it... most of the problems are really aplication based
<Nafallo> yepp :-)
<ivoks> php is, kind of, proof of concept, but, to be honest, it isn't much worse than other languages
<Nafallo> its widely popular, so of course it gets more CANs
<ivoks> right...
<ivoks> meh... long night in front of me...
<ivoks> i'll convert dbmail into dovecot...
<Nafallo> :-)
<ivoks> it would be great to have mod_security in apache, by default
<ivoks> too bad mod_security is still gpl2
<ivoks> o! o! changes!
<ivoks> http://blog.modsecurity.org/2008/06/modsecurity-lic.html
<AtomicSpark> ivoks, yay?
<ivoks> AtomicSpark: yay? :)
<AtomicSpark> ivoks, yes.
<nxvl> ivoks: woooho!
<ScottK> sommer_: You should be able to renew yourself.  Let me know if you can't.
<sommer_> ScottK: cool, thanks
<nxvl> ScottK: hi!
<ScottK> Hello nxvl.
<nxvl> ScottK: how are you!
<ScottK> Good, but busy.
<nxvl> ScottK: everything is going fine
<nxvl> yeah, same here
<ScottK> (which explains why I haven't signed your GPG key among other things)
<nxvl> this days are really busy
<nxvl> :D
<nxvl> well i was going to ask you something, but, don't mind
<nxvl> :P
<ScottK> If it's a quick question, go ahead.
<ScottK> nxvl: ^^
<nxvl> well
<ScottK> Is anyone here actually running dovecot for sasl with Postfix?
<nxvl> it's a not short time demanding thing
<ScottK> Not even the asking?
<nxvl> so nevermind
<nxvl> :D
<nxvl> well
<nxvl> i was going to ask you to review augeas
<nxvl> :P
<ScottK> Ah.
<ScottK> Probably not today.
<nxvl> and it's not a simple package
<nxvl> is a multiple binary + library one
<ScottK> My suggestion would be ask sistpoty to do it.  He's really good on library packaging.
<nxvl> but doesn't mind, if you find some time i will be really grateful if you took a look, even a quick one :D
<nxvl> ScottK: thanks! i will
 * ScottK adds it TODO.
<ScottK> sommer_: Are you using Postfix with Dovecot for SASL?
<nxvl> sommer_: can you please test augeas i need some sysadmins opinions on it
<nxvl> sommer_: it has some test cases on the web page, and a test environment
<nxvl> sommer_: so if you have time, please test it and send me some feedback
<shelbyscates> hey guys i have an old dell running ubuntu server dapper drake and im setting up wake from lan, and now that i have it installed, i cant figure out for the life of me how to get my system to hibernate from the command line! HELP PLUZE :D
<shelbyscates> hulp? pleexx?
<shelbyscates> D':
<FanBoyUK> shelbyscates: im here to help
<FanBoyUK> shelbyscates: its okay, IM FROM THE INTERNETS
<shelbyscates> FanBoyUK: LMAO
<shelbyscates> so yeah
<shelbyscates> can someone pleez help mah?
<shelbyscates> hey guys i have an old dell running ubuntu server dapper drake and im setting up wake from lan, and now that i have it installed, i cant figure out for the life of me how to get my system to hibernate from the command line! HELP PLUZE :D
<shelbyscates> seriously though, i need serious help
<shelbyscates> D:
<Kamping_Kaiser> then be patient
<shelbyscates> ok :)
<specialKevin> shelbyscates: http://ubuntuforums.org/showthread.php?t=813387
<specialKevin> that might be of some help
<uvirtbot> New bug: #242219 in openvpn (main) "wrong filename in easy-rsa Makefile" [Undecided,New] https://launchpad.net/bugs/242219
<Insomnia1ity> shelbyscates: 22:34:47 - FanBoyUK [n=fanboy@85.13.250.10] left #ubuntu-server ()
<zul> nxvl: you pinged me a while ago?
<nxvl> zul: yep, don't remember why
<zul> nxvl: k
<shelbyscates> thanks guys
#ubuntu-server 2009-06-15
<daxroc> pmatulis: should the kvm instances show 100% cpu usage under top ?
<pmatulis> daxroc: no
<daxroc> there frozen soo , probably not booting ?
<daxroc> I can't shutthem down either
<pmatulis> for access, you can use ssh (you installed it) or vnc
<daxroc> pmatulis: no ssh cant ping them  ? vnc it's a cli server ?
<jetole> hey guys. Does anyone know of a good system for keeping inventory of your computers. The count of servers I manage is starting to grow large in my firm and am now at the point where I am rolling off new via pxe boot and puppet config from vm hosts also and they require little config/attention to get running but now it's getting to the point where I can't even remember all systems we have
<jetole> especially now with our full swing out into vm they are also starting to roll out quite quickly
<jetole> I am thinking of something agent based that I can roll into the pxe install
<daxroc> jetole: I think Canonical have a web management tool called landscape (commercial) ?
<jetole> actually I think I have just answered my own question, looking at ocs
<jetole> daxroc: I have servers that predate it (7.10)
<jetole> plus I don't like anything commercial
<jetole> ocs agent is a package option in 7.10 and looking at the ocs website, http://www.ocsinventory-ng.org/, it looks like something I would like
<pmatulis> daxroc: when you start a vm with virsh you should be able to contact it via vnc.  see if it's listening on tcp port 5900.  if you have many vms running you may need to try higher ports (5901, etc)
<pmatulis> the host that is (listening)
<pmatulis> telnet localhost 5900
<jetole> actually I believe you have to tell it to run a vnc either with virt-install or by editing the config file
<jetole> daxroc and pmatulis, I use this command to check which vnc for which host:  ps -FC qemu-dm | grep qemu-dm | sed -e 's/.*-domain-name\ \([^ ]*\).*-vnc\ \([^ ]*\).*/\1 \2/'
<jetole> this assumes qemu-dm is running the vm
<jetole> for example the first line returned is sql3 127.0.0.1:8
<jetole> which means I can connect to vnc on 127.0.0.1:5908
<jetole> I like to keep vnc local btw, ssh port forward to connect, more secure, anyways, I am off
<twb> Assuming your ssh is locked down to key-based or kerberos auth only ;-)
<jetole> key based
<jetole> although it's an ignorant assumption, a password can be stronger then a key
<twb> I certainly wouldn't trust raw RFB (without ssh or openvpn encapsulation) over an untrusted network.
<twb> jetole: assuming you mean the case where keys are passphraseless: granted.
<jetole> twb, no I mean where a passphrase is stonger then a key
<jetole> my god no! such a thing can't exist but yet it does
<twb> Eh?  Passphrases are *for* keys; without keys you can only use passwords.
<jetole> sshv2 supports password based authentication as well as keys and a handful of other auth methods, a password _can_ be harder to crack then a key
<twb> In what circumstance?
<twb> I agree with you, I'm just not sure you're thinking of the same vectors that I am.
<jetole> a 1024 bit key has 1048576 possible combinations where a password of 32 characters with 62 possible choices per character has 2272657884496751345355241563627544170162852933518655225856 possible combinations
<jetole> it's all about math
<jetole> btw, 62 being [a-zA-Z0-9]
<twb> I suggest you take that to #openssh.
<jetole> now keep in mind I don't want to remember a password that can beat a 4096 bit key so I dont
<jetole> twb: why, you are the one whom mentioned it and keep in mind 1024 is lower then the default for for RSA which is 2048 if I am not mistaken
<jetole> but if you need to know how many possibilities there are for a key you use bitlength^2
<jetole> actually
<jetole> I got that wrong
<jetole> 2^bitlength
<jetole> which means a 1024 bit key has 179769313486231590772930519078902473361797697894230657273430081157732675805500963132708477322407536021120113879871393357658789768814416622492847430639474124377767893424865485276302219601246094119453 possible combinations
<twb> I thought there might be a flaw like that in your math, but I'm far to asleep to find it :-)
<jetole> which can still be beaten by a long enough and complex enough password
<jetole> but if you use a 4096 bit key ( 104438888141315250669175271071662438257996424904738378038423348328395390797155745684882681193499755834089010671443926283798757343818579360726323608785136527794595697654370999834036159013438371831442 ) then creating a stonger password is possible but who the hell would type that in
<jetole> I mean you would need a longgggg password to beat it and probably use far more then the 62 char set
<twb> Of course, you can have a key with a weak passphrase, and get the key via social engineering, having root in the presence of agent forwarding, etc.  Then you can brute-force the weak passphrase.
<jetole> absolutely
<twb> That's what I was thinking of when you said that a key can be weaker.
<jetole> right but I was not refering to a key password in this case but that password for a key is also a point of attack assuming you have a key but if but key authentication is still stong and my preferred choice
<jetole> I mean for someone to use a password that is stronger then a key for password based authenticaion is... well rediculous
<jetole> but possible
<jetole> anyways, I gotta run again
<jetole> heading into the office
<jetole> ttyl
<sarthor_> Hi, Any tested and resulted solution on linux to use double isp as uplink? shorewall not working because no support failover case, on debain/ubuntu based computer configuring with gwping script Messengers and vpn problem coz with changing gatway again and again DC problem, here http://lartc.org/howto/lartc.rpdb.multiple-links.html , also problem with messengers and vpns, any expert can guide me to the right way, because i wasted a lot of my days o
<sarthor_> n this,
<twb> Do you want to use the two ISPs in a sort of trunking arrangement, or just use one at a time and dynamically fail over to the "spare" connection?
<sarthor_> twb, i want to use both isp at the same time, and if the one isp goes down or any dc problem so automatically to load come over the one isp.
<twb> Obviously during failover, any stateful connections that *were* using the dead uplink will be borked.
<diffra> wow.  vpslink's 9.04 image doesn't have adduser installed... O.o
<diffra> there's minimal, and then there's stupid.
<twb> diffra: unfortunately ubuntu-minimal isn't really suitable for VPS at the moment :-(
<diffra> it was 25 or so packages short of ubuntu-minimal
<twb> It does seem silly that the OpenVZ image has shit like apache in it by default, but not gnu screen...
<sarthor_> twb, i want to use both isp at the same time, and if the one isp goes down or any dc problem so automatically to load come over the one isp.
<sarthor_> Hi, Any tested and resulted solution on linux to use double isp as uplink? shorewall not working because no support failover case, on debain/ubuntu based computer configuring with gwping script Messengers and vpn problem coz with changing gatway again and again DC problem, here http://lartc.org/howto/lartc.rpdb.multiple-links.html , also problem with messengers and vpns, any expert can guide me to the right way, because i wasted a lot of my days o
<sarthor_> n this,
<twb> !repeat
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. You can  search  https://help.ubuntu.com or http://ubuntuforums.org while you wait.
<sarthor_> ubottu, if you are not bot, so please check the time stamp, is that quickly??
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<twb> sarthor_: a fifteen-minute interval is quick.
<twb> sarthor_: an hour interval wouldn't bother me.
<sarthor_> Ohh. interval according to your bothering, :)) Next i will be careful. dont mind bro.
<twb> sarthor_: no worries.
<xinel> anyone know of a tutorial to set up apt-cacher-ng to cache 9.04 and 8.10?
<twb> I'd hope the package includes copious documentation in /usr/share/doc/apt-cacher-ng/
<xinel> u sir are a gentleman and a scholar
<xinel> cheers
<twb> Let me point out that apt-cacher (not -ng) and apt-proxy are REALLY AWFUL
<twb> If you have the storage capacity, I would strongly recommend using debmirror or some other mirror-oriented system.
<twb> (Which can do partial mirroring, if you want to ignore e.g. the games or powerpc section.)
<xinel> the documentation doesn't tell me how :(
<FFForever> why do i see this?, 127.0.0.1 - - [14/Jun/2009:20:24:46 -0700] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Ubuntu) (internal dummy connection)"
<twb> Dunno, try asking #apache
<FFForever> billybigrigger, you around?
<billybigrigger> yeah
<FFForever> any idea why i am getting internal dummy connection's in my log?
<billybigrigger> access.log?
<billybigrigger> your apache log?
<FFForever> yeah
<billybigrigger> 127.0.0.1 - - [14/Jun/2009:14:43:22 -0600] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Ubuntu) (internal dummy connection)"
<billybigrigger> 127.0.0.1 - - [14/Jun/2009:14:43:22 -0600] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Ubuntu) (internal dummy connection)"
<billybigrigger> 127.0.0.1 - - [14/Jun/2009:14:43:22 -0600] "OPTIONS * HTTP/1.0" 200 - "-" "Apache/2.2.11 (Ubuntu) (internal dummy connection)"
<billybigrigger> i get the same thing :P
<FFForever> but why?
<billybigrigger> don't know
<billybigrigger> its coming from the localhost (127.0.0.1)
<billybigrigger> might be why
<FFForever> error404notfound, so find yourself :P
<billybigrigger> and i think twb is on the right track by asking in #httpd actually (the apache chan)
<twb> billybigrigger: they took #httpd?  What jackasses
<FFForever> twb?
<twb> It's not like Apache is the only httpd.
<billybigrigger> <twb> Dunno, try asking #apache
<billybigrigger> no, but #apache re-directs to #httpd
<error404notfound> FFForever, :P
<FFForever> billybigrigger, ohhh my wifi died for a moment and i didn't get it... damn wifi... lol
<billybigrigger> ahhh
<billybigrigger> jesus i need to lay off the caffiene and pantera
<twb> I'm just grumpy at them for using "httpd" instead of "apache", because it's like they're saying "we are THE ONLY httpd"
<twb> RHEL does it for apache, too.
<billybigrigger> true that
<twb> I mean, even busybox, which is included in your kernel's ramdisks, has an httpd.
<uvirtbot> New bug: #387162 in dhcp3 (main) "wireless disconnects due to failed lease renewal" [Undecided,New] https://launchpad.net/bugs/387162
<tsrk> twb, they're referring to the httpd part of apache. "apache" isn't an httpd, they make other things too
<tsrk> it's like when the gnome documentation says "network manager" they mean the gnome network manager, not kde or windows
<twb> Hmph.
<twb> That would be "the apache foundation" or something, not "apache"
<tsrk> their java stuff isn't "the apache foundation tomcat", it's "apache tomcat"
<twb> Wikipedia lists apache-the-webserver before apache-the-foundation
<twb> http://en.wikipedia.org/wiki/Apache_(disambiguation)
<tsrk> i didn't realize you were talking about a channel name though
<twb> That's good enough for me.
<twb> Not that I or (presumably) you are gonna do anything about it.
<tsrk> well, i guess if they get #httpd first nobody but them can do anything about it
<twb> Theoretically I could hit them with freenode policy
<tsrk> but you gotta give them credit... they do have the majority market share (or w/e it's called)
<tsrk> there's a policy against that?
<twb> Unofficial channels are supposed to start with two octothorpes.
<tsrk> and i doubt freenode would want to become unfriendly with them
<twb> I could content that there is no official (single) httpd, and thus #httpd is not usable by anyone.
<tsrk> ehh
<tsrk> yeah
<rags> I've got a modem tht does not NAT for systems on other n/w. A ubuntu router is connected directly to the modem, net works on this. but systems on LAN can't access net. can this be a modem problem?
<rags> I can ping the modem from the systems on Lan. so routing is not a prob.
<twb> rags: draw a network diagram, then get back to me
<rags> twb: yeah..sure..just a moment...
<rags> twb: <modem>1.1<ubuntu>1.254
<rags>   |
<rags>   <Lan>2.254
<rags>   |
<rags>   <pc>2.100
<rags> someting like this...is it ok?...
<twb> That's not really clear.
<rags> I can access net from ubuntu...which is on the .1 n/w..but pc on .2 can't access net..:(
<twb> Is 1.1 part of an IPv4 address?
<rags> yes..192.168.1.1
<twb> So "modem" is both a modem and a router?
<rags> .1 and .2 subnets... .1 b/w modem and ubuntu and .2 is the Lan where ubuntu is the gateway.
<rags> twb: yeah..I guess...it's an adsl modem
<twb> So you have multiple RJ45 ports on the back of your modem/router?
<rags> twb: only one is there...which is connected to ubuntu...this is the local interface.
<rags> I have another modem, a different model, doing the same thing and works fine. Can this be due to the type of natting, dynamic & static...:?
<rags> because on the one tht work's I can do port forwarding and stuff while this one just provides for a dmz...This is the only s/w config difference I can find....everything else is the same.
<rags> besides the model...
<twb> I'm sorry, I don't have time to understand exactly what you're doing and why it isn't working.
<rags> twb: np.....thx...It might be the faulty...but this isn't normal right?...it shouldn't matter where the packets are coming from....the modem is not natting packets coming from a different subnet...it works only for system connected to it physically.
<twb> rags: my first suspicion is with the modem.
<rags> twb : yeah...the other modem works fine..sheez I'll nedd to find one of the same model....or bridge it to ubuntu...Is it possible to have ubuntu Nat for one interface only?...
<twb> That depends a lot on what you mean by "NAT".
<twb> But generally: yes, it can.
<rags> wht will be the configuration for a one time amanda backup? I just want to insert the tape, specify a bunch of files and run amdump.
<Ethos> guys will- dd if=/dev/sda1 of=/mnt/external/diskImage/lol.img bs=1024dd if=/dev/sda1 of=/mnt/external/diskImage/lol.img bs=1024 write the WHOLE partition? Or just the data in the partition to a .img file?
<simplexio> Ethos: whole partition
<Ethos> damn
<Ethos> i'm writing it on the same drive
<Ethos> wonder if it'll just squeeze it in
<Ethos> lol.
<simplexio> it copys everything thats on /dev/sda1 partition, zeros included
<Ethos> damn
<Ethos> Thanks
<Ethos> Is there any way to either shrink sda1 or get it to simply write data blocks?
<_ruben> use tar to create tarball of the data
<Ethos> Well, the reason I'm doing it is to then use qemu to convert it to a VMDK
<Ethos> So i'm not sure that'd work
<Ethos> any other ideas? :)
<_ruben> tar .. create empty vmdk .. untar into vmdk .. fix bootloader .. profit
<uvirtbot> New bug: #387069 in nagios3 (main) "incorrect filesystem permissions prevent nagios command checking from working" [Undecided,Won't fix] https://launchpad.net/bugs/387069
<Ethos> _ruben: how could I untar into vmdk
<Ethos> I was planning to use qemu to convert
<Ethos> Maybe I could re-size the partition?
<Jomyoot> Anyone uses Apt-build?
<soren> Jomyoot: No. I wouldn't bother if I were you.
<maxagaz> hi
<maxagaz> what should do to regarly test my bandwith ?
<maxagaz> is there a tool to do that ?
<Jeeves_> iperf
<Jomyoot> W: GPG error: http://ppa.launchpad.net intrepid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E048451D9EE6D873
<Jomyoot> W: You may want to run apt-get update to correct these problems
<Jomyoot> What does this mean?
<ivoks> soren: should specs be in 'review' or 'pending approval' state, once i finished them?
<ttx> ivoks: I'd say review is for peer-reviewing, so if they are "finished" i'd set them to pending approval
<ivoks> ok, thanks
<ivoks> brb
<Ethos> Guys, what's the easier way to p2v a ubuntu machine?
<KAIN> hello every body
<KAIN> i need some help please ,i'm running squid2.7Stable3 on ubuntu server 9.04 with cisco vxr7200, i need to setup wccp v2 between squid box and the router
<KAIN> i need some help please ,i'm running squid2.7Stable3 on ubuntu server 9.04 with cisco vxr7200, i need to setup wccp v2 between squid box and the router
<KAIN> anyone can hel please
<KAIN> help*
<KAIN> dear ones, anyone could provide some help and support please
<oruwork> how do i take away the ability to use shell from a user so that this user will only be able to use ftp with vsftpd
<KAIN> i need some help please ,i'm running squid2.7Stable3 on ubuntu server 9.04 with cisco vxr7200, i need to setup wccp v2 between squid box and the router
<soren> KAIN: Quit posting the same question over and over, especially with only minutes in between them.
<Sam-I-Am> KAIN: thats more of a question for squid/cisco documentation than ubuntu itself
<daxroc> pmatulis: I got the problem sorted after , was an issue with how -raw writes to an lv partition
<daxroc> pmatulis: thanks for the input , much appreciated
<pmatulis> daxroc: i'm intersted in learning from this episode, can you provide any more detail?  private me or send me an email (pmatulis@gmail.com)
<tv7497> hey does anyone here runs a mail server ?
<tv7497> guys i was setting up a mail server from this http://flurdy.com/docs/postfix/  got stuck little bit could you help me ?
<lamont> heh.  that's not postfix, that's a wheelbarrow full
<billybigrigger> ahh he's gone
<billybigrigger> lol that is quite the large guide he's reading
<Ethos> Has anyone successfully converted an ubuntu server to a virtual enviroment?
<Ethos> I've been playing with different ideas but nothing work
<Ethos> ;\/
<billybigrigger> what do you mean
<Ethos> p2v
<billybigrigger> i scrapped my old energy hog of a server sitting in the corner yesterday
<billybigrigger> and installed vbox, 9.04 server, and had apache/mysql/php/dovecot/postfix running on it within a few hours
<billybigrigger> if thats what you mean,
<billybigrigger> but i didnt convert it, just started a fresh new install of everything
<Ethos> Yeah, I want to convert
<billybigrigger> i don't know then
<billybigrigger> if you could somehow make a bootable install, or bootable disk, you can mount the .iso in vbox and install...
<Sam-I-Am> Ethos: you could install base ubuntu in a VM and tarball your other server's filesystem over to it
<simplexio> Ethos: Sam-I-Am is probably easiest method
<Ethos> hmmm
<Ethos> would that work ok?
<diffra> it should detect the new 'hardware' fine.
<diffra> besides, it's a VM, the worst that happens is it doesn't work :)
<Ethos> Ok, so install a base server in vmware
<Ethos> Yeah
<Ethos> how would I tarball up the entire partition though?
<Sam-I-Am> tar -cf /some/other/location/fs.tar /
<Sam-I-Am> although i'd be careful to make sure you dont overwrite anything you might need on the new system
<Ethos> hmm
<Ethos> ok
<billybigrigger> hey
<billybigrigger> if your doing that...you have to create the tarball to a location not on the / partition
<billybigrigger> or the size will just grow and grow
<Sam-I-Am> yeah, hence the /some/other/location
<hosified> hey, i'm using ubuntu server inside virtualbox.  anyway to change the resolution?
<Sam-I-Am> hosified: did you install the tools?
<Sam-I-Am> client tools...
<hosified> DoH....
<Sam-I-Am> if so, you should just be able to drag the window bigger
<hosified> forgot that during the build late last night...
<billybigrigger> Sam-I-Am::: im just making sure he know why it needs to be created somewhere off of the / partition
<hosified> thanks, will install them now.
<Sam-I-Am> yeh
<billybigrigger> Ethos::: you dig?
<Ethos> I  think so mate :)
<Ethos> thanks
<Sam-I-Am> sure
<billybigrigger> Ethos::: well you understand if you create the tarball on the /, and then try to tar /, that it becomes and infinite loop that just grows till you run out of disk space?
<Ethos> heh yea, I understand  that part of it
<diffra> you could use --exclude...
<diffra> touch /fs_backup.tar; tar -cf /fs_backup.tar /* --exclude=/fs_backup.tar
<Sam-I-Am> make sure the target filesystem is not in use when you untar to it :)
<diffra> good point.  What you might do, Ethos, is create a second virtual disk.  boot into the first one, mount the second one and untar to that mount point.  You'll still need to setup grub on that 'disk's' mbr too.
<Ethos> ;o
<diffra> ethos: none of that is as hard as it sounds.
<simplexio> Ethos: and you can use liecd image to boot that virtaul machine
<Ethos> i'm rereading it :)
<Ethos> brb
<simplexio> easiest way probably is create virtual hd (20G or sumthing ) then boot livecd and mount that image, let livecd setup somekind network and netcat / to virtual box and then ...
<simplexio> im not 100% sure but probably you need to chroot to new install and install grub..
<simplexio> thats probably fastest way, exspecially if you rememebr change vboc netdriver to 1G ethernet. no slow tar +pack, unpack+untar proces
<daxroc> Ethos if you want to create a raw image of a physical partition you could use dd
<Ethos> I have already done that
<Ethos> :D
<Ethos> If that helps?
<daxroc> Ethos: can yo explain what you want to do again ?
<daxroc> you want to create a vm and do a base ubuntu install on and copy your exsisting files over to the vm image ?
<daxroc> First off does your processor support virtualisation
<daxroc> Ethos: ^
<Ethos> Sorry, im doing a couple bits- don't mean to keep you waiting
<Ethos> I've got an exisiting ubutnu server- that'd i'd like a virtual copy of
<Ethos> for DR and maybe to keep it running in VM
<Ethos> :)
<daxroc> Ethos: how large is the current drive , how much spare hd space do you have ?
<hosified> ok, so my question still stands.  Is there anyway to change the resolution on ubuntu server as a virtualbox guest.  I have no gui installed, only console.  Framebuffer maybe???
<hosified> guest additions are installed.
<daxroc> Ethos: dd if=/dev/sdX of=/path/to/image.raw , then you could use qemu-img to convert that image to qcow2 and boot with qemu ( might work , might not , where X is your drive ,could be hdX )
<daxroc> Ethos: sorry , dd if=/dev/sdX of=/path/to/image.raw bs=1M
<daxroc> if you are using lvm I think you could possibly write directly to an lv partition not too sure tho
<hosified> ...I guess it doesn't matter...I can just ssh in anyways....just curious if you can change it because the window is so small and the text size is huge compared to my ubuntu desktop.
<Sam-I-Am> hosified: since you cant resize a non-virtual console, you cant do it in vbox either... unless you do the things you would do to a console like tweak the font and number of lines/columns
<Sam-I-Am> hosified: the console is not an xterm
<hosified> yeah, I know.  I know in slackware you can specify the framebuffer size and change it....
<Sam-I-Am> its a kernel thing
<hosified> which is why I was asking if it's possible in ubuntu.  I know there is no x-term....
<hosified> ok
<hosified> thanks for the info.
<hosified> much appreciated.
<Sam-I-Am> yeah, console framebuffers are distro-independent
<Sam-I-Am> no problem
<Sam-I-Am> took a minute to figure out you werent in X :)
<hosified> ;)
<hosified> only a server vm for development anyways, not a big deal, ssh is great...
<hosified> just more curious than anything...
<Sam-I-Am> sure
<Sam-I-Am> i dont think vbox will interact with the kernel framebuffer console driver like it does the vbox X driver...
<Sam-I-Am> so you cant just click and drag
<Sam-I-Am> however, i dont think the kernel framebuffer driver works like that in the first place
<Sam-I-Am> its open source, you're welcome to fix :)
<hosified> no it doesn't...
<hosified> yeah, i'll add that to my list...:)
<hosified> I think i'll start with hello.c source first and work my way up....
<Sam-I-Am> lol
<hagedorn> anyone know a script which check blacklist servers against a list of ips an domain names ? not for blacklisting for my own server ... only for checking that my own server are not listed..
<simplexio> hosified: for server development, thee is one good tip. ssh into vm and use screen. and when you need to shutdown host just freeze vm.. scren keeps eceything just like it was last time
<JordiGH> I have a cronjob that is apparently not running. It seems that unlike Debian, I don't have cron emailing me when something goes wrong. How can I check why my cronjob isn't running?
<ivoks> cynic and false comments won't help
<ivoks> ubuntu, as debian, sends email when cron fails
<JordiGH> ivoks: Good, how do I read it?
<JordiGH> ivoks: "mail" isn't installed.
<ivoks> depends on your email service setup
<JordiGH> ivoks: /var/mail is empty
<ivoks> do you have smtp?
<JordiGH> What, the protocol?
<ivoks> daemon or a program for writing to /var/mail
<JordiGH> Ah, so an MTA is not part of the Ubuntu base install.
<JordiGH> (Unlike Debian)
<ivoks> it looks like debian would be a better choice for you
<JordiGH> If only it were my choice...
<ivoks> bad luck
<JordiGH> Alright, so what does Ubuntu call the bsd-mailx package?
<JordiGH> Just mailx...
<ivoks> bsd-mailx
<JordiGH> ivoks: Not in HH, apparently. Just mailx.
<ivoks> right, that's old mailx
<ivoks> 'old' package name
<ivoks> same program
<JordiGH> Hrm.
<JordiGH> Still no mail... and my cronjob is certainly not doing what it's supposed to do.
<JordiGH> Wait...
<JordiGH> Does Ubuntu cron do sh or bash by default?
<Ethos> daxroc: I tried use qemu but it quit after writing a copy meg
<Ethos> couple*
<JordiGH> Hm, manpage says sh.
<daxroc> What size is the raw image ?
<daxroc> Ethos: ^
<Ethos> 16gig
<Ethos> I've tried convering it in windows and linux
<daxroc> Ethos: what command were you using ?
<Ethos> erm
<Ethos> let me see
<Ethos> [20:26] < Ethos> couple*
<Ethos> ffs
<Ethos> [#ubuntu-server]:
<Ethos> Sorry, my irssi client is being silly
<Ethos> qemu-img convert -f raw /www/var/html/image.img -O vmdk /www/var/html/image.vmdk
<gaddzilla> does gparted support partitions larger than 2 TB when formatting with ext4?
<Ethos> I used a "work around" version
<Ethos> which seemed to create an identical file called -O
<Ethos> But didn't work
<daxroc> Ethos: convert it to a qcow2 image for use with qemu ?
<Ethos> How do I do that? :D
<daxroc> Ethos: try qemu convert /path/original.img -O qcow2 new.qcow2
<Ethos> ok
<Ethos> :\
<Ethos> Might have to wait till tomorrow actually
<Ethos> will you be around?
<daxroc> Ethos: will be in the evening
<Ethos> cool
<Ethos> I'll get the server up and running tomorrow and we can give it a go :)
<Ethos> Thanks for your help
<gaddzilla> theoretically ext4 should be OK with a partition larger than 2TB with gparted, but when I create a 2TB partition e2fsck runs happily all day long. but when I resized the 2TB to 4TB with gparted and ran e2fsck afterward, I started getting an error in e2fck about a bad superblock. the size shows up correctly with df -h but not with gparted :(
<johnny5> Guys, trying to setup a local server. Hwo do I go about doing the fqdn if i want name.local as the hostname?
<johnny5> i'm guessing i need to set some stuff in my hosts file as well as in apache?
<johnny5> fusetech
<uvirtbot> New bug: #379923 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10 failed to install/upgrade: subprocess post-installation script killed by signal (Interrupt)" [Undecided,Incomplete] https://launchpad.net/bugs/379923
<uvirtbot> New bug: #382104 in mysql-dfsg-5.0 (main) "/var/lib/dpkg/info/mysql-server-5.0.postinst: line 144: /etc/mysql/conf.d/old_passwords.cnf: No such file or directory dpkg: error processing mysql-server-5.0 (--configure):  subprocess post-installation script returned error exit status 1 E: Sub-process /usr/bin/dpkg returned an error code (1)" [Undecided,Incomplete] https://launchpad.net/bugs/382104
#ubuntu-server 2009-06-16
<owh> This might turn into a question that's too big for IRC, but I'm unsure where to start. I need to provide SSO for a small business. They're going to be using Google Apps as their email/calendar and the workstations are running Windows. Currently it's all peer to peer, but I need to centrally manage their installations. There's a Ubuntu 8.04 File/Print server...
<owh> I want the implementation to be Ubuntu based. I'd like them to have roaming profiles and I'd like it all to be centrally manageable. I like Google's UI for managing users and it seems to make sense to re-use that.
<owh> Am I reaching for the moon?
<icarus_squared> what kernel does 9.04 SE come with?
<uvirtbot> New bug: #387572 in bacula (universe) "package bacula-director-mysql 2.4.2-1ubuntu6 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/387572
<uvirtbot> New bug: #387576 in libnss-ldap (universe) "Cannot use LDAP accounts on armel build; has incorrect symlink or /lib/nss_ldap.so incorrectly supplied" [Undecided,New] https://launchpad.net/bugs/387576
<fbc-mx> Is there an easy way of running a command recursively on every directory under the one I'm in?
<fbc-mx> Ops I meant "IN every directory"
<owh> fbc-mx: Use the find command. What are you trying to do?
<qman__> owh, It's certainly doable, but it'll take a lot of work. There's also not a lot in the way of documentation for creating complete solutions like that. You're going to need Samba in the very least, and probably openldap or kerberos
<qman__> I'm all for open source, but there's something to be said for the simplicity of setting up Active Directory. Getting a working Linux domain controller is pretty difficult.
<twb> It kinda helps AD that Microsoft wrote the standards that you're talking about.
<qman__> That too, though it does help us that they used Kerberos
<twb> They use Microsoft Kerberos.
<twb> It's extended in some way that I forget the details of, though they did publish an RFC documenting it
<sommer> twb: yep, and I believe that mit kerberos 1.7 will have much of their custom stuff
<qman__> Samba 4 should make things a lot easier when it finally comes out
<owh> I *really* don't want to install a Windows server in this network, just so I have an AD. I might as well format the HDD on the Linux server and give them an all Windows solution.
<owh> Next, I'll remove Thunderbird, Firefox and OO.org and throw them right back into the stone-age :)
<owh> Imagine for a moment that I didn't say SSO with Google, does that change the picture any? How do real networks without Windows to central authentication?
<owh> Uh, that should read: "How do real networks without Windows do central authentication?"
<sommer> owh: I use openldap
<sommer> owh: but to take advantage of Google's SSO facilities, I imagine you'll need to write some type of pam plugin to talk to google over the net
<sommer> owh: are you talking about using a web based application for machine authentication?
<owh> No.
<owh> I want them to talk to the samba server which is currently a peer, but will become a domain controller.
<owh> s/talk/authenticate/
<owh> I'd like the samba server to get credentials from somewhere else.
<sommer> owh: ah, that's not that hard then... you'll need to configure samba as a domain controller, and the easiest thing is configure samba to get users from ldap
<sommer> owh: there's information in the serverguide for setting samba up with ldap, and as a DC
<sommer> owh: I am also migrating to goole apps, and the SSO stuff is on the todo list
<owh> Yeah, I'm aware of the docs for that. What I haven't figured out is how their local person can manage accounts using that.
<sommer> at this time there isn't a great single solution for that... but there are gui tools to manage an LDAP directory, phpldapadmin, lat, etc
<sommer> also from the command line smbldaptools will tweak user settings
<owh> I've lookes at most if not all of those, but they all expose the innards of LDAP, which is highly obnoxious to a simple user.
<owh> s/lookes/looked/
<sommer> agreed, but AFAIK there isn't a simple gui tool to do everything you'd like
<sommer> err without exposing LDAP anyway :0
<owh> I'm happy to assist in an integrated Google SSO solution. From what I've read thus far, it's really there to provide local authentication to a remote Google Application. Not quite what I need.
<owh> I really don't want to have to provide all manner of sync tools and password change things - yuk.
<sommer> there was a lot of discussion at the last UDS for a central directory solution, and the plan is to use the adduser scripts for LDAP management
<owh> That's probably going to help making it possible to manage the users through the existing Ubuntu User GUI Admin Tool
<sommer> it should :-)
<owh> So, I'm a decade too early then :)
<owh> Ok, so, how does a large - say SUN - installation do this?
<owh> I mean, I cannot believe we're the first to tread this ground.
<sommer> I imagine there own admin tools
<owh> So is everyone else just cobbling together all little bits and pieces with their own little scripts?
<ajmitch> all the pieces are there - the bits to tie them together & manage them aren't
<sommer> that's the consensus I've come up with... from being around multiple admins
<ajmitch> and it's those management tools & ways of setting things up that take a significant amount of time
<owh> Yup
<sommer> right you pretty much expose no LDAP innards, or all of them
<sommer> and if you don't expose them you're locked into a certain tree configuration... which may or may not be a bad thing
<owh> So how does AD deal with that? I cannot imagine the MCSE's I know doing any thinking of their own.
<owh> Point - click - hunt - click - hunt - whoops - click - fixed.
<owh> Or is that unfair?
<ajmitch> because a lot of things on the client & server are preconfigured in the case of AD
<sommer> AD locks you into their directory layout
<ajmitch> s/a lot/nearly everything/
<sommer> it's really hard to add attributes in AD for example
<sommer> well once you do the pretty GUI admin tools won't know about your changes
<owh> I read/skimmed the LP blueprint on some of this. I didn't really understand the concerns raised about example.com vs example, etc.
 * owh is hunting for the URL
<ajmitch> flexibility is both the best & worst thing about what we have
<owh> Never a truer word has been spoken.
<owh> The URL: https://blueprints.launchpad.net/ubuntu/+spec/ldap-defaultdit-usergrp-mgmt
<owh> There is nothing wrong with making a choice. Ubuntu is a good example of that, u-s, ditto.
 * ajmitch spent a little bit of time looking at this in the past
<ajmitch> but not enough to suggest an easy way out :)
<owh> Well, one comment in that page was to use the ubuntu-server survey to determine a starting point. SOHO was indicated by I'm guessing nijaba.
<ajmitch> yep, that's the sort of target market I'd like to look at
<ajmitch> since NZ is full of small businesses
<owh> It's a good starting point. You can argue that a big organisation is a collection of SOHO's anyway.
 * owh didn't know you were in NZ.
<ajmitch> yep, in Dunedin enjoying the snow today
<ajmitch> you'll be coming to LCA next year I hope?
<owh> Details?
<ajmitch> late january in wellington
<owh> Sounds like an interesting idea.
<ajmitch> http://www.lca2010.org.nz/
<owh> Hmm, a very interesting idea indeed!
<ajmitch> I'm just talking to one of the organisers now in our LoCo channel who wants people to talk about the sort of things you're asking
<owh> Channel?
<ajmitch> irc channel, the usual #ubuntu-nz
<ajmitch> but we'll need someone able to talk on such things
<owh> Well some of the time, if not most of the time, the problem is not writing the code. The problem is defining the problem.
<owh> Design, Design, Design.
<owh> And some coding on the side :)
<ajmitch> of course
 * ScottK works on some complex projects where the cost is 50% design, 20 % code, 30% testing and they don't test nearly enough.
<owh> One of my colleagues is the testing manager for a bank - he agrees :)
<owh> In a previous life I was a multi-media developer, design was 85%.
<twb> owh: it probably doesn't help that he's writing in COBOL on an AIX
<owh> You have no idea how funny that is twb. Lemmie tell you a little anonymised story.
 * twb cowers
<twb> "I work for an investment bank.  I have dealt with code written by stock exchanges.  I have seen how the computer systems that store your money are run.  If I ever make a fortune, I will store it in gold bullion under my bed."  -- Matthew Crosby
<owh> An organisation bills $1million per day. It's a telco. Their billing software runs on a VAX cluster. VAXen are no longer made. They do not have infrastructure or resources to run an old system and a new system side-by-side to trial a new system. Their solution was to virtualise their hurd of VAXen.
<twb> owh: ever seens the emulation layers necessary to run a Lisp Machine on AMD64 hardware?
 * owh shudders.
<owh> That's like emulating a PDP-11 on a 6502 running virtually.
<ajmitch> on such things empires are built
<twb> lispm -> genera -> alpha -> powerpc (ivory) -> os x
<owh> twb: Where's the AMD64 in that?
<twb> os x runs on AMD64 CPUs now
<owh> Didn't know that.
<twb> Apple dropped PowerPC years ago
<owh> I thought it was all Intel.
<twb> (Note that 64-bit Intel CPUs are AMD64 architecture.)
<owh> Ah
 * owh is waiting for a shiny 17" MacBook to arrive.
<owh> This is so I can finally virtualise things again - bleh.
 * ScottK has been bitten by "Don't worry, we're emulating the old environment so the software won't even know the difference."
<owh> Details?
<owh> They don't have to be sordid :)
<owh> So, if integrated SSO is not ready for prime-time like discussion seems to indicate. What would be a smart way to start down the road so past investments don't end up being thrown out with the bathwater?
<ScottK> It didn't go well.
<owh> What kind of issues were there?
<ScottK> Except of timing and I/O the emulation worked fine.
<owh> You mean internal clocks etc?
<ScottK> Yes
<ScottK> It was essentially hand built assembly language, so it mattered.
<owh> When virtual time and real time don't match - fun.
<ScottK> That and timing mattered for some of the pieces it was integrated with.
<ScottK> The getting bitten part was that none of this was noticed until the project was in the integration testing phase.
<ScottK> At which point it was too late to go back ....
<owh> I can just imagine trying to implement say a serial driver in an emulated environment.
<ScottK> You're imagining in the right direction.
<owh> So you couldn't sync clocks in any other way?
<ScottK> The old system was extremely deterministic.  The new one, not so much.
<ScottK> Imagine something engineered for a hard RT kernel and you swap in a regular one and expect it to be happy.
<owh> phone
<owh> That was the weirdest phone call I've had in years. Anyway moving right along.
<owh> Yeah, I can see your fun.
<owh> How did you end up fixing it?
<ScottK> Fortunately I didn't have to.  I was involved in one of the projects that had to integrate with it.  We got promised it would be transparent.  We weren't at all suprised it wasn't.
<ScottK> So we screamed and beat the other project with a metaphorical stick until they bug fixed a design into existence.
<owh> Riiight. That's code for: "Ah, we uhm stopped virtualising it?"
<ScottK> No, they actually made it sort of work.
<ScottK> Well enough to pretend it was sort of OK until the real rehosted version was done.
<ScottK> Then, of course, funding got cut so not all these bastardized ones got replaced .....
<ScottK> So the long term solution was lowered expectations.
<ScottK> Very motivational story, yes?
<owh> I'll say.
<owh> That seems to be the modus operandi these days.
<ScottK> Of course that was the last time they got away with 'Trust us ....'.
<owh> Authentication is a funny thing. Seems not all people can get their hands around the difference between me authenticating them and them authenticating me.
<th0m> hi
<th0m> i just install ubuntu server (8.10, and 9.04) as guest os under vmware esx4. "dd" is very slow (20MB/s). I have 200MB/s result under debian (same config, iscsi san storage). A,y idea what could be wrong with ubuntu server default install/kernel please ? (mtpbase maybe something?)
<_ruben> "interesting" .. never done any real performance testing with linux guests on esx (ESXi 3.5 in my case) .. dd is far from useful as a benchmark, iometer is way better, then again, its linux client is kinda crappy as well
<Ethos> if I change etc/sudoers what service do I need to restart for the changes to take effect?
<th0m> _ruben, i can understand that dd is not the tool for benchmark , but i should have at least the same perf as a debian default install. I cant get what's wrong ...
<soren> Ethos: No need to restart anything.
<Ethos> thanks
<owh> th0m: Are you running vmware tools/open-vm-tools in both - on the same hardware?
<uvirtbot> New bug: #387728 in nut (universe) "package nut 2.4.1-2ubuntu4 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/387728
<uvirtbot> New bug: #244233 in mailman "Logrotate is noisy with: Re-opening all log files" [Undecided,Fix released] https://launchpad.net/bugs/244233
<uvirtbot> New bug: #387778 in bacula (universe) "Incorrect application entry for bacula-console-qt" [Undecided,New] https://launchpad.net/bugs/387778
<uvirtbot> New bug: #387813 in bind9 (main) "package bind9 1:9.5.1.dfsg.P2-1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/387813
<uvirtbot> New bug: #387852 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/387852
<ewook> hail ivoks
<ivoks> hi
<ewook> yo :)
<ivoks> ttx: you remember the hadoop session?
<ivoks> The HDFS filesystem is a Java-based filesystem
<ttx> ivoks: yes
<ivoks> hm... sometimes, developers play interesting games :)
<ttx> ivoks: yes :)
<ivoks> ttx: so, were there any significant stuff regarding java dependecies?
<ttx> ivoks: there are a few issues, but nothing that cannot be worked-around
<ivoks> aparently, there is source package
<ivoks> so we could try to get it in ubuntu
<ttx> ivoks: I wanted to have a look at the debian packaging from Cloudera
<ivoks> i might work on that, but i'll need your help with java stuff
<ivoks> ttx: that's the one i was thinking about
<ttx> ivoks: I can send you the email about deps I already sent to soren a few weeks ago
<ivoks> that would be good
<ttx> ivoks: my guess about the cloudera packages is that they packaged a binary directly... I would be very surprised if they did it following the rules
<ivoks> ttx: that's what they said, i didn't check it yest
<ivoks> yet
<ttx> ivoks: mail sent
<ttx> ivoks: I'm available for help :)
<ivoks> i've read it
<ivoks> i hate non-FHS apps
<ttx> ivoks: Java applications are notoriously FHS-adverse. With a few notable exceptions
<ttx> ivoks: and Java upstream usually don't like when you try to install their software in a FHS-compliant way. They blame all issues on your symlink hacks.
<ivoks> this is a good argument for pro-mono advocates
<ivoks> :)
<ttx> (which makes sense, from their OS-neutral point of view)
<ttx> heh, don't start me on that one ;)
<RobertF> Hello
<RobertF> 9.10 (alpha2) => frederic is not in the sudoers file.
<dnperfors> RobertF: So? is he a member of the admin group?
<RobertF> dnperfors: is it a bug?
<RobertF> dnperfors: I create the user during the install
<Sam-I-Am> i've heard about an issue where the user created during install doesnt always get sudo access like they should
<Sam-I-Am> not sure if its an official bug yet
<ivoks> there was one couple of releases ago
<ivoks> iirc, selecting mail server task with a 'no configuration' option for postfix, resulted in not adding user to admin group
<lamont> ivoks: how very strange
<ivoks> yeah
<ivoks> we had hard time to figure out how come that happend to that user
<ivoks> until she put all the steps in install
<soren> lamont: It turned out to be because the postinst of postfix exited with an error code causing the rest d-i's finish-install stuff to be skipped.
<ivoks> there was even a blog about it
<ivoks> right
<soren> lamont: Yes, postfix. So it was all your fault :)
<Sam-I-Am> always blame lamont :P
<lamont> I totally win
<uvirtbot> New bug: #387930 in kerberos-configs (universe) "package krb5-config 1.22 failed to install/upgrade: Unterprozess post-installation script gab den Fehlerwert 1 zur?ck" [Undecided,New] https://launchpad.net/bugs/387930
<zul> so has anyone created a mirror from a cd-rom?
<mathiaz> zul: what do you mean exactly?
<mathiaz> zul: the packages on the cdrom have the same structure as a mirror
<mathiaz> zul: there are dists/ and pool/ directories at the root of the iso
<zul> mathiaz: gotcha
<th0m> is there a way to freeze a test server ?
<th0m> (to smiluate a troubleshooting)
<th0m> cat /dev/random > /dev/something_crucial ?
<ivoks> ttx: you should've been quiet :)
<ttx> ivoks: I won't say anything more :P
<ivoks> kirkland: so, what's your opinion on dkms?
<ivoks> kirkland: did you use it for kvm backports?
<ivoks> well, i have to go now... take care
<leonel> will postgresql 8.4  included in Karmic ???  PostgreSQL 8.4 RC1 was released today ..
<mathiaz> leonel: I'm not sure we include RCs in Debian/Ubuntu
<leonel> mathiaz: of course not, I mean  now that  the  RC 1 is out, the Final version will be  on  Jun 29 so .. I guess it can make to Debian / Ubuntu right ??
<mathiaz> leonel: probably - if pitti has time to upload 8.4 to debian before FeatureFreeze (end of august)
<newtoubuntu> i am trying to uninstall gnome flash
<newtoubuntu> can any one help?
<giovani|work> what's gnome flash?
<jeiworth> hi all, we are currently looking for a decent groupware for our tiny grafic design office, so far i have been checking zimbra, opengroupware and openxchange and it looks like we'll go for zimbra (although i have a bit of a stomach ache due to yahoo perhaps being sold to the evil overlord ;o)) anyone here with experience with opensource groupware?
<sarthor> Hi, How to install / Run http://www.shorewall.net/MultiISP.html#lsm
<kirkland> ivoks around?
<mathiaz> kees: does this compiler error ring a bell? http://paste.ubuntu.com/197240/
<Hecate> hezali, i don't know what gnome fÃ¶ash is supposed to be, either. maybe you're talking about gnash aka. gnu flash. if you do: this is totally off topic in the server chan.
<kees> mathiaz: checking
<kees> mathiaz: never seen that before.
<kees> mathiaz: http://www.cellperformance.com/mike_acton/2006/06/understanding_strict_aliasing.html might be helpful?
<mathiaz> kees: ok - I haven't done any investigation on this one
<mathiaz> kees: is the failure related to the FORTIFY defaults?
<kees> mathiaz: I don't think so -- likely just gcc tightening semantics of the language
<maw> on a fresh install, what does ubuntu-server use as a MTA
<maw> can mail be relayed off the server or do I need to install postfix?
<oruwork> maw-> I am very new to linux and I set up postfix / dovecot about 6 monhts ago for a 10 people company that i work for and we haven't had a single problem
<oruwork> maw-> to be more specific, its not just for internal email, its for external
<maw> my question was asking if anyone knows if an MTA is shipped in the default install
<maw> so apps can send email etc...
<oruwork> yes it does
<Nafallo> maw: not unless you ticket the task for it
<maw> I am not trying to setup a mailserver for users
<Nafallo> ticked even
<oruwork> maw-> yeah, you have to check the mail task at install
<maw> that would have been postfix if I clicked that box?
<Nafallo> oh. shipped.
<Nafallo> I reckon so.
<maw> ah ok
<Nafallo> postfix and exim (IIRC) are both on the install disk.
<Nafallo> but none is installed by default of course :-)
<maw> right... just clarifing. FreeBSD ships with sendmail already installed but configured as a local mailer
<Nafallo> maw: it's a decision made to not install any listening daemons by default.
<Nafallo> cups would be the exception, but set to bind to localhost in default installs.
<maw> right
<maw> I essentially verified that with  netstat -an
<maw> ok thx for clarifying
<Nafallo> netstat -ltun is what I would have used :-)
<maw> whoops forgot the l :P
<Nafallo> a and l are a bit mutually exclusive aren't they?
 * Nafallo checks the manual
<Nafallo> yeah. looks like it.
<hvn> I'll add sudo and -p: sudo netstat -ltunp
<hvn> shows the listening process too
<maw> indeed, -a and -l would have similar info. That is not necessary as one might want to know just listening compared to all
<billybigrigger> can any suggest a good apache log analyzer? besides awstats and webalizer?
<uvirtbot> New bug: #348990 in postfix (main) "Deinstallation doesn't delete all files" [Low,Confirmed] https://launchpad.net/bugs/348990
#ubuntu-server 2009-06-17
<lamont> hrm.. could have sworn that the /var/lib/postfix thing was (1) fixed already and (2) submitted a time or 3 in debian, too
<billybigrigger> hey all
<billybigrigger> any raid/mdadm gurus here?
<PleXuS> anyone known why /etc/init.d/networking restart don't restart my network configuration?
<PleXuS> on ubuntu 9.04
<pmatulis> PleXuS: did you prefix the command with 'sudo'?
<PleXuS> pmatulis, yes
<PleXuS> it says all ok
<PleXuS> just it didn't do anything different :S
<PleXuS> but my config file is totally changed :S
<pmatulis> PleXuS: pastebin your interfaces file
<pmatulis> PleXuS: are you running GNOME?
<PleXuS> yes
<pmatulis> you should be using network-manager then
<pmatulis> and not commands
<PleXuS> pmatulis, but it still uses the config file ?
<pmatulis> PleXuS: yes, but nm will alter it, that could be why it's changing as you say
<pmatulis> PleXuS: what does it say on the first few lines when it has changed?
<PleXuS> config file isn't changed
<pmatulis> PleXuS: you said it changes
<PleXuS> it just not doing what I added in the config file
<pmatulis> 21:14 < PleXuS> but my config file is totally changed :S                                                                                                                                    dthacker
 * pmatulis goes away for a while
<PleXuS> yeah i changed it but its not doing it
<PleXuS> like i changed
<pmatulis> PleXs: i asked you to pastebin it.  also output to 'ifconfig -a'.  can't help otherwise
<PleXs> pmatulis, the config is ok.. its the gnome network manager that gives me the problems
<tswicegood> hello - I'm running into problems compiling node.js (in particular, the V8 VM dependency).  It fails with the following error: http://pastie.org/514612  Anyone have any ideas what might be causing the problem?
<ajmitch> I suggest talking to the chromium people about problems with compiling their stuff on 64-bit architectures
<ajmitch> they do interesting things with that
<mark____> Is it possible to make an application use a specific interface?
<twb> mark____: usually that is in an application-specific fashion, such as a command-line option.
<twb> I'm not aware of any generic way to restrict binding (other than just rejecting bind requests) to specific interfaces.
<twb> You can also add firewall rules, of course, to drop/reject traffic on the unwanted interfaces.
<mark____> twb: Thanks.  Are you aware of any command line only torrent clients that allow you to do this?
<twb> Sorry, I don't provide support for torrent.
<mark____> mkay
<twb> You should be able to get a list of tty torrent clients using debtags.
<twb> Something like: aptitude search "~Gbittorrent ~Gcurses"
<twb> (That assumes you have aptitude and debtags installed.)
<mark____> that's cool, never knew you could do that.  Thanks
<twb> Here, I see that ~Gcurses doesn't match some packages, so maybe just try ~Gbittorrent alone
<th0m> morn,ing
<WaVeR> someone here to do some install test?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<arl> Hi everybody
<WaVeR> it was my real question :D
<arl> does anybody have successfully installed postfix with dovecot and smtp-auth on hardy?
<WaVeR> If you want to do some test please check this bug: https://bugs.edge.launchpad.net/ubuntu/+source/sudo/+bug/387997
<uvirtbot> Launchpad bug 387997 in sudo "can't use sudo after a fresh install (karmic)" [Undecided,Confirmed]
<arl> I am just switching from debian 4.0 to hardy and facing the problem that I can't send emails
<arl> getting email is no problem but sending via mutt or evolution over imap is not possible
<ivoks> mails aren't being sent over imap
<ivoks> they are sent over smtp
<arl> yes I know they are send via smtp
<arl> sorry for that
<ivoks> so, what exactly doesn't work?
<arl> well mutt says "mail send" but this is not true, I can't see anything in /var/mail/mail.log
<arl> it seems that smtp-auth does not work
<ivoks> what do you use for smtp-auth?
<arl> dovecot
<ivoks> dovecot-auth or saslautd?
<ivoks> ok
<ivoks> postconf smtpd_sasl_path
<ivoks> postconf smtpd_sasl_type
<ivoks> postconf smtpd_sasl_auth_enable
<arl> and the server greeting via telnet says "250-STARTTLS
<arl> 250-AUTH PLAIN LOGIN
<arl> 250-AUTH=PLAIN LOGIN
<arl> "
<ivoks> paste the output of this comand
<ivoks> postconf smtpd_sasl_path
<ivoks> command
<arl> smtpd_sasl_path = private/auth-client
<ivoks> ok
<ivoks> have you set that path in dovecot?
<ivoks> auth default {
<arl>  path = /var/spool/postfix/private/auth-client
<ivoks> socket listen {
<ivoks> ok, that's good
<ivoks> mode, user and group?
<arl> mode 0600
<arl> user = postfix
<ivoks> ok...
<arl> group = postfix
<ivoks> you might change mode to 0660
<ivoks> but it should be the source of the problem
<arl> ah sorry it is already 0660
<ivoks> is your client misconfigured?
<ivoks> maybe it sends mail over another smtp
<arl> just a sec I will check (again)
<arl> no imap and smtp server are the same
<ivoks> does it use smtps or smtp?
<arl> well smtp with ssl support so I think it is smtps
<ivoks> and there is nothing in mail.log?
<ivoks> not even an error?
<arl> no nothing
<ivoks> it should be error at least
<arl> even with smtpd_tls_loglevel = 4'
<arl> and a "-v" in master.cf
<ivoks> well, you should have info about establishing connection
<ivoks> if there's no such thing, your client isn't connecting to the server
<arl> yes I can see that my client loggs in via imaps
<arl> but nothiung about the smtp thing
<ivoks> well, we are talking about postfix here
<arl> yes
<ivoks> do you see connectiong attempt when you telnet to port 25?
<arl> yes
<ivoks> how about port 465?
<arl> Unable to connect to remote host: Connection refused
<ivoks> so, not smtps on your server
<ivoks> s/not/no/
<arl> hmm
<ivoks> TLS is one thing
<ivoks> SSL is another
<ivoks> TLS is being utilized over port 25
<ivoks> while SSL over port 465
<ivoks> check master.cf
<ivoks> you should have:
<ivoks> smtps     inet  n       -       -       -       -       smtpd
<ivoks> uncommented
<arl> ok now it accepts telnet 465
<ivoks> now try sending email
<arl> no success
<arl> but I got some errors in mail.log
<ivoks> that's a good start
<arl> SSL_accept:error in SSLv2/v3 read client hello A
<ivoks> did you set up ssl corectly?
<arl> I think so
<arl> any ideas how I can check this?
<ivoks> well, your mail should be delivered
<ivoks> you might add this:
<ivoks> smtpd_tls_mandatory_protocols = SSLv3, TLSv1
<ivoks> smtpd_tls_mandatory_ciphers = medium
<ivoks> but you mail should be delivered to destination
<ivoks> that's just internal openssl buzz
<arl> no success
<ivoks> i think you won't see it once you remove verbose logging
<arl> why this?
<ivoks> is this what you see?
<ivoks> http://www.irbs.net/internet/postfix/0211/2722.html
<arl> wait a sec I am searching a no paste service
<arl> http://nopaste.debianforum.de/22346
<ivoks> paste.ubuntu.com
<ivoks> reduce logging
<arl> http://paste.ubuntu.com/197559/
<arl> this "warning" could be a problem
<ivoks> that could be problem with certificates
<arl> but when i disable tls / ssl I can'T send
<arl> hmm maybe I should rest the server and start over again
<ivoks> how did you create certificates?
<arl> with the instructions on this guid https://help.ubuntu.com/8.04/serverguide/C/postfix.html
<ivoks> those are good instructions
<ivoks> set it up to work without ssl/tls first
<arl> yes I think I will start over again. and confirm function after every configuration step
<stapel> how do I log a user in automatically at startup?
<_ruben> i highly doubt that you'd want that on a server .. and i dont think its even possible
<stapel> i want to run a curses based interactive script at start-up in text mode. I have already disabled X at start-up and added the script at start-up, but it does not run. If I start gdm and run it in a console it works. Any ideas?
<_ruben> this isn't a server then, is it? as servers dont run X
<stapel> no it isn't, it is desktop edition, but i have disabled X at start-up. I want to present the user with a menu from where they can do some basic things or then select an option to boot into the GUI
<stapel> the #ubuntu room was not very helpful, that's why i came here :)
<twb> stapel: if you're using GDM, you need to grovel through /etc/gdm and similar, or possibly look at GDM's graphical configuration tool
<twb> stapel: I can't be bothered looking up the details for you.
<_ruben> putting an interactive script in rc.local might just do the trick ..never tried
<stapel> twb: I am not using gdm. I have disabled gdm by doing 'sudo mv S30gdm K30gdm' in the /etc/rc2.d/ directory
<stapel> ruben: thanx...will look into it
<twb> _ruben: it does
<twb> I have this in /etc/rc.local on my Debian Sid netbook:
<twb> env -i su twb -c xinit >/var/log/xinit.log 2>&1 &
<_ruben> that doesnt look very interactive to me though
<twb> Sorry, I missed "interactive"
<twb> For a menu of things to try, I recommend looking into what is done with the "single" option in recent releases
<twb> It has options like "give me a root shell", "fix grub", "fix xorg"
<stapel> what do you mean by "single" releases?
<stapel> sorry "single option" in recent releases?
<twb> stapel: the argument you provide on the kernel command line.
<twb> Usually labelled "(rescue)" or something in grub.
<arl> ok i have reinstalled everything and now it is working
<ivoks> hehe
<ivoks> it was probably a configuration issue
<kirkland> ivoks: ping
<kirkland> ivoks: you were looking for me yesterday, regarding dkms :-)
<ivoks> yeah
<ivoks> kirkland: do you see dkms as a solution for all packages that have kernel modules?
<arl> I dont' know what the prolem was
<arl> but as you can see - I take the time it needs :-)
<kirkland> ivoks: heh, "all" is a pretty sweeping conclusion :-)
<kirkland> ivoks: i have been very pleased with it for kvm
<ivoks> kirkland: most :)
<kirkland> ivoks: out-of-tree modules, do you mean?
<ivoks> kirkland: i was thinking on pushing that as a 'rule'
<ivoks> yes
<kirkland> ivoks: well, you need to clarify that rule a little
<kirkland> ivoks: obviously, its best for the module to be upstream in linux
<kirkland> ivoks: in kvm's case, it is upstream
<kirkland> ivoks: but the upstream one in Linux is inevitably older than the one under development by the kvm devs
<ivoks> but you needed to update kvm in hardy, right?
<kirkland> ivoks: right, and it works well for that
<ivoks> so, we support LTS far longer than upstream want us to do
<kirkland> ivoks: not all modules will build/work with dkms
<kirkland> ivoks: the module has be relatively self contained for that to work
<ivoks> of course
<kirkland> ivoks: i think dkms is the best solution around for handling your request, though
<kirkland> ivoks: i have only had to work around one issue, though ...
<kirkland> ivoks: kernel headers are required
<kirkland> ivoks: for all kernels that you want to build for
<kirkland> ivoks: this sounds obvious
<ivoks> right
<magnetic__> hey guys, is there anybody working on the asterisk merge?
<kirkland> ivoks: but it's not possible to put that into a debian/control depends rule
<ivoks> kirkland: why not?
<kirkland> magnetic__: probably best to ask in #ubuntu-motu
<ivoks> oh, not for every kernel... right
<kirkland> ivoks: right
<magnetic__> kirkland: ok, thx
<kirkland> ivoks: it would be nice to solve that, somehow, before making the "rule"
<ivoks> shouldn't depending only on linux-headers be enough?
<kirkland> ivoks: i hacked this in the kvm-source.postinst
<kirkland> ivoks: kvm-source.postinst
<kirkland> ivoks: http://pastebin.com/f2e55955c
<kirkland> ivoks: i think the kernel team could solve this with yet another meta package
<ivoks> kirkland: why doesn't kvm depend on linux-headers?
<ivoks> that should be enough
<ivoks> cause if you have installed linux-x.y.z-X-generic
 * _ruben doesnt have good experience with such deps
<ivoks> that would pull in linux-headers-generic
<_ruben> does it?
<ivoks> it should
<_ruben> afair, it doesnt
<ivoks> ah.. it doesn't
<kirkland> ivoks: because the headers are hundreds of megs, which you don't need
<_ruben> a major pita for dkms
<kirkland> ivoks: see the control file for kvm
<kirkland> ivoks: kvm-source Depends: debhelper (>= 5), make, bzip2, dkms, linux-headers-server | linux-headers-generic | linux-headers
<ivoks> ok...
<ivoks> that should pull in headers
<kirkland> ivoks: right
<ivoks> this could be simplified in karmic
<ivoks> since we won't have -server and -generic
<kirkland> ivoks: we don't?
<kirkland> ivoks: sweet
<ivoks> that's the plan, yes
<ivoks> there's a discussion at kernel-team mailing list
<ivoks> pae is the only problem
<geekboxjockey> greetings, I am looking for a recommendation on a UPS to run with 8.04.2 server, we have used Tripplite "omni's" and have had horrible luck w/driver support, thinking about APC, just wanted to hear what people had to say. any input is greatly appreciated!
<ivoks> apc has quite good support
<ivoks> there's nut and apcuspd
<geekboxjockey> yeah we have had horrible experiences with tripplite omnivs1000 & 1500 and nut
<geekboxjockey> I'm sure there is an "industry standard" for this stuff, servers need UPS's and servers run Linux :P
<geekboxjockey> have been looking into APC, anyone got a model they have had good luck with?
<ivoks> well, powerware come with their own software
<ivoks> i've used couple of apc models, and all were supported
<ivoks> http://www.networkupstools.org/compat/stable.html
<ivoks> this should be a good start
<geekboxjockey> yeah, I'm hesitant because the OmniVS1000 was supposed to be "supported" and I ended up getting into modifying the driver and compiling it with some suggested changes etc
<geekboxjockey> but APC sounds good esp with apcupsd being currently developed and specialized for a popular brand
<ivoks> we prefere nut :)
<geekboxjockey> yeah?
<ivoks> it's in main
<geekboxjockey> so itd be safe to go with APC and still use nut if possible?
<ivoks> apcupsd is in universe
<geekboxjockey> ahh, heh ;)
<ivoks> take care...
<geekboxjockey> sorry, thanks for the help :P
<geekboxjockey> I'm just poking around on amazon now looking for deals on APC hardware ;)
<geekboxjockey> ivoks: Thanks :)
<th0m> to follow my yerteday problem,
<th0m> perf problem in vmware beetwen DEBIAN and UBUNTU
<th0m> ubuntu: [    4.112045] scsi target2:0:0: FAST-40 WIDE SCSI 80.0 MB/s ST (25 ns, offset 127)
<th0m> debian : Jun 15 16:06:26 ns249-175 kernel:  target0:0:0: FAST-160 WIDE SCSI 320.0 MB/s DT IU RDSTRM RTI WRFLOW PCOMP (6.25 ns, offset 127)
<th0m> anybody knows why ubuntu says 80 MB/s and debian, 160 ?
<th0m> same config in vmware, and same hardware (a dell blade + iscsi san)
<Sam-I-Am> th0m: does it actually mean anything?
<Sam-I-Am> th0m: its just virtual hardware anyway
<th0m> i dont have the same perf
<th0m> performance
<Sam-I-Am> the virtual machine's hardware is the same?
<huats> soren: are you around ?
<Sam-I-Am> there are two virtual scsi controllers offered by vmware
<Sam-I-Am> also, is your virtual hardware the same version
<mathiaz> kirkland: howdy
<mathiaz> kirkland: it seems that there is an issue with sudo+encrypted home in karmic alpha2: https://bugs.launchpad.net/bugs/387997
<uvirtbot> Launchpad bug 387997 in sudo "can't use sudo after a fresh install (karmic)" [Undecided,Confirmed]
<ivoks> Canonical will announce on June 17 the certification of Ubuntu 9.04 Server Edition on HP's new ProLiant G6 servers, company officials said.
<ivoks> is this true?
<RoAkSoAx> ivoks, heya master how's it going
<ivoks> great, how are you?
<RoAkSoAx> ivoks, pretty got.. just got back from my trip
<RoAkSoAx> s/got/doog
<RoAkSoAx> good*
<ivoks> nice
<RoAkSoAx> ivoks, so anyways, what's the status of the packages? and what about the mentorship
<ivoks> RoAkSoAx: i want to talk with you about versioning of packages
<ivoks> RoAkSoAx: other than that, i think you are ready for motu
<RoAkSoAx> ivoks, ok. shall we do it now, or when do you think we can talk about it?
<ivoks> RoAkSoAx: it would be easier over email
<ivoks> cause of time difference and there will be lots of pasting
<RoAkSoAx> ivoks, yeah!! ok cool. let's do it over email. What about the HA packages?
<ivoks> RoAkSoAx: you do realize that HA is almost another software in 2.99 version?
<ivoks> RoAkSoAx: it can't do anything as a standalone
<RoAkSoAx> ivoks, yes I do realize that.. That's why HA needs Pacemaker starting from 2.99.x
<ivoks> RoAkSoAx: it's other way around
<firecrotch> I have a ubuntu server running openvpn, and I'm trying to allow hosts on the local subnet to communicate with hosts on the VPN subnet.  The local machines and the server are both behind a dd-wrt router that is set up to route the packets from local machines that are destined for the VPN clients to the server, I just need the server to forward those packets to the correct hosts.  I've determined that I need to use iptables on th
<RoAkSoAx> ivoks, how so?
<ivoks> RoAkSoAx: parts of heartbeat have been merged to pacemaker
<ivoks> RoAkSoAx: parts have been droped from heartbeat
<ivoks> RoAkSoAx: rest of it ended up as heartbeat 2.99
<ivoks> RoAkSoAx: so ha 2.99 can only be used as a messeging layer for pacemaker
<RoAkSoAx> ivoks, right, since Pacemaker is the Cluster Resource Manager and Heartbeat is only the one who delivers messages
<ivoks> and we decided that pacemaker with hearbeat as messeging layer will be in universe
<ivoks> pacemaker with openais will be supported solution
<RoAkSoAx> ivoks, right
<ivoks> and, you are free to work on packages in ppa, of course
<ivoks> :)
<RoAkSoAx> ivoks, haha ok cool. I just don't know where to start/what to do
<ivoks> RoAkSoAx: is there anything, packaging related, that you don't understand or need help with?
<ivoks> RoAkSoAx: my goal is to make openais, corosync versions 1.0 into karmic, if possible pacemaker with openais 1.0 as messaging layer into karmic
<ivoks> RoAkSoAx: rhcs with openais/corosync 1.0 into karmic
<RoAkSoAx> ivoks, yes I have doubts with debian/rules... and I would like to package layer7switch from scratch (which has a kernel module and userspace tools)
<ivoks> everything else is optional for me :)
<RoAkSoAx> ivoks, ok so let's work on that goal, and as you said, we'll just leave heartbeat in universe and leave it usable
<ivoks> RoAkSoAx: layer7switch?
<ivoks> does it change iptables modules?
<ivoks> are you talking about l7-filter.sf.net?
<RoAkSoAx> ivoks, http://www.linux-l7sw.org/
<ivoks> last release in 2007.
<RoAkSoAx> ivoks, yes it's another project from the keepalived team
<ivoks> there's no point in packaging dead projects
<ivoks> kernel modules from 2007 have big chances of not being buildable at all with recent kernels
<ivoks> there's another, live, project
<ivoks> l7-filter.sf.net
<RoAkSoAx> ivoks, I see. though keepalived also had a release on 2007 and then otherone in 2009 so it took them 2 years to do some bugfixes.. and I'm guessing that it might be the same status of this other project
<ivoks> RoAkSoAx: investigate that :)
<ivoks> that's first step in packaging
<ivoks> check out if the code is being maintained
<RoAkSoAx> ivoks, yes.. I had no time this past few days since i've been away from my computer.. I'll find it out and work in it if it's still active.. since one other thing that I would really like to do is to package something from scratch, that way I'll understand debian/rules better :)
<ivoks> sure
<ivoks> pick a project and start working on it
<ivoks> if you get stuck, let me know
<RoAkSoAx> ivoks, ok cool :)
<ivoks> but if you decide on linux-l7sw, don't be disapointed if it doesn't get accepted cause of maintainance status
<RoAkSoAx> ivoks, i won't.. i just want to learn how to package from scratch :)
<ivoks> ok
<RoAkSoAx> ivoks, and I would also like to work on bugfixing and security udpates
<ivoks> i'll send you an email about versioning
<ivoks> security updates are special form of packaging
<ivoks> find a patch, patch the code, send for upload
<ivoks> :)
<RoAkSoAx> ivoks, well I'm also that security updates are just finding a patch upstream or in other distributions, applying it, testing it and summiting it... and some bugfixes might have that same procedure
<ivoks> right... well, time for me to go off
<RoAkSoAx> ivoks, ok :) have a good night
<ivoks> you too :)
<fR_> hi, im trying to set up nfs+kerberos and am getting an error "Unable to obtain credentials for 'nfs'" when rpc.svcgssd tries to start
<fR_> http://pastie.org/515446
<fR_> i do have a keytab entry
<ivoks> any samba gurus around?
<nick125> Just try asking..maybe someone will know (I've worked a little with Samba as a PDC...but that's about it)
<ivoks> well, i would like to authenticate against ldap
<nick125> Oooh, fun. My standard advice would be to jump off a bridge, but the next best option would be to Google around a little. In the PDC I setup, it was authenticated against LDAP, so I might be able to help you if you have issues
<ivoks> i know
<ivoks> but i was thinking
<ivoks> if i store passwords in ldap in cleartext format
<ivoks> then samba could read them and it would know the password
<ivoks> could it crypt it to NTLM and compare it with the hash that windows are sending?
<ivoks> why do i need another attribute in ldap with same password, only crypted?
<mathiaz> ivoks: the userPassword field in ldap is not clear text
<ivoks> it can be
<ivoks> mathiaz: ldap can store password in couple of different formats
<Threetimes> Hi I just successfully installed spamassasin. How do I place spam-flagged mails in a seperate IMAP mailbox? I use postfix with maildir. I think I have to use procmail, but I don't know if I configured it correctly.
<ivoks> one of them is cleartext
<mobj> does someone know when nut 2.4 will be available in hardy?
<nick125> You'll need two hashes. That's it.
<mathiaz> ivoks: really - I though that slapd would actually convert internally the new password and store it as a hash in userPassword
<ivoks> nick125: why? samba obviously can encode plaintext password into ntlm (smbpasswd)
<nick125> One NTLM, one normal crypt (or whatever is default). There are some scripts/plugins/whatnot to syncrhonize the two passwords, though.
<ivoks> mathiaz: {plaintext}mypassword
<guntbert> Threetimes: just to clarify (I'm no expert here): what imap server are you using?
<Threetimes> dovecot
<mathiaz> ivoks: well then my answer is that the samba code doesn't support that natively
<ivoks> mathiaz: i know it doesn't
<mathiaz> ivoks: the code is probably expecting a specific schema/attribute and does all the password update itself
<mathiaz> ivoks: so you may have to hack the samba code to do the right thing
<ivoks> that's why i asked, maybe someone thought about that
<guntbert> Threetimes: sorry, I didn't think about that before - so I'm gonna read/learn with you :-)
<ivoks> {CLEARTEXT}  indicates  that the new password should be added to userPassword as clear text.
<mathiaz> ivoks: hm - does samba have access to the cleartext password from the user?
<ivoks> any user?
<ivoks> sorry... yes, it does
<ivoks> it can read ldap attributes
<mathiaz> ivoks: hm - I don't know - I'm not familiar enough with the samba protocol architecture
<ivoks> it reads attribute of windows password and compares it with the on that client sent
<ivoks> so, instead of just reading cleartext password, do smbpasswd on it, catch the result and compare it with the client
<ewook> hurmpf. any one used a fax/answering-machine setup?
<ewook> like a nice mix of mgetty and hylafax
<ewook> !mgetty
<ubottu> Sorry, I don't know anything about mgetty
<guntbert> !info mgetty
<ubottu> mgetty (source: mgetty): Smart Modem getty replacement. In component universe, is extra. Version 1.1.36-1.5 (jaunty), package size 173 kB, installed size 404 kB
<ewook> thx guntbert
<guntbert> ewook: :)
<ewook> aw man. what have I gotten myself into..
<ewook> bying a compatible card for asterisk just seems more tempting..
<fR_> btw my earlier problem was caused by FQDN not being listed first in /etc/hosts.
<mobj> does someone know when nut 2.4 will be available in hardy?
<ivoks> never?
<ivoks> night
<Sam-I-Am> jmarsden: you there?
<Kalmairn> Afternoon.  Got a strange NAT problem that started when I took an fully-functional script from a REALLY old Gentoo installation and moved to a Ubuntu LTS Server version.
<Kalmairn> It seems that, on occasion and consistently for specific sites, the NAT table will lose or ignore sessions; the result is return traffic from internet-side hosts will not be NAT'ed back to the client destination IP rather hitting the INPUT chain on the firewall itself.
<ewook> yay. this is gonna be a nightmare.
<PleXs> anyone using kvm + virt-manager?
<soren> Sure.
<PleXs> soren, can you select hypervisor kvm ?
<soren> Sure.
<PleXs> hmm your also using ubuntu server 9.04 ?
<soren> Which architecture have you chosen?
<PleXs> hmm seems to be fixed now
<PleXs> soren, but when connecting in virt-machine is it qemu?
<PleXs> I get under ID qemu but when creating new machine i can choose for kvm now (after reinstalling)
<soren> PleXs: The "qemu" hypervisor manages both kvm and qemu guests.
<PleXs> ah ok :)
<PleXs> soren, you got idea how I can add usb printer support? :)
<soren> Not really. If I were you, I'd share it over regular CUPS or Samba and install it as a network printer in the guest.
<PleXs> not possible :)
<PleXs> printer only works on windows
<PleXs> because driver issue's on linux
<PleXs> :(
<uvirtbot> New bug: #388702 in mysql-dfsg-5.0 (main) "package mysql-server None [modified: /var/lib/dpkg/info/mysql-server.list] failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/388702
<JanC> PleXs: qemu supports usb forwarding IIRC, so will probably also work with kvm
<JanC> but maybe not from withing virt-manager
<JanC> -usbdevice option
<PleXs> JanC, I can remember adjusting something in xml file :)
<PleXs> <hostdev mode='subsystem' type='usb'>
<PleXs> adding this
<PleXs> and more.. but my vm machine did disappear :S
<PleXs> in virt-manager
#ubuntu-server 2009-06-18
<mm_202> Hey guys, Im 8.04.2 (x64) and want to upgrade it to 9.04.  I tried 'do-release-upgrade' but it says 'No new release found'.  How do I go about upgrading without a full reinstall?
<mm_202> Im running*
<mm_202> nm, found it in /etc/update-manager/release-upgrades
<PleXs> JanC, It works now ;)
<PleXs> JanC, I made a typo error i guess :)
<uvirtbot> New bug: #388172 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: underproces post-installation script returnerede afslutningsstatus 1" [Undecided,Incomplete] https://launchpad.net/bugs/388172
<wsa> is anyone aware of an sshd-enabled installer image for 9.04?  i'm trying to google around for one and getting a lot of noise
<Threetimes> Hi I just successfully installed spamassasin. How do I place spam-flagged mails in a seperate IMAP mailbox? I use postfix with maildir. I think I have to use procmail, but I don't know if I configured it correctly.
<wsa> Threetimes: you do in fact have to tell your mail delivery agent (in this case procmail) where to put it; can you post your config?
<twb> wsa: within the installer, you can use anna-install openssh-server (IIRC) to get sshd running
<twb> wsa: if you write a preseed file, you ought to be able to seed the necessary questions before that, and have it install sshd.
<Threetimes> http://paste.ubuntu.com/198184/
<wsa> Threetimes: I assume this is maildir format?
<Threetimes> yes
<wsa> Threetimes: are you sure about X-Spam-Flag?  I have X-Spam-Status in mine;
<wsa> also I have a trailing slash -- '.Junk/' -- don't know how that gets parsed
<Threetimes> I have both, and more. In fact, I have all of these: http://paste.ubuntu.com/198186/
<Threetimes> I'll check the slash right now
<Threetimes> doesn't work
<Threetimes> how can I be sure the .procmailrc file is actually processed?
<wsa> whaaaa
<Threetimes> ?
<wsa> does procmail run as you?
<Threetimes> how do I know?
<wsa> do you have any log output from procmail?  probably not, eh?
<Threetimes> maybe, i'll search /var/log
<Threetimes> nothing...
<wsa> try putting this directive in /etc/procmailrc ?
<wsa> or wherever procmailrc is on ubuntu
<Threetimes> it's in ky home dir.
<Threetimes>  /home/peter/.procmailrc
<wsa> the global procmailrc, I mean
<Threetimes> ow
<wsa> I might be sending you on a wild goose chase
<Threetimes> manual says: http://paste.ubuntu.com/198196/
<Threetimes> /etc/procmailrc doesn't exist in my system
<wsa> hmm
<wsa> I don't know what to say; your .procmailrc looks correct, some kind of output from procmail would be helpful
<Threetimes> how do i let it generate output?
<Threetimes> I fount out that prcmail is using mbox.
<Threetimes> and that is is working right now, but not in thet right way (yet)
<Threetimes> how do I configure procmail for Maildir?
<sbeattie> Threetimes: just make the targets end in '/'; that'll cause procmail to treat it as maildir
<Threetimes> nope (just tried that)
<Threetimes> but i'll look into this later today
<sbeattie> Threetimes: did you set the LOGFILE variable to cause procmail to log what it's doing?
<mhiku> how can i install mysql 6 and php mysql 6 using apt-get ?
<Jeeves_> mhiku: I don't think you can yet?
<mhiku> okay, thanks
<Jeeves_> mhiku: They arent' in Karmic repo's
<Jeeves_> So I think you need to compile them yourselve
<mhiku> does 5.4 in the repos yet too?
<Jeeves_> php5 seems to be php5.2.9, currently
<Jeeves_> mhiku: http://www.bencornwell.com/2007/11/18/php-6-installation-guide-for-ubuntu-710-gutsy-gibbon/
<Threetimes_> hi, how do I configure procmail to use Maildir?
<cef> I've built up a machine using jaunty and when I log out of a text console, the login prompt doesn't come back until I poke it with 'initctl start tty1' (or whatever tty it is).. is this a known issue or any ideas WHY this happens? I've looked thru /etc/event.d/ and it all seems fine.
<Threetimes_> cef: I have no idea...
<cef> Threetimes_: yeah got me a lil stumped.. thought I'd ask about instead of mindlessly thumping my head on the screen
<soren> Threetimes_: Just add a slash to the targets.
<soren> Threetimes_: If the mailbox ends in a slash, procmail assumes Maildir.
<Threetimes_> tried, doesn't work
<soren> Well... Doing it wrong :)
<soren> it works for me.
<soren> Can I see your procmail rules?
<Threetimes_> wiil post thet asap, just killed my ajax ssh app :p
<soren> ajaxterm?
<Threetimes_> soren: yes, it's really useful at school
<Threetimes_> http://pastebin.com/f196cb0df
<Threetimes_> The spamassasin headers are definately there.
<soren> And what happens?
<Threetimes_> my mail ends up in /var/mail
<soren> Er..
<cef> does anyone on 9.04 have an /etc/inittab file?
<Threetimes_> if I disable procmail, it works
<soren> cef: Ubuntu doesn't use an inittab file.
<soren> Threetimes_: That makes no sense.
<soren> Threetimes_: If you disable procmail, your mail gets filtered correctly?
<soren> Threetimes_: What's doing the filtering?
<cef> soren: guessed that.. but from older installs of upstart it used it ONLY to figure out the equivalent default runlevel
<Threetimes_> no filtering has actually ever happend.
<soren> Threetimes_: Ok, here's the deal:
<Threetimes_> no mail has been automatically put in "Junk"
<soren> Threetimes_: a) You're asking about getting procmail to use Maildir, but your problem is clearly that procmail isn't filtering correctly.
<soren> Threetimes_: b) You need to tell procmail where to put your mail by default (if it doesn't get filtered otherwise).
<soren> You do this using the DEFAULT variable.
<soren> Guessing from your procmail rule, you want to set it to:
<soren> DEFAULT=Maildir/
<Threetimes_> is mailbox_command = /usr/bin/procmail -a "$EXTENSION" in postfix' main.cf right?
<soren> Yeah, that looks about right.
<soren> That's the default, isn't it?
<Threetimes_> I got it from spamassassin's wiki
<soren> Well, anyway. It looks about right.
<cef> gah.. why won't my console getty's respawn. *sigh*
<soren> Threetimes_: Did it help?
<Threetimes_> Mail containing "hello"ends in my mailbox, mail containing the GTUBE disappears.
<Threetimes_> I'll look at this later.
<Threetimes_> bye!
<cef> so, anyone got any idea why local console gettys won't respawn after the user logs out?
<soren> No idea.
<cef> once I restart them, everything works as expected
<cef> I've got a vague idea that since the gettys get started asap, that it happens before /etc/init.d/bootlogs.sh, and so they don't restart properly.. might set DELAYLOGIN=yes in /etc/default/rcS
<cef> BINGO! That fixed it. Not sure why it happens, but it happens!
<Threetimes_> Hi, I have a procmail problem. http://pastebin.com/f624e200
<Threetimes_> Spam mails don't end up in the Junk box, they disappear.
<soren> Add "LOGFILE=mail.log" to your .procmailrc
<soren> Try again, and see what the log file says.
<soren> Threetimes_: ^
<Threetimes_> ok, thanx
<Threetimes_> will try that when I'm home, after five more hours :(
<soren> Where exactly do you expect the mails to land?
<Sir_Lyoshyk> hello to everyone.. can somebody help me with choicing filesystems?
<Sir_Lyoshyk> nobody?
<Threetimes_> I fixed the procmail problem, and i'm not even home yet!
<Threetimes_> http://pastebin.com/f7c0222
<Threetimes_> sorry, http://pastebin.com/f7c022216
<Threetimes_> this is the correct .procmailrc file
<bogeyd6> Number 1 overlooked service for admins? Apticron
 * soren has a nagios plugin that does about the same thing
<petx> I need some help...
<petx> I need to add my IP in different netmask... any clue...??
<Sam-I-Am> howso?
<Sam-I-Am> ifconfig ethX <ip> netmask <netmask>
<petx> one is for access to my ISP I'm using now... another is my neighborhod network...
<petx> Sam-I-Am, how is it sam...?? sry, I'm new...
<Sam-I-Am> maybe you don't mean netmask...
<petx> Sam-I-Am, hmmm... I'll explain...
<petx> Sam-I-Am, my IP now is 192.168.x.x in 255.255.255.0
<petx> Sam-I-Am, I just want to add another IP, 172.18.x.x in 255.255.0.0...
<Sam-I-Am> on the same interface?
<petx> yups
<Sam-I-Am> hmmm, weird... but ok... you'd need to create an alias
<Sam-I-Am> so ifconfig eth0:0 172.18 ... netmask 255.255...
<Sam-I-Am> then you'd have your 192 and your 172 on the same interface
<bogeyd6> Does anyone here know how to install and configure tripwire for ubuntu?
<Sam-I-Am> bogeyd6: apt-get install tripwire
<Sam-I-Am> bogeyd6: you can find config docs online
<bogeyd6> Sam-I-Am, ok, i did that, and i generated the keys. Whats next?
<petx> Sam-I-Am, /etc/network/interfaces??
<Sam-I-Am> bogeyd6: this isn't a tripwire support channel :/
<Sam-I-Am> petx: no, thats the manual way to do it
<Sam-I-Am> in interfaces you'd set one up like the eth0 one, only it would be called eth0:0 and have only the IP and netmask
<bogeyd6> petx, if you run the cl like Sam-I-Am suggests, the next time you restart networking it will erase it
<petx> so... how can it set to permanent..??
<Sam-I-Am> petx: http://www.cyberciti.biz/tips/ubuntu-linux-creating-ethernet-alias-for-eth0-network-device.html
<petx> Sam-I-Am, is it in different netmask...??
<Sam-I-Am> you can make an alias whatever you want... however, i dont think what you're trying to do will actually work like you think it will
<petx> Sam-I-Am, why...??
<Sam-I-Am> because you're trying to access two separate networks from the same interface
<petx> Sam-I-Am, but it works on w*****s.. >,<
<Sam-I-Am> what you probably want is two network cards... one hooked up to your ISP, and the other to your home network.
<Sam-I-Am> then it'll work on linux if you're explaining it right
<petx> Sam-I-Am, sry.. my english is bad...
<_ruben> a /wii petx
<petx> _ruben, a /wii...??
<petx> hmm... I'm confused how to explain then...
<petx> T_T
<twb> Can you "overcommit" RAM in kvm?
<twb> That is, on an 8GiB system with four VMs, tell each one it can use up to 6GiB, and rely on them to usually only need 1GiB
<Ethos> does "virtual host" in tasksel install vmware-server?
<Sam-I-Am> Ethos: no, vmware server is a commercial product
<Sylphid|work> anyone know where i can get a really cheap (~$200 or less)  36U square hole rack ?
<Sam-I-Am> Sylphid|work: doesnt seem like an ubuntu issue :P
<Ethos> no it's not
<Ethos> vmware server is free
<Sam-I-Am> Ethos: its not considered open source though
<Sylphid|work> Sam-I-Am, its gonna house ubuntu servers =P
<Sam-I-Am> Sylphid|work: google is your friend!
<Sam-I-Am> Sylphid|work: ubuntu servers self-levitate, no rack needed
<Sylphid|work> Sam-I-Am, cheapest im comming up with is $350
<Sam-I-Am> racks aint cheap
<Sylphid|work> Sam-I-Am, if only......=P
<soren> Ethos: It doesn not cost anything, that's correct.
<twb> Ethos: vmware-server is gratis.  It is not compliant with Ubuntu's requirements for free software.
<soren> Ethos: However, it's still a commercial, non-free product.
<PleXs> anyone known why kvm do not reboot with winxp
<twb> soren: "proprietary".
<twb> :-)
<Sam-I-Am> Ethos: the virtual host on ubuntu would be more likely aimed towards KVM or even virtualbox
<soren> that too :)
<Ethos> so what does "virtual host" install on tasksel? :DD
<Sam-I-Am> Ethos: but nothing says you can't install vmware
<soren> kvm+libvirt
<twb> I sit next to a #debian-legal weenie every day
<Sam-I-Am> Ethos: kvm
<Ethos> ah ok
<Ethos> thanks
<Sam-I-Am> which is actually quite nice...
<Ethos> I don't think vmware server will run on my linode anyway...
<Sam-I-Am> vmware is overrated imho
<Sylphid|work> Sam-I-Am, im working on setting up a server farm in my house to provide free (donations accepted) VPS
<Sam-I-Am> Sylphid|work: for who?
<twb> Sylphid|work: I see several things wrong with this picture.
<Sylphid|work> Sam-I-Am, the community
<Sylphid|work> Sam-I-Am, anyone that wants one
<twb> It seems to me you'd be better off joining one of the existing not-for-profit hosting/VPS providers.
<twb> For example, hcoop and freeshell aren't strictly VPSs, but they do similar things.
<Sylphid|work> twb, that prolly will happen down the line but im still working out the kinks ... need to get some ground work laid first and formost
<twb> This will spare you the legal hassle of creating an accredited not-for-profit organization to accept donations, the power bills, the noise pollution, etc.
<twb> Of course, if you're doing it for pedagogical rather than pro bono reasons, that's different... but you can't (safely) accept donations in that case.
<Sylphid|work> twb, honestly im a technical guy with no business background.... so that is a concern
<Sylphid|work> twb, im just looking for a niche that i have to give back to the community....
<Sam-I-Am> Sylphid|work: start helping maintain packages :)
<Sylphid|work> twb, and it just so happens that i work for my ISP so bandwidth is free for me and this would be a fun project
<twb> You could set up a package mirror if your ISP doesn't already host one
<Sam-I-Am> thats an idea
<Sylphid|work> Sam-I-Am, i still need to get my feet wet on package maintenance
<Sylphid|work> twb, good call!
<Sam-I-Am> Sylphid|work: do you manage network services at your isp?
<Sylphid|work> twb, any idea how much bandwidth a mirror pulls on average?
<Sylphid|work> Sam-I-Am, sure do
<Sam-I-Am> depends on use
<Sam-I-Am> Sylphid|work: do you run things like bind, dhcp, ldap?
<Sylphid|work> bind and dhcp yes ldap no
<Sam-I-Am> well, you could run debian unstable or ubuntu karmic somewhere and test some of those packages... or roll upstream source into packages and test them
<Sam-I-Am> for example.. i use dhcp with ldap.  ISC released dhcp4, but since the patch to do ldap only works with 3, i have a vested interest in the patch getting ported to v4 when debian makes a package for it... so thats what i'm doing now.
<kaje> Can someone tell me what the debian-sys-maint user is in my mysql database? Also, it added two users with blank usernames. Can I delete those? I want to lock down my installation as much as I can
<Sylphid|work> Sam-I-Am, does dhcp have that much maintenance required any more?
<Sam-I-Am> Sylphid|work: well, particularly now since we need a package for v4... dont have one yet.
<Sam-I-Am> they changed the entire build mechanism
<Sylphid|work> ahh ic
<Sam-I-Am> so its not a simple upstream insertion
<Sylphid|work> i was thinking bout diving into the zebra code
<twb> Sylphid|work: depends on the implementation, but the debmirror manual should give you some rough numbers.
<twb> Sylphid|work: ideally you would provide a mirror of much stuff, but hardy/main alone is only a few gigabytes in total, and changes not at all.
<mbeierl1> anyone here have experience with likewise open and assigning domain users or groups to local unix groups?
<twb> Sam-I-Am: maybe we should all boycott ISC dhcpc and use pump ;-P
<Sam-I-Am> eh...
<twb> Oh, did you mean dhcpd?
<Sam-I-Am> yes, d
<twb> Ah.  I am slack; I use dnsmasq for that.
<Sam-I-Am> i wish dnsmasq had more features i need
<mbeierl1> twb: can dnsmasq do SOA records?
<twb> But it already HAS dbus! >duck<
<twb> mbeierl1: IIRC I saw upstream ships with an (unapplied) patch for those.
<twb> No, that was LOC
<twb> Brain fart, it's 1:11AM here and I'm debuilding
<mbeierl1> twb: close... but not SOAgar... okay... :)
<twb> mbeierl1: you can tell dnsmasq to be *the* authoritative server for some domains.
<mbeierl1> oh.  would that do it?
<twb> mbeierl1: I don't know if that counts as SOA, I haven't dumped its packets
<twb> But dnsmasq is meant to be a caching dns slave, and serving local records locally
<mbeierl1> twb: I'm trying to set up a linux/windows hybrid network for a school
<twb> It's not meant to be world-facing
<mbeierl1> and use likewise open to have the linux machines be part of the domain
<mbeierl1> but something is looking for SOA records for the domain
<mbeierl1> the Windows Domain name and the linux local net domain name are the same - is that a bad idea?
<twb> I don't do Windows, sorry.
<twb> mbeierl1: -f, --filterwin2k Later versions of windows make periodic DNS requests which donât get sensible answers from the public DNS and can cause problems by triggering dial-on-demand links. This flag turns on an option to filter such requests.  The requests blocked are for records of types SOA and SRV, and type ANY where the requested name has underscores, to catch LDAP requests.
<twb> mbeierl1: does that help?
<mbeierl1> well, the SRV records I already have serving back to the PDC, and that works
<mbeierl1> I just don't know if the PDC needs to be the SOA for its domain name
<mbeierl1> I'll give it a shot and see
<mbeierl1> but my real question is if anyone here has actually used Likewise for unix authentication?
<twb> never heard of it
<mbeierl1> http://www.likewise.com/products/likewise_open  - comes in the likewise-open5 package in Jaunty
<twb> Hmm, not in Debian yet.
<twb> "Winter 2009 Edition"... bloody hemispherists.
<mbeierl1> hee hee
<mbeierl1> does that mean June?  or December?
<huats> soren: around ?
<soren> huats: wazzup?
<huats> hey soren
<huats> how are you ?
<soren> huats: Crazy busy. :)
<soren> huats: You?
<huats> quite a lot too :)
<huats> I still have on my local computer the virt-manager merge available
<huats> I just need to review something with you...
<huats> (before to put it on LP I mean)
<huats> so when you have 5 minutes can you please tell me your opinion on :
<huats> There was a patch that you made for testing that the user who is launching the virt-manager is in the virtd group
<huats> I am not sure it is still necessary
<soren> I think kirkland wrote that patch, actually.
<huats> ok
<kirkland> huats: soren: howdy ...
<huats> hey kirkland
<huats> how are you ?
<kirkland> huats: fine, what's up?
<huats> same here
<huats> :)
<huats> I was saying to soren
<huats> that I have done (locally) the virt-manager merge
<huats> and that I have just a question regarding a patch that apparently you wrote (according to soren)
<huats> the one that verifies that the user is in the virtd group
<huats> do you remember that ?
<huats> because I am not sure it is necessary
<huats> and thus I'd like an opinion before putting that on LP
<rsr> hello
<rsr> I have two ubuntu server gateways. They both have exactly the same services but one has the ip 209 and the other has 210. Is it possible for me to make a script to change 210's ip to 209 in case internet connection fails on 209? it will then take place of the other server in case of a downtime.
<soren> rsr: Look at heartbeat or redhat-cluster-suite
<rsr> ok
<rsr> thanks
<Sam-I-Am> rsr: look at linux-ha
<Sam-I-Am> rsr: which contains heartbeat :)
<rsr> yes
<rsr> heatbeat seams hardcore to set up though
<rsr> I will have to thoroughly read all the man pages and docs
<rsr> thanks for your help
<rsr> I have to go
<RoAkSoAx> rsr, there are many howto's
<Sam-I-Am> heartbeat looks painful but its really not bad for just switching hot IPs
<Sam-I-Am> anything using xml is painful at first :/
<RoAkSoAx> but it is not hard at all it is just 5 lines in the heartbeat config to setup the IP switching
<Sylphid|work> is it possible to set up a terminal emulator using cat or tail and echo ?
<johnny5> Anyone know how to go about switching from apache-mpm-prefork to apache-mpm-worker?
<thierry_> hi, I've just set up my apache webserver but I don't know where to put files to make them visible via http
<giovani|work> thierry_: by default, /var/www/
<giovani|work> but that's specified in apache's config
<thierry_> giovani|work : k, I don't have a /srv/www directory so I'll check the config
<thierry_> giovani|work : is it the root directory argument?
<maswan> anyone found a list of which servers are talked about in here? http://www.ubuntu.com/news/hp-proliant-servers-certified-ubuntu
<maswan> http://webapps.ubuntu.com/certification/list/?release=9.04&category=Server <- only two are listed here
<zoopster> maswan: for G6, that is all that is currently certified...more are coming AFAIK
<maswan> so it is 17 configurations of 1 or 2 servers among the G6 generation?
<maswan> yeah, from a closer reading, it seems like only dl360 and dl380 g6, and also, only 32-bit legacy versions?
<petx> hi all... I need to set dual IP with different netmask... any idea??
<zoopster> maswan: the latter is correct...the 380 and 380 G6's
<zoopster> maswan: I mean 380 and 360...yeesh
<zoopster> petx: please clarify...two cards or one card with 2 addrs?
<maswan> Well, I'm guessing the blades won't be certified anytime soon, given https://bugs.launchpad.net/ubuntu/+source/linux/+bug/360966
<uvirtbot> Launchpad bug 360966 in linux "bnx2x missing in initrd for install media" [Medium,In progress]
<petx> zoopster, 1 card... two ip in different netmask...
<petx> I've tried with the aliases... but I'm confused then... I dont know how to set it with different netmask...
<zoopster> petx: try this http://ubuntuforums.org/archive/index.php/t-230622.html
<oruwork> how can i check which version of mysql server i have installed ?
<petx> zoopster, it works... thanks so much...
<zoopster> petx: sure thing. enjoy.
<zoopster> maswan: never know...that's an easy fix
<petx> zoopster, I saw /etc/rc.conf... what's it...??
<maswan> zoopster: oh, I've just had a guy over inf #fai butt his head against that for a couple of hours by now.
<petx> nvm... I removed it... nothing happened then..
<maswan> zoopster: got an easy workaround, or is it an easy fix on the package side?
<oruwork> question. is anyone familiar with vtiger crm ? i am looking for an installation guide on ubuntu
<zoopster> maswan: no easy fix from me...but it's only needed if you need networking during the install, no?
<maswan> zoopster: yes, but it is rather hard to do automated network installs without networking during the install
<zoopster> maswan: heh...good point
<zoopster> oruwork: for edgy, but looks simple enough. http://ubuntuforums.org/showthread.php?t=358395
<oruwork> zoopster-> i'm looking at that , vtiger now comes with a binary , not .tar
<zoopster> oruwork: the vtiger wiki has some install docs...those don't work?
<oruwork> zoopster-> i'm about to find out
<zoopster> oruwork: good luck
<oruwork> zoopster-> just dont want to break anything :)
<zoopster> oruwork: it's linux...easily fixed
<oruwork> zoopster-> they sai i must have    1. Access to set PHP directive : max_execution_time = 600
<oruwork> not sure how to check that
<zoopster> that's in the php.ini or in a .htaccess file
<petx> how can I scan w*****s based shared folder on my network... any clue...??
<zoopster> oruwork: you can easily check the variables with a php_info script
<oruwork> zoopster-> not sure what you mean
<oruwork> php_info ?
<sgsax> anybody famliar with gentoo's glsa-check?
<sgsax> I'm curious if anybody has done something similar for debian/ubuntu
<zoopster> oruwork: just create a test.php file with this line in it "< ?php phpinfo() ?>" without quotes on your web server...when you hit that file via a browser it will list all of the settings for your php install
<oruwork> zoopster-> http://www.selsovet.com/images/test.php
<oruwork> can someone evaluate this please http://pastebin.com/m1bbd1f2d
<sgsax> so awk is not on your system?
<sgsax> isn't that part of ubuntu-server metapackage?
<oruwork> dont know
<sgsax> well, on my latest LTS install, mawk is installed
<sgsax> and on my latest jaunty desktop, both gawk and mawk are installed
<a1fa> wow is vmware really that resource hogging
<a1fa> or there is some extra step/patch for ubuntu-server
<a1fa> IO to vmware is awful
<a1fa> i am seeing 120ms delay from host os to client os
<sgsax> no, vmware is a hog
<a1fa> awful product
<a1fa> i just want to beat it with a stick
<sgsax> it's a great product, when it works :)
<a1fa> i have 10 GB of ram 2x2.6Ghz Intel Xeon
<a1fa> IBM server
<sgsax> you should try the free ESXi server, instead of the ordinary free server
<a1fa> my load average is 3+
<a1fa> sgsax : what benefits does that bring?
<sgsax> it's a true hypervisor
<sgsax> I've been using the free server, and am switching over to ESXi
<a1fa> can it import images?
<sgsax> though on my production free server, I'm showing a pretty low load, running 6-8 active VMs
<a1fa> hehe
<sgsax> you'll need their converter tool to import from free server to ESXi
<a1fa> this shit all started happening after i installed norton antivirus on client os
<sgsax> ah, well that would do it
<a1fa> Windows XP
<a1fa> no matter how much ram i give it
<a1fa> it still crawls
<drurew> can anyone sujest a sitebuilder
<a1fa> tha mgmt website is awful in terms of resources
<oruwork> how can i get to the buttom of the man page quickly ?
<drurew> pg down
<zoopster> oruwork: not sure what it needs...maybe original-awk?
<zoopster> oruwork: your php thing...are you sure you have php running with apache?
<oruwork> zoopster-> yup 100%
<a1fa> does virtuablbox require x11 to run?
<nick125> It has a headless feature, I believe
<oruwork> now i am getting this error  zoopster http://pastebin.com/m38054669
<oruwork> doesnt list what i'm missing
<oruwork> doesnt list what its looking for
<a1fa> nick125 : is there a package?
<zoopster> oruwork: yes it does...you are missing "make"
<sgsax> sounds like ou don't have a proper base install
<a1fa> virtualbox-ose - x86 virtualization solution - binaries
<a1fa> is this it?
<nick125> a1fa: I believe so
<a1fa> hm any urls on how to work this thing headlesly?
<a1fa> virtualbox
<a1fa> Qt WARNING: VirtualBox: cannot connect to X server
<a1fa> it wants X
<nick125> Maybe VBoxHeadless? I never used it headless, unfortunately.
<oruwork> what is the default location of <apachehome> in 9.04 server ?
<soren> What is <apachehome>?
<oruwork> Specify the location of <apachehome>/bin/httpd in your system (For example /etc/httpd/bin) :
<oruwork> soren->
<soren> /usr
<oruwork> soren-> nope :(
<sgsax> how about /usr/sbin/apache2
<soren> oruwork: Then you need to rephrase your question.
<soren> oruwork: What are you trying to do?
<oruwork> soren-> in the middle of installing vtiger crm
<soren> I'm just going to read "vtiger crm" as "something", if that's ok? Go on.
<oruwork> the installer script is asking me this question http://pastebin.com/m2754d7c9
<soren> /usr/sbin/apache2
<soren> It's asking you for the path to apache, not this made up "<apachehome>" thingamabob.
<sgsax> did you read through the installation manual?
<sgsax> they list all required packages there for 6 distros
<sgsax> also seems to be a pretty thorough install guide, should be able to answer most of your questions there
<oruwork> reading the insatllation instructions here http://wiki.vtiger.com/index.php/Vtiger_CRM_5.0.4_-_Installation_Manual_for_Linux#Choose_the_Correct_Linux_Distribution
<oruwork> sgsax-> awk is not listed there, though i needed it
<oruwork> sgsax-> so is make
<oruwork> this sux
<soren> oruwork: Is apache installed?
<sgsax> if you don't have awk, then I'm pretty sure your base install is not complete
<sgsax> and make is part of build-essentials
<sgsax> which is listed
<oruwork> soren-> yes apache is installed
<sgsax> so according to the install manual, it will first ask you for the location of your apache config files
<sgsax> which should be /etc/apache2
<sgsax> and then for the location of the apache binary
<sgsax> which should be /usr/sbin/apache2
<sgsax> (redhat et al use httpd for apache)
<oruwork> yes i was missing build-essential i just installed it and trying the installer again
<oruwork> sgsax-> http://pastebin.com/m7d7c5671 :(
<oruwork> same thing
<oruwork> if i choose an option to install apache bondled with CRM ?
<oruwork> is that gonna break stuff ?
<oruwork> cause its already installed and i have stuff running
<oruwork> why is it looking for httpd and not httpd.conf ?
<oruwork> soren-> ?
<oruwork> sgsax-> ?
<oruwork> :)
<phoenixz> I have this in the /etc/fstab: UUID=ff479173-12f1-416b-88d8-58e60282585d /boot           ext2    relatime        0       2
<phoenixz> so its using the UUID for the device, not the /dev/vgname/lvname
<phoenixz> I want to add another lv to the fstab
<phoenixz> but I cant find the UUID for that lv
<phoenixz> I tried lvdisplay, but the UUIDs in there are no the ones I find in the fstab.. Where can I find these UUID's?
<Marticus> can someone recommend a good book on ubuntu server?
<Marticus> is there a certification program for ubuntu server?
#ubuntu-server 2009-06-19
<erichammond> Marticus: I have no experience with them, but Canonical offers these: http://www.ubuntu.com/training/certificationcourses
<Anirban1987> How can I upgrade from php 5.2.6 ( Inbuilt in Ubuntu 9.04 Server ed.) to latest stable ver. php 5.2.9 ?
<twb> Anirban1987: upgrade to karmic, the as-yet-unreleased next version of Ubuntu
<twb> !cherry-picking
<ubottu> Sorry, I don't know anything about cherry-picking
<Anirban1987> twb : Can't I upgrade the php in Ubuntu 9.04 itself ?
<twb> Anirban1987: you can, but it is not something that a novice should do, because you can screw up your system that way
<twb> !pinning
<ubottu> pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<twb> That document explains how
<wizardslovak> hello people
<wizardslovak> i am having problem with static ip
<twb> That doesn't surprise me.
<Anirban1987> twb : Can u do it for me if I give u SSH root access to my server ?
<wizardslovak> i changed /etc/network/interfaces but when i reset network i am getting error "failed to bring up eth0"
<twb> Anirban1987: no, and you should not offer arbitrary IRC denizens such privileges.
<twb> wizardslovak: pastebin interfaces
<Anirban1987> twb : Can u atleast give me relevant web site links on how to do it ?
<ajmitch> Anirban1987: is there a good reason you need to upgrade to 5.2.9?
<Anirban1987> ajmitch : I am going to start a web hosting company. Need to practice all those tricks beforehand.
<wizardslovak> http://pastebin.com/m15fbc0cd
<Anirban1987> ajmitch , twb : Will be thankful if u giv necessary instructions how to do so.
<ajmitch> twb did refer to a page about it a few minutes ago
<twb> wizardslovak: I can't see anything obviously wrong there, but try removing the gateway line.
<twb> wizardslovak: if that doesn't help, pastebin the output of "ifdown --force eth0; ifup eth0".
<wizardslovak> ok i removed gateway line and no errors now
<Anirban1987> ajmitch : This instruction is very generalized in nature. What to do to specifically update from php 5.2.6 to 5.2.9.
<uvirtbot> New bug: #389302 in dhcp3 (main) "dhcp3-server fails to update" [Undecided,New] https://launchpad.net/bugs/389302
<slestak> cjwatson: good morning.  i was lookig for the karmic deb for putty for another workstation.  there doesnt appear to be any branches in LP.  I thought a couple of weeks ago I was able to download 0.60-2009-04-05-1
<cjwatson> slestak: didn't you fetch the .deb from Debian?
<cjwatson> it hasn't built in Ubuntu yet (https://launchpad.net/ubuntu/+source/putty/0.60+2009-04-05-1/+build/974105) - I need to fix that
<slestak> cjwatson: ty, i had forgotten
<cjwatson> bunch of whining about strict-aliasing rules which always results in me having to allocate a solid hour to remembering what those actually are and fixing them :)
<slestak> cjwatson: pls count on me for testign your deb, i am addicted to that product
<slestak> cjwatson: _allocate a solid hour to remembering_ ;)  isnt that what the wiki is for?
<slestak> cjwatson: think 64 bit will be an issue for that package?  i'm reinstalling my workstation this morning.
<cjwatson> shouldn't be, works fine on Debian
<slestak> cjwatson: i was thinking i may contact the debian maintainer and help him out, but... dang, your busy
<cjwatson> yep, same guy
<slestak> if you get a non-standard package that drops a foo.desktop file on your desktop (yugma|komodo edit), where do we put those so they are available and in the menu for all users on teh box?
 * Faust-C gets ready to ditch openfiler and use ubuntu instead
<huats> kirkland: hey ! are you available for a little chat regarding your patch on virt-manager ?
<kirkland> huats: sure, what's up
<huats> OK do you remember writting a patch regarding the access rights to /dev/kvm ?
<huats> apparently soren thinks you wrote it :)
<axisys> how do I upgrade from 8.04 ?
<axisys>  cat /etc/issue
<axisys> Ubuntu 8.04.2 \n \l
<axisys> sudo do-release-upgrade
<axisys> Checking for a new ubuntu release
<axisys> No new release found
<axisys> hmm..
<sgsax> 8.04 is the latest LTS release
<huats> kirkland: any memory on that ?
<kirkland> huats: please prepend "kirkland" to any messages to me
<kirkland> huats: i only look up when my nick is said ;-)
<RoyK> for how long is a non-lts-version supported?
<kirkland> huats: i think so, maybe, let me grab the source
<huats> kirkland: yeah I tend to do the same... I will
<huats> kirkland: I can pastebin you the code if you want
<axisys> sgsax: so I can only upgrade from LTS to LTS if I use do-release-upgrade ?
<sgsax> I don't know, I don't usually do in-place upgrades
<sgsax> I was just guessing at that behavior
<kirkland> huats: are you talking about debian/patches/test_kvm_perms.patch ?
<huats> kirkland: indeed
<huats> http://pastebin.com/f25cc64d
<kirkland> huats: see: https://bugs.edge.launchpad.net/ubuntu/+source/virt-manager/+bug/187048
<uvirtbot> Launchpad bug 187048 in virt-manager "virDomainCreateLinux() failed Timed out while reading console startup output" [Medium,Fix released]
<huats> kirkland:  I'd like to talk about it, since I am not sure it is needed to keep it...
<huats> kirkland: let me look at the bug
<huats> kirkland: right now (on my jaunty) I am not a member of of kvm (and thus I cannot read or write on /dev/kvm) and I can create vm
<huats> (I am using qemu usermode with virt-manager which might be the clue in that case)
<ScottK> axisys: do-release-upgrade -d
<kirkland> huats: okay, i have something due in 30 minutes
<huats> kirkland: no pb
<kirkland> huats: you mind if i ping you after i get that uploaded ?
<huats> kirkland: no pb
<huats> kirkland: do what you have to do first
<kirkland> huats: cheers; you're welcome to ping me after 30 minutes if i forget :-)
<huats> ok
<huats> I will
<ivoks> huats: mail! :p
<huats> ivoks: rrrgggghhh
<ivoks> :)
<huats> ivoks: will do...
<kirkland> huats: yo
<kirkland> huats: okay, you have my almost-undivided attention :-)
<Faust-C> hmm i might as well start a project to replace openfiler
<kirkland> huats: yes, i am responsible for that patch
<Faust-C> kinda odd how no one has made a storage distro w/ ubuntu
<kirkland> huats: the bug I referred you to has the whole history
<kirkland> huats: you're trying to determine if this patch is still required or not?
<huats> kirkland: exactly :) that is what I am trying to figure out
<kirkland> huats: do you have a /dev/kvm device?
<huats> kirkland: I do
<kirkland> huats: what are the perms on that device?
<huats> kirkland: crw-rw----+ 1 root kvm
<kirkland> huats: and what's your groups?
<kirkland> huats: id
<kirkland> huats: are you in the kvm group, i mean
<huats> uid=1000(chris) gid=1000(chris) groupes=4(adm),20(dialout),24(cdrom),33(www-data),46(plugdev),106(lpadmin),121(admin),122(sambashare),1000(chris)
<huats> and I am not in the kvm group
<kirkland> huats: and you can run virt-manager vm's with kvm acceleration, right?
<huats> kirkland: it is the case right
<huats> kirkland: any stuffs to test that ?
<huats> (to validate because I am 99% sure it is the case)
<kirkland> huats: do vm's run slow as snot?
<huats> kirkland: nope they all run very well
<huats> ...
<kirkland> huats: i think this is actually fixed by a hal policy i wrote for kvm
<kirkland> huats: grab the kvm source
<kirkland>   * Add debian/10-kvm.fdi, debian/org.freedesktop.hal.kvm.policy: hal object
<kirkland>     descriptor and policy file for kvm/virt-hardware
<kirkland>   * debian/kvm.install; Put the hal/PolicyKit configuration in the correct
<kirkland>     place (LP: #273764)
<kirkland> huats: i think that should render the virt-manager patch unnecessary
<kirkland> bug #273764
<uvirtbot> Launchpad bug 273764 in kvm "add hal/PolicyKit support to kvm" [Wishlist,Fix released] https://launchpad.net/bugs/273764
<huats> kirkland: actually I am running (for a few days)the new virt-manager (that I am about to push) WITHOUT your patch (the one we are talking about here) ... and it runs fine. Further more when I try to create a vm, it says at the end "virt type" "kvm", which tends to say it is useless now
<kirkland> huats: okay, and you're definitely NOT in the kvm group?
<huats> no I am not
<huats> I have also checked the /etc/group file
<huats> I am in the admin group, but I am not using sudo and I am not asked for my passwd
<huats> kirkland: so I think we can skip it now
<kirkland> huats: yeah, it think we're good
<huats> ok great
<kirkland> huats: in your changelog, where you explain why you drop this patch...
<huats> so thanks for your help !
<kirkland> huats: please mention LP: #273764
<kirkland> huats: thanks for your merge!
<kirkland> huats: let me know if you need sponsorship
<huats> I will refer to it for sure....
<huats> kirkland: will do !
<lionel> kirkland: a collegue and I just made a bit of work on bug #243393 . Do you think we can get the onliner fix in the next kernel SRU upload?
<uvirtbot> Launchpad bug 243393 in linux "dmesg is flooded with warnings in kvm/mmu.c" [Low,Fix released] https://launchpad.net/bugs/243393
<ScottK> lionel: I'd ask in #ubuntu-kernel.
<lionel> ScottK: that's a good idea. Thanks for the hint
<kirkland> lionel: +1 to what ScottK said ;-)
<lionel> kirkland: I asked in #ubuntu-kernel, waiting for the answer now :)
<sgsax> I'm looking at a little project that will correlate USN reports with package update status
<sgsax> are the reports available in raw xml and/or in a more concise (brief) format?
<mathiaz> kees: jdstrand: mdeslaur: ^^
<jdstrand> sgsax: https://code.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master should have everything you need
<jdstrand> sgsax: there is also an rss feed at http://www.ubuntu.com/taxonomy/term/2/0/feed
<sgsax> yes, I've been using the rss feed standalone in tbird, I'm wanting to do some scripting with it
<sgsax> thanks, I'll look at that
<axisys> ScottK: hmm.. just saw your comment
<axisys> ScottK: it says not recommended to use -d
<ScottK> axisys: -d is overloaded.  It means upgrade to the development release and also upgrade to the next non-LTS release.
<axisys> ScottK: oh ok.. thnx
<ScottK> Assuming you want to upgrade to Intrepid (and then maybe Jaunty) that's what you want.
<ScottK> The warning is about the development release.
<axisys> ScottK: u assumed correct
<axisys> ScottK: did not work
<axisys> ScottK: sudo do-release-upgrade -d
<axisys> [sudo] password for iqbala:
<axisys> Checking for a new ubuntu release
<axisys> No new release found
<ScottK> axisys: Don't know what to tell you.  It worked on my Hardy server when I tried it just now.
<axisys> ScottK: hmm there might a file somewhere .. i forgot the name .. that it reads .. let me do strace
<axisys> /etc/update-manager/release-upgrades says Prompt=normal .. still not doing it..
<ivoks> did you update before that?
<kees> sgsax: specifically what report are you trying to generate?  (we may already have a tool for it...)
<sgsax> kees: a very simple one, are you familiar with gentoo's glsa-check?
<huats> kirkland: I need to run, but LP: #389564 is ready with u-s-m subscribe
<huats> please comment or mail me if something is wrong !
<sgsax> basically, what I'd ultimately like to be able to do is extract a simple package name, version number, and one-sentence summary from the USN
<sgsax> that is relevant to the local machine
<sgsax> the first two parts should be simple, the abbreviated summary I was hoping to find an existing source to draw from
<miked> I posted this to the server listserv but realized I should've tried this first: does anyone know how to get mibII/mta_sendmail module support for the snmpd package that is available via the repos?
<axisys> i did the sudo apt-get update  before that .. if that question was for me
<axisys> !seen ivoks
<ubottu> I have no seen command
<axisys> seems like ivoks left
<axisys> and seen is not a valid command either
<grumpling> Sorry if I repeat my question too soon but, does anyone know how to get mibII/mta_sendmail module support in for the snmpd package that is in the repos?
<kees> sgsax: I'm not, sorry
<JackB21> buena historia
<kees> is there a way to preseed debconf questions so I'm not prompted during apt-get install ?  hrm
<mathiaz> kees: debconf-set-selections?
 * kees reads manpage
<kees> mathiaz: hm, will debconf-set-selections take a subset?  i.e. running it with just the package's settings won't wipe everything else?
<mathiaz> kees: I don't think so
<mathiaz> kees: IIUC debconf-set-selections can be used to preseed specific questions
<kees> mathiaz: cool, that's perfect
<mathiaz> kees: I don't think it wipes the rest of the debconf database (that would be odd)
<kees> the manpage worried me :)
<sgsax> kees: glsa-check basically looks at the current list of glsa's (comparable to usn's), compares it to the list of currently installed packages, and generates a list of packages that are out-of-date and vulnerable
<emptyrobotboy> I have ubuntu server 8.04 LTS and I have a PHP script that uses curl to open a website. This is failing at curl_init(). Do I need to install additional libraries? If so, how?
<kees> sgsax: ah, but wouldn't "apt-get install dist-upgrade" show the same list?
<kees> sgsax: or do you want it finer grained?
<kees> sgsax: I wonder if nxvl has anything like this yet.
<sgsax> I'm doing something similar by parsing output from -s dist-upgrade
<sgsax> the glsa-check goes one step further by adding the vuln ID and a very terse summary of the vuln
<sgsax> so you can easily look up the vuln and decide if it's an urgent threat or not
<sgsax> kees: sample output: http://pastebin.com/mbfed63
<centaur5> Can you mix kickstart preseed options with d-i options in the same file?
<HaiHarry> sorry, this is a test
<benc1> can someone recommend a book for learning how ubuntu/linux works?
<benc1> I have basic ubuntu knowledge but I want to learn about the internals
<HaiHarry> Have you read ubuntu server guide
<HaiHarry> which is available for download from ubuntu site
<benc1> HaiHarry: no. I'll start with that
<benc1> HaiHarry: I'm looking for more basic linux understanding about threads, processes and sockets
<benc1> HaiHarry: actually this guide looks great. thanks
<HaiHarry> benc1: you are welcome
<bobg> the tcp_congestion_control on my hardy xen kernel is set to "reno" and apparently reno is the only one compiled into the kernel (tcp_available_congestion_control =="reno"). What would I need to do to try "bic"
<bobg> the reason I notice is that I have a switch problem thats causing packet loss to all of our servers, but only the Ubuntu servers are choking on it. A similar debian etch server has "bic" and the packet loss is hardly noticable
<petx> hi all... is there something that can scan windows shared folder...??
<bobg> try smbtree
<bobg> i think there are a couple smb* commands that do things like that
<petx> bobg, what command??
<bobg> smbtree
<petx> bobg, yups... I've tried it..
<petx> bobg, but I'm confused.. I mean  the GUI scanner may be... any clue...??
<bobg> i don't understand "the GUI scanner..." what do you mean by "scan"
<petx> bobg, hmm... I meant the GUI shared folder scanner like smbtree command.. but it appears by GUI...
<petx> something like places -> network...
<jared555> hello, with ubuntu server I am trying to create a LVM virtual machine with vmbuilder.  anyone know why specifying a LVM partition using --raw returns an error?  it is the kvm hypervisor
<jared555> err... it doesn't return an error.... it just creates a VM that will start and nothing else
<bobg> petx: don't know -- sorry. I don't run a gui on my servers
<petx> bobg, owh ok... thx...
<bobg> anyone know a good channel for network tuning and analysis?
<bobg> i want to find out why ubuntu uses reno and not bic or cubic that are the default in modern kernels (according to wikipedia tcp congestion page)
<uvirtbot> New bug: #389715 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: le sous-processus post-installation script a retourn? une erreur de sortie d'?tat 1" [Undecided,New] https://launchpad.net/bugs/389715
#ubuntu-server 2009-06-20
<drurew> !info landscape
<ubottu> Package landscape does not exist in jaunty
<drurew> !landscape
<ubottu> Landscape makes the management and monitoring of Ubuntu systems simple and effective by combining world-class support with easy to use online management tools. https://landscape.canonical.com/
<drurew> !management
<ubottu> Sorry, I don't know anything about management
<racecar56> what are the requirements for ubuntu server
<sarthor> Hi, here is gateway ping script ( for using in case multiple uplink using) http://blog.taragana.com/index.php/archive/how-to-load-balancing-failover-with-dual-multi-wan-adsl-cable-connections-on-linux/ , one of my ISP dont allow pinging yahoo.com, they are not agree, what can do alternat, any idea?
<Sarthor> d
<edmundo> can anyone point me any documentation about ubuntu's initialization process?
<diffra> start with man init?
<diffra> oh, he left anyway
<diffra> slightly OT: can someone take a look at this smartctl output?  pretty sure the disk is dying.  http://diffra.com/disk.txt
<AnAnt> debian bug 533442
<uvirtbot> Debian bug 533442 in mutt "mutt: Recommend default-mta instead of exim4" [Wishlist,Open] http://bugs.debian.org/533442
<AnAnt> the maintainers of mutt told me "the policy says that the first depend should be always a real package and not a virtual (check debian policy 3.8.2); "
<AnAnt> is Ubuntu having a different policy from Debian in this matter ?
<diffra> ubuntu's stuck with the debian policy as far as I know.  Which is a shame, as ubuntu(and I) prefer postfix.
<AnAnt> there was an email in Ubuntu saying to depend/recommend default-mta instead of exim4
<AnAnt> that's why I ask
<ScottK> AnAnt: I think depend on a real package first policy only applies to virtual packages that can be provided by multiple different packages.  default-mta should only be provided by one package at a time, so it should be fine.
<AnAnt> ok, seems the debian maintainers didn't know about this: debian bug 508644
<uvirtbot> Debian bug 508644 in general "Sorting out mail-transport-agent mess" [Important,Open] http://bugs.debian.org/508644
<AnAnt> and http://lists.debian.org/debian-devel/2008/05/msg00381.html
<ScottK> AnAnt: What I find in policy is, "If you want to specify which of a set of real packages should be the default to satisfy a particular dependency on a virtual package, you should list the real package as an alternative before the virtual one."
<ScottK> Since default-mta isn't a set of packages, I think it's not at all relevant.
<ScottK> http://www.debian.org/doc/debian-policy/ch-relationships.html#s-virtual
<AnAnt> thanks
<AnAnt> ok, someone on debian-mentors (OFTC), brought up this point:
<AnAnt> 08:01 <raphael> but also in practice, there's an important issue: what happens when you want to transition from, say, exim providing default-mta to postfix providing default-mta?
<AnAnt> 08:02 <raphael> whenever that happens, there will be more than one package providing default-mta
<ScottK> For about a day.  It doesn't matter.
<ScottK> The decision has been done to do it this way and so being obstructionist is silly.
<AnAnt> oh he continues:
<AnAnt> 08:03 <raphael> but then again, in practice that won't be a problem
<AnAnt> ok, responding to the mutt bug ;)
<lamont> ScottK: for less than a day
<ScottK> lamont: Yep.  Probably for much less.
<AnAnt> I didn't understand that sentence btw "For about a day..."
<lamont> AnAnt: specifically, the decision to make default-mta a Provides: instead of a real package was very intentional, and actually made sense, even though it hurt
<lamont> AnAnt: it's a question of how long it takes to upload both packages, and I expect it'd get NMUed  (with a blessing) by whichever maintainer did the cutover
<AnAnt> lamont: what both packages ?
<lamont> meaning that both packages would probably hit the archive in the same dinstall run
<AnAnt> lamont: and whats the reason that default-mta is a virtual instead of real package ?
<lamont> exim4 and postfix
<lamont> I forget - just that it was enough for me to go "oh, doh. sigh, yeah.'
<AnAnt> the java guys have a default-jdk/jre/...
<lamont> there was a discussion on debian-devel about it, where the reason was raised
<lamont> discussion here or #ubuntu-devel on june 3 ish
<AnAnt> mutt 1.5.20 is buggy, why did I ever merge this !
<lamont> AnAnt: I think it was something to do with upgrade paths
<lamont> and not yanking the installed MTA out from under something if we changed what provided default-mta or some such
<AnAnt> ok, thanks
<alex_> Could someone help me please i'm new to useing a linux server i'm coming from a windows platform and I just installed ubuntu Server and it seems to be working but it seems to be all command line is there a GUI
<alex_> Or maybe i messed up the install somehow?
<alex_> I feel completly bewildered here.
<diffra> alex_: ubuntu server is just command line.  the less software that's running, the more risk there is of security holes in that software.
<diffra> this might help you get started: https://help.ubuntu.com/community/UsingTheTerminal
<diffra> if you want to install a gui, you can run the command 'sudo apt-get install ubuntu-desktop'
<alex_> That helps alot thank you diffra i wasn't sure what in the world i was going to do moving from nice graphics to command
<alex_> I remember dos but it is fairly distant and not the same as this
<diffra> no problem.  I've made the opposite transition recently.  Always been a linux guy, but my new job is supporting jboss and tomcat on windows server 2008.
<alex_> I'm sure that's fun
<alex_> It's just a whole new learning curve to make the transition
<diffra> sure :)  I'd just recommend if you're going to deploy a production type application, disable the GUI.  There arent' any specifc security issues, but it's good practice.  And you gain back a hundred or so megs of ram.
<alex_> Yeah i'm going to spend the night learning how to operate in the termial environment
<diffra> cool!  Feel free to ask any questions you have.
<diffra> Us linux folk tend to go to extreme lengths to help people transition, because once you do, you usually don't go back!
<Jomyoot> mount.nfs: internal error
<Jomyoot> Searching on Google says I have to recompile NFS with specific options
<Jomyoot> Is there a better solution?
<Jomyoot> My NFS server can be mounted by anything else so far but not from ubuntu
<twb> "recompile nfs"?  It's part of the kernel.
<twb> Jomyoot: are you blocking UDP?
<Jomyoot> my nsf server uses only tcp
<Jomyoot> ont udp
<Jomyoot> my nsf server is freebsd
<twb> It would appear that the Linux NFS client wants to use UDP a little bit, even when mounting with -o tcp.
<twb> Based on http://bugs.debian.org/477503
<twb> Ah, portmapper uses UDP, of course.
<twb> I suggest you enable UDP, at least temporarily.  If it starts working, that will show that the problem is UDP-related.
<Jomyoot> twb: if problem is UDP related, then what do I do?
<Jomyoot> because opensolaris and freebsd can connect to it as client, no problem at all
<Jomyoot> only this ubuntu box is having problem
<Padhu> How can i install apache & php for Sqlite database in ubuntu-Desktop? apt-get is enough?
<ghostlines> hi all
<ghostlines> I have an nfs server setup, and in my exports file i set the anongid to 501
<ghostlines> I chowned some of my files to group 501, and group has right permissions, but I still can't write to it as user 501
<ghostlines> anyone know why this may be happening?
<Batty5> mobi-sheep I cannot seem to find further information and was wondering where I could look next.  I checked /var/log/proftpd and /var/log/pure-ftpd and did not find any errors.  Though I keep getting timeouts when issuing any comands after logging in.  http://pastebin.com/m4a0f29c8
<EmanSaad> please can anyone help me a have an urgent problem?
<pmatulis> EmanSaad: read the topic of this channel
<metalfan_> hi
<metalfan_> OT: im looking for a webinterface to control counter strike source servers...googling around pops up many self made scripts but nothing really serious
<ghostlines> can anyone help me with this nfs prob: http://paste.ubuntu.com/200079/
<Hamzifer> kirkland: when you return, any chance you could publish the byobu debian package somewhere for me? <3
<n0de> Hi having a big issue with installing ubuntu server with raid 1. help apreshiated :)
<EmanSaad> please I need an urgent help can anybody help me?
<ghostlines> EmanSaad, just ask your question maybe someone can help
<EmanSaad> ok, I have a problem of GRUB error 17
<EmanSaad> I cann't reboot to Win or UBUNTU
<n0de> how can i bring up a command line in the installation process?
<EmanSaad> can anyone help
<metalfan_> ghostlines, is your user in the group 501?
<ghostlines> metalfan_, yeah
<ghostlines> wait let me double check that
<metalfan_> if you did add the user to that group by hand you have to login again
<ghostlines> metalfan_, maybe I don't understand permissions correctly but the group id of a file is 501
<ghostlines> and my uid is 501
<ghostlines> but my group id is 20
<metalfan_> maybe you fucked up
<metalfan_> every file has a user and a group
<metalfan_> you can be in multiple groups
<metalfan_> sudo gpasswd -a youruser 501
<metalfan_> that should add your user to group 501
<ghostlines> ok but, question if my uid is 501 shouldn't I automatically be in group 501?
<Hecate> no
<metalfan_> check that with "groups"
<ghostlines> ahh k I guess that's my prob, thanks dudes
<ghostlines> I'll fix that then get back to yall, thanks alot
<PhotoJim> yes, groups and userids are completely separate
<metalfan_> ...what a surprise
<Batty5> mobi-sheep I cannot seem to find further information and was wondering where I could look next.  I checked /var/log/proftpd and /var/log/pure-ftpd and did not find any errors.  Though I keep getting timeouts when issuing any comands after logging in.  http://pastebin.com/m4a0f29c8
<PhotoJim> I can see that being slightly unintuitive if you don't know it.
<ghostlines> it just seemed common sense to me that a user would automatically be in his own group too
<metalfan_> ubuntu seems to attract very naive people, even the server edition
<ghostlines> guess not and that's just a fact then
<PhotoJim> the only person that's never made a dumb assumption about something to do with computers has never used a computer. :)
<Hecate> that's a ubuntu specific beahviour (to creata a group with the same id and name and automatically making a newly create user that very group's member)
<Hecate> but i would not rely on it, particalarly not when working on a different distribution
<ghostlines> exactly Hecate
<Hecate> PhotoJim, wisely spoken.
<ghostlines> because I just checked and Hecate is correct on ubuntu by default your groups also has your ownn uid in it as well
<PhotoJim> I know my way around computers, and I've made enough dumb assumptions.  The difference between advanced and elementary users is the frequency of those assumptions :)
<ghostlines> i got caught by this because i indeed am working on another distro
<PhotoJim> the differences between distros can be somewhat confusing.
<Nafallo> ghostlines: except that groups doesn't have uids... they have gids.
<NorthByNorthWest> Hi all! Trying to mount a shared folder but I get "Failed to mount Windows-share" why? Its shared on a Ubuntu Server using webmin... cant figure out how to fix! Please help!
<ghostlines> Nafallo, sorry your right that's whay i meant
<PleXs> anyone did succeed to usb printer support on kvm? I get BSOD on my Windows server 2003 (BUGCODE_USB_DRIVER) :S
<ivoks> never tried that...
<PleXs> Everytime i want to print i get that BSOD
<ivoks> is it a postscript printer?
<metalfan__> ive created a user with "useradd -m myuser"    but somehow the prompt is not set, tab completion does not work?
<ivoks> metalfan__: useradd doesn't create home directory
<ivoks> metalfan__: you should've add it with 'adduser'
<metalfan__> -m does
<ivoks> oh, missed that
<ivoks> maybe it doesn't copy from /etc/skel?
<ivoks> oh, it does that too
 * RoAkSoAx says hello
<metalfan__> ivoks, yes..but youre right adduser does more
<PleXs> ivoks, no
<metalfan__> ah nice, a working prompt
<metalfan__> PleXs, useradd does copy .bashrc .profile
<metalfan__> but somehow they are not sourced
<metalfan__> and the source command is unavailable
<ivoks> metalfan__: what's the shell?
<ivoks> metalfan__: maybe it's /bin/sh, instead of /bin/bash
<metalfan__> default, bash i guess
<ivoks> useradd, iirc, puts sh as default
<metalfan__> anyway...doesnt matter. useradd worked as expected
<metalfan__> Ã¤hm adduser i meant
<metalfan__> but why is world readable set for files like .profile / .bashrc?
<ivoks> cause of default umask
<ivoks> and permissions in /etc/skel
<twb> metalfan__: is there a reason you want to conceal .profile and .bashrc?
<metalfan__> no
<twb> GNU/Linux systems tend to default to world-readable for non-sensitive files, because you can learn a lot by looking at someone else's configuration
<metalfan__> i was used to 750 for home dirs
<twb> You can get that by editing adduser.conf, if you want
<metalfan__> no, im just a hobby linux user....i will go with the default
<metalfan__> makes sense
<metalfan__> well, maybe the file creation mask could be changed.....its also 755
<ivoks> 644
<ivoks> it's umask
<metalfan__> or that, but still files are world readable
<ivoks> define it in .profile
<ivoks> yes, they are
<twb> metalfan__: it's for the same reason.
<metalfan__> well, if i accept other persons on my server i dont want them to read my whole home, theirs private data
<ivoks> then change default umask
<ivoks> and come again when you're going to try set up web server :)
<metalfan__> what where the values for read,write,exceute again?  4,2,1?
<metalfan__> ivoks, i will change my users .profile
<axisys> anyone knows how to upgrade from 8.04 server to newer release? I did do-release-upgrade -d
<axisys> but it did not find any new release
<axisys> sudo do-release-upgrade -d
<axisys> Checking for a new ubuntu release
<axisys> No new release found
<ivoks> axisys: -d is for development versions
<axisys> sudo do-release-upgrade says the same thing
<axisys> sudo do-release-upgrade
<axisys> Checking for a new ubuntu release
<axisys> No new release found
<ivoks> check /etc/update-manager/release-upgrades
<axisys> ivoks: http://pastebin.com/f3b7f6951
<axisys> says normal
<ivoks> did you run update?
<ivoks> and dist-upgrade?
<metalfan__> is there a shortcut for a normal software upgrade "sudo aptitude update && sudo aptitude safe-upgrade" thats what im currently using, get new version information and upgrade
<ivoks> alias do_stuff="sudo aptitude update && sudo aptitude safe-upgrade"
<metalfan__> thx
<axisys> ivoks: i ran sudo apt-get update; sudo aptitude dist-upgrade; sudo do-release-upgrade .. same message .. no new release
<ivoks> axisys: which mirror do you use?
<axisys> http://www.cyberciti.biz/faq/howto-upgrade-ubuntu-servers-804-to-810/ did not help
<axisys> ivoks: http://archive.linux.duke.edu/ubuntu/
<ivoks> maybe that's not most recent one?
<axisys> ivoks: may be.. let me find another mirror.. is there a way to use a different mirror than apt sources file w/o changing in the file.. using a switch w/ aptitude ?
<ivoks> change it to some official mirror
<axisys> ivoks: cannonical ?
<ivoks> axisys: to the mirror from your country
<axisys> ivoks: oh ok, then  http://us.archive.ubuntu.com/ubuntu/
<axisys> ivoks: is there a magic way to change the mirror address in the sources.list file w/o using sed ?
<ivoks> i find sed being true magic
<axisys> on the client i could just pick another one from gui .. easy
<axisys> s/client/desktop/
<axisys> ivoks: :-)
<Hamzifer> kirkland: nm, installed the latest ubuntu package from the ppa in debian and it seems to work fine. thanks anyway :)
<axisys> ivoks: as long as my regex is correct
<fullmetalj> hello
<fullmetalj> is any one run umbuntu server a mail server
<fullmetalj> any one in room
<ivoks> yes
<ivoks> and yes
<fullmetalj> hi ivoks
<fullmetalj> do you your mail server on ubuntu
<ivoks> yes
<fullmetalj> but your mail server pop 3 smtp
<ivoks> pop3, imap, smtp...
<axisys> looks like this is something what I was looking for http://www.go2linux.org/find_the_fastest_debian_mirror-apt-spy_and_netselect-apt
<fullmetalj> why on deboian
<giovani> axisys: do you really change the servers often enough that it's a concern?
<giovani> fullmetalj: debian and ubuntu are incredibly similar
<fullmetalj> ohhh i see
<axisys> giovani: not really.. i am just looking for a easier way to change the mirror then sed or manual
<ivoks> lol
<ivoks> you could've change it 1001 times already
<giovani> axisys: I just can't imagine that the time required to change it once or twice is probably 1/10th the time it takes to find a solution
<giovani> ivoks: hah, exactly
<giovani> not to mention, that's not really a "solution"
<giovani> apt-spy and netselect are designed for something specific, which as a side effect, runs sed, essentially
<metalfan__> what do you use to see current network traffic? ive used bmw-ng until now
<giovani> metalfan__: rrdtool
<metalfan__> giovani, no i was for current usage in this moment
<metalfan__> not long time monitoring with logging
<giovani> well "speed" always has to be measured over some time period
<giovani> there's no way to measure speed in an instant -- so it's just a matter of how long your sample period is
<giovani> but I have no need for near real-time speed graphs/indicators ... they're easy enough to write up though
<axisys> i am getting this with new sources list
<axisys> Err http://security.ubuntu.com hardy-security/main Translation-en_US                                       Could not connect to security.ubuntu.com:80 (91.189.88.37). - connect (113 No route to host)
<giovani> sounds like you don't have a route to that host :)
<axisys> here is how my new sources.list looks like http://pastebin.com/f6ec9a7cd
<giovani> not too confusing
<Nafallo> axisys: does us.archive work for you?
<peanutb> hey. Im having some weird messages coming in on postfix, and getting denied. this shows up in syslog. http://p.linode.com/2577 . What scares me is that there is "teampronto.com" on the server, but i dont know where a preston@teampronto.com would come from
<axisys> Nafallo: that is getting same error too .. i guess i should go back to http://archive.linux.duke.edu/ubuntu/ .. that works fine
<peanutb> (sorry for double posting, I thought I was in #ubuntu-server instead of #ubuntu earlier)
<giovani> peanutb: it's called spam?
<axisys> but that mirror does not find new release .. i am on hardy now
<peanutb> giovani, should I be worried? or is it doing what it shoud be
<giovani> peanutb: it's spam ... receiving spam is normal
<giovani> there are plenty of resources for learning how to reduce it -- in this case, it rejected the address, as postfix should, because it doesn't know about it
<giovani> that address is bogus
<Nafallo> axisys: you might find https://edge.launchpad.net/ubuntu/+archivemirrors of interest to you.
<axisys> Nafallo: ok
<axisys> Nafallo: i am coming from US .. so i was hoping us.archive would work..
<axisys> Nafallo: would be nice if there is a way to find the best mirror like ubuntu desktop does
<benc1> is there a recommended tool for automating a server setup?
<giovani> benc1: automating in what way?
<benc1> Installing packages, building from source, editing config files
<giovani> uh
<Nafallo> custom scripts and preseed can do that
<benc1> I want to have a script that does all that so I can edit it and improve instaed of redoing everything every time
<giovani> benc1: that's what like change management tools are for
<benc1> preseed?
<giovani> I'd advise against one-off scripts
<benc1> is there a recommended one?
<giovani> if you'd like to scale it
<giovani> benc1: no "recommended" one, no
<benc1> what is one-off scripts?
<giovani> sigh
<giovani> "one-off" is an english phrase to describe items/objects/tasks that are done custom, for one particular need
<benc1> why not use a script?
<giovani> because it's not scalable and flexible?
<giovani> if a script works for you ... use it
<benc1> what is the alternative?
<giovani> <giovani> benc1: that's what like change management tools are for
<giovani> cfengine, puppet, etc
<benc1> thanks. I'll look it up
<giovani> it's likely not what you want though
<giovani> it sounds like you're happy with your script
<benc1> no I don't :)
<benc1> I've headrd of fabric but not sure how it works yet
<giovani> ok, well, cfengine/puppet are really not simple things to deploy
<benc1> I'm doing a one man show so it can't be too time consuming. but I'll read about it anyway
<giovani> how many servers are you managing?
<benc1> currently one but I'm constantly starting from a fresh server because I'm experimenting all the time
<giovani> heh
<giovani> these systems are not for you
<giovani> when you start dealing with -maybe- dozens, or more realistically, hundreds of systems
<benc1> I have serveral vbox ubuntu servers locally and I keep breaking them on purpose :)
<giovani> these systems are essential, and useful
<benc1> ah ok. I'll be dealing with 2-3 tops
<giovani> and they're going to be identical?
<giovani> if not ... then you should be doing them one at a time, manually
<benc1> even if they are not identical I'll to automate them
<benc1> and to be able to have some kind of script/log that I can edit to add or remove stuff
<giovani> well, unless you have an extremely predictable and repetitive setup ... scripting them is not going to help
<benc1> when I setup manually it takes a whole day
<giovani> a whole day?
<giovani> what are you doing?
<benc1> ok
<benc1> I'm installing apache/django/xmpp server and nginx as a proxy
<giovani> a day?
<giovani> that should be more like an hour or two
<giovani> tops
<giovani> and you shouldn't be compiling things one-off
<benc1> maybe but still I would like to automate it
<giovani> if you plan to use it over and over
<giovani> you should be packaging what you need
<giovani> and deploying the packages
<benc1> maybe that's what I'm looking for
<giovani> well
<giovani> that depends on what you're automating
<benc1> can I bundle several packages together with custom config files?
<giovani> you can put anything in a package ... whether it's advisable or not is a different matter
<benc1> good.
<benc1> not sure it is much different then a script though
<giovani> well you're being incredibly vague
<giovani> so unless you're more specific, it's difficult to advise you
<giovani> if you make a list of exactly what you're doing ... or what you'd like to do
<giovani> I can make recommendations on what tools/methods best suit each task
<AdamDV2> I have a problem
<AdamDV2> I'm running A Linode VPS, with Ubuntu Jaunty 64-bit
<AdamDV2> I tried doing a:
<AdamDV2> sudo apt-get install sun-java5-jre
<AdamDV2> But get this:
<benc1> my system consist of several django websites served using apache/mod_wsgi talking to an XMPP server all behind an nginx proxy
<AdamDV2> E: Package sun-java5-jre has no installation candidate
<fullmetalj> i gust ask if you run mail server
<AdamDV2> Anyone know whats wrong?
<giovani> AdamDV2: I believe you need to enable the restricted repositories
<giovani> java is non-free
<AdamDV2> Hmm
<AdamDV2> Heres my /etc/apt/source.list
<AdamDV2> It seems a bit odd.
<AdamDV2> giovani: http://go-techo.com/sources.list
<Nafallo> sun-java5-jre | 1.5.0-18-1 | http://archive.ubuntu.com jaunty/multiverse Packages
<AdamDV2> Any ideas?
<giovani> ok, then it's in multiverse :)
<giovani> so enable that
<AdamDV2> HOw?
<AdamDV2> Theres no line :D
<giovani> you add multiverse
<giovani> onto the end of a line
<AdamDV2> AH, ok.
<giovani> btw, multiverse is the non-free section
<Nafallo> for universe
<giovani> yeah
<Nafallo> (we have two)
<giovani> that's clear now :)
<AdamDV2> Well, I don't mind not using free software.
<AdamDV2> I prefer it, but don't require it
<giovani> AdamDV2: right, which is why non-free software is provided, but separate from the other packages
<axisys> ivoks: changed the mirror http://pastebin.com/f5eec8000 .. still getting same no new release found http://pastebin.com/f28a2cd25
<AdamDV2> Ok
<AdamDV2> Trying o install again
<AdamDV2> (after an apt-get update)
<giovani> axisys: you're trying to use an old version of ubuntu?
<ivoks> axisys: did you update and dist-upgrade?
<AdamDV2> There we go!
<AdamDV2> Thanks
<Nafallo> axisys: ah. so that was the problem. well. your previous errors seems to suggest you are unable to talk to Canonical's data centre, which is where the files to check for new versions reside
<giovani> http://old-releases.ubuntu.com/ubuntu
<giovani> is the repo for old releases
<axisys> giovani: i am trying to upgrade from hardy to a higher release
<giovani> ah
<ivoks> axisys: dist-upgrade?
<Nafallo> ivoks: as I said... with no route to the Canonical data centre, dist-upgrade's check won't work.
<ivoks> ah
<axisys> ivoks: http://pastebin.com/f71f9d79c
<giovani> his internets is broken
<ivoks> axisys: do you have proxy you could use?
<axisys> giovani: http://pastebin.com/f28a2cd25 this does not suggest so
<ivoks> axisys: notice that i said dist-upgrade :)
<ivoks> but that won't fix the problem
<ivoks> you need proxy
<giovani> axisys: so if it works, what's the problem?
<axisys> ivoks: i did try dist-upgrade
<axisys> giovani: it says no new release found
<giovani> you're on hardy now?
<axisys> giovani: yes
<giovani> ...
<giovani> wtf
<Nafallo> oh. dist-upgrade... that should work, but isn't it do-release-upgrade that's wanted?
<giovani> then you need to put something NEWER than hardy
<giovani> in your sources.list
<ivoks> giovani: no
<giovani> clearly it can't dist-upgrade to itself
<Nafallo> oh wait.
<Nafallo> this makes sense.
<ivoks> dist-upgrade isn't for upgrading between distributions
<Nafallo> hmm
<ivoks> in ubuntu, at least
<giovani> dist-upgrade is for upgrading between major revisions
<ivoks> of debian
<axisys> yes dist-upgrade is not to upgrade to new release.. do-release-upgrade is
<Nafallo> axisys: grep ^Prompt /etc/update-manager/release-upgrades
<ivoks> correct
<axisys> Nafallo: normal
<ivoks> Nafallo: that's been handeld :)
<axisys> :-)
<Nafallo> hm. oki. so it's down to the routing then I'd say.
<axisys> Nafallo: i dont get any routng error
<ivoks> well, one way we could really find out where the problem is...
<axisys> Nafallo: it says no new rlease found
<ivoks> is to start python shell
<ivoks> and then run do-release-upgrade in it
<axisys> ivoks: i am listening
<Nafallo> axisys: could you pastebin mtr -rn security.ubuntu.com for us please?
<axisys> Nafallo: i am not using it
<axisys> Nafallo: security.ubuntu.com that is
<Nafallo> axisys: that wasn't my questio
<axisys> Nafallo: i know .. but just an fyi
<Nafallo> axisys: I'm more interested in seeing that you can reach the data centre :-)
<ivoks> i wouldn't paste that info, if i was you
<ivoks> :]
<axisys> ivoks: i am on python
<axisys> python calls the python shell .. correct?
<ivoks> yes
<axisys> ivoks: and now run do-release-upgrade in it?
<ivoks> python -vv /usr/bin/do-release-upgrade
<axisys> ivoks: http://pastebin.com/f721042ba
<ivoks> so, everything is find with libraries
<ivoks> fine
<Nafallo> DEBUG = os.environ.has_key("DEBUG_UPDATE_MANAGER")
<Nafallo> http://changelogs.ubuntu.com/meta-release
<Nafallo> try reaching that URL
<ivoks> right
<RoAkSoAx> ivoks, is there any howto on how to package with dkms?
<ivoks> RoAkSoAx: not really
<ivoks> RoAkSoAx: you need to know how to package and how to use dkms and put that together
<RoAkSoAx> ivoks, ok i'll start on the how to package :)
<ivoks> you need dkms?
<axisys> Nafallo: i cannot reach the changelogs
<ivoks> that's your problem
<ivoks> Nafallo: good catch ;)
<RoAkSoAx> ivoks, I don't know actually... since you told me that it would be better to package a kernel module with dkms
<axisys> ivoks: hmm
<Nafallo> ivoks: I did say that a while ago as well...
<axisys> Nafallo: thanks man
<axisys> Nafallo: :-)
<ivoks> RoAkSoAx: i haven't said that... i was talking about drbd
<Nafallo> axisys: no worries. now sort out your routing to Canonical's data centres ;-)
<RoAkSoAx> ivoks, when I asked you how to package layer7switching, which contains a kernel module and userspace tools, you told me to take a look to dkms to package it with it
<ivoks> RoAkSoAx: ah, that... note to RoAkSoAx: I haven't looked at layer7switching; maybe it's a patch for iptables, as l7-filter
<ivoks> so then dkms is useless
<axisys> i do have ssh access to another server which has access to changelogs.. this other server is jaunty ubuntu server
<ivoks> then make a tunnel
<Nafallo> dynamic socks proxys ftw :-)
<axisys> do I need to change the mirror ?
<axisys> or there is a switch ?
<axisys> once the tunnel is established that is
<ivoks> there are no swtiches on servers
<RoAkSoAx> ivoks, ok, I'll take a look at it and seek your help when needed :). Btw... can I still work with missing dependencies and FTBFS after this 25 of June (DIF)?
<axisys> so i need to change the sources list ?
<Nafallo> I would set up a redirect directly to changelogs.ubuntu.com:80 in ssh and then tell hosts that changelogs.ubuntu.com is at 127.0.0.1:80 or so :-)
<axisys> how do I tell do-release-upgrade to use the tunnel ?
<ivoks> Nafallo: that's another idea
<axisys> Nafallo: how do I tell changelogs that 127.0.0.1 ? hosts file ?
<Nafallo> axisys: /etc/hosts
<axisys> Nafallo: ok .. thnx
<ivoks> so you tell it that changelogs is that other ubuntu server
<ivoks> and on that other ubuntu server create web server that serves that domain :)
<Nafallo> hmm. that's not how I would do it doh :-)
<ivoks> and it only proxies to reall changelos.ubuntu.com
<Nafallo> thou even
<Nafallo> ssh -L 80:changelogs.ubuntu.com:80 otherserver
<Nafallo> that should make 127.0.0.1:80 changelogs.ubuntu.com
<axisys> lynx http://127.0.0.1/meta-release works
<axisys> now what ?
<Nafallo> axisys: done the hosts thing?
<Nafallo> axisys: if so, try if you can go to http://changelogs.ubuntu.com/meta-release
<axisys> 127.0.1.1 changelogs.ubuntu.com
<axisys> Nafallo: http://pastebin.com/f77a0d7a7
<axisys> Nafallo: i wonder if lynx read hosts file
<Nafallo> and if not, change 1.1 to 0.1 in /etc/hosts
<axisys> /etc/hosts file that is
<axisys> there we go!
<Nafallo> good. do-release-upgrade should work better now
<axisys> Nafallo: it is !!
<axisys> Checking for a new ubuntu release
<axisys> Failed Upgrade tool signature 0% [Working]
<Nafallo> hmm. that's should be something else.
<axisys> http://pastebin.com/f5a33c4ce
<ivoks> hehe
<ivoks> go to /tmp
<Nafallo> ohhaha
<Nafallo> it hardcodes a.u.c :-P
<Nafallo> nice
<ivoks> yeah
<ivoks> take care..
<axisys> http://pastebin.com/f644b9b82
<axisys> dont see any .gz file there
<axisys> Nafallo: whats a.u.c ?
<Nafallo> axisys: grep intrepid /tmp/tmp*
<Nafallo> axisys: archive.ubuntu.com
<axisys> Nafallo: absolutely nothing
<Nafallo> oh. of course not.
<Nafallo> axisys: sudo grep intrepid /tmp/tmp*
<axisys> Nafallo: same :-(
<axisys> Nafallo: i wonder if we can run it in verbose to see where it puts it.. or even strace ?
<Nafallo> hmm. how helpful.
<axisys> stat64("/tmp/tmpuVeBRG/intrepid.tar.gz", 0xbfe7d578) = -1 ENOENT (No such file or directory)
<Nafallo> oh right. they are directories...
<Nafallo> doh
<axisys> i ran do-release-upgrade as root
<axisys> it did create the /tmp/tmpuVeBRG dir
<Nafallo> and probably different dirs each time it runs :-)
<axisys> Nafallo: yes
<axisys> /tmp/tmpXXXXXX 6Xs ..using dynamic .. like perl's File::Temp
<axisys> anyways .. what do u suggest now
<axisys> is there any article on how to do the upgrade through proxy?
<Nafallo> let me try something
<axisys> Nafallo: you have been very helpful man.. appreciate it!
<Nafallo> axisys: right. you simply want 146.137.96.15   archive.ubuntu.com
<Nafallo> in your /etc/hosts next
<Nafallo> that should point archive.ubuntu.com to mirror.anl.gov locally
<Nafallo> hopefully that make things work
<axisys> Nafallo: i am using http_proxy instead of editing the hosts file now.. it allow me to lynx to changelogs
<axisys> let me edit the hosts file to add your entries
<Nafallo> axisys: oki
<axisys> stat64("/tmp/tmpVdPWsq/intrepid.tar.gz", 0xbff92668) = -1 ENOENT (No such file or directory)
<axisys> same error
<axisys> read(3, "400 URI Failure\nURI: http://arch"..., 64000) = 329
<Nafallo> http://archive.ubuntu.com/ubuntu/dists/intrepid-proposed/main/dist-upgrader-all/0.93.34/intrepid.tar.gz
<Nafallo> does that work?
<axisys> Nafallo: 404
<Nafallo> hmm. did you edit the host file to include the entry for archive.ubuntu.com ?
<axisys> http://pastebin.com/d144645c
<axisys> Nafallo: yes
<Nafallo> yeah, that's not correct.
<Nafallo> 146.137.96.15   archive.ubuntu.com
<Nafallo> not 127.0.0.1
<axisys> Nafallo: let me remove the http_proxy
<axisys> Nafallo: that was it .. i can wget now
<Nafallo> then you should be able to do do_release_upgrade as well
<axisys> Nafallo: working now
<Nafallo> yay
<axisys> wow!!!
<axisys> Nafallo: u da man!!
<Nafallo> just remember to remove the hackz afterwards :-)
<axisys> Nafallo: yep :-) , the tunnel and hosts file
<Nafallo> kewl :-)
<axisys> Nafallo: now i need to setup a permanent proxy for this guy
<axisys> Nafallo: so i never have to do it again
<Nafallo> hehe
<Nafallo> better yet. route all of the /20 through that other server? :-)
<axisys> Nafallo: u have been super helpful .. thanks a lot again
<Nafallo> no worries :-)
<Nafallo> oh. /21, not /20 :-)
<axisys> that changelogs.ubuntu.com ?
<axisys> route add x.x.x.x/21 gw proxyhostip ?
<Nafallo> that's the full Canonical IP range
<Nafallo> 91.189.88.0/21
<axisys> Nafallo: thanks
<axisys> route add 91.189.88.0/21 gw proxyip .. would be the correct syntax . correct ?
<Nafallo> I guess
<axisys> Nafallo: thanks a lot
<Nafallo> ages since I used route :-)
<AdamDV2> WHOOOOOO!!!!
<PleXs> bah
<fullmetalj> any one run mail server pop 3 smtp
<fullmetalj> or can help me do mail server
<AdamDV2> fullmetalj: I can
<AdamDV2> Do you need a mailserver?
<PleXs> I need Usb support in my Kvm :S
<PleXs> Usb Printer support
<PleXs> :)
<PleXs> but there seems to be no Sollution :(
<AdamDV2> fullmetalj: You there?
<orogor> hi here
<orogor> is there a guide on how to setup a wifi access pouint with wpa ?
<orogor> there s a tutorial on how to setup acceess point , but it doesn t talk abnywhere about securing it
<giovani> google has too many to count
#ubuntu-server 2009-06-21
<jdarias> how can i get the info about packages and cpu temperature
<jdarias> i mean the info that appears when a user logs in for the first time
<jdarias> can i get that info by issuing a command in the console?
<jdarias> hello???
<jdarias> helloooooo! (everybody got the rage virus so nobody answers)
<stiv2k> hi
<stiv2k> my roundcube-webmail got hosed when trying to upgrade
<stiv2k> something is wrong with the mysql database, it needs to be upgraded i think
<stiv2k> if only i can figure out how to start the upgrade process agian for roundcube
<giovani> sounds like a roundcube question then ...
<stiv2k> i guess
<stiv2k> giovani: how do i start the update process with apt(itude) again?
<giovani> what update process?
<stiv2k> when i began to update roundcube, it asked me a series of questions what to do about the database configuration.  i want to go back to that so i can try it again
<giovani> was this in a web browser, or in the dpkg configuration?
<stiv2k> dpkg configuration
<stiv2k> it was a ncurses type of dialog
<giovani> dpkg-reconfigure
<stiv2k> nothing happens when i do dpkg-reconfigure roundcube
<giovani> the package is roundcube-core or something, right?
<stiv2k> ah yeah
<stiv2k> roundcube-core
<Alex_21> Hi, all,
<Alex_21> I would like to scan my network since the ip of one of my servers changed after a router upgrade and I can't find it. I have NMAP, but I don't remember how to can 192.168.0.0/24
<Alex_21> Can someone help me?
<Alex_21> Please
<giovani> read the nmap manpage
<giovani> it's very well-documented
<Alex_21> I am having a hard time reading it
<giovani> why?
<Alex_21> I can only read small chunks of man pages because of my screen reader
<giovani> page down
<Alex_21> Nope
<giovani> then fix your screen reader
<giovani> or use google
<giovani> to find an online copy of the manpage
<giovani> ubuntu has a website for manpages
<Alex_21> There is nothing wrong with my SR
<giovani> there is if you can't page down
<Alex_21> I was asking a simple question as I struggle through the Man page
<giovani> I'm in favor of you finding the very well-documented answer, rather than handing it to you
<Alex_21> No, there isn't. I can page down, but the way things work, I can't read what is in between pages
<Alex_21> It is quite unusual behavior :(
<giovani> use the up and down arrows to move one line at a time
<Alex_21> It hits invisible barriers
<Alex_21> It is a well-known but in Terminal
<giovani> this is not normal behavior
<giovani> anyway
<giovani> I've said that you can find manpages on the web
<giovani> ubuntu has a website for them
<Alex_21> I am reading a hotow on it as we speak
<Alex_21> Howto on it, ... Sorry
<Alex_21> Also, it is usual behavior
<Alex_21> It just is not ideal behavior
<giovani> no, the default manpage reader doesn't hit "invisible barriers"
<giovani> that's not normal behavior
<Alex_21> With a screen reader it does
<giovani> nope
<Alex_21> It has as far back as I can remember on
<Alex_21> I have used a screen reader for years. I think I know when I find a bug and it is reproducable accross machines
<Alex_21> Unless you think differently, I am sure this is a bug
<giovani> well there's no way to really prove this, or troubleshoot it -- did you find the manpage online?
<Alex_21> I should call up software dev team staff on Monday and rereport it
<Alex_21> I did not look. I found a nice walk-through though
<Alex_21> So I am on my way
<Alex_21> I realized my server isn't connected to the network even
<Alex_21> It seems anyways
<Alex_21> I'll bee back.
<Alex_21> I'm going to go to the rack and fix it.
<Alex_21> Thanks for your help
<Alex_21> Good night
<burn_> anyone have a package or something to show temp and other stats on a web page?
<Hasbro> Hi
<Hasbro> On my Ubuntu installation I cannot resolve anything without editing my hosts file :S I'll type ping google.com won't work unless I add that as an entry in my hosts file.
<Clackamas> Hi, I need some help in trying to preserve my RAID moving from SuSE 10.3 -> Ubuntu 9.04.
<Hasbro> Has anyone any ideas about this issue?
<Clackamas> Do I need anything besides the UUID and disk mappings?
<Clackamas> I am using the md driver.
<Clackamas> Hasbro: you probably don't have DHCP set up correctly.
<Hasbro> Any guides?
<giovani> Hasbro: your DNS isn't configured or working properly, obviously
<Hasbro> giovani, I use my provider's nameservers
<giovani> which are?
<Hasbro> â¢ ns1.limestonenetworks.com
<Hasbro> â¢ ns2.limestonenetworks.com
<Clackamas> Hasbro: what is in /etc/resolv.conf?
<Hasbro> search arcemu.info
<Hasbro> nameserver 209.130.152.7
<giovani> Hasbro: those dns servers aren't returning records for the internet
<Hasbro> How can we check?
<giovani> and you are not specifying them in /etc/resolv.conf
<giovani> i just did check
<giovani> what makes you think you're using ns1 and ns2.limestonenetworks.com?
<Hasbro> I set the domains to them
<Hasbro> lol
<giovani> uh
<giovani> I think you may be confused how DNS works
<Hasbro> Yes, wasn't thinking
<Hasbro> wait so question
<Hasbro> I did not edit
<Hasbro> this
<giovani> there's a huge difference between authoritative DNS and internet resolvers
<Hasbro> and it was set to 209.130.152.7
<Hasbro> which if you go it in a browser, brings up a page
<Clackamas> ns.limestonenetworks.com is 74.63.208.2
<giovani> Clackamas: ignore that -- he's confusing his authoritative DNS for his domain with resolvers
<Hasbro> what's ubuntu's default nameserver set to?
<Hasbro> sorry
<giovani> Hasbro: it's not set -- that perobably came from your DNS at cologuys
<Hasbro> what resolver
<giovani> err
<giovani> DHCP
<giovani> or cologuys configured it for you
<Hasbro> nah
<giovani> well someone configured the box
<Hasbro> I run Ubuntu in a vm on windows
<giovani> haha
<Clackamas> giovani I will let you drive.
<Hasbro> It doesn't set to anything by default?
<giovani> Hasbro: no, of course not
<giovani> that's up to you to configure
<Hasbro> so if I leave it blank, what will happen?
<giovani> you won't be able to resolve domains
<Hasbro> giovani, so question
<Hasbro> since I run it in a vm on windows, can I just get what ever my windows one
<Hasbro> is set to?
<giovani> yes ... but you'd have to configure your vm software properly
<Hasbro> also, might I ask what the search line is for?
<Hasbro> search arcemu.info
<giovani> to either pass that ... or find the information in the windows host, and copy it
<Hasbro> in resolve.conf
<giovani> it's for automatically appending that domain on non-FQDN names you attempt to resolve
<giovani> i.e. ping foo
<giovani> will search DNS for foo.arcemu.info
<Hasbro> oh
<Hasbro> so ping google.com
<Hasbro> is searching forr google.com.arcemu.info maybe?
<giovani> no
<Hasbro> hrm
<giovani> google.com is a FQDN
<giovani> your DNS is broken, obviously
<Hasbro> could you check if 209.130.152.7 is a resolver?
<Hasbro> maybe it's vmware's settings which are fubared
<giovani> well it only has settings you give it
<giovani> but no, 209.130.152.7 is not resolving domains for me
<giovani> however
<giovani> that's a cologuys IP
<Hasbro> cologuys?
<giovani> so it's possibly limited to the internal network
<giovani> that's your IP space owner
<giovani> whomever you rent a server from is either cologuys, or is a customer of cologuys
<Hasbro> I see
<Hasbro> but the thing is
<giovani> this is a question for your provider
<Hasbro> I haven't modified any of this, and it worked on friday morning
<giovani> not #ubuntu-server
<Hasbro> and then it stopped working
<giovani> maybe their DNS server is broken now
<Hasbro> hrm
<giovani> once again, this is a question for your provider
<Hasbro> I'll contact support, 1 moment
<giovani> ubuntu is working perfectly
<Hasbro> giovani, do you have a server I could use to resolve domains off of?
<giovani> no
<Hasbro> what is yours set to then?
<giovani> they're set to opendns
<giovani> by way of a caching resolver
<Hasbro> so are there free resolvers out there?
<giovani> yes
<Hasbro> which is open dns?
<Hasbro> giovani
<Hasbro> could I setup my own dns server?
<Hasbro> on the machine?
<Jomyoot> If NFS volume in /etc/fstab fails to mount. then will machine fail to boot?
<Hasbro> giovani, nevermind found my own answer and a nice guide :)
<Hasbro> cheers
<Hasbro> Jomyoot was yours deleted or soemthing?
<Hasbro> something*
<Jomyoot> no
<Jomyoot> just wondering in case
<Jomyoot> in case the NFS server is offline
<Hasbro> http://ubuntuforums.org/showthread.php?t=355869
<Hasbro> check that out
<Jomyoot> because anything /etc/fstab has problem it seems to locks up machine
<kjkjava> Hey there
<kjkjava> I'm having some trouble setting up Ubuntu Server 9.04 LAMP on the network side of things
<kjkjava> I have set port forwarding on 80 and 22
<kjkjava> and an online port scanner shows them as open
<kjkjava> (and only them)
<kjkjava> Also, web pages pull up fine on the internal IP
<kjkjava> and same with SSH (works internally, external port is open, but still nothing)
<kjkjava> okay, so even though tracerts can't make it to my global IP, my friend (outside of the network) was able to get to my site
<kjkjava> and so was a proxy
<kjkjava> so it looks like everyone outside of my network can get to me via my external IP
<kjkjava> so my new question is, why won't it work from the inside?
<kjkjava> but I'm happy, I suppose
<fbc-mx> Could someone tell me how(or point me in the right direction) to implement Event MPM on my server?
<Anirban1987>  i am having problem while upgrading SQL server. http://img31.imageshack.us/img31/5562/ubuntu20090621163808.png
<anirban>  i am having problem while upgrading SQL server. http://img31.imageshack.us/img31/5562/ubuntu20090621163808.png
<pmatulis> anirban: it looks like you are mixing up debian and ubuntu packages
<anirban> pmatulis : Isn't ubuntu and debian packages same ?
<anirban> Then how to upgrade SQL server to 5.1.34 in Ubuntu ?
<pmatulis> anirban: no they're not the same
<pmatulis> anirban: just upgrade your system in the normal way
<pmatulis> $ sudo aptitude update; sudo aptitude full-upgrade
<anirban> pmatulis : But it is stuck in SQL server 5.0.67 in Ubuntu 9.04 server. Where the current release is 5.1.35
<pmatulis> first of all, it's not 'SQL server'.  it's 'MySQL server'
<pmatulis> anirban: i see 5.0.75 for jaunty
<Hecate> http://packages.ubuntu.com/search?keywords=mysql-server&searchon=names&suite=jaunty&section=all
<Hecate> anirban, universe already offers the mysql server version 5.1.31-1
<anirban> Hecate : But how to get that ?
<Hecate> enable universe and install the package
<anirban> I have uninstalled the unsupported package and installed the universe package. Still it is showing error : http://img26.imageshack.us/img26/5184/ubuntu20090621181240l.png
<Hecate> anirban, what happens when you invoke "invoke-rc.d mysql start"?
<anirban> Hecate : Same error
<Hecate> any output?
<anirban> Same error that was showing earlier.
<Hecate> except for the "fail"?
<anirban> action start failed
<Hecate> i need sth to work with. any details in the syslog?
<anirban> where to get the syslog ? Plz help
<Hecate> /var/log/messages
<Hecate> maybe there's sth in /var/log/mysql/ too-
<anirban> There is something like denied_mask="::r"
<anirban> Hecate : Can u hav an SSH access and look into the problem ?
<Hecate> maybe the current apparmor profile is not compatible with mysql-5.1, but that's just a guess
<Hecate> if you consider me trustworthy enough, i could.
<anirban> Coming to private chat
<mobi-sheep> I'm thinking about creating a Ubuntu Home Theater PC Server --- Preferably XBMC.  What could you run on server that would benefit me (the home user) the most?
<mobi-sheep> And on the side note, I'm fairly experienced with Ubuntu already.  I want to dip my feet in the server / networking area more. :)
<giovani> mobi-sheep: ubuntu-server has the same packages as the desktop version
<giovani> so there's really little-to-no difference from a what-will-run perspective
<mobi-sheep> giovani: I mean literally hooking it up to a HDMI television in living room so I would like to avoid the GUI.  In a way, I'm saying that I want to set it up to run XBMC as a default session.  I also looked at LIRC remote control.  I only want to know what I could do that would benefit me or my local network.
<giovani> well xbmc is a gui
<giovani> and has to run on xorg
<mobi-sheep> giovani: Few packages would be fine for starters.  It'll give me something to look at.
<giovani> I don't know what you're asking for though
<mobi-sheep> Does that mean I have to install Ubuntu-desktop or will xorg be sufficient?
<giovani> it means running xbmc on ubuntu-server might be a bit of a mess
<mobi-sheep> giovani: I simply want to learn more about server packages.
<giovani> it's most certainly possible
<giovani> mobi-sheep: there are thousands
<giovani> given that xbmc is a desktop-oriented application, it's not supported here
<mobi-sheep> giovani: Heh.  Alright.  I'm copying system files for XBMC live to usb at the moment.  Thanks for the small talk.  I'll figure out what I'm trying to do.  I think I'm trying to achieve a ultimate HTPC + Home Server type thingy. :)
<ruben23> hi
<ruben23> hi how do i change hostname on ubuntu server
<_ruben> find all files on the system that refer to the old name, change to new name, reboot :P
<ruben23> are there modprobe.conf setting on ubuntu server
<Hecate> ruben23, basically that would be /etc/hostname and /etc/hosts, but as _ruben said a 'grep -r "`hostname`" /etc' can't hurt
<ruben23> Hecate:ok, but how about modprobe.conf can i find that on ubuntu or what is the equivalent config for that on ubuntu
<giovani> ruben23: ubuntu uses the modprobe.d structure
<giovani> look at /etc/modprobe.d/
<ruben23> giovani:its empty
<giovani> right
<ruben23> is it normal
<giovani> yes ... if you'd like to place something you would've placed in modprobe.conf, you do it there
<ruben23> im trying to find and load the module of  Ethernet controller: VIA Technologies, Inc. VT6105 [Rhine-III] (rev 8b)
<ruben23> i install it on the pci but not detected
<ruben23> by the ubuntu server machne
<giovani> ok, and?
<ruben23> if theres module for via-rhine i might load it
<giovani> understood
<giovani> so load it
<ruben23> giovani:don know how
<giovani> sudo modprobe via-rhine
<ruben23> giovani: i got it worked
<ruben23> thans
<ruben23> thanks
<ruben23> hi
<ruben23> if i have
<metalfan___> or maybe  not
<ruben23> 2 nics for my ubuntut server
<ruben23> i do the setting still on the /etc/network/interfaces
<ruben23> how would it be written
<giovani> ruben23: "man interfaces"
<metalfan___> ruben23, next time please write your question before posting it, check if for logical mistakes, for spelling mistakes. thx
<metalfan___> it
<ruben23> metalfan___:ok
<metalfan___> somehow my via epia-mII board starts the installation, but after i leave the first "gui" screen some kernel messages scroll by and then it says "Trying..." which results in a "signal out of range" message from my monitor? doesnt ubuntu server always start a console gui?
<metalfan___> also F5/F6 seen to be not working, no menu pops up after pressing
<_gpg_> hello
<_gpg_> Hello
<_gpg_> i'm interested to use bazaar since few days, but stuck with some items
<_gpg_> The "Decentralized with automatic gatekeeper" is what i need with my team actually, i cant find any documentation about how to use/set PQM server
<_gpg_> anyone can help please
<giovani> _gpg_: you're likely to get better help in the official bazaar channel: #bzr
<_gpg_> giovani,  thank you
<durt> I need to virus-scan some .pdfs the occasional multimedia file and the occasional windows .exe. Can anyone get me up to speed with the recommended AV package?
<giovani> durt: clamav
<ruben23> hi tried installing linux-headers but got this message http://pastebin.com/m763b37fb
<giovani> ruben23: follow the instruction it gave you
<ruben23> yeah i did got this http://pastebin.com/m28594742
<giovani> you didn't write the package name correctly
<giovani> please use some common sense before pasting these as if they're errors
<ruben23> O:-)
<blacksunseven> hello
<blacksunseven> i'm looking for some help with apache2 (securing it, ssl only, etc.)
<Hasbro> giovani you here?
<Hasbro> I updated my resolver if I didn't say so last night :)
<kjkjava> Is there a recommended FTP daemon? or will anything do (proftp, vsftpd)?
<slestak_> anyone good with gparted?  Im trying to shuffle some space out of a logical partition sda4 out to a primary partition sda3?
<_ruben> kjkjava: its a matter of personal preference combined with your list wishes/requirements :)
<slestak_> right now i am just one by one, copying the space left in gparted, one fs at a time
<jdarias> i have ubuntu server installed on a laptop. Is it possible to have dpms off everytime i boot it?
<jdarias> currently i have to issue sudo vbetool dpms off to turn off the screen (thatÂ´s what i want to do)
<_ruben> jdarias: put "vbetool dpms off" in /etc/rc.local oughta do the trick i'd say
<jdarias> nobody?
<jdarias> gonna check that now ruben! :) ty
<jdarias> brb, will tell you if it worked or not.
<jdarias> it worked, ruben, thank you very much!
<_ruben> nice :)
<slestak_> _ruben: would you know how to troubleshoot a usplash problem on a laptop?  It is the only one (of like 20 installs) i have seen the usplash screen distorted.  on livecd boot, it looks correct
<Hasbro> slestak_, does the livecd use it's own drivers?
<slestak_> Hasbro: i dont know.  This is not a server problem, we can take to to pm or #ubuntu if anyone has a problem with OT
<slestak_> i would think the 9.04 livecd would use its own drivers, probably nv, i am using nvidia accel driver with hd install
<Hasbro> Might be best to try #ubuntu ;)
<slestak_> i was over there (still am) I was talking to _ruben over there, and saw him over here as well
<slestak_> sorry, i know its OT
<slestak_> im doing some gparted amnipulations rignt now, so i'll save the usplash problem for another day
<slestak_> i have 60g available in a logical partition sda4, i really need to get it out of there and into a new primary partition
<slestak_> i have moved it up to the front of the logical partition, but do not see how to take it any further
<_ruben> lvm for the win! ;)
<slestak_> is that the only solution?
<slestak_> i mean, am i screwed with this install, i can redo it,m just reying to extend and learn
<_ruben> probably not, but sure makes things easier
<_ruben> and whats the real underlying problem? why do you need to move the space ?
<slestak_> im trying to get xp home onto a primary partition, basically dual boot - ubuntu installed first
<slestak_> i kinda planned ahead, i have jaunty in an extended partition
<_ruben> "best" practice is to install windows first .. its has a deep love for the first primary partition, and destroys any unknown bootloaders
<slestak_> yeah
<slestak_> well, i keep good backups, im gonna just redo it.
<slestak_> ty for your counsel :) happy fathers day to you dads in here
<ghostlines> I don't want to use openvpn's script cuz I already have a bridge setiup
<ErikWestrup> How do I, in the terminal, choose what interface to use for internet connections? I want to use 'dnep0' but right now the system uses another wirless interface.
<pmatulis> ErikWestrup: your wireless card was autoconfigured on the server?
<ErikWestrup> nvm, I found a way out from the cloud of confusion and found a solution. :-)
<hamush> does anyone know if dapper is still supported with security updates? last i heard, it was supposed to be supported, at least for server components, until 2011, but i keep on reading that it has lots of open CVEs and is not safe to be using.
<uvirtbot> New bug: #388600 in samba (main) "dpkg (Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ): Ð½Ðµ ÑÐ´Ð°Ð»Ð¾ÑÑ Ð·Ð°Ð¿ÑÑÑÐ¸ÑÑ post-installation script: Exec format error dpkg: Ð¾ÑÐ¸Ð±ÐºÐ° Ð¿ÑÐ¸ Ð¾ÑÐ¸ÑÑÐºÐµ -  Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ post-installation script Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 2 ÐÑÐ¸ Ð¾Ð±ÑÐ°Ð±Ð¾ÑÐºÐµ ÑÐ»ÐµÐ´ÑÑÑÐ¸Ñ Ð¿Ð°ÐºÐµÑÐ¾Ð² Ð¿ÑÐ¾Ð¸Ð·Ð¾ÑÐ»Ð¸ Ð¾ÑÐ¸Ð±ÐºÐ¸:  winbind" [Undecided,Invalid] https://launchpad.net/bugs/388600
<diffra> sdf
<pmatulis> ErikWestrup: what was your solution?
<stiv2k> hi
<stiv2k> what is this error mean
<stiv2k> Connection for controluser as defined in your configuration failed.
<stiv2k> getting it from mysql
<stiv2k> phpmyadmin
<ajmitch> stiv2k: check the username & password for that user in the phpmyadmin config
<stiv2k> hmm
<stiv2k> its just set to $dbuser and $dbpass
<stiv2k> i fixed it by commenting those two lins out
#ubuntu-server 2010-06-21
<hggdh> kirkland: there?
<ScottK> cloakable: That's almost certainly not true.
<cloakable> ScottK: Well, for the purposes of the ioncube loader.
<ScottK> It wouldn't suprise me if it was all Free software, but all GPL is highly unlikely.
<cloakable> possibly
<cloakable> Tine 2.0, WordPress, Dokuwiki, RoundCube, Status.net :)
<lukehasnoname> Why aren't server tasks (such as mail server, lamp server, VM host, etc.) documented more thoroughly? I assume those are the "easier" aka more preferred methods of service installation, yet the Server Guide shows traditional apt-getting packages.
<lukehasnoname> Am I missing something?
<jpds> lukehasnoname: Maybe you want tasksel?
 * jpds is fine with traditional apt-get.
<lukehasnoname> let me clarify my question to make sure it's valid: When using tasksel vs grabbing all the packages manually, are the configurations of the services different? Would tasksel provide options or configurations not offered by std installation?
<pmatulis> lukehasnoname: no
<lukehasnoname> pmatulis, I guess it's not as much of an issue, then. Still, I see little mention of tasksel in the server guide, which surprises me, given how useful it can be (esp to intro admins)
<pmatulis> lukehasnoname: if tasksel can be applied to topics in the server guide then, yes, i agree with you.
<pmatulis> lukehasnoname: feel free to file a bug [1] or get involved [2]
<pmatulis> [1] https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+filebug
<pmatulis> [2] https://wiki.ubuntu.com/DocumentationTeam/SystemDocumentation
<lukehasnoname> Sounds good.
<jeeves__> what would be the best soulition to build a WiFi hotsopt access server?
<JackTO> anyone here have any experience with ioncube loaders?
<lukehasnoname> I just watched Toy Story for the first time
<lukehasnoname> Another reason to like Debian
<scar> lukehasnoname, how so?
<lukehasnoname`> scar, It was a fun movie and I think it's cool the Debian releases are named after characters in a movie
<oren> i want to run nginx on boot (lucid). i am reading here https://help.ubuntu.com/community/UbuntuBootupHowto that 'Ubuntu is transitioning away from the sysv init system'.  what do u guys think?
<oren> and if the answer is: use init script i have another question - will this script run on lucid? (it was tested on karmic) -http://code.google.com/p/nginx-init-ubuntu/
<ScottK> oren: The last Ubuntu release to actually use sysv was Dapper (4 years ago).  Since then it's all been emulated by upstart.
<lukehasnoname`> oren, I believe you can still use your sysv init script. But if you want to be really cool you'll learn upstart scripts
<JanC> except upstart scripts maight look completely different in 10.10 or later, but yeah  ;)
<lukehasnoname`> JanC, augh
<lukehasnoname`> Now that Mako and Kyle Rankin are rich from the Ubuntu Server Book, having it open sourced and quasi-open for edit online would be incredibly useful
<lukehasnoname`> That book is so very awesome
<oren> ScottK: lukehasnoname` i never used those scripts before. can i simply take the nginx script (my link) , make it executable and locate it inside init.d, and run: sudo update-rc.d myscript defaults 98 02 ?
<oren> (that's the instruction i see on ubuntu docs)
<oren> and what is this book you guys are talking about?
<lukehasnoname`> oren, The Official Ubuntu Server Book
<lukehasnoname`> written by two Ubuntu/Linux guys
<lukehasnoname`> It's not terribly useful for writing init or upstart scripts (mostly because Upstart's API changes daily, it seems) but it has good instructions for a lot of common tools and services in Ubuntu
<oren> lukehasnoname`: so my steps above are accurate? and where can i get this book?
<lukehasnoname``> effing IRC boots me all the time and I get these backup names... anywho oren it looks right, judging from the man page for update-rc.d
<lukehasnoname``> never used it myself
<oren> ok. i'll try it. thanks
<JanC> oren: docs for writing upstart scripts for karmic & lucid can be found in init(5)
<ccheney> Daviey, testing the kernels now, i think it broke between 2.6.32 and 2.6.33
<oren> JanC: do u mean /etc/rc5.d
<oren> i appologize for my ignorance..not sure what init(5) means
<oren> i know there are run levels where each folder has scripts that are executed.
<oren> rc0.d, rc1.d etc
<jmarsden> init(5) means the man page for init in section 5 of the manual pages.  So do   man 5 init   to read it.
<kaushal> hi
<kaushal> can some one please help me about this post https://lists.ubuntu.com/archives/ubuntu-server/2010-June/004345.html ?
<JanC> oren: what jmarsden says, or http://manpages.ubuntu.com/manpages/lucid/en/man5/init.5.html if you want to read it online (that site has all Ubuntu manpages)
<oren> JanC: jmarsden awesome
<jmarsden> JanC: You're welcome
<oren> is this the ubuntu server book you guys praised? http://www.amazon.com/Official-Ubuntu-Server-Book/dp/0137021186  if not, what is the best server book i should buy?
<oren> only 7 reviews but they all liked it
<ccheney> Daviey, headed to bed now, it appears to be 2.6.33 that broke the image registration
<ccheney> Daviey, so my original idea was right but i am not sure how i came up with it originally, after more testing it seems reliable that it is 2.6.33 though
<ccheney> Daviey, there aren't any 2.6.33 rc builds on the ppa so that is as narrow as i can make it
 * ccheney bbl
<daishadar> what's the best solution for automatic mounting/unmounting of usb drives for ubuntu server?
<jpds> daishadar: mount/umount ?
<daishadar> jpds:  um, how do you make those automatic?  like when i plug in a usb device i want it to be mounted
<alonswartz> daishadar: this is what you are looking for: http://packages.ubuntu.com/intrepid/usbmount
<alonswartz> oops - s/intrepid/lucid/
<daishadar> funnily enough i'm still running an intrepid server... thanks, that looks like what i need
<alonswartz> daishadar: just install via apt-get. what it does is add some rules to udev, to trigger the mount when the usb devices are plugged in
<oren> alonswartz: nice!
<uvirtbot> New bug: #596780 in tomcat6 (main) "tomcat6 still missing JSTL ("glassfish-javaee")" [Undecided,New] https://launchpad.net/bugs/596780
<uvirtbot> New bug: #596781 in tomcat6 (main) "JSP examples refer to Tomcat 5 (not 6)" [Undecided,New] https://launchpad.net/bugs/596781
<_ruben> joy .. seems i made an error in my /etc/network/interfaces file .. now it wont come up after reboot, not even in recovery mode
<_ruben> kinda wierd it complains about the start/stop of lo and eth0 though, didnt alter those
<_ruben> ah .. bug #512253
<uvirtbot> Launchpad bug 512253 in ifupdown "Mistake in /etc/network/interfaces keeps the system from booting" [Undecided,Confirmed] https://launchpad.net/bugs/512253
<Zorge> apache+mod-rewrites fun.  Where a simple rewrite "test" should be RewriteRule ^/$ redirected.php.   Only that gives "You don't have permission to access / on this server." Removing the caret seems to fix this, but everything I can find online says nothing about excluding carets.  Nice way to start :X
<sanderj_> Eucalyptus is an open source cloud platform which is compatible in frontend with Amazon EC2 API, but implements a totally different design structure in backend.
<sanderj_> What is the diffrence on backend and frontend api?
<sanderj_> http://cloudy.liangz.info/2009/11/provisioning-on-existing-cloud.html <-- written here.
<_ruben> frontend: the looks of a car .. backend: the engine (for example) inside
<_ruben> you can change the engine and still be able to drive the car
<_ruben> when done properly that is
<sanderj_> Can you give me some examples of the backend api?
<sanderj_> Is there any backend api at all?
<sanderj_> Or is the only the backend design structure diffrent?
<sanderj_> -the
<_ruben> sanderj_: in this case the backend entails the software+hardware used .. euc is an opensource suite, whereas ec2 is most likely (mostly) closed source (never used it, so dont know the details)
<sanderj_> _ruben, so the api for tracking how much resources each customer is using in euc is done trough a frontend ec2 compatible api?
<trapmax> any experience using confluence + webdav?
<cybrocop> UEC QUESTION: What should the VNET_BRIDGE value be on a NC in MANAGED mode?
<cybrocop> Does it still need to be br0 in MANAGED mode?
<uvirtbot> New bug: #596859 in ntp (main) "ntp profile denies write access to serial devices" [Undecided,New] https://launchpad.net/bugs/596859
<sommer> morning :-)
<Danawar> Sommer: Morning!
<hggdh> kirkland: ping
<kirkland> hggdh: morning!
<hggdh> kirkland: good morning, sir
<hggdh> kirkland: we have a new (tentative) patch for the public IP issue on UEC from Greg
<hggdh> kirkland: I am not sure how to work on the bzr to set it up
<kirkland> hggdh: awesome
<kirkland> hggdh: would you like me to show you how?
<kirkland> hggdh: i'm in a meeting at the moment
<hggdh> kirkland: I would love to know how to do it, it would free you...
<hggdh> kirkland: and I can wait if needed, right now in Lexington
<kirkland> hggdh: good point, yeah
<kirkland> hggdh: okay, i'll put it into a PPA
<kirkland> hggdh: and send an email explaining how i did that
<kirkland> hggdh: and just poke me if you need more
<hggdh> kirkland: ack, and thanks
<zul> lamont: what do you think of bug #596363
<uvirtbot> Launchpad bug 596363 in bind9 "db.root needs update for i.root-servers.net AAAA record" [Undecided,New] https://launchpad.net/bugs/596363
<lamont> zul: I think meh.
<lamont> but yeah, it prolly does
<lamont> not worthy of an SRU, might be worthy of throwing into a point release for lucid, definitely worth doing for maverick
<ccheney> hggdh, which public ip issue is that? (/me wonders if it what he saw before)
<ccheney> kirkland, ^ ?
 * ccheney brb
<kobrien_> guys, problem: I just installed PAE kernel and my X server is broken. Please advise
<kobrien> I assume the pae kernel doesn't support my graphics card
<smoser> ok, embarrassing question
<smoser> 'not worthy of an SRU, might be worthy of throwing into a point release for lucid, definitely worth doing for maverick'
<smoser> i didn't realize there was any distinction between point release and SRU. i thought that point releases just picked up state of the archive, and to get into that you had to follow SRU
<tgalal> I'm doing a pxe installation using kickstart. I'm placing a custom sudoers file for the installing machines. WHY THE HELL DOES UBUNTU ALTER MY SUDOERS FILE ?! lol  it adds "$admin ALL=(ALL) ALL" which I don't want ..
<smoser> lamont, zul is that incorrect ?
<zul> smoser: yes thats correct
<smoser> tgalal, well, it does that because thats how you become root in ubuntu. i wonder when are you placing the custom sudoers file (ie, in post?)
<tgalal> smoser, yes in post
<tgalal> smoser, any advice?
<lamont> smoser: inclusion in a point release might well require an SRU
<lamont> smoser: I've pretty much avoided figuring such things out
<smoser> tgalal, no, i've no advice. i guess that some things just happen after 'post' .
<tgalal> smoser, I'm trying to have sudo on my machine passwordless out of the box. That's why I place my custom sudoers file in post. The problem with that line is that makes all users of group admin can gain root priviledges but WITH a password. Is their a workaround that you're aware of ?
<smoser> well, definitely you can modify that to your liking
<mathiaz_> kirkland: http://google-opensource.blogspot.com/2010/06/introducing-google-command-line-tool.html
<smoser> but i don't know about through kickstart
<tgalal> hmm ok thanks
 * ccheney back
<tgalal> so kickstart has " rootpw --disabled" for passwordless sudo.. but it's not working, advices?
<Mrcheesenips> With Ubuntu Server, how would I put files onto the server?
<Mrcheesenips> Would I mostly control everything with a remote computer?
<Mateo_> Hi everyone !
<Danawar> Mrcheesenips: it is 100% up to you!
<Danawar> Mrcheesenips: I myself use a remote computer to connect to the server and do things using FTP/SSH
<Mrcheesenips> oh'
<Mrcheesenips> I see :D
<Danawar> Mrcheesenips: What are you thinking of using the server for?
<Mrcheesenips> A Garry's Mod Server
<Mrcheesenips> Are you familiar with that game?
<Danawar> Mrcheesenips: You will want to install an SSH client and do everything through that.
<Danawar> Mrcheesenips: I believe you are following a guide of some sort to do that?
<Mrcheesenips> Yeah
<Danawar> Mrcheesenips: Would it be possible to see the guide you are going to follow?
<Mrcheesenips> Its actually included in the readme with the tool
<Mrcheesenips> I don't think its on the web
<Danawar> Ok, what tool are you using?
<uvirtbot> New bug: #596923 in lm-sensors (universe) "Asus F8Sg high CPU temperature" [Undecided,New] https://launchpad.net/bugs/596923
<Mrcheesenips> Its the Half Life Update Tool
<Mrcheesenips> To download and install the Garry's Mod content from Valve's servers
<Mrcheesenips> to run the server
<Mrcheesenips> Then I have to run the server program itself
<Mrcheesenips> And there is a Linux Client supported
<Danawar> Mrcheesenips: Ok I understand, that's great!
<Mrcheesenips> yus :D
<Mrcheesenips> I understand the basics of Ubuntu Server now
<Mrcheesenips> thank ya
<Danawar> Mrcheesenips: I was just thinking instead of trying to move the update tool from machine to machine it would be quicker to download off the internet and execute.
<Mrcheesenips> ya
<Mrcheesenips> I was thinking the same thing
<zul> ScottK: ping fyi im going to update dovecot to the new release if debian hasnt done it yet
<ScottK> zul: OK.  I think I have the changes for renaming postfix-dovecot here.
<zul> ScottK: can you push them to a bzr branch or give me a debdiff?
<ScottK> zul: Yes.  I just found them ....
<ScottK> zul: Untested, but I think complete: http://pastebin.com/tdvTjR6P
<zul> ScottK: thanks
<ScottK> zul: No problem.  Thanks for asking and taking it into your merge.
<Mateo_> Anyone that is used to work with webmin please ? i would like to add the first domain name to my server, bind9 is installed, webmin too, but i don't know where to start
<guntbert> !webmin | Mateo_
<ubottu> Mateo_: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Mateo_> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<guntbert> Mateo_: I'm not happy with ebox - but be warned about webmin
<Mateo_> guntbert: why not happy ?
<guntbert> Mateo_: it doesn't use the system config files (as webmin does) but runs it's own config -- which I don't like - but I don't use webmin either except for very limited tasks
<Mateo_> ok guntbert
<Mateo_> guntbert: so i'm going to install it and then i will try to setup my domain name
<guntbert> Mateo_: your call :-)
<bogeyd6> Mateo_, webmin is gonna break your junk
<bogeyd6> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Mateo_> isntall is in progress
<irvy> what tool should i use for managing partitions from the command line?
<guntbert> irvy: fdisk ?
<irvy> thx
<irvy> is there anything that would give a slightly more guided user experience
<guntbert> irvy: there is cfdisk too - a little nicer
<irvy> like the editor in the installer
<irvy> sweet, thanks
<irvy> now, i wonder what this random 2155mb fat32 partition that came pre-loaded on this server is..
<bogeyd6> irvy,  a restore partition?
<Mateo_> guntbert: did you installed the 1.5 release of ebox ?
<irvy> i feel as though i should wipe it
<irvy> there was no os loaded
<irvy> there's an 83mb utility partition
<irvy> followed by 2155mb bootable fat32
<irvy> hm
<irvy> it's dell if that makes a difference heh
<guntbert> Mateo_: I really don't remember, I installed ebox once and removed it almost immediately again - just not my type I guess :-)
<ccheney> jjohansen, hi!
<ccheney> jjohansen, i need some more kernels from you :)
<jjohansen> ccheney: oh, what do you need
<guntbert> irvy: dell servers come with a "service partition" (or so)  it is useful for support issues
<irvy> ahh perhaps i'll refrain from wiping it just yet then
<irvy> what would you guys recommend for a filesystem on a raid5 array of 3x 1tb drives
<ccheney> jjohansen, bug 588861, i need kernels between 2.6.32 and 2.6.33 if possible to help narrow down which one broke eucalyptus image registration
<uvirtbot> Launchpad bug 588861 in eucalyptus ""pad block corrupted" error when trying to register an image with 2.6.34 kernel" [High,Confirmed] https://launchpad.net/bugs/588861
<irvy> i want a single partition for data
<ccheney> jjohansen, 2.6.32 and 2.6.32-15.5 seem to work fine, but 2.6.33 does not, and there didn't seem to be any 2.6.33-rc's on the ppa
<hallyn> Daviey: just curious, do you have any concept of what woudl be a *good* time for a 'virsh save'?  I'm getting 50-60 seconds to produce what becomes a 100M image
<jjohansen> ccheney: give me a sec
<ccheney> jjohansen, ok
<jjohansen> ccheney: okay, I if you give me a bit I will build you some kernels
<ccheney> jjohansen, thanks! :)
<jjohansen> ccheney, Daviey: have either of you tested a .35 kernel for this bug?
<ccheney> i didn't test 35 stock but i did try 2.6.35-4-server
<ccheney> i can test out 35 stock if you would like should only take about 15m to run my script
<jjohansen> ccheney: or a maverick .35
<dominicdinada> blah how to mount an external driver remotly ?
<dominicdinada> normally i am logged in on the machine and it automounts but i had to reboot. now my external drives are not accessable
<ccheney> jjohansen, the v2.6.35-rc3-maverick? the one in the archive '2.6.35-4-server' had the issue
<jjohansen> ccheney: ah right, I was just looking at the set listed at the end
<jjohansen> ccheney: don't bother then
<ccheney> jjohansen, ok
<maek> Is preseed like kickstart? how would I do automated/handsfree ubuntu server installs over the network?
<eagles0513875> hey guys i have a vps, and i want to know if i setup a primary dns server could i then use open dns as a 2ndary and tertiary dns servers if the primary fails
<hallyn> Ng: hey, do you have an automated testcase to verify bug 588293 ?
<uvirtbot> Launchpad bug 588293 in qemu-kvm "Memory leak" [Medium,Fix committed] https://launchpad.net/bugs/588293
<hallyn> suppose maybe the ltp aio testcases in a guest might push it faster
<hallyn> just leaving fedora in a guest does not appear to suffice...
<Ng> hallyn: I just fire up 4 VMs (on a quadcore 8GB box) and run spew (exactly, I leave "spew -g --raw --statistics -t -v 5G foo" running in screen)
<Ng> hallyn: the 4VMs appear to be sufficient to saturate the IO of the host, and 4*2GB VM will leak sufficiently large to be OOM killed within 8 hours
<hallyn> Ng: i see, i missed that part - so you have to push the host in order to do this
<axisys> how do I install ubuntu jeos ? just hit f4 to pick minimal ubuntu virtual machine and then select install ubuntu server ?
<Ng> hallyn: I don't think the level of IO I'm doing is triggering the leak, given the comments in the bug about people having to deal with leaks every few days/weeks, I just happened to have found a way to provoke it very quickly ;)
<hallyn> Ng: thanks!  I'll give that a shot
<hallyn> (will leave my laptop unusable of course :)
<axisys> or just get the vmware ubuntu 10.04 jeos appliance ?
<Ng> hallyn: I suspect it would still be obvious with one VM doing as much IO as it can. The difference is quite dramatic - I either come back after 8 hours to find 4 almost exactly 2GB VIRT kvm processes, or horror and destruction ;)
<dominicdinada> blah how to mount an external driver remotly ?
<dominicdinada> normally i am logged in on the machine and it automounts but i had to reboot. now my external drives are not accessable
<eagles0513875> hey guys about name servers. if i have a primary name server (bind9) can i use opendns as 2ndary and tertiary fall over name servers just incase
<seanjohn> I just finished installing server edition; I selected the 3 options dns, openssh, and virtual machine host. it rebooted and booted but turned the screen off
<seanjohn> evga 680i, radeon x1600
<seanjohn> RAID 5
<seanjohn> can someone help me just install a standard vga driver, BLIND
<panfist> is there any documentation regarding lucid lynx server and request-tracker3.8 ?
<seanjohn> what is the /etc/init.d/ filename of the openssh server?
<seanjohn> If I get it started, I see where it was leased the ip .233
<Hypnoz> after I rsync a file onto one of my nfs shares, trying to access it with apache gives me "Stale NFS file handle: access to /download/Sparkle.xml failed"
<Hypnoz> so I cd into the directory, and do an "ls"
<Hypnoz> and that fixes it
<guntbert> seanjohn: /etc/init.d/ssh
<seanjohn> i'm blind here :) I just installed ubuntu server, detected everything on my nvidia 680i and core 2 quad, but, after install was complete and rebooted, it booted up BUT the screen turned off. Can someone give me instructions on what exactly to type to get openssh server going? I selected openssh, dns, and virtualization host as the packages.
<seanjohn> If i try to connected to the ip leased to it, it says "connection refused" so, it IS booted up
<seanjohn> the screen won't turn on whatsoever
<seanjohn> tried every key on the keyboard
<Krazyderek> anyone good with samba shares for windows?
<goldins> Hi,  I installed UEC and as far as I can tell neither the CC nor the NC is starting. When I try to start them and it only seems to start the apache components. It seems that there should be java components but I can't figure out what is supposed to start them
<Egonis> I'm interested in giving Ubuntu Enterprise Cloud a spin.. and was wondering if it's possible to run Windows Server as a virtual image?
<goldins> Egonis: it is, but I think it would be really complicated to have them automagically join an AD
<zul> mathiaz: ping
<Egonis> goldins: Essentially, I need the Windows Server only to run Blackberry Enterprise Server, and Pervasive.SQL for a weird windows application. So is 'AD' (which I presume you mean Active Directory) necessary in that configuration?
<seanjohn> it sucks, especially that the entire distro is probably on the cd of 700 mb, that ubuntu doesn't ask what services should start at runtime, static ip config, and etc. so that YOU DONT NEED A SCREEN AFTER THE INSTALL.
<seanjohn> this is a server edition; I feel sorry for rack-mount usage
<jmarsden> seanjohn: Install the openssh-server package to get an SSH server...
<seanjohn> that was part of the selection
<seanjohn> of packages
<Psi-Jack> seanjohn: Setup one host, and image it for multiple usages. Real simple./
<jmarsden> Then it should be there and be started automatically at boot.
<seanjohn> "connection refused" on attempt to connect
<seanjohn> it doesn't use vga for command-line only? it seems to try to use opengl for a COMMAND LINE
<seanjohn> only explaination of why it would't support all gpu's
<Psi-Jack> Umm.
<Psi-Jack> You mean the console?
<seanjohn> yeah
<Psi-Jack> It uses fbcons.
<Psi-Jack> Not opengl.
<seanjohn> hey psi-jack
<seanjohn> well, the install went great BUT on reboot, after booting, it turns off the monitor
<Psi-Jack> Anyway. I had an actual question and not a not-pit to do. ;)
<Psi-Jack> I want to disable network-manager from starting at boot, but update-rc.d doesn't seem to be allowing me to disable it.
<jmarsden> seanjohn: If you really need highly customized installations, you can do preseeding, see the Server Guide https://help.ubuntu.com/10.04/installation-guide/i386/appendix-preseed.html
<seanjohn> "customized installations" it setup raid 5 easier than it did just a standard graphics adapter
<seanjohn> the raid 5 works cause its booting
<seanjohn> I can blindly login and type shutdown -r now and it will restart
<seanjohn> i tried doing sudo /etc/init.d/ssh start
<seanjohn> i tried doing /etc/init.d/iptables stop
<seanjohn> grrr, i feel like going for gentoo
<JanC> you should be able to boot without the framebuffer console AFAIK
<seanjohn> JanC: is that for me?
<seanjohn> the post of the MB goes so fast, it doesn't present a flash screen for ubuntu before booting
<JanC> keep left shift pressed down during boot to get into grub...
<JanC> and if openssh is installed, it should run and work
<JanC> don't forget you can't login as root though
<goldins> Egonis: sorry, I think that explicitly is not something you want to use the cloud for: the BES and these other applications would be much better to run in a straight KVM without all the cloudy stuff
<Egonis> goldins: Is there a moron's guide to Cloud Computing? I obviously don't have my head wrapped around it
<Psi-Jack> Anyway. ;)
<Psi-Jack> As for upstart jobs, is there like any tool that truely works to manage those?
<RoyK> Egonis: see the ubuntu server guide for a start
<Egonis> RoyK: Yes.. :P I suppose I need it dumbed down further
<RoyK> https://help.ubuntu.com/10.04/serverguide/C/uec.html
<goldins> Egonis: I'm not sure, the idea is for clustering I'm pretty sure; if you for example want to be able to launch 20 nodes that are running the same job with different parameters, that's the kind of thing you want to have a cloud around for
<Egonis> so for instance, a web application is what a cloud environment would be best for?
<goldins> no...
<Egonis> if so, does the language matter? I write Mono.ASP apps
<goldins> a math application
<Egonis> wow... I'm so far off then. :P
<RoyK> Egonis: cloud computing is just virtualisation gone large
<Egonis> so matlab types of scenarios?
<RoyK> Egonis: anything, really
<RoyK> Egonis: personally, I wouldn't use virtualisation for number crunching
<Psi-Jack> How about documentation that details out how to work with scripts in /etc/init.d?   I'm basically just trying to disable network-manager from starting at boot-time, along with a couple others that update-rc.d isn't working on.
<RoyK> Egonis: we have a few bunch-of-cores machines doing that sort of thing
<Egonis> RoyK: Okay... I'm looking to aggregate my existing set of servers... I was hoping this would be an easy solution for expansion of VM's. My mistake. Thank you for clarifying
<RoyK> Psi-Jack: /etc/init.d/skeleton is a good start
<Psi-Jack> RoyK: Not making them. Disabling or enabling them at boot.
<RoyK> oh
<Psi-Jack> As I said, update-rc.d isn't working on network-manager, for starters.
<RoyK> with 10.04 a few things changed there - I don't remember the details on how to disable the ones not in /etc/rc2.d
<RoyK> Egonis: I think it could simplify things a bit - what sort of virtualisation are you using?
<Psi-Jack> Yeah. And little to no documentation to be found, either, which is 1 of my 2 biggest gripes about ubuntu present-date. ;)
<Psi-Jack> upstart == incomplete, and grub2 ;)
<Egonis> RoyK: At the moment, VirtualBox for client application testing.. but we have separated physical servers at the moment. A mix and match of Windows Server 2003, SBS 2003, Server 2008, and Linux
<Jordan_U> Psi-Jack: What problem are you having with grub2?
<RoyK> Psi-Jack: heh - we still stay at 8.04 for now on most of our servers :)
<Egonis> RoyK: Looking to do some house cleaning
<RoyK> Egonis: kvm is quite good
<RoyK> Egonis: vbox isn't really a server tool
<Egonis> RoyK: I will check it out, thank you. Yes, vBox has been used only for at-hand testing.. not for server instances
<Psi-Jack> Jordan_U: It's alpha. :p
<RoyK> I used vbox for server instances on opensolaris for some time - it hung the host after some time - switched to ubuntu/kvm and problem solved
<RoyK> there are some bugs with ubuntu+kvm too, especially with high network load between host and guest, but it hasn't hit me too hard
<Psi-Jack> Jordan_U: And the way Ubuntu sets it up is painfully minimal. Like, for example. how do you get to the command prompt of grub when you absolutely need to? ;)
<Jordan_U> Psi-Jack: Hold shift to get the menu, press 'c' to get to the grub shell.
<Psi-Jack> RoyK: I had another bug on that myself, where it wasn't adding vnet# to the bridge device.
<RoyK> Jordan_U: press escape
<Psi-Jack> RoyK: So, my firewall was rejecting everything from my kvm guests. ;)
<RoyK> Psi-Jack: ufw?
<Psi-Jack> Not to mention it wasn't in the bridge, so no network capability.
<Psi-Jack> RoyK: Heck no. shorewall.
<RoyK> Psi-Jack: there are ways to configure ufw to allow the guests - don't know about shorewall
<uvirtbot> New bug: #596739 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.3 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/596739
<Psi-Jack> RoyK: I just manually brctl addif vnet0 br0, and it started working perfectly thereafter.
<Psi-Jack> heh
 * ccheney bbl lunch
<Psi-Jack> So, still nobody knows how to stop network-manager from starting at boot-time when it doesn't use /etc/rc2.d/ etc?
<Psi-Jack> I'm guessing it has something to do with /etc/init/*.conf, for example /etc/init/network-manager.conf
<Psi-Jack> Ahh.. I'm seeing now.
<Psi-Jack> Basically I have to edit the "start on" part of /etc/init/network-manager, but .. To what?
 * ccheney back
<SpamapS> smoser: around?
<smoser> here
<SpamapS> smoser: is ec2-describe-images with an AMI ID going to be super slow?
<smoser> define super
<smoser> http://paste.ubuntu.com/453040/
<smoser> SpamapS, its mostly a cpu bound operation
<SpamapS> smoser: its a once-per-run operation, and only if people choose "auto" instance type, so I won't worry about running it.
<smoser> SpamapS, yeah, it does suck. when using euca-describe-images its much faster (~ .5 seconds)
<hggdh> kirkland: can you talk? I want to discuss one thing with you
<smoser> the time still stinks though.
<smoser> i really only see 2 good ways to avoid it
<smoser> a.) user specifies the type
<smoser> b.) we cache the describe-images information for a given ami-id.
<smoser> the issue with the caching is that right now, we are completely "region un-aware"
<smoser> while possibly very unlikely it is possible that if we cached "ami-12345678 is amd64" and didn't attach the qualifier "on us-east-1 EC2 region" then we could have a collision and have wrong data
<smoser> SpamapS, ^
<smoser> i guess there is also
<coder7> Hey folks, I've got some UEC questions...
<coder7> I recently set up a simple cloud with a CC and one NC
<coder7> but the defaults seem to prevent me from keeping anything across reboots
<SpamapS> smoser: yeah unless we know about the env vars we can't do much caching really.
<smoser> c.) only do 'auto' if specified as 'auto'.  otherwise, pass nothing (which will result in i386 on ec2).  this makes the default 'run' case faster... sort of. but it makes it more difficult to run.
<coder7> if I shut down an instance, it is impossible to restart it, and if I reboot the NC, everything is wiped clean
<smoser> SpamapS, i would consider peeking at EC2_URL on this.
<smoser> shoot, but euca2ools doesn't necissarily have it set.
<smoser> yeah, we'd have to deal with knowing the ocnfiguration
<coder7> anyone know of any solutions?
<smoser> and keeping it in line with those tools.
<SpamapS> smoser: you have to look at the args and the env var.. this is where I start thinking API calls instead of exec... ;)
<smoser> SpamapS, args and environment aren't enough
<smoser> you'd also have to search ~/.eucarc
<smoser> and parse that
<smoser> so its one more thing
<smoser> SpamapS, the reason i didn't want to do API calls is that the closest thing we have to "standard configuration" is having one of those sets of tools configured to work
<smoser> i wou'dnt be opposed to creating "yet another ocnfiguratoin format"
<smoser> but it seems like overkill for this
<Krazyderek> anyone know of a slick bandwidth monitor that will tie into webmin nicely?
<guntbert> !webmin | Krazyderek
<ubottu> Krazyderek: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<coder7> It just seems really crazy to me to have a cloud with no ability for persistence...
<Krazyderek> oh dear.... that explains a couple of things
<Krazyderek> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<bogeyd6> Krazyderek, it already has a bandwidth module
<coder7> If there is a more appropriate channel for me to go to for UEC issues, please let me know
<Krazyderek> @bogeyd6 which one?
<jmarsden> coder7: You can try in #ubuntu-virt perhaps?
<Krazyderek> @bogeyd6 or rather, is there any pre installed? or should i just pick from one of the lists i find on a ubuntu page?
<bogeyd6> Krazyderek, already preinstalled tbh
<Krazyderek> @bogeyd6 specifically i want to see real time usage of local users on a intranet on a fileserver
<bogeyd6> Krazyderek, http://www.webmin.com/standard.html
<guntbert> coder7: I guess you have seen https://help.ubuntu.com/10.04/serverguide/C/uec.html, see also  #ubuntu-virt, #eucalyptus
<bogeyd6> !ntop | Krazyderek
<bogeyd6> hmm
<bogeyd6> Krazyderek, ntop
<Krazyderek> @bogeyd6 that's a good one?
<bogeyd6> the best one
<bogeyd6> Krazyderek, https://help.ubuntu.com/community/Ntop
<Krazyderek> @bogeyd6 ya the "bandwidth monitoring" in webmin gives me an error "Neither of the System Logs modules are installed on this system and supported by your OS. The Bandwidth Monitoring module cannot operate without one of them."
<bogeyd6> Krazyderek, thats because webmin doesnt fully work on an ubuntu sytem
<Krazyderek> i guess "all except windows" isn't entirely correct on the webmin page then lol
<coder7> jmarsden & guntbert: thanks... and yes I've looked through the docs
<guntbert> coder7: I assumed :-) I hope the other channels are more helpful today - Good luck :-)
<Krazyderek> @bogeyd6 hmmm ntop isn't playing well so far
<bogeyd6> Krazyderek, #ntop
<bogeyd6> ntop is in the 10.04 repos
<Krazyderek> @bogeyd6 **ERROR** ....open of /var/lib/ntop/prefsCache.db fail         ed: File open error
<Krazyderek> Mon Jun 21 16:08:06 2010  Possible solution: please use '-P <directory>'
<Krazyderek> Mon Jun 21 16:08:06 2010  **FATAL_ERROR** GDBM open failed, ntop shutting down..         .
<Krazyderek> Mon Jun 21 16:08:06 2010  CLEANUP[t140709457868544]: ntop caught signal 2
<Krazyderek> Mon Jun 21 16:08:06 2010  THREADMGMT[t140709457868544]: ntop RUNSTATE: SHUTDOWN(
<guntbert> !paste | Krazyderek
<ubottu> Krazyderek: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Krazyderek> sorry
<bogeyd6> Krazyderek, did you use the init script or just run ntop from the command line?
<Krazyderek> cmd
<bogeyd6> well derp
<bogeyd6> Krazyderek, if you didnt read the link i gave you for ubuntu community ntop setup you deserve to fail :(
<guntbert> bogeyd6: please stay helpful
<Krazyderek> @bogeyd6
<Krazyderek> @bogeyd6 lol
<Krazyderek> fair enough
<bogeyd6> kk
<bogeyd6> go read that stuff bro
<bogeyd6> its step by step
<bogeyd6> Krazyderek, its supposed to run as a service and you visit a website for more specific setup
<Krazyderek> @bogeyd6 awww my bad
<Krazyderek> @bogeyd6 should i / how do i uninstall ntop and start over?
<bogeyd6> no
<bogeyd6> just start the step after apt-get install ntop
<Krazyderek> ok
<bogeyd6> Krazyderek, https://help.ubuntu.com/community/Ntop#Configuration
<Krazyderek> @bogeyd6 oh dear... lol
<Krazyderek> it doesn't want to monitor my bonded ethernet
<bogeyd6> Krazyderek, dunno
<bogeyd6> Krazyderek, just googling around shows me some kernel type things they are talking about but I generally have no idea on whats up
<Krazyderek> @bogeyd6 i also forgot to restart the service
<bogeyd6> Krazyderek, good, because no other articles mention a problem with bonding
<blsmith> I have a belkin Wifi Adaptor, that I would like to use to setup a home web, print, music, ftp, and ssh server. How can I do this?
<bogeyd6> and i thought to myself that to dump an entire 48 port switch to one machine you would need dual gigabits
<blsmith> Is this even possible?
<blsmith> nevermind, this came up right on the install.
<blsmith> Actually it didn't work can I receive some assistance
<CppIsWeird> blsmith, i just stumbled in. can you give a synopsis of your problem? no gurantees that i can help though. :-)
<CppIsWeird> *guarantees
<blsmith> CpplsWeird: I am attempting to set up a home server using a Belkin Wifi USB Adapter
<Krazyderek> hmm
<blsmith> I was under Ubuntu 10.04 Live CD and it worked just right.During the installation it was attempting to automatcally set up the network and found wlan0 and I attempted to set that up without sucess.
<Krazyderek> @bogeyd6 even if i stop ntop i can't get it to start on bond0 using sudo ntop -i eth0
<blsmith> *installation of the server
<bogeyd6> init script Krazyderek
<bogeyd6> /etc/init.d/ntop restart
<CppIsWeird> blsmith, a home server to serve what specifically?
<blsmith> print, web, ftp, music, and ssh
<CppIsWeird> lol, this is going to take some time. :P
<Krazyderek> @bogeyd6 that restarts it on eth0
<bogeyd6> Krazyderek, then check the init script
<blsmith> CpplsWeird: possible samba for backup of local computer. If I can just setup the network to work, then all should fall into place
<CppIsWeird> ok so right now you're stuck on getting your usb wireless adapter working on ubuntu live cd?
<blsmith> CPPlsWeird: Sorry the adapter works on the live cd but I can't set it up on the server side., I continually get the Network autoconfiguation failed msg.
<blsmith> CpplsWeird: Should I not set up the network right now?
<CppIsWeird> blsmith, try this http://ubuntuforums.org/showthread.php?t=12045
<CppIsWeird> however be sure to use your adapters interface, wlan0.
<blsmith> CpplsWeird: The network's password is under WPA/WPA2 TKIP + AES, not WEP
<Krazyderek> **ERROR** RRD: Disabled - unable to create directory (err 13, /var/lib/ntop/rrd/graphics)
<Krazyderek> @bogeyd6 i keep getting that error when i try to monitor bond0
<CppIsWeird> blsmith, looks like you have some fun ahead of you. http://ubuntuforums.org/showthread.php?t=202834
<blsmith> CpplsWeird: Espically when i get debootstrapping errors when installing
<CppIsWeird> "debootstrapping error"
<CppIsWeird> ive never heard of such a thing
<CppIsWeird> !google debootstrapping error
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<blsmith> CpplsWeird: I think thats what it said.
<Krazyderek> hmm i guess i'll just take it as it is for now
<blsmith> CpplsWeird: It alright I have another cd, that i'm going to tryp
<CppIsWeird> yes, because if you stick enough cd's in the cdrom drive its bount to magically start working sooner or later.
<CppIsWeird> *bound
<blsmith> CppIsWeird, thats the theory i'm going with.
<CppIsWeird> and i thought my strategy of cussing at people until things work was inefficient.
<blsmith> CppIsWerid: Its working now, and I know why, I starting making a copy of Ubuntu 10.04 Desktop, but without realizing it I started the server version, and never through it away. So This cd I have now is working fine.
<blsmith> CppIsWeird: I'm installing without any network settings and will change them using the guide you gave me.
<Krazyderek> exit
<panfist> i have an ubuntu server providing services on a completely private network, disconnected from the internet. what's the simplest solution for providing email to hosts on the network for integration with other services like wiki, request tracker, nagios, etc?
<guntbert> panfist: did you see https://help.ubuntu.com/10.04/serverguide/C/email-services.html ?, then there is sudo tasksel to install all mail software,...
<panfist> i was hoping there was some sort of condensed version that let me skip over all the internet related material
<panfist> for example, if all my mail isn't going from my domain to any outside domain, it's all on the LAN only, that would simplify a lot of work done by the MTA
<uvirtbot> New bug: #597021 in apache2 (main) "apache2 can not load fcgid_module" [Undecided,New] https://launchpad.net/bugs/597021
<DannyT> Hi.  I'm looking at installing a Zimbra server.  Among underlying OS options are RH/Centos55 & Ubuntu 8 LTS.  Iiuc, both are on the road to being replaced soon-ish.  OS upgrades *under* an app make me ... nervous.  I come from an RPM-based distro bkg, but have rad that Debian/Ubuntu have the "install it once, never worry about upgrades" package mgmt.
<DannyT> Tbh, I'm not sure what that means :-/
<DannyT> Can anyone comment on how straighforward an Ubuntu 8 LTS -> 10 LTS should be?  If "painfuL', I lean to sticking with Centos ...
<JanC> DannyT: Ubuntu 8.04 LTS server is supported for 3 more years, but upgrading from 8.04 LTS to 10.04.1 LTS should work out fine
<goldins> DannyT: what that means is that you can upgrade the distribution painlessly. If you've ever used Fedora's preupgrade feature, this is how that feature would work if it ever worked correctly
<DannyT> JanC: Sure, I know it "works out" ... lots of folks do it.  I've been burned by promises of "long term support" (not @ Ubuntu ...) where the support--rats abandon ship the moment I try to do _anything_ other than what's shipped with the original release.  I guess a better way to say what I'm looking for -- I'd *like* to install today-ZImbra on toady's supported Ubuntu 8 LTS, then when Ubuntu 10 LTS is supported by Zimbra (soon-is
<DannyT> Yeah, I know its a "fuzzy" question -- best I can manage, atm
<goldins> basically upgrading the distribution never requires running an installer. It just upgrades all the packages to their new versions and if you have a new kernel you need to reboot
<DannyT> goldins: Ok, that's sort of what I'm hoping to hear.  Add to that that the community "in here" hasn't called me an idiot for wanting to "do anything" to the LTS distro in the first five minutes .... we're ahead of the game! ;-)
<JanC> DannyT: everything after "(soon-i" was cut off (IRC doesn't support lines that long)
<goldins> unlike centos, which doesn't actually have preupgrade yet so upgrading the distribution (from 4 to 5 or 5 to 6, say) which requires you to burn two DVDs and run an installer, possibly necessitating several hours of downtime.
<DannyT> JanC: Sorry, didn't know that: (soon-ish ...) *not * end up with a hellish nightmare trying to updated to 10LTS ...
<DannyT> goldins: Didn't realize that re: Centos, and therfore I assume RHEL? ... good to know
<DannyT> Does Ubuntu Server 10 LTS run "happily" in/as a Xen DomU?  THat'd be my fastest way to get started ....
<kirkland> hallyn: [serge-hallyn] Forward port libvirt (to 0.8.1?): TODO
<kirkland> hallyn: that looks to be DONE
<kirkland> hggdh: can you ensure that you update https://blueprints.edge.launchpad.net/ubuntu/+spec/server-maverick-uec-testing with your progress this week?
<kirkland> hggdh: i think some of those items are to be solve by you guys up there this week
<hggdh> kirkland: will do
<hallyn> kirkland: uh, yeah.  though i am trying to get a version of that which actually does 'virsh save' in reasonable amount of time
<hallyn> (but when i add the patch to fix that, i break 'virsh restore', still dont' know why)
<kirkland> hallyn: okay, i updated that spec a bit
 * hallyn looks
<hallyn> kirkland: cool, thanks.
<hallyn> i'd forgotten that was on that bp
<hallyn> kirkland: should 'make virsh save work' be a separate item on there, or just keep it off since there's a bug (owned by Daviey) ?
<kirkland> hallyn: hmm, why does daviey own that one?  sounds like it should be yours
<hallyn> kirkland: cause he's had it since february :)
<hallyn> hm, maybe he doesn't
<hallyn> ok now i'm getting cranky.  even when i manually rebuild jdstrand's package with no other changes, it still won't restore vm's any more
<jdstrand> hallyn: libvirt uses debian source version 3 (quilt)
<jdstrand> hallyn: it is possible that even though you removed the patch from series or debian/patches that it is still applied in a 'debian' patch in debian/patches
<jdstrand> hallyn: check down in debian/patches for a patch that starts with 'debian'
<jdstrand> hallyn: the some thing happened to me during the merge. I'm sure this new source package quilt version works for someone, but I've yet had it not get in my way
<hallyn> jdstrand: yeah, i just found that.  had to fight to keep from loudly exclaiming wtf
<jdstrand> s/some/same/
<jdstrand> hallyn: yeah, it is a bit weird to get used to
<hallyn> so this means what, i left the patches applied in working tree and it automatically did a quilt refresh?
<jdstrand> hallyn: exactly
<hallyn> so now i have no idea whether my previous tests were also fubared
<jdstrand> hallyn: so you need to 'export QUILT_PATCHES=debian/patches" then 'quilt pop -a' before building
<jdstrand> then use quilt normally
<hallyn> all right thanks - i'll try again later...
<jdstrand> sure, np
 * jdstrand kicks debian source format 3.0 (quilt) on hallyn's behalf
<hallyn> thanks, i feel better :)
<jdstrand> :)
<ccheney> jjohansen, any updates about kernels?
<jjohansen> ccheney: sorry not yet
<ccheney> jjohansen, ok np
<jjohansen> ccheney: I had a question about the 2.6.34-lucid kernel you tried
<ccheney> jjohansen, ok
<jjohansen> was that one of tim's backport kernels?
<ccheney> its the one from http://kernel.ubuntu.com/~kernel-ppa/mainline/
<jjohansen> ah, so just from before renaming to maverick
<jjohansen> okay thanks
<ccheney> happy to help :)
<ccheney> send me an email whenever you have the new ones ready and i can run my script on them and see if i can't find the spot it broke :)
<jjohansen> ccheney: will do
<Psi-Jack> Curious. Do upstart scripts generally read from /etc/default/$NAME like LSB scripts do?
<SpamapS> Psi-Jack: hmm.. great question
<SpamapS> /etc/init/ssh says
<SpamapS> # if you used to set SSHD_OPTS in /etc/default/ssh, you can change the
<SpamapS> # 'exec' line here instead
<SpamapS> exec /usr/sbin/sshd
<SpamapS> which is, rather lame IMO
<Psi-Jack> Yeah. I looked at others and found out it doesn't, you have to enclose it into a script section in the conf.
<Psi-Jack> irqbalance.conf was a good one to follow.
<SpamapS> Psi-Jack: but some of them use a "script" clause instead of an 'exec' line
<Psi-Jack> I'm converting some LSB scripts to upstart to see if I can get keepalived and linux-igd to play nice together on two servers.
#ubuntu-server 2010-06-22
<Psi-Jack> Now the problem is, how do I trigger something for when it's stopping? heh
<SpamapS> Psi-Jack: trigger what for when what is stopping?
<Psi-Jack> pre-start, post-start, etc script segments. Gawds, upstart is bigger than I thought. ;)
<KurtKraut> Is there any documentation on how to install Ubuntu with software-based RAD0?
<HugeCannon> Hey, I'm having a really strange ssh/netowrk/dns problem on my ubuntu server. The problem is that I'll be running an ssh connection to my server which has a static IP 192.168.2.100 and then the connection will get slow/intermittent then eventually drop. When it drops I go to my windows laptop and do "ping 192.168.2.100" which returns "pinging 192.168.2.100... response from 192.168.2.5 unreachable"
<Psi-Jack> Umm. That's easily done by the installer, KurtKraut.
<KurtKraut> Psi-Jack, easily done? I couldn't find it. And I've installed 4 machines with the alternate installer.
<KurtKraut> The term 'RAID' didn't even appear on screen
<Psi-Jack> You don't even need the alternate installer.
<Psi-Jack> RAID's on the partition manager, IF you have, or create RAID type partitions, which you set while creating partitions.
<KurtKraut> Psi-Jack, but the download page for Ubuntu says: 'The alternate install CD allows you to perform certain specialist installations of Ubuntu. It provides for the following situations: (...) LVM and/or RAID partitioning;'
<Psi-Jack> That's pretty old news, since it's been in since, about 9.04 or even earlier.
<HugeCannon> Anyone got any ideas on my network/dns problem?
<Psi-Jack> Welp. Now I got my upstart scripts for keepalived and linux-igd. When keepalived starts, linux-igd starts. When keepalived stops, linux-igd stops too. Exactly what I needed cause running linux-igd on two servers at the same time, for active-backup firewall/routing, doesn't work so well. ;)
<Psi-Jack> Heh, now about the only thing left is to get upstart definitions for things that do not run as a daemon or fork. Like shorewall, which basically enables firewall rules or disables firewall.
<orudie> hi just installed munin with apt-get install munin and i'm getting this error in the browser You don't have permission to access /munin on this server.
<SpamapS> orudie: is there an index.html file in the directory yet?
<SpamapS> orudie: you may need to wait until munin-graph has produced one
<orudie> SpamapS, i think it would just be empty as I've seen it a year ago right after munin install
<orudie> SpamapS, yeah index.html is there
<SpamapS> orudie: ok can you try it   http://server/munin/index.html   does that work?
<orudie> SpamapS, no same error
<SpamapS> orudie: weird, maybe the dir's permissions are too restrictive
<SpamapS> orudie: I have ot run, but make sure the 'www-data' user can access that directory (including checking the parent directories)
<orudie> anyone ?
<hey_joe> is libpam_mysql broken in 10.04?
<hey_joe> i added the neccesary two lines to /etc/pam.d/common.auth, and restarted...
<hey_joe> but it doesnt even attempt to connect to the SQL server
 * andreserl TestDrive PyGTK Front-end Demo Released!
<hggdh> kirkland: I downloaded your 0ubuntu30.3~ppa1, added the r1231 tentative fix, and uploaded to my PPA. Will test ASAP
<orudie> how do I force a user to quit if it shows that he is logged in right now
<bogeyd6> orudie, kill his tty or gnome session
<webroasters> hey, i upgraded my server the other day to 10.4. I also put postfix on there, and when I try to do the mail command, it works up until i end it with a period . it doesn't close out and send
<webroasters> what's wrong with it
<webroasters> i just keep putting periods in there, and pressing enter
<webroasters> period, enter
<webroasters> period enter... nothing
<webroasters> any ideas??
<ScottK> webroasters: Look in the postfix logs.
<Geoff918_> Can anyone answer the following question? http://ubuntuforums.org/showthread.php?t=1515069&highlight=postgreSQL
<webroasters> @ScottK: I just did, and there's some relay access denied stuff for weird ips and email addresses, but I can't find anything substantial
<ScottK> webroasters: If you can't find evidence of the sending attempt in your postfix logs, then you aren't talking to postfix.
<webroasters> is this it? connect from 83-131-235-81.adsl.net.t-com.hr[83.131.235.81
<webroasters> @ScottK: is this it? connect from 83-131-235-81.adsl.net.t-com.hr[83.131.235.81
<ScottK> Is that your IP address?
<webroasters> @ScottK: not that i can tell from ifconfig
<webroasters> @ScottK: it's not from my server or from my home computer
<ScottK> Then no.
<webroasters> @ScottK: then why isn't the mail command working?
<ScottK> webroasters: I'm guessing you're talking to some thing else.
<webroasters> @ScottK: it's weird because it was working today for some reason, i think it was
<ScottK> First step would be to figure out what you're talking to.  Not sure exactly what to suggest about that.
<ScottK> Gotta run
<webroasters> @ScottK: ok thank you for your help
<webroasters> ok, postfix will send email when I use the mail command from the command line, but not from my application! help, plz!
<webroasters> anyone?
<webroasters> everyone, nevermind
<internalkernel> anyone have any experience using SubjectAltName in SSL? Someone mentioned this as a possible way to direct several SSL hosts to the same IP with Apache. But, now that I'm
<internalkernel> looking at it, I don't see how that works...
<pohutukawa> Anybody here around who might be willing to discuss a few sentences on an Ubuntu based compute cluster?
<uvirtbot> New bug: #597122 in xinetd (main) "Xinetd on Ubuntu 10.04 LTS Server does not come with IPv6 support enabled" [Undecided,New] https://launchpad.net/bugs/597122
<LK_> hi, how do in ubuntu 10.04, how do I change the banner that is showed, once you're logged on via ssh?
<stanman246> anyone using opie-server?
<stanman246> can't get the challenge seed if i try to logon
<not-twb_> Never mind, I worked it out on my own.
<Daviey> ttx: Are you around?
<ttx> Daviey: yes
<Daviey> ttx: oh awesome... I need to talk to you about the patch for euca_conf.in
<ttx> Daviey: sure
<Daviey> ttx: upstream have changed it to be less script, meaning parts of this patch don't apply
<Daviey> specifically our bash for $EUCALYPTUS/var/lib/eucalyptus/nodes.list
<Daviey> ttx: Is this needed?
<ttx> Daviey: link to patch ?
<Daviey> ttx: just the parts of the patch i can't apply?
<ttx> Daviey: for example
<Daviey> ttx: one mo
<Daviey> ttx: http://pastebin.daviey.com/b66H/
<ttx> hm.
<ttx> There are two things here
<ttx> One is the replavemÃ¹ent of echo by xsearch
<ttx> the other is the handling of /var/lib/eucalyptus/nodes.list
<ttx> Let me explain both
<Daviey> ttx: oh sure.. but let me link to the new upstream euca_conf.in (other parts of patch applied, including xsearch present)
<ttx> ok
<ttx> They used to rely on a simple grep to match IPs
<ttx> that meant if you had a node at 192.168.12.120...
<Daviey> ttx: yeah.. seems parts of it are funked up somewhat, and wanted to check if it was still needed
<ttx> it would prevent a node at 192.168.12.12 to be added
<Daviey> ie, i don't know why we do /var/lib/eucalyptus/nodes.list differently
<ttx> About the nodes.list...
<ttx> Eucalyptus uses /etc/eucalyptus/eucalyptus.conf to store the nodes list
<ttx> unfortunately that means that file must be writeable by the autoregistration process
<ttx> since it calls euca_conf
<ttx> since eucalyptus.conf is sourcesd by root, that led to priv escalation
<Daviey> ttx: http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu/maverick/eucalyptus/devel/annotate/head:/tools/euca_conf.in
<ttx> and I didn't want the autoreg process to run as root or as something easily escalated to root
<Daviey> ^^ currently, includes other parts of that patch applied
<uvirtbot> Daviey: Error: "^" is not a valid command.
<Daviey> ttx: I SEE!
<ttx> so we decided to have the NODES in a separate file
<Daviey> makes sense
<ttx> there is code in eucalyptus to look into that file
<ttx> Daviey: it makes so much sense it should just be upstream
<ttx> (but that's another topic)
<ttx> and code in euca_conf to write to / read from that file
<Daviey> ttx: i totally agree.. something i want to do towards the end of this week is discuss ALL of our patches with upstream
<Daviey> <-- life would be so much simplier if at least 50% of these went upstream
<ttx> Daviey: they are supposed to have upstreamed the first one, which is just a bug
<ttx> I suppose it's what the "$itshere" is about
<Daviey> ttx: Well the link to the file in bzr ^^, they have changed how it works.. and i'm not fully comfortable trying to revert back to the bash way..
<ttx> $its_here, sorry
<Daviey> yeah... seems they've done some clever magic
<ttx> but we still need the other part applied
<Daviey> ttx: Currently investigating a FTBFS, would you be able to have a quick look at how best to approach this?
<Daviey> ttx: Yeah, those two hunks are the only two i couldn't get applied from the original patch
<ttx> hm, I'm quite swaped today
<ttx> swamped
<Daviey> ttx: ok
<ttx> Just starting... and having to catch up since I left on Thursday
<ttx> Got an interview to conduct later today
<ttx> Daviey: if I can free up some time, I will
<ttx> but not just now
<Daviey> yeah, holidays rock.. it's another work for having to catch up time when you get back :)
<Daviey> ttx: ok, rocking - thanks.. it's not blocking me atm
<ttx> DavidLevin: you shouyld be ok by applying the change_var_value part
<ttx> Daviey: ^
<ttx> and ignoring the the xsearch one
<Daviey> ttx: OK, i'll give that a spin in a bit
<Daviey> ttx: seems we have a new build dep on javassist.. at least it's in main.
<ttx> Daviey: yes, from that non-applying patch, you should ust apply the parts that replace "change_var_value $FILE NODES "${NODES}"
<ttx> The equivalent of xsearch is taken care of
<Daviey> ttx: hmm, ok.. it didn't look like $NODES was populated anywhere tho
<ttx> They slightly changed the logic...
<ttx> it is
<ttx> line 1476-1477
<Daviey> ah, so it is
<Daviey> thanks ttx
<ttx> First part of 1444
<ttx> Second part is 1476-1477
<ttx> Daviey: np. For the record, that patch was from smoser
<Danawar1> is it ok to host a CSS server on http://www.linode.com/?
<Daviey> ttx: oh right, i thought that was your handy work :)
<Daviey> Danawar1: You'll have to ask linode :)
<ttx> Daviey: that was my bug :)
<Daviey> ahh
<ttx> I dound and reported it
<ttx> found, even
<ttx> and the NODES rewrite was done by Dan Nurmi himself when we were working on autoreg
 * ttx lunches
<Danawar1> Does any one here own a linode?
<kklimonda> Danawar1: I do
<Danawar1> kklimonda: are they any good? how fast is the internet?
<kklimonda> Danawar1: pretty good, I don't really know how fast the internet is, I don't use it for distributing anything big enough for that to matter.
<Danawar1> Was thining of using it for a CSS server with a webserver
<Daviey> ttx: Silly question, but how can i modify the classpath for build time?
<ttx> Ah!
 * ttx looks into that
 * ttx admits being the one having written /that/
<Daviey> ttx: i've tried a few different things.. setting CLASSPATH in debian/rules = no dice
<ttx> I think it is debian/build-jars
 * ttx checks
<Daviey> modifying upstream module-inc.xml = no joy
<Daviey> and modifing .classpath = no joy
<ttx> for jar in `cat ../debian/build-jars`; do ln -fsv $$jar lib; done
<ttx> yep
<soren> Daviey: Variables set in debian/rules are not exported to the environment by default.
<ttx> debian/rules sets up links at build time
<soren> Daviey: ...if that matters.
<ttx> based on debian/build-jars
<Daviey> soren: yeah.. wondered if there was some magic in there to do that.
<Daviey> ttx: awesome
<ttx> Daviey: not to be mistaken with run-time...
<soren> Daviey: Sure. Just export it.
<Daviey> ttx: run time i think is ok already tbh
<ttx> where you'd use the links as defined in debian/eucalyptus-java-common.links
<Daviey> soren: did that
<Daviey> ttx: yup, that is there
<soren> Daviey: Oh. Then it is exported to the environment :)
<Daviey> soren: builder doesn't seem to be honouring $CLASSPATH
 * Daviey tries ttx's game
<ttx> Daviey: of course that doesn't prevent you from specifying the right build-time and runtime deps in debian/control
<Daviey> ttx: done that!
 * Daviey fires off a build. 
<Daviey> ...and puts the kettle on
<Daviey> ttx: That did it! \o/
<ttx> Daviey: yay
<zul> morning
<rgreening> hey zul
<zul> hi
<rgreening> zul: been working on that racksmith package and have it patched to pull out jquery and jquery-ui before packaging and dep on the system ones. Yay.
<zul> cool
<rgreening> Im close to being able to upload the package
<rgreening> zul: Im working with upstream to rework their code base, which would make this cleaner for all. Hopefully Ill have a patch for them this week for that.
<zul> rgreening: sounds good
<rgreening> zul: think there would be any issue with getting jquery and jquery-ui from maverick backported to lucid? racksmith will need to be backported to lucid for me as well and it requires the versions in maverick.
<zul> rgreening: i dunno i dont know anything about jquery
<rgreening> ok. Well, I will likely just submit the request and see where it goes I guess :)
<rgreening> heh
<sommer> morning all
<sommer> ScottK: when you get a chance can you renew my clamav team membership... got a message saying it will expire in 7 days :-)
<hggdh> morning smoser
<Krazyderek> what's the best way to setup a hot swap drive for backup? drive imaging or backupPC ?
<chris_n> I'm looking for documentation/guide covering setting up Ubuntu server to do AAA in a network environment with Ubuntu desktops
<zul> hey smoser
<hggdh> smoser: which UEC images should be used to test? The release ones, or the dailies?
<kirkland> hggdh: mine?  i assume daviey or ccheney did that?
<hggdh> kirkland: sorry, I lost you
<hggdh> mine what?
<kirkland> <hggdh> 20:09:54> kirkland: I downloaded your 0ubuntu30.3~ppa1, added the r1231 tentative fix, and uploaded to my PPA. Will test ASAP
<kirkland> hggdh: oh, you uploaded to your ppa
<kirkland> okay
<hggdh> kirkland: yes, but I am getting a failure on quilt, will have to look at it
<kirkland> hggdh: Daviey should help you
<hggdh> kirkland: ack
<Daviey> hggdh: \o
<smoser> hggdh, what are you wanting to test ?
<smoser> zul, here. whats up.
<zul> smoser: nothing....jut saying hi
<smoser> hggdh, hggdh if this is to test those eucalyptus fixes, i would suggest the dailies.  the released images do not have the better debug output (waiting for ... )
<Daviey> hggdh: There is a euca build currently under way in my ppa
<Daviey> hggdh: https://edge.launchpad.net/~davewalker/+archive/uec-testing/+packages <-- almost finished
<bogeyd6> I cant believe to get rdiff to work from windows to ubuntu you had to redirect output to a file
<ScottK> sommer: I'm pretty sure you can renew it yourself.  There should be a link in the message.
<hggdh> smoser: on jaguar we were using the released UEC image
<hggdh> smoser: I think we should be running the current, but wanted to check
<hggdh> Daviey: you rock
<Daviey> hggdh: NO U!
<Daviey> :)
<hggdh> Daviey: YOU do!
<hggdh> heh
<sommer> ScottK: it has a link to the clamav team page, and your lp page, and there's no link to renew membership on the clamav page...
<Daviey> hggdh: bah.. FTBFS.. i guess i don't rock. :(
<smoser> hggdh, i would like for you to test dailies
<smoser> there shouldn't be any real fallout, and i'm hoping to make a daily release soon
<ScottK> OK
<smoser> a new released.  there is a landscape bug that the landscape folks want integrated.
<Jack-in-Box> anyone know what is the easiest ftp server to use on ubuntu....  tried wu-ftpd, but its kina wierd
<Jack-in-Box> kinda*
<Daviey> hggdh: Working on a fix now
<ScottK> sommer: Done.
<sommer> ScottK: thanks man, I appreciate it :)
<hggdh> smoser: will do. Today we saw an error in the instance -- fsck failed, mountall failed, etc. I wanted to use a more up-to-date UEC image, this is why I asked you.
<hggdh> Daviey: you still rock :-)
<smoser> hggdh, i've not seen such an error. do you have an explaination ? or could you open a bug ?
<ttx> Daviey: if you have something working reasonably well, I may be able to break it -- I'd need you to test building and running with ehcache-2.1.0
<ttx> hmmm...
 * ttx considers testing from Lucid first, and do it himself
<ttx> Daviey: forget what I just said :)
<Daviey> ttx: np
<hggdh> smoser: I can open a bug, yes, but all we have is this single console output, on a superseeded kernel :-(
<EvilTrek> is there a way in terminal to specify a time offset?
<EvilTrek> i have a VPS running Ubuntu located in Germany running on UTC time, i'd really like to change what timezone it shows
<Daviey> hggdh: There is amd64 of 1.6.2-0ubuntu30.3.2 in that PPA
<hggdh> Daviey: you do rock, sir. Much, many, and all that, thanks
<Daviey> hggdh: np, thanks
<hggdh> Daviey: er, where's your PPA?
<Daviey> https://edge.launchpad.net/~davewalker/+archive/uec-testing/+packages
<hggdh> great, thaks
<Daviey> hggdh: so ppa:davewalker/uec-testing
<Jack-in-Box> any recomendations for a simple ftp server
<Psi-Jack> Jack-in-Box: ProFTPD, PureFTPD, vsftpd, apt-cache search ftp
<Jack-in-Box> tried wu-ftpd and it was awkward, which is the simplest to use of the ones u mentioned
<Psi-Jack> Jack-in-Box: I don't know. You'll have to find out for yourself. Have fun with that.
<Jack-in-Box> ok, thanks...
<Psi-Jack> 15 years, everything's "simple" to me.
<ne7work> hello all i have problem with phpmyadmin please someone help me
<Jack-in-Box> lol
<Jack-in-Box> fair enough
<ne7work> hmm
<Psi-Jack> ne7work: There's a box I can't open. Do you know what's wrong?
<ne7work> Jack-in-Box, I write sudo ln -s /usr/share/phpmyadmin /var/www
<ne7work> and http://78.83.153.108/phpmyadmin
<Shapeshiftr> hey
<Tero> I am trying to install ubuntu 10.04LTS server to IBM X3650M2. It has Hardware RAID5 configuration. Everything goes fine but after installation I cant boot into it. Wondering if it's UEFI issue or RAID-issue (hardly?). Only way I can bring it up is to boot from CD and choose "boot from first hard disk". Any ideas are welcome.
<Shapeshiftr> I'm having trouble configuring/installing postfix
<Shapeshiftr> anyone think they may be able to help?
<Psi-Jack> Shapeshiftr: There's a box I can't open. Do you know what's wrong?
<Shapeshiftr> Tero, it might have something to do with your partitioning
<Shapeshiftr> what type of RAID are you using?
<Shapeshiftr> Psi-Jack, huh?
<Tero> Shapeshiftr: I chose the automatic with LVM. But I also tried without LVM..
<Psi-Jack> Shapeshiftr: Exactly. That's what your question sounded like. :0
<Shapeshiftr> Yeah, I know. I was waiting to see if anyone was there to hel pbefore I gave all the details.
<Tero> Shapeshiftr: installed Vmware esxi to samekind of box and no problems at all.
<Psi-Jack> Shapeshiftr: Basically, ask a more thorough question, or even try #postfix. The guys there know postfix like the back of their hands. ;)
<Shapeshiftr> oh, awesome.
<Shapeshiftr> *gives freenode much love*
<Psi-Jack> hehe
<Psi-Jack> Right now, I'm learning as much as I can about upstart. Pretty sweet when you actually understand it.
<Psi-Jack> And it looks like it's going to put djb's daemon-tools to shamble. ;)
<Shapeshiftr> upstart? what is?
<Psi-Jack> Ubuntu's newer init system.
<Psi-Jack> Since 8.10
<ccheney> kirkland, for ebs testing addition should it be a separate code path from the regular testing that uec-testing-scripts does currently, to just do ebs testing?
<kirkland> ccheney: good question ... mathiaz and hggdh would be the best people to ask on the organization of that code
<ccheney> kirkland, ok
<ccheney> hggdh, ping ^
<kirkland> ccheney: thanks
<hggdh> ccheney: I am not sure, and think that we should really discuss it
<Daviey> ttx: We has a problem. :(..  Seems ecua 1.7 is using a newer version of gwt
<ttx> ...
 * ttx wonders what happened to advanec warnings of library transitions
<Daviey> ttx: i know, thankfully it's only euca that depends on it.. Okay if i upgrade it?
<ttx> Daviey: sure, but it can be tricky
<Daviey> ttx: Yeah.. they must have been aware of needing to bump.
<Daviey> ttx: Shall i make a start, and let you know of any gotcha's
<ttx> Daviey: Chris Grze... is your friend when it comes to patching so that it builds
<Daviey> ttx: I see you originally debianzed it.. can i ask you to review and sponsor when done?
<ttx> Daviey: sure... just make sure it buids and works for you first
<ccheney> hggdh, ok
 * ccheney bbs
<Daviey> ttx: Other than getting it to work with euca' is there an easy test?
<ttx> ISTR there was a testsuite enabled
<Daviey> ok... i'll invstigate
<Daviey> ttx: Without checking, are we Debian's upstream on this>?
 * ccheney back
<ttx> Daviey: on a call, will bbl
<Daviey> wilco
<ttx> Daviey: Debian recently adopted our package
<ttx> Daviey: so we *were* upstream
<ttx> Daviey: now it's up for grabs
<Daviey> ttx: Question is.. should i submit this package to Debian?
<Daviey> ttx: And the patches make me want to cry :)
 * SpamapS is a bit confused as to why he flew to Santa Clara today, when his conference pass for velocity does not include any of the events for today. :-/
 * SpamapS is also quite annoyed that the conference organizers have decided to put no tables or chairs anywhere near the conference. :-P
<ttx> Daviey: right, that's what I meant by "Chris made it build for us"
<uvirtbot> New bug: #597330 in gwt (main) "Please update gwt to 2.0.3" [Undecided,New] https://launchpad.net/bugs/597330
<SpamapS> âMetrics are all bullshit unless you can tie them to the businessâ -- Sean Power
<SpamapS>  circa 5 minutes ago. :)
<kirkland> smoser: ping
<kirkland> smoser: how long do you think it would take to package ovf (and test and get it it working) for Ubuntu?
<maek> is there an ubuntu equivilent to kickstart ? is it pre seed?
<jcastro> you can kickstart ubuntu too
<maek> jcastro: oh. is that the optimal way to do it?
<jcastro> maek: that's the way I do it, dunno about optimal, that depends on how comfortable you are with either one or the other
<maek> I know kickstart very well. I was just wondering what the ubuntu way is. I was reading about being able to pre seed mysql root user passwords and etc
<smoser> kirkland, it depends on what you mean by "ovf".
<uvirtbot> New bug: #597352 in tomcat6 (main) "wrong owner of /usr/share/tomcat6 dir for some webapps" [Undecided,New] https://launchpad.net/bugs/597352
<hggdh> ccheney: you there
<hggdh> ?
<ccheney> hggdh, yea in a desktop meeting atm, whats up?
<benedikt> I have a ubuntu server that uses the -generic kernel. I want to switch to the -server kernel. Installing the metapackage linux-image-server doesnt install a -server kernel.
<smoser> benedikt, it gets you what you need.
<ccheney> hggdh, done with meeting now, about to go to lunch unless you wanted to say something before then?
<smoser> i'm assuming you're on i386
<benedikt> smoser: no. it just installs the metapacke, no actual kernels.
<benedikt> yes, i386
<smoser> it doesn't install a linux-image-*pae ?
<benedikt> no, but i have -2.6.32-22-generic-pae
<benedikt> i want -server ;-)
<jdstrand> zul: thanks for the NTPD_DEVICE fix in the apparmor profile. Interestingly, upstream apparmor had 'rw', but we didn't in our shipped profile
 * ccheney bbl, lunch
<jdstrand> I blame me
<smoser> benedikt, on i386 -server == -pae
<zul> jdstrand: no problem
<benedikt> generic-pae != -server
<pmatulis> benedikt: yeah, there is no i386 server kernel anymore
<benedikt> oh, that would explain it
<benedikt> then ill stick to the -generic
<hggdh> ccheney: no, go grab lunch
<dasunsrule32> Hello, I was wondering if someone could help me troubleshoot some issues with postifx/dovecot?
<kirkland> hggdh: do you think you'll be able to test the fix for https://bugs.edge.launchpad.net/ubuntu/+source/cloud-init/+bug/566792 today?
<uvirtbot> Launchpad bug 566792 in eucalyptus "metadata service returns empty data with 200 OK" [High,Confirmed]
<hggdh> kirkland: yes, I will.
<nube> i have a ubuntu server 10.04 installed and was thinking of doing a "sudo apt-get install ubuntu-desktop" in case someone else has to use the machine that is not familiar with *nix..  there is a huge list of what will be installed if i do, but I'm not sure how it will effect the system as I already have everything configured how I want it as it is
<n0body> hey guys, i have an issue with dhcp3-server, i need it to run on a bridge (br0) and its starting on bootup before the bridge is up. any ideas? im new at this ubuntu
<n0body> http://pastebin.org/351436 is my /etc/network/interfaces
<n0body> http://pastebin.org/351446 is the error i get in syslog
<n0body> i can ssh in after boot and manually start it.
<n0body> so waht i need to do is, either start networking earlier, or dhcpd later. any ideas?
<n0body> anyone?
<jjohansen> Daviey: https://bugs.edge.launchpad.net/ubuntu/+bug/597387
<uvirtbot> Launchpad bug 597387 in ubuntu "pv-ops kernel only works in 3 or 4 zones in EC2" [Undecided,New]
<kirkland> hggdh: great, and show the rest of your peeps in Lexington what you're doing and how?
<hggdh> kirkland: yes, that's the idea -- but I want to get the protocol done ASAP
<kirkland> hggdh: k
<dasunsrule32> Hi I am getting this error with Dovecot/Postfix, it just started happening this last week with the new dovecot updates. Any ideas would be helpful. Thank you. postfix/smtpd[4467]: warning: SASL: Connect to private/auth-client failed: No such file or directory
<dasunsrule32> Jun 22 11:53:49 sol postfix/smtpd[4467]: fatal: no SASL authentication mechanisms
<smoser> kees, are you around ?
<smoser> jdstrand, maybe...
<smoser> i'd like some "security team review" of ebsmount.  its considered (by me) to be in a not so good position right now, and I'd like to talk with someone security team and the ebs folks (alonswartz) to see what we can do to make that better.
<smoser> SpamapS, ping
<Gerwin> I can't seem to install mail-server using tasksel, it tells me tasksel: aptitude failed (100)
<hggdh> kirkland: looks good so far. I will run another 200 instances with a smaller delay between instance startup, and then I will leave a 2,000-instance run during the evening
<smoser> hggdh, so it looks like they've fixed this bug ?
<n0body> anyone got skills on upstart? i need to make my networking start asap, since it creates a bridge, and other things need it to be ready (dhcpd, hostapd, squid etc) and its not built when they start
<n0body> at least i think its upstart i need to configure, god knows. basically i just need networking to start sooner, or for it to block until the bridge is ready
<n0body> http://pastebin.org/351740
<kirkland> hggdh: oh, okay, that's a good thing, right?
<kirkland> hggdh: should we go ahead and get it uploaded to lucid-proposed?
<kirkland> hggdh: would you just give me a status update before you call it a day?
<kirkland> hggdh: if this still looks good, i'll get this uploaded to lucid-proposed, and we can try an SRU
<hggdh> kirkland: I will update you, yes. Give me some 40 min, and the second run will end.
<hggdh> kirkland: and, yes, this is most certainly a Good Thing (TM) :-)
<andreserl> kirkland, I'm wondering if you have seen this behavior on lucid: I was listening to something, then I started VM's, then I closed what I was listening and opened the program again to listen something else, however, sound is no longer working.
<kees> smoser: can you go through robbiew for that?  we're pretty swamped at the moment, but yeah, based on what I've seen in the channel, ebsmount is scary
<kirkland> andreserl: hmm, sounds like a pulseaudio issue
<andreserl> kirkland, it looks like it indeed, since I killed my VM's and still no sound
<dasunsrule32> Can anyone help me look at an issue with dovecot/postfix?
<dasunsrule32> I keep getting: fatal: no SASL authentication mechanisms
<n0body> i hacked it, and started the neccesary services with post-up in interfaces
<n0body> i feel dirty
<n0body> upstart sucks
<MTecknology> I'm about to have a package built in LP - I made some changes that could potentially break things. ISo I'm wondering- how can I roll back the update if it does break things?
<kusznir> Hi all: I'm trying to boot a ubuntu 10.04 xen guest on a xen server of different OS, and I am having problems.
<kusznir> Specifically, I get  "Error: bootloader did not return any data!"
<kusznir> How do I work around this / fix it to boot this domain?
<kusznir> (the install worked fine, btw)
<robyn> Hello
<SpamapS> smoser: pong
<ruben23> hi guys any opensosurce application i can bond 2 different DSL connection and achive added badwidth with it...
<robyn> question - trying to install 10.04 32bit ( also tried 9.10 32bit) server on a system without cdrom - created usb boot drive per instructions using pendrivelinux utilities - install gets to looking for cdrom and can't find itself on the usb drive - does the same thing on my work station - any thoughts?
<robyn> ruben23, looked to do the same thing awhile back - didn't find anything usless the dsl where already a bonded pair
<cdubya> what all packages get installed in the tasksel option for samba-server?
<hggdh> kirkland: nah, no cigar. We still have instances failing to acquire a pub IP
<kusznir> Is there an "easy" way to downgrade grub in 10.04 server?
<kirkland> hggdh: same ratio?
<hggdh> kirkland: no, seems better -- around 6% failure, as opposed to ~10% before (o r1230)
<hggdh> kirkland: I will leave the 2,000 instances running just for completeness. But I am uploading the current logs
<kirkland> hggdh: okay
<panfist> is postfix configured as 'local only' suitable for use as a LAN email server, or is that really just specific to the one physical host
<lamont> panfist: it doesn't listen to the network socket when you say that
<panfist> ahh
<uvirtbot> New bug: #597445 in tomcat6 (main) "tomcat6 will not shutdown in Ubuntu 10.04" [Undecided,New] https://launchpad.net/bugs/597445
<pehden> hi all
<pehden> any one alive in here>
<ccheney> jjohansen, any status update on the kernels?
<jjohansen> ccheney: I haven't gotten to them yet, tim neither, and andy won't come on line for a few hours.
<jjohansen> I can kick off a couple builds soon
<ccheney> ok
<jjohansen> atop on the other hand is working on lucid and kamal is now trying it in maverick
<jjohansen> he did lucid first as the patches are .33 based
<kirkland> soren: okay, filed Bug #597459, per your request yesterday
<uvirtbot> Launchpad bug 597459 in vm-builder "support creating raw disk image" [Undecided,New] https://launchpad.net/bugs/597459
<kirkland> soren: i need a little more information on what i'd need to do to use vmbuilder to create an image that I could dd to a physical disk somewhere and get it to boot correctly
<uvirtbot> New bug: #597459 in vm-builder (universe) "support creating raw disk image" [Undecided,New] https://launchpad.net/bugs/597459
<soren> kirkland: Well, as a start, you could just let it create the qcow2 and convert it back to a raw image.
<soren> kirkland: qemu-img can do that.
<kirkland> soren: k, i have it in a raw image
<kirkland> soren: i dd that to a physical (from a livecd)
<soren> Yup.
<kirkland> soren: grub seems to be installed, that's good ...  i end up in an initramfs shell though
<kirkland> soren: wasn't able to mount the root disk
<kirkland> soren: in initramfs, i only see sda
<kirkland> soren: do i need to partition the disk from the livecd first?
 * soren ponders that
<kirkland> soren: or more prep i need to do to the image?
<kirkland> soren: or some better way of using dd ?
<soren> I don't think so , no.
<soren> What exactly did you do?
<kirkland> soren: i changed the one line as shown in bug #597459
<uvirtbot> Launchpad bug 597459 in vm-builder "support creating raw disk image" [Undecided,New] https://launchpad.net/bugs/597459
<kirkland> soren: s/qcow2/raw/
<kirkland> soren: sudo vmbuilder kvm ubuntu
<kirkland> soren: i end up with a 5000MB raw disk image
<kirkland> soren: on a test laptop, i boot a lucid desktop livecd
<kirkland> soren: i rsync over the 5000MB raw disk image, foo.img
<kirkland> soren: then from the livecd env, i 'sudo dd if=foo.img of=/dev/sda bs=1M'
<kirkland> soren: make a pot of coffee
<kirkland> soren: and then reboot
<soren> I would have thought that would work.
<kirkland> soren: me too ...
<kirkland> soren: so the error I get is that /dev/disk/by-uuid/whatever is not found
<kirkland> soren: and then dumped to initramfs
<soren> kirkland: right. It doesn't even find the partition table, you say?
<kirkland> soren: so i edit the grub menu on boot
<kirkland> soren: and replaced it with /dev/sda1
<kirkland> soren: right, in initramfs, i see /dev/sda, but no /dev/sda1
<soren> Ok.
 * kirkland feels a little better, that soren thinks this *should* have worked
<kirkland> b/c I did too :-)
<soren> Ã_Ã³
<soren> Just for giggles...
<soren> Could you try booting the live cd again and run "kvm -hda /dev/sda"?
<kirkland> sure
<kirkland> soren: i'm just redoing the dd now
<soren> kirkland: ok
<kusznir> How does one set the apt mirror to use when in command line only mode?
<kusznir> (i.e., no X installed)
<kirkland> soren: heh, kvm booted perfectly off of sda
<kirkland> soren: okay, i'm trying to boot again off of the real hw
<kirkland> soren: okay, same thing
<kirkland> soren: from real hardware
<hackeron_> hey, my ubuntu server is not booting correctly, I'm not getting a login prompt and when I ssh into the box, /var/log/boot.log just shows fsck: /dev/md0: clean, 31476007/60989440 files, 209228064/243940976 blocks (check in 4 mounts) -- and nothing like apache or postgres is started, I have to start those manually over ssh - any ideas what is causing the problem?
<kirkland> soren: ie, same thing == error when booting real hardware from /dev/sda
<hackeron_> I tried adding VERBOSE=yes to /etc/default/rcS and boot is still hanging and nothing more in boot.log :(
<hackeron_> I can ssh into the box, but it doesn't start half the services or show the login prompt
<hackeron_> how would I diagnose the problem?
<soren> kirkland: Fascinating :)
<soren> kirkland: Can you file a bug about this, too?
<kirkland> soren: sure
<kirkland> soren: i'll provide more detailed info
<soren> kirkland: Thanks, man.
 * soren heads bedwards
<hackeron_> wtf, after installing bootchart, it now boots
#ubuntu-server 2010-06-23
<Kniggedigge> hi folks, i've got a problem with a RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 02) does anyone know about that realtek chip problem ?
<jiboumans_> Kniggedigge: I don't, but a quick google shows several posts on the Ubuntu forums and a few bugs in Launchpad
<jiboumans_> any of those apply to you?
<Kniggedigge> yes i think, after a normal reboot my network was down, also when booting from a ubuntu live cd but when booting from a suse live cd the network was up again, so i think i've got the problem with that chip.... do you think there's a go around instead of compiling the drivers by my own ? jiboumans_ ?
<jiboumans_> Kniggedigge: what version of Ubuntu are you using?
<Kniggedigge> 10.4 kernel version: 2.6.32-22-server
<Kniggedigge> i mean 10.4 server respectively
<jiboumans_> Kniggedigge: this may apply to you: http://www.backports.ubuntuforums.org/showthread.php?t=1436322&page=3
<jiboumans_> there's a few solutions linked from there
<jiboumans_> if not, i'm afraid google's your best resource right now; if you do have a confirmed bug though, please post a bug in Launchpad so we can fix it
<Kniggedigge> ok ill check that jiboumans_  but i think thats a bug for more than 3 years, so i'll see what i can do there...
<jiboumans_> Kniggedigge: at the very least, hit the 'affects me too' button
<Kniggedigge> because when the kernel is using a false module, that does not work with the chipset, its a problem that could be "repaired" ?jiboumans_
<jiboumans_> Kniggedigge: i'd assume so
<Kniggedigge> ok thanks very much for you help jiboumans_ ;)
<jiboumans_> Kniggedigge: you're welcome, and good luck
<Kniggedigge> thanks bye bye ;)
 * RoAkSoAx wants to kill mysql in lucid
<jiboumans_> RoAkSoAx: what's it doing to you?
<jiboumans_> zul will probably want to hear about it
<jeremyn> sorry for the totally off-topic question, but is anyone else have problems looking at discussions on slashdot? specifically, the discussion2 bar where you control how many comments to view has disappeared. i've checked multiple computers and browsers, it's gone on all of them.
<RoAkSoAx> jiboumans_: trying to install a DRBD Cluster with MySQL replicated and it refuses to install in the way " mysql_install_db --datadir=/var/lib/mysql1"
<jiboumans_> that's odd.. drbd should be transparent for mysql, no?
<andreserl> jiboumans, it is the! The problem is actually with MySQL, which is not created the test database in the specified datadir
<jiboumans_> so what hapepns when you turn off drbd?
 * jiboumans_ assumes permission issues
 * RoAkSoAx gets confused when having two different irc sessions lol
<RoAkSoAx> jiboumans_: same issue
<jiboumans_> RoAkSoAx: and different data dir works as expected? /tmp/mysql
<RoAkSoAx> jiboumans_: nope. It has the same issue so it is something with MySQL for sure
<jiboumans_> RoAkSoAx: ok, that's just bizar
<jiboumans_> what error does it spit out?
<RoAkSoAx> jiboumans_: 100622 19:30:30 [Warning] Can't create test file /mnt/prueba/alice.lower-test
<RoAkSoAx> jiboumans_: seems to be a known error. will try the fix given at MySQL's website
<jiboumans_> RoAkSoAx: let me know what it is, i'm curious now
<RoAkSoAx> jiboumans_: seems that it's apparmor issue!! http://ubuntuforums.org/showthread.php?t=782224
<jiboumans_> hmm, we should be more elegant with that
<RoAkSoAx> jiboumans_: indeed it is
<jiboumans_> RoAkSoAx: at the very least, the error should say something about 'not allowed because of apparmor settings in $file' or something
<jiboumans_> RoAkSoAx: LP bug it :)
<jiboumans_> RoAkSoAx: bonus points for a patch
<jiboumans_> Putting the mysql profile in complain mode using "sudo aa-complain"
<jiboumans_> ^ seems to be the suggestion
<uvirtbot> jiboumans_: Error: "seems" is not a valid command.
<RoAkSoAx> jiboumans_: Will do file the bug! :)
<jiboumans_> RoAkSoAx++
<Kniggedigge> jiboumans:  you like to know how i resolved the problem ? :D
<Kniggedigge> jiboumans_  i meant sry
<jiboumans_> Kniggedigge: i'm curious
<Kniggedigge> i just shutdown unplugged the power cable and the lan cable waited 15 seconds, booted and plugged in the lan cable...
<Kniggedigge> it should be a problem with a thing called NIC, i dont know what it is, but now it works.... :)
<jiboumans_> Kniggedigge: that's odd.. makes it me think it's a timing issue
<jiboumans_> Kniggedigge: well, at least it's resolved for you :)
<Kniggedigge> yes and i hope it will never come back again because it was very very nerve recking...
 * jiboumans_ has to move rooms, back later
<panfist> i'm trying to get the package monit up and running. i have it configured to use its own web server and listen on 2812, and this is verified by netstat -l|grep 2812 says it's listening
<uvirtbot> New bug: #597490 in mysql-dfsg-5.1 (main) "[lucid] MySQL fails to install db (mysql_install_db) in specified directory due to AppArmor" [Undecided,New] https://launchpad.net/bugs/597490
<Psi-Jack> I have a stuck upstart job that's stop/killed, process 1511, but I can't start it successfully. I try to start it, and it just sits, idle, till I break out of it, then it's start/killed, process 1511.
<uvirtbot> New bug: #597510 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/597510
<HermanDE-1> Anybody have any good ideas for running a system wide sieve filter on an Exim+Cyrus system?
<panfist> i'm tryin to get request-tracker3.8 running and having trouble at the apache2 config...no matter what i try i can't get http://localhost/rt to work
<willemb> Greetings.  I have just set up 2 servers to try out the uec thing.  Is it possible to convert existing kvm images to xen images to fire up in my 'cloud' ?
<jo-erlend_> I don't know much about it, but I think you'd only need to install a xen kernel in the guest in order for it to run well in normal xen. But what does xen have to do with this? I thought UEC was based on KVM?
<f01kert> hello all :)
<f01kert> can anyone help me to get my lucid lynx system to create /proc/driver/cciss/*
<f01kert> ^_^
<uvirtbot> f01kert: Error: "_^" is not a valid command.
<f01kert> uvirtbot: o_O
<uvirtbot> f01kert: Error: "o_O" is not a valid command.
<f01kert> :D
<sabgenton> hey everybody
<sabgenton> the installation instructions to install  lucid to usb  found here
<sabgenton> http://www.ubuntu.com/server/get-ubuntu/download
<sabgenton> show how to install ubuntu desktop
<sabgenton> karmic server never worked this way as it is not a live cd ISO  it is like the old fashioned linux install CD's
<sabgenton> Is lucid now a live cd style ISO?
<f01kert> sabgenton: sorry no idea :)
<f01kert> didn't look like a live style iso when i booted it...
<sabgenton> hmm rater disconserting
<sabgenton> maybe there is a dev chanel I could take this up with
<f01kert> should be :)
<willemb> jo-erlend_: I thought it was xen ...
<sbeattie> sabgenton: no, the server and alternate images are not live cds; is there a reason why you'd think it would be useful?
<sabgenton> I want to install lucid from usb
<sabgenton> sbeattie: http://www.ubuntu.com/server/get-ubuntu/download  show u how but it has a deskop ubuntu tutorial
<sabgenton> this never worked on karmic
<willemb> jo-erlend_: Far as I could find out, it is all based on Eucalyptus, and the docs on their ewb page is definately all xen based
<sabgenton> I want to know if it luicd server truly works from usb
<sabgenton> the usb instuctions @ http://www.ubuntu.com/server/get-ubuntu/download looks like a bug to me
<sbeattie> sabgenton: hrm, so it does. Can you file a bug against https://bugs.launchpad.net/ubuntu-website-content
<sabgenton> ok
<sabgenton> sbeattie: do you recon there's been anyturn around and ubuntu server works on usb     just with bad  instructons or the web site simply has the desktop tutorial  and there is no usbsuport
<sabgenton> ?
<sabgenton> I'm betting on the latter
<sabgenton> sbeattie: It would be nice to submit the bug http://www.ubuntu.com/server/get-ubuntu/download shows lucid server has usb suport
<sbeattie> define support: does it work out of usb-creator? dunno, you'd need to try. But https://help.ubuntu.com/10.04/installation-guide/i386/boot-usb-files.html describes how tomake it work manually.
<sabgenton> but I 'm not entirely shure that it doesn't
<sabgenton> just mostly confident
<sabgenton> the usb-creator tool and the windows based tools describe after clicking the right things at http://www.ubuntu.com/server/get-ubuntu/download
<sabgenton> did work on server in the past
<sabgenton> I did find  an alternative method  but  that is not what  http://www.ubuntu.com/server/get-ubuntu/download is talking about
<sabgenton> I  belive the problem is most  usb installer  creators  rely on a  live cd image with server  isn't
<sabgenton> bug http://www.ubuntu.com/server/get-ubuntu/download shows invalid usb suport for lucid server
<sabgenton> sbeattie: is what i meant
<f01kert> fixing that should help PXE installs as well hopefully :)
<sabgenton> but I don't know if it is turly invalid
<sabgenton> it is definitely misleading as is show the desktop ISO in the tutoral
<sabgenton> for people who have been waiting for  server USB suport  that is going to look  like a stuff / typo more than a just out solution
<f01kert> sbeattie: how would i go about making my P212 SAS controller work in lucid lynx?
<f01kert> ie where do i go to rtfm? :D
<uvirtbot> New bug: #597587 in mysql-dfsg-5.1 (main) "debconf does not show dialog" [Undecided,New] https://launchpad.net/bugs/597587
<sabgenton> sbeattie: should I make my bug unprivate?
<sabgenton> sorry bug nooby
 * sabgenton ask question to all listening as well
<permalac_> hello
<permalac_> i'm trying to download the netboot package. I have a pxe server and I can find the kernel to install it through my unattended installer. any help?
<huats> morning
<ttx> huats: o/
<huats> hello ttx
<uvirtbot> New bug: #597623 in chkrootkit (main) "Meaningless error message when option -e is used without argument" [Undecided,New] https://launchpad.net/bugs/597623
<johno> hi hi
<f01kert> hi
<johno> Hi f0lkert
<johno> was wondering if anyone knew of a solution for high avaiability and redundancy apart from pacemaker/HA?
<johno> or is that the bread and butter/best solution out there for server redundanc
<johno> *redundancy?
<johno> I am currently looking at the following solutions
<johno> https://wiki.ubuntu.com/ClusterStack/LucidTesting
<incorrect> upgrading from karmic to lucid has left autofs in a broken state, i can't see how to get some debug info out of it
<incorrect> duh
<incorrect> i figure it out the second after i hit enter
<kaushal> hi
<kaushal> is setfacl not supported on ext4 ?
<kaushal> I mean acl
<kaushal> I get operation not permitted
<kaushal> I did setfacl -o remount,acl /
<kaushal> /dev/sda1 on / type ext4 (rw,errors=remount-ro,acl)
<Daviey> ttx: I'm throwing my hat in on GWT for the moment :(.. Conmpsoing an email
<zul> morning
<Daviey> 13:26:36 < zul> morning
<Daviey> ^^ FAIL :)
<uvirtbot> Daviey: Error: "^" is not a valid command.
<zul> Daviey: chuck@kenny:~/work/server/mysql/mysql-dfsg-5.1-5.1.41$ date
<zul> Wed Jun 23 08:27:09 EDT 2010
<zul> ^^^ WIN :)
<uvirtbot> zul: Error: "^^" is not a valid command.
<Daviey> heh
 * Daviey suggests the whole world moves to UTC.
<sommer> morning all
<zul> Daviey: then my biological clock would be off
<xperia> hello. simple question is a command in rc.local executed as root or as user ?
<soren> xperia: root
<ccheney> Daviey, emailed you the script as it was very simple wasn't sure if it would be worth sticking in a branch
<uvirtbot> New bug: #584809 in samba (main) "net.samba3 crashed with signal 7" [Low,Incomplete] https://launchpad.net/bugs/584809
<Daviey> ccheney: rc'd thanks
<xperia> soren: thanks !
<ccheney> ok this is annoying my stupid cloud doesn't respond to commands now
<zul> ttx: irqbalance is fixed
<ttx> zul: ack
<elb0w> How can I mount another linux server as a network place on ubuntu
<delimiter> anyone here have display problems in the debian installer when running over IPMI
<elb0w> last time I did it, I think there was some fish protocol or something?
<mangerDuchien> Hi all
<delimiter> elb0w do you mean CIFS?
<elb0w> delimiter I dunno
<elb0w> I have lucid servers
<elb0w> and the 10.4 lucid client
<elb0w> I want to mount the lucid servers, on my lucid client
<elb0w> so that I can just double click the drive to see the files
<elb0w> like maping a drive
<elb0w> in windows
<delimiter> you probably want to setup NFS exports on the server
<xperia> elbow: i am using sshfs and it works great
<mangerDuchien> I am trying to use Ubuntu EC on Karmic, I successfully  setup my environnement with VM_MODE=MANAGED, but with STATIC mode, I am not able to connect over SSH to my VM. Is anyone know why ?
<xperia> hello. anybody here how can help me a little with a strange disk space problem ? have running ubuntu on a proliant 530ML Server witha raid array. have now added new disk to this array. now if i boot into ubunut i still got the old array and not the new array with the bigger size. do i need to sxpand the files system ?
<xperia> oops had a disconnect
<johno> you need to use the smart cd
<johno> and reconfigure the arrey to include the hard disk you have added
<johno> anyone here good with ubuntu cloud systems?
<johno> was hoping to bounce a few idea's around to get around the flaws of the ebs system
<johno> (EBS)
<xperia> johno: thanks a lot. have used the smart cd and added this new disks to the existing array
<johno> have you changed the boot order?
<xperia> the disk blinked also about 1 hour all the time all
<xperia> the status message was allways "transformation"
<resno> is it possible to send an email without an domain address?
<johno> resno - yes, but it would not go any where
<SpamapS> resno: sure, it just won't be sent on the internet unless the user has forwarded it
<xperia> johno why changing the boot order. i have used a existing array to expand
<johno> resno - since the domain address is the mechanism to search for an external addres
<johno> ahh
<resno> ok, i have server with a domain name, but its another system, is it "hard" to confire my local machine to use it?
<xperia> i need somehow to get the new added disk space in ubuntu.
<johno> xperia - let me understand what your doing. you have added a hard disk. to a hp server. restarted it and used the smart CD to add it to the array
<xperia> right have done this exactly this way
<johno> xperia - your using ubuntu bit ot does not see that the hard disk has grown?
<johno> I see
<johno> one sec
<xperia> yes have the same size
<xperia> probably need to format the new space or better to exapnd the file system for the new disk space
<xperia> in the bios settings all new added disk exist in the array. becouse of that i think it depend now on ubuntu
<xperia> johno: tryed to get the new disk size with "fdisk -l" but for my raid array "/dev/cciss/c0d0p1" this command dont work.
<xperia> the command "df" give me the same results like before i have added the new disks.
<xperia> need a command that tell me how big "/dev/cciss/c0d0p1" at the moment is and probably a command to expand the existing ext4 filesystem on that array
<johno> hehe
<johno> sorry not able to help you
<xperia> ohhhhh that is bad
<johno> well, with me level of knowlege anyway
<xperia> okay thanks :-)
<SpamapS>  
<SpamapS> smoser: ping?
<smoser> here
<smoser> or...
<smoser> here ?
<SpamapS> smoser: I'm going to start on the 'run a command then optionally die' part today..
<smoser> good deal.
<SpamapS> smoser: just want to make sure everything is working fundamentally (ignoring nit picks) before I do that.
<smoser> can you shoot to come to a stopping point by end of day today, and then let me know ? and we'll pick it up and get it into cloud-utils.
<smoser> i can give a quick test right now.
<ruben23> any good monitoring apps for ubuntu-servers..
<SpamapS> smoser: hang on I'll do one mor epush
<smoser> k
<SpamapS> pushed
<zul> ruben23: yes nagios munin.
<ruben23>  zul: which one you used..?
<zul> ruben23: both and i like both
<smoser> SpamapS, one thing i know you'r emissing
<smoser> --launchpad-id
<ruben23> zul:im installing munin, but my localhost seems dont worked i can make it display on my web the local hostname i have on my server.
<zul> ruben23: check your config then
<ruben23> what particular config
<SpamapS> smoser: ahh :)
<smoser> SpamapS, http://pastebin.com/HTFrN87J
<smoser> also, that
<smoser> er...: http://pastebin.com/QPWCMssS is better
<smoser> SpamapS, also, i think, just from using it right now that we should "know" of --key
<resno> how much ram do you need to run 2 virtual machines?
<SpamapS> smoser: --key meaning the -k argument to -run-instances ?
<zul> bbiab...earthquake
<MTecknology> !info nginx
<ubottu> nginx (source: nginx): small, but very powerful and efficient web server and mail proxy. In component universe, is optional. Version 0.7.65-1ubuntu2 (lucid), package size 327 kB, installed size 800 kB
<SpamapS> smoser: I'm not really sure how to duplicate this:
<SpamapS>     args.insert(0, "#cloud-config\nruncmd:\n - sudo -Hu ubuntu ssh-import-lp-id %s" % lp_ids)
<zul> that looks ugly :)
<SpamapS> smoser: ah I missed the next line
<SpamapS>     args.insert(0, "-d")
<SpamapS> weird.. its all backwards 'n stuff
<Kaffien> So i made a fancy raid50 array,  ubuntu recognized it and i told it to use the entire thing.  the array formatted just fine, ubuntu-server installed without any errors.  when i rebooted after installing grub i get a  'out of disk' error
<hggdh> ccheney: you there?
<hggdh> Daviey: ping
<ccheney> hggdh, yea but at lunch, didn't start my break until late today was working with tgardner on kernel issue
<ccheney> hggdh, whats up?
<hggdh> ccheney: I just got hit by the allocate/delete volumes bug... how did you remove/cleanup? I am trying, but lvremove states the LV is in use, so no deal
<hggdh> ccheney: or you can eat your lunch in peace, and we will check on this later on :-)
<Daviey> hggdh: \o
<hggdh> Daviey: would you mind packaging the Latest & Greatest fix for Euca?
<Daviey> hggdh: Which one?
<hggdh> Daviey: lp:~chris-grze/+junk/1.6.2-fixes 1233: decker 2010-06-23 [merge] fix
<hggdh> mishandling of inflight addr msgs, npe, and state check before restore
<Daviey> hggdh: ok, will ping when it's published
<hggdh> Daviey: IOU (as it is getting to be the norm)
<SpamapS> smoser: ok I think I understand the lp id thing
<Daviey> hggdh: heh.. i'm sure the favour will be returned :)
<Daviey> hggdh: certain, even :)
<hggdh> Daviey: indeed
<SpamapS> smoser: there's a work item to "attach an elastic IP to the machine" ... isn't that just passing --addressing "something" ?
<hallyn> is there anyone here he would be able to sponsor https://code.launchpad.net/~serge-hallyn/ubuntu/lucid/qemu-kvm/memleak-fix  for lucid-proposed for bugs 588293 and 591610 ?
<uvirtbot> Launchpad bug 588293 in qemu-kvm "Memory leak" [Medium,Fix committed] https://launchpad.net/bugs/588293
<uvirtbot> Launchpad bug 591610 in qemu-kvm "memory leak" [Undecided,Triaged] https://launchpad.net/bugs/591610
<ccheney> hggdh, sorry for the delay as soon as i responded earlier someone came to the door for me and couldn't get back upstairs until now
<ccheney> hggdh, you have to manually clean up the mess, do lvremove, vgremove, pvremove, losetup -d, etc
<SpamapS> smoser: --launchpad-id is passed now, but I don't know if it works at all.
<hggdh> ccheney: yes. But lvremove is flatly refusing to remove them, even with --force
<ccheney> hmm maybe have to reboot in that case
<hggdh> ccheney: it states the LV is open... and --force should work to delete them
<hggdh> ccheney: that's what I was afraid, so the check with you. Thanks ;-)
 * hggdh goes to to prepare a reboot
<ccheney> hggdh, unless it shows up as mounted, i think you would have to reboot
<Daviey> hggdh: If you get your boxes ready, when LP has finished building it.. should be ready to rock.. Ensure you test version eucalyptus_1.6.2-0ubuntu30.3.3
<hggdh> ccheney: they do *not* show as mounted :-(
<hggdh> Daviey: thank you, sir
<Daviey> hggdh: Regarding your mem leak branch.. You need to set the release pocket as lucid-proposed.. and personally.. the changelog doesn't fill me with confidence. :)
<ccheney> hggdh, ok, then probably reboot :-\
<hggdh> Daviey: er, did you mean hallyn?
<Daviey> yes, sorry - hallyn ^^
<ccheney> i sent tgardner the script to test 588861 since he was having trouble building kernels my system would boot
<Daviey> E-TOO-MANY_H's
<hggdh> LOL
<hallyn> Daviey: i dunno, 'Here is another patch which <name> says fixes the problem' didn't seem so shaky to me.  but sod it, i'll hand-build a package to put in my ppa and ask for confirmation with that.  thanks.
<hallyn> (I assume you were saying you want more confirmation before merging into lucid-proposed)
<kirkland> jjohansen: ping
<kirkland> jjohansen: ttx and i are trying to get a handle on this kernel bug affecting eucalyptus in maverick
<kirkland> jjohansen: we're trying to plan our alpha2 testing, and that plan very much depends on whether or not this bug is solved
<kirkland> jjohansen: if it's not going to be, then we need to start making a backup plan
<ttx> kirkland: reading backlog, ccheney escalated to Tim already
<kirkland> ttx: ah, okay
<ttx> -20min from now
<kirkland> ttx: yeah, i brought it up to tim last week, so it's not the first he's seen of it
<ccheney> ttx, well i escalated it about 1.5hr ago
<ttx> ccheney: great!
<evident> hello everybody! I have a brand new vroot server and as a first task I changed my shell to zshell using "chsh" where i entered "/bin/zsh" as a new shell. After I logged out then and tried to reconnect as root (via ssh), it refuses the connection and says "Permission denied"... Did I forget anything so I can't get into my server via ssh anymore?
<ccheney> 12:28pm CDT :)
 * ttx goes back to his evening :)
<ccheney> kirkland, i worked with tgardner and couldn't get his kernels to even boot on my box so he had me send the info on how to install enough of UEC and the script to try to replicate the issue himself
<hallyn> evident: /etc/shells?
<hallyn> (just a thought)
<ccheney> kirkland, the 12:28pm time was when i sent the script, etc to him after testing the two kernels he sent me that wouldn't boot
<evident> what about it? can I do anything now to get in again?
<hallyn> evident: nm, just installed zsh, and it does show up in /etc/shells
<hggdh> ccheney: interesting. I had 319 loop devices, 267 vgs, and 266 lvs. After reboot, I have *none*
<ccheney> thats surprising, usually it sets the back up even when they disappear from euca2ools
<evident> well I can't check it because I am not getting in
<ccheney> s/the/them/
<ccheney> hggdh, hopefully we aren't seeing a kernel bug now too
<hggdh> ccheney: yes indeed. This is most surprising, and sounds more like a problem on kernel
<ccheney> i don't know enough about lvm to know how a lv could get locked open when not mounted
<hggdh> heh. ccheney, you preempted me
<hallyn> evident: you don't have any non-root accounts without zsh as shell?
<evident> no not yet because the server was just set up
<hallyn> evident: really i think it has nothing to do with zsh, rather you don't allow root ssh logins
<hallyn> evident: what is a 'vroot' server?
<evident> well but how? I just got this brand new set up server now and all I did was apt-get update, apt-get upgrade and chsh to /bin/zsh
<evident> virtual root server? not a real own server but several virtual ones in one...
<evident> i didn't change any ssh settings and I got in just before doing these commands
<hallyn> and the only account you were given was root?
<evident> yes because everything else I am supposed to do on my own (other users and so on)
<evident> well I can have the server get resetted, but still am looking for another way to get in
<hallyn> you don't have any control over boot args or anything, no remote console to do single user boot?
<evident> wait there was some way but I'll need to check
<hallyn> at which point are you getting the -EPERM?  I wonder whether you could just 'ssh host chsh'...
<evident> % ssh root@tinytall.de chsh
<evident> root@tinytall.de's password:
<evident> Permission denied, please try again.
<evident> I can't find any other way to get access to the server... any idea? Or do I need to have them reset it?
<guntbert> evident: did you configure login with ssh keys only?
<hallyn> evident: sorry, no other ideas offhand
<evident> i didn't configure anything... this is how I got the server from strato...
<evident> all i did was apt-get update, upgrade and chsh
<guntbert> evident: it was only a thought
<evident> :D
<evident> and I am thankful for any help... it's just a little bit frustrating^^
<evident> so you'd say I should have them reset it?
<jjohansen> kirkland: right, I asked tim or andy to look at it if they had time before me, and tim has picked it up
<hallyn> evident: i think so.  and i'm really curious what happened...  i see no apparmor ssh restrictions, no reason anything would have changed
<hallyn> unless your apt-get upgrade overwrote your /etc/securetty or ssh config to disallow root logins...
<uvirtbot> New bug: #597818 in dovecot (main) "Include files parsed in reverse order" [Undecided,New] https://launchpad.net/bugs/597818
<resno> whats the virtual machine app is easiest to install and maintain? i dont have the extenions for kvm.
<ruben23> hi i have directory /va/spool/monitor/ on my 1st HDD now i added 2nd HDD and i want to used part of my 2nd HDD to that directory since its getting full, how do i do it
<ruben23> any ideas
<pmatulis> ruben23: are you using LVM?
<ruben23> no
<pmatulis> oh well
<ruben23> im not using LVM on the first HDD
<pmatulis> now you know the benefits of LVM!
<ruben23> what are my options..?
<ruben23> yeah
<ruben23> but are there any ways i can still get the goal
<pmatulis> maybe move a directory from HD1 to HD2 and then symlink?
<ruben23> or can i have that directory put to my second HDD..?
<pmatulis> well sure, you can put the whole thing there
<ruben23> but how..? ill create the same directory..on the second HDD..? right..? and symlink..
<pmatulis> make a partition and mount it on /mnt/tmp, move the files to there, unmount, then mount as /var/spool/monitor
<ruben23> but the 2nd HDD is new how do i set it to be detected first and be used by the machine
<guntbert> ruben23: symlinks don't work across file systems
<hallyn> how do i get 'bzr bd -S' to do the equivalent of the '-sa' part in 'debuild -S -sa' ?
<guntbert> ruben23: forget what I said - it was nonsense
<ruben23> pmatulis: you talking to the second HDD right..?
<pmatulis> ruben23: yes
<ruben23> so i create partion and LVM..
<pmatulis> no, LVM is out of the picture now
<ruben23> ow ok
<ruben23> so i just create partion and mount it
<ruben23> where sholud i mount it
<pmatulis> if you had LVM then you could add the new hd as a physical volume to the existing volume group and then extend your logical volume
<hallyn> ah there we go, 'bzr bd -S -- -sa'
<ruben23> yeah the thing here that /var/spool/monitor have so many files..
<pmatulis> ruben23: obviously you need to ensure no writing to that directory during the operation
<ruben23> do i really ned to copy..?
<ruben23> the /var/spool/monitor  on 1st HDD on the second HDD with same directory..?
<qman__> yes, otherwise you'd lose all the files
<pmatulis> ruben23: re-read my comment
<evident> ok I have the server reset now... and installed zsh with apt-get
<evident> the /etc/shells file now has /bin/zsh and /usr/bin/zsh in it... which one do I choose now with chsh?
<ruben23> pmatulis: so sorry im rally confuse, how do your suggetion.. please a little more detailed guide please
<Daviey> hallyn: The blocker is it needs to be $release-proposed.. The dev that sponsors could do that, but it's tradition to get it correct for the sponsor just to upload it.  The comment about the the changelog was more of a comment.. Personally, i wouldn't normally upload something without testing, and the enduser see "Well $someone said they caught it this time" seems a little unsure.
<hallyn> Daviey: yeah that's why your comment convinced me to push a package to my ppa for confirmation first
<Daviey> hallyn: Awesome!
<hallyn> Daviey: then if confirmed i'll change to lucid-proposed and re-submit, thanks much :)
<Daviey> hallyn: you rock.
<hallyn> no YOU ROCK
<evident> ok now everything is working as it should... zsh running with my settings, ssh port is changed and everything works... but one question: /etc/profile:5: no matches found: /etc/profile.d/*.sh ... I get this message after logging in via ssh. What does that mean?
<hallyn> evident: well it looks harmless, but it looks like /etc/profile assumes that if /etc/profile.d/ exists, there will be file in it;  and you have none
<hallyn> (mine has speechd-user-port.sh)
<hallyn> you can probably just rm -rf /etc/profile.d to shut it up
<evident> hallyn: thanks! it's gone now... :D
<ccheney> Daviey, we have it tracked down to between 2.6.32.15 and 2.6.33rc1 now
<King_of_Metal> if I want something to be added to PATH on boot (before login), where should I put it?
<Kaffien> what FS would be best for the  NFS share?
<Kaffien> i'm thinking either ext4 or xfs
<hallyn> Kaffien: i'd recommend xfs myself, having been bitten by ext4...
 * soren <3 xfs :)
<wiretapped> is there a way to determine the linux vfs page cache hit ratio?
<wiretapped> i'm looking in to ways it might be possible with systemtap, using a kernel with DEBUG_INFO, but it seems like there ought to be an easier way
<kirkland> soren: so i think i've figured out that vmbuilder -> real hardware problem
<kirkland> soren: looks to be the -virtual kernel
<kirkland> soren: i installed -generic kernel and it works fine
<uvirtbot> New bug: #597875 in clamav (main) "Clam freezes during recursive scan" [Undecided,New] https://launchpad.net/bugs/597875
<Theravadan> anyone know why upon reboot lo isn't configured w/ 127.0.0.1?
<Theravadan> i swapped nics via /etc/udev/rules.d/70-persistent-net.rules
<xperia> hello to all.i have inserted new harddisks in the free slots of my raid array in the proliant 530M G2 Server. I have added them also to my existing ext4 array and proved in the bios array config if they were enabled. but when i boot in debain i dont see any of the free disk space. my question is what do i need to do to get the free disk space ?
<xperia> ehh when i boot in ubuntu i dont see the free disk space. it show allways the same disk space and disk usage as i have inserted the new disks
<Kaffien> hallyn, how did ext4 bite you?
<hallyn> corruption.  remounted itself readonly and would never properly clean up after reboot.
<Kaffien> m33-
<Kaffien> im using that for the system part
<Kaffien> but when was that?
 * hallyn doesn't know what m33- is
<Kaffien> m33o
<Kaffien> errr
<Kaffien> m33p
<Kaffien> meeep   acck ... oh no ... that's not good eeeeek
<hallyn> got it :)
<Kaffien> how long ago did that happen?
<Kaffien> because i know ext4 had those issues early on
<hallyn> few weeks ago, actually
<Kaffien> werd
<Kaffien> wierd even
<Kaffien> i wonder why they would put it as the default format on a server os if it is that sketchy
<Kaffien> are you sure the drive wasn't pooched?
#ubuntu-server 2010-06-24
<hallyn> Kaffien: i've been using it (with xfs) ever since
<hallyn> it was a brand new laptop drive
<hallyn> and yes, i don't know what to make of it being the default everywhere.  it scares me tbh
<hallyn> but then until btrfs is ready...  :)
<owen1> aptitude search mysql shows me only 3 packages (using lucid). why?
<lukehasnoname> you odn't have an updated package manifest?
<lukehasnoname> I don't know owen1
<owen1> lukehasnoname: sudo aptitude update solved it
<alissa> i am installing Ubuntu (server edition) from a netboot image on a single-disk machine.  i want to know if i can wipe the entire disk during the install.  that is, does the installer boot up so that everything is in ram or is it still working off the disk?
<alissa> ok, forget the previous question.  can i setup LVM at installation time *without* using the guided option (which uses the whole disk)?   i would like to preserve my boot partition and use LVM for the rest of the disk.
<ChmEarl> alissa, the flexible way to install like that is to use debootstrap
<ChmEarl> alissa, the ISO and netboot installer always force you to do certain things
<ChmEarl> alissa, so take your disk out and piggyback it to another Ubuntu install and use debootstrap
<alissa> chmearl: i am quite limited in what i can do because this is a remote server and i do not have direct physical access.
<ChmEarl> alissa, you say 'preserve boot partition'. What OS is there now?
<alissa> chmearl: if something goes very wrong, i can ask someone to physically access it, but i prefer not to.
<alissa> chmearl: well, i am not talking about the MBR, but an actual partition on the drive (/boot).  i have grub2 installed with a couple Ubuntu versions installed.
<alissa> chmearl: i have used the netboot installer over a serial console before.  so i know that works.  but now i want to setup LVM.
<alissa> chmearl, i am not sure if the lvm tools are included in the netboot installer (i guess they are since it's the lucid version and the module is included in the kernel?).
<ChmEarl> alissa, you need one partition /dev/sdb1, pvcreate, vgcreate, then lvcreate in mass
<ChmEarl> actually /dev/sda2
<alissa> chmearl: yeah, i think i understand what you're saying.  assuming /boot is on /dev/sdb1, then in the installer i drop to shell to wipe out the rest of the disk and create a /dev/sda2 partition.  then do the lvm *create steps?
<ChmEarl> alissa, thats an expert scenario. I'm lost using a shell in the installers
<alissa> but will the installer be able to reload the partition table so that later i can see lvm's logical volumes and specify them for the /home, /, etc. for the new installation?
<ChmEarl> alissa, after running debootstrap, I do a chroot, then I have all the freedom I need
<alissa> i am not so familiar with debootstrap, what is it exactly?
<ChmEarl> alissa, you can do 99% of a new OS install, while running in your current setup
<ChmEarl> alissa, many Ubuntu/Debian folks blog about it... thats how I learned to use it
<alissa> ok, i will do some searching on it.  sounds like a useful tool.
<ChmEarl> alissa, you can point debootstrap at an ISO or a net repo
<JanC> alissa: I suppose you aren't really netbooting?
<alissa> janc: you mean using a PXE boot?  no, i am not doing that.  the kernel and initrd.gz files are saved on my local disk.  i boot up from them.  that starts the installer and it downloads the packages i need from the internet.
<JanC> right, because in case you could netboot it wouldn't be an issue to try if it works or not  ;)
 * JanC loves hosting companies that provide PXE boot options...  :-)
<JanC> oh, and debootstrap just copies a basic Debian/Ubuntu system into a directory (normally a mounted partition) so that if you chroot it after that, you can install & configure whatever you need
<JanC> and once you think it's ready, you can use it as /
<JanC> (of course, better make sure it works, or you have some backup boot option in case it doesn't)
<ccheney> Daviey, got two bisections into 2.6.32 so far, hopefully will have the kernel patch identified tomorrow morning
<clusty> hey
<clusty> what is the easiest way to install ubuntu on a pc with no cdrom and winXP?
<clusty> TFTP?
<jmarsden> A usb stick, if the PC will boot from one?
<clusty> or get some usb stick and install stuff on it
<clusty> jmarsden: hmmm
<clusty> wanted to buy http://www.newegg.ca/Product/Product.aspx?Item=N82E16883220006
<clusty> some silent machine for a torrent box basically
<yipdw> hi all -- trying to install couchdb in Ubuntu Server 10.04 32-bit, hitting a dependency cycle in x11-common: https://gist.github.com/4d9289cc97a935277640#file_gistfile1.txt
<yipdw> anyone know what the cause of this might be?
<yipdw> (also, if anyone knows why couchdb depends on x11-common via -- I think -- xulrunner, that'd be great.  as far as I know couchdb has no browser dependencies)
<Callum__> Old drives are SO bitchy :>
<Callum__> :<*
<twb> yipdw: for libjs, I think
<Callum__> this 2x 80GB SATA RAID array isn't co-operating with me... the failed drive annoys the operating system to hell since it can still be detected and causes I/O errors while trying to back up the data on the array
<Callum__> so I've had to shut down the system for a while to disconnect the drive and now I'm backing up the data without any problems so far...
<Callum__> of course I back up the data on this thing regularly but since I've copied some rather important stuff to it today and then the drive failed after that and it hasn't backed up automatically of course
<Callum__> this is a timely death, actually... I have two much newer 160GB drives I've wanted to replace the two 80GB drives with for a couple of days and I've finally found the time to replace the two 80GB drives...
<Callum__> so instead of standard back up I am dd'ing the good drive's data and am going to dd it onto the brand new 160GB
<Callum__> array
<Callum__> and THEN back up essential data
<Callum__> the things you do for not having any money :< if I had the money I would replace all this with brand new 1TB drives
<yipdw> twb: yeah, I found out it was for spidermonkey
<yipdw> twb: seems like I'm not the first to complain about couchdb dragging in X, so I guess packagers are working on this
<twb> x11-common is not X
<yipdw> well, ok, couchdb dragging in support libraries for X
<twb> Installed-Size: 568
<twb> x11-common is not a support library, either.
<yipdw> I thought it was filesystem infrastructure
<yipdw> I mean, either way
<twb> It's a bunch of trivial files such as the symlink /usr/bin/X11 -> .
<yipdw> couchdb in no way depends on anything X
<twb> If you think it's worth anyone's time to save 600 bytes, file a bug report on launchpad
<yipdw> it's not so much about saving 600 bytes as it is trying to remove that dependency error
<yipdw> which occurs on a freshly-updated 10.04 instance
<yipdw> and yes, several bug reports have been filed about this
<willemb> Hiya
<willemb> Can someone tell me more about what this landscape thing does on a technical level?
<twb> willemb: it's basically a closed-source Canonical-run version of puppet.
<cjs> So what do I need to do to convince the 10.04 installer to wipe out any thought of any sort of previous RAID partitioning that had been on a disk, and just start afresh?
<cjs> It seems somehow to keep bringing back my old raid configs.
<cjs> Hmmm. Maybe mdadm....
<twb> cjs: write zeroes to the disks
<cjs> I tried that, at least to the first 4GB of the (500GB) disks.
<cjs> It seems as if the installer is still discovering an md on boot.
<cjs> I'm guessing that there's a spare md configuration block later on in the disk that it's finding?
<twb> md writes to the end of the partition, IIRC
<cjs> Ah, so if I just do the last gig or so as well, that should do it? Now I see.
<cjs> Maybe I should just write zeros to the whole thing, to be safe. My second install did seem to work, until I tried to boot, and it suddenly couldn't find the root. Turned out that somehow lvm had mounted volumes with the names of the previous install.
<willemb> twb:  Thanks.  I guess you can only manage ubuntu machines with it.
<twb> willemb: someone could port the landscape client (which *is* open) to another distro...
<angelete2> i've instaled 10.04 server. during instalation process i set up my raid and lvm volumes, but i've tried to change them manually later on. but any time i boot my manual config is overriden with the installation one.where is this config stored in order to erase it?
<cjs> What do you mean, "overridden"?
<cjs> And what did you try to change, and how did you do so?
<angelete2> by default it created a raid1 on /dev/md_d0
<angelete2> i stopped it and created minen on /dev/md0
<cjs> Often, this is due to changing stuff under /etc and so on, but not updating the initramfs(es) on the boot partition.
<angelete2> but when i boot agan, /dev/md0 is not present but /dev/md_d0
<angelete2> how do i do this?
<cjs> "minen"? What's that?
<angelete2> s/minen/mine/
<angelete2> s/agan/again/ sory
<angelete2> sorryÃ§
<cjs> Oof. So what partitions was the RAID1 created upon? (It must have been something like, e.g., /dev/sda1 and /dev/sdb1.)
<angelete2> they are /dev/sdb1 and /dev/sdc1, they both exist and have the correct partition type
<soren> kirkland: I considered that for about half a second and then rejected the idea. If it finds the block devices, it should be able to find the partitions.
<cjs> And this isn't your root or anything, right? Your system runs fine, but just won't mount these extra data partitions?
<soren> kirkland: ..so I'm /very/ curious what exactly makes the difference. Very odd.
<cjs> I think you probably want to do "mdadm --zero-superblock /dev/sdb1" and the same for sdc1. Then re-create your raid.
<angelete2> i've already done it with same result
<angelete2> but, i'll do it now
<angelete2> done
<cjs> angelete2, well, if it's any comfort, I've given up trying to recover mine in any way but to dd zeros across the entire disks from beginning to end, and then re-installing.
<angelete2> now mdadm --create -level=1 -n 2 /dev/md0 /dev/sdb1 /dev/sdc1
<cjs> mds seem to have a tendency to come back even if you wipe the partition table and the first parts of all of the partitions on the disks.
<evident> hi everybody. I am about to install daemontools on my server but having problems building the package: http://pastebin.org/355939 Can anybody help me and tell me why it isn't working? I didn't find out which packages are necessary to build/run it...
<evident> anybody an idea?
<angelete2> evident: does the package have any configure file?
<soren> evident: Why don't you just install the package?
<evident> well didn't I just install it? I just went by the guide on the daemontools website itself...
<evident> download, gunzip, tar and package/install
<evident> there isn't a configuration file or at least I don't find one
<evident> http://cr.yp.to/daemontools/install.html
<soren> evident: No, no. sudo apt-get install daemontools
<soren> Done.
 * ttx refrains from making a pun on evidence.
<soren> :)
<evident> i can't because the daemontools arent available in apt-get
<soren> What makes you say that?
<soren> Which version of Ubuntu are you running?
<evident> 8.04LTS
<soren> Ah.
<evident> :D
<soren> daemontools have been packaged since Jaunty (9.04).
<twb> 17:11 <angelete2> by default it created a raid1 on /dev/md_d0
<evident> ahh ok
<twb> This is because 10.04 is Too Clever
<twb> Now that you can have partitions within md devices, mdadm --assemble --scan thinks it should assemble the entire disk as a RAID1, and I don't yet know how to stop it.
<evident> if you're on a 9.04 or 10.04 server could you maybe tell me whether there are prerequisites for daemontools?
<twb> Is daemontools basically just start-top-daemon?
<twb> Oh, and some of upstart
<twb> evident: why are you trying to use daemontools?
<evident> service management through the supervise program is my goal...
<evident> (automatic restart if some service has crashed and so on)
<twb> evident: why don't you use upstart for that?
<ttx> evident: the 10.04 package doesn't have any build-depends
<evident> never heard of upstart... :D I just know inittab and init.d and I was told supervise would be best for things like that...
<evident> http://cr.yp.to/daemontools/faq/create.html#why
<twb> evident: upstart is the init system that 8.04 and 10.04 ship ALREADY, and it has the functionality you're asking for BUILT IN.
<ttx> evident: you can have a look at the lucid source package at: http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/lucid/daemontools/lucid/files
<twb> I wouldn't recommend ANYTHING written by djb if there was a sane alternative.
<evident> hmmm...
<angelete2> twb, i've completly remove the default md_d0 array
<angelete2> i created min
<angelete2> mine
<angelete2> i have updated initramfs
<angelete2> but md_d0 reappears!
<twb> I realize that.
<angelete2> twb: 10.04 is NOT too smart
<angelete2> md_d0 : inactive sdc1[1](S)
<angelete2> how do i set my system not to use md_d0???
<angelete2> i want my raid as i configure manually!
<twb> 17:51 <twb> [...] I don't yet know how to stop it.
<trapmax> angelete2: have you tested that there are no md superblocks on your drives before creating md-devices
<angelete2> how do i test it?
<angelete2> after recreating my  array
<trapmax> mdadm --misc --help
<angelete2> i erase my partitions, and create new ones (writing discs after erasing them)
<trapmax> you also have to remove md-blocks
<trapmax> i had the same thing a while ago
<angelete2> No md superblock detected on /dev/md_d0.
<trapmax> try /dev/sda1 etc
<twb> All I know is that with new, blank HDDs, in partman I created two partitions on each disk, then assembled each pair into RAID1 arrays, and when I booted the system, it assembled the entire disk as md1 and tried to assemble md0 as a degraded array containing only /dev/md1p1
<angelete2> trapmax: on both /dev/sdb1 and /dev/sdc1 mdadm -E displays some info, i'm gonna do --zero-superblock on them
<angelete2> and stop md_d0 and recreate md0 on my own
<twb> Actually, I lie; one disk was entirely blank, the other had a SCO 5 install in the first 1.2 GiB.
<Psi-Jack> Does anyone know if lsb-init scripts all start before upstart, or at the same time, or what?
<Psi-Jack> I'm trying to get an upstart script to start before apache2 does because it initiates a glusterfs mount apache needs.
<corpse> i just got a new router today, i have gotten most of my services working again except my ssh. when i try to log in via putty i get "server unexectedly closed the connection" and when i try to restart ssh i get "ssh: connect to host restart port 22: connection timed out"
<trapmax> Psi-Jack: just configured my tomcat init-scripts to start after database. it was fairly easy with "update-rc.d <init-script> defaults 22"
<trapmax> and my postgresql has "defaults 20"
<Psi-Jack> So, basically, you used the upstart-job wrapper script to make sure it started?
<trapmax> possibly. not familiar with consept upstart....
<skoef> guys, i've update my kvm-host, and now my kvm-client suddenly has apt-get issues
<skoef> in fact: my kvm-client has all sorts of network issues, and apt-get update segfaults
<skoef> also, the client complains about: kernel: [40713.005075] no vm86_info: BAD
<skoef> this problem emerged since i dist-upgraded the kvm-host last night
<skoef> google hints in the direction of an issue with virtio
<skoef> but i can't find a conclusive answer
<huats> morning
<ttx> Everyone: if you spot some abusive package dependency that end up installing loads of crap on a server, please file it against the Server papercuts project at: https://bugs.launchpad.net/server-papercuts
<uvirtbot> New bug: #598063 in setserial (main) "package setserial 2.17-45.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/598063
<Danawar1>  Hello Ubuntu Server where is the best place for me to store my websites for apache as the default site is in /usr/share/apache2/ should i store them there?
<Danawar1> In fact ther are two default websites there is one in /usr/share and one in /var/www which one is the real site?
<ElTonerino> I'd go with /var/www
<Danawar1> ok
<Danawar1> Thanks ill change that and see what happends
<trapmax> Danawar1: look for "DocumentRoot" in /etc/apache2/sites-enabled/000-default. /var/www is the default setting
<Danawar1> ok
<Danawar1> Further down in that file it also talks about the file in use share
<Danawar1> usr*
<Danawar1> Alias /doc/ "/usr/share/doc/"
<Danawar1>     <Directory "/usr/share/doc/">
<Danawar1> Not quite sure what that means? = [
<Daviey> smoser: Can you grab me when you come online please :)
<ttx> Daviey: grze seems to imply compiling/running with GWT 1.6.4 might work ? Did you try that ?
<trapmax> Danawar1: id defines an alias /doc/ to your apache server eg. http://your.domain/doc/
<Daviey> ttx: Oh certainly.. i wouldn't be raising the issue if it worked.. i'm composing a reply.
<Daviey> ttx: The other solution is to remove the support which requires >1.6.4
<Daviey> ttx: The way i found it was a FTBFS for euca', looked at the reason why.. opened the GWT jar, and found that it was trying to import classes which didn't exist.. Checked upstream GWT to see them there.
<Daviey> Which mean't that i was pretty confident they were using a newer version
<Danawar1> Ok trapmax thanks for your help!
<trapmax> Danawar1: then it, i think on default settings, denies access to that directory from all other addressess except 127.0.0.0/8
<Daviey> ttx: Considering grze seems to think they haven't used incompatiable stuff... why on earth are they developing against 2.0.*?!
<Danawar1> Ohh i dont understand that yet =[
<ttx> Daviey: that's a rhetorical question ?
<Daviey> ttx: no, a serious one. :)
<ttx> I can't answer that :)
<Daviey> ttx: Oh :)
<Daviey> ttx: Perhaps you took your eye off the "ball"? :P
<ttx> Daviey: lowkick, 10yards penalty
<Daviey> ttx: heh, sorry :).. I haven't seen it yet.
<ttx> heh
<xperia> hello to all. i have inserted new hard disks in to the free slots of the raid array in to my Computer and also added them to the existing ext4 raid array. In the BIOS Config this new disks are also a part of the exisiting array but when i boot into ubuntu i allways have the old disk size and disk usage. I dont see any new Disk Space. Sombody told me that i need to change the Partiton table...
<xperia> ...and such things. Is this right ?
<xperia> need rally help with this problem
<Daviey> xperia: Using mdad soft RAID?
<Daviey> xperia: fake raid, or hardware raid?
<RoyK> Daviey: what is "fake" raid?
<RoyK> and what is "hardware" raid?
<Daviey> RoyK: bios raid.
<LinusU> Hi! I'm having a very strange problem with apache2 on Ubuntu 10.04 and was hoping to get some help. The problem is my RewriteRules wich works correctly if put in a .htaccess file, but that does not work when I put them in a <VirtualServer>. Plz help :)
<xperia> Daviey: thanks for the reply. i am using hardware raid. it is the HP Proliant 530M G2 Raid Array 5300
<RoyK> Daviey: we just use zfs :D
<Daviey> RoyK: Hardware raid is when it's a dedicated RAID controller, and not done using the main CPU.
<RoyK> way better
<Daviey> RoyK: apples vs oranges.
<RoyK> Daviey: I know, just teasing, because it's still software doing it, but on a dedicated cpu
<Daviey> RoyK: If you know, why are you asking? :S
<RoyK> Daviey: no way - read this first, then tell me hw raid is so good... http://hub.opensolaris.org/bin/download/Community+Group+zfs/docs/zfslast.pdf
<Daviey> xperia: okay.. if it were me, i'd recommend booting the server using a desktop livecd, and using "gparted"
<xperia> it is just strange that i dont see the additional free space from the new disks with "fdisk -l" and so on. had expected to see at least this way the new space in "/dev/cciss/c0d0p1"
<Daviey> RoyK: thanks.  I'll add that to my todo.. but until then zfs isn't a recommended solution for Ubuntu server.
<Daviey> xperia: I would have expected that also.. will be interesting to see what gparted thinks of it.
<Daviey> xperia: I have a distaste for HP Raid :(
<xperia> Daviey: have booted the Server also with Live CD and started Gparted but i dont see also there any new space. its show me the same old size and disk usage as before i have inserted any new harddisk. Hav ejust opened Gparted and checked it again.
<xperia> Daviey: it looks really that hardware controller are a pain on the other side i just did not want to waste cpu for this thing
<Daviey> xperia: hmm.. What RAID style are you using?
<Daviey> xperia: I agree.. this RAID is better than bios raid.
<xperia> as i have a fast hardware controller that can do this normally really good. My Raid Controller is "HP Proliant Raid Array 5300" for the "HP Proliant 530M G2" server
<RoyK> Daviey: I know...
<xperia> Daviey: here it is http://h18000.www1.hp.com/products/servers/proliantstorage/arraycontrollers/smartarray5300/index.html
<xperia> true name "smart array 5300"
<RoyK> xperia: those controllers are decent
<RoyK> xperia: ah - your old partition table holds the old geometry
<RoyK> you should see a larger drive for the raid volume in /proc/partitions
<RoyK> check that first
<xperia> RoyK: yes others have told me this too. it looks like i have to do something with the partition table
<xperia> you are allready the second one who told me that now. will check that now with the /proc/partitions
<xperia> RoyK: okay have checked /proc/partitions and it show the same numbers as allways. no bigger disk space or anything like that. old partition size with also same swap partition
<ElTonerino> LinusU, I take it you have "RewriteEngine On" in your <VirtualServer> bit?
<LinusU> Yes I have; just got help in the #httpd channel and the problem was that in <VirtualHost> the pattern should start with / but it shouldn't start with / in .htaccess
<ElTonerino> ok, good to hear you got it sorted.
<Daviey> xperia: Sorry, i was trying to find out what the RAID schema is.. is it RAID-1, RAID-5 etc?  I'm wondering if that new disk is actually a mirror, or a hot spare
<xperia> Daviey: thanks again for your reply. i have the existing array as raid 1 configured
<Daviey> xperia: How many disks did you have before, and how many do you have now?
<xperia> at the time before i have ubuntu installed.
<Daviey> xperia: What size were they, and what are they now :)
<LinusU> ElTonerino: Thanks!
<xperia> Daviey: before i had 5 disks with a space of total 42GB now i have total 10 Disks
<Daviey> xperia: In RAID 1?  Using LVM?
<xperia> well i have one partition ext4(42GB) and i extended partition that holds the swap Partition with 1 GB
<xperia> LVM i think i dont use
<Daviey> xperia: Hmm... can you double check you are using RAID1?
<xperia> well okay let me reboot and go to the raid config tool
<Daviey> xperia: cool, thanks
<sommer> morning everyone
<xperia> Daviey: the bios say "One Logical Drive, Raid 0, 42GB". booting now with the Server Service CD in to the server Raid Config Tool called "Smart Start
<xperia> the bios should show much more disk space than 42 GB. this 42GB are the old Size
<Daviey> ahh RAID 0
<Daviey> xperia: RAID 0 isn't generally recommend if you want redundancy
<jpds> It doesn't do redundancy.
<Daviey> exactly :)
<xperia> Okay i am now in the "HP ACU (Array Configuration Utility" it show me for the Smart Array 5300 in Slot 1 -> Parallel Scasi Array 1 ->  Logical Drive 1 42.4GB Raid 0, Unused Space 42.4GB
<xperia> ahhh have clicked now oon the logical array and got a window where i can extend the size :-)
<Daviey> \o/
<Daviey> xperia: But take note, if a disk breaks.. you get to keep all the broken bits with RAID 0
<bogeyd6> raid 0 always comes back to bite you
<xperia> i am a very newbee related to raid. want only to have maximal space
<xperia> thinked raid 0 is best for that but i still get only 50% of the disk space
<xperia> the backup i do to a external disk
<bogeyd6> you were warned :x
<xperia> can configure the existing array as follow "Raid 0, Raid 1+0, Raid 5, Raid 6 (ADG)" Stripe Size atm 128 KB
<xperia> what is best if i may ask. need a lot of disk space and ofcourse security
<jpds> xperia: RAID 5.
<bogeyd6> I cn say that in certain applications it doesnt matter. Where speed is the only concern raid 0 is hands down the best. We used to have a huge database farm with over 500 racks of servers. We had two servers that kept transaction logs running 15k disks in raid 0 with 2gb raid memory
<jpds> xperia: I suggest reading: http://en.wikipedia.org/wiki/RAID
<xperia> okay see that raid 0 is best as long not some of the disks crash. what i just dont understand is why i dont have the maximal disk space with raid 0. if i am not wrong raid 0 is just stripping
<RoyK> striping, yes
<bogeyd6> xperia, realistically you probably gonna see like 90% of the disk space with the overhead and all that
<xperia> okay will stick at the moment with raid 0 but it looks heavy dangerous if something goes wrong
<pnunn> plus only 90% of the smallest disk if there not the same size.
<RoyK> bogeyd6: 10% overhead with raid0?????
<RoyK> bogeyd6: the partition table and the filesystem metadata doesn't take much
<bogeyd6> RoyK, dont make me slap you
<RoyK> bogeyd6: so with a 1TB drive, you can only use 900 gigs for data? if so, you have chosen a very bad filesystem, written in QBASIC or something
<bogeyd6> ./ignore royk
<bogeyd6> woops, there we go
<bogeyd6> no wait i take that back royk
<xperia> pnunn: that looks like it is the problem. i have three of 10 Disk that are only 9 GB.
<bogeyd6> i think with your boot partition, your swap, your overhead, and etc on his small disks i think that if you had 200 and you see 180 you are doing good
<xperia> so if i have say 10 Disk 7 of them are all 100GB and the rest only 3x10GB the total size will be probably then be 10 Disks a 9 GB ?
<RoyK> well, anyone, don't listen to bogeyd6 on this - what he probably means (or was supposed to mean if he knew it) is that if you get a 1TB drive, that 1TB drive is 1,000,000,000,000 bytes, whereas the OS thinks 1TB is 1TiB or 1,099,511,627,776 bytes, so that 1TB harddrive is reported to be something like 900GiB
<profix> hi
<pnunn> Thats right xperia... all raid stuff works better with disk the same size (same disks infact)
<bogeyd6> RoyK, thanks for proving me right :)
<profix> can anyone says to me how can I start/stop/restart apache2 by another user (neither my user nor www-data) ? Thanks
<RoyK> bogeyd6: not proving you right, sir
<pnunn> profix.. you need root or su.
<RoyK> bogeyd6: you said there was overhead eating 10% - there isn't
<pnunn> sorry.. sudo
<bogeyd6> RoyK, you just said 1tb = 900gb
<RoyK> bogeyd6: next time, you can use my explaination instead of babbling about overhead
<profix> I cant add this user on www-data group ?!?
<bogeyd6> RoyK, naw, i got people like you to do my heavy lifting
<RoyK> no, I said 1TB is like 900GiB or 1,1TB is like 1TiB
<Daviey> RoyK: You may not realise this, but you are appearing to be somewhat rude.
<xperia> pnunn: thanks a lot. will look then to buy disk with same size next time. very good tip from you. learned again something new
<RoyK> Daviey: you might not realize this, but mr bogeyd6 here is not very polite either
<pnunn> welcome xperia... as I said.. best to use exactly the same disks.
<profix> pnunn: I cant add this user on www-data group ?!?
<RoyK> Daviey: when I just explained his mistake, he keeps on going that he was right in the first place
<pnunn> not following you profix..
<bogeyd6> Daviey, dont feed the trolls
<pnunn> though you were after a different user? not you or www-data
<profix> pnunn: I don't understand...
<Daviey> RoyK: I am asking you to stop it please.
<pnunn> profix, best way to stop services (only way in most cases) is as root.. either sudo or su.
<RoyK> Daviey: please - I'm not the one trolling - I'm pointing out facts, where bogeyd6 is telling people stuff that's not true. there is no 10% overhead in ext3
<profix> but if I write sudo /etc/init.d/apache2 stop by another user I can't stop it...
<bogeyd6> pnunn, also if they are rhel veterans, then can install the service command
<profix> it says to me:  Stopping web server apache2                                                  apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName                                                                          [ OK ]
<pnunn> profix, then you have an odd config somewhere.. root is god... you might need to kill it <sudo pkill apache2>
<bogeyd6> profix, thats normal on a base install
<pnunn> profix, that is stopped correctly.. the error isn't relivant to stopping the service.
<bogeyd6> profix, you can add servername to the config and fix that
<pnunn> [OK] is the clue.
<profix> bogeyd6: how can I fix this error ?
<pnunn> profix,, its not an error, just a warning.
<bogeyd6> profix, sudo nano /etc/apache2/apache2.conf
<profix> it isn't stopped...I can view the example page under localhost:80
<pnunn> profix, you probably have many instances running.. <ps -A> will show you.
<profix> pnunn: yes, but the service is runnig...
<profix> pnunn: it's not stopped...
<pnunn> you need to kill them.
<pnunn> pkill apache2
<pnunn> or killall apache2
<bogeyd6> profix, put ServerName blah.blah.blah   in the bottom of that file, save it, sudo /etc/init.d/apache2 restart
<xperia> Daviey: RoyK: thank you both a lot. have rebooted ubuntu now and checked /proc/partitions. it show now all the new disk space. need now only to extend the existing parttition so it use all the new disk space
<Daviey> xperia: Great!
<profix> pnunn: Operation not permitted when I kill
<xperia> that is now the critical part but i guess the best is when i reboot the server with the live cd and use gparted. yeah will do that
<bogeyd6> profix, if you care enough check out http://httpd.apache.org/docs/2.2/mod/core.html#servername
<RoyK> xperia: make sure you have a backup before changing the partition table
<smoser> Daviey, here now.
<xperia> RoyK: thanks works now all right. you are all great here. awesome people ! learned a lot today about raid stuff. love you all
<xperia> have now my new disk space and can work again
<Danawar1> Hey Ubuntu server i have a website 92.18.14.133 on my computer with firefox it is all centered but if i open the same site in internet explorer or my windows machine it is all left justified how can i fix this?
<smoser> Daviey,
<smoser> http://paste.ubuntu.com/454455/
<smoser> http://paste.ubuntu.com/454457/
<smoser> http://paste.ubuntu.com/454459/
<smoser> http://paste.ubuntu.com/454460/
 * Pici thinks about flooding with pastebin links
<Pici> ;)
<smoser> it is interesting isn't it
<smoser> :)
<smoser> i should have pastebinned a list of those links
<Danawar1> ls
<ccheney> Daviey, er how do i know for sure that the image registered properly?
<ccheney> Daviey, i looked deeper at the log file and on the times it did not complain about the pad block corrupted error it had a different error message
 * ccheney isn't sure if that is also bad or if it worked around the issue
<ttx> ccheney: you'd have to use it
<ttx> to confirm that it's "really" registered
<ttx> i.e. run aninstance from it
<ccheney> ttx ok
 * ccheney will do that with this sort of good image, heh
<ccheney> ttx, is this what it normally shows? http://pastebin.ubuntu.com/454473/
 * ttx checks with his deep UEC log expertise
<ccheney> i have my NC broken somehow so can't easily test to see if an instance will run
<ttx> ccheney: I's have to run a lucid UEC to compare
<ccheney> at least not without doing a reinstall, had this happen before and euca_conf won't add it back :-\
<ccheney> oh ok, nm
<ttx> ideally you should try to run an instance from it -- that's the only way to confirm it's really done
 * ccheney sees if he can make his nc work without a reinstall
 * ccheney wonders if his nc is having problems as the lock lights are all lit and one is blinking
 * ccheney wonders if he can just blow away the nc and have it work, hopefully the cc isn't the one that is broken
<ccheney> would be nice if eucalyptus would realize the images weren't registered properly in the first place, heh
 * ccheney taking a few min break while his NC reinstalls so he can test the lack of error means success theory ;-)
<hggdh> yo Daviey, thank you for the fast packaging
<hggdh> I am testing it right now
<ccheney> ARGH!
<ccheney> stupid cc still doesn't see a nc once i reinstalled it
<ccheney> Daviey, is maverick current in a usable state other than the kernel?
<ccheney> Daviey, i was wondering if i should try reinstalling alpha 1 or use the current daily
<ccheney> Daviey, since i have to reinstall anyway
<Daviey> ccheney: Hmm. either way tbh
<ccheney> i know when i tried before daily was broken due to the groovy issue (i think) i assume that is resolved now?
<Daviey> ccheney: But yes, current will work- if you tackle the kernel
<Daviey> ccheney: ah, dammit
<Daviey> that will be fixed by the end of the day.. it was waiting on a 1.7 upload
<Daviey> but 1.7 will be delayed.
<Daviey> so i'm pushing a seperate one later today with just the groovy fix
<ccheney> oh no problem will just reinstall a1 to be sure it works, i need to run an instance to see if this kernel i am testing is good or broken differentl
<Daviey> (but you know it's just a symlink away!)
<ccheney> Daviey, yea for whatever reason it still didn't seem to work well for me after doing that
<Daviey> ccheney: Really?!
<ccheney> Daviey, and i don't want to debug two problems at the same time :)
<Daviey> What happend?
<ccheney> Daviey, iirc i had this same stupid nc disappearing issue
<Daviey> ccheney: Agreed.. but that fixed it for me.. so i need to know if there is another issue
<ccheney> which started happening to me on a1 as well
<Daviey> bah
<ccheney> hopefully its not another issue, i will try to replicate once i finish the kernel issue
<Daviey> ccheney: sounds good!.. keep up the awesome
<ccheney> thanks :)
 * ccheney needs a clone for the old OOo stuff
<Daviey> :(
<ccheney> i think a lot of the sru bugs are fixed by the new ooo-build for openoffice.org, so hopefully i will just need to write up the reports and get them to take the new 3.2.1 version for it
<fishcooker> anyone on jeos_10.4
<fishcooker> jeos 8.04 on the end life ..
<Shinhan> I cant start dnsmasq. It exits with "failed to bind DHCP server socket: Address already in use". When googling I noticed I should run netstat -ap and look for other dhcp services, but I notice nothing with "dhc" in its name, only named, samba, winbindd, stuff like that
<Shinhan> do I need some special options to make dnsmasq work with samba or is something else problem? and how can I find it?
<Shinhan> if this is not the right place to ask this can someone at least tell me where I can ask it and hope for the answer?
<RoyK> fishcooker: last I checked, jeos 10.04 wasn't out yet
<ccheney> Shinhan, forum
<Shinhan> no answers in 5 hours :(
<Shinhan> btw, when I want to add something on the forums, and there are no replies, is it better to edit my message or double post?
<Shinhan> (after 5 hours)
<ccheney> Shinhan, lsof -i might help
<RoyK> any idea when 10.04 LTS is released for upgrade?
<ccheney> Shinhan, but i don't know anything about dnsmasq setup
<fishcooker> thankyou royk for the quick reply
<ccheney> RoyK, 10.04.1 i think
<RoyK> do-release-upgrade on 8.04 doesn't want to upgrade anything
<RoyK> ccheney: ok, any idea when that is scheduled?
<fishcooker> i've got the 10.4 repo on my hardisk
<ccheney> RoyK, jul 29
<fishcooker> apt-get dist-upgrade
<fishcooker> run flawlessly
<RoyK> ccheney: thanks
<Shinhan> lsof -i doesnt show anything. OK, I'll post on the forums and hope for the answer, thanks
<RoyK> fishcooker: I guess jeos 10.04 will be out around 10.04.1 time, then
<ccheney> Shinhan, oh also make sure you run that as root or via sudo
<ccheney> Shinhan, otherwise you will only see ports your user has open
<Shinhan> lol, that was it. I see something now
<Shinhan> samba, named, apache2, rpc.statd and portmap
<ccheney> Shinhan, you are trying to start dnsmasq as root too, right?
<Shinhan> yea
<ccheney> ok, not sure what the problem would be then
<Shinhan> sudo /etc/init.d/dnsmasq start
<ccheney> er looking closer it says failed to bind _DHCP_ server socket that seems wrong somehow
<Shinhan> I had DHCP server and client installed before installing dnsmasq, but I have since removed them
<ccheney> maybe its trying to communicate to a non-existent dhcp server/client on the box, might need to check its config setup
<Shinhan> dnsmasq has DHCP integrated, he should be doing it himself
<ccheney> ah ok, yea i have no idea what it is doing :)
<Matterco> I need a little help, I cannot get apache2 to start, looks like I have two instances of apache running.
<Matterco> http://paste.ubuntu.com/454508/
 * ccheney uses his dd-wrt router for dnsmasq duties
<Shinhan> my router aint dd-wrt :(
<Shinhan> OTOH, I'm not convinced I actually need DNS caching. It was a suggestion from somebody on forums, and now I cant set it up. I think I just need DHCP
<fishcooker> royk: 10.04.1 time... i saw there was jeos 8.04.1 8.04.2 then the last 8.04.3... is it 4 month periodicaly out of release
<fishcooker> ?
<RoyK> fishcooker: as ccheney mentioned above, 10.04.1 will be released jul 29. at this time do-release-upgrade will start to work from 8.04LTS. I guess this also means Canonical won't flag 10.04 stable enough before that time, meaning they probably won't release Jeos 10.04 before then.
<Matterco> I cannot get Apache2 to start beca
<Matterco> use I already have a rouge instance of Apache running, how do I isolate and stop a version of apache2 from running? http://paste.ubuntu.com/454509/
<RoyK> fishcooker: btw, 8.04.4 is the latest 8.04 release
<ccheney> i'm not sure if this is accurate but it seems to not be separate anymore: http://ubuntuforums.org/showthread.php?t=1472825
<ccheney> ttx, do you happen to know the answer to that?
 * ttx looks
<ccheney> apparently its: "From 8.10 onwards JeOS comes as part of the Server install CD, just hit F4 at the install screen and select 'Install a minimal virtual machine'."
<ccheney> ttx, about if jeos is now minimal server install?
<ttx> ccheney: yes, it's now delivered as an alternate install mode through F4
<ccheney> ttx, thanks for the clarification :)
<ccheney> fishcooker, see ttx above
<fishcooker> thanks 4 the quick info royk+ccheney+others, i've got the mine x.xx.3
<fishcooker> LoL ttx too
<dgs45> Hello can someone give me a hint?
<dgs45> I run Ubuntu 10.4 LTS
<RoyK> fishcooker: apt-get dist-upgrade will take you to 8.04.4
<ccheney> Daviey, apparently i had decided to upgrade my a1 setup at some point which was how it broke
<dgs45> and my tape drive is not shown
<Daviey> ccheney: aaahhh
<ccheney> Daviey, i have older kernel than i had before reinstall so i know i must have upgraded it
<fishcooker> royk: on the hardy repo... i suppose
<ccheney> i don't remember what i did as far as upgrading, if it was just installing the new kernel or a full upgrade, but its working atm at least
<fishcooker> ?!
<dgs45> does anyone know how to get my tape running?
<dgs45> is there someone using a tape drive?
<nomoa> hi I try to enable system limits (/etc/security/limits.conf), I can enable the use of limits.conf with /etc/pam.d/files with ("session    required   pam_limits.so"), but what about start-stop-daemon?
<SpamapS> dgs45: what do you mean your tape drive "is not shown" ?
<Daviey> ccheney: Times like this, i'd love archive snapshots :)
<SpamapS> smoser: ping
<smoser> yo!
<dgs45> I have no /dev/sg* or /dev/st* showing up in my system
<dgs45> lsscsi only shows CD Rom
<nomoa> It seems start-stop-daemon does not set limits listed in /etc/security/limits.conf, is it a sort of pam module I could configure or something else?
<SpamapS> smoser: Can you explain the work item for "and attach an elastic IP" ? Doesn't that happen by passing --addressing ?
<nomoa> side note : start-stop-daemon when used with chuid
<dgs45> I had a similar issue on 6.xy LTS but its long ago and don*t remember how i solved it
<smoser> i will admit to not really knowing what --addressing does.
<SpamapS> smoser: me neither. ;)
<SpamapS> the help is not very much use
<smoser> but what i want is to launch an instance, assign an address 'ec2-associate-address', connect...
<dgs45> what may i do to get the tape running its an HP Storageworks 920
<dgs45> the SCSI Controller is an HP p410i
<SpamapS> smoser: oohh I didn't see ec2-associate-address
<smoser> uec-run-instance-and-wait actually has an implementation
<smoser> SpamapS, how close are you to having something commit/packageable ?
<SpamapS> smoser: I keep forgetting to look in there for the examples.. every time I do I avoid bugging you. ;)
<smoser> i'd like to get something into cloud-utils today
<SpamapS> smoser: I think the one now is packageable. check it out, it forks for the ssh+console verifying
<RoyK> fishcooker: yes, with a local repo, you won't get much updates unless you script that as well
<smoser> but i'm not going to be around for the afternoon into evening, probably be able to check in 9:00 eastern
<RoyK> fishcooker: use the official repos - that's why they're there
<ccheney> Daviey, is it considered safe to reboot the cc without rebooting/shutting down the NC first?
<dgs45> noone can give me hint with my tape issue
<dgs45> ???
<ccheney> Daviey, or what is the proper method to cycle the cloud without any risk of corruption
<RoyK> dgs45: does lshw show the tape drive?
<dholbach> hey guys!
<dholbach> do you need more contributors to the ubuntu server action?
<ccheney> dholbach, yes, please see ttx :)
<dholbach> if so, what kind of stuff should they be doing?
<ttx> dholbach: you mean generally ?
<dholbach> I was just thinking that it might be a good idea to give a session at https://wiki.ubuntu.com/UbuntuDeveloperWeek/Prep about whatever your contributors should be doing
<dholbach> we still have a few open slots
 * ttx delegates to his community experts, mathiaz and Daviey
 * ttx -> eod
<ccheney> Daviey, also is there a way to kill a instance that is stuck shutting down?
<ccheney> dholbach, Daviey is here but iirc mathiaz is gone this week to a conference
<ttx> dholbach: I might be convinced to do a server papercuts session.
<ttx> though ISTR the timing was suboptimal for me -- will have a look and confirm
<dholbach> ttx: do you want to block a slot already?
<ttx> dholbach: will look into it tomorrow morning
<dholbach> alrightie
<dholbach> thanks ttx
<ttx> dholbach: shoudln't prevent Mathias from doing a generic "contribute to Ubuntu Server" session
<dholbach> yeah, that or pick a few server specific packaging things (init scripts, upstart stuff, have a look at some web service packaging stuff, etc.)
<dholbach> there's a lot of interesting stuff going on in server land
<ttx> dholbach: mark me for the Thu 1800UTC slot, that's the only one I could do
<Daviey> dholbach: I think it's fair to say the server team will do *somethign*, so at least reserve us a session.. i know they are going fast!!
<dholbach> ttx: will do, thanks a bunch
<Daviey> ttx: Are you still here?
<dholbach> Daviey: shall I block out another one?
<ttx> Daviey: ... yes ...
<Daviey> ttx: -> msg
<Daviey> dholbach: It's up to you.. the server team rocks, we could fill the whole week's session with the bags of awesome we have.
<dholbach> then: BRING! IT! ON!
<dgs45> lshw lshw shows anything but not the drive
<dgs45> hpacucli shows two controllers and tells mew about a drive
<dgs45> just used the hpacucli diag command
<Daviey> dholbach: Server > Community :P
<Daviey> err, "Community Team"
<dgs45> HP CISS Driver (v 3.6.20)
<dgs45> do I have to compile a new kernel with the actual version of the HP CISS driver?
<dholbach> Daviey: if you have ideas which server sessions we could add, I'm all for it :)
<dgs45> no one who knows tapes well on Ubuntu?
<ccheney> dgs45, probably best to ask on the forum
<dgs45> yes i should
<dgs45> hpacucli gives me the tapedrive serial :) it must be somewhere
<dgs45> could it be that I have to change IRQ on my SAS Controller?
<ccheney> last time i used a tape drive was probably 12+ years ago
<dgs45> if I know the controller the LUN and ID may I map it somehow manual? I thought there was a way to force it somehow
<dgs45> may I map my drive manually
<dgs45> I know the scsi lun and all of it so it should be possible, hpacucli shows me the drive on the p410i
<dgs45> is there a possible update to the latest cciss driver?
<RoyK> dgs45: using a kernel.org kernel will give you all the new stuff, but without automatic updates
<dgs45> are there Ubuntu kernels?
<RoyK> I didn't think the cciss drivers changed much
<RoyK> dgs45: a linux kernel is a linux kernel, more or less
<dgs45> on 10.4 it is 3.20
<dgs45> and actual is 4.6 or so
<dgs45> Last updated Thu Oct 29, 2009 latest version is 4.6.20-22 These are meant for 2.6.26 or later kernels
<dgs45> and in 10.4 there is 3.20
<dgs45> I thought 10.4 was Kernel 2.6 or so?
<RoyK> dgs45: have you checked which vewrsion is in 2.6.34?
<RoyK> 10.04 uses 2.6.23
<ccheney> just finished verifying 41440ff works with a running instance, so now on to the next bisection :)
<RoyK> 10.04 uses 2.6.32
<dgs45> so the ciss driver is not meant for the Kernel running in 10.4
<dgs45> but is still there ???
<dgs45> I don*t understand this
<dgs45> however
<RoyK> dgs45: listen, ubuntu uses linux-2.6.32 with some custom patches. it uses the drivers in 2.6.32
<RoyK> you can use the kernel.org kernels, mostly without problems
<RoyK> but you will have to build it yourself
<dgs45> I will try to
<RoyK> lemme check which cciss driver is in there
<dgs45> I think how to build is in some readme, isn*t that complicated
<dgs45> I saw 3.20
<dgs45> cciss 3.20
<RoyK> http://cciss.sourceforge.net/
<dgs45> how to see which cciss is in kernel org kernel?
<dgs45> thank you I was there reading through
<dgs45> so I may use the debian source to build one
<RoyK> should work
<dgs45> oh lucky me :)
<Pici> Whats the proper way to enable/disable services now that upstart has taken over?
<RoyK> what was the reason for taking services out of sysv boot and into upstart in the first place?
<cybrocop_> Hi all. I am having a problem with UEC... registration seems to be broken.
<cybrocop_> Here is some background: http://open.eucalyptus.com/forum/cc-not-able-registersee-nodes
<cybrocop_> I went to #eucalyptus first and I was told that Ubuntu has re-wired registration so I should bring up my issue here:
<cybrocop_> There is another problem that is probably contributing to my registration issue.  eucalyptus-cc and uec-component-listener do not start during system boot. I have to start them manually each time.
<cybrocop_> kirkland/smoser/others...: Can you give me some assistance on how to troubleshoot this?
<cybrocop_> Here is a "snapshot" of the problem: http://slexy.org/raw/s21Fvc4hwy
<dgs45> thank you RoyK
<ccheney> Daviey, we're down to 641 commits, so if i remember my math right that would be less than 10 kernels to go worst case
<ccheney> Daviey, so hopefully by the end of the night we will have the commit identified
<Daviey> ccheney: ROCKING!
<cybrocop_> This bug  (https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/504704) seems to have been fixed at some point...
<uvirtbot> Launchpad bug 504704 in eucalyptus "[lucid] On CC-only setups, eucalyptus-cc fails to start at boot (upstart issue)" [High,Fix released]
<cybrocop_> "This bug was fixed in the package eucalyptus - 1.6.2~bzr1166-0ubuntu2"
<cybrocop_> How can I find out if the packages I have contain the fix or no?
<cybrocop_> The fix was issues sometime in Feb... and I have the most up-to-date packages from lucid-updates.... Is there any way to know if the fix has made it to lucid-updates yet?
<Daviey> cybrocop_: If you are running a version >bzr1166-0ubuntu2, then you should have the fix :)
<cybrocop_> Daviey: When I do a dpkg -l, the eucalyptus-cc package is listed as 1.6.2-0ubuntu30. How can I correlate that with bzr revisions?
<Daviey> cybrocop_: 1.6.2-0ubuntu30 came after bzr1166-0ubuntu2
<Daviey> cybrocop_: so you should have the fix
<cybrocop_> Daviey: OK. Thanks. Is there any way I can verify this myself int he future? For instance, can I tell from the naming convention?
<Daviey> cybrocop_: Checking the changelog is a good start :)
<Daviey> cybrocop_: ie, http://changelogs.ubuntu.com/changelogs/pool/main/e/eucalyptus/eucalyptus_1.6.2+bzr1230-0ubuntu2/changelog
<Daviey> (you can also get that the changelog through aptitude)
<Daviey> cybrocop_: $ aptitude changelog eucalyptus
<cybrocop_> Daviey: Thanks a million.
<Daviey> cybrocop_: np
<rberger> Any idea how to get the hostname (as reported by hostname -f) is a FQDN on Eucalyptus / UEC? Right now hostname is just set to a representation of the IP address with no domainname. This breaks a lot of packages. Any idea where in the Eucalyptus / UEC boot process the hostname gets set? On my UEC setup http://169.254.169.254/latest/meta-data/hostname
<rberger> returns a pure IP address not a hostname or a FQDN
<rberger> I'm running the official Ubuntu 10.4 Lucid amd64 pretty much from a recent daily build
<cybrocop> rberger: You should enable DNS. I think there is a config file option  DISABLE_DNS
<cybrocop> rberger: which is set to Y by default.
<rberger> cybrocop I did do that and followed the instructions for DynamicDNS
<ruben23> hi i installed ubuntu-server 8.04 and suddenly i get this error message----> http://pastebin.com/vmgvW4xg
<cybrocop> rberger: It didn't work?
<rberger> cybrocop It did some nice things for accessing the instances from outside the cluster (FQDN to ssh and such) but it didn't change the behavior of what hostname -f returns or http://169.254.169.254/latest/meta-data/hostname
<Danawar1> Hi Ruben23, what are you trying to install it to?
<ruben23> Danawar1:im just running the installation cd on a server hardware box thats all
<cybrocop> rberger: sorry, don't know how to fix that but you might also want to try asking on #eucalyptus. I'd be interested to know the answer as well.
<Danawar1> Ruben23: I'm guessing its just not detecting the harddrive/s
<rberger> cybrocop I'll ask again on #Eucalyptus, but they suggested the same thing you said and then no more info.
<ruben23>  Danawar1: yes thats the problem
<ruben23> the HDD is sata seagare baracuda 7100 rom
<Danawar1> Ruben23: Is the server hardware box near you?
<ruben23> yes
<ruben23> its bedide me
<ruben23> beside me
<Danawar1> Ruben23: Is it possible for you to feel if the hard drive is spinning?
<ruben23> ok
<ruben23> ill do it
<Danawar1> Ruben23: Does the hard drive appear in the BIOS, Is the hard drive making weird noises?
<RoyK> ruben23: try to boot on a live cd and see if it sees your drive
<bogeyd6-> someone should slap the openoffice.org developers. Does read-only really mean you cant copy from the file?
<ccheney> bogeyd6-, i can copy out of a file just fine when in read-only mode
<bogeyd6-> ccheney, using ubuntu 10.04 ?
<bogeyd6-> i get prompted thats its read only before i can copy
<bogeyd6-> allows no changes to be made to file
<bogeyd6-> etc....
<bogeyd6-> i have to save it to use it unprompted
<ccheney> bogeyd6-, yea, you can also switch files into read only mode by just clicking on the button in the toolbar
<ccheney> bogeyd6-, i also tried removing the write bit on the file and opening it and let me copy text out as well, i am using 10.04 with an odt file
<ccheney> OOo version 1:3.2.0-7ubuntu4.1
<bogeyd6-> wat
<RoyK> bogeyd6-: openoffice usage isn't really a -server issue
 * ccheney happens to be the OOo maintainer which is why he is answering the question :)
<bogeyd6-> RoyK, still jaded?
<ccheney> but yea not server related :)
<RoyK> bogeyd6-: not at all
<bogeyd6-> ccheney, yep, on same one
<ccheney> hmm no idea what is going on with your system
<bogeyd6-> actually this is a server related issue and one i am needing help for royk
<ccheney> you are running ubuntu not a different variant?
<bogeyd6-> ubuntu 10.04 desktop, using a file off a share from an ubuntu 9.10 server running samba
<RoyK> bogeyd6-: how can openoffice be a server issue?
<ccheney> bogeyd6-, oh in that case i know the exact problem :)
<ccheney> bogeyd6-, i need to do a SRU of coreutils and add locking exclusion for cifs
<bogeyd6-> and there we go
<ccheney> i'm not sure why it wouldn't let you highlight text though
<bogeyd6-> RoyK, please stop mayng, i took you off ignore to be nice. yet you continue to embarrass yourself :(
<ccheney> it definitely wouldn't let you work with the file much due to the locking problem
<ccheney> workaround before then is to mount the cifs with nobrl option
<bogeyd6-> aye aye ccheney
<RoyK> bogeyd6-: bugger off - put me back on ignore if you like - I gave you a solution for your "10% overhead" and you still told me I was wrong - may I ask who's trolling?
<bogeyd6-> ccheney, like a charm
<ccheney> i'm not sure if that is 100% safe for all other apps, but it fixes OOo for the moment anyway
<ccheney> nobrl turns off byte range locking
<bogeyd6-> ahh, this is much better
<bogeyd6-> a million space thank you's ccheney
<ccheney> np
<bogeyd6-> ccheney, this is OT but my life just got alot easier working on these inventory files
<ccheney> heh
<bogeyd6-> one day i will task a tech with converting them into mysql
<ccheney> so apparently this bug happened because it went from being mounted as smbfs (or something like that iirc) to 'cifs' and coreutils has no concept of what a cifs partition is, so when trying to see if its a remote fs it just spit out hex to my test
<ccheney> it will be fixed in maverick as soon as the OOo that was uploaded a while back gets built
<bogeyd6-> ccheney, do you work on the backports?
<bogeyd6-> 3.2.1 fixes alot of bugs our users get
<ccheney> bogeyd6-, well the ones in my ppa yea, but i usually don't have time to do them, i am going to try to get 3.2.1 into 10.04.1
<bogeyd6-> kk
<ccheney> down to 169 commits now
<kozmund> I'm attempting to give a set of people sftp only chrooted access using "ForceCommand internal-sftp" and "ChrootDirectory" and everything works great except that I can't figure out whether it's even possible to get a umask other than 022. Anyone mixed internal-sftp and umask before?
<chewbranca> hi I'm looking into a good AMI platform to use on EC2, and I started playing around with EBS ubuntu 10.04 images, particularly this one: http://developer.amazonwebservices.com/connect/entry.jspa?externalID=3101 but I'm a little confused as to why it won't run on a small instance, my target is generally m1.large which it works fine on, but I would still like to be able to use the standard small instance in particular situ
<chewbranca> ations, any thoughts?
<kozmund> As frequently happens, I figured it out shortly after asking. Using pam_umask to set the umask for the internal-sftp users and overriding it in /etc/profile for login ssh users.
<chewbranca> hrmmm... on that note, I can't even find an EBS image that works with a small instance
<ccheney> just reduced the git test to ~ 80 commits
<ccheney> and we now know it was on dec 8 2009
<pting> chewbranca, small instances are x86 instance; hence, your can't run that image because it's amd64... try to find the x86 equivalent
<pting> chewbranca, you can find a complete list of images @ http://alestic.com/
<chewbranca> pting, yeah that's where I first saw ubuntu AMIs
<chewbranca> oh ok, just bad docs, threw me off: http://developer.amazonwebservices.com/connect/entry.jspa?externalID=3102
<chewbranca> that's the 32bit equivalent to the first AMI I linked
<chewbranca> but it has the same description as the 64 bit AMI
<chewbranca> hrmm.. so that complicates things, one thing I liked about the EBS stuff is making it very easy to scale up and start small, I guess you can do the same thing, but just not start with the 'small' instance
<Arcticoon> Greetings, everyone. I'm trying to find out the files / packages in Ubuntu server for ip6tables functionality. I'm familiar with CentOS/RHEL where "service ip6tables" and "/etc/sysconfig/ip6tables" restart the service and house the rules, but I can't find the corresponding functionality anywhere in the docs for Ubuntu 10.04.
<pting> chewbranca, if you plan on switching between small and large instances, i would try to utilize puppet http://www.puppetlabs.com/ or something. it'll make the transition more seamless once you get all of it configured
<chewbranca> pting, yeah I've been looking into chef and puppet, I'm building a rails based framework right now, and I'm trying to rebundle an AMI to release so there is a full system configured to run this platform, so unfortunately, I think I just have to duplicate it for 64bit and 32bit, but I could use chef and puppet to facilitate maintaining those setups
<uvirtbot> New bug: #598275 in munin (main) "munin-node fw_conntrack plugin reports incorrect critical threshold" [Undecided,New] https://launchpad.net/bugs/598275
<EtienneG> If I want to use the Ubuntu Server CD to install a machine that I access using a serial console (cannot do netboot install; don't ask); will the ISOLINUX language selection splash screen and graphical menu interfere?
<ccheney> apparently git is confusing me, it looks like the patch causing the problem may be older than i thought :-\
<ccheney> the git log on kernel.org doesn't seem to match up exactly with the bisection list for some reason
<ccheney> but we are down to 18 now
<jjohansen> ccheney: if tgardner is bisecting mainline kernels then it should
<ccheney> jjohansen, hmm ok
<jjohansen> ccheney: if he is bisecting some version of ours it might not
<ccheney> is this considered the right place to look?
<ccheney> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=log;h=2058297d2d045cb57138c33b87cfabcc80e65186
<ccheney> if so then he seems to be bisecting something else
<jjohansen> yeah that is linus
<jjohansen> s/linus/linus's tree/
<jjohansen> linus never rebases
<ccheney> ok
<jjohansen> ccheney: sorry I haven't been following to closely
<ccheney> no problem
<freddy_dude> what are some of the tools i can check my server for security holes, issues ?
<jmarsden|work> freddy_dude: See http://sectools.org/
<hallyn> jdstrand: just wondering, do you know our libvirt compiles --without-esx?  Is there any background to that, or is it just how it's always been?
<freddy_dude> jmarsden|work: thanks
<jmarsden|work> freddy_dude: You're welcome.
<cybrocop> Is there any way I can Munin to measure web site response time?
<cybrocop> Or is Munin not the right tool for that? Or maybe I need additional tools + munin
#ubuntu-server 2010-06-25
<joshuah> hello, I have a rather old computer that uses an IDE hdd and cannot boot to usb (no cd/dvd rom either). so I installed ubuntu server, and when I put it back in I got a grub prompt. a minute or two in #grub and it boots.  now I get "Filesystem has errors: /" after "fsck / terminated w/status 4", does anyone know what the problem might be?
<pmatulis> joshuah: sounds like hard drive failure, how old is it?
<joshuah> pretty old... pentium 3, just got it from a teacher
<pmatulis> joshuah: capacity?
<joshuah> 20gb
<pmatulis> oh boy
<qman__> with drives that old it's hit or miss
<qman__> they built them better then, so the ones that still work tend to work for a while
<qman__> but it's so old, that failure is quite likely
<joshuah> ahh, well fedora+LXDE was doing ok, though a bit laggy w/a couple of crashes while updating
<joshuah> and I take the hdd out to use another computer to install OSs on, so I had to do that for this one
<joshuah> the fedora installed asked me what disk(s) I want to install on
<joshuah> so I don't know if I did it right this time, because the bootloader has remnants of my other computer on it
<qman__> well, could be controller failure too
<qman__> I suggest getting something like spinrite and testing the disk
<qman__> not free software IIRC, though I'm sure there's an alternative
<qman__> oh, DFT
<qman__> that's free and it'll work with any IDE disk
<joshuah> on the livecd?
<qman__> no
<qman__> http://www.softpedia.com/get/System/Hard-Disk-Utils/IBM-Hitachi-Drive-Fitness-Test.shtml
<joshuah> thanks
<smoser> kirkland, new cloud-utils uploaded.
<vorian> hey guys, I am having a strange problem with one of my sites.  I have all my websites in one of my home directories, but one of the sites has been "rooted" and it's showing access denied on a browser
<ccheney> Daviey, "<tgardner> ccheney, Bisecting: 2 revisions left to test after this" :-)
<vorian> so it's WP and I run 'chmod 777 -R /mc'  and get a 'Operation not permitted' for every file in the mc/ dir
<vorian> I have other sites in the same /home dir that work fine, it's just this one dir I'm having problems with
<ccheney> Daviey, found the patch causing the problem, not sure what to do about it yet
<ccheney> kirkland, ^
<Smaug> hey all
<Smaug> how do I tell what users exist on a system?
<qman__> cat /etc/passwd
<Smaug> ty
<kirkland> ccheney: Daviey: nice work...  let's make sure the kernel team advises us on next steps
<ccheney> kirkland, yea, will be talking to tgardner in the morning
<ccheney> kirkland, i would know more tonight but was stuck at the grocery store for nearly 2 hours :-\
<CppIsWeird> what do i google for if i want to figure out how to use ubuntus enterprise cloud stuff in the server version?
<jmarsden> https://help.ubuntu.com/community/UEC
<CppIsWeird> thank you. :-)
<jmarsden> You're welcome :)
<CppIsWeird> is there any way to set up a printer on linux such that the windows machine does not need the driver for the specific printer? im trying to avoid installing the crapware that comes with HP driver packages.
<SpamapS> CppIsWeird: yes, Samba can host the print drivers .. http://www.novell.com/coolsolutions/feature/18850.html
<CppIsWeird> i have it shared in samba. upon "connecting" to the printer it prompted me for windows drivers.
<CppIsWeird> (i dont know if that link addresses this)
<CppIsWeird> it appears however that my samba is already set up like that. (refering to what i read in the link)
<CppIsWeird> minus some packages that i cannot find the the repositorie
<CppIsWeird> s
<jmarsden> CppIsWeird: So you have all the needed Windows driver files for that printer present on your printer$ share, and the client PC is not using them?  Recheck they are all there and all visible and readable from the client PC.  If they are there, the client really should be able to use them.
<CppIsWeird> hmm, there seems to be no printer drives in the folder that the samba config file references.
<jmarsden> Did you put the Windows driver files there, or not? :)
<jmarsden> Samba cannot guess which printer you want to serve drivers for... you have to copy the files there yourself.
<CppIsWeird> oh
<CppIsWeird> well if i had the windows drivers in their raw form in the first place i wouldnt be trying to do all of this :P
<jmarsden> Didn't the article pointed to earlier talk about copying the files??  I think it did.
<CppIsWeird> HP does not realease "drivers" the release this huge install
<CppIsWeird> i skimmed over it too quickly. sorry.
<jmarsden> CppIsWeird: So install it once, maybe in a Windows virtual machine you can trash later, and grab the files you need from that...
<jmarsden> Just like a Windows admin would... :)
<CppIsWeird> i'll give it a shot. thanks for the help.
<twb> Urgh.  My google-fu is weak.  What's the sources.list entry for the lucid "partners" repo?
<CppIsWeird> jmarsden, so heres a stupid question. once I install the drivers, where do i go to get them in windows?
<twb> Looks like it's deb http://archive.canonical.com/ubuntu lucid{,-backports,-proposed,-updates,-security} partner
<SpamapS> CppIsWeird: you find the printer on the network, and double-click the printer. :)
<SpamapS> ttx: good morning
<ttx> SpamapS: yo
<ttx> SpamapS: how is Velocity ? Did you do your BoF already ?
<unewbie> MTecknology: this time i install guest 8.04 on host 8.04. but i can't find a way to ssh the client
<unewbie> the guest
<SpamapS> ttx: yes we did the BoF on Tuesday night
<SpamapS> ttx: it was mostly Ubuntu dev type people Monty Taylor was there for instance.. but we had two users show up, including Jason from Wikia and a gentleman deploying Lucid onto 200+ library servers
<fishcooker> if i want to install lite window manager like openbox on ubuntu-server. except apt-get install openbox ... what package should be added? if i need simple gui after start?!
<twb> fishcooker: we don't recommend installing a GUI on servers.
<twb> fishcooker: however, if you want to run a local GUI on the server, you will need both the server (xorg) and client (openbox/xterm/gnome/whatever) components of the windowing system.
<fishcooker> if i insist what package i needed
<fishcooker> ohhh tx twb
<fishcooker> for the quick response
<fishcooker> i mean thanx.you twb for the quick response
<CppIsWeird> fishcooker, for a lightweight desktop you can just apt-get the xubuntu-desktop package.
<CppIsWeird> it will install the lightweight xfce package
<CppIsWeird> or lubuntu-desktop
<CppIsWeird> which i think is more lightweight than xubuntu-desktop
<twb> Indeed, one of the -desktop metapackages will give you a full desktop environment.
<uvirtbot> New bug: #598385 in munin (main) "munin plugin exim_mailqueue has incorrect graph configuration" [Undecided,New] https://launchpad.net/bugs/598385
<Jeeves_> Morning
<_ruben> bah, mailx package went from transitional to virtual package
<_ruben> breaking my universal preseed file :/
<fishcooker> CppIsWeird: thanks 4 reply ... u should try openbox... like you i thought xubuntu the fastest but... u can give openbox try
<CppIsWeird> k
<fishcooker> ill try lubuntu
<fishcooker> asap :D
<CppIsWeird> xfce has been getting fat lately
<fishcooker> yip2 the mouse is getting fatter and fatter LoL
<huats> morning
<ttx> Daviey: how successful have you been with the GWT patch ?
<twb> I don't know why you want X anyway
<Daviey> ttx: I'm trying it now
<Daviey> ttx: Do we have an update from ccheney?
<ttx> Daviey: they reduced the bisection to a given commit
<ttx> some non-obvious non-blocking R/W fix
<ttx> There have been "further improvements" recently in the same area by the same author, so I suspect there are two options: back up that commit in recent kernels, or apply the latest crack
<ttx> but that's far away from my turf, so I'll let the kernel guys look into it
<Daviey> ttx: cool, do they think we'll have a resolution today?
<ttx> Daviey: the comments from ccheny or rtg didn't really get into that detail, unfortunately
<Daviey> ttx: ok, /me's hoping
<ttx> Daviey: what's the status of bug 588410 ?
<uvirtbot> Launchpad bug 588410 in eucalyptus "dynamic block storage should use virtio" [High,Triaged] https://launchpad.net/bugs/588410
<Daviey> ttx: Fix0rd, in bzr
<ttx> pending upload ?
<Daviey> ttx: yah.. Am i right in saying that if this 1.7 works out well, we push 1.7 to maverick?
<ttx> yes
<Daviey> ttx: Ok, will be fixed in this upload :)
<ttx> Daviey: could you mark those Fixcommitted with a comment ?
<Daviey> ttx: The attached patch wasn't quite valid.
<ttx> + bug 595421
<uvirtbot> Launchpad bug 595421 in eucalyptus "Eucalyptus doesn't start with latest stable version of "Groovy"" [High,Triaged] https://launchpad.net/bugs/595421
<ttx> Daviey: right, it was a patch for /their/ build system
<Daviey> ttx: No, i mean bug 588410
<uvirtbot> Launchpad bug 588410 in eucalyptus "dynamic block storage should use virtio" [High,Triaged] https://launchpad.net/bugs/588410
<ttx> zul: status of bug 574554 ?
<uvirtbot> Launchpad bug 574554 in tgt "tgtd needs init script or upstart job" [Medium,Triaged] https://launchpad.net/bugs/574554
<gnoob> I have problems with my ubuntu-server.  it will not boot up correctly. I did just remove anything not default in fstab and on boot it "stops" on:    fsck from util-linux-ng 2.17.2   /dev/sda1: clean, 60667/366440 files, 319779/1464576 blocks          ,,  and nothing more happens appearently...   Why does it stop here??     (I can ssh into server though, and server is really up and running..)   strange
<gnoob> is it just doing a diskcheck?? lol    ..   happens every time i reboot though..  and not possible to enter from ttys..
<CppIsWeird> i was installing eucalyptus-cc and i accidently hit enter in the middle of typing the IP subnet. how do i run through that configuration prompt again?
<_ruben> CppIsWeird: usualy dpkg-reconfigure packagename would do the trick
<CppIsWeird> _ruben, thats what i thought, but it doesnt prompt me for any information
<e-DIO-t> hi there guys
<fishcooker> hi too, howdy
<_ruben> CppIsWeird: could try adding -plow
<_ruben> or you'd need to dpkg-reconfigure one of it's dependencies (like a -common package or so)
<e-DIO-t> i got a problem on a server's fstab
<e-DIO-t> same subnet of another server, same fstab, same nfs partition to mount. One mounts it on reboot...the other won't.
<e-DIO-t> ps: anyway, the one who doesn't work on startup, works running "mount -a"
<twb> Short of removing the relvant package, what is the best way to blacklist an upstart service?
<CppIsWeird> _ruben, i figured it out, apt-get --purge remove packagename
<jdstrand> hallyn: re --without-esx> I don't know the history to that other than to say that we inherit that from Debian starting with 0.7.5-3
<jdstrand> (so lucid and maverick at present)
<gnoob> I have problems with my ubuntu-server.  it will not boot up correctly. I did just remove anything not default in fstab and on boot it "stops" on:    fsck from util-linux-ng 2.17.2   /dev/sda1: clean, 60667/366440 files, 319779/1464576 blocks          ,,  and nothing more happens appearently...   Why does it stop here??     (I can ssh into server though, and server is really up and running..)
<gnoob> (this error message is shown in tty7..  I dont even have gdm installed..  strange?)
<_ruben> its the new graphical splash stuff, probably isnt liking your gfx card or so
<twb> Apparently you're not allowed to remove it because it's a core part of the system
<twb> ...in the same way IE is a "core" part of Windows, I suspect :-/
<fishcooker> gnoob: do you have any backup of your fstab
<fishcooker> ?
<twb> AFAICT it's main job is to make lucid completely fail to boot on my old systems with i8xx and i9xx GPUs.
<gnoob> fishcooker :)   Thanks I will try to put "quite splash nomodeset" in the grubconfigfile.   I really believe there is a chance that this will fix it :)   If that doesnt work ill put the fstab file on som pastbin site :)
<_ruben> or just remove the 'quiet splash' part and have a nice verbose boot experience
<twb> _ruben: you can't prevent lucid *install media* from loading a framebuffer.
<twb> Well, except by running them on a machine that physically has no GPU, but only serial
<gnoob> nice info _ruben and twb  :) thanks a lot
<twb> I don't remember whether removing "splash" from boot options on an installed system did what I wanted; I'm not sure I even *have* a lucid host with nonvolatile storage.
<zul> ttx: i need foundations to look at it still
<ttx> it's not obvious you pinged them from the bug status
<ttx> could you add a quick comment ?
<zul> sure
<ttx> I'll raise it at Release meeting today
<zul> done
<uvirtbot> New bug: #598476 in mysql-5.1 (main) "MySQL server fails to load on boot" [Undecided,New] https://launchpad.net/bugs/598476
<gnoob> GRUB_CMDLINE_LINUX_DEFAULT="nomodeset"      now it stops saying: fsck from util-linux-ng 2.17.2  /dev/sda1: clean, 50667/366480 files, 56543N/6546754N blocks    Ill send fstab to pastebin in a sec
<gnoob> trying to uncomment this line too:  #GRUB_TERMINAL=console  (strange that this is not uncommented by default on a server edition with no x.. ??
<gnoob> hmm maybe this applies only to the grub screen...
<dholbach> hi guys
<dholbach> it's me again - more interest in giving server related sessions at https://wiki.ubuntu.com/UbuntuDeveloperWeek/Prep ? :)
<sommer> morning
<zul> dholbach: im volunteering ttx and SpamapS :)
<dholbach> zul!
<dholbach> zul: you have an action down somewhere about giving a session
<gnoob> http://pastebin.com/cZcUbD7U    This is my fstab file
<lau> hello dholbach you mean for monday 12th 16-17utc server rather than dev ?
<dholbach> zul: ttx is already giving a session
<ttx> zul: :P
<dholbach> lau: I was talking about https://wiki.ubuntu.com/UbuntuDeveloperWeek/Prep
<zul> dholbach: i did the last ubuntu dev week session for server
<ccheney> Daviey, ttx, rtg has a new server package for me to try, testing it out now
<ccheney> Daviey, if this test works i think he will be uploading the new package
<wallydodo> serverpronto.com is down....
<ccheney> actually i think it already is uploaded, but just yesterday
<wallydodo> anyone heard anything about serverpronto.com ??
 * ttx wonders how the downtime of serverpronto.com is related to Ubuntu Server
<wallydodo> cos my ubuntu server is on serverpronto!
<wallydodo> although it may be a tad off-topic, just thought someone else might share my pain here
<ccheney> actually i am not fully awake yet, it is not the version in the archive its a modified version of what was uploaded yesterday
<uvirtbot> New bug: #598485 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/598485
<smoser> zul, ttx you have a suggestion on where to put cloud-init user data wiki page ? should it be on help. or wiki. ?
<zul> like how to use it page?
<ttx> smoser: https://help.ubuntu.com/community/... ?
<zul> ttx: i concur
<smoser> https://help.ubuntu.com/community/UEC/UserData-CloudInit
<smoser> sound good ?
<ttx> hmmm
<ttx> smoser: since this is relevant for EC2 i'm not sure it should be under "UEC"
<ttx> Why not https://help.ubuntu.com/community/CloudInit ?
<smoser> i believe this is hitting at a discussion on ccloud ml
<smoser> i guess i can link to it from under UEC. but i think to improve its "discoverability" it should be findable there.
<ttx> smoser: keep CloudInit... and move it once the name changes... not the other way around
<ttx> especially if the common name ends up not being UEC
<smoser> obviously it is movable, but ok.
<Daviey> ccheney: Sorry, can you clarify?
<MTecknology> unewbie: I'm guessing you don't know what the ip is either
<ccheney> Daviey, i'm testing a kernel that is based off yesterdays 2.6.35-6 with the problematic patch removed (i think)
<nascentmind> In pam why is pam_faildelay.so is written at the top of pam.d/login file. When authenticating wouldn't that module be executed first for auth?
<Daviey> ccheney: Oh nice.. Do you happen to have a url to the patch that was dropped?
<Daviey> ccheney: Leave it for 2 mins, we'll talk :)
<ccheney> Daviey, http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cc56f7de7f00d188c7c4da1e9861581853b9e92f
<ccheney> brb
<zaaj> Any opinions on feasibility of loading ubuntu server on an old PII 330 with 256Mb RAM as a lower power personal shell account server?
<e-DIO-t> i'd rather run arch/gentoo zaaj, but i could work if you got no compilation / hard testing purposes
<dholbach> semi-last-call: UDW sessions up for grabs: https://wiki.ubuntu.com/UbuntuDeveloperWeek/Prep
<zaaj> d-DIO-t: Yeah, just looking for a place I can log in and look at how things work from outside work's network mostly, so just running console client programs (like an IRC client :-)
<fremapesua> Hello everyone...
<Shinhan> after fixing my problem with dnsmasq, DHCP and DNS are working and I have internet on my linux box, but not internet on the rest of my network? Can someone take a look at http://ubuntuforums.org/showthread.php?p=9509066#post9509066 ? Last post has interfaces and iptables where I think problem might be lying. Thanks
<zaaj> Shinhan: is forwarding turned on in the kernel?
<Shinhan> Yea, friend told me to put 1 in /proc/sys/net/ipv4/ip_forward
<Shinhan> that?
<zaaj> Shinhan, yeah that, so that should be OK then.
<zaaj> That is, if it still says 1 when you "cat" /proc/sys/net/ipv4/ip_forward back out
<Shinhan> I'll check it now
<zaaj> It's been a long time since I've set up a linux masquerading gateway, so I would probably have to start reading some docs on it again, like those in http://tldp.org/HOWTO/IP-Masquerade-HOWTO/firewall-examples.html
<zaaj> That URL's main example scrit comments stat that the default action for FORWARD is DROP, so there's more than the two POSTROUTING and one INPUT rule you've added required.
<Shinhan> eh? its 0 now o.O
<Shinhan> I changed it now to 1 and cat says its 1, I'll have to try it now.
<Shinhan> But first, what other rule would I have to add?
<Shinhan> and is it possible that ip forwarding gets somehow turned off on system restart? do I need to add something to rc_init?
<Shinhan> actually, I think I'll just try do what that file says
<Shinhan> one thing, since I have two internal interfaces, can I just duplicate the lines concerning EXTIF to call EXTIF1 and EXTIF2?
<zaaj> I thing EXTIF should be the External InterFace
<zaaj> s/thing/think/
<Shinhan> yeah, i meant INTIF
<zaaj> in that case, your guess seems reasonable to me without checking the details (like I said, I"d have to read thru that file too)
<Shinhan> ok, disconecting now to try this out
<smoser> ttx, http://www.ibm.com/developerworks/linux/library/j-zerocopy/
<smoser> that mentions java using java.nio.channels.FileChannel transferTo using sendfile
<smoser> Daviey, lp:~daviey/new-and-improved-uber-euca2ools
<smoser> ?
 * dholbach gives smoser a 'Ã¼' :)
 * smoser tries to turn the ':' key on its side and merge it into the 'u'
<hallyn> kirkland: for converting daemons from sysv to upstart, what is the process?  Do we just do it, or do we go through some m-l to try and get the /etc/init/X.conf file reviewed?
<hallyn> kirkland: i ask you bc you did the libcgroup merge :)
 * dholbach hands smoser scalpel, drill, rasp, swab, screw driver and tape
<hallyn> and i'm wondering what the process should be for converting libcgroup, which i think is the right way to address the bug about libvirt not starting until after libcgroup
<kirkland> hallyn: i usually just "do it"
<kirkland> zul: ^
<smoser> Ã¼ber
<kirkland> hallyn: zul is working on doing it for a bunch of server packages
<hallyn> zul: is libcgroup one of them?
<smoser> hallyn, its probably not a bad idea to ask zul to take a look. and if its other than simple, Keybuk
<hallyn> If so, then i can just comment that in the bug :)
<zul> no...usually after the conversion is done you have to get it reviewed by the review team
<hallyn> zul - was that 'no' in response to whether you're doing libcgroup?
<zul> hallyn: sorry as in "no" im not doing libcgroup
<zul> that reminds me
<hallyn> zul: bleh :)
<hallyn> thanks anyway
<zul> hallyn: no problem :)
<hallyn> I'll just ask for a bug to be submitted against the libcgroup package, and then probably grab it
<hallyn> and then i have a documentation question.  When there are known shortcomings (like libvirt not properly depending on libcgroup starting) and known workarounds published in the luanchpad bugs, do we consider that sufficient documentation?  or is there another step we can take (like release notes or something)?
<hallyn> kirkland: ^
<kirkland> hallyn: release notes, in some cases, are appropriate
<kirkland> hallyn: particularly for important packages
<hallyn> what sort of release notes though?  per-package?
<kirkland> hallyn: we also have community driven documentation at help.ubuntu.com/community
<kirkland> hallyn: let me show you ....
 * kirkland grabs a link
 * hallyn goes to look
<ccheney> Daviey, is 1.7 ready yet? iirc you wanted me to kick it a bit
<hallyn> look at that, 'Release notes'
<Daviey> ccheney: it'll be hitting the archive in an hour or so!
<ccheney> Daviey, great :)
<kirkland> hallyn: https://wiki.ubuntu.com/LucidLynx/ReleaseNotes
<kirkland> hallyn: those were the Lucid GA release notes
<hallyn> and can we add to those at any time?
<ccheney> anyone have docs on how to setup a local uec install server (tftp i suppose)?
<hallyn> i can think of at least two things to add off the bat :)
<ccheney> i'm still using god awful slow usb sticks
<hallyn> ccheney: faster than cd though no?  :)
<Daviey> ccheney: yeah, you need tftp..
<nascentmind> hi can somebody help me with ldap?
<kirkland> hallyn: https://wiki.ubuntu.com/MaverickMeerkat/TechnicalOverview <--- is the release notes page for Maverick
<nascentmind> when i do a getent passwd i am not getting ldap users at all.
<ccheney> hallyn, maybe, i'm not sure my usb stick seems slow
<Daviey> ccheney: you need to set your DHCP Bootp option aswell.
<kirkland> hallyn: under "Known Issues"
<Shinhan> yay, net is working. thanks for the help :)
<hallyn> kirkland: ok so i can add things to maverick, but should i also add them to the lucid once if they apply?
<ccheney> Daviey, can you write me an email explaining it in case i have to redo it later, or point me to a doc? :)
 * ccheney hugs Daviey :)
<Daviey> ccheney: When are you planning to do it?
<nascentmind> when I do a ldapsearch with the options i get results of users. but when i do getent passwd with ldap.conf options set my logs in auth.log say invalid credentials.
<Daviey> ccheney / kirkland: We have it in our mission to document this stuff anyway! :)
<nascentmind> also my bind cn contains a domainname\username.
<ccheney> Daviey, probably once the new 1.7 is in the archive, if you don't have time to document it by then as soon as you can get it to, not super high priority as i can still use usb
<CppIsWeird> what are flush-1, flush-8, and flush-9, processes?
<Daviey> ccheney: okay.. i probably won't have time by EoP today.. but can certainly get your in the right direction on Monday?
<ccheney> i have gige switches at home so i think it should be much faster than my using my usb :)
<ccheney> Daviey, ok sounds great :)
<Daviey> ccheney: hands off installation ++
<Shinhan> I followed http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/firewall-examples.html Since it doesnt seem to have been written with ubuntu in mind, I made /etc/init.d/rc.firewall-iptables instead of /etc/rc.d/rc.firewall-iptables
<Shinhan> But it also says I should put another file into /etc/rc.d/init.d/ which doesnt exists
<Shinhan> where should I put it so it starts up on boot?
<kirkland> hallyn: not quite ... those pages are "owned" by the release team
<kirkland> hallyn: there is a procedure for adding items, let me grab that for you ...
<hallyn> Daviey: can you cc: me onthat email about tftp+dhcp to ccheney?  :)
<ccheney> Daviey, i knew a bit about how tftp, bootp, etc work but its been so long since i last needed it i forgot most of it, used it for installing sparc hardware back in early part of last decade, heh
<Daviey> hah
<kirkland> hallyn: okay, in a bug that needs to be release-noted, you click "also affects project" and enter "ubuntu-release-notes"
<Daviey> TBH, tftp is annoying.. it always breaks when setting it up :(
<hallyn> kirkland: ok, so in the meantime, is there someplace 'official' where we should put workarounds resulting from launchpad bugs?
<kirkland> hallyn: and you propose the text
<hallyn> oh
<kirkland> hallyn: just in the bug itself
<hallyn> ok, thanks.
<ccheney> you bugtask it to release notes iirc
<ccheney> but yea there is more to it than just that
<hallyn> can i be pretty liberal with the 'also-affects release-notes' trick?  :)  or do they get cranky?
<ccheney> hallyn, probably should look at the wiki page wherever it is
<ccheney> hallyn, best not to annoy slangasek ;-)
<Daviey> ccheney / kirkland / smoser: Delay on 1.7.. failing to start. :(
<mgarciaisaia> hi there... anyone who can help with an amazon ec2 problem?
<Daviey> mgarciaisaia: smoser can :)
<smoser> thanks Daviey
<Daviey> smoser: np
<Shinhan> http://wiki.debian.org/LSBInitScripts says the script need to be different, but there is no way I would know how to change it. Is there a version of http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/firewall-examples.html for ubuntu? And how big a problem is missing LSB information
<smoser> "don't ask to ask, just ask" (its in the topic, mgarciaisaia )
<mgarciaisaia> wasn't very sure about this being the place... sorry, smoser
<mgarciaisaia> i need to run a Debian/Ubuntu image in EC2
<Shinhan> all ubuntu masquerade guides I have since found seems to be much simpler, guess I'll just ignore that lsb warning
<ccheney> Daviey, fun
<mgarciaisaia> but with some kernel which doesn't have the wine/xen bug they mention at < http://developer.amazonwebservices.com/connect/message.jspa?messageID=144197 >
<mgarciaisaia> while i was focusing on trying a Debian image with different aki's, i tried an Ubuntu image as well, with the same result: the instance simply stops responding after some wine execution
<mgarciaisaia> even if i run it as non-root user
<smoser> mgarciaisaia, whihc ubuntu image ?
<smoser> if you can reproduce this, then thats wonderful. and you should open a bug with instructions on how to do it.
<smoser> ideally, you open a bug using 'ubuntu-bug' from inside an instance of the same image that you can recreate with.
<smoser> mgarciaisaia, list of ubuntu images is at http://uec-images.ubuntu.com/releases/
<mgarciaisaia> hhmmm... let me see if i found the exact ami
<smoser> 10.04 would be most interesting
<smoser> ie, get the amis from http://uec-images.ubuntu.com/releases/10.04/release/
<cybrocop> Can someone please help me debug these issues:
<cybrocop> https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/598182
<uvirtbot> Launchpad bug 598182 in eucalyptus "eucalyptus-cc and uec-component-listener services are not started" [Undecided,New]
<cybrocop> https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/598186
<uvirtbot> Launchpad bug 598186 in eucalyptus "Unable to register nodes in eucalyptus" [Undecided,New]
<cybrocop> I need to rebuild my UEC environment and I have been delaying in order to get these bugs confirmed.
<cybrocop> The startup bug should be very easy to confirm/troubleshoot for someone with knowledge about debugging upstart.
<mgarciaisaia> smoser: ok, i can't find what was the exact ubuntu instance...
<mgarciaisaia> i'll retry with any of the instances in the web you gave me
<mgarciaisaia> and then i tell you
<mgarciaisaia> thanks
<uvirtbot> New bug: #598537 in cyrus-sasl2 (main) "Saslauthd segfaults (seemingly randomly)" [Undecided,New] https://launchpad.net/bugs/598537
<cybrocop> mdz, I believe you authored eucalyptus-cc
<cybrocop> the upstart configuration
<cybrocop> How can I troubleshoot why eucalyptus-cc won't start when I reboot my machine.
<mdz> cybrocop: I did some work on it briefly, but kirkland and Daviey are the people to talk to about it now
<cybrocop> OK
<Daviey> cybrocop: When you restart euca, what do you get in /var/lib/eucalyptus/ ?
<cybrocop> Daviey: /var/lib/eucalyptus contains a bunch of directories and a nodes.list file
<Daviey> cybrocop: sorry, i mean't /var/log/eucalyptus/*
<cybrocop> Daviey: Is it ok to rm /var/log/eucalyptus/* and do a restart... I know when I do that on the NC, the nc.log file is never re-created.
<Daviey> cybrocop: Yep.. they are just log files.
<Daviey> cybrocop: If you do that, and pastebin the whole lot - it'll be easier to work out the issue
<cybrocop> Daviey: When i Do a "stop eucalyptus" is it also supposed to stop all other euca* services?
<panfist> is there any special configuration needed for a server that is a dns server named with a name foo.bar that's also a samba server with a netbios name baz?
<Daviey> cybrocop: it *should* do... i did find inconsistent behaviour when doing it via /etc/init.d/eucalyptus stop and that.. which is REALLY weird
<Daviey> as it shouldn't be differnet.
<cybrocop> Daviey: OK, so you want me to pastebin contents of all log files or just contents of /var/log/eucalyptus
<Daviey> cybrocop: if you can do all log files, that would be better... Or upload them to webspace or something.
<cybrocop> Is there a pastebin service that allows easy interaction from a command line via curl? So that I can upload a huge log file?
<cybrocop> ls -al
<cybrocop> Daviey: I'm packaging the logs now. But, I shoudl say that when I do a restart every service starts up properly. (So Bug 598182 can't be troubleshot this way, I think.)  The problem in that bug arises when I reboot my server. When it comes up, eucalyptus-cc and uec-component-listener are not started.
<uvirtbot> Launchpad bug 598182 in eucalyptus "eucalyptus-cc and uec-component-listener services are not started" [Undecided,New] https://launchpad.net/bugs/598182
<Daviey> cybrocop: eeek, sounds like some sort of race condition.
<cybrocop> Daviey: yep. But it may give you insight on Bug 598186
<uvirtbot> Launchpad bug 598186 in eucalyptus "Unable to register nodes in eucalyptus" [Undecided,New] https://launchpad.net/bugs/598186
<Daviey> cybrocop: I'd be suprised if it is, as you'd be the first to notice this.. What sort of hardware are you running it on?
<cybrocop> Daviey: Intel Desktop Board DG945 motherboard. Quad-Core Intel CPU. 4GB ram. I can get the exact CPU model if you wish.
<cybrocop> Daviey: Sorry, that was for my NC machines. I believe the HW for the CC machine is a Gigabyte Mobo, Dual-Core CPU, and 2GB ram. But I don't know the specific. Can I easily query it from command-line?
<Daviey> cybrocop: Hmm.. i just wanted to check if it was anything seriosuly high class.. like super fast hard disks.
<cybrocop> Daviey: No, nothing like that.
<Daviey> cybrocop: And have you done *anything* with the configs post installation?
<cybrocop> Daviey: Now while I was conscious. :)
<Daviey> cybrocop: Can i ask you to raise a fresh bug.  Ideally stop euca, remove all the logs - restart and post the logs to the bug (including syslog)
<Daviey> feel free to redact anything you consider personal..
<Daviey> cybrocop: That would be great if you could.. then we can investigate a little furthert
<cybrocop> Daviey: Will try.
<cybrocop> Can I easily trigger my syslog/kern.log/etc... to roll-over?
<cybrocop> Daviey: so that I only upload the new stuff to the bug?
<cybrocop> Daviey: NVM, I figured it out: /usr/sbin/logrotate --force /etc/logrotate.conf
<Daviey> cybrocop: ahh! :)
<cybrocop> is there any way to get a list of all running services?
<cybrocop> or the status of them all?
<ccheney> Daviey, only one person saw the bug during a1?
<ccheney> Daviey, its 100% reproducible for me, maybe i'm just unlucky
<Daviey> ccheney: Hmm.. i mean, during the A1 testing phase.. only one person mentioned it
<ccheney> Daviey, ah ok, maybe only one person tested uec? :)
<Daviey> afterwards is differnet, as they'd be dist-upgrading anyway
<ccheney> Daviey, it happens every time for me on any kernel newer than 2.6.32
<ccheney> except with the patched one that tgardner fixed up
<Daviey> ccheney: agreed.. but the concern was how to get testings on something that works.
<ccheney> ok
<ccheney> what i'm wondering is why this isn't easily reproducible for everyone, must be some sort of race
<ccheney> Daviey, iirc you said it doesn't happen for you on some of the newer than 2.6.32 kernels?
<ccheney> i was registering lucid-server-uec-amd64.tar.gz in my test in case it matters
<Daviey> ccheney: No.. The last good kernel i tries was Lucid.. I said i hadn't tried 2.6.34, but someone had reported it didn't work.  I only knew 2.6.35 didn't work.
<Daviey> tried*
<ccheney> oh ok
<ccheney> so then its probably a case of not too many people trying out our images then
<cybrocop> Daviey: I'll upload log files shortly (mostly syslog). The /var/log/eucalyptus directory only contains jetty-request-2010_06_25.log and no other log file, presumably because eucalyptus-cc and uec-component-listener are not running.
 * Daviey sobs with this mess he has infront of him :(
<Daviey> cybrocop: interesting!
<Daviey> cybrocop: The team will get notified of your bug.. and we'll try and work out what is causing the issue, and may require further information
<Daviey> cybrocop: Is it reasonable to ask you to try and reinstall from scratch and see if it is reproduced?
<cybrocop> Daviey: Yep. The eucalyptus service is running which should be the only pre-requisite.
<cybrocop> Daviey: I want to reinstall from scratch but I doubt I will easily encounter this bug. I have reinstalled UEC about 20 times in the past month (due to various issue) :)  Actually I want to get to a quick resolution and the only reason I'm refraining from reinstalling is to catch this bug.
<Daviey> cybrocop: I would appreciate it if you could raise that bug, but then feel free to reinstall.
<Daviey> cybrocop: I don't want to block you.. so feel free to burn the system away, and at least we'll be aware of an issue, even if we don't have enough data to fix it!
<Daviey> cybrocop: Then if someone else raises it, we will be familar with an issue.
<cybrocop> Daviey: I've raised the bug already. Which log files in /var/log do you need? /var/log/syslog is enough?
<Daviey> cybrocop: should be
<cybrocop> Davie: OK, I'll try to do same for the other bug.
<cybrocop> Daviey: I uploaded my syslog for Bug 598186.
<uvirtbot> Launchpad bug 598186 in eucalyptus "Unable to register nodes in eucalyptus" [Undecided,New] https://launchpad.net/bugs/598186
<cybrocop> I doubt it contains anything useful though.
 * ccheney found a way to follow up on old list mail, just import the mbox from the archive :)
<ccheney> grr evolution windows aren't modal to their own app
 * ccheney may be using the wrong word apparently
<Daviey> ccheney: I was going to suggest mbox, but i thought it overkill :)
<ccheney> yea, it seems very easy to do :)
<Daviey> cybrocop: awesome, thanks
<Daviey> ccheney: wget then mbox to maildir on your mail server :)
<ccheney> well my mail server is the canonical one still atm, so i got mbox and imported into imap via evolution
 * ccheney is going to test their test case on my box before sending the email
<ccheney> hmm installed lots of stuff to be able to do that, hopefully it won't affect the test
<RFleming> Greetings.  I've got a problem and I hope I can get some help
<RFleming> I've got an ubuntu server running with md and LVG
<RFleming> at boot, it says that md1 raid array not clean
<RFleming> then I get a kernel panic saying that /sbin/init can't be found.
<RFleming> booting into an ubuntu server CD in recover broken system mode, the arrays look fine
<RFleming> the VG's look fine, and I can mount them without issue
<RFleming> I even checked the filesystems in the VG and they come back fine as well.
<RFleming> anyone with any suggestions?
<dotnetted> hey all - I'm trying to get openldap/samba working to authenticate users on ubuntu 10.04 - I'm using "smbldap-useradd/smbldap-passwd" to add a user w/ a password and used "auth-client-config" to configure PAM to use an ldap profile - pamtest is failing to authenticate - what's the best way to track down the problem? thanks
<ccheney> Daviey, appears their test case works regardless
<ccheney> Daviey, i'm doing a last test with the known broken version and then will send out the email along with the script attached that I used to replicate it
<ccheney> yea works even on known broken kernel
<Daviey> ccheney: this week gets better and better! :)
<RFleming> anyone with any ideas?
<ccheney> Daviey, message sent, should be there soon
<ccheney> brb sending a fax
<Daviey> hggdh: Awesome work on bug 566792 test package.. wanted to check 2 things:
<uvirtbot> Launchpad bug 566792 in eucalyptus "metadata service returns empty data with 200 OK" [High,Confirmed] https://launchpad.net/bugs/566792
<Daviey> 1) did you find out why the system burned yesterday?
<Daviey> 2) can you update the bug with the results of the test package
<Daviey> -- if that works out well, we'll SRU.
<RFleming> Hi everyone.
<RFleming> when run-init /sbin/init returns a no such file or directory error and the kerne panics and doesn't sync ... how do I go about resolving that?
<xperia> hello to all. i have two ubuntu web servers behind a router with one static ip. everytime i want to call a domain that is hosted on the second router i get a error message or the first server respond. people have told me this happen becouse both servers are listening on the same port 80 and i need somehow to tweak both server configs so both can work with no problem. does anybody know how ?
<xperia> RFleming: hmm do you have this file in sbin ?
<RFleming> yeah, I do
<RFleming> I'm running fake raid with LVG on top
<xperia> well then it must has to do with the exec preferences
<RFleming> the system freaks on boot, but on recovery the raid and the LVG are fine
<xperia> probably this file need to be given execute rights
<xperia> try this
<RFleming> one thing though, I can't seem to launch a shell from the lvg in recovery mode
<xperia> cd sbin
<xperia> and do run-init init
<xperia> does thia works
<xperia> problem is the error message "no such file or directory" first
<xperia> this message normally appera if you want to execute or handle a file/programm that can not be found probably becouse a path is wrong
<ccheney> Daviey, does the email seem sufficient?
<xperia> or the system dont know where to find this files
<RFleming> the file has execute rights
<RFleming> it appears that the lvg isn't mounting the root file system
<RFleming> because everything is as it should be.
<RFleming> do UUID's change? :)
<xperia> and what happen when you go inside this dir where the file is with "cd /sbin" and run the command "run-init init" ? do you get the same error
<ccheney> Daviey, do you know what steps i need to do to do the manual bundling that is mentioned in the comment 10?
<xperia> normally this should now not happen
<RFleming> there is no run-init on the recover a broken system
<ccheney> Daviey, it looks like the documentation for 9.10 might have the manual way listed
<RFleming> err option
<RFleming> it appears that /dev/md1 is resyncing
<RFleming> although I fail to see how that would impact booting
<RFleming> this server ran fine for 427 days and now pfft...
<RFleming> someone unplugs the wrong box
<xperia> hmmmm really bad to hear
<ccheney> on the manual method i see which part is causing the problem
<ccheney> EMI=$(euca-register $BUCKET_IMAGE/$UEC_IMG.img.manifest.xml | grep "^IMAGE" | awk '{print $2}') && echo $EMI
<ccheney> which makes sense
<xperia> anybody here how can answer me the question related for runnig two servers behind one router but only one deliver the content ?
<Daviey> ccheney: Sorry buddy.. i've got to get away from this for the day - before my head explodes.
<ccheney> ok np
<ccheney> "Cat the parts together in the right order to obtain the encrypted image." anyone know what right order means?
<xperia> hmmm it looks i need somehow to forward the requests from the one server to the second one as the router just send the whole want traffic at one server
<ccheney> ah nm i see there are a bunch of tmp files in the /tmp dir
<RFleming> xperia, you need a reverse proxy
<xperia> yeah that is the problem. router send all wan requests to the first server and becouse of that the second server ont answer
<RFleming> you set up a reverse proxy and all requests get directed to it
<RFleming> then your reverse proxy config tells the proxy where to get content from
<xperia> how can i solve this traffic forwarding when host request are not related to the first server and need to be forwaded
<xperia> hmmm reverse proxy never heared that yet
<RFleming> !reverseproxy
<xperia> RFleming: thank you a lot
<xperia> have found something on the web need to study it more
<RFleming> you're welcome
 * ccheney going to lunch, bbl
<Krazyderek> does anyone know how to setup backuppc for a backup on the same pc, not over the network?
<socomm> Got a question. That asterisk next to an executable's name what does it mean. Whenever I do 'ls -l' I see asterisk next to the executable files.
<CppIsWeird> i just cant see to get anything on ubuntu enterprise to work with eucalyptus
<CppIsWeird> can anyone tell me why http://127.0.0.1:8773 comes back at me with a 500 internal server error?
<CppIsWeird> or why Elasticfox will not let me add a region no matter what
<hggdh> Daviey: still there?
 * ccheney is back and working tgardner on another kernel image
<hggdh> Daviey: I am updating the bug, but it failed on the longer test
<hggdh> Daviey: well, actually, it is still failing, the stes is still running
<CppIsWeird> can anyone tell me why http://127.0.0.1:8773 comes back at me with a 500 internal server error?
<Daviey> hggdh: :(
<Daviey> hggdh: thanks for letting us know
<hggdh> Daviey: yes, rather drepressing results, are they not?
<Daviey> hggdh: seems it, glad i didn't upload it to the archive now :)
<hggdh> Daviey: heh, so am I
<Daviey> hggdh: having a look at your branch you linked to
<Daviey> hggdh: Did you find out what burned the system yesterday?
<hggdh> Daviey: I did not, and all traces are now gone due to reinstall. But I suspect witches
<Daviey> hggdh: /me decides hallyn is a witch and burns him.
<hggdh> Daviey: /me brings alcohol
<Daviey> \o/.. a good ol' time awaits.
<hggdh> now, just a bit of wisky, and we are all set
<socomm> CppIsWeird: sounds like a config issue with your HTTPD server
<CppIsWeird> socomm, nah, it just sounds like ubuntu enterprise blows.
<socomm> CppIsWeird: personally, i'd never pay for an OS
<socomm> wait doesn't enterprise come with paid support or something?
<CppIsWeird> its not paid for its the whole cloud computing with the nonfunctional eucalyptus
<socomm> i think I tried eucalyptus once, didn't like it
<socomm> could be diff software though
<CppIsWeird> so far as i can tell its a pos. been screwing with it for about 8-10 hours straight.
<CppIsWeird> following every tutorial in the book
<socomm> heh
<CppIsWeird> for mysterious reasons, it doesnt work
<socomm> been doing long enough where I can tell you its probably something retardedly simply that's not making it work
<socomm> s/simply/simple/g
<CppIsWeird> i completely believe you.
<nube> I've been playing with samba and ssh for a file server.  Haven't used cron but as far as I can tell it shouldn't be that difficult to create bash scripts to make local and remote backups.  Is their any reason not to implement in that manner.  I know their exist expensive services that basically do just that e.g., mozy, but why waste the $?
<zenmower> rsync
<nube> ty readin man page now
<nube> ahh i c
<SpamapS> smoser: ping?
<smoser> here
<smoser> SpamapS,
<SpamapS> smoser: is this done? [clint-fewbar] (1)run instance and wait into cloud-utils: INPROGRESS
<nascentmind> Hi. In pam why do they put pam_faildelay at the top rather than at the bottom of the auth stack? Doesn't pam check the stack sequentially?
<smoser> SpamapS,  i guess so, yeah.
<SpamapS> smoser: (3)util for kill all instances: TODO
<RFleming> Greetings!
<RFleming> My ubuntu server decided it wasn't going to boot today
<RFleming> immediately after checking for a resume image (and not finding one), the run-init complains that /sbin/init can't be found, the kernel panics without syncing saying it's attempting to kill init
<RFleming> I've checked the MD raid, I've checked the LVM VG and all the partitions in the VG through the server CD recover a broken system boot option, but the system won't start.
<RFleming> Is it my initramfs that's pooched?
<RFleming> is that where /sbin/init that it can't find is located?
<SpamapS> RFleming: can you try booting with init=/bin/bash ?
<RFleming> sure.  Give me a moment
<SpamapS> 64 bytes from 65.98.207.160: icmp_seq=9 ttl=52 time=2252.162 ms
<SpamapS> I love it when a router queues packets for 2.2 seconds :)
<RFleming> SpamapS, run-init: /bin/bash: No such file or directory
<RFleming> again, like /sbin/init ... this is immediately after kinit realises there's no resume image and proceeds to do a normal boot
<SpamapS> RFleming: yeah it does seem lke your initramfs is kinda broken. Can you boot from a liveCD?
<RFleming> I've been booting off the server install cd in 'Recover a broken system' mode
<RFleming> I can't remember wich version of Ubuntu this is
<RFleming> I think it's 8.04 LTS
<RFleming> Can I use any desktop livecd?
<guntbert> RFleming: yes, of course
<RFleming> alright, burning a 9.10 desktop amd64 cd to boot from
<RFleming> does the LiveCD support fakeraid?
<RFleming> I have LVM on top of fakeraid
<guntbert> !fakeraid | RFleming
<ubottu> RFleming: Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<RFleming> guntbert, hehe, that helps how?  Are the fakeraid modules included on the livecd for 9.10? :)
<RFleming> fakeraid is already installed and configured :)
<guntbert> RFleming: sorry, I don't know how to handle fakeraid, but there you *should* find out if the modules are there
<SpamapS> "Warning
<SpamapS> FakeRAID is not supported by Ubuntu. Trying to install Ubuntu on such a partition could easily result in the loss of all your data."
<SpamapS> DOH
<RFleming> I'm not so worried.  When it works it works
<RFleming> fakeraid is fine, checked it
<RFleming> LVM is fine too, checked that as well
<RFleming> so are all the partitions
<RFleming> how do I go about rebuilding the initramfs image?
<RFleming> (in recovery mode) :)
<SpamapS> mkinitrd maybe
<guntbert> RFleming: I guess for that you need a chroot environment, that reminds me: https://wiki.ubuntu.com/Grub2#Recover%20Grub%202%20via%20LiveCD is an instruction for grub2 but it details how to set up a chroot
#ubuntu-server 2010-06-26
<adaran> does anyone here use libvirt and do backups of the vms? what's the recommend way of doing that?
<adaran> i tried virsh save, but that, so far, has been very slow and unreliable
<chewbranca> anyone know if you can create custom users on EC2 and ssh in? I'm using the canonical 10.04 image
<jjohansen> chewbranca: sure
<jjohansen> once you login in you can use sudo to do the user setup
<chewbranca> jjohansen, I mean can I create a new user on a running instance, add a key in authorized_keys and then ssh in?
<jjohansen> chewbranca: yes, you need to do it on the running instance
<jjohansen> unless you are making your own custom ami
<jjohansen> its been awhile since I did it, but it wasn't hard
<chewbranca> I'm making a custom AMI, but I'm just trying to setup the account, and then allow people to go and add in their key and be able to connect as that user, adding a deploy user
<chewbranca> but I added in the key from my dev box and I can't connect it, getting permission denied public key error
<chewbranca> is there anything special I have to do to make it work?
<jjohansen> hrmm, I can't remember what I did here
<jjohansen> I know I had some problems with login at first and to do something
<chewbranca> hrmmm... yeah I'm at the 'had some problems' stage
<chewbranca> did everything as per normal
<chewbranca> basically building an AMI that is completely setup to run a rails framework I built, and we use capistrano for deploys with a 'deploy' user to connect in with, so I figured I would just emulate that
<chewbranca> weird, either a typo or more likely a permissions issue
<chewbranca> I ended up just copying the .ssh folder from ubuntu to deploy, chowned it, and now it works fine
<uvirtbot> New bug: #598683 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/598683
<uvirtbot> New bug: #598694 in openssh (main) "Sshd segfault in libgpg-error" [Undecided,New] https://launchpad.net/bugs/598694
<resno> i am trying to setup bridging on virtualbox to a virtualmachine. when i start the machine i get: "Failed to attach the network LUN (VERR_INVALID_PARAMETER). Unknown error creating VM (VERR_INVALID_PARAMETER)
<uvirtbot> New bug: #596013 in mysql-5.1 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.5 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/596013
<matkix> Hey, anyone here know what I need to change in Grub to boot headless ubuntu server?
<bawn> how do i set up an ubuntu server
<cybrocop> Hi All. What tool can I use to measure response time for about 30-60 websites that we own.
<cybrocop> Is Munin useful for this? I basically need to fetch a web page and see what kind of response time I get.
<steffan> 'sudo -d <user>' will delete a users password, does that allow anyone to login without a password, or does it disable logins?
<jpds> sudo: invalid option -- 'd'
<steffan> jpds: 'sudo passwd -d <user>' sorry
<steffan> the manpage is confusing, does using -d disable all logins, or allow logins without a password?
<mgj> Anyone know the default power management scheme when installing ubuntu server 10.04 on a laptop (connected to AC) ?
<mgj> as in: Is there any shutting down power-saving enabled by default?
<wise_crypt> !nwtsplit
<wise_crypt> !netsplit
<ubottu> netsplit is when two IRC servers of the same network (like freenode) disconnect from each other, so users on one server stop seeing users on the other. If this is happening now, just relax and enjoy the show. See http://en.wikipedia.org/wiki/Netsplit
<bogeyd6> RoyK, how is your morning going?
<RoyK> bogeyd6: the afternoon is nice, thank you
<storrgie> I am trying to access some webcams that are on a remote ubuntu server machine, how can I get them exposed over http?
<steffan> if the password on the only user with access too sudo is disabled, what is the solution to fixing it?
<RoyK> steffan: reboot in single user mode or boot on a live cd
<RoyK> of no root password is set (you need to do that manually) you can get in without a password in single user mode
<steffan> RoyK: thank you
<RoyK> storrgie: see https://help.ubuntu.com/community/Webcam
<RoyK> storrgie: vlc might do it, btw
<MikeSee> where can i find the md5 sum of ubuntu-10.04-server-i386.iso to check against?  my iso doesnt seem to boot past "english > install ubuntu server" just want to make sure i got it all....
<cybrocop> MikeSee: http://www.google.com/search?client=ubuntu&channel=fs&q=ubuntu+md5&ie=utf-8&oe=utf-8
<cybrocop> MikeSee: http://releases.ubuntu.com/10.04/MD5SUMS
<Lantizia> Is Install-Recommends turned off when using Ubuntu Server?
<Lantizia> Bug 316472 suggests it is with Intrepid
<uvirtbot> Launchpad bug 316472 in apt "wish: APT::Install-Recommends "false" in server install" [Wishlist,New] https://launchpad.net/bugs/316472
<jpds> Lantizia: It is on by default.
<Lantizia> How naff
<lvh> Hey. Ubuntu Server seems to be focused on EC2 as far as public clouds are concerned. How does interop with Rackspace Cloud work (if at all?)
<ben99`> Hello, world
<ben99`> Got a problem with kvm
<ben99`> when starting a new vm, I got pci_add_option_rom: failed to find romfile "pxe-virtio.bin" in the logs
<ben99`> anyone knows where I can find that file? (not in the whole disk)
<ben99`> I'm on lucid
<pmatulis> bug #566832
<uvirtbot> Launchpad bug 566832 in etherboot "kvm expect PXE rom to be in /usr/share/qemu (dup-of: 570870)" [High,Confirmed] https://launchpad.net/bugs/566832
<uvirtbot> Launchpad bug 570870 in etherboot "pxe boot doesn't work with kvm" [Low,Fix committed] https://launchpad.net/bugs/570870
<ben99`> I saw these ones... but what should I do?
<RoyK> hi all - I'm trying to move /var from a dedicated filesystem to the root. moving the files with rsync works well, but it seems rsyslogd is keeping files open. rsyslogd seems to be started by init, so I tried to disable respawn, sent init a SIGHUP and killed rsyslogd, but it still respawns. Any idea how to fix this?
<RoyK> ben99`: if there's a bug without a know workaround, I guess you're stuck
<ben99`> ok, RoyK. And usually, how fast does the community react to such a bug?
<ben99`> Is it question of week? More? Less?
<RoyK> it depends on the importance, and whether or not you have a support contract with canonical
<RoyK> the support contract is not very expensive, and it makes them push your bugs up front
<RoyK> but then, if the bug is in ubuntu, it's probably there in other distros as well
<ben99`> OK, thanks
<uvirtbot> New bug: #598862 in augeas (main) "Sync augeas 0.7.2-1 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/598862
<pmatulis> ben99`: the bug report states the fix has been committed
<uvirtbot> New bug: #598894 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/598894
<clusty_> hey
<clusty_> i was curious if any of you got ubuntu to talk to a mac though netatalk/AFP
<clusty_> cause the linux is unloggable
<clusty_> recompiling netatalk    gets old...
<viezerd> netatalk works fine here
<clusty_> viezerd, connecting from mac?
<viezerd> yes
<clusty_> viezerd, mind giving me the line that defines the share?
<viezerd> its in Applevolumes.default
<clusty_> and the last line of /etc/netatalk/afpd.conf
<clusty_> i knoew
<clusty_> just gimme your line to i can check i did it right
<viezerd> um, let me see
<viezerd> Applevolumes is easy just ~/ for yur home
<viezerd> afpd.conf I have the default - -transall -uamlist uams_dhx.so,uams_dhx2.so -nosavepassword
<clusty_> thanks
<viezerd> your mac not seeing any shares ?
<clusty_> gotit working
<clusty_> thanks
<clusty_> viezerd, could not connect before
<clusty_> was rejecting passwordf
<viezerd> oh ok
<clusty_> that used to be a problem in 9.0
<clusty_> cause SL wanted ssl enabled AFP
<clusty_> and default 9 did nto have it
<clusty_> viezerd, can also make avahi advertise the AFP share and tell macs it's a xserve or whatever
<viezerd> it should be possible, but havent done anything with it myself
<clusty_> http://www.kremalicious.com/2008/06/ubuntu-as-mac-file-server-and-time-machine-volume/
<clusty_> has at some point theXML file for avahi
<viezerd> if its for time machine, I got time machine working
<clusty_> i have another mac on the network where i tM
<viezerd> nice :)
<Tim_R> hi guys can anybody tell me how to setup yourdomain.com/~username/
<Tim_R> on my server
<cloakable> Tim_R: sudo a2enmod userdir && sudo apache2ctl graceful
<Tim_R> thanks cloakable
<cloakable> then make public_html in homedirs
<Tim_R> so your saying that I have to create folders in homedirs
#ubuntu-server 2010-06-27
<cloakable> yes
<cloakable> your regular users can create them, though
<Tim_R> ok
<cloakable> ~/public_html
<Tim_R> is there anyway that I can limit the space to 25mb
<cloakable> using quotas
<cloakable> but that's not an apache thing, and not something I'm familiar with
<Tim_R> ok
<Tim_R> well thanks cloakable for your help
<ruben23> hi guys
<ruben23> how do i used and install rt-kernel..?
<ruben23> fo ubuntu-server
<pmatulis> ruben23: install the package i guess
<ruben23> whats the features of rt kernel compare to others
 * Pirate_Hunter realises stupidity doesn't pay 
<uvirtbot> New bug: #598942 in wss4j (main) "Please sync wss4j 1.5.8+svntag-1 (main) from Debian unstable (main)." [Wishlist,New] https://launchpad.net/bugs/598942
<k5673> So...
<k5673> Hello there!
<k5673> And the crowd exploded!
<k5673> OK
<k5673> I want to set up a LTSP server, using 10.04
<k5673> And, for my terminalz, i have some old Pentium 2's with 128 MB RAM, WOL, PXE, and all the thing.
<k5673> Is factible a setup like that?
<k5673> Using those oldies as terminals?
<k5673> Or are these too old?
<Roxyhart0> hi There, somebody has intalled fail2ban?
<Roxyhart0> any "how to" ?
<ph-x> Roxyhart0: https://help.ubuntu.com/community/Fail2ban
<Roxyhart0> thanks very much!
<uvirtbot> New bug: #598993 in ipmitool (universe) "Please merge ipmitool 1.8.11-2 (universe) from debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/598993
<obscurant1st> can somebody tell me how can i connect to internet through wifi inx64 ubuntu server, if i know the access point name n password
<obscurant1st> ?
<jpds> obscurant1st: See: man wpa_supplicant.conf
<obscurant1st> jpds, oh, ok. thx
<obscurant1st> and btw one more thing, how can i bring up the network configuring thing, i mean if manage to get the network cable n connect to router directly
<jpds> [Though I would strongly recommend Ethernet for servers.]
<jpds> obscurant1st: Ah, hmm; can you get a KVM on the machine?
<obscurant1st> KVM? i saw it failed to start, but not sure when it came!
<obscurant1st> but frankly i dont know whts KVM
<jpds> keyboard, video and mouse.
<obscurant1st> oh, but when i typed sudo kvm, my system haged. anyway i am able to type and everything, but i cant use mouse
<obscurant1st> hang*
<obscurant1st> jpds, you there?
<candyban_> I have the module "xt_iprange" loaded. When I try to load the rule "-A FORWARD -p tcp -m range --dst-range 10.10.100.25-10.10.100.29 --dport smtp   -j ACCEPT" using iptables-restore, I get the error "iptables-restore v1.4.4: Couldn't load match `range':/lib/xtables/libipt_range.so: cannot open shared object file: No such file or directory". When I hardlink libxt_range.so to libipt_range.so, I get the error "iptables-restore v1.
<candyban_> 4.4: Couldn't load match `range':(null)"
<candyban_> ubuntu server (10.04)
<melter> does anyone know if i set GRUB_SAVEDEFAULT to true, if the kernel is upgraded and I reboot, will i get the updated version of the selection the next time i reboot?
<melter> i have 2 installs on sda and sdb. for now, i always want to boot from the latest kernel on sda, but the sdb kernels are first on the grub list
<melter> as sdb gets upgraded, the sda kernels are further down the list, so i can't boot from a specific menu item number
<melter> it'd be nice if GRUB_DEFAULT supported regular expressions and booted the first match, ".*sda"
<candyban_> nm my problem. should have been -m iprange instead
<RoyK> I'm trying to umount /var, which is on a separate filesystem. The data has been moved and according to lsof/fuser no files are open. still, linux report filesystem busy
<RoyK> any idea what to try next?
<candyban_> RoyK, perhaps there are still files in state "deleted"?
<RoyK> lsof usually reports those as well
<candyban_> RoyK, depends what you grepped for ;)
<RoyK> last I checked, lsof reports the path of the deleted file
<RoyK> all processes are stopped, except sshd
<RoyK> and I have no serial console on this one
<RoyK> since the box is located 50km from here, gambling on a restart is no good
<RoyK> damn - no open files on /var, but still I can't umount it
<RoyK> any ideas how to troubleshoot this?
<pmatulis> RoyK: maybe pastebin output to 'df -hT' and 'mount'
<RoyK> http://pastebin.com/76yA5Ewg
<RoyK> ah
<RoyK> wait
<RoyK> no...
<RoyK> http://pastebin.com/Z9A5uM9e
<Psi-Jack> Anyone here happen to know much about Radius, and what software is advisable for setting up a Radius server for authentication in vpn and wireless WPA2-Pro?
<RoyK> Psi-Jack: freeradius is in the repositories, works for me (tm)
<Psi-Jack> freeradius, eh? By chance is there any ubuntu how-tos like there was a very nice and simple one for openvpn?
<RoyK> google that
<pmatulis> RoyK: were you in /var when trying to umount by any chance?  also, try just 'lsof /var'
<RoyK> pmatulis: no, and I couldn't find a single open file in there - umount -l /var worked, though
<pmatulis> RoyK: ok
<RoyK> now I just hope the box comes up again :Ã¾
<melter> does update-grub only update the config files, or does it also install to the mbr?
<RoyK> seems it's my lucky day :)
<RoyK> melter: iirc grub understand the filesystem, and doesn't need to be reinstalled into the mbr for every change, like the case of lilo
<melter> RoyK: after running update-grub, the order of the menuitems in /boot/grub/grub.cfg doesn't match what i see when i boot
<RoyK> hm. don't know, then, I don't know grub2 too well (yet)
<melter> also, if i have 2 ubuntu installs on diff hard drives, which config would it use?
<RoyK> it will boot from the grub on the drive you set as primary boot in the BIOS, then grub will take over and boot whatever OS you configure it to
<RoyK> anyone here using zfs-fuse? seems it's rather buggy http://pastebin.com/P8672MbC
<melter> thanks RoyK, i understand this grub2 stuff better now
<melter> i switched drives, and i got an error 17 from an ancient grub1 install on that hd, so i updated that, too
<bogeyd6> RoyK, seems or do you have enough evidence to file a bug report?
<RoyK> seems so, yes
<bogeyd6> !worksforme | royk
<ubottu> royk: Common Sense: Just because you can, does not mean you should (and especially recommend to others). Think before you do. "Works for me" does not mean it is ok. The latest version of everything is not always useful if you aim for stability. Please see http://geekosophical.net/random/worksforme/
<RoyK> I've been working with zfs for a year or so now on s20/osol/nexenta, but the ubuntu implementation doesn't seem too good
<bogeyd6> !google | royk
<ubottu> royk: While Google is useful for helpers, many newer users don't have the google-fu yet. Please don't tell people to "google it" when they ask a question.
<bogeyd6> gentle reminders good sir :)
<RoyK> bogeyd6: I asked him to google it, because google has simply more info about that than I have. I have setup a few radius servers, but not from scratch. If you have any info on the subject, please tell
<helpme> hello
<RoyK> hi
<helpme> i have no VT in processor
<helpme> how i use KVM
<helpme> ubuntu donot support xen also
<helpme> i having problem in getting xen tools
<bogeyd6> !vmware | helpme
<ubottu> helpme: VMWare is not available in the Ubuntu repositories. Consider using !QEmu or !VirtualBox as alternatives. Instructions for installing VMWare manually are at https://help.ubuntu.com/community/VMware
<RoyK> helpme: 	http://kurl.no/cBTh
<helpme> never tried VMWare is it consume less ram?
<RoyK> helpme: virutalisation is the same, more or less, whatever the platform
<RoyK> helpme: get a VT compliant cpu, a truckload of RAM and you're in business
<helpme> iwant host plateform take s less ram ,hehe yes roy K : )
<bogeyd6> RoyK, if using openvpn and needing authentication it would have been more proper to mention the openvpn docs and the x509 certs
<RoyK> bogeyd6: I've never used openvpn - sorry
<bogeyd6> RoyK, so why dispense advice on a works for me basis?
<bogeyd6> time for lunch, adios
<helpme> hehe
<RoyK> bogeyd6: cut the trolling
<bogeyd6> no trolling :)
<RoyK> IÂ§ve never dispensed any of your advices
<bogeyd6> just trying to help you be a better support person in #ubuntu-server
<helpme> i am trying for virtual bx,consume more rambut better here with ubuntu than windows
<RoyK> except those of a few days ago where you talked about 10% filesystem overhead
<helpme> The PPP daemon has died: A modem hung up the phone (exit code = 16)
<helpme> wht is this problem
<helpme> it is occuring every now and thanin ubuntu
<helpme> need any changes in wvdial.conf ?
<helpme> where people like me will go who use older machine,they also removed xen-tools ,
<bogeyd6> helpme, there are several distros, but you also have the ability to install packages from previous versions and building your own
<RoyK> helpme: if you're on older hardware, why not use 8.04 or something?
<RoyK> newer distros get upgraded for the newer hardware
<bogeyd6> 8.04 has what like 3 more years support
<RoyK> that's the reason of LTS
<RoyK> 8.04 is supported until 2013.04
<helpme> i have hardy ,but not able to get xen-tools
<helpme>  iget an error
<RoyK> well, helpme, if you get an error, saying so won't help you much, but if you paste (or pastebin) the message, we might be able to help you
<bogeyd6> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<helpme> http://jeremy.zawodny.com/blog/archives/010184.html
<helpme> ops
<helpme> not this
<helpme> it says trying to overwrie /etc/bash/completion.d/xm' which is also a package of bash-completion 1.1.1.3ubuntu2
<helpme> while installing xen-tools 3.9
<helpme> that was an error and dpkg stop installing it
<helpme> um roy K
<helpme> ?
<RoyK> no idea
<helpme> oh no!!!!
<helpme> kinda easy all these things in windows,linux requires more skills
<helpme> one problem solved anoher facing ahead
<helpme> royk you live in norway ?
<Psi-Jack> RoyK: Hmm..
<helpme> umits cold there every month of year ?
<Psi-Jack> RoyK: Do you deal with Radius and TLS at all? I have a 3Com WAP PoE that I'm trying to hook into my radius, but it's failing I think because of: "read:fatal:unknown CA
<helpme> dont you do jet ski
<Doonz> hey guys if im currently running 9.10 how can i upgrade to 10.4lts?
<helpme> system>update manager
<helpme> or
<helpme> do-upgrade release
<Doonz> thnx
<RoyK> helpme: I do
<RoyK> Psi-Jack: haven't tried radius with TLS, no
<helpme> woah nice ,how much ice you eat while sking
<helpme> hehe
<helpme> or you are nice skieng
<helpme> ?
<RoyK> I don't ski that much
<Psi-Jack> Hmm
<helpme> nowWay heaven on earth
<helpme> what are those greenlights?seenin sky
<RoyK> helpme: currently there's no snow here either, except in the mountains
<helpme> nohern lights
<helpme> northern*
<RoyK> nothern lights I've seen, but it's far too light now
<RoyK> northern, even
<RoyK> sun sets at about nine in the evening now
<RoyK> up north, it doesn't set
<helpme> kewl
<helpme> haha.so much work
<helpme> all day up
<helpme> lol
<RoyK> I'm going to TromsÃ¸ in a couple of weeks for some work and a rock festival - midninght sun.....
<RoyK> helpme: where're you from?
<helpme> india
<RoyK> ok
<RoyK> at least you don't have the winters we have
<RoyK> Norwegian winters can be rather tough
<helpme> i have rememberace to norway i was supposed to go there as my friend was moving from latvia to norway ,but than she didnt
<RoyK> summer temperature here is 20-25ËC, perhaps 30Ë at the best
<helpme> yes i guess,but like ice ,asi seen only once here india at kashmir
<helpme> snow*
<RoyK> it's a nice view, but when it gets below -20ËC, it's not so nice anymore
<RoyK> I guess it's the same with heat waves, except it's easier to dress for cold weather
<helpme> yes no way out of home,snow everywhere ,all ways are closed
<RoyK> I live in Oslo, we don't get that much snow here
<helpme> yes,hot climate here tends to get to 45 c now a days,
<RoyK> TromsÃ¸ is worse
<helpme> yes oslo is international airport
<RoyK> the airport is some way north of Oslo
<RoyK> 70km or so
<helpme> um
<RoyK> where in India do you live?
<helpme> rajasthan
<RoyK> I've spoken to some Indians that live here, and when they came her, they were like "where are all the people?"
<helpme> your name similar to indian name
<RoyK> norway is not as densly populated as india
<RoyK> my name`
<RoyK> ?
<RoyK> roy is my first name, from gÃ¦lic, meaning red
<helpme> yes,ROYis bengali surname
<RoyK> lol
<helpme> ah okay
<RoyK> Sigurd is my second first-name, meaning "the holder of victory" or something like that, from old norse (sigur = victory, urd = past)
<RoyK> Karlsbakk is an old family name from western norway
<helpme> kewl
<helpme> who kept yoru name yoru mum or dad
<RoyK> my last name, Karlsbakk, is from the small farm where my daddy grew up
<RoyK> Sigurd is my father's name, and mom wanted me to have that in the addition of my first name
<RoyK> how do names work in India?
<helpme> names in india, last name is from father surname that also represent caste
<helpme> and first name is choice
<RoyK> so the caste thing is still somehow living?
<helpme> and it have also meaning
<RoyK> so tell me your name, and the meaning of it
<helpme> like sarvjit ..wins everything
<helpme> my name ...help =help and me = me
<RoyK> no, your real name
<helpme> aaditya my first name
<helpme> mean s may be sun
<helpme> donot know but ,
<helpme> back
<helpme> so my name is aaditya means sun
<uvirtbot> New bug: #599063 in postfix (main) ""post-installation script returned error exit status 75"." [Undecided,New] https://launchpad.net/bugs/599063
<helpme> bug bug bug ,run run run .
<amstan> hey guys, i'm trying to make a script that'll manage a daemon
<amstan> thing is that the daemon is not really designed to run like that
<amstan> how could i chdir before running it? or run it with the proper working dir
<amstan> this script should run from cron too
<Todd> Why is python-gtkhtml2 no longer available? It doesn't work with Python > 2.6?
<ocatacoo> hello?
<ocatacoo> is anyone in here?
<ocatacoo> does anyone know of a good resource on named.cof
<ocatacoo> cnf
#ubuntu-server 2011-06-20
<saidian> Hello. I'm having trouble mounting a Mac share on Ubuntu server and was wondering if anyone could help out?
<kees> has anyone seen broken fonts in cacti after upgrading to 11.04?
<jj995> Xlib:  extension "RANDR" missing on display ":0.0". ---- I'm getting this message on the terminal whenever I run an X application, e.g. gedit.  The X application works fine, but I'd like to get rid of this RANR message.  Any ideas?  I tried removing libxrandr2 from Synaptic, but it seems like tons of things depend on it that I want to keep
<kexman> hello
<kexman> is there any nice 1 liner command for ubuntu server latest, to strip it down to the bare minimum ? like if i selected LAMP or something so that should be gone ... i want a minimal ubuntu install with openssh only but dont want to reinstall
<twb> Try aptitude markauto '?installed ?not(?section(metapackages)) ?not(?name(openssh-server))'
<twb> But be sure to review the propsed change before you approve it, in case there's extra stuff in there
<kexman> what is the difference between what ubuntu minimal installs as "core" and ubuntu-server without selecting any additional packages like lamp, openssh, postgres and such
<twb> Zero
<twb> Well, possibly the kernel flavour
<twb> If you do a ubuntu-server install and keep clicking next, you will get ubuntu-minimal + ubuntu-standard + server kernel flavour + stupid 200MB of thunderbird/firefox/oo.org english language packs
<kexman> twb: duhhh
<kexman> i dont need all that
<twb> So do an expert install
<twb> Uncheck "standard packages"
<kexman> i just want ubuntu-sver = ubuntu-minima-server :) no X involved no nothing that i dont need :)
<kexman> like gentoo minimal :P
<twb> Or do it from apt when you're done
<twb> kexman: uh, none of what I said included X
<kexman> twb: thats good :D
<kexman> i didnt say you did :)
<twb> ubuntu-standard is stuff like less and w3m
<kexman> 200mb thunderbird stuff is what i dont need :)
<twb> kexman: yeah, that pisses me off, too
<kexman> twb: so standard i do need :) those are really basic
<kexman> twb: how to remove it ?
<twb> aptitude remove ~i~nlanguage-pack IIRC
<twb> Oh, but then you'll need to configure locales by hand, which is something like "locale-gen en_AU.UTF-8; set-locale LANG=en_AU.UTF-8"
<kexman> omg :) that hurts :P no click of button for that :P joking :)
<kexman> twb: thanks a lot
<twb> I think in theory if you are using the CD's preseed file, one of the options disables those
<kexman> so other then that ubuntu-standard is nice to have right ? i dont want "cant" use it minimal :)
<kexman> twb: hmm ? dunno what your talking about i just clickclickclick without not even selecting openssh right now
<kexman> 5,689 kB will be freed :S
<twb> kexman: if you boot the installer from the network, you don't get a preseed file by default.
<kexman> no 200mb here :)
<twb> kexman: so the installer can't "tell" if it's a server or desktop install
<kexman> twb: i downloaded a ubuntu-server iso
<kexman> btw i need to do set-locale only 1 time and im done ?
<kexman> also no set-locale command here ...
<twb> kexman: don't bother trying that unless "locale -a" reports only the "C" locale
<twb> It's supposed to be automated
<kexman> it reports C locale
<kexman> twb: i removed the language packs and i generated the en_US.UTF-8 locale
<twb> kexman: *only* the C locale?
<kexman> now id like my system to use it
<kexman> no
<twb> Hang on, lemme look up what I do
<kexman> en_US.UTF-8 + POSIX
<twb> update-locale LANG=${LANG:-en_US.UTF-8}
<twb> update, not set
<kexman> twb: thanks
<kexman> twb: so this will remain no need to do anything more ? its permanent right ?
<twb> Yeah, you should be done now
<twb> If you are logged in, you might need to log out and back in
<twb> You might want to "aptitude purge ~c" too
<kexman> twb: whats that for ?
<twb> Removes config files of uninstalled packages
<keyboardtalk> I am trying to set up userdir with 10.04 and apache2. I am getting a permissions error when I try to access user directories. Any help?
<twb> keyboardtalk: root_squash?
<keyboardtalk> twb: what is that?
<twb> keyboardtalk: not that, then
<jmarsden> keyboardtalk: check that www-data or whatever your apache2 runs as has read permissions to the ~/public_html/ directories concerned?  And that /home/whoever is not 0700, for instance?
<twb> jmarsden: oh, mea culpa; I thought apache2 ran as root
<twb> I guess only the master proc does
<jmarsden> twb: It drops root ptivs as soon as it binds to port 80, basically.
<jmarsden> *privs
<twb> Righto
<keyboardtalk> www-data is the owner of public_html
<keyboardtalk> I gave everything read permissions
<twb> You may also need to dance with <directory> options in the apache configuration
<twb> #httpd can help with that
<jmarsden> keyboardtalk: are perms on /home/whoever sufficient that www-data can traverse it to find /home/whoever/public_html ?
<twb> su - www-data -c 'find /home/fred/public_html -ls' >/dev/null
<twb> See what errors (if any) it gives
<keyboardtalk> the parent folder needs read access as well?
<jmarsden> keyboardtalk: needs x, for directory search, I think.
<twb> Sounds right
<twb> posix permissions hurt my brain tho
<jmarsden> So /home/whoever probably needs to be 711 not 700.
<keyboardtalk> does that compromise the security of anything inside the home directory?
<jmarsden> It means all users can traverse that directory... if that is a compromise in your situation, I can't say :)
<keyboardtalk> well it's working, thank you very much
<jmarsden> You're welcome.
<kexman> twb: how do i remove config files of uninstalled packages ? where would does hide ? :)
<jmarsden> apt-get purge PACKAGENAME
<twb> 12:38 <twb> You might want to "aptitude purge ~c" too
<jazz2> hi, how can I get back to a 2.6.28 kernel on my 10.04-server? since I upgraded from 9.04 the wlan connection is dead slow with the 2.6.32 kernel (I even made a clean install to check if the upgrade was faulty, but unfortunately there is no 2.6.28 kernel available anymore, as it was when I upgraded) or do I have to go back to 9.04?
<twb> jazz2: that's extremely non-trivial
<jmarsden> jazz2: Maybe you should be asking "how can I fix my wlan connection" instead?
<twb> !xyproblem
<twb> Grr, this bot doesn't know *anything* :-/
<jmarsden> <dpkg> [xyproblem] People often falsely diagnose problems because they are looking too closely at a problem: they have got stuck at a particular point (Y) doing something (X) and so ask about step Y, not realising that there is an easier or better way to do X in the first place.  See http://mywiki.wooledge.org/XyProblem or http://homepages.tesco.net/J.deBoynePollard/FGA/put-down-the-chocolate-covered-banana.html
<jmarsden> twb: You are just too used to dpkg :)
<twb> Actually greybot in this case
<jmarsden> jazz2: If you only have one machine to deal with, it would seem quicker and easier to replace the wlan NIC with one that is well supported, than to try using old non-standard kernels etc etc.
<twb> Even if you had 100 machines
<twb> I'm not convinced the kernel is the problem, tho
<jazz2> twb, jmarsden, I would like to have a wlan fix, but it seems there are some ppl having similar problems (from what I could google) so I just thought I could go back; In the upgraded version I could change from between 6.28/31/32 and the problem wasn't there in 2.6.28
<jazz2> so I thought it would be esiest for the shortterm (until it gets a fix) to use the old kernel
<jazz2> easiest*
<jmarsden> I really doubt it.  Easiest is probably a $10 wireless NIC that you know is supported well in 10.04.2 :)
<jazz2> it's a zydas which worked great up until now
<BuenGenio> hello
<BuenGenio> Apache2 on my 11.04 server doesn't restart properly
<BuenGenio> it just hangs saying ... waiting ...........................
<BuenGenio> but never restarts
<BuenGenio> additionally apache2 can only be killed with -S KILL
<uvirtbot> New bug: #799623 in clamav (main) "Incorrect generated logrotate file" [Undecided,New] https://launchpad.net/bugs/799623
<xperia> hello to all. i have heavy big problems for some strange reason with my DNS Server. if i try several times as a example to load a website with wget it hangs allways at the resolving of the domain name. need help with this one. problem is with other ISP it works all fine when the sites are loaded just with my ISP it makes problems
<xperia> when i sniff the requests i get also this errors here
<xperia> 00:04:41.281 0.132 426 393 GET 302 text/html (NS_ERROR_REDIRECT_LOOP) http://www.mypicx.com/images/logo.jpg
<xperia> what could be wrong. have lot of time outs and a heavy lag with the DNS
<jazz2> xperia, sometimes there is an issue, that the dns tries to resolve using ipv6 first and only resolves ipv4 when that times out
<xperia> hmmm i looked the last days in the bind log and it is full of strange messages like
<xperia> Jun 20 10:56:48 HauptServer named[7854]: error (network unreachable) resolving 'ns1.nzz.ch/A/IN': 2001:500:2d::d#53
<xperia> Jun 20 10:56:53 HauptServer named[7854]: error (unexpected RCODE REFUSED) resolving 'www.zischweb.ch/AAAA/IN': 168.144.1.155#53
<xperia> What should i do ?
<airtonix> anyone installed bind9.7 from haukes ppa on maverick?
<airtonix> https://launchpad.net/~hauke/+archive/bind9
<xperia> i have bind9 running on natty but dont know if i have the haukes ppa
<airtonix> i need the dnssec extensions to get samba4 running properly
<jazz2> xperia, do you have/use ipv6? can that be the issue?
<xperia> well i guess i dont have ipv6 any suggestion how to check and do it on my ubuntu server ? looks like problem is related to this ipv6 change then that has been done a few days ago
<jazz2> maybe this is helpful: http://www.ubuntugeek.com/how-to-disable-ipv6-in-ubuntu.html
<xperia> jazz2 found this one too as it is more related to bind =>http://ubuntu-tutorials.com/2009/03/21/configure-bind-9-for-ipv4-or-ipv6-only/
<xperia> thanks a lot for your help. need now to look if this was the problem
<jazz2> xperia, good luck :)
<speakman> Still having serious fatal MCE's :( http://pastebin.com/KdUHbpdC Any suggestions are welcome!
<DigitalFlux_> Hi Guys
<DigitalFlux_> So i've installed cobbler under Ubuntu
<DigitalFlux_> and while i try to network-boot natty, i get the error that it can't find the preconfig file, it's searching in http://127.0.0.1/cblr/svc/op/ks/profile/ubuntu-natty-server-x86_64
<DigitalFlux_> Any hints why is that ?
<uvirtbot> New bug: #799656 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/799656
<fulc> hello, i would like to ask for some help with regards to Ubuntu Enterprise Cloud
<kexman> morning :)
<_johnny> anyone remember some months/a year ago where a security update was pushed fixing some openssh bug/vulnerability? anyone got a link for which it was, or which ubuntu version it was? got a friend on 10.04 who might be a victim
<uvirtbot> New bug: #799630 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/799630
<Daviey> kirkland: Around?
<zul> Daviey: how did you fix mod-perl?
<Daviey> zul: build failure?
<zul> yeah
<Daviey> zul: it was failing due to a test failure
<zul> Daviey: so how did you fix it? :)
<Daviey> the test suite only worked with HTTP 1.0 not HTTP 1.1
<Daviey> cherry picked patches from upstream
<Daviey> and like a good cookie, fixed it in Debian :)
<Daviey> http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=10;filename=230-test-failures-fix.patch;att=1;bug=628296
<Daviey> zul: why do you ask?
<zul> im just curious
<uvirtbot> New bug: #799711 in ocfs2-tools (main) "o2cb[11796]: ERROR: ocfs2_controld.pcmk did not come up" [Undecided,New] https://launchpad.net/bugs/799711
<Kathusyas> whats the diffrent of ubuntu / ubuntu server is it same distro?
<Daviey> uvirtbot: Maybe one day, you'll give us good news?
<uvirtbot> Daviey: Error: "Maybe" is not a valid command.
<hallyn> Daviey: hey, how is status on spice packages?
<Guest81013> hey guys, i need to change the grub loader on my ubuntu to text so that it doesnt load the gui, i cant remember where the grub files are kept.  can anyone help me by telling me where the files are kept?
<Daviey> hallyn: Hello sir!  Good to have you back :)
<Daviey> hallyn: was this something you asked me to sponsor?
<hallyn> yup :)
<pwnguin> anyone selfhosting openID providers?
<Guest81013> hey guys, i need to change the grub loader on my ubuntu to text so that it doesnt load the gui, i cant remember where the grub files are kept.  can anyone help me by telling me where the files are kept?
<hallyn> the packages in ppa:serge-hallyn/spice2 for universe
<hallyn> Guest81013: edit /etc/default/grub i think
<Guest81013> hallyn: that is correct. thankyou
<Guest81013> hallyn:  i changed it to text but its still loaded the gui.  any ideas exactly what i should change it to in order to stop the gui loading by default?
<hallyn> you cleared out 'GRUB_CMDLINE_LINUX_DEFAULT' and then ran update-grub?
<hallyn> Guest81013: ^
<Guest81013> ahhh yes
<Guest81013> update
<Guest81013> lol thats what i missed
<w00> hi
<w00> I have in /etc/apt/apt.conf.d/20auto-upgrades set: APT::Periodic::Update-Package-Lists "1"; but i would like to know how can i check that it updated the package list?
<brianthelion> Hi all! Just trying to get some eyes on my krb5/ldap/nfsv4 bug -- https://bugs.launchpad.net/ubuntu/+bug/794112
<uvirtbot> Launchpad bug 794112 in ubuntu "Kerberos + LDAP + NFSv4 on Natty - Unable to recover unattended client" [Undecided,New]
<brianthelion> feedback greatly appreciated
<Daviey> hallyn: Hmm.. I reviewed it and seem to remember i had some questions.
<Daviey> gah
<Daviey> hallyn: i should have made a note
<hallyn> Daviey: going to plumber's?
<Daviey> hallyn: unlikely
<hallyn> :(
<Daviey> hallyn: Think it'll be useful?
<hallyn> well i've not seen a schedule.  But i'd think so, yes.  Good people are there usually.
<hallyn> (i'm gonna be hiding at a min-conf on the 8th)
<xperia> hello to all. i have just connected my ubuntu server to my adsl modem and i am able to download content from the internet but if i try to access the webserver nothing happens.
<xperia> ssh connection to the server from outside is possible. what could be the problem ?
<xperia> okay got it running
<xperia> it was the reversy proxy that maked problems
<zul> RoAkSoAx: can you push the mini.iso stuff for cobbler upstream
<RoAkSoAx> zul: yes will do!
<zul> RoAkSoAx: if i get some spare time ill add arm detection support this week sometime i hope
<RoAkSoAx> zul: cool... are there any arm ISO's yet?
<negronjl> good morning all
<zul> RoAkSoAx: no im suspecting it will behave a bit differently
<RoAkSoAx> zul: ok
<RoAkSoAx> negronjl: morning
<negronjl> hi RoAkSoAx
<zul> RoAkSoAx: as in slit my wrists differently
<Daviey> RoAkSoAx: arm doesn't yet use ISO's.
<Daviey> That will hopefully come this cycle.
<RoAkSoAx> zul: hehehehe yeah I cna imagine looking at all the documentation :)
<RoAkSoAx> Daviey: cool!
<Daviey> Currently it's a dd image with OEM mode ubiquity on first boot.
<xperia> hello to all. i am trying to turn my ubuntu server into a wirelsee access Point based on this howto here
<xperia> https://help.ubuntu.com/community/WifiDocs/WirelessAccessPoint
<xperia> the thing that i dont understand is the interface br0
<xperia> have installed the bridge utils like written but dont see still the br0 interface
<atotclic> hello
<airtonix> xperia: without reading that page I think you need to manually add the br0 interface to your /etc/networks or something ?
<airtonix> xperia: does your wifi device successfully enter master mode ?
<xperia> airtonix: i am not that versatile with wifi. the server has wlan0 interface but if it is possible to run as master mode i cant say
<xperia> any sugestion how to find it out ? have just running lspci and found the wlan card
<xperia> 03:00.0 Network controller: Broadcom Corporation BCM43225 802.11b/g/n (rev 01)
<smoser> cjwatson, so, for libpng, using pkg-config is fine, but it looks to me that libx11 and libjpeg62 do not provide pkgconfig files, so it doesn't work fo rthem.
<smoser> you suggest making pkgconfi files and bugs for those packages or... something else?
<airtonix> xperia: lspci -nn
<airtonix> xperia: then search the manufacturer code and device id on some websites like hotspot ap or something
<airtonix> tbh it's much easier to buy a 35$ tplink 1043nd and flash it with openWRT
<airtonix> then you can opt install all kinds of linux stuff on it
<uvirtbot> New bug: #799798 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/799798
 * zul lunch
<cjwatson> smoser: x11.pc exists
<cjwatson> smoser: for libjpeg, hmm.  a Debian-specific patch for this is to add /lib/$(DEB_HOST_MULTIARCH) and /usr/lib/$(DEB_HOST_MULTIARCH) to your search path (you'll need to 'export DEB_HOST_MULTIARCH := $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)' somewhere, perhaps in debian/rules, or fetch the output of 'dpkg-architecture -qDEB_HOST_MULTIARCH' in config_unix.py)
<cjwatson> that would handle the cases you've dealt with using pkg-config too, although pkg-config is generally better
<xperia> airtonix one small question my eth0 interface has this data here at the moment
<xperia> inet Adresse:192.168.1.33  Bcast:192.168.1.255  Maske:255.255.255.0
<xperia> My Question is what i need to write for the br0 interface as ip adresses ?
<xperia>     #address 10.1.1.1
<xperia>     #network 10.1.1.0
<xperia>     #netmask 255.255.255.0
<xperia>     #broadcast 10.1.1.255
<airtonix> for next time, use pastebin
<xperia> okay
<airtonix> or dpaste or any other other derivatives
<airtonix> from memory i think your bridge is going to be anything that isn't on that eth0 network
<airtonix> it's essentially a different subnet of it's own
<xperia> ahh then i have to use the wan IP adress then ?
<airtonix> well i'm not sure about that
<airtonix> are you looking to create an access point that more than one wifi client can connect to or are you just wanting to do a point to point connection ?
<xperia> airtonix yes this is my idea
<airtonix> access point or tunnel?
<airtonix> because you can just use ufw's NAT features to do the latter
<airtonix> (which is just a simplified interace to IPtables NAT features)
<airtonix> interface*
<airtonix> time to sleep
<xperia> okay airtonix have nice sleep
<hallyn> mdeslaur: hey, do you know what is going on with bug 795427 ?
<uvirtbot> Launchpad bug 795427 in libvirt "Upgrade Libvirt up to 0.9.1 generates new bug with Virt-Manager" [Undecided,New] https://launchpad.net/bugs/795427
<mdeslaur> hallyn: I have no idea what that's about
<mdeslaur> hallyn: it's booting from the disk instead of from the cdrom? I dunno
<hallyn> ok :)   me neither, wanted to ask you before askng for clarification
<uvirtbot> New bug: #611644 in open-vm-tools (multiverse) "Snapshot with quiesce option fails and kills VM on ESXi 4.1" [Medium,Confirmed] https://launchpad.net/bugs/611644
<nonotza> could someone help me out with this odd behavior in ubuntu? when I start up I get two start up messages like this: http://pastebin.com/uGX2J7cY
<nonotza> ** when I login ...
<SpamapS> nonotza: thats been fixed in a recent update actually
<nonotza> oh ok, I just updated actually
<nonotza> let's see if it worked
<nonotza> do you know how I can change that text?
<nonotza> what do you know ... its fixed now hehe
<SpamapS> nonotza: read 'man motd' and 'man motd.tail'
<nonotza> thank you
<SpamapS> nonotza: ^5 for testing our updates. :-D
<nonotza> hehe
<AndroidLoverInSF> i got postfix mail delievered to my maildir new folder alright. but when i type mail. it says i have no new mail. so what wrong and how to fix? ideas?
<hggdh> Daviey: there?
<SpamapS> Andre_Gondim: mail checks your system mail queue, Maildir is something different.
<SpamapS> Andre_Gondim: you might want to look at 'mutt' or 'sup-mail' if you want to see your mail via the console.
<orudie> how can I archive a directory with preserving the entire files and subdirectory structure ?
<pmatulis> orudie: use rsync or cp
<pmatulis> 'rsync -a --delete' or 'cp -a'
<RoyK> pmatulis: cp -a won't remove old stuff
<RoyK> orudie: rsync -avP will do it verbosely and allow large files to be resumed (-P == --progress --partial)
<pmatulis> RoyK: should
<RoyK> should what?
<pmatulis> RoyK: should remove old stuff
<RoyK> cp -a doesn't remove anything
<orudie> so I should use rsync and not scp ?
<RoyK> I'd use rsync
<RoyK> rsync uses rdiff for large binary files, so if a small set is changed in a large binary file, mostly the differences will be transferred again
<orudie> RoyK, I need to migrate the content of /var/www/ which contains a number of websites, about 5 GB total from one host to another. can you give an example of rsync command line to be used ?
<RoyK> rsync -avP /var/www /new/path
<RoyK> or somehost:/new/path
<RoyK> it'll tunnel over ssh unless you ask it otherwise
<orudie> and to specify ssh port ?
<RoyK> -p
<orudie> k
<patdk-wk> -e 'ssh -p 222'
<RoyK> erm
<RoyK> no
<RoyK> yes, patdk-wk's right
<patdk-wk> rsync supports ssh port directly now?
<RoyK> no, my wrong
<RoyK> --port=PORT
<RoyK> from the manual
<RoyK> so, yes, it does, but not with -p
<RoyK> again, I may be wrong, seems --port is more for the rsyncd works
<RoyK> rather do as patdk-wk said
<patdk-wk> ya, that is for rsync protocol only
<patdk-wk> easier to use the uri syntax for it, rsync://user@host:port/
<RoyK> or ssh:// .. ?
<patdk-wk> doesn't say that is supported
<RoyK> rsyncd is rather outdated imho
<orudie> so this would be good way ? rsync -aevP 'ssh -p 222' /var/www/ user@host:/new/path ?
<patdk-wk> I use rsyncd for some things
<RoyK> well, I guess -e 'sssh -p someport' should work, then
<RoyK> orudie: looks good
<patdk-wk> hmm, is it legal to have the e floating in the middle like that?
<RoyK> sssh == Schutzstaffel-shell :P
<RoyK> sorry, one s too much
<RoyK> patdk-wk: rsync -avP -e 'ssh -p someport' usr@host:/somepath
<patdk-wk> that is what I do, it's *safer*
<RoyK> -e is just another argument and 'ssh... is just the value of that
<patdk-wk> I've had programs take vP as the aurg to -e i nthe first example
<patdk-wk> probably cause they don't use getopt or whatever?
<RoyK> the -vP parts will give you quite a lot of output and not very much needed
<RoyK> getopt() just takes whatever's given and parses it
<RoyK> rsync -a -v -P -e ... == -avPe
<patdk-wk> ya, but does rsync -aevP = rsync -a -e vP
<RoyK> patdk-wk: no
<RoyK> patdk-wk: -e takes an argument, the command, 'ssh' or 'ssh -p someport' etc
<RoyK> patdk-wk: so try "ssh -e 'ssh -p 2020' -avP /my/dir user@somehost:/their/dir
<RoyK> the -e 'blah' can be anywhere in the string, just before /my/dir
<patdk-wk> for the record: rsync -aevP 'ssh -p 222' = rsync -ae 'vP' 'ssh -p 222'
<patdk-wk> rsync -avPe 'ssh -p 222', works as expected
<pythonirc101> I've a 200GB hard drive on which I want to install ubuntu and then i've 5 other drives on which i want to run RAID 5. Is this easy to configure during installation?
<patdk-wk> sure
<RoyK> pythonirc101: just use manual partitioning
<RoyK> pythonirc101: setup the root drive with whatever's needed there, create partitions on the data drives for 'physical drive for used with RAID' and after doing that, configure the RAID
<sw0rdfish> hey guys add-apt-repository needs to be installed? its giving me 'command not found'
<patdk-wk> install it?
<RoyK> apt-get install python-software-properties
<RoyK> erm, that was perhaps wrong
<pythonirc101> RoyK: Lemme try
<patdk-wk> ya that is it, heh
<patdk-wk> my search wouldn't bring it up
<RoyK> anyway, adding something to /etc/apt/sources.list.d should work well
<RoyK> I'm on Maverick on this box (or VM)
<RoyK> tried to upgrade it to natty the other day, but grub messed up :P
<pythonirc101> RoyK: I guess its easier to just install the OS on the 200GB harddrive and then setup the RAID later?
<pythonirc101> RoyK: I dont see any raid options in the installer?
<orudie> well i tried rsync as a test , didn't work.. not sure what I did wrong there http://paste.ubuntu.com/629990/
<RoyK> pythonirc101: with the server installation, the options are there
<pythonirc101> RoyK: In the partitioning phase?
<RoyK> pythonirc101: just choose 'manual partitioning', and do as I said above
<RoyK> pythonirc101: you need to create a 'physical partition for raid' on each of the data drives
<pythonirc101> I did goto manual partitioning, but it asks me for mount points and such...no mention of raid anywhere
<RoyK> after that, exiting the partitioner, it's simple
<pythonirc101> ok, lemme try again
<RoyK> pythonirc101: the standard partition type is ext4, press enter there and choose RAID partition
<RoyK> or filesystem type, even
<orudie> anyone? what did I do wrong there ?
<RoyK> orudie: 21:23 < patdk-wk> for the record: rsync -aevP 'ssh -p 222' = rsync -ae 'vP' 'ssh -p 222'
<RoyK> so move the e after the P
<RoyK> since e takes an argument, P doesn't
<pythonirc101> with 5 1TB drives, should i go with RAID 5 / 6/ 10?
<pythonirc101> I need reliability in case one drive fails, and fast IO
<cloakable> 5 probably
<RoyK> pythonirc101: depends on the needs
<patdk-wk> pythonirc101, depends what you call fast io
<RoyK> pythonirc101: RAID-5 is rahter slow for random access
<RoyK> pythonirc101: RAID-6 even slower
<patdk-wk> but only random writes
<pythonirc101> what about raid 10?
<sw0rdfish> i'm just trying to add the repository for nginx
<RoyK> pythonirc101: 5 drives in RAID-1+0 isn't very easy :P
<patdk-wk> raid10 is fast for random writes
<sw0rdfish> add-apt-repository ...etc gives me command not foudn
<sw0rdfish> found*
<RoyK> sw0rdfish: and reads...
<sw0rdfish> lol
<sw0rdfish> ohhh
<pythonirc101> can raid 10, 5 , 6 all survive one disk failure? more?
<patdk-wk> random reads would be faster with raid5/6 than raid10
<RoyK> pythonirc101: if you don't have a bad-ass database or a lot of video streams to serve, just use RAID-5
<sw0rdfish> I can add it to /etc/apt/sources.list :D
<patdk-wk> raid10 depends, can handle 1 or more failures
<RoyK> pythonirc101: RAID-6 can survive two drive failuers, RAID1+0 can survive one drive failure on each mirror
<pythonirc101> ok, raid 5 seems to be the middle ground then?
<RoyK> pythonirc101: for five drives, just use RAID-5 - it'll probably suffice
<pythonirc101> one drive failure? + good read/write?
<pythonirc101> thanks
<patdk-wk> if a disk fails in raid5 or raid6, though, your speed will ONLY be 20% what it used to be
<RoyK> pythonirc101: anyway - you can change it to RAID-6 later by adding a drive and doing some mdadm magick
<patdk-wk> till the new drive is rebuilt
<pythonirc101> so i need raid 5 -- and i make all my 5 drives active?
<patdk-wk> that will give you 4*drive space available
<RoyK> working with ZFS with rather large volumes (some 350TB total) Linux RAID is a heaven when it comes to flexibility
<pythonirc101> when one fails , i replace it?
<pythonirc101> RoyK: How do you even build the 350TB storage? one machine? or distributed zfs?
<RoyK> pythonirc101: think of it as this - in the ZFS world, we talk about RAIDz1 or RAIDz2 or even RAIDz3. RAIDz1 has one parity level, so it can survive a dead drive (per VDEV). Same applies to RAID-5. RAIDz2 is like RAID-6. RAIDz3 is like - well - RAID-6 with another parity drive
<RoyK> pythonirc101: two 100TB boxes and a few smaller ones
<RoyK> that's net storage, after RAIDz2 overhead :P
<pythonirc101> RoyK: how many active drives for raid 5 should i use?
<RoyK> 5-6 max
<RoyK> for RAID-6, a bit more, perhaps up to 12
<pythonirc101> RoyK: So if i put 5 active, and one crashes, I'll have to find out which one crashed, and replace it manually?
<RoyK> yep
<RoyK> and if you replace the wrong drive, tough luck :P
<pythonirc101> sounds good...checking hard drives should be easy... :)
<patdk-wk> why it's nice to check serialnumbers
<pythonirc101> well i can always check the drives one by one using my external sata plugs?
<pythonirc101> patdk-wk: ah, the serial numbers tell which one failed then?
<patdk-wk> if you use smartctl on the drive to read that info
<^rcaskey> 350TB is a hefty number
<patdk-wk> or use smartctl to see what drives are left working :)
<patdk-wk> mdadm will tell you what device failed
<patdk-wk> smartctl on that device will give serial
<pythonirc101> nice thanks
<pythonirc101> RoyK: Who builds 100tB boxes? how much do they cost?
<RoyK> ^rcaskey: 100+100+60+50+14+12 - well, not quite 350, but still ok
<uvirtbot> RoyK: Error: "rcaskey:" is not a valid command.
<^rcaskey> RoyK, why broke out like that?
 * RoyK kicks uvirtbot 
<RoyK> ^rcaskey: different use pattern
<uvirtbot> RoyK: Error: "rcaskey:" is not a valid command.
<RoyK> the three 100+100+14 are backup servers for bacula
<^rcaskey> would 96 be close enough?
<RoyK> 60+50 are scientific work data + backup
<RoyK> the last 12TB box is a file server
<RoyK> the latter with all striped mirrors and some nifty SSDs for caching
<pythonirc101> RoyK: Who builds the 100TB boxes?
<RoyK> 100TiB or 110TB for the big ones
<pythonirc101> how much do they cost?
<^rcaskey> RoyK, i'm way out of my league, I'v only got 2TB in mine and I never got around to my SSDs due to ram + nvram
<RoyK> this was back in, what, november, perhaps october, and they cost us about NOK 130k a piece
<^rcaskey> If you are willing to do your JBOD in software Dell R510s are cheap
<RoyK> I learned one lesson, though - don't mix SuperMicro SAS expanders and WD desktop drivers
<RoyK> s/drivers/drives
<pythonirc101> I'm using seagate + supermicro sata ports
<RoyK> seagate and hitachi works well
<patdk-wk> royk, what wd drives did you attempt to use?
<RoyK> but there's something fishy about the timing with WD desktop drives
<RoyK> blacks
<RoyK> dunno if this is an openindiana/solaris issue, but sometimes we see a whole backplane/sas expander go bad, starting to produce massive i/o errors
<RoyK> but only one
<RoyK> with four backplanes/sas expanders per server, it's quite easy to pinpoint the black sheep
<patdk-wk> I have a bunch of the yellow currently
<RoyK> yellow?
<patdk-wk> next level up from black
<RoyK> is that a cheap green thing?
<patdk-wk> re3/4
<RoyK> oh, RE
<RoyK> ok
<RoyK> RE is ok, but bloody expensive compared to blacks
<RoyK> thing is, Seagates and Hitachis work flawlessly, but adding a bunch of WD green/black drives to a chassis, the whole thing starts acting erronously
<patdk-wk> I have nothing but issues with green drives
<RoyK> they work well directly attached
<RoyK> but through an LSI 3810, they are chaos
<RoyK> so are WD Blacks
<RoyK> with LSI 9201 it works better, though, but not quite
<^rcaskey> my how I hate hardware
<RoyK> yeah, better off without it - use Semaphore!
<^rcaskey> My file server rocks the two-disk raid 1
<^rcaskey> I'd bet in the average week a single piece of data doesn't get read off a disk
<^rcaskey> Well excluding whatever smart does
<hggdh> 1
<^rcaskey> one
 * RoyK is setting up a new 2-drive RAID-5 for a private server soon
<^rcaskey> ummm howzat work?
<^rcaskey> mirrored parity data on reserved portions of both disks :P?
<RoyK> it's just that simple
<RoyK> you need 1+n data drives and one parity drive
<RoyK> n >= 0
<patdk-wk> it's like raid1, but slower :)
<patdk-wk> cause of cpu overhead
<RoyK> but more flexible :)
<RoyK> when I want to add another, I expand the RAID-5, adding another drive
<RoyK> whops, lots of more capacity
<RoyK> and then another, and another
<RoyK> and if I grow past 4-5 drives, I change it to RAID-6 and keep on growing
<pythonirc101> RoyK: Somehow grub wont install on my raid/other drive...still trying...
<RoyK> pythonirc101: grub won't install on a RAID-5
<RoyK> pythonirc101: use a single drive or a mirror for the root, and data drives for the rest
<pythonirc101> the problem is , its showing me /dev/mapper for installing grub
<pythonirc101> I dont know where to install it right now..I've a raid 5 and another separate drive named /dev/sd.... -- dont remember
<RoyK> pythonirc101: then just reinstall, use manual partitioning, create a small /boot of 1-2GB, a swap partition about half your RAM size (or twice, if you expect it to overcommit a lot), then the root for the rest of the drivee (or mirror)
<RoyK> then install and create the RAID-5 volume manually
<pythonirc101> here is the problem...I've two drives 200GB and 5x1TB...the 200GB is also a raid, and  grub wont install there either...
<RoyK> it should work fine with the installer, but there may be issues
<pythonirc101> 40GB x 5 = 200GB
<RoyK> pythonirc101: did you add a mirror for the root?
<pythonirc101> nope.
<RoyK> then use the two 200GB drives for the root alone
<pythonirc101> I was hoping to install things on the 200GB hard drive and keep the 5x1TB for data/storage
<RoyK> just mirrors
<RoyK> pythonirc101: in the installer, create a fresh partition on each of the two 200GB drives, on each, create a 2GB partition for /root (ext2), a 2GB partition (or so) for swap, and the rest for the root. Mark all those as physical RAID partitions
<RoyK> when done, go back and create ext2/swap/ext4 on those partitions, and leave the data out of it
<RoyK> then, when installed, create a new RAID with mdadm
<pythonirc101> I only have one 200GB drive...which is a hardware raid - Five 40GB drives = 200GB
<RoyK> I thought you were talking about software raid?!?
<pythonirc101> I've a software raid (5x 1TB) and a hardware raid (40GB x 5)
<RoyK> the root partition on an ubuntu server won't need more than a mirror of those
<RoyK> 40GB is sufficient for most
<RoyK> most, being very large fileservers doing nasty stuff
<JanC> 5 x 40 GB = 200 GB  doesn't sound like (real) RAID to me  ;)
<pythonirc101> ssd
<pythonirc101> ocz
<pythonirc101> so grub wont install on a software raid i take it?
<pythonirc101> can one install the os on a software raid?
<RoyK> pythonirc101: that's a waste, really
<RoyK> pythonirc101: just use two of them in a mirror
<RoyK> or three in a three-way mirror
<RoyK> or rather, give up using SSDs for the root
<RoyK> it won't help much - most of the root fs is cached upon bootup anyway
<RoyK> use cheap spinning drives
<pythonirc101> RoyK: If I mirror two drives for the OS, that'll leave me with only 3 drives for a software RAID...not good
<RoyK> use SSDs for something fun like caching
<pythonirc101> I need capacity
<RoyK> well, I'm going to bed and refuses to listen to idiots about this topic - one last message - use small, spinning drives for the root, two in a mirror, use large drives for data, raid-5 or striped mirrors, and if you can, use ZFS so you can allocate SSDs as caching devices
<pythonirc101> I'll try, thanks.
<sw0rdfish> RoyK, hei man
<sw0rdfish> du er veldig aktiv I dag :)
<sw0rdfish> you there, mate?
<raubvogel> Question on https://help.ubuntu.com/10.04/serverguide/C/kerberos-ldap.html: don't you have to create the principals for the slave KDC?
<uvirtbot> New bug: #799942 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 128" [Undecided,New] https://launchpad.net/bugs/799942
<RoAkSoAx> kirkland: this server side (powerwaked) ARPMonitor to auto wakeup machines is sweet!!
<kirkland> RoAkSoAx: neat :-)
<zooko> Dear people of #ubuntu-server: I'm used to debian/ubuntu packages coming configured to a working state.
<zooko> But cron-apt apparently requires me to un-comment-out dozens of lines in /etc/cron-apt/config. What gives?
<adam_g> kirkland: hey dude ive been using tmux for a year or so, id be happy to checkout any of the profiles you're working on
<kirkland> adam_g: smoser told me you were a tmux user ;-)
<kirkland> adam_g: nice, so have you used byobu at all?
<adam_g> kirkland: not so much, lately i haven't been doing enough remote work to need anything like it.  i use a tiling window manager locally that works similarly
<kirkland> adam_g: right; okay
<kirkland> adam_g: well, perhaps we'll catch up in Dublin and you can show me some tips and tricks
<zooko> Sorry to ask a question and then disconnect.
<zooko> The question was: why does cron-apt come with a config file with everything commented-out, instead of with useful default values?
<RoAkSoAx> kirkland: By the end of this week I hope to have a fully functional powerwaked server that will grab ips/mac's for powerwake cache, listen for ARP Broadcast in the network, and wakeup those machines which need to be woken up
#ubuntu-server 2011-06-21
<^robertj> is vlan0.0 a no-no?
<^robertj> err br0.0
<AndroidLoverInSF> i got postfix mail delievered to my maildir new folder alright. but when i type mail. it says i have no new mail. so what wrong and how to fix? ideas?
<pmatulis> AndroidLoverInSF: well, evidently it's not looking for new mail in the right place
<AndroidLoverInSF> im not a sysadmin. how to make it look in the right place
<pmatulis> AndroidLoverInSF: i'm not sure, research it.  start with 'man mail'
<greppy> AndroidLoverInSF: mail doesn't work with maildir, you might want to take a look at mutt to read mail in your maildir.
<pmatulis> greppy: 'maildir' is all over *my* mail man page.  not sure which package is actually associated however
<pmatulis> mailx?
<pmatulis> i have heirloom-mailx package installed
<AndroidLoverInSF> i used empathy to read it
<AndroidLoverInSF> but now have problem sending mail.
<deXire> hello :)
<pmatulis> hello
<deXire> I am new to Ubuntu server. I created a directory and set the CHMOD according to some tutorial, now I can access the web pages within that directory but only from within the server, I can't access them from any other computer
<deXire> so, what's the problem ?
<SpamapS> deXire: https://help.ubuntu.com/10.04/serverguide/C/httpd.html
<SpamapS> deXire: that may be of help
<deXire> it's not about apache, it's about te CHMOD code
<deXire> I guess I don't know the one that allows access from other computers
<kexman> hello ubuntu people
<kexman> i run into a problem and wanted to ask if maybe someone knows a fix for it
<kexman> i would like to use my phone as a usb2net adapter
<kexman> its smart enough to make a nat and provide me internet using 3g or wifi
<kexman> this worked as "plug and net" on system rescue cd
<kexman> could this feature be someone be used on ubuntu-server ? its already installed everything is in place i booted it
<twb> The only difference between desktop and server versions of Ubuntu is which packages are installed.
<twb> If you can isolate which packages were providing you that functionality on the "system rescue cd", you can install them.
<kexman> twb: how if i dont have net ? :P
<kexman> maybe its on the cd ?
<twb> sneakernet
<kexman> hmm is it ? :) how did you found it ?
<twb> No, "sneakernet" means you carry data from one place to another by walking instead of by data cable
<kexman> twb: lol :)) haha okay
<twb> e.g. on a usb key
<kexman> twb: you know what :) ill just make my b43 work with wpa_supplicant :P
<kexman> http://ubuntuforums.org/showthread.php?t=263136 yay for guides and tuts :P
 * kexman is lazy
<twb> Yes, well, broadcom are an enemy of your freedom
<kexman> twb: nah its recognized
<kexman> twb: you dont know how broadcom used to be :P
<twb> Then it's just a normal wpa_supplicant setup.
<kexman> bcm43 ndis b43legacy etc ....  pita compared to how you do it now :)
<twb> kexman: I have twenty b43 routers...
<kexman> twb: yes :)
<twb> And you don't get NDIS on MIPS
<kexman> twb: but image booting sysresc no wifi ... eeergh ... plug in phone connected to wifi = wow it works :)
<kexman> twb: no you dont :P
<kexman> there is wl :P
<kexman> there used to be before b43 i guess
<kexman> dunno not running my old openwrt linksys wrl54gl anymore
<twb> kexman: that post you linked to is ridiculous
<kexman> that was pretty cool :) putting openvpn and stuff like that on 4mb :P
<kexman> twb: ridicoulous how ?
<twb> http://paste.debian.net/120507/
<kexman>  4. as the PSK is clear text, be sure to:
<kexman> why not hash it ?
<kexman> 1st line of what i posted does that , btw thanks :P
<twb> kexman: because I'm lazy and it means I can look it up there later to give to someone else :-)
<kexman> you know what i dont want hashed psk :P
<kexman> know why ? :)
<kexman> dont have gpm :P lol
<kexman> baaah
<kexman> firmware file ... blahb lahb not found
<kexman> grrrr
<kexman> hate it hate it , use phone via usb = love it love it :D
<twb> gpm is for mice
<twb> You seriously can't copy things without a mouse?
<kexman> twb: give me net :)
<kexman> twb: serious not what is posted on the console ... no ssh
<twb> screen has copy and paste with ^[
<kexman> yeah blame it on my lack of sed and such
<kexman> huhhh
<kexman> need to learn more about that :)
<kexman> bah my screen usage is minimal ... still cant leave my terminal without it :D
<kexman> screen usage minimial = knowledge of how to use it :P keep forgetting shortcuts :P
<twb> Sounds like you need to print out a reference card and pin it over your desk
<twb> Next to the nudie calendar
<kexman> twb: btw should i had installed 10.04.2 ? im using 10.04 lts from the main site. but now i found out about : http://cdimage.ubuntu.com/ubuntu-server/lucid/daily/current/
<twb> The third dot just means some security updates are already applied
<twb> *third number
<kexman> twb: ah , tought its more feature rich :P like make wifi work out of the box even for b43 users :P
<twb> I suppose it also has -updates applied to it, so IN THEORY it might fix a b43 issue, but that is unlikely.
<kexman> twb: sneakernet it shall be
<kexman> oh wow
<kexman> another great thing happened :(
<kexman> plugged in my usb and it says unable to enumerate usb device on port 1
<twb> Maybe should have done that first?
<kexman> well i have windows on the other machine and that cant see my usb neither ... umf
<kexman> but before that i just had booted from it and was running superbly :) just a very unclean mount
<twb> Uhuh.
<kexman> but clearly here the problem is not an unclean mount
<kexman> but something else imho
<twb> Perhaps the phone's USB socket is not in gadget mode
<kexman> yay sdb is there :P plugged it into another socket :) crazy pc parts :P
<kexman> yweah unplugged the phone as well
<kexman> the thing is now i look at my installation and it uses 727 mb-s and i cant use my network :P lol
<kexman> now i dont have a console mouse :P
<kexman> nor i dont have any cigarettes baaah :)
<kexman> also fdisk says partition 1 does not end on cylinder boundry :)
<kexman> i have sda1 = /boot = primary + sda2 = extended + sda5 = linux LVM
<kexman> all done by the install
<kexman> whats that complaint about fdisk saying that part1 does not end on cylinder boundry ? twb any idea abot that ?
<twb> Ignore that, fdisk is stupid.
<kexman> haha
<twb> Use gparted.
<kexman> heared that before :P
<twb> Er, GNU parted.
<twb> gparted is the lame GUI
<kexman> which is of course not installed into the 777 mb :P
<kexman> what do i get for 777 mb ?
<twb> NFI
<kexman> i didnt select any package
<kexman> dont even tell me about that
 * kexman found tobacco ... 
<twb> If grep-dctrl is installed, you can ask it.
<twb> grep-status -FStatus -sInstalled-Size,Package -n "install ok installed" | paste -sd "  \n" | sort -n
<twb> That will list installed packages by size.
<kexman> no grep-status for me
<twb> About 128MB will be kernel, another 200MB is ubuntu-minimal, and perhaps another 300MB for ubuntu-standard.
<twb> That comes to 628MB, which is roughly what you said.  The remained might be /var/cache/apt/archives or similar.
<kexman> onestly i hate top :P would like to see htop there instead :)
<twb> File a bug report, then
<kexman> minimal and standard dont contain what i need
<kexman> :)
<kexman> but i think im going to go minimal
<kexman> and plug that damn cable :P
<kexman> pitaaa
<kexman> lazyness ftw :P
<kexman> twb: okay not going to cry anymore about this, going to fix it :)
<twb> That 300MB figure was too high; it includes some extra things like git and openssl blacklists.
<kexman> ohh yayy fsck.vat /dev/sdb1 = long list + asking copy original to back ? copy backup to iriginal ? no action ? :) lol
<kexman> i never used fsck.vat
<kexman> twb: looky looky what i see in dmesg when pluggin in the phone under sysresc : rndis_host : usb0 balh blah mac address rndis device :)
<kexman> so its something rndis stuff never header about that :P but it must be that
<twb> I've stopped caring
<kexman> lol :))))
<kexman> twb: im downloading the fw and making wifi work on the laptop
<sparc> Hmm is there a reason why dpkg might not be able to install a file, from a package?
<sparc> error creating directory `./etc/vx/VxICS': No such file or directory
<sparc> but since dpkg was running as root, i would think it would create it
<sparc> n/m, my mistake in a control file.  sorry about that.
<kexman> rndis ftw :D done :D fwcutter did the job :) in chroot :P
<kexman> and thanks to you now twb i already have an ip on wlan0 ;) thanks a lot for that very short wpa_suppl setup :)
<duli> I'm getting this when trying to install pecl xdiff. http://paste.ubuntu.com/630140/ What am I missing?
<twb> kexman: you're welcome
<twb> Yay, data loss
<twb> When you replace collectd with an out-of-band copy and then "dpkg -P collectd-core", it deletes your databases
<twb> Without asking
<kexman> lol
<kexman> twb: backup ?
<twb> It deleted my backups, too
<twb> Well, it deleted one layer of my backups.  I still have some offsite.
<kexman> yay im on 10.04.2 already
<kexman> with working wifi :D
<kexman> why does virtualbox need kde stuff ?
<kexman> ohh
<qman__> pulling my hair out over this broken zoneminder
<kexman> i followed this Debian-based Linux distributions on www.virtualbox.org/wiki/Linux_Downloads
<qman__> really wish there was a manual export function
<qman__> poorly written web interfaces strike again
<kexman> could anyone tell me why ubuntu needs to install a full blown kde to my box when i asked only for virtualbox ? :)
<qman__> kexman, because virtualbox is not a headless software
<qman__> and therefore requires X and all the bits that go with it
<kexman> not that right now i have any problems with it , nice shiny kde yay :P was lazy to pull it :) got it anyway :p thanks :P but if id like to do this without x ?
<kexman> aha qman__ hmm
<kexman> qman__: soo even for not OSE virtualbox i need kde / x ?
<qman__> unless they have a headless version now, but I don't think they do
<qman__> if you want to run a virtual server, suggest KVM or vmware
<kexman> qman__: there is this deb file http://download.virtualbox.org/virtualbox/4.0.8/virtualbox-4.0_4.0.8-71778~Ubuntu~lucid_i386.deb
<kexman> qman__: well id like to use virtualbox right now and no support for kvm :P
<qman__> virtualbox is a desktop virtualization software
<qman__> it's not designed to be run that way, so it depends on the GUI
<kexman> qman__: how can i remove virtualbox and all its dependencys ?
<kexman> would kde be removed then ?
<qman__> yes
<kexman> :(
<qman__> apt-get purge virtualbox if you installed it that way
<kexman> and thats it ?
<qman__> then apt-get autoremove
<kexman> that will wipe out everything that it has done ? no cruft remains ?
<kexman> aha
<kexman> okay that 2 and thats it ?
<qman__> yes
<kexman> would the install files still remain if i wish to install again ?
<qman__> yes
<qman__> in /var/cache/apt/archives
<qman__> until you apt-get clean
<kexman> thank you
<kexman> byebye kde
<kexman> im stress testing my hdd :P
<qman__> sorry if I'm coming off rude, I'm just frustrated
<qman__> been trying to fix broken PHP for the last three hours to no avail
<kexman> qman__: nah mah your helping out a lot really
<kexman> !!
<kexman> qman__: php is the devil :P
<MrPPS> qman__: broken php app, or php itself?
<kexman> it bites your 4$$
<qman__> php app, zoneminder
<qman__> 1.24.1 on ubuntu 9.10, old and unsupported
<qman__> need to get some video out of it, so I can't just upgrade willy nilly
<kexman> Linux mobile 2.6.32-28-generic-pae #55-Ubuntu SMP Mon Jan 10 22:34:08 UTC 2011 i686 GNU/Linux
<kexman> hmm kernel seemsa bit old :)
<qman__> only three versions
<qman__> you're running lucid, right?
<twb> http://bugs.debian.org/631167
<kexman> qman__: 10.04.2 lts
<qman__> yeah
<qman__> that will stay 2.6.32
<qman__> there's a few updates though, apt-get dist-upgrade to get them
<twb> kexman: .32 is what Debian 6, Ubuntu 10.04 and RHEL6 all ship, so it's a damn good release to target.
<qman__> if you want newer versions, you'll have to go bleeding edge
<twb> FSVO bleeding edge =  non-LTS release
<kexman> qman__: then i wouldnt be staying on 10.04 lts if id do dist-upgrade
<kexman> right ?
<kexman> i want 10.04 lts :)
<qman__> no
<kexman> thinking that the most sturdy
<qman__> it's misleading
<qman__> upgrade only upgrades packages
<kexman> qman__: so when would i want to do dist-upgrade ?
<qman__> dist-upgrade upgrades packages and installs new packages
<twb> kexman: it's easier to understand if you call them "safe-upgrade" and "full-upgrade", as aptitude does.
<qman__> since the newer linux kernel is technically a new package, you need it
<twb> safe-upgrade will not remove or install new packages; full-upgrade will do so if the upgrade requires it
<qman__> to go off 10.04 you would need to 'do-release-upgrade', which is completely different
<kexman> aha
<twb> For example, if an upgrade will replace libfoo0 with libfoo1, only full-upgrade will do it, safe-upgrade will skip it.
<kexman> well distupgrade does a kernel update from 32-28 to 32-32
<kexman> so prolly ill take it :)
<kexman> its not unsafe right ?
<kexman> its still stable ?
<qman__> yes
<qman__> the reason for the differentiation is that it's possible to break some compatibility when changing packages like that
<twb> If your primary concern is system stability, you should stick to LTS, safe-upgrade, and full-upgrade.
<qman__> so said upgrades should only be done with the admin sitting in front of the box
<twb> Yep
<kexman> qman__: im doing that right now
<qman__> so they can be undone if anything breaks
<twb> For example I upgraded from 2.6.32-31 to 2.6.32-32 and my entire VM system was broken
<kexman> twb: oooo
<twb> And this happened on a sunday after a pwoer outage
<kexman> not nice
<qman__> typical systems don't have issues with them, but complicated setups or certain softwares can
<qman__> so they don't get automatically selected
<kexman> yay
<kexman> lxde = very nice
<twb> Certainly that failure was atypical, but it was fucking annoying and it was last week
<twb> So I am still grumpy about it
<qman__> I feel that
<qman__> I now have to explain to a non-computer person why it's been four days and I still don't have his video
<twb> qman__: lens cap was on
<qman__> heh
<qman__> I know it's in there, because I can view it through the java thing, but I can't get it out
<twb> ugh, java
<qman__> and since none of the fast forward/resize/pause functions actually work, it's fairly useless like that
<twb> At least you don't have to deal with bloody video evidence programs
<qman__> as bad as this is, it's still not as bad as the proprietary system my dad got
<qman__> the videos from that won't play back on anything except the DVR, period
<kexman> qman__: i just installed vbox binary without kde, yet to see how it works , will keep you posted
<qman__> at least with this, if I put enough time into it, I will eventually get the videos out
<kexman> qman__: hehe : VirtualBox: supR3HardenedMainGetTrustedMain: dlopen("/opt/VirtualBox/VirtualBox.so",) failed: libSDL-1.2.so.0: cannot open shared object file: No such file or directory
<qman__> I tried just dropping the current web interface on, but that didn't work
<qman__> complained about some external dependencies and broke some header functions
<twb> kexman: vbox can FOAD; I recommend kvm (poss. w/libvirt for GUI)
<kexman> FOAD ?
<kexman> twb: no hw virtualization , all tough intel site claims that t2080 has it, it doesnt :( no bios switch neither , i checked
<kexman> so no kvm for me
<qman__> the expansion of that abbreviation is not permitted in this channel, suggest google, or the program 'wtf'
<twb> kexman: kvm supports paravirtualization
<twb> kexman: admittedly it's pretty slow
<qman__> kvm needs VT, but the qemu engine doesn't
<qman__> and now they're basically combined
<twb> Right, sorry, I meant kvm-the-program (i.e. qemu), not kvm-the-kernel-module
<qman__> but yes, it's very slow
<twb> qman__: I noticed recently someone wrote a new userspace to replace qemu w/kvm
<qman__> don't expect to do much
<twb> Stupid oracle
<qman__> nice
<qman__> yeah, they ruined a lot of things
<kexman> twb: i dont need sound for the vm-s anyway :)
<kexman> ill be building server vm-s :)
<kexman> no sound needed
<kexman> vboxmanage works wonderfully without that
<kexman> and the little X i need lxde gives it fully :)
<twb> I wish httpd log file format was not so retarded
<twb> Why are developers never smart enough to use RFC 3339?
<qman__> I've been sifting through apache logs with my issue too
<twb> kexman: if you are running X on a server you are doing it wrong
<qman__> with about a 30-line URI
<qman__> every other log line
<twb> qman__: yuk
<twb> qman__: one of the apps here, it includes an email body in the URL
<twb> I cringe every time I see it
<qman__> even without the ridiculous URI, it's far from human-readable
<kexman> Successfully installed "Oracle VM VirtualBox Extension Pack".
<kexman> i love CLI :D
<qman__> at this point I'm considering screencapping the java applet while it plays through
<qman__> because it might actually take less time
<twb> Yeah, you do that then run mplayer on the actual video URL
<twb> BTDTBTTS
<diorahman> 11.04 server is great?
<twb> No, because it isn't LTS
<twb> IMO avoid non-LTS releases for any production (or at least mission-critical) systems
<amero> what's the next lts?
<kexman> 10.04.3 ? :P
<twb> May 2012
<twb> Er, April?
<twb> Whatever the fourth month is
<robbiew> 12.04 is the next LTS
<kexman> twb: its easy if you remember the 3rd one :P
<josePhoenix> Can I upgrade from a non-LTS release to an LTS release?
<josePhoenix> I'm considering using a more recent release and then upgrading to the next LTS release before I graduate and pass on management of this server.
<luite> yeah it's just a new release, upgrading is the same
<twb> josePhoenix: if it's lower, yes
<twb> You can't upgrade from 11.04 to 10.04, for example :-)
<luite> josePhoenix: I often do the same for servers that require lots of new versions of programs
<josePhoenix> alright, thanks twb and luite
<josePhoenix> I figured I couldn't upgrade backwards ;]
<uvirtbot> New bug: #800034 in etckeeper (main) "Please merge etckeeper 0.55 (main) from debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/800034
<amero> does anyone have a recommendation for a socks5 proxy server software? preferably one that is simple and small
<amero> but most importantly it must be able to accept incoming connections
<w00> http://www.inet.no/dante/
<twb> amero: polipo
<twb> amero: and ssh
<amero> i've already tried ssh socks but i couldn't get it to accept incoming connections and forward them back to me
<twb> Dunno, sorry
<twb> I don't use socks myself
<luite> what's the correct place to allow port forwarding to a kvm virtual machine running with a nat network? I have the port forwarding rules in place, but somehow libvirt adds other rules that drop this traffic
<twb> luite: in the kvm command line
<twb> Oh, you're using libvirt
<twb> pastebin the output of iptables-save -c (while everything is running)
<luite> oh I know how to get it working, but that involves removing two rules manually
<luite> -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
<luite> and another with -i virbr0
<luite> but now I need to know what to tell libvirt so that it doesn't insert them in the first place:)
<twb> luite: talk to #virt about that (on OFTC IIRC)
<luite> twb: thanks, I've asked it there
<luite> but anyone here who knows the answer is welcomed to tell me, since it's rather quiet there :p
<CrummyGummy> Hiya, Does Ubuntu still use the interfaces file for IP configuration?
<greppy> CrummyGummy: yes.
<twb> CrummyGummy: yes, unless NM is in charge
<CrummyGummy> greppy, twb thanks
<CrummyGummy> It says /etc/init.d/networking restart is disabled. What is the alternative
<CrummyGummy> ?
<twb> What are you trying to do?
<CrummyGummy> twb: restart networking from the cli
<CrummyGummy> after changing the configuration in /etc/networking/interfaces
<twb> What I would do is "ifdown foo; ifup foo", where foo is the one you changed
<twb> As at lucid, my records indicate that there is an /etc/init.d/networking and a "restart networking", and either should work.
<twb> The former is just a wrapper around the latter
<luite> hmm it looks like those iptables rules are hardcoded :(
<twb> yeah virt is a bit of a bitch about such things
<twb> http://bugs.debian.org/625288
<twb> If I didn't have users, I would just run kvm by hand and bugger this privilege escalation infrastructure that virt provides
<luite> :)
<CrummyGummy> twb: Thanks
<luite> twb: I've got it working now, by switching from forward mode='nat' to ='route', which has a less restrictive set of iptables rules. I now need to add the MASQUERADE rules manually (if pre-up script), but that's not really a problem in my setup
<twb> luite: thanks for letting me know
<twb> atm I'm only using bridge-mode networking so I don't have any issues
<twb> That and KVM's built-in NAT layer ("user mode networking")
<luite> ah I have a dedicated server with only one IP address so I think I need NAT. didn't know about user mode networking though :)
<twb> luite: it's not for servers unless you're prepared to do some dancing
<twb> For VMs that initiate (cf. accept) connections, it's fine
<twb> e.g. you can install ubuntu that way
<luite> ah
<rump> i can use postfix to receive mail outside of localhsot also?  or do i need to install sendmail for that
<luite> no, postfix is a full fledged mailserver
<luite> but you need to have port 25 reachable, and probably point some DNS MX record to your server
<rump> its only bound to 25 on localhost
<rump> not from remote
<luite> probably some setting in /etc/postfix/main.cf
<luite> inet_interfaces or smtp_bind_address
<shauno> most likely inet_interfaces.  but I'd recommend walking thru https://help.ubuntu.com/10.04/serverguide/C/postfix.html  rather than opening the default configuration to the net
<rump> thats the one ive been following, hrm
<uvirtbot> New bug: #800062 in mysql-dfsg-5.1 (main) "Can't create view in mysql database: ErrCode: 2" [Undecided,New] https://launchpad.net/bugs/800062
<rump> ah, my isp is blocking outgoing 25
<greppy> that's pretty common.
<twb> Some ISPs have a web form to let you opt out of that
<greppy> as someone that works for an ISP that blocks 25, you would be amazed at the number of SPAM complaints we DON'T get anymore after doing that.
<twb> I am all in favour of blocking it by default
<twb> At least until users stop running windows
<greppy> that's never going to happen.
<greppy> and even if/when it does, os x is now a valid target, and lots of the people that run that think they are invulnerable.
<rump> any os for that matter
<twb> Yeah, you're right, the fundamental problem is the users
<twb> Because they will basically REQUIRE that the popular OS sacrifice security for convenience
<twb> Or they will agree to bypass the security infrastructure out of stupidity, as we've seen a lot recently on android.
<shauno> it doesn't really matter what blocks are put in place, as long as all it takes to get someone to add their sudo password the the process, is an authorative sounding webpage
<uvirtbot> New bug: #800109 in irqbalance (main) "Pressing mouse buttons 8 or 9 sometimes hangs the mouse" [Undecided,New] https://launchpad.net/bugs/800109
<uvirtbot> New bug: #800134 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/800134
<rump> whats the easy/simple ubuntu php/etc mail application?
<greppy> rump: http://froxlor.org is pretty easy to setup.
<airtonix> roundmail?
<airtonix> or is it called roundcube?
<kexman> its cube
<patdk-wk> roundcube? that is an oxymoron
<kexman> and a mail client :P
<patdk-wk> heh
<patdk-wk> I kind of like horde better
<kexman> horde ? :) nah i stick with alliance :P hehe
<greppy> heh
<plm> Hi all
<plm> people, ubuntu server start but show just few lines and after show login, I would like that will show everything that happen in boot process without mask.. is possible?
<patdk-wk> not really, no
<patdk-wk> you have to get ride of plymouth, cause it wipes the screen
<plm> patdk-wk: do you think that for server that "clean" screen boot is better?
<patdk-wk> nope
<plm> I was thinking a verbose and detail boot better
<patdk-wk> but I have been unable to do it, and keep the server booting
<patdk-wk> but also, I never look at the boot screen, so doesn't matter too much
<plm> patdk-wk: maybe are there a configuration to change for verbose/detail boot process..
<plm> anyone know?
<kexman> i love how fast ubuntu server boots up
<patdk-wk> plm, nope
<plm> kexman: yes, I too :-) but a more detail boot process not will change speed of boot
<plm> *me too
<patdk-wk> plm, it does :)
<patdk-wk> cause startup messages from different programs would be intermixed with each other
<plm> patdk-wk: well, so just a log after boot id administrator need to see..
<plm> patdk-wk: don't need to show, just save to log..
<Ursinha> good morning
<zul> Daviey: can you have a look at bug #757258 please?
<uvirtbot> Launchpad bug 757258 in eucalyptus "Unable to reach instances from their public IP address" [Undecided,New] https://launchpad.net/bugs/757258
<zul> hey Ursinha
<zul> RoAkSoAx: can you have a look at 799711 its cluster related.
<TREllis> Do I remember someone mentioning a cache pre-popluation script before? ie prepopulate a deb-squid-proxy with all ubuntu packages required for an install
<RoAkSoAx> bug #799711
<uvirtbot> Launchpad bug 799711 in ocfs2-tools "o2cb[11796]: ERROR: ocfs2_controld.pcmk did not come up" [Undecided,New] https://launchpad.net/bugs/799711
<RoAkSoAx> zul yeah that was on my todo list fpr tpday though seems error of the admin when building up the cludter
<zul> RoAkSoAx: cool beans
<uvirtbot> New bug: #800197 in samba (main) "package samba-common 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/800197
<raubvogel> bind9 on 11.04 is *not* compiled with gssapi enabled, right?
<jamespage> zul: hey - got time to sponsor one of my jenkins uploads?
<zul> otp perhaps after
<jamespage> zul: great
<jamespage> RoAkSoAx: ditto my question to zul - do you have time to sponsor an upload for a new jenkins dependency?
<RoAkSoAx> jamespage:
<RoAkSoAx> give me a sec
<jamespage> RoAkSoAx: cool - thanks
<RoAkSoAx> jamespage:
<RoAkSoAx> jamespage: ok
<RoAkSoAx> point me to it
<jamespage> RoAkSoAx: branch is here - lp:~hudson-ubuntu/+junk/jenkins-crypto-util
<jamespage> RoAkSoAx: I've written a few note here about sponsoring these packages - https://wiki.ubuntu.com/ServerTeam/Jenkins/JenkinsUbuntuTracker
<jamespage> needs a few things you might not have installed.
<RoAkSoAx> cool thanks
<RoAkSoAx> jamespage: what package contains /usr/share/cdbs/1/class/maven.mk
<jamespage> maven-debian-helper
<RoAkSoAx> jamespage: hehe thanks
<RoAkSoAx> jamespage: looking good so far, you might wanna consider bumping the standards version though
<jamespage> RoAkSoAx: I thought 3.9.2 was latest?
<RoAkSoAx> jamespage: lol never mind, I misread and thought it was 3.9.1  :)
<zul> jamespage: you wanted me to upload something?
<jamespage> zul: sure do - lp:~hudson-ubuntu/+junk/jenkins-executable-war
<zul> jamespage: its been reviewed?
<jamespage> zul: only by me
<fortisv> hello all
<fortisv> anyone here know anything about mysql-server-5.1 socket bind errors when attempting remote access?
<zul> jamespage: done
<jamespage> zul: ta
<RoAkSoAx> jamespage: jenkins-crypto-util: unused-override missing-classpath libcommons-io-java
<RoAkSoAx> jamespage: do you get the same?
<jamespage> no - it correctly detects it as overridden
<jamespage> lemme just check my chroot is up-to-date
<RoAkSoAx> jamespage: might be me as i'm running natty atm...
<RoAkSoAx> reinstalling oneiric on other machines
<jamespage> that would be it: thats a new check in lintian for oneiric
<RoAkSoAx> jamespage: ok then
<RoAkSoAx> looks good to me
<jamespage> RoAkSoAx: great
<RoAkSoAx> jamespage: hold one "/usr/share/maven-repo/org/jenkins-ci/crypto-util/1.1/crypto-util-1.1-javadoc.jar"
<RoAkSoAx> jamespage: just making sure it is a doc :)
<jamespage> yes - is a jar containing the Java API docs for the library
<RoAkSoAx> jamespage: ok cool
<RoAkSoAx> uploading then
<jamespage> RoAkSoAx: thankyou
<RoAkSoAx> jamespage: thank you for all the Java work lol :)
<zul> jamespage: i expect to see you have less hair then me next week otherwiese you arent working hard enough ;)
<jamespage> zul: its falling out in handfuls at the moment
<zul> jamespage: good good
<jamespage> ubuntu-server team meeting starts in a couple of minutes in #ubuntu-meeting if anyone is interested....
<queso> Is it ever appropriate for a lucid server to have jaunty ppa's listed in its sources.list?
<patdk-wk> queso, doubt it
<queso> Also, is there a place that would indicate a dist-upgrade has been performed?
<patdk-wk> unless you are doing something like wanting to run an older version of php
<queso> patdk-wk: ok
<patdk-wk> hmm, dist-upgrades should happen all the time
<patdk-wk> mainly to patch your kernel
<patdk-wk> or do you mean, release upgrades?
<queso> patdk-wk: yes, sorry
<queso> Is there a way to know that a release upgrade had been performed? :)
<patdk-wk> dunno
<queso> When I run sudo aptitude update, I get "401  Unauthorized [IP: 91.189.92.166 80]" error messages.  What does that mean?
<Pici> queso: For which source lines are you getting that message?
<queso> Pici: I think all of them.
<queso> Originally I thought it was because port 80 is blocked, but doing telnet us.archive.ubuntu.com 80 works.
<queso> Pici: actually, it must be that port 80 is blocked, because when I do wget http://www.google.com/ I get the same error.
<Pici> queso: yuck
<queso> Pici: someone else will have to fix that before I can update the server :)
<Pici> queso: Good good.  Blaming other people means less work for you ;)
<queso> Now on a completely different server, where wget http://www.google.com/ works, I'm getting:  Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/lucid/Release.gpg  Could not resolve '' [IP: 91.189.88.30 80]
<queso> I don't think it's DNS because I can ping names.  Ideas?
<Pici> queso: does: dig us.archive.ubuntu.com    work?
<queso> Pici: the answer section provides numerous IPs, so yes.  (I don't know much about networking)
<Pici> queso: Can you pastebin your sources.list file?
<queso> Pici: http://pastebin.ubuntu.com/630462/  So I know the jaunty ppa's at the bottom shouldn't be there -- but even when I comment them out and try sudo apt-get update, it still gives me the same errors.
<Pici> queso: hmm.. very odd.
<queso> Pici: Something with the networking?
<queso> Pici: Since I know so little about networking, if that's what it is, I'll punt to a co-worker. :)
<Pici> queso: I'd wager its networking related.
<queso> Pici: okay, thanks for your help.
<Darkasakerionz> Hola, tengo un vps, al que le he instalado ubuntu server, el problema es que los backups solo los puedo hacer con rsync. Lo que querrÃ­a conseguir en crear una imagen de la distro y los archivos de configuraciÃ³n para instalarlo en un virtualbox sin perder los permisos y los usuarios de dicho vps.
<Darkasakerionz> Alguien sabe alguna forma de conseguir esto?. Gracias
<Darkasakerionz> ups! English channel, sorry :P
<Darkasakerionz> Hello, I have a VPS, which I have
<Darkasakerionz> ubuntu server installed, the problem
<Darkasakerionz> backups is that I can only
<Darkasakerionz> do with rsync. What I would like
<Darkasakerionz> get to create an image of the
<Darkasakerionz> distro and files
<Darkasakerionz> configuration for installation on a
<Darkasakerionz> virtualbox without losing the permissions and
<Darkasakerionz> users of the VPS.
<SpamapS> Darkasakerionz: hey
<Darkasakerionz> Anyone know any way to do this?. thanks
<SpamapS> Darkasakerionz: you are talking too fast.
<Darkasakerionz> SpamapS, sorry, it's the google translator
<SpamapS> Darkasakerionz: Heh, ok. :)
<Duvrazh> Hello, I just set my Ubuntu Server 11.04 to static ip and I can no longer ssh by hostname, only by ip address. This is behavior typical? Can connection by hostname be re-enabled?
<RoAkSoAx> zul: ping
<Duvrazh> ssh: connect to host duvrazh-ms port 22: No route to host
<Ursinha> Duvrazh: if there's a way of your computer to translate the name to the ip, so yes
<Ursinha> by /etc/hosts or so
<Duvrazh> I just manually edited /etc/network/interfaces
<Duvrazh> is it possible I did it wrong?
<Duvrazh> It worked fine while it was a dhcp client
<Ursinha> Duvrazh: try to ping the name and see if it's resolving the ip
<Duvrazh> ok
<Ursinha> I believe you've already tried that...
<Duvrazh> it's pinging the old ip address
<Ursinha> that's why
<Duvrazh> delete the lease?
<Ursinha> you must have it set somewhere
<RoyK> Duvrazh: does 'ifconfig -a' report that address bound to a nic?
<Duvrazh> duvrazh@Duvrazh-MS:~$ ifconfig -a eth0      Link encap:Ethernet  HWaddr 00:25:22:7c:c5:12             inet addr:192.168.1.42  Bcast:192.168.1.255  Mask:255.255.255.0           inet6 addr: fe80::225:22ff:fe7c:c512/64 Scope:Link           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1           RX packets:148175 errors:0 dropped:0 overruns:0 frame:0           TX packets:259049 errors:0 dropped:0 overruns:0 carrier:0          
<Duvrazh> it 'appears' fine to me but I don't have an expert eye
<Duvrazh> I deleted dhcp lease from router and now ping completely fails
<Duvrazh> I'm not resolving the hostname somewhere....
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Ursinha> well, I might be talking nonsense, but you need to tell your computer that that name refers to the ip
<Ursinha> in /etc/hosts, for instance
<RoyK> looks right, and can you ping that IP address?
<Ursinha> or make use of the avahi thing, machine.local
<Ursinha> assuming it all uses ubuntu
 * RoyK is confused and finds something better to do
<Duvrazh> yeah pinging the address returns normal results
<Duvrazh> can I get ubuntu server to broadcast the hostname?
<Duvrazh> I'm assuming that's what it did as a dhcp client
<RoyK>  L
<RoyK> NO, IT WILL NOT BROADCAST ITS HOSTNAME
<Duvrazh> RoyK: nothing is better than troubleshooting computers ;)
<RoyK> that's something BAD protocols like NetBIOS/NETBEUI/SFX does
<RoyK> Duvrazh: you register the hostname at a DNS server
<RoyK> or you hardcode it in /etc/hosts
<RoyK> both along with the IP address
<rump> how can i tease the original configuration files out of a package?
<RoyK> rump: just unpack the package manually
<Duvrazh> RoyK&Ursinha: You've given me good pointers, thank you
<RoyK> !guide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<rump> no spiffy apt way eh
<RoyK> rump: not that I know
<RoyK> Duvrazh: one thing is troubleshooting, questions about that is ok, but asking NOOB questions about DNS will give you answers like "RTFM"
<rump> whats that package that version controls etc
<rump> nvm, etckeeper
<RoyK> rump: dpkg -S filename
<RoyK> should list the right package
<Ursinha> well, I'd never say "RTFM" in an Ubuntu channel, hehe
<rump> RoyK: perfect, thank you!
<ph8> Does anyone use tape drives here? I can't do a tar -xf /dev/st0 and in the debug log I see "st0: Current: sense key: Not Ready\n Additional sense: Operator medium removal request <-- any ideas wtf this means? :p
<rump> usr/share/ keeps a copy of it all
<RoyK> ph8: I don't use tapes much, but if you want to do so, I'd strongly recommend using something like Bacula instead of just tar
<RoyK> !bacula
<RoyK> !guide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<ph8> interesting!
<RoyK> ph8: we use bacula at work for disk-based backup with some 214TB of storage
<RoyK> works like a charm :)
<ph8> i'm unlikely to replace this ancient system tbh
<ph8> but bacula is a good reference for a new box
<RoyK> mhm
<ph8> i was hoping to use some snazzy mt command to find out why my tape drive is being retarded
<ph8> i get xrealloc errors when running a backup script that has worked for months, and the tape is changed daily
<RoyK> tried with another tape just to see if the tape itself may be the problem?
<ph8> yep it's been going on for two weeks and tape rotations have been happening as normal
<ph8> mt -f /dev/st0 status says:
<ph8> drive type = 114
<RoyK> or perhaps you need to clean the drive
<ph8> drive status = 1241513984
<ph8> aha
<ph8> how does one clean a drive?
<ph8> physically? or is there a command you can send normally
<RoyK> use a cleaning tape
<ph8> i'm going to try rebooting the (up for 3 years) machine and then a cleaning tape will  be my next stop, thanks for the tip!
<RoyK> 3y uptime is sad to lose :P
<DrNick_> 3 years? what happened to security updates?
<RoyK> I doubt a reboot will help, though, if it's been running for that long
<RoyK> DrNick_: no reason for security updates if running on a secure network
<ph8> The linux admin who used to work here was a retard
<ph8> maybe that's harsh, he could be in this channel :-o
<ph8> this box is still running intrepid
<DrNick_> if it's connected to the internet it's hardly a secure network
<RoyK> ph8: the 'former admin' usually is when the new one takes over :D
<ph8> ;)
<ph8> i'm just a developer who now runs the linux boxes
<ph8> should never have mentioned that i run ubuntu at home!
<DrNick_> heheh
<RoyK> but why oh why - intrepid?
<RoyK> hardy I'd understood
<ph8> indeed
<ph8> lts i wouldn't have a problem with
<RoyK> I can be rather concervative/paranoid my self (15 years of sysadmining takes its toll)
<DrNick_> RoyK: you call yourself paranoid yet say there's no need for security updates if your network is secuire?
<ph8> depends on the role of the server right
<ph8> this servers firewall didn't even let it contact the security update servers when i took it over ;)
<ph8> and that's behind the corporate firewall
<ph8> a firewall behind a firewall :)
<RoyK> DrNick_: most machines won't try to access the network out there - not without a gui
<RoyK> DrNick_: so 99,99+% or so of servers inside a firewalled network should be perfectly secure, given you have good antivirus on your windoze machines
<DrNick_> its not machines trying to access the net i'd be worried about, depending on the size of the org there are plenty of other factors, such as, internal attacks.  but no matter
<ph8> lulzsec for example ;)
<RoyK> DrNick_: a sysadmin still using tar to backup stuff to a single tape drive quite possibly isn't administering a 1k user network :Ã¾
<RoyK> or perhaps "certainly" is the word
<DrNick_> possibly not, possibly so depending on what the machine does
<ph8> with the cleaning tape, you just put it in and it works its magic?
<RoyK> DrNick_: you never can say you lost an argument, can you?
<RoyK> ph8: most backup software do cleaning automatically (with a changer/robot)
<RoyK> never tried it manually
<DrNick_> i.e. you'd think not if what they're backing up is user data/files, but if they're just backing up a database or something, might be different
<RoyK> DrNick_: and the moon still might be of cheese...
<DrNick_> i'm certainly happy to loose an argument when I'm wrong ;)
<RoyK> DrNick_: you're wrong
<RoyK> so stop it
<ph8> ah it's not user data
<ph8> just server config, svn repositories
<ph8> and such
<RoyK> "just" svn repositories :)
<DrNick_> exactly.  anyway, that aside, we've recently switched to backup-to-disk at work... loving it so far.  so nice not to have to faff around with stuck tapes etc
<RoyK> I'd guess you want to keep those
<ph8> old unused subversion repositories ;)
<ph8> this is all really legacy stuff
<RoyK> oh, so a full backup a year and incrementals every 6 months? ;)
<ph8> ha
<RoyK> heh - I forgot you were using tar
<RoyK> no incremental support there, last I checked :P
<RoyK> ph8: try to dig into Bacula - get an openindiana machine with a bunch of el cheapo 1TB drives and you should be set :P
<DrNick_> we have a couple of systems like that, where the backup schedule is more or less 'when i get around to it', for stuff it wouldn't be the end of the world if we lost
 * RoyK has started to backup *everything* with bacula
<patdk-wk> heh, I have a few like that
<RoyK> incremental daily, differential monthly and full yearly...
<patdk-wk> systems that are old legacy systems, just incase we need something, but really are hardly even on the network
<zul> RoAkSoAx: pong
 * RoyK has a 10yo HP/UX system like that
<DrNick_> commercial *nix systems do tend to hang-in-there
<RoyK> even some linux machines tend to do that
<patdk-wk> if they where made before the taiwanese capacitor issue :)
<RoyK> (or did, we're trying to slaughter them still, or at least I am)
<RoyK> patdk-wk: what was that? electrolytes with cheap materials?
<DrNick_> patdk-wk: haha yes very true
<patdk-wk> they stole a bad formula from japan
<patdk-wk> they where *ok* for like a year or so
<patdk-wk> you don't remember all the hp/dell/ibm/... computers going bad?
<RoyK> not really, when was this?
<patdk-wk> pretty much anything that didn't use solid capacitors
<patdk-wk> like 2005-2008
<RoyK> so electrolytes
<patdk-wk> ya
<DrNick_> maybe about 2/3 of the 600 or so desktop's in the school I work at died before they should of done and were replaced because of that at the time
<RoyK> it takes a man to make a solid 470uF capacitor that fits into a small PSU
<RoyK> or some mFs
<patdk-wk> http://www.islandit.im/main.asp?NewsID=203&NewsCatID=4
<DrNick_> ^^ this, also http://en.wikipedia.org/wiki/Capacitor_plague
<uvirtbot> DrNick_: Error: "^" is not a valid command.
<RoAkSoAx> zul: never mind :) found the fix already
<zul> oh ok
<amero> if you install a dep library for an app that you compile from source, does ubuntu know that you don't need that dep library anymore after you remove that app?
<DrNick_> it has no way of knowing if you built the app from source
<amero> hmm
<RoyK> s/uvirtbot/idiobot/
<DrNick_> i'd imagine tho that if you also decided to build the library from source then it'd be included in any 'make uninstall' routines
<zul> Daviey: ipxe done
<sbalneav> Hello.  I'm having trouble with 10.04.1 x64 setting up software raid.  I'm following https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html to the letter, with 2 drive each with 2 primary partitions, with md0 (swap) on /dev/sd[ab]1 and md1 (root) on /dev/sd[ab]2.  Installation proceeds normally, but after a reboot, I'm dumped to an initramfs prompt which complains that it can't mount /dev, /sys, or /proc.  Any clues?
<RoyK> sbalneav: try adding a small /boot partition as as[ab]1
<RoyK> then add the swap (since the start of the drive is faster, you want swap in the front) and then use equal sized partitions in the end for the root
<RoyK> or other partitions - if you want users on the server, make a separate /home
<sbalneav> RoyK: But the installation guide doesn't say I need a /boot.  Is this a bug with the raid?
<RoyK> sbalneav: not necessarily, but at least for older hardware, an initial /boot device helps things a bit
<RoyK> sbalneav: try that first - a small (100MB-1GB) partition for the boot
<RoyK> then swap, then the rest, all in pairs
<RoyK> sbalneav: I'm using that sort of setup by default and I haven't hit an issue yet (with 8.04 and 10.04)
<sbalneav> This is a brand new server, twin 500gb drives.
<RoyK> well, try what I said
<RoyK> that's my advice for now
<RoyK> sd[ab]1 for boot, sd[ab]5 for swap, sd[ab]6 for /
<RoyK> so /boot on the first primary partition
<RoyK> the rest on logical ones
<sbalneav> Should I mark the /boot partition as bootable in the partition manager?
<RoyK> doesn't matter
<RoyK> grub will jump to it whatever flag it has
<sbalneav> Ok, I'll try it.
<RoyK> wtf happened to firefox? from v4 to v5 in less than 3 months
<JanC> RoyK: welcome to the joy of broken extensions...  :-/
<genii-around> The trunk version reads version 7.0a
<K1ng> hi can anyone help me with load balance?
<K1ng> i have 2 internet connection. 1 of them useless now.... so i am trying to setup ubuntu server as network server and i want to load balance between 2 connection
<Corey> K1ng: Active/standby?
<K1ng> active
<Corey> K1ng: You mean active/active?
<K1ng> yes
<Corey> K1ng: It's non-trivial.
<K1ng> :(
 * Corey points at the Cisco in the corner for this problem
<K1ng> what router should i get?
<cloakable> Grab an x86 box and slap pfsense 2.0 on it
<cloakable> Setup the two WANS in a group with equal priority
<cloakable> done
<sarit> I believe you can do it, using source routing, iproute, iptables stuff (haven't set up myself yet)
<K1ng> i have asus n16 with dd-wrt
<K1ng> you think i can do this with my asus?
<sarit> suggest you try it with an ubuntu box first, if you have similar packages on your asus/dd-wrt, the answer to your question is: yes, probably
<K1ng> cloakable, i got a x86 ubuntu
<koolhead17> any specific reason why python-software-properties is not one of the base packages
<koolhead17> base == comes with ubuntu install
<patdk-lap> it's not needed
<patdk-lap> and it adds even more stuff
<sbalneav> RoyK: Failed in exactly the same way.
<patdk-lap> normally it is installed though, unless you select minimal
<cloakable> pfsense makes networking stuffs trivial :3
<RoyK> sbalneav: bummer - no idea then
<k1ng> :D
<RoyK> cloakable: indeed
<k1ng> cloakable, http://files.chi.pfsense.org/mirror/downloads/
<k1ng> which one should i get?
<koolhead17> patdk-lap: its not. just installed natty on a VM and to add a PPA i.e run add-apt-repository  we need python-software-properties
<koolhead17> kim0: around
<patdk-lap> you don't need that to add a ppa
<patdk-lap> and ppa's aren't normally required :)
<cloakable> koolhead17: http://files.chi.pfsense.org/mirror/downloads/pfSense-2.0-RC1-i386-20110226-1530.iso.gz
<cloakable> Wait
<cloakable> k1ng: http://files.chi.pfsense.org/mirror/downloads/pfSense-2.0-RC1-i386-20110226-1530.iso.gz
<cloakable> Gives you an iso image to install from
<k1ng> :D
<RoyK> not linux, but very good
<k1ng> does it have web interface?
<koolhead17> patdk-lap: ok :(
<RoyK> k1ng: that's the whole point :P
<k1ng> :D
<k1ng> the problem is i will have to mount the iso to a flashdrive
<k1ng> because i dont have cd rom on that box
<RoyK> k1ng: nothing you can move there? or a usb cdrom perhaps?
<k1ng> no :(
<k1ng> i dont have a usb cdrom
<k1ng> its doesnt even have sata ports :(
<RoyK> a 256MB CF card should be sufficient for running pfSense IIRC
<k1ng> what is CF card?
<RoyK> compact flash
<RoyK> the sort of thing you use for cameras and such
<k1ng> ah
<k1ng> i got few pen drive.. 16 gb, 4 gb, 1 gb and 512 mb :P
<k1ng> now question is how do i mount it?
<RoyK> k1ng: can't you just install to a pen drive from a PC and then boot the pen drive on the small box?
<RoyK> it's not like Windoze where the installer ties a bunch of stuff to the hardware used during installation...
<JanC> nowadays most cameras use some sort of SD card though, not CF...  ;)
<RoyK> JanC: whatever :)
<RoyK> same thing
<k1ng> :p
<RoyK> k1ng: like any unix system, it'll require only a smallish medium from which to boot - the rest is done in memory
<RoyK> and for that, 128-256MB should be sufficient for a small setup
<RoyK> http://doc.pfsense.org/index.php/Hardware_requirements
<RoyK> 128MB should do for most setups (from where I read ^^)
<sbalneav> RoyK: http://www.mail-archive.com/ubuntu-bugs@lists.ubuntu.com/msg2370692.html
<sbalneav> apparently, the installer can't calculate partition sizes correctly.
<sbalneav> if you make your final partition smaller than it needs to be, so that free space is left, it works, no /boot needed.
<RoyK> sbalneav: did you say you tried installing 10.04.1_
<RoyK> ?
<RoyK> the latest stable release is 10.04.2
<sbalneav> yeah, .1's what I had.
<RoyK> looks like it should be fixed in .2
<RoyK> released back in february
<sbalneav> I mentioned I was running 10.04.1 right in my first message.  However, I don't see any indication of this bug in: https://wiki.ubuntu.com/LucidLynx/ReleaseNotes/ChangeSummary/10.04.2
<k1ng> :(
<k1ng> i reinstalled windows because all browser was failing to verify ssl key...
<k1ng> i just reinstalled and its same :(
<RoyK> k1ng: reinstall a few more times, and you might learn how SSL works :D
<k1ng> dude
<k1ng> its cant very any ssl key :(
<k1ng> not even ssl key on google :(
<RoyK> well, obviously this isn't a Windoze noob channel...
<k1ng> yeah i know
<RoAkSoAx> great... broken oneiric....
<Daviey> RoAkSoAx: oh?
<fortisv> Anyone familiar with what's necessary to create an /etc/init.d/ service-type program?  Using C# & Mono
<fortisv> like, how to catch/handle start/stop requests, etc
<cloakable> fortisv: look at /etc/init.d/skel
<cloakable> Also, ewwww running a mono app as a service? o.o
<fortisv> just a server wrapper.  Need something quick and most comfortable in C#.  not a permanent solution
<fortisv> lol
<fortisv> so I don't have skel, but I have skeleton... just simple scripts, huh?
<giovani> fortisv: they're shell scripts
<fortisv> ah, still new to unix/linux.  Hence the C# preference
<giovani> just work from the skeleton sample
<giovani> no need for C# or anything else
<fortisv> lol, no, for the source program
<fortisv> but, looking at this, I still don't see how I would catch these requests in the program...
<giovani> what do you mean?
<devilinthedetail> would it be considered a security risk to give www-data write perms to /wp-content ?
<fortisv> for example, how would I know a "stop" request has been made in Mono to properly shut down the program?
<giovani> fortisv: uhh ... POSIX signals?
<fortisv> yeah, that's beyond my realm of knowledge.  I'll have to google it
<cloakable> devilinthedetail: given wp-content is used for uploads?
<devilinthedetail> cloakable: would rather be able to update/install plugins via WP admin panel vs. ftp uploads
<devilinthedetail> cloakable: can do the latter, just a PITA
<cloakable> devilinthedetail: Yeah, I run a wordpress install :)
<devilinthedetail> cloakable: so verdict is risk? no?
<lynxman> ping RoAkSoAx
<Daviey> RoAkSoAx: around?
<Daviey> hah
<Daviey> RoAkSoAx: Does bug 766229 and bug 760019 interest you?
<uvirtbot> Launchpad bug 766229 in cobbler "koan --replace-self relies on grubby" [Undecided,Confirmed] https://launchpad.net/bugs/766229
<uvirtbot> Launchpad bug 760019 in cobbler "A profile's --kopts-post option does not work" [Low,Confirmed] https://launchpad.net/bugs/760019
<hallyn> SpamapS: hey, not sure if i heard right this morning, but if in fact you are a bit bored today, if you wanted to try and reproduce bug 795427, that might be nice
<uvirtbot> Launchpad bug 795427 in libvirt "Upgrade Libvirt up to 0.9.1 generates new bug with Virt-Manager" [Undecided,Incomplete] https://launchpad.net/bugs/795427
<hallyn> oh, but zul is working with libvirt in oneiric?
<lynxman> Daviey: jinx ;)
<Daviey> hallyn / SpamapS: Don't block on the merge. :)
<lynxman> Daviey: are you busy now enjoying the evening or shall I bother you into sponsoring a package
<hallyn> Daviey: i don't understand, though - the merge is on o
<hallyn> or is this 0.9.2?
<hallyn> is in o, i meant
<negronjl_mobile> lynxman: did you get a chance to check the changes to mcollective-plugins?
<lynxman> negronjl_mobile: I did, thanks mate
<SpamapS> hallyn: I'm working on some other stuff.. :-P
<Daviey> lynxman: I'm really pretty tired if it's a package i need to *think* about. :)
<hallyn> ok
<Daviey> if it's a simple change, then i can
<lynxman> Daviey: lol, I'll wait for RoAkSoAx to be back then ;)
<negronjl_mobile> lynxman: np
<Ursinha> omg ubuntu wiki is... s... l....o....www....
<uvirtbot> New bug: #800430 in samba (main) "smbtorture triggers 'panic action' script" [Undecided,New] https://launchpad.net/bugs/800430
<rump> any idea how to prevent postfix virtual from modifying headers?  re Delivered-To: etc
#ubuntu-server 2011-06-22
<rump> prepend_delivered_to
<rump> prepend_delivered_header rather
<lifeless> SpamapS: ping
<SpamapS> lifeless: pong, howdy
<lifeless> I've installed lxc
<lifeless> but it didn't bring in cgroup-bin
<lifeless> is that optional ?
<lifeless> or a missing dep ?
<lifeless> also, my /etc/lxc directory is empty
<lifeless> (I have no basic.conf)
<lifeless> SpamapS: ^
<SpamapS> hm
<SpamapS> lifeless: /etc/lxc is in fact intentional
<SpamapS> lifeless: but I think cgroup-bin seems like it should be in lxc's Depends or at least Recommends
<SpamapS> as its not much use w/o cgroups
<lifeless> SpamapS: so, can I have your basic.conf ?
<SpamapS> lxc.network.type=veth
<SpamapS> lxc.network.link=virbr0
<SpamapS> lxc.network.flags=up
<SpamapS> Thats it
<lifeless> I'm filing bugs on the missing dep
<lifeless> does it need libvirt-bin too ?
<SpamapS> hallyn: if you're around.. lifeless is working with LXC and curious why it doesn't recommend/depend on cgroup-bin (I am also curious about that)
<SpamapS> lifeless: I believe hallyn is EDT or CDT US, so he may be past EOD today
<lifeless> bug 800456
<uvirtbot> Launchpad bug 800456 in lxc "no dependency on cgroup-bin" [Undecided,New] https://launchpad.net/bugs/800456
<SpamapS> new baby at home tho so there's no telling when he's sleeping or awake. :)
 * SpamapS confirms that
<SpamapS> lifeless: note that it may be related to bug 784093
<uvirtbot> Launchpad bug 784093 in lxc "lxc broken by cgroup-bin" [High,Confirmed] https://launchpad.net/bugs/784093
<lifeless> sure
<SpamapS> I posted a workaround for that bug which I'm using now
<lifeless> https://dev.launchpad.net/Running/LXC#preview is what I'm building up
<RoAkSoAx> Daviey can look at the by end of week
<lifeless> SpamapS: how do you tell lxc-create to use the local proxy ?
<keyboardtalk> I cannot access my printer on ubuntu server 10.04 from other computers (windows) on network. How can I fix this? HP printer with CUPS
<SpamapS> lifeless: it runs debootstrap, which respects the appropriate environment variables I think. If they're being stripped, add them to /etc/default/lxc
<lifeless> it was sudo
<SpamapS> lifeless: I use MIRROR=http://127.0.0.1:9999/ubuntu in mine.. which is the path to my local approx cache
<lifeless> sudo http_proxy=... lxc-create...
<lifeless> SpamapS: lxc-start: open /sys/fs/cgroup/cpu/lucid-test-lp/devices.deny : No such file or directory
<lifeless> lxc-start: open /sys/fs/cgroup/cpu/lucid-test-lp/devices.deny : No such file or directory
<lifeless> SpamapS: I have that workaround in place already
<lifeless> ls /sys/fs/cgroup/cpu
<lifeless> cgroup.clone_children  cgroup.event_control  cgroup.procs  cpu.rt_period_us  cpu.rt_runtime_us  cpu.shares  notify_on_release  release_agent  tasks
<SpamapS> lifeless: did you restart cgred ?
<lifeless> ah
<lifeless> SpamapS: robertc@lifeless-64:~$ sudo service cgred restart
<lifeless> cgred start/running, process 21711
<lifeless> robertc@lifeless-64:~$ sudo lxc-start -n lucid-test-lp
<lifeless> lxc-start: open /sys/fs/cgroup/cpu/lucid-test-lp/devices.deny : No such file or directory
<SpamapS> Argh!
<lifeless> there is a devices.deny under the devices tree
<lifeless> uhm, i think I managed to flub the copy-paste
<SpamapS> double Argh!
 * SpamapS knows how Charlie Brown feels when Lucy pulls back the football
<lifeless> ok, *now* have this:
<lifeless> mount {
<lifeless>         cpu = /sys/fs//cgroup/cpu;
<lifeless>         cpuacct = /sys/fs/cgroup/cpu;
<lifeless>         devices = /sys/fs/cgroup/cpu;
<lifeless>         memory = /sys/fs/cgroup/cpu;
<lifeless> }
<lifeless> robertc@lifeless-64:~$ sudo service cgred restart
<lifeless> cgred start/running, process 21766
<lifeless> robertc@lifeless-64:~$ sudo lxc-start -n lucid-test-lp
<lifeless> lxc-start: open /sys/fs/cgroup/cpu/lucid-test-lp/devices.deny : No such file or directory
<lifeless> robertc@lifeless-64:~$ ls /sys/fs/cgroup/cpu
<lifeless> cgroup.clone_children  cgroup.event_control  cgroup.procs  cpu.rt_period_us  cpu.rt_runtime_us  cpu.shares  notify_on_release  release_agent  tasks
<lifeless> SpamapS: cgconfig restart appears to be the magic
<SpamapS> AH right
<lifeless> this doesn't look brilliant;
<lifeless> Ubuntu 10.04 LTS lucid-test-lp /dev/console
<lifeless> lucid-test-lp login: init: ssh main process (45) terminated with status 255
<uvirtbot> New bug: #800468 in squid (main) "package squid 2.7.STABLE9-2.1ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/800468
<lifeless> SpamapS: also lxc-stop doesn't seem to stop t
<lifeless> *it*
<SpamapS> lifeless: that is actually normal, its caused by sshd starting before the network, and I believe it gets started later when the ifup finishes
<SpamapS> heh.. impossible to tell because there's no syslog
<SpamapS> doh
<SpamapS> lifeless: installing rsyslog seems to have made sshd not die.
<lifeless> SpamapS: interesting; as you say its cosmetic though
<lifeless> so I'll note that its weird and move on; I can file a bug somewhere if you like
<SpamapS> lifeless: lxc-stop actually does stop the container
<SpamapS> it just says it can't
<lifeless>  sudo lxc-stop -n lucid-lp-test
<lifeless> robertc@lifeless-64:~$ echo $?
<lifeless> 0
<SpamapS> which is annoying
<lifeless> I dispute this 'says it cannot' thing :)
<lifeless> given I can ssh into the container after running that
<SpamapS> Mine went away
<SpamapS> lxc-stop: failed to stop 'lucid-test2': Operation not permitted
<lifeless> mine hasn't :)
<SpamapS> After saying that
<hallyn> SpamapS: it doesn't work well with cgroup-bin right now, in fact
<lifeless> should I file a bug ?
<hallyn> needs some lubin
<SpamapS> I'm able to halt it from inside too.
<lifeless> SpamapS: I can poweroff internally
<lifeless> just not -stop externally
<SpamapS> lifeless: hallyn can probably answer your questions with an order of magnitude more authority than I can. :)
<hallyn> i'm guessing your problems are due to cgred
<hallyn> recommend just doing mount -t cgroup cgroup /sys/fs/cgroup and thart's that
<hallyn> we do need to fix cgroup-bin interaction
<SpamapS> hallyn: but it would be cooler if it worked with cgroup-bin. :)
<lifeless> https://dev.launchpad.net/Running/LXC#preview is what I'm writing pu
<hallyn> SpamapS: patches welcome :)
<hallyn> SpamapS: might work on that at the sprint
<ntoombs> hello
<ntoombs> i have a question
<ntoombs> i am recieving an error that looks like:
<ntoombs> SIOCADDRT: Invalid argument
<ntoombs> Failed to bring up eth1.
<ntoombs>    ...done.
<ntoombs> after i try to restart networking using the sudo /etc/init.d/networking restart
<SpamapS> ntoombs: thats not actually a valid way to "restart networking"
<ntoombs> i have my network set up on static using the device eth1
<ntoombs> what is a valid way then?
<ntoombs> i've done it before using dhcp
<ntoombs> but static messed it up
<SpamapS> For static it *should* work...
<ntoombs> right but for some reason it's not
<SpamapS> ntoombs: all that does is ifdown -a and ifup -a
<ntoombs> i've been into my /etc/network/interfaces file and made sure everything is "correct" as far as i know
<SpamapS> ntoombs: can you do 'ifdown eth1 ; ifup eth1' ?
<ntoombs> i have before and i've gotten errors
<ntoombs> i will post them
<ntoombs> one sec
<ntoombs> sudo ifdown eth1
<ntoombs> ifdown: interface eth1 not configured
<ntoombs> sudo ifup eth1
<ntoombs> SIOCADDRT: No such process
<ntoombs> Failed to bring up eth1
<qman__> first check that eth1 exists in 'ifconfig -a'
<ntoombs> i've looked in about every ubuntu and linux server forum there is out there and i still havn't fixed it
<qman__> those errors are usually hardware/driver level
<ntoombs> i know it's there
<ntoombs> i put it there
<qman__> yes, but does it show up in ifconfig -a?
<ntoombs> :( don't tell me that
<qman__> configuring it and it showing up are different things
<ntoombs> yes it does
<qman__> ok
<qman__> does setting it manually with ifconfig work?
<qman__> sudo ifconfig eth1 1.2.3.4/24 up
<ntoombs> i've tried that too but i'll try again
<qman__> if it does work, it's likely an issue with the configuration or ifup
<qman__> if it doesn't work, try this first
<ntoombs> i use the internal ip right?
<qman__> sudo ifconfig eth1 0.0.0.0 down
<qman__> sudo ifconfig eth1 0.0.0.0 up
<qman__> then configuring it with the IP you want
<ntoombs> on doing the ifconfig eth1 1.2.3.4/24 up i got a right bracket pointing to my cursur
<qman__> that's a syntax error
<qman__> check that you didn't put in any \ or " or '
<qman__> press ctrl+c to escape
<ntoombs> yea i did it wrong
<hallyn> lifeless: do you need cgroups-bin for some other reason, or was that just how you were getting cgroups mounted?
<ntoombs> k this time no result
<ntoombs> just a new line
<qman__> that means successful
<qman__> now 'ifconfig eth1' to verify
<hallyn> lifeless: assuming this is on natty or oneiric, can you try without cgroups-bin, and just with fstab mounting cgroups?
<hallyn> I suspect that'll allow lxc-stop to work
<ntoombs> yea it's 11.04 natty narwhal
<ntoombs> ifconfig eth1 gave me what it gave me before
<lifeless> hallyn: just following SpamapS instructions :)
<qman__> if it shows the address you set, it worked and there's nothing wrong with your interface
<qman__> and the problem is either with your /etc/network/interfaces or something in ifup
<ntoombs> well when i had my interface setup up on dhcp
<qman__> if it shows a different or no address, you probably have something else hooking it
<qman__> like dhcpcd
<ntoombs> i could ping anything all day long
<ntoombs> it showed the ip address that i set to it staticaly
<qman__> so the interface is fine
<qman__> next most likely is an error in /etc/network/interfaces, pastebin it if you can
<ntoombs> yea and the netmask is 255.255.255.0
<ntoombs> ok one sec
<ntoombs> i'll block out the ip
<qman__> don't
<ntoombs> ok
<qman__> showing your IP isn't a security risk, everyone in here is publicly showing theirs
<qman__> by connecting to freenode at all, you are
<qman__> plus, if it's behind a NAT, it's meaningless to anyone but you anyway
<ntoombs> http://pastebin.com/VhyRDawJ
<ntoombs> k
<ntoombs> i'm a networking noob
<ntoombs> thank you so much for helping me :)
<qman__> looks fine
<qman__> try this
<ntoombs> i can access my router with that gateway in my browser
<qman__> sudo ifconfig eth1 0.0.0.0 up; sudo ifup eth1
<ntoombs> same error i've been getting
<ntoombs> SIOCADDRT: No such process
<ntoombs> Failed to bring up eth1.
<hallyn> lifeless: ok, cool, then just don't use it :)
<hallyn> I just have
<hallyn> cgroup	/sys/fs/cgroup	cgroup	defaults	0	0
<ntoombs> i don't understand hallyn
<hallyn> (in fstab)
<hallyn> ntoombs: sorry wasn't directed at you
<ntoombs> oh sorry
<ntoombs> i guess i'm missing the other side of the conversation
<hallyn> ntoombs: just having a very async conversation with lifeless :)
<qman__> ntoombs, try changing in your /etc/network/interfaces file
<qman__> so that 'address 1.2.3.4' is just like that, with only one space
<qman__> on all the lines
<ntoombs> ok
<ntoombs> done
<qman__> and try ifup again
<ntoombs> same error
<ntoombs> sudo ifconfig eth1 192.168.254.115 up; sudo ifup eth1 right?
<qman__> just sudo ifup eth1
<ntoombs> yea same error
<qman__> well
<qman__> unless your interfaces file is somehow different
<ntoombs> the networking restart thing worked with dhcp
<ntoombs> it doesn't work with static
<ntoombs> does that count as different?
<qman__> paste/pastebin the result of 'sudo route -n'
<qman__> that error message means that it can't add a route because it's outside the valid range
<keyboardtalk> How do I share a cups printer?
<ntoombs> http://pastebin.com/i4qcmrzu
<ntoombs> the 192.168.254.115 was assigned by dhcp
<ntoombs> i didn't change it
<ntoombs> route doesn't seem to recongnise my default gateway
<qman__> it isn't set
<ntoombs> without -n it just shows an asterix
<qman__> try this
<qman__> http://pastebin.com/index/VhyRDawJ
<qman__> change your /etc/network/interfaces to that, and reboot
<qman__> assuming .15 is not already in use
<qman__> you can use another one if it is, just choose one outside the DHCP range
<qman__> which is probably 100-200
<ntoombs> nothing is different
<ntoombs> and i'm working on a headless server from an ssh connection from my mac so if i reboot i'm afraid i won't be able to get back
<ntoombs> i'll check the range
<qman__> well, you can't very well change network settings without disconnecting
<qman__> are you connected to a different interface?
<ntoombs> it's from 1 - 253 :P
<qman__> well, you should limit that
<ntoombs> you can if you use networking restart
<qman__> and then choose an address outside of it
<qman__> using 'networking restart' would, in fact, disconnect you if the settings changed
<qman__> if you did not get disconnected, it means the settings didn't change
<ntoombs> yea it did last time
<ntoombs> and i had to reconnect
<ntoombs> i guess i just got lucky
<ntoombs> ok i'll reboot
<ntoombs> your pastebin file... what was different?
<qman__> I just added network and broadcast
<qman__> and removed the extra spaces
<ntoombs> oh i had that earlier
<ntoombs> but i didn't reboot
<ntoombs> i'll try it
<qman__> what is most likely, is something is hooking your interface and preventing the change from being made
<qman__> a reboot would solve that issue
<ntoombs> i don't see the network and broadcast in there
<ntoombs> its network 192.168.254.0
<qman__> ff
<ntoombs> and broadcast 192.168.254.254?
<qman__> http://pastebin.com/muYERLhT
<qman__> sorry
<ntoombs> no problem :)
<ntoombs> and should i change the dhcp range in my router?
<qman__> yes
<qman__> if the router tries to hand out the IP you're using, it'll be troublesome
<ntoombs> k i'm doing all that right now
<ntoombs> brb
<qman__> so you should open a gap in that DHCP range, and use it for your statics
<twb> Or simply instruct the DHCP server to statically allocate leases by MAC for specific IPs
<ntoombs> should i unplug my router for changes to take effect?
<qman__> no
<ntoombs> ok
<qman__> unless your router is a really poor quality one
<ntoombs> lol
<qman__> it should apply once you click save
<ntoombs> it's not that bad
<ntoombs> it's applied but my desktop isn't assigned a local ip anymore
<ntoombs> i'm on my laptop
<ntoombs> but it's no problem for now
<lifeless> hallyn: sorry, was on the phone for a bit there
<ntoombs> i'll edit my interfaces file now
<lifeless> hallyn: I'd rather not be telling folk to mount cgroups by hand in my docs - https://dev.launchpad.net/Running/LXC#preview
<hallyn> lifeless: not even using fstab?
<lifeless> hallyn: particularly as folk may have cgroup-bin installed for other reasons
<lifeless> which would presumably clash in fun ways
<hallyn> not-quite-sleeping baby in lap, would you midn talking tomorrow?
<ntoombs> rebooting now
<hallyn> lifeless: i think the real problem with the cgroups is that lxc-init doesn't start in cgroup:/ like it expects.  (Since you seem to have all cgrousp compsited under same dir, that's the only thing that should be going wrong)
<hallyn> lifeless:  if this is high priority, i can take a crack at solving this tomorrow
<hallyn> should be about a day's work, and like i say, it needs to be done sometime
<lifeless> hallyn: well, I have a workaround (the new cgconfig from SpamapS) for folk using natty, which most lp devs are atm
<ntoombs> qman__ looks like it's gonna time out and it's still not showing up on my router
<lifeless> only a few are brave enough to be on oni yet
<lifeless> hallyn: if we can get it sorted for oni release, that would be awesome
<qman__> ntoombs, it's not getting a DHCP lease, so it won't show up in the router
<qman__> try pinging the IP address you gave it
<hallyn> lifeless: so it all works with SpamapS'  config?
<lifeless> hallyn: well, it doesn't shutdown on lxc-stop
<lifeless> hallyn: but poweroff inside it appears to work
<ntoombs> qman__: it would ping once then timeout
<hallyn> lifeless: ok, cool, if you can get work done with that, that's great
<lifeless> we certainly can; I like to report all friction I run into though.
<qman__> ntoombs, does it keep doing so?
<ntoombs> qman__: dont i need it to show up on the router to do port forwarding and connect to the internet?
<lifeless> hallyn: I'll file a separate bug about the lxc-stop not working
<hallyn> lifeless: cool, i'll put cgroup-bin interaction high on todo list meanwhile
<qman__> as in, one response per ping?
<hallyn> lifeless: ok, thanks
<lifeless> hallyn: sweet, thanks
<ntoombs> qman__: yes it times out every time after the first packet
<lifeless> hallyn: one thing that would be -awesome-
<lifeless> hallyn: would be a template that bind mounts /home and uses the same uids
<qman__> so if you stop and start a new ping, the first packet gets a response, but none after that?
<ntoombs> qman__: i get one good packet then it times out every second after
<ntoombs> qman__: correct
<qman__> that's either a hardware problem, a driver problem, or a really bizarre firewall problem
<hallyn> lifeless: shouldn't be too bad.  would you want just /etc/shadow entries for uids 1000+ copied over, or the whole thing?
<lifeless> hallyn: let me describe my use case; then you can decide :)
<qman__> physically, how are you connected?
<qman__> direct to the router, or through a secondary switch?
<lifeless> hallyn: I want to do LP development in a lxc container rather than a VM
<hallyn> lifeless: the thing i've been using a lot (from ppa) is lxc cloning with LVM.  Seems like something which could be good for lp dev
<ntoombs> qman__: well the server is connected by ethernet direct to the router. and i connect via ssh from a terminal on my mac
<lifeless> hallyn: so in the container I want to install rabbitmq, postgresql, apache etc
<lifeless> hallyn: and I want my source code sitting in my /home/robertc
<qman__> mac is over ethernet or wifi?
<lifeless> hallyn: where I can edit it as normal, commit with my bzr & gpg keys etc
<keyboardtalk> How do I access a shared printer from Windows?
<ntoombs> wifi
<ntoombs> i can do eathernet though
<qman__> try plugging into ethernet, and trying
<qman__> it might be a wifi thing on the router
<lifeless> hallyn: then run the tests within the lxc container, using the lxc postgresql, rabbit apache
<ntoombs> ok
<ntoombs> and again thanks a ton for helping :)
<ntoombs> most people would have given up by now
<ntoombs> this might disconnect me
<qman__> not a problem, some routers do some strange things in the name of 'security'
<lifeless> hallyn: so inside the lxc it needs to write to me homedir without messing stuff up, but I don't care about service accounts
<hallyn> lifeless: would you want the whole /home bind-mounted?  just ~/src or something?
<lifeless> hallyn: whole home/$me would be easiest to reason about I think
<hallyn> 'without messing stuff up' meaning not changing owner uids, right?
<lifeless> yeah
<hallyn> ok
<lifeless> oh for bonus points,
<hallyn> lifeless: i think i'd use that myself :)  would that be higher prio for you than cgroup-bin?
<lifeless> definitely
<lifeless> hallyn: bug 798476 is also a very interesting one for me
<uvirtbot> Launchpad bug 798476 in lxc "it would be really useful to be able to make i386 lxc containers on a amd64 machine" [Undecided,New] https://launchpad.net/bugs/798476
<lifeless> hallyn: LP memory use is much lower on i386
<ntoombs> qman__: my router says i'm still connected wirelessly and my ping comes back the same. i have airport turned off co i can't connect to anything wirelessly
<lifeless> hallyn: shall I file a bug about the developer bind-mounting template [option, whatever - i dunno how it all hangs together yet]
<hallyn> lifeless: sure, that's good.  (not sure hwo kosher it is to just add things to the blueprint right now)
<qman__> well, I don't know anything about macs, but you didn't even time out, so you'd have to have the same IP address
<qman__> which is unlikely if you switched to wired
<hallyn> lifeless: hm, people *have* run i386 containers on amd64
<hallyn> but i can't remember who
<lifeless> yeah
<ntoombs> qman__: i really think i just have a dumb router
<lifeless> its probably just a case of passing the arch flag to debootstrap
<twb> hallyn: I do it
<qman__> ntoombs, entirely possible
<lifeless> it *should* be trivial
<twb> Actually, I did it only to see if I could; I don't in productioin
<lifeless> twb: is it more than ^
<twb> http://paste.debian.net/120603/
<twb> Look in there for references to $arch
<qman__> if you think that's the case, I'd give the router a reboot then
<lifeless> twb: thanks
<ntoombs> sounds good
<ntoombs> brb
<twb> Looks like only issue is debootstrap
<twb> And as a knock-on effect, which debootstrap cache I copy
<hallyn> twb: nifty, thanks
<lifeless> hallyn: bug 800482
<uvirtbot> Launchpad bug 800482 in lxc "a home/$me bind-mounted template would rock" [Undecided,New] https://launchpad.net/bugs/800482
<twb> Would it?
<lifeless> it would
<ntoombs_> qman__: i'm back
<qman__> any luck?
<ntoombs_> qman__: now i'm getting errors like ping: sendto: host is down
<ntoombs_> and ping: sendto: no route to host
<ntoombs_> but now my router says i'm on ethernet :)
<hallyn> lifeless: cool, thanks
<qman__> I'd try restarting the server again now that the router has rebooted, if you can reach the power button, just press it once quickly and it should power down
<qman__> then press again to boot up
<qman__> otherwise, if you can plug in a keyboard and press ctrl alt del
<ntoombs_> ok
<keyboardtalk> How does one access a shared printer (CUPS) hosted on ubuntu 10.04 from Windows client?
<ntoombs_> quick press of a button did not a powerdown make
<ntoombs_> i could hold it but i'm assuming that is not advisable?
<qman__> generally no
<qman__> but if you're not running any software yet it shouldn't cause too much trouble
<qman__> what filesystem are you using?
<ntoombs_> ext4 journaled so it's good
<qman__> yeah
<Feadin> Just did an apt-get update && apt-get upgrade and it wants to upgrade language-pack-en which now suddenly has LOTS of crazy dependencies, including firefox and many X libs... anyone noticed this? I'm using v11.04
<ntoombs_> to change anything i have to swap the hard drive to my desktop
<ntoombs_> but we're just doing a reboot right?
<qman__> right
<qman__> if it still doesn't come online at all, you might have to do that though
<twb> Feadin: no, but I know how to bypass the "helpful" locale packages and just generate the one you want
<qman__> may be that your router is filtering it out
<ntoombs_> whad do you suggest i change in my router?
<twb> Feadin: uninstall those, then "locale-gen en_AU.UTF-8; update-locale LANG=en_AU.UTF-8", where "en" is your language and "AU" is your country.
<ntoombs_> its a 2WIRE 2701HG
<qman__> ah, that's the issue exactly then
<Feadin> So you're suggesting we should bypass bugs and pretend that they don't exist? :) Just wanted to check if this is actually a bug or a new "feature" to simplify the maintainers jobs ;)
<twb> Feadin: I'm suggesting you should do it the Debian way
<twb> Basically because I don't like the "feature"
<qman__> sounds odd but 2wire DSL routers ONLY allow connectivity with DHCP-leased clients
<qman__> if you want to get around that limitation you need a better router
<ntoombs_> how about different firmware?
<qman__> theoretically possible but I don't know of any
<ntoombs_> m0n0wall?
<qman__> that firmware would allow it, but I don't know that it would run on your router
<ntoombs_> i was wanting to change it to that anyway
<twb> Feadin: AFAICT ubuntu default behaviour is more or less to installing *every* english locale for every CLI package as "language-pack-en-base", and every english locale for every GUI package as "language-pack-en".
<Feadin> I get it, but if I wanted to use Debian I'd be using Debian man :) Come on I'm not talking about personal preferences here. I'm just asking if anyone knows anything about this crazy dependencies which IMO shouldn't be on a server
<qman__> plus you need to make sure your ISP isn't doing some funny things with it
<twb> Feadin: so in a default lucid server network install you lose about 200MB to thunderbird and firefox localization
<qman__> AT&T U-verse is notorious for this
<twb> Feadin: shrug.  Report a bug, then.
<ntoombs_> its actually windstream
<qman__> if the router allows DHCP reservations, that may be the easiest way to go
<Feadin> Yeah I know I should report a bug, but only if it is actually a bug. I came here to ask if anyone knew anything about this issue in particular.
<qman__> Feadin, does it actually depend on them, or just recommend them?
<Feadin> I mean, adding 144MB of multimedia dependencies for a metapackage on a bew server installation is not cool
<twb> Feadin: if it's not a bug, the maintainer will just close the ticket with "not a bug"
<ntoombs_> where would i find dhcp reservations?
<Feadin> It depends on them
<twb> Feadin: IIRC language-pack-en shouldn't be installed, only -base
<twb> Feadin: IIRC the preseeds on optical media installers are supposed to be set up to behave this way
<ntoombs_> qman__: would it work if i simply turned off dhcp?
<qman__> ntoombs_, that's a good question, it would have to be something like "reservation" or "static IP" or some other "computer settings"
<ntoombs_> like this forum post says how to do. http://www.dslreports.com/forum/r22286649-How-do-I-turn-off-DHCP-on-2Wire-2701HGG
<Feadin> I installed these servers a couple of weeks ago selectiong only "OpenSSH" and leaving everything else on default, after that just added mysql-server and that's about it
<qman__> that might work, but be prepared to reset it if it doesn't
<twb> Feadin: yes, I get it too, but I don't get a preseed file
<qman__> was the router provided by your ISP?
<ntoombs_> yes
<twb> Feadin: I just manually uninstall those packages
<qman__> sometimes they hack them up
<ntoombs_> upon a $100 fee
<qman__> breaking basic functionality like this
<qman__> I need to go for a few minutes, I'll be back soon
<ntoombs_> ok
<Feadin> Anyone has a default 11.04 server installation to try and do an "apt-get update && apt-get -s upgrade"?
<Feadin> just want to be sure this is actually a bug and not my mistake
<Gaming4JC> Hey guys, I have a VPS running and I did an update of MySQL. I bumped into this error now everytime the system starts I cannot get MySQL - ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<Gaming4JC> if I type... sudo /etc/init.d/mysql start
<Gaming4JC> I can get it running again. But that's not much of an option since I need this to be stable and working 24/7
<Gaming4JC> I tried purge/reinstall of mysql, error persists.
<Gaming4JC> ideas? :(
<Jasonn> Gaming4JC: I can get you a vds real quick if you are looking for that
<Gaming4JC> Jasonn: hmm?
<Jasonn> check PM
<ntoombs> qman__: you there?
<josePhoenix> Hi all
<josePhoenix> I seem to have broken my server :D
<josePhoenix> This is a great development in my evening
<josePhoenix> Can I display the grub config from a grub prompt?
<josePhoenix> I just ran a normal dist upgrade and it rebooted and then I got "error no such device"
<lifeless> twb: is that template you hav esomething you're going to put fforward as a patch ?
<lifeless> twb: it seems to be structured rather differnetly :)
<josePhoenix> But really. What's my first thing to try when I'm at a grub prompt?
<twb> enter?
<lifeless> twb: is that template you hav esomething you're going to put fforward as a patch ?
<lifeless> twb: it seems to be structured rather differnetly :)
<josePhoenix> twb: well, it does go to a new line.. doesn't do much else
<twb> lifeless: it's in-house shite
<twb> lifeless: I'm happy to publish it but it's not exactly merge-ready
<lifeless> yeah
<lifeless> I think I have a minimal (fugly) patch to do i386, I'm just testing now
<josePhoenix> Is there any way to list drives or see the grub configuration from the grub> prompt?
<josePhoenix> or am I better off using a livecd and trying from there
<lifeless> for drives just tab complete
<lifeless> (TAB
<josePhoenix> Doesn't seem to show anything
<lifeless> thats unusual :)
<josePhoenix> the worst thing to hear :P
<josePhoenix> Well the error message is something like "unknown device" but from googling I've seen this mentioned in conjunction with LVM and with unused floppy drives being enabled
<twb> josePhoenix: depending on the bash, you will have tab completion
<twb> josePhoenix: (hd<TAB>, (hd0)/<TAB> etc
<twb> hd0 = sda, hd0,1 = sda1
<twb> Oh, except I think in grub2 the numbering is from 0 for partitions as well :-/
<josePhoenix> ay de mi....
<twb> Note the parens around (hd0,1) are important
<twb> If this is all too hard, just get a live CD and fix it that way
<josePhoenix> hmm partition 0,1, ext2; partition 0,5: unknown filesystem
<josePhoenix> But if the kernel + initrd was installed to a /boot partition it shouldn't have trouble reading it
<twb> the latter might be swap
<twb> Certainly it SHOULDN'T have trouble :-(
<josePhoenix> The only thing that didn't go perfectly smoothly in this upgrade was that at one point the screen went blank and I hit enter to get it back without thinking
<josePhoenix> and it chose N on the 'reboot now?' prompt and I had to start over
<josePhoenix> but I thought ubuntu was too polished for that to fuck things up...
<lifeless> so if its just got an old config
<lifeless> subtracting 1 from the entries it was trying to boot with
<lifeless> should make it all happy
<josePhoenix> Could you elaborate on what that means?
<lifeless> well
<lifeless> your config should be present by default
<lifeless> you can edit it in the grub prompt, or manually issue the commans
<lifeless> https://help.ubuntu.com/community/Grub2#Command Line and Rescue Mode
<lifeless> explore the fs's using tab complete to find the right partitions and then boot by hand
<lifeless> if the stage2 loader couldn't be found thats more of a problem
<lifeless> how far through is it getting ?
<josePhoenix> It drops me at a grub> prompt after saying "unknown device"
<josePhoenix> though that message only flashes on screen for an instant
<josePhoenix> hmm does the grub prompt include a pager? I can't see the beginning of this config file -.-
<lifeless> hah
<lifeless> root@lucid-test-lp:~# arch
<lifeless> x86_64
<lifeless> root@lucid-test-lp:~# dpkg --print-architecture
<lifeless> i386
<josePhoenix> Man, I used to know all of this back when I used Gentoo.
<airtonix> is it possible to provide an option in ~/.ssh/config to limit-rate (the scp has an argument -l that takes Kbits/s)
<josePhoenix> Anyone know if ubuntu wants initargs?
<josePhoenix> er
<josePhoenix> init= bootarg?
<josePhoenix> Is there a pager in the initrd shell?
<twb> init=foo is not necessary by default
<josePhoenix> Or any way I can see the top half of this file that scrolls offscreen?
<twb> The busybox program provides a bunch of applets; which ones depends on how the team are feeling that week.
<twb> Debian's busybox includes more (or less?) nowadays, but I think Ubuntu's is a 100kB smaller and containers less stuff :-(
<josePhoenix> :[
<josePhoenix> more doesn't work and less is missing
<twb> josePhoenix: if all else fails, you have to write to a file then use head and tail to get the page you want
<twb> josePhoenix: I've seen that problem with more not working before, I think it's because the emergency environment's terminal capabilities are buggered â I never solved it myself
<twb> re head/tail â or grep, sed, etc., of course
<josePhoenix> okay, here is what I have figured out so far... I have a /boot at (hd0,1) that contains no vmlinuz/initrd.img but it does have vmlinuz-2.6.38-8-server + corresponding initrd
<twb> The symlinks are in root, not boot, by default
<josePhoenix> ah good to know
<josePhoenix> there is also a partition at (hd0,5) which grub says is an 'unknown filesystem' but must be an LVM group because I know there's supposed to be a swap partition on here
<josePhoenix> and there are only two primary partitions
<josePhoenix> I think the problem is that I need to guess root= based on the startup output from the initrd stage
<josePhoenix> or not
<josePhoenix> I'm not sure how grub and kernel lines and LVM work
<josePhoenix> well that's interesting.
<josePhoenix> YAY IT BOOTED
<keyboardtalk> I need some help enabling php5 on apache2. php code is not being parsed by the server
<SpamapS> keyboardtalk: did you install libapache2-mod-php5 ?
<keyboardtalk> yes
<SpamapS> keyboardtalk: did you then run 'sudo a2enmod php5' ?
<twb> SpamapS: doesn't it do that implicitly in the postisnt
<slyboots_> twb: Ah it should
<keyboardtalk> SpamapS: yes
<SpamapS> twb: not sure
<SpamapS> would make sense
<SpamapS> keyboardtalk: at this point you probably need to add a config file that adds the PHP handler
<SpamapS> Would have hoped that happened automatically too but I guess not
<twb> It *is* automatic provided he follows the conventions that the automatic scripts expect
<twb> e.g. the mod_fcgi package sets up fast CGI only for *.fcgi files
<SpamapS> been a while since I dropped it on a bare machine and tried it out. :-P
<keyboardtalk>  SpamapS: okay php seems to be working in /var/www, but not in other directories, namely /home/<user>/public_html/
<keyboardtalk> do php directories & files need certain permissions to work?
<jmarsden> keyboardtalk: Read /etc/apache2/mods-enabled/php5.conf and note the deliberate turning off of PHP in user directories there, as a security precaution...
<jmarsden> keyboardtalk: You can edit it if you want PHP in userdirs.
<twb> I have a host running mod-php5, but I've locked it down as much as I could so it won't reflect the defaults
<jmarsden> Or I think you could override it in .htaccess on a per-user basis
<twb> jmarsden: assuming you leave .htaccess turned on :-)
<jmarsden> Yes :)
<SpamapS> keyboardtalk: if you want to run per-user php.. you'll want to look into something to keep them from attacking eachother. :)
<luite> mod-php5 isn't terribly suitable for servers with multiple users anyway
 * twb waves the "static HTML or GTFO" banner
<SpamapS> chrooted fastcgi .. lxc containers.. whole vms.. just don't turn on mod_php for user dirs
<keyboardtalk> Okay, thank you very much
<twb> I hate fastcgi
<twb> I'd rather just have an app server daemon speak HTTP to the reverse proxy "real" web server
<luite> hmm, fastcgi has been working fine for me (for php), but it does eat a lot of memory
<greppy> I've been liking fcgi and/or suphp for a while :)
<luite> hehe I can't really say that I like it, but it works (mod-fcgid, suexec and fastcgi)
<twb> luite: are you running an httpd on the same host, or are you running fastcgi over a trusted network?
<luite> same host
<twb> Yeah see I do that but I don't like it
<twb> <user> â <varnish> â <apache> â <fcgi app>
<twb> I would prefer <user> â <varnish> â <http app>
<keyboardtalk> Out of curiosity, what is the risk with enabling php for all users?
<twb> keyboardtalk: that they'll use php
<luite> keyboardtalk: all php scripts run under the same user id, so users can read each others php files
<luite> keyboardtalk: (that's for mod-php for all users)
<keyboardtalk> okay, good to know
<SpamapS> twb: you can do that, just run your http app w/ mod_php ..why not?
<twb> SpamapS: my app is written in C, not PHP
<twb> At least this time it is
<SpamapS> twb: In that case, libevent FTW
<twb> SpamapS: how would that work?  I am talking to upstream about it this week
<SpamapS> full http server code built in.. :)
<twb> I've only ever seen libevent used in rxvt
<luite> twb: I like it that apache tries to automatically starts the fastcgi apps, fewer things to watch :) , but I use apache reverse proxy for my non-php web apps
<luite> (written in haskell)
<SpamapS> twb: recent versions of libevent have evhttp.h ...
<SpamapS> http://monkey.org/~provos/libevent/doxygen-1.4.3/
<twb> luite: yeah, I am actually using apache not varnish, but that devalues my argument a little :-)
<twb> SpamapS: neat
<SpamapS> twb: you just register a callback per URI, and a default callback for dynamic URI's
<twb> SpamapS: can I quote you (i.e. mail the scrollback to their list)?
<twb> It'll save me paraphrasing
<SpamapS> twb: sure, I'm just quoting from the docs
<SpamapS> I played around with it a few months ago.. VERY easy to write an HTTP server
<twb> I suppose it would be ironic if he switched to libevent and I couldn't get a new enough version into lucid
<SpamapS> lucid is new enough
<twb> Cool
 * SpamapS shudders, recalling using CentOS 5's 4 year old libevent
<SpamapS> which is now.. 7 years old I think
<twb> That's odd... urxvt appears to not use libevent in sid, but I thought it did
<SpamapS> weird that a gui terminal would use it
<SpamapS> I guess it makes sense.. but seems a bit heavy
<twb> Ah, here http://software.schmorp.de/pkg/libev.html
<twb> "A full-featured and high-performance (see benchmark) event loop that is loosely modelled after libevent, but without its limitations and bugs."
<twb> Nice and objective there schmorp :-)
<luite> the same lib that's used by the framework that I'm using :) ( http://snapframework.com/ )
<twb> luite: which, ev or event?
<luite> ev
<alex_21> Hi all,
<alex_21> I am tring to clean everything off my server.
<alex_21> I want to return to a minimal installation. Is there any command to do this?
<twb> alex_21: markauto most/all packages that are not Section: metapackages
<twb> This is not a perfect rollback, tho
<alex_21> I want to completely reinstall everything, config and all without reinstalling Ubunut.
<twb> You can't have that
<twb> You can make it re-ask you most configuration options with "dpkg-reconfigure --all", but this is not the same.
<twb> Nor it "aptitude reinstall ?installed"
<twb> Feel free to try them anyway, once you have working backups.  I think it'll be easier to do a full reinstall.
<SpamapS> alex_21: for the future, this is why configuration management helps.. :)
<alex_21> How can I reconfigure ldap.
<alex_21> ?
<twb> Oh ldap
<twb> you are totally fucked
<twb> ldap HATES changes
<twb> Especially if you're still using FDS or that other one.  OpenLDAP is a little better
<alex_21> Allright guys. Thanks for the help. Reinstalling it is.
<alex_21> Good night.
<nickmoeck> Is there a reputable PPA with mysql 5.5 packages for lucid?
<soren> nickmoeck: I *seriously* doubt it. It's not even in Debian experimental or Ubuntu Oneiric yet.
<twb> Packaging mysql isn't exactly trivial
<nickmoeck> You're kidding, right? MySQL 5.5 was released in December! How are there no packages for it yet?
<nickmoeck> surely it doesn't take more than 6 months to package
<twb> nickmoeck: well, are you helping?
<nickmoeck> twb: obviously not, I don't really know much about packaging. But I would think for something as important as mysql, packages for the latest version would be made within 6 months of the release
<twb> Well, *I'm* not helping because the sooner mysql dies the sooner people will switch to sqlite and postgres, which are IMO infinitely better suited to toy and production usage respectively
<twb> You can make a shit package in an afternoon, but getting it release-quality is difficult, especially since, as you say, so much gank relies on mysql and thus so many people will complain if you screw it up.
<twb> Or it could just be that the guy responsible for packaging mysql for Ubuntu has gotten a job or a girlfriend in the last six months...
<lifeless> twb: I've put up a patch for doing i386 lxc's
<twb> lifeless: hmm?
<lifeless> twb: would be interesting to know if it would suit your needs
<lifeless> twb: bug 798476
<uvirtbot> Launchpad bug 798476 in lxc "it would be really useful to be able to make i386 lxc containers on a amd64 machine" [Low,Confirmed] https://launchpad.net/bugs/798476
<larsemil> old computer running md0 with lvm crashed. no i want to mount it on new hardware. It can find all volumegroups and logical volumes but it does not put them to /dev so that i can mount it. How do i import it? i am afraid vgimport does not work as it was not exported before old computer died.
<twb> larsemil: lvm2 vgscan -ay?
<twb> larsemil: something like that; last time I did it I RTFS'd the ramdisk to work out the details
<larsemil> it finds it allright, but it does not make it mountable...
<larsemil> twb: vgchange -ay was the solution
<twb> good-o
<larsemil> thanks for pointing me in the -ay direction!
<twb> -ay means "bloody well do it" in LVM
<phretor> any idea of why this error is occurring? http://paste.pocoo.org/show/416826/ "Exception during pm.DoInstall():  E:Internal Error, Could not perform immediate configuration (2) on util-linux" or how to solve it?
<sarit> !paste | sarit
<ubottu> sarit, please see my private message
<uvirtbot> New bug: #800597 in postfix (main) "Latest postfix update breaks hash-based aliases.db (potentially other .db files too?)" [Undecided,New] https://launchpad.net/bugs/800597
<m3asmi> (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 !!
<cloakable> m3asmi: There's something listening on port 80. Are you running a httpd already?
<m3asmi> cloakble : I fix that problem
<m3asmi> I ask about the :   The requested URL /www was not found on this server.
<uvirtbot> New bug: #800340 in ipxe (universe) "[MIR] ipxe" [Undecided,New] https://launchpad.net/bugs/800340
<uvirtbot> New bug: #800656 in etckeeper (main) "Update Manager can not proceed if there is a lock on /etc" [Undecided,New] https://launchpad.net/bugs/800656
<sommer> morning all
<uvirtbot> New bug: #800543 in dbconfig-common (main) "Installing zabbix-frontend-php fails in noninteractive mode" [Undecided,New] https://launchpad.net/bugs/800543
<hallyn> oh man, ppa build started yesterday morning still hasn't started
<ScottK> Heya sommer.
<^^rcaskey> I've got an old server i'd like to get onoboard with automatic security updates. Just dist-upgraded to lucid, is there just a package i need to add or reconfigure?
<zul> hallyn: around?
<hallyn> zul: yeah, what's up?
<zul> hallyn: we said we can drop the 9022-allows-lxc-containers-with-lxcguest.patch right?
<hallyn> zul: are you doing 0.9.2?
<zul> hallyn: yeah if we dont it needs to be rediffed
<hallyn> you're pulling from sid, or upstream?
<zul> sid
<hallyn> zul: fetching.  But in any case, so long as it has the patch from upstream adding the LXC_UUID, then yes
<zul> hallyn: ok ill drop it then
<hallyn> though, hm
<hallyn> zul: we'll have to make sure then that the lxcguest package for natty has the LIBVIRT_LXC_UUID fix
<zul> you mean for oneiric
<hallyn> zul: no
<hallyn> zul: lxcguest runs in the guest, so natty guests on oneiric hosts will need to do the right thing
<zul> hallyn: oh right
<hallyn> zul: can you take care of SRU'ing that?  (i'ts not in natty, just checked)
<zul> hallyn: yeah i can probably do that
<hallyn> zul: cool, thanks.  Should just be able to cp debian/*.upstart from the oneiric version
<hallyn> i'm getting my ass kicked by the lxc template stuff (trying to consolidate the templates into one)
<zul> hallyn: heh sucks to be you when is a new version of lxc suppose to be out
<hallyn> whenever dlezcano feels there's a new feature
<hallyn> zul: heh, found my biggest problem - missing ':' after option in getopt.  doh
<hallyn> new template is gonna rock
<zul> hallyn: doh!
<RoAkSoAx> Daviey: when are we looking into having cobbler in main?
<RoAkSoAx> kirkland: ^^
<Daviey> RoAkSoAx: We'll check on it start of next week i think
<Monotoko> hey guys...I'm following this tutorial: https://help.ubuntu.com/8.04/serverguide/C/postfix.html and when I try to connect I get kicked out by this: http://pastebin.com/WQ3e99Dq, what should be at "private/auth-client"?
<kirkland> RoAkSoAx: personally, i have no strong need for cobbler to be in main
<kirkland> RoAkSoAx: but i think Daviey and your team will probably need it so
<RoAkSoAx> Daviey: ok cool!
<RoAkSoAx> kirkland: thought orchestra was gonna have to be in Main by this cycle
<kirkland> RoAkSoAx: that's up to you guys
<Monotoko> :(
<RoAkSoAx> kirkland:  ok ;)
<lynxman> ping Daviey
<uvirtbot> New bug: #800744 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/800744
<w00> Isn't that cute.. install munin wants to also put x11-common on my system ;/
<Doonz> has anyone set up openvpn server in ubuntu 10.04
<Riz> Doonz: yup
<SpamapS> lynxman: generally nick: ping is more reliable.. some people (like me) don't have their name highlighted in all instances.. just when its the first word
<SpamapS> Doonz: https://help.ubuntu.com/10.04/serverguide/C/openvpn.html
<lynxman> SpamapS: will have that in mind, he normally replies though :)
<Doonz> 1 sec damn work is getting in the way
<medberry> SpamapS, ah, I've never heard of that setting/behavior. Probably comes in handy if you have a ubiquitous nick.
<SpamapS> medberry: its the default in irssi
<pmatulis> can one install a kvm guest running the devel release with vmbuilder?
<Doonz> SpamapS: ive tried that guide a few times and it didnt work
<Doonz> https://help.ubuntu.com/10.04/serverguide/C/network-configuration.html#bridging Ive tried following that guide but it wont bring up the bridged connection
<ScottK> Doonz: Please file a bug with details against the ubuntu-docs project.
<Doonz> its not a bug. just a stupid user trying to do something he doesnt know anything about
<Doonz> :(
<Doonz> https://help.ubuntu.com/10.04/serverguide/C/openvpn.html <-- im going to retry this guide and ill pastebin the errors
<SpamapS> pmatulis: should be doable
<pmatulis> SpamapS: do you know how?  i mean, is it done with hacking?
<pmatulis> SpamapS: b/c suite=oneiric doesn't work if host is natty
<Daviey> lynxman: sorry, was otp
<SpamapS> pmatulis: not sure. I just use iso's + virt-manager. :-P
<pmatulis> SpamapS: ok
<lynxman> Daviey: no problem
<Doonz> well its official im an idiot
<Doonz> so anyone wanna set up openvpn server for me
<Doonz> *sigh*
<Doonz> heres what i get after i follown the openvpn guide http://pastebin.com/RUq5Mtup
<maxo> I'm using Ubuntu Enterprise Cloud (Eucalyptus). If I terminate an instance, any configuration made is lost. How can one get round this problem?
<lynxman> RoAkSoAx: ping
<RoAkSoAx> lynxman: pong
<fowlduck> We have an Intel Xeon E5645 and we're not seeing the 2 threads per core in lscpu, cat /proc/cpuinfo, etc, despite the processor being capable of hyperthreading. Is there a way to determine what features are supported by the kernel? I'd like to check if hyperthreading is enabled
<fowlduck> btw, `uname -a` # => Linux 358015-domain 2.6.38-8-server #42-Ubuntu SMP Mon Apr 11 03:49:04 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
<fowlduck> we're using a bare-metal host and we're trying to prove that the issue isn't with the OS (or fixing it if it is), so I can't exactly check the BIOS or anything
<amero> i have a question about socks proxy server. for a socks server to be able to accept and forward incoming connections back to clients behind the proxy, what does it need to have?
<SpamapS> fowlduck: if the CPU can do it, it should be in the flags in /proc/cpuinfo
<SpamapS> fowlduck: it may still be disabled in the BIOS
<SpamapS> fowlduck: I'd say 90% of workloads see no real benefit to HT
<fowlduck> SpamapS: thanks for getting back to me, I got some help from the guys in #ubuntu-kernel on the problem
<fowlduck> You're right, too. It seems to be disabled in the BIOS
<fowlduck> despite the minimal performance improvements, we'd like to get the potential benefits if its available
<RoAkSoAx> SpamapS: should postinst/postrm scripts call "service XYW restart" or similar? or should that be done with invoke.rc-d
<RoAkSoAx> invoke-rc.d*
<SpamapS> invoke-rc.d is the *only* way allowed
<RoAkSoAx> SpamapS: that's what I thought! Thanks
<rump> does rsyslogd miss anything besides apache on a default install?
<pmatulis> i didn't know apache was part of the default install
<RoyK> pmatulis: it isn't
<pmatulis> RoyK: rump is mixed up
<uvirtbot> New bug: #800824 in cloud-init (main) "cloud-init-nonet times out in lxc" [High,Confirmed] https://launchpad.net/bugs/800824
<vooze> i just switched from debian til ubuntu-server (or trying to) but for some reason, the ubuntu 11.04 server CD cant see my main harddrive.. debian can just fine.. any ideas?
<uvirtbot> New bug: #800833 in amavisd-new (main) "package amavisd-new-postfix 1:2.6.5-0ubuntu2 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/800833
<RoyK> vooze: sound strange - but just a thought - if you plan to setup a server, why don't you use an LTS release such as 10.04?
<RoyK> 11.04 will only be supported for 18 months
<RoyK> LTS server releases are supported for a full 5 years from release
<Alfafa> Hi I haven't followed this channel. But you are aware that a aptitude full-upgrade today will pull in a lot of irrelevant packages? like firefox,synaptic etc..gui programs?
<Alfafa> I also found a forum post from one experiencing the same http://ubuntuforums.org/showthread.php?t=1788159
<RoyK> Alfafa: sometimes dependencies change - but really - if you don't have any graphical stuff installed, an apt-get dist-upgrade (I guess that's like aptitude full-upgrade) really shouldn't add much new
<RoyK> Alfafa: which version?
<Alfafa> It is 11.04
<RoyK> 11.04 has a few dependency issues - I know
<Alfafa> apt-get dist-upgrade does the same..pulling in gui stuff
 * RoyK sticks to LTS releases for servers
<Alfafa> Ok..I would just make sure someone knew :-)
<vooze> RoyK: yeah, trying that now.. burning atm.
<ScottK> Alfafa: No.  No it doesn't.  You added something.
<RoyK> Alfafa: report a bug
<ScottK> I've upgraded servers from 10.10 to 11.04 just fine.
<RoyK> ScottK: the dependencies in 11.04 are rather patchy
 * w00 same
<ScottK> RoyK: Point to bugs please.
<RoyK> I've just been testing on a test VM, and had lots of wierd issues
<Alfafa> I didn't add something I ran a perfectly normal aptitude full-upgrade yesterday and today the same pull in a lot of gui packages not needed
<ScottK> Alfafa: What does apt-get upgrade do?
<RoyK> ScottK: so I just ditched the VM and let it go
<ScottK> OK.
<Alfafa> apt-get upgrade should work much better
<Alfafa> but you wouldn't get kernel updates i believe by using that
<RoyK> ScottK: upgrade to the latest version of packages within the distro version (say, 10.04.1), but it won't upgrade to 10.04.2 - dist-upgrade would
<ScottK> Alfafa: OK.  How about apt-get dist-upgrade?
<ScottK> RoyK: No.  That's wrong.
<RoyK> sure?
<ScottK> Yes.
<ScottK> 10.04.2 is nothing more than all the updates released for 10.04 on a certain date.
<RoyK> hm.. I thought it was a new subversion, slightly newer packages etc
<ScottK> The difference between upgrade and dist-upgrade is that dist-upgrade will add/remove packages if needed and upgrade won't.
<RoyK> never mind
<ScottK> Generally in stable releases that just comes up with kernels that break ABI and need new package names.
<RoyK> what's ABI?
<ScottK> Application Binary Interface.
<RoyK> k
<ScottK> If the binary interface changes there are packages that need to be rebuilt against the newer ABI so they change the package name.
<RoyK> I'm running 2.6.35 on my Lucid servers atm - haven't seen any issues there
<ScottK> That means a kernel upgrade (if it breaks ABI) needs dist-upgrade.
<RoyK> ah - IC
<RoyK> thanks for the info
<RoyK> I generally only use dist-upgrade, though
<RoyK> guess that should be safe, then
<Alfafa> I think it may be a new upgradedable package today which have a rather weird recommends. I can look at the packages it will upgrade to see which one of them pulls in the 57 new(mostly gui packages) packages
<ScottK> Lucid was released with 2.6.32.21.22 and has 2.6.32.32.38 now.
<ScottK> Every time the 4th number changes it's an ABI break and there's new binary packages.
<RoyK> ScottK: there's a maverick backport of 2.6.35-25 in the repos
<RoyK> ScottK: and that's recommended because of some bugs not fixable in 2.6.32
<RoyK> (last I checked)
<ScottK> It's got a completely different set of package names.
<RoyK> dist-upgrade won't pull it, though, you'll have to apt-get install it
<ScottK> I think it's recommended only if you're having issues with the normal one.
<ScottK> My LTS servers are running the regular 2.6.32 with no problems.  YMMV.
<RoyK> well, I just updated my boxes - all 20-odd servers are running 2.6.35 now without issues
<Alfafa> ok..i think the bug is the recommends for language-pack-en-base which recommends firefox-locale-en which then depends on firefox maybe? but I am not sure..i believe aptitude full-upgrade sometimes install the recommended packages which apt-get upgrade doesn't?
<ScottK> Perhaps.
<ScottK> Let me look into it.
<RoyK> vooze: any luck?
<uvirtbot> New bug: #800845 in munin (main) "plugin postfix_mailvolume invalid output when log file missing" [Undecided,New] https://launchpad.net/bugs/800845
<ScottK> Alfafa: I don't think that's part of the standard server install.
<Alfafa> ScottK: Hmm..ok I will look into why it is there then
<uvirtbot> New bug: #800856 in cloud-init (main) "resizefs module causes problems on LXC containers" [Undecided,New] https://launchpad.net/bugs/800856
<Alfafa> apt-get -s install apt-rdepends
<Alfafa> sorry
<lifeless> hallyn: SpamapS: thanks for your aid - this is what I have now - https://dev.launchpad.net/Running/LXC#preview
<Alfafa> ScottK: Ok. Couldn't find any reasonable rdepends...so removed the language-pack* maybe it has been put in some time earlier (it has been upgraded to 11.04 and not reinstalled)
<Alfafa> ScottK: Sorry for wasting your time
<ScottK> No problem.
<ScottK> Sometimes this is how you find out.
<Alfafa> ScottK: I will just answer the other ones forum post..then somebody else can find it ;-)
<RoyK> anyone around that knows a good L2 network discovery tool?
<lifeless> SpamapS: hallyn: next fail point - fuse fails to install in the lxc
<Daviey> lifeless: wow, that is a suprise.. fails to dpkg unpack/configure?
<lifeless> Setting up fuse-utils (2.8.1-1.1ubuntu2) ...
<lifeless> creating fuse group...
<lifeless> mknod: `fuse-': Operation not permitted
<lifeless> makedev fuse c 10 229 root root 0660: failed
<lifeless> chgrp: cannot access `/dev/fuse': No such file or directory
<SpamapS> lifeless: yeah you have to mknod outside of lxc IIRC
<lifeless> SpamapS: where should I file the bug ?
<SpamapS> hallyn: ^^ ?
<lifeless> devpts fs doesn't help
<lifeless> http://jtrancas.wordpress.com/2011/02/09/fuse-filesystems-lxc-container/ perhaps
<Daviey> lifeless: looks like an lxc issue then... with the template.
<lifeless> adding that stuff to the config seems to be enough
<lifeless> bug 800886
<uvirtbot> Launchpad bug 800886 in lxc "lucid fuse-utils fails to install in lxc container" [Undecided,New] https://launchpad.net/bugs/800886
<RoyK> bug 1
<Daviey> timeout \o/
<RoyK> hm...
<uvirtbot> Launchpad bug 1 in ubuntu "Microsoft has a majority market share" [Critical,In progress] https://launchpad.net/bugs/1
<Daviey> i'm wrong!
<Daviey> thanks lifeless
<RoyK> this pool is FAST http://paste.ubuntu.com/630972/ :D
<hallyn> lifeless: SpamapS: no bug.  edit the container's config (/var/lib/lxc/<container>/config) and add a devices whitelist eception for /dev/fuse
<Daviey> hallyn: can we not ship that?
<hallyn> Daviey: we shouldn't.
<Daviey> hallyn: oh?
<lifeless> hallyn: why not ?
<hallyn> bc we pretend containers aren't 100% unsafe as is :)
<lifeless> hallyn: could we ship an option
<lifeless> hallyn: so folk don't go off of random internet sites like I just did.
<hallyn> lifeless: right, just add the option to the config
<hallyn> lifeless: no problem, the lp bug shoudl steer people :)
<hallyn> where is that link you pasted before
<lifeless>  http://jtrancas.wordpress.com/2011/02/09/fuse-filesystems-lxc-container/
<hallyn> ah there it is
<lifeless> seems to be for udev
<lifeless> so perhaps not relevant to lucid
<hallyn> lifeless: thx :)
<Daviey> hallyn: I wonder if handling the fuse failure could be better handled in the fuse package giving reasoning for failure, and suggesting uncommenting it on the config?
<Daviey> (ship it commented out?)
<hallyn> Daviey: could be
<lifeless> whats the security issue with this?
<hallyn> presumably it allows the conatiner to load arbitrary fuse filesystems?  and abuse any holes which might exist in the /dev/fuse api
<hallyn> security issue is just 'a big blog tying into the kernel'
<lifeless> but fs's are contained
<hallyn> maybe i'm being unreasonably, i dunno
<lifeless> if fuse is unsafe
<hallyn> contained by what?
<lifeless> I thought they were namespaced ?
<hallyn> that's not the angle i'm worried about,
<hallyn> it's that the kernel is calling out to functions in userspace,
<hallyn> and the container is writing those functions
<Daviey> I love the fact that fuse is a userspace implementation for filesystems... and yet, we are still blocked on the kernel module :)
<lifeless> right...
<lifeless> but that doesn't seem intrinsically insecure
<hallyn> it's intrinsically fragile
<lifeless> as long as the kernel doesn't trust the userspace implementation blindly
<hallyn> lifeless: it's the same reason why we want to sandbox containers so that any fo the 100 newest syscalls can't be used :)
 * lifeless would like to not need fuse, but is installing gnome inside the lxc container :(
<Daviey> lifeless: you sir, are a crazy man.
<hallyn> lifeless: well again, containers aren't secure to begin with,
<lifeless> Daviey: windmill tests
<lifeless> Daviey: for LP
<hallyn> lifeless: so i don't want to make it too hard.  But is adding that entry to the config too much?
<Daviey> lifeless: interesting!
<lifeless> Daviey: https://dev.launchpad.net/Running/LXC
<Daviey> hallyn: it seems a discoverability issue
<lifeless> hallyn: well, the less it Just Works
<hallyn> ypu
<hallyn> yup
<lifeless> hallyn: the harder it is to use.
<lifeless> hallyn: so I accept that if there is an issue, we shouldn't do it.
<hallyn> Daviey: so being a discoverability issue, i'd lean toward fiing it in fuse-utils
<lifeless> hallyn: but I'd rather concrete 'we need to do X to fix it' objections rather than 'it might break'.
<hallyn> lifeless: the issue will become more meaningful when we have user namespaces.  I just don't want toopen all the doors in the meantime so that then user namespaces will be worthless
<lifeless> hallyn: wearing my obstinate user hat rather firmly.
<lifeless> hallyn: anyhow - that wiki page I just linked documents doing the home bindmount
<Daviey> lifeless: So are you thinking of doing this to integrate with the tarmac pre land testing?
<lifeless> hallyn: the one bit I'm missing is user mirroring
<hallyn> lifeless: maybe we should as on #ubuntu-hardened how safe they feel with /dev/fuse API.  I know little
<lifeless> Daviey: we don't use tarmac :) - and no.
<hallyn> lifeless: you can use the lxc-ubuntu template I linked to in the bug
<lifeless> Daviey: doing it to have less memory footprint than the lucid VM I currently use.
<hallyn> lifeless: let me post some debs actually to people.canonical.com, one sec
<Daviey> lifeless: oh right
<hallyn> lifeless: http://people.canonical.com/~serge/lxc_0.7.4-0ubuntu7.1clone3_amd64.deb
<hallyn> lifeless: with that deb, you can do 'lxc-create -t natty -n natty -f /etc/lxc.conf -- -b lifeless
<hallyn> and user lifeless will be bind-mounted and created in the container
<lifeless> wicked
<hallyn> it also supports '-a i386'
<lifeless> nice
<lifeless> that will be in oneiric?
<hallyn> yeah, unless it hits resistence upstream (unlikely for this)
<hallyn> lifeless: actually yo uneed to add '-r natty', as the default container is lucid
<lifeless> hallyn: well, I want lucid :)
<hallyn> lifeless: excellent :)
<lifeless> hallyn: launchpad.net deploys on lucid
<hallyn> lifeless: then until lp gets aroudn to compiling the ubuntu-virt ppa's lxc, you'll need to add '-x' to trim the container (as it can't install the lxcguest package)
<lifeless> lxcguest ?
<hallyn> oh yay, it built
<Daviey> hallyn: Hmm, i don't think lifeless wants to deploy in lxc... just devel
<hallyn> lifeless: yes, lxcguest works around some blotches where upstart can't deal with not beign on hardwrae
<hallyn> Daviey: so?
<lifeless> hallyn: so I should install that in my lucid guest ?
<lifeless> $ apt-cache show lxcguest
<lifeless> W: Unable to locate package lxcguest
<lifeless> E: No packages found
<hallyn> lifeless: only if you want it to be safe across udev upgrades
<hallyn> right, it comes from ppa:ubuntu-virt/ppa.  It's in natty and oneiric, but not lucid and maverick
<lifeless> hallyn: is it needed for lucid?
<Daviey> hallyn: Ahh.. i missunderstood "then until lp gets aroudn to compiling the ubuntu-virt ppa's lxc
<hallyn> not if you create a trimmed container (which the lxc-lucid template did, and which the new template does if you add -x)
<hallyn> Daviey: oh yeah, it just took over 24 hrs for it to get around to it
<hallyn> lifeless: are these 'run and delete' contaienrs?
<lifeless> hardware testing have solten all the builders
<lifeless> hallyn: nope
<hallyn> you're going to keep themaround and upgrade?
<lifeless> hallyn: we install a GB of dependencies
<lifeless> so i doubt folk will treat them as transient things
<hallyn> then yeah, use lxcguest
<Daviey> hallyn: You know, having someone on the launchpad team that wants to use a package from a PPA oddly increases it's build time :)
<lifeless> let me know when its available for lucid?
<hallyn> it does things like bind-mount an empty fiel over /lib/init/fstab, so that if mountall/udev gets updated it still boots
<Daviey> (err, decreases)
<hallyn> lifeless: it's available now in the ubuntu-virt ppa
<hallyn> lifeless: it must have just compiled
<hallyn> lifeless: I assume there is no way to add that package into the official lucid  archive at this late date
<lifeless> hallyn: sure you can, its not trivial but it is doable
<lifeless> lxcguest wants to futz with /etc/init/console.conf
<hallyn> lifeless: that file only exists bc the lxc-lucid template created it
<lifeless> ok, so I
<hallyn> so yes, the idea is the template doesn't change the container, you just run lxcguest in a plain VM, then you can boot it either in kvm or a container
<hallyn> no changes
<Daviey> hallyn: backports baby!
<hallyn> Daviey: well, it's in ubuntu-virt ppa...
<hallyn> i thought that was a reasonably official place to put it
<lifeless>  https://dev.launchpad.net/Running/LXC#preview now with lxcguest info
 * Daviey watchs hallyn stir the beehive of PPA's vs Backports.
<hallyn> lifeless: I just want to get my lxc-lvmcreate script back itno my pacakge, then I will push it to ppa:serge-hallyn/lxc-natty and blog about how to use it to do the arch and home bind mounting
<lifeless> hallyn: let me know as things improve and become accessible, I'll happily update this wiki page
<hallyn> lifeless: great,thanks
<hallyn> jdstrand: kees: does one of you have any input on the safety and sanity of the api used with /dev/fuse?
<hallyn> (regarding bug 800886)
<uvirtbot> Launchpad bug 800886 in lxc "lucid fuse-utils fails to install in lxc container" [Undecided,Confirmed] https://launchpad.net/bugs/800886
<hallyn> if you gusy tell me it's safe, I'll just add it to the whitelist int he template
 * jdstrand does not otoh, but I am going to point mdeslaur at this too (who might have more up to date info) ^
<hallyn> cool, thanks.  yeah i just meant top of head.  if research is required i'll go read the code.
<kees> hallyn: my understanding is that the fuse perms are checked at the kernel level.
<kees> hallyn: I haven't though much about how that might behave with a container, though.
<kees> in _theory_, it should be fine, but I've never tested it
<hallyn> kees: oh i wasn't even thinking about uid translations over namespaces.  (that'll be my job :)
<hallyn> kees: I'm wondering how... 'rich' the API over /dev/fuse is.  Do you trust people who connect to it?
<hallyn> kees: or does it have a small, ilmited API that I can sort of trust
<hallyn> by 'do you trust people' i meant 'do you *have* to trust people'
<kees> hallyn: well, it's designed for non-root users, but I haven't spent any time auditing it.
<hallyn> kees: so it's world writeable usually?
<hallyn> so it is
<kees> hallyn: yes
<hallyn> so why would i worry about it
<hallyn> kees: thx :)
<kees> heh, np
<hallyn> of course,
<hallyn> i assume th kernel code checks uids.  but again that just means its up to me to clean that up when time comes
<hallyn> neaty
<hallyn> neato, even
<lifeless> \o/
<hallyn> gah, i *still* haven't asked for lxc upload perms
<hallyn> zul: can you help a brother out? :)
<hallyn> Daviey: still there?
<hallyn> Daviey: could you push http://people.canonical.com/~serge/lxc_0.7.4-0ubuntu11/lxc_0.7.4-0ubuntu11.dsc   for me?
<huats> hallyn, is it just uploading it ?
<huats> or do you need anything special on it ?
<huats> (well you mean to ubuntu just to be sure)
<huats> (I am asking if the great Daviey is not around)
<hallyn> huats: yeah, just uploading it
 * SpamapS shouts "CHOO CHOOO" after riding the sl train
#ubuntu-server 2011-06-23
<rickspencer3> robbiew, Daviey either of you guyses around?
<micahg> does the server install come with langpacks by default?
<rickspencer3> hey all, micahg is asking becuase of bug #800857
<uvirtbot> Launchpad bug 800857 in firefox "language packs pull in Firefox on upgrade" [High,In progress] https://launchpad.net/bugs/800857
<rickspencer3> basically, if you are running natty, and you have lang pack installed ....and you do a dist-upgrade
<rickspencer3> the result is that Firefox will get installed
<rickspencer3> it's a packaging bug that micahg has already fixed and is uploading the fix now
<rickspencer3> is this something we need to urgently let server users know about?
<rickspencer3> SpamapS, hey
<SpamapS> rickspencer3: howdy!
<rickspencer3> he SpamapS
<rickspencer3> I just wanted to draw your attention to this issue ^
 * SpamapS looks at the server seeds
<SpamapS> I don't see any direct dependency on it
<SpamapS> ii  language-selector-common 0.34.1                   Language selector for Ubuntu Linux
<SpamapS> Thats all I see on my natty servers
<micahg> SpamapS: there's no language-pack-* installed?
<SpamapS> micahg: no there's no need
<micahg> ok
<rickspencer3> SpamapS, I can't invite you to #ubuntu-mozillateam
<SpamapS> rickspencer3: I don't think its necessary
<rickspencer3> SpamapS, well, they are asking questions about server
<SpamapS> ah
<uvirtbot> New bug: #795500 in open-vm-tools (multiverse) "package open-vm-dkms 2011.03.28-387002-0ubuntu1.1 failed to install/upgrade: open-vm-tools kernel module failed to build" [Undecided,Incomplete] https://launchpad.net/bugs/795500
<dkn> getting /bin/sh: if-up: not found failed to bring up br0
<dkn> trying to get a bridge for kvm to run off of my bond 5 interfaces in
<dkn> http://pastebin.com/7PkiKeFu
<dkn> bah..... took out the pre-up if-up bond0 works great
<T3CHKOMMIE> hey all!
<lifeless> hallyn: SpamapS: so arch (and uname -m) reports x86_64 inside the i386 lxc
<lifeless> if you guys have ideas for fixing that (for example, running /sbin/init under linux32) that would be good
<hallyn> lifeless: yes, but go ahead and gcc a file that does sizeof(int)
<hallyn> lifeless: arch and uname -a use uname(2) output.  we can't forge that.
<hallyn> but you're running 32-bit, and compiling 32-bit apps
<lifeless> hallyn: man linux32
<lifeless> hallyn: we very much can forge uname output :)
<hallyn> jcool, guess that's how schroot does it
<hallyn> i see no reason why we can't have lxc-start run linux32
<hallyn> will have to see how it does it
<hallyn> lifeless: i'll hack that in tomorrow
<lifeless> would you like a bug report ?
<hallyn> lifeless: how about just a comment on the existing one?
<lifeless> sure
<hallyn> lifeless: thanks for the tip :)
<hallyn> somebody wasn't thinking
 * hallyn points at himself
<lifeless> commented
<hallyn> thx
<hallyn> does it really just set sys_personality?
<hallyn> guess i'll just do that
<Ursinha> lifeless is everywhere
<lifeless> hallyn: sudo lxc-start -n lucid-test-lp -d usr/bin/linux32 sbin/init
<lifeless> hallyn: gets me thr right arch when I then ssh into it ;)
<lifeless> Ursinha: hola :>
<hallyn> lifeless: exactly, except i thin ki'd prefer to use setarch manually
<hallyn> lifeless: i don't understand, though, why uname -a works then
<Ursinha> lifeless: hiya
<lifeless> hallyn: be my guest, I'm just hacking around till you catch up :>
<hallyn> in the kernel code, it doesn't look like it should work
<lifeless> hallyn: uname -a
<lifeless> Linux lucid-test-lp 2.6.38-9-generic #43-Ubuntu SMP Thu Apr 28 15:23:06 UTC 2011 i686 GNU/Linux
<hallyn> lifeless: right, and strace it and it just calls uname().  Which should just copy the uts_ns->utsname contents
<hallyn> now maybe glibc is helping out
 * lifeless is happy w/magic
<hallyn> heh
<lifeless> hallyn: oh yeah, where should I report the lxc-stop no working thing ?
<lifeless> I presume its the cgroup thing ?
<hallyn> lifeless: against lxc.  it's a cgroup thing, but a bug in lxc
<lifeless> new bug, or in the 'broken by cgroup' bug ?
<hallyn> what is the broken by cgroup bug?
<lifeless> https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/784093
<uvirtbot> Launchpad bug 784093 in lxc "lxc broken by cgroup-bin" [High,Confirmed]
<hallyn> yeah i think it's the same thing.  Just a different aspect of it.  What he describes inthe description would be worked around by SpamapS' config.
<hallyn> but it is that bug, just comment in there that lxc-stop doesn't work.
<lifeless> I have spamaps config
<hallyn> right
<lifeless> will do
<hallyn> thx
<hallyn> killing my client now, ttyl
<lifeless> ciao
<twb> It's not "broken"; the user just needs to mount ANOTHER cgroup with "lxc" instead of "none" as its source device
<twb> At least, that's my ten-second diagnosis
<twb> IIRC lxc looks through /proc/mounts for cgroup mountpoints, it picks the one called "lxc" or otherwise the first one it finds.
<hallyn> lifeless: do'h, that was easier than i thought, lxc already does the right thing, you just need 'lxc.arch = i686' in the config file.
<hallyn> will push that to ppa tomorrow.  gnight.
<twb> You do?
<twb> Pretty sure I'm not doing that
<lifeless> hallyn: ahha!
<lifeless> hallyn: thanks for digging
<airtonix> I installed samba4 package and it's missing the samba-tool to create new users in the samba4 active directory.
<queso> What's with the recent update to grub that requires you to say "Yes" to continue without installing grub in order to continue with the upgrade, when in fact, grub is installed and being upgraded?
<queso> (lucid)
<RoyK> how can I change the default shell in ubuntu?
<RoyK> not chsh, but the default used by useradd
<RoyK> erm - found it - /etc/default/useradd
<uvirtbot> New bug: #801098 in kvm (main) "Unable to create VM when .iso file is stored on external USB drive" [Undecided,New] https://launchpad.net/bugs/801098
<uvirtbot> New bug: #801115 in tomcat6 (main) "package tomcat6 6.0.28-10ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/801115
<ScottK> jamespage: I didn't do it this time since I didn't want to step on what you'd already done, but for bugs like 789810 where it's clearly a misconfigured system I tend to turn them into questions and follow-up that way.  It gets them off the bug list, but the user still gets help.
<jamespage> ScottK: that sounds like a good idea - I tend to subscribe to the bug just in case the user needs any help but that does sounds like a better method.
<ScottK> jamespage: It might be something to discuss at a server team meeting as a team 'best practice'.
<Daviey> ScottK: good thought..
<ScottK> Thanks.
<ScottK> I believe that a large fraction of server bugs are really support requests (even if the user filing them doesn't know this)
<Daviey> ScottK: The only issue could be, is the first response normally is "it looks like this, can you confirm?" <-- at that state, it could still be a bug.
<ScottK> Daviey: That's true for some things, but some like the postfix error 75 invalide hostname ones are clearly misconfigured systems.
<Daviey> ScottK: Yeah, that is true.  Or issues that are never going to get fixed at the distro level.
<Daviey> Or never going to be able to provide enough information to have a useful bug report.
<ScottK> In the case of 789810 it's also clearly a misconfigured system and the error log even tells you exactly how to fix it.
<Daviey> ScottK: BTW, Ursula is going to be doing some analysis on our bugs to help see where the issues are.  The idea of a 'best pratice' is a great one.
<ScottK> Getting SpamapS to do his work item on the postfix exit 75 bug pattern would be a help...
<Daviey> ScottK: what are your thoughts on things like bug 800651?
<uvirtbot> Launchpad bug 800651 in virt-manager "Failed to create new machine" [Undecided,New] https://launchpad.net/bugs/800651
<Daviey> err, wrong one
<Daviey> bug 795500, rather
<uvirtbot> Launchpad bug 795500 in open-vm-tools "package open-vm-dkms 2011.03.28-387002-0ubuntu1.1 failed to install/upgrade: open-vm-tools kernel module failed to build" [Undecided,Incomplete] https://launchpad.net/bugs/795500
<ScottK> Daviey: You're kinder than I am.  I'd have marked that one invalid since it's not an Ubuntu kernel and so he's doing something unsupported.
<ScottK> Daviey: Who's Ursula?
<Daviey> ScottK: From the Launchpad QA team, joining ~ubuntu-server.
<ScottK> Oh.  I didn't know.
<ScottK> (you all picked the one day a week I'm pretty reliably offline and in $work meetings for the server team meeting)
<Daviey> ScottK: it hasn't  been announced yet. *oops*.
<ScottK> ;-)
<Daviey> ScottK: The meeting time and date is more of a problem than ever before, as those that have to be there are on a wider TZ split than previous cycles.
<ScottK> Yep.
<Daviey> And near the begining of the week IMO, is better - as there is still time to work on stuff before people forget over the weekend :)
<ScottK> Since I'm kind of in the middle of the split, time is less of an issue for me than the day.
<Daviey> Although, if it enables more people to attend - the idea of rotating days wouldn't hurt so much.
<Daviey> Perhaps Tue/Wed rotation.
<ScottK> I'm not sure what's best.
<ScottK> Rotation can (equally) confuse people and cause them to miss the meeting.
<Daviey> true.
<ScottK> I'm not pushing to have it changed for my sake.  I know whatever day/time is picked will be bad for someone.
<Daviey> ScottK: Well trying to be as accomodating to everyone.
<ScottK> Sure.  I appreciate that.
<uvirtbot> New bug: #801123 in openssh (main) "sshd init script does not use the option "--pidfile"" [Undecided,New] https://launchpad.net/bugs/801123
<zul> morning
<zul> jdstrand: i am going to put up the new libvirt for you so you can have a look at this libvirt problem that im having (newer libvirt) if that is ok
<th0mz> how could i get the cpu utilisation of modules please ? (kernel space, not user land/procss)
<Daviey> hey zul
<patdk-wk> th0mz, build a profiling kernel?
<th0mz> patdk-wk: like with systemtap ?
<th0mz> somebody point me this link
<patdk-wk> dunno :)
<patdk-wk> it's been like a decade since I last cared to do it
<th0mz> erf
<th0mz> oki ;)
<jdstrand> zul: joy
<zul> jdstrand: exactly
<jdstrand> zul: where is it
<zul> jdstrand: ~chucks/libvirt on chinstrap
<z3ro> hello everyone
<z3ro> anyone can help me ?
<Pici> Ask a question, potentially get an anwer.
<Pici> answer even.
<z3ro> i already have install ids
<z3ro> how can i alert that ids alert file automatic..
<z3ro> means..
<z3ro> if i use ehco command..
<z3ro> where need i put that file to autorun everytime alerts detect
<hallyn> Daviey: hey
<hallyn> Daviey: can you push http://people.canonical.com/~serge/lxc_0.7.4-0ubuntu11/lxc_0.7.4-0ubuntu11.dsc  for me?
<hallyn> In return, I promise, within the next month, to apply for upload rights to the server set :)
<stgraber> Daviey, hallyn: uploaded
<hallyn> stgraber: thanks!
<stgraber> np, and yes, apply for PPU :)
<hallyn> stgraber: haha, now i dn't have to apply for upload rights?  :-)
<hallyn> zounds!
<hallyn> hm, no zul
<hallyn> is he out looting or something?
<stgraber> :)
<stgraber> you just had to mention his nick for him to appear
<hallyn> lol
<hallyn> irc is not race-free it seems
<hallyn> zul: when I get the tempalte stuff straightened out, i'm gonna have to look into poweroff with lxcguest not always working.  I think we're overmounting under /var again.  (you needed that for libvirt or something)
<hallyn> zul: so i'm just sayin', if you have a few minutse where you're bored and want to look, feel free.  Else I'll get to it.  Should probably open a bug
<zul> hallyn: i didnt think i have a problem with but i havent tested recently
<hallyn> zul: it was sporadically happening for meyesterday, but it's possible the laptop was just objecting to stress
<zul> hallyn: ah ok
<hallyn> SpamapS: ok, I think I"m going to add '-t [debootstrap|uec]' to the lxc-ubuntu template and pull in your lxc-natty-uec stuff
<hallyn> so long as you're nto doing any special post-processing, this should be fine
<jdstrand> hallyn: may I ask what you are referring to? (the stress thing)
<stgraber> hallyn: I was wondering, can't we just ship with a generic lxc-ubuntu template script and have symlinks for the various versions? then we can just check $0 to know what $dist to use
<hallyn> jdstrand: once in awhile yesterday, when I did 'poweroff' in a container, it wouldn't shut off, i'd have to lxc-stop it.
<jdstrand> I see
<hallyn> stgraber: that's waht i have now :)  check lxc-users mailing list, or ppa:serge-hallyn/lxc-natty,
<stgraber> hallyn: nice!
<hallyn> jdstrand: i didn't have time to watch the pattern, was creating containers like mad,
<jdstrand> hallyn: I hit that infuriating guest instability bug yesterday
<jdstrand> hallyn: (kvm)
<hallyn> jdstrand: oh, in kvm?
<hallyn> man
<jdstrand> hallyn: and thought you started hitting it
<hallyn> wish we could get to the bottom of that
<jdstrand> yes
<hallyn> no
<hallyn> i've never had it
<jdstrand> anytime I go on wireless, boom. though it has happened other times, that is a very easy trigger here
<hallyn> stgraber: code is at https://code.launchpad.net/~serge-hallyn/ubuntu/oneiric/lxc/update-templates fwiw
<uvirtbot> New bug: #801187 in openssh (main) "should use GTK3" [Low,Confirmed] https://launchpad.net/bugs/801187
<hallyn> jdstrand: remind me, you've reproduced this with qemu.git ?
<hallyn> If so, I"d say we should pull in aliguori and Avi
<hallyn> out for a bit, bbl
<jdstrand> hallyn: not qemu.git. I am currently still on natty
<jbwiv> guys, is there any sort of centralized mgmt tool for ubuntu-server akin to Red Hat's spacewalk? (spacewalk.redhat.com)
<zul> jbwiv: have a look at http://landscape.canonical.com
<jdstrand> zul: fyi, I can reproduce the libvirt issue. what is happening is the dynamic profile isn't being created
<jdstrand> zul: I don't know why yet
<zul> jdstrand: cool
<zul> jdstrand: good im not going crazy then
<jdstrand> well, that isn't the word I would use
<zul> jdstrand: heh
<jbwiv> zul: was hoping for something open source ;-) any idea what pricing landscape has?
<zul> jbwiv: no check the website
<jbwiv> zul, yes, did. no pricing listed. I'll contact them. thx
<altice> quick question about TFTPD if no one is busy?
<jbwiv> altice, don't ask to ask ;)
<altice> haha, sry, just being polite
<altice> anyways
<altice> so i loaded up xinet and TFTPD and the client, and can turn up xinet services (I have made the tftp file in the xinet dir to turn on tftpd server), however.......I cannot get it to actually turn up or work?
<altice> followed a tutorial online
<altice> also, if I do a "netstat -anp" I can see that socket 69 has been opened.....so, not quite sure where that leaves me to T-shoot the prob
<altice> anyone have any ideas? or feel like pointing me to some reading material that an obvious google search has not given me?
<altice> @jbwiv ; looks like everyone is busy hmm?
<jbwiv> altice, busy, or not sure of the answer ;)
<altice> nahhh, I'm sure someone knows. I'm sure it's something silly I'm doing like in the tftp server config file or something
<altice> oh well, I'll try another room :) someone msg me if you have any thoughts on it
<altice> thanks all
<Zajjko> Just upgraded from 10.10 to 11.04 and now the system halts during boot (during or after Stopping System V runlevel compatibility)
<Zajjko> I never get an <OK> prompt on that line
<Zajjko> Starting grub-loader, booting to rescue-mode and choosing resume normal boot works though
<simstim> hi! im looking for some help installing a usb nic to server 11.04
<patdk-wk> open computer, shove into slot, turn computer on, use nic
<patdk-wk> oh usb :)
<simstim> lol :3
<patdk-wk> shove in slot, hope linux has drivers for it :)
<patdk-wk> what model?
<simstim> lemme check...
<simstim> its a cisco linksys. not totally sure on the exact model?
<patdk-wk> exact model helps
<simstim> i'll search it
<patdk-wk> it doesn't say on it?
<patdk-wk> I have a very old one at home
<simstim> usb300m. not much more than that :\
<patdk-wk> that the new/current one
<simstim> pretty sure
<simstim> i think it saw it when it asked to which if to config during intsall, but i dont know how to access it from there
<patdk-wk> it should just work
<simstim> since its usb, will it not show up in ifconfig?
<patdk-wk> only active ones show up I think by default
<patdk-wk> what does lsusb show?
<simstim> the usual linux ports, then...
<simstim> port005: uniclass tech
<patdk-wk> grep eth /var/log/messages
<simstim> no such directory
<patdk-wk> heh?
<simstim> there is no log directory in var
<patdk-wk> logs?
<patdk-wk> grep eth /var/logs/messages
<patdk-wk> na it's log
<patdk-wk> what is wrong with your system?
<simstim> i dont know D:
<simstim> its a fresh install of 11.04 so i havent done anything to it yet
<simstim> there were more entries on lsusb, should i post them too?
<patdk-wk> lsusb | pastebinit
<patdk-wk> will do it
<patdk-wk> assuming you have pastebinit installed
<simstim> im not on the serv atm, i have to roll back and forth from it :x
<simstim> thet other entires were from asix electronics and genesys logic. 2.0 usb 4 port hub
<simstim> oh, that asix is the one i think
<jdstrand> zul: I think I found the commit that broke stuff
<zul> jdstrand: oh? url
<jdstrand> zul: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=12317957ecd6c37a2fb16275dcdeeacfe25c517e#patch9
<jdstrand> zul: problem is, it is a redesign issue
<jdstrand> zul: so I need to dig in more
<jdstrand> (ie, it isn't something we could just revert)
<zul> jdstrand: cool thanks
<stgraber> zul: hey! I just noticed bug 801259
<uvirtbot> Launchpad bug 801259 in python-lockfile "[MIR] python-lockfile" [Undecided,New] https://launchpad.net/bugs/801259
<stgraber> zul: a bit weird as the package is already in main :)
<zul> stgraber: yep
<stgraber> zul: I had it promoted for LTSP: bug 686045
<uvirtbot> Launchpad bug 686045 in python-lockfile "[MIR] python-lockfile" [Undecided,Fix released] https://launchpad.net/bugs/686045
<zul> doh!
<stgraber> so apparently you did all the paperwork for nothing ;)
<jetole> Hey guys. Does anyone know if there is a way to specify interface order in /etc/network/interfaces for which devices will be brought up first and brought down first? I'm asking because I am putting a bridge on a vlan on a bond and therefor the bridge needs to come up first and the vlans needs to come up second and then the two bridges need to be brought up
<RoyK> jetole: have you tried with the standard config?
<RoyK> if that doesn't work, I guess not marking them as "auto" might be the thing, and then upping them manually in a separate script later
<warzauwynn> jetole: from "man interfaces": "ifup brings  the  named  interfaces up in the order listed"
<warzauwynn> http://manpages.ubuntu.com/manpages/hardy/man5/interfaces.5.html
<SpamapS> jetole: have you looked at ifenslave ?
<SpamapS> jetole: its specific purpose is to handle complicated bonding configurations.
<jetole> RoyK, warzauwynn and SpamapS: thanks.
<jetole> warzauwynn: I didn't realize it brought up the interfaces in the order listed so that is great to know
<jetole> SpamapS: yes I have to use ifenslave for bonding but I'm not sure how that would related to which order the interfaces are brought up or it would have anything to do with bridging and vlans
<warzauwynn> jetole: me neither, but that's the beauty of google.  http://www.google.com/search?q=ubuntu+interfaces+order
<SpamapS> jetole: hrm, you're right, its not useful for bridges.. I just lumped all those wwords into 'bonding' in my head..
<SpamapS> jetole: from 'man interfaces'  "ifup brings the named interâ faces up in the order listed.
<SpamapS> hahahaha
 * SpamapS reads backwards
<SpamapS> warzauwynn: well done :-P
<warzauwynn> :D
<Daviey> lynxman: Regarding -stomp, were you looking at removing the hard coded paths?
<Daviey> (and using the unversioned symlink?)
<lynxman> Daviey: yeah, apart from trying to make it build properly
<lynxman> Daviey: the unversioned symlink is by far not a problem though :)
<Daviey> lynxman: Are you happy to carry on, or wanna push a branch with what you have?
<lynxman> Daviey: I think we got it almost hammered now
<jetole> SpamapS: yeah thats what warzauwynn mentioned but I didn't realize. I have read that man page a handful of times but not any time recently. I didn't remember ever seeing that and didn't think to read it again which was a mistake on my part so sorry guys
<Daviey> lynxman: rocking
<lynxman> Daviey: now the packages are there, but erlang client fails :)
<Daviey> lynxman: erland is overated. :)
<lynxman> Daviey: deffo
<Daviey> erlanG even more so
<lynxman> Daviey: yeah I don't know who that Erland guy is :D
<Daviey> :)
<zul> erlang is over rated
<zleslie> Hi
<zleslie> So I am trying to get natty to pxe, which I have done for all other versions without issue, but for some reason, when I go through the install from the pxe images, the system fails to boot.
<zleslie> I thought it might be my preseed or something has changed with preseed between maverick and natty, but I also did a manual install using the pxe images and the system is still failing to boot after manual install
<zleslie> Anyone know if I am overlooking something simple here?
<zleslie> Seems odd, since I have been able to do this without issue on older versions of ubuntu
<zleslie> I got the images from mirrors.kernel.org
<zleslie> Hmm,
<zleslie> dead channel?
<hallyn> is there a rackspace irc channel?
<hallyn> hm, there is
<jdstrand> zul: ok, after discussing with upstream, I have a preliminary patch
<jdstrand> zul: I'm going to have to test it and have them review it
<zul> jdstrand: ack
<jdstrand> zul: so it is going to be a while
<zul> jdstrand: no worries
<jdstrand> zul: they reorganized things in an incompatible way with the apparmor driver
<zul> hah
<uvirtbot> New bug: #660428 in nova (universe) "nova-objectstore start errors after install" [Medium,Fix released] https://launchpad.net/bugs/660428
<mbrinson> Anyone have any good resources online (Google hasn't turned up anything useful for me) for troubleshooting boot issues for ubuntu?  I'm doing a standard server install with software raid1 (set up following the official ubuntu docs) and I am unable to boot after getting past the grub boot screen.  It proceeds to a black screen and then after another 20 seconds or so the monitor enters standby mode (amber light)
<mbrinson> Forgot to mention - 11.04
<mbrinson> and x64  (on an asus TS100-E6
<uvirtbot> New bug: #801338 in amavisd-new (main) "package amavisd-new-postfix 1:2.6.5-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/801338
<mbrinson> I actually just attempted SSH connection to it and I am able to connect.  So it does look to be just an issue with the vga output.
<mbrinson> I'm just really surprised to discover that because I figured there wouldn't be any vga issues because I'm just at runlevel3 (no gui launched)
<mbrinson> I guess I'll go google a bit on that.
<mbrinson> Wow, IRC is useful.
<mbrinson> Is anyone alive in here?
<mbrinson> Anyone else had experience installing ubuntu on an asus ts100-e6 server system?
<mbrinson> It's installed sucessfully, but then after getting past the grub boot screen I get no vga output.  Black screen.  I am able to SSH into the box.
<hallyn> stgraber: this is getting comical.  i'm about to have to send out a patch 5/2
<hallyn> yay, finally got it all working again.
<hallyn> now on to cgroups-bin
<luite> is there an easy way to install a package and its dependencies in some directory? (so that it can be used in a chroot. It shouldn't be a complete install)
<stgraber> hallyn: hehe :)
<SpamapS> http://ftp-master.debian.org/new/mysql-5.5_5.5.13-1.html
<SpamapS> So... close... :-D
<lifeless> -8 ?
<lynxman> RoAkSoAx: ping
#ubuntu-server 2011-06-24
<ujjain> is there an ubuntu server netinstall?
<SpamapS> ujjain: yes!
<ujjain> SpamapS: mini.iso?
<SpamapS> ujjain: https://help.ubuntu.com/community/Installation/Netboot
<SpamapS> ujjain: also if you need to do more than 1 or 2, you can use Orchestra
<SpamapS> ujjain: but thats only barely available in 11.04, and really slated for "awesomeness" in 11.10
<ujjain> I don't use tftp.
<ujjain> hehe, Ubuntu is realy getting pretty awesome even for servers
<SpamapS> ujjain: if you can put physical media in, you may want the minimal.iso
<ujjain> I'l l use the mini.iso, it's just a testserver anyway
<ujjain> let's just hope I don't have a GUI
<ujjain> k, that went wrong I think ^^
<dhon_> hi all, does anyone know of a way to kill an active TCP socket? I'm trying to test what happens when a client connection drops out
<SpamapS> dhon_: iptables can simulate it
<dhon_> from the command line that is (not within the app)
<dhon_> SpamapS: I haven't used iptables before, could you elaborate?
<SpamapS> dhon_: well you could make it drop packets or refuse connections..
<dhon_> SpamapS: do you know if it will apply to active connections, or only future ones?
<SpamapS> dhon_: its very low level, you can add/remove rules
<SpamapS> dhon_: what exactly are you trying to test though?
<SpamapS> dhon_: sounds to me like what you want to do is something like   iptables -I INPUT -p tcp -s remote-host --port 44444 -j DROP
<dhon_> I have a service that opens a TCP socket to a server (my service is a client here)
<dhon_> after some long period, my services is not communicating with the server anymore
<dhon_> I would like to test if the connection being dropped produces similar results, as it's not generating any helpful log messages
<SpamapS> yeah, iptables (a firewall, btw) would be useful for that
<dhon_> SpamapS: cool thanks, I'll read up on that iptables command
<dhon_> SpamapS: sounds like what I want
<dhon_> one more thing, will I need to reverse that command in the future to reallow connections again?
<SpamapS> dhon_: yes
<dhon_> just replace -A with -D?
<SpamapS> yep
<dhon_> oh sorry, not using -A
<SpamapS> note that I used -I .. to put it at the top
<dhon_> I see, thanks for the help SpamapS
<uvirtbot> New bug: #801375 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/801375
<tucemiux> hey what logs should I be checking on my server ?
<joeylockie>  hello am seting up a server mostly for my family to use and am planing on instailing the server with a full desktop environments (which one yet i dont know) but in order to do this do I need to install any of the preedefind collections of software in the server installer? or is it possable to istall them (if I fiond out I need them) later?
<Datz> joeylockie: the main difference between the server and desktop install is the kernel as far as I know.
<Datz> So you may just want to go with the Desktop verison
<Datz> that way you won't have to install the desktop environment
<joeylockie> in the desktop am I ablo=e to add apahice and what not easyly?
<Datz> yes
<Datz> more easily if you are not familiar with the command line
<joeylockie> ok I will look into that thanks
<twb> While you *can* set up a desktop on your server, it is not recommended
<ntoombs> qman__: you there?
<ntoombs> does this forum help with routers?
<ntoombs> i've configured my ubuntu server to connect to my router with a static ip address
<ntoombs> however when i go into my router and check for attached devices i see my server but it has a different ip address
<ntoombs> it's not even in the same range
<ntoombs> my router is 192.168.2.1
<ntoombs> and the device showingup is 192.168.254.115
<ntoombs> i have my server set to 192.168.2.119
<ntoombs> i did at one time however have my server's static ip address set to 192.168.254.115 awhile back but i don't know how that could have been stored anywhere on my server so i'm assuming its a problem with my router
<ntoombs> or with my modem which is now in briged mode
<ntoombs> does anyone think they could help with this problem?
<jkup> Sup
<jvargas> hello. a quick question, are there identified issues or considerations to run ubuntu servers under hyper-v virtualization platform?
<jamespage> Daviey: please can you give me an opinion on bug 801038
<uvirtbot> Launchpad bug 801038 in libvirt "libvirt-bin can not check the correct status of libvirtd " [Undecided,Invalid] https://launchpad.net/bugs/801038
<Daviey> looking
<jamespage> ta
<Daviey> jamespage: I don't think this is something that will be addressed in Ubuntu.  I agree that libvirtd should check for an existing process, and exit gracefully.
<Daviey> I would consider it wishlist and confirmed.
<Daviey> I'm not sure i see the overwhelming concern tho :/
<jamespage> that was my  thinking; it would be possible to put a check into the upstart config tho
<jamespage> but I agree its a bit of an edge case
<jamespage> marked as so
<Daviey> jamespage: Yeah, just for reference checked to see what apache2 does in the same situation
<Daviey> It is better handled.. as in the pid is tracked.
<jamespage> It would make a nice server papercut some someone to work on
<Daviey> jamespage: good thinking!
<uvirtbot> New bug: #727342 in open-vm-tools (multiverse) "FFE: open-vm-tools kernel module failed to build" [Critical,Fix released] https://launchpad.net/bugs/727342
 * RoyK += 0xc0ffee
<uvirtbot> New bug: #801496 in postfix (main) "postfix postmulti cannot open dynamicmaps.cf" [Undecided,New] https://launchpad.net/bugs/801496
<uvirtbot> New bug: #801501 in nova (universe) "[MIR] nova" [Undecided,Incomplete] https://launchpad.net/bugs/801501
<Ursinha> good morning people
<jamespage> morning Ursinha
<sommer1> Woo, Friday!
<hallyn> Daviey: regarding MIR for 'gpxe or ipxe' - note that ipxe is now in debian.  Can we just sync that?
<hallyn> Daviey: also, I don't understand why I don't show up on http://status.ubuntu.com/ubuntu-oneiric/group/topic-oneiric-server-overview.html
<Daviey> hallyn: are you in ~ubuntu-server?
<hallyn> ?
<hallyn> Daviey: what do you mean?
<Daviey> hallyn: so gpxe or ipxe is tricky... I've left that one for now, because ipxe is a fork.. and a better one IMO... but we need to make sure.
<Daviey> hallyn: the ~ubuntu-server launchpad group
<hallyn> oh
<hallyn> pretty sure
<Daviey> hallyn: i just added you
<Daviey> but that might not be the cause
<hallyn> debian went with ipxe, and was hung a long time on the gpxe ITP, so it seems like we should follow them.
<hallyn> mind you i've not looked at the source at all
<Daviey> hallyn: so the -overview topic isn't yet complete.  I think it is still missing some blueprints.
<Daviey> hallyn: I'd prefer ipxe i think... especially as it is already a build dep of xen in main! :)
<Daviey> but zul added support for gpxe in cobbler.
<Daviey> So zul probabyl needs to update to ipxe for that to proceed.
<zul> Daviey: yeah probably
<hallyn> since ipxe is a fork, that shouldn't be too hard to port right?
<zul> nah
<zul> vi s/ipxe/gpxe/g :)
<hallyn> Daviey: anyway, my prodding on the overview page was just bc I don't see any place where I was assigned to MIRs.  Not that I mind, I'd like to get lxc working with cgroup-bin today :)
<Daviey> hallyn: Hmm
<hallyn> so if ipxe is in debian, does a simple sync request suffice, or do we need an MIR still to get it into ubuntu?
<Daviey> hallyn: is http://status.ubuntu.com/ubuntu-oneiric/u/serge-hallyn.html of use?
<hallyn> Daviey: yeah I recon
<hallyn> feh
<hallyn> (feh @ MIRs I see there :)
<Daviey> hallyn: Are they ok?
<hallyn> odd that i apparently am not on the team
<Daviey> hallyn: you are not leaving Ubuntu are you? :)
<hallyn> Daviey: not that i know of :)  i'll let you know if iget an email later
<hallyn> Daviey: well, they are in sid it seems.  So I guess it should be less than an hour (i hope) which hopefully is less time than i'll have left after finishing with cgroups :)
<hallyn> "I'm this close"  -- lol
<hallyn> you know what'd be nice?  a nice beefy amd box with huge disk, so I can test kvm bugs in a nested kvm environment
<Daviey> hallyn: That can probably happen
<hallyn> ?
<Daviey> hallyn: access to a big box.
<hallyn> davieylabs?
<Daviey> lol
<hallyn> :)  really, i pay amazon and rackspace for hosting, but they don't have what i need.  you'd think someone would...
<Daviey> hallyn: yes... someone probably does... but someone needs to check their pm's :)
<hallyn> Daviey: trying a new client, and it errs the opposite way from quassel
<hallyn> can't find th eright balance between too few and too many notifications
<Daviey> lol
<RoyK> rotfl - just went by the oracle.com store, and they're offering 'MySQL Standard Edition Subscription (1-4 socket server) (1 Year)' for just $2000 a year...
<patdk-wk> much better than oracle pricing
 * RoyK goes to Sahara and sets up a bazar selling sand
<omidp> can anyone help me with this page ? https://help.ubuntu.com/community/Xen
<slhsen> hi, I have a pc with 4  500G sata hard disk. can i install ubuntu-server on one of them and create a raid 5 array on other tree?
<patdk-wk> if you wanted too
<slhsen> by the way i'm talking about software raid
<mncl-core> if you wanted to, you could indeed
<patdk-wk> or you could make all 4 of them a raid5, and install ubuntu on them
<mncl-core> or you could make all of them raid-10 and get that extra performance;
<patdk-wk> mncl-core, not really
<patdk-wk> 4 disk raid10 vs raid5 is really the same
<mncl-core> patdk-wk: how so
<slhsen> mncl-core, and loose some disk space right?
<patdk-wk> raid5 will beat it in fact
<mncl-core> patdk-wk: i would like to disagree with that statement. and in fact you also gain extra redundancy
<|rt|> raid5 will likely be slower at writes...but otherwise I'd expect them to be similar in speed
<patdk-wk> only extreemly small random writes
<slhsen> ok another question, lets say I created a raid 5 array with all four disks. and my os became unbootable somehow, will i still be recover my data?
<mncl-core> rt: true, but to state that RAID-5 will beat RAID-10 in fact, is completely false.
<slhsen> *able to recover
<patdk-wk> the statement that raid10 will beat raid5 is false also
<|rt|> mncl-core: without context of a workload I don't think you can make claims that any raid level is faster than any other raid level
<patdk-wk> slhsen, you recover it the same way you would recover anything else
<mncl-core> rt: the context was stated that he is attempting to Software RAID, or RAID 4x 500GB Hard Disks
<mncl-core> my statement was simple, that he could use RAID-10 and he would get extra performance.
<mncl-core> which is technically accurate.
<|rt|> given enough disks if your only task is serving files over a 1 or 2 GBit links then at some point it doesn't matter...from a performance point of view
<mncl-core> rt: ahhh very true; but on a technical perspective, there would be a performance gain in other operations; e.g. installing packages, OS Operations, and so on..
<patdk-wk> given my workload, reads and writes of 50-100mb files, raid10 makes no sense, it's slow
<patdk-wk> given my database, yes, raid10
<slhsen> patdk-wk, yeah but, if I save one disk for system, i think i can just install os again and my data will be there
<patdk-wk> given an olap store, raid10 is kind of pointless
<|rt|> mncl-core: but with 4 drives I think they are about equal...you'll start to see a larger difference as the number of drives increases....and if your workload is sufficiently random
<patdk-wk> slhsen you could do that anyways
<slhsen> how so
<patdk-wk> just run the installer
<patdk-wk> it should notice yo uhave raid setup
<mncl-core> rt: i have benchmarked extensively RAID-10, true that workload must be considered and increase of disks. but it remains that even with 4x Disks the performance is increased.
<mncl-core> plus the extra redundancy aspect
<mncl-core> should be considered
<|rt|> on my server here (hardware raid with 12 drives) I did a ton of benchmarks trying to decide between raid 10 and raid 6...at the end of the day the difference was 1GB/s vs 700MB/s
<mncl-core> rt: well i have several RAID-10 SANs for ESX Clusters and I also had a hard time deciding between RAID-6 and 10
<|rt|> I decided to go with RAID6 and get the slightly better data protection and storage at the cost of the 300MB/s
<mncl-core> but ultimately RAID-10 destroyed RAID-5 and 6
<patdk-wk> the issue with raid5 has always been what happens when a disk is dead
<patdk-wk> not how it performes when it's 100% functional
<mncl-core> mind you i am using 24x WD Blacks
<|rt|> yeah the difference in Mean Time between Data Loss of raid 5 and raid6 and raid10 is hugh
<mncl-core> and real adaptec raid controllers
<|rt|> huge
<|rt|> RAID10 rebuild times are the fastest and a dead drive impacts it the least though
<patdk-wk> if my san grows anymore
<patdk-wk> I'm going switch it from raid10 to raid 51
<patdk-wk> hmm, maybe that would be raid15 :)
<patdk-wk> a raid5 of many raid1's
<mncl-core> it should also be considered that the more drives you had, the greater probability for simultaneous drive failures.
<patdk-wk> ya, raid15 or raid150
<|rt|> some of the zfs based NAS/SAN solutions are pretty nice...like Nexenta
<|rt|> ssd cache devices really speeds them up too
<mncl-core> rt: cool find. will look into more, looks interesting. have been using openfiler for a while now
<|rt|> a good number of the ex solaris devs work for Nexenta now
<mncl-core> very cool, seems like it is well maintained and supports emulex targets
<|rt|> some of the gluster stuff intrigues me too...but it's a very different approach
<mncl-core> gluster is a very cool product
<mncl-core> reliable, and when you mix it with an openqrm environment, things can get very interesting
<uvirtbot> New bug: #801626 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/801626
<uvirtbot> New bug: #801641 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/801641
<zul> hggdh: hey did you get anywhere with bsdtar yet
<tarrasch> I want my Ubuntu Server to always run a program (in my case a webserver), preferably as a seperate user. So whats the easiest way to add ever-running services?
<patdk-wk> normally, the normal way, and let the service change uid itself
<tarrasch> Basically the service should fire up by itself at startup, and I should be able to restart it when the server is up.
<tarrasch> so i use my own user that starts a program that switches to another user and keeps running the program I intended?
<patdk-wk> hmm, root starts programs at startup
<tarrasch> oh ok
<patdk-wk> and no, normally the program itself that you start, switchs itself
<patdk-wk> if it doesn't, I might have issues with it's lack of security
<tarrasch> I know my server already startsup apache, I guess I want something very similiar for myself only for my own webserver
<patdk-wk> well, apache config file you set the user and group name
<patdk-wk> once it gets started, it changes itself
<patdk-wk> that is what your program should do
<tarrasch> patdk-wk, you mean that the webserver Ive written (not me really) should at its initialization switch to a dedicated user?
<patdk-wk> not at initialization, but normally after that
<patdk-wk> cause normally they want to bind to port 80, or read ssl keys, that need root
<tarrasch> hmm, I'm gonna run at port 3000+, that doesnt need root, no?
<patdk-wk> no, ports <1024 need root
<tarrasch> I'll let my apache-server reverseproxy to the other web-server running at 3000
<tarrasch> And I've run the server "manually" myself succesfully as my own user (not root); and it works fine. Now I only need to "autorun" my program at startup etc.
<tarrasch> since my progrma is simple I won't need root. Is there a simplified process for setting up services that don't need any root?
<patdk-wk> guess use su then to start it
<patdk-wk> su some-user -s someprogram
<patdk-wk> maybe?
<patdk-wk> such a hack :)
<tarrasch> Sounds great, though I still would like to 1. startup as the system boots up. 2. be able to restart it while running. Any ideas?
<tarrasch> I've noticed the 'services' functionality, it seems good though a bit much work to setup something quite simple
<tarrasch> 'su designated_user -s /my/web/server' Seems to work otherwise
<x404x> How to replace a failed drive on a 3ware 9500 controller ?
<x404x> I want it to recognize the drive on the same port the bad one uses
<patdk-wk> disconnect old drive
<patdk-wk> plug in new drive
<patdk-wk> tell 9500 to use new drive as hotspare?
<hggdh> zul: not yet, but I finished witht the kernels for this week; I will get back to it now
<zul> hggdh: cool
<qman__> I'm having a problem with SSH and key authentication
<qman__> for the purpose of making tunnels, I have one user on an SSH server, and multiple clients, each with their own key to authenticate as said user
<qman__> this worked great until recently when I started adding more clients, and it's rejecting my keys
<qman__> what configuration do I need to make on the SSH server to allow more concurrent connections with different keys as the same user?
<hggdh> zul: I do not see many options -- why was this link created, in the first place? It wasn't there before A1
<zul> hggdh: no idea
<hggdh> who would know?
<zul> cjwatson: maybe
<hggdh> s langasek says the link can be there, as far as ISO is concerned
<qman__> ah, nevermind, it was a permission issue buried underneath that
<Aison> funny, how do I install ubuntu server on a HP DataVault X510 ;)  there's no screen
<Aison> maybe I should install the harddrive on a desktop machine and then plug it into the hp device?
<uvirtbot> New bug: #801718 in krb5 (main) "kpropd -S -P <port> fails to use specified port" [Undecided,New] https://launchpad.net/bugs/801718
<uvirtbot> New bug: #801729 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/801729
<maco> i just installed mysql-server on my lucid server. i gave it a nice long complicated root password, which i copied and pasted from keepass. then i tried to login with "mysql -u root -p" and pasted in the same nice long complicated root password for mysql...and it keeps giving me denied
<mncl-core> of course
<mncl-core> keypass is greate
<maco> is it possible there is some parse-fail going on with the nice long complicated password?
<mncl-core> but you cannot use special characters
<maco> there we go
<mncl-core> and you cannot use 25 characters' common mistake i've done many times before
<maco> so how special are they allowed to be?
<mncl-core> go with upper-lower-num 18 characters
<maco> or is it alphanumeric only?
<maco> ok
<maco> thanks
<maco> i frequently wish keepass had a "kinda special" and a "really special" checkbox, for those sites that allow @#$%^&*() but not ` " ' Â£
<wmoxam> I can't seem to find xfs_freeze in Oneiric
<wmoxam> is it moved to a package?
<wmoxam> nm
<wmoxam> found it
<RoAkSoAx> zul: ping?
<RoAkSoAx> SpamapS: you might be able to help me.. does it make any sense to tell dh_install init to install the script with defaults, but disabled? (so that daemon never starts on boot unless otherwise specified?)
<uvirtbot> New bug: #801761 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/801761
<SpamapS> RoAkSoAx: it should use some method *in the script* to be disabled
<SpamapS> RoAkSoAx: like checking /etc/default/xxxx
<SpamapS> RoAkSoAx: it should still run, but not start
 * SpamapS prepares to leave for the airport
<cjwatson> hggdh: what link is this?
<cjwatson> oh, I see on #ubuntu-release, bah @ conversations across multiple channels
<lcb> hi. any good phone answering system for 11.04 server? just in case someone knows...
#ubuntu-server 2011-06-25
<Deathray> Hi does someone here have a couple of minutes to assist me with a problem I've been having lately with my LAMP server in the EC2 cloud?
<Deathray> It can or can not be simple, but since I am a Linux amateur I do not know how to start.
<Amivit> Sorry i'm deathray, but got disconnected if someone answered me.
<warzauwynn> Amivit: best to just state your problem, not ask for help.  that way somebody can answer if they know the answer.
<Amivit> Ok, well, I have an ubuntu-server instance running in the Amazon ec2 cloud, functioning as a LAMP with very default setup (used tasksel and made very few changes). Once or twice a week the server rejects all connections through everything, including ssh and the actual webserver. I can see in the AWS control panel that the CPU is topping at 100%, and my fix is to force a reboot on the instance. But i'm a bit unsure how to f
<Amivit> ind the cause since I can't even SSH into the instance when it's in that state, which is why I was hoping for some guidance here :)
<Amivit> Worst part is that i monitor it with cloudkick which sends me a text whenever it goes offline and recovers again, so sometimes I can wake up and my phone is completely crashed because the inbox is filled with thousands of these texts :P
<adam_g> Amivit: what version of ubuntu? and which kernel version?
<jmarsden> Amivit: Unless you are running thousands of these instances (in which case you are not a beginner!), why do you get thousands of messages per outage?  That suggests you have misconfigured the monitoring tool.  You should get ONE message when an instance becomes unresponsive, and ONE when it comes back.
<Amivit> jmarsden: Yes I do, but I guess since the cpu is stuck at 100% it occasionaly responds which is why I receive so many messages, anyway that is a minor issue which I obviously fixed my changing the way cloudkick notifies me. adam_g let me check :)
<jmarsden> <Amivit> Worst part is ... now you say "that is a minor issue" ... make your mind up :)  I was responding about the thing you said was the worst part...
<Amivit> Ah yeah it was more of a joke since I found it quite funny my old LG crashed because of it.. Im more concerned about my viewers not able to see my blog :)
<jmarsden> Amivit: OK.  if you keep an ssh session open to the server running top -d 10    you would perhaps see what was using the CPU when it became unresponsive?  Or you can use sar from the sysystat package to get some statistics on CPU use, etc.
<tarzxvf> Amivit, or install something like munin to get a global overview of your system during this events
<jmarsden> Or a cron job running evern 5 minutes that does  ps axuww >>/var/log/mylog.txt    or similar, so you can read that log later and see what processes were using all the CPU...
<jmarsden> Lots of possibilities :)
<mrroth_> Is thier any type of premade appliance database /web frontend program  were you can keep a record of how you went (the steps) to fix a problem (trouble,shoot) (like observe problem firsthand) and (document  each step).
<jmarsden> mrroth_: In a sense, every bug tracker or issue tracker app does that.  You could use every blog app to do it too, if you wanted...
<mrroth_> oh I wanted something for sysadmin, but yea a blog app may do
<mrroth_> I have trouble explaning what I did from step a to z
<mrroth_> and if the problem ever happens againI waste time, becuase I never documented, or no one ever did if they had suchproblem.
<tarzxvf> mrroth_ , i think a wiki could handle this
<jmarsden> For a sysadmin,  a set of text files can handle this :) :)
<tarzxvf> Lots of possibilities :)
<mrroth_> thanks
<mrroth_> yea
<mrroth_> just email me what I did
<mrroth_> or make my tickets more clear
<mrroth_> I useally use the ticket system only for billing purposes
<Jasonn> I have an install error when I try to install openvps-as on my server, http://pastebin.ubuntu.com/632102/
<jeeves> why is my bind server giving me this?  "error (unexpected RCODE REFUSED) resolving "
<jeeves_moss> how can I setup SSL on a MySQL server on non native networks?
<MACscr> i just upgraded an ubuntu 8.04 lts xen guest to 10.4 lts and rebooted. This error mean anything to any of ya? http://pastebin.com/4SCYFHg1
<MACscr> i think it might be the migration of grub to grub2, but im not 100% sure how to fix it since i cant use a live cd on it. I can mount the file system on the xen host, but its a centos system, so i cant run grub-pc and grub-common on it
<MACscr> my theory could be completely wrong as well
<jmarsden> Ok, so you have:   ERROR Invalid kernel: xc_dom_probe_bzimage_kernel: kernel is not a bzImage
<jmarsden> So... is that file really a bzImage kernel?  What does   file /boot/vmlinuz-2.6.24-28-xen   say?
<MACscr> vmlinuz-2.6.24-28-xen: gzip compressed data, from Unix, last modified: Fri Feb 11 13:32:43 2011, max compression
<jmarsden> zgip compressed, not bzImage.  So there you go.
<MACscr> right, but where the heck is it specifying a bzimage
<jmarsden> The stock Ubuntu kernels are bzImages... I don't know who told it to expect one...
<MACscr> im confused. These would have just be installed by apt during the upgrade
<jmarsden> So maybe the normal Ubuntu kernels are bzImage files and the -xen ones are not??
<MACscr> i have another system running 10.4, but they are 32 bit and running pae kernels
<jmarsden> I'm not familiar with Xen, I'm just trying to work backwards from the error message you saw.
<jmarsden> If you run file /boot/whatever on those, are those kernels bzImage files?
<jmarsden> I'm running a 10.04 amd64 desktop here and it definitely does have a bzImage kernel:   /boot/vmlinuz-2.6.32-32-generic: Linux kernel x86 boot executable bzImage, version 2.6.32-32-generic (buildd@allsp, RO-rootFS, root_dev 0x6801, swap_dev 0x3, Normal VGA
<MACscr> vmlinuz-2.6.32-22-generic-pae: Linux kernel x86 boot executable bzImage, version 2.6.32-22-generic-pae (buildd@p, RO-rootFS, root_dev 0x6801, swap_dev 0x3, Normal VGA
<jmarsden> Yup.  bzImage is there.
<MACscr> hmm, so how should i go about getting this new ones? what all files do i need to get for the new kernel?
<jmarsden> So the question becomes, why did your upgrade somehow (apparently!) install you a non-bzImage kernel?  Does xen do anything funny and run guest kernels from somewhere outside the guest filesystem?
<jmarsden> I think your issue may be in some way xen-related, and I know almost nothing about Xen, unfortunately.
<MACscr> jmarsden: im running a setup (its common) that allows guests to run their own kernels, so no idea why it flaked like this.
<jmarsden> Um.  Wait.  You are booting the old 8.04.3 kernel
<jmarsden> Line 28 of your pastebin: Booting 'Ubuntu 8.04.3 LTS, kernel 2.6.24-28-xen'
<MACscr> i dont have a newer xen kernel though in my /boot
<MACscr> hmm
<MACscr> very odd
<jmarsden> Lucid kernels are 2.6.32 or so...
<MACscr> yeah, i have the xen-server kernels in there, but not just -xen
<jmarsden> Is it possible Lucid dropped xen support somehow, and you need to create your own -xen kernel for it??
<jmarsden> MACscr: Is https://help.ubuntu.com/community/Xen#Ubuntu%27s%20Support%20of%20Xen   relevant?
<jmarsden> I need to go to bed, but hopefully something I've said will turn out to be useful :)
<MACscr> jmarsden: not relevant. Thanks though.
<mncl-node> good night all :)
<mncl-node> i have an iptable/ perhaps proxy question
<Everglades> hi
<Everglades> does anybody know how to install apache + mysql + php >_<?
<dutchie11> during intital install it will ask if you want a web server otherwise you will need to use sudo apt-get install
<Everglades> not really
<Everglades> :/
<Syria> Hello! I have Ubuntu 10.04 installed on my vps, but the server is not sending any emails! how can i fix this pelase?
<julian> install an mta?
<julian> .o(or start paying a real admin to do stuff for you)
<Syria> o.0
<Syria> I am a real admin but i am not a professional one. :(
<Syria> ?
<luite> probably read some postfix howto on the community documentation site :)
<luite> email is imho one of the more tricky services to get right unless you have really basic needs
<Syria> luite:  Thank you, I will read about that thing called postfix.
<Syria> Scary!!
<Syria> luite:  Installing postfix on my vpx solved the problem all I had to do is choosing "Internet Site" thank you very much. :D
<luite> are you using your isp's (or gmail or something) servers to receive mail?
<shauno> Syria: I'd really recommend working thru the documentation to understand what you've just done.  I have a similar setup, and it's hit by people trying to use it to relay spam on a near-constant basis
<Syria> shauno:  I need it because i have a wordpress blog and it is not sending emails or notifications.
<shauno> I'm not saying don't do it; just take a few minutes more to make sure it's not available as an open relay to spammers
<Syria> shauno:  thank you, I will take this into consideration i did not know about that.
<Syria> I don't want to help spammers. :( I hate what they do.
<shauno> that sounded grumpier than it needed to, but I think 'internet site' is a full inbound+outbound setup :/
<RoyK> anyone that knows a tool to extract i-frames from a video?
<qman__> shauno, the default postfix "internet site" config allows relay from localnets only
<qman__> which is pretty much exactly what you want in your own network, but on a remote host, could be an issue
<shauno> sounds like a sane start, but still overkill for a machine that only wants php to beable to mail outbound
<_torn> hi, when I apt-get install php5 it also grabs and tries to start up apache
<_torn> i'm already using nginx, how can i delete/  stop this from happening?
<SpamapS> _torn: php5 pulls in libapache2-mod-php5 by default
<SpamapS> _torn: if you want to use it with nginx, install php5-fpm
<SpamapS> _torn: the 'php5' package is just a "metapackage"
<nobitanobi> Hello.  I've installed lamp-server in Ubuntu 11.04, but when trying to access to a php file, instead of that the browser gives me the php file to download..
<jmarsden> nobitanobi: And the file is under /var/www/ somewhere?
<nobitanobi> jmarsden: apparently the mod_php was not well installed.
<nobitanobi> thanks
<jmarsden> nobitanobi: You're welcome :)
<nobitanobi> jmarsden: is it a good strategy to create symlinks from /var/www to a folder where I have write permissions?
<nobitanobi> so I don't have to keep writting in /var/www as root
<jmarsden> nobitanobi: You can create sites as needed underneath /var/www that have the permissions you need, say /var/www/nobitanobi/ and configure them as sites for your apache to serve up.
<nobitanobi> ok
<jmarsden> Symlinks.... well, it should work, but it's one more layer of indirection for every page apache serves up...
<qman__> doing it with symlinks is risky, you'd be better off creating additional websites in the user's home
<nobitanobi> I will do the jmarsden solution then
<nobitanobi> creating those folders and configuring them
<qman__> good plan
<nobitanobi> thanks guys
<nobitanobi> the idea is creating a folder where my user can write
<nobitanobi> right?
<nobitanobi> but to make apache able to serve the contents, what is needed to do?
<qman__> www-data needs read and possibly execute permission
<qman__> best plan is to chown youruser:www-data
<nobitanobi> by default
<nobitanobi> there is an index.html
<nobitanobi> and it is like this: -rw-r--r--  1 root root  178 2011-06-25 19:01 index.html
<nobitanobi> so it's root and not www-data
<qman__> yes, but notice it has world-read
<qman__> so www-data can read it
<qman__> as can everyone else
<qman__> in order for apache to serve a page, it must be able to read it, and apache runs as www-data
<nobitanobi> ah I see
<nobitanobi> I usually get confused with users and groups
<nobitanobi> but I see I should be the owner, and the group should be www-data
<qman__> doesn't have to be, but it's a good setup
<qman__> that way if you want you can remove permissions to everyone on a file
<qman__> most of the time not needed, but leaves that option open
<qman__> and seeing files owned by www-data reminds you that they are visible though the web
<nobitanobi> :)
<nobitanobi> you are a good teacher
<nobitanobi> thanks
<ejat> hi .. is there any package available for bind-sdb for ubuntu?
<jmarsden> ejat: I think not, there is a maintenance issue: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=118715
<uvirtbot> Debian bug 118715 in bind9 "bind9: LDAP backend" [Wishlist,Open]
<ejat> owh .. that one with ldap ..
<ejat> i mean for sdb with postgresql ? is there any ?
<ejat> means .. anyone doing the patch with it ..
<uvirtbot> New bug: #802016 in dovecot (main) "package mail-stack-delivery (not installed) failed to install/upgrade: subprocess installed post-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/802016
<uvirtbot> New bug: #802034 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: el subprocÃ©s s'ha instaÅlat el script post-installation retornÃ  el codi d'eixida d'error 75" [Undecided,New] https://launchpad.net/bugs/802034
<keyboardtalk> How do I mount or connect to a network drive?
#ubuntu-server 2011-06-26
<nibalizer> i just want to say that i think the ubuntu server documentation is pretty sweet
<nibalizer> its not exhaustive or tells you exactly how to set up/tune services
<nibalizer> but its really nice to have a page or two per service on how to get running in ubuntu
<nibalizer> so thanks!
<pmatulis> nibalizer: you can climb aboard and contribute to the docs as well!
<nibalizer> theres an idea!
<malev> hi folks!
<malev> I'm having big issues with my server, I have a wordpress blog and when I try to access it, it offers me to download a .php file. any ideas where to start searching?
<patdk-lap> at your webserver and php
<ChmEarl> malev, /etc/apache2/mods-enabled/dir.conf:          DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm
<malev> Chm I have this
<patdk-lap> directory index wouldn't matter at all
<malev> ChmEarl, I have that
<ChmEarl> malev, sorry that is for dir
<malev> np
<patdk-lap> it's just that his webserver doesn't know about php
<patdk-lap> and there are hundreds of different ways to configuer php with a webserver
<ChmEarl> malev, dpkg-reconfigure libapache2-mod-php5
<ChmEarl> guessing that might help
<malev> /usr/sbin/dpkg-reconfigure: libapache2-mod-php5 is broken or not fully installed
<malev> :(
<malev> I'm going to grab a bite, brb
<ChmEarl> ;)
<ChmEarl> malev, echo "<?php phpinfo(); phpinfo(INFO_MODULES); ?>" > /var/www/html/test.php
<ChmEarl> whatever top level dir you setup
<ChmEarl> if you go as far as installing wordpress before you test php, its too late to isolate the problem
<ChmEarl> in your browser: http://localhost/test.php
<malev> ChmEarl, nice idea! I'm gonna test it right now!
<qman__> malev, sudo apt-get -f install
<qman__> your mod php is broken according to that
<malev> qman__, I'm pretty sure about it. I'm gonna try to make it work
<Fastmover> so i got this cloud
<Fastmover> well not really yet, but my nc isn't giving me any resources in - euca-describe-availability-zones verbose
<Fastmover> i've unregistered cc and nc many times now
<Fastmover> and reregistered
<Fastmover> any ideas?
<Glaxi> Hi, Pathin
<Syria> Hello there, Could you please tell me how to protect a folder located in /var/www/folder-to-be-protected in my site with a user name and password? using .htaccess probably?
<Syria> Could you guys please help me with this? http://www.cyberciti.biz/faq/howto-setup-apache-password-protect-directory-with-htaccess-file/
<Syria> :(
<Alfafa> whois Daviey
<Alfafa> Daviey: Hey :)
<airtonix> you shouldn't ask questions when you're angry
<RoyK> airtonix: ?
<airtonix> just sayn
<RoyK> to anyone in particular?
<sp00fz> anyone built hp proliant g4 server with sata disks?
<RoyK> sp00fz: I have a few proliant servers running ubuntu, if that's the question
<RoyK> anything from G2 and up
<sp00fz> i was wondering if there is any chance to install sata disk instead of sas?
<sp00fz> lets say g3 or g4, which raid card do you need?
<RoyK> depends on the HBA, but I'm using SATA drives on several SAS controllers
<RoyK> just try
<RoyK> normally, SATA drives work on SAS controllers, but SAS drives won't work on SATA controllers
<sp00fz> actually i am buying server, but don't wanna spent my whole fortune for sas drives this is why i am asking
<RoyK> as I said, SATA drives should work on a SAS controller, but not the other way around
<RoyK> if in doubt, ask the seller
<sp00fz> but they dont work on scsi, do they?
<RoyK> SCSI is a completely different interface
<RoyK> as in parallel scsi
<sp00fz> aha, ok thank you very much for your help RoyK, much appreciated
<RoyK> np
<ChmEarl> if I drop an IP via iptables rule, does it get logged.. which log?
<RoyK> ChmEarl: if you use -j LOG, it does
<RoyK> man iptables
<Ursinha> hello people :)
<Ursinha> anyone in Dublin already?
<io> Ursinha: is there something you need help with?
<Daviey> Ursinha: on the coach atm.
<Ursinha> io: not really, just looking for my team mates
<io> Ursinha: oh sorry! :-)
<Ursinha> io: ah, no problem :)
<Ursinha> I need to rest as jetlag melted my brain L/
<Ursinha> :/
<Ursinha> see you tomorrow :)
<uvirtbot> New bug: #802270 in exim4 (main) "package exim4-config 4.69-11ubuntu4.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/802270
#ubuntu-server 2012-06-18
<harushimo> if I setup a samba share on my desktop and I want to acces that on my virtual machine, how would I do that?
<TransX2> soren, I've done a few things already like setup my linux server, forwarded port 80 to my servers local ip, and setup a subdomain.domain with my external ip. The problem is the domain doesn't work and I can only access my server through my external ip. Anybody have any idea what I did wrong?
<TransX2> *So
<TransX2> Sorry soren, didn't mean to tab you...
<TransX2> noone around?
<uvirtbot> New bug: #1003326 in nmap (main) "nmap lacks full IPv6 support: IPv6 hosts incorrectly reported down" [Wishlist,Triaged] https://launchpad.net/bugs/1003326
<riz0n> Hi, I am having an issue with Ubuntu 12.04 and postfix. I mv'd master.cf and main.cf and then run sudo dkpg-reconfigure postfix ... got it up and running. Dovecot IMAP is letting me login fine, but postfix is saying: "None of the authentication methods supported by this client are supported by your server." Can someone help me track down the problem wih postfix and get it running properly?
<ScottK> riz0n: The ubuntu server guide has a good discussion about that.  I'd read up on setting up SMTP auth there and see if that helps.
<martas> hi ppl, have a question.. i need to set up rsyslog to log messages from specific host to specific dir.. it seems i made some mistake.. file and directory was created, but no messages in there.. any tip or clue how exactly set up this thing?
<uvirtbot> New bug: #1014565 in nagios3 (main) "Sync nagios3 3.4.1-1 (main) from Debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/1014565
<martas> i'm using this syntax from documentation: if $fromhost-ip startswith '192.0.1.' then /var/log/network1.log     & ~        but still i'm getting syntax error... any advice?
<StevenR_> martas: which documentation?
<StevenR_> martas: that just looks wrong
<martas> StevenR_:  http://www.rsyslog.com/storing-messages-from-a-remote-system-into-a-specific-file/
<StevenR_> martas: pastebin your config file
<martas> StevenR_: ok.. sec..
<martas> StevenR_: http://pastebin.com/nD3zqJ9K
<rbasak> Should bug 1014044 be an SRU candidate for precise? I'm not sure.
<uvirtbot> Launchpad bug 1014044 in php5 "PHP5-FPM not reporting errors to web server (nginx)" [Medium,Triaged] https://launchpad.net/bugs/1014044
<StevenR_> martas: are you sure "isequal" is valid? Maybe try == ?
<StevenR_> martas: though actually, you just might need to move it to around line 57
<rbasak> Looks like quite a bit of work though. Quantal would have to carry a delta too. Might be best to skip it given there's a workaround.
<martas> StevenR_: interesting... it works now... after move... hmmm thx man
<StevenR_> martas: there were some other rules before 57 to do with users, setup, ports, etc... those needed to be read first
<martas> StevenR_: ok.. i was wrong.. i thought according to manual that it should be after allowing TCP input
<feisar> hi, what's the recommended way to connect a headless ubuntu server to a wireless network?
<onekenthomas> ssh?
<rbasak> feisar: /etc/network/interfaces? See /usr/share/doc/wpasupplicant/README.Debian.gz
<rbasak> The recommended way would be to use a wired NIC for a server of course :)
<feisar> rbasak: thanks, so a combination of /etc/network/interfaces and wpasupplicant?
<rbasak> feisar: that's what I would do. Note that you just need the wpasupplicant package installed. Then your entire configuration can be in /etc/network/interfaces without calling wpa_supplicant directly or anything like that. Nice and clean.
<feisar> rbasak: oh great stuff, cheers : )
<hallyn> stgraber: any comment on the last comment in bugs 928524 and 231060 ?
<uvirtbot> Launchpad bug 928524 in lxc "lxcbr0 fails to come up when dnsmasq is installed" [Undecided,Fix committed] https://launchpad.net/bugs/928524
<uvirtbot> Launchpad bug 231060 in dnsmasq "packages dnsmasq and libvirt-bin conflict with each other" [Low,Confirmed] https://launchpad.net/bugs/231060
<uvirtbot> New bug: #977458 in swift (main) "Version skew  with glance in Precise" [Undecided,Fix released] https://launchpad.net/bugs/977458
<uvirtbot> New bug: #978033 in swift (main) "FFE for swift 1.4.8" [Undecided,Fix released] https://launchpad.net/bugs/978033
<hallyn> zul: /lastlog hallyn 10
<hallyn> oops
<hallyn> hm.  been awhile since using irssi.  trying to recall...
<hallyn> oh well.
<zul> use a sane client like bitchx :)
<hallyn> zul: are you going to have time to test the qemu-kvm from my ppa this morning?
<hallyn> zul: if i switch i'll switch back to sic :)
<zul> hallyn: if i can test it this afternoon
<stgraber> hallyn: commented. I believe this change will fix systems that are currently broken, so even though dnsmasq's behaviour will indeed slightly change, it'll still be a lot better than what we have now
<hallyn> zul: thanks.  (if you won't be able to pls let me know and i'll push what i have)
<zul> hallyn: ok
<hallyn> stgraber: but that's the definition of a regression right?  it'll fix a few broken systems, but risk breaking currently workign systems?
<hallyn> is it inappropriate for sru then?
<hallyn> if my wireless nic comes up late, will dnsmasq not find it?
<hallyn> of course right on call we get another dup (bug 1014576)
<uvirtbot> Launchpad bug 1014576 in libvirt "package libvirt-bin 0.9.8-2ubuntu17.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1014576
<stgraber> hallyn: I don't think it risks breaking currently working systems as systems don't currently work when dnsmasq and lxc are installed
<hallyn> oops, that's not a dup, nm
<hallyn> ah, right
<stgraber> hallyn: and for systems that don't have lxc installed won't be affected, neither will these that have lxc installed but not dnsmasq
<hallyn> dnsmasq isn't soon going to be enabled by default everywhere?
<hallyn> i'm sorry, i'm too fuzzy on our dns plans
<stgraber> no, we have dnsmasq-base installed everywhere, not dnsmasq itself
<stgraber> dnsmasq-base gives you the dnsmasq binary that you have to spawn manually, dnsmasq gives you the daemon that's breaking with lxc
<stgraber> and when calling dnsmasq directly (like NM, lxc, libvirt, ... do), it's not parsing /etc/dnsmasq.d, so there won't be a change of behaviour for these
<stgraber> the change of behaviour will only be for these that explicitly install the daemon
<hallyn> stgraber: thanks
<hallyn> stgraber: for premounting cgroups, I think that's best done with a lxc.hook.mount script.  (so i'm going to mark it blocked;  i intend to put a hooks patch into our package in a few days if there's no upstream feedback)
<hallyn> shout if you disagree
<hallyn> right now i'm going to make an uptreamable apparmor patch
<hallyn> hm, but i so wanna do the userns patch
<stgraber> hallyn: that's for premounting the right subset of the cgroup filesystem to allow for nested containers while not letting the container change its own cgroup, right?
<hallyn> right
<hallyn> it needs to be a script to allow for flexibility in mounted cgroups
<hallyn> and has to be done after /sys is mounted
<stgraber> right, I guess I'll have to write an lxc-with-nesting.conf template in /etc/lxc/ to use my custom apparmor profile and use that hook, sounds like it'll work as a good example of how to tweak your containers :)
<zul> Daviey/jamepage: what are we tagging MIR bugs with again?
<Daviey> zul: we don't...
<zul> i thought we did
<Daviey> zul: it needs to be a package which has a  ~ubuntu-server package subscription, and ~ubuntu-mir subscribed to the bug
<rbasak> hey zul
<rbasak> zul: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/82853/comments/26 - any reason why we can't build slapd-smbk5pwd now that heimdal is in main?
<uvirtbot> Launchpad bug 82853 in openldap2.3 "Add support for the smbk5pwd overlay" [Unknown,Fix released]
<zul> rbasak: not that i know of
<Daviey> rbasak: I thought that one was assigned to dendro-afk
<Daviey> hah, he was removed.
<zul> Daviey: ack...another one for your radar:  bug #1014657
<uvirtbot> Launchpad bug 1014657 in python-glanceclient "[MIR] python-glanceclient" [Undecided,New] https://launchpad.net/bugs/1014657
<zul> rbasak: in fact i dont see why our openldap package has to be so specialized either compared to debian
<Daviey> Matthias :)
<Daviey> zul: can you comment what work you did for that MIR so far?
<zul> Daviey: subsscribed ubuntu-server, subscribed ubuntu-mir, check deps
<rbasak> zul: well you did the merge :-)
<zul> rbasak: well yes
<uvirtbot> New bug: #1014673 in php5 (main) "package libapache2-mod-php5 5.3.10-1ubuntu3.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 Installed Apache2, mysql-server, php5 and phpmyadmin. PHP didn't work so I tried installing apache2-mod-php5" [Undecided,New] https://launchpad.net/bugs/1014673
<zul> bdmurray: ping when you are around
<bdmurray> zul: hi
<zul> bdmurray: sorry to bug you about this but can you approve nova we would like users to get testing with the new snapshots
<bdmurray> zul: its fine, I'm really not comfortable with some of these bugs that have "Test Case: none" in them
<zul> bdmurray: so if something that we cant test what should i put in there then?
<bdmurray> zul: could you explain how bug 967931 is not testable?
<uvirtbot> Launchpad bug 967931 in nova "[SRU] killfilter should handle updated/deleted executables" [Undecided,In progress] https://launchpad.net/bugs/967931
<zul> bdmurray: hmm...we can run the testsuite for that bug
<zul> bdmurray: updated
<bdmurray> zul: and in bug 975043 there is a comment that this is not supported out of the box but how does that make it untestable?
<uvirtbot> Launchpad bug 975043 in nova "[SRU] Cloudpipe VPN instance can loose connectivity after starting openvpn" [Undecided,In progress] https://launchpad.net/bugs/975043
<zul> bdmurray: we dont have any documentation about it on ubuntu
<zul> bdmurray: its a feature that we dont support really
<bdmurray> zul: then why are you SRU'ing it?
<zul> bdmurray: because its apart of the snapshot that got inherited by upstream
<roasted> hello!
<Daviey> bdmurray: ey
<Daviey> Hey*
<roasted> I was tinkering with a few different web services on my server... apache, nginx, etc... I think I goofed cause now I want to revert everything back to a fresh apache install.
<roasted> When I install it, it doesn't generate anything in /var/www lke yout ypically expect.
<bdmurray> Daviey: Hi
<Daviey> bdmurray: So.. What we are trying to do is.. Have significant involvement in the upstream stable trees (zul and myself are both reviewers.)
<Daviey> bdmurray: Push any Ubuntu fixes back to upstream where we can
<Daviey> Do significant CI testing at both upstream and distro level
<Daviey> bdmurray: Then take a whole snapshot, and SRU it.
<Daviey> (including fixes that don't impact Ubuntu.. but crucially, do not regress either)
<bdmurray> Daviey: I'm the new guy here but taking a whole snapshot and SRU'ing it sounds like a "micro release" to me and would fall under the micro release exceptions category
<bdmurray> https://wiki.ubuntu.com/StableReleaseUpdates#Special_Cases
<zul> yeah we are working towards that
<Daviey> bdmurray: we submitted for one :)
<uvirtbot> New bug: #1014698 in squid3 (main) "package squid3 3.1.19-1ubuntu3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/1014698
<uvirtbot> New bug: #1014695 in grub (main) "need some mechanism to support /boot/grub/menu.lst and pv-grub" [Undecided,New] https://launchpad.net/bugs/1014695
<Daviey> (context https://lists.ubuntu.com/archives/ubuntu-devel/2011-November/034509.html)
<Daviey> bdmurray: and https://lists.ubuntu.com/archives/technical-board/2011-November/001142.html
<hallyn> stgraber: d'oh, I see that src/lxc/conf.h is already #including stdbool.h - so I can clean that bit of the lxcapi code up (to use real 'bool' instead of an int).  I'll wait though until I hear more from you about the python bit, unless you say now is a good time
<stgraber> hallyn: the python bits are mostly done but it's extremely easy to rebase on any change you do, so go ahead
<stgraber> hallyn: also, can you fix the lxc.h/lxccontainer.h situation? IIRC you said that lxc/lxc.h should give me the lxc_container struct, but that's not currently the case, I need lxccontainer.h which isn't in the lxc-dev package by default :)
<stgraber> hallyn: IIRC from what I did on Friday, python-lxc covers everything except for the variable arguments of start() that I still need to write magic to parse/cast and send to start() (with all the fun memory management stuff ;))
<hallyn> stgraber: ok, lemme wrap up my apparmor bits as they are and i'll fix the api (or break it completely, depending on what sort of week this is gonna be)
<stgraber> hallyn: ;)
<mdeslaur> hehe
<zul> hallyn: where is the qemu-kvm stuff?
<stgraber> hallyn: when you're done moving things in the lxcwithapi branch, I'll work on a lxc test package (not called lxc2 this time) that bundles the API changes and the python module, so it can easily be tested by highvoltage and the others who want to test the python stuff
<hallyn> zul: ppa:serge-hallyn/virt
<hallyn> stgraber: awesome, thanks
<SpamapS> can somebody who is an admin for ubuntu-server please add a bug subscription to mysql-5.5?
<zul> SpamapS: done
<SpamapS> zul: thanks
<SpamapS> zul	maybe make me an admin too? :)
<TheLordOfTime> lol?
<TheLordOfTime> SpamapS:  any idea when/if php 5.4.x is going to be included into Ubuntu?
<SpamapS> TheLordOfTime: I actually intend to figure that out this week
<SpamapS> TheLordOfTime: I *think* we'll be following everybody else's lead and dropping Suhosin
<SpamapS> TheLordOfTime: so as soon as we ACK that, it will be includedASAP
<TheLordOfTime> wonderful
<TheLordOfTime> lol, damn, i joined #ubuntu-bugs-announce and my ZNC autodetached me from the channel because of flood... XD
<zul> SpamapS:  i dunno about that
<SpamapS> zul: what's the matter Colonel Sanders, chicken?
<zul> SpamapS:  i dont want you to crazy with power
<rbasak> While we're talking about php, is bug 1014044 something that we need to fix and/or SRU? Since the web dev community is pretty big on ubuntu server I thought it might be useful to them. But we'd have to carry a delta for it until a fix filters through.
<uvirtbot> Launchpad bug 1014044 in php5 "PHP5-FPM not reporting errors to web server (nginx)" [Medium,Triaged] https://launchpad.net/bugs/1014044
<TheLordOfTime> uvirtbot:  that's not a bug
<uvirtbot> TheLordOfTime: Error: "that's" is not a valid command.
<TheLordOfTime> erm
<TheLordOfTime> rbasak:  that's not a bug...
<TheLordOfTime> rbasak:  in nginx, you have to have proxy_intercept_errors
<TheLordOfTime> or...
<TheLordOfTime> have php show errors
<TheLordOfTime> (turn on show errors in the conf)
<rbasak> Apparently php has to write the errors to the right place
<rbasak> And upstream have committed a fix
<TheLordOfTime> rbasak:  which errors in particular are you talking about
<TheLordOfTime> like 500s?
<TheLordOfTime> 403s?
<TheLordOfTime> etc.
<TheLordOfTime> HTTP status codes need proxy_intercept_errors on in the site config
<rbasak> I assume PHP level errors. I'm just going by the bug, which I marked as Triaged as there's an upstream bug and fix
<rbasak> (and commit)
<TheLordOfTime> PHP specific errors are a different issue
 * TheLordOfTime looks at the bug
<TheLordOfTime> that distinction needs to be made, see my latest comment
<TheLordOfTime> if they mean HTTP status codes, there's a workaround, if they mean PHP errors, well...
<TheLordOfTime> if there's a regression in the package in the repos that's bad, but the PPA maintained by the NGINX team correctly displays PHP errors in the errors log file
<TheLordOfTime> so... *shrugs*
<SpamapS> rbasak: looks like a fairly hefty, but straight forward change
<TheLordOfTime> (PPA for nginx)
<adam_g> anyone else having problems with dnsmasq's DHCP on quantal?
<TheLordOfTime> SpamapS:  if you'd like i'll patch and push the debdiff for that patch
<TheLordOfTime> i'm in need of stuff to do xD
<rbasak> SpamapS: yeah. I was just thinking that ubuntu server in general is a very friendly web dev environment, including PHP newbies. And not all of them would find an error logging workaround. So wondering about SRU, though not sure
<SpamapS> rbasak: right. I'm not sure I understand the impact of not having that fetaure, but I do think its just that.. a feature.
<TheLordOfTime> SpamapS:  question for you then, would that bug be a wishlist type bug?
<SpamapS> not necessarily
<rbasak> So as far as I understand the impact, it is that a developer will get confused by not getting PHP error logs. There is a workaround, which is to log to a separate file.
<TheLordOfTime> SpamapS:  i'm in agreement with rbasak, as a developer having PHP log to the error.log file is useful
<rbasak> I'm not that clear on what sort of error logs though.
 * TheLordOfTime has errors in PHP all the time and sees them in error.log
<SpamapS> hrm, whats the default error logging config though? Shouldn't PHP be logging errors on the server they're happening on, not via nginx?
<rbasak> (now that TheLordOfTime has pointed that out)
<TheLordOfTime> rbasak:  hence the comment on the bug
<TheLordOfTime> clarification is required
<rbasak> Yep, understood
<TheLordOfTime> 500 errors and 502 errors should show up in error.log with context
<TheLordOfTime> 403s won't
<TheLordOfTime> s/won't/shouldn't necessarily/
<TheLordOfTime> rbasak:  was this filed against precise?
 * TheLordOfTime sees a blatant lack of information about which version of Ubuntu this occurred in
<rbasak> Yes
<hallyn> stgraber: i *think* the bzr tree should be all set
<rbasak> "Since updating Ubuntu" to 12.04 and "Using php5-fpm version: 5.3.10-1ubuntu3.1"
<TheLordOfTime> i wish these things were filed against the actual version of the OS, rather than just the source package in [devRelease]
<TheLordOfTime> s/version of the/version of the package in the correct/
<rbasak> That would be really awkward for the development version, which is where most bugs are worked on
<TheLordOfTime> *shrugs*
 * TheLordOfTime prefers the security bugs
<TheLordOfTime> where *all* the versions of a package get tagged (CVEs)
<TheLordOfTime> helps me figure out where to pull from for source when making debdiffs :P
<zul> php is genrally evil for those who do not know
<rbasak> :-)
<rbasak> I avoid it too, but I also understand that a ton of web developers use ubuntu server so it would make sense to keep it in good shape :)
<TheLordOfTime> zul:  +1
<TheLordOfTime> well, that and tagging the bugs with the actual release...
 * TheLordOfTime tends to look at tags when seeing bugs, since 'precise' or 'lucid' seem to be autotagged on bugs when using ubuntu-bug, which most bugs in nginx get filed with
<zul> hallyn: seems to launch instances ok
<rbasak> There was a good article on this: http://me.veekun.com/blog/2012/04/09/php-a-fractal-of-bad-design/
<stgraber> hallyn: cool. Will have a look after lunch.
<zul> well lamp stacks without the p is lam and that is one letter away from lame
<SpamapS> rbasak: that article is just whining about the realities of evolution  IMO
<SpamapS> There is no "design" in PHP. It evolves in the direction its users want it to
<SpamapS> frustrating to those who want things all neat and tidy
<hallyn> zul: great, thanks
<TheLordOfTime> SpamapS:  should i get started on debdiffs for php with the upstream patch?  or do you want me to wait on getting a debdiff ready
<rbasak> EOD
<TheLordOfTime> :P
<SpamapS> TheLordOfTime: I don't think its that critical. It will arrive via upstream fixes..
<TheLordOfTime> wonderful, i can take something off of my to do list :P
<SpamapS> By all means do it if you want to
<TheLordOfTime> SpamapS:  considering its either make the debdiff or sit at the office waiting for a Microsoft tech to respond to an email, i'd rather make the debdiff xD
<SpamapS> But perhaps hold off anyway, since I want to see if we can get 5.4 merged soon
<TheLordOfTime> indeed
<TheLordOfTime> i'd *love* to see 5.4 merged :P
<TheLordOfTime> (considering i have at least one patch in there)
<zul> SpamapS: 5.4 on precise?
<SpamapS> no
<zul> ok you got me scared for a sec
<GeminiDomino> (12.04 64-bit) Okay, I've got a RAID1 swap partition that seems to have me locked into a mutually exclusive charlie-foxtrot here.  The device was "removed" but can't be re-added even though it's already added but... *gets dizzy and just throws up the pastebin* http://pastebin.com/raw.php?i=Kv4jNF6g
<RoyK> GeminiDomino: did you try to --zero-superblock it?
<GeminiDomino> I didn't want to do that until I got someone who knew what they were talking about to suggest that it might not be a Very Bad Idea (TM) :)  Can I zero it and add it as a spare like it says, then make it active?
<RoyK> just zero the first few megabytes or so and try to add it
<GeminiDomino> okay
<RoyK> better add it as a full member than a spare, since a spare won't have much of a function without redundancy
<RoyK> as in 'hey, that drive crashed, let me take over, huh, from where can I copy the data? ....'
<GeminiDomino> It said that zeroing the superblock would add it as a spare, but when I did so, it worked, then immediately rebuilt.
<GeminiDomino> So it seems I'm good to go. Molto Grazie
<RoyK> :)
<axisys> configure: error: no acceptable C compiler found in $PATH
<axisys> what pkg to install to get gcc?
<axisys> build-essential?
<RoyK> yep
<axisys> RoyK: thanks
<uvirtbot> New bug: #1014773 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 5" [Undecided,New] https://launchpad.net/bugs/1014773
<adam_g> zul: fyi im working on getting the folsom-on-precise stuff built and deployed on there atm. ive hit some dnsmasq/nova-network bug /w folsom-on-quantal and really want to be able to check it on precise first
<zul> which dnsmasq bug? the vlan one?
<adam_g> zul: might be related but AFAICS something different. instances get no OFFERs
<zul> adam_g: try the dnsmasq from proposed
<adam_g> zul: quantal-proposed?
<adam_g> ive only hit it only quantal atm
<adam_g> as soon as i get these folsom/precise deploys going i can test on P
<zul> adam_g: k ill leave you alont then ;)
<reisi> what is the runlevel recovery -boot menu items go, and what is the default runlevel on normal boot entries?
<adam_g> jamespage: still around?
<fraterm> I'd like to set up bridged networking with a virutal machine running on ubuntu(through kvm).
<fraterm> I've got 2 IP addresses, but only one nic.  I have gotten to the point where I have a bridge device set up manually.
<RoyK> fraterm: just start virt-manager and assign the nic to br0 or similar
<Womkes> If I have a new disk with the following info in parted ( http://paste.ubuntu.com/1047971/ ) and I just want to have one large parition but optimally aligned, do I first need to create a primary partition with certain alignment? If so, how do I do this I keep getting message that the partition is not optimally aligned.
<fraterm> RoyK, at that point, if I select the right bridge device, whatever the 'guest' os has set up for a network configuratino (eth0 static blahblahblah) should be pingable browsable and all that?
<fraterm> I think I just haven't selected the right bridge device.
<RoyK> fraterm: the guest isn't relevant if the bridging is done correctly
<fraterm> RoyK, the guest (the virtual machine) would still have to have a /etc/resolv.conf and static network configuration information applied to it though would it not?
<RoyK> fraterm: that's just networking
 * fraterm nods Alright then.
<hallyn> stgraber: hm, i wonder if i should wait until someone responds about the hooks, before sending the apparmor patch upstream.  flooding the list probably just works against us
<hallyn> OTOH, it'd be nice to drop 4 patches from our queue
<stgraber> hallyn: would be nice to have Daniel look at the list history and merge some of our stuff, the list is getting long enough that I can't remember what was submitted and what wasn't ;)
<stgraber> hallyn: what's the status of destroy() and create() in the API? I'm pushing their python implementation for now until we have something in the API. I also added get_ips() as a python function.
<hallyn> stgraber: uh, i don't know.  i haven't been thinking about them.  i thought we were going to postpone those until we were sure we needed them
<hallyn> bc it's not clear to me how they woudl interact with the scripts (especially lxc-create)
<hallyn> woudl they be replacments, or wrappers?
<hallyn> stgraber: hm, then maybe i'll send the patch i have, and then tomorrow go through the mailing list archives and make a new git tree with unmerged stuff
<stgraber> hallyn: git tree with unmerged stuff sounds good
<stgraber> hallyn: http://paste.ubuntu.com/1048114/
<uvirtbot> New bug: #996692 in samba (main) "package samba 2:3.6.3-2ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/996692
<hallyn> stgraber: hm, so notice i had 'get_config_item' and 'set_config_item' and 'load_config/save_config()'.  I just have this hunch that the configs are meant to be somewhat independent from rootfs.  maybe that's wrong
<hallyn> the reaosn i mention it is that it affects what create means
<hallyn> maybe i'm being silly
<hallyn> but, from the c api, what i think i'd expect to do is:  (hold on lemme pb it)
<hallyn> stgraber: http://paste.ubuntu.com/1048131/
<stgraber> hallyn: yeah, my current implementation essentially requires you to flush your container including its config, then call create(), then load the config that create generated, but I'd definitely be interested in being able to create() without flushing the config
<stgraber> I guess to get a clean implementation we'd have to essentially create some kind of template API, defining how they get their arguments and what they output
<stgraber> with their output usually being a rootfs and a list of configurations keys that need to be set for the template (but not duplicating all the usual ones)
<hallyn> stgraber: right.  so what i'm waffling on is, do we wait until we figure that out, or do we risk polluting the api with cheap (but useful!) wrappers around the scripts?
<stgraber> hallyn: I guess we can wait for create() at least. Do you see a similar problem with destroy() ?
<fraterm> RoyK, well, of all things, virt-manager seems to have a bug in which the Virtual Network Interface selector persists in setting NAT settings rather than changing them to any of the other available Source Device types.
<stgraber> my create() implementation will be good enough for the initial proof of concept. Which reminds me I should ask some python warning on import of the lxc module that the API isn't stable yet ;)
<hallyn> stgraber: hm, no, i guess no problem with destroy (except symmetry :)
<hallyn> stgraber: i'll be leaving soon.  let me think on the create thing and decide tomorrow?
<stgraber> sounds good
 * fraterm grins as his virtual machine configuration was working just fine.  Tools just don't exactly work the way one would suspect.
#ubuntu-server 2012-06-19
<uvirtbot> New bug: #1001725 in clamav (main) "(could not find var/log/clamav DIR to create file in; did not autocreate directory) package clamav-daemon 0.97.3+dfsg-1ubuntu0.11.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,New] https://launchpad.net/bugs/1001725
<frank_> Buenas alguien me pueden ayudar
<uvirtbot> New bug: #1014916 in lxc (universe) "simultaneously started lucid containers pause while starting after the first seven" [Undecided,New] https://launchpad.net/bugs/1014916
<lifeless> smoser: around?
<hecsa> Hi! Does somebody know something about bind9 troubleshooting?
<twb> hecsa: what is the real question
<hecsa> Hi twb! I'm having some strange issue in an Ubuntu server 10.04 starting some days ago...
<hecsa> It is the internal dns server, which has my other machines declared in my bind9 files
<pehden> ok any one want to help me with ubuntu server with postfix/dovecot/ using mysql based accounts, via ispconfig3
<pehden> ok any one want to help me with ubuntu server with postfix/dovecot/ using mysql based accounts, via ispconfig3 server 12.04
<hecsa> yesterday something strange started to happen...I can ping all the machines using their IPs
<twb> pehden: sorry, I don't support WHCPs
<hecsa> but when using dns names, it does NOT loose any package, but takes too long to answer
<pehden> whcp?
<twb> pehden: web hosting control panel
<twb> pehden: ispconfig, webmin, cpanel, etc
<hecsa> I took a look into /var/log/daemon.log
<pehden> i dont need help on that part, its the config files theres somthing wrong there
<twb> hecsa: IP packets are still called "packets" in English, not "packages"
<hecsa> hehe...sorry!
<pehden> wierd thing im able to log into the aemail account but cant send email from my accont and server is rejecting all incoming mail
<hecsa> sometimes I translate from Spanish to English the wrong way
<twb> hecsa: no problem
<twb> hecsa: I tell you so you know, not because I am angry or anything
<hecsa> well...the daemon.log file has something like this:
<pehden> wow im now getting : Relay access denied
<pehden> Transaction failed
<pehden> 554 5.7.1
<pehden> thats more then i was before
<hecsa> named[2345]: client 10.1.4.40#58694: update 'pirulo.com.ar/IN' denied
<hecsa> BUT 10.1.4.40 is my bind9 server
<hecsa> this is what confuses me
<twb> hecsa: have you hooked bind up to your DHCP daemon?
<hecsa> not that I know
<twb> pehden: so probably it thinks the sender is not in mynetworks and is not authenticated, and is (correctly) refusing to be an open relay
<pehden> ok that points me in the right area, ill loook at that for a min twb
<hecsa> this machine is a dhcp server too...
<twb> pehden: oh obviously it's not an open relay if the mail is destined for a domain postfix handles itself
<hecsa> I don't know if this has or hasn't something to do with the troubles I'm experiencing when pinging my machines using IPs vs DNS names
<twb> hecsa: so the symptoms are that local host names do not resolve anymore?
<pehden> i kow right, the wierd thing is it should still be able to send an email from itself to itself right
<hecsa> they resolve instantly, but take a long time to answer when pinging if I use dns names
<twb> pehden: that depends
<hecsa> I loose no packet (I said packet ;-) )
<hecsa> but the answer time is 1 vs 10
<pehden> email@mydomain.com to email@mydomain.com
<pehden> should send
<twb> pehden: use postconf to compare your current main.cf to the default main.cf and see what is there and what is missing
<twb> diff -U0 <(postconf -d) <(postconf)
<pehden> ok will do that
<hecsa> the ping issue happens when trying to access a web server too if I use dns names. If I use IP address, everything works perfectly
<twb> Or -U999 to see everything
<twb> (There will be a handful of differences that are Ubuntu defaults which you don't need to worry about, e.g. default mailbox size)
<twb> *size cap
<twb> hecsa: are you testing this on 10.1.4.40 itself?
<twb> hecsa: what is in resolv.conf on the test host?
<hecsa> twb: I have domain pirulo.com.ar
<twb> hecsa: on 10.1.4.40, try "dig @127.0.0.1 foo.pirulo.com.ar".  In particular, see if it responds quickly or takes a while.
<hecsa> twb: search pirulo.com.ar
<hecsa> twb: instantly
<twb> OK.  Now try "dig @10.1.4.40 foo.pirulo.com.au" on the host you were having slow ping from
<twb> We are testing to see if this is slowness in DNS or elsewhere
<hecsa> twb: instantly too
<twb> OK, now try "getent hosts foo.pirulo.com.ar" on that host
<hecsa> twb: I tried something with nslookup
<hecsa> twb: that host = the dns server?
<twb> hecsa: well on the slow-ping host, but it is interesting on any host if dig is fast but getent is slow
<twb> Note that by foo.pirulo.com.ar I mean you should be testing with a real hostname at your site
<hecsa> twb: no output...is this normal?
<pehden> crazy i went to reset the install for ispconfig and there is an update so one moment
<pehden> lol
<hecsa> twb: I wrote it wrong...sorry...it answer instantly
<hecsa> twb: it answers instantly
<hecsa> twb: when I ping using dns names, it resolves them instantly, but the answer time is driving me crazy
<twb> It makes no sense that if foo.pirulo.com.ar = 1.2.3.4, pinging foo.pirulo.com.ar is slower than pinging 1.2.3.4
<twb> Except if DNS was slow, and we have shown that it is not
<hecsa> twb: and something strange too is that when I try to cancel the ping with Ctrl-C it takes a lot of time to give me the prompt back...as if it is waiting for somthing to timeout
<twb> hecsa: hm, then perhaps your system is under very heavy load?
<hecsa> twb: that's right! I'm very confused with this...
<twb> Look at e.g. free -m, to see if you are using a lot of swap.  Look at top, to see if all the CPU is used.  Look at iostat to see if the disks are using lots of I/O
<hecsa> twb: I monitored it too...it's 99.5% free with top. I tryÂ¿ied iotop too, and there is no overloaded disk
<twb> Also if you are in the same building you might be able to listen to it or see it doing the washing machine dance
<hecsa> twb: hahaha...now there is nobody here...only me and my dns...and this machine is really free of load
<twb> hecsa: sorry but I am out of ideas
<hecsa> twb: don't worry, thanks a lot for taking your time to answer
<hecsa> twb: I'll continue digging into this, let's see if there is something else
<twb> If you find it, and it is interesting, come back and let me know what it was
<hecsa> twb: sure I will! Thanks again!
<pehden> um twb postconf: warning: /etc/postfix/master.cf: unused parameter: smtpd_bind_address=127.0.0.1
<pehden> /usr/sbin/postconf: warning: /etc/postfix/master.cf: unused parameter: smtpd_bind_address=127.0.0.1
<twb> pehden: so fix that
<pehden> where do i start lol
<twb> Well who wrote that file?
<twb> My bet is it was ispconfig and ispconfig has fucked it up.  Which is why I originally said: I don't do WHCPs
<pehden> right
<twb> I don't know offhand how to fix it.
<twb> If I were you I'd probably talk to #postfix
<twb> It's probably a variable that has a different name in the version of postfix you have, to the version ispconfig assumes
<pehden> im looking at the .conf right now for them to see
<pehden> #postfix
<pehden> um looking in postfix now it shows mynetworks = 127.0.0.0/8 [::1]/128
<pehden> hmm let me test it now
<pehden> http://pastebin.com/MtHyB0VG
<pehden> there was a typo
<pehden> thats fixed now i cant log in
<pehden> to my email
<pehden> whats the netstat to see listening ports only
<soren> pehden: -l (1.4 seconds looking at netstat's man page would have told you that, too)
<Nafallo> wait. use netstat when we have ss? I'm confused.
<twb> Because ss has stupid spacing behaviour in its output
<twb> So if you have a 200-line terminal, and three columns that are like 8 characters wide, you end up with them separated by like 80 columns of whitespace
<th0mz> ehlo
<soren> twb: Exactly. Piping it through cat helps, though.
<twb> Also I recall it excludes some results in certain circumstances that are easy to forget about
<twb> I can't remember the details
<twb> soren: yeah I do that, but it's a pain in the arse to have to do so
<soren> Indeed.
<soren> I always go back to netstat.
<pehden> i tried -l but i didnt see it the way i wanted, soren
<pehden> -ln is as close as i can get from what it looks like but there is still extra junk below
<twb> ss -nlp | cat
<pehden> i use watch -c .1 netstat -ln
<soren> pehden: You should have mentioned that instead of wasting other people's tie.
<pehden> im sorry i was waiting for a responce then didnt notice i had one
<soren> pehden: I'm talking about your initial question.
<soren> pehden: If you've already tried the obvious solution and it doesn't do what you want it to, say so instead of having to go through this useless bit of back and forth.
<pehden> for some reason my imap isnt running
<pehden> i was assuming it was part of postfix. but is that dovecot instead
<soren> dovecot does imap, yes.
<soren> And postfix does not.
<soren> If you don't want the unix sockets at the end, use -lntu.
<twb> soren: may be my fault for getting him fixated on postfix
<pehden> ok i was a bit confused, i have been trying to get this part of my server running the way i want for months
<pehden> ok thankts i will keep that saved
<twb> IMO the real problem is his WHCP
<pehden> it has worked before i upgraded to 12.04
<soren> Don't waste brain matter memorizing stuff like that. Just understand that you (apparently) only want tcp and udp sockets. That's -t and -u, respectively.
<soren> twb: whcp?
<twb> Sigh
<twb> ispconfig
<twb> whcp = web hosting control panel.  /me pines for dpkg bot instead of ubottu :-/
<twb> I have an -l1 -n3 md raid array.  I have a fourth disk plugged in.  I want to add it as a spare (not active) node in the array.
<twb> What's the right way to do this?
<pehden> im hosting sites, and i use one of them for my email, but due to the last upgrade the email servers have been unavailable. i have been dealing with many errors.
<pehden> so far im the closest yet thanks to twb
<twb> I'm still looking through the manpage
<pehden> are you familier with dovecot?
<pehden> i can pastebin my config
<twb> pehden: dovecot config is not very interesting.
<pehden> i think i see another typo
<pehden> ssl_cert = </etc/postfix/smtpd.cert
<pehden> ssl_key = </etc/postfix/smtpd.key
<pehden> is the < supposed to be there
<twb> pehden: yes
<soren> twb: Isn't that just -a /dev/whatever?
<twb> soren: that adds it as an active node
<twb> At least it did just now when I removed the dead disk and added the first (or two) new ones.
<soren> twb: Why?
<soren> twb: Oh.
<twb> Maybe add is smart enough to make it active if there is a slot for an active one, and a spare if there isn't?
<soren> twb: Right, ok. Yes, in that case it'll probably try to reach the same number of replicas as it was created with.
<twb> Otherwise I am guessing I need something like mdadm /dev/md0 --grow --spare-devices=1 ?
<soren> twb: Yeah.
<twb> I'll try just -a'ing it -- worst case is it'll be active and I can remove it again
<twb> It made it active :-/
<soren> twb: In reality, it's added as a hot-spare, but immediately turned into an active node, because there's a disk missing.
<twb> Oops, no it didn't.  I can't read
<twb> -a did the right thing -- http://paste.debian.net/175207/
<twb> soren: thanks
<soren> twb: Sure thing.
<pehden> where would dovcot logs be, there not in /var/log
<glance> Hi. I would like to automaticly coordinate reboots of cluster-machines. Eg. In a cluster of machines, no two machines may reboot at the same time. If both would like to reboot, eg. after a kernel update, One need to complete its reboot before the other one is allowed to start theres. Anyone bin poking around with this type of stuff before?
<ikonia> glance: no idea how you could manage that outside of manually managing the machines
<glance> I have some ideas about distributed databases with locks, but that feels just like a whole heap of troubble =)
<glance> And, i like my systems to be as hands-off as posible.
<ikonia> I can see possible ways of doing it, but as you say it's going to be a massive overkill
<glance> I just thought that someone else might have thought about this before =)
<ikonia> managing clusters (in my view) will always need some form of manual work needed
<uvirtbot> New bug: #1015058 in dovecot (main) "package dovecot-ldap 1:2.0.19-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015058
<uvirtbot> New bug: #1015041 in ntp (main) "Conflict between NTP and NTPDATE " [Undecided,New] https://launchpad.net/bugs/1015041
<hallyn> lynxman: hey, did you have any opinion on bug 1014005 ?  i don't know enough about the various different rom s to know whether we care enough to say no
<uvirtbot> Launchpad bug 1014005 in ipxe "Please generate and include ipxe.dsk to the ipxe binary package" [Wishlist,Triaged] https://launchpad.net/bugs/1014005
<lynxman> hallyn: oh let me have a look
<lynxman> hallyn: well it's definitely wishlist, wouldn't it be extremely hard to do I reckon
<hallyn> would there be any reason not to?
<uvirtbot> New bug: #1015104 in samba (main) "package winbind 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015104
<lynxman> hallyn: hmm not really, unless its broken somehow (could be)
<zul> good morning
<zul> how do i configure grub
<hallyn> lynxman: thanks
<lynxman> zul: :)
<hallyn> gary_poster: hey, for the 8+ lucid containers, have you tried running that on something cheaper like m1.xlarge, and it wasn't enough?  (just wondering)
<hallyn> (just wondering whether i can save a few bucks :)
<hallyn> gary_poster: and if not, which ami did yo use with the cc2.8xlarge?
<koolhead17> Daviey, ping
<hazmat> hallyn, ping
<hallyn> hazmat: .
<hazmat> hallyn, greetings, and thank you.. i wanted to ask about the ramifications of unconfined containers and arbitrary package selection causing problems on the host
<hazmat> hallyn, the most common use case we use lxc for is basically for people to install on their primary desktop/laptop.. and then their installing and developing charms against fairly random packages.. the scenario i want to avoid is ofc toasting the host.
<hazmat> ie. not so much malicious escape, but inadvertant perm changes to the host
<hazmat> it wasn't clear to me to what extent the aa profile is helping against that
<hazmat> its mostly just functional denial and afaics this is one of the few times we've come up against it directly
<hallyn> hazmat: well the aa policy *does* prevent against accidents, but we used lxc for years without aa without worrying too much, or too manya ccidents
<stgraber> hallyn: reading your e-mail now (one of these days where I need over an hour to catch up on feeds/e-mails/irc backlog/...)
<hallyn> so i don't *expect* anyone to lose data or their host
<hallyn> hazmat: there are still other protections, like the devices cgroup
<hazmat> hallyn, what sort of ops would entail accidents that AA might prevent?
<hallyn> echo b > /proc/sysrq-trigger
<hallyn> playing with binfmt-misc module params
<hallyn> (installing some qemu packages)
<gary_poster> hallyn, I use the big machine because that's what we need for our own tests now, so it's easy.  We saw it on the 4 core hyperthreaded machine I think, but not sure.  I can try to replicate it there too.  AMI: juju handles that for me, but I had some notes on what API to use from before; lemme see if I can figure it out really quickly
<hallyn> hazmat: is this what my writing a custom apparmor profile for will help a bit?
<hallyn> hazmat: in any case, i dont' think you need to not use lxc just bc you have to disable apparmor
<hazmat> hallyn, definitely, i'm just trying to eval if we put this fix in on the short term
<hazmat> re custom profile
<hazmat> shared fs are going to be a common thing for setting up app charm stacks via lxc
<gary_poster> hallyn, here are somewhat old instructions on getting an AMI for the big machine: http://pastebin.ubuntu.com/1049152/
<hallyn> hazmat: you can share with bind mounts?
<hallyn> gary_poster: thanks
<hazmat> hallyn, i think given the current state of juju local provider, which is isn't great, its probably better for us  to leave off on disabling aa  for a few weeks till the next upload..
<gary_poster> welcome.  thank you for looking at it.  you want me to try the 4 core/8 hyperthreaded machine and see how to dupe?  Happy to if it helps.
<hazmat> hallyn, the goal is that they take what they've done locally and deploy it to public cloud or bare metal without changes.. bind mounts don't really help
<stgraber> hazmat: so far I've been recommeding users to copy the default apparmor profile and add the required overrides in there, though anything that is known to be "safe" should find its way into the main profile
<hallyn> hazmat: makes sense, thx
<stgraber> hazmat: you should also be able to make these mounts from lxc's fstab instead of the fstab inside the container, that'll bypass apparmor
<hallyn> stgraber: (this is re the email last night) we just need to provide them with custom rules, and they can have juju always add those
<hazmat> hallyn, stgraber that sounds good re custom profile
<hallyn> ok i need to go for a bit, bbl
<hazmat> hallyn, thanks
<hazmat> stgraber, we don't actually know per se what the mounts are when we allocate the container
<stgraber> hazmat: right, but the mounts can be allowed per fstype, and if that fstype is "safe" we can even allow it in our default profile
<stgraber> hazmat: (the definition of "safe" being whether the container can bypass apparmor restrictions by mounting it)
<stgraber> hazmat: in your case, you may want to:
<hazmat> stgraber, ic what would that look like
<stgraber> 1) cp /etc/apparmor.d/lxc-default /etc/apparmor.d/lxc-default-with-glusterfs
<stgraber> 2) edit /etc/apparmor.d/lxc-default-with-glusterfs
<Daviey> koolhead17: hey
<stgraber>  - change the profile name at the beginning of the file
<stgraber>  - add "mount fstype=glusterffs," to the content
<stgraber> 3) /etc/init.d/apparmor reload
<stgraber> 4) edit your containe config to use lxc.aa_profile = <profile name you put at the beginning of the new file>
<stgraber> hazmat: the problem being that you then need to keep our main profile and your alternative profile in sync somehow. I suppose you could script the generation of your profile or simply get us to merge your changes in the main one (we can even SRU these)
<hazmat> stgraber, is there an include for a profile?
<hazmat> ie. inheritance of some form.. or is that limited to separate policy files
<hazmat> its not clear that's really a solution though, it means white listing things on a case by case basis
<hazmat> just going through rdepends on a few fuse packages, get's me a list of 84.. http://paste.ubuntu.com/1049175/
<stgraber> hazmat: apparmor supports includes but it works like #include in C, so won't help there as it'd include the whole profile including the profile definition
<K4k> Are there any alternatives to landscape for managing Ubuntu client systems? I'm trying to get things more organized around here and I've got our Redhat systems managed under Spacewalk but the Ubuntu machines are still unmanaged and I'm relying on "unattended-updates" to ensure machines stay current which is not really an ideal solution for patch vetting.
<stgraber> hazmat: let me test this quickly, I'd be surprised that we wouldn't have a way to allow any fuse based filesystem at once
<hazmat> stgraber, thanks
<stgraber> hazmat: and if there isn't, we can probably convince jjohansen to add one ;) nice thing of being the upstream
<hazmat> stgraber, :-)
<hazmat> K4k, puppet?
<K4k> hazmat: I thought puppet was more for configuration deployment. Does it handle binary deb files as well?
<stgraber> hazmat: http://paste.ubuntu.com/1049182/
<hazmat> K4k, well you can have it setup to cron a check against installable updates/deltas or report back via any preferred protocol, and then have it install a given set of package updates specific to a release, its quite a bit more fiddling/development than something like landscape, but it can definitely be done.
<hazmat> stgraber, perfect
<stgraber> hallyn: ^ looks like we should allow fstype=fuse.*, in the default profile. I can't think of any problem with that, do you?
<hazmat> stgraber, so the ideal would be just getting that into the default profile
<K4k> hazmat: I'll consider that. Thanks. I'm mainly looking for alternatives to save costs but perhaps, if landscape isn't terribly expensive, I could convince management to approve some sort of budget for this.
<stgraber> hazmat: yep, I'm working on a few other apparmor profile changes for quantal, will include this one in the set unless hallyn thinks it can be a problem, then this one should be SRUed back to 12.04 with the next batch (in couple of weeks)
<hazmat> stgraber, sweet! thanks again
<Womkes> Hey guys, I have a windows 7 machine with virtual box and one of my vm's is my Ubuntu workstation (for development and stuff) and I have two bare-metal servers connected to my home network. When I connect through ssh from my Ubuntu vm to these bare-metal server I get a ssh timeout during a session (doesn't have to be idle just happens after a few minutes). I do not have this problem when
<Womkes> I connect through ssh from my windows box using putty.
<Womkes> Any thoughts why this might happen?
<RoyK> Womkes: connecting from the vm to a server should work well. does other types of networking work?
<Womkes> yeah no other problems as far as I can tell RoyK
<Womkes> The Terminal session to the server just die with this message
<Womkes> Timeout, server srv2.bluejay.nl not responding.
<Womkes> And when I reconnect the last commands I entered are not in my bash history
<RoyK> Womkes: telnet server 22
<RoyK> Womkes: just to see if networkingworks
<stgraber> hallyn: I think I have a pretty nice improvement for our apparmor config, will put that in a branch so you can have a look
<RoyK> Womkes: just to see if networking works
<Womkes> When I connect from my Windows 7 PC to the server there is no problem
<Womkes> from the ubuntu vm or from my windows box RoyK?
<RoyK> from where it doesn't work
<RoyK> meaning the ubuntu vm, I guess?
<Womkes> yes
<Womkes> Ok
<Womkes> you want the output pastbinned ?
<RoyK> k
<Womkes> http://paste.ubuntu.com/1049198/
<hallyn> stgraber: sounds good
<Womkes> I have of course put 192.168.178.110 srv1.bluejay.nl in my /etc/hosts file
<RoyK> Womkes: that means you should be able to ssh there
<RoyK> why?
<Womkes> Yeah ssh works
<Womkes> it just get disconnected
<RoyK> ah
<Womkes> after a few minutes
<RoyK> setup ssh keepalives, then
<Womkes> even when the session isn't idle, like in the middle of doing stuff
<RoyK> or use bridged networking
<Womkes> I tried, but still occurs
<Womkes> lemme check if I used bridge in vbox
<RoyK> Womkes: ServerAliveInterval 5
<arussel> how do you create an ec2 snapshot without lvm installed and with default fs (ie, not xfs) ?
<Womkes> Yeah, I use Bridged Adapter in virtual box
<RoyK> in $HOME/.ssh/config
<RoyK> arussel: you can't
<RoyK> arussel: that is, unless amazon lets you do that from their tools
<arussel> with lvm I could freeze the fs while doing the backup, but I kind of 'forgot' to install lvm on that one.
<Womkes> Ok, I will try RoyK, I think I tried it before though and it didn't work
<Womkes> but I put it in /etc/ssh/ssh_config
<Womkes> not in ~/.ssh/config
<RoyK> arussel: only fs with snapshot support in ubuntu is, afaik, btrfs, and then, zfs, but that's with fuse
<RoyK> arussel: lvm snapshots aren't very good - the more snapshots, the slower i/o
<RoyK> Womkes: shouldn't matter much
<arussel> amazon doc says: 'Some file systems, such as xfs, can freeze and unfreeze activity so a snapshot can be made without unmounting.', but I'm with ext3
<arussel> and if I umount, postgres might be pissed off.
<RoyK> arussel: stop postgres ;)
<RoyK> arussel: and ext3 will probably handle that rather well
<RoyK> arussel: a filesystem without a journal will have a harder time, though
<RoyK> Womkes: erm - you put that in /etc/ssh/ssh_config on the client or server?
<arussel> wasn't lvm by default on previous ami ?
<arussel> I don't remember installing it is there on the 10.x
<Womkes> on the client
<RoyK> ok - that's where it belongs
<Womkes> I believe it is /etc/ssh/sshd_config for server and then it is ClientKeepAlive something
<Womkes> I tried that also :)
<RoyK> Womkes: I haven't used client VMs like that, so I wouldn't know, but all my ssh sessions survive all sorts of gateways with just that line I gave you
<arussel> fuck it, I'll redo the volume. Any advice between lvm or xfs ?
<Womkes> ok, I have it running now
<Womkes> we'll know in a few minutes :)
<stgraber> hallyn: lp:~stgraber/ubuntu/quantal/lxc/apparmor-profiles-rework
<stgraber> hallyn: I haven't tried a build of the new package but I'm running with these profiles on my machine and they work great
<stgraber> hallyn: these should be much easier to customize as /etc/apparmor.d/lxc/* can now just inherit from the main profile, that also greatly simplifies the with-nesting profile
<hallyn> (looking)
<hallyn> stgraber: looks great
<hallyn> stgraber: presumably not SRUable, but perhaps we can put up a wiki page with a script for people to convert to that setup
<stgraber> hallyn: yeah, we won't be able to SRU that, though the fstype=fuse.*, stuff is SRUable if you can't think of a reason why it'd be bad allowing it
<stgraber> hallyn: when we get the API work and the hooks in a good enough shape and get these uploaded to quantal, I'll probably start maintaining backports of lxc as well as continuing with the srus, that way people can choose whether they want just bugfixes or also new features
<hallyn> stgraber: regarding always allowing fuse...  i dunno, it does scare me a little
<stgraber> hallyn: I think the potentially dangerous thing is /dev/fuse, not the filesystems themselves and we already allow /dev/fuse
<stgraber> hallyn: I'll go ahead and upload these changes including the fuse.* change to quantal. Will rediscuss whether it's safe or not with the next batch of SRUs. I think that if we consider fuse to be risky, we should block it in the ubuntu profile but still allow it in apparmor (so one doesn't need to change their profile if they allow the node in their config)
<stgraber> hazmat: FWIW, fuse.* is now allowed in quantal. Making alternate profiles is also much simplified as you can now do it without duplicating the default one
<hallyn> stgraber: agreed, given that /dev/fuse is allowed, i must have agonized over it before and decided it was ok :)
<hallyn> interestingly i can't reproduce gary_poster's parallel-lxc-start-ephemeral/dnsmasq race on a m1.xlarge.  i wonder if it's a race that needs faster/more cpus
<hallyn> (race in dnsmasq is my guess, really)
<stgraber> hallyn: apparmor changes uploaded to quantal. Rebased my liblxc+python-lxc branch on that one and uploaded to my ppa for precise and quantal
<hallyn> just ppa:stgraber/ppa ?
<stgraber> hallyn: ppa:stgraber/experimental
<hallyn> ok
<stgraber> I'm still running precise on my laptop but like to have the new shiny lxc with python-lxc support ;)
<grendal-prime> i use to be able to change wich physical interface was atached to wich eth device in 10.04 with the /etc/udev.rules/70-persistent-net  file..how do i do that with 12.04
<patdk-wk> same way?
<grendal-prime> ya but there is nothing in there.
<patdk-wk> yep, hmm
<grendal-prime> i mean it currently has to be stored somewhere
 * patdk-wk tests
<pteixeira> hello! i need to run the vmbuidler command from a web application (takes the info related to the packages to be installed from the web application and uses vmbuilder to create the VM image), but i need sudo permissions to run it.. is there a way to overrun this or is it simply not possible?
<pteixeira> (jeos and vmbuilder page redirected me here, dont know if this is the right place...)
<grendal-prime> it seems to me that the 75-persistent-net-generator.rules does not run automatically anymore
<grendal-prime> pteixeira, ya the www-data user having sudo privilages may not be good..you may want to just make your script sudo
<hazmat> stgraber, nice
<grendal-prime> meaning making it the one script that that particular user has sudo access to.
<hallyn> stgraber: syslog corruption...  what do you think?  do we continue to put up with it until after user namespaces are complete?  (preferable from a dev point of view, not from user pov)
<hallyn> (but only not preferable from user pov if we can get a real fix in :)
<pteixeira> grendal-prime, thanks! i didnt even know that was possible :)
<grendal-prime> pteixeira,  np here
<grendal-prime> http://www.cyberciti.biz/tips/allow-a-normal-user-to-run-commands-as-root.html
<pteixeira> thank you very much :)
<stgraber> hallyn: that doesn't sound like an easily fixable thing so I don't think it's worth risking delaying the user namespaces work for it, especially as it's really just annoying, it's not dangerous.
<grendal-prime> well shucks...ill tell ya what you can repay me by marrying my sister (The ugly one).
<uvirtbot> New bug: #1009579 in tomcat7 (universe) "[MIR] tomcat7 (replaces tomcat6)" [High,In progress] https://launchpad.net/bugs/1009579
<hallyn> the biggest reason it's not 'easily' fixable is that it still isn't clear which namespace should own the syslog ns :)  (or how to control unsharing it)
<grendal-prime> in my country that is the honorable way to repay such a debt.
<gary_poster> hallyn, I saw your comments about not being able to dupe.  Weird.  I'm going to try making a fresh ec2 instance with nothing else on it.  I'll try both the sizes you did.
<hallyn> gary_poster: thanks.  i tried your exact commands from the bug report...
<hallyn> oh maybe  i did just reproduce it
<gary_poster> hallyn, yeah, I figured you did.  They worked for me.  Maybe the fact that I had used the system quite a bit before affected it.  I'll report back.  thanks again.
<gary_poster> I mean I figured you tried the exact commands.  but if you did just repro, yay!
<patdk-wk> grendal-prime, I just tested it, using udev/rules.d/70-persistent-net works fine
<patdk-wk> it's just not auto-filled anymore
<hallyn> gary_poster: yeah.  so the bear is going to be writing a script to figure out which container doesn't yet have an address :)
<grendal-prime> ok so is there anyway to initally have it grabe whats there so i can just move around what it found?
<hallyn> dhclient3 didn't start until after the 3 mins, so the q is did the first one die, or did something wait for 3 mins
<hallyn> i'm going to blame udev
<gary_poster> :-)
<grendal-prime> patdk-wk, i tried to fire off the 75-persisant-net-generator script but i got to mess with the perms to do that. (no Xecute)
<grendal-prime> or execute it with bash..
<grendal-prime> but ...well it doesnt seem to do what i want
<grendal-prime> and it just pukes a buch of errors.
<gary_poster> hallyn, should I bother continuing to spin up ec2 instances or is that moot since you duped?
<grendal-prime> starting with 75-net-description.rules: line 4: SUBSYSTEM!=net,: command not found
<hallyn> gary_poster: moot - thanks
<gary_poster> cool
<hallyn> i'm going to try with separate containers
<hallyn> (still i'm pretty sure the problem is udev pauses and the containers don't get an eth0 to run dhcp on )
<uvirtbot> New bug: #1015186 in bind9 (main) "bind9 init script relies on unavailable capability kernel module" [Undecided,New] https://launchpad.net/bugs/1015186
<smoser> roaksoax, i suspect this is magically all working...
<smoser> but can you verify that the maas/cobbler pxe install path uses
<smoser>  http://www.syslinux.org/wiki/index.php/SYSLINUX#IPAPPEND_flag_val_.5BPXELINUX_only.5D
<smoser> ie, that pxelinux appends "BOOTIF=" for us? and then the installer (if given 'auto' for the netcfg/choose_interface uses that)?
<grendal-prime> this kinda blows..alot
<grendal-prime> i just want to change the order of these damn interfaces
<adam_g> zul: what are we waiting on specifically, wrt nova hitting -proposed?
<uvirtbot> New bug: #1015194 in postfix (main) "package postfix 2.9.1-5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015194
<stgraber> hallyn: http://paste.ubuntu.com/1049431/ <- unicode works fine in python3-lxc + liblxc now (though utf-8 is hardcoded, so I'd expect it to explode quite badly if using another encoding)
<hallyn> stgraber: excellent, i can start my ki-ich, ki-ni, and ki-san containers now
<hallyn> stgraber: do you know offhand of a rate limit imposed by either udevd or the kernel's uevent subsystem?
<hallyn> feh, i suppose kernel could just be running out of memory for th euevents
<hallyn> <chuckle> a per-container syslog woudl sure be helpful ehre :)
<hallyn> gary_poster: is the given workaround (disable udevam trigger) worakble for you?  (set that up in the initial lucid container, and it gets copied into the pehemeral ones)
<hallyn> gary_poster: i don't knwo whether (a) udev in container is failing to allocate a netlink socket and then timing out,
<hallyn> (b) kernel is failing to allocate memory for some events (can certainly happen), or (c) kernel or userspace is just throttling
<hallyn> i'm guessing a.  in any case, i prefer to ignore it and move to other stuff, if the workaround works for you
<jjohansen> hazmat: I'd like to get some more info from you on how you would like to extend apparmor profiles
<gary_poster> hazmat completely understood that you want to move on.  I'll give it a try and report back.  What would be symptoms of it not working?
<hallyn> gary_poster: it works (i tried it), i meant - is it doable for you to modifiy the initial container every time
<hazmat> jjohansen, so with the change to allow fuse in the default its not clear we need to.  but if we do need to customize it, the ideal scenario is that we can include the default and override the relevant bits
<stgraber> jjohansen: not sure if you saw my lxc upload to quantal but I moved most of our apparmor profiles around ;) basically adding two entries in /etc/apparmor.d/abstractions that are then included in usr.bin.lxc-start, lxc-default and lxc-default-with-nesting. This now allows people to "inherit" from our implementation and removes the need for copy/pasting everything
<jjohansen> stgraber: right
<hallyn> stgraber: which is of course what i always wanted to do :)  just hadn't gotten around to it
<hallyn> stgraber: we might even introduce a lxc-set-profile -n containername script,
<hallyn> which just creates a new empty profile, sets the config to use that, and then the user can go hack from there.  small improvement, but at the same time huge usability improvement i think
<jjohansen> hazmat: right I understand what you want, let me rephrase I am looking for ideas/visions of how you would like to see it function.
<Plizzo> My Ubuntu Server has been disconnected from the network for some hours, and now that I plugged it back in it only gets an IPv6 address, and no IPv4 one. This means I cannot access it properly, what do I do?
<gary_poster> hallyn, oh, ok.  Yeah, we do surgery for various other issues already.  Thanks!  I'll report back on the bug after I have a bit of experience with it, to make sure it works for us
<hallyn> btw can i just say, for all the wanting lxc-devel to stick around, there's not a lot of review there!  <grumpy>
<hallyn> gary_poster: awesome, thanks.  ttyl
<gary_poster> ttyl
<stgraber> hallyn: sounds useful indeed. I've been helping quite a few folks do the copy/pasting, reloading, lxc.aa_profile stuff and it's getting a bit boring having to copy/paste the same instructions over and over again ;)
<jjohansen> stgraber: I can imagine :)
<hallyn> heh
<jjohansen> stgraber, hallyn: same basic question applies to you too. If you have ideas on extending the language to make this easier lmk
<hallyn> jjohansen: well, the per-fs thin would be very useful.  i.e "deny write to sysrq-trigger on any procfs".  i relize that's more than a language change :)
<jjohansen> hallyn: yeah I am working on that
<hallyn> jjohansen: great :)
<hallyn> for instance, debootstrap isn't allowed bc of that :(
<hallyn> anyway, dont' know that i have anything more.  (back to hackhackhack)
<Plizzo> How can I force my server not to accept an ipv6 address?
<Plizzo> Or atleast to obtain an ipv4 one
<Plizzo> Like it used to
<RoyK> Plizzo: ipv6 should work by default with address discovery
<RoyK> Plizzo: ipv4 can be set manually or by dhcp/bootp  in /etc/network/interfaces
<Plizzo> RoyK: IPv6 is working, but for some reason my server is not getting an IPv4 address
<RoyK> do you have dhcp around?
<Plizzo> RoyK: My router is set to give my server a static IPv4 address, and the server is the only computer which obtains IPv6
<Plizzo> RoyK: It's always been getting the same IPv4 one until now
<uvirtbot> New bug: #1015207 in juju (universe) "juju setup fails, ERROR Invalid SSH key - 12.04 LTS" [Undecided,New] https://launchpad.net/bugs/1015207
<hazmat> jjohansen, so std include statement should work fine to grab a definition, and then a stanza prefix/statement to specify an override/modification block over an existing entity (program, profile, etc)
<RoyK> then your router is probably having a fit
<hazmat> so something like @override\n profile lxc-container-default  { deny /dev/zero }
<jjohansen> hazmat: okay thanks
<stgraber> hallyn: just looked at my bug mail, does that mean that gary_poster's bug doesn't happen with >=precise containers?
<hallyn> stgraber: right
<hallyn> stgraber: which is why i had assumed it would turn out to be udev :)
<hallyn> stgraber: where is your bzr tree for the lxc api now?  i'll make my destroy/create changes against that
<stgraber> hallyn: lp:~stgraber/ubuntu/quantal/lxc/lxc-api-and-python
<stgraber> hallyn: actually, are you part of the ubuntu-lxc team?
<stgraber> because I guess it'd make sense to just share that branch for now instead of branching/merging for every little bits
<arussel> is it a problem for xfs_freeze if a subdirectory is used as mount point ?
<stgraber> hallyn: now at lp:~ubuntu-lxc/ubuntu/quantal/lxc/lxc-api-and-python and I added you to ~ubuntu-lxc so you can directly push to it
<stgraber> hallyn: the liblxc changes are in the last quilt patch, so you can simply update the files and refresh the patch
<stgraber> no need to create any more patches at this time
<roaksoax> smoser: we don't specify bootif=XYZ
<roaksoax> smoser: but we do have ksdevice=bootif
<smoser> roaksoax, i think we end up specifying BOOTIF=
<smoser> as it seemed our pxelinux (in grepping cobbler) hyas 'ipappend 2'
<roaksoax> smoser: http://pastebin.ubuntu.com/1049530/ we don't specify a bootif=XYZ
<hallyn> stgraber: do you think lxc-destroy should now be deleting custom profiles?
<hallyn> maybe best not...  but hate to have those proliferate too much
<roaksoax> smoser: but in this one we specify ksdevice=bootif
<roaksoax> smoser: http://pastebin.ubuntu.com/1049531/
<smoser> roaksoax, we dont specify bootif=
<smoser> we specify ipappedn 2
<hallyn> stgraber: thanks  (i'd have ben happy doing merge proposals :)
<stgraber> hallyn: unless we decide to always have one profile per container which IIRC we said wasn't a good idea, we probably shouldn't be removing them. At some point it might be interesting to detect unused profiles and show the list at the end of lxc-destroy
<roaksoax> smoser: right we do
<roaksoax> smoser: i think those don't really apply to Ubuntu though as they are for anaconda...
<hallyn> stgraber: yeah, a purge command shouldn't be too hard.  look for all profiles not mentioned in a config, and query the user one at a time.  anyway, later.
<stgraber> hallyn: and will be even easier to do in python ;)
<roaksoax> smoser: though, I just found this: https://bugs.launchpad.net/ubuntu/+source/casper/+bug/923219
<uvirtbot> Launchpad bug 923219 in casper "[Oneiric] PXE/NFS boot requires "IPAPPEND 2" in PXE menus" [High,Confirmed]
<roaksoax> smoser: so yes, it should be using the bootif for the installer if netcfg/choose_interface=auto
<hallyn> stgraber: lp:~serge-hallyn/ubuntu/quantal/lxc/lxc-aa-custom-profile adds a lxc-aa-custom-profile, works for me
<hallyn> lunch, bbl
<smoser> which magically makes BOOTIF= appear on the linux command line
<smoser> roaksoax, ^
<stgraber> hallyn: ok, having a look and will merge in lp:ubuntu/quantal/lxc if it looks good (and then rebase my lxc-api-and-python branch on the main branch)
<hallyn> stgraber: i'm not sure it's worth a separate commit, was thinking we'd just queue it in ubuntu:lxc until a more important one
<stgraber> hallyn: (oh yeah, you might have to use "bzr pull --overwrite" with lxc-api-and-python from time to time as I rebase it on the main quantal branch whenever something lands)
<hallyn> then again, you've done more of the tedious repetition than i have (explaining how to do it) :)
<stgraber> hallyn: yeah, I'd merge it but not upload it
<hallyn> ok
<roaksoax> smoser: bootif=XYZ
<roaksoax> smoser: so my guess is that ipappend 2 adds bootif=XYZ as a kernel param on runtime rather than in the file itself?
<smoser> roaksoax, right.
<smoser> its magic/genius pxelinux. and it appears that our whole stack uses it for automated install.
<smoser> really clever idea from pxelinux to do that. it basically passes the interface that it booted from up to linux.
<roaksoax> smoser: indeed, which really make sense
<smoser> SpamapS, if you wanted to think about https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1015223
<uvirtbot> Launchpad bug 1015223 in cloud-init "cloud-init-nonet main process killed by TERM signal" [Undecided,New]
<smoser> i'd appreciate it.
<uvirtbot> New bug: #1015223 in cloud-init (main) "cloud-init-nonet main process killed by TERM signal" [Undecided,New] https://launchpad.net/bugs/1015223
<SpamapS> smoser: reading
<matt_keys> I had a 250gb sata disk running 10.04 and replaced it with a 120gb ssd running 12.04. My kvm images are now on sdb3, how do I move them into sda3?
<RoyK> matt_keys: they're normally under /var/lib/libvirt/images
<RoyK> just files
<miceiken> okay this is weird
<miceiken> insserv is installed, but when I use it it says command not found
<RoyK> matt_keys: the vm config is under /etc/libvirt/qemu - you might want to move them over as well
<Aaton> anyone having problems with 12.04 LTS not rebooting when your doing a network install?
<fraterm> matt_keys, if you have any good references for configuring those Virtual Machines networking statically I'd like to pick your brain.
<matt_keys> RoyK : I've got sdb3 mounted on /sdb, so I recursive copied /sdb/var/lib/libvirt/* and /sdb/etc/libvirt/ , but they're not showing up in virt-manager
<fraterm> permissions I bet.
<Aaton> the debian-installer seems to be caught in a loop. if I have a preseed/late_command it will try to run it twice but fails the second time since /target is unmounted
<matt_keys> fraterm : worked for me just configuring static since they're bridged.
<fraterm> matt_keys, are all of your VMs ubuntu ones?
<roaksoax> Aaton: afaik you can only have 1 late_command in the preseed
<fraterm> I only have one and it's a centos 6.2 beasty.
<matt_keys> RoyK : I do see the volumes on the storage screen, though.
<RoyK> matt_keys: restarted libvirt?
<matt_keys> RoyK : ahh... one sec.
<Aaton> roaksoax: yep I have only one.
<Aaton> I get a dialog box about the machine rebooting but it then tries the late_command again instead
<matt_keys> RoyK : restarted qemu-kvm and libvirt-bin both, still not there
<matt_keys> fraterm : not all of them. I have centos 6.2 ones too.
<fraterm> I must have a squirrelled up resolv.conf I suspect.
<matt_keys> fraterm : dns keep getting wiped?
<fraterm> /etc/resolv.conf is there.
<roaksoax> Aaton: how are you running your late_command?
<Aaton> d-i preseed/late_command string wget -Y off -P /target http://10.X.Y.Z/d-i/precise/late_command.sh ; chmod +x /target/late_command.sh ; chroot /target/ /bin/bash /late_command.sh
<Aaton> it works. and completes the commands I have inside it.
<roaksoax> Aaton: I think you should do it like this:
<matt_keys> fraterm : I've seen network manager wipe out the static dns settings... you have to set a few things in ifcfg-eth0 to keep it from doing that
<fraterm> basically broken network configuration here I think then.
<fraterm> itÂ´s that networks are unreachable.
<roaksoax> d-i preseed/late_command in-target sh -C 'wget http://10.X.Y.Z/d-i/precise/late_command.sh; etc etc etc'
 * fraterm turns off NM_CONTROLLED
<roaksoax> Aaton: or similar, but you need to use in-target so that it does stuff in the targe
<roaksoax> Aaton: it is probably because of the way you are doing it that it fails
<Aaton> roaksoax: ok I'll give that a try
<roaksoax> fraterm: man resolvconf will tell you how to set static dns
<fraterm> I dunno that it's resolvers.
<Aaton> will it use the wget that is in busybox or the wget in /target. I have to make sure it doesn't try to use the proxy I'm behind.
<roaksoax> Aaton: in-target
<roaksoax> Aaton: that's why you use the in-target
<fraterm> I can ssh in to the machine over the bridged network, I can't ping anything outside of my subnet from within the machine.  I can ssh out to machines inside my subnet.
<matt_keys> fraterm : http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-networkscripts-interfaces.html . you'll want to use PEERDNS=yes, then DNS1=8.8.8.8 DNS2=8.8.4.4
<fraterm> IÂ´m behind a proxy though.
<fraterm> But I will give that a look.
<matt_keys> fraterm : unless you're restricting icmp out, proxy shouldn't interfere with it... just http/https traffic
<fraterm> But I should still be able to ping X host in a different network... I bet I have a gateway or netmask or other setting a bit off.
<matt_keys> fraterm : can you ping internal network hosts?
<fraterm> matt_keys, certain ones yes
<fraterm> my host vm IP address, and one host that is in our subnet.
<fraterm> dns no, gateway...
<matt_keys> fraterm : traceroute 8.8.8.8
<fraterm> can ping the gateway... hurmph
<matt_keys> where does it stop?
<fraterm> installing traceroute would help.
<fraterm> matt_keys, no more assistance til I get some good debugging tools though.
<fraterm> I donÂ´t want to waste your time with this.
<matt_keys> np
<matt_keys> still trying to figure out why i can't see my vms :p
<matt_keys> brb
<fraterm> I had a big problem with 12.04 recognising my ability to alter the configuration to use the bridge.
<fraterm> Until I did it as root.
<fraterm> the virtual machine manager gui isn't able to alter that setting unless you have the VM "powered off" as well... and as a normal user it doesn't alter the parameter for the network away from using NAT.
<axisys> HP DL380 would be a good server to run mysql? I have about 20GB worth of ibdata with one table with 6 million transactions and another for 1 million.. running RT
<rockets> Here's a silly question: How does Ubuntu pick which version of a package to install, if I have multiple apt repositories in my sources.list that contain that package? Does it just pick the newest one?
<ikonia> rockets: if you don't have pinning setup, pretty much yes
<rockets> Thanks ikonia
<K4k> When creating an install disk with a ks.cfg file. Is it possible in the %packages section to somehow tell the system to install all normal packages and then just specify the individual packages you specifically need to apt-get install in addition?
<muszek> hi... I'm running Nginx and PHP on my computer.  Today update manager told me there's a few php5* packages to be upgraded.  But along with this upgrade it wants to install a bunch of Apache packages... I don't run apache and don't want it installed... what gives?
<smoser> SpamapS, that bug make sense? the same basic issue is present in failsafe.conf
<SpamapS> smoser: totally makes sense
<SpamapS> smoser: seems like that shouldn't be on the console
<smoser> is there a way to gracefully be terminated? so that init would'nt output such a scary message?
<SpamapS> seems like it should be lowered to 'info' priority. Who cares about the TERM?
<SpamapS> it is being "gracefully" terminated
<SpamapS> by upstart is all
<SpamapS> smoser: anyway, I'm running off to lunch, bbiab. Agreed that it should be solved. Not sure exactly how though.
<SpamapS> smoser: IMO thats a bug in upstart
<smoser> yeah, i agree.
<smoser> fwiw, SpamapS you have mixed tabs and space in failsafe.conf
<matt_keys> back, can't remember who I was helping earlier
<arussel> I've configured postfix to forward mail to an smtp server following: https://help.ubuntu.com/community/GmailPostfixFetchmail I'm not using gmail as a server, but I've  been using my own mail server
<arussel> when I test the setting with "sendmail -bv me@gmail.com"
<arussel> I don't have any error but I get the message "Mail Delivery Status Report will be mailed to <ubuntu>."
<arussel> and ubuntu does get a mail in its mailbox on the server
<arussel> telling that delivery to was OK
<arussel> the problme is I've got nothing in my mailbox at gmail.
<arussel> Where should I start looking to fix this ?
<derpyderp> hi! is it normal that i get the message "--libvirt command not found; --addpkg command not found" when trying to run the vmbuilder command in the jeos-and-vmbuilder page? i can boot the image and login, but there are no packages created, i dont have grub and apparently nothing on he disk...
<uvirtbot> New bug: #1015294 in samba (main) "package samba 2:3.6.3-2ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/1015294
<Aaton> roaksoax: tried your preseed/late_command method. it did not fix the problem I was having where the debian-installer does not reboot. d-i finished the late_command and then tried to reboot but doesn't. then runs the late_command again which fails.
<Aaton> have to cold reboot the system
<derpyderp> anyone?
<miceiken> Hi.
<miceiken> Virtual packages like 'gitosis' can't be removed <- what does this mean? how do I remove it
<lifeless> you can't, because its not installed
<lifeless> some other package is installed, which is providing it.
<lifeless> This is crazy UI wise, sure, but it is what it is :)
<miceiken> ah thanks lifeless
<miceiken> while i have you here
<miceiken> insserv is installed, but when I use it it says command not found
<derpyderp> let me rephrase my question: i need to create custom VM images, and im trying to do so via the bash script provided in the JeOS and vmbuilder page in the ubuntu website. however, i get three error messages when the process is complete: --libvirt =qemu:///system command not found, --addpkg command not found, --addpkg command not found" :|
<derpyderp> actually it says "--libvirt=qemu:///system: No such file or location", plus the other two --addpkg command not found, my bad
<roaksoax> Aaton: is it possible for you to show me the syslog of the installtion process?
<Aaton> roaksoax: sure once the system comes back up I'll grab it from /var/log/installer/syslog
<uvirtbot> New bug: #1015311 in clamav (main) "package clamav-base  not installed  failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015311
<hallyn> stgraber: d'oh, src/lxc/tests is empty in your bzr branch :)
<hallyn> stgraber: and IIUC lxclock.h and lxccontainer.h will no longer be exported to /usr/include/lxc
<stgraber> hallyn: what?
<hallyn> nm, i'm an idiot
<stgraber> root@python-lxc:~/lxc-api-and-python# ls src/tests/
<stgraber> containertests.c  locktests.c  Makefile.am  startone.c
<hallyn> (quilt patches were not applied)
<stgraber> oh yeah, you need to fight with quilt as usual ;)
<hallyn> well it seems like policy has changed - i thought bzr used to keep the patches applied <shrug>
<stgraber> I usually fight until the point where "bzr st" looks reasonable, then look at the code ;)
<stgraber> well, they definitely are applied in the branch
<stgraber> root@python-lxc:~/lxc-api-and-python# bzr revno
<stgraber> 120
<stgraber> root@python-lxc:~/lxc-api-and-python# bzr st
<stgraber> root@python-lxc:~/lxc-api-and-python#
<hallyn> really???  try a clean fetch
<hallyn> bzr branch lp:~ubuntu-lxc/ubuntu/quantal/lxc/lxc-api-and-python
<hallyn> cd lxc-api-and-python; quilt ap
<stgraber> hallyn: hmm, let me try to convince LP that what I have locally is right :)
<stgraber> hallyn: gah, my bad, didn't push at the right place, that's why it's all broken...
<stgraber> hallyn: should be good now
<hallyn> i should re-fetch?
<stgraber> yeah
<hallyn> i'll wait until i finish writing my testcase and then just copy that over
<hallyn> thanks
<stgraber> >>> test.start(cmd=["/sbin/init", "--debug"])
<stgraber> True
<stgraber> hallyn: ^ I have support for the *args => char** in my local branch now too
<stgraber> hallyn: still need to fix the refcounting/memory management part of that hack though :)
<hallyn> stgraber: cool
<hallyn> stgraber: I'm going to suggest that container->destroy() doesn't need to try and stop the container, that is, it'll jsut fail if the container is running, and caller can sto pit if need be?
<hallyn> (lemme know if you disagree)
<stgraber> hallyn: that's what my python function does at the moment (throw an exception if the container is running), so WFM
<hallyn> great
<stgraber> hallyn: just checking, the container name is mandatory and can't be set after lxc_container_new()?
<hallyn> stgraber: correct
<hallyn> idea would be to use lxc-clone to get one with a new name
<hallyn> of course, you can cheat and just set c->name :)
<hallyn> why do you ask?
<hallyn> destroytest passed, yay.  now the tough part, create :)
<hallyn> stgraber: do you think it should b set-able?
<hallyn> (this of course shoudl be reminding me that we need clone still...  but i'll wait until someone asks for it)
<stgraber> hallyn: wanted to check that my current implementation of .name being read/only was correct and for some reason I don't currently enforce a name to be passed to Container(), fixing that now
<blendedbychris> cna i resize a partition of a drive that is mounted?
<hallyn> stgraber: what did you think about whether c->create(c) should save the config to disk?
<hallyn> i suppose it should
<stgraber> hallyn: I just pushed a small debian/rules change to match your introduction of another test binary and I also pushed an update python binding including the switch to the new liblxc destroy()
<stgraber> hallyn: I think it'd make sense for it to save the current config yeah
<stgraber> hallyn: so I guess you'll need to implement save_config() first ;)
<hallyn> drat
<stgraber> >>> test.destroy()
<stgraber> lxc_container: No such file or directory - failed to open freezer for 'test'
<stgraber> False
<stgraber> hallyn: ^ did I miss something?
<stgraber> hallyn: oh, my bad ;) wrong mapping
<hallyn> phew
<stgraber> works fine now ;)
<stiv2k> i am having problems with ecryptfs
<stiv2k> trying to run ecryptfs-umount-private
<stiv2k> i keep getting this
<stiv2k> fopen: No such file or directory
<stiv2k> fopen: No such file or directory
<stiv2k> Cannot chdir into mountpoint.
<stiv2k> any idea?
<tyhicks> stiv2k: Lets get the obvious question out of the way first... is your ~/Private directory actually mounted?
<tyhicks> stiv2k: Take a look at /proc/mounts to verify that it is currently mounted.
<AceFace> hello all!
<AceFace> im looking for help configuring a startup script, would anyone be willing to help?
<SpamapS> AceFace: can you be more specific?
<stiv2k> tyhicks i fixed it
<tyhicks> stiv2k: good to hear
<stiv2k> tyhicks i was running the command as sudo when i shouldnt have been
<stiv2k> tyhicks i had to uninstall and disable the encryption because the web site hosted on that user's account would only work when he was logged in
<stiv2k> otherwise it couldnt see any of the files
<AceFace> SpamapS:
<AceFace> SpamapS: sure
<AceFace> i have a script that i want to execute at bootup (script located here: http://pastebin.com/hxk4fwVD ) and this script is supposed start a service called connection manager (binaries located here: http://download.igniterealtime.org/connectionmanager/connection_manager_3_6_3.tar.gz ) so i extracted the folder "connection_manager" to /opt , to see directory structure please look inside the tarball. ive tried a few things and i just cant make the scri
<SpamapS> AceFace: chopped at 'just cant make the scri'
<tyhicks> stiv2k: Right. You've got to enter some type of secret to provide an encryption key.
<tyhicks> (the login password decrypts the encryption key, in this case)
<AceFace> ive tried a few things and i just cant make the script start at bootup. does anyone have any suggestions?
<SpamapS> AceFace: you don't say what you've tried
<AceFace> ok, ive tried copying the script located at /opt/connection_manager/bin/cmanager.sh to /etc/init.d/conmgr.sh
<SpamapS> AceFace: the simplest thing would probably be to make an upstart job.. http://paste.ubuntu.com/1050091/ .. put that in /etc/init/cmanager.conf ..
<AceFace> then doing sudo chmod +x /etc/init.d/conmgr.sh
<SpamapS> AceFace: init.d's shouldn't have .sh suffixes
<SpamapS> AceFace: they also need to take start/stop arguments
<AceFace> oh...
<AceFace> shows how much i know! haha
<rockets> Is the final version of server 12.10 going to have apache 2.4?
<AceFace> i will try your given paste and report back in a few minutes
<SpamapS> AceFace: this is actually better http://paste.ubuntu.com/1050095/
<AceFace> SpamapS: what the difference between adding "post-start" and not?
<uvirtbot> New bug: #1015337 in clamav (main) "clamav-base fails configure with `/usr/share/doc/clamav-base/examples/main.cvd': No such file or directory" [Undecided,New] https://launchpad.net/bugs/1015337
<AceFace> SpamapS: please take a look, is this what you mean?: http://img.ctrlv.in/4fe10c29022c9.jpg
<SpamapS> AceFace: first one is just a bit more "hacky" .. the second one will work more reliably if you, say, go to single user mode and come back
<SpamapS> AceFace: yes that screenshot looks good
<SpamapS> well except the theme on those windows.. ;)
<SpamapS> that looks like a prison
<AceFace> then after making /etc/init/cmgr.conf i then can reboot and expect the "conf" script to start /opt/connection_manager/bin/cmanager.sh ?
<AceFace> well, the workstations in the office are all MS windows, whereas the server rack is ubuntuserver located in a locked room
<AceFace> so i putty into the rack...
<SpamapS> AceFace: yeah should work fine
<SpamapS> \o/
<SpamapS> Openstack summit in San Diego
<SpamapS> *woot*
<AceFace> SpamapS: i really appreciate your help, but the service doesnt seem to start
<AceFace> do i have to chmod +x the /etc/init/cmgr.conf ?
<AceFace> if you look here http://pastebin.com/wWskn4MW i have to normally cd /opt/connection_manager/bin/ and then do ./cmanager.sh to make the program work
<SpamapS> AceFace: no
<SpamapS> AceFace: ahh, add a new line    chdir /opt/connection_manager/bin
<AceFace> ok, me being new to linux, i figured i  needed to make the script change paths, but i didnt know what to say to explain such a thing
<AceFace> i will try it
<AceFace> SpamapS: !!! SUCCESS!!!!
<AceFace> thank you very very much
<AceFace> i would paypal you a couple bucks to show my appreciation
<AceFace> but i guess thats a practice usually frowned upon
#ubuntu-server 2012-06-20
<uvirtbot> New bug: #1015348 in openssh (main) "openssh-server package does not start sshd on a live CD boot" [Undecided,New] https://launchpad.net/bugs/1015348
<uvirtbot> New bug: #1015350 in openvpn (main) "openvpn connection start successfully, and fail in ~ 2 minutes" [Undecided,New] https://launchpad.net/bugs/1015350
<uvirtbot> New bug: #1015359 in clamav (main) "package clamav-base 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 1015337)" [Undecided,New] https://launchpad.net/bugs/1015359
<uvirtbot> New bug: #1015361 in clamav (main) "package clamav-base 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1, fails to install and uninstall. i believe i have been attacked, also getting system error notifications" [Undecided,New] https://launchpad.net/bugs/1015361
<erichammond> utlemming, smoser: I'm starting to use AWS CloudFormation but it looks like the Ubuntu AMIs do not include the cf-* command line tools for startup hooks.  Are there plans to add these or should I submit a request through launchpad?
<agc93> on a default 12.04 x64 installation, what gets stored in /srv/ ?
<erichammond> agc93: Based on the spec (and my experience with 12.04) I believe /srv/ should be empty by default.  It's there for the stuff that the end user wants to store on the server.
<agc93> sweet. And where are OpenLDAP schemas stored by default? I'm having trouble finding it in the docs
<agc93> wait, nevermind I think its in /etc/ldap
<erichammond> http://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/srv.html
<erichammond> sounds like distros are allowed to put things in /srv/ but I haven't seen Ubuntu do it on the base installs.
<patdk-lap> hmm, something I installed used that
<patdk-lap> think it was one of the tftp servers
<twb> erichammond: Debian policy compliant packages MUST NOT place any files in /srv
<patdk-lap> what about making folders?
<patdk-lap> tftp used to make /srv/tftpboot
<patdk-lap> can't remember if that is new, or old
<patdk-lap> as I still use /var/lib/tftpboot
<twb> I think it's allowed if you do it in the postinst
<patdk-lap> I just remember taking awhile figuring out why /var/lib/tftpboot wouldn't work :)
<agc93> if you needed to (dont ask why, its an odd setup), you could always symlink /var/lib/whatever to /srv/whatever couldnt you?
<twb> agc93: he just hadn't diagnosed the issue at the time
<patdk-lap> I could have
<patdk-lap> but I just edited /etc/default/tftpd
<agc93> yeah, i meant hypothetically. You were saying packages aren't allowed to install in there, but if I wanted something in there, i could symlink it couldnt I?
<twb> agc93: packages aren't allowed to, but sysadmins are
<agc93> ah right. Cool.
<uvirtbot> New bug: #1015369 in mailman (main) ""IOError: [Errno 32] Broken pipe" on start when many lists are present" [Undecided,New] https://launchpad.net/bugs/1015369
<uvirtbot> New bug: #1015365 in clamav (main) "package clamav-base 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 1015337)" [Undecided,New] https://launchpad.net/bugs/1015365
<blendedbychris> guys in general is it easier to chroot or setup something like vsftpd/proftpd?
<blendedbychris> chroot sftp that is
<twb> You want chrooted sftp?
<twb> blendedbychris: ^
<ubuntucloud227> noob question: can I host a production Ubuntu cloud on ESXi?
<blendedbychris> twb: wellâ¦ i just want to figure out a good way to give a specific group of users access only to a few dirsâ¦ i was going to chroot them and use sftp
<blendedbychris> and symlink the dirs in
<blendedbychris> or even mount
<blendedbychris> bah google fails heh â¦ it was like "proftpd" can be used for ln -sâ¦ baloney
<blendedbychris> still ahve to use mount --bind
<twb> blendedbychris: chrooted SFTP is very easy.  However note that SFTP is not FTP.  SFTP is part of SSH, *not* vsftpd or proftpd
<blendedbychris> right
<blendedbychris> i think sftp might be easier to setup considering i don't have to add addition certs
<twb> http://paste.debian.net/175387/
<patdk-lap> certs? using ftps is near impossible, even if you have a cert
<twb> Yes, do not do FTP or FTPS ever.
<twb> http://mywiki.wooledge.org/FtpMustDie
<twb> blendedbychris: see my paste
<blendedbychris> don't newer openssh versions do better than what you pasted twb?
<twb> AFAIK no, all of those are important for a locked-down SFTP service
<twb> In *older* SSH it was a lot more difficult
<patdk-lap> well, depending on what your doing, it's still hard
<patdk-lap> my users can't take advantage of the new ssh config to chroot
<twb> patdk-lap: why not?  Because they're on hardy?
<patdk-lap> no
<patdk-lap> cause it's a group issue
<patdk-lap> they all don't belong to a common group
<patdk-lap> I want a chroot *all* option
<blendedbychris> why isn't there an cond.d in /ssh
<twb> patdk-lap: add them all to a new group
<twb> blendedbychris: because openbsd devs are dumb
<twb> blendedbychris: it annoys me a lot with ssh_config
<blendedbychris> does that allowgroups interfere with ful acces?
<patdk-lap> twb, not easy
<twb> blendedbychris: well you also want AllowGroups root or something
<twb> blendedbychris: so you can still SSH in
<twb> patdk-lap: you might be able to have multiple match groups to say "chroot everyone, but don't chroot root"
<blendedbychris> getting "Could not open channel (Closing all channels)."
<patdk-lap> twb, would be ideal
<blendedbychris> i just dumped what you gave me at the end of sshd_config
<patdk-lap> it's just I have 30k users
<twb> patdk-lap: you would have to do some experimenting
<blendedbychris> on wait i didn't change your subsystem
<twb> patdk-lap: http://cyber.com.au/~twb/.ssh/config has some notes about how ssh does matching
<twb> blendedbychris: you should UNDERSTAND the changes
<blendedbychris> oddly still same error
<blendedbychris> penSSH_5.9p1 Debian-5ubuntu1, OpenSSL 1.0.1 14 Mar 2012
<twb> blendedbychris: what is this channel business... are you getting this from the sshd logs?
<twb> openssh 5.3 here
<blendedbychris> do i have to use syslogs?
<twb> Well, yes, normally you would be looking in /var/log/syslog and /var/log/auth.log
<twb> If you have changed that, then obviously you should know where to look
<blendedbychris> Jun 19 22:22:22 gva-web-1 sshd[5480]: fatal: bad ownership or modes for chroot directory "/home/uespinoza" << guessing it can't be user writable
<blendedbychris> or needs to be owned by root?
<blendedbychris> dar
<blendedbychris> can you use âbind to force permissions and ownership?
<blendedbychris> that looks epically complex .. http://wiki.lapipaplena.org/index.php/How_to_mount_SFTP_accesses
<twb> What does ls -ld /home/uespinoza look like
<uvirtbot> New bug: #1015378 in clamav (main) "package clamav-base 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015378
<blendedbychris> twb: dunno i ended up doing âbind :P
<blendedbychris> twb: so Subsystem sftp /usr/lib/openssh/sftp-server << why do i have to do "internal-sftp" ?
<blendedbychris> also do i have to do the allowgroups?
<twb> Because otherwise it won't work
<twb> internal-sftp is built into the sshd binary, so it remains accessible after chroot(2)ing.  This is not the case for external binaries like /usr/lib/openssh/sftp-server
<blendedbychris> twb: later versions must work
<blendedbychris>  /usr/lib/openssh/sftp-server != /usr/lib/openssh/sftp-server.sh (lucid)
<blendedbychris> precise works without that
<twb> Whatever
<twb> The approach I described works for me on lucid.
<patdk-lap> heh? I have no sftp-server.sh in a default lucid install
<blendedbychris> ya lucid is #Subsystem sftp /usr/lib/openssh/sftp-server.sh
<patdk-lap> that must be someones hack at external chroot support
<blendedbychris> oh maybe haah
<blendedbychris> probably mine
<patdk-lap> that isn't lucid
<blendedbychris> ages ago
<twb> I agree w/ patdk-lap
<patdk-lap> that is just so wrong
<blendedbychris> so do you two rely on sticky bit to keep perms?
<patdk-lap> hmm?
<patdk-lap> sticky doesn't keep perms, it overrides them
<blendedbychris> well that heh
<blendedbychris> overriding the group perm to always be writable?
<blendedbychris> or rather group?
<blendedbychris> so the mount âbind doesn't allow write
<hallyn> stgraber: hm, as i'm finishing up the code to write out lxc config (holy tedium, batman) i think i spot a bug in src/lxc/conf.c - inet_ntop(AF_INET, netdev->ipv6_gateway, buf, sizeof(buf));
<hallyn> assume that should be AF_INET6
<hallyn> course i'ts just in a rare error reporting case...
<blendedbychris> twb: are you able to do ls -sd with sftp?
<twb> No, because it's SFTP
<blendedbychris> okay âbind is my next option but it wont write :|
<twb> I don't know what you're talking about wrt -bind
<blendedbychris> mount âbind /var /foo
<twb> Uh, what?
<twb> What does mount have to do with any of this
<blendedbychris> i'm trying to mount /var/www into that users dir
<twb> Don't
<blendedbychris> okay what else can i do?
<twb> Chroot them into /var/www instead
<blendedbychris> wrong ansewr
<blendedbychris> haha
<twb> Why is it wrong?
<uvirtbot> New bug: #1015386 in clamav (main) "package clamav-base 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015386
<blendedbychris> well really i want to mount /var/www/foo and /var/www/bar in the dir
<blendedbychris> as baz is not theirs
<twb> So move them to /srv/www/<user>/foo and /srv/www/<user>/bar, chroot them into /srv/www/<user>, and tell apache to expose those dirs accordingly
<twb> Rather than just telling apache to serve /srv/www as a unit and then trying to make the directory structure exactly match the desired http structure
<blendedbychris> well that's annoying
<twb> What I do is give users a forced command rrsync [sic] key-based root SSH access
<twb> I grant that this is suboptimal
<patdk-lap> hmm, why not just leave user stuff in their home dir?
<patdk-lap> then just symlink it
<patdk-lap> ln -s /home/<user>/public_html/ /var/www/<user>/
<patdk-lap> or whatever
<twb> patdk-lap: you don't need a symlink, at least under apache
<patdk-lap> well, if you have apache virtualhost using that folder directly
<twb> But I assumed he was doing something like "give the web dev access to /srv/www/<product>"
<blendedbychris> well more likely it' be /srv/group/foo
<twb> patdk-lap: /etc/apache2/userdir.conf is what I was thinking of
<blendedbychris> not a fan of that though
<blendedbychris> i'm used to this structure â¦ /srv/http/domain.tld/subdomain
<blendedbychris> so now i have to do something weird to accommodate sftp permissions.
<patdk-lap> I don't like userdir
<twb> patdk-lap: any particular reason?
<patdk-lap> ~user is annoying :)
<twb> Ha
<blendedbychris> you guys think it might be possible to chroot them to /srv/http and rely on permissions?
<blendedbychris> (hate the room for error there)
<twb> Well, why are you chrooting them at all?
<twb> What attack are you guarding against?
<blendedbychris> they just don't need read access to the other sites
<blendedbychris> or write
<blendedbychris> why doesn't âbind work :(
<twb> Well for one thing it's --bind
<blendedbychris> my client keeps converting it to a &mdash;
<blendedbychris> so bite me :P
<blendedbychris> now it seems to work :|
<blendedbychris> the - - bind
<blendedbychris> whatever :)
<blendedbychris> thanks for the help guys
<uvirtbot> New bug: #1015390 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015390
<Corey> Wheeeeeee packaging.  NEVER again. *shudder*
<uvirtbot> New bug: #1015405 in clamav (main) "ClamAV error: CL_EFORMAT: Bad format or broken data" [Undecided,New] https://launchpad.net/bugs/1015405
<kblin> morning folks
<kblin> I'm currently trying to debug an application crash in swat reported by one of our users. I fail to get debugging symbols for the binary though..
<kblin> what's the trick on using the -dbg package?
<uvirtbot> New bug: #1015414 in clamav (main) "package clamav-base 0.97.3+dfsg-2.1ubuntu1 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/1015414
<uvirtbot> New bug: #1015429 in clamav (main) "package clamav-base 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015429
<th0mz> any1 using opendedup ?
<twb> Never heard of it.
<twb> Heh, it needs 250MB of RAM per TB of data being dedupped
<twb> No worse than ZFS I suppose
<th0mz> twb: http://opendedup.org/
<twb> th0mz: looks like it's written in java.  Automatic fail in my book
<th0mz> hÃ©hÃ©
<th0mz> :)
<th0mz> and using fuse
<twb> Well fuse is not surprising
<twb> If your choices are using fuse or having a java developer try to write kernel code, fuse is clearly the better choice
<excalibr> How do you crate a new route table?
<excalibr> create*
<twb> http://paste.debian.net/175422/
<twb> Names tables go in /etc/iproute2/rt_tables; otherwise you can simply refer to them by number
<excalibr> oh must manually edit the file to add/del table?
<uvirtbot> New bug: #1015466 in clamav (main) "package clamav-base 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015466
<arussel> I've lost the partition on which I had an empty postgres db, usually found in postgres/9.1/main
<arussel> how can I recreate those file ?
<twb> arussel: lost it how
<twb> arussel: if you haven't written over that part of the disk, just add the partition back into the partition table and it should reappear
<arussel> I move it from /var/lib/postgresql/ ... to /mnt/postgresql on a differnt volume
<arussel> the volume died
<arussel> twb: no, I lost eb
<arussel> s
<twb> Of course you have been backing up your postgres database regularly, right
<twb> So start restoring from backup
<arussel> once again, this is an empty db, I just want to get the default files from the ubuntu package
<arussel> I can restore from a dump
<twb> Oh, I missed that
<twb> I supopse the easiest way would be to purge and reinstall
<arussel> if hte files have been changed it will keep them, but if it was removed it will re-create ?
<arussel> purge tries to stop postgres that fails because of the missing files => purge is cancelled
<twb> Well I would brute-force that by hacking the shit out of the .prerm
<twb> But I am not officially recommending that because you can make it worse
<arussel> I could purge but reinstall doesn't recreate the 9.1/main cluster
<twb> reinstall without purging generally doesn't recreate deleted stuff
<twb> But I am no expert; someone else might know better
<twb> *I am no postgres expert
<Womkes> When I use virt-manager to connect to one of my Ubuntu KVM hosts I cannot see the network interfaces listed. I have to enter a interface name manually when creating a VM with "br0". This works fine as far as I can tell but it would be nice to have virt-manager working properly. I dont have this issue with CentOS KVM hosts.
<Womkes> Any idea why and how I can fix this?
<Womkes> Hmmm
<Womkes> is it this bug? https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/520386
<uvirtbot> Launchpad bug 520386 in libvirt "libvirt-bin hypervisor does not support virConnectNumOfInterfaces / unable to create domain with virt-manager using network bridge" [Medium,Confirmed]
<Womkes> Thanks bot, you are so awesome
<thisismyname> got some problems with KVM here
<thisismyname> i want to assign a virtual machine to a harware NIC
<thisismyname> like it's shown here:
<thisismyname> http://www.linux-kvm.com/content/using-bridged-networking-virt-manager
<thisismyname> but my virt-manager (version 0.9.1) doesn't have the option "Shared Physical device"
<thisismyname> do i have to compile something special??
<thisismyname> i cloned the git repository... but the option is still not available
<thisismyname> by cloning i mean, downloading and copmpiling it
<thisismyname> i even tried 2 different distributions Fedora and Ubuntu... the option is not available in both
<patdk-lap> it depends on your hardware
<patdk-lap> what motherboard/cpu are you using?
<thisismyname> cat /proc/cpuinfo http://pastebin.com/xxcbMGCB
<thisismyname> it's a gujisu server... u need more information?
<thisismyname> funjitsu
<RoyK> thisismyname: I think that server may run a bit better without ht
<RoyK> (not related to your question, though)
<thisismyname> why that? i want to do lots of virtualized machines
<thisismyname> so, lots of different threads
<thisismyname> i thought thats perfect for hyperthreading
<RoyK> thisismyname: hyperthreading may be better, but then, it may not. the linux scheduler may, in many cases, be better than the in-cpu-scheduler. the hyperthreading creates two (or more) logical cpus per core, and effectively reduces the amount of cache available to each of them for that reason
<RoyK> thisismyname: IIRC the best game for hyperthreading is large amounts of threads handling small amounts of data, like (maybe) an email or web server
<RoyK> for compute nodes, hyperthreading is rather worthless
<Defusal> hi everyone
<Defusal> putting "kernel.isolcpus = 2-7" in my sysctl.conf and rebooting does not have any effect
<Defusal> and "cpuset" says command not found
<Defusal> so how can i force the system to not run processes on most of the servers cores?
<patdk-wk> thisismyname, maybe http://www.linux-kvm.org/page/How_to_assign_devices_with_VT-d_in_KVM looking at step 3
<Defusal> $ cset
<Defusal> ...
<Defusal> ImportError: No module named cpuset.main
<Defusal> can anyone help please?
<Daviey> hallyn: Morning, qemu-kvm is trying to pull in usbredir..  it needs a MIR or dropped. :)
<hallyn> hm.  i swear i checked every dep
<hallyn> gah
<hallyn> comes from spice package.  will drop.  thx
<Daviey> hallyn: hmm, looking at the diff.. + libusbredirhost-dev, does seem to be a new build-depends
<hallyn> yup, didn't exist in p
<hallyn> i'm just trying to see just how useful it is.  seems like something jdstrand would want :)
<hallyn> but i really don't like that it comes from the spice page, and shares an author
<Daviey> hah
<hallyn> Daviey: I suspect this is useful enough we'll be wanting an MIR, maybe even this cycle if possible.  But for now, I've pushed a new build removing it.  thanks.
<stgraber> hallyn: that does look wrong indeed ;) I'm using ipv6 with my containers but never used lxc's static assignation variables so never hit that bug
<Daviey> hallyn: super, thanks
<K4k> Hi, I was wondering if someone could help me figure out what I've done wrong with my ks.cfg file. I've re-spun my ISO to include a ks.cfg file in the root directory and modified /isolinux/txt.cfg to add the additional boot option which includes the ks=ks.cfg line. It boots without an issue but it only boots to the initramfs prompt...
<smoser> erichammond, is that 'cf-*' ? or cfn-* ?  ie, what tools were you expecting would be there?
<smoser> aws-cloudformation-cli ? http://aws.amazon.com/developertools/2555753788650372 ?
<hallyn> stgraber: i pushed save-config support last night.  not sure if you noticed the commit msg, but i'm worried about the personality (lxc.arch) support wrt arm
<hallyn> all lxc stores is PER_LINUX or PER_LINUX32, and lxc.conf just reds x86 for PER_LINUX32 and x86-64 for PER_LINUX
<hallyn> well, i guess if it is a problem i'll just have to update the core personality code in lxc.  nm, no sense fretting
<stgraber> yeah, IIRC arm doesn't have personalities, it's an x86 spcific weirdness
<hallyn> my fear is,
<hallyn> oh wait
<hallyn> no yes.  my fear:  32-bit arm leaves personality 0 (PER_LINUX) and users don't write lxc.arch, so it all just works.  but, then they use api->save_config;
<hallyn> it sees PER_LINUX and writes lxc.arch = x86-64.  next reader gets confused :)
<thisismyname> patdk-lap, thanks... gotta have a look
<thisismyname> patdk-lap, no... that's not the problem
<hallyn> i guess it's all too magic to me (i.e. diff between PER_LINUX_32BIT and PER_LINUX32)
<patdk-wk> hmm
<hallyn> Daviey: drat, something went wonky with qemu-kvm build/versioning
<Daviey> hallyn: looking
<hallyn> eh waht, we have powerpc builds again???
<hallyn> (separate issue but i'll need to address that)
<stgraber> hallyn: hmm, yeah, I can see this being a problem... how difficult would it be to make save_config() never write a "default" value to the file?
<hallyn> oh drat
<hallyn> stgraber: the problem is we don't know if we need a default or not.  whic his why core will need to be updated
<hallyn> Daviey: got it now the problem is with the kvm virtual package.  sigh.
<stgraber> hallyn: right, having something clean in core would be nice. For lxc.arch itself, we should only write it if it's != 0
<hallyn> stgraber: but what exactly does == 0 mean?  if you move a 64-bit continer rootfs from 64-bit to 32-bit host, does 0 mean something different?
<hallyn> (I assume personality is 0 in 32-bit-on32-bit and in 64-bit -on-64-bit)
<hallyn> (maybe not)
<Daviey> hallyn: so you are building 'kvm'
<hallyn> Daviey: i need to figure out how to reproduce the dh_gencontrol crap for kvm in the new rules file
<hallyn> :(
<Daviey> hallyn: what isn't clear to me, is why you are hitting this now, but not previously
<hallyn> can i just override_dh_gencontrol?
<Daviey> your diff didn't do this.
<Daviey> hallyn: sure, you can.. but not sure that is the right fix
<hallyn> Daviey: yes it did.  it's the change in rules file (complete grounds-up change)
<hallyn> i think it is.  kvm has a different versioning scheme than qemu-kvm
<hallyn> well,
<Daviey> hallyn: ah! your prior build didn't build.. so didn't hit this
<hallyn> oh, right :)
<hallyn> you meant that diff :)
<Daviey> hallyn: So.. it's a merge issue.
<hallyn> Daviey: do you think i can get away with just not building kvm?
<hallyn> the meta-package already exists and is out there...  doesn't need to change
<Daviey> hallyn: should you be building the kvm package from this src package?
<hallyn> let's say a user does 'apt-get install kvm'.  it installs qemu-kvm bc of depends.  i don't need to push a newer kvm to depend on newer qemu-kvm (for each build) do I?
<Daviey> no
<hallyn> stgraber: in a bit i'll do some experiments to get my bearings around what personality values are valid...
<Daviey> hallyn: I haven't dug into this.. but this is myu understanding..
<Daviey> Debian builds a kvm package from qemu-kvm
<Daviey> we build a kvm package from a seperate source package, as a meta package
<stgraber> hallyn: hmm, yeah, it's annoying ;) so moving a 64bit container to a 32bit host won't work as you need a 64bit kernel for it to boot but moving a 32bit container from a 64bit host to a 32bit host will make it have the i386 personality in the config file, that'd map to 1 but won't exist as 32bit doesn't have personalities
<hallyn> Daviey: no
<Daviey> hallyn: I thought that was the resolution we came up with last cycle?
<hallyn> Daviey: we always built kvm from qemu-kvm, but debian/rules had two dh_gencontrol lines to change version on kvm
<hallyn> Daviey: oh, maybe i misunderstood.  if you'res saying that is waht we *should* do, we can...  but it's not something we ever did in the past
<Daviey> hallyn: kvm is just a meta package, no?
<hallyn> yup
<Daviey> hallyn: yeah, i thought we discussed this last cycle.. maybe we didn't complete it.
<hallyn> if we did, it went over my head
<hallyn> but again, if two dh_gencontrol lines fix it without a new source package, then why not?
<Daviey> hallyn: if that fixes it, then it seems the cheapest fix.
<hallyn> ok lemme try
<Daviey> hallyn: i'm interested in what your 2 lines say.
<Daviey> hallyn: if your two lines create a lie, then it seems nastier IMO.
<hallyn>         dh_gencontrol -s -Nkvm
<hallyn>         dh_gencontrol -pkvm -- -v1:84+dfsg-0ubuntu16+$(debsrc_ver)+$(debian_rev)
<Daviey> hallyn: it seems hard to document why the heck that version number exists by that.. but perhaps less overhead.
<hallyn> Daviey: well it came from the switch from upstream kvm to upstream qemu-kvm.  remember they used to have version numbers like 66,67, etc
<hallyn> then they switched to qemu-kvm-0.x
<hallyn> Daviey:  can you kick the current -ubuntu2 qemu-kvm source pkg so i can re-use that version #, or shall i bump the version?
<hallyn> stgraber: 32-bit doesn't have personalities?
<hallyn> i thought sunos/irix etc personalities long pre-dated 64-bit
<stgraber> hallyn: well, it might have personalities but only have a single one as it's not technically able to run something else than 32bit
<Daviey> hallyn: no, the source package is published, so need to bump revision regardless
<stgraber> I'd have to check the code again, last I poked at this was during our sprint last year ;)
<hallyn> Daviey: ok, thx
<hallyn> stgraber: do you have an arm box handy, where you could compile+run http://people.canonical.com/~serge/getpers.c ?
<stgraber> hallyn: sure
<stgraber> root@delmak:~# ./getpers
<stgraber> personality is 8388608
<stgraber> hallyn: ^
<hallyn> eh hrm?
<hallyn> what if you change the printf to '%u' from '%d' ?
<hallyn> (though i think it's only char, not int, that becomes unsigned on arm)
<stgraber> same thing
<hallyn> hm
<hallyn> that's FDPIC_FUNCPTRS
<hallyn> heh, or just ADDR_LIMIT_32BIT
<hallyn> stgraber: nm, i was wrong about the lxc code.  it initializes pers to -1, so we're goot.
<hallyn> i'll fix it in your branch in a bit (once i'm over qemu killing me)
<stgraber> ok :)
<hallyn> stgraber: in a debian/rules file, will ifeq ($(DEB_HOST_ARCH_CPU),arm always be true for all arm arches?
<stgraber> hallyn: it at least seems to work on armel and amrhf, not sure that'll be true for arm64
<stgraber> (but we don't care yet)
<hallyn> great, thanks.  will suffice for now
<hallyn> Daviey:  weren't ppc builders offline last cycle?  is their being up a new thing?
<Daviey> hallyn: no, powerpc was on last cycle.
<Daviey> hallyn: a powerpc build failure, isn't a release blocker.
<Daviey> hallyn: qemu-kvm did build fine in precise, https://launchpad.net/ubuntu/+source/qemu-kvm/1.0+noroms-0ubuntu13
<hallyn> Daviey: yeah but it disabled kvm acceleration
<Daviey> hallyn: right, but the fact that the package is failing in quantal for armel, armhf and powerpc, when in precise it worked.. probably should be investigated :)
<hallyn> i'm not sitting here twiddling my thumbs
<hallyn> (the arm is fixed in my local pkg, jsut looking into ppc to see if i can get the built to succeed with --enable-kvm, as i know some folks would like that)
<hallyn> stgraber: actually i guess what i pushed last night should do the right thing!  have you run that branch on arm at all?
<stgraber> hallyn: nope, not yet. Busy writting meeting minutes and will then have a team meeting... but should have some time to test it later this morning
<uvirtbot> New bug: #1015582 in puppet (main) "package puppetmaster-passenger 2.7.11-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015582
<hallyn> stgraber: thanks!
<streulma> hello, I want to proxypass another url, but I have already proxypass / how can I do that ?
<hallyn> Daviey: still waiting for confirmation that ppc builds, but i'm looking at http://people.canonical.com/~serge/qemu-kvm.debdiff
<hallyn> (then hopefully i can get back to plentiful lxc work :)
<Daviey> hallyn: sorry for the interrupt :)
<CharlieSu> Hi all.  What is console-kit-daemon for?  I'm running 10.04 server w/ no graphical interface and I'm seeing this process take a lot of resources...
<hallyn> CharlieSu: 'apt-cache show consolekit' suggests it's the "we're so much cooler than our elders" utmp replacement
<CharlieSu> hallyn: do I need it though?
<CharlieSu> hallyn: I've got a server that is used as a SFTP server bigtime..  and it looks like it is slowing my computer down
<hallyn> CharlieSu: it's part of ubuntu-core, so i think so.
<hallyn> CharlieSu: but no harm waiting for someone who knows more than i to answer
<hallyn> (all i know is what apt-cache just told me)
<hallyn> then again maybe not
<hallyn> dpkg -L consolekit sure seems very system-d and X11-ish
<hallyn> <shrug> i don't know that i'd advise this, but i just did dpkg -r policykit-1 consolekit on a server, still seems ok.
<CharlieSu> hallyn: ya i disabled it on a server and it still runs.. lol
<hallyn> CharlieSu: new-fangled &^*&^*
<MarcelT3> hi. trying to get my first MaaS node installed via PXE, but i always run into 'bad archive mirror' no matter what i do. got a hit for me?
<smoser> kirkland, is ther ea way that i can create ~/.byobu ?
<smoser> i want to create it, and then disable one status update
<smoser> (via user-data so its not htere first time i run it)
<Daviey> jamespage: hey, around?
<Daviey> smoser: removing cost estimation, by chance?
<stgraber> hallyn: load_config() => save_config() => http://paste.ubuntu.com/1051146/
<stgraber> hallyn: is multiple lxc.cap.drop lines allowed/parsed properly by lxc?
<stgraber> hallyn: and do we need lxc.rootfs.mount to be stored if it's not a weird non-standard path? because it looks like I won't be able to move that container to a 32bit host without patching the config after that change...
<SpamapS> smoser: seems like byobu should have a system wide config file that you can edit first
<hallyn> stgraber: i guess i can compare lxc.rootfs.mount to the #defined one, so that is fixable
<hallyn> stgraber: multiple cap.drops are fine
<stgraber> cool
<hallyn> sigh why am i not getting cgroup-lite bug mail
<hallyn> woudl anyone here miss it if qemu-kvm were not built on arm and powerpc?  (they have always been built with --disable-kvm anyway, so you could use qemu-linaro)
<Daviey> hallyn: Is it worth revisiting if qemu-linaro and qemu-kvm can be consolidated now?
<uvirtbot> New bug: #1015678 in cobbler (universe) "Cobbler exits with status 0 when failure occurs" [Undecided,New] https://launchpad.net/bugs/1015678
<hallyn> Daviey: debian is pondering their own qemu/qemu-kvm merge.
<hallyn> i have a feeling qemu-linaro would want to be independent of debian's qemu
<hallyn> lool: ^ ?
<Daviey> hallyn: ISTR slangasek was one of the drivers for qemu-linaro... he might have useful context to see if/when they can be converged.
<hallyn> Daviey: (yeah, i should chat with him, but right now i'm still trying tom ake the package build)
<hallyn> if anyone is looking for something to do and wants to fix the two open cgroup-lite bugs, ping me.  (else i'll get to it later today)
<hallyn> ok got a build to work on ppc.  now to copy those changes back and re-test on x86...
<hallyn> seeing a lot of work being done on the debian-selinux packages.  would be great to merge those
<zul> do we care about ppc?
<hallyn> zul: at some point we will.  for now, we care enough to want the package to build
<hallyn> zul: but that was why i asked before whether we should simply not build for ppc/arm.
<zul> hallyn: heh ok
<hallyn> really rtg was asking that on #ubuntu-devel earlier too
<hallyn> i just figured i'd get yelled at by someone who has that as a crucial part of their custom server :)
<zul> hallyn: well i can see for arm yes :)
<ironm> hello. As I missed "ifenslave" and "ethtool" after off-line installation of ubuntu-server 12.04 I asked myself if there is perhaps a new way for setting interface bonding (teaming). Thank you in advance for any hints.
<hallyn> you know how that goes
<zul> hallyn: quite
<matt_keys> re
<uvirtbot> New bug: #1004373 in rabbitmq-server (main) "Please sync rabbitmq-server 2.8.2 from Debian" [Medium,In progress] https://launchpad.net/bugs/1004373
<uvirtbot> New bug: #1007139 in mcollective (universe) "Merge mcollective 2.0.0+dfsg-1 (main) from debian testing (main)" [Medium,Fix released] https://launchpad.net/bugs/1007139
<K4k> Anyone here familiar with using kickstart to automate Ubuntu installations? I've got what I believe is a valid ks.cfg file and I think I'm getting hung up with the isolinux/txt.cfg file and somehow it's not reading my ks.cfg file. I've put this in my txt.cfg line "append file=cdrom/preseed/ubuntu.seed initrd=/casper/initrd.lz ks=cdrom:/ks.cfg --"
<K4k> Does that look right or am I missing something?
<matt_keys> K4k : initrd.lz .. shouldn't that be a gz?
<K4k> matt_keys: I was looking but I don't see an initrd.gz file anywhere in the directory where I extracted the ISO contents.
<matt_keys> what about an initrd.img?
<K4k> I did a find in the iso directory for initrd.* and all it found was the lz file
<matt_keys> 12.04?
<K4k> yes
<matt_keys> matt@www:/sdb/test$ find . -name initrd*
<matt_keys> ./install/initrd.gz
<matt_keys> ./install/netboot/ubuntu-installer/amd64/initrd.gz
<K4k> :/
<K4k> that is on what 12.04 version?
<matt_keys> amd64
<K4k> desktop, server or alt
<matt_keys> server
<K4k> Would the contents be different on desktop?
<matt_keys> prolly
<K4k> That might be why then...
<K4k> I'll try doing my server cfg next
<K4k> using this ks cfg and see how far I get
<matt_keys> you can install desktop from server
<K4k> Just use the ubuntu-desktop task group I assume?
<matt_keys> yeah
<matt_keys> but i bet it's this /install/mt86plus
<matt_keys> on desktop amd64
<K4k> yup
<K4k> I've also just tried creating an auto.seed file. I might give that a shot as well and see if that works any better...
<K4k> since...you know it's native to debian and all
<matt_keys> looks like it takes about 170 minutes to mkfs.ext3oon a 250gb sata with badblocks write test
<matt_keys> 3gb/s sata
<hallyn> phew.  cgroup-lite pushed.  lunching
<matt_keys> anybody know if libvirt/qemu is running within a lxe/cgroup by default on 12.04 lts amd64?
<Qeb_user> HI, should I use '$ sudo adduser <user> sudo' or '$ sudo adduser <user> admin' to add user with sudo privalidges? I see both sudo and admin group now?!?!?!
<Nafallo> Qeb_user: sudo
<Qeb_user> ok, it used to be admin right?
<Qeb_user> or at least that's what docs said
<Nafallo> yes
<matt_keys> i don't see an admin group in 12.04, just an adm group
<matt_keys> but it's defined in /etc/sudoers.
<Qeb_user> what's the default time for .bash_history to get cleaned out, or does it keep history forever?
<matt_keys> till you history -c :)
<guntbert> matt_keys: the admin groups has been replaced by the sudo group, but remains valid for updated systems
<matt_keys> ahh
<matt_keys> Qeb_user : i take that back, history -c doesn't clear .bash_history.
<Qeb_user> matt_keys: so it'd keep it for XXXXX years, until I do that?
<guntbert> Qeb_user: no, there is a limit to the size of the file ( if I remember correctly )
<matt_keys> Qeb_user : check ~/.bashrc for HISTSIZE
<matt_keys> and HISTFILESIZE
<matt_keys> Qeb_user : don't forget to "source ~/.bashrc" after making changes.
<Qeb_user> oh ok :) cheers
<K4k> After creating a custom preseed file and setting up txt.cfg to load it I'm getting a message for "Detect and mount CD-ROM" saying "Incorrect CD-ROM detected" Is there a way to get a more detailed message as to what it's looking for and why it can't be found?
<matt_keys> dmesg?
<matt_keys> or is it getting that far?
<K4k> it's a red screen, no prompt
<K4k> it almost appears that it's not even reading my preseed file because it's still asking me half the questions
<K4k> (I'm using the alternate install cd now)
<lool> hallyn, Daviey: qemu-linaro is tracking qemu quite closely, so if Debian merges and gets closer to tip, that's all good
<lool> hallyn, Daviey: In fact, I believe we do our KVM work on top of qemu-linaro, so it would be easier for us to deal with this
<matt_keys> doesn't sound like it's loading initrd.gz
<lool> hallyn, Daviey: But we'd likely want to keep the same setup where the qemu-linaro source package provides the same bits as the qemu source package does in Debian but uses the Linaro releases as a basis
<K4k> matt_keys: I suspect you're correct, just not sure why. initrd=/install/initrd.gz -- is at the end of my append line
<adam_g> jamespage: what were you using to generate jobs based on the templates in the openstack-ubuntu-testing tree?
<matt_keys> K4k : have you had a look at this? https://apps.ubuntu.com/cat/applications/precise/system-config-kickstart/
<adam_g> jamespage: nvm, found it.
<K4k> matt_keys: yes
<K4k> I've moved away from using the ks file though
<K4k> trying to simply load my own .seed file
<K4k> which, supposedly, is the official way to do it
<matt_keys> K4k : ahh, try without the preceeding /, e.g. "initrd=install/initrd.gz
<K4k> I will try that but the default append lines show w/ a preceeding /... let see what happens...
<K4k> I'm about ready to try anything
<K4k> this is all I've been doing for two days straight now, the lines are starting to blur together if you know what I mean
<matt_keys> fo sho...
<K4k> matt_keys: without the preceeding / it fails to locate the initrd.gz
<tdn> I have a 3TB Seagate GoFlex drive attached to USB 3.0 port on Ubuntu Server 12.04 LTS. When I boot the computer after a poweroff, it come up just fine, however, if I then reboot, the USB disk does not show up in /dev nor does it show up in fdisk -l. It does show up af reboot on a Debian Squeeze server with USB 2 port. How do I make the drive "reconnect" on reboot?
<tdn> I can see the drive after reboot on lsusb and usb-devices. Output is here: http://paste.adora.dk/P2431.html   So I guess I have to send some kind of USB "wake up" command or something?
<K4k> omg, I think I found what I did wrong... didn't copy the .disk directory from the CD over to the build directory >_<
<matt_keys> hehe
<matt_keys> good indication you need a break from it :)
<K4k> yessir! It's installing now W00T
<arussel> how can I know of a partition is frozen (with xfs_freeze) or not ?
<arussel> s/of/if/
<arussel> hmm, xfs_freeze has frozen ...
<arussel> how do you kill a process when 'kill -9' doesn't kill it ?
<BinaryMaster> question I am using vmbuilder can anyone tell me what the valid flag for 12.04 is for --flavour option?
<arussel> I've tried remounting hte fs, but this hangs too.
<aFeijo> hi all, anyone uses varnish in the channel?
<nathwill> aFeijo, yep.
<aFeijo> nathwill, thanks.  I have this site where we use a cookie to save the Location of the user, how can I configure varnish to create a cache per location?
<aFeijo> nathwill, today it does not cache at all
<nathwill> aFeijo, that's a super-good question, i have never attempted something like that
<aFeijo> nathwill, yeah, tricky one!
<nathwill> https://www.varnish-cache.org/docs/3.0/tutorial/cookies.html?highlight=cookies << possibly relevant
<aFeijo> nathwill, I'm reading that page already :) varnish is quite confusing, and I'm new to it
<nathwill> other than that i'd suggest checking #varnish on irc.linpro.no
<nathwill> since your question is about varnish more than ubuntu
<nathwill> g'luck!
<sw> there's no server guide for 12.04 yet?
<TheLordOfTime> what differences would there be between 11.10 and 12.04 for the server guide?
<halvors> Hi! I'm trying to use iptables and the NAT functionallity (MASQUERADE) with the command "iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE",but when i reboot i have to run the command over again....
<halvors> I did "iptables-save". Any ideas?
<andol> halvors: Are you also using iptables-restore somewhere?
<halvors> No,
<andol> halvors: All iptables-save does it printing your iptables config to stdout, allowing to save (redirect) it to a file, which can then be loaded at boot time.
<halvors> But how do i do that+
<halvors> ?*
<andol> halvors: See https://help.ubuntu.com/community/IptablesHowTo#Configuration_on_startup for a few different ways. Partly comes down to whatever you use NetworkManager or not.
<halvors> That looks like a hackish solution to me... Is there not any simple command?
<halvors> ?
<miceiken> okay so my server wont send mails, and I'm thinking a good first step is removing all the packages that handle that. one of them is postfix?
<uvirtbot> New bug: #1015819 in cyrus-sasl2 (main) "sb_sasl_generic_pkt_length: received illegal packet length when using ldapsearch and sasl with ssl or tls" [Undecided,New] https://launchpad.net/bugs/1015819
<sw> miceiken: incorrect. 1) should be 'check logs'
<miceiken> huh?
<miceiken> is there any way i can remove ALL packages that has something to do with mail?
<miceiken> including settings
<sw> miceiken: you said that the first step to correct that would be to remove the packages. did you check the logs to find out what the actual problem is, first?
<miceiken> what logs do i check?
<sw> miceiken: your mail server logs
<miceiken> which would be where?
<sw> miceiken: wherever you set your mail server to log to, possibly /var/log/mail or /var/log/maillog
<miceiken> Jun 21 00:14:45 celeste postfix/master[10892]: fatal: bind 0.0.0.0 port 25: Address already in use
<sw> miceiken: there's your problem then
<miceiken> yeah but i have no idea how to fix it
<miceiken> what other program could be blocking it?
<sw> miceiken: there's something already using port 25, do '$ sudo netstat -lnp | grep ':25 ''
<miceiken> miceiken@celeste:~$ sudo netstat -lnp | grep ':25 '
<miceiken> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1768/sendmail: MTA:
<sw> miceiken: sendmail is already using that port then
<miceiken> okay
<miceiken> so postfix and sendmail are the same thing but different 'products'?
<miceiken> sw?
<lamont> they are both mail-transport-agents
<lamont> and conflict with each other, so if you managed to get both installed, you haven't told the packaging system what you've done
<miceiken> and which one is easiest to get up and running?
<lamont> depends.  (and I'm heads down on some other stuff right now)
<miceiken> I just need to get mail working asap :p
<miceiken> idc which one i choose
<miceiken> also how do I get rid sendmail if not through package manageR?
<miceiken> please help
<miceiken> Removing sendmail ...
<miceiken> miceiken@celeste:~$ sudo netstat -lnp | grep ':25 '
<miceiken> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1768/sendmail: MTA:
<genii-around> miceiken: "sendmail" is also a generic name for the process of sending mail. What says result of: ls -l /usr/sbin/sendmail
<miceiken> miceiken@celeste:~$ sudo ls -l /usr/sbin/sendmail
<miceiken> -rwxr-xr-x 1 root root 21856 Apr 24 15:18 /usr/sbin/sendmail
<miceiken> I think I managed to remove it now though
<miceiken> I can send mail using "sendmail <recipient>" right?
<genii-around> Did you manually install it or something, instead of using the package manager?
<miceiken> I can't recall but I usually use apt-get, yes
<miceiken> I can never imagine me installing it manually
<lamont> could be that it just didn't kill the daemon in prerm
 * lamont didn't look
<miceiken> Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 550 550 5.1.1 <admin@miceiken.net>: Recipient address rejected: User unknown in local recipient table (state 13).
<miceiken> so now I need to install that
<miceiken> what should I use? dovecot?
<genii-around> miceiken: If you have mailutils installed, you can mail like: mail -s "subject" whoever@wherever       ...then you type in the body of the message. When done, ctrl-d
<miceiken> genii-around, okay nice
<miceiken> so now I have one more question
<miceiken> I'm using mutt to read mails
<miceiken> but I receive my mails in /var/mail/<user>
<miceiken> mutt reads /home/<user>/Mail
<genii-around> There should be some mbox entry in your muttrc
<genii-around> But /var/mail/name  is where they are supposed to go.
<miceiken> sweet, seems to work now
<miceiken> thanks!
<genii-around> Work, afk
<uvirtbot> New bug: #1015828 in clamav (main) "package clamav-milter 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015828
<hallyn> stgraber: I'm going to commit a version of the create api.  If you don't like how I ended up doing the api, pls shout.  it's close to what i'd said i'd do
<hallyn> we'll probably want to add the ability to watch the progress of the template over a file or pipe...
<hallyn> pushed, ducking out for dinner soon
#ubuntu-server 2012-06-21
<uvirtbot> New bug: #1015839 in clamav (main) "clamav fails to configure after install" [Undecided,New] https://launchpad.net/bugs/1015839
<uvirtbot> New bug: #1015852 in euca2ools (main) "euca2ools upgrade failure 2.0.2-0ubuntu1 2.0.2-1ubuntu1" [Undecided,New] https://launchpad.net/bugs/1015852
<trimeta> I just put together a box and am trying to boot Ubuntu onto it. I get to the Ubuntu boot menu ("Run Ubuntu," "Install Ubuntu," "Run first HDD," "Test Memory," etc.), but when I select Run Ubuntu, the screen goes dark and nothing happens.
<trimeta> I decided to test the memory, but something weird happens: it shows the right amount of memory in the line right after the L3 Cache line, but the Settings: line is nearly empty, and it doesn't seem to be running any tests.
<trimeta> And there's no options along the bottom for escaping or configuration.
<trimeta> Esc and c do nothing.
<trimeta> And now it's not even booting off the USB...
<trimeta> Oh, wait, this is a Sandy Bridge chip. Could that be it?
<Roasted> hey fellas
<Roasted> I'm tr ying to figure out who is limiting me in this scenario. I'm transferring a 5.9GB file to my personal owncloud server on the LAN and it tanks @ 4.3GB on the nose each time. Who's limiting it? Apache? Webdav? PHP?
<patdk-lap> who knows
<patdk-lap> how are you transfering it?
<Roasted> throguh webdav in nautilus
<patdk-lap> not php then
<patdk-lap> apache/webdav or nautilus
<Roasted> kind of doubtful it's nautilus. I heard about a 4.3GB limit on google but some people were saying that was IIS related.
<Roasted> Since I'm not running IIS I wasn't sure if that would imply apache or what.
<Roasted> It doesn't help that I get an error after asying my system doesn't have enough memory to process the error to send to devs. It maxes uot all 8GB only to leave me to cancel it with no idea what happened.
<patdk-lap> heh?
<patdk-lap> apache doesn't do that
<patdk-lap> so that would have to be on your computer, nautilus
<Roasted> hm
<Roasted> I'll try it again and watch my memory. I wonder if it scales up during the transfer or if it just spikes @ the end
<Roasted> up up and away
<Roasted> 50% memory
<Roasted> and failed
<Roasted> Error in stream protocol: End of stream
<trimeta> It seems my grub won't continue booting until I hit "enter," despite GRUB_TIMEOUT being set in /etc/default/grub. What could be happening?
<trimeta> Even on a clean reboot, it seems it's getting the failure thing that makes it hang at Grub.
<uvirtbot> New bug: #1015878 in clamav (main) "package clamav-base 0.97.5+dfsg-1ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015878
<branant> I am getting very slow performance running Drupal websites from my new Ubuntu Server 12.04 installation.
<branant> It takes about 1-2 minutes to load up the website and after that everything works fine
<branant> HostnameLookups is set to Off in the apache2.conf
<branant> Any other ideas on what else I can check please?
<taipres> anyone use ngnix in here?
<ironm> taipres, it looks like there no deb packages for ngnix (in official repositories at least)
<ironm> +are
<ironm> taipres, it looks like there are no deb packages for ngnix (in official repositories at least)
<taipres> someone needs to fix that
<taipres> ngnix is awesome
<taipres> almost have everything setup right, ngnix is easy mundin isn't
<cwillu_at_work> !info nginx
<ubottu> nginx (source: nginx): small, but very powerful and efficient web server and mail proxy. In component universe, is optional. Version 1.1.19-1 (precise), package size 6 kB, installed size 84 kB
<cwillu_at_work> ironm, did I miss something?
<cwillu_at_work> taipres, ^
<ironm> thanks a lot cwillu_at_work. I have found deb packages in repositories on ngnix.org .. even von preicse :)
 * cwillu_at_work points out that precise _has_ nginx debs in the repositories already
<ironm> cwillu_at_work, well .. I have checked it on nginx .org  ... *sorry* .. there are also packages for debian's sid (I misspelled it using apt-cache search ngnix ... instead of nginx)
<Guest87207> hi all
<Guest87207> something strange has happened to one of our ubuntu servers.. it is no longer possible to su - root
<Guest87207> but in the vmware console at the login prompt if you enter "root" as username you are immediately dumped to a prompt as if you had entered a password
<Guest87207> but no password is requestest
<Guest87207> any ideas?
<uvirtbot> New bug: #1015935 in samba "SWAT segfaults when trying to view full configuration" [Undecided,New] https://launchpad.net/bugs/1015935
<uvirtbot> New bug: #1015941 in etckeeper (main) "SUDO_USER should be used also when calling with 'vcs commit'" [Undecided,New] https://launchpad.net/bugs/1015941
<elst> hi
<elst> what is the link to download ubuntu server for network installation?
<elst> for normal ubuntu lftp -c "open http://it.archive.ubuntu.com/ubuntu/dists/precise/main/installer-i386/current/images/; mirror netboot/"
<elst> but for ubuntu server?
<taipres> is posix the easiest to setup for mail?
<taipres> postfix rather
<yeats> taipres: postfix is very straightforward, yes
<ironm> hello. Do I really need "ifenslave" for interface bonding (LinksAggregation) on ubuntu-server 12.04?
<Daviey> SpamapS: Hey, is there any reason not to sync txaws?
<Daviey> jamespage: Hola, how much effort would it be to generate a chart of the openstack ci utilisation?  Ie, be able to spot peak usage and idleness ?
<ironm> does anyone of you run interface bonding on ubuntu 12.04?
<jamespage> Daviey, there is a history view for each executor configured - gives you a rough idea
<jamespage> but as its commit driven....
<jamespage> varies massively
<halvors> Hi! I'm trying to use the "net.ipv6.conf.all.forwarding=1" in sysctl.conf to give connectivity to my lan computers using the wan interface of my Ubuntu Router Box. But when i'm trying to ping from the inside, nothing happends...
<Daviey> jamespage: I really want to try and determine if we can disable CI testing over the weekends.
<Daviey> jamespage: if so, it would be nice to be able to hammer time longevity every weekend.
<halvors> Hi! I'm trying to use the "net.ipv6.conf.all.forwarding=1" in sysctl.conf to give connectivity to my lan computers using the wan interface of my Ubuntu Router Box. But when i'm trying to ping from the inside, nothing happends...
<uvirtbot> New bug: #970849 in mysql-5.5 (main) "package mysql-client-core-5.5 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/mysql', which is also in package mysql-client-5.5 5.5.21-2~ppa1~oneiric" [Undecided,Invalid] https://launchpad.net/bugs/970849
<soren> Say I have an interface that isn't configured for VLAN's at all.. What happens if it receives VLAN tagged ethernet frames? Does it ignore the VLAN tagging or does it reject the packet?
<soren> Some kind of reference for this would be awesome. I only have virtual hardware to test with and that's not good enough (since I'm suspecting a bug in QEmu's handling in this particular area).
<uvirtbot> New bug: #1013860 in python-glanceclient (universe) "should use Architecture: all" [Medium,Fix released] https://launchpad.net/bugs/1013860
<uvirtbot> New bug: #995946 in mysql-5.5 (main) "package mysql-server-5.5 (not installed) failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ Ð½Ð¾Ð²ÑÐ¹ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ pre-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,Invalid] https://launchpad.net/bugs/995946
<uvirtbot> New bug: #1015997 in squid3 (main) "package squid3 3.1.19-1ubuntu3.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1015997
<patdk-lap> soren, it's ignored
<patdk-lap> basically think of it like this, you have many switchs each named vlan1 to 4096, but you only plug your machine into the ones you configured to listen to that vlan id
<patdk-lap> tcpdump will show you the packets though, cause it shows everything received
<uvirtbot> New bug: #989220 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script was killed by signal (Terminated)" [Undecided,Invalid] https://launchpad.net/bugs/989220
<SpamapS> Daviey: I haven't looked at txaws yet..but it definitely should be syncable
<uvirtbot> New bug: #1001354 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 on clean installation" [Undecided,Invalid] https://launchpad.net/bugs/1001354
<soren> patdk-lap: You appear to be correct. I'm suprised, though. My thinking was something like: The machine doesn't know about vlans at all. It doesn't even have the vlan driver loaded, so why does it go and look at the vlan tag in the ethernet frames?
<soren> patdk-lap: What does it even compare it to?
<soren> patdk-lap: Oh, hang on. No, I'm not sure you're right. Do you have any references to support it?
<soren> patdk-lap: I got confused by my test.
<uvirtbot> New bug: #1003481 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1003481
<patdk-wk> soren, the reason is cause, it totally kill the ethertype header field in the packet, if the machine doesn't understand vlan tagging
<soren> patdk-wk: Ah, yes.
<patdk-wk> since the ethertype would not match, it would get dropped as an invalid packet
<soren> Right.
<soren> Hm.
<patdk-wk> unless you have some braindead implementation :)
<uvirtbot> New bug: #1016018 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.62-0ubuntu0.10.04.1 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1016018
 * patdk-wk totally forgot to comb his hair today :(
<uvirtbot> New bug: #1010396 in mysql-5.5 (main) "package mysql-server 5.5.22-0ubuntu1 failed to install/upgrade: ErrorMessage: dependency problems - leaving unconfigured" [Undecided,Invalid] https://launchpad.net/bugs/1010396
<Daviey> SpamapS: you are the DM, no? :)
<SpamapS> Daviey: I am, just haven't looked to make sure its ok to sync
<SpamapS> 99% sure it is, looking at it now actually
<agc93> hi all, server newbie here. I'm trying to install 12.04 x64 on my server, onto a SCSI drive, but the drive isn't being recognised. It's connected to an Adaptec PCI card which according to the great interwebs works fine with the adaptec driver included in the kernel. Should I just drop to a shell and modprobe the module in, then try again?
<SpamapS> Daviey: it still has an Ubuntu only patch (aws-status-add-appindicator.patch)
<SpamapS> Daviey: I poked the desktop team to get appindicator into Debian a few weeks ago
<Daviey> SpamapS: ah cool.
<agc93> trying to install 12.04 on my SCSI disk, but although lspci correctly reports my SCSI card and everything is connected, my drives aren't appearing in /proc/scsi/scsi. Any ideas?
<Daviey> jamespage: i see you are currently triaging the incoming bugs.. Which end are you working from?
<jamespage> Daviey, bottom
 * jamespage is getting bored of mysql-5.5
<jamespage> lynxman is doing some as well
<lynxman> Daviey: I'm going from the top
<Daviey> jamespage: yeah, i just had a look and noticed a hump of mysql ones.
<Daviey> lynxman: awesome!!
<jamespage> Daviey, only just got subbed to ubuntu-server
<Daviey> jamespage: ahh, that makes sense then
 * Daviey considers applying for, https://tbe.taleo.net/NA3/ats/careers/requisition.jsp?org=CANONICAL&cws=1&rid=493
<Daviey> (I just posted that btw, and spamming it around)
<jamespage> lol
<lynxman> Daviey: can I apply? :o)
<uvirtbot> New bug: #1015408 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1015408
<Daviey> lynxman: it's open to everyone :)
<uvirtbot> New bug: #1012070 in mysql-5.5 (main) "package mysql-client-core-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: intentando sobreescribir `/usr/bin/mysql', que estÃ¡ tambiÃ©n en el paquete mysql-client-5.5 5.5.22-1~dotdeb.0" [Undecided,Invalid] https://launchpad.net/bugs/1012070
<jamespage> lynxman, I've see 4+ like bug 1015408 today
<uvirtbot> Launchpad bug 1015408 in mysql-5.5 "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1015408
<jamespage> might be a maintainer script not doing the right thing with permissions issue
<lynxman> jamespage: yeah, all of them for different reasons though, which is a pita
<jamespage> might not
<lynxman> jamespage: some lack information, this one clearly is someone deleting the user.frm file
<jamespage> lynxman, no - specifically with the errno 13 - which means permission denied I think
<lynxman> jamespage: hm...
<lynxman> jamespage: I'll dig this up further then, hrm
<agc93> Anyone know why a SCSI card would be perfectly recognised by both installer and Live CD, but the connected drives wouldn't be, even though there is drive activity?
<rowin> agc93: are the devices showing in /dev?
<claude2> anyone here good with pxe boot?
<agc93> rowin: it doesnt appear so. The SATA drives I have connected appear, and then sg0 through 3 but thats it
<stgraber> hallyn: just noticed you landed create(), is it ready to get mapped in the python module?
<rowin> agc93: to confirm, when you loaded up the installer/live boot were the drives mountable?
<agc93> rowin: no. At the moment, im in the Desktop Live CD and it shows the SCSI controller (the card) but not the drives themselves.
<agc93> but I know they're working as they were running in a different PC this morning
<jamespage> zul: bug 1013782
<uvirtbot> Launchpad bug 1013782 in nova "Stop/start a KVM instance with volumes attached produces an error state" [High,Confirmed] https://launchpad.net/bugs/1013782
<rowin> ah, ok, what has changed since this morning? were they moved from one system to another all together or was something else changed?
<SpamapS> Daviey: oh! looks like appindicator is actually in Debian now so I can patch the Debian aws-status and sync them. woot.
<zul> jamespage:  yeah i know about that one, its fixed in foslom but its fixed done in a rewrite/refactor
<jamespage> zul: meh - never mind - answered my own question
<jamespage> zul, anyway sounds important
<hallyn> stgraber: I think so.  can you check teh src/tests/createtest.c and tell me if you're happy with that api?
<jamespage> 'High'
<zul> jamespage:  ill update the bug with my findings so far
<jamespage> zul, is that released in folsom for what we have in the archive already?
<agc93> rowin: moved into a different system. Basically picked up the PCI card with connected drives and dropped it in a new system
<zul> jamespage: i think so, otherwise it will be fixed in the archive for quantal tomorrow
<rowin> agc93: good, not too many things to work with then, no extra variables. next thing, can you pastebin the result of this sudo lshw -C disk
<stgraber> hallyn: a bit suprised you went with a single char* instead of char** like for start() but that's not a problem for me
<agc93> rowin: that gives no output :/
<hallyn> stgraber: ?
<rowin> try it without the -C disk, so just lshw as root (# or sudo)
<agc93> rowin: I have since taken out all the SATA HDD's so the only remaining drives are an IDE CD Drive and the SCSI's
<hallyn> oh
<hallyn> stgraber: not a single char*
<hallyn> stgraber: varargs.  like startl
<hallyn> stgraber: did you prefer the char** (like ->start vs. ->startl)?
<agc93> rowin: lshw on its own shows the SCSI controller, but no drives. Hang on, ill try and get a full output
<rowin> agc93: it should show us the scsi controller and any other hw attached
<rowin> agc93: cool
<hallyn> stgraber: i can do the same ->create vs ->createl.  lemme know
<hallyn> stgraber: bug 919619 - an arkose competitor?
<uvirtbot> Launchpad bug 919619 in ubuntu "[needs-packaging] Integrate libvirt-sandbox" [Wishlist,Confirmed] https://launchpad.net/bugs/919619
<stgraber> hallyn: I was expecting create() to be like start(), so basically create(char* template, char** argv) from your example, it looks like it's create(char* template, char* arg) where arg can contain multiple arguments ("-r lucid" in your example)
<hallyn> stgraber: d'oh, i used it wrong in my test :)  though it worked, hm.
<hallyn> stgraber: it was supposed to be create(c, "ubuntu", "-r", "lucid", NULL)
<stgraber> ok, can you split it into createl() and create() like for start?
<hallyn> stgraber: yup
<hallyn> stgraber: but you use startl() from python, right?
<stgraber> I believe createl() will be easier for people directly using the C api and maybe for some other language bindings, but create() is easier for me
<stgraber> nope, I'm using start()
<hallyn> ah.  ok.  lemme do that right now
<stgraber> doing the variable args stuff when I already need to parse all the arguments before was tricky. It was easier to build a char** and pass that to start() instead
<Kloeji> Hi, if I plan on using Postfix to handle multiple domains, what domain should I use during the setup, when it asks for a FQDN hostname?
<agc93> rowin: heres the whole thing http://paste.ubuntu.com/1052723/
<agc93> my scsi controller (An adaptec 19160 based on the 7892b chipset) is listed uner pci:5 under scsi, but then no drives...
<hallyn> stgraber: oh that's right, the reason i did that was that it occurred to me that i might have a memory leak with the way i'm doing startl
<uvirtbot> New bug: #1016068 in autofs5 (main) "autofs prints "automount[19165]: syntax error in nsswitch config near [ syntax error ] " to syslog" [Undecided,New] https://launchpad.net/bugs/1016068
<Kloeji> Hi, if I plan on using Postfix to handle multiple domains, what domain should I use during the setup, when it asks for a FQDN hostname?
<rowin> acg93: hmm, I think maybe you may not have scsi support enabled. I have only worked with it once or twice but i'm sure there is a kernel module require
<agc93> rowin: there is an aic7xxx module that is supposedly the SCSI one and thats loaded (at least according to lsmod)
<agc93> rown: there is also an aic79xx module that I can modprobe in, but that doesnt change anything
<Daviey> SpamapS: wooooooooot
<SpamapS> Something about getting packages back in sync w/ Debian.. its like calling your mom to see how she's doing just as the doorbell rings with the postman carrying a tin full of cookies from mom..
<rowin> acg93: any chance you could dump ls /dev?
<agc93> hang on, ill just boot it back up.
<agc93> but last time I tried that (when there were SATA drives in there as well), there was just sda,sda1,sdc,sdc1 (the two SATA's), then sg0,sg1,sg2,sg3 and sr0
<rowin> acg93: on the other system were the drives partitioned? if so, any raid or other possible complications?
<agc93> rowin: theres two drives connected, so kind of. On the first system, both drives were just separate Ext4 partitions and mounted and worked fine
<agc93> I then formatted both drives, and one drive is just one massive LVM partition. The other one is two partitions, one LVM, the other Ext4. My intention is to install onto the Ext4 partition and use the combined lvm partitions as a data area
<rowin> can you run cat /proc/partitions
<jamespage> SpamapS, the NEW bugs queue for mysql-5.5 is a bit shorter now
<agc93> rowin: I get two entries returned, one for sr0 (my dvd drive) and the other for loop0 (the live squashfs)
<agc93> rowin: wait a minute. I want to try something.
<agc93> nevermind, that didnt work either.
<trimeta> For some reason, when I reboot my server grub always waits for my input (i.e., doesn't automatically load the default choice after N seconds), even if this is was after a clean reboot. How can I fix it (even if this means never waiting for input)?
<patdk-wk> normally? /etc/default/grub
<trimeta> GRUB_TIMEOUT=2 is already there.
<patdk-wk> what ubuntu version?
<trimeta> 12.04.
<patdk-wk> upgrade or new install?
<trimeta> I'm slightly concerned it may have something to do with my hardware, because when I do "sudo halt," the system doesn't actually shut down after it prints "The system is now halted."
<trimeta> New install.
<patdk-wk> my netboot does that, but boot is fine
<trimeta> Ah.
<patdk-wk> well, I seriously don't know the answer :)
<trimeta> Fair enough.
<SpamapS> jamespage: awesome. Any serious problems coming to light?
<SpamapS> jamespage: when I perused them, I just saw the same old problems with starting broken mysqld
<hallyn> stgraber: thanks for renaming the tests :)  kept meaning to do that
<hallyn> all right, new patch seems to be working.  will push in a bit
<hallyn> maybe i'll double check ->start first
<stgraber> hallyn: hehe, yeah, I'm usually just adding "mv" calls to debian/rules to put all your tests under lxc-test-. I guess whenever we have the API fully implemented, these should be made optional in the build process as most distros won't really need them
<halvors> Hi!
<halvors> I'm trying to setup ISC DHCP Server to serve both IPv4 and IPv6, is there som way to start it in IPv6 mode?
<halvors> There is no documentation for this on Ubuntu...
<stgraber> halvors: just create a /etc/dhcp/dhcpd6.conf file and start isc-dhcp-server6
<halvors> Is isc-dhcp-server a service under /etc/init.d?
<stgraber> it's an upstart job. You have /etc/init/isc-dhcp-server.conf for ipv4 and /etc/init/isc-dhcp-server6.conf for ipv6
<stgraber> so you just need to create /etc/dhcp/dhcpd6.conf then do "sudo start isc-dhcp-server6" and dhcpd6 will start
<stgraber> (it'll also start automatically on boot as long as /etc/dhcp/dhcpd6.conf exists and is valid)
<halvors> Is there a default dhcpd6.conf file i can use?
<halvors> Eventually download?
<halvors> Just to get started.
<hallyn> there, reallocs cleaned up.
<stgraber> halvors: http://www.stgraber.org/download/ipv6/dhcpd.conf.ipv6
<halvors> Thanks :D
<smoser> jamespage, ping
<smoser> triaging...
<smoser> it seems like you've touched a bunch of the mysql stuff?
<smoser> but its still showing ther.e
<hallyn> stgraber: ->create updates pushed
<stgraber> hallyn: cool, thanks
<hallyn> Question for everyone:  can someone lay out advantages (if any) of vde2 over openvswitch (as pertains to libvirt/qemu)?  Is it mainly the ability to use them unprivileged?
<hallyn> stgraber: AIUI I'm done for now with the api.  If you were waiting on something more, please poke.
<hallyn> (after an SRU I'll start on the user namespaces patch for lxc)
<stgraber> that's the main advantage I can see of vde2, a user with just access to /dev/kvm can use an interface using a user network card (no privileges required) and another using vde2 to talk to another VM (private network)
<stgraber> though I haven't used that in years
<hallyn> stgraber: I'm trying to gauge its value wrt MIR
<hallyn> we dont' watn duplicate functionality in multiple packages in main, and ovs is in main, so...
<hallyn> all right, I guess I'll go ahead and request it.  There's just (AFAIK) no alternative for unprivileged (or underprivileged) access.
<hallyn> well, there's userspace networking, which frankly works quite well for me :)
<halvors2> stgraber: Now i get an IPv6 address on the clients, but seems like they don't know the gateway, is there any way to specify that+
<halvors2> ?*
<stgraber> halvors2: you're supposed to run radvd for that
<halvors2> Ok.
<halvors2> Then i think i'll need some help for that...
<stgraber> halvors2: http://www.stgraber.org/download/ipv6/radvd.conf
<stgraber> halvors2: if you want stateful, use found-dhcpv6, if you want stateless, use found-radvd-dhcpv6
<stgraber> halvors2: the source of these examples being an old blog post of mine: http://www.stgraber.org/2011/07/26/state-of-ipv6-in-ubuntu-oneiric/
<stgraber> things changed a bit in 12.04, but most of the config still applies
<uvirtbot> New bug: #1016111 in nova (main) "Passing an incorrect zone name to euca-create-volume results in a volume stuck in the "creating" state" [Undecided,New] https://launchpad.net/bugs/1016111
<halvors3> stgraber: Got it working :D But how do i set radvd to start on boot?
<stgraber> halvors3: it usually starts on boot just fine for me
<stgraber> as long as it has a config, it's starting (at least here)
<halvors3> Tried to do "start radvd
<stgraber> halvors: it's an old style init job, so you'd need "/etc/init.d/radvd start"
<stgraber> halvors: or use the service command that works with both systels "service isc-dhcp-server6 start" and "service radvd start"
<halvors> Well, i'll have to do a reboot then, just to test :) Thanks you very much for help, now i finally got my lan router running :)
<halvors> stgraber: Is it possible not specify a range in the ISC-DHCP-Server but instead provide a prefix to automaticly generate ip adresses for?
<halvors> Like you do on Cisco IOS.
<stgraber> halvors: range6 allows a CIDR noted subnet so yeah, you should be able to just give it a subnet.
<halvors> Just like "range6 2001:xxxx:xxxx:xxxx::/64" ?
<stgraber> halvors: yeah, the manpage says it should work
<halvors2> stgraber: I still get the ip that ends with ::9999, i want all the groups to get random data...
<stgraber> halvors2: then you probably want to use stateless dhcpv6 + privacy extensions
<halvors2> stgraber: Isn't is possible with stateful ipv6?
<smoser> hallyn, since you said 'autofs' recently, i assume you're an expert. could you take a quick read of https://bugs.launchpad.net/ubuntu/+source/autofs5/+bug/1016068
<uvirtbot> New bug: #1013826 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1013826
<uvirtbot> Launchpad bug 1016068 in autofs5 "autofs prints "automount[19165]: syntax error in nsswitch config near [ syntax error ] " to syslog" [Undecided,New]
<stgraber> halvors2: it might be but I'm not aware of an easy way to get dhcpd to give you non-sequential addresses, if you want random addresses it's much easier to let the clients build their initial address from the RA using EUI64, then turn on the privacy extensions on the client so they generate a fully random IPv6 on top of that
<hallyn> smoser: bwahahahahaha
<hallyn> (reading)
<halvors2> Is that in your example?
<stgraber> halvors2: yep, that's found-radvd-dhcpv6
<stgraber> halvors2: the privacy extensions are a client side option that's turned on by default in Ubuntu and I believe on Windows as well
<halvors2> I can't just turn "AdvOtherConfigFlag on;"?
<hallyn> smoser: funky.  no idea.  his auto.cifs entry looks funky to me (
<hallyn> box -fstype=cifs,rw,credentials=/etc/fritz.cred ://192.168.6.1/FRITZ.NAS)
<stgraber> halvors2: yep, that's basically the only difference, well, that and removing the range6 definition (as it's no longer the dhcp server's role to give ip addresses)
<hallyn> but i'm not up on all the latest autofs config stuff
<hallyn> smoser: his nsswitch.conf is the stock one, so i'm guessing autofs is really crashing on teh rest of the config
<smoser> yeah, that is what i saw too.
<jamespage> smoser, pong - no there was just alot of it
<jamespage> not done all ofthem
<halvors2> Nice :D
<claude2> anyone have any idea what this might mean? I'm getting these logs on my NFS server as I try to nfs mount the root on a diskless install
<claude2> Jun 21 12:32:50 seahorse rpc.mountd[3547]: authenticated mount request from 10.13.9.205:790 for /netboot/stax00 (/netboot/stax00)
<claude2> Jun 21 12:32:50 seahorse rpc.mountd[3547]: refused unmount request from 10.13.9.205 for /root (/): no export entry
<claude2> that repeats over and over
<jkyle> in hosts created from a uec image of ubuntu 11.10 I'm seeing this in hte /etc/hosts. Instead of 127.0.0.1 localhost, it says 127.0.0.1 ubuntu.
<jkyle> was that a vendor choice at some point?
<uvirtbot> New bug: #1000401 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1000401
<jkyle> ah, here we go: https://bugs.launchpad.net/ubuntu/+bug/906687
<uvirtbot> Launchpad bug 906687 in ubuntu "/etc/hosts has 'ubuntu' as for 127.0.0.1 in oneiric, precise" [Medium,Fix released]
<adam_g> zul: ping
<zul> adam_g: whats up?
<adam_g> zul: so, we need a good versioning scheme for the cloud archive stuff. have you given this any thought yet?
<adam_g> it just started causing problems for jenkins jobs
<zul> adam_g: not yet...it would probebaly be <version>~precise or something
<adam_g> zul: so, something like: quantum-plugin-ryu-agent_2012.2+git201206211313~precise-0ubuntu1_all.deb ?
<zul> yeah
<adam_g> zul: the issue now is commits to trunk trigger to parallel builds for each $release that end up with the same timestamp/version, and only one makes it to the repository
<zul> adam_g: wait they should be going to different repositorys should it not?
<adam_g> zul: its a single repository with different pockets. pool/main is shared between them all
<zul> ok i thought there would be different pool/main for each version but whatever
<zul> so yeah package-version~precise-0ubuntu1
<jamespage> utlemming, ping re waagent
<utlemming> jamespage: pong...I thought you'd be gone by now
<utlemming> jamespage: I had meetings in the morning, so I was thinking I would have to ping you tomorrow
<jamespage> utlemming, nah - I had a few hours off this afternoon so working this evening
<utlemming> :)
<utlemming> jamepage: I was just asking if you had a chance to look at the package after I applied the feedback
<jamespage> utlemming, yep - I did - and wanted to grab you to discuss
<utlemming> G+ then?
<jamespage> utlemming, sure - lemme just grab a coffee
<utlemming> jamespage: k, invite posted when you get back with caffinated goodness
<jamespage> utlemming, no invite so invited you :-)
<utlemming> jamespage: odd....joinging yours
<utlemming> jamespage: your room is empty
<zul> adam_g: im going to upload a new snapshot tomorrow
<jsnapp> can anyone here help me with a cloud-init question?
<jsnapp> i'm using nocloud-net with an http datasource ... everything works well except manual_cache_clean: True never seems to get picked up by cloud-init
<adam_g> zul: k, everything should be building fine now
<adam_g> for trunk at least
<jsnapp> can anyone here help me with a cloud-init question?
<jamespage> !ask jsnapp
<jsnapp> i'm using nocloud-net with an http datasource ... everything works well except manual_cache_clean: True never seems to get picked up by cloud-init
<jamespage> bah - wrong subcomman
<jsnapp> awfully quiet in here
<jamespage> smoser, ^^ never used that option myself - any ideas?
<smoser> jsnapp, it "should work"
<smoser> oh.
<smoser> jsnapp, no. it wont. i'm sorry.
<smoser> that option has to be in local config as its consulted before datasources are considered.
<smoser> 2 things:
<smoser> a.) file a bug, as we *could* make it work (by trying to load existing cached datasource, and then checking the value)
<smoser> b.) you can have your userdata/cloud-config write a new file in /etc/cloud/cloud.cfg.d with 'manual_cache_clean: True'
<smoser> then reboot will have it.
<jsnapp> ok, i was starting to suspect it wasn't designed to work with nocloud
<jsnapp> i'm not sure i even need it though
<jsnapp> i am setting kernel parameter ds='nocloud-net;s=http://192.168.25.77:8000/' for the first boot of a vmware ubuntu vm
<jsnapp> then i add ds='nocloud' to the grub.cfg so any subsequent boots will also be nocloud thereby skipping the search for EC2 datasource
<jsnapp> smoser, does my strategy seem to make sense?
<jsnapp> since instance-id will default to "nocloud" on both the first nocloud-net boot as well as all subsequent nocloud boots i should be able to count on cloud-init not actually changing anything on subsequent boots?
<smoser> jsnapp, what version of ubuntu? 12.04 ?
<jsnapp> i'll experiment with your option of having cloud-config write it to a file
<jsnapp> yes 12.04
<smoser> how are you manipulating the kernel parameter on first boot?
<smoser> you know you dont need to manipulate kernel parameters with 12.04, it is perhaps easier for you to attach a second disk.
<jsnapp> vmware vsphere client has a console of the vm as it boots ... i just modify grub menu
<smoser> oh. wow. so you do that manually. yuck. (sorry).
<jsnapp> yeah, i saw that option just today ... you mean create an iso right?
<smoser> would you have the ability to attach a cdrom?
<jsnapp> yeah, that's possible ... so would i just put the http seed in the iso so i don't have to keep updating the iso if i change my user-data?
<smoser> or it can be any disk, really.
<smoser> http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/nocloud/README
<smoser> jsnapp, you could just have a '#include' in the user-data for your url
<jsnapp> oh yeah that makes sense
<smoser> and then, also http://smoser.brickies.net/git/?p=tildabin.git;a=blob;f=make-seed-disk;hb=HEAD
<smoser> the first is doc on how ot make the disk.
<smoser> the second basically does it for you.
<jsnapp> cool, thanks
<jsnapp> so i don't necessarily want to count on the datasource being available on next boot so is that where i use your option of having cloud-config write manual_cache_clean: true to the filesystem so cloud-init effectively becomes disabled on next boot?
<jsnapp> and that way i won't have to keep that disk attached AND I won't have to permanently modify /boot/grub/grub.cfg to include ds='nocloud' ?
<jsnapp> smoser, sorry to bug you but did you see my last two questions?
<al_the_x> Hey, anybody here running 12.04 and running MySQL replication?
<glance> mmm...
<smoser> no, jsnapp i did not.
<matt_keys> al_the_x : yes.
<smoser> jsnapp, you are correct, that is the purpose of manual_cache_clean: true
<smoser> the other thing you will want to do is '#include-once' rather than '#include'
<al_the_x> matt_keys: Did you edit your /etc/mysql/my.cnf directly or use separate files in conf.d/
<jsnapp> smoser, ok i wondered about that
<smoser> as '#include' will attempt to include every time... although i have to think harder to be sure of which one wins.
<matt_keys> al_the:x : I suppose it depends on what you're trying to do
<jsnapp> smoser, what two pieces are competing?  include_once and manual_cache_clean ?
<jsnapp> sorry, i meant "#include and manual_cache_clean" ?
<smoser> jsnapp, right. thats what i meant.
<matt_keys> RoyK : you around?
<al_the_x> matt_keys: On 11.04, I could put a symlink in /etc/mysql/conf.d/ and mysql would pick it up.
<matt_keys> does the symlinked file end with .cnf?
<al_the_x> Now in 12.04 (with MySQL 5.5), symlinks aren't read. HARD links are, but not SOFT links.
<al_the_x> matt_keys: Yes.
<patdk-wk> symlinks iwht mysql has always been fine
<patdk-wk> an easy way to shard database load across disks
<al_the_x> Another interesting point: if the file contains a dot other than .cnf, the file is ignored, as well.
<jsnapp> smoser, so most of my systems will just have a base user-data to get basics setup and then chef will take over from there (i'm not using chef option in cloud-config) ... but i do have a specific chef-server-user-data file that just one vm will need to use
<al_the_x> eg: replication.001.cnf = bad; replication-001.cnf = good
<smoser> jsnapp, right. that makes sense.
<jsnapp> smoser, do i just have two iso's or disks then?  one that include_once the base user-data and another that include_once the chef-server-user-data?
<al_the_x> patdk-wk: Sorry, were you chiming in...?
<patdk-wk> kindof :)
<al_the_x> Okay. I'm having trouble with symlinked config files, though, not data dirs.
<al_the_x> Thanks, though.
<jsnapp> smoser, sorry but i think you responded at same time as i sent my last little bit ... for clarity you're saying it makes sense to have two iso's or disks right?
<patdk-wk> hmm
<al_the_x> matt_keys: Do you mind running an experiment on your box?
<patdk-wk> you sure it's the symlink that is the issue? or the appprofile?
<al_the_x> appprofile?
<smoser> jsnapp, yeah, you'd need two different isos. i dont know how else you'd differenciate behavior.
<jsnapp> smoser, i agree
<patdk-wk> apparmor
<smoser> jsnapp, and i am fairly sure that what you want to do is have #includ-once
<smoser> that itself would be sufficient if you left the cdrom plugged in.
<al_the_x> patdk-wk: That's a good point. I hadn't thought about it...
<matt_keys> al_the_x : I suppose. You don't have a dev environment?
<smoser> but if you want to be able to eject the cdrom also, then you'd need to make the manual_cache_clean change to local
<al_the_x> matt_keys: I've confirmed in both my environments, looking for a second opinion.
<jsnapp> smoser, great it's all making sense now
<al_the_x> I think that patdk-wk might be onto something with the apparmor profile, though.
<jsnapp> smoser, last question ... if the iso uses include_once to get the user-data and the user-data retrieved has #include's in it those shouldn't have to be #include_once's too do they?
<smoser> :).
<al_the_x> patdk-wk: That's it, sir...
<matt_keys> al_the_x : that makes sense to me too, I can see apparmor profile for mysqld
<al_the_x> Indeed. I think that's the ticket. Thanks, fellas!
<matt_keys> patdk-wk : interesting I see libvirtd in there as well... do you think that would have anything to do with a mmap allocation problem on a guest? I was wondering if maybe it was ksmd, but have no idea how to troubleshoot it
<smoser> jsnapp, it looks to me that if you have '#include-once <URL1>' that does '#include <url2>' that only the contents of 'URL1' are cached.
<smoser> meaning that it will then try to '#include url2' on subsequent runs.
<jsnapp> smoser, hmmm, if only the contents of 'URL1'  ('#include <url2>') are cached and it's semaphored as include_once then it seems like cloud-init wouldn't try to '#include <url2>' again
<jsnapp> smoser, but your the author so i'll take your word for it :)
<smoser> jsnapp, well, it caches the contents of the url
<smoser> so the next time through, it says "oh, i dont have to get URL1, cause i've got it locally"
<smoser> it opens up the local file
<smoser> and sees
<smoser> #include <url2>
<smoser> and says "oh, i need to get that"
<jsnapp> yeah, but i thought the point of include_once is that it semaphores that content to not be included the next time through
<jsnapp> i think i'm misunderstanding the "_once" part
<jsnapp> include_once doesn't mean run_once?
<jsnapp> it literally means don't retrieve content from the url again?
<jsnapp> therefore it will run "again" any cached content?
<jsnapp> which in my case would be '#include <url2>'
<jsnapp> i think i follow you
<jsnapp> smoser, thanks a lot ... i should have tried irc earlier ... you've been very helpful
<smoser> yeah. it basically means "cache local content"
<smoser> jsnapp, if you ahve other questions, feel free to ask.
<smoser> the other hting...
<smoser> id be interested in knowing why you're not using the chef support in cloud-init
<smoser> as i'd like to make people like you say "oh, that makes sense, i'll use that"
<smoser> (ie, the reason its there is that so people use it)
<ironm> does anyone of you run interface bonding on ubuntu 12.04?
<ironm> hello. Do I really need "ifenslave" for interface bonding (LinksAggregation) on ubuntu-server 12.04?
<ironm> all configurations (without ifenslave) didn't work ...
<ironm> all configurations I have tested ...
<matt_keys> patdk-wk : Nope, that wasn't it... symlinked the qemu-<uuid> to /etc/apparmor.d/disable but the behavior didn't change on the guest :(
<patdk-wk> hmm?
<patdk-wk> apparmor profile on a host won't affect a guest
<patdk-wk> but now your talking qemu, I have no clue what your doing :)
<matt_keys> patdk-wk : was worth a shot. :) having a hard time figuring this one out... keep seeing mmap allocation errors on the guest that i haven't seen before
<matt_keys> only change was upgrading from 10.04 to 12.04 lts
<matt_keys> well, i take that back... there was a centos 6.2 kernel update recently, but i rolled it back to test if that was it and it wasn't
<matt_keys> make that libvirt-<uuid>
<jsnapp> smoser, in regards to the chef support I'll start by saying that I'm no expert in regards to deployment but I'm trying to keep things as cookie cutter as possible ... i'd rather not have to have multiple iso's each pointing to a different user-data file (e.g. web-user-data, db-user-data, etc)
<smoser> jsnapp, i dont follow that.
<jsnapp> probably because i'm making weird decisions? cause i'm not an expert
<jsnapp> :)
<smoser> well i know very little about chef
<jsnapp> i would love to have someone (cough..smoser) tell me the "right" way
<smoser> i know very little about chef.
<smoser> but doc/examples/cloud-config-chef.txt
<jsnapp> right that's what i'm looking at now
<smoser> you'd have ot have a chef server (your chef-server-user-data)
<smoser> and then one fo rech of the nodes that new where the serer was
<jsnapp> if i use cloud-config-chef then at least node_name and run_list would be different for each vm
<smoser> but then how you turn a generic node who calls home to the chef server into a specific funciton, i don tknow.
<smoser> and that may force you to have separate isos with "node-1" "node-2" somewhere.
<jsnapp> right, then i think we're on the same page as long as we use cloud-config-chef to *only* create generice nodes and then use chef to configure them into a specific function
<smoser> yeah. i see hte difficulty there.
<jsnapp> in which case i could use cloud-config-chef but i'm not sure i see too much benefit over just using chef's knife bootstrap command which uses ssh to send the private validation key, private databag key and doesn't rely on cloud-init so it's platform independent
<hallyn> smoser: we need a ubuntu-cloudimg-query bot in here :)
<hallyn> @smoserbot ebs quantal
<smoser> ami-36b1115f
<hallyn> smoserbot: thx :)
<smoser> us-east-1 ami-36b1115f canonical    ebs/ubuntu-quantal-alpha1-amd64-server-20120606.1
<smoser> but you probably wanted
<smoser> @smoserbot ebs quantal daily
<smoser> ami-fa9c3e93
<hallyn> oh, the other is older?
<hallyn> yeah daily is good, thx :)
<uvirtbot> New bug: #1012139 in mysql-5.5 "tests show segfaults in SSL code on i386" [Critical,In progress] https://launchpad.net/bugs/1012139
<ironm> hello.  When I use ifenslave on ubuntu 12.04 interface bonding works as expected (with following config files: interfaces - http://paste.debian.net/175728/ ... and bonding.conf - http://paste.debian.net/175729/)
<ironm> I have tested some configurations (see config files in brackets) without ifenslave, and *no* one works :( interfaces - http://paste.debian.net/175730/ ... bonding.conf - http://paste.debian.net/175731/ ... modules - http://paste.debian.net/175732/ ). Do you have an idea what do I miss? Thank you in advance for any hints or examples of working config files without using ifenslave.
<ironm> it is *not* documented in unbunt administration guide
<jsnapp> smoser, given my descriptions before i wanted to add that i'm currently just using an empty meta-data file ... since i'm trying to use cloud-init to create generic nodes it made sense to me not to populate meta-data since that seemed to typically consist of unique info ... does that make sense to you too
<smoser> jsnapp, well, you need to have an instnace-id in it.
<smoser> but it does not have to be unique.
<smoser> that is a limitation i'll probably attempt to remove.
<jsnapp> smoser, but that defaults to nocloud which seemed sufficient
<smoser> oh. ok.
<smoser> sure.
<smoser> :)
<jsnapp> cool
<jsnapp> smoser, as an aside do you see user-data and cloud-init typically getting used to create many unique nodes ... like in AWS EC2 do people actually use user-data that much for complicated unique configurations?
<smoser> jsnapp, i'm sur ethat some people do have complex user dta that they feed into a node.
<smoser> i certainly have lots of user-data snippets that i create instances with to then do something to.
<smoser> and for single systems, its useful
<smoser> but i suspect (and if not hte case right now, then i expect it will be sometime soon) that people will primarily use cloud-init as a bootstrap to a configuration management solution
<smoser> or something along those lines
<smoser> (ie, "get me to juju, puppet, chef, salt"...)
<jsnapp> yeah that makes sense
<jsnapp> I'm just curious. cloud-init has been ported to RHEL or Fedora right?
<jsnapp> smoser, I'm just curious. cloud-init has been ported to RHEL or Fedora right?
<smoser> it is in fedora (F16 and beyond i think)
<smoser> but it is less functional
<jsnapp> ok
<smoser> but someone is working on making it more functional there right now.
<smoser> so i would suspect that for the next version it will be much closer to parity.
<jsnapp> ok, thanks for the info
<daff> why would "apt-get install foo" complain that "The following packages cannot be authenticated!" when "aptitude intall foo" works fine? the correspoding signing key for package foo is installed and listed in "apt-key list". any ideas?
<ironm> daff, you have to install appropriate gpg-keys
<ironm> daff, an example for MariaDB deb packages; http://kb.askmonty.org/en/installing-mariadb-deb-files/
<daff> ironm: thanks, but the appropriate key is already installed. "apt-key list" lists it
<stgraber> hallyn: "lxc_container: failed to save starting configuration for test" when calling create("ubuntu") on a non-existing container
<daff> and aptitude doesn't seem to have a problem, only apt-get. which I find strange.
<daff> what's also interesting is that the .gpg file for the repo/key is nowhere to be found in /var/lib/apt/lists
<ironm> daff, check with "dpkg -l | grep ..." if you can see it too
<ironm> daff, did you "apt-get update"
<daff> yes, of course I did apt-get update :)
<daff> what should "dpkg -l" show me, other than a list of packages?
<adam_g> jamespage: FYI all the jenkins jobs have been renamed internally to ${ubuntu-release}_${openstack-release}-${component}-${target} if you want to make the required changes on the public jenkins side
<hallyn> stgraber: nothing more in lxccontainer.log?
<stgraber> hallyn: nope, just that single line
<hallyn> stgraber: can you send me a test case?  will try after dinner
<hallyn> oh does /var/lib/lxc exist?
<hallyn> i dont recursively mkdir
<hallyn> (yet :)
<stgraber> hallyn: yeah /var/lib/lxc exists
<stgraber> hallyn: I'll quickly try to reproduce that in C, should be a two lines test
<stgraber> hallyn: http://paste.ubuntu.com/1053379/
<hallyn> huh
<hallyn> oh
<hallyn> yeah, I guess we could allow for this, but you have to first create the config (i.e. by doing a c->set_config_item("lxc.network.type", "veth");)
<hallyn> stgraber: I'll fix that tonight to create an empty dummy config at save_config() if one doesn't exist.
<hallyn> I think I purposely didn't do that at first bc i wasn't sure it would be the right thing.  but i guess it is
<stgraber> hallyn: just load /etc/lxc/lxc.conf if no config exists?
<stgraber> hallyn: that'd match our current behaviour
<hallyn> right.  i'll  have it do that tonight
<hallyn> stgraber: for the record http://pastebin.com/aqZY8rSW works
<stgraber> hallyn: right, I've changed my test to do a load_config("/etc/lxc/lxc.conf") for now
<hallyn> stgraber: mind you, upstream we'll just want to init an empty one :)
<hallyn> ok, i'll fix that up tonight, thanks.  bbl
<stgraber> hallyn: it also seems like it's always returning true even when failing (calling create on a container with an existing rootfs)
<stgraber> hallyn: my bad apparently, it's something going wrong in the python code
<uvirtbot> New bug: #979745 in glance "with keystone auth, image objects left behind in swift post-deletion " [High,Fix released] https://launchpad.net/bugs/979745
<uvirtbot> New bug: #981332 in glance "Content-Length and Transfer-Encoding are mutually exclusive HTTP headers" [Undecided,In progress] https://launchpad.net/bugs/981332
<uvirtbot> New bug: #983829 in glance "[sru] notify_kombu incorrect message format for logging" [Undecided,In progress] https://launchpad.net/bugs/983829
<hallyn> stgraber: the c code for bool rets is pretty simple so would've been tough to muck up, but if anyone could i could :)
<agc931> If I have an Adaptec PCI SCSI card connected and Ubuntu 12.04 is recognising the card properly but not the (confirmed working) drives attached to the card, am I missing a kernel module or something?
<freesbie_> some controllers dont present the drives unless you have them configured in a raid or as jbod, could that be the issue ?
<slide> Does anyone know if it is possible to change the visible directory of a nfs share? for instance on the server i want to share the folder /mnt/Downloads, but have it be visible as /Downloads
<SpamapS> slide: mount --bind /mnt/Downloads /Downloads would be the simplest way
<slide> i guess, but that clutters up my server
<SpamapS> slide: https://help.ubuntu.com/community/NFSv4Howto
<slide> yea i read that, did i miss something?
<slide> hrm kinda like a chroot in /export ?
<slide> no i still think it would use the /export prefix...
<SpamapS> slide: not according to the Howto
<SpamapS> Note with remote NFS paths
<SpamapS> They don't work the way they did in NFSv3. NFSv4 has a global root directory and all exported directories are children to it. So what would have been nfs-server:/export/users on NFSv3 is nfs-server:/users on NFSv4, because /export is the root directory.
<slide> i think thats because /export was shared as the root of the filesystem fsid=0
<slide> hrm
<slide> let me try to set it up like that and see
<SpamapS> slide: yes that is why, but fsid=0 is special
<slide> so should my /export/Downloads be a link to /mnt/Downloads or a mount --bind ?
<SpamapS> slide: bind mount
<SpamapS> slide: or you could share /mnt as your fsid 0 :)
<slide> true
<slide> hrm
<slide> so i set /mnt to fsid=0 but my /mnt/Downloads gets the error "/mnt/Downloads requires fsid= for NFS export"
<slide> maybe because /mnt/Downloads is actually a mhffds mount of /mnt/Downloads-01 and /mnt/Downloads-02 ?
<SpamapS> slide: no idea.. but yeah maybe its time to use bind mounts :0
<slide> man wtf
<pdtpatrick> Question - can someone please share a guide/wiki they used to successfully add Ubuntu server to Active Directory
#ubuntu-server 2012-06-22
<patdk-lap> pdtpatrick, I normally use the serverguide one, why ubuntu created it
<pdtpatrick> patdk-lap:  thanks ..
<tarvid> how do I file a bug report on a headless server?
<patdk-lap> same way you would do it on a server with a head?
<riz0n> Hey, I have a problem with Ubuntu 12.04 and Postfix/Dovecot. Dovecot *appears* to be functioning properly, but Postfix is refusing to transport mail (locally or to other servers).. if I try to smtp through, say, Outlook, it says that the authentication method is not supported by the server. If someone here can help me solve this problem, I would greatly appreciate it.
<erichammond> tarvid: (1) run ubuntu-bug (2) Choose "S: Send report" (3) Choose "C: Cancel" (4) Copy the provided URL into your browser on your local computer and fill out the bug report.
<riz0n> so i take you guys are as clueless about Postfix as I am???
<qman__> riz0n, out of the box, postfix only accepts authentication over SSL/TLS
<qman__> no 'secure' authentication is enabled, and plain is denied without SSL/TLS
<hallyn> stgraber: can you think of any reason why, on lxc_contaienr_new(0, if the configfile exists, we shouldn't automatically load it?
<hallyn> there is one reason, which is that the default may exist, but the user may want to load an alternate later
<hallyn> but i think it's reasonable to say that if you want to play that game, you should make sure the default does not exist
<stgraber> hallyn: that sounds reasonable, it's currently not intuitive to have to run load_config() before you can actually use your container
<hallyn> of course that actually complicate the logic of figureing out whether i should load /etc/lxc/lxc.conf
<marc_12314> I have a software raid1 array with  sda1 and sdb1.  I removed sda1 physically to test how to recover the array., I plugged it back in, and was able to have my array in sync again. but my second test: I unplugged SDA, then added files on SDB.  now both drives are plugged back in, the MD2 array say that SDA1 is removed, but if I try to add it to the array, it say "mdadm: /dev/sda1 reports being an active member for /dev/md2, but a --re-
<marc_12314> fails."  What should I do to re-attach SDA to the array and have it sync it's content from SDB ?
<hallyn> bc that means c->lxc_conf will always exist
<hallyn> oh, no it doesn't.  s'ok
<stgraber> right ;) it only exists for containers with an existing config but won't for new containers
<qman__> marc_12314, you have to mark it failed and re-add it to the array
<hallyn> well i was thinking with the current flow it lxc_conf would get created anyway, but i have lxc_contaienr_new(0 only calling load_config() if the file exists, so it's ok
<riz0n> qman__: so what do I need to add to the main.cf to allow plain auth?
<qman__> riz0n, don't; that's a really bad idea
<qman__> fix your SSL/TLS and use it
<riz0n> qman__: Then how will my server accept mail from outside sources?
<qman__> anonymously
<marc_12314> qman__:  If I try:   sudo mdadm --manage /dev/md2 --fail /dev/sda1    I get   mdadm: set device faulty failed for /dev/sda1:  No such device
<marc_12314> qman__:   same response for --remove, and if I try to add it to the array:    mdadm: /dev/sda1 reports being an active member for /dev/md2, but a --re-add fails.  not performing --add as that would convert /dev/sda1 in to a spare.
<riz0n> qman__: here is the issue. I have "old" 10.04 server that is running. I have new 12.04 LTS running on new server (virtual setup).. what do I need to do to fix the SSL/TLS so I can retire the old server?
<qman__> riz0n, configure a valid key and certificate, and CA cert
<qman__> it may or may not have configured the snakeoil keys, but you should at least generate your own, or (better) use legit ones
<qman__> marc_12314, that's an abnormal situation, usually when a drive fails it fails, so it's confused
<riz0n> I don't mind using my own keys, I thought I had generated them and put them in the right place. One way or another, I have done something wrong
<qman__> marc_12314, you can trash the "failed" drive's data first, then re-set it up like a new one
<qman__> riz0n, also out of the box, only TLS is enabled, as you have to turn on listening on 465, the default SSL port
<riz0n> right now the main.cf has the "snakeoil" keys
<qman__> then you should be able to connect on 25 with TLS
<qman__> and authenticate
<qman__> but it's not secure using those
<marc_12314> qman__:  ok, so  cfdisk to trash the partition of sda1 and create a new one would do?
<riz0n> I understsand. I just want it set up right.
<riz0n> I had copied the main.cf/master.cf from the old server. Apparently it didn't like that too well.
<qman__> marc_12314, as long as it doesn't find the old metadata you're good
<qman__> marc_12314, you may have to zero it, or at least into it some
<qman__> riz0n, yeah, some stuff has changed since then
<riz0n> yeah the dovecot was mad. but i took the default files from a fresh install, rewrote them and fixed dovecot (The only thing I want dovecot to do that it doesn't do out of the box is not set "read" flag on POP3 retrievals)
<qman__> best to figure out how your config differs from lucid stock, then apply those changes to precise stock
<riz0n> ok so I see that my old server has an smptd.crt and key file, should I copy those from the old server into the new one and apply those to my main.cf, or should I just generate new files?
<qman__> either is fine, you can use the old certs as long as they're still valid and you're using the same server name and stuff
<hallyn> stgraber: should be all fixed
<riz0n> in fact i have the same "smptd.crt" in the /etc/ssl/certs and smptd.key in /etc/ssl/private ... I generated them on the server.
<qman__> yeah, that will all be needed
<qman__> and there may be other files needed as well
<riz0n> I think the old server was named HMCS-Server. The new server is HMCS-Virt-00 so I imagine the files from the "old server" will not be valid.
<qman__> the cert only cares about your mailname/the domain name you connect to it with
<qman__> if that's the same, it's ok
<riz0n> yeah everything is the same
<qman__> the end user only sees that, so that's what it's up against
<riz0n> you know what
<riz0n> I think Outlook is playing games with me
<riz0n> I created a *new* account, put the IP of my test server in, and it delivered the message.
<uvirtbot> New bug: #1009422 in krb5 (main) "(CVE-2012-1013) krb5 : kadmind denial of service" [Undecided,New] https://launchpad.net/bugs/1009422
<marc_12314> qman__:  how do I remove the metadata from the drive?  I found some info about  "mdadm --zero-superblock /dev/sda"  but it say it's for version 0.9, but I see version 1.2 on my drives.
<riz0n> I have one more question, if you can help me with, and I'll quit bugging you. What is the best/easiest way to dump mysql from one server, and load it into another?
<stgraber> hallyn: looks good, thanks
<marc_12314> qman__:  never mind, looked like the version didn't matter, tried it and it worked, I was then able to add it back to the array and it's now syncing.   thanks a lot for your help!
<hallyn> stgraber: I guess I'm going to have to add freeing of lxc_conf and all its members.  yuck.
<hallyn> (at some point)
<stgraber> hallyn: I'll also have to take care of memory management in my own C code at some point ;) doing the refcounting stuff is quite a pain with all these python stuff everywhere :)
<JoeCoder> hello.  I'm using courier-imap.  When a mail client creates a new folder, I need it to have the write permission for the group.  It's probably a long shot that anyone here knows the answer.
<JoeCoder> it currently creates folders with the permission 640; I need 660
<JoeCoder> etc/courier/imapd has IMAP_UMASK=007
<riz0n> ok, so here is where I am at with this postfix. When I try to send a message out, it asks me for username and password, but it is not accepting the password.
<riz0n> i copied the three cert files out of the old server and put them in the new server
<riz0n> I think it is an issue with "SASL"
<JoeCoder> I don't know a lot about it, but I don't think a password failure could be caused by bad cert settings
<JoeCoder> have you checked /var/log/mail.log for errors?
<riz0n> Jun 21 23:19:24 hm-cs postfix/smtpd[11634]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
<riz0n> Jun 21 23:19:24 hm-cs postfix/smtpd[11634]: warning: Ferguson-Gateway.ferguson.lan[5.10.1.254]: SASL LOGIN authentication failed: generic failure
<riz0n> Jun 21 23:19:24 hm-cs postfix/smtpd[11634]: lost connection after AUTH from Ferguson-Gateway.ferguson.lan[5.10.1.254]
<riz0n> Jun 21 23:19:24 hm-cs postfix/smtpd[11634]: disconnect from Ferguson-Gateway.ferguson.lan[5.10.1.254]
<JoeCoder> I wonder what directory it can't find.
<riz0n> not sure!
<JoeCoder> I found this line in my unbutu server config script; not sure why I added it.
<JoeCoder> mkdir -p /var/spool/postfix/var/run/saslauthd
<JoeCoder> looks like my sasl is chrooted, not sure.
<JoeCoder> looks like I used this tutorial to get sasl setup:  http://www.rackspace.com/knowledge_center/index.php/Mail_Server_-_Secure_Connection_-_Configuring_saslauthd
<JoeCoder> this advice probably isn't helpful; but it's the best I've got.
<JoeCoder> here's the top index of the tutorial:  http://www.rackspace.com/knowledge_center/index.php/Ubuntu_10.04_LTS_(Lucid)#Postfix
<riz0n> yeah thats what i have now is a fully functioning 10.04 server, but i am wanting to migrate everything over to a new 12.04 server
<JoeCoder> I recently did a migration and it was dead simple; not much had changed
<JoeCoder> of course, I keep one big config script of everything I've installed
<riz0n> this server has been up since 08
<JoeCoder> so it was just a matter of tweaking that script in a few places, updating version numbers, and a couple config files had different settings.
<riz0n> hence the reason i want to replace it :P
<JoeCoder> my server hasn't been up yet at all.  it's still a vm that I'm writing software for; nothing launched.
<riz0n> well im kinda doing the reverse of what you are doing
<riz0n> going from a single server to a virtual machine that will run as a VM
<JoeCoder> my desktop / main computer is windows, which I need for work.  So for developing my side project on ubuntu, I installed samba and shared / as a drive on my windows machine
<JoeCoder> now I've got eclipse running on windows editing php files directly on the machine.
<riz0n> so it looks like an issue with saslauthd
<riz0n> i dunno this is all screwed up. i think im going to have to just start all over with this new server
<JoeCoder> that's what I did.
<riz0n> guess for now im stuck with the old 10.04 server till the drive crashes =/
<JoeCoder> just ran my same config script again, in small increments, watching for errors as I went.
<uvirtbot> New bug: #920197 in swift "[SRU] webob last stable version 1.1.1 response header bug" [Undecided,Confirmed] https://launchpad.net/bugs/920197
<JoeCoder> I accidentally overwrote /etc/postfix/main.cf  How can I get back the default version from 12.04?
<SpamapS> JoeCoder: mv /etc/postfix/main.cf /etc/postfix/main.cf.oops ; apt-get install postfix --reinstall -o 'DPkg::options=--force-confmissing'
<SpamapS> JoeCoder: I *think* that might work
<SpamapS> JoeCoder: note that that would restore *any* conffiles you've removed..
<JoeCoder> ok, thanks
<SpamapS> JoeCoder: another way is to just find the .deb, extract it, and copy the file out
<SpamapS> as in, dpkg -x file.deb /tmp/foo
<JoeCoder> that sounds easier
<SpamapS> yeah, probably less to go wrong there too ;)
<aknewhope> how come when trying to install apache2 via ubuntu-server on a rackspace instance, comes back with no such package?
<aknewhope> ubuntu-server docs states to do that and its on packages.ubuntu.com
<aknewhope> im using apt-get install apache2 with sudo
<JoeCoder> it works for me with 10.04; haven't tried 12.04 yet.
<JoeCoder> (although I will be in a few weeks)
<aknewhope> yeah i was using 12.04. That's prob why. Isn't there a file somewhere to add it to so it can find it?
<JoeCoder> where can I get postfix.deb ?
<JoeCoder> or whatever it should be called?
<JoeCoder> not that I now of.  I'm running 12.04 in a vm and the install worked fine for me.
<JoeCoder> rackspace has decent support
<JoeCoder> I usually open up a chat window with them.  not sure if the officially support third party software, but the haven't turned me down yet.
<Degot> Hi ,All.. I've installed VirtualBox 4.1.12 to Ubuntu 12.04 server... But there is no /etc/init.d/vboxweb-servcie script. How to fix it ?
<JoeCoder> I'm also running 12.04 server inside virtualbox
<JoeCoder> and I've never heard of that file.
<Degot> )) virtualbox inside 12.04
<JoeCoder> ah, sorry
<nocturnal_> if i install ubuntu server and then run xinit or startx, there will be no wm correct?
<nocturnal_> or am i wrong
<archman> hello, i'm using Ubuntu 9.10 with ntp (* NTP server is running.). ntp.conf has 'server 2.hr.pool.ntp.org', but i get enormous clock drifts, in example, 5mins change in 8 hours
<archman> forward
<archman> driftfile has '-73.919' - what does this mean?
<ttx> archman: means that your clock is off by 0.0079%
<ttx> err 0.0073919%
<archman> 0.0073 'too fast' cause of the minus?
<ttx> so approximately off 6 seconds per day
<archman> hmm, sonething's wrong, then
<archman> it drifted 5mins on 8 hrs
<archman> s/on/in
<ttx> archman: http://www.ntp.org/ntpfaq/NTP-s-sw-clocks-quality.htm
<sw> hi. we need to share user accounts/directories across servers, would openldap be best to use for this?
<ninstaah> Hi all, my ubuntu 12.04 64 bit LAMP keeps freezing (cannot even ssh into it) and after a reboot it is working again - any pointers would be much appriciatet. Where could I start looking for errors like this?
<archman> ttx: i don't know the reason. would it be wise to disable ntpd and do a hourly cron with ntpdate?
<ttx> archman: if you can't get ntpd to work properly, that solution would be better than nothing
<sw> hi. I need to install sun jvm >=1.5, what package would that be? I see there's plenty of java packages floating around ...
<ironm> Good morning. Does anyone of you run interface bonding on ubuntu 12.04?
<ironm> Do I really need "ifenslave" for interface bonding (LinksAggregation) on ubuntu-server 12.04?
<ironm> When I use ifenslave on ubuntu 12.04 interface bonding works as expected (with following config files: interfaces - http://paste.debian.net/175728/ ... and bonding.conf - http://paste.debian.net/175729/)
<ironm> I have tested some configurations (see config files in brackets) without ifenslave, and *no* one works :( interfaces - http://paste.debian.net/175730/ ... bonding.conf - http://paste.debian.net/175731/ ... modules - http://paste.debian.net/175732/ ). Do you have an idea what do I miss? Thank you in advance for any hints or examples of working config files without using ifenslave.
<ironm> there is *no* working and documented interface bonding configuration in unbuntu administration guide
<ironm> all configurations I have tested (without ifenslave) didn't work ...
<jamespage> sw: ubuntu not longer provides Sun/Oracle Java through the partner archive
<jamespage> so your choices are: openjdk-6 or openjdk-7
<jamespage> sw: the packages follow a common structure
<jamespage> openjdk-6-jdk - full JRE and JDK
<jamespage> openjdk-6-jre - just the JRE
<jamespage> openjdk-6-jre-headless - JRE less bits that pull in lots of desktop things - good for servers
<jamespage> OR
<jamespage> you can use the default-jdk, default-jre-headless, default-jre packages
<jamespage> which in Ubuntu 12.04 point to openjdk-6 (thats changing to openjdk-7 in 12.10)
<bnemec> hello?
<sw> jamespage: hi. I used this in the end: https://github.com/flexiondotorg/oab-java6
<sw> getting this error though when running '$ant dist': 'Unable to locate tools.jar. Expected to find it in /usr/lib/jvm/java-6-sun-1.6.0.33/lib/tools.jar'
<ironm> do you have any idea why following configs don't work on fresh installed ubuntu-server 12.04? ... bonding-ubuntu.confs
<ironm> http://paste.debian.net/175789/
<ironm> these config worked (for some reason) after I have installed ethtool and ifenslave (testing the interface bonding with ifenslave)
<ironm> thank you in advance for any hints
<jamespage> sw: well that is provided by the official openjdk-* packages in the repository
<jamespage> my experience is that the Oracle distribution of Java is not as well integrated into the distro and the openjdk packages
<jamespage> sw: are you running java 6 or java 7?
<sw> jamespage: 6
<sw> jamespage: should I stop following that link and use the ones that are already in the repository? all I basically need this for is to be able to use irccat :-)
<ironm> jamespage, is there another alternative to the java/JDK stuff yet? .. (like python / django framework)
<jamespage> sw: I would just use whats in the distro
<jamespage> I do everyday :-)
<jamespage> ironm, depends what you want todo
<jamespage> there are always alternatives....
<ironm> jamespage, what would be your recommendation for programming portal applications
<sw> jamespage: ok, will do that. this is what I need it for, by the way: https://github.com/RJ/irccat. apart from that, I never use java
<jamespage> ironm, mmm - not sure TBH - never really been a fan of portals
<jamespage> in my experience most requirements for a 'portal' turned out to be requirements for a website with a content management system
<ironm> jamespage, yes ... it is more than CMS
<bnemec> anyone feel like answering questions about dell OMSA on 10.04?
<koolhead17> hello jamespage
<thesuperlogical> Hi all - Maybe someone here can help me with adding two new HDDs to my 12.04 Server. Setup was 2x500GB, listed as /dev/mapper/pdc_bchiehhifh (ext3) and /dev/mapper/pdc_bchiehhifh5, RAID1 !? Now I've added 2x1TB, configured to be a RAID 1 in my HP N40L microserver.
<RoyK> erm - you've configured it in raid-1 on a hardware raid controller? or in md? or lvm?
<thesuperlogical> It's the builtin N40L Sata AMD /?RAID Controller. Server setup suggested to create a LVM during setup
<RoyK> what does `cat /proc/partition` say?
<uvirtbot> New bug: #1016435 in ceph (main) "remove btrfs recommendation" [Low,Confirmed] https://launchpad.net/bugs/1016435
<RoyK> thesuperlogical: I don't know if the n40l qualifies for a 'hardware raid controller', though
<ironm> it looks like I have the reason. ubuntu native ifenslave (in case there is one) doesn't understand the syntax in "interfaces". First after installing ifenslave2.6 it started to work. ... ikonia, probably you can see more than me ... do you have any idea why following configs don't work on fresh installed ubuntu-server 12.04? ... bonding-ubuntu.confs - http://paste.debian.net/175789/
<thesuperlogical>  http://piratepad.net/xt0vzKtO24
<RoyK> no hardware raid there
<RoyK> if you had hardware raid, the new mirror would show up as a single drive
<RoyK> but never mind that, just configure it as a software mirror with mdadm or lvm
<RoyK> that is - looks like dm-1 is that mirror
<thesuperlogical> ok, so I'll simply go with mdadm and ignore that /dev/mapper stuff, the setup created?
<RoyK> no, forget about mdadm
<RoyK> lvm is just as good
<RoyK> pastebin "vgs;pvs;lvs"
<RoyK> (or the output of those :P)
<RoyK> oh, btw, looks like dm-0 and dm-2 is about the same size, something overlapping?
<thesuperlogical> thanks a lot RoyK
<thesuperlogical> RoyK just one more question... what excactly does /dev/mapper/pdc_bchieh... stand for
<RoyK> it's /dev/mapper/volumegroup-logicalvolume
<lifeless> this is dmraid FWIW
<lifeless> AFAICT
 * RoyK hasn't used dmraid and may be utterly wrong
<thesuperlogical> dmraid = FakeRaid?
<RoyK> oh
<RoyK> dmraid
<RoyK> is fakeraid
<RoyK> != good
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
 * RoyK slaps ubottu 
<lifeless> thesuperlogical: yes, dmraid is also called fakeraid
<lifeless> its actually a very good compromise
<lifeless> I have added load balancing to reads for dmraid mirrors, though you need to build your own kernel with the patchset.
<RoyK> lifeless: really, how would it be better than just md raid?
<uvirtbot> New bug: #1010908 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1010908
<uvirtbot> New bug: #1013641 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,Invalid] https://launchpad.net/bugs/1013641
<rbasak> lynxman: I think the mysql innodb corruption thing is an actual bug, given that we're getting tons of reports
<lynxman> rbasak: afaict it's due to an upgrade from <5.0 to 5.5
<rbasak> lynxman: not sure though. There does seem to have been a sudden influx of mysql bugs for some reason though
<lynxman> rbasak: there's a binary innodb incompatiblity between 5.0 and 5.1
<rbasak> I see
<rbasak> Perhaps our postinst should refuse to do the upgrade or something?
<lynxman> rbasak: all tables need to be dumped and restored from scratch to upgrade, if not that'll happen :/
<lynxman> rbasak: hmm... could be indeed
<lynxman> rbasak: upgrading from 5.1 to 5.5 is also problematic
<lynxman> rbasak: I had a ton of issues myself, had to blog about it even :)
<lynxman> rbasak: http://devroot.org/2012/04/26/mysql-upgrade-to-ubuntu-12-04/
<rbasak> thanks
<rbasak> It's annoying for us because we get tons of bug reports. I think we could do something to manage it better, but not sure what exactly.
<rbasak> Fundamentally it's sometimes too complex for server packages to upgrade smoothly _automatically_ because of the complexities of what users can do with them
<lynxman> rbasak: that's the thing... how far do we want to go to think for the user in this case, MySQL is a serious enough business and most of these bugs are solved by removing the old innoDB files and letting MySQL recreate them since they're only used by the internal mysql log if the user haven't created anything else there
<halvors> Isn't the package "opendchub" avaliable in the ubuntu repo?
<rbasak> But the postinsts are stuck with trying to do it, and then apport encourages users (particularly desktop users using "server" packages) to file bugs
<lynxman> rbasak: yeah, we don't get that many bugs from people who actually run servers :)
<rbasak> I wonder if we could tell apport to not file bugs for particular packages, and instead point them to some suitable documentation and ask them to file a bug less automatically (still via apport though) if they still think it's a bug
<rbasak> The packages that come to mind are mysql, samba and openldap
<lynxman> rbasak: if there was an option to do that that'd be awesome, all of those have complicated user intervention needed upgrade routes
<rbasak> samba is special though as it's a desktop package too, but desktop users shouldn't have changed the default configuration at all
<lynxman> rbasak: hear hear
<rbasak> (and if samba fails to upgrade when the default configuration has changed, then that is a bug and should be filed as such)
<rbasak> s/has/hasn't/
<lynxman> rbasak: who should we talk for that, foundations?
<rbasak> lynxman: jamespage has been looking at these kinds of things. We had a session on it at UDS-Q. But we were looking at some more basic things first I think.
<uvirtbot> New bug: #1014532 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,Invalid] https://launchpad.net/bugs/1014532
<lynxman> rbasak: hmm hope there's any way to push a fix for precise, otherwise we'll be swamped in bugs
<jamespage> lynxman, if we can come up with a good test case then probably
<jamespage> but as you state its hard to cover all of the bases....
<lynxman> jamespage: definitely
<thys> hi, I just installed rtorrent and according to the tutorial I am following there should be a .rtorrent file and rtorrent in home folder but there are none. Where should I look?
<thys> http://tutorialsplus.net/ubuntu-10-10-lan-torrent-seedbox-with-avalanche-rt-lighttpd-rtorrent-vsftpd-and-samba/
<lifeless> RoyK: you can boot off of a degraded set
<RoyK> lifeless: you can boot off a degraded md set too
<lifeless> RoyK: how?
<RoyK> start computer, wait for grub to timeout, boot
<lifeless> RoyK: if the main drive is the one that died, that doesn't work.
<lifeless> RoyK: e.g. sda goes boom.
<RoyK> main drive? in md?
<RoyK> it's a mirror
<lifeless> md isn't supported by the bios, so you have a primary boot volume
<lifeless> s/volume/disk/
<RoyK> bios jumps to first available harddisk
<lifeless> also md and dm can both do raid 5
<RoyK> starts grub
<RoyK> grub is installed on both sides on the mirror
<RoyK> so if sda dies, sdb will do the booting
<RoyK> and last I checked, you can't boot off an md raid-5
<lifeless> you can off of dmraid 5
<lifeless> including degraded sets
<RoyK> and normally you don't *want* to boot off anything else than a mirror, or at least, I wouldn't, since I'd rather use a mirror for the root and raid-[56] for the data
<RoyK> lifeless: still, you can boot off a degraded raid-1 md set without issues
<lifeless> if you go through the hoops to set it up, sure.
<RoyK> oh, shut it, please
<RoyK> standard ubuntu install installs grub on both drives in a mirror
<RoyK> what else would you need?
<uvirtbot> New bug: #1011220 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1011220
<uvirtbot> New bug: #1012060 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,Invalid] https://launchpad.net/bugs/1012060
<brendand> Daviey, have you heard of this issue before: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1016444
<uvirtbot> Launchpad bug 1016444 in linux "Broadcom NetXtreme II detect network hardware fails due to can't find bnx2 firmware" [Undecided,Confirmed]
<brendand> Daviey, it's happening in Quantal
<uvirtbot> New bug: #982597 in mysql-5.5 (main) "package mysql-server-5.5 5.5.22-0ubuntu1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,Invalid] https://launchpad.net/bugs/982597
<Daviey> brendand: new in quantal?
<brendand> Daviey, yeah for sure
<Daviey> brendand: yeah, kernel team are aware of it...
<brendand> Daviey, right, so that might be a dupe then since i only got around to raising it this morning
<brendand> Daviey, good to know though. if you know a bug number please tell me
<Daviey> brendand: Something along the lines of a more complex way of loading the firmware.. or something
<Daviey> Anyway, i confirmed with them 2 weeks ago they were aware of it
<Daviey> brendand: sorry, no bug number to hand.
<uvirtbot> New bug: #1014447 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1014447
<smb> SpamapS, When you get in: would you mind me taking squid3 as a merge-practising-target from you?
<uvirtbot> New bug: #1016505 in xinetd (main) "CVE-2012-0862: enables unintentional services over tcpmux port" [Undecided,New] https://launchpad.net/bugs/1016505
<smoser> kirkland, byobu ran from one system, back on the other system. the dots around it showing the second systems' smaller terminal
<smoser> how do i kick that second system off (to resize to my larger local systems terminal size) in tmux
<smoser> ie, in screen i'd hit 'ctrl-a shift-f'
<Daviey> kirkland: Whilst you are on the hilights... Have you considered doing a screen merge?
<rbasak> Hey smoser! I've got a patched apt working (currently hardcoded to use the new scheme) and the debootstrap patch looks trivial. I've started writing up a spec on it for wiki.u.c. Still pending is a global option as well as a per-repo fallback to the old behaviour. Once done and assuming that the patches are good, what should our next steps be?
<smoser> i guess i have a couple thoughts
<smoser>  * did you run this by mvo or david?
<uvirtbot> New bug: #1016558 in dovecot (main) "package dovecot-common 1:1.2.9-1ubuntu6.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1016558
<smoser>  * can we make a ppa with your apt and debootstrap?
<smoser>  * can we get utlemming to show us how to run a quantal S3 mirror with rbasak MAGIC! for larger scale testing
<smoser>  * we still need to fixup debmirror, right?
<rbasak> david and mvo know the plan, right? I've not got the patch reviewed by anyone yet, no.
<rbasak> PPA with apt and debootstrap can happen no problem
<rbasak> debmirror will still need to be fixed
<rbasak> As well as ubumirror, and any other mirror scripts we want to fix
<smoser> right.
<rbasak> Also we'll want to publish a by-hash generator somewhere
<rbasak> With apt-utils, perhaps? To go with apt-ftparchive
<smoser> you mean one that you point at a repo and it adds that data.
<smoser> right?
<rbasak> Yes
<smoser> yeah.
<smoser> rbasak, thank you for doing this.
<rbasak> So I think two approaches in parallel but independent: 1) mirror scripts to be able to mirror normally and mirrors that support by-hash without races (but don't regenerate by-hash), and 2) a script that generates by-hash
<smoser> '1' is rsync mirrors ? or are there other mirror scripts that would get the by hash data without explicit support?
<rbasak> They either need explicit support, and rsync scripts will need tweaking for race-free operation
<smoser> right.
<smoser> rsync scripts need tweaking to be race-free
<smoser> but are there other mirror methods than rsync that basically do a full directory mirror
<smoser> and would, thus, just get the by-hash data without knowing about it
<uvirtbot> New bug: #1009996 in glance (main) "Logrotate error for glance-registry" [Medium,Fix released] https://launchpad.net/bugs/1009996
<uvirtbot> New bug: #982658 in glance (main) "glance-client has wrong short description" [Low,Fix released] https://launchpad.net/bugs/982658
<rbasak> smoser: I'm not sure I follow
<rbasak> Also, let's say I do a PPA with apt, debootstrap and debmirror patched. We still won't be able to test the installer :(
<rbasak> I'll have to do a mirror of main for some particular arch to do an end-to-end installer test
<uvirtbot> New bug: #1016560 in squid3 (main) "Please merge squid3 3.1.20-1" [Wishlist,In progress] https://launchpad.net/bugs/1016560
<smoser> rbasak, are yo usoure we couldn't test the installer?
<smoser> you can add additioal repos i think to the installer. i think
<rbasak> I don't think we can test it from a PPA
<rbasak> For a start, debootstrap is embedded in the initrd
<smoser> or, woudl you need to convince debootstarp to get apt from there.
<rbasak> Yeah but debootstrap would still have a race
<smoser> hm..
<rbasak> I got around this for the highbank enablement by using my own mirror of main
<rbasak> It's not hard, just needs a bit of space somewhere
<smoser> rbasak, wellthats why i suggested s3 mirrors
<rbasak> Actually that was for some other reasons too
<rbasak> I can generate a netboot installer initrd image with a customised debootstrap without too much difficulty too
<smoser> ie, you and i use utlemming's scritps to run our own improved mirror of quantal
<rbasak> On the existing production S3 mirrors or on a separate one?
<utlemming> smoser: the S3 mirrors don't mirror ports.ubuntu.com, which is where the ARM code sits
<smoser> utlemming, well, that is actually ok for the moment. and i suspect that they can mirror arbitrary remote http://, right?
<smoser> ie, so we can tell them to.
<rbasak> utlemming: this isn't ARM-specific. We can test on amd64 if we decide to. I would have tested on armhf as I have access to ARM hardware so that's handy to keep in mind though, thanks
<smoser> and i dont want the official s3 mirrors to be touched.
<Daviey>  .
<smoser>  o
<rbasak>  |
<rbasak> OK, so next steps I think are: 1) Decide how to do fallback; 2) I add fallback to apt, patch debootstrap, patch one mirroring system (utlemming's?); 3) I publish PPA; 4) Set up test mirror (S3?); 5) Test
<rbasak> And what about after testing? Push for support in the official archive? Or a package for maas integration or something?
<utlemming> rbasak: patch mirror system?
<rbasak> utlemming: yeah to generate the by-hash directory and make sure that updates are race-free (ie. by-hash gets updated before InRelease)
<rbasak> Oh, and we'll want to sign this mirror with our own key, so that we can use InRelease instead of Release.gpg
<rbasak> (since Release.gpg/Release has its own race)
<Daviey> Are there not plans to get this into the official archives ?
<utlemming> rbasak: the by-hash directory is easy....maintaining it is going to be the harder part
<utlemming> rbasak: when do you need this by?
<rbasak> Daviey: my understanding from UDS was that cjwatson and slangasek were both OK with it in principle but wanted to see a PoC first
<smoser> Daviey, the goal would be to be in proper archive.
<rbasak> Daviey: the alternative to official archive integration would be to have a squid-deb-proxy-like package for maas users to use
<rbasak> (as a stop-gap until official archive integration happens)
<Daviey> rbasak: right, thanks
<smoser> but if we can find a way to resonably do this outside of main, for this cycle, then i'd accept that.
<rbasak> But the plan is entirely flexible. How do you think we should approach this?
<rbasak> utlemming: I'm not sure about timing. It sort of depends on the plan
<Daviey> setting up a proof of concept in the cloud seems like a good idea to me.. then invite Steve and Colin to look, then involve IS.
<rbasak> utlemming: I'd be happy to take your scripts and add this feature though
<utlemming> rbasak: k, ping me when you get started...there is a gotcha regarding generating the deletion set....and I've been burned a couple times with it.
<rbasak> utlemming: ready to start whenever you are - this aspect isn't dependent on my other patches
<utlemming> rbasak: give me 20 minutes and I'll ping you and we can talk that over
<rbasak> OK, thanks!
<rbasak> utlemming: just realised I have a meeting in ten minutes, sorry. Can I ping you after that?
<jamespage> utlemming, reviewed walinuxagent - merge proposal waiting for you to review (thought that might be easier)
<utlemming> jamepage: L)
<utlemming> er, :)
<jamespage> lol
<SpamapS> rbasak: re the PHP5 bug, I'd wait until the end of June to do another merge from Debian, since Wheezy is freezing on June 30, so if they're going to upload any new stuff, it will be before June 30
<rbasak> SpamapS: that makes sense - thanks!
<uvirtbot> New bug: #1016592 in libnss-ldap (main) "libnss-ldap should not depend on libpam-ldap" [Undecided,New] https://launchpad.net/bugs/1016592
<smoser> kirkland, ping...
<smoser> i know some where, you used to do a 'sed' of a server install iso so that it would not change graphics modes and could be run with kvm -curses'
<smoser> maybe roaksoax remembers this hack?
<uvirtbot> New bug: #1011627 in six (universe) "[MIR] python-requests" [Undecided,Fix released] https://launchpad.net/bugs/1011627
<thesheff17> is there anyway to run commands inside an lxc container after it is started?
<matti> thesheff17: Yes.
<thesheff17> lxc-execute?
<matti> thesheff17: http://lxc.sourceforge.net/man/lxc-start.html
<matti> thesheff17: It might not work if you have older LXC.
<matti> I do wonder...
<matti> http://lxc.sourceforge.net/man/lxc-execute.html
<matti> LOL
<thesheff17> I'm running 12.04 so the version should be good
<stgraber> thesheff17, matti: the command for that is lxc-attach and it won't work unless you've patched your kernel
<stgraber> so yeah, there's a command but it doesn't work
<thesheff17> so is there a best way to run post startup commands?
<matti> stgraber: Ah, that oone :)
<matti> stgraber: Thanks!
<matti> thesheff17: As init script perhaps?
<stgraber> thesheff17: currently you'd have to rely on ssh or on dumping init scripts inside the container before starting it
<thesheff17> ah ok...prob easy to clone a lxc container with my ssh keys already inside....then do something with rc.local
<uvirtbot> New bug: #1016639 in ipsec-tools (main) "LT2P VPN connection issue" [Undecided,New] https://launchpad.net/bugs/1016639
<uvirtbot> New bug: #999142 in quantum (universe) "quantum-rootwrap missing and associated sudoers.d entries." [Medium,Fix released] https://launchpad.net/bugs/999142
<stgraber> hallyn: hey, a few thoughts from yesterday :) How much of a pain would it be for you to implement a timeout option to wait()? and once we have that, do you think we should implement shutdown() in the API or just have it done in python (kill -SIGPWR container.init_pid / container.wait("STOPPED", 30) / container.stop())
<hallyn> stgraber: both should be ok
<hallyn> new userns kernel is in my ppa, ot a little tescase written (which passes, phew)
<hallyn> biab
<stgraber> yay!
<adam_g> zul: do you have a python-glanceclient packaging branch anywhere yet?
<zul> adam_g: should be in the regular places
<adam_g> nice
<hallyn> stgraber: i guess i'll implement an lxc_monitor_read_timeout() which uses select(2) ,and use that from lxc_wait...  probably won't commit that today yet
<stgraber> ok
<jsnapp> smoser, thanks for your help yesterday, the cloud-init iso works great
<smoser> good.
<jsnapp> smoser, as i mentioned i use vmware vsphere client which shows the console as the ubuntu vm boots up ... the only problem is that the boot kernel parameters default with console=ttyS0 which means if I want to watch the system boot I have to modify that to be console=tty0
<jsnapp> is there any way around that?
<smoser> jsnapp, ther is not a good way to do that. soryr.
<smoser> you could open a bug that says we should have more 'console=' arguments on that line.
<smoser> and that would acutally work.
<smoser> but the issue is that once upstart take over, it only writes to one of the console= (the last one)
<smoser> so you'd only see kernel messages on one of them.
<smoser> so it woudl take upstart work to make it better.
<jsnapp> smoser, ok thanks
<smoser> feel free to open a bug.
<smoser> i'd like to have it be better.
<jamespage> adam_g, pls can you check the notification email address in the QA lab - getting alot of bouces
<adam_g> jamespage: oh jeez, one sec
<jamespage> adam_g, looks malformed
<hallyn> stgraber: eh, well, http://people.canonical.com/~serge/waittimeout is the route i'm going, but i haven't tested yet, and i'm ducking out for lunch.  bbl
<adam_g> jamespage: fixed, sorry bout that
<jamespage> adam_g, ta - no problem - just did not want a full inbox on monday (and was worried noone was getting notified)
<uvirtbot> New bug: #1016673 in autofs (main) "Extra forks on automount initialisation & HUP signal" [Medium,Fix committed] https://launchpad.net/bugs/1016673
<sidnei> so, i installed libvirt-bin, but running virsh just hangs. where should i start looking?
<sidnei> uhm, i wonder if this has anything to do with it
<sidnei> 2012-06-22 18:24:40.444+0000: 8971: error : networkCheckRouteCollision:1660 : internal error Network is already in use by interface virbr0
<jsnapp> smoser, where do i open a bug about the console stuff?
<smoser> jsnapp, file it here:
<smoser> https://bugs.launchpad.net/ubuntu/
<smoser> subscribe me, and utlemming. tag it 'ec2-images' and 'cloud-images'.
<jsnapp> smoser, ok thanks
<jsnapp> smoser, what package do i report the bug against?
<smoser> you can pick cloud-init for now.
<jsnapp> ok thanks
<smoser> thank you, jsnapp
<jsnapp> smoser, new bug is here https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1016695
<uvirtbot> Launchpad bug 1016695 in cloud-init "add console=tty0 to cloud-image kernel boot parameters" [Undecided,New]
<jsnapp> smoser, let me know if i goofed anything up ... i don't report bugs often
<smoser> well, its good to start. thank you.
<uvirtbot> New bug: #1016695 in cloud-init (main) "add console=tty0 to cloud-image kernel boot parameters" [Undecided,New] https://launchpad.net/bugs/1016695
<pdtpatrick> QUestion - I'm trying to write an upstart script but I keep getting "stop/waiting" .. is there a log somewhere I can look that explains what is going on? I'm already looking at /var/log/syslog and /var/log/upstart/<scriptname>. Here's my script so far: http://pastie.org/private/xcjc5c2wp8auamy9ydco0g
<pdtpatrick> nvm - figured it out
<uvirtbot> New bug: #997927 in openvpn (main) "NM reports "VPN service 'openvpn' disappeared"" [Undecided,New] https://launchpad.net/bugs/997927
<sarthor> Hi, How to solve this Error, http://paste.ubuntu.com/1054904/
<sarthor> Problem with MergeList /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_maya_restricted_binary-i386_Packages
<genii-around> sarthor: sudo rm  /var/lib/apt/lists/*   && sudo apt-get update
<sarthor> genii-around: rm: cannot remove `/var/lib/apt/lists/partial': Is a directory
<genii-around> sarthor: Thats fine
<genii-around> sarthor: The sudo apt-get update   after is whats important, populates that directory again
<halvors> I'm trying to block all traffic to a specific host with iptables, how do i do that? My interfaces is eth1 (Internett) and eth0 (LAN).
<r3dLunchb0x_> halvors: have you looked at this? https://help.ubuntu.com/community/IptablesHowTo
<halvors> iptables -A INPUT -i eth0 -s 192.168.50.21 -j DROP
<halvors> ?
<guntbert> halvors: no, if you want to block traffic *to* this host
<halvors> But what about outgoing and incomming?
<uvirtbot> New bug: #990388 in cups (main) "acces denied samba printer shares after upgrade precise" [Undecided,Confirmed] https://launchpad.net/bugs/990388
<pdtpatrick> halvors: r u trying to block traffic leaving the box to a certain host?
<pdtpatrick> why not just block the traffic from the host itself? so if ur trying to block traffic from A to B, then do the blocking on B.
<uvirtbot> New bug: #1009601 in bind9 (main) "package bind9 1:9.8.1.dfsg.P1-4ubuntu0.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1009601
<uvirtbot> New bug: #1012446 in samba (main) "package winbind 2:3.4.7~dfsg-1ubuntu3.10 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Undecided,New] https://launchpad.net/bugs/1012446
<uvirtbot> New bug: #1013501 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1013501
<Daviey> hallyn: hey... Can you make use of kvm/qemu spice without access the the hypervisor?
<Daviey> hallyn: ie, if i give you full networking to a vm here.. can you use spice.. without having access to the host?
<uvirtbot> New bug: #1016744 in openvpn (main) "OpenVPN example easy-rsa 2.0 issues" [Undecided,New] https://launchpad.net/bugs/1016744
<hallyn> Daviey: in a nested vm under that vm, or changing that vm to use spice?
<hallyn> you need to switch to qxl video in kvm itself, so i tink the answer is no
<hallyn> you can make *use* of it, but you can't switch to it from vnc/vmware/cirrus
<hallyn> Daviey: i'm outta here soon fwiw
<halvors> pdtpatrick: I have a lan host that not should access the internet for security reasons. I have a Ubuntu box as router, i would like to block all traffic to the internet from there.
<pdtpatrick> Im assuming then the host will forward packets to your ubuntu router. Just have your router drop the packets
<pdtpatrick> from it
<halvors> Ok, with what iptables command?
<halvors> iptables -A INPUT -s 192.168.50.21 -j DROP
<pdtpatrick> i think in ur case it would be in the FORWARD rules
<pdtpatrick> so u can put in ur default INPUT OUTPUT and FORWARD to DROP
<pdtpatrick> and then just allow the interfaces you want, and the host that isn't in that list is automatically dropped
<halvors> I would like to add manually that host that should be dropped.
<pdtpatrick> check out this post
<pdtpatrick> http://www.linuxquestions.org/questions/linux-networking-3/iptables-rules-for-an-ubuntu-gateway-filtering-connections-to-and-from-internet-549482/
<halvors> iptables -A FORWARD -i eth0 -o eth1 -s 192.168.50.21 -j DROP
<halvors> then?
<pdtpatrick> if ur interfaces are setup in that manner - sure
<halvors> But interfaces or host first? Also -i and -s?
<halvors> If i don't forward from outside to inside (NAT) would that still allow for connection from inside and that they actually can get response.
<Daviey> hallyn: have i missed you?
<halvors> pdtpatrick: Like this? pdtpatrick:
<halvors> Obs
<Daviey> hallyn: use case, does spice make sense in openstack.. ie, you as a guest only have access to the instance.. not the hyper visor
<halvors> iptables -A FORWARD -i eth1 -o eth0 -j REJECT
<halvors> Or it is: iptables -A FORWARD -i eth1 -o eth1 -j REJECT
<halvors> pdtpatrick: ?
<pdtpatrick> REJECT and DROP are different
<pdtpatrick> you need to understand them. One will reject and send a message back to the host. The other will just drop the packet and send no message
<pdtpatrick> in ur case since ur trying to block internet - then use DROP
<pdtpatrick> you'll also want to do something like - iptables-save > oldiptables
<pdtpatrick> keep a copy of ur working config that way if it gets screwed up, you can also "iptables-restore < oldiptables"
<hallyn> Daviey: i dunno, could different ami's trigger different xml for the guests to enable spice?
<pdtpatrick> halvors: i'll also recommend joining #netfilter
<hallyn> Daviey: see https://wiki.ubuntu.com/SergeHallyn_spice for what openstack would need to do
<Daviey> hallyn: yeah, that is the plan
<hallyn> stgraber: all right i think i left yoru tree in a working state, with the wait timeout and shutdown defined
<Daviey> hallyn: but i thought spice required access to the host qemu, not just the 'machine'
<Daviey> to use a spice remote client, that is
<hallyn> Daviey: i don't understand what you're saying.  it requires different args to qemu.  if openstack can change those based on ami or some setting, then it'll work
<hallyn> (or, different xml contents)
<halvors> pdtpatrick: May i ask you some questions in pm?
<pdtpatrick> i'll try to answer
<Daviey> hallyn: I mean getting a remote desktop.. i thought the spice protocol was exposed through the host, rather than networking from the outside world to the vm
<hallyn> Daviey: how is that different from vnc?
<Daviey> hallyn: it's not, but i can't use a vnc client from my local machine atm.  There is a web-based novnc client via the openstack web dashboard tho.. but that is really for debugging, rather than a 'desktop experience'
<Daviey> hallyn: I'm trying to work out if it makes sense to make spice part of the story.
<hallyn> Daviey: i think it makes sense.  now if openstack isn't amenable to exporting the spice port somehow from the cpu host, maybe we can do something where spice runs on the client and exports its own desktop.  basically like how you could run x11 inside vnc on the guest.
<hallyn> interesting problem
#ubuntu-server 2012-06-23
<fredrik2> Hi! I can't get Postfix with Dovecot SASL working correctly.
<fredrik2> I followed the server guide, but with no sucess.
<fredrik2> When i telnet host 25. I'm not seeing the AUTH option
<fredrik2> I've restarted postfix, dovecot & sasauthd & even reinstalled everything
<fredrik2> Started postfix in -v mode. Checked logs.
<fredrik2> Don't know what do next. Anyone ?
<Daviey> hallyn: thanks, now have a good weekend :)
<excalibr> Is there a way to sync packages/configs across multiple servers?
<escott> !clone | excalibr
<ubottu> excalibr: To replicate your packages selection on another machine (or restore it if re-installing), you can type Â« aptitude  --display-format '%p' search '?installed!?automatic' > ~/my-packages Â», move the file "my-packages" to the other machine, and there type Â« sudo xargs aptitude --schedule-only install < my-packages ; sudo aptitude install Â» (this currently may cause problems with multiarch) - See also !automate
<trimeta> Does ubuntu-zfs install anything to help me perform a weekly scrub of the zpool? There seem to be mentions of cronjobs in the changelog, but I have nothing in /etc/cron.*.
<trimeta> Oddly enough, my version of zfsutils is 0.6.0.65-0ubuntu1~precise1, despite the latest version online being 8.3~svn226546-6...maybe this is related to the problem.
<trimeta> Oh, that's just for kfreebsd.
<halvors> May somone help me with my iptables setup?
<halvors> iptables -P INPUT DROP
<halvors> iptables -P OUTPUT DROP
<halvors> iptables -P FORWARD DROP
<halvors> iptables -A INPUT -i lo -j ACCEPT
<halvors> (13:42:34) halvors: iptables -A OUTPUT -o lo -j ACCEPT
<halvors> (13:42:36) halvors: iptables -A INPUT -i eth0 -j ACCEPT
<halvors> (13:42:36) halvors: iptables -A OUTPUT -o eth0 -j ACCEPT
<halvors> (13:43:28) halvors: iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
<halvors> (13:42:34) halvors: iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
<halvors> My current config-
<Cromulent> use a pastebin...
<remix_tj> halvors: what's the problem?
<halvors> Well, my LAN hosts can't access the internet
<halvors> The best way is to DROP anything and allow what i want, right?
<halvors> remix_tj: You there? :)
<remix_tj> yes
<remix_tj> uhm
<remix_tj> i think it's correct. Where are your lan devices connected?
<halvors> on eth0
<halvors> And eth1 is WAN :)
<halvors> remix_tj: Did you get that? I forgot to mention your nick :(
<remix_tj> with this config
<remix_tj> you can't go to the internet because incoming packets are dropped, so you're not able to open tcp connections
<remix_tj> maybe you should add something like
<remix_tj> iptables -A FORWARD -p tcp -m state --state RELATED, ESTABLISHED -j ACCEPT
<remix_tj> and
<remix_tj> you should insert something allowing icmp echo reply halvors
<remix_tj> without that rule clients cannot get ping response
<halvors> client can't get ping response from the Ubuntu Box or?
<remix_tj> from host in the internet
<halvors> Shouldn't i do something like: iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED, ESTABLISHED -j ACCEPT
<halvors> You mean for remote hosts to be able to ping the Ubuntu box?
<remix_tj> you should explicitely specify -p tcp
<remix_tj> (afaik)
<remix_tj> for icm reply i mean your LAN hosts cannot ping outside machines
<remix_tj> *icmp
<halvors> Why should i specify tcp?
<halvors> With that i allow TCP, UDP and ICMP, right?
<halvors> iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED, ESTABLISHED -j ACCEPT
<remix_tj> -p tcp
<halvors> Why?
<halvors> Shouldn't i be able to use UDP and ICMP?
<remix_tj> halvors: maybe do not work, i no not remember if iptables has a conntrack method for icmp and udp
<remix_tj> *do not
<halvors> hmm.
<halvors> So you mean that this command won't work?
<halvors> 148.122.169.23
<halvors> Obs
<halvors> iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED, ESTABLISHED -j ACCEPT
<halvors> That should be routing tcp...
<remix_tj> halvors: try
<remix_tj> if does not work you'll get an iptables error message
<halvors> Ok.
<halvors> Thanks you.
<halvors> Maybe i'll loose connectivity now when trying this out.
<halvors> remix_tj: When using the command "iptables -A FORWARD -p tcp -m state --state RELATED, ESTABLISHED -j ACCEPT" how gain udp and icmp too?
<remix_tj> uhm
<remix_tj> this depends on conntrack of the operating sistem, i do not know if there is something for conntracking udp and icmp, since they are stateless
<RoyK> halvors: afaik there is no real conntrack for udp and icmp, since those are stateless protocols
<jkyle> anyone have a reference for installing juju on osx?
<jkyle> zookeeper keeps failing for me, figure others would have to solve that too
<halvors> I get an error with isc-dhcp-server, this is the error i'm getting:
<halvors> Jun 23 18:32:50 skymia-server dhcpd: /etc/dhcp/dhcpd.conf line 129: subnet 192.168.50.1 netmask 255.255.255.0: bad subnet number/mask combination.
<halvors> Jun 23 18:32:50 skymia-server dhcpd: subnet 192.168.50.1 netmask 255.255.255.0
<halvors> Jun 23 18:32:50 skymia-server dhcpd:                                         ^
<halvors> Why?
<halvors> Isn't that right?
<halvors> When i does:
<halvors> "service isc-dhcp-server restart" get the error message, "Unknown instance"...
<TheLordOfTime> have you heard of patience before?
<TheLordOfTime> !Patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<TheLordOfTime> sometimes it takes a bit to get an answer
<TheLordOfTime> just an FYI
 * TheLordOfTime thinks you've got more than one issue going on though
<halvors> Sorry, but i'm in a bit if a hurry here.
<halvors> Is there any way to restore the startup script to default? Also the one from the dhcp3-server package.
<RoyK> halvors: I guess perhaps a bad character at the end
<RoyK> or perhaps a missing semicolon
<jkyle> wow, that was quite the drive by question.
<jkyle> off hand, 192.168.50.1 isn't a subnet
<jkyle> halvors: 192.168.50.1 isn't a subnet, pastebin your conf though
<halvors1> Solved it, thanks for help :D
<RoyK> halvors1: network problems? ;)
<halvors1> Yrah.
<halvors1> Yeah.
<jkyle> Daviey: ping
<axisys> a pci compliance require adding some awareness if someone delete a log file.. what is the least amount of work to acheive that with a security pkg may be?
<axisys> we are sending the log file to splunk and arcsight.. but there might be another way to achieve locally.. bsm audit looks not verbose and open-audit does seems only look at hardware
<axisys> s/not verbose/too verbose/
<axisys> did not see much discussion in https://help.ubuntu.com/12.04/serverguide/security.html
<axisys> AppArmor profile does not look to be least amount of work..
<Skaag> trying to rescue a crashed system, that had software raid
<Skaag> I believe raid5 on /dev/sda2, /dev/sdb2 and /dev/sdc2
<Skaag> I'm now in "rescue mode" and I have no idea how to assemble them back
<axisys> Skaag: you could boot from a live cd and fix it that way as a easier route
<Skaag> I'm already in the shell, trying to use mdadm...
<axisys> cat /proc/mdstat ?
<axisys> oops.. i have to run..
<Skaag> it shows me md127 with sda2 and sdc2 but not sdb2
<Skaag> and md0 with sdc1 which is the /boot partition I believe
<Skaag> is the order important?
<Skaag> right now I have sdb2, sda2, sdc2 but i'm not sure that's the original order of physical devices in the array
<qman__> the order is irrelevant
<qman__> it can assemble in any order, the metadata says what's where
<Skaag> ok cool
<Skaag> so /proc/mdstat now says it's rebuilding
<Skaag> but I'm failing to mount it
<Skaag> despite having an active raid5 device
<Skaag> maybe now there's lvm on top..?
<qman__> possibly
<Skaag> i'm lost.
<Skaag> how do I know what type of volume is on /dev/md127 â¦ ?
<qman__> you can fdisk -l
<qman__> actually not
<qman__> trying to remember what the right thing is
<Skaag> all frisk says is about the physical devices, they are all Linux raid autodetect
<Skaag> fdisk
<Skaag> damn autocorrect...
<D3lirious> Good day, or evening .. how is everyone Im good my self lol
<TheLordOfTime> SpamapS:  i hope you're around
<D3lirious> chatty group aint ya lol
<TheLordOfTime> patience
<TheLordOfTime> :P
<qman__> well, this is a support channel; if you have a question, !ask it
<Daviey> jkyle: hey
<qman__> if you're just looking to chat, I think it's #ubuntu-social
<TheLordOfTime> qman__:  isnt it -offtopic?
<qman__> probably
<Daviey> jkyle: How are you doing?
<iSIEMENS> Hello!
<Yankees52> !ops
<ubottu> Help! Channel emergency! soren, lamont, mathiaz, Pici, Daviey, Tm_T or pmatulis
<Yankees52> ban me
<IdleOne> Yankees52: why do you keep doing this?
<Yankees52> i am drunk right now ban me!
<IdleOne> so what was your excuse for this morning?
<Yankees52> hangover
<IdleOne> I wonder if there is something more productive you could do with your time
<Yankees52> drink booze!
<IdleOne> I mean you seem like a half intelligent person.
<Yankees52> ban me!
<Yankees52> vodka babty
<Yankees52> baby
<qman__> not to fuel a fire, but high intelligence tends to lead to substance abuse rather than away from it
<patdk-lap> thought it leads to bordom
<patdk-lap> and then various other bad activities, like virus making
<patdk-lap> spam emails
<patdk-lap> ...
#ubuntu-server 2012-06-24
<lamont> and children
<AnAnt> Hello, I am using LDAP authentication on my machine, the problem is that lightdm (unity-greeter)  doesn't show all users on LDAP, neither does it allow entering an arbitrary user, how can I fix that ?
<ikonia> AnAnt: please don't cross-post your question in multiple channels, pick the best channel and ask in theere
<AnAnt> ikonia: which is the best channel ?
<ikonia> AnAnt: up to you
<AnAnt> is pam-auth-update supposed to update /etc/pam.d/lightdm ?
<AnAnt> I note that it already includes common-* files
<ikonia> AnAnt: as I'm reading it now
<ikonia> no
<AnAnt> so back to square one
<ikonia> it looks like you will need to do that manually, I don't even think it's meant to update lightdm (it's questionable about if it should be designed to do that)
<AnAnt> ikonia: but what should I add ?
<ikonia> AnAnt: it depends on the setup
<ikonia> AnAnt: have a little research on pam rules
<ikonia> (also use what's there as an idea/guide)
<AnAnt> ikonia: ok, there's another problem with lightdm, that it doesn't allow to enter a username (ie. I only can select from a list of usernames)
<ikonia> someone has asked about that before
<ikonia> AnAnt: that is configurable......I just don't know/can't remember where
<AnAnt> ah, greeter-show-manual-login
<ikonia> well done
<AnAnt> funny thing is that the default is true !
<AnAnt> erm, maybe I'm wrong
<AnAnt> thanks
<Italian_Plumber> good morning.  I am testing a machine where I am adding a minimal GUI.  I have installed "gdm" and several other packages, but not the full GUI found on ubuntu desktop.  What is the package for the GUI program for adding and maintining users?  I can't seem to find it.
<SpamapS> TheLordOfTime: did you need something?
<SpamapS> Italian_Plumber: perhaps look into Lubuntu.. which gives you LXDE.. a very light weight desktop
<Italian_Plumber> SpamapS: thanks, I had forgot about that... that's a good idea for what I want to do
<marc_12314> I constantly have error message in my syslog with  "[drm] nouveau 0000:01:00.0: DDC responded, but no EDID forâ¦"â¦ is it possible to tell the system to ignore those messages so they don't get in the log??  (it's for a headless server with very old graphic card and very old monitor, only used so I can see the bios when I bootâ¦ so I don't really care about that error)
<marc_12314> using syslog-ng btw
<JanC> you get that error repeatedly?
<marc_12314> yes, something about the video card not able to identify the monitor I guess
<marc_12314> every 10 seconds
<marc_12314> you can imagine my syslog :P
<JanC> I don't use syslog-ng, but maybe blacklisting nouveau is an option too
<marc_12314> I see that the config file have some  destination / filter / log  settingsâ¦ I found that  I can set a destination named d_drop with no destination, so it would simply drop those messagesâ¦ but can't find how to filter what I need :/
<marc_12314> how would you go about blacklisting nouveau?
<marc_12314> (I hate that name "nouveau", it means "new" in frenchâ¦ make no sense to me that is the graphic card drivers :P)
<JanC> I know french  ;)
<JanC> I guess it was a word game: NouVeau to make a new NVidia driver  ;)
<marc_12314> JanC: could beâ¦ I can live with that  :)
<JanC> anyway, blacklist the nouveau module
<marc_12314> If I blacklist that module, does it mean I won't have any screen output after the bios ?
<JanC> I think it will use text mode instead of a framebuffer
<marc_12314> soâ¦ I create a new file in  /etc/modprobe.d/   and simply put   "blacklist nouveau"
<marc_12314> is that correct?
<JanC> yes, afaik
<JanC> there might also be a way to disable EDID in nouveau, but I don't seem to have a manpage for it
<marc_12314> ooooh, look at that, there's a loading screen on ubuntu 12.04â¦  I never saw that before :P  guess the driver was crashing, I always had a blank screen for 2-3 seconds before the login prompt
<marc_12314> it worked perfect, clean log now :)
<marc_12314> (well, kinda)
<JanC> blame nvidia (Linus did it before you ;) )
<marc_12314> lol, yeah, I saw that!  very funny
<JanC> actually, the rest of that talk was a lot more interesting
<marc_12314> didn't had time to look at the talk yetâ¦ pretty weird, I found 2 source for the full talk video (vimeo and youtube) in both case the screen goes blank when I load the page...
<marc_12314> wow, every link I find that is supposed to have the full video goes blankâ¦ wtfâ¦.
<JanC> marc_12314: youtube/vimeo need JavaScript etc.
<JanC> maybe even Java and/or flash
<marc_12314> JanC: everything else works, I can see all videos, but everything about that talk in full length, the page goes blankâ¦ really weird
<JanC> you have any content filter?
<marc_12314> nope.   but closed the browser and now it's workingâ¦
<JanC> nice, now you will see Linus explaining to the entrepreneur society why and how he avoided becoming an entrepreneur...  âº
<JanC> (but also saying thanks to the entrepreneurs who built their company on selling linux)
<marc_12314> JanC, thanks a lot for your help.  I'll try to find time to watch that video later tonight.
<Womkes> What is currently the correct way to restart networking
<Womkes> sudo /etc/init.d/networking restart tells me that it's depricated
<ikonia> Womkes: service networking restart
<JanC> ikonia: plus "sudo"  ;)
<ikonia> but of course
<JanC> in most cases at least
<Womkes> stop: Unknown instance:
<Womkes> networking stop/waiting
<Womkes> I get that?
<Womkes> Supposed to do that?
<jpablorp> Hola, Alguien me puede ayudar con una configuracion de un servidor dhcp para que los clientes de este tengan internet
<jpablorp> alguien me podria ayudar porfa
<escott> !es
<ubottu> En la mayorÃ­a de los canales de Ubuntu, se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol entre al canal #ubuntu-es; escriba "/join #ubuntu-es" (sin comillas) y presione intro.
<jpablorp> :S
<jpablorp> can you help me?!
<TheLordOfTime> !help
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<jpablorp> ok, i have a server of DHCP and i want to give network for my clients but i don't now how
<jpablorp> know *
<uvirtbot> New bug: #1016905 in openssl (main) "dovecot: imap-login segfault" [Undecided,New] https://launchpad.net/bugs/1016905
<uvirtbot> New bug: #1017003 in php5 (main) "package php5-cli 5.3.10-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1017003
<uvirtbot> New bug: #1017113 in juju "Juju test suite fails sporadically due to low timeouts" [Medium,Confirmed] https://launchpad.net/bugs/1017113
<uvirtbot> New bug: #1017141 in samba (main) "package winbind 2:3.6.3-2ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 1016886)" [Undecided,New] https://launchpad.net/bugs/1017141
<uvirtbot> New bug: #1016895 in samba (main) "smbd crashed with SIGABRT in dump_core()" [Medium,Confirmed] https://launchpad.net/bugs/1016895
<uvirtbot> New bug: #1016971 in postfix (main) "package postfix 2.8.5-2~build1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/1016971
<uvirtbot> New bug: #1017004 in php5 (main) "package php5-cli 5.3.10-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 1017003)" [Undecided,New] https://launchpad.net/bugs/1017004
<uvirtbot> New bug: #1012224 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,Invalid] https://launchpad.net/bugs/1012224
<jpablorp> !help
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<uvirtbot> New bug: #1017237 in samba (main) "package libpam-smbpass 2:3.6.3-2ubuntu2.2 failed to install/upgrade: subprocess installed pre-removal script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/1017237
<RedBeard_> hello, does anyone know a good video capture software suitable for ubuntu-server ? and is it possible to run in non-GUI mode?
<RedBeard_> for security type cameras
<RoyK> RedBeard_: vlc or ffmpeg or ...
<RedBeard_> ok great, is it possible to run it without starting the GUI ?
<RoyK> RedBeard_: yes
<RoyK> RedBeard_: ffmpeg is commandline only, but a bit hard to setup, vlc has commandline mode
<RedBeard_> ok , i plan on running a virtual box running pfsense for my dhcp/firewall, etc.  i want to have as many resources available, while still capturing video
<RedBeard_> i am currently running pfsense freebsd directly installed, but im not sure if i can also do vid cap, so i thought i would need to install ubuntu instead and Vbox pfsense
<RoyK> RedBeard_: you want to capture video on pfSense?
<macnix> need a bit of help restoring an LVM volume
<patdk-lap> restoring?
<macnix> yeah, I can't seem to mount it anymore
<macnix> I keep getting "mount: you must specify the filesystem type"
<patdk-lap> you don't mount lvm
<macnix> and if I go with -t ext4, I get "wrong fs type, bad option, bad superblock on /dev/mapper/lvm--raid-lvm0"
<patdk-lap> what does blkid say?
<macnix> patdk-lap: nothing for /dev/lvm-raid/lvm0
<patdk-lap> hmm
<macnix> ok the raid6 however I get: /dev/md2: UUID="sJxydW-lMTJ-fsQn-Bln1-z6Cj-Dt6F-OPxMtr" TYPE="LVM2_member"
<macnix> which I can't mount
<patdk-lap> ya, that seems fine
<macnix> I've found this: http://www.softpanorama.org/Commercial_linuxes/LVM/recovery_of_lvm_partitions.shtml
<macnix> following the LVM setup recovery
<uvirtbot> New bug: #945176 in txaws "Support privateIpAddress and ipAddress" [Medium,Fix released] https://launchpad.net/bugs/945176
#ubuntu-server 2013-06-17
<brad100> does anyone here use thunderbird with postfix-dovecot? for some reason thunderbird cant verify my account and i cant figure out why
<Patrickdk> well, only one of two problems
<Patrickdk> setup thunderbird wrong
<Patrickdk> setup dovecot wrong
<Patrickdk> you do have logs right?
<brad100> yeah
<brad100> how would i show them to you? xD im a complete noob im sorry
<Patrickdk> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<brad100> which logs do i show you
<brad100> it would have to be dovecot
<brad100> @patrickdk
<chaz68> http://imagebin.org/261604 - Anybody got some ideas here.  I'm running out of ideas...
<chaz68> Using Apache
<brad100> @Patrickdk
<brad100> anyone?
<TimRe> does anybody know how I can setup domain.com/~username just for webpages and be able have my users just login into there directory an noting else?
<qman__> TimRe, apache mod_userdir
<Austneal> Hello!
<Austneal> I'm trying to set up postfix / dovecot to use virtual users / multiple domains... would anyone like to help me? :S
<Austneal> have looked at tons of guides and tutorials, but none of them seem to turn out for me
<Austneal> I mean, I can get postfix / dovecot installed and working with system accounts... but when I try to do anything with virtual users / domains is where I have a ton of trouble
<qman__> Austneal, https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto
<Austneal> qman__ if that works, Ill love you :P
<Austneal> Nope, already not working
<Austneal> its telling me to remove a line that doesnt exist
<Austneal> "Comment the line  mailbox_command = procmail -a "$EXTENSION". It will not be used."
<Austneal> that line isnt in the file
<Austneal> continued on.... now I've hit another dead end
<Austneal> sigh... should have stuck with windows server
<Austneal> telling me to go to /home/vmail/domain.com/
<Austneal> doesnt exist....
<qman__> create it
<qman__> it's not meant to be taken verbatim, you have to substitute your actual setup for it
<Austneal> that kind of defeats the purpose of setting this up, doesnt it?
<Austneal> alright though... I'll try it
<Austneal> nope, still failed
<qman__> that directory must be writable by postfix
<Austneal_> that was strange
<Austneal> how would I see if its writable by postfix?
<qman__> postfix run as the user postfix
<qman__> that user needs write permission, so you either need to chown it or chmod it appropriately
<Austneal> uh...
<qman__> postfix can't deliver mail there if it can't write to it
<Austneal> tutorial made me chown it for a different user
<Austneal> er
<Austneal> it set that as the home directory to a user I created
<qman__> oh, didn't see that
<qman__> it has you create a user dedicated to this
<qman__> ok
<qman__> so what failed
<Austneal> it didnt make the mailbox folder
<Austneal> when I sent it mail, it said the delivery permanently failed
<qman__> and /home/vmail existed, and was owned by the vmail user?
<Austneal> correct
<Austneal> actually... wait
<Austneal> how would I see who owns that directory?
<qman__> ls -l
<qman__> also, it doesn't automatically create the domain directories, the user add script does
<Austneal>  drwxr-xr-x  3 vmail  vmail  4096 Jun 17 04:57 vmail
<qman__> the script under "Create Dovecot Users"
<Austneal> Ok... what but I manually created them like you said to earlier :/
<Austneal> let me restart service and try again
<qman__> did you follow through that part with that script?
<Austneal> not yet
<Austneal> it told me to test it with the mail command first
<Austneal> which also didnt work
<qman__> ok
<Austneal> should I try to create the script first?
<qman__> looks like an oversight in the guide
<qman__> while the domain.com may or may not be auto generated, and the users' directories are auto generated, /home/vmail is not necessarily auto generated
<Austneal> has been there anyway
<Austneal> ....
<Austneal> message didnt go through
<Austneal> "/home/vmail" is there
<qman__> show me the exact error line
<qman__> tail /var/log/mail.err
<Austneal> screen just flooded with lines....
<qman__> should have only grabbed the last 5
<Austneal> which one would you like? :/
<Austneal> this looks relevant:
<qman__> just pastebin it all
<Austneal> Jun 17 01:45:51 domU-12-31-39-0E-16-55 postfix/postmap[18340]: fatal: open /etc/postfix/transport: No such file or directory
<Austneal> ok
<Austneal> one sec
<qman__> ah, that's definitely important
<qman__> was that from some other guide? it's not in this one
<Austneal> um... Im not sure
<Austneal> http://pastebin.com/SLdEEseB
<Austneal> It very well could be >.<
<qman__> ok, what I think you need to do is start fresh
<qman__> and by that I mean, apt-get purge all the mail packages
<qman__> and reinstall, getting fresh, stock config files to work with
<Austneal> I did apt-get purge
<Austneal> and autoremove
<Austneal> there was no /etc/postfix directory when it was done :/
<qman__> did you use --purge when you did autoremove?
<Austneal> apt-get autoremove --purge
<Austneal> ?
<qman__> yes
<Austneal> ugh
<Austneal> so... I need to remove postfix and dovecot, yeah?
<qman__> yeah, purge those packages, then apt-get autoremove --purge
<Austneal> dovecot didnt remove
<qman__> that will blow away all the config and data relating to those packages so you can start fresh
<qman__> might be dovecot-common
<Austneal> it didnt
<Austneal> all of the dovecot config files are still there
<Austneal> no again :/
<qman__> ok
<qman__> try also dovecot-imapd and dovecot-pop3d
<qman__> and then, do dpkg -l | grep dovecot
<qman__> if any are still installed, purge them
<qman__> and, after that, if the directory still exists, remove it
<Austneal> this is strange
<qman__> same with postfix
<Austneal> ah, ok
<Austneal> 4 packages left
<qman__> the thing is, the default modes are intentionally non-destructive, they will keep your old config and databases in case you wanted to recover it
<qman__> but in this case we want to blow it away and start fresh
<qman__> you won't have to remove and re-add the vmail user though
<qman__> a user is a user
<Austneal> alright, all done
<Austneal> now... start over on the guide? >.<
<qman__> yes
<qman__> this time you should have a stock default config to work with and you should get a working mail server out of it
<Austneal> alrighty... here goes
<qman__> if not, pastebin the errors and your postfix configs
<Austneal> rgr
<Austneal> ...still missing that first step
<Austneal> it says to comment out a line that doesnt exist... that shouldnt be a problem though, should it?
<qman__> no
<qman__> it's telling you to remove it, so if it's not there, you're already set
<Austneal> Ok, im to the part of sending a test email
<Austneal> failed again...
<Austneal> http://pastebin.com/LDFFTSUP
<Austneal> qman__, theres the log... its still giving that same error
<qman__> ok
<qman__> do service postfix restart
<Austneal> done
<qman__> in that log, it's showing that postfix was called with no options, and then it was attempted to start while running
<qman__> try the mail again and post again
<Austneal> rgr, one sec
<Austneal> message failed again
<qman__> same errors?
<qman__> try to find any references to that file, /etc/postfix/transport, in the postfix config
<qman__> just grep for it
<Austneal> nothing in the main.cf
<Austneal> and Im not seeing anything in master.cf
<qman__> ok
 * Austneal is stumped
<qman__> just as a test
<qman__> touch /etc/postfix/transport; postmap; service postfix restart
<Austneal_> Sorry, webchat froze up on me
<Austneal_> what about that error? :/
<qman__> <qman__> touch /etc/postfix/transport; postmap; service postfix restart
<qman__> then try the mail again
<Austneal_> fatal: usage: postmap [-Nfinoprsvw] [-c config_dir] [-d key] [-q key] [map_type:]file...
<qman__> oh, postmap transport
<qman__> sorry
<Austneal_> kk
<Austneal_> ...transport?
<Austneal_> or vmaps?
<qman__> actually I don't think that's right, hold on
<qman__> postmap /etc/aliases; postmap /etc/postfix/vmaps
<Austneal_> run that?
<qman__> yes
<qman__> then restart postfix, then mail again
<Austneal_>  postmap: warning: /etc/aliases, line 2: record is in "key: value" format; is this an alias file?
<qman__> ok, what about vmaps
<Austneal_> failed again
<Austneal_> um... idk, thats all it gave me
<qman__> ok, so vmaps worked
<qman__> post the new log
<Austneal_> looks like it
<Austneal_> http://pastebin.com/BYyPmrnp
<qman__> ok, so the only new line is that error
<qman__> what about mail.log, anything in there?
<Austneal_> there is...
<Austneal_> http://pastebin.com/kYwENYxu
<qman__> there we go, now we have something
<qman__> user unknown
<qman__> is that email address in vmaps?
<Austneal_> it is
<Austneal_> vmaps looks like this:
<qman__> oh, I know what's up
<qman__> see that earlier line about mydestination
<Austneal_> test@domain.com      domain.com/test
<Austneal_> aaah
<Austneal_> I forgot the trailing slash
<qman__> mydestination should be a local domain name, not your internet domain
<qman__> it's conflicting with the virtual domain
<Austneal_> ?
<qman__> in main.cf
<qman__> for example, mine is "mydestination = hilltopsrv.home.hilltop.local"
<Austneal_> so I should remove my domain name from it?
<qman__> because yours is set to your actual domain name, postfix sees that first and tries to deliver to a local user that doesn't exist
<qman__> set it to a local, internal-only name
<Austneal_> "localhost"
<Austneal_> ?
<qman__> no
<qman__> localhost has special meaning
<qman__> it should be your servers' hostname .something
<Austneal_> .something? :/
<qman__> you would follow whatever convention you're already using on your network
<qman__> mine is hilltop.local
<Austneal_> ...this is the only server on the network
<Austneal_> im not following >.<
<qman__> then you need to start one, do you have a workgroup or something?
<Austneal_> no....
<Austneal_> this is an aws server
<qman__> ok, then I would do it like this
<qman__> hostname.aws.yourdomain.com
<qman__> you don't actually have to make it resolve beyond your own server
<qman__> it's also a good idea to add that to the hosts file so that it points at itself
<Austneal_> that sounds like a good idea >.<
<Austneal_> ok... I think I got it
<Austneal_> added that name to the hosts file, and pointed it to localhost... yeah?
<qman__> well, point it to your IP, but yeah
<qman__> not a big deal as it will only affect locally-bound mail
<Austneal_> I think it worked >.>
<Austneal_> ...it didnt work
<Austneal_> the mail sent, but its not showing
<Austneal_> oh...
<Austneal_> one sec
<Austneal_> bleh
<Austneal_> still now showing up
<qman__> ok, what's mail.log say now?
<Austneal_> ...wheres the log at again?
<qman__>  /var/log/mail.log
<Austneal_> http://pastebin.com/wad00TL0
<qman__> ok, this is the relevant error: maildir delivery failed: create maildir file /home/vmail/arachtis.com/test/tmp/1371449797.P12689.arachtis.com: Not a directory
<qman__> so, I would do this: rm -rf /home/vmail/arachtis.com
<qman__> and see if it recreates it
<Austneal_> ok, resend the mail?
<qman__> if it doesn't, I would do: mkdir -p /home/vmail/arachtis.com/test; chown vmail.vmail -R /home/vmail
<qman__> don't need to resend, it should keep trying
<qman__> you can send more if you like
<Austneal_> it made a bunch of directories
<qman__> ok, did the mail get delivered now?
<Austneal_> i think so...
<Austneal_> there are 3 files in the "new" folder
<qman__> ok, then it did
<qman__> postfix is working
<Austneal_> \o/
<Austneal_> now on to the dovecot mess xD
<qman__> pretty sure the myhostname was the root cause of the problem and the rest was caused by poking at it
<Austneal_> cd /
<Austneal_> ...that was supposed to go into the terminal >.<
<Austneal_> lol
<Austneal_> ...will a self signed cert work well with dovecot?
<qman__> it will work
<qman__> you have to accept it at the client
<qman__> if you want peoples' mail clients to 'just work' without giving them a warning, though, you will need to buy one
<qman__> there's also startssl which offers a free, trusted SSL cert
<Austneal_> I bought an SSL cert
<Austneal_> Guess I just need to set it up with dovecot
<qman__> dovecot takes it in pem format out of the box
<qman__> just swap it in place of the existing snakeoil pem
<Austneal_> it works with apache at least :/
<austneal> irc froze again...
<Austneal> Im a bit confused...
<Austneal> at the bottom where its making the script... it says to add this code segment
<Austneal> ...add it to what and where at? >.<
<Austneal> derp, nevermind
<Austneal> qman__ which config file was it that set the SSL cert?
<qman__> both the postfix and dovecot config files point at one
<qman__> just search for SSL
<Austneal> email is a nightmare....
<Austneal> getting an error "cant connect to server" when I use SSL
<Austneal> #$&@YT#YU
<Austneal> dovecot is broke
<Austneal> jesus christ
<Austneal> qman__ you still there?
<hackeron> hey, how would I detect and automatically mount a plugged in hard drive? - It used to be dbus/hal but I believe it changed in the last few years?
<halvors> Hi! I have following mailbox_command in my main.cf configuration file for Postfix: mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}"
<halvors> But Procmail needs to be set in the mailbox_command in my main.cf file? How do i do that?
<mardraum> vi main.cf ?
<halvors> No i mean, what should my new mailbox_command look like?
<mardraum> http://www.postfix.org/postconf.5.html#mailbox_command
<mardraum> there is this sweet new thing out there, it's called google
<mardraum> it saves you from asking basic and well documented question on irc
<halvors> Seriously, do you think i'd be asking here if i'd found anything that helps me on google? :P
<halvors> So why not shut down the irc channel since google exists then?
<mardraum> you couldn't even find the postfix documentation?
<greppy> halvors: you would be amazed at the number of people that ask very well documented questions here.
<mardraum> and halvors, yes, I think you would ask here, because I think you are probably lazy and don't reallt want to understand things, just make something work, or think it's working until it breaks and you are back at square one.
<halvors> Well, since i'm using the mail-stack-delivery package, i don't know how tat works with procmail...
<mardraum> 1. install procmail 2. configure postfix
<halvors> I'm asking here since i simply don't find anything useful on google for that issue. If you know the answer please help me instead of bugging me about google :)
<halvors> mardraum: No shit!
<halvors> Could i add 2 mailbox_command lines?
<halvors> Or merge both into one?
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/nova/nova-ftbfs-jun17/+merge/169770
<yolanda> zul, why my changelog entries are appearing in the diff?
<TimRe> does anybody know how I can setup domain.com/~username just for webpages and be able have my users just login into there directory an noting else?
<zul> yolanda:  because i merged them
<yolanda> mm, wasn't it already merged?
<yolanda> anyway, it looks good
<pmatulis_> TimRe: research mod_userdir
<TimRe> ok
<TimRe> anything else I need there pmatulis_
<pmatulis_> TimRe: no, just enable the mod and do a little configuring of apache, it's not much
<TimRe> alright thx for your help
<pmatulis_> TimRe: not quite sure what you mean by 'login there directory and nothing else'.  you probably want chroot ftp access, if so, that would be a separate thing, investigate 'vsftpd chroot'
<TimRe> alright
<TimRe> thx again for that info
<thyrant> hi guys, I need to remove some malicious code from my ubuntu server 10.04.
<thyrant> sudo rm -R /dev/
<thyrant> rm: cannot remove directory `/dev/shm': Device or resource busy
<thyrant> rm: cannot remove `/dev/pts/2': Operation not permitted
<thyrant> rm: cannot remove `/dev/pts/0': Operation not permitted
<thyrant> rm: cannot remove `/dev/pts/1': Operation not permitted
<thyrant> rm: cannot remove `/dev/pts/ptmx': Operation not permitted
<thyrant> how do I stop it from running?
<hallyn> smb: hey, you mentioned a libvirt bug with 1.0.6 in saucy?  can you give some more details for zul and I?
<hallyn> thyrant: what is malicious - the thing pinning/dev/pts/2, or the thing trying to rm -rf /dev?
<hallyn> thyrant: lsof /dev/pts/0 will show you who is pinning that file
<smb> hallyn, sure... I was wondering whether I actually should better open a lp bug report so it is simpler to track
<hallyn> smb: sounds good, thanks
<thyrant> I am the one trying to RM the folder, it won't let me as something there is running
<thyrant> no respons from lsof /dev/pts/0
<thyrant> also it has closed my ssh .. ssh_exchange_identification: Connection closed by remote host
<thyrant> but I still have a ssh window open
<smb> hallyn, zul bug 1191782
<uvirtbot> Launchpad bug 1191782 in libvirt "Timeout connecting 12.04 virt-manager to libvirt 1.0.6-0ubuntu1 in Saucy" [Undecided,New] https://launchpad.net/bugs/1191782
<hallyn> smb: thanks
<thyrant> I am running a ssh session in nautilus which is currently deleting as much as possible of the dir
<Pici> thyrant: what makes you think that there is 'malicious code' in /dev/ ?
<thyrant> well, many of my sites where hacked this friday and when I searched for recently changed files I found a php.ini hidden in the joomla 1.5 filesystem. This joomla install was from way back three years ago and grabbed from a shady site.
<thyrant> so nautilus managed to remove the directory without any errors
<thyrant> I need to make ssh working again, I currently cannot connect
<thyrant> the ssh session i currently have says slots@warcamp:/sites$ cd /
<thyrant> -bash: /dev/null: Permission denied
<thyrant> -bash: /dev/null: Permission denied
<thyrant> -bash: /dev/null: Permission denied
<thyrant> -bash: /dev/null: Permission denied
<thyrant> -bash: /dev/null: Permission denied
<thyrant> slots@warcamp:/$
<airtonix> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<thyrant> sorry..
<greppy> thyrant: I have a feeling the permissions on /dev/null got hosed.
<greppy> which will break all kinds of things.
<thyrant> oh so it's not because of the malicious code?
<jpds> thyrant: Compare "ls -l /dev/null" on a working system and yours.
<thyrant> ls -l /dev/null
<thyrant> -rw-r--r-- 1 root root 0 2013-06-17 16:39 /dev/null
<jpds> thyrant: Well, something changed that.
<thyrant> it's supposed to say crw-rw-rw- 1 root root 1, 3 Jun 17 09:06 /dev/null
<thyrant> anything I can so except for reinstall my OS?
<rbasak> Restore from backup?
<thyrant> which program should I use for this?
<pmatulis_> thyrant: regain confidence in your system by re-installing it.  how big a problem is that for you?
<thyrant> it's something I planned with my hosting guy last Friday when the problems began. I have it booked tomorrow. Backing up my stuff, just wanted to know of my options
<thyrant> for future reference how often to you guys do complete backups of webhosting servers? twice a year? and which program do you use?
<psivaa> hallyn: out of lxc and ceph test hangs that you were investigating, we now have only ceph test hangs. The lxc tests appear to complete fine starting from the images of yesterday
<psivaa> hallyn: i've reported a bug for the ceph test hangs, bug 1191800
<uvirtbot> Launchpad bug 1191800 in ubuntu-test-cases "ceph  smoke tests fail to complete with saucy server installations" [High,New] https://launchpad.net/bugs/1191800
<hallyn> psivaa: can you re-run the lxc tests once again?  half expect them to fail again...
<hallyn> psivaa: when the tests fail, does the utah vm then stay up?
<hallyn> I ran the tests twice on my own box - using utah to setup and start a vm - and it exited both times though with some weird log msgs
<psivaa> hallyn: ok, when the tests hang, then utah vms would be active since utah does not timeout for some reason and destroy the machine.
<psivaa> hallyn: but when the tests complete (even with failure) the vm usually gets destroyed, but we could add a flag -n to keep the vm after the tests
<hallyn> psivaa: you mean utah supports -n now, or you mean that's something that could be added to utah?
<psivaa> hallyn: yes, that support was there from the beginning but we do not use it by default in order not to clutter our servers in the lab
<hallyn> ok, thanks
<hallyn> (right now the box is doing other things :)
<genii> I'm just curious if anyone knows why for mailutils, has to be set in PAM and theres no conf file like /etc/mailutils.conf ... was pissing me off because i have everything else set for that (Dovecot/Exim4/Prayer setup)
<patdk-wk> has to be set in pam?
<genii> patdk-wk: Yes, to use Maildir instead of /var/mail
<genii> eg: So the webmail works but when you ssh/console login, always said "No Mail". Finally got it sorted but finding the info on how to set it took some time, not well documented.
<zul> jamespage/yolanda/roaksoax: https://code.launchpad.net/~zulcss/ceilometer/ceilometer-fbfs-jun17/+merge/169820
<jamespage> zul, ack
<jamespage> zul, I could do with your help on a quantum ftbfs I'm seeing
<jamespage> I had a stab at fixing up the udev issues we see in PPA's
<zul> jamespage:  thats next
<jamespage> but I hit some other weird problems
<zul> openvswitch?
<jamespage> zul, bah - OK - I'll leave it with you then
<zul> jamespage:  i was just going to skip the test if it raises and exception
<jamespage> zul, for udev?
<zul> jamespage:  for the udev race in the test
<jamespage> zul, I don't see a udev race
<jamespage> udev is not supported in the PPA's right?
<jamespage> we already have a skip for one of the tests - I just added it to the two new ones in the same test file
<psivaa> hallyn: a failed lxc vm that's in our server is utah-10304-saucy-server-amd64, if you'd like to have a look
<zul> jamespage:  dont think so
<zul> jamespage:  are you seeing something different?
<zul> jamespage:  EnvironmentError: Could not create udev monitor
<zul> https://launchpadlibrarian.net/142655662/buildlog_ubuntu-saucy-i386.quantum_1%3A2013.2%2Bgit201306170931~saucy-0ubuntu1_FAILEDTOBUILD.txt.gz
<jamespage> zul, yeah - its not a race, its just not accessible in the PPA
<hallyn> psivaa: i just wanted to know that it would fail again.  sounds very sporadic.
<jamespage> zul, but I hit some other issues after that one
<zul> jamespage:  okies ill take a look
<patdk-wk> genii, mailutils does have it's own config file, it's right in the manual
<zul> jamespage:  like what?
<patdk-wk> http://mailutils.org/manual/html_node/configuration.html
<genii> patdk-wk: Deprecated
<hallyn> jamespage: the ceph utah testcases, do they use lxc at all?  (psivaa is getting failures in both ceph and lxc test cases, but sporadic)
<patdk-wk> heh? I tested it, it works on my system
<jamespage> hallyn, nope
<genii> The mailituls.rc doesn't get parsed
<patdk-wk> genii, it does on ubuntu 12.04
<hallyn> jamespage: would you mind taking a look at the ceph failures to see if you can see a root cause?
<patdk-wk> but mailituls.rc won't be, mailutils.rc will be
<hallyn> really I'm thinking it must be environmental...  bad proxy or something
<genii> patdk-wk: Hm, odd. I readt that documentation first and tried setting it that way. I'm using 13.04, maybe it's changed
<genii> Typos aside ;)
<patdk-wk> I have never used mailutils till now :)
<jamespage> psivaa, I thought we got that test disabled as it was not reliable?
<jamespage> hallyn, ^^
<hallyn> huh
<hallyn> :)
<psivaa> jamespage: yea, i think we disabled one of the ceph tests (i386 or amd64 which i could not remember) during the raring cycle but since saucy they were somehow re-enabled
<jamespage> psivaa, just disable them again please
<psivaa> jamespage: both ceph tests?
<jamespage> psivaa, yes please
<hallyn> jamespage: well then thanks for nothing :)
<hallyn> j/k
<hallyn> psivaa: all right i'll look at this after some sru stuff is done
<jamespage> hallyn, we test ceph in a different way now
<hallyn> jamespage: yeah, i was just hoping you'd find a root cause that explained the lxc failures too :)
<psivaa> jamespage: ok will do. it would be better to remove them from the branch. because if they stay there the automatic jenkins smoke test creation script runs it will re-enable the ceph tests again.
<jamespage> psivaa, OK - I'll remove them then
<psivaa> jamespage: hallyn: thank you :)
<jamespage> psivaa, next question - where is the branch?
<psivaa> jamespage: https://code.launchpad.net/ubuntu-test-cases
<progre55> Hi guys. When I run "grep -a <pattern> /dev/sda" I get lots of matches, but now I need to find where those files are located. Tried recursive grep on root, as in "grep -a <pattern> -r --exclude-dir=dev --exclude-dir=proc --exclude-dir=sys /" but didn't get any matches. Any suggestions, please?
<Austneal> hi qman__ :P
<alibama> hi all - i want to set it up so that when users are added to the system their new home directory is /some-path/another-path/email@address
<alibama> where do I configure this?
<alibama> oh yeah, all user names are email@address.edu
<alibama> so it's really just /some/path/username
<Austneal> useradd -b /some/path/username email@address.edu
<Austneal> I think....
<patdk-wk> progre55, why do you assume matches on /dev/sda == matches in files?
<patdk-wk> that would only be true if you where at 100% full filesystem
<PryMar56> useradd -D
<alibama> is there some way to make this a default?
<Austneal> what PryMar56 said
<Austneal> :P
<genii> alibama: DHOME= in /etc/adduser.conf
<alibama> genii: thank you!
<progre55> patdk-wk: well okay, I have split up my /dev/sda and set up lvm. And /dev/mapper/vg-root is mounted to /. When I grep /dev/mapper/vg-root, I get matches, but not when I grep /
<genii> alibama: You're welcome
<genii> alibama: It will automatically make a directory with their username underneath whatever directories you specify in there.
<patdk-wk> progre55, same answer
<alibama> genii: this is perfect - thanks!
<progre55> patdk-wk: thanks :)
<alibama> hey folks - have fixed where the home directory is (thanks genii ) now need to allow the period and @ symbol in the regex
<alibama> basically user names need to be email addresses and so I'm working on editing name_regex
<alibama> "^[a-z][-a-z0-9]*\$" is what I started with - i've tried "^[a-z][-a-z0-9\.\@]*\$" "^[a-z][-a-z0-9.@]*\$" and some other variations, but i'm not getting it right
<sarnold> alibama: no need to backslash-escape . in a [] character class, no need to escape @ at all..
<alibama> sarnold: thanks - let me test - do i need to restart any services?
<alibama> NAME_REGEX="^[a-z][-a-z0-9.@]*\$" is what I've got and it's throwing errors
<sarnold> alibama: depends on the service and where you're setting it...
<alibama> sarnold: it's the adduser command?
<sarnold> alibama: probably don't escape the $ either
<alibama> sarnold: Thanks!
<alibama> that fixed it :)
<sarnold> alibama: nice :)
<sarnold> alibama: oh, maybe change the * to + -- you want at least one character in the username :)
<alibama> ;)
<alibama> where do most folks put their .key and .pem files?
<Corey> alibama: For what, exactly?
<alibama> well just for safe keeping?
<alibama> i just didn't know if there were some best practice or common place to put them
<xsl> hello all ... can anyone help with a bridge configuration and LXC? i need to give a container an external ip from my server
<Corey> alibama: No, I mean which .key and which .pem files?
<alibama> Corey: doh :)  these are just some openssl self signed files
<Corey> alibama: You're still not answering the question. I *get* that they're parts of an OpenSSL keypair, what are they *for*?
<Corey> alibama: Web server? Jabber OTR creds? Mail server? Something else?
<alibama> Corey: sorry man -- they are for sftp access to the server
<sarnold> sftp with x509 certs? o_O
<alibama> i'm going through this process here https://help.ubuntu.com/12.04/serverguide/ftp-server.html
<Corey> Yeah, that's a little nutty, generally one uses SSH keys for that.
<sarnold> ah, FTPS. :)
<alibama> so i guess /etc/ssl/certs is my answer
<Corey> FTPS is the term you're looking for.
<alibama> yeah - sorry for the newb
<sarnold> alibama: actually, can you use sftp instead of ftps? ftp is an old and cranky protocol.
<alibama> sarnold: i think i probably should
<Corey> alibama: But I either stash them in /etc/ssl or /etc/pki; but *watch* your permissions, you don't want those world readable.
<alibama> Corey: cool - i think i have made this vastly more complex than need be
<alibama> so sftp would run over ssh and i don't really need to set up an ftps server at all....
<alibama> that makes pretty good sense, i was confused about sftp vs ftps
<alibama> i think with this in mind I"m going to follow http://kpdirection.com/technology/setting-up-sftp-on-ubuntu/
<Corey> !tutorial
<ubottu> documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com
<Corey> alibama: What's the actual use case you're trying to get done?
<alibama> some folks uploading a bunch of ginormous files to their home directory for use in a bioinformatics app - they're the only ones that need to see their files, and no one else will ever see them
<Corey> alibama: sftp is your friend.
<sarnold> alibama: hrm. That tutorial would allow the web server to write to any user's files. I also don't see any way for users to actually add their own files to those directories. it looks odd.
<Corey> (It also supports things like scp and rsync)
<sarnold> alibama: skip that tutorial.
<Corey> Yeah, that tutorial is nutty.
<alibama> Corey: thanks :)  I think this is going to be much better - they'll have limited shell access with this too?
<Corey> alibama: If you install scponly and set that to their shell, yes.
<alibama> perfect
<brad100> does anyone here use dovecot with thunderbird? i set up dovecot and thunderbird cant verify my account and i dont know why
<mgw> What is the d-i option for setting an alternative ntp server?
<JanC> brad100: check that you configure SSL or TLS correctly if you use that
<JanC> (I hope you use that :p )
<adam_g_> Daviey, any chance you can wave  openstack 2013.1.2 thru the raring upload queue? the original keystone got trumped by security, so there is a new one there (0ubuntu2) to include fixes
<Daviey> adam_g_: I'll review after i've eaten, deal?
<adam_g_> Daviey, sure. but don't forget to eat your vegetables
<Daviey> Yes sir!
<six_storm> hello everyone.  can anyone assist me on a BIND9 setup?
<Daviey> adam_g_: why are there 2 of everything? https://launchpad.net/ubuntu/raring/+queue?queue_state=1
<adam_g_> Daviey, uh i dont see duplicates, with the exception of keystone
<adam_g_> but one supercedes the other
<zul> SpamapS:  is anything happening with MariaDB?
<SpamapS> zul: It has been packaged for Debian and is awaiting somebody to look at the packages.
<zul> SpamapS:  like an archive admin?
<SpamapS> no
<SpamapS> like, a DD
<SpamapS> For some reason I'm the only DD who actually gives a rats ass about MySQL and its demonspawn.
<zul> SpamapS:  hah ok
<Daviey> adam_g_: Ah, i thought it was simply a rebase for an already inflight SRU.  As it's a fresh one, i'd rather look again in the morning now.  Sorry.
<adam_g_> ok
<Corey> mgw: "d-i option?" Multiple "server" lines in ntp.conf isn't working for your use case?
<kobrien> ahoy. everytime I log into my server with encrypted home I have to run "ecryptfs-mount-private". Any idea how I can have it automatically unlock at login?
<tyhicks> kobrien: does the file /home/.ecryptfs/kobrien/.ecryptfs/auto-mount exist?
<kobrien> no. if I touch it, will that sort it?
<tyhicks> kobrien: yes, it should
<kobrien> thanks, I'll try that
<sarnold> tyhicks: is Dustin's answer here no longer The Best Answer? http://askubuntu.com/a/116198/33812
<tyhicks> sarnold: his answer is the Best Answer for that specific question (How do I get an automatic password prompt if I use SSH key authentication?)
<tyhicks> sarnold: kobrien didn't mention anything about using SSH key authentication and the file that indicates that an auto-mount should occur doesn't exist, so I think that creating the auto-mount file should work for kobrien
<sarnold> tyhicks: aha, thanks :)
<tyhicks> np :)
<sh_t> hey folks. I'm trying to create a package with checkinstall that I can use on a few identical debian/ubuntu servers. I've added a few extra lines into my Makefile/install area to create some directories in addition to some similar commands already there (mkdir -p). When I checkinstall on the server that I'm creating the package on (in the source tree) everything in my Makefile is done
<sh_t> correctly. When I copy the package to another server, only some of these commands are actually ran. I've tried --fstrans=no to no avail. any ideas what might cause this?
<mgw1> so, I have this in my preseed â d-i     mirror/http/proxy string http://x.x.x.x:8000/
<mgw1> But tcpdump on host x.x.x.x does not show any traffic on port 8000
<mgw1> On the machine where the installer is running, I can jump to another console and wget via that proxy, but the installer itself is not using the proxy.
<mgw1> Any ideas?
<Corey> mgw1: To my understanding the syntax that kickstart at least is looking for is http_proxy
<Corey> mgw1: Not familiar with "d-i" as you're using it, can you expand it for me?
<sarnold> Corey: iirc, that'd be for the http_proxy environment variable; I don't think apt-get respects that, preferring its own http proxy configuration. iirc. :)
<mgw1> Corey, sarnold: the d-i I believe are debian specific installer options in the preseed
<Corey> sarnold: Right, but that's not during preseed generally. Once the box is up that belongs in etc/apt/apt.conf.d/00proxy
<sarnold> everything I know about it (little) comes from section b.4.4 here: http://www.debian.org/releases/stable/amd64/apbs04.html.en
<mgw1> the mirror/http/proxy string â¦. in the kickstart is along with "d-i mirror/http/hostname string archive.ubuntu.com"
<mgw1> that part is working fine
<mgw1> B.4.4.Â Mirror settings
<Corey> mgw1: And your goal here is to get the proxy used for packages, or something else?
<mgw1> Corey: yes, during a pxe install
<Corey> mgw1: Okay. There was a bug around this back in ~2010 that resulted in that string being applied to all connections (curl, wget, etc) mentioned in the preseed config.
<mgw1> yeah, i saw that  bug
<mgw1> but this is the opposite
<Corey> mgw1: Dumb question, can the node resolve x.x.x.x (assuming hostname and not IP) and route to it?
<mgw1> It's an ip
<mgw1> and yes, it can route to it
<mgw1> I ran the exact same wget mentioned in syslog, but with http_proxy set, and it ran
<Corey> mgw1: This is kinda ridiculous, but... after d-i, is that a space or a tab?
 * Corey distrusts whitespace variances
<mgw1> spaces, same as the other lines
<Corey> (Unfortunately I don't have a convenient environment in which I can play with preseed at the moment)
<Corey> mgw1: Can you redact and paste your preseed.cfg in its entirity?
<mgw1> Corey: https://gist.github.com/mgwilliams/744119549a195edd3bdc
<Corey> mgw1: Sweet, checking.
<mgw1> I just tried changing it to 'manual' â checking now if it works
<mgw1> It's ignoring the directive. 'manual' does nothing either.
<mgw1> actually it does seem to make a difference, in an odd way
<mgw1> syslog complains about no route to the public ip when I changed it to 'manual'
<mgw1> Whereas with it there it just complains that the archive is broken
<Corey> mgw1: Debian wiki states: Be aware there is only one space in preseed files between subkey and value on "owner key/subkey value" lines.
<Corey> Not sure if that's a hard and fast rule or not; if so I'd expect you to see more failures?
<mgw1> yeah, the preseed was based on one from elsewhere, and it arranged everything into columns
<mgw1> Everything else (up to that point) is working.
<BAMbanda> does ubuntu-server essentially offer the full ubuntu terminal eith the only exception of no gui?
<jcastro> yes
<Corey> mgw1: Sorry about that, the bat-phone rang. :-)
<Corey> mgw1: In all of the examples I see that use the proxy setting, it gets set after the rest of the apt/http config options are passed.
<mgw1> Corey: I tried it both ways
<mgw1> As I saw it both ways
<Corey> mgw1: So I wonder if what's happening here is that your mirror/http/hostname is overriding mirror/http/proxy
<Corey> (Isn't blind troubleshooting fun?)
<mgw1> yes
<Corey> This seems particularly poorly documented (the entire preseed functionality)...
<mgw1> for the pxe part the right solution might be to use an apt-mirror anyway
<Corey> Yeah, I'm a big fan of using a proxy for apt-mirror. What's the goal here, not to redownload the same thing over and over?
<Corey> mgw1: Perhaps blow out that stanza and crib from https://help.ubuntu.com/lts/installation-guide/i386/preseed-contents.html
<Corey> (I still haven't ruled out weird whitespace issue!)
<mgw1> Corey: #1 goal â get access to packages from behind a firewall (no public ip)
<sarnold> mgw1: flailing-blindly idea: drop the "http://" from the front of the address.
<mgw1> #2 goal â don't re-download everything for every install
<Corey> sarnold: Yeah, except everything I've seen uses the http:// string for the proxy.
<sarnold> Corey: d'oh. there's no string at all at https://help.ubuntu.com/lts/installation-guide/i386/preseed-contents.html  so I got to wondering...
<Corey> sarnold: Right, it's like they want that there even in the event that you're not using a proxy, which is odd to me.
<Corey> It's definitely a strange problem, that's for sure.
<Corey> Not having much success in trawling the codebase to see what it's actually doing programmatically.
<Corey> mgw1: Oh jeez.
<Corey> mgw1: This is a really, really, really stupid idea. But.. what happens if you specify the proxy via hostname?
<mgw1> instead of ip?
<Corey> mgw1: Yes.
<mgw1> Corey: give me a few minutes and I'll test that
<Corey> (bonus points if it actually lives in DNS...)
<Corey> I'm also admitting defeat and asking Kyle. :-)
<kobrien> I have an encrypted home. I deleted the wrapped-passphrase in ~/.ecryptfs/. How can I restore this file?
<qman__> from your backup system
<Corey> kobrien: It's a good thing you've got a robust backup policy in place and can restore from backups though!  A lot of people with insufficient experience and bad administrative habits would not be in such a good position.
<kobrien> when I try to run "ecryptfs-mount-private", it says Signature not found in user keyring
<Corey> mgw1: <kyle> Corey: hmm off the top of my head I don't know
<Corey> mgw1: Okay, we've got an actually interesting problem here. :-)
<Corey> mgw1: (Kyle wrote "The Official Ubuntu Server Book")
<kobrien> Well the problem is, that having restored this file using ecryptfs-wrap-passphrase, this error persists.
<mgw1> Corey: I think maybe the preseed is not getting used at all, after making some more changes to it. Maybe the wrong boot option.
<mgw1> trying some other options now, like "preseed/url" instead of "ks"
#ubuntu-server 2013-06-18
<mgw1> Corey: thanks for your help, I'll let you know if/when I figure it out.
<Corey> mgw1: No worries, I'd be curious to hear.
<Corey> mgw1: #debian-boot on OFTC may be a decent resource as well for this.
<Austneal> Hello!
 * Austneal pokes qman__
<Corey> Austneal: Get your dovecot issue sorted?
<Austneal> I have not >.<
<Corey> Austneal: What's the issue?
<Austneal> postfix is working beautifully though
<Corey> Austneal: It does that. :-)
<Austneal> I cant authenticate with dovecot
<Corey> Austneal: What do the logs say?
<Austneal> one moment, ill pull it up
<Corey> Yay.
<Austneal> http://pastebin.com/LVw22cbh
<Austneal> the error about unknown user being "root" was expected
<Austneal> there isnt actually a "root"
<Corey> Austneal: That's... less than helpful.
<Austneal> https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto <= this is the tutorial I was following
<Corey> Austneal: You're not showing me a dovecot authentication failure. Or anything from dovecot at all, really.
<Corey> Austneal: /join #postfix, then type !tutorial and press enter.
<Austneal> Ok... that didnt help :P
<Austneal> that tutorial didnt actually work. qman__ helped me straighten everything out
<Corey> Austneal: Exactly. Most tutorials are crap. :-)
<Austneal> I suspect theres another .conf file thats messing things up
<Corey> Austneal: You have yet to provide any dovecot logs. Is it even running?
<Austneal> I believe so
<Austneal> will double check
<Austneal> its running
<Corey> Austneal: doveconf -n to a pastebin.
<Austneal> ...thats a lot of info
<Corey> Austneal: That's the dovecot running config.
<Austneal> http://pastebin.com/kzGKa08g
<Corey> Well we found your problems.
<Corey> Those warnings are correct. :-)
<Austneal> the tut was crap? xD
<Corey> Austneal: Fix that up, and see if that helps.
<qman__> yeah, and you have two identical passdb blocks
<qman__> get rid of one
<Corey> There are no externally sourced conf files,merely /etc/dovecot/passwd.
<Austneal> so just replace the obsolete statements with the ones it shows, yeah?
<Corey> Austneal: That's a good start. :-)
<Corey> Austneal:  doveconf -n > dovecot-new.conf, then edit dovecot-new.conf
<Corey> When happy,copy it to dovecot.conf, restart dovecot.
<Corey> (Why yes, I did spend many years running mailservers, why do you ask?)
<Corey> (I've also got a salt state file that'll do the entire mail configuration dance for me, yay)
<Austneal> :P
<Austneal> qman__ Im not seeing two passdb blocks
<Austneal> but it is actually showing that in that output....
<Austneal> hm
<Corey> Austneal: You may be sourcing multiple files. I'd proceed with my plan outlined above. :-)
<qman__> or grep -R for passdb
<Corey> http://pastebin.com/awshapd6 is mine.
<Corey> (Salt fills in the missing credentials in the mysql bits at runtime)
<Corey> Er, at render time rather.
<Austneal> there are 18 conf files in the conf.d directory....
<Austneal> could be any one of them >.<
<qman__> grep
<qman__> specifically, grep -R passdb /etc/dovecot
<qman__> it will tell you which files contain it and on what lines
<Corey> Austneal: That's nutty. I'd blow the directory out, build a unified dovecot.conf from dovecot-net.conf, and call it a day.
<Austneal> http://pastebin.com/nNza0qQY
<qman__> that's the debian way, and it follows that it is the ubuntu way
<Corey> *shudder*
<Corey> "Guess which one of the 15 included files is causing you issues!" is a crappy game.
<Austneal> well... I dont want to just delete them
<Corey> Austneal: mv /etc/dovecot/conf.d /etc/dovecot/conf.bak
<Austneal> it wont still read from conf.bak?
<qman__> no
<Austneal> sweet
<qman__> the includes are listed in the main config file
<qman__> you will have to comment them out
<qman__> or start fresh
<Austneal> the hell... its still showing 2 passdb
<Austneal> theres only one .conf file now...
<qman__> you have to reload to make changes take effect, but before you do that, save the output to a file
<qman__> and make that the main conf file
<Austneal> save dovecot -n to a file?
<qman__> yes
<qman__> mv /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.bak; doveconf -n > /etc/dovecot/dovecot.conf
<qman__> then edit it and remove the redundant block, make needed changes, etc
<qman__> then reload
<Austneal> done
<Austneal>  doveconf: Error: ssl enabled, but ssl_cert not set
<Austneal> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: ssl enabled, but ssl_cert not set
<qman__> so set one
<Austneal> uh
<Austneal> dovecot.conf is empty
<qman__> it shouldn't be, I just told you to create it
<Austneal> I know :/
<Austneal> it has the first 2 lines, then nothing
<qman__> I guess it's fortunate you have it in a pastebin then
<Austneal> idk, when I type in those commands, thats what it does
<Austneal> :/
<qman__> it does now because you reloaded dovecot's config with an empty one
<qman__> that's why you needed to do it before reloading
<qman__> but you have the old config in that pastebin link, just copy it back in
<Austneal> bah, now dovecot wont start
<qman__> did you edit it to remove the warnings? they're not valid config syntax
<Austneal> ok... going to just dig through it
<Austneal> yeah
<Austneal> doveadm(root): Fatal: Dovecot is not running (read from /var/run/dovecot//master.pid)
<Austneal> ok... got it
<Austneal> its using the "stock" conf file
<Austneal> made some changes.... lets see how they work now >.<
<Austneal> running out of things to look for...
<Corey> Austneal: Again, what do the logs say?
<Austneal> Oo
<Austneal> this might be something....
<Austneal> http://pastebin.com/NvdQKUst
<Corey> Austneal: chown dovecot /etc/dovecot/passwd; chmod 400 !$
<Austneal> chmod: missing operand after `400clear'
<Austneal> Corey, should I chmod 400 to passwd?
<Corey> Austneal: Uh, looks like you didn't copy paste. :-)
<Corey> Austneal: Yes. :-)
<Corey> !$ is a shell special variable, it means "the last argument to the previous command"
<ubottu> Corey: I am only a bot, please don't think I'm intelligent :)
<Corey> ubottu: Nobody asked you!
<ubottu> Corey: I am only a bot, please don't think I'm intelligent :)
<Austneal> xD
<Austneal> well... error log isnt showing anything new now
<Austneal> but still not authenticating
<Austneal> ah, here we go
<Austneal> Jun 18 01:50:58 domU-12-31-39-0E-16-55 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=<test@arachtis.com>, method=PLAIN, rip=72.161.234.148, lip=10.192.21.159, session=<lFJv8WPfYwBIoeqU>
<Austneal> wait... it says plain
<Austneal> but the password isnt "plain" its md5 or something
<Corey> Austneal: I cheat, my credentials live in a mysql database.
<Corey> Placed there by postfixadmin.
<Austneal> are the passwords stored as plaintext?
<Corey> Good lord no.
<Corey> Looks like salted sha1 from here.
<Austneal> So close to getting it >.>
<Austneal> I THINK I only need to change this one last little part....
<Austneal> ok... here goes
<Austneal> #$%@!
<Austneal> auth failed
<Austneal> oh... thats new
<Austneal> Still with me Corey? :S
<Austneal> I appreciate the help >.<
<Corey> Austneal: Sure!
<Austneal> Ok... Ive got it looking at the user & passwd files...
<Austneal> but I dont think its reading them correctly
<Austneal> user file looks like this:
<Austneal> test@domain.com::5000:5000::/home/vmail/domain.com/test/:/bin/false::
<Austneal> and passwd like this:
<Austneal> test@domain.com:{CRAM-MD5}bunchofrandomlettersandnumbershere
<Austneal> http://pastebin.com/8LDqDnPr
<Austneal> Im not quite understanding the Syntax, I dont think
<Austneal> Any ideas Corey? :/
<Austneal> Ok... so I think I got it to authenticate with plain text
<Austneal> but now I've got this error:
<Austneal> Jun 18 02:50:01 domU-12-31-39-0E-16-55 dovecot: pop3(test@domain.com): Error: user test@domain.com: Initialization failed: Namespace '': Mail storage autodetection failed with home=/home/vmail/domain.com/test/
<Austneal> Jun 18 02:50:01 domU-12-31-39-0E-16-55 dovecot: pop3(test@domain.com): Error: Invalid user settings. Refer to server log for more information.
<Austneal> WAAAAAAAH
<Austneal> It works \o/
<Austneal> I think...
<Corey> Yay.
<Corey> What was the bug?
<Austneal> was a dovecot bug of some sort
<Austneal> Its still authenticating over plain text
<Austneal> and mail isnt showing up...
<Austneal> but at least it authenticated >.>
<Austneal> Jun 18 03:03:07 domU-12-31-39-0E-16-55 dovecot: pop3-login: Login: user=<test@domain.com>, method=PLAIN, rip=209.85.215.166, lip=10.192.21.159, mpid=24010, session=<DBre82Tf4wDRVdem>
<Austneal> Ooh
<Austneal> I know why its not showing
<Austneal> but... idk how to fix it
<Austneal> Corey so close >.>
<Austneal> I can authenticate, and send mail to the address
<Austneal> but something is funky with the mailbox location or something
<Austneal> messages arent showing up in the email client
<Austneal> that would be a postfix issue, yeah?
<echosystm> i need to migrate a website to a different server. i was thinking i would set up a tcp proxy on the new server pointing back at the old server, update DNS, wait until it has propagated, migrate the data, turn off the old server and proxy.
<echosystm> one problem with this is that using iptables with NAT for the proxy, the old server will never see the real IP of the requests, which is important for session management.
<echosystm> can anyone recommend a better alternative?
<vedic> Hi, I have a quad core 8 threads xeon server with 8GB RAM and ubuntu 10.04 installed. I want to upgrade the OS to 12.04 . But doubt I have is that I have few services running on it like: ssh, postgresql 8.4 with pgbouncer. Will the entire setup remain functioning if I upgrade to 12.04? or it will break. I am taking backup though
<vedic> also ufw and ssh in running on non standard port
<jamespage> zul, any objection if I bump in a new version of tgt and enable ceph rbd support?
<jamespage> I've done a quick test locally and lgtm
<blizzkid> Lo all. I moved a website (joomla) from host1 to host2. On the new host some characters are displaying wrong. I checked the database and the tables. Both are identical. I checked the http headers, both are identical. What am I missing?
<zul> jamespage:  no objections
<jamespage> zul, okay
<jamespage> zul, it seems pretty unmaintained in Debian
<zul> jamespage:  yeah it does
<Siebjee> Hi, does any one has seen of is familiar with performance difference between identical Dell PowerEdge M420's ?
<Siebjee> of = or
<jamespage> zul, OK upload - I did a refresh on the packaging as well - I'll see what I can get back into Debian/upstream
<zul> ack
<vedic> Hey friends, I am curious to know what will happen to ssh access to remote server if I upgrade Ubuntu server 10.04 to 12.04 ?
<koolhead17> vedic, it will get restarted/upgraded & you will be able to access the remote server afterwards
<vedic> koolhead17: I have sshd configured to run on non standard port and it has public/private keys setup. I hope that won't affect the server
<koolhead17> vedic, technically pkg  should ask if the config file should be overwritten, but better double check
<vedic> koolhead17: I see
<vedic> koolhead17: Btw, if I install kvm on 10.04 LTS (and don't upgrade it to 12.04), does that matter if I install 12.04 to guest machines? I see somebody has filled a bug previous on this issue
<koolhead17> vedic, i would advise you to upgrade it :)
<vedic> koolhead17: ok
<mndo> hi, i am trying to prevent the installation of a package (openvpn) i tried doing a echo "openvpn hold" | dpkg --set-selections but it is still possible to apt-get install openvpn, is there a way to blovkit?
<mndo> *block it
<smoser> hallyn, ping
<hallyn> jsmos.
<hallyn> huh
<hallyn> smoser: .
<smoser> hallyn, i sent mail.
<hallyn> ok
<smoser> to @canonical
<hallyn> smoser: is using backport lxc packages acceptable for that?
<smoser> probably not. i dont think juju otherwise enables backports.
<smoser> so you verify that that is true at least. and known.
<smoser> and non-trivial to fix i'm guessing
<hallyn> yes, you need to do some extra steps to enable nested lxc
<hallyn> smoser: if you detect you're inside lxc - I assume that is a container you didn't control then?
<hallyn> (basically you have to change the aa_profile and hooks in the first level container, then change the lxcbr0 config in the second container)
<smoser> hallyn, juju probalby does control the creation of that container
<smoser> or at least in some cases i think it would
<hallyn> but you're in cloud-init so you don't know
<hallyn> smoser: anyway yeah we can aim to make it more flexible later, for now it's reasonable
<smoser> hallyn, maybe you could comment in that review teling them how they could create the container to support installation of lxc
<hallyn> will do
<hallyn> ok, done.
<hallyn> smoser: again probably nothing wron gwith taking the patch as is now, and i can float a patch later for cloud-init to detect whether it is set up properly so that lxc install should succeed.
<smoser> oh. the patch is for juju, not for cloud-init.
<smoser> so the solution would be for juju to just create containers more usefully.
<hallyn> then yeah.
<hallyn> my reply outlines all htat's needed
<FunnyLookinHat> So - is there an easy way to take the image I'm booting with KVM and my own custom user-data and snapshot it so I can throw it into my own OpenStack for testing?  Built with this:   https://help.ubuntu.com/community/UEC/Images#Ubuntu_Cloud_Guest_images_on_12.04_LTS_.28Precise.29_and_beyond_using_NoCloud
<jamespage> zul, have you looked at qemu for the havana cloud archive yet?
<zul> jamespage:  not yet
<jamespage> zul, is that documented somewhere? I need to look at ovs as well
<zul> jamespage:  i have an idea what needs to be done but i havent anything written down no
<jamespage> zul, is this https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-openstack-pkg no longer required?
<zul> jamespage:  no ill supersed it
<yolanda> hi, is there any easy way to get lsb_release from c++ ?
<jamespage> zul, I added those wi's to https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-openstack-havana
<FunnyLookinHat> Last time I'll post...  not trying to spam  :)
<FunnyLookinHat> So - is there an easy way to take the image I'm booting with KVM and my own custom user-data and snapshot it so I can throw it into my own OpenStack for testing?  Built with this:   https://help.ubuntu.com/community/UEC/Images#Ubuntu_Cloud_Guest_images_on_12.04_LTS_.28Precise.29_and_beyond_using_NoCloud
<vedic> Hi, I am upgrading my server from 10.04 to 12.04 . I have sshd configured with public/private key . Just want to note the things how to protect from not getting locked out when this upgrade completes. Server is at remote location
<vedic> I am thinking of making "no" to RSAAuthentication and PubkeyAuthentication in sshd_config . Also root authentication allowed till I get the system upgraded. What else I should take care? Should I remove Protocol from 2 to 1?
<vedic> Protocol 2  # HostKeys for protocol version 2      HostKey /etc/ssh/ssh_host_rsa_key      HostKey /etc/ssh/ssh_host_dsa_key
<vedic> I think the host keys will change while upgrade
<patdk-wk> vedic, why?
<patdk-wk> normally you just upgrade
<patdk-wk> and that is that
<patdk-wk> if you get locked out, someone rebooted the server during the upgrade or other very bad thing
<patdk-wk> of the 100's of upgrades I have done, I have never been locked out
<chmac> Just been handed a new 13.04 server, but sudo apt-get install foo<tab> doesn't auto complete package names, likewise for sudo service apa, etc. Any idea how to fix that?
<chmac> It works out of the box on my other Ubuntu 12.04 boxes. Something changed with the readline setup on 13.04?
<chmac> Or some package I need to install?
<FunnyLookinHat> chmac, Try updating the repository real quick
<FunnyLookinHat> silly thing to check, I know - but I had that once before ... :-P
<vedic> patdk-wk: Server is at remote so wanted to take extra pre-caution. I need to install kvm but I think I should have host as 12.04 so guest 12.04 works fine. I saw a bug filled mentioning that on 10.04 host, 12.04 guest doesn't work properly (hangs)
<vedic> I am trying to access remote system using ssh but its giving permission denied. Password is correct. I think I have missed something while removing pub/private key infra from sshd_config. I have that setup but I have removed it for time being. How to ensure its back to normal sshd_config which comes with ubuntu?
<rbasak> chmac: I think (not sure) it's provided by the bash-completion package.
<chmac> rbasak: Awesome, thanks a lot, just installed it, and it's working. :-)
<rbasak> \o/
<smb> smoser, zul, So how will I proceed with xen stable updates and the tech-board?
<dv81> when is the next LTS release for ubuntu post 12.04.2 ?
<zul> smb:  well what have you done so far?
<smb> zul, Wrote you an email asking how that is done...
<dv81> ah: 14.04 :)
<zul> smb: so send email to the techboard explaining why, what, where, who: ill give you an example
<smb> zul, If you could make that a reply to that email that would be awsome
<zul> smb: sure
<smb> zul, cheers! :)
<zul> smb:  done
<smb> zul, Got it. Thanks.
<smoser> zul, thanks for helping smb.
<zul> smoser:  no worries
<vedic> Ok, got it working.
<dv81> when upgrading ubuntu, the console asks me if i want to update the grub config with the package maintainer's version. Is it safe to do so?
<sarnold> dv81: you better check the diff and decide..
<dv81> i inspected the difference, but can't really tell ;P
<sarnold> pastebin it?
<dv81> ok one sec :)
<Pici> One of the options should be to do a diff when it gives you the prompt.
<mgw> So, yesterday I was trying to PXE boot the precise installer with a local mirror for packages. So far, the installer is still failing to pick up the mirror host from the kickstart. I've tried to use both IP and a resolvable hostname for the mirror to no avail. Anybody have any ideas?
<mgw> d-i mirror/http/hostname string 10.x.x.x
<mgw> d-i mirror/http/directory string /ubuntu
<sarnold> mgw: did you rule out the preseed being ignored completely?
<mgw> looking in syslog on console 4 reveals that it is doing a wget on us.archive.ubuntu.com
<mgw> sarnold: it behaves very differently if I leave off ks=â¦.
<mgw> from the boot options in my pxelinux.cfg/default
<mgw> e.g., it appears to be using the network configuration options from the kickstart
<sarnold> mgw: is the kickstart overriding the preseed?
<mgw> Is there a distinction? I'm giving the url of the preseed in ks=
<mgw> aha
<mgw> *places foot in mouth*
<mgw> in syslog: kickseed: Unrecognized kickstart command: d-i
<sarnold> mgw: we're stepping way out of my familiarity, but I thought the kickstart-support was different than the original debian preseed support..
<mgw> sarnold: perhaps so, it looks like there's a ks= and a file= option
<mgw> I'm changing to file=
<dv81> sarnold, Pici, this is the first one it asks: http://pastebin.com/1dk4HQs2
<sarnold> dv81: most of the changes are cosmetic, in comments. if you -do- accept the maintainer's version, you should add back the lines you've added, 54 through 58.
<dv81> ok
<dv81> sarnold, also whats your take on this: http://pastebin.com/yzR6gk4N
<sarnold> dv81: yikes, I'm surprised you're being prompted for that.
<dv81> sarnold, is this showing a diff on /var/run/grub/menu.lst vs /tmp/file16Svmu ?
<dv81> sarnold, yeah its not something im liking
<sarnold> dv81: yeah, and the /tmp/ version has _more_ entries than the /var/run/ version. I'm confused.
<dv81> ^^^ and is that diff that the kernal to boot is being replaced with the new one?
<uvirtbot> dv81: Error: "^^" is not a valid command.
<sarnold> dv81: it looks like your version might be missing the "## ## End Default Options ##" marker and the "### END DEBIAN AUTOMAGIC KERNELS LIST" marker, but I really don't know enough here to suggest the right course of action. keeping what you've got feels 'safest', but that's an odd diff.
<dv81> sarnold, this is from a fresh 10.04 install, upgrading the the next LTS
<dv81> i can only presume ubuntu has a massive testing regime for this kinda thing
<dv81> and thus you would think all the defaults are sane ones
<sarnold> dv81: did you do the upgade via do-release-up(grade?)(date?) -- or did you use apt-get dist-upgrade?
<sarnold> dv81: it's not -that- fresh of an install though, you've got some custom configuration in the sysctl.conf ...
<mgw> sarnold: so are ks and preseed even intended to work together? Or is it an either/or?
<sarnold> mgw: I'd guess XOR; I think KS is to help out the folks who might already have a workflow around KS from RHEL deployments
<G55321> any info for troubleshooting a server that suddendly wont boot? I just rebooted to apply security upgrade and now I can't boot with any kernel
<G55321> it just stays with a blinking line at top
<mgw> sarnold: thanks for your help
<sarnold> mgw: is it sorted?
<mgw> more or less
<mgw> I think I just need to tweak the preseed now
<sarnold> mgw: hehe, now you've got more problems? :)
<Nahas> hello
<mgw> sarnold: yes, of course
<mgw> :-)
<sarnold> G55321: do you get a grub prompt to select a kernel? .. do you need to hold down shift or alt or whatever it was to show the grub menu?
<sarnold> mgw: excellent :)
<sarnold> Nahas: hello.
<Nahas> how do I view or edit the sources list using the terminal?
<Nahas> hi
<Nahas> I'm trying to do an update on 10.04 but it keep on failing when I use the gui and terminal.
<Nahas> How can I fix that?
<sarnold> Nahas: to edit, you'd use whichever editor you're most familiar with; for me, that'd be vim, so "vim /etc/apt/sources.lists" -- but vim is baffling if you've never used it before, in which case perhaps nano or joe or jed or emacs would be easier.
<sarnold> Nahas: are you using do-release-upgrade ?
<Nahas> Don't want to upgrade since 10.04 is lts
<Nahas> just want to update the over 300 packages that are there
<sarnold> Nahas: ah.
<Nahas> I use nano btw
<sarnold> Nahas: can you pastebin the failure?
<Nahas> but can't edit them
<G55321> <sarnold> I get a grub prompt, I can even change kernel parameters and booting options etc....but as soon as I select a kernel and boot, its just stays there with a blinking line at the top
<pmatulis_> anyone else not able to install Raring using virt-install?  i have a Raring host and 'virt-install --os-variant=list' only goes up to Quantal
<Nahas> not at this moment.
<G55321> <sarnold> just found out that the only kernel that works is 2.6.38-45
<sarnold> Nahas: you may need to use 'sudo' to elevate privileges
<G55321> <sarnold> and I have installed up to 2.6.38.48
<Nahas> i do that.
<sarnold> G55321: check your free disk space
<sarnold> Nahas: can you pastebin the failure?
<Nahas> wish i could
<Nahas> cant do that now
<sarnold> re-type the error? :)
<Nahas> first it gives me the error that could say that the server i'm trying to reach isnt there
<Nahas> like jm.archive.ubunut.com is there
<Nahas> i want to switch to the main servers but can't
<G55321> <sarnold> I got 405 GB used out of 1TB available
<sarnold> G55321: even on /boot ?
<G55321> everything is on 1 partition (software Raid 1 array)
<G55321> <sarnold> /boot is also inside the array yes
<G55321> 66M folder size
<sarnold> G55321: hrm. do you have intrds in /boot/initrd*  for your kenrels?
<G55321> <sarnold> yes
<sarnold> G55321: this is a shot in the dark. try update-initramfs -u -k all    to rebuild all your initramfses for all your kernels. perhaps that'll uncover an error elsewhere?
<lickalott> gents, saw that 13.04 is available but when i do 'do-release-upgrade' it fails.
<sarnold> lickalott: by default, LTS releases will only suggest upgrading to the next LTS release via that mechanism
<sarnold> lickalott: there's a config file in /etc/ somewhere that selects LTS vs 'regular' releases..
<lickalott> This is what I'm seeing - File "/usr/bin/do-release-upgrade", line 145, in <module>
<lickalott>     fetcher.run_options += ["--mode=%s" % options.mode,
<lickalott> AttributeError: type object 'DistUpgradeFetcherCore' has no attribute 'run_options'
<sarnold> lickalott: here we go: /etc/update-manager/release-upgrades
<swaT30> does anyone know if there are plans to move qemu-kvm 1.3 into Precise?
<G55321> sarnold: ok I will try! thanks for the tip
<sarnold> G55321: good luck :)
<lickalott> that gave me "no new releases found"
<pmatulis_> sir lickalott: what is the output to 'lsb-release -c' ?
<sh_t> hey folks. I'm trying to create a package from source with checkinstall that I can use on a few identical debian/ubuntu servers. I've added a few extra lines into my Makefile/install area to create some directories in addition to some similar commands already there (mkdir -p). When I checkinstall on the server that I'm creating the package on (in the source tree) everything in my Makefile
<sh_t> is done correctly. When installing the package on another identical server, not everything in the makefile/install area is run. This must mean that installwatch is not picking up the folders being made when make install is run. any ideas why this may happen?
<smoser> mdeslaur, around
<smoser> saw bug 1192290
<uvirtbot> Launchpad bug 1192290 in virtinst "virt-install cannot install Raring" [Undecided,New] https://launchpad.net/bugs/1192290
<smoser> is there any reason we wouldn't want virtinst to use/depend-on python-distro-info ?
<mdeslaur> smoser: hi!
<smoser> hey. :)
<mdeslaur> smoser: we need more than a list of releases, raring needs to have a specific configuration
<mdeslaur> smoser: the cirrus driver no longer works with raring, for example
<smoser> well, that could be handled.
<mdeslaur> smoser: I'll push an SRU soon
<mdeslaur> smoser: handled in what way?
<smoser> well, at least at this point it seems like a simple set of rules works there.
<smoser> ubuntu > hardy : VIRTIO_NET
<smoser> ubuntu > jaunty: VIRTIO_DISK
<mgw> Corey, sarnold: thanks for your help, I've got it working now
<smoser> ubuntu > raring: VMVGA_VIDEO
<mgw> the fundamental problem was using ks= instead of url=
<mgw> to specify the preseed
<mdeslaur> smoser: likely either saucy+1 or one of the later ones should switch to SPICE
<mdeslaur> not sure which one
<mdeslaur> but yeah, I see what you're getting at
<mdeslaur> I'll think about it, and poke at it
<Corey> mgw: Glad you got it sorted. :-)
<smoser> i'm not sure whether or not i like dymanically (based on SRU) removing entries from 'virt-install --os-variant=list | grep ubuntu'
<mdeslaur> oh, having the unsupported versions disappear? yeah
<smoser> but, i'm guessing once it drops from "supported" in distro-info, its possibly going to just stop working anyway
<smoser> (as the mirrors will stop having data)
<Corey> smoser: IIRC there's a particular mirror that offers packages for legacy purposes, but once it's out of support there are very few legitimate use cases for using it.
<smoser> its probably no different here than generic policy on such things.
<mdeslaur> a user can always select "generic linux", or a release close to one that's still supported
<smoser> Corey, right. but virt-inst probly doesn't say "oh, apt-get update failed... i'll try old-releases.ubuntu.com"
<Corey> smoser: I cheat, libvirt nodes are CentOS here. :-p
<mdeslaur> smoser: I'm liking the python-distro-info idea, thanks
<smoser> mdeslaur, good. i just really hate SRU's everytime sabdfl comes out with a new name.
<mgw> can more than one proxy be listed in /etc/apt/apt.conf?
<smoser> mgw, i dont thinks so.
<mgw> smoser: thanks, I'll just use a hostname and update dns if the primary goes down
<Corey> mgw: dns is the easy way to do it, but I've also had multiple systems in failover configuration with keepalived (part of lvs) for when it really matters.
<Corey> mgw: It comes down to "is this proxy on the critical production path."
<mgw> Corey: yeah, not really in this case
<mgw> So dns should be adequate
<adam_g_> jamespage, cinder+ceph question if you're still around
<sarnold> mgw: awesome, thanks :)
<adam_g_> jamespage, gahh. nvm. dns.
<chmrr> Why does http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-3567.html list Lucid as EOL and thus not provide an updated package?  Doesn't the server edition of Lucid still have support until 2015?
<uvirtbot> chmrr: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3567)
<Pici> good question
<sarnold> chmrr, Pici, not all packages in 10.04 LTS are supported for 5 years. at this point, the only packages that are supported by the security team are located here: http://bazaar.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master/view/head:/lucid-supported.txt
<Pici> sarnold: The 10.04 server that I have here has "Supported: 5y" on puppet's package description.
<chmrr> While that is not unreasonable, that is very much not clear from the desktop EOL notice
<Pici> sarnold: also, that list is the packages that are NOT supported.
<Pici> er, no, I misread.
<Pici> Its in main in lucid, I'd expect for it to be supported.
<chmrr> Out of curiosity, what determines what packages make it onto that list?
<sarnold> chmrr: I believe it starts with everything on the server CD and then gets extended by a handful of extra packages here or there
<G55321>  thats why I am upgrading to 12.04 right now :D
<sarnold> :)
<chmrr> Sorry if I missed the answer; flaky 'net died on me.  The irc logs apparently havn't updated yet, so I can't easily check there.
<sarnold> chmrr: < sarnold> chmrr: I believe it starts with everything on the server CD and then gets extended by a handful of extra packages here or there
<chmrr> Is the "Supported: 5y" from `apt-cache show puppet` an error, then?
<chmrr> .
<FunnyLookinHat> err - it's brainfart time...  Trying to change a default route gateway...  sudo route add -net IPADDRESS default gw     no?  it's saying SIOCADDRT: No such process
<sarnold> FunnyLookinHat: no such _process_?
<FunnyLookinHat> right?
<FunnyLookinHat> I'm confused as well...
<FunnyLookinHat> err ... I meant: sudo route add -net default gw 10.0.0.0
<sarnold> FunnyLookinHat: I _think_ that's an incorrect combination of modes... if you're setting a route to a network, I don't think you want to give a "default gw" on the line..
<FunnyLookinHat> sarnold, well, I'm really trying to change the "default" gateway that I see when I run $ route
<sarnold> FunnyLookinHat: I think it's either route add -net 10.0.0.0/8 <ip addr>     or  route add default gw <ip addr>
<FunnyLookinHat> $ sudo route add default gw 10.0.0.0        = SIOCADDRT: No such process
<FunnyLookinHat> heh - do I have to remove the old default gw first ?
<sarnold> FunnyLookinHat: do you have a host route or network route to 10.0.0.0? that's a funny looking host address...
<FunnyLookinHat> It's inside a virtualbox VM - 10.0.0.0 is the network for the bridged adapter ( br100 ) that gets internet access from the VirtualBox host
<Patrickdk> you mean 10.0.0.0/8? 10.0.0.0/16? 10.0.0.0/24?
<FunnyLookinHat> http://hastebin.com/sidurotufi.bash
<FunnyLookinHat> I mean this  ^   :)
<Patrickdk> and 10.0.0.0 is a invalid
<Patrickdk> ok, so 10.0.0.0/24 is your network
<Patrickdk> so what is your host?
<sarnold> FunnyLookinHat: what's the IP address of the host's vm-facing routing interface?
<Patrickdk> ifconfig br100
<sarnold> (what a mouthful. there's got to be an easier way to say that..)
<Patrickdk> I did it in two words :)
<FunnyLookinHat> Oh wait
<sarnold> Patrickdk: lol
<FunnyLookinHat> You guys are right - I'm confusing it...  eth0 _should_ be the default gateway
<FunnyLookinHat> Because br100 is 10.0.0.1  - lol
<Patrickdk> heh?
<FunnyLookinHat> Hmm ok - I guess my problem is elsewhere then.
<Patrickdk> 10.0.0.1 would be the gateway for your vm's likely
<Patrickdk> unless you have doen something really confusing
<FunnyLookinHat> I'm runnig devstack, so confusing isn't the half of it :)
<sarnold> hehe
<FunnyLookinHat> Issue is that my instances don't have network access... very strange.  I'm 99% sure it's a routing issue though
<Patrickdk> I would just slap default gw 10.0.0.1
<Patrickdk> assuming you have nat/forwarding setup on that host machine
<FunnyLookinHat> well the VM currently CAN get to the net
<FunnyLookinHat> that's the weird part
<FunnyLookinHat> Just the instances it's hosting ( i.e. nested QEMUs ) can't
<FunnyLookinHat> And I can't install traceroute to find the problem because I have no net access on the instance boxes  :)
<sarnold> FunnyLookinHat: check the /proc forwarding sysctls? check the firewall rules to make sure it's doing NAT?
<Patrickdk> thought we where talking about the nexted qemu's
<FunnyLookinHat> hmm ok
<chmrr> sarnold: BTW, I'm going to assume that the first line of the lucid-supported.txt file you linked to is also wrong, and should say "Lucid source packages not in this list are unsupported starting May 9, 2015" not "... Apr 29, 2015"
<chmrr> Because otherwise it makes even less sense
<G55321> so, I just found on HP website an updated "critical" update to my network card, but it says that the OS is RHEL, can I still use it under ubuntu? the format of the file is scexe
<G55321> http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=15351&prodSeriesId=3683705&swItem=MTX-e75ffdec09e14d3b9031ae136e&prodNameId=3683706&swEnvOID=4004&swLang=8&taskId=135&mode=3
<sarnold> chmrr: hrm, I must admit I've not paid much attention to the top line :)
<chmrr> s/2015/2013/ # whoops
<MasterZuFu> if I've got a web app and am going to have several web apps on a virtual ubuntu server installation, would it be better and more secure to have the SMTP server on the same server, or make a new server for it?
<thurstylark> I have a fresh install of 12.04 LTS server, and I didn't get to install the ssh server during setup. Now I can't access anything because my moniter says the signal is out of range. Is there any way to fix that blind?
<ScottK> Probably easier to install ssh bling (assuming networking works)
<chmrr> *sigh* I guess this server/desktop LTS discrepancy will no longer be relevant after Lucid goes away.
<MasterZuFu> would it be better to setup SMTP on the same virtualbox server as my other web services, or create a different install?
<ScottK> I'd do a different one if it were me.
<thurstylark> network connected successfully during setup, and i was able to install updates, but i forgot to do the ssh setup
<MasterZuFu> thanks Scottk
<ScottK> You're welcome.
<ScottK> thurstylark: Then I'd log in blind and then sudo apt-get install openssh-client and then type in your password
<G55321> what's the difference between the generic and server kernel types?
<G55321> I just upgraded my server to 12.04 and a generic kernel got installed instead of the server one
<chmrr> OK, so color me further confused -- https://wiki.ubuntu.com/SeedManagement#Maintenance_Period says server LTS is server-ship and supported-server seeds.  http://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.lucid/server-ship.seed shows puppet included in the server-ship seed
<adam_g_> smoser, running into an issue getting a cloud image to boot as an m1.tiny on havana (was never a problem in <= Grizzly). exception.InstanceTypeDiskTooSmall() is getting thrown. dont suppose you've hit this yet?
<mojtaba> Hi, I would like to know that, is it possible to use rsnapshot on a shared host?
<mojtaba> I have not root priviledges on the remote server and I would like to make a full backup.
<mojtaba> privilege*
<sarnold> mojtaba: it should be possible, though you might need to go to some work to install the rsnapshot and rsnapshot-diff programs into your home directory, and configure your cronjobs yourself..
<mojtaba> sarnold: All configurations needed to be done on the local machine?
<sarnold> mojtaba: you'd need to set the configuration file appropriately, of course, but you could do that on the remote machine
<mojtaba> sarnold: Does it need root privileges?
<adam_g_> smoser, oh, ok. at some point recently the default disk size of m1.tiny got set from 0 to 1(GB). when set to non-zero, nova checks the flavors's disk size vs actual disk and fails if disk > flavor.disk.
<sarnold> mojtaba: the program looks smart enough to perform chown operations only if root
<adam_g_> smoser, https://review.openstack.org/#/c/27991/
#ubuntu-server 2013-06-19
<monokrome> Is it true that LXC containers don't have separate users?
<sarnold> monokrome: somewhat true; the kernel provides a /proc/pid/... file that the namespace owner can use to remap UIDs 'inside' the container to UIDs 'outside' the container
<sarnold> monokrome: here's a patch series for the shadow suite of utilities to make this mapping operation easier for users: http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/2013-January/009552.html
<fluvvell> Has there been a policy change in samba for server 12.04, I am finding that samba users who are members of a group are creating folders with group write permission turned off. This was not the case in 10.04
<monokrome> sarnold: Thanks
<qman__> fluvvell, that's set with the create mask setting
<qman__> not sure if it has changed, but all you need to do is set it
<fluvvell> qman__, I've only upgraded from 10.04 to 12.04, it was already set. Samba is not obeying
<qman__> fluvvell, that's odd, I haven't run into that problem, have you validated the config file with testparm?
<qman__> this might also be helpful: http://lists.samba.org/archive/samba/2010-August/157630.html
<fluvvell> qman__, yes validated. Thanks but the link points to unix extensions and force modes which are not present in my smb.conf. I've been using samba in servers since about 2001 but its always good to talk to someone else who uses it.
<qman__> fluvvell, unix extensions may be on by default, running you into this problem (and may not have been in 10.04)
<qman__> I don't know for sure and I can't find good info with a quick search, but it's worth a test
<qman__> that's really my only idea on the matter, nothing else really fits
<sarnold> if that isn't it, maybe strace or ltrace samba when a client creates a directory
<sarnold> just to get an idea of the steps it is taking..
<sarnold> if you can do the same on 10.04 LTS also, all the better
<sarnold> fluvvell: was your 10.04 LTS install relying upon the bsdgroups mount option and matching directory permissions?
<fluvvell> sarnold, awesome thanks thats something I can do.
<fluvvell> qman__, thanks - Its a good point, as I always carry over my old smb.conf file, I've not looked at what is in the default one (usually contains doc references)
<vedic> I have setup sshd_config with publickey / private key setup and have authorized keys in remote linux terminal which is able to login. But when I connect using putty in windows, I am able to login to linux via ssh without passphrase
<vedic> Looks like somewhere either I have stored keys for windows putty or public/private key auth is not working as expected, some configuration seems to be missing
<qman__> you haven't stated which is not working
<vedic> qman_: From my linux terminal to remote system I am able to work but why is it working from putty in windows as I think I haven't stored keys in windows (its been long time, I might have stored but I don't recollect. Any way to confirm that?).
<qman__> that depends on what software you have installed on windows; pageant is putty's key manager
<vedic> qman__: if pub/pri keys are used for ssh, how can I confirm it?
<qman__> you can tail /var/log/auth.log to see who authenticated and when, and whether they used key or password authentication
<vedic> qman__: pagent doesn't have keys as I checked just now
<qman__> example from one of my servers: Jun 18 22:44:37 yoko sshd[3307]: Accepted publickey for ryan from 66.188.36.22 port 51807 ssh2
<vedic> qman__:debug1: PAM: password authentication accepted for user1
<vedic> qman__:    debug1: PAM: password authentication accepted for tiger
<qman__> so it's accepting password logins
<vedic> qman__: that means I need to say "no" to pam authentication in sshd_config ?
<qman__> no
<Corey> Ahoy.
<qman__> it means you didn't present a key, so it asked you for a password, and you entered one
<qman__> sshd is configured out of the box to support both key and password authentication
<qman__> all you have to do is set up the key files
<vedic> qman__: I want login based on keys not password
<vedic> qman__: I have keys setup
<qman__> to present the key from windows, you need a key manager such as pageant with your private key loaded
<qman__> to present the key from linux, you need to have your key in ~/.ssh/id_rsa or to specify it with the -i option
<qman__> if it's accepting passwordless SSH connections without your key, you probably broke pam
<Corey> YIKES, scary.
<qman__> which is a Very Bad Thing (tm)
<vedic> qman__: I had just updated 10.04 LTS to 12.04 LTS
<monokrome> Is there a way to use ufw to route requests between IP addresses
<monokrome> IE, if I receive a request on 127.0.0.1 on port 22, I want it to go to 127.0.10.4 on port 2396
<monokrome> I can do this with iptables, but ufw is probably the right way to do it if it's a supported usecase
<qman__> it's not as far as I know, ufw only supports the more basic functionality required by most users
<qman__> you can safely add a script to add that iptables rule post-ufw
<qman__> since ufw is just an iptables wrapper
<monokrome> okay thanks :}
<vedic> qman__: I find no difference when I make "UsePAM" to "no" from "yes" .
<qman__> vedic, you should not change that setting
<vedic> qman__: ok
<qman__> it has nothing to do with setting up key authentication
<vedic> qman__: ok
<qman__> you do not need to make any changes at all to the default sshd_config to use key authentication
<qman__> you only need to create the keys, put them in the right places, and have the permissions set correctly
<qman__> ssh-copy-id is a tool designed specifically to make that very easy
<mob001_> hi, tomcat clustering on ubuntu 10.04 using mod_jk connector. pls help on this.
<vedic> qman__: ok
<vedic> qman__: yea, I have disabled password authentication. I only want the valid private key holders should login
<vedic> qman__: I think its much safer and will stand against brute force attacks
<qman__> that's a fine configuration, just making sure it's what you intended
<linocisco> hi all
<linocisco> what is the opensource software on sourceforge to check bill payment which is paid or unpaid or due date or underprocess or something like that
<linocisco> ?
<Daviey> jamespage: hey, have you seen [openstack-dev] openvswitch induced kernel panic ?
<jamespage> Daviey, looking now
<nilli> I'm trying to install exim4 on my Ubuntu 12 server so I can use PHP's mail() but when I do 'dpkg -s exim4' the shell replies with 'Package `exim4' is not installed and no info is available.' even though I just performed 'sudo apt-get update'
<spidernik84> apt-cache search -n exim
<spidernik84> any result?
<nilli> 'exim4 - metapackage to ease Exim MTA (v4) installation'
<nilli> among others
<spidernik84> apt-get install exim4 --simulate
<nilli> is that like a pretend?
<spidernik84> kinda
<nilli> I normally run gentoo and not ubuntu :s
<spidernik84> simulate/dry/noop
<spidernik84> eh me too, but at work it's debian/ubuntu stuff :D
<spidernik84> I'm more of an Arch user
<nilli> ok, looks like I can install exim4 just fine, but.. then why did dpkg say it doesn't exist? don't they share the same package list?
<spidernik84> I might be wrong
<martinald> Hi guys
<spidernik84> but dpkg might only search the installed packages index
<martinald> Trying to set up amazon SES on sendmail as a relay
<spidernik84> you'll probably see it with dpkg -s after you installed it
<nilli> ah ok
<martinald> works for 95% of addresses but I sometimes get "DSN: Service unavailable
<martinald> "
<martinald> does anyone know how I can further diagnose what is causing that?
<martinald> or what even DSN refers to?
<martinald> 'delivery status notification'?
<nilli> I assume DNS means Domain Name System
<martinald> its DSN
<martinald> not DNS
<nilli> oh, my mistake
<nilli> maybe the programmer who wrote the message was dyslectic? ;D
<martinald> it's sendmail
<martinald> it's nearly 30 years old!
<martinald> i would of guessed someone would of fixed it in that space of time
<nilli> possibly
<nilli> thanks again spidernik84, seems I got it working
<spidernik84> nilli, anytime :)
<rschmitty> Anyone experienced with unattended-upgrades? I'm having troubles with a fresh ubuntu 12.04 server install and unattended-upgrades in that email results come as a .dat file rather than text in the body:  http://paste.ubuntu.com/5780235/  I followed steps in https://help.ubuntu.com/12.04/serverguide/automatic-updates.html
<Pupeno> Any ideas how to get a report of 404s on my server? awstats seems a pain to set up.
<TimRe> hi guys I just want to know how I would be able to set 50mb of web space for each customer while they are in home directory?
<RoyK> Pupeno: check the logs
<resno> i'm looking to setup a dns server for routing our domains and the like. are there any considerations i should make in setting this up?
<Pupeno> RoyK: what?
<Pupeno> RoyK: yeah, I'll be analyzing the logs, but I'd like to re-use some tool instead of writing my own for that.
<resno> Pupeno: like syslog-ng?
<resno> greylog?
<Pupeno> resno: no, I'm looking for something like awstats, that can give us reports of what's going on.
<resno> specially web stats?
<resno> or just logs in genral?
<Pupeno> just web.
<resno> ah ok
<rschmitty> Anyone experienced with unattended-upgrades? I'm having troubles with a fresh ubuntu 12.04 server install and unattended-upgrades in that email results come as a .dat file rather than text in the body:  http://paste.ubuntu.com/5780235/  I followed steps in https://help.ubuntu.com/12.04/serverguide/automatic-updates.html
<zul> jamespage:  https://code.launchpad.net/~zulcss/ceilometer/ceilometer-fbfs-jun17/+merge/170367
<jamespage> zul, still alot of test failure in ceilometer - are we going to fix those up?
<zul> jamespage:  we have to
<zul> jamespage:  ill look after i get quantum working in the ppas
<jamespage> zul, thanks
<jamespage> zul, hopefully will have a bit more time in the rest of the week to help with this stuff
<jamespage> zul, call me review monkey at least for the next three days!
<zul> jamespage:  no worries
<TimRe> does anybody know what I can do
<jamespage> TimRe, use disk quota
<TimRe> ok
<jamespage> TimRe, I can't see any official docs but this is linked from askubuntu.com: http://www.thegeekstuff.com/2010/07/disk-quota/
<Daviey> zul, jamespage - what is the current status of Havana in Saucy?
<zul> Daivey: havana1 is in saucy, quantum ftbfs in the staging for the CA due to udev issues which i have fixed locally and will be uploading a new version of quantum that fixes the testsuite shortly
<Daviey> zul: today?
<zul> today
<Daviey> zul: super, thanks
<Daviey> zul: Are you preparing a UCA set of uploads?
<zul> Daivey: uploads are pending testing and quantum building
<Daviey> zul: In staging?
<zul> yeah
<zul> well no in the ppa
<zul> so staging yes
<zul> gah
<ntzrmtthihu777> howdy. I have an ubuntu desktop and server both running precise. I have set both eth0 on the machines, linked via an ethernet cable, to 10.42.0.x, and can access samba shares on the server (my primary use for it) and ssh into it. However, I cannot get the internet fully on the said server; while I can ping 8.8.8.8 I *cannot* apt-get update on it. I believe I need to set up the dns server right, but do not know how to do it via 
<ntzrmtthihu777> I *can*, however, telnet into my router from within a ssh session to the server.
<ntzrmtthihu777> ah, nevermind. by editing /etc/network/interfaces I was able to set it up properly :D
<adam_g_> zul, jamespage  http://people.canonical.com/~agandelman/ca/grizzly/2013.1.2/
<adam_g_> Daviey, ^
<zul> adam_g_:  +1
<zul> adam_g_: https://code.launchpad.net/~zulcss/quantum/quantum-b1-ubuntu2/+merge/170403
<adam_g_> zul, why so many skipped tests?
<zul> adam_g_:  udev issues in the ppas and they just dont build properly while in a pbuilder/schroot
<adam_g_> zul, need these for  stuff to work on precise cloud archive: https://code.launchpad.net/~gandelman-a/ubuntu/saucy/cinder/stevedore/+merge/170364 + https://code.launchpad.net/~gandelman-a/ubuntu/saucy/nova/pbr_d2to1_versions/+merge/170365
<zul> adam_g_:  you have a merge conflict in the debian/changelog
<adam_g_> zul, can you add something to the changelog stating thats why there are more being skipped?
<adam_g_> zul, ya, updating that now
<zul> adam_g_: Sure
<zul> adam_g_:  without those fixes does the stuff in the CA work?
<zul> adam_g_:  updated changelog
<adam_g_> zul, no, it pulls in versions of those dependencies from the main archive
<adam_g_> zul, or i should say, fails if it has done that
<zul> adam_g_:  ok im going to upload those then as well with quantum to saucy and then to the ppa
<zul> if that sounds kosher to you
<adam_g_> zul, http://people.canonical.com/~agandelman/ca/havana/python-pbr_0.5.16-0ubuntu1~cloud0/
<zul> adam_g_: +1
<adam_g_> zul, http://status.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/havana_versions.html we need to get -staging there green. there are probably other dependencies need updating or they'll cause FTFBS.
<zul> adam_g_:  k ill do it
<zul> adam_g_:  did you push nova yet?
<adam_g_> zul, no
<zul> adam_g_:  can you?
<adam_g_> zul, sure, ill push your 1 branch if you push my 2 branches :)
<zul> adam_g_: i already pushed my branches
<adam_g_> zul, done
<zul> adam_g_:  thanks
<zul> adam_g_:  https://code.launchpad.net/~zulcss/nova/nova-b1-ubuntu2/+merge/170413 and https://code.launchpad.net/~zulcss/cinder/cinder-b1-ubuntu2/+merge/170412
<adam_g_> zul, nova (1:2013.2~b1-0ubuntu1)
<adam_g_> zul, did you not 'dch -i' ?
<zul> adam_g_:  doh good catch fixed now
<adam_g_> Daviey, jamespage 2013.1.2 built in grizzly-staging ready to be synced out to grizzly-proposed
<Daviey> adam_g_: super, thanks
<azazel91> does anybody here ever tried drupal 7
<zul> adam_g_:  http://people.canonical.com/~chucks/ca/
<adam_g_> zul, that all looks good with the exception of python-wsme
<zul> adam_g_:  whats wrong with wsme?
<adam_g_> zul, the precise rebuild in havana-staging is python-wsme - 0.5b2-2ubuntu2.  you bumped the $ubuntu_version + 1 when it was uploaded instead of $ubuntu_vers~cloud0
<zul> adam_g_:  ok gimme a sec
<adam_g_> zul, since it hasn't moved out of staging, it would be cool if we could wipe it entirely from the PPA and upload an correctly older versioned package (the python-wsme_0.5b2-2ubuntu1~cloud0 you're proposing). but i dont know if thats possible
<zul> adam_g_:  should be
<adam_g_> zul, i dont know. the stuff you deleted from the trunk PPA were hanging around in a deleted state and causing uploads to get rejected
<adam_g_> (because what i was uploading was <= what is in PPA but deleted)
<Daviey> adam_g_ / zul: PPA's allow you to delete and upload a lower version, or higher.. just not identical .. (which is why we increment the ~cloudX)
<adam_g_> ok cool
<adam_g_> zul, if we can delete whats in the PPA and replace with your new package, should be good
<Daviey> adam_g_: Things get more complicated if they hit the UCA
<adam_g_> Daviey, yeah.. we should be good tho, it hasn't synced out
<Daviey> super
<zul> adam_g_: ill add cinder, nova, and keystone as well
<zul> adam_g_:  http://people.canonical.com/~chucks/ca/{nova,cinder,quantum} as well
<adam_g_> zul, lgtm
<zul> adam_g_:  thanks still just waiting for wsme to build
<adam_g_> zul, where?
<zul> adam_g_:  in saucy
<adam_g_> zul, i dont understand. you did a new saucy upload into ubuntu?
<zul> adam_g_:  did a new python-wsme upload into ubuntu
<adam_g_> zul, what version?
<zul> ubuntu2
<adam_g_> zul, what for?
<zul> erm....
<vlad_starkov> Question: I have RAID1 on a server with Ubuntu 12.04 LTS. Just checked `cat /proc/mdstat` and got `md1 : active raid1 sda2[0] sdb2[1](F) 975653696 blocks super 1.2 [2/1] [U_]`. It means I lost 1 disk in my RAID. How can I repair it?
<zul> now im seriously confused
<adam_g_> zul, i thought 0.5b2-2ubuntu1~cloud0 is proposed to  into the CA as a precise rebuild from saucy? 0.5b2-2ubuntu1 is what is in saucy atm
<adam_g_> 0.5b2-2ubuntu2 is in cloud archive as a mistake
<zul> adam_g_:  damn
<adam_g_> eg, it should have never gotten 0.5b2-2ubuntu2. it should have been 0.5b2-2ubuntu1~cloud0 when it was uploaded there may 30th
<zul> yeah
<adam_g_> wait
<adam_g_> what did you upload to ubuntu?
<zul> http://paste.ubuntu.com/5781635/
<adam_g_> oh jeez
<adam_g_> zul, you might want to get someone to reject whats in saucy-proposed
<zul> im going to upload ubuntu3 because there isnt any testsuite in there as well
<adam_g_> zul, ok
<zul> also its missing deps on six and webob as well
<adam_g_> zul, sorry i thought the ubuntu2 in saucy-proposed was the cloud archive rebuild
<zul> adam_g_:  nope
<zul> adam_g_:  are you going to be around later tonight?
<adam_g_> zul, if you have TODOs that would get python-wsme bumped higher than 2ubuntu2, cool. the havana-staging pocket is okay as-is until then, the bad versioning just screws with the report
<adam_g_> zul, ya
<zul> adam_g_: ok ill need a +1 fro it later then
<adam_g_> zul, once the 0ubuntu2 moves from saucy-proposed the report will show green, but it'll be lying
<zul> yeah ill fix it up
<GH0> Is there a command that would show me the brand and memory info of the RAM modules installed in my machine? lshw and cat /proc/meminfo?
<sarnold> GH0: dmidecode
<GH0> sarnold, dmidecode doesn't appear to list the product brand of the meemory modules.
<sarnold> GH0: aw nuts :( it got mine, but I'm on bog-standard consumer gear..
<GH0> Well, this is an older motherboard (Crosshair II)
<RoyK> GH0: or lshw
<GH0> I tried lshw too, it doesn't list the memory brand.
<GH0> It just shows this under the description for all four banks: description: DIMM DDR2 800 MHz (1.2 ns)
<GH0> Under product and vendor, it lists "None"
<sarnold> well there you go, it wasn't made and it wasn't sold :)
<sarnold> GH0: sorry, I'm afraid you're just goign to have to open it up :(
<GH0> :(
<GH0> So much of a pain to do that
<GH0> Or, I can just go back and look through order records. :P
<sarnold> you must have better organization than me :)
<sarnold> granted, I just buy all my memory from crucial because "it worked last time"
<GH0> Nope, considering it took me this much time to find it.
<GH0> :D
<vlad_starkov> Question: What brand do you recommend for 1TB server SATA drive?
<ScottK> sarnold: +1 for Crucial.
<sarnold> ScottK: nice to hear others have the same experience :)
<ScottK> Both for quality products and customer service.
 * keithzg hates, hates, hates Windows and the damn "Master Browser" election nonsense. No matter how high "os level" is set in smb.conf, still announced as OS version 4 minor 9, which loses to Windows 7 hosts and their version 6. Arghhh.
<monokrome> Is there a way to see if a box is ubuntu server or desktop easily?
<monokrome> Something with uname, I'd think
<G55321> try cat /etc/issue
<monokrome> tried that
<monokrome> Ubuntu 12.04.2 LTS \n \l
<G55321> uname -a shows kernel info
<monokrome> Linux ubuntu 3.5.0-23-generic #35~precise1-Ubuntu SMP Fri Jan 25 17:13:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
<monokrome> Doesn't seem to show anything server-specific here
<G55321> you accessing the box via ssh or something?
<monokrome> yep
<monokrome> My shell script needs to do something different when server instead of desktop
<G55321> ubuntu server does not provide GUI, so maybe search for installed packages that use a GUI and come by default with ubuntu desktop?
<monokrome> I mean, I can do `which xinit` or something
<G55321> like unity or firefox
<monokrome> but I was hoping for something more concrete
<ScottK> If X is isntalled, it's not a server.
<ScottK> By definition.
<monokrome> ScottK: Yes, but this script also needs to support Arch
<monokrome> where that isn't true
<monokrome> I think my best thing is just to specify in the command line what role the box is
<G55321> until 10.04 kernels where separate so you could do uname-a and get 2.6.X-server, but now they all use the same kernel
<monokrome> Yeah, I had thought it worked like that
<G55321> well you can check for running services also
<sarnold> servers usually don't have dhcp
 * ScottK doesn't know what a *nix server is that has X.  It's a bit of a non-sequitor.
<sarnold> some do, of course, but if the address is assigned via dhcp, it's more likely a workstation
<G55321> if you don't like/want the package search approach
<lifeless> sarnold: or a cloud instance
<monokrome> ScottK: Well, some have x libs
<sarnold> lifeless: hrm, good point.
<ScottK> Yes, some libs, but not the actual X server.
<lifeless> ScottK: edubuntu servers :>
<sarnold> network-manager then? :)
<monokrome> either way, I understand that point - but this script runs before the server is configured. It configures it.
<lifeless> ScottK: e.g. Xvnc
<monokrome> So, on Arch a desktop doesn't have X at that time either
<ScottK> lifeless: I suppose.
<monokrome> I thought maybe there was somewhere where Linux conventionally said server vs desktop, but now realize that makes no sense :}
<lifeless> sarnold: so network-manager on servers makes me very nervous ;)
<ScottK> But there is a CLI U/I for it, so it could be done.
<monokrome> network-manager on anything makes me nervous :(
<sarnold> lifeless: there we go :) hehe
<lifeless> ifupdown 4 eva.
 * ScottK wishes you could tell by if it had dbus, but we've crossed that bridge.
<sarnold> if you want to be decadant about it, sure :)
<lifeless> to me 'workstation' is 'thing users sit in front of to do their productivity'
<lifeless> and 'server' is 'thing that offers services over the network for users to use'
<lifeless> these are not mutually exclusive
<monokrome> right
<ScottK> I tend to think in terms of, there's a GUI if I want one or not, but that's not correct either.
<G55321> why I got kicked ? G55321 has quit (Excess Flood)
<ScottK> Excess flood is automatic.  No one here will know.
<G55321> the only reason to have a GUI on a server its if you don't know how to do it from command line
<lifeless> or you have admin tools that fail to work over the network, which is rare but I've fun into it
<sarnold> G55321: excess flood represents the size of the server's send queue to you, it can often happen when freenode loses a server and a few thousand people in your channels all quit at once... you can get dinged for having too-high a send queue as a result.
<sarnold> G55321: but I didn't see that huge pile of quits, so I'm not sure what happened to you :)
<G55321> thanks, was just curious, tought I did something wrong that I wasn't aware of
<sarnold> G55321: you might have, if you ran a series of commands that generated too much output... but there's usually enough rate-limiting in place these days to keep that from happening easily.
<zul> adam_g_:  python-wsme updated in http://people.canonical.com/~chucks/ca/python-wsme
<adam_g_> zul, looks okay but lets wait till it gets promoted out of saucy-proposed
<zul> adam_g_: ack
#ubuntu-server 2013-06-20
<TimRe> can anybody tell me why chroot vsftpd is not working when I login as an testuser because I have the jailed list setup but testuser can still see top level folders but its not locking to testusers home directory
<sarnold> TimRe: are you missing these updates? https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/1160372
<uvirtbot> Launchpad bug 1160372 in vsftpd "Login is not possible" [High,Fix released]
<TimRe> that link doesnt work sarnold
<sarnold> TimRe: hrm, uvirtbot loaded it alright... try just looking up the bug number 1160372
<TimRe> so its an bug then
<sarnold> TimRe: well, there was a bug in vsftpd that has had fixes released, I'm curious if the symptoms look like yours or if you've got a different one..
<TimRe> well I did the patch one what was listed here: https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/1160372 but now I cant even connect to it now either by port 21/22
<uvirtbot> Launchpad bug 1160372 in vsftpd "Login is not possible" [High,Fix released]
<adam_g_> zul, jamespage more! http://people.canonical.com/~agandelman/ca/folsom/swift_1.7.4-0ubuntu2.2~cloud0/
<zul> adam_g_:  +1
<joshmarshall> Hey all -- trying to start up 12.04 on EC2 + default VPC and I feel like I'm missing the "set up DNS, /tmp, mirrors, etc" script or something. Can anyone answer a few newb questions?
<Skaag> does the stock syslog that comes with ubuntu server support forwarding logs to a remote host over udp:514?
<qman__> Skaag, ubuntu uses rsyslog by default
<Skaag> I managed to get it to work
<Skaag> thanks
<adam_g_> zul, this one too http://people.canonical.com/~agandelman/ca/grizzly/swift_1.8.0-0ubuntu1.2~cloud0/
<jamespage> adam_g_, zul: swift uploaded to grizzly staging
<jamespage> adam_g_, also flushed through the 2013.1.2 updates to proposed
<zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/python-keystoneclient/ftbfs-new-deps/+merge/170614
<smoser> utlemming, ping.
<smoser> wondering if it would be useful for us to consider changing our ebsroot and instance store images on EC2 to be a partitioned disk and use the other pvgrub loader
<smoser> ie, using krn/pv-grub-hd00_1.03-x86_64.gz rather than krn/pv-grub-hd0_1.03-x86_64.gz
<smoser> the reason for this would be that then a.) grub might compleain less as there is a MBR to install to (although it still would'nt be read) and b.)if that worked, users could more easily take the disk image out of EC2 and boot it on kvm
<smoser> there would likely be some changes necessary to do this even in cloud-init's grub config module
<jamespage> zul, nearly done with the havana ca updates
<jamespage> all aside from quantum uploaded
<SuperLag> How do you remap CapsLock to Ctrl? I know how to do this on Ubuntu versions with a GUI, but no the server.
<zul> jamespage:  sweet thanks
<jamespage> zul: http://people.canonical.com/~jamespage/ca/folsom/
<jamespage> can I get an ack on the libvirt update as well please
<zul> jamespage:  perhaps...+1
<zul> jamespage/yolanda: can you have a look https://code.launchpad.net/~zulcss/quantum/quantum-refresh/+merge/170626
<jamespage> zul, almost there - http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/havana_versions.html
<yolanda> mm, i don't have permissions to do reviews now
<zul> yolanda: ??
<yolanda> with the branch change i do not have the possibility to approve it
<zul> *sigh*
<zul> roaksoax: https://code.launchpad.net/~zulcss/python-keystoneclient/ftbfs-new-deps/+merge/170614 and https://code.launchpad.net/~zulcss/quantum/quantum-refresh/+merge/170626
<yolanda> jamespage, rbasak: https://code.launchpad.net/~yolanda.robla/ubuntu/saucy/exim4/update_smtp_banner/+merge/170631
<rbasak> yolanda: do you still need to patch src/EDITME, or is that not required any more now that you're patching Configure-config.h?
<yolanda> you are right, i think it isn't needed
<yolanda> let me do a test build without that anyway, but it should be ok
<rbasak> yolanda: and do you need to refresh EDITME.exim4-light.diff? It would save having a reviewer verify that it doesn't change anything :)
<yolanda> yes, these 2 patches can be skipped if EDITME is not needed
<yolanda> i had to patch the -light.diff because it was giving conflicts
<yolanda> but with the new approach EDITME should be skipeed
<rbasak> Oh I see, of course. Now I see why you had to refresh it before.
<yolanda> i'm just building without the EDITME changes, let me see
<yolanda> it's quite strange how exim4 config is working, isn't it?
<roaksoax> zul: done!
<zul> roaksoax:  thanks
<rbasak> It does seem rather obtuse
<rbasak> I wonder what the reasoning was for doing it this way
<yolanda> the custom buildconfig parser looked strange to me
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/keystone/keystone-refreshed/+merge/170639
<yolanda> rbasak, i pushed version without EDITME, it works fine
<zul> jamespage/roaksoax: https://code.launchpad.net/~zulcss/keystone/keystone-refreshed/+merge/170639
<fortmac> if i wanted to configure a development server to face the WWW but not be accessible by the public should i just host it at www.mysite.com/dev and put a password up and hope hackers dont find it?  whats the procedure on something like that?
<rbasak> yolanda: lsb_release -si says only "Ubuntu". So the banner says 220 <hostname> ESMTP Exim 4.80 Ubuntu <date> with no release information. Is that intentional?
<yolanda> rbasak, yes, we just need to show Ubuntu there
<yolanda> rbasak : https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-server-app-banner-updates
<rbasak> yolanda: lgtm. I've commented on your MP, but I can't sponsor the upload.
<yolanda> mm, i can't see the line wrap...
<yolanda> you mean i exceed the max chars
<yolanda> ?
<yolanda> i updated it and i did a minor fix in patches, to add the BP url
<yolanda> so jamespage, zul, can you sponsor it? https://code.launchpad.net/~yolanda.robla/ubuntu/saucy/exim4/update_smtp_banner/+merge/170631
<yolanda> also dovecot is pending: https://code.launchpad.net/~yolanda.robla/ubuntu/saucy/dovecot/update_dovecot_name/+merge/170071
<rbasak> Yeah - convention is to wrap after <80 chars.
<rbasak> It doesn't matter much though
<yolanda> fixed, i just checked pep8
<LargePrime> getting this when trying apt-get upgrade The following packages have been kept back:
<LargePrime>   mysql-client-5.5 mysql-server-5.5 mysql-server-core-5.5
<LargePrime> 0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
<LargePrime> so, total newb.  what does this mean
<LargePrime> I am guessing it does not want to update MySQL
<rbasak> LargePrime: "upgrade" won't pull in any new packages to fulfill dependencies, so if dependencies have changed then it refuses to upgrade packages if the upgraded packages won't ahve all dependencies fulfilled
<rbasak> LargePrime: "dist-upgrade" will pull in new packages as needed.
<resno> rbasak: ive always just ignored when it says that
<LargePrime> will that upgrade my distro?
<resno> "itll fix itself later"
<LargePrime> o really?
<resno> primiarly because i didnt know what it meant
<rbasak> It won't upgrade your distro unless you have messed with your sources.list or sources.list.d/*
<LargePrime> pull one thread and look what happens
<rbasak> It will also tell you what extra stuff it is pulling in and prompt you first. If you see a huge number of packages, then perhaps stop
<LargePrime> can i tell it to just install the new dependancies
<rbasak> Yes - by using "dist-upgrade"
<LargePrime> Do i know this update will not screw with my DB and things
<resno> rbasak: will the eventually come forward or do you have to prompt them?
<rbasak> resno: it depends, but normally I wouldn't expect anything to change over time. If "upgrade" can't do a package, it won't magically be able to in the future unless that package changes again.
<rbasak> LargePrime: of course it'll screw with your DB. That's the whole point of upgrading. You do have backups, right?
<resno> LargePrime: you can also run it with --simular
<resno> simulate*
<rbasak> And you know how to restore the backups and have tested this, right/?
<resno> welp, i should had some backups before doing that updat lol
<LargePrime> rbasak:  I thank you
<LargePrime> also not need backups
<resno> you dont?
<zul> roaksoax:  https://code.launchpad.net/~zulcss/keystone/keystone-refreshed/+merge/170639
<roaksoax> jamespage: when we upgrade a charm, the config-changed hook is called, but not the install hook right?
<jamespage> roaksoax, no - the upgrade-charm hook is called
<jamespage> roaksoax, or do you mean when we upgrade openstack?
<roaksoax> jamespage: err, sorry i guess i should have said when we change the config and call upgrade-charm
<jamespage> roaksoax, ok - so for openstack series upgrades - yes - its just the config-changed hook
<jamespage> as the change in openstack-origin triggers the upgrade (at least it does right now)
<roaksoax> jamespage: ok cool! thanks!
<LargePrime> resno: I ment that I did not NEED them for this upgrade
<zul> jamespage/roaksoax: (sorry for being a pain in the ass today) https://code.launchpad.net/~zulcss/cinder/cinder-refresh/+merge/170663
<jamespage> zul, +1 on that cinder refresh
<jamespage> zul, just hit a great bug backporting ovs to 12.04
<jamespage> nothing todo with 12.04 but on my saucy laptop the pid of init is not 1
<zul> huh?
<jamespage> zul, its the upstart user thingy
<jamespage> I get two init processes - one for the system, and one for me
<zul> oh crappers
<jamespage> the schroots see my user based one
<jamespage> openvswitch has a test which expects the pid of the init process to = 1
<jamespage> #bag
<jamespage> #bang
<zul> whoops! ;)
<zul> good idea to get it fixed and contribute back upstream
<jamespage> zul: http://paste.ubuntu.com/5784315/
<jamespage> opinion sought
<jamespage> I'm checking for a process named 'init' rather than pid 1
<zul> wheres init.pid come from?
<roaksoax> zul: are we still supporting essex?
<zul> roaksoax:  yes
<zul> for security updates
<roaksoax> ack
<roaksoax> jamespage: so charms should continue to support essex then?
<jamespage> roaksoax, YES
<jamespage> yes
<jamespage> sorry - accidental caps
<roaksoax> lol :)
<zul> jamespage:  but yeah looks good
<roaksoax> adam_g_: so for the templating, templates/<openstack-release> should be duplicated across all the releases that hve the same file, but only added if one release config file has different config?
<zul> roaksoax:  well no i think essex uses python-gflags
<adam_g_> roaksoax, templates/<config file> is one that has stayed the same across all releases
<adam_g_> roaksoax, templates/<release>/<config file> is one that has changed format since <release>
<roaksoax> adam_g_: right os if essex changed format, but not the rest, I still have to have templates/{essex,folsom,grizzly,havana> right?
<adam_g_> roaksoax, if the essex format is different, but all releases since folsom use the same format, you can have templates/<essex>/<config file> + templates/<folsom>/<config file>.  all releases after folsom will fall back to the most recent templates/<release>
<mgriffin> is there a place that lists PPAs? I am looking for MySQL 5.6
<adam_g_> roaksoax, this approach may not be the most intuitive and im happy to change it if theres an easier way
<roaksoax> adam_g_: that makes sense to me
<roaksoax> adam_g_: but maybe, since we already now what release to install, it would be worth to add the release to the context and use it?
<adam_g_> roaksoax, use it for what?
<roaksoax> adam_g_: in the templates, but I guess that's just adding more complication
<adam_g_> roaksoax, ya, by the time those are called the template loader is already constructed. my idea was to have the context generators be as generic and re-usable as possible.
<adam_g_> roaksoax, the logic of supporting multiple release templates is isolated in the renderer + template classes, and each charms templates can be responisble for taking what they need from the generic contexts
<roaksoax> adam_g_: ok so does this make sense? http://paste.ubuntu.com/5784442/
<adam_g_> roaksoax, some indentation issues in the paste but generally looks goo
<adam_g_> roaksoax, oh and +#!/bin/bash
<adam_g_> ;)
<roaksoax> adam_g_: lol:) didn't even notice :)
<zul> adam_g_/roaksoax: https://code.launchpad.net/~zulcss/cinder/missing-dep/+merge/170677
<roaksoax> adam_g_: ideas of why this might happen? http://pastebin.ubuntu.com/5784524/ the relation is not being set in db_joined or something?
<adam_g_> roaksoax, its looking in your charms config for database + database-user, but the config.yaml doesn't contain those
<roaksoax> adam_g_: ohh i see!
<adam_g_> roaksoax, up until now, each charm had their own database config value (cinder-db, nova-db, etc). i'd like to standardize on just 'database' + 'database-user' across all of them.
<roaksoax> adam_g_: ok, so i should just change glance-db to database and so on
<roaksoax> this won't create any issues on upgrade?
<adam_g_> roaksoax, im not sure TBH.
<roaksoax> adam_g_: well I guess if relations are re-generated on upgrade, it shouldn't
<sw> Hi, is it meant to be that '$ w' will not show users that are currently rsync'ing to a server?
<sw> (Because it doesn't).
<sarnold> sw: I believe the intention of 'w' is to show which users are on which terminals
<sarnold> sw: no terminal would be used for rsync, so no 'w' entry
<sw> sarnold: Oh, woops. Is there a command like that but would show anything connected to the server (whether by rsync, SSH or whatnot)?
<sarnold> sw: I'm not sure. 'last' may show you want you want; 'netstat -ntup' shows 'active' network connections and their processes...
<roaksoax> adam_g_: http://paste.ubuntu.com/5784572/
<roaksoax> adam_g_: so it seems that the relation data been passed from mysql to glance is passed after it tries to render the config, resulting in a config without sql_connection being configured
<roaksoax> adam_g_: any ideas?
<roaksoax> adam_g_: http://paste.ubuntu.com/5784579/
<sw> What would be the cron line for 45 minutes past midnight? Is '45 00 * * *' correct?
<sw> sarnold: Thanks!
<adam_g_> roaksoax, ya, i was expecting we might hit this. my idea is to raise some new exception from context.py,like OSContextIncomplete, that the hook calling config.write() can catch and exit 0, similar to how we were checking [[ -n "$db_host ]] && exit 0
<adam_g_> roaksoax, if you wanna have a go at that, feel free
<roaksoax> adam_g_: ok cool, will look into it
<sarnold> sw: yes, that looks correct
<sjbnz> Having some very odd problems with NFS mounts this week...
<sjbnz> ...unable to write to them, and "ls" gives errors.
<RoyK> what error?
<sjbnz> The "mount" cmd says: 10.1.0.1:/webapp2qa/temp on /webapp/temp type nfs (rw,vers=3,proto=udp,soft,bg,intr,addr=10.1.0.1)
<sjbnz> But $ ls /webapp/temp gives: ls: reading directory /app/temp: Input/output error
<RoyK> sjbnz: tried to umount it and remount it?
<sarnold> anything in dmesg?
<sjbnz> Happening since Monday. Concerned that "unattented-upgrades" may have bumped us onto a bade version...
<sjbnz> Yup, getting some: [48534.516447] nfs: server 10.1.0.1 not responding, timed out
<sjbnz> ...but other mounts are working fine.
<RoyK> sjbnz: to same server?
<sarnold> on that server? or other servers?
<sjbnz> NFS server is an "i5" (AS400!) - this is the 13th of 13 mounts
<sjbnz> Have 3 boxes with the problems - two prod one test. All working fine until Monday
<sarnold> can you leave an 'mtr 10.1.0.1" running for a while and check the stats?
<adam_g_> jamespage, FYI this is killing ceph 0.63.1 on precise for me ATM, at least with nova's default long hostnames
<sjbnz> ?
<roaksoax> adam_g_: so something like this: http://paste.ubuntu.com/5784732/
<sjbnz> Just changed IRC clients, so I have missed the lat 10 mins
<sarnold> sjbnz: nothing directed your way :)
<sjbnz> mtr to my NFS server give avg:0.5, worst:9
<sarnold> seconds?
<sarnold> ah, I think it reports ms by default. okay. good. :) hehe.
<sjbnz> ms probably (whatever it is that mtr talks :-) It's on the same network, so it SHOULD be fast
<sjbnz> Looking y'day saw lots of those timeout messages, but not really matching with our problem...
<sjbnz> ...which is specific to one mount.
<roaksoax> adam_g_: nevermind that's wrong :)
<sjbnz> Actaully, some other mounts are also giving "funny" responce to an ls...
<sjbnz> ls: reading directory /webapp/proofimages: Input/output error
<RoyK> sjbnz: tried to remount it?
<RoyK> sjbnz: and are there any new kernels installed lately+
<RoyK> ?
<RoyK> nfs is in the kernel (usually)
<sjbnz> yup, although the boxes hadn't been rebooted to have them take effect.
<sjbnz> On 15/06: Upgrade: linux-server:amd64 (3.2.0.45.54, 3.2.0.48.58)
<sjbnz> ...form /var/log/apt/history.log
<sjbnz> but y'day 20/06: Remove: linux-server:amd64 (3.2.0.48.58),
<sjbnz> and now uname gives: Linux acme.example.org 3.2.0-48-generic
<sjbnz> (after I spent some time trying to reverse the updates)
<sjbnz> thx. Signing off now. I'm blaming the "mainframe" i5 guys seing reverting this kernel at the Ubuntu cleint end didn't help.
<halvors> My /etc/hosts says "127.0.1.1 server1. Should this be my real ip?
<halvors> How can i set that from DHCP?
<guntbert> halvors: no, thats ok
<zerick> halvors, I think is not necessary using DHCP
<zerick> and yeah, it's ok, it's default value
<jamespage> adam_g_, whats killing ceph?
<halvors> But my other slave dns server isn't able to connect to it.
<halvors> It connect's using the 127.0.1.1 ip :(
<adam_g_> jamespage, well, first i thought it was a segfault in liblockfile1 stopping ceph-mon from starting. after fixing that, ceph-mon still isn't starting.
<adam_g_> jamespage, failed to bind the UNIX domain socket to '/var/run/ceph/ceph-mon.server-78f8f3a8-d5c5-46f4-9e65-cfbf1deeff87.asok'
<adam_g_> jamespage, trying to make sense of the upstart scripts to try to debug why its not starting
<jamespage> adam_g_, whats the length of that path?  linux has a limit for opening sockets
<jamespage> 113 chars or something
<adam_g_> jamespage, oh jeez, thats probably it
<adam_g_> jamespage, the long hostname was causing the segfaul in liblockfile
<jamespage> adam_g_, somewhere in the depths its probably throwing a ENOENT or suchluck
 * jamespage tries to remember
<jamespage> adam_g_, 103 chars
<jamespage> http://openvswitch.org/pipermail/dev/2013-January/024528.html
<jamespage> its possible to hack around it but its awkward
<adam_g_> hmm
<adam_g_> that path is only 72 chars
<jamespage> adam_g_, odd
<adam_g_> jamespage, in other news i get a ugly core dump if i run 'ceph-mon --cluster=ceph -i server-78f8f3a8-d5c5-46f4-9e65-cfbf1deeff87 -f' manually or with a shorter id
<jamespage> pastebinit
<jamespage> ?
<jamespage> adam_g_, are you using charms to deploy?
<adam_g_> jamespage, yes. up until bootstrap_monitor_cluster()
<jamespage> adam_g_, can I see directly?
<adam_g_> jamespage,  http://paste.ubuntu.com/5784893/
<adam_g_> im working locally here
<halvors> zerick: What to do for setting the DHCP assigned address to /etc/hosts?
<zerick> halvors, well, you have to edit your /etc/network/interfaces
<zerick> halvors, set your ethX interface to "dhcp"
<zerick> indeed, DHCP is not going to write to /etc/hosts, that file you can edit manually if you wish
<halvors> zerick: I did.
<halvors> Ah ok.
<zerick> halvors, all concerning to IP configuration goes on /etc/network/interfaces
<halvors> Anyway. anyone who knows how to set in /etc/network/interfaces that i want to receive a IPv6 prefix using DHCPv6 Prefix Delegation?
<jamespage> adam_g_, hmm - looks like cuttlefish introduced some charm incompatible changes
<jamespage> looking now
<adam_g_> jamespage, ah
<jamespage> adam_g_, it would appear that /var/run/ceph and the mon directory itself must be present now
<jamespage> for the ceph-mon mkfs to actually work
<roaksoax> /win 4
<monokrome> I am running Ubuntu server in VMWare. Is there a way to make it so that the TTY is resizable?
<monokrome> I know that's probably baked into the kernel, but thought that there might be some fancy new thing for a resizable TTY. :)
<adam_g_> jamespage, ill see if getting that created as part of install hook helps
<roaksoax> adam_g_: i don't think we can add a OSContextIncomplete error class and catch the error elsewhere
<roaksoax> adam_g_: at least catch that error in particular
<adam_g_> roaksoax, why not?
<roaksoax> adam_g_: so i've been trying this: two.py defines Error and raises it. in one.py I do try: except Error: and the error is not being caught
<adam_g_> roaksoax, in one, do you 'from two import Error' ?
<roaksoax> adam_g_: yeah!
<roaksoax> I'm going to change the approach and see what happens
<adam_g_> roaksoax, im not sure, i dont have it in front of me but im sure it can be done
<jamespage> adam_g_, http://paste.ubuntu.com/5784969/
<jamespage> should sort you out
<adam_g_> jamespage, cool. testing the same thing right now. thanks
<adam_g_>       ceph-havana/1:
<adam_g_>         agent-state: started
<adam_g_> jamespage, ^ \o/ thanks
<adam_g_> jamespage, ill propose something to the charm
<roaksoax> adam_g_: ok IO'm hoping that this works: http://paste.ubuntu.com/5784994/
<adam_g_> roaksoax, thats what i had in mind.
<raub> logrotate question: can I have the postrotate command in the global area of the /etc/logrotate.d/whatever config file?
<lifeless> hallyn: hey there.
<lifeless> hallyn: ever seen lxc-create hang ?
<lifeless> hallyn: http://paste.ubuntu.com/5785045/ - want a bug? I've left it for 15m plus before ^C'ing it.
<Baribal_> Hi. Am I in the right channel for support on cloud images? 'Cause I managed to get a VM with the nightly saucy build running, but I don't even have a clue how to log in, that is, either I need user/pass (user being ubuntu, I guess) or a way to drop an ssh public key somewhere.
<sarnold> Baribal_: this may be useful: http://ubuntu-smoser.blogspot.co.uk/2013/02/using-ubuntu-cloud-images-without-cloud.html
#ubuntu-server 2013-06-21
<MasterZuFu> so I made a mistake. I tried to do an upgrade while using an ssh connection. the connection quit, now when I try to do the upgrade on the system itself, it says that the administration directory can't be unlocked and another process might be using it. what should I do>?
<bradm> MasterZuFu: what kind of upgrade is it?  do-release-upgrade or similar?
<MasterZuFu> do-release-upgrade
<bradm> check if there's a screen process running, it usually starts one up if you do the upgrade over ssh
<MasterZuFu> how do you do that bradm?
<bradm> MasterZuFu: sudo screen -list
<bradm> MasterZuFu: and then probably sudo screen -d -r if there is something
<G55321> hello guys, why /var/log/messages does not exist in ubuntu 12.04?
<zul> adam_g:  still around? https://code.launchpad.net/~zulcss/cinder/cinder-fix-deps-testr/+merge/170724
<adam_g> zul, ya
<adam_g> zul,  you already added that earlier
<adam_g> r112
<zul> adam_g:  oops..
<zul> adam_g:  nm go enjoy the rest of your day ;)
<adam_g> zul, also, a lot of our havana jenkins builds were blocked from building b/c python-pbr because a pre-requisite of building tarball with sdist. that should be fixed now
<zul> adam_g:  ok cool
<adam_g> because == became
 * zul goes wonder off
<adam_g> cya
<halvors> Anyone who knows how to set in /etc/network/interfaces that i want to receive a IPv6 prefix using DHCPv6 Prefix Delegation?
<sarnold> hey halvors1, no responses yet..
<MasterZuFu> bradm, so I let it finish it's upgrade, it rebooted...now the entire server is corrupted. i can't login, i'm getting crazy characters and boxes, and nothing is displaying properly....what do I do? :(
<dv81> to install a lamp stack, is it best to use tasksel, or install the lamp meta package?
<dv81> or more importantly is there no difference, and tasksel is merely installing said meta package?
<MasterZuFu> any person of awesomeness able to assist with this? how exactly can I reinstall ubuntu-desktop? That's what looks all funky
<sarnold> MasterZuFu: try running dpkg-reconfigure -a
<dv81> MasterZuFu: burn the ISO to a USB drive and boot into it??
<sarnold> MasterZuFu: maybe you're interrupted upgrade process left a pile of packages in half-installed state...
<MasterZuFu> O.o that's no fun
<MasterZuFu> is there any way to not have ubuntu-desktop load up upon boot so that I can get to the command line?
<dv81> MasterZuFu: yes ^_^
<sarnold> MasterZuFu: echo manual >> /etc/init/lightdm.override
<sarnold> MasterZuFu: details here: http://upstart.ubuntu.com/cookbook/#override-files
<dv81> cancel my Q, i rtfm :)
<sarnold> dv81: ah, what's the answer? :)
<dv81> according to https://help.ubuntu.com/community/Tasksel, its just installing the meta packages you already see in such as aptitude :)
<sarnold> aha :)
<wo0f> apparently theyre define here: /usr/share/tasksel/ubuntu-tasks.desc
<wo0f> does 'nload' draw a graph?
<fluvvell> sarnold, you asked me if my 10.04 install was relying on bsdgroups mount option. I confess I don't really know what you mean.
<sarnold> fluvvell: bsdgroups is a way to propogate group ownership of files and directories -- if a directory is setgid to a group, and the filesystem is mounted with bsdgroups, all files created in that directory are group owned by the directory group -- and directories are created with group owner _and_ setgid, to make sure the subdirs also get it...
<bradm> sarnold: isn't that just the normal way setgid directories work?
<sarnold> bradm: hrm, seems I've confused bsdgroups and sysvgroups :)
<sarnold> bradm: I thought the setgid only worked with bsdgroup mount option..
<bradm> sarnold: nope, definately not
<bradm> sarnold: I think bsdgroup means any newly created files / directories takes the group id of the directory it is in, but with sysvgroups it needs the setgid bit to do that
<sarnold> bradm: thanks man :) I've assumed the wrong thing for like a decade. never paid enough attention to the bit in the manpage...
<bradm> I've never needed to bother with bsdgroups, I just usually do the setgid bit if I need that.
<sarnold> fluvvell: so :) there we go -- did you use bsdgroups _or_ did you have the setgid bit set on your directories? :)
<bradm> sounds like something to make people migrating from bsd happy
<sarnold> *nod*
<wo0f> tmux Q: why is ctrl-b-c not creating a new window
<wo0f> using putty
<sarnold> wo0f: is caps-lock on?
<wo0f> NOPE
<wo0f> caps*
<sarnold> :)
<bradm> wo0f: does ctrl-b ? show c as being bound to new-window?
<wo0f> as in 'ctrl-b (shift)?' ?
<bradm> wo0f: yes.
<bradm> wo0f: that shows key bindings
<wo0f> bradm: showing nothing :(
<bradm> does ctrl-b anything work?
<wo0f> doesnt seem to
<bradm> maybe its remapped
<bradm> mine is ctrl-a instead
<bradm> check ~/.tmux.conf to see if there's any remapping been done
<wo0f> no tmux.conf in /root/
<wo0f> need to not be root? :S
<bradm> .tmux.conf - note the leading .
<wo0f> not shown with ls-a
<wo0f> ls -a
<bradm> not sure then
<bradm> maybe its in the global config
<adam_g> roaksoax, was thinkin about the context rendering + exceptions earlier and not sure the solution i had in mind would work 100%. gonna work on finishing off that cinder one tomorrow. hopefully figure somethin out then.
<wo0f> bradm: oh, there is no default config, and have to build your own?- exciting!
<sarnold> depends if you like those garish colors :)
<bradm> wo0f: well, there should be some kind of basic config
<wo0f> bradm: you would deffo have thought
<wo0f> surely it doesnt matter that it was installed as a dependancy of byobu?
<bradm> I wouldn't think so
<wo0f> OMG
<wo0f> PANIC OVER
<wo0f> thanks for help sarnold bradm
<bradm> oh?  what fixed it?
<sarnold> wo0f: what was it? :)
<wo0f> while googling tfm, i came across: "I hope you are not just pressing Ctrl+A. Basically, you have to press Ctrl+A and then release keys, then press "?" "
<wo0f> ohh...
<wo0f> *noob face*
<sarnold> aha
<sarnold> sure enough, smashing all of ^BC at once doesn't work, but ^B? did work.
<wo0f> screen/byobu has been too lenient with me ;P
<wo0f> sarnold: what does the "^" represent ?
<sarnold> wo0f: control
<shauno> odd one I haven't seen before.  host returns two lines; the first is a valid answer, the second is NXDOMAIN.  any suggestions why it might give conflicting answers to the same query?
<nilli> I'm reading about how to optimize my apache settings for a ridiculous amount of concurrent users, and this one article said "The default amount of "maximum" number of threads is usually enough; however, there can be conditions where this number may have to be increased. The threads usage can be monitored." I've really tried to figure out how they can be monitored but I think I'm asking google the wrong questions. Any ideas?
<bradm> nilli: server-status is the magic phrase, that'll show you what apache is doing.
<nilli> is that an apache module?
<bradm> yeah, mod_status
<nilli> thanks :)
<riz0n> Hello. I installed awstats to my Ubuntu Server. I followed the instructions on the Ubuntu how-to page but I am getting errors emailed each time crontab is processed. I "su root" and then "crontab -e" and put the awstats update command for each domain in the root crontab. What may have went wrong?
<riz0n> The error I am getting in the log file is that it could not open server log.
<Yamakasi_> guys, is this new ? passwd: Authentication token manipulation error
<Yamakasi_> I try to change a password of a user
<riz0n> Yamakasi_ That means when you re-typed the password, you didn't type it the same the 2nd time.
<Yamakasi_> riz0n: sure thing ?
<riz0n> joe@HMCS-Server:~$ sudo passwd joe
<riz0n> Enter new UNIX password:
<riz0n> Retype new UNIX password:
<riz0n> Sorry, passwords do not match
<riz0n> passwd: Authentication token manipulation error
<riz0n> passwd: password unchanged
<Yamakasi_> riz0n: no, I don't get the message it's not typed right
<Yamakasi_> riz0n: Sorry, passwords do not match is what I don't get
<riz0n> Check out http://askubuntu.com/questions/91188/authentication-token-manipulation-error and see if any of the situations outlined on that page may be causing you the issue.
<Yamakasi_> riz0n: will reboot that machine first
<Yamakasi_> riz0n: no Solution there
<riz0n> so i would sudo passwd -d username
<riz0n> then passwd to set a new one
<Yamakasi_> riz0n: did that too, didn't work
<Yamakasi_> never had this
<riz0n> can you change passwords on other accounts?
<Yamakasi_> riz0n: for root the same issue... and the rights on the files are OK
<Yamakasi_> riz0n: dunno as I never, really never seen this
<riz0n> Sounds like filesystem is only getting mounted read-only
<riz0n> but I don't know a whole lot about what could be going on.
<Yamakasi_> riz0n: yes it looks like it, but tge strange thing is that I can just do an update
<Yamakasi_> and just did
<Ben64> when i log into my server with ssh, it warns that my partitions will be checked next boot. how can i stop that?
<rbasak> Ben64: look at the tune2fs manpage. You can examine the mount count, max mount count before check, last check time, max time before check etc. options and change them.
<Ben64> but will changing that unmark it for fscking on boot?
<rbasak> I think so but am not sure.
<rbasak> Look out for the two ways an automatic fsck is triggered: mount counts, and time-based.
<Ben64> ok
<Ben64> i'm scared of my server not being responsive for that long
<Ben64> its like 8000mi away, i can't get to it to fix it either
<rbasak> Then you should test and experiment on a different machine first.
<Ben64> good idea
<Yamakasi_> riz0n: copied a new 12.04 image and that is working OK, soing a release upgrade now
<Drag0nflamez> good morning everyone, i have a tiny huge issue with my apache2
<Drag0nflamez> as in: it does not serve any pages, neither static nor dynamic
<melmoth> Drag0nflamez, start with the obvious. Is is started, is it listening on port 80, is there any error in the logs ?
<Drag0nflamez> it listens on port 80, if i do tail -f on the logs i see this error
<Drag0nflamez> moment pls
<Drag0nflamez> http://pastebin.com/nRc5qDS8
<Drag0nflamez> Which is a strange error because it didnÂ´t happen yesterday
<Drag0nflamez> and in the meanwhile the configs werenÂ´t changed
<melmoth> hmm, something is already listening to port 80
<Drag0nflamez> already tried reloading the apache2 service, destroying my precious uptime by doing sudo reboot
<G> Drag0nflamez: lsof -i :80
<G> Drag0nflamez: get that output
<melmoth> or sudo fuser -n tcp 80
<Drag0nflamez> doesnt output anything
<Drag0nflamez> also nothing
<G> Drag0nflamez: you are starting Apache as root right?
<Drag0nflamez> ye
<jpds> Drag0nflamez: $ sudo netstat -ltnp | grep 80
<Drag0nflamez> also nothing
<melmoth> i am puzzled...
<Drag0nflamez> Weird.
<melmoth> if you telnet on port 80 , do you get a prompt of some sort ?
<jpds> Drag0nflamez: And if that returns nothing: sudo apache2ctl restart
<Drag0nflamez> same error but now only for ipv6
<Drag0nflamez> but v4 still doesnt serve anything
<Drag0nflamez> also why is it trying to bind to 0.0.0.0?
<Drag0nflamez> which is a bogus IP...
<melmoth> it s listening to _any_ adresses
<Drag0nflamez> i know that (explicitly told to listen to *:80)
<Drag0nflamez> so what could be causing this...
<rtuio> hello there
<Drag0nflamez> Hello.
<rtuio> anyone tried to configure proxy dot pac on ubuntu server ?
<rtuio> to get have access with apt over internet
<rtuio>  ?
<rbasak> I'm not sure apt supports that, so I could be mistaken. But a proxy.pac will generally only specify a single proxy for access to an external apt repository, so you can just set Acquire::http::Proxy to that.
<rtuio> how ?
<maxagaz> Hi
<rtuio> #virtualbox
<maxagaz> I'm looking for a web hosting solution, I'm currently using bluehost, which is not bad, do you have any other suggestion, or should I just go again for bluehost ?
<ikonia> maxagaz: not really something for #ubuntu-server
<Drag0nflamez> ^
<jamespage> Daviey: I think the impact of that is a bit beyond my experience of ovs
<jamespage> I'll ping the upstream ML for guidance
<Daviey> jamespage: Yeah, i started trying to hack it in based on similar projects solving the same problem.. but i wasn't convinced i was doing a good job, so droppe dit
<Daviey> thanks
<Drag0nflamez> ah, fixed my issue
<Drag0nflamez> Apparently 2 conflicting listen directives in sites-availalbe
<Drag0nflamez> available*
<Drag0nflamez> which should have been in ports.conf
<Drag0nflamez> Thank you Apache2 sites examples
<Drag0nflamez> anyways, goodbye.
<jamespage> Daviey, OK _ upstream emailed for guidance
<jamespage> Daviey, it might be a big job to enable the 802.1ad feature in ovs, but a smaller job to make it compatible with the 3.10 kernel if that makes sense.
<jamespage> Daviey, zul, adam_g: http://people.canonical.com/~jamespage/ca/havana/ - specifically openvswitch
<Daviey> Yeah, i don't think we need 802.1ad for anything this release.. so just making the thing work without it, might be suitable
<Daviey> if we can compat it
<jamespage> Daviey, I think we can
<jamespage> but it won't be accepted upstream I think
<Daviey> jamespage: it would be enough for the short-term.  As of next week, we could be in a pickle
<jamespage> Daviey, OK - I'll look at a hack compat for then
<Daviey> jamespage: that sounds super, thanks
<Pupeno> I have a bunch of custom upstart jobs. Is there an easy way to have a command/job that I can start, stop or restart to start, stop or restart them all?
<zul> jamespage:  +1
<rbasak> Pupeno: you can create a "dummy" job that can just be stopped or started manually. upstart will keep track of its state but otherwise do nothing.
<rbasak> Pupeno: then your bunch of custom jobs can each have the changing status of this job in their start and stop conditions.
<rbasak> Pupeno: so you can do it, but whether or not that's a good idea depends on your situation
<jamespage> zul, ta - uploaded
<zul> jamespage:  with luck i should have qemu ready today
<jamespage> Daviey, once openvswitch is built do you want to sync havana-staging -> havana-proposed?
<jamespage> or should we wait for zul's qemu as well
<Daviey> jamespage: makes sense to do them together i guess.
<zul> jamespage:  the openvswitch is tested right?
<zul> because i need to test the qemu stuff after it builds
<hallyn> lifeless: yes please, a bug is probably best
<roaksoax>  /win 8
<zul> roaksoax:  dude...
<roaksoax> zul: what?
<roaksoax> lol
<zul> roaksoax:  hehe
<roaksoax> ?/
<zul> time to switch irc clients ;)
<roaksoax> zul: lol... nah... I don't like xchat like you do
<roaksoax> :P
<hallyn> jdstrand: hey, just wondering, have you looked at all at the libvirt fine grained access control for libvirt APIs thread?
<jdstrand> no, sorry
<hallyn> (I haven't really, just noticed it today.  it has polkit and selinux drivers - well, will have.  sounds like we may want to add apparmor at some point)
<hallyn> ok
<hallyn> for now i'll add it to my list of apparmor stuff i need to look at for libvirt
<jdstrand> cool, thanks
<jdstrand> it's not something I have a lot of time for atm, but will add it to my todo list to review at some point
<hallyn> cool, ttyl
<zul> hallyn:  spice question for you
<jamespage> zul, yes - I ran the smoke tests we have for dep-8 on 12.04 as well
<zul> jamespage:  cool just checking
<zul> hallyn:  libspice-server-dev depends on libspice-protocol-dev (>= 0.12.0~) but its not built at all (libspaice-protocol-dev)
<jamespage> zul, only problem I have noticed is that the upgrade from 1.4.0 -> 1.10.0 is not working
<zul> whats not working?
<jamespage> zul, the 1.10.0 restart hangs trying to get the version from the old running userspace daemons
<zul> jamespage:  oh
<hallyn> zul: not built at all?
<zul> hallyn:  never mind i read the changelog
<hallyn> ok
<yousaf_> hi all
<yousaf_> so I want to install wordpress on sub.domain.com but I want it to be used through www.domain/wp/
<yousaf_> can this be done and if so how?
<yousaf_> i am on ubuntu 12 + nginx
<zul> yousaf_:  google nginx rewriting dowmains
<yousaf_> ok but do you get what i am looking for?
<yousaf_> its not just a simple redirect
<yousaf_> i don't know if "virtual path" is the right word for this but that is what i need
<zul> yousaf_:  yes i do
<zul> yousaf_:  there are plenty of examples on the net that tell you how to do it
<yousaf_> this http://forum.nginx.org/read.php?11,2531 ?
<zul> yousaf_:  sure
<Penyulap> I have ubuntu server 12 I think on one computer, and I talk from this main ubuntu computer, I use ssh on the command line to talk to use commands onthe server, I want to add a small file, I am pretty much sortof beginner with command line, i use it some, but what of a text editor that I can dump text into, so it comes out as a file over the other end ?
<Penyulap> So now i use ssh and can do some things through the network, but what is a simple editor i could use?
<chaput> nano
<Penyulap> thank you
<hallyn> smb: so you're discussing bug 1191782 on the m-l?  do you want to assign it to yourself?
<TheLordOfTime> apparently i missed someone having nginx issues?
<smb> hallyn, Hm, yeah. Could have done that already
 * TheLordOfTime shrugs
<nilli> does the apache2 directive Timeout affect slow file uploads? if it takes a user 65 seconds to upload a file and Timeout is set to 60, will the upload fail?
<FunnyLookinHat> Hey guys - is there a way I can apt-get install mysql and set the root password in the same line ( or via bash script ) ?
<FunnyLookinHat> nvr mind: http://stackoverflow.com/questions/7739645/install-mysql-on-ubuntu-without-password-prompt   :)
<roaksoax> adam_g: howdy! Why do you think the Exceptions wont be enough?
<roaksoax> adam_g: i keep getting this erro: http://pastebin.ubuntu.com/5787162/
<roaksoax> with this: http://paste.ubuntu.com/5787165/
<roaksoax> marcoceppi: ping
<roaksoax> marcoceppi: any ideas? http://paste.ubuntu.com/5787130/
<roaksoax> (the trace at the end)
 * marcoceppi looks
<marcoceppi> roaksoax: it looks like either database_host isn't being sent to the templating, or there's an error in the template itself causing it to bail
<marcoceppi> roaksoax: I can take a deeper look in a little later, but I think adam_g or jamespage would be faster at helping
<roaksoax> marcoceppi: cool thanks for the input. I was thinking somehwere in between those lines too
<jamespage> roaksoax, can I see the full branch please?
<roaksoax> jamespage: lp:~andreserl/charms/precise/glance/port
<adam_g> jamespage, checking that branch now.
<jamespage> adam_g, yeah - me to
<jamespage> something wonky is going on with the hookenv serializable stuff
<roaksoax> yeah
<roaksoax> the context is not empty though
<adam_g> roaksoax, the exceptions wont work because for every write() multiple contexts can raise an incomplete exception, when we're only interested in a single exception. eg, context.amqp() would be incomplete on a shared-db write() if no amqp relation exists
<roaksoax> adam_g: I see, yeah definitely that would be a problem
<roaksoax> adam_g: that render_configs() would have to be smarter then and only render the config its being asked to render
<roaksoax> that way the Exceptions would work
<roaksoax> without mayor change
<roaksoax> to other than how we do the CONFIGS.write()
<jamespage> roaksoax, adam_g: hmm - the {% if database_host %} is calling __getattr__ with the key __nonzero__
<jamespage> that feels like a bug in Serializable to me
<jamespage> adding that function to the class fixes the problem
<adam_g> jamespage, to which?
<jamespage> Serializalble
<jamespage> "    def __nonzero__(self):
<jamespage>         return self.data is not None
<jamespage> "
<adam_g> hmm. i haven't seen this but i havne't been using the @cached stuff yet
<jamespage> adam_g, not sure that 'cached' is the issue - the underlying function still returns a serializable
<jamespage> adam_g, I think its the way that jinja2 is interrogating the object
<jamespage> Serializable(UserDict.IterableUserDict)
<jamespage> but for a simple, scoped relation_get its not a dict, its just a value.
<goddard> i set my ubuntu installation to static but for some reason it is not able to access the internet
<IRCShare> <ThothCastel> why is it saying invalid syntax(21)???
<ThothCastel>  http://ircshare.com/i/bp
<ThothCastel> I am on the process of configuring an LDAP server on a ubuntu server through the CLI - >https://help.ubuntu.com/10.04/serverguide/openldap-server.html
<ThothCastel> help pls
<ThothCastel> when replacing this     olcRootDN: cn=admin,dc=example,dc=com      with my own configuration for a domain as procopio.co.uk   should I add     olcRootDN: cn=admin,dc=procopio,dc=co,dc=uk    ????
<roasted> hello friends
<roasted> I'm not sure what kind of conclusion I can draw up here, but I figured I'd ask as I'm grasping for ideas. I have Ubuntu Server 12.04.2 running. I was having a truckload of issues with my server recently, particularly when I'd rsync a lot of data to it. Last night it went into read only mode and reboots did nothing. I swiched the SATA3 cable for the SSD (OS drive) and it boots up fine. But what's weird is my monitor just goes black during boot.
<roasted>  I see no login screen.
<roasted> I can SSH into it fine and I'm not seeing any errors, but uh... any ideas? I just found it weird the monitor went black with 0 login screen @ CLI...
<ThothCastel> help pls
<vDevices> hello Everyone!
<vDevices> i'm a newbie to the world of managing servers
<zul> jamespage/adam_g: fun times
<zul> jamespage/adam_g: http://people.canonical.com/~chucks/ca/
<vDevices> i find myself managing 5 servers (4 Ubuntu Server 12.04 LTS + 1 ARM Debian).  I would wondering if any of you have any recommendations for a server-monitoring program/platform?
<zul> vDevices: nagios
<adam_g> zul, those look okay. one nit, 'New upstream release for the Ubuntu Cloud Archive' is a bit misleading. they're just no-change rebuilds
<zul> adam_g: what do you suggest?
<adam_g> zul, "New update for..." its not that big a deal. i've been modifying it to "New security update..." when its a security update rebuild
<zul> adam_g:  okies i can do it for the next round
<adam_g> jamespage, these ceph-osd log errors look familiar to you? http://paste.ubuntu.com/5787475
<jamespage> adam_g, thats a new one for me
<jamespage> zul, note that cloud-archive-backport has a --changelog option
<zul> jamespage/adam_g: should i re-do it?
<adam_g> zul, nah, just a nit
<jamespage> I'd not block on that basis
<zul> adam_g:  ok so +1?
<adam_g> i'd be surprised if anyone other than us look at these changelogs anyway :)
<adam_g> zul, ya
<zul> cool
<roasted> :D
<roasted> being super lazy
<roasted> really have 0 time to spare
<roasted> the thought of getting up is something I cannot handle
<jkyle> When you restart networkign with the init script, you get "Running /etc/init.d/networking restart is deprecated because it may not enable again some interfaces"
<jkyle> what is the non-deprecated way?
<genii> jkyle: sudo start/stop/restart servicename
<genii> Alternately: sudo service servicename start/stop/etc
<sarnold> genii: but will that Do The Right Thing for the other interfaces?
<genii> sarnold: Hopefully!
<genii> If the /etc/network/interfaces is set up correctly don't see why it would be a problem
<sarnold> genii: some networking services are provided elsewhere; lxc-net, for instance..
 * genii sips and ponders
<sarnold> yeah. I'd like to think it would all just work :) but not knowing makes me wonder..
<roasted> hello
<roaksoax> adam_g: the other option would be to have 1 exception per type of context... though that would probably be non-generic and many exception errors
<adam_g> roaksoax, yea. i was thinking of adding an attribute to the class(s) that can be checked to see which contexts have been completely satisifed
<adam_g> roaksoax,  so the calling hook can do something like: if 'shared-db' not in CONFIGS.context_complete: return else: CONFIGS.write(...)
<adam_g> roaksoax, im gonna have a go at that this afternoon. still bangin on ceph atm
<roaksoax> adam_g: ok cool!
<TheLordOfTime> the restricted repos contain closed-source stuff right?
<ScottK> Yes, but it's limited to things like firmware and drivers to get hardware working.
<LargePrime> this is more of a java question, but how do i run "ulimit -c unlimited" at startup, before all other things?
<immotus_> I've got a crazy question :^)  I'm trying to get an Ubuntu 12 server downgraded to an Ubuntu 10 server (app requirement) remotely.  I have console access via IPMI, but no PXE environment setup on that network.  Any ideas how to get the net-install to boot from Ubuntu 12's GRUB menu?  I've tried copying the initrd and kernel image and creating a menu entry for it.. but it doesn't seem to come up.  No error, just a blank
<immotus_> screen after the Grub menu
<sarnold> LargePrime: can you stuff that into whatever shell script starts your application?
<LargePrime> Can I add it to that user?  there is an application user defined
<LargePrime> do i need any rights to modify ulimit
<sarnold> LargePrime: raising limits does require superuser powers..
<sarnold> LargePrime: see also /etc/security/limits.conf
<LargePrime> i have a user 1003.  can i just add that user to the file?
<LargePrime> and do i really want unlimited?
<sarnold> LargePrime: since I can never remember the measurement units, I tend to use unlimited :) hehe
<sarnold> LargePrime: .. and you'd have to lose a core file because it was that little bit too big..
<LargePrime> so i can just add the line "1003 soft  core unlimited" to /etc/security/limits.conf and save sarnold ?  how do i get that loaded?
<LargePrime> do i have to restart the server?
<sarnold> LargePrime: you might have to use the username
<LargePrime> cant use number?
<LargePrime> ok
<sarnold> dunno, I don't see any examples in the file :)
<sarnold> LargePrime: the limits are applied when the user logs in through the PAM stack, any service that has pam_limits.so in the stack will enforce them..
<LargePrime> how do i know if my user has a pam stack
<LargePrime> and this use does not "login"
<LargePrime> it is an application
<LargePrime> and Wehn i say "does not" i mean " i think"
<sarnold> LargePrime: hrm, then maybe editing an upstart config file?
<sarnold> LargePrime: how does it start?
<LargePrime> witha a <dir>/multicraft -v start
<sarnold> LargePrime: what runs the command? cron? upstart at boot?
<LargePrime> upstart at boot.  but there is weirdness.  this start is one user, but the application has 10 other users it has to keep parts of it secure to themselves
<LargePrime> so i guess i need all these users to have a raised ulimit
<LargePrime> I guess I should contact the app dev
<sarnold> LargePrime: here we go: http://upstart.ubuntu.com/cookbook/#limit
<sarnold> LargePrime: I assume the first process runs as root, so it can start the other processes as other users?
<roaksoax> adam_g: so I was looking at the context for keystone, and in glance we have 'auth_uri', which is not in the context. Is there a way to easily add extra var names to the context?
<jkyle> genii: yeah, that' doesn't work for networking. I just scripted a ifdown -a && ifup -a
<genii> jkyle: Good to know for future.
<jkyle> maybe start/stop might work. no restart....I'll test the start stop after this pxe run, but I think it has the same prob as the init.d
<adam_g> roaksoax, that doens't come from the relation, its made up of values from the relation: (from the bash version) set_or_update "auth_uri" "http://$keystone_host:$service_port/"
<roaksoax> adam_g: yeah, but we still need in the context
<adam_g> roaksoax, you dont necessarily, just http://{{ keystone_Host }}:{{ service_port }} in the template
<roaksoax> adam_g: ahh yeah you are right
 * roaksoax needs coffee a
<adam_g> roaksoax, if you wanted to inject it into the context you could, after the check to context_complete() but its not necessary IMHO
<roaksoax> adam_g: yeah I see your point. it is indeed not necessary
 * genii slides roaksoax a fresh mug of coffee just right for drinking
<roaksoax> genii: lol thanks!
<genii> roaksoax: np
<goddard> anyone setup a static ip with comcast business class?
<roaksoax> adam_g: the other option would be to return True/False from write()
<roaksoax> to see whether it was written successfully or not
<adam_g> roaksoax, well, write() is inspecting any number of contexts. i'd expect write() to return true in shared-db hook even if its amqp context is incomplete
<adam_g> roaksoax, ive got something im about to test
<roaksoax> adam_g: right, so in that case that would be fine because shared-db only needs db stuff, mand that true would tell "it is good to go, if it is false, then return (from shared-db relation that calls the write() function". But if you've got something already then we can just use that :)
 * roaksoax thinkgs I might not made any sense
<roaksoax> lol
<adam_g> roaksoax, but .write() has doesn't have any notion of what context you're expecting a True or False about
<roaksoax> adam_g: yeah, you are right!
<goddard> anyone setup a static ip with comcast business class?
<adam_g> roaksoax, i think i've got somsething for you. one min
<roaksoax> adam_g: awesome! let me know. I'm off now but will probably be on and off throughout the night
<roaksoax> eveninig*
<adam_g> roaksoax, http://bazaar.launchpad.net/~gandelman-a/charms/precise/cinder/pyrewrite/view/head:/hooks/cinder_relations.py
<adam_g> roaksoax, you'll need to sync in charmers from lp:~openstack-charmers/charm-tools/pyrewrite-helpers (just realized that branch is named incorrectly)
<roaksoax> adam_g: awesome! thsnks!
<adam_g> roaksoax, and also adjust how you call register() on the configs (to use the new objects and not functions defined in context.py)
<adam_g> roaksoax, im based on an older charm helpers branch so its not using the caching layer jamespage added. ill need to rebase and test that, so in th meantime its a bit slow
<roaksoax> ok cool thsnks for the input
#ubuntu-server 2013-06-22
<excalibr> Hello. can someone explain me why locking an account doesn't stop a process from running with the account priv?
<sarnold> excalibr: locking only prevents the account from finishing the PAM login stack
<sarnold> excalibr: existing processes aren't affected
<sarnold> .. and processes set to run as that userid outside the PAM stack won't be influenced
<excalibr> aha
<antihero> Hello, how do I find out what packages I have installed by repo (e.g. nonfree, contrib, etc)? As I want to trim down my sources.
<tom[]> is there a conventional place to keep a root crontab with jobs specific to the server's application (as opposed to its os)?
<_KaszpiR_> hm
<_KaszpiR_> seem I've got some issue with accessing samba share from win7 to ubuntu server
<_KaszpiR_> the transter is ~ 16k/s to the server
<_KaszpiR_> over wifi
<_KaszpiR_> looks like the issue is when connecting to server using netbios name
<_KaszpiR_> ipv6 tunneling problem?
<_KaszpiR_> hm
<_KaszpiR_> and now it works
<_KaszpiR_> magic
<Psi-Jack> Is it possible to install Ubuntu 12.04 onto a GPT style partition, instead of an msdos style partition?
<RoyK> yes
<Psi-Jack> Excellent.  I'm going to be rebuilding my ceph servers from being Arch based, which is a maintenance nightmare, to Ubuntu, and I wanted to simply format the base partitions for the system, keeping the partitions exactly as they are, install ubuntu, and copy my ceph configurations back over and get ceph re-joined to the cluster.
<Psi-Jack> Fun times. :)
<RoyK> Psi-Jack: I'm becoming somewhat hesitant to using ubuntu for servers after a few bugs I've reported hasn't been addressed much, or totally ignored. I think debian may be safer
<Psi-Jack> RoyK: Ceph officially supports Ubuntu the highest, and since they're dedicated to Ceph and nothing else, I'm perfectly fine using Ubuntu for it. I'm actually currently using a lot of Ubuntu-based servers, but I'm migrating a lot of them to CentOS, just because I want to and it'll give me an edge of the infrastructure of my company's infrastructure platform.
<Psi-Jack> Really, the only thing I really truly hate most about Ubuntu is upstart, and I can see that not going away, unfortunately. Oh, and Canonical's slap in the face of Wayland over Mir.
<RoyK> upstart is proably the thing that broke nested raidsets
<Psi-Jack> Heh, probably.
<RoyK> I filed an xfs bug a couple of weeks back, they just flagged it as "incomplete" although xfs developers have confirmed it
<Psi-Jack> but, I dunno. I hardly even care much about RAID, since mostly I use Ceph now.
<Psi-Jack> xfs bug?
<RoyK> well, xfsprogs bug 1189567
<RoyK> !bug 1189567
<RoyK> hm - sad bot?
<RoyK> https://bugs.launchpad.net/ubuntu/+source/xfsprogs/+bug/1189567
<Psi-Jack> Hmmm
<Psi-Jack> And do you have confirmation from XFS devs somewhere that you can tack on to that to increase the severity up within reason? If so, I'd do so.
<RoyK> see the note about sandeen confirming it
<RoyK> sandeen@#xfs
<RoyK> fixed in 3.1.8, but there were lots of fixes between 3.1.7 and .8
<Psi-Jack> That doesn't seem to be anywhere in the bug report that I see.
<RoyK> <sandeen> on #xfs @ irc.freenode.net, apparently working for redhat, confirmed this bug on xfsprogs 3.1.7, but not on 3.1.1 or 3.1.8.
<RoyK> from the bug report
<Psi-Jack> yeah, that's not reasonable enough proof. You need to directly link to a reference point that proves it, such as potentially Red Hat's JIRA bug entry for it.
<RoyK> eh
<RoyK> can you please test with your xfsprogs?
<RoyK> the dump is there
<RoyK> it's pretty easy to reproduce
<Psi-Jack> I don't have a system i could just test that with right now.
<RoyK> just apt-get install xfsprogs and run xfs_repair against the dump
<Psi-Jack> I'm just trying to suggest hard references that can bump this bug to a show-stopper level bug that will help canonical put real effort into it, especially for LTS.
<RoyK> Psi-Jack: well, it's easy to reproduce and the fix is in 3.1.8 somewhere
<patdk-wk_> hmm, 12.04 has 3.2, so shouldn't it include that fix?
<patdk-wk_> oh xfsprogs not kernel
<RoyK> patdk-wk_: right
<RoyK> it's not a kernel issue
<patdk-wk_> ya, sounds like something I would shove into my ppa
<patdk-wk_> so many things in there to fix issues in ubuntu
<patdk-wk_> I did a hole crapload of work to fix xtables
<patdk-wk_> made a very nice patch for it and packaged it and everything ,and posted it to the bug report
<patdk-wk_> haven't heard anything
<LargePrime> is there a way to know what the ubuntu package is named if i know the DEB name?
<LargePrime> an app wants me to install "php-bcmath"
<LargePrime> but that not in ubuntu repo?
<LargePrime> https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4  does this mean i already has it?
<patdk-wk_> LargePrime:
<patdk-wk_>  The following extensions are built in: bcmath bz2 calendar Core ctype date
<patdk-wk_>   dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
<patdk-wk_>   mbstring mhash openssl pcntl pcre Phar posix readline Reflection session
<patdk-wk_>   shmop SimpleXML soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer
<patdk-wk_>   wddx xml xmlreader xmlwriter zip zlib.
<ScottK> patdk-wk_: What bug?
<patdk-wk_> mainly that all dkms modules are broken for the enablement stack
<patdk-wk_> but specifically one of the 10's of xtables enablement bugs
<LargePrime> Thanks patdk-wk_  Sorry for the noobish question.  just double checking.  Is there a search tool to see if i already has a Lib in another thing?
<patdk-wk_> bug #1166659 is the one I commented on
<patdk-wk_> hmm, I guess that bug isn't specifically about the eneablement stack kernels, but same issue on both
<LargePrime> Is there a search tool to see if i already has a Lib in another package?
<ScottK> patdk-wk_: I thought you said you'd posted fixes that hadn't been uploaded?  I don't see any in that bug.  BTW, I've seen some DKMS + HW enablement stack bugs fixed, so it's not systematically being avoided.
<patdk-wk_> scottk, I said I posted fixes into a package in my ppa, and posted that info to the bug
<ScottK> I see.
<patdk-wk_> atleast when I saw did that, just a few weeks ago, it wasn't fixed
<ScottK> If you could attach a debdiff with the fixes and subscribed ubuntu-sponsors to the team, it will get looked at.
<patdk-wk_> it's a bit more than that :(
<patdk-wk_> it's a new version of xtables, with changes backported for older kernels
<patdk-wk_> the changes to support the new kernel where much more than fixing it for older kernels
<ScottK> I see.
<ScottK> In theory that could still be done.
<patdk-wk_> ok
<patdk-wk_> ya, there is only two changes, one patch file, and orig source
<ScottK> It's a bit outside the normal rules, but sometimes it makes sense to bend them.
<patdk-wk_> it served my needs well, and worked on 12.04 12.10 and 13.04
<patdk-wk_> so offering it
<ScottK> Could you write a mail to the ubuntu-server list describing the situation and why you think this is the right approach?  It does need a bit more visibility than a normal bug report.
<patdk-wk_> ok
<LargePrime> how do i install libstdc++.i686
<patdk-wk_> use apt-cache search
<mojtaba> Hi, I have a spreadsheet with lots of hyperlinks, and I just want to keep the hyperlinks. Does anybody know what should I do?
<mojtaba> Hi, Does anybody know how can I keep the hyperlink and remove the text from the spreadsheet?
<mojtaba> http://paste.ubuntu.com/5790434/
<mojtaba> http://paste.ubuntu.com/5790434/
<patdk-wk_> mojtaba, use a channel that cares?
<patdk-wk_> this is #ubuntu-server, not #officelibre or whatever it is called these days
<patdk-wk_> there is no spreadsheet program in ubuntu-server
<mojtaba> patdk-wk_: Do you know what is that?
<xulf> What is going on
<thesheff17> I'm trying to run qemu-system-arm -kernel kernel-qemu and I keep getting qemu: could not load kernel 'kernel-qemu' any ideas?
<thesheff17> I have all the packages installed and I know this CPU works fine with the virtual machine stuff
<wo0f> how do i enter M-1 to M-5  Arrange panes in one of the five preset layouts: even-
<wo0f>                        horizontal, even-vertical, main-horizontal, main-
<wo0f>                        vertical, or tiled.
<wo0f> with tmux
<wo0f> (wow sry for multi line!)
<patdk-wk_> heh? panes?
<patdk-wk_> ubuntu-server doesn't have panes
<wo0f> yes panes, and yes it does work
<patdk-wk_> oh, tmux isn't an x thing
<patdk-wk_> s/panes/terminals
<wo0f> what do the M-1 and M-5 represent? whats the M key, how do i enter it
<wo0f> no x :)
<qman__> Mod, also known as the Windows key or DOS key depending on where you come from
<qman__> I believe it's also called Super in some contexts, too
<wo0f> qman__: thank you so much!
<wo0f> still at a loss, as to how to use the Mod key via putty!
<Will_> hey all
<Guest98318> so i've got ubuntu LTS server installed to a virtualbox machine and installed LAMP and setup all that....however i think i've redirected my servers intial page from the /var/www folder to /home/user/public_html folder....what might i type to revert this?
<Will_w> so i've got ubuntu LTS server installed to a virtualbox machine and installed LAMP and setup all that....however i think i've redirected my servers intial page from the /var/www folder to /home/user/public_html folder....what might i type to revert this?
<Will_w> Sorry, name change ^^
<Will_w> i know for a fact its directing to /home/user/public_html      just did a test for it. how can i change it so the IP address when entered into the browser will direct to the /var/www director?
#ubuntu-server 2013-06-23
<Will_w> got it! sudo nano /etc/apache2/sites-available/mysite
<starsinmypockets> Something is voraciously consuming my filesystem's resources... I installed gkrellm (no display - just command line usage) and am looking for some wisdom regarding setting up some monitoring so that I can determine what beastie is crippling my server
<starsinmypockets> What I'm really after is a a good command to use gkrellm to output top disk io activity
<starsinmypockets> Also looking at sysstat / iostat
<GH0> I just did a motherboard and cpu swap, and unfortunately, I didn't change the Date and Time to UTC on the motherboard prior to this. Is there a way to update the date and time directly from a running system?
<Freze> hi all
<Freze> thinking about getting a vps for hosting a website
<Freze> is it a headache to maintain a ubuntu server  vs just using a managed web host service (which are cheaper)
<agu10^> what do you think of my site? http://potentialstudio.com/
<shankstaBytes> i setup a little testing server for web dev and i am trying to make HTTPS work
<shankstaBytes> anyone know of a good tutorial or some help?
<shankstaBytes> i just installed apache2 from the package manager
<Patrickdk> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/12.04/serverguide/C/
<vlad_starkov> Emergency Question: just changed disk in RAID1 in Ubuntu 12.04 Server. After that mdadm recovered new disk. After reboot the system does not load. Only blinking cursor appears. Is it possible that it needs to reconfigure GRUB?
<vlad_starkov> Emergency question: Could anyone look at this `boot-repair` output http://paste.ubuntu.com/5791662/ and point me why the system does not boot? (I changed failed HDD in RAID1 and after that the system does not boot)
<vlad_starkov> Emergency question: Could anyone look at this `boot-repair` output http://paste.ubuntu.com/5791662/ and point me why the system does not boot? (I changed failed HDD in RAID1 and after that the system does not boot)
<nerdcustoms> hello :D
<nerdcustoms> anyone willing to assist me in a possible apache config issue with ssl?  Getting 6 second load times
<lifeless> what makes you suspect ssl?
<nerdcustoms> well load times were only few hundred ms before I implemented it.
<nerdcustoms> and server usage is 90% idle with I access the site
<nerdcustoms> so not sure if config issue
<nerdcustoms> https://www.worldcoincentral.com
<lifeless> so, a quick look there shows everything is 'no-cache'
<lifeless> all your javascript and assets, as well as actual dynamic content
<lifeless> that will play havoc with performance
<nerdcustoms> so basically no content is caching?
<lifeless> http://redbot.org/?uri=https%3A%2F%2Fwww.worldcoincentral.com
<nerdcustoms> ooh that is a handle tool. Thank you
<nerdcustoms> so I need to enable caching on the server?
<lifeless> http://redbot.org/?uri=https%3A%2F%2Fwww.worldcoincentral.com%2Fthemes%2Fwdccentral%2Fmain.js
<lifeless> so, interestingly, some are cachable
<lifeless> I must have picked odd ones to look at
<nerdcustoms> hmm
<lifeless> anyhow, I would do the following to get a handle on perf
<lifeless> - check with a command line tool on a static page (like that js) to get a baseline including SSL handshake
<lifeless> if the SSL handshake itself is slow, that might be apache config/ssl cert config
<lifeless> if it's not slow, then it might be a front end thing - browser side - so break out chromium perf tools, or firebug or whatever, and see what a page load does and where the time is going
<nerdcustoms> Alright, ty for the assist. I'll see what I can find :D
<soren> win 24
<soren> doh
<orogor> hi
<orogor> gpt partition has to be fat32 /fat16 ?
<orogor> or can it be ext3 ?
<RoyK> orogor: you can have any type of partitions on gpt, just like mbr
<orogor> hum
<orogor> bbl
<ThothCastel> I amd getting the following error when adding an LDIF file to an ldap server : ldap_add: Server is unwilling to perform (53)  additional info: no global superior knowledge
<ThothCastel> help pls
<sw> Hi, what's the command to fix this error? http://pastebin.com/PLX6gJ4p
<andol> sw: Unless I miss-read that you have a LANG environment refering to a locale not installed on the system, perhaps due to ssh passing it along from your work station. In most cases that is a harmless issue.
<andol> sw: Instead of LANG=GB you might want to go with LANG=en_GB.UTF-8
<sw> andol: Where is that set?
<BlackmanOMG> ave spec
<BlackmanOMG> hi is this #nigga chat ?
<RoyK> what?
<BlackmanOMG> 5
<BlackmanOMG> t
<BlackmanOMG> it67
<BlackmanOMG> o56
<BlackmanOMG> o5
<BlackmanOMG>  can i ask something im very confused...black people cum in black colour or white colour???????????????????
<BlackmanOMG>  can i ask something im very confused...black people cum in black colour or white colour?? OR IS IT THE BLACK SHIT MIXED IN THE CUM??????????????????????
<BlackmanOMG>  can i ask something im very confused...black people cum in black colour or white colour?? OR IS IT THE BLACK SHIT MIXED IN THE CUM??????????????????????
<kuwe> neuling in sachen ubuntu server (12.04) - suche sehr grundlegende howto zum einrichten eines jabberd2 servers - ist mir zu helfen :-)
<yakster> anyone here good with autofs?
<chinny> Hi all - am hoping someone can help me. I have an issue with intermediate cert and apache ssl config. IE and chrome work fine but firefox is missing the intermediate cert. I thought the config was correct and have specified the intermediate cert with SSLCertificateChainFile. Running openssl s_client -connect server.tld:443 -showcerts fails but if I add -CAPath /etc/ssl/certs/ it passes.
<chinny> anyone able to help me with an apache2 question?
<shankstaBytes> how can i setup a ftp account for a specific directory?
<shankstaBytes> is there a good gui for that?
<shankstaBytes> if not a tutorial?
#ubuntu-server 2014-06-16
<IbnSaeed> is it proper method of learning iptables, via setting up MAAS in ubuntu 14 server inside a VM ?
<Pupeno> What' the appropriate way of mounting volumes that require net access in Ubuntu and thus, cannot be automatically mounted at boot time?
<jamespage> coreycb, zul: all uploaded apart from keystone (still running unit tests) and nova (pending zul actions)
<med_> jamespage, is there an SRU bug (or something similar) for OpenStack 2014.1.1 ? And is that going into Trusty proper or will the UCA be created for it?
<jamespage> med_, bug https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1328134
<uvirtbot> Launchpad bug 1328134 in nova "[SRU] packaging for openstack icehouse 2014.1.1 release" [Undecided,New]
<jamespage> med_, no UCA for trusty - this goes in as an SRU
<jamespage> med_, just pending the last few uploads today and we'll get it acked into -proposed
<med_> nod
<med_> I misread the tail of that bug, looked like everything was marked invalid
<med_> and thanks james. Much appreciated.
<med_> and thanks zul (didn't think you'd be on yet)
<caribou> jamespage: would you eventually have time to review http://bugs.launchpad.net/bugs/1313602
<uvirtbot> Launchpad bug 1313602 in nova-cloud-controller "Nova-cloud-controller charms failed to sync ssh keys between compute nodes" [Undecided,In progress]
<caribou> jamespage: you or someone else that does openstack charming
<jamespage> caribou, sure - not sure why is not in the review queue.
<jamespage> caribou, that bug has no linked branches?
<caribou> jamespage: yeah, I noticed that
<pmatulis> morning
<caribou> jamespage: let me dig the MP for you
<jamespage> caribou, can you link the branches to that bug report and set the merges back to ready for review.
<caribou> jamespage: sure; I'm just surprized that the LP: #bug in the changelog did go unnoticed by launchpad
<caribou> jamespage: I put the status to 'resubmit' by mistake. How can I get them back to 'ready for review'. By resubmitting them ?
<jamespage> caribou, URL?
<caribou> jamespage: https://code.launchpad.net/~louis-bouchard/charms/precise/nova-compute/lp1313602-multiline-known-hosts/+merge/218440
<caribou> jamespage: and https://code.launchpad.net/~louis-bouchard/charms/precise/nova-cloud-controller/lp1313602-multiline-known-hosts/+merge/218442
<jamespage> caribou, hmm - that looks OK
<Voyage>  whats the limit of concurrent connections of one 64 core CPU server machine? whats the bottle neck? 64 core processor cpu and 2 TB ram.
<OpenTokix> Voyage: for what?
<jamespage> Voyage, by default probably 1024 - the open file descriptor limit is low by default which constrains  the amount of network connections a single process can support
<jamespage> note that is for 1 process
<OpenTokix> jamespage: but that is a software limit, the question is regarding hardware.
<jamespage> OpenTokix, in which case the answer is it depends on what sofware you are running
<OpenTokix> Voyage: if it has a 1Gbps interface and the packets are on ethernet frame per client, around 60k connections, since the 1GBps will top out at about 120kpps (x10 for 10GE)
<OpenTokix> jamespage: yes =) as I asked "for what?"
<jamespage> OpenTokix, indeed :-)
<jamespage> OpenTokix, by open fd limit is always pretty much the first bottleneck unless the software is really crappy :-)
<OpenTokix> jamespage: indeed it is
<OpenTokix> jamespage: and it is also very very traffic dependend where the bottle neck is
<jamespage> indeed
<jamespage> I love 'it depends' answers :-)
<OpenTokix> =)
<OpenTokix> It always do
<OpenTokix> I have seen some really weird bottlenecks on high volume stuff
<OpenTokix> Like running out of source ports for instance
<jamespage> indeed - I reckon the best answer is really to configure, test, see what breaks, re-configure....
<OpenTokix> with a 3s fin_timeout =)
<jamespage> of course generating that sort of load does become tricky
<OpenTokix> impossible to benchmark
<OpenTokix> btw. =)
<OpenTokix> The biggest houses for benchmarking can only muster up about 5000 unique hosts
<jamespage> OpenTokix, that sounds expensive but 100% correct
<jamespage> OpenTokix, I used to use a Testing and as Service product that ran from ec2 - but that did not go that large
<jamespage> 100's
<OpenTokix> jamespage: crazy expensive between 10-50k dollar for one test
<jamespage> OpenTokix, esp when someone forgets to bump the ulimit and you hit the wall fast!
<OpenTokix> jamespage: Ec2 is to slow for the stuff I was testing
<OpenTokix> jamespage: I designed the system we tested, and I didnt forget =)
<OpenTokix> jamespage: handled about 3 billion requsts/day from millions of ips
<jamespage> OpenTokix, awesome
<OpenTokix> it was =)
<OpenTokix> Then the company got aquired by idiots and I left =)
<OpenTokix> jamespage: and needless to say, their availability is going down =)
<Voyage> jamespage,  so normally, whats the max no. of connections that reasonable powerfull servers reach?
<jamespage> Voyage, it really does depend on what you are actually doing on it
<Voyage> OpenTokix,  the  60k connections is not the limit on server side. correct? its on client side ( which is ofcourse never reached)
<Voyage> OpenTokix,  a server can have more than  60k connections concurrently. right?
<Voyage> OpenTokix,  the file descriptior limit can be customized to be more than  millions. no?
<Voyage> jamespage,  web server. apache or apache tomcat..
<OpenTokix> Voyage: on a single 1Gbps nic you have a limit of about 120kpps
<OpenTokix> Voyage: generally
<OpenTokix> Voyage: you can do some tweaks, if know _a lot_ of your traffic to reach higher
<OpenTokix> (at the cost of latency)
<Voyage> ignore latency
<OpenTokix> You cant get a 1G much higher then 120kpps
<OpenTokix> for internet traffic
<droven> Ø¹Ø§ÙØ² Ø²Ø¨ ÙÙ Ø§ÙØ²ÙØ§Ø²ÙÙ
<cfhowlett> droven in English please
<droven> Ø¹Ø§ÙØ² Ø²Ø¨ ÙÙ Ø§ÙØ²ÙØ§Ø²ÙÙ
<cfhowlett> !english|droven
<ubottu> droven: The main Ubuntu channels require that you speak in calm, polite English. For other languages, please visit https://wiki.ubuntu.com/IRC/ChannelList
<droven> Ø¹Ø§ÙØ² Ø²Ø¨ ÙÙ Ø§ÙØ²ÙØ§Ø²ÙÙ
<davidparker> Hi everyone! I have a low-traffic website, audio streaming, archiving, and file serving needs to accomplish, and I have two computers to do it. Should I install ubuntu server on both of them, using one as backup? Or should I use MAAS? My needs are not complex so using a cloud-style elastic architecture is probably overkill, right? I want to use Juju to set up my stack, though. Thanks!
<remix_tj> davidparker: maybe you need only an active/passive cluster?
<remix_tj> davidparker: something like this http://www.thomas-krenn.com/en/wiki/HA_Cluster_with_Linux_Containers_based_on_Heartbeat,_Pacemaker,_DRBD_and_LXC
<rbasak> davidparker: if you want to use Juju in your stack, and you have two computers, then I think your options are: separate local environments on each computer, one manual provider environment covering both, or MAAS. For two machines, MAAS is overkill I think. I'd probably go with the manual provider.
<rbasak> davidparker: I suggest that you use the juju stable PPA for now. I'm working on getting the latest updates to Trusty, and making that happen faster. But right now the PPA is the best option.
<davidparker> Is using Juju also overkill? I've installed ubuntu server with the following packages: apache, PHP, MySQL, DNS server, OpenSSH, etc. So if that's all I'm using, plus some audio specific stuff like Rotter and LiquidSoap, then why use Juju? I've already got all the software I need on ubuntu server.
<davidparker> Then I could just use the second computer as a RAID, or some type of backup.
<hallyn> zul: all right, let's get some libvirt 1.2.5 up in this utopic.  (i wanna finish the cgmanager patch against it)  are you working on it right now?  (if not i'll take a look)
<zul> hallyn:  please have a look
<hallyn> k
<DenBeiren> what would be the easy way to change locale to belgium / dutch layout truough cli?
<rbasak> DenBeiren: LANG is usually set in /etc/default/locale. Older releases used /etc/environment
<rbasak> DenBeiren: not sure about keyboard though, sorry.
<rbasak> "sudo dpkg-reconfigure console-setup" maybe. I'm not sure if that's still used.
<rbasak> Maybe /etc/default/keyboard as provided by the keyboard-configuration pacakge.
<rbasak> The loadkeys command will change things immediately for you on a VT if you need it updated without a reboot.
<rbasak> No idea about X.
<superboot> Hi all. I've got a mdadm RAID-10 array, and want to upgrade the os to a new version with a freash install. Can I just copy the /etc/mdadm/mdadm.conf to the new install, and start/mount the array?
<tgm4883> Generally speaking, shouldn't iSCSI be faster than NFS? I've been doing some testing, and I'm getting better performance to NFS. Is my thinking backwards?
<superboot> Meaning your tests are showing that NFS is faster? (for clarification for the group)
<tgm4883> exactly
<tgm4883> I've been using IOMeter for testing
<tgm4883> I'm getting higher IOPS and more throughput
<tgm4883> Tests consisting of SAN storage mounted from a QNAP on a ESXi host using both iSCSI and NFS (two different volumes). Virtual machine on each of the storage running IOMeter
<superboot> Sorry, I don't have any experiance with iSCSI.
<superboot> I'm sure there is someone in the channel that does.
<RoyK> tgm4883: sync writes to NFS should be slower than writes to iSCSI, but NFS also support async writes, meaning the writes are buffered (at the VFS layer IIRC)
<RoyK> iSCSI is always sync on the block level
<RoyK> (but then, the filesystem (or VFS?) should do some caching anyway)
<RoyK> tgm4883: how do you compare these two? what sort of NFS server? what filesystem on top of the iSCSI thing?
<RoyK> and btw, for iSCSI, you should use jumboframes
<RoyK> tgm4883: standard 1500 byte frames will generate rather a lot of tiny frames where you want network stacks and switches to be more happy with 9000b jumboframes
<RoyK> tgm4883: but please describe your infrastructure, network etc
<tgm4883> RoyK: The SAN is a QNAP server, I believe uses NFSv3. The filesystem on the iSCSI mount is VMFS5. I'm not currently using jumbo frames, but I'll check with my networking team to ensure that is possible. I'd also have to check with them to see what switches we're using, I know we have a combination of Cisco and Brocade/Foundry.
<tgm4883> I'm comparing them by running IOMeter on a Ubuntu 14.04 VM. I have it located on one type of storage, run the test, then use vmotion to move it to the other storage and test again
<RoyK> guess all switches produced the latest 10 years or so, should support jumboframes
<RoyK> not necessarily enabled in the config, though
<tgm4883> yea, I wouldn't be surprised if it's not enabled
<RoyK> but.. do I understand you correctly? Are you comparing vmfs5 on iscsi with nfs on a linux vm?
<RoyK> if so, that's not quite fair
<tgm4883> not exactly. both are mounted directly on the ESXi server. VMFS5 on iSCSI, NFS3 (for NFS).
<tgm4883> Both are mounted on the ESXi server, not on the IOMeter client
<RoyK> not sure, then - we're using iSCSI for most stuff on ESXi (Dell Equallogic storage)
<RoyK> those boxes just support direct block access anyway
<RoyK> tgm4883: what sort of QNAP thing? The QNAPs I've used, just use linux and software RAID/LVM
<RoyK> tgm4883: nothing wrong with that, though...
<RoyK> tgm4883: btw, check output of 'ifconfig' on that QNAP thing - check the MTU
<tgm4883> RoyK: it's a TS-EC1279U-RP
<tgm4883> MTU's at 1500 in the web interface
<RoyK> k
<tgm4883> I'll check with our networking team on the switches, they are in a meeting rightnow
<RoyK> ok
<tgm4883> Wiring wise, the ESXi hosts have dual 1Gbit links to the switch, the QNAP has 4 - 1 Gbit links to the switch in LACP config
<RoyK> tgm4883: not sure if it's relevant, but we don't use LACP in our setups - we use quad 1G links to the EQL storage with multipath
<RoyK> LACP proabably don't scale as well as iSCSI multipath
<RoyK> especially with few hosts
<RoyK> how many ESXi hosts?
<tgm4883> Which EQL?
<RoyK> EQL as in EqualLogic - we have a few
<RoyK> from large/slowish ones to small/fast ones (15k in raid1-0)
<tgm4883> So a bit more about our environment, I'm testing the QNAP for another team, so it's only got one host attached to it. We've got 7 hosts connected to our EQL ps4100. I recently removed our PS6000x as it's pretty small storage and performance wasn't great when I tested it
<tgm4883> I'm not 100% sure that my predecessor had any of this tuned for anything, and AFAIK there was no performance testing done on any of this
<RoyK> with a single iSCSI connection, you'll probably only get 1Gbps throughput because of how LACP works
<RoyK> depending on setup, though
<lordievader> Good evening.
<tgm4883> RoyK: our 10k EQL was barely outperforming the QNAP in these IOMeter tests
<tgm4883> Then again, I'm not 100% I like any of these IOps numbers I'm getting compared to what sales is telling me on the new SANs they want me to buy
<RoyK> thesheff17: doesn't surprise me, but then, EQL have some nifty features for moving volumes around easily. Still wouldn't recommend them. We're looking at Compellent now to see if that can replace what we're using now
<RoyK> Dell's talking about allowing replication between EQL and Compellent soon (Q2 2015 or so), which could mean we can use the current hardware for the DR site
<RoyK> Compellent looks a *lot* better, albeit a bit more expensive at first
<tgm4883> RoyK: yea there was some fancy auto-management between the two SANs when I had both in production, but it was renewal time and I didn't feel like paying $4K for 6TB of storage when performance was so bad
<RoyK> lol
<RoyK> it's rather convenient to be able to upgrade a controller at a time, though, something you can't do with things like a QNAP or some homebrew ZFS-setup
<tgm4883> true, although we have blackout days every quarter that we can take any system down we need to work on
<tgm4883> but yea, that is pretty convenient to work on
<RoyK> *days*?
<tgm4883> sorry, just 1 blackout sunday
<tgm4883> 4 per year
<RoyK> ok
<RoyK> that's convenient
<tgm4883> yea it's a carryover from the bad old days
<tgm4883> mostly we don't need to take stuff down anymore because everything is so redundant
<RoyK> another thing that's rather annoying with EQL is that its controllers are active/standby, not active/active
<bcsaller> This is an odd one, I'm sprinting on location and our partner here is seeing an odd case as they spin up VMs. Under high network load when they bring up a container with a previously used IP but a changed MAC address the ARP cache seems to persist long enough that they lose traffic. This isn't something they were seeing under Lucid but are now seeing as they transition to Trusty. Anyone seen something like this?
<Chiarot> Question for you guys, I have a ubuntu server that is doing DHCP, I'd like to add a PXE server into my network as well, what would I add into the dhcpd.conf to ensure it points to the correct box for pxe?
<lordievader> Chiarot: filename "pxelinux.0"; and probably "next-server".
<Hornet> evening
<Hornet> sort of hybrid issue here; having 'fun' getting my sshfs mount to behave as expected
<Hornet> a mv command as the remote user in terminal, works, but sshfs gets operation not permitted errors
<Hornet> everything has correct rights
<Hornet> only possible cause I can think of is the move is between two physical remote drives
<Hornet> but both in the same box
<Hornet> any insights much appreciated
<sarnold> Hornet: seems like you're not alone, at least one other person reported cross-mount moves don't work through sshfs: http://ubuntuforums.org/showthread.php?t=2124058
<sarnold> (as much I dislike forum-based research, this one seems clueful :)
<Hornet> sarnold: already seen that, but thanks
<Hornet> I need to get sshfs working as I need transparent access so that file utilities can work, I don't just want to use gui file managers
<sarnold> Hornet: you could use multiple sshfs mounts, one per underlying filesystem
<sarnold> Hornet: then your local 'mv' command would recognize the situation correctly and perform the copy + unlink exactly as it should
<Hornet> considered it, it'd break smart transfers, eg it'd download from the server then upload again
<Hornet> rather than just moving on the host
<sarnold> to be honest, I can't expect any networked filesystem to get that correct
<Hornet> sshfs does
<sarnold> I thought you were here because it doesn't get it correct?
<Hornet> if I move the files to the destination, or close to it, and do mass complex renames, it does it instantly
<Hornet> it just can't move things from the original source correctly
<Hornet> which is the crux of the matter
<Hornet> we're talking about 60gb of files presently
<Hornet> will vary wildly per use case though
<Hornet> eg, on the server, /volatile represents a single 1tb drive in the box
<Hornet> the main filesystem is a 6tb raid array
<Hornet> if I try to use sshfs to move files from /volatile to /home it screws the proverbial pooch
<Hornet> but if I move the files there first with mv, then do my mass renaming in situ, it works
<Hornet> this is basically bug territory, but sshfs are -glacial- at fixing things
<sarnold> and this one would take a fair amount of fiddling to get right
<Hornet> sftp seems to bypass the issue
<Hornet> but when you look into sftp and fuse, guess where you end up?
<Hornet> sshfs
<hacktron> any advise would be much appreciated... I have an ubuntu server that as far as I know is working fine.. Hosting apkapps.com there. But after going for about a week with no reboot the site will timeout until I reboot again. that is one issue.
<hacktron> the other is I cannot access from any device within my office work network
<hacktron> currently it just times out
<Hornet> latter sounds like router/firewall issues
<Hornet> former, god knows
<sarnold> but with an sftp, at least you -know- that your moves aren't necessarily atomic; when 'source' and 'destination' are both on the same filesystem mount point, you'd expect a rename() system call to be atomic, but sshfs cannot provide that gaurantee if it does system(mv) behind the scenes. I wonder what would break if they implemented it.
<Hornet> sarnold, I've tried the classic workaround=rename, no luck there
<Hornet> first thing I tried
<sarnold> hacktron: from the internal systems, look up apkapps.com -- I suspect you're getting an external IP, one that the internal machines can't route to.
<hacktron> well I can access other pages on the server just not the apkapps.com site
<hacktron> for example the ip for the server is 173.55.24.67
<hacktron> if I type that directly I will get the page being served
<hacktron> but if I go to 173.55.24.67/apkapps/apk which is where the site is being help it timeout
<hacktron> apkapps.com just points to that location
<hallyn> zul: hm, so libvirt virstoragetest is hanging in buildds on:   cmd = virCommandNewArgList(qemuimg, "create", "-f", "qcow2", NULL);
<hacktron> that is how I currently have it setup, not sure if that is correct
<hallyn>     virCommandAddArgFormat(cmd, "-obacking_file=raw,backing_fmt=raw%s",
<hallyn>                            compat ? ",compat=0.10" : "");
<hallyn>     virCommandAddArg(cmd, "qcow2");
<sarnold> hacktron: does apkapps.com configuration or code do any hostname logging rather than IP logging?
<hacktron> in apache2 config file is setup with hostname to point to directory,
<Hornet> slight tangent to prior issue, what's the sanest way to move many files via a mv command?  I've tried command line substition but that seemed to not work
<hacktron> not sure if that is what you are asking about.
<sarnold> Hornet: I often put together pretty hacky shell commands: cd source/ ; for f in *foo* ; do mv $f ../destination/ ; done
<Hornet> ah, of course
<sarnold> hacktron: heh, not really; sometimes log files are set to log hostnames instead of IP addresses; that's usually a bad idea because (a) anyone can set reverse dns to anything they want (b) when there are timeouts resolving names, odd things can happen.
<Hornet> would have to make a comprehesive list though, the files are awkwardly named
<sarnold> Hornet: the "string operations" here are sometimes useful for making similar for loops when things get worse: http://tldp.org/LDP/abs/html/refcards.html
<Hornet> noted, thanks
<hacktron> sarnold__: do you have a resource that can help me setup correctly, I just followed this http://httpd.apache.org/docs/2.2/vhosts/name-based.html
<sarnold> hacktron: sorry, that's the same guide (or the 2.4 version) I use when trying to figure my way around apache. :/
<hacktron> sarnold__: ok thanks..so make sure its logging ip address not hostname?
<sarnold> hacktron: rather the other way around -- logging hostnames rather than IPs. (This is not common.)
<hacktron> ok tyvm
#ubuntu-server 2014-06-17
<zul> hallyn:  disable the test :)
<lexbanks1985> hey guys... lookin for some help here
<Macer> in case someone was wondering about ssds... heh...
<Macer> http://techreport.com/review/26523/the-ssd-endurance-experiment-casualties-on-the-way-to-a-petabyte
<Macer> makes me wonder if SSDs can easily outlast platters in servers nowadays
<`ajven> hi im looking for command pear what package i need to install to use it ?
<`ajven> its php-pear maybe ?
<cfhowlett> !info pear
<ubottu> Package pear does not exist in trusty
<Ajven_> !info zsh
<ubottu> zsh (source: zsh): shell with lots of features. In component main, is optional. Version 5.0.2-3ubuntu6 (trusty), package size 550 kB, installed size 1612 kB
<lkthomas> does anyone know how does preseed work with partman ?
<pmatulis> morning
<hallyn_> zul: ok so i'm skipping the *(&$%* test and pkg built at https://launchpad.net/~serge-hallyn/+archive/libvirt-host-upstart-fix . running qa regression tests now, then i'll push to utopic
<zul> hallyn_:  coolio :)
<hallyn_> zul: so.. uh.  i should call it 1.2.5-0ubuntu1  right? :)  or dod something happen with the archive that i don't know about?
<zul> yep
<zul> thats right
<hallyn_> (will take a bit longer to get the qrt running, not ready to push yet)
<hallyn_> ok thanks
<zul> ack
<hallyn_> zul: feh    2014-06-17 14:20:28.044+0000: 14370: error : AppArmorGenSecurityLabel:457 : internal error: cannot load AppArmor profile 'libvirt-19f903d3-56b
<hallyn_> 8-493e-b255-8dce9c953da6'
<zul> 1.2.5?
<hallyn_> zul: yeah.  something there's broken
<hallyn_> heh, tons of old patches in there, had to do a for f in debian/patches/*; do f=`basename $f`; if [ $f != "series" ]; then grep -q $f debian/patches/series || rm debian/patches/$f; fi; done
<hallyn_> but i assume this is broken upstream
<jdstrand> zul: do you have any idea how to boot from a ceph volume on essex? I've tried what feels like a hundred things
<jdstrand> (dd, rsync/grub-install, qemu-img convert, variations on all of it...)
<jdstrand> zul: nm
<hallyn_> zul: jdstrand: feh, commit 43c030f046932b728fcfd2c3dd5fe5f01b707df4 LXC driver: generate apparmor profiles for guests looks like it broke kvm apparmor
<zul> hallyn_:  qualtity testing that upstream has
<jdstrand> hallyn_: that has:
<jdstrand>  profile LIBVIRT_TEMPLATE {
<jdstrand> -  #include <abstractions/libvirt-qemu>
<jdstrand> +  #include <abstractions/libvirt-driver>
<jdstrand>  }
<jdstrand> could it be as simple as updating what we ship?
<hallyn_> it could be, still looking.  why on earth call it 'libvirt-driver' though?  when the lxc one is libvirt-lxc?
<hallyn_> that looks liek somethign was broken in the author's setup and he did a quick fix
<jdstrand> the 'libvirt-driver' is the abstraction that all profiles will include
<hallyn_> jdstrand: thanks for the pointer, that's simpler than i'd hoped :)  testing
<jdstrand> tbh, it should probably be separate for VMs and containers
<hallyn_> i owe you one :)
<doge_wow> I would like to know: is it possible (and wise) to upgrade Ubuntu Server to a major version with a remote SSH connection? For many operating systems it is recommended to do a clean install.
<genii> doge_wow: In worst-case that it fails, do you have some way back into the machine remotely, like a KVM over IP switch, etc?
<doge_wow> genii: yes, I can drive to the server center, about an hour's drive from here.
<genii> doge_wow: In that case, it is probably fairly safe to attempt, with do-release-upgrade
<genii> ordering lunch, afk
<hallyn_> zul: jdstrand: with that qrt passes, so pushing to utopic, we can proceed from there
<zul> hallyn_:  yay!
<jdstrand> hallyn_: ah, good. though, I'm thinking that the libvirt-driver abstraction is probably the wrong way to go about it. qemu VMs will certainly need different accesses than containers. Seems to me would be the way to go is continue to have libvirt-qemu and then have a separate libvirt-lxc. the adjust virt-aa-helper.c to use one or the other based on the driver. then we ship both abstractions
<jdstrand> hallyn_: I don't think that needs to be fixed in this upload per se, but worth thinking about
<jdstrand> hallyn_: if you look in /etc/apparmor.d/abstractions/libvirt-qemu, you'll see what I mean (why give the container profile ix on /usr/bin/qemu-system-*, for example)
<hallyn_> jdstrand: yeah, I agree, that's why the commonization seemed strange to me.  I imagine that in the next few months we'll be seriously wanting apparmor in libvirt containers and that'll be a good time to address that
<hallyn_> (right now there are bigger fish to fry :)
<hallyn_> s/bigger/other/
<jcastro> jamespage, where can I wishlist a feature for the openstack charms?
<jcastro> http://openstack.prov12n.com/openstack-lumberjack-part-3-logstash-and-kibana/
<jcastro> we have all of these components charmed, I think having an interface for this would be <3
<zul> jcastro:  everytime i see java i cringe
<jamespage> jcastro, awesome
<jcastro> you won't care, I have a charm (handwave)
<jamespage> just raise a bug against the nova-cc charm
<jcastro> ta
<lordievader> Good evening.
<jdstrand> hallyn_: fyi, I file bug #1331081
<uvirtbot> Launchpad bug 1331081 in libvirt "please split libvirt-driver apparmor abstraction for qemu and containers" [Undecided,New] https://launchpad.net/bugs/1331081
<jdstrand> filed*
<jdstrand> IMO, this should be fixed for 14.10
 * hallyn_ makes no comment
<shrikant> is any one faceing problem network card ,i am getting ip address from dhcp server but not able to ping to any network
<RoyK> shrikant: can you ping machines on the same network, such as the dhcp server?
<RoyK> (which usually is on the same network :P)
<shrikant> hey , how are you
<shrikant> i am not able to ping even gateway
<shrikant> brb
<stickystyle> Does anyone have information about the execution order of cloud-init? Like what is the order that it evalulates the commands in the user-data file?
<robsparker> Trying to install ubuntu server 14.04 and it has been stuck at 'Configuring systemd-services' for several hours and there is no longer any apparent disk activity.  Any ideas?
<sarnold> robsparker: can you get another virtual console with control+alt+f1 or f2 etc?
<sarnold> robsparker: if so, is 'ubuntu-bug' available? :) It'd be nice to get a bug report about that
<doge_wow> genii: so, you're saying it's not a 100% water proof to upgrade to a major version by SSH? What makes it not entirely 100% safe? BTW, u finished lunch already?
<genii> doge_wow: It's just that because you never know what custom things someone has done to their server may break an upgrade. Like a PPA that was added, or a piece of software was recompiled, or permissions on a system folder were altered, etc. But for the most part on a stock system with stock repositories and apps it's safe.
<doge_wow> genii: this system has not yet been build. I am planning to install an operating system on this server which can be upgraded on-the-fly, remote with an SSH connection. Is this feature to upgrade major versions remotely officially supported by Ubuntu Server or is it safe "because there are rarely any complaints due to major upgrades"?
<genii> doge_wow: If you are running a stock Server then LTS to LTS upgrades are fully and officially supported.
<doge_wow> genii: what do you mean by stock Server?
<dasjoe> doge_wow: see https://help.ubuntu.com/14.04/serverguide/installing-upgrading.html
<genii> doge_wow: By stock, i mean that you have not added any PPAs to the system, not running any software that you compiled yourself manually, not altered any of the default system permissions, and so on.
<genii> Basically a vanilla install with whatever apps you needed got installed from the standard Ubuntu repositories
<sarnold> self-compiled stuff will usually not affect much, but ppas can be finicky.
<doge_wow> genii: what are PPA's? I never heard about that before.
<genii> !ppa
<ubottu> A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<dasjoe> sarnold: as long as nobody does stuff like "sudo gcc -o /sbin/init hello-world.c" ;)
<genii> sarnold: If they are put somewhere like /opt or /usr/local not normally an issue, I agree. But some people replace the system binaries with their own stuff on occasion
<doge_wow> genii: oic... please correct me if I'm wrong. An OS like Ubuntu Server has many dependencies because it has many automated features, meaning if you tamper with it too much (too many custom changes, compile your own software etc) then a major upgrade cannot be guaranteed 100%. But an OS like Slackware which has little automated features (bare) can be manually tweaked much more and still be able to guarantee major upgrades remotely. Is this th
<sarnold> dasjoe,genii, hehe, yeah. caveat compiler? :)
<doge_wow> dasjoe: yeah, thnx for the link, I read it.
<genii> doge_wow: I can't speak for Slackware.
<doge_wow> genii: oki, thnx for your help though. I learned something :)
<xibalba> i need a rsyslog example of taking syslog from a specific host and dumping it to a single file
#ubuntu-server 2014-06-18
<sander^work> Anyone know why I get: nfsstat: Error: No Client Stats (/proc/net/rpc/nfs: No such file or directory). after an distro upgrade?
<sander^work> and also nfs mounts wont mount, it says nfs.statd is not installed.
<lkthomas> hey guys
<lkthomas> anyone using preseed to set static ip ?
<kaitanya> http://paste.ubuntu.com/7662598/
<kaitanya> problem with locales http://paste.ubuntu.com/7662598/
<bluefrog> kaitanya, que donne sudo update-locale
<kaitanya> bluefrog: no luck, cannot change locale
<bluefrog> sudo apt-get install locales
<bluefrog> et refais ton binz aprÃ¨s pour voir
<kaitanya> bluefrog: have tingled with this one on #ubuntu but no luck even there
<bluefrog> kaitanya, 14.04? âªvient d'Ãªtre installÃ©?
<kaitanya> bluefrog: 14.04 LTS en_GB.UTF-8 is working but no scandinavian or utf-8 chars on irssi
<bluefrog> ÏÎµÏÏ
<bluefrog> ah irssi, pardon
<kaitanya> can see them from my regular shell, just typing scands or <EUR> makes the screen go messed and everything is unusable
<bluefrog> kaitanya, lis Ã§a pour voir http://xkr47.outerspace.dyndns.org/howtos/irssi-utf-8-guide.txt
<kaitanya> bluefrog: irssi and screen are working. the problem is with ubuntu's locales
<lkthomas> looks like netcfg have bugs to make interface always run on dhcp
<sync0pate> morning everyone
<sync0pate> I've unfortunately been tasked with configuring and securing a ubuntu server, is there a handy checklist of things I should've checked?
<sync0pate> (server is just for web server)
<sync0pate> so far I've done updates, fail2ban, firewall, disabled ssh password auth and set to keys only..
<OpenTokix> sync0pate: do you filter outgoing?
<sync0pate> OpenTokix, I'm not sure, should I?
<sync0pate> I don't think so
<sync0pate> I think I need some outgoing connections
<OpenTokix> sync0pate: yes
<OpenTokix> sync0pate: but only those you specify
<lordievader> sync0pate: It makes a reverse remote shell more difficult ;)
<sync0pate> so I should limit outgoing to just the connections I need?
<sync0pate> which will be ssh, web, mail..
<lordievader> Don't forget DNS.
<sync0pate> !!
<sync0pate> (this is why I've not filtered it! :D)
<sync0pate> thanks
<lordievader> And maybe whois, if you want fail2ban to mail the whois info.
<sync0pate> yeah
<sync0pate> at the moment I'm just using ufw, is that good enough?
<sync0pate> it's a frontend to iptables right?
<sync0pate> goddammit, and now I've locked myself out
<sync0pate> haha
<sync0pate> well, better now than later
<Tazmain> hi all I have a few cron jobs setup but it does not seem they are running how can I check to see if they are working or of cron is running them ?
<remix_tj> sync0pate: knockd for avoiding to lock out when configuring firewall :-)
<remix_tj> Tazmain: look on /var/log/syslog
<remix_tj> sync0pate: https://help.ubuntu.com/community/PortKnocking
<sync0pate> yeah cheers remix_tj :)
<sync0pate> little late, but thanks :D
<sync0pate> I've used a cron job before to turn it off every 10 minutes while I'm configuring
<Tazmain> remix_tj, My syslog seems empty nothing related to any erros.
<Tazmain> remix_tj, all I see is anacron[59202]: Job `cron.daily' terminated
<remix_tj> sync0pate: yeah but you can't accept lockout when in production
<sync0pate> yeah cheers remix_tj , it's a handy thing to know, thankyou
<sync0pate> right now I'm trying to get the fucking IT guy to allow me access to the recovery console or something
<Pupeno> How can I make some upstart services wait for a volume to be mounted before starting?
<histo> Pupeno: you could change the priority of the loading. I thought it was controlled by ##'s in the begining of the upstart scripts. You may have to man rc.d  or some of the upstart stuff.
<sync0pate> anyone recommend UK based ubuntu VPS?
<sync0pate> hosting
<lazyPower> sync0pate: is it being based in the UK a hard requirement? Digital Ocean has a really nice datacenter in amsterdam.
<sync0pate> not a hard requirement
<sync0pate> it's a preference
<sync0pate> but I'd prefer non-US companies
<sync0pate> if anyone knows any
<sync0pate> can someone explain the difference between puttin something in sudo crontab -e , or in /etc/crontab ?
<rbasak> sync0pate: /etc/crontab is the system crontab. "sudo crontab -e" edits the root user's crontab. You can use either, but note that the syntax for a system crontab is slightly different.
<rbasak> All users can see the system crontab, too. I find it more convenient to put stuff in there (I suggest /etc/crontab.d/local or something to make upgrades smoother)
<rbasak> Although puppet's cron resource uses the root user's crontab instead.
<sync0pate> so, there's nothing essentially wrong with using either?
<rbasak> Err.../etc/cron.d/local
<sync0pate> neither is deprecated or anything
<rbasak> Neither is deprecated. But the root user's crontab is more "hidden", which can be confusing. So I'd avoid it if possible.
<sync0pate> ok
<sync0pate> I don't think it matters to me that it's more "hidden", this is only a temporary thing
<sync0pate> for more permanent stuff I'll use the /etc/crontab
<sync0pate> wait, the /etc/cron.d
<sync0pate> that's just a directory for system cron files?
<sync0pate> so i can put anything in there and it'll run like /etc/crontab?
<sync0pate> and won't mess up on upgrades..
<sync0pate> is that right rbasak ?
<Arrick> hey all, I have a 12.04 server which hosts an internal training site.... Right now, one NIC (statis IP) is accepting traffic (it's the nic that is supposed to be for SAN use only) and my other nic (static IP) quit accepting traffic.... wont let me touch ssh, port 80 or anything through that IP.... Any ideas would be appreciated, I've verified the services are running by connecting to the IP addresses.
<Arrick> connecting to the ONE ip address that is.
<rbasak> sync0pate: correct. Packages drop files into /etc/cron.d to avoid having to edit /etc/crontab and confusing users on upgrade. So just make sure not to conflict by using a name that a package might drop in. I'd stick to "local", etc.
<rbasak> sync0pate: there may be some rules regarding ignoring filenames with punctuation in them. See the manpages for details. It's to avoid running editor backup files as jobs, etc.
<sync0pate> ok thansk
<sync0pate> *thanks
<Arrick> how do I activate eth0? when I try ifup eth0, it says RTNETLINK Answers: file exists, failed to bring up eth0
<Arrick> is that because it is static?
<zul> jamespage:  https://code.launchpad.net/~zulcss/nova/2014.1.1/+merge/223546
<sync0pate> anyone any idea what is going on with my firewall..
<sync0pate> it is not disrupting my current ssh connection
<sync0pate> but is disallowing new ones
<sync0pate> even though it is set to "ufw allow 22"
<Arrick> ok... I know that sdb1 is supposed to be mounted to /www but it is not showing up, anyone have any ideas on how to refresh it?
<sync0pate> ufw status gives no clues
<jdstrand> sync0pate: what is the output of 'ufw status'? (can you paste in paste.ubuntu.com?
<jdstrand> )
<sync0pate> jdstrand, ufw status gives no clues
<sync0pate> shows allow 22 and 80 from anywhere
<sync0pate> neither of which are working
<sync0pate> until I ufw disable
<sync0pate> that's all it shows
<sync0pate> http://paste.ubuntu.com/7663524/
<jdstrand> sync0pate: what is the output of '$ sudo /usr/share/ufw/check-requirements' (please paste in paste.ubuntu.com)
<sync0pate> jdstrand, http://paste.ubuntu.com/7663538/
<jdstrand> sync0pate: your kernel doesn't have everything ufw needs
<sync0pate> so.. what are my options?
<sync0pate> this is a vps
<jdstrand> sync0pate: talk to your vps and show them the output of that comand
<jdstrand> in the meantime, you probably need to use iptables directly
<sync0pate> OK thanks
<sync0pate> I've been putting off learning iptables
<sync0pate> for a long time
<sync0pate> I just want to switch to a different VPS :( nothing works on this one
<kaitanya> sync0pate: i have a cheap 2,5e/month vps, today started using so cant say anything for sure yet
<sync0pate> where's that from kaitanya ?
<sync0pate> jdstrand, response from the vps "Unfortunately we don't offer managed support for your OS/server. We only support Centos based servers at this time."
<sync0pate> this is not what I would consider "managed support" ... fucksake
<Arrick> sync0pate, back up your data, and then move over to 1and1.com or someone for a VPS.... cheaper, and more reliable, and much more responsive (I use them all the time for almost 200 sites)
<sync0pate> 1and1? really
<sync0pate> ?
<sync0pate> I've heard nothing but bad things about them in the past
<Arrick> I use them ALL the time.
<Arrick> in the past I would have said the same thing, but they have a new owner.
<Arrick> in the last 2 years things really turned around with them
<sync0pate> hmm I think I need to do some shopping around
<sync0pate> at the moment am using servint
<sync0pate> against my will
<histo> sync0pate: digital ocean
<sync0pate> histo, yeah, as a lot of people have said digital ocean are good
<jamespage> zul, nova looks good - please merge and upload!
<zul> jamespage:  ack
<Pupeno> sync0pate: linode, they have a datacenter in the uk.
<Pupeno> histo: which ## are you talking about?
<zul> jamespage:  nova testsuite is running fine again now
<jamespage> zul, yeah - I checked :-)
<zul> jamespage:  new dep though :(
<histo> Pupeno: http://serverfault.com/questions/193115/how-can-i-change-the-service-boot-order-in-ubuntu-server-10-04
<sync0pate> thanks Pupeno
<sync0pate> the person with the payment details is on holiday for a week
<sync0pate> when he's back I'll see if we can't switch
<sync0pate> I got it working for now, if anyone's interested
<sync0pate> using this: http://blog.kylemanna.com/linux/2013/04/26/ufw-vps/
<Pupeno> histo: that seems to be talking about systemv or however the system before upstart was called... there's a hint about how to do it with upstart in the second answer, but I'm still unsure how to prevent a service from starting if something is not mounted.
<rbasak> Pupeno: do you want "start on mounted MOUNTPOINT=..."? http://manpages.ubuntu.com/manpages/trusty/en/man7/mounted.7.html describes it.
<rbasak> You probably want to start on that and the event you're starting on already.
<Pupeno> Ah... yes... that sounds exactly what I want rbasak. Should I put all the start on... in separate lines?
<rbasak> Pupeno: I'm not sure I understand your question. Probably no - all on one line. But see http://upstart.ubuntu.com/cookbook/#start-on
<Pupeno> Thanks.
<Pupeno> Yeah, that answers my question.
<sync0pate> ok now I'm stumped
<sync0pate> I have a cron job to disable ufw every minute while I'm configuring
<sync0pate> /var/log/syslog shows the command is running, shows no errors
<sync0pate> but ufw is still enabled
<sync0pate> manually running "sudo ufw disable" works without issue
<hallyn> smb: bug 1326003, you have upload rights now?
<uvirtbot> Launchpad bug 1326003 in libvirt "apparmor prevents libvirt from running pygrub" [High,In progress] https://launchpad.net/bugs/1326003
<hallyn> i think that may be the last low-hanging fruit for utopic's libvirt, so i tmay be about time to sru to trusty
<smb> hallyn, Yeah I should. I though of uploading to utopic (at least first) but waited whether you have any comments
<smb> *thought
<hallyn> smb: nope lgtm
<hallyn> push away :)
<smb> hallyn, ack
<smb> :)
<rbasak> hallyn: does libcgroup need a merge? Ubuntu is on 0.38-1ubuntu1; Debian 0.41-2.
<histo> rbasak: debian what and ubuntu what?
<hallyn> rbasak: well noone should be using libcgroup...
<hallyn> until/unless someone ports it to cgmanager :)
<hallyn> which would be very useful for at least the boot-time setup and libpam hook
<Solution-X> anyone here do much with MAAS? I have a fresh install of 14.04 installed as MAAS controller that is being cranky and refuses to load the images. Installed OS, booted up, apt-upgrade, reboot, create MAAS user, login, click download images. Also tried "sudo maas-import-pxe-files" after as a backup and that completes but does not result in the webpage recognizing the images' existence
<Solution-X> checked celery.log and it doesnt spit any errors/warns
<rbasak> hallyn: so is that a "no need to merge"?
<rbasak> or just very low priority to merge, or what?
<hallyn> rbasak: it's a "needs to be done very carefully *and* is low priority."
<hallyn> i had bee working with jbernarnd on ways forward with libcgroup in the face of (a) the fundamental brokenness of the daemon model and (b) cgorup-lite, but then he had to bow out of maintaining the debian pkg
<rbasak> hallyn: OK, thanks!
<hallyn> rbasak: do you know someone (including yourself) who has time to play with it? :)
<rbasak> hallyn: no, sorry. I'm looking at a hundred or so packages that need merging!
<rbasak> My focus is just to prioritise the most important ones. From the sounds of it, this one needs to go at the bottom of the list.
<hallyn> rbasak: yeah fraid so, thanks
<hallyn> wasn't sure whethe ryou had someone asking about a feature :)
<Solution-X> Its been a while and we've had a few joins/quits so reposting...
<Solution-X> anyone here do much with MAAS? I have a fresh install of 14.04 installed as MAAS controller that is being cranky and refuses to load the images. Installed OS, booted up, apt-upgrade, reboot, create MAAS user, login, click download images. Also tried "sudo maas-import-pxe-files" after as a backup and that completes but does not result in the webpage recognizing the images' existence. Also
<Solution-X> checked celery.log and it doesnt spit any errors/warns.
<jhobbs> Solution-X: there is #maas too
<Solution-X> thanks, ill post in there and see if we can figure it out in there
<thesheff17> anyone know how to restart the networking for lxc containers....I modified /etc/default/lxc-net but I can't seem to have the lxc containers pick up the new settings...
<thesheff17> on ubuntu 12.04 there are /etc/init.d/lxc and lxc-net but ubuntu 14.04 didn't seem to get these files
<thesheff17> it finally worked killing the dnsmasq service and service lxc-net restart
<zartoosh> Hi I would like to install ubuntu 14.04 on my system and boot in UEFI mode. Using official ubuntu 14.04 dvd I failed. I know my BIOS is UEFI enabled and secure boot is enabled. I need reference how to install and how to verify I am in UEFI mode? thx
<pmatulis> LXC people, what am i missing on this trusty host?  i'm trying to set up an alternative directory for my containers ==> http://paste.ubuntu.com/7664718/
<pmatulis> i have this working on another trusty host but i can't find any difference in configuration, albeit i set this one up a while ago
<pmatulis> ah.  i need to use 'sudo' for lxc-ls (without -P) to give the output
<rbasak> hallyn: my machine didn't have uidmap installed. I had upgraded from saucy (and raring, and quantal...).
<rbasak> hallyn: is there something that should be done about this? I see that liblxc1 recommended it, but evidently do-release-upgrade didn't pick up on it.
<rbasak> Close examination of https://help.ubuntu.com/lts/serverguide/lxc.html told me that I needed uidmap, but it seems suboptimal to me that users won't get it on upgrade (assuming this reproduces)
<sarnold> rbasak: keeping uidmap in universe helped make the security team a little less jumpy :)
<rbasak> sarnold: it's in main in trusty.
 * sarnold jumps
<rbasak> I guess the recommendation got added between saucy and trusty then
<sarnold> maybe I'm remembering an older conversation then. I know hallyn said it'd be optional for a while..
<hallyn> stgraber: ^ suggestion for uidmap package in release upgrades?
<rbasak> It still is optional - I just don't get user namespaces
<hallyn> sarnold: I don't remember when it would've gotten promoted.  may have happened automatically through lxc?  but xlc only recommends it, so i dunno
<stgraber> hallyn: recommends do get promoted
<sarnold> hallyn: yeah, me neither, but at least it's been through a few reviews along the way :)
<stgraber> rbasak: that seems like a bug in the upgrader or some other weirdness on your system, might be worth pinging mvo about it... lxc recommends it so it should get installed...
<stgraber> sarnold: and at least it's a separate package, so not present on everyone's system by default (but yeah, the changes are now upstream and in Debian, so I suspect quite a few people have reviewed the setuid code now)
<z1haze> hello, im a rookie linux server owner, can someone please help me out with checking if my java is up to date?
<lordievader> !info default-jre
<ubottu> default-jre (source: java-common (0.51)): Standard Java or Java compatible Runtime. In component main, is optional. Version 2:1.7-51 (trusty), package size 0 kB, installed size 21 kB
<lordievader> Meh, not sure if that is helpfull.
<RoyK> z1haze: java is usually up to date on ubuntu
<z1haze> it just says java version "1.7.0_60" / Java(TM) SE Runtime Environment (build 1.7.0_60-b19) / Java HotSpot(TM) 64-Bit Server VM (build 24.60-b09, mixed mode)
<z1haze> i think i want to update to java 8
<z1haze> how woudl i do that
<jrwren> anyone familiar enought with both cmake and autotools to give me a pros/cons of each?
<professerslime>  Hi there I have a dual NIC set up and i am wondering if there is a way to dedicate one card to a vpn and the other towards the rest of the web
<jrwren> professerslime: to what end?
<professerslime> Well in essence i am trying to create a private cloud but i am trying to block outside intrusion to highest level
<professerslime> This is all js
<professerslime> Just me experimenting
<lordievader> professerslime: Block every ip except yours?
<professerslime> to one NIC
<professerslime> this all seems a little redundent i know but i do have a plan with this
<lordievader> professerslime: Anyhow you can have your vpn server listen to one interface and have the primary interface the other. However this is probably not what you want.
<professerslime> Its just about there it would cover my goal of dividing the internet traffic
<lordievader> It would make it impossible for you to reach the vpn server from the outside. And that, well, defeats the purpose.
<Quanqued> Hi - is there anyone that can point me in the right direction to disable the automatic provisioning of ephemeral disks in cloud-init?
<professerslime> rightbut would i be able to forward the traffic using my router to divide where everything is going
<professerslime> I would just need to tweek the ip tabbles
<lordievader> professerslime: You want your router to divide your traffic? Why? Seems a bit silly to me.
<professerslime> yeah once like i said this all seems a little redundent
<lordievader> So what's the big idea I'm missing?
<professerslime> I am just trying to isolate the public from the private traffic
<professerslime> i suppose it is just overcomplicating the QoS process
<lordievader> professerslime: Let your server act as your router.
<professerslime> I was thonking about that
<professerslime> but i am thinking about starting a rtmp server and i dont want the two services conflicting with each other
<lordievader> Why would they?
<professerslime> Well wouldn't to two flowing traffic at the same time create a bottle neck
<jrwren> a bottle neck?
<jrwren> how fast is your internet connection?
<lordievader> professerslime: For a home network? Probably not.
<professerslime> Well i guess that answer  saved me plenty of headache
<lordievader> Depends, ofcourse, on whay you do within your home network. But generally speaking, it wont be a bottleneck.
<hacktron> when I ifconfig I see the tx_bytes are very high. 50gb within only a hour or two after reboot
<hacktron> anyone know what can cause that, because I have very low traffic to my server
<hacktron> only few hundred people each day
<sarnold> hacktron: heh, are you running an open dns recursor?
<sheptard> haha
<sarnold> hacktron: you might have success with the 'iftop' program, some nice pretty pictures here: http://www.ex-parrot.com/pdw/iftop/
<hacktron> sarnold: sorry had to check was dns recursor was
<hacktron> sarnold: no I am not just a ubuntu server with apache2 (LAMP) basics
<hacktron> took a look at iftop this morning and a few others that monitor badwidth
<sarnold> hacktron: it could be crawlers like googlebot or bingbot or baidubot.. do your access logs show anything unexpected?
<hacktron> sarnold: didn't check them yet, I have limited access right now but will be there tonight
<sarnold> hacktron: okay. iftop is nice for "right now" numbers, ntop might be better for "who used it the most today?" kinds of questions
<hacktron> sarnold: one thing I did notice was when checking bandwidth usage tcp monitoring, I saw my server listed as client and connecting to another server ip with port 777
<hacktron> sarnold: I will gladly play with them both tonight, get to the bottom of it ;) thx
<hacktron> sarnold: I am just thinking maybe something is installed on my server
<hacktron> sarnold: like zombie ware lol, because the data happens so fast. and I noticed a while ago sometimes the server will bring down my connection, until I reboot
<sarnold> nuts. I used to have a nice long list of services but can't find it now. the only thing I can find for 777 is the 'moira' service, something from project athena days. you're not running that. :)
<hacktron> sarnold: haha nope
<sarnold> hacktron: you could check 'netstat -anp | grep 777' to see what program is using port 777
<hacktron> just trying to get my first real box ubuntu up and secure
<sarnold> hacktron: do you allow password authentication over ssh? or do you have a web-based "control panel" installed?
<hacktron> well actually it looks like my ip is connecting to another ip:777
<hacktron> just ssh installed
<hacktron> sarnold: no web-based control panel or anything outside of normal lamp server besides monitoring tools
<sarnold> hacktron: yay. :) double-check the password authentication when you get a chance, it's best to turn that off. keys can't be bruteforced as easily as passwords can..
<hacktron> sarnold: thanks, I am actually going on my way to check it out now. will check back in here when I arrive. thanks again sarnold
<sarnold> hacktron: good luck :)
#ubuntu-server 2014-06-19
<ancaster> hey all, is it possible to have direct ethernet connections between two machines and bond them (ifenslave)?
<ancaster> nevermind, looks like it is, and here are the instructions: http://www.thetechrepo.com/main-articles/569-link-aggregation-aka-trunking-or-bonding-directly-between-two-ubuntu-linux-servers.html
<zartoosh> Hi I would like to install ubuntu 14.04 on my system and boot in UEFI mode. Using official ubuntu 14.04 dvd I failed. I know my BIOS is UEFI enabled and secure boot is enabled. I need reference how to install and how to verify I am in UEFI mode? thx
<cfhowlett> !uefi
<ubottu> UEFI is a specification that defines a software interface between an operating system and platform firmware. It is meant as a replacement for the BIOS. For information on how to set up and install Ubuntu and its derivatives on UEFI machines please read https://help.ubuntu.com/community/UEFI
<zartoosh> cfhowlett, thx
<cfhowlett> zartoosh happy2help
<Paulus68> I have bought a samsung S24D300 monitor and want to use this as a dual screen, however ubuntu desktop is not detecting the new hardware, tried hdmi to hdmi and vga to vga both not working, when I connect vga to vga on my laptop then the screen is working how do I solve this?
<histo> !xrandr | PaulePanter
<ubottu> PaulePanter: XRandR 1.2 is the new method of running dual screens in !X.  Information/HowTo here: http://wiki.debian.org/XStrikeForce/HowToRandR12
<Joe_DM2__> But 8... I mean I was a kid last time we won.
<Joe_DM2__> It was probably rigged just to keep the hype alive.
<Joe_DM2__> That said, I'm sure last year was rigged :P
<hxm> hi, I try to use wget with a ftp session and the password has ! character so I cant login
<hxm> how can I use stdin for send the password with --password
<sarnold> hxm: probably you just need to wrap the password with '' quotes on the command line
<hxm> i tried, also tried with {}, it says: -bash: !myPassword event not found
<sarnold> yes, {} are not shell quoting characters :)
<hxm> when used "" and failed I get paranoid and wanted to experiment how could be worse with {}, and was the same
<lordievader> hxm: Escape the ! with a  \ like "blaat\!moreblaat".
<sarnold> hehe, "" are shell quoting characters, but they don't inhibit the shell's parameter expansions -- for example, echo "$HOME" will still evaluate the HOME environment variable
<hxm> correct sarnold  - thanks lordievader
<hxm> i was thinking about since I use wget it does not execute bash code in the arguments, but yes, since I still using the shell
<sarnold> exactly :)
<zetheroo1> I am running Ubuntu Server 14.04 and have configured 2 network bridge connections - one is on the 192.168.2.1 network and the other is on the 192.168.1.1 network - when I reboot the system it seems to sometimes pick up the 2.1 network as the default - how can I force the 1.1 network to be the default every time?
<jnhghy> hi, I was playing and installing webservers... I've usded apache2 then installed nginx (ubuntu 12.04 lts) now when I restart my machine nginx is starting apache2 is stop. I'd like things to be the other way arround (nginx stoped and apache2 default started) is it possible? if it is how can I achieve this?
<jillesme> Hey guys, I have a nginx server with 2 domains, one running a Ghost blog (nodejs) and one for random stuff.. I have 1TB of data bandwith.. Is there a good monitoring tool?
<jillesme> Or multiple
<m0rd3ca1> umm
<m0rd3ca1> i broke my box
<dasjoe> 3 seconds, not bad
<bekks> well, he even got quieted in #freenode as well.
<jillesme> Hey guys, I have a nginx server with 2 domains, one running a Ghost blog (nodejs) and one for random stuff.. I have 1TB of data bandwith.. Is there a good monitoring tool?
<mardraum> for monitoring what?
<caribou> jamespage: I'm surprized that you still see errors
<mardraum> repeated questions in an irc channel?
<pmatulis_> morning
<caribou> jamespage: here is my run on a fresh branch : http://paste.ubuntu.com/7668591/
<caribou> jamespage: oh,this is about the nova-cloud-controller charm merge :
<caribou> jamespage: https://code.launchpad.net/~louis-bouchard/charms/precise/nova-cloud-controller/lp1313602-multiline-known-hosts/+merge/223713
<Pupeno> I have an upstart job with this line: exec mount /var/www/shared/public/uploads and after the machine boots, the volume is not mounted. In the upstart logs I see: "Mount failed. Please check the log file for more details." which doesn't help much. I can't find any other relevant log files. Any ideas whee to look? running that command works fine.
<rahuldroy> hi guys, I am getting a "exit signal Segmentation fault (11)" error on my apache error logs. Can someone help me with this...
<tomixxx7> hi, does someone know a place where i can download "ubuntu server 12.04.4" images equally to use for openstack, microsoft azure and amazon webservices ? :-)
<histo> tomixxx7: releases.ubuntu.com
<jamespage> caribou, yeah - don't worry - I fixed it up
<jamespage> just a missing import - you may have been hit by a tidy up
<caribou> jamespage: "tidy up" ?
<jamespage> caribou, it may have been a surplus import
<tomixxx7> histo: on this page, there is no image in vhd format
<jamespage> caribou, i merged your branch against our next branch
<caribou> jamespage: ah ok
<caribou> jamespage: thanks
<jamespage> caribou, worth reading this - https://wiki.ubuntu.com/ServerTeam/OpenStackCharms
<caribou> jamespage: yep, read that new proc already when you announced it
<caribou> jamespage: did you merge both the nova_cloud_controller & nova_compute changes ?
<jamespage> caribou, not yet
<caribou> jamespage: it may be useless to mention, but one doesn't work without the other
<jamespage> caribou, yes - I see that
<tomixxx7> hi, does someone know a webpage where i can download ubuntu 12.04.4 lts VHD images?
<histo> tomixxx7: have you tried a web search engine?
<tomixxx7> histo: i have found virtualboximages.com so far
<histo> tomixxx7: http://www.ubuntu.com/download/cloud
<oetker201> Hi Users.
<bekks> tomixxx7: the fastest and most secure way would be installing ubuntu in hyper-v, etc.
<tomixxx7> bekks: but i have seen it's a bit complicated to upload a vhd to cloud providers
<jamespage> zul, keystone juno?
<zul> jamespage:  should be there
<jamespage> zul, its not yet
<jamespage> not in proposed either
<zul> jamespage:  lemme check
<zul> jamespage:  seriously...crap..
<rahuldroy> hey guys, can someone help me debug a coredump issue on apache
<jamespage> zul, python-hacking?
<zul> jamespage:  needed for the testsuite
<jamespage> zul, isn't that PEP8ish
<zul> jamespage:  yes it is...im not happy about it either
<lordievader> Good evening.
<Elksplods> Salve c'Ã¨ qualcuno bravo di informatica qui di sicurezza informatica e che si occupa anche di reti? per favore?
<rbasak> Elksplods: this is a mostly English speaking channel. Try #ubuntu-es for a Spanish language channel.
<rbasak> Oh. Google says that's Italian.
<rbasak> Elksplods: maybe #ubuntu-it then. https://wiki.ubuntu.com/IRC/ChannelList for the full list.
<arosales> jamespage: I really enjoyed reading http://javacruft.wordpress.com/2014/06/18/168k-instances/ thanks for putting that together
<arosales> smoser: I would love to read a blog post from you about CirrOS cloud image and how that differes from "traditional" ubuntu cloud images
<smoser> caribou, can you please get some things populated https://blueprints.launchpad.net/ubuntu/+spec/servercloud-u-networked-kdump
<smoser> we nee dwork items, and ideally stuff for [RATIONALE] and the like
<smoser> as seen https://blueprints.launchpad.net/ubuntu/+spec/servercloud-u-networked-kdump
<hsnopi> ubuntu 10. in rc2.d I have calls to init.d services. specifically apache and tomcat. they do not start on boot. they do start manually when calling directly in init.d. Adding | tee out.txt to all echo command reveals that on boot the "stop" command is being called (echo $1) as opposed to start. no idea what calls the files in rc2.d. help?
<hsnopi> dsicovered  sudo initctl log-priority info looking inti ot
<hsnopi> into it
<RoyK> hsnopi: no such thing as ubuntu 10.
<RoyK> hsnopi: it's YY.MM
<hsnopi> 10.04
<hsnopi> goweatherlms
<hsnopi> oops sorry
<sarnold> hsnopi: was that a password? :)
<hsnopi> lol no
<hsnopi> alias command
<hsnopi> hate typing out entire ssh strings
<sarnold> aha :) I'm glad it wasn't a password, hehe, I've seen enough of them on irc..
<hsnopi> i imagine so:)
<jaawerth> Hi folks - figured I'd pop in here and someone could tell me how I'm being stupid. I just changed the hostname of a server, edited /etc/hosts and /etc/hostname, and (even after rebooting) I'm getting that 'unable to resolve hosts' error on sudo - it won't resolve it via ping either. Any thoughts?
<jaawerth> /etc/hosts line "127.0.1.1     newhostname" - I simply replaced the old name with the new
<jaawerth> AH nevermind, fixed it
<jaawerth> I stared that for a while before coming in here, that was stupid. I'd absent-mindedly appended a colon because I had taken a break from coding to do this. My eyes just went right over it when I double and trip-checked the hosts file
<sarnold> jaawerth: heh, amazing what two little pixels can mean :)
<jaawerth> exactly! oh and by colon I mean semi-colon ;-)
<sarnold> three pixels ;)
<tom[]> trusty installer hangs on a
<tom[]> woops! ignore me
 * RoyK ignores tom[] 
<tom[]> RoyK: perfect. tnx
<sarnold> hallyn: seen this yet? https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1321854
<uvirtbot> Launchpad bug 1321854 in shadow "useradd doesn't add the default shell to /etc/passwd entry" [Undecided,Fix committed]
<Sander^home> Hi. Do anyone know why there suddenly pops up mysqlcheck processes and a bunch of connections to mysql?
<Sander^home> pstree says its debian-start which started them.
<tom[]> does trusty scan /etc/network/interfaces.d by default or must i add a line "source /etc/network/interfaces.d/*" to /etc/network/interfaces?
#ubuntu-server 2014-06-20
<hallyn> sarnold: no, i hadn't.  not really sure where the configure_userns patch came from.  so the bug is that get_defaults() has to happen before the process_flags()?
<hallyn> no,
<sarnold> hallyn: oh, sorry, I had assumed you'd be more familiar with it.
<hallyn> oh, yeah.  that is what's going on
<hallyn> sarnold: sorry, no, happy to look into it later tonight but actually i suspect stgraber may know that area of code (the change in subuid values screams stgraber :)
<hallyn> bbl
<sarnold> hallyn: oh well feel free to poke stgraber instead and enjoy your evening :) hehe
<hallyn> sarnold: i'm about to do a test-build and run, but patch looks legit to me
<hallyn> sarnold: i always use adduser instead of useradd :)
<sarnold> hallyn: heh, and I add users so infrequently I have to read both manpages several times every time.
<mwhudson> i reliably try to use the wrong one first
<hallyn> sarnold: patch works here.  were you planning to push it?
<sarnold> hallyn: no; I just thought it'd be easy for it to slip through the cracks and (misremembered) I thought you had likely authored the patch referenced in the bug
<hallyn> why is it 'fix committed'?
<sarnold> hallyn: I think that's set automatically when there's the 'related branches' thing
<hallyn> ok, i'd push it but i don't know what sort of process the shadow tree likes to go through (esp wrt merge requests) so i just marked it 'approve'
<ruben23>  hi guys how do i change my timezone to DST..?
<histo>  â23:56 Mr-Protoco+| we put in a few requests to him last week
<histo> ruben23: ls -l /etc/localtime
<ruben23> histo: what next to do..?
<histo> ruben23: is it a symlink or a hard file I can't remember how debian is doing it these days.
<ruben23> -rw-r--r-- 1 root root 118 2014-04-22 02:17 /etc/localtime
<histo> ruben23: dpkg-reconfigure tzdata
<ruben23> ok done - next..?
<histo> ruben23: did you select a zone?
<ruben23> yes, but how do i know its DST..?
<ruben23> histo: ..?
<histo> ruben23: what timezone did you select?
<ruben23> histo:  Australia
<ruben23> i have that tiemzone already but Australia now are in DST
<ruben23> so i need to adjust timezone i guess to hit correct time somehow..
<histo> ruben23: what is date showing?
<histo> ruben23: is the hardware clock set for utc?
<ruben23> yes it is UTC
<histo> ruben23: https://help.ubuntu.com/community/UbuntuTime
<vedic> Hey guys, I am using Ubuntu 12.04 and developing a web site. I want to test it on Internet Explorer 8, 9, 10, 11. How can I do that?
<lordievader> vedic: Grab a Windows VM and install IE 8 through 11?
<histo> vedic: there is a test ie package
<histo> vedic: ttps://github.com/xdissent/ievms
<histo> I can't find it now use that link
<kaitanya> need help with quota. i'd like to set 300MB for group users on. my current info http://paste.ubuntu.com/7673149/
<thana> hi all
<thana> im trying to set up a 14.04 vm using packer
<thana>  i put "openssh-server openssh-server/permit-root-login boolean true" into the
<thana>                     preseed file. yet the password loging for root via ssh is still not allowed on the
<thana>                     resulting system - any idea why?
<thana> damn. that should be only one line. sorry
<thana> "i put "openssh-server openssh-server/permit-root-login boolean true" into the preseed file. yet the password loging for root via ssh is still not allowed on the resulting system - any idea why?"
<histo> thana: preseed didn't work then
<histo> thana: probably packer issue
<thana> histo: how do you mean this? preseed did work -- the default value false is changed to the epxected true
<histo> thana: oh sorry misread
<histo> ssh -vvv
<thana> histo: why ssh -vvv? i do know already that the sshd_config is wrong ;)
<sander^work> Some how /etc/mysql/debian-start regulary runs. How do I make it stop?
<sander^work> And why does it needs to be run?
<kaitanya> how do i chown all files in /home to <user>:users ?
<kaitanya> found man chown
<thana> histo: FYI: i used some sed magic as a preseed-latecommand to manually change the sshd_config.  works, but is ugly
<kaitanya> solution to group chown /home/<user> is: chown -R :users /home/*
<kaitanya> help with quota ? http://paste.ubuntu.com/7673149/ ?
<ikonia> kaitanya: don't need the * and its user:group
<ikonia> kaitanya: that error message is nothing to be concerned about, it means you don't have quota's enabled
<kaitanya> ikonia: but i wanted recursive chown to preserver username and change group to users so therefore chown :users
<ikonia> kaitanya: chgrp
<kaitanya> ikonia: i dont think u understood my problem. http://paste.ubuntu.com/7673436/
<Hexch> Hi anyone know a full dns management system like atomiadns?
<Hexch> I am also open for other suggestions
<ikonia> kaitanya: what is the problem you want ?
<ikonia> kaitanya: chgrp will change only the group
<RoyK> Hexch: something like bind9? ;)
<kaitanya> ikonia: problem solved. solution was to chown :group instead of user:group
<kaitanya> ikonia: i stated in my paste ls -l and had user:group default and i wanted all of /home/* to belong to group 'users' and ls -l showed changed groupname users
<ikonia> as I stated, chgrp will change JUST the group
<mardraum> kaitanya: fyi, chgrp :D
<ikonia> i said it 2 times
<mardraum> I concur ikonia went above and beyond.
<kaitanya> what wrong with chown :group vs. chgrp ?
<kaitanya> same thing. problem solved
<kaitanya> syntax with chown is either chown user:group or chown user or chown :group FYI
<danley> Hi, I am trying to install Ubuntu Server 14.04 on my System. I have 4 500GB HDDs, all the same type. I want to put all of them in an LVM container, however for one of them, sdb, it can't initialize it, getting the error message "Can't open /dev/sdb1 exclusively. Mounted filesystem?". I have no mounted FS, I dd if=/dev/zero of=/dev/sdX all of the 4 drives, dmsetup ls finds no devices.... So I am running out of ideas. Do you guys know what might be
<danley>  happening here?
<jamespage> gnuoy, thinking we might want to push a new snapshot of openvswitch for trusty - there are alot of bug fixes in the branch we track
<jamespage> gnuoy, I'll see if we can do that under our MRE
<gnuoy> jamespage, I'd really like to see what the process is for that
<jamespage> gnuoy, well its broadley https://wiki.ubuntu.com/StableReleaseUpdates
<gnuoy> ta
<jerrcs> yikes, openvswitch fixes
<jamespage> but we would do a general regressiont test with openstack to confirm nothing is to badly bust
<jerrcs> I just upgraded a few kvm/ovs server groups to 14.04
<jamespage> jerrcs, how did that go?
<jerrcs> It went well. We prefer the built-in openvswitch support versus the module
<jerrcs> The module was rather buggy at times, sometimes we'd have to reinstall openvswitch modules and it would break our networking.
<jerrcs> upgrade was very smooth though, and no problems to report.
<jamespage> jerrcs, ++ excellent
<danley> Just an update for anybody who was reading my question: I installed the system without the 4th HDD and added the physical volumn to the VG after install, added it to my LV, resized the FS and everything worked fine then
<hsnopi> morning
<MACscr> ive setup 3 vlans on a bonded interface and i cant get a single vlan to show up. I know the bonding is correct as it worked fine with a bridge, but now i need 3 vlans and actually one of those vlans to be a bridge. LOL
<MACscr> unfortunately i am not even seeing any errors about it that would help me troubleshoot the issue
<MACscr> now the syntax im using on my 12.04 box is the same as what im using on my debian wheezy boxes that work
<MACscr> http://pastie.org/private/vgqbgxcwg2ie3u4t9hqd4a
<MACscr> ah, just spotted: 8021q: VLANs not supported on bond0
<MACscr> hmm, thats odd
<jpds> What are you doing with your network.
<MACscr> jpds: well the network is a proxmox/ceph cluster. This ubuntu box is just a backup server and i run a few lxc guests on it for internal use
<jpds> MACscr: I think you have to do something like: bond0.42, etc.
<MACscr> ive tried that, no difference
<GivenToCode> hi all, not sure if this is the best place but i am having issues trying to use fuse to mount an fs inside of an lxc container via docker. I believe apparmor is getting in the way
<GivenToCode> id like to completely disable apparmor, but the instructions on https://help.ubuntu.com/14.04/serverguide/apparmor.html don't really seem to disable it
<GivenToCode> i've tried rebooting, yet apparmor continues to run
<tyhicks> GivenToCode: you can add apparmor=0 to the kernel boot command line to completely disable it
<GivenToCode> ok, so if I modify my profile to include 'mount fstype=fuse,' then reload apparmor I don't get the 'apparmor="DENIED" operation="mount" info="failed type match" error=-13 profile="lxc-container-default-with-mounting" name="/tmp/foo/" pid=11589 comm="fusermount" fstype="fuse" srcname="/dev/fuse" flags="rw, nosuid, nodev"' message in dmesg
<GivenToCode> however, the operation still fails with 'fusermount: mount failed: Permission denied'
<GivenToCode> (basically what i am trying to accomplish works with privileged containers, but i am trying to run it as unprivileged and use lxc config and apparmor config to allow only what i need to mount via fuse)
<mdeslaur> hallyn: so, I've filed a demote to universe bug for virt-manager: bug 1332618
<uvirtbot> Launchpad bug 1332618 in virt-manager "Please demote virt-manager to universe" [Undecided,New] https://launchpad.net/bugs/1332618
<mdeslaur> hallyn: can you get someone appropriate from the server team to +1 it, please, and I'll start merging virt-manager
<hallyn> mdeslaur: +1 on that
<hallyn> jamespage: ^ we've discussed that before i think, any objections?
<jamespage> hallyn, no objections
<hallyn> mdeslaur: in what form do you need the +1? :)
<mdeslaur> hallyn, jamespage: great, could you comment in the bug
<thurstylark> is there a way to do a default user profile on a ubuntu client when authenticating against Active Directory?
<thurstylark> is there a way to do a default user profile on a ubuntu client when authenticating against Active Directory?
<zartoosh> HI I have installed ubuntu 14.04. I like to start the services one at the time so i can debug an issue. I was told there is a grub option that will do this? thx
#ubuntu-server 2014-06-21
<msx> GN folks, anyone using Docker?
<lordievader> Good morning.
<abhie2e> i installed dhcp3-server but there is no /etc/init.d/dhcp3-server
<abhie2e> help
<maxb> Isn't that package name obsolete?
<maxb> !info isc-dhcp-server
<ubottu> isc-dhcp-server (source: isc-dhcp): ISC DHCP server for automatic IP address assignment. In component main, is optional. Version 4.2.4-7ubuntu12 (trusty), package size 727 kB, installed size 2222 kB
<dasjoe> abhie2e: that is a virtual package name, you actually installed isc-dhcp-server
<abhie2e> maxb, dasjoe okey
<dasjoe> abhie2e: read the server guide, it's in there: https://help.ubuntu.com/14.04/serverguide/dhcp.html
<abhie2e> ok.
<abhie2e> while trying to /etc/init.d/isc-dhcp-server start i get error  * check syslog for diagnostics. fail
<hxm> what says the syslog
<abhie2e> hxm, i dont have syslog.conf
<hxm> syslog
<hxm> not the conf
<hxm> /var/log/syslog (in most of cases)
<RoyK> abhie2e: rsyslog.conf
<abhie2e> RoyK, where is it located?
<RoyK> in /etc like the rest
<abhie2e> hxm, one of the error syslog list is not configured to listen on any interfaces?
<abhie2e> RoyK, ok
<moonlight> anyone available to help figure out on sharing internet from wlan0 to eth0, or it's not a subject for this channel?
<bekks> !router | moonlight
<bekks> hmm.
<moonlight> lol
<moonlight> dont put me talking to a bot
<moonlight> i like personalized convo
<moonlight> besides what i posted above, i got another issue with ubuntu server
<bekks> moonlight: The bot would have told you this URL, just like me: https://help.ubuntu.com/community/Router
<moonlight> ok thx, will read it
<abhie2e> which is best linux provisioning automation software/
<abhie2e> or with best community support and documentation?
<tomixxx7> hi, what does bidirectional bandwith mode of "iperf" mean?
<setkeh> Hey Guys im having an issue Redeploying juju on a MAAS server after destroying an enviroment i have MASS installed on a couple of old Dell servers (baremetal) here is the error log https://gist.github.com/setkeh/fc34e0cca9063e7bb0ae any ideas how to fix would be exelent thanks
<sync0pate> hey, is there a room like this for ubuntu desktop stuff?
<cfhowlett> sync0pate #ubuntu
<setkeh> Hey Guys im having an issue Redeploying juju on a MAAS server after destroying an enviroment i have MASS installed on a couple of old Dell servers (baremetal) here is the error log https://gist.github.com/setkeh/fc34e0cca9063e7bb0ae any ideas how to fix would be exelent thanks
<z1haze> can someone help me with how to setup a new host file for a new domain?
<setkeh> z1haze: how do you mean setup a new hosts file ??
<setkeh> like have 2 files ??
<z1haze> yea but i figured it out
<z1haze> like hosting several websites on 1 machine
<z1haze> i just copied an existing one and changed directories, it worked
<setkeh> ahh you mean apache vhosts :)
<Kawaiola> Hey anyone have issues with the grub boot loader failing on an install for 14.04
<bekks> Kawaiola: Depends on the exact error and the exact version you are using.
<Kawaiola> bekks: Well it said something like fatal error Grub boot Installer failed and it is the newest 14.04lts unbuntu server I pulled it from unbuntus website
<Kawaiola> bekks: I think it is the amd one instead of the i86
<bekks> Kawaiola: Using 64bit is fully ok. But whats the full error?
<zeracca> Hi. I am trying to install Ubuntu Server 14.04, but under install it doesnt detect my ethernet card, so i have no network connection. How can I make ubuntu server detect my ethernet card under install?
<zeracca> it seems my ethernet card is detected as p33p1 instead of eth0, and it doesnt work
<zeracca> Anyone knows if ubuntu server has a net image which will update all packages via install?
<bekks> It hasnt, since you can easily run "sudo apt-get update; sudo apt-get dist-upgrade" after installation.
<zeracca> ah ok.. i cant do anything, it boots into ubuntu server but i have no ethernet connection
<xperia> hi all. i am trying to block a ip adress on my ubuntu server like this => sudo ipset add fail2ban-sasl 146.0.42.101 timeout 2700 -exist
<xperia> but i am getting always this Kernel error message here =>  ipset v6.20.1: Kernel error received: Unknown error -1 Can anybody help me debugging this problem?
#ubuntu-server 2014-06-22
<histo> !search ipset
<ubottu> Found: realtek
<talldave> Iâm thinking about installing Ubuntu Server 12.04 onto a single disk as RAID 10.    Advisable?
<histo> !raid | talldave
<ubottu> talldave: Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<talldave> thanks ubottu
<talldave> histo why not?
<histo> talldave: why not what?
<histo> talldave: I'm curious as to how you're going to build a raid with one drive?
<talldave> i assume !raid meant âdont do raidâ
<talldave> by splitting the drive into 2 partitions
<histo> talldave: that's retarded
<histo> talldave: A mechanical disk or ssd?
<talldave> mechanical
<histo> talldave: have fun killing your drive.
<histo> talk about disk thrashing
<talldave> thanks.  ânot advisableâ would have worked
<histo> That's what I said
<histo> talldave: Think about it the disk has to write to one partition jump and write to another for every write etc....
<histo> There is no benefit to doing that. You will actually lose speed
<tomixxx7> hi, does someone know a good apt-get install tool to measure bandwidth between two ubuntu machines?
<tomixxx7> i cannot use iperf, because of some port restrictions
<histo> tomixxx7: ntop
<tomixxx7> ty
<lordievader> Good morning.
<bekks> tomixxx7: iperf
<sveta> tomixxx7, i think i use 'vnstat', it gives total stats without per-host
<tomixxx7> ty
<Lcawte> Hmm, is it possible to get a newer version of openssh-server on Ubuntu 12.04 without compiling it from source (a PPA or something?)
<jrwren> it might be in backports. Why do you need a newer version?
<Lcawte> I need the AuthorizedKeysCommand option but that's only in OpenSSH 6.2+
<TJ-> Lcawte: You might want to check this PPA option out: https://launchpad.net/~li69422-staff/+archive/backports-for-precise/+packages
<Lcawte> TJ-: Is there a way I can add the PPA and only install the SSH related packages (because I want to take say, the nagios-nrpe package from the main Ubuntu repos) ?
<TJ-> Lcawte: I usually add the PPA, install the package I want, then disable the PPA until I want to do an update
<jak2001> hi all, i have been installed/configured, openssh, my question is how to access via FTP via SSH? thanks  or you recommend install vsftpd?
#ubuntu-server 2015-06-15
<Lurchy> morning everyone
<diytto> I am looking forward to finally getting back to working on my server tomorrow
<rbasak> Daviey: thanks!
<Daviey> rbasak: NP, did you get sent the password?
<rbasak> Daviey: no, I don't see anything.
<rbasak> Daviey: looks like I'm a list moderator now, but no password :)
<rbasak> Daviey: thank you for your help. I'll poke IS if don't hear from them.
<Daviey> rbasak: I *think* IS can just reset it.. I don't have my gpg handy right now - i'll send it to you later today.
<rbasak> OK, thanks. No worries if not. I'm sure IS can reset it :)
<remmas-sidahmed> Hello
<lordievader> Good afternoon.
<RoyK> afternoon
<lordievader> Hey RoyK, how are you doing?
<RoyK> fine, thanks
<danofsatx> greetings. I'm running a local Ubuntu mirror, using apt-mirror to set it up. When apt-mirror runs, I get a stream of errors where the script can't find the Packages.gz file for the repositories, however the files exist and are reachable.
<danofsatx> for example, here's the output from this morning's run: http://fpaste.org/232136/34376109/
<danofsatx> I can run wget from the command line on that server, and get every file that apt-mirror can't find. Where do I start troubleshooting it?
<TJ-> danofsatx: There's a double "//" in the path - long shot but that might be throwing out the URL handler
<danofsatx> wget works with that exact url, and that's the url returned by the mirror.list
<danofsatx> actually, I misspoke. The URL isn't fed from mirror.list. The lines in mirror.list are (what I assume to be) a standard apt mirror.list file with space delimeters
<TJ-> danofsatx: which release of Ubuntu is this on?
<danofsatx> actaully, the apt-mirror script isn't being run from an ubuntu system.
<TJ-> danofsatx: The clue is in the "Psh" prefix of the error message.
<danofsatx> hmm....ok, I was wondering about that. What does that mean?
<TJ-> It's the Perl Shell being used to load the *local* copy of the file telling you there is no local copy.
<danofsatx> oh, ok. Is this an actual error then, or just a warning?
<TJ-> If the local copy isn't there it means an earlier step to fetch that file hasn't happened
<TJ-> danofsatx: do you see the message "Downloading ... files using .... threads"  ?
<danofsatx> ok, that makes sense. the first couple I've looked at in fact don't exist.
<danofsatx> yes, they start after all those errors.
<TJ-> danofsatx: If you read the Perl script you can get a feel for what it does when and what to expect to see in terms of progress messages
<TJ-> danofsatx: Hmmm. maybe those errors are to be expected on a first run? Then it fetches the missing files maybe?
<TJ-> danofsatx: does the process have permissions to the base_path ?
<danofsatx> this isn't a first run - it runs once a week, and I get the same output every time.
<TJ-> danofsatx: forget what I said about download order - I can see it does downloads before processing the files
<TJ-> danofsatx: if you look at the top of the script (around line 100) you can see the default values of the config_variables, which will be overridden by values you have set in mirror.list
<danofsatx> it looks like the missing directory, in all cases, is the debian-installer/ directory.'
<TJ-> danofsatx: did the script report that URL as having been downloaded?
<danofsatx> hang on, let me dig some more through the output....
<danofsatx> no, debian-installer directory is not downloaded.
 * danofsatx is now suspecting a mirror.list misconfiguration
<TJ-> danofsatx: assuming the default config check the logs with: "grep debian-installer /var/spool/apt-mirror/var/*"
<danofsatx> hmmm....there are a few.
<danofsatx> on second though, there is one - archive.ubuntu.com/ubuntu/pool/main/d/debian-installer/debian-installer_20101020ubuntu318_amd64.deb
<danofsatx> the rest of them are libdebian-installer
<TJ-> danofsatx: I see this: http://paste.ubuntu.com/11719719/
<danofsatx> you have the same thing I do, then.
<danofsatx> What it is looking for is debian-installer under the main/ multiverse/ or universe/ directories
<danofsatx> for example, here: http://archive.ubuntu.com/ubuntu//dists/trusty/restricted/
<TJ-> danofsatx: I suspect you need to modify the config and add an explicit pocket for debian-installer, of the form "deb http://archive.ubuntu.com/ubuntu trusty main/debian-installer restricted/debian-installer universe/debian-installer multiverse/debian-installer"
<danofsatx> that's where I was leaning, also, but I wasn't sure of the format.
<danofsatx> I don't really need the debian-installer, though, I think. My users are using Ubuntu and Mint.
<kevinde> Does Bind gets used on enterprise servers?
<patdk-lap> sadly, yes :(
<xperia> Hi all. I have installed the newest Bind 10 version on my ubuntu server and i am getting now allways the problem with apt-get as it reports that the bind9 package in the repos and the new installed bind10 package collide. i have tryed to do apt-get -f install but it does not help. how can i fix my ubuntu server apt service so i am able again to update the distro ?
<TJ-> xperia: See https://help.ubuntu.com/community/PinningHowto
<zul> jamespage: ping...im adding a patch to the nova branch for liberty to make configdrive work for lxd, its a 6 liner
<jamespage> zul: ack - sure
<jamespage> upstreamable?
<zul> jamespage: yeah but they might not take it
<zul> *shudder* containers *shudder*
<Pici> 6/70
<marlinc> What would be the recommended way to automatically run 'apt-get update' on a server. We use Zabbix to monitor updates using /usr/lib/update-notifier/apt-check but as expected it doesn't actually go about and get new package lists
<sarnold> marlinc: the unattended-upgrades package is easy to install, something like landscape might give better reporting if you've got a lot of machines, but that's commercial..
<marlinc> The thing is, we don't want automatic installing of updates, just the checking for updates
<sarnold> iirc unattended updates can be configured to check, or check and download, or check, download, and install.
<ogra_> apt-get aupdate cant really harm your system ... why not just use a good old cronjob
<ogra_> let it run once a day and be done ...
<sarnold> heh, indeed, simplicity :)
<marlinc> The thing is that I do know that apt has 'APT::Periodic::Update-Package-Lists'
<bekks> And run apt-get -s install ... to see wether the updates can be installed.
<marlinc> But I'm not sure if it works by default or that its something being added by unattended-upgrades. What runs apt so that it can do those automatic updates
<teward> sarnold: ping - does the security team really have any opinion as to what we do with nginx, other than your take on it?
<teward> (and by 'we' i mean the server team)
<sarnold> teward: I don't think the others have looked at it yet
<sarnold> teward: between our backlog of security fixes and new features needed for snappy, we're feeling a bit overworked lately, so I haven't bothered any of them about it
<teward> sarnold: no problem.
<teward> sarnold: i have a feeling that closer to LTS it'll be a bigger issue
<teward> sarnold: i have a feeling that closer to LTS it'll be a bigger issue
<teward> bah
<teward> was merely curious*
 * teward kicks his laptop from here to /dev/null and back
<sarnold> teward: it could be, but thankfully it's just one package, and upstream folks seem above average. :) hehe.
<teward> sarnold: indeed.  we also have someone at nginx willing to assist with security backports too which makes life a little more easier xD
<sarnold> teward: nice!
<trippeh> PSA: Intel 750 NVMe SSD's are ridiculously fast.
<sarnold> trippeh: how does it show up to the OS? /dev/sd*? or something else?
<trippeh> sarnold: /dev/nvme0n1
<sarnold> trippeh: can you use those for zfs? :)
<trippeh> and like 8 "irq"'s
<trippeh> hehe, it does behave like a block device
<trippeh> so it should...
<trippeh> unless zfs is beeing weird
<b4tm4n> any good recommendations or guides on using ubuntu server as a router
<genii> b4tm4n: https://help.ubuntu.com/community/Router
<b4tm4n> exactly what i was reading - just making sure there wasn't somethign else
<genii> b4tm4n: Pretty much everything that is already in the ubuntu server documentation applies as is
<b4tm4n> would you recommend shorewall?
<genii> I haven't used it so I can't offer an opinion about it
#ubuntu-server 2015-06-16
<lordievader> Good morning.
<arcsky> hey how can i give me full access to a tool called hping3 ?
<arcsky> my friend*
<OpenTokix> arcsky: in /etc/sudoers
<lordievader> !info hping3
<ubottu> hping3 (source: hping3): Active Network Smashing Tool. In component universe, is optional. Version 3.a2.ds2-7 (vivid), package size 108 kB, installed size 289 kB
<OpenTokix> arcsky: username ALL=NOPASSWD:/path/to/hping3
<arcsky> OpenTokix: but can i specify only that program ?
<arcsky> ah thanks
<OpenTokix> arcsky: yes, I was writing that line for you =)
<OpenTokix> lordievader: Next time maybe understand the question, before you show of your amazing bot skills
<lordievader> OpenTokix: That wasn't about amazing bot skills, just wanted to know what hping was ;)
<OpenTokix> Potentially very abusive networking tool
<arcsky> OpenTokix: do i need to retsrat anything?
<OpenTokix> arcsky: relog in a new shell
<arcsky> doesnt work
<arcsky> arcsky  ALL=NOPASSWD:/usr/sbin/hping3
<OpenTokix> and you did: sudo hping3 -options foo.bar.com
<OpenTokix> ?
<arcsky> ah ok
<arcsky> thanks
<friendlyguy> hi there! is in ubuntu 14.04.02 something present that mounts zfs filesystems upon start?
<friendlyguy> (i read about a "mountall" package)
<friendlyguy> what I'm experiencing is that upon reboot some of the filesystem in a zpool get mounted and some not.
<RoyK> friendlyguy: zfsonlinux or fuse?
<RoyK> fuse as in ubuntu-zfs
<friendlyguy> zfsonlinux
<RoyK> any mountpoints outside your /pool?
<friendlyguy> outside of your pool... i guess not
<friendlyguy> have a look at:
<friendlyguy> http://pastebin.com/YsUvmW7E
<friendlyguy> it's the output of "zfs get all | grep mount"
<friendlyguy> right after boot
<friendlyguy> backup_b and backup_a are mounted, but not the rest
<friendlyguy> not even /datatank
<RoyK> wierd - try to ask on #zfsonlinux
<friendlyguy> already did that
<friendlyguy> also, if i run a (zfs mount -a or a mountall command after boot ALL filesystems except /datatank get mounted
<RoyK> I've seem something like that before
<RoyK> thing is, ubuntu (and debian?) starts zfs rather late in the boot process, so if a daemon starts before it and opens some files on an existing mountpoint, that one isn't mounted
<RoyK> but then again, I have no idea if that could be the case for you
<friendlyguy> any idea how to troubleshoot
<friendlyguy> it's pretty untouched. installed ubuntu, setup the cryptdevices, derived keys, installed zfs and samba for smb sharing
<RoyK> then probably not the thing I saw
<friendlyguy> i installed: htop bwm-ng screen vim ubuntu-zfs  samba and ethtool
<arcsky> anyone have tested to use ssh to authenticate with Windows AD or windows NPS?
<OpenTokix> arcsky: I am assuming that would be handled by the underlying pam-modules for the thing, and ssh would not know the difference
<coreycb> jamespage, can you review this? https://code.launchpad.net/~corey.bryant/ubuntu/utopic/python-keystonemiddleware/1.0.0-1ubuntu1/+merge/262010
<teward> zul: ping - when the server meeting starts please give me a ping, I may be shifting my head through three other screens and may miss the initial 'start' time.  my phone will buzz if you ping me though, either here or in -meeting.
<zul> teward: sure
<teward> thanks
<teward> zul: i'll be back within 10 minutes, if you can delay the item I put on the agenda for at least that long into the meeting, that'd be great
<teward> (gotta grab something from the car xD)
<zul> teward: afaik im not driving the meeting
<teward> ok
<teward> you're listed as chair
<teward> according to the agenda page :)
<teward> (i'll be back)
<teward> no problem though (I'm back, i thought what i was looking for rolled under the seat, turns out it didn't xD)
<IrfanAlam_> any one here ?
<IrfanAlam_> anyone here to help ?
<tarpman> IrfanAlam_: ask your question, wait a few hours, see if someone answers
<IrfanAlam_> how to install php cli ?
<tarpman> IrfanAlam_: apt-get install php5-cli
<IrfanAlam_> cli installed but still problem is there...
<IrfanAlam_> how to install ffmpeg ?
<Odd_Bloke> IrfanAlam_: If you describe your full problem, then someone will be able to give you a full answer; asking a bit at a time makes it difficult for people to answer helpfully.
<tarpman> IrfanAlam_: ffmpeg is not in ubuntu; use avconf (apt-get install libav-tools)
<tarpman> IrfanAlam_: pardon me, avconv
<IrfanAlam_> please see this and solve all the NO problems http://167.160.171.68/nhcefiles.com/web/_h5ai/
<Pici> /70/36
<tarpman> IrfanAlam_: command-not-found or packages.ubuntu.com or apt-file can help you find the commands you're missing
<IrfanAlam_> I am very new to linux.... please tell me what command to enter in ssh to solve the problem
<IrfanAlam_> anyone there ?
<histo> !info ffmpeg
<ubottu> ffmpeg (source: ffmpeg): Tools for transcoding, streaming and playing of multimedia files. In component universe, is optional. Version 7:2.5.7-0ubuntu0.15.04.1 (vivid), package size 1144 kB, installed size 1751 kB
<histo> how is du not available
<paultag> coreutils
<histo> paultag: should be installed on his system is what I'm saying.
<paultag> Yeah, it's marked Essential
<histo> IrfanAlam_: does du work in a terminal on that system
<IrfanAlam___> anyone ?
<histo> IrfanAlam___: can you respond to the question..
<paultag> Ah, ahaha
<IrfanAlam___> I was disconnected... I didn't saw the question, can you please tell agian ?
<IrfanAlam___> histo: 4       ./.cache 1364    .
<histo> IrfanAlam___: can we keep this in one channel. du is installed but your silly web script doesn't think it's available.
<IrfanAlam___> what about zip and ffmpeg and convert ?
<histo> IrfanAlam___: you can install those if you want.  sudo apt-get install packagename
<IrfanAlam___> histo
<IrfanAlam___> I installed zip
<IrfanAlam___> but convert, Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package convert
<TJ-> IrfanAlam___: Do you mean the 'convert' program from the "imagemagick" package?
<IrfanAlam___> I don't know but it says , you see here http://167.160.171.68/nhcefiles.com/web/_h5ai/
<histo> !file convert
<histo> what happened to ubottu could you search for what package provides x
<histo> IrfanAlam___: install the imagemagick package
<IrfanAlam___> how ?
<Pici> The same way that you've installed other packages.
<histo> fml
<histo> IrfanAlam___: apt-get install packagename
<YamakasY> anyone using samba against kerberos ?
<ogra_> do you want to know who wins ?
<YamakasY> LOL
<ogra_> :)
<YamakasY> both are pigs atm :P
<ogra_> (and no, i dont, sorry)
<YamakasY> damn
<tarpman> YamakasY: what do you mean by "samba against kerberos"?
<YamakasY> tarpman: auth
<YamakasY> tarpman: any idea ?
<tarpman> YamakasY: sorry, if it's AD-related I am probably the wrong person. no experience with the MS bits
<tarpman> YamakasY: generally, ask your question, wait and see whether someone comes up with an answer
<YamakasY> tarpman: nah linux kerberos
<tarpman> YamakasY: based on a brief test, I got samba/smbclient to work with heimdal-kdc but not krb5-kdc. YMMV, I probably did something wrong. so, what was your question? :)
<YamakasY> tarpman: I can't get it auth, I get some weird error: Failed to initialize kerberos context! (Invalid argument)
<tarpman> YamakasY: that's not enough info. crank up the log level
<YamakasY> tarpman: are you calling me a crank now ?? :P
<tarpman> YamakasY: pardon me. "crank up" is an expression, means "increase"
<tarpman> YamakasY: I run "smbd -F -S -d5", or even higher, when troubleshooting
<YamakasY> tarpman: yeah, check the :P
<YamakasY> tarpman: ok saf_fetch: failed to find server for "MYDOMAIN" domain
<YamakasY> sitename_fetch: No stored sitename for MY.REALM
<tarpman> YamakasY: is it possible for you to pastebin the entire log somewhere? showing what happens when you do for example smbclient -k -L //server (with a valid ticket)
<tarpman> YamakasY: ideally in a situation where smbclient -L //server already works (without -k)
<YamakasY> tarpman: need to check, just a sec
<YamakasY> tarpman: I wonder about the workgroupname, should it be known in ldap ?
<tarpman> YamakasY: the workgroup name needs to be the same as the krb realm name (AFAIK). I don't believe ldap is relevant here (other than to the extent you need a working samba setup)
<YamakasY> tarpman: ok, but if you realm is My.DOMAIN
<YamakasY> or my.domain.local
<tarpman> YamakasY: looks like I lied and the workgroup and realm can be separate
<tarpman> (but did not actually verify)
<YamakasY> tarpman: yes they can
<YamakasY> tarpman: mhh I get no login servers, but hostnames are OK
<tarpman> YamakasY: maybe the 'password server' samba option? not sure what the exact cases are where that's needed...
<YamakasY> tarpman: that is set, it get's an IP back it says
<tarpman> sorry, since I can't see your actual setup or output I am really just throwing out random guesses :)
<YamakasY> tarpman: yeah I know
<YamakasY> no prob
<dfgass> has anoyone had issues with dropbox on 15.04?
<dfgass> i can not get a link at all
<b4tm4n> is there an accepted way to connect on boot to a vpn (openvpn)?
<histo> b4tm4n: what are you using to configure your network connection?
#ubuntu-server 2015-06-17
<nayKang> inotify-tools stop updated until 2010,is there a better tools or solution for file sync on server?
<lordievader> Good morning.
<nayKang> morning
<nayKang> in fact,it's three pm
<nayKang> in china
<lordievader> Not here ;)
<nayKang> i just google a tool named incrond seems better than inotify-tool
<histo> nayKang: how are you using inotify-tools for file sync?
<nayKang> histo:  i haven't use anything yet.just do some research
<histo> nayKang: rsync
<nayKang> en,i think would use rsync
<nayKang> how about watchman
<Walex> nayKang: unison
<nayKang> Walex: is unsion a cli program and run as services?
<a1fa> hello, i am trying to resize ext4 partition. the disk has already been extended to 200GB
<a1fa> went from 80GB to 200GB
<a1fa> Disk /dev/sda: 214.7 GB, 214748364800 bytes
<a1fa>    Device Boot      Start         End      Blocks   Id  System
<a1fa> /dev/sda1            2048   419430399   209714176   83  Linux
<a1fa> yet, df -h
<a1fa> Filesystem      Size  Used Avail Use% Mounted on
<a1fa> /dev/sda1        74G   63G  7.5G  90% /
<lordievader> a1fa: Did you forget to tell your filesystem?
<a1fa> i did resize2fs
<a1fa> it didnt care
<a1fa> well shit
<a1fa> it worked this time
<a1fa> ... odd
<a1fa> /dev/sda1       197G   63G  127G  34% /
<a1fa> it did an online resize
<jrwren> yes, online is the way to do it
<a1fa> i was doing this all offline, and it was telling me its already max size
<a1fa> i guess reboot+online resize did it
<a1fa> thanks
<jamespage> coreycb, I've uploaded keystonemiddleware, but you need to document the SRU in the bug report still
<coreycb> jamespage, ok will do, and thanks
<jamespage> coreycb, https://wiki.ubuntu.com/StableReleaseUpdates
<gtrmtx> hey guys im having a nightmare getting my network to work properly on the main server...running version 3.4 and here's what my /etc/network/interfaces and ifconfig looks like: https://pastee.org/767aq
<gtrmtx> sorry i need to clarify its proxmox version 3.4
<tarpman> hi, could a developer please look at bug 1392018 and accept/reject the sru nomination? thanks in advance
<RoyK> !proxmox
<qman__> Bot broken?
<rbasak> tarpman: accepted. Thank you for looking after this!
<tarpman> rbasak: thanks!
<RoyK> qman__: nah - just didn't know much about proxmox
<qman__> It didn't link the bug either so I wasn't sure
<RoyK> !bug 1
<ubottu> For discussion on Microsoft software, or help with same, please visit ##windows. See http://launchpad.net/distros/ubuntu/+bug/1 http://linux.oneandoneis2.org/LNW.htm and /msg ubottu equivalents
 * YamakasY is sexy
<smoser> smb, around ?
<smoser> i have some fun.
<smoser> http://paste.ubuntu.com/11731383/
 * teward pokes rbasak
<smoser> hallyn,
<smoser> you never fixed this? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603944
<smoser> hitting it now, and only do so with trusty+hwe-v
<smb> smoser, not with much attention right now... looks like the usual fun when exiting initramfs shell without some rootfs
<smoser> smb, its ^
<smoser> i think
<smoser> i think some udev event / fun has made the device busy. and we're unlucky
<hallyn> smoser: what the blazes do you mean i never fixed it.  i sent a patch, it seems.
<smoser> but you didn't put it in ubuntu.
<smoser> meaning it is still (5 years later) present
<smoser> https://bugs.launchpad.net/ubuntu/+source/multipath-tools/+bug/1429327
<smoser> cyphermox, around ?
<smoser> https://bugs.launchpad.net/ubuntu/+source/multipath-tools/+bug/1429327
<smoser> how does grub decide what root= to use ?
<gabriel-artigue> my Ubuntu Server 15.04 installation displays the terminal welcome message twice right after I enter my password; how can I correct this? thanks
<histo> gabriel-artigue: what's in your /etc/motd ?
<Demon_Jester> I am currecntly on xubuntu, and I was wondering will ubuntu server give me the option to preserve my home directory?
<sarnold> Demon_Jester: what are you wanting to do?
<Demon_Jester> I was using old hp media center as a server, and while back ubuntu server would not install so I used xubuntu, essentially I want to transfer my 1TB HDD into this dell poweredge my friend gave me.
<Demon_Jester> Instead of doing back up I was wondering if I can preserve home directory when I install ubuntu server over xubuntu.
<Demon_Jester> sarnold, sorry I forgot to include your name, my response is above.
<sarnold> why do you want to re-install?
<sarnold> why not just move the drive?
<Demon_Jester> sarnold, that won't cause any problems if I try to boot that on a different machine than it was installed on?
<sarnold> Demon_Jester: probably not, i've done it a half-dozen times over the years.. you miht need to fiddle with udev persistent-net-rules files or something similar, but it should mostly just work, assuming they are both e.g. amd64 systems
<Demon_Jester> I believe so.. ok cool I will give it a shot
<Demon_Jester> I just wanted to install ubuntu server to get rid of xubuntu
<sarnold> if you'd like the clean house, go for it..
<Demon_Jester> but if I am on more stable system I think I figured something out.
<Demon_Jester> sarnold, once again thanks. I will give it a shot
<sarnold> I've always put /home on a sepaerate partition, and It hink the installer will leave it alone if it can
<sarnold> have fun Demon_Jester :)
<histo> Demon_Jester: you could always jsut remove the xubuntu packages
<Demon_Jester> I tried but this hp media center is all kinds of mess up, if I turn on my other hp media center server it crashes the nic on the other one. Sometimes it drops the nic on its own due to some crash I can't figure out. lol
<histo> Demon_Jester: well I'd backup your /home and reinstall then if you want.
#ubuntu-server 2015-06-18
<linocisco> hi all
<linocisco> how to turn on NTP server ? if the ubuntu server lost connection to internet, as an alternate way, it should use hardware clock to update time to clients and IP Phones
<kickinz1> linocisco: hi, which release?
<linocisco> kickinz1, Linux ubuntuserver 3.16.0-30-generic #40~14.04.1-Ubuntu SMP Thu Jan 15  i686 i686 i686 GNU/Linux
<kickinz1> linocisco: ok thanks, looking.
<linocisco> http://ubuntuforums.org/showthread.php?t=862620
<linocisco> but root@ubuntuserver:/# sudo aptitude install ntpd
<linocisco> Couldn't find package "ntpd".  However, the following
<linocisco> packages contain "ntpd" in their name:
<linocisco>   cyrus-nntpd ntpdate cyrus-nntpd-2.4 openntpd
<linocisco> http://pastebin.ubuntu.com/11734249/
<lordievader> Good morning.
<kickinz1> linocisco, use openntpd
<linocisco> kickinz1, late response. I have restarted whole server and now installing new server fresh
<linocisco> kickinz1, thanks anyway
<kickinz1> linocisco, you must have missed my message from more than 2 hours about using openntpd...
<kickinz1> linocisco, 5:44 UTC: <kickinz1> linocisco, you can install openntpd ntp server, and set it to listen on the desired local addresses.
<linocisco> kickinz1, i m sorry I didn't see it. may be my network card slept
<kickinz1> linocisco, I hope you will find your way.
<linocisco> kickinz1, thinking so
<linocisco> hi all
<linocisco> my wget never works behind wpad proxy with authentication. I tried many manuals and referece on internet
<linocisco> ubuntu server is behind wpad proxy. I can create apt.conf and put some entries for http and apt proxy entries so apt-get commands work but wget never works
<kickinz1> linocisco, did you try to customize wgetrc?
<linocisco> kickinz1, how?
<linocisco> kickinz1, now i got another problem. I changed from DHCP to static ip for eth0. and nslookup doesnt work
<kickinz1> linocisco, did you add a nameserver entry to your static config?
<linocisco> kickinz1, I put nameserver x.x.x.x
<linocisco> kickinz1, also under /etc/resolv.conf
<linocisco> kickinz1, got it now
<kickinz1> linocisco, wget: you need to create a .wgetrc file in your user directory then look here http://www.gnu.org/software/wget/manual/html_node/Proxies.html
<linocisco> kickinz1, Error parsing proxy URL http://username:password@host:8080: Bad port number.
<linocisco> kickinz1, when I tried to set under /etc/wgetrc
<kickinz1> linocisco, you must adjust to your wpad proxy settings,
<TJ-> Do we have a way to serialise LVM LV mirror re-syncs where a single VG is resyncing several LVs simultaneously - so I/O is focused on a single LV at a time rather than scattered across all resyncing LVs?
<OpenTokix> TJ-: What would be the benefit of that?
<TJ-> OpenTokix: increasing the I/O throughout so the disks spend less time seeking and more time reading/writing
<OpenTokix> TJ-: you assume each LV is a sequenial block?
<OpenTokix> TJ-: that is a wrong assumption
<TJ-> OpenTokix: I *know* which extents on which physical devices are assigned so I *know*  they are sequential. Anyhow, it improved I/O thoughput from 28MB/s to 100MB/s
<TJ-> I had to invert my thinking - instead of trying to serialise all the resyncing LVs it just required de-activating all but one resyncing LV ("lvchange -an VG/LV)
<Fenikkusu> Does anyone know either where to ask or what the answer is for: What is the max HDD size the Dell PowerEdge 2950 supports and the max total size supported?
<jamespage> hallyn, do you think it would be feasible to have an alternative for libtool-bin for the qemu package to make backporting to trusty a bit easier? wily qemu needs a delta right now
<hallyn> jamespage: you mean in qemu's debian/control have a different pkg than libtool-bin in build-deps, on trusty only?
<hallyn> if so what would you want in its place?
<jamespage> hallyn, not quite sure - trying to figure that out
<jamespage> hallyn, it would be a libtool-bin | xxx type thing
<hallyn> the delta right now what exactly?
<jamespage> I know its a delta - I've just not fixed it yet :-)
<hallyn> i misse da word - the delta right now *is* what exactly?
<hallyn> oh you mean you dont' have one yet, got it
<jpds> Fenikkusu: Wouldn't you be better off asking Dell?
<hallyn> i see, libtool-bin doesn't exist at all :)
<hallyn> jamespage: anyway, debian/control is built by debian/rules, so we can actually process it if you like
<hallyn> (from debian/contorl-in)
<Fenikkusu> jpds, I would be glad too if I could find a channel to do so in.
<hallyn> jdstrand: do you have any objection to doing what is in the last comment at https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1342083 ?
<jdstrand> hallyn: the owner @{PROC}/[0-9]*/fd/* r, rule breaks vm isolation and will cms to read fds from other vms
<jdstrand> s/cms/allow vms/
<jdstrand> hallyn: based on the denial, it seems that 'owner @{PROC}/[0-9]*/fd/ r,' is what is actually needed, not 'owner @{PROC}/[0-9]*/fd/* r,'
<jdstrand> hallyn: '@{PROC}/[0-9]*/fd/ r,' would be ok
<hallyn> so i wonder whether '@{PROC}/self/fd/ ' would suffice
<jdstrand> hallyn: I somewhat wonder if only pt_chown would suffice
<jdstrand> hallyn: reason being, the fd/* rule shouldn't have helped anything, and if the user added pt_chown maybe the fd rule isn't needed at all
<jdstrand> but the ordering of the denials suggests it is needed
<hallyn> zul: i gather yo'uve not had time to track down the failures in libvirt 1.2.16 ?
<zul> hallyn,  not yet...tomorrow hopefully
<hallyn> ok
<hallyn> jdstrand: thanks
<hallyn> (asked the submitter to verify whether htat suffices)
<hallyn> zul: if you do get it fixed an dif we hear back about it, it might be worth adding the fix for bug 1342083 to 1.2.16-0ubuntu1 as well
<zul> ack
<jak2000> if i mount a windows share: sudo mount -t cifs //132.1.5.240/Sistemas /mnt/share/svr242/ -o username=administrador,password=Jmasc3186   how to unmount?
<Fenikkusu> Does anyone have any suggestions on a good computer to use as a home server? Rack mount if possible, so I can get it under a desk or something?
<teward> Fenikkusu: without use case we can't give any suggestions
<teward> like what would go on that
<Fenikkusu> teward, I'm trying to build a home NAS/Media Server. Right now I have a HP Compaq 6005 USDT that works fine, but only has one SATA port on it, so it will be tricky to update in the future. I'm just looking for a computer that I can fit under a desk and/or couch (I can deal easily enough with air flow) that doesn't suck up power and doesn't sound like a jet all the time.
<bearface> most rackmounts with stock fans sound like a jet
<teward> ^
<OpenTokix> Fenikkusu: just buy a NAS-box
<lordievader> Fenikkusu: Or build a desktop with server hardware.
<Fenikkusu> lordievader, I don't think the overall hardware matters. I'm more looking for a cheap, quite, compaq option
<b4tm4n> so, according to docs, to get openvpn to start on boot, you can modify /etc/openvpn/default at set an AUTOSTART parameter.  I tried this and it worked (or so it seemed).  Because now, even with all AUTOSTART lines commented, the vpn connects on boot.  How do I disable it?
<danofsatx> Does anyone have a favored torrent tracker package for Ubuntu servers?
<sarnold_> rtorrent is tolerable via shell
<tarpman> rtorrent++
<tarpman> there's also transmission-cli, which iirc contains a web interface as well as the cli
<danofsatx> that is compareable to opentracker?
<sarnold_> I
<sarnold_> I'm no torrent expert, I might not know quite wha tyou're looking for :)
<danofsatx> I'm not either. I was asked to step in to a volunteer torrent project today to help distribute some open source software, and we need torrent trackers set up to handle the effort.
<sarnold_> danofsatx: aha, then rtorrent is not going to be what you need. it might be part of it.. or might not.
<sarnold_> danofsatx: hmm, I'm having trouble getting to their websites.. take a look at suse's mirrorbrain, it might be useful, I remember thinking it looked neat when i read about it a few months ago
<danofsatx> yeah, it's part of it. I knew rtorrent was a torrent client, but I didn't know if it provided a tracker server also
<danofsatx> mirrorbrain appears to be the equivalent of the Fedora Project's MirrorManager - it doesn't do torrents, though.
<sarnold_> hm. Bummer. I thought it did :(
#ubuntu-server 2015-06-19
<SpamapS> smoser: hey, remember pbput/pbget ? They're borken now
<SpamapS> smoser: pastebin.com revoked the keys
<smoser> SpamapS, oh. that sucks. that is kirkland .
<SpamapS> smoser: Oh you were just the one who showed it to me. ;)
<SpamapS> and it just failed me, ;)
<smoser> i use https://gist.github.com/smoser/7647304/
<SpamapS> but works if you make your own api key
<smoser> i use that a lot. not perfect.
<SpamapS> smoser: I had a crazy idea which was to just use bitcoin. ;)
<smoser> bitcoin ?
<smoser> (i'm not really here.)
<SpamapS> the memo field is rather large, and you can spend about one one millionth of a penny
<SpamapS> smoser: distributed hash table that anybody can fetch and verify cryptographically
<SpamapS> err hash chain
<SpamapS> not table
<a|3x> hi, i have this problem with ufw, it gets switched off by itself occasionally, even after i do ufw enable
<a|3x> any thoughts?
<a|3x> ufw status shows "Status: inactive" again after a few days
<smoser> SpamapS, i think pbput/pbget is actually sit atop pastebinit
<smoser> but maybe i'm wrong.
<lifeless> whats pbput/pbget?
<SpamapS> lifeless: uuencodes a file and puts to pastebin
<SpamapS> pastebinit rather
<SpamapS> lifeless: and then reverses that too
<SpamapS> rather handy for "I have this binary blob and I want to give it to you"
<lifeless> ah
<b4tm4n> is there something wrong with the following:
<b4tm4n> ip rule add from 172.16.0.0/24 table vpn
<b4tm4n> ip route add 0.0.0.0/0 dev tun0 table vpn
<b4tm4n> i'm trying to route traffic from behind a router through a vpn
<DenBeiren> morning
<DenBeiren> i'm using rsync to transfer large amounts of data from one server to a synology
<DenBeiren> transferspeed is a bit dissapointing
<DenBeiren> 25-30 MB/s
<DenBeiren> both machines have dual GB nics in a bond
<linocisco> hi all, NTP.conf settings work under proxy with authentication ? because apt-get install ddoesn't work unless proxy config settings under apt.conf manuually
<kickinz1> linocisco, you need to check if your firewall let ntp packets from your server to go through.
<linocisco> kickinz1, i have no access to firewall. how can I check from client if my firewall blocked it
<linocisco> ?
<kickinz1> linocisco, try sudo ntpdate pool.ntp.org
<linocisco> kickinz1,
<linocisco> root@ubuntuserver14:/# sudo ntpdate pool.ntp.org
<linocisco> 19 Jun 13:13:18 ntpdate[1547]: the NTP socket is in use, exiting
<kickinz1> nslookup pool.ntp.org?
<linocisco> kickinz1, http://pastebin.ubuntu.com/11738951/
<kickinz1> linocisco, so it seems you can reach out external ntp servers.
<linocisco> kickinz1, reading this http://ubuntuforums.org/showthread.php?t=862620, "If the 'delay', 'offset', and 'jitter' fields are non-zero and you haven't synchronized, it probably means that you just need to wait a while. Check again that you've inserted the 'iburst' argument to your servers list! My peers, for reference, look something like the following:
<linocisco> "
<kickinz1> linocisco, from ntpq doc (http://doc.ntp.org/4.2.4/ntpq.html), peers
<kickinz1>     Obtains a current list peers of the server, along with a summary of each peer's state. Summary information includes the address of the remote peer, the reference ID (0.0.0.0 if this is unknown), the stratum of the remote peer, the type of the peer (local, unicast, multicast or broadcast), when the last packet was received, the polling interval, in seconds, the reachability register, in octal, and the current estimated delay, offset and
<kickinz1> dispersion of the peer, all in milliseconds. The character at the left margin of each line shows the synchronization status of the association and is a valuable diagnostic tool. The encoding and meaning of this character, called the tally code, is given later in this page.
<kickinz1> linocisco, and a pastebin from a just installed ntp, 3 ntpq command issued with some seconds in between, first just after installing ntp: http://pastebin.ubuntu.com/11739000/
<KlausedSource> hello guys, i have issues with virtualenv/pip on my new ubuntu 14.04 vps. I wanted to install django-cms in a virtual env (everything without sudo). While most modules installed without problems, PIP complains about missing permission on some others.
<KlausedSource> How is this possible?
<KlausedSource> no one?
<kickinz1> linocisco, in the ntpq doc, look at the tally codes
<linocisco> kickinz1, yes.
<lordievader> Good morning.
<linocisco> silient whisper
<linocisco> silent whisper
<RoyK> (resilient whisper)
<kickinz1> sudo snappy list
<rbasak> paultag: hey. Got a report (https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1459916) that the docker daemon doesn't start automatically after installation. Before I look further, is this intended behaviour?
<rbasak> (this is for 1.5.0 I think, but we're bumping to 1.6.2 soon. I haven't checked if it still applies yet)
<kickinz1> rbazak: usual behavior seems to be docker-daemon start after install (trusty and utopic previous version did like that).
<rbasak> kickinz1: thanks. In that case, could you look into the bug please?
<kickinz1> rbasak, yes, this one an the one about using lxc engine.
<rbasak> kickinz1: it might well end up invalid if the reporter has made some local changes previously or something. But it's be nice to conclude that, or conclude it's Incomplete, etc.
<b4tm4n> is the best way to get modules to persist a reboot to add them to /etc/modules - i'm seeing varying answers and want to confirm
<rbasak> teward: draft email to release team: http://pad.ubuntu.com/nginx-1-9
<rbasak> teward: please can you review and check for accuracy?
<rbasak> teward: I wrote it directly from my understanding so it could be wrong.
<BTJustice> I am kicking around the idea of making a Ubuntu Server file server.  It would have to have the ability to be controlled by a Windows Server.  I want to be able for the Ubuntu Server to create user folders for Documents, Pictures, Videos, etc. and not to be accessed by any other user other than the account the folders are for.  Does Ubuntu Server have a way of knowing if the user changes their Windows password and updates it on the Ubuntu Serve
<BTJustice> r?
<jrwren> BTJustice: https://help.ubuntu.com/12.04/serverguide/windows-networking.html
<BTJustice> jrwren: Reading it now thanks.  I guess my biggest question is can the Windows Server (used to administer the workstations) have the ability to upidate the users/passwords used on the Ubuntu File Server?
<jrwren> BTJustice: the answer is: it depends.
<slowe> Hello all, I'm trying to use VLAN interfaces on 14.04.2 and seeing some weird behaviors. Are there are known caveats of which I should be aware?
<slowe> Sorry, I meant to say are there *any* known caveats of which I should be aware?
<bekks> slowe: Which "weird behaviors"?
<slowe> bekks: HostA (with VLAN interface on VLAN 3) can't ping HostB (also with VLAN interface on VLAN 3), but HostB *can* ping HostA.
<slowe> bekks: Also, I'm not seeing an ARP table entry on HostB for HostA, whereas on HostA I see an "incomplete" entry for HostB.
<bekks> How did you configure the "VLAN interfaces"?
<slowe> bekks: I'm using multiple ifcfg-* files in /etc/network/interfaces.d (with an appropriate "source /etc/network/interfaces.d/*" line in /etc/network/interfaces
<slowe> bekks: There is an ifcfg-p55p1 for the physical interface, with no IP address assigned (inet manual)
<bekks> slowe: Whats the output of "cat /etc/issue"?
<slowe> bekks: Then there is an ifcfg-p55p1.3 for the VLAN 3 interface, with a static address assigned
<slowe> bekks: The output is Ubuntu 14.04.2 LTS
<bekks> slowe: Can you show us your config files?
<slowe> VLAN interface config files, physical interface config file, or both?
<bekks> both, ideally.
<slowe> bekks: Sure, one minute...
<slowe> bekks: Here are the configuration files for host201, one of the two hosts in question: http://pastebin.com/CB7Q6Gi1
<slowe> bekks: Here are the configuration files from host202: http://pastebin.com/KAnCdPQf
<bekks> slowe: Did you try to use the line "vlan-raw-device p55p1" in the /etc/network/interfaces.d/ifcfg-p55p1.3 file?
<slowe> bekks: The "vlan" package is installed on both systems, the 802.1q module is loaded on both systems, and the network interfaces to which they are connected are identically configured.
<slowe> bekks: I have not added the "vlan-raw-device" to the configuration files as it was my understanding it was optional. Let me try that.
<slowe> bekks: I've added that line to both servers, restarted the interface, and still get the same results.
<slowe> bekks: Are the interface configurations cached anywhere?
<bekks> firewalls and stuff is disabled?
<slowe> bekks: Yes, firewall is disabled.
<bekks> And the switch configuration is doublechecked as well?
<slowe> bekks: The 2 switch ports to which these servers are connected are identically configured.
<slowe> bekks: If there is a switch configuration issue, it doesn't explain the asymmetric connectivity (host202 being able to reach host201 but not vice versa)
<slowe> Are the network configurations cached somewhere? I'm seeing that using "initctl restart network-interface" vs. "ifdown; ifup" is producing different results from the same configuration files.
<bekks> Which different results?
<slowe> bekks: With "initctl", I'm not seeing the VLAN interface at all, and p55p1 is getting assigned an IP address (the address that's supposed to be on the VLAN interface).
<slowe> bekks: When I run "initctl start network-interface" for the VLAN interface, it also gets the assigned IP address, meaning both the physical interface and the VLAN interface are getting the same address. Odd.
<slowe> bekks: I need to step away for a meeting. I'll check back in later. Thanks for your help so far.
<mfisch> zul: will you guys be enabling keystone wsgi by default this cycle since eventlet is deprecated?
<zul> mfisch,  not sure yet...possibly
<mfisch> zul: puppet carries a copy of httpd/keystone.py because its not packaged so I was curious
<mfisch> if that changes I'd like to remove the puppet forked copy
<mfisch> its annoying to update and gets stale
<zul> mfisch: still not sure yet...i havent been doing much packaging the past couple of weeks (been working on other things)
<mfisch> okay thanks
#ubuntu-server 2015-06-20
<major_majors> i'm in the middle of an Ubuntu server install. i've set up a software RAID 10 with 3 LVM volumes on top: /, /home, and swap. now i'm at the stage where it's asking me where i'd like to install GRUB and i'm lost. where should GRUB go in this configuration?
<nezZario> What kernel should I have running trusty?
<nezZario> I have 3.13.0.-55-generic
<nezZario> I have no clue what horrific things someone did to this server
<sarnold> nezZario: that looks about right, seven hours ago 3.13.0-55.94 was released
<sarnold> I'm not sure how the minor versions will appear in uname -a output, probably only dpkg -l output will have the 55.94 bit
<nezZario> might make you laugh - very sleep deprived, meant to type "sudo chmod" and somehow typed chudo sumod (seriously)
<nezZario> thanks sarnold, i'm going to sleep. =)
<sarnold> nezZario: hah, that's awesome ;)
<sarnold> nezZario: yeah, time to step away from the keyboard :) have a good night, nice weekend :)
<Norbin> hello
<Norbin> running latest ubuntu server through hyperv, the terminal window bugs on me, it finishes loading and then nothing responds, i can't type anything
<Norbin> i was told to change the resolution via the grub config file which i did - tried different color depths/res codes
<Norbin> but same issue persists
<Norbin> i even reinstalled
<Norbin> http://i.imgur.com/aCqYqhs.png
<Norbin> this is what i see
<sarnold> Norbin: I wonder if you turn off lightdm service if you'd get to a nice getty prompt or not
<Norbin> shall i try it? via recovery?
<Norbin> since i can't really do anything on the actual terminal
<Norbin> only way i can 'do' something is via recovery / as root
<Norbin> i think so at least, not a linux expert :)
<Norbin> annnnd it works, did absulotely nothing but reinstalled for the 3rd time
<RoyK> Norbin: http://askubuntu.com/questions/384602/ubuntu-hyper-v-guest-display-resolution <-- something like that?
<RoyK> Norbin: I used to admin hyper-v and it was a PITA with ubuntu, this was v1, though, so hopefully better now
<LeMike> hello. I am doing a rsnapshot and want to have the date in the log. unfortunately the log always shows "/bin/date +%F" instead of the real date. how can I have the real date logged instead of the command? would you just append the output?
<lordievader> Hello
<LeMike> damn. my rsnapshot commands generate empty directories like "unused0" ... how do I avoid that?
<jpds> LeMike: Real date as in "date -R"?
<LeMike> any kind of date jpds. even `/bin/date` would be listed in the log but not it's output
<jpds> LeMike: Wait, is this a script you wrote around rsnapshot?
<LeMike> nope. I do `backup_script  /bin/date +"backup started at %F"` and the command is written in the rsnapshot.log instead of it's output. I like to have the output logged or some kind of "started at 2015-06-20" in the log
<jpds> LeMike: So, why do you need that?
<LeMike> to put those two lines in another script that will monitor the backups. jpds
<jpds> LeMike: You can't read the cron output from syslog?
<LeMike> Dunno. Can I?
<jpds> LeMike: Well, cron logs every command to /var/log/syslog with a timestamp already.
<LeMike> jpds:  `grep rsnapshot /var/log/syslog` is empty :/
<jpds> LeMike: Do you run rsnapshot with cron?
<jpds> LeMike: Also, you know that you can have the monitor check the timestamp of the last backup directory?
<LeMike> yes rsnapshot runs via cron for three days now, jpds. the timestamp would not help, as I need to monitor the duration of every backup.
<jpds> LeMike: This is on a centos box but:
<jpds> 2015-06-18T21:00:01.174637+00:00 backup CROND[27783]: (backup) CMD (/usr/bin/rsnapshot hourly)
<jpds> 2015-06-18T21:00:52.106269+00:00 backup rsnapshot[27830]: /usr/bin/rsnapshot hourly: completed successfully
<jpds>  /var/log/cron and /var/log/messages on centos.
<LeMike> those files are not there :/
<jpds> LeMike: Yeah, not on Ubuntu, they're both in syslog.
<LeMike> syslog does not have it. seems like the information will be lost there after some hours/days/lines. I need to have it persistent in the rsnapshot.log (which is in the backup) but with the proper date.
<drAvanti> hello all,
<drAvanti> can someone pls help me with info: I want to setup and ubuntu box as a file server, however I dont now if there is a gui app that can help manage users, their rights, inheritance and root folders, etc
<RoyK> drAvanti: there are some, but generally not very good. you don't need to learn a whole lot to do it from the commandline, and you'll do it better and faster that way, and you'll end up understanding what really happens
<RoyK> drAvanti: there are things like webmin (DON'T USE IT) and others, but still, better do it manually
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<drAvanti> @Royk thanks for the info. But in a case where I would like a user to administer the server....add new users, create new folders, etc thats why I asked for a good gui
<RoyK> drAvanti: how many users?
<drAvanti> except if it can be done via a web browser.
<drAvanti> like 60users
<RoyK> !ebox
<ubottu> zentyal is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/Zentyal (Project formally known as eBox - including in Lucid/10.04).
<RoyK> oh, it's zentyal now...
<drAvanti> k, thanks, ill check it out
<RoyK> drAvanti: looks like http://ajenti.org/ is mentioned also
<drAvanti> this zentyal looks commercial
<RoyK> mhm - it was in ubuntu earlier - I don't quite follow these things
<RoyK> ajenti is GPL, though, and on github
<RoyK> https://www.digitalocean.com/community/tutorials/how-to-install-zentyal-on-ubuntu-14-04
<trippeh> 64bit Ubuntu 15.04 boots in <1s and uses a whopping 20MB of RAM with sshd and some ntp running
<trippeh> fairly minimal install based on Ubuntu Core (apt-get edition) though, but still impressive.
<RoyK> trippeh: systemd is doing its tricks, like with windows bootup, you get the login prompt before other things are started
<trippeh> according to logs, its still within 1s
<RoyK> you can see that on centos/rhel7 where you may have to wait a minute after the login prompt shows up, until you can ssh in
<trippeh> also, not in container, but full vm with vga, bios etc.
<RoyK> but then, centls/rhel sucks imho
<trippeh> so that 20MB includes kernel
<RoyK> I beleive so
<RoyK> you'll probably need around 80MB for the whole boot, though, to unpack the initrd
<RoyK> or you can strip down the initrd to only modules you use by setting MODULES=dep in /etc/initramfs-tools/initramfs.conf
<trippeh>             3400720             8197120  58.5% initrd.img-4.0.0-1
<RoyK> that's small
<trippeh> oh, yeah, not ubuntu kernel, but I doubt that changes much besides initrd/vmlinuz size
<trippeh> most of the initrd and extra vmlinuz stuff is discarded after use, though
<RoyK> last I tried to boot debian on low memory, I came down to 56MB - lower than that just crashed
<RoyK> yep...
<RoyK> so don't use the standard initramfs for small systems ;)
 * trippeh tests with modules=dep
<trippeh> well that broke boot ;)
<RoyK> hehe
 * RoyK wonders why
<trippeh> no wait, it came up, but something is wonky
<trippeh> there we go
<trippeh> virt bios is slowing the boot down ;)
<RoyK> hehe
<RoyK> kvm?
<trippeh> yeah
<RoyK> setting up 1504 in a kvm vm myself...
<RoyK> (storage backend 7x2TB in RAIDz2)
<trippeh> getting drm up takes like 0.1s too
<RoyK> drm?
<trippeh> I'm running off some NVMe storage. 450k iops :-)
<trippeh> "graphics"
<RoyK> ah
<RoyK> I have a home server I use for this sort of things ;)
<RoyK> that is - for everything
<RoyK> cheap thing with 16 gigs of RAM and a bunch of drives
<trippeh> could kill the graphics, hmm. kvm supports serial console ;)
<RoyK> hehe
<RoyK> we've been looking at Natinux at work for some stuff
<RoyK> seems rather impressive
<trippeh> link?
<trippeh> I made systemd verbose but the frame rate is too low to show any of it, not even a flicker usually
<RoyK> trippeh: typo http://www.nutanix.com/
<RoyK> trippeh: after booting up, +/- buffers/cache tells me 56MB is used, only sshd installed
<RoyK> and bootup is about the same as debian jessie
<RoyK> bootup time
<RoyK> pretty much the same, though, both systemd etc
<trippeh> http://pastebin.com/raw.php?i=MnG5rPHs
<RoyK> nice
<RoyK> I'll have to test that when our openstack cluster comes up
<trippeh> with this much ram, 64bit is important! ;)
<RoyK> I need about 1k VMs for stresstesting things :)
<RoyK> HAHA
<trippeh> I feel very retro adding 64MB of swap
<RoyK> :)
<trippeh> the 1+ GB/s disk I/O is very not retro though
<RoyK> hehe
<RoyK> I remember once I started playing with linux back in '94, I was amazed it could handle 1MB/s if I setup DMA correctly
<trippeh> seems systemd likes to have at least 64MB system memory, or else journald gets sad
<trippeh> bloat!!
<trippeh> ;)
<trippeh> even though its not really using it
<jelly> not knowing what happened when your system ran out of RAM is more problematic than allocating a bit in advance
<trippeh> jelly: sure, I'm just goofing around
<RoyK> jelly: not knowing how much memory your system really needs is worse ;)
<RoyK> jelly: and since most things are virtualised these days, memory is usually the bottleneck on the host machines, not CPU, so you really *do* want to know if this or that VM can run on 256MB or if it needs 4GB
<trippeh> [    1.243431] tsc: Refined TSC clocksource calibration: 3499.940 MHz
<trippeh> [ 8783.366555] random: nonblocking pool is initialized
<trippeh> that took a while :P
<trippeh> RoyK: bootloader handoff to login in 0.4s :)
<trippeh> didnt need all those "usb controllers" ;)
<RoyK> hehe
<trippeh> now if I could just boot KVM without BIOS emulation
<trippeh> spends like half a second in there ;)
<trippeh> hmm. maybe ovmf is faster
<trippeh> (uefi firmware for kvm)
<RoyK> I beleive you can - there are choices for direct boot
<RoyK> but then you can't upgrade the kernel from the guest
<trippeh> or the initramfs, looks like
<trippeh> may be possible to load grub directly perhaps, like grub2 pv xen mode
<trippeh> ah, it is. bunch of ceveats tho
<RoyK> trippeh: guess you'll have to live with that awful 400ms delay - sorry about it
<RoyK> trippeh: imagine the productivity cost, worldwide, if every reboot was 400ms shorter!
<trippeh> ;-)
<RoyK> thinking like an economist on bad drugs is sometimes rather fun ;)
<trippeh> I'm going to need a separate non-virtio /boot looks like
<RoyK> that shouldn't be a problem, though
<RoyK> just an ext2 fs or something
<trippeh> thats fine for this "experiment", but bit of a kludge otherwise
<RoyK> perhaps a new standard comes up one day to do it better - but again - but you know how it goes ... https://xkcd.com/927/
<trippeh> plz someone just commit virtio support to grub2 ;)
<trippeh> it supports "everything" already so whats one more thing! ;)
<RoyK> trippeh: perhaps try #grub ;)
<LeMike> err. do I need to do a daily backup before rsnapshot weekly ? I mean on the same day
<Edtoast_46> hi
#ubuntu-server 2015-06-21
<jwhitmore> been reading up on LDAP and struggling to find where to setup access. There's a load of info out there on schema setup but I only want the LDAP server to be local to 127.0.0.1 and use it for Bugzillia access and a web app. Is that set using RTC or in a config file?
<maxb> It sounds like you're talking about what socket address to listen on, not anything to do with access control
<maxb> You probably want to look at the -h option in the slapd manpage, and the SLAPD_SERVICES setting in /etc/default/slapd
<jwhitmore> So that configuration option lives in the file /etc/ldap/ldap.conf and not a part of RTC
<jwhitmore> got it URI in /etc/ldap/ldap.conf
<jwhitmore> well I think
<jwhitmore> nope that didn't restrict it
<jwhitmore> Man this is a pain. How hard can it be to restrict LDAP to the local machine.
<cloudman> Hi guys, how come I am getting securty updates and nothing about it on the security update page?
<cloudman> also getting them before anything is posted anyway
<bitbyte> 4+5+8 = 203247
<bitbyte> 6+7+3 = 421853
<bitbyte> 9+8+7 = 7263127
<bitbyte> 9+9+9 =
<octocpp> Anyone been able to suspend to ram on a poweredge 2950 server or equiv?
<bekks> octocpp: What do we need to do to win a price in your poll? :)
<octocpp> i can systemctl suspend, but the fans still keep running.
<octocpp> bekks: my poll?
<bekks> octocpp: "Anyone..." is the introdcution of a poll ;)
<bekks> octocpp: So which Ubuntu do you run?
<octocpp> ahh, I see what you mean now.
<octocpp> 14
<octocpp> 14.1 actually
<bekks> Do you mean 14.10?
<octocpp> ops yea, I like to truncatelol
<octocpp> its not really a systemd question though
<octocpp> just wondering if a poweredge server is capable of suspend
<bekks> Yes, they are.
<octocpp> or does the board managment controler keep all of the fans going and stuff?
<bekks> I dont see a reason for suspending a server, but technically, they are.
<octocpp> it is here at home
<octocpp> rather than waiting for it to run through the huge post, it would be nice to just wol, boomshakalaka
<octocpp> i wonder if it did an s1 rather  than an s3?
<octocpp> my samba shares  cut off, so i think it sort of suspended
<octocpp> but fans continued like normal
<octocpp> I didnt see anyting in the bios pertaning to suspend either. Is there usually? perhaps i missed it ?
<devil_> what could be a reason, why fail2ban.log would not pick up entries from auth.log and others? it only has the usual INFO stuff about the jails. this is 14.04.2
#ubuntu-server 2016-06-20
<codepython777> I've to provision 10 bare metal servers - what is a good way to do this, apart from installing by hand and then running a install script for installing what i need.
<vbotka> codepython777, you might want to take a look at ansible
<vbotka> https://launchpad.net/~ansible/+archive/ubuntu/ansible
<vbotka> https://launchpad.net/~ansible/+archive/ubuntu/ansible
<jak2000> vbotka know about sshkeys?
<codepython777> vbotka: I am using ansible - but I need an easy way to apt-get ansible and then run the playbook - assuming i have baremetal
<mowthegrass> trying to install 12.04, after system installation i can only see memtest in grub
<mowthegrass> any idea why ?
<frickler> jamespage: coreycb: can we still get python-keystoneauth1=2.4.1 into xenial? it was in yakkety for a short time, but has been superseded there by 2.7.0. the latter probably is too new for mitaka, though
<coreycb> frickler, we likely can if there are some high priority bug fixes
<jamespage> coreycb, tbh if its a point release ontop of 2.4, we can push it through under the micro release exception that the SRU team can grant whenever now
<coreycb> jamespage, yes
<coreycb> jamespage, frickler: we'll work on that
<frickler> ah, I already had a bug open for it: https://bugs.launchpad.net/ubuntu/xenial/+source/python-keystoneauth1/+bug/1586900
<ubottu> Launchpad bug 1586900 in python-keystoneauth1 (Ubuntu Xenial) "[SRU] keystoneauth1 2.4.1 for Xenial/Mitaka" [Medium,Triaged]
<coreycb> frickler, thanks!
<jayjo_> Is there a way to validate json documents in the command line?
<jamespage> ddellav, coreycb, cargonza-holiday: made the decision to move OpenStack things to https://wiki.ubuntu.com/OpenStack
<jamespage> from out of ServerTeam
<coreycb> jamespage, seems like a better place these days
<coreycb> jamespage, what ever happened to the 36 months of support for LTS+2 release?  is that still happening?
<skylite> im trying to use pv remotely like this> ssh user@host "pv dump.sql | mysql -u -p" but the pv progress bar does not show up. How can I see it?
<jrwren> skylite: add -t to ssh command to allocated a tty.
<jrwren> err, to allocate a tty
<skylite> jrwren brilliant thx
<jayjo_> my ec2 instance has begun running very slow. I tried stopping and starting it in case it was an issue of the host... are there some easy checks to see what's going on?
<patdk-wk> vmstat, iostat
<frickler> has anyone seen this error? http://paste.ubuntu.com/17597189/ I'm getting similar errors if I try to do tab completion on a systemctl command
<coreycb> ddellav, jamespage: ci update: nova newton - patches dropped/rebased, neutron mitaka - opened bug/patched out new test that landed and is failing, aodh mitaka - updated to install new aodh-data-migration tool, designate liberty - uploaded dh-python != fix to wily review queue
<kirkland> hggdh: hrm, that's really weird!  it is completely GPLv3...
<kirkland> hggdh: I have not idea...
<hggdh> kirkland: yeah. But gnome-software center thinks otherwise :-)
<kirkland> hggdh: I have no idea why;  if someone figures out why, I'm happy to go and fix it :-)
<hggdh> heh
<coreycb> beisner, nova 2:13.0.0-0ubuntu5~cloud0 is ready to promote to xenial-proposed
<coreycb> that is, mitaka-proposed
<beisner> hi coreycb, promoted nova 13.0.0-0ubuntu5~cloud0 -> mitaka-proposed re: bug 1576093
<ubottu> bug 1576093 in Ubuntu Cloud Archive "[SRU] block migration fail with libvirt since version 1.2.17" [Undecided,New] https://launchpad.net/bugs/1576093
<coreycb> beisner, thanks sir
<beisner> coreycb, yw sir
<Impaloo> Anyone uses ruby-switch(1) here?
<codepython777>  I've to provision 10 bare metal servers - what is a good way to do this, apart from installing by hand and then running a install script for installing what i need.
<ikonia> presseed ?
<ikonia> preseed
<codepython777> ikonia: is there something better than pxe, preseed, ...or anything that is not 20 years old and painful to use?
<ikonia> whats wrong with pxe and preseed ?
<ikonia> you can use it with image based deployment too
<codepython777> ikonia: is there an easier way? I've not used them, but the way they are designed looks ... not nice
<ikonia> codepython777: they are really really easy to use
<ikonia> doesn't take long to setup
<codepython777> ikonia: in preseed, can i use my own ansible playbook - to play at the end?
<ikonia> codepython777: sure thing
<ikonia> codepython777: once the box comes up and deploys just run the playbook
<ikonia> codepython777: you could even put that in as a "post" script
<codepython777> cool
<codepython777> Let me try preseed
<ikonia> first few times, you'll screw it up
<ikonia> don't worry about it
<ikonia> once you click with it, you'll fly
<jrwren> codepython777: maas is very good and open source.
<jrwren> codepython777: http://maas.io
<ikonia> you like maas ?
<jrwren> its come a long way ;]
<ikonia> no doubt, it just still feels immature and lacking features
<jrwren> what kind of features?
<jrwren> i use it for a specific case, it works well for my case. I can see how it may not work well for other cases.
<ikonia> so for example how it doesn't depend on the underlying platform technology it does it's "own" thing
<ikonia> I may give the current version a try
<ikonia> I just don't see what it has over say foreman
<jrwren> i'm not sure what that means.
<jrwren> it does depend on "underlything platform technology" afaict. Being a string of words, we might expect different things from "underlyhing platform technology"
<ikonia> maybe it's time to give it another try and see where it is "now"
<ikonia> is it still run by canonical ?
<jrwren> it looks very similar to foreman to me. I've not played with theforeman. Maybe I should.
<jrwren> yes, it is still run by canonical
<ikonia> foreman does physical/virtual has plugins for providers such as dhcp providers, dns providers etc etc
<ikonia> I'll give maas a spin now with the current build
<codepython777> checking out mass
<codepython777> jrwren: In my case, I will have to provision one machine with mass, and then PXE boot the 10 machines?
<ikonia> think of mass as a manger/wrapper for pxe in your example
<ikonia> once the machines are booted maas can be used to manage them
<jrwren> codepython777: yes.
<codepython777> jrwren: what is a good place to get suport on mass? (mailing list? here?)
<jrwren> codepython777: askubuntu, #maas
<mowthegrass> Hello , Has anyone tried to set grub password on 12.04. I need some help. I did set up superuser to /etc/grub.d/40_custom however the system on its boot just drops to an shell where user manually
<mowthegrass> needs to enter the password to boot
<Xin> type in
<Xin> iamrediculous
<mowthegrass> while trying to add --unrestricted as menuentry argument it just boots to memtest
<mowthegrass> i did try out the solution provided by Alain Regura (http://askubuntu.com/questions/499264/how-to-set-up-grub2-password-in-an-easy-way) it works well for 14.04
<mowthegrass> but not on 12.04
<rattking> yeah the grub password behaviour completely changed between 12.04 and 14.04 :(
<mowthegrass> rattking:documentation on them are not very clear https://help.ubuntu.com/community/Grub2/Passwords
<mowthegrass> while i try to user --users in 12.04  every reboot i just need to take up a console and manually type in username/password to boot the system
<mowthegrass> TIMEOUT in /etc/default/grub just ticks down and then drops to shell where i need to just enter the passord to boot the system
#ubuntu-server 2016-06-21
<jrwren> i just had the kswapd0 process using high CPU usage. echo 1 > /proc/sys/vm/drop_caches fixed it. I'm on 4.4.0-22-generic. Anyone else seen this?
<nacc> jrwren: you just took away memory pressure
<nacc> jrwren: not seen any high kswapd here, but not heavily loaded
<tom[]> somehow i screwed up my lo interface during an update. i don't know how. `ip addr show lo` has odd output shown here together with my inyerfaces file https://gist.github.com/anonymous/48985686561070a55e55a00ea503b716
<tom[]> what is the correct command to bring lo up?
<lordievader> Good morning.
<LeMike> hello. I have installed ubuntu-server but now the resolution is very low. so the screen shows the terminal only in the upper left quarter of the screen. is there a way to solve this? I am working on an old fujitsu futro and don't know a thing about it, neither the max possible resolution.
<lordievader> Sounds like modesetting is not happening.
<lordievader> Then again, why not use ssh?
<AtuM> Hello... Can someone tell me what is the best way to put a line "rdma 20049" into /proc/fs/nfsd/portlist ? RedHat made a service called nfs-rdma for this.. does Ubuntu have anything similar?
<AtuM> I've put it into rc.local, but it disappears after service restart.. so I need something more persistent.. perhaps a unit file that would add the option after nfs-kernel-server restart
<jamespage> ddellav, coreycb: blue balls everywhere
<jamespage> :-)
<coreycb> jamespage, lol thank you for the early morning giggle
<gelbeEnte> Hello! I have some problems with "ecryptfs-mount-private": "Signature not found in user keyring. Perhaps try the interactive 'ecryptfs-mount-private'". My home folder doesn't decrypt. I tried "ecryptfs-rewrap-passphrase" but nothing changed. Is it possible to decrypt?
<AtuM> ecryptfs-recover-private
<gelbeEnte> Inserted auth tok with sig [0496470557959537] into the user session keyring
<gelbeEnte> ERROR: The key required to access this private data is not available
<gelbeEnte> :(
<ruben23> hi guys any one familiar with ddos deflate..?
<cpaelzer> rbasak: there is a dovecot related package called dovecot-antispam
<cpaelzer> rbasak: it is not build from the same source, it looks like a sync to me
<cpaelzer> rbasak: debian and Ubuntu only have rebuilds from time to time
<cpaelzer> rbasak: now that we will "up" dovecot given the merge takes place
<cpaelzer> rbasak: we will need to rebuild (or resync) that as well
<cpaelzer> rbasak: how to coordinate that best ?
<cpaelzer> rbasak: reference http://paste.ubuntu.com/17641820/
<rbasak> cpaelzer: good job spotting that. We don't really have a process for dealing with this, but if the dependencies are right dovecot will end up stuck in proposed until antispam is rebuilt - looks like this is the case.
<cpaelzer> rbasak: yes it depends
<rbasak> cpaelzer: sponsors should be willing to accept whatever you want to do here to point it out. For me, I suggest just pointing out that it needs a no-change rebuild in the merge proposal, and the sponsor can do it at the time. Or if you want the credit for the no change rebuild, supply a debdiff for that too (dch -R is a handy shortcut)
<cpaelzer> rbasak: it never breaks, as on a dist-upgrade without a rebuilt dovecot-antispam it gets removed (as it reaslized it is no more compatible)
<cpaelzer> rbasak: since it is a no-change-sync instead of a no-change-rebuild I think I'll mention it on the sponsor request
<rbasak> cpaelzer: right, so proposed migration should detect that moving dovecot to the release pocket would cause dovecot-antispam to become uninstallable, and thus refuse to do it.
<rbasak> cpaelzer: ah right. Yes, sorry. I forgot you mentioned that.
<cpaelzer> rbasak: ok, will do so and we will pick up on any issues that will show up along the way
<cpaelzer> thanks
<rbasak> cpaelzer: I don't think it'll be syncable. It'll need to be a no change rebuild upload.
<rbasak> cpaelzer: note the output of "rmadison -u debian dovecot-antispam". Debian has done binNMUs for it, so the source is still actually on 2.0+20150222-1
<rbasak> Ubuntu doesn't have binNMUs.
<cpaelzer> rbasak: that is the +b4 in what I linked?
<rbasak> cpaelzer: that's an indicator - Debian convention (maybe policy?) for binNMU versioning.
<rbasak> cpaelzer: also note though that "source" doesn't appear against +b4, only against the plain -1.
<rbasak> cpaelzer: you can confirm with chdist. I did "hcdist sid apt-cache show dovecot-antispam" and see that it has "Version: 2.0+20150222-1+b4" but "Source: dovecot-antispam (2.0+20150222-1)".
<cpaelzer> rbasak: that is a good one to note, thanks
<rbasak> nacc: ^ you might be interested in this edge case too. Shouldn't impact the importer since it doesn't need to care about binaries and Ubuntu doesn't have binNMUs, but an interesting edge case nontheless.
<cpaelzer> rbasak: I'll do a debdiff with a rebuild request then - does that has to go to an extra bug ?
<cpaelzer> the merge I'd associate to the functional issue that drove me to create it
<cpaelzer> I wonder if I can add extra package to the bug and then add the debdiff for the rebuild as well
<cpaelzer> rbasak: ^^
<rbasak> cpaelzer: if you wish. We don't really *require* bugs for uploads; it's just generally handy to track progress of the sponsorship request over time, a place for review feedback, and an item that can go into the sponsorship queue. I wouldn't bother with an additional bug, but if the sponsor misses it *and* you want it in the sponsorship queue then you may end up creating one anyway. As a sponsor,
<rbasak> I'll accept a debdiff for this without a bug :)
<coreycb> jamespage, what do you think about installing the theme files into /usr/share/openstack-dashboard/openstack-dashboard-ubuntu-theme/static/ubuntu instead of /usr/share/openstack-dashboard-ubuntu-theme/static/ubuntu?
<coreycb> that may fix the SuspiciousFileOperation issue
<bitfury> hey all good morning
<bitfury> does anyone know if the trusty-security universe repos contain security updates for universe software?
<jrwren> what happens when my LVM thinpool fills?
<rbasak> bitfury: yes, where security updates for universe have been contributed.
<bitfury> got it, thank you rbasak
<cpaelzer> this tests wants to be enjoyed I think - autopkgtest.enjoE5
<cpaelzer> to the power of 5
<tom[]> what comand(s) can i run to apply (changes to) interfaces config files in the same way that system init applies the configs in those files?
<nacc> rbasak: yeah, i've seen them before, thanks for the heads-up
<nacc> tom[]: you mean /etc/network/interfaces?
<nacc> tom[]: you presumably want to reload or restart the networking service
<tom[]> probably
<rbasak> nacc, tom[]: you don't want to restart networking. Things can explode: http://askubuntu.com/a/376586/7808
<nacc> rbasak: thanks for the link
<rbasak> The right way is to ifdown the interface(s) being changed, *then* change the interface files, then ifup again. From a screen, and carefully.
<tom[]> kreikey
<rbasak> Or reboot.
<tom[]> ifdown requires the config files to correspond to the current interface state?
<rbasak> Yes. It's a bit backwards.
<tom[]> i'm reacting to your *s
<rbasak> Otherwise, for example, dhclient won't be stopped for an interface switching from DHCP to static, since it won't know to do that later.
<rbasak> There are various efforts to make this better. All of which deprecate ifupdown I think. But that won't be coming for a while.
<tom[]> i'm trying, among other things, to understand what happened when i screwed up my loopback on a server yesterday
<rbasak> It's a pretty challenging problem to solve when you consider complex network setups that include bonds, bridges, vlans, tunnels and so on. The dependency tree is pretty complex.
<tom[]> sure. i'm glad i don't deal with any of those complex configs
<nacc> rbasak: i suppose, then, it's not entirely true that restarting networking won't work (as i've done it many times). But it may not work depending on how much eni was changed
<rbasak> nacc: it also depends on what you mean by "restarting networking" as to whether it'll do what you want or not.
<nacc> rbasak: yep, that makes sense
<rbasak> So yeah, it might work as expected in certain cases, but certainly not in the general case.
<nacc> rbasak: and i'm sure there are dependencies that may not re-trigger properly (or at all)
<rbasak> Although I hear the dbus issue is fixed, it's also not unreasonable for running programs to explode when the loopback interface disappears underneath them.
<rbasak> So then "restart networking" clearly shouldn't cycle loopback interfaces, and then we're back to the definition problem.
<nacc> yep, it makes sense to be more nuanced in what you're trying to control
<patdk-lap2> clearly shouldn't?
<nacc> rbasak: ok, so re: php-horde-db, shall I file a `requestsync`?
<rbasak> nacc: no need, I synced it.
<nacc> rbasak: ok, wasn't sure, thanks!
<cpaelzer> nacc: about the importer I think I would change the doc once you ack about the following
<cpaelzer> nacc: "Go to Launchpad page for USD git project and request a merge review."
<cpaelzer> to
<cpaelzer> nacc: "Go to the Launchpad page of your just uploaded merge branch and propose for merging into the USD git project"
<cpaelzer> nacc: ?
<cpaelzer> or is it really reverse than I expected
<nacc> cpaelzer: ack, that's correct
<nacc> please fix :)
<cpaelzer> nacc: while at it I should provide guidance about "target repository" and "Target reference path"
<cpaelzer> nacc: is that already in the readme files and I could copy from there ?
<cpaelzer> my first assumption of "~usd-import-team/usd-importer/+git/usd-importer" was wrong ... :-/
<cpaelzer> nacc: I'll open a quikc HO so you know what I'm asking about
<nacc> cpaelzer: sorry, missed the pings, yeah we should provide better instructions for that part
<nacc> for target repo, just search by the source package name
<nacc> and it should find the corresponding usd-import-team tree
<nacc> cpaelzer: and for target path, use 'debian/sid' (presuming that's what you merged to -- use whatever referenced you merged to in the process)
<Kallis> Could anyone possibly help me with my openvpn setup, I can connect fine but I cannot access internet when connected or the local shares on the VPN server
<magicalChicken> rbasak: I can take a couple more bugs this week probably. I was looking through the list and I saw 1296835, which I can take care of pretty quick
<magicalChicken> if there are any other simple-ish ones i can probably do one or two more
<rbasak> magicalChicken: thanks! I hadn't prepared any more, but I'll find a couple more for you tomorrow.
<rbasak> There's a big enough backlog - I just pick a few in advance of the meeting every week.
<magicalChicken> Thanks. I'm getting a bit quicker using the tools so hopefully I can get more bugs patched now
<jhobbs> I have an openstack cloud I've deployed with juju charms, and have an internal network and a provider network. By default, only the internal network's interface is being brought up in instances that have both networks attached. What's the best way to get the second interface to come up also?
<coreycb> jamespage, ddellav: here's my fix for the mitaka-proposed error - https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/horizon/commit/?h=stable/mitaka&id=55e2f7ec3666d66d5cbc7e22d12f90bcd60163fa
<coreycb> I just tested it and the theme seems to be fine
<akira1980> What would be the way to do this,  I'm wanting to have a private email relay server. Basically pull all the mail from the mail server as pop then have the secondary server as imap and keep all the mail on that one. It's there a better solution?
<concerti> is there an equivalent to SAR preinstalled on ubuntu servers?
<mgriffin> concerti: you can install sysstat
<concerti> yep that's the plan , just making sure there is not something like that already running w/ ubuntu
<mgriffin> concerti: look in cron log?
<mgriffin> concerti: and ps
<RoyK> concerti: just install sysstat and enable it in /etc/default/sysstat
<RoyK> concerti: for some reason debian/ubuntu doesn't enable it by default
#ubuntu-server 2016-06-22
<Yuri4_> Hi, guys! I can't SSH into my server. Could you help me to decipher ssh -vvv output? http://pastebin.com/NSEz3cs5
<Beautiful> Yuri4_, are you sure you pointing to the right key file?
<Beautiful> it seems its a key file issue
<codepython777> anyone here has used preseed recently?
<masuberu> hi
<masuberu> not sure if this is the right place to ask this
<masuberu> my ubuntu is not using all memory of my system
<masuberu> is this normal?
<masuberu> http://pastebin.com/raw/zjq2JNhb
<masuberu> the reason I am asking is because I thought that linux uses all memory available on the system, but that is not my case
<masuberu> any advice?
<hateball> masuberu: well, does any process need more?
<masuberu> I have nothing running on that machine yet
<masuberu> I just installed ubuntu
<hateball> Yes, so what is the problem?
<masuberu> but was surprised why linux is not using all the memory available...
<hateball> what would it use it *for* ?
<hateball> it's sitting there, available
<cpaelzer> masuberu: it is all right that way
<cpaelzer> masuberu: it is used on demand
<cpaelzer> masuberu: and even if there is no program actively needing it it will fill up over time by page cache
<masuberu> ok
<cpaelzer> masuberu: every read you'll do will get into the page cache to speed up I/O, so over time even without a huge application running it will get full
<masuberu> ah ok
<cpaelzer> masuberu: usually people complain vice versa - "why is it full with me having running only a small application"
<masuberu> I understand now
<masuberu> yeah
<cpaelzer> masuberu: depending on the number of numa nodes you have it will always try to keep a minimum free for important kernel things
<masuberu> ok ok sorry for my ignorance I will read about disk caching
<masuberu> thanks
<cpaelzer> not a lot, something like 12-80 MB per numa node
<masuberu> hum
<masuberu> I see
<cpaelzer> masuberu: http://www-05.ibm.com/de/events/linux-on-system-z/downloads/Tools-MK2-V7-Web.pdf page 43 and following has some super-low-level entry to caching/swapping that I used to explain stuff to managers in the past
<cpaelzer> you can always get more complex with memory management :-)
<cpaelzer> but it is hard to find the simple ones
<masuberu> cpaelzer: jajajaja thanks man!
<rbasak> magicalChicken: I found a few bugs for you.
<rbasak> 1) a general cleanup of the bugs in logwatch please - no point assigning individually but there are a bunch of similar-but-different bugs there - https://bugs.launchpad.net/ubuntu/+source/logwatch
<rbasak> (unmatched entries)
<rbasak> 2) bug 1582767. It's fine to add an apparmor entry even if use of that line is only in an unusual configuration, so that just needs verifying and sorting out
<ubottu> bug 1582767 in ntp (Ubuntu) "apparmor permissions missing for winbind" [Medium,Triaged] https://launchpad.net/bugs/1582767
<rbasak> 3) bug 1534538. Should be a straightforward cherry-pick but needs verifying etc.
<ubottu> bug 1534538 in apache2 (Ubuntu) " AliasMatch directive does not accept long URI" [Medium,Triaged] https://launchpad.net/bugs/1534538
<rbasak> magicalChicken: thanks!
<cgalan> coreycb: we have tested the networking-hyperv package. Can we get it in Ubuntu Cloud Archive: OpenStack Mitaka, updates section ?
<Ergo^> hello - i have a basic installation of ubuntu 16.04 - i installed update-motd package - but i need to populated the /etc/update-motd.d/ - its missing all the nice scripts, is there a command to set this up?
<cpaelzer> Ergo^: what nice scripts in particular - then one could look up where they would be in?
<Ergo^> there is a bunch of scripts in /etc/update-motd.d/
<Ergo^> they print missing updates, diskspace, etc
<cpaelzer> Ergo^: so you usually see them, but not on your current install and you wonder where they would come from?
<Ergo^> cpaelzer: exactly, i think default 14.04 server install has them
<Ergo^> but at least 2 machines i checked do not have that by default
<cpaelzer> Ergo^: "apt-file search /etc/update-motd.d/ | pastebinit" => http://paste.ubuntu.com/17692017/
<Ergo^> i would love to bring that back
<Ergo^> cpaelzer: i have only 00-header  10-help-text
<Ergo^> and i want the ones you have there
<cpaelzer> Ergo^: which is in base files, the output is package on the left and files on the right
<cpaelzer> so if you e.g. want the "updates available" that is in update-notifier-common
<cpaelzer> apt-file as I listed above lets you search the whole archive with patterns - showing you what package "would" match
<cpaelzer> that is what that pastebin link is
<cpaelzer> apt-search on steroids to some extend
<Ergo^> thanks
<cpaelzer> yw
<Ergo^> cpaelzer: thing is i have to have the archive installed locally right?
<cpaelzer> Ergo^: no it has an update feature which just pulls the metadata
<Ergo^> cool
<Ergo^> cpaelzer: there is also landscape-sysinfo script
<Ergo^> but i cant locate that one anywhere :/
<Ergo^> maybe it was removed
<cpaelzer> Ergo^: is that part of the landscape tool like https://landscape.canonical.com/ ?
<coreycb> cgalan, hello, thanks for testing!  jamespage or beisner can you promote networking-hyperv 2.0.0-0ubuntu1~cloud0 to mitaka-updates for cgalan please?
<cpaelzer> apt-file search landscape-sysinfo delivers for me
<cpaelzer> package landscape-common
<Ergo^> cpaelzer: yeah but it doesnt supply the motd script
<cpaelzer> Ergo^: can you list the old absolute path?
<Ergo^> http://packages.ubuntu.com/xenial/amd64/landscape-common/filelist
<Ergo^> at least here i dont see it
<Ergo^> cpaelzer: /etc/update-motd.d/50-landscape-sysinfo
<Repox> Hi guys. I tried following a guide to writing an upstart script and ended up with this: http://pastie.org/10886387 - the init-check passed but when I try starting the service (by typing "service mailin start") I get a message saying "Failed to start mailin.service: Unit mailin.service not found." What am I missing? I'm on 16.04 if that matters.
<Ergo^> cpaelzer: maybe its generated post-trigger somehow?
<cpaelzer> yeah maybe
<cpaelzer> I'm still looking in an trusty env if it would be just in a package
<Ergo^> cpaelzer: because i installed landscape-common
<Ergo^> and i got the entry in motd
<Ergo^> so its probably generated
<cpaelzer> Ergo^: then that is very likely
<cpaelzer> yep debian/landscape-common.postinst:       UPDATE_MOTD_LOCATION=/etc/update-motd.d/50-landscape-sysinfo
<cpaelzer> Ergo^: behavor can be switched by configure, therefore generated
<caribou> rbasak: remember the apache2-mpm-itk SRU blocking the apache2 one ?(LP: #1582462)
<ubottu> Launchpad bug 1582462 in apache2 (Ubuntu) "package apache2 2.4.7-1ubuntu4.10 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1582462
<jamespage> coreycb, got it
<rbasak> caribou: yes
<caribou> rbasak: the apache2-mpm-itk .postinst is failing because of the a2query bug you described :
<caribou> usage: fail($reason, $retval) at /usr/sbin/a2query line 168.
<caribou> /var/lib/dpkg/info/libapache2-mpm-itk.postinst: 9: [: !=: unexpected operator
<caribou> rbasak: imho, the problem is this apache2 bug, not the apache2-mpm-itk failure
<jamespage> coreycb, done
<jamespage> cgalan, ^^
<jamespage> networking-hyperv -> updates
<coreycb> jamespage, thanks
<rbasak> caribou: is any of this related to bug 1590283?
<ubottu> bug 1590283 in mpm-itk (Ubuntu) "package libapache2-mpm-itk 2.4.6-01-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Incomplete] https://launchpad.net/bugs/1590283
<caribou> rbasak: that's what I'm checking; just bear with me for a few minutes, I should have my tests completed
<cgalan> jamespage, thank you!
<cgalan> coreycb, thanks for all the help also!
<rbasak> ack
<coreycb> cgalan, you're welcome
<caribou> rbasak: the mpm-itk postinst script fails on that : if [ $(a2query -M) != 'prefork' ] ; then
<caribou> rbasak: with the bug $(a2query -M) errors out and the tests is wrong
<caribou> rbasak: with a2query fixed, the postinst script still errors out since the msg is sent to stderr and the value tested is still empty
<caribou> rbasak: but that can only happen if at least TWO mpm are loaded
<caribou> rbasak: so I don't mind pulling the SRU to ameliorate the a2query -M handling, but the root cause is somewhere else
<rbasak> caribou: it should be if [ "$(a2query -M)" ...
<caribou> rbasak: still fails as a2query -M output goes to stderr
<rbasak> Assuming that there are cases where a2query will fail by its definiton.
<rbasak> That seems wrong to me.
<rbasak> "$(a2query -M 2>&1)" then, but I'd file a bug about it outputting its defined output to stderr.
<rbasak> If the point of "a2query -M" is to tell you the enabled MPM module, then that should be to stdout.
<caribou> rbasak: a2query is using perl:die
<rbasak> Only in an unusual circumstance, right?
<rbasak> It doesn't make sense to have more than one MPM module enabled?
<caribou> rbasak: yes, I had to hack a second MPM symlink in /etc/apache2/mods-enabled
<rbasak> Does apache even accept that?
<caribou> well, if someone symlinks it manually that can happen
<caribou> rbasak: I'm not sure if we need to build in user's mistakes in our scripts
<caribou> rbasak: imho, having a2query -M w/o the quotes is wrong, so I can fix that, but it will still fail in this specific context
<rbasak> caribou: sure. If it's not supposed to happen, it's fine to let the postinst fail. Though a better error message would be nice (that's the a2query bug I think).
<caribou> rbasak: yes, we would have had "There is more than one MPM loaded. Do not proceed due to undefined results"
<caribou> with a2query fixed
<caribou> I think we should let the apache2-mpm-itk proceed & fix the quote thing in a separate SRU; right now it is the library itself that fails to install
<caribou> since it will still fail in such a context, no matter what
<rbasak> caribou: sure. It's not an SRU regression so it shouldn't block the SRU.
<caribou> rbasak: agree. I will document all that in the regression bug & revert the verification tag
<rbasak> Thank you!
<mbutubuntu> hello to everyone. I've installed a brand new Ubuntu 16.04 Virtual Machine with a LAMP setup. I need to use dba functions but even if all configuration seems ok I get a FATAL ERROR "PHP Fatal error:  Uncaught Error: Call to undefined function dba_handlers()"
<mbutubuntu> in the phpinfo() page the dba library seems loaded, what could be the issue? Thank you ;)
<mbutubuntu> note that all the dba_* functions returns a fatal error.
<nacc> mbutubuntu: can you pastebin the phpinfo() output?
<mbutubuntu> --> http://www.2016.arabeschi.it/uploads/info.php :)
<nacc> mbutubuntu: do you have php-dba installed?
<nacc> mbutubuntu: or possibly not enabled? e.g. phpenmod dba ?
<mbutubuntu> I've ubuntu 16.04 and php7... there is no php-dba package :-(
<nacc> mbutubuntu: where do you see the dba being loaded?
<nacc> mbutubuntu: hrm, seems like there might have been a bug in the packaging; can you file a bug? i'll build you a test build today
<mbutubuntu> Someone filed a bug yet -> https://answers.launchpad.net/ubuntu/+question/293591
<mbutubuntu> the solution is to download the sources from https://github.com/php/php-src/tree/PHP-7.0.8/ext/dba and compile it :)
<nacc> mbutubuntu: that's not a bug, that's a question
<nacc> and that's a *terrible* answer.
<nacc> as you're not even using the right source base.
<mbutubuntu> ok... sorry X-) LOL
<nacc> i turned it into a bug
<nacc> LP: #1595215
<ubottu> Launchpad bug 1595215 in php7.0 (Ubuntu) "php7.0 dba extension missing" [Undecided,New] https://launchpad.net/bugs/1595215
<ddellav> coreycb please review and push lp:~ddellav/ubuntu/+source/neutron lp:~ddellav/ubuntu/+source/neutron-fwaas lp:~ddellav/ubuntu/+source/neutron-lbaas lp:~ddellav/ubuntu/+source/neutron-vpnaas lp:~ddellav/ubuntu/+source/nova for lp: #1594867
<ubottu> Launchpad bug 1594867 in python-glance-store (Ubuntu Wily) "[SRU] liberty point releases" [Undecided,New] https://launchpad.net/bugs/1594867
<coreycb> ddellav, will do, what's going on with python-glance-store?
<mbutubuntu> nacc, are you a maintainer for Ubuntu?
<nacc> mbutubuntu: i have done the php7.0 transition
<mbutubuntu> Ok. So you have the "power" to solve this bug..? :)
<nacc> Yes, I'm doing so right now
<ddellav> coreycb im not sure, i know james already did the update but i tried to do it again anyway. I couldn't find the proper package repo so i did a pull-lp-source for the wily version but my attempts to import the update failed. I was going to keep messing with it for the next hour or so before asking for clarification.
<mbutubuntu> great. I owe you, nacc
<coreycb> ddellav, ok.  maybe just split it into a different card for now.
<f1gjam> hey guys, I am trying to get autopilot to install and am having some trouble. First off, when I do openstack-install and the interface comes up, I enter all the details - everything seems to go fine then it fails. The log files under ~/.cloud-install/commands.log shows the following error:
<f1gjam> 400 BAD REQUEST ({"storage": ["Mount the root \'/\' filesystem to be able to deploy this node."]})\n', 'status': 1}'
<f1gjam> I also dont like the fact, when i cant copy and paste the API key in the openstack-install text UI aand have to enter it manually :(
<ddellav> coreycb done
<coreycb> ddellav, it's this repo btw: http://anonscm.debian.org/cgit/openstack/python-glance-store.git/
<ddellav> coreycb ok so i should use the debian repo. I wasn't sure since it's got an ubuntu delta tag
<coreycb> ddellav, for stable dep updates I haven't been using the repos
<ddellav> well in wily it does, xenial and above its a direct copy probably
<mbutubuntu> nacc, I think that your today build will not be in the repos... how can I get notified when you finished your updated package? :)
<ddellav> coreycb what are you doing instead?
<coreycb> ddellav, but I suppose it depends, if the updates already there then maybe I'd use it
<coreycb> ddellav, pull-lp-source
<coreycb> then update
<coreycb> ddellav, jamespage: we should be back to blue after neutron builds for newton
<jamespage> \o/
<ddellav> coreycb awesome
<coreycb> jamespage, ddellav: btw I opened bug 1594446 after I uploaded software-properties and didn't push it to the packaging branch.
<ubottu> bug 1594446 in ubuntu-dev-tools (Ubuntu) "pull-lp-source doesn't notify you where package VCS is maintained" [Medium,Confirmed] https://launchpad.net/bugs/1594446
<robertj> is https://help.ubuntu.com/lts/serverguide/advanced-installation.html correct? Im not getting options to boot degraded on dpkg-reconfigure -p low mdadm
 * RoyK has no idea why boot degraded seems to be default off on certain distros - it doesn't make sense
<robertj> RoyK, AFAIK the option no longer works btw
<robertj> it may default to on now but be hitting another bug, that's my guess and thus why the option is removed
<robertj> (but apprently not in the documentation)
<robertj> https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/1341312 is looking like a possible fix
<ubottu> Launchpad bug 1341312 in mdadm (Ubuntu) "System couldn't boot from degraded raid 1" [Undecided,Confirmed]
<RoyK> robertj: there's a kernel parameter for that as well - perhaps use that?
<RoyK> it really sucks that it doesn't boot with degraded raids by default
<RoyK> there's a reason for raid systems - we want to allow for failed drives!
<robertj> RoyK, I dont think that portion of the preboot exists anymore
<showaz> We tried to use nmcli & nmtui in ubuntu (centos7 not req. x11) to visually configure the network interfaces. Really pulls ubuntu with the package "network-manager" (X11).
<nacc> showaz: was that a question?
<showaz> nacc: x11 is mandatory for network-manager (ubuntu-server 16.04)?
<showaz> solved: "apt install --no-install-recommends network-manager"
<nacc> showaz: it is not mandatory, afaict; that's a difference between `apt` and `apt-get`
<showaz> nacc: yes, "apt" color-progressbar wrapper for apt-get and apt-cache
<nacc> showaz: i know what it is...
<showaz> nacc: The problem is that apt/apt-get is trying to install x11 (ubuntu-server edition) for network-manager.
<nacc> showaz: it seems like overkill to me to install network-manager on a server, but that's just my opinion
<sarnold> why are you using network-manager on a server?
<nacc> showaz: you don't need to say 'ubuntu server edition', it's the same packages everywhere
<showaz> nmcli and nmtui
<showaz> centos terminal gui for networking control
<nacc> showaz: why do you want a terminal gui for networking control? how often are you changing networking on a server?
<showaz> yes, not like vim/nano/etc "cat >/etc/network/interfaces.d/enâ¦"
<genii> Just install xvfb for a fake X server
<showaz> not good idea install x11 overhead.
<nacc> showaz: was that in response to me?
<nacc> showaz: i don't think it's a good idea to install network-manager; that's just an opinion.
<sarnold> you're free to install desktop utilities on your server but don't be surprised when they pull in desktop libraries and tools.
<showaz> apt  install network-manager-tui 404
<showaz> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Networking_Config_Using_nmtui.html
<nacc> why would a RH guide be relevant on Ubuntu?
<showaz> why ubuntu not support control network interfaces?
<genii> Learn how to use ipconfig and the interfaces file
<nacc> showaz: ? i am not entirely sure what you're asking, but Ubuntu does support controlling network interfaces.
<nacc> showaz: if you're asking why Ubuntu and RH are different ...
<showaz> we assume this is a flaw in ubuntu/debian.
<nacc> uh
<nacc> showaz: define 'flaw'? you're installing a package meant for desktop environments (afaict)
<showaz> network-manager-tui not desktop, nm{tui,cli} ; tui - text interface / cli command line tookit for control network
<nacc> showaz: i think you're saying you think that network-manager-tui should be installable without X11, and it's not, because nmcli/nmtui are part of the network-manager package. And the network-manager package pulls in x11-common (note that's not an entire xserver)
<nacc> showaz: that is not possible, in ubuntu or debian, afaict...
<semiosis> hi all.  i'm working on bug 1565985 and think I have a good strategy to solve it.  anyone around to discuss?
<ubottu> bug 1565985 in livecd-rootfs (Ubuntu) "vagrant vb ubuntu/xenial64 cannot mount synced folders" [Undecided,Confirmed] https://launchpad.net/bugs/1565985
<semiosis> what i want to do is move 42-vagrant.binary to 40-vagrant.binary and, instead of having it use the vmdk produced in 40-vmdk-image.binary, use the disk image produced by 32-disk-image.binary
<coreycb> tinoco, thanks for the kilo patch for libvirt. I've uploaded that to kilo-staging and it'll get into kilo-proposed soon for testing.
<semiosis> that way we can mount the disk image, install the extra packages needed for a vagrant base box, then call create_vmdk and continue with the rest of the vagrant packaging stuff
<coreycb> tinoco, for bug 1594936
<ubottu> bug 1594936 in Ubuntu Cloud Archive kilo "fix crash in virDomainObjListFindByUUIDInternal" [Medium,New] https://launchpad.net/bugs/1594936
<tinoco> coreycb: cool!! tks
<tinoco> coreycb: i'll work together with user for verification
<coreycb> tinoco, great, thank you
<semiosis> the source files i'm referring to are here: http://bazaar.launchpad.net/~ubuntu-core-dev/livecd-rootfs/trunk/files/head:/live-build/ubuntu-cpc/hooks/
<robertj> RoyK, but yeah, just built a fresh vm with the same result
<coreycb> beisner, hello, can you promote libvirt 1.2.12-0ubuntu14.4~cloud1 to kilo-proposed when you get a chance?
<cliluw> Why is there still an /etc/init/ directory in Xenial if it uses systemd and not upstart?
<sarnold> because modifying every package to no longer have upstart configs would have been too much work
<cliluw> sarnold: Do those upstart configs do anything now?
<sarnold> cliluw: I suspect not
<sarnold> but I haven't proven that to myself :)
<cliluw> sarnold: Ok. I was wondering if there was some automatic upstart to systemd translator that would have made those work on 16.04.
<sarnold> cliluw: all those packages probably have sysv init scripts too, when systemd was added I think pitti and others had to add a bunch of those sysv scripts for compatibility.
<sarnold> I'm hoping yakkety is a bit less messy.
<RoyK> robertj: that's just shite
<robertj>  /scripts within initramfs doesn't seem to have anything related so I think it's compiled in somewhere?
<robertj> RoyK, so...basically my understanding is that there is no point in the boot process where Ubuntu draws the line and says 'ok, all disks should be here by now'
<robertj> or rather there is, it's like 60 or 90 seconds later when it gives up trying to mount root and then bails to busybox
<beisner> hi coreycb - libvirt (1.2.12-0ubuntu14.4~cloud1) pushed to kilo-proposed
<coreycb> beisner, thanks, tinoco ^
<beisner> yw coreycb
<tinoco> beisner: coreycb: tku! o/
<hallyn> beisner: you're on sru team ?
<hallyn> oh, kilo-proposed
<beisner> hallyn, not sru team.  cloud archive pusher(tm)   :)
<hallyn> sorry, thought it would be cool if you were :)
<LaserAllan> question, does grep -r even search through hidden directories?
<mgriffin> LaserAllan: did you try it?
<mgriffin> LaserAllan: easy to test things: https://paste.fedoraproject.org/383530/46663234/
<LaserAllan> mgriffin: No not yet, I just know there are 2 keywrods i am looking for inside a log and thats it pretty much
<LaserAllan> I am not sure if i can make it absically search the whole system but i was thinking something like
<LaserAllan> grep -r "word1 word2" /
<nacc> LaserAllan: 'hidden' is a GUI thing, really
<LaserAllan> nacc: oh ok so the "." in fron of them isn't something that affects any command sin the temrinal?
<LaserAllan> I mean I usually have to do "ls -all" to make those appear
<nacc> LaserAllan: and in the above instance, since you're giving it an explicit path, and not a regex (which would be shell expanded), it should search your entire filesystem
<nacc> LaserAllan: yeah, i realized that as soon as i typed :)
<nacc> LaserAllan: it doesn't affect *all* commands
<nacc> that's a nuance of ls, afaict
<mgriffin> this might be faster than grep -r:  find / -type f -exec grep xyz {} \+ 2> /dev/null
<mgriffin> but i struggle to imagine you don't want to search just /var or something
<LaserAllan> nacc: The problem is that I will most likely end up with thousands of results but I don't really have much more than that to go on since I am not sure when these logs lines were written, i only know it was this year lol
<nacc> LaserAllan: ugh :)
<LaserAllan> mgriffin: To be more specific this is irc logs inside my irc server
<LaserAllan> so I guess I could narrow the path down to which directory
<mgriffin> LaserAllan: so use lsof against that process to see where it logs
<mgriffin> LaserAllan: maybe /var/log/ircd/daemon.log will be an open file
<LaserAllan> ah, ok so now i know where it keeps logs
<mgriffin> LaserAllan: so look at /var/log/ircd/daemon.log*
<LaserAllan> then I can just do grep -r "word1 word 2" /peth/to/logs ?
<mgriffin> (because logrotate made them daemon.log-201605.gz or something)
<mgriffin> LaserAllan: you might need zgrep
<LaserAllan> mgriffin: what is that?
<mgriffin> LaserAllan: if the files are compressed. or maybe you use systemd and want journalctl ;)
<mgriffin> LaserAllan: zgrep searches file.gz (gzip compressed files)
<LaserAllan> mgriffin: Ah that makes sense, afaik they arenÃ¤t compressed
<LaserAllan> "aren't
<masuberu> Hi
<masuberu> I am trying to setup nic bonding for first time on ubuntu and it is not working, would appreciate anyone who can guide me on this
<masuberu> this is my nic bond configuration
<masuberu> http://pastebin.com/raw/RrwuSeMQ
<patdk-lap> slaves none
<masuberu> slaves none on eth2 and eth3?
<patdk-lap> why?
<patdk-lap> those have bond-master
<masuberu> just asking
<masuberu> ah ok
<masuberu> you mean
<masuberu> bond-slaves none
<masuberu> I am following this tutorial https://help.ubuntu.com/community/UbuntuBonding
<masuberu> and they have "bond-slaves eth0 eth1"
<patdk-lap> odd
<patdk-lap> I have never seen it work, after 10.04 with bond-slaves != none
<masuberu> ok I will try your way and see if it works
#ubuntu-server 2016-06-23
<LaserAllan> hey guys, i just went into a directory where my irc server keeps allot of logs and i did an "ls" and it just shows me maybe 40 results but above those it says "total 2172", what does that mean exactly?
<sarnold> that's the sum of file sizes in the directory, in kilobytes iirc
<LaserAllan> ah
<LaserAllan> gotcha :)
<sarnold> it's amazing, I've come to ignore the line entirely :)
<LaserAllan> sarnold: You know i tohguth it meant i udnno numbers of somekind since it didn't really define what it actually was
<LaserAllan> I am trying to learn how to grep effectively
<LaserAllan> so far grep -r "word" /path/to/stuff prints out things but what if i have multiple words?
<sarnold> if those words would be on the same line then you can do something like grep -r -e 'word1.*word2' /path/to/files --- but that's not much help if they might be on different lines, but you want to know which files contain both words..
<sarnold> your next steps typically turn ugly, something like grep -l foo $(grep -r -l bar /path/to/files)
<LaserAllan> I will try that
<LaserAllan> I have only used linux for about 1 year and i am amazed how powerful the temrinal is
<LaserAllan> but i am still very new to learning how to use the cli effectively
<sarnold> since you can only pass so many files as parameters, that only works up to a certain size, and if any filenames have funny names (e.g. start with - ) then you can run into trouble
<LaserAllan> sarnold: Ah yeah lemme see what i can do, when you sday that the specified words has to be wihtin the same line does that mean same message?
<LaserAllan> what does -e do?
<sarnold> what's a message?
<LaserAllan> or line sorry
<sarnold> -e says to use regex matching. I can't recall for sure when grep treats inputs as regex vs literals, so I may over-use it..
<\9_> LaserAllan: grep -P 'word1|word2|word3' files
<\9_> the -P enables perl-style regex which allows for | to separate choices
<sarnold> it also lets you search for multiple expressions, like grep -e sarnold -e root /etc/passwd to print out two lines from /etc/passwd ..
<sarnold> \9_: dude. how long as -P been there? :)
<LaserAllan> I would liek to use that but search in a directory that has allot of files in it
<\9_> sarnold: since ever
<sarnold> crazy. last I looked it just did extended, basic, and fixed string :)
<\9_> or well I've used linux for like.. 8 years now and it's been there for as long as I can remember
<sarnold> \9_: thanks :) hehe
<LaserAllan> I have only used it for 1 year I feel like a very newbish person but ive leanred allot in this year
<LaserAllan> ive learned as ive gone forward so to say
<arooni> hey folks;  i'd like to get a backup agent for ubuntu that can connect to AWS and perhaps AWS Glacier.  Ideally works with is compatible with Arq which i have running on my mac.  Any suggestions?
<Walex> arooni: at the simplest level there is 's3cmd'
<Walex> arooni: https://www.google.ca/search?client=ubuntu&channel=fs&q=backup+program+linux+s3
<emper0r> hi, if i got an ubuntu-server 15.04 with all my stuff inside custom-services and develope work on apache2. runing everything i want.... how can i convert that server ready in a ISO image to instal from a CD, and when finish instal take the same result,.. now i'm using a basic server install and execute a big script to prepare ending in the final result but i really want to avoid tat with a custom
<emper0r> cd with all process did it.!.. how can i do that?... some url to read a guide ?
<hateball> emper0r: Do you just want to clone the install as is? Use clonezilla or something
<hateball> emper0r: also 15.04 is EOL
<emper0r> i know i know is EOL... but meanwhile not migrate the new script for new relases and upgrade the develep work beacuse use a different version with django.. i would like to use 15.10
<XinZhao> heeey
<XinZhao> I bet you arent even an emperor at all!!
<LostSoul> Hi, I'm trying to install 2 packages but my console hangs, what's up?
<LostSoul> http://paste.ubuntu.com/17737006/
<LostSoul> Any ideas guys?
<emper0r> hateball: clonezilla clone the disk into image... but if i want to do like ipcop for example... little distro with just only tools need it? and it develop software it self? ipcopn had a simple install and finish with just only need running...
<emper0r> will be more like that but with our custom softw for other goal.
<hateball> I'm... not sure I follow
<emper0r> i guess will be .. like linux from scratch.. but..i guess will be a long process to do it
<emper0r> anyway thanx for the info
<emper0r> :)
<emper0r> o/Ã¹
<emper0r> bye
<emper0r> \o/
<LostSoul> apt-get hangs after fetchign all packages
<LostSoul> Fetched 70.9 MB in 8s (7,960 kB/s)   - what can I do?
<jelly> LostSoul: investigate where it's hanging.  use tools like ps and pstree to look at child processes of apt-get; "top" to see if any of those are using cpu time; after identifying a suspect, "strace" to try figure out what it's doing
<jelly> or just press ^C and blindly try again
<Mr_Pan> !seen
<ubottu> I have no seen command
<frickler> jamespage: do you plan to push ceph-10.2.2 into xenial, too? there are some rgw fixes that we would like to have there
<frickler> also nova-13.1.0 for mitaka would be nice
<jamespage> frickler, yes - its in the review queue for the sru team
<frickler> jamespage: great, can I see that queue somewhere so I don't have to bother you every time? ;)
<jamespage> frickler, https://launchpad.net/ubuntu/xenial/+queue?queue_state=1&queue_text=
<Odd_Bloke> rbasak: smoser: Can I get uvt-kvm to run an arm64 image on an amd64 host?  Should it Just Work?
<smoser> Odd_Bloke, it might need a little tweak
<smoser> i think we needed a little tweak for power, not sure if its in main or not.
<bananapie> Hello. I have a dozen servers connected via gigabit switches ( procurves ). All the machines can ping each other. One of the 12 machines has virtual servers on it. All the virtual servers can ping each other and the physical servers. However, if I try pinging using jumbo frames, the physical servers can ping each other. The virtual servers can ping each other. But between vms and physical, no jumbo packets. From
<bananapie> the vm host, I can jumbo ping any vm and vice versa. The switches are all set to jumbo. Vms are libvirt/qemu/kvm. They are connected to a bridged interface. All the interfaces list mtu at 5000.
<bananapie> I don't think it's a problem with the bridged adapter as the vms and the vm host can all ping each other.
<bananapie> All the vnet cards on the bridge are showing mtu 5000
<bananapie> I am certain the issue is not the switch
<bananapie> ngrep shows the outbound ping on br0
<bananapie> ngrep shows the outbound ping on bond0 ( which is the physical link to the switch )
<bananapie> ngrep shows the outbound ping on em2 ( which is currently the master for bond0 )
<bananapie> ifconfig shows no errors, overruns, dropped on the tx of em2
<bananapie> The config worked on monday, something happened in the mean time.
<bananapie> when pinging from a VM to a physical machine, I see the ping on em* interface going out.
<bananapie> scratch everything
<bananapie> all the vms had mtu 5000, all the physical machines had mtu 1500
<bananapie> LoL
<freakynl> Hi, I'm running a 14.04 server which / (and bootloader) is on a RAID-1 (md). Now I replaced both disks with larger ones, using GPT as the partition setup (4TB disks). As the system hasn't gone down yet, it's still running happily
<freakynl> Can I create a fake msdos partition table on it to allow it to boot? The mainboard only has BIOS (root/md0 is only 19GB and is the first partition)
<ddellav> coreycb can you review/push my neutron ci fix: lp:~ddellav/ubuntu/+source/neutron
<ddellav> xenial/newton
<coreycb> ddellav, sure can, thanks
<coreycb> ddellav, I've pushed your neutron updates.  can you kick off neutron builds in jenkins?
<ddellav> coreycb yessir
<coreycb> ddellav, thanks
<LostSoul> Hi
<LostSoul> So I tried to compile MK Livestatus - http://mathias-kettner.com/checkmk_livestatus.html, configure and make went without error but after all I can't do make install
<LostSoul> make: *** No rule to make target `install'.  Stop.
<ddellav> LostSoul it sounds like that program does not have an install target. I'd check the readme for the install process or barring that, the makefile itself.
<ddellav> its possible it's a portable app and you just need to run the binaries from that folder
<LostSoul> I've read this project site and after all I should be albe to do make install
<LostSoul> In readme there is nothing interesting
<nacc> cpaelzer: iirc, i wonder if the 'pipe' (ML post on crashes) is happening because the kernel crash handler is manually set to that string?
<cpaelzer> nacc: could be, but he didn't seem to configure anything for crash before given his feddback to my crash questions
<cpaelzer> nacc: I can say that I intentionally crashed a few things this morning and all worked fine
<cpaelzer> nacc: I checked my dmesg and as expected there is nothing in there in the "default config"
<cpaelzer> nacc: please feel free to ask him if he set soemthing - eventually I'd just love to understand what his mdadm has
<cpaelzer> nacc: but I start to think the system might be a bit special (set up)
<LaserAllan> hey there
<LaserAllan> for some reason my surveillance tool xymon has detected this: Warning: Use of uninitialized value $pkg in exists at /usr/lib/xymon/client/ext/apt line 146
<LaserAllan> I just recently saw its showing a few of those
<LaserAllan> I have never seen them before so I ahve no idea what they might mean
<sarnold> LaserAllan: what's on line 146 there? look upwards in the file and see if there's typos or something similar
<LaserAllan> sarnold: Just did a reboot though, it said something had to be updated, aparently the kernel
<LaserAllan> now its gone
<sarnold> LaserAllan: the error message you pasted looks like a perl bug to me. it probably shouldn't come or go based on which packages need updating.
<LaserAllan> sarnold: I also did a reboot and that seemed to fix it but i am not sure
<LaserAllan> sarnold: does perl handle any webstuff?
<sarnold> LaserAllan: for many years, perl -was- the web.. hehe
<LaserAllan> I have had huge problems with a python script ive been running flawlessly for about 6 months
<LaserAllan> it stoped working last night
<LaserAllan> Aparently the information i seek is ther ein htmlcode in somde way but it basically used to display it visually while now I can basically see nothjing
<LaserAllan> this is the thing i am trying to run https://github.com/drzoidberg33/plexpy
<LaserAllan> question, I am currently running Ubuntu Server 1404LTS but I am wondering if i can update python beyond 2.7.6?, according to things ive read i shouldn't do that so i guess my only option is to upgrade to Ubuntu Server 1604 LTS?
<nacc> LaserAllan: python3 is packaged in 14.04
<nacc> iirc
<nacc> python3 | 3.4.0-0ubuntu2   | trusty
<LaserAllan> nacc: Ah how do i got about installing it or upgrading to it?
<LaserAllan> just regular repo install?
<nacc> LaserAllan: yes, it's just a package (and i think the default python will stay python 2.7.x, you'd invoke it with python3 (or /usr/bin/env python3 or whatever)
<LaserAllan> nacc: So just apt-get install python3?
<nacc> LaserAllan: i believe so, yeah
<LaserAllan> nacc: I wonder will that replace python, so i can sitll start script with python "scriptname"?
<nacc> LaserAllan: i think i just answered that? (in parentheses)
<LaserAllan> nacc: python3 doesn't seem to be reconiced
<LaserAllan> "recogniced
<nacc> LaserAllan: do you mean the package or the executable?
<LaserAllan> nacc: I am wondering if i am having multiple versions of python since it sid that python3 is allready installed
<LaserAllan> So I guess I should then use python3 "scriptname"?
<nacc> LaserAllan: http://paste.ubuntu.com/17760052/
<nacc> LaserAllan: yes, it looks python3 might be isntalled by default
<nacc> LaserAllan: and yes, just use python3, as i said
<LaserAllan> nacc: Can i safely remove the regular python?
<LaserAllan> and thanks
<nacc> LaserAllan: i wouldn't
<nacc> LaserAllan: at least not on trusty
<nacc> LaserAllan: i think that will try to remove some core stuff, but not sure
<LaserAllan> nacc: hmm, seems like I cannot launch my application in python3
<LaserAllan> weird
<nacc> LaserAllan: cannot or it fails?
<sarnold> most of the time applications are written for python2 or python3. applications that can handle both are rare.
<nacc> sarnold: ack
<LaserAllan> nacc: Ah, i need to upgrade to 2.7.11 it seems, not sure if that's a good idea on trusty
<LaserAllan> sarnold: that probb explains why it just fails
<nacc> LaserAllan: fyi: https://wiki.ubuntu.com/Python
<LaserAllan> Thanks
<nacc> LaserAllan: generally /usr/bin/python must oint to python2.x
<Sebastien> i forgot how to add a user to the sudoer list but that will not require password input to sudo
<Sebastien> so winscp is not broken when i navigate into another /home/user/
<shauno> Sebastien: if that is the right solution to the problem (and I suspect it's not), man sudoers (not sudo) and look for NOPASSWD
<nacc> Sebastien: really, you're probably not passin ghte right flags to sudo (e.g., -i, -H, or something)
<Sebastien> thy shauno
#ubuntu-server 2016-06-24
<lordievader> Good morning.
<cpaelzer> good morning lordievader
<cpaelzer> jamespage: I was (trying to) start packaging the daily git of openvswitch for experiments with dpdk 16.04
<lordievader> Hey cpaelzer
<cpaelzer> jamespage: but I found that the orig tarball matches non of the sources I checked, so I wonder what you are usually based on
<cpaelzer> jamespage: e.g. old 2.5 tarball doesn't match release tarball, the ones of the 2.5 git you had don't match (in content style) what one can find at https://github.com/openvswitch/ovs/tarball/master
<cpaelzer> jamespage: so I just wonder what your usual entry point is to work with
<cpaelzer> jamespage: any repo I could clone or something like it
<cpaelzer> jamespage: I'll start digging through the packaged readmes instead of just trying - maybe you documented it already :-)
<jamespage> cpaelzer, release tarballs from openvswitch.org (not github - checksum will never match)
<jamespage> cpaelzer, repo - https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/openvswitch/+git/openvswitch
<jamespage> its git-buildpackage based
<cpaelzer> jamespage: something new to become desperate ... umm learn :-) - thanks
<cpaelzer> I came by gbp just this morning, good friday opportunity
<cpaelzer> leaves me in a shattered state to the Weekend to regenerate :-)
<rbasak> teward: see https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2016-June/016654.html
<rbasak> teward: that's up to you I guess, but I suspect the sensible answer is "no".
<rbasak> teward: and a reasonable solution would be "ship it inside Ubuntu".
<Mr_Pan> perÃ² Ã¨ vero da oggi sono extracomunitari
<cpaelzer> jamespage: I tried to build the repo you referred to as is with cowbuilder as it is the default for bit-buildpackage but it fails
<cpaelzer> jamespage: is there more needed than "DIST=yakkety git-pbuilder create" followed by "DIST=yakkety git-buildpackage"?
<cpaelzer> what it runs into is:
<cpaelzer> /usr/include/linux/ethtool.h:1321:18: error: 'INT_MAX' undeclared (first use in this function)
<cpaelzer>   return speed <= INT_MAX || speed == SPEED_UNKNOWN;
<jamespage> cpaelzer, build the source packaging using gbp-buildpackage -S
<jamespage> and then use whatever you like to build the resuting source package
<cpaelzer> ok usually sbuild and into adt - will try thanks
<jamespage> that's what I generally do
<cpaelzer> perfect, hat is all I wanted to know
<cpaelzer> jamespage++
<Aison> hello, I installed dnsmasq, but the /etc/dnsmasq.conf is ignored
<Aison> It looks like NetworkManager starts the dnsqmasq service
<ikonia> right
<Aison> and all settings are ignored
<ikonia> network manager controls dns masq by default
<ikonia> so /etc/dnsmasq.conf is ignored as that is not dnsmasq
<Aison> ok, so I should uninstall network manager?
<ikonia> you'll find /etc/NetworkManager/dnsmasq.d is where the config is
<Aison> ah, ok
<Aison> hmm, there is no dnsmasq.d dir inside NetworkManager
<ikonia> ps -ef | grep dnsmasq will show you where it's looking at config wise
<Aison> ok, brb, reboot
<cpaelzer> jamespage: one point for consistency, driving it in the background through a source packaging build and sbuild fails at exactly the same spot
<cpaelzer> jamespage: but I think I let that as it is until Monday, no need to focus too much today
<teward> rbasak: My first comment on that in my draft is to CC this to the server list because that's where the server team and other nginx-related things have landed in the past.  My second comment is that ultimately they may wish to coordinate with, say, me or hte Server Team on the version bump coordination.  That said, you're right, "Ship it inside Ubuntu" is a valid statement, but then we fall into the lack of a build system - they have to compile
<teward> it themselves, then ship the .so
<teward> which is *not* a sane way to go about it 'cause htey then need to support each individual arch
<teward> rbasak: it's also a further reason I"ve not merged from Debian - "experimental" dynamic module support is questionable at how it would be executed for third party binary packages
<teward> rbasak: and a two paragraph description of the dev cycle and that we can't guarantee a version will be in an Ubuntu release right until it's released
<teward> rbasak: my feeling is "We cannot reasonably commit during a development cycle to a release unless we are already tracking a Stable branch, which is partly dependent on Debian."
<cpaelzer> jamespage: I think that is my yakkety env - ust found bug 1592930
<ubottu> bug 1592930 in linux (Ubuntu) "failures building userspace packages that include ethtool.h" [Medium,Triaged] https://launchpad.net/bugs/1592930
<teward> because Debian's having of mainline was the evil problem we had the Xenial cycle
<teward> and the poor timing of 1.10.x
<teward> rbasak: if I may ask, what're your thoughts?
<rbasak> teward: good idea to Cc the server list. Or even suggest to completely move the thread there.
<rbasak> teward: why do they have to compile it themselves? He said that it's open source.
<Aison> ikonia, works
<rbasak> teward: I think we're beholden to upstream too much to make that sort of commitment. We're not in a position to keep it.
<ikonia> Aison: super
<Aison> ps fax
<rbasak> teward: also, if a mere version bump is enough to change the signature, then that precludes us from doing micro release updates. I don't think we can commit to that.
<teward> rbasak: to compile a dynamic module you have to compile it alongside the nginx package and extract the built .so for it
<Aison> next question: I search a tool/webapp for my NAS where I can connect with my mobile phone and push files to it
<teward> rbasak: which is a poor way to do it, but that's the existing system
<rbasak> pinba-engine-mysql is packaged and does something similar.
<rbasak> It is hacky, but it has been done.
<teward> rbasak: I think this needs further discussion
<rbasak> teward: agreed :)
<rbasak> In pinba's case, the security team kindly rebuild it every time MySQL is MRE bumped.
<rbasak> It's not ideal, because an FTBFS in pinba will potentially hold up a MySQL security update. I suspect that the security team would choose to break pinba in this case.
<teward> mhm
<rbasak> But that applies to any ABI break in any package receiving a security update in the general case.
<teward> rbasak: I think I also need clarifications on what they mean by signature - that is if they mean upstream 1.10.0 as a signature or 1.10.0-foo-bar-baz  as the whole signature
<teward> rbasak: because we *will* have bugfixes with it being an LTS
<teward> maybe not whole version bumps
<teward> but potentially enough to break things
<rbasak> Yep
<teward> over the course of LTS
<rbasak> I don't think we should close the door to micro version bumps either though.
<teward> rbasak: can we loop in the SEcurity team (cc: sarnold) for opinions?
<rbasak> Sure
<teward> as well
<teward> rbasak: because if they say "A security release which is necessary will break this, so we can't make this kind of commitment" will trump both of our viewpoints
<rbasak> If we agree that we're not closing the door to micro version bumps, then your question is moot I think.
<teward> unless they want to do the hacky method
<teward> rbasak: I try and avoid micro version bumps
<rbasak> I do want to encourage them to maintain their module in universe or backports though, if that is possible.
<teward> because we're on stable, the only version bumps are security or major bugfixes
<teward> which we can reverse-apply as we already do with cherrypicked patches
<teward> rbasak: for an in-development release version pinning is out the door
<teward> and that's by the nature of the devel cycle
<teward> the only Ubuntu version bumps outside the cherrypicked patches would be to fix major issues in the packaging
<teward> which so far isn't the case
<teward> rbasak: you're right though, we can't close the door to micro-revisions
<teward> rbasak: perahps you should write the reply?
<teward> i've not had any coffee yet
<teward> so my replies are not well worded :/
<coreycb> jamespage, beisner, horizon 2:9.0.1-0ubuntu2~cloud0 is ready to promote to mitaka-proposed when you get a moment
<teward> rbasak: thanks for replying to that - far better than what I could have written
<rbasak> np
<jak2000> how to change the time of ask a password when use sudo command?
<ogra_> jak2000, man sudo ... have a look at the -k option
<manueltt> ciao ragazzi, per caso c'Ã¨ qualcuno che ne sa abbastanza di ubuntu server?... ho per sbaglio sovrascritto dei file in /srv, ho la lista e tutto... se qualcuno se ne intende e puÃ² dargli un attimo un'occhiate gliene sarei grato...
<genii> !it
<ubottu> Vai su #ubuntu-it se vuoi parlare in italiano, in questo canale usiamo solo l'inglese. Grazie! (per entrare, scrivi Â« /join #ubuntu-it Â» senza virgolette)
<manueltt> I made a mistake and I launched a sync amazon s3 in the wrong direction: aws s3 sync remote local
<manueltt> for the / srv, I immediately blocked the process, attach files that have changed.
<manueltt> Back up s3 was the previous day.
<manueltt> What can I do? If restart does not work nothing or no problem for this file?
<manueltt> I Use ubuntu 14.14
<manueltt> This is list of file http://txt.do/53uip
<jge_> hey all good afternoon, I have a fresh installation of Ubuntu 16.04 LTS server running but it's consuming over 1GB of ram
<jge_> anyone experienced this before
<jge_> I found this bug but refers to the unity desktop:https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1572801
<ubottu> Launchpad bug 1572801 in linux (Ubuntu Xenial) "Ubuntu 16.04 Unity desktop uses much more ram than Ubuntu 15.10" [High,Confirmed]
<jge_> wondering if it's related
<sarnold> it's nearly useless to talk about "ram consumed" without far far more data
<sarnold> linux by default aims to use nearly all the memory nearly all the time, because unused memory is wasted memory
<sarnold> so it caches all that it can
<jge_> hmm yeah I know.. but the box shows 1.3 GB of used memory
<jge_> not in cache/buffers
<jge_> vanilla install
<jhobbs> http://www.linuxatemyram.com/
<jge_> that seems high to me
<sarnold> jge_: you've got a few different tools to use to investigate; you can use e.g. top's M sort-by-memory command to find out which  processes are using the most -- pay more attention to the RSS column than the others
<sarnold> jge_: since processes share memory of shared libraries they have in common, it's also worth using the smem tool to investigate which processes have 'unique' memory allocated; smem allocates parts of shared memory to every process that's using it to try to give a different view -- it's not more or less accurate, but it may be more useful if you're looking for services to stop
<jge_> got it
<jge_> strange, since I've already looked into htop, sort by memory, and looked at the RES column, stopped all services I suspect were using it and still pegged at 1.3
<jge_> I'm going to spin up a new vm, fresh install same specs and see if it happens again
<jge_> this time without installing anything
<jelly> jge_: you wouldn't have X running on that "server"?
<nme_> hi all
<nme_> i got issue with ssh key that whenever i rebooted the server, it refused my key, but once i had logged in using password from the console of the server, it is ok again
<jge_> jelly: nope
<sarnold> nme_: sounds a bit like you may have used home directory encryption
<sarnold> nme_: .. then your ~/.ssh/authorized_keys might not be available to the server until after you've authenticated and the filesystem is decrypted
<nme_> yeah, i got encryption enabled
<nme_> anyway to have encryption on the home directory and at the same time ssh is limited to keys only ?
<sarnold> i've never investigated but there's probably some mechanism to have the authorized_keys file visible when you're not logged in.. maybe in the underlying mount?
<patdk-lap2> probably have to update it during login and when not logged in
<patdk-lap2> oh, no it won't work
<patdk-lap2> you just cannot use keys at all
<patdk-lap2> http://unix.stackexchange.com/questions/174427/encfs-automount-and-authorized-keys
<patdk-lap2> cause you need your password to unlock the encryption
<patdk-lap2> https://help.ubuntu.com/community/EncryptedHome
<patdk-lap2> might help, dunno if it's a real work around, or usable work around
<patdk-lap2> to symlink it outside the space
<nme_> i tried to put in under / directly
<nme_> not working too :(
<nme_> thanks for the suggestion
<nme_> will try it tomorrow, too late here, going to sleep
<nme_> thanks guys
<ddellav> coreycb can you review and push my ci fixes for: lp:~ddellav/ubuntu/+source/aodh, lp:~ddellav/ubuntu/+source/keystone, lp:~ddellav/ubuntu/+source/neutron please?
<coreycb> ddellav, sure
<coreycb> ddellav, those all for newton?
<ddellav> coreycb yes
<coreycb> ddellav, I've pushed those, thanks
<ddellav>  coreycb ty, I will trigger the rebuilds to make sure
<jge_> so installed a fresh copy of ubuntu server 16.04 and same problem, memory used reported to be 1.3G out of 2G
<jge_> when I do a top, look at the RES column nothing in particular stands out that could be the cause of this high memory usage
<jge_> this is vmware virtual machine
<jge_> so strange..
<sarnold> jge_: could you pastebin the top output sorted by memory? I'm curious now :)
<jge_> sarnold: sure thing, I just rebooted the box so it went down to about 70MB but it will creep up back again
<jge_> want me to paste that output now or wait till it goes up
<sarnold> ooh good idea, maybe a before/after would be useful
<jge_> ok let me get a paste going, one sec
<jge_> sarnold: ok, here it is: http://pastie.org/pastes/10889454/text
<mgriffin> jge_: did you get an after?
<tammy5> I am new to unbuntu server - what are some areas to work with
<jge_> mgriffin and sarnold: just went back to 1.3GB again, here's the paste: http://pastie.org/10889473
<sarnold> jge_: zounds.
<sarnold> jge_: hmm. that looks like it's sorted by pid, not by memory use
<jge_> yeah I just did a top -n 1 :(
<jge_> let me get a paste going sorted by memory
<jge_> should I do sorted by RES or %MEM
<sarnold> RES is probably most useful
<jge_> roger
<jge_> ok here's the new one
<jge_> http://pastie.org/10889475
<jge_> have to step out for some time, be back later - leaving computer on so please pm or mention if anything :D
<mgriffin> jge_: does df show /dev/shm usage?
<mgriffin> (or any tmpfs)
#ubuntu-server 2016-06-25
<sarnold> jge_: interesting; but things there don't quite add up -- e.g. the vmware tools take ~10 megs, the snapd daemon takes ~10 megs, everything else sums to around 125 megs (using my patented half-assed arithmetic, 25 things of roughly five megs each :)
<sarnold> jge_: check out slabtop output -- that might help explain where memory has gone
<GameOfTrolls> hello sarnold
<GameOfTrolls> how are you doing today
<GameOfTrolls> im gg from oftc
<sarnold> GameOfTrolls: aha :) not bad, weekend is nearly here :D
<sarnold> GameOfTrolls: how are you tonight?
<GameOfTrolls> im ok sarnold. just coding javascripts
<teward> sarnold: ohai
<sarnold> evening teward :)
<teward> sarnold: can I pick your brain briefly for your thoughts on something?
<sarnold> teward: sure
<teward> if only 'cause i want your input on it, incoming PM
<f1gjam> hey guys, I am trying to install openstack via autopilot, but juju fails to boot strap a node - here is the log file http://paste.ubuntu.com/17779796/
<sarnold> f1gjam: wow, that's singularly useless :(
<sarnold> f1gjam: can you try a manual juju bootstrap and see how far that gets?
<f1gjam> sarnold, i have never done that, I was using the docs provided on the website
<f1gjam> the autopilot docs
<lordievader> Good morning
#ubuntu-server 2016-06-26
<allquixotic> Does Ubuntu Landscape with the paid Advantage plans offer automatic security update functionality?
<teward> allquixotic: you can configure Landscape to do only automatic security updates yes
<teward> for either all systems or certain tags, or individual access groups, or however you choose.
<teward> whether it's all updates or only security updates, you have to configure it to push the update tasks out, either way
<teward> (the automatic security updates is what I have my servers all set to)
<teward> (inside of Landscape)
<allquixotic> teward: Thanks!
<allquixotic> Do the requisite things generally get reloaded when listening services (nginx, ssh, etc.) get updated that way?
<lordievader> Good morning.
<tammy5> god morning
<tammy5> I am new to ubuntu server and trying to see what can be done
<lordievader> tammy5: How do you mean "what can be done"?
<tammy5> nvm @lordievader I found what I was looking for
<tammy5> I was trying to see what volunteer opportunities I can work on
<codepython7771> how do you configure a ubuntu server so that it can be powered off without "shutdown" and have no adversarial effect on it?
<ikonia> codepython7771: what do you mean ?
<dahlia_> hello guys
<dahlia_> i need to determine limitation for bandwidth for users in my serve how can i do that ?
<ikonia> iptables quos
<dahlia_> ikonia, hi
<dahlia_> ikonia, can  you give me a reference to how can i use iptable?
<ikonia> look up the quos function
<dahlia_> ikonia, how can i use iptables graphical ?
<ikonia> there are gui tools, I'd advise against it personally
<dahlia_> ikonia, i need to limit bandwidth for users that use from my website on my server
<ikonia> ok ?
<dahlia_> how can i do that in my server ?
<codepython7771> ikonia: I want to be able to switch off the machine whenever i want - without a "shutdown now"?
<ikonia> codepython7771: how do you want to shut it up
<ikonia> dahlia_: use iptables with quos as I've said
<ikonia> there is also mod_bandwitdh for apache
<codepython7771> ikonia: power off button
<ikonia> codepython7771: poweroff single press should invoke shutdown if your bios suppors apci properly
<PGNd> I'm installing Ubuntu 16LTS in a Xen Guest.  If I install the guest using xen bios == 'seabios', i.e., NOT as an EFI guest, then all's well.  But if I install as xen bios == 'ovmf', i.e. as an EFI guest, then on guest reboot it drops into UEFI Shell -- and fails to boot.
<PGNd> Atm, this is unique to Ubuntu.  Opensuse and Fedora EFI guests work just fine.
<PGNd> So, with not yet having done a deeper dive,  I suspect it's an Ubuntu issue.
<PGNd> Question is -- anyone here familiar with this scenario to hint at a problem/solution?
<PGNd> My first guess is that the Grub installed by the Ubu installer is not new enough ...
<teward> allquixotic: [2016-06-26 00:11:56] <allquixotic> Do the requisite things generally get reloaded when listening services (nginx, ssh, etc.) get updated that way?
<teward> I went to bed early, sorry
<teward> allquixotic: it depends on the 'services'.  I have a separate process in my Landscape configuration that runs about 15 minutes after the scheduled security update process every night that restarts the services gracefully.  I believe nginx and ssh are configured to reload that way in the packaging, but I can't speak to all services
<dahlia_> hi how can i limit bandwidth for per user using apache ?
<ikonia> dahlia_: already told you
<ikonia> multiple times nw
<dahlia_> ikonia, yes you said but i dont know how can i use that
<ikonia> ok - so research the two options I gave you
<ikonia> see which one would best work for your needs
<dahlia_> ikonia, as i need to use that for my website i prefer setting for apache  DO YOU AGREE ?
<ikonia> I don't care
<ikonia> it's your use case
<ikonia> your needs, your experience, your views that matter
<dahlia_> ikonia, do you know anyone to help me to
<ikonia> help you what ?
<dahlia_> i have a website
<ikonia> yes ,I'm aware you have a website, you've mentioned that
<dahlia_> i need to prepare method for pay
<ikonia> what ?
<dahlia_> i need someone to have master card
<ikonia> ????
<ikonia> what has this got to do with ubuntu,
<dahlia_> our customers pay in her account
<ikonia> again - what has this got to do with ubuntu ?
<dahlia_> excuse me
<dahlia_> it is not related
<dahlia_> it was just a personallu question
<dahlia_> excuse me
<ikonia> it's not even a question
<ikonia> you've just stated you need a mastercard
<ikonia> no idea what that has to do with anything
<dahlia_> ikonia, i cant provide mastercard here in Iran
<ikonia> what do you want me to do about that ?
<dahlia_> i need to offer master card payment  method for foreigner customers  r
<ikonia> again - what do you want me to do about this?
<dahlia_> i need someone to have master card
<ikonia> again - what do you want me to do about this?
<dahlia_> to get money and tranfer it to our swift account in iraN
<ikonia> you want me to do a money transfer for you ?
<dahlia_> to our company
<dahlia_> yes
<ikonia> that is a crazy thing to ask
<ikonia> please don't ask for that sort of thing
<ikonia> we are not here for that sort of thing at all
<ikonia> we are here for ubuntu help only
<dahlia_> i know
<dahlia_> you areright
<dahlia_> excuse me
<dahlia_> i search to find a method
<dahlia_> ikonia, i was wrong excuse me
<JanC> usually that sort of requests comes from Nigeria...
<allquixotic> Has anyone found a guide for using LXD with OpenVSwitch for networking (to prevent containers from sniffing L2 on an unrestricted bridge) -without- installing the openstack bloat?
<patdk-lap> I thought it was lsd
<patdk-lap> allquixotic, just use ebtables
<slab> cannot run doom 3 BFG just grey screen
<slab> help
<teward> slab: not sure how it's on topic here?  Are you using Windows?
<teward> if oyu're using Ubuntu and not the server version, then you should go to #ubuntu
<teward> if you're on Windows, use ##windows
<teward> otherwise, I think that's offtopic for the channel...
<slab> no ubuntu teward
<slab> 16.04
<teward> as this is Ubuntu Server discussion and support, not Desktop
<teward> slab: visit #ubuntu
<allquixotic> patdk-lap: ebtables will work for layer 2, but it doesn't stop guests from claiming whatever IP address they want, which is another thing I need to do (ensure that each guest can only use the IP(s) I want).
<patdk-lap> allquixotic, since when is that not possible with ebtables?
<patdk-lap> http://ebtables.netfilter.org/examples/basic.html#ex_anti-spoof
<allquixotic> patdk-lap: Oh, nice... so, when I assign a MAC to an interface in an LXD container, can root within the (unprivileged) container change the MAC address on their own?
<allquixotic> So I'm using macvlan with LXD and it works well; now I'd like to restrict containers to using a specific MAC address + IP address combo - meaning, if they put in the wrong MAC or IP, they will either get an error or just have their packets dropped. All of the containers get one static IP. How can I do this?
#ubuntu-server 2017-06-19
<ruben23> hi there guys how do i set a sudo user to have passwordless everytime i run a command.? any idea
<genii> It's an extremely horrible idea but can be done in the sudoers file
<Ben64> yeah it's a bad idea
<ruben23> genii: yes just need to test something, pls can you guide into somehow
<genii> Do you know how to use vi?
<ruben23> i uncomment this
<genii> Basically: sudo visudo      .... and to the line which says: %sudo   ALL=(ALL:ALL) ALL          to add a space and then put: NOPASSWD:ALL    and then save and exit
<ruben23> i uncomment this
<ruben23> https://pastebin.com/feXzDPcB
<tonton1> hello
<IShavedForThis_> does anyone use plex here, and if so, do you know of a good application to rename files according the the plex name syntax?
<oerheks> IShavedForThis_, you didn't answer tomreyn earlier, and now, what is plex name syntax?
<cpaelzer> good morning
<arunpyasi> What may be the reason for " kernel panic-not syncing: VFS: unable to mount root fs on unknown block(0,0) " ? Its 16.04, I already had it installed and running fine.. but later, I got that error while boot but boots fine in the advanced option recovery mode..
<hateball> arunpyasi: filesystem or physical error perhaps
<hateball> arunpyasi: run recovery (or liveboot) and fsck your partitions
<hateball> and then you may want to check the drive for errors with smartctl
<arunpyasi> hateball, I did fsck, nothing happened.
<arunpyasi> hateball, so, can be a physical error ?
<arunpyasi> hateball, how do I find the faulty HDD with smartctl ?
<arunpyasi> I did saw only 8 bad sectors.. does that mean this HDD cannot be used anymore ?
<hateball> arunpyasi: I personally replace drives soon as they get 1 bad sector
<hateball> It usually means they'll be going dead sooner rather than later
<hateball> arunpyasi: but check also for read/write errors
<hateball> as sectors *can* be marked as bad and the drive still continue to work
<hateball> It depends how much you value your data I guess :)
<arunpyasi> hateball, hmm.. It doesn't have data but the softwares and their configurations
<arunpyasi> hateball, so, 8 bad sector is huge?
<arunpyasi> hateball, Read Error value is 0
<hateball> arunpyasi: could you pastebin the output of that smartctl ?
<arunpyasi> hateball, http://dpaste.com/0PWYX2M
<hateball> arunpyasi: doesnt look unhealthy other than the bad sectors
<hateball> arunpyasi: I'd keep an eye on it tho
<arunpyasi> hateball, so, what may be the other way for it ? What more can I try ?
<Guest89023> hey hey
<Guest89023> hello MONDAY
<Guest89023> :D
<lordievader> o/
<hehehe> heya
<hehehe> lordievader: are you a kimsufi user by a chance?
<hehehe> I may get it :) or similar
<lordievader> hehehe: Never heard of that....
<lordievader> What is it?
<hehehe> whaaaat
<hehehe> one of the cheapest servers providers in the world
<hehehe> :)
<hehehe> apart scaleway
<lordievader> I think I am cheaper :P (free)
<lordievader> Well sort of anyways.
<hehehe> lol you host raspberry at home?
<lordievader> Among others.
<hehehe> yes it can be cheaper that way for sure
<hehehe> but I am moving often to I choose DC
<hehehe> so I
<hehehe> else I have to drag a bunch of boxes with me
<lordievader> My primary server has an i7.
<hehehe> but why do you have so many at home?
<hehehe> whats your latency like?
<lordievader> Hobby ;)
<lordievader> Latency to what?
<hehehe> I though you are hosting production server there
<hehehe> some saas
<hehehe> :D
<hehehe> I can imagine customers lag :D
<lordievader> No, just private stuff.
<hehehe> https://www.lowendtalk.com/discussion/103257/tutorial-create-your-own-windows-template-using-virtualbox
<hehehe> so nice :D
<hehehe> can install windows on cheap linux boxes :D
<lordievader> Network of the university is quite nice :) 40Gbit up \o/
<hehehe> haha
<hehehe> you need to run server on sinclair or spectrum or robotron
<hehehe> some ancient crap :D
<lordievader> ?
<hehehe> probably it may even work
<hehehe> for fun
<hehehe> try to fun server on some ancient concole
<hehehe> console'
<hehehe> http://manpages.ubuntu.com/manpages/precise/man1/audio2tape.1.html
<hehehe> LOL
<hehehe> whats that?
<hehehe> anyways
<hehehe> my idea is find a cheap powerful host
<hehehe> and install windows on it :D
<hehehe> and scaleway provides cloud baremetal
<hehehe> I wonder how they can do it
<hehehe> provision time 2-3 min
<lordievader> Why?
<hehehe> why @windows?
<hehehe> I use it for work :)
<hehehe> at home I use linux
<gheorghe> @hehehe, the corporation you work at makes you use windows? do you live the same horror as I do?
<hehehe> well I like all OSes I even had MacOs server :)
<hehehe> as to forced nope - but some software there wont work on linux
<hehehe> especially stuff like qq messenger
<hehehe> btw https://udemycoupon.org/
<hehehe> some free udemy courses lol
<gheorghe> we use skype for business and that doesn't work properly on linux
<gheorghe> well, it works on android.
<hateball> out of all the voice/video things I've used I find Skype to be the least reliable one
<hateball> anything webrtc is just... nice
<gheorghe> @hateball: what alternatives to skype for business did you sue?
<hateball> gheorghe: well the most comparable would be Hangouts
<hateball> depends if you need the PBX stuff or not
<hateball> appear.in is nice for one-off things
<hateball> and there's plenty others
<gheorghe> thank you for the information! now i can make fun of my managers
<hateball> heh
<hateball> well if you're running a mostly microsoft environment, especially with exchange, then skype is a natural choice
<hateball> It's just that there are better options, as all of us using Linux are aware of ;)
<gheorghe> yes, and this affects my mindset when I work with the tools provided by the company. of course they have AD and exchange and skype and all the microsoft stuff...
<Fieldy> yuck :/
<hehehe> :)
<hehehe> whats the easiest vnc server out there?
<hehehe> i installed some following tutorial and its a clusterfuck :D
<Vorap> hehehe: I'd recommend xrdp, I'
<Vorap> ve used it before
<Vorap> And it has been very nice and easy to useÂ¨'
<gheorghe> i use vino since it is default with gnome3
 * lordievader like xpra
<lordievader> If you don't use keys for your ssh, there is even a Windows client :P
<hehehe> Vorap: do I need to install mate client or similar for xrdp?
<hehehe> it seems its not a friend with gnome :D
<hehehe> lordievader: well xpra is doing what?
<hehehe> once installed it can be used to connect to a desktop remotely?
<lordievader> hehehe: Basically tmux/screen for xforwarding.
<lordievader> You normaly don't run an entire desktop, but just the applications you need.
<hehehe> lol its ubuntu desktop server
<hehehe> lordievader: what do u mean?
<lordievader> hehehe: Do you know what X forwarding is?
<hehehe> i usually run entire desktop
<hehehe> itX11
<hehehe> i just want something simple
<hehehe> :)
<hehehe> to connect to remote ubuntu desktop
<lordievader> X forwarding allows you to run an application on a remote host and see the gui locally.
<lordievader> Xpra allows you to attach and detach to such a process.
<hehehe> cool
<lordievader> I've used it for things that needed to keep running in a browser.
<hehehe> can it be used for virtual box?
<hehehe> so with x forwarding u can use server instead of desktop?
<hehehe> hmm
<lordievader> Virtualbox runs its own vnc, right?
<hehehe> I dont know :D
<hehehe> yet to install it
<hehehe> does it?
<lordievader> Thought so, haven't used it in ages. Qemu/libvirt does.
<hehehe> why
<cpaelzer> yeah also always going with qemu/libvirt
<lordievader> Qemu is in most cases faster (on Linux).
<cpaelzer> The only thing I still sometimes have to admit is the UI for USB forwarding on virtualbox is nicer
<lordievader> Tooling around it is also much nicer.
<cpaelzer> other than that all seems to be better around qemu/libvirt these days
<hehehe> xrdp nearly works but why no copy paste passwd there?
<hehehe> have to type pass by hand
<hehehe> like wtf sometimes I think people dont think
<hehehe> who is going to type random chars 40+ passwd by hand
<hehehe> :D
<hehehe> Vorap: thanks :D
<hehehe> it seems aptitude stuck
<hehehe> how I can see if its installing something or not?
<hehehe> :)
<hehehe> I can kill apt via pid
<hehehe> but I just run - update system via system software gui
<hehehe> .. :D
<hehehe> fixed
<gheorghe> the GUI is always odd. i never update with the gui, just with apt
<gheorghe> i use the GUI only for network settings since it seems to overwrite stuff you do via terminal
<gheorghe> and anyway, i deploy all servers without gui
<gheorghe> i use gui only @home for games & facebook
<hehehe> ::)))
<redvic> hi need help with data recovery form a external can someone advise or point to a chat room that might
<hehehe> recover as?
<hehehe> more details
<redvic> I have a external hard drive WD elements, shows folders but empty inside and when I try to copy image on root of the drive it takes forever, drive is slow and makes noises. Drive is damaged
<lordievader> redvic: Could you pastebin the output of 'sudo smartctl -a /dev/sdX' (where X refers to the drive letter of the external drive)
<redvic> lordievader, will try now
<cpaelzer> jamespage: did you override the mininet dep8 test issues in artful-proposed?
<cpaelzer> jamespage: 2.2.2-1 migrated, but follow on tests triggering it still fail the same way
<jamespage> cpaelzer: no
<cpaelzer> or was that a retry-button-push-fest :-)
<cpaelzer> hmm interesting http://autopkgtest.ubuntu.com/packages/mininet/artful/amd64 holds no 2.2.2-1 pass
<cpaelzer> but there should be at least one from its own sync I'd think
<redvic> lordievader, terminals says command not found
<lordievader> redvic: Install it, sudo apt-get install smartmontools
<cpaelzer> jamespage: I'll try to recreate and let you know if I find something to discuss
<cpaelzer> jamespage: if you hear about anybody else who might have forced that through let me know
<redvic> lordievader, can just copy paste output here?
<lordievader> !paste | redvic
<ubottu> redvic: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<redvic> ubottu, ok it just one line as it failed
<ubottu> redvic: I am only a bot, please don't think I'm intelligent :)
<redvic> lordievader, Read Device Identity failed: empty IDENTIFY data
<lordievader> redvic: What command did you issue?
<redvic> lordievader, sudo smartctl -a /dev/sdb
<lordievader> redvic: You probably need the '-d sat' flag, thus: sudo smartctl -d sat -a /dev/sdb
<redvic> lordievader, it worked now to figure out how to get it to you
<cpaelzer> jamespage: ok, at least locally reproducible with artful (without proposed) - that confirms my expectation
<lordievader> redvic: See the paste output of ubottu ;)
<redvic> lordievader, http://paste.ubuntu.com/24899024/
<lordievader> redvic: Ah, 51 pending sectors. Could be worse, but yes. Probably a good idea to replace the drive.
<lordievader> About the missing files, if an fsck has run (and it is some ext filesystem), did you check the lost+found folder?
<redvic> lordievader, there is now lost and found folder so should i do a fsck ?
<lordievader> redvic: What kind of filesystem is on there?
<redvic> lordievader, I am batteling to check file system gui properties displays nothing and terminal gives a error lodaing operating system
<redvic> lordievader, i used sudo file -sL /dev/sdb command
<redvic> lordievader, fuseblk ??
<lordievader> redvic: blkid tells you ;)
<redvic> lordievader, sudo blkid /dev/sdb
<redvic>  PTUUID="0004a9a0" PTTYPE="dos"
<lordievader> redvic: What is the full output of 'sudo blkid'?
<redvic> sudo blkid /dev/sdb: PTUUID="0004a9a0" PTTYPE="dos" that is it
<redvic> lordievader, is my command correct
<redvic> lord
<redvic> lordievader, the owner uses the drive on whindows so DOS does seem like a option
<lordievader> redvic: Well, you want to see what kind of filesystem is on the partition, sdb refers to a disk, sdb1, for example, refers to the first partition on the disk.
<lordievader> But if it is used on Windows it is most likely ntfs... and I have no experience with file recovery on ntfs filesystems.
<redvic> lordievader, used gui disks option and it says partition type for sdb1 is HPFS/NTFS so NTFS?
<lordievader> Yes, probably.
<redvic> lordievader, /dev/sdb1: LABEL="Backup Kuehl" UUID="60CC5B9ACC5B6974" TYPE="ntfs" PARTUUID="0004a9a0-01"
<redvic> lordievader, got the command right and it also says NTFS
<lordievader> Yeah, indeed.
<redvic> lordievader, any advise on how to get the data back? it so frustating to see the data and not be able to copy
<lordievader> Oh, you do see it?
<lordievader> I'd dd the disk first, and play with that. Leave the disk as is.
<redvic> lordievader, dd ?
<lordievader> !dd
<lordievader> Hmm
<lordievader> !info dd
<ubottu> Package dd does not exist in zesty
<lordievader> redvic: http://manpages.ubuntu.com/manpages/xenial/man1/dd.1.html
<redvic> drive is connected to my laptop ubuntu 16.04 lts
<cpaelzer> jamespage: I found the bug, need to fix openvswitch debian/test/vanilly&dpdk scripts
<cpaelzer> jamespage: I don't see how that passed proposed, but I opened a bug and will fix it
<cpaelzer> jamespage: TL;DR the new openvswitch-testcontroller spawns a service by default which is blocking the mininet handling as the tests use it
<jamespage> cpaelzer: tbh it still remains a bit of black magic to me
<jamespage> cpaelzer: oh ok
<jamespage> odd
<cpaelzer> jamespage: stopping that service in advance to the tests resolves the issue by not blocking the port then
<jamespage> you might not need the openvswitch-testcontroller any longer then
<jamespage> not sure
<cpaelzer> I'll try that as an alternative solution as well
<cpaelzer> jamespage: bug 1698808 for tracking and eventually fix
<ubottu> bug 1698808 in openvswitch (Ubuntu) "mininet 2.2.2-1 breaks openvswitch tests" [Undecided,New] https://launchpad.net/bugs/1698808
<geojunkieSCI> ??paste
<hehehe> quemu is nice
<hehehe> :D
<hehehe> a bit more learning curve however seems working well
<hehehe> :)
<axisys> anyone has ubuntu running dl380 gen9 or like? I am trying to find out how to switch to passthrough raid?
<drab> axisys: ime (I researched the same thing for my SM servers) it's less about the server and ubuntu and more about the controller
<drab> in my case for example it's LSI controller which was flashed to IT mode
<drab> so I'd find exactly what raid card that server has and then google for that mode and JBOD mode / IT mode (which may already be possible as is)
<qman__> right, it's controller dependent, some support it, some can be flashed to support it, some can't
<axisys> I am trying to find out a "how to"
<axisys> so with passthrough.. do I still worry about the controller battery?
<axisys> like when it expires, need to replace it?
<yoink> So I've got an odd issue: I can't delete a directory; I'm being told it's not empty, except it's empty and there are no hidden files and as superuser I should be able to do so - but sadly I cannot.
<genii> yoink: Tried with rm -rf /dirname  instead of rmdir /dirname  ?
<yoink> genii: many times.
<yoink> :(
<yoink> I tried moving the directory and then deleting... nothing.
<yoink> I wonder if it's a filesystem issue.
<genii> yoink: Is the directory a mount point?
<yoink> genii: nope - it was a deep subfolder in a build pipeline on a remote runner.
<genii> yoink: Is your commandline prompt sitting inside the directory you're trying to remove?
<yoink> Builds started failing one day and it was because this dirctory in question couldn't be deleted. So I logged in to delete it and found the same issue.
<genii> yoink: A remount of the partition it's on in read-only and and fsck of that partition seem in order
<yoink> genii: sadly no... I can not remove it no matter where I am, and I applied 777 permissions on it just to make sure it wasn't permission-related. The directly does have an oddly large size listed (20K vs 4K).
<genii> Sounds like hd/inode corruption
<yoink> genii: thanks, had a feeling that's what it was. :/
<gheorghe> the ubuntu server installer automated a creation of a swap partition of 6 GB on a VDA of 7 GB. after that, it crached. gee i wonder why ... manually editing the partitions now ...
<axisys> during raid build I see there is a question for ssd over provisioning optimation option.. should this be enabled or disabled? any sugeestion?
<axisys> suggestion*
<hehehe> :D
<hehehe> gheorghe: did u ever run windows image on some linux vps? :)
<hehehe> basically making  it windows flavor
<hehehe> also I found new host
<hehehe> http://lg.chi.mnx.io/#tests
<hehehe> :)
<gheorghe> hehehe: i am sure i wrote somewhere above how much i do NOT like windows. it is a good OS, but overcomplicated. this happens when you have only one coporation working on the same OS for 20 years. also, all the revolutionary ideeas will come on open source, so windows is just holding humanity back
<Ussat> you all aware of this:  https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash
<hehehe> gheorghe: well to a degree yes, however I use QQ and some other chinese apps
<hehehe> I can run them on the phone but for privacy reasons I prefer separate server :) and they run on windows only
<hehehe> no linux what so ever
<hehehe> mostly tensent apps
<hehehe> else yes I would not bother
<hehehe> with open source - how to make money?
<hehehe> thats also a question
<Ussat> hehehe, I assume you are not going to start the same rant you just got booted from ##windows from
<hehehe> which rant?
<gheorghe> hehehe: ubuntu is making tons of money now with lxd openstack. it's like the first time in history they actually make money
<hehehe> I said a fact
<Ussat> its a generalisation...
<hehehe> Ussat: cut rants
<hehehe> u can use google and check
<hehehe> stats
<Ussat> ...
<Ussat> because everything on the net is true
<gheorghe> hehehe: you don't have to sell the software to get the money. you can sell support for that software... and it also helps the code get better over time because other companies will improve it, so you can guarantee quality.
<hehehe> gheorghe: for example say ecommerce app developers they get some cash
<hehehe> but if it was closed source they could get more
<hehehe> I like open source for its transparency
<hehehe> and yes nowdays many people distrust closed source
<Ussat> hehehe, its not a all or nothing game, both open and closed has its merrits
<Ussat> people distrust a lot of open also
<hehehe> I think if there was a way to check closed source for backdoors yes it would help
<Ussat> again, bth have their merrits
<hehehe> support yes but some soft is so good it needs no support :)
<hehehe> I am going to shop  if someone can post links on how to earn money with open source , would be nice
<Ussat> do tell
<jbicha> maybe y'all need a FAQ for this: https://www.reddit.com/r/Ubuntu/comments/6hzm8j/are_there_any_plans_for_using_mariadb_as_default/
<Ussat> I am not a RH fanbio (TBH I am not a fanboi of any OS) but RH seems to be doin well
<gheorghe> hehehe "u can use google and check ... stats" what stats do you mean?
<gheorghe> jbicha: i've been using only mariadb for some years now... since i found out what oracle did :D
 * rbasak wonders what Oracle did
<gheorghe> rbasak: MySQL was owned and sponsored by a single for-profit firm, the Swedish company MySQL AB, now owned by Oracle Corporation.[9] For proprietary use, several paid editions are available, and offer additional functionality.
<gheorghe> from wikipedia
<jbicha> that doesn't sound too bad ;)
<nacc> gheorghe: so they bought MySQL AB?
<rbasak> gheorghe: OK, so what did they do to MySQL, the Free Software project?
<qman__> I assume they did what they do to every other free software project, which is stop all development
<qman__> every other free software project they acquire*
<rbasak> qman__: your assumption is flat out wrong. Development has continued actively.
<nacc> qman__: FUD. please do research before making false statements.
 * jbicha still uses VirtualBox :)
<rbasak> qman__: see: MySQL 5.5, MySQL 5.6, MySQL 5.7 and the upcoming MySQL 8.0.
<gheorghe> i understand that some companies want to buy open source and make it pay 2 play, but still using that software would mean funding such actions. that is why a lot of distros switched to mariadb... debian was kind of late on this, but than again debian is usually a very stable release
<oerheks> 'companies want to buy open source'... ?
<oerheks> name 1 please?
<jbicha> gheorghe: you do realize that Canonical is a commercial company, too, right?
<dpb1> the percona guys seems to really be happy with the job that oracle is doing, fwiw.
<rbasak> MySQL isn't "pay 2 play".
<sarnold> you can certainly download and use mysql entirely for free. you can make changes to it same as always.
<sarnold> what you can't get is any kind of communication from anyone at oracle about anything. ever. ;) you get the CPUs published every few months to tell you very vaguely what they fixed two months ago.
<rbasak> Debian sid still ships MySQL. It meets Debian's requirements of Free Software -ness.
<sarnold> "unspecified issue affected availability. cvss score 7."
<sarnold> how maria and percona can ever get anything done with an upstream like that is beyond me
<nacc> ahasenack: nice work on the samba changes. I'm building locally and then will tag and upload them.
<sarnold> but considering most people treat their database as a big binary blob it really doesn't change how many people use it day to day.
<ahasenack> nacc: thx, I saw that there is a samba upload stuck in excuses, from 3 days ago
<ahasenack> nacc: what happens when we upload now and that version is stuck there still?
<nacc> ahasenack: well, yours will go on top and be the one stuck :)
<ahasenack> nacc: stuck only if the test error happens, right?
<nacc> ahasenack: looks to be a gvfs regression in a-p?
<nacc> ahasenack: right
<nacc> ahasenack: are yoa able to reproduce the a-p failure in gvfs?
<ahasenack> haven't tried yet
<ahasenack> I just saw it there
<nacc> ahasenack: odd that it *only* fails on amd64 ...
<nacc> mdeslaur: --^ ?
<ahasenack> I don't know if it's a common brittle failure or not
<nacc> ahasenack: it would appear to have passed with 0ubuntu1 but not 2ubuntu1. But there could be other things moving there, of course: http://autopkgtest.ubuntu.com/packages/g/gvfs/artful/amd
<ahasenack> it failed in teardown, curious
<nacc> ahasenack: yeah, it might be a bad test case, in that the pid file might be already cleaned up (racy?)
<jbicha> gvfs' autopkgtest is a bit flaky
<ahasenack> nacc: can you import gvfs, or do we only import server packages?
<nacc> ahasenack: i can import it, but you can also run the autopkgtest locally w/o the tree (just use the srcpkg name). I'll kick off the importer now
<ahasenack> sure, I just got used to git ubuntu clone :)
<nacc> ahasenack: :)
<jbicha> I'll retry the samba autopkgtestâ¦
<ahasenack> jbicha: thanks
<nacc> jbicha: thanks, you certainly would have more knowledge of gvfs than I :)
<gheorghe> jbicha: i know canonical is a comercial company, but canonical made some great things for the world we live in. all of us need to eat, but it depends how you get there
<jbicha> nacc: did you see that slangasek uploaded python-django 1.10 to artful?
<nacc> jbicha: yeah, i interacted with him on it earlier
<nacc> jbicha: will probably re-merge again with 1.11 once i've confirmed with jamespage
<nacc> ahasenack: alright, my merge passed the build (for samba)
<ahasenack> ok
<mdeslaur> nacc ahasenack : not sure why that test is failing
<nacc> mdeslaur: ack, it seems odd :)
<mdeslaur> didn't have time to look at it yet, but only on amd64 is weird. perhaps mash the retry button?
<nacc> mdeslaur: yeah i think jbicha has done that now, we'll see
<jbicha> yeah, the gvfs autopkgtest doesn't pass 100% of the time
<jbicha> but the nplan autopkgtests are annoying me now :|
<hehehe> well if people can copy and all all code is open source
<hehehe> it will advance stuff yet also money wont be there
<hehehe> essentially then most programmers would have to code for free :D
<hehehe> if they agre great
<trippeh> ooh apache httpd is no longer considering http/2 as experimental
<trippeh> go go go apache httpd http/2 in ubuntu ;)
<hehehe> what is http2?
<hehehe> :D
<hehehe> I am using it but yet to check what is it
<nacc> trippeh: it's on the todo for this cycle (already uploaded, needs a MIR for nghttp2)
<ahasenack> jbicha: samba gvfs tests passed this time, nice
<hehehe> https://www.vultr.com/faq/#oschoices
<hehehe> awesome
<gheorghe> yea, these guys are really cheap. 10 minutes of food cost more than 6 months of their service
<hehehe> lol do u eat gold?
<hehehe> they got a promo going for new customers
<hehehe> matching 1st deposit up to 100usd 100%
<hehehe> I am moving from do to them :D
<sarnold> damn that's really cheap
<hehehe> :)))
<hehehe> sarnold: well hardware is cheap now too
<gheorghe> hehehe i wouldn't dump do that easy. they are really stable. well, it depends what you really need... :D
<hehehe> its already done
<hehehe> all hosts are more less same
<gheorghe> do they still use kvm to deliver that cheap or do they give you a container?
<hehehe> :) I guess kvm
<hehehe> ping 33.9 :D
<hehehe_off> hmm using xrdp and password copy paste yet to work
<hehehe_off> into login screen
<hehehe_off> via remmina
<hehehe_off> ok its working
<hehehe_off> gheorghe: what kind of open source business apps you use?
<hehehe_off> I tried some - many suck
<hehehe_off> like sugar crm
<hehehe_off> some are ok
<gheorghe> hehehe_off, first what's up with the different nick? why is it "off" ?
<gheorghe> 2nd, i work in a corporation which has almost everything on windows, except servers. i sadly don't use open source as much as I would like. i am however using linux for everything else :D
<hehehe> off cause I was eating
<hehehe> else people may think I ignore them
<hehehe> nowdays people treat irc like forum lol
<sarnold> just use /away eating
<hehehe> hehe
<hehehe> sarnold: any ideas how I can make windows iso on linux with fedora virtio drivers
<hehehe> I used imgburn on windows here I got brasero
<hehehe> brasero looks kinda basic
<sarnold> I think in the past I've used dd to get an iso image from a cd
<hehehe> https://www.vultr.com/docs/windows-custom-iso-with-virtio-drivers
<hehehe> to do same on linux
<hehehe> I need to make new iso :D from combined files
<hehehe> well I can simply burn iso withj brasero and see
<hehehe> but it wont allow to add boot image so no
<hehehe> btw thanks to one dude I jumped to qemu today
<hehehe> with virt manager its better than virtual box :)
<Epx998> anyone work on a hp dl160 g10 yet?
<hehehe> why
<Epx998> it has a lame feature id like to disable, not a hp channel i know - bios posts in a tiny thumbnail view - cant see anything on the thing i dont have micro vision eyes
<sarnold> crazy
<sarnold> normally bioses look comically oversized..
<Epx998> it has an overview of info i dont need, normal sized, then in the upper left, a thumbnail view of anything id actually want to see
<sarnold> ahasenack: thanks for tackling the smb1 issue :)
<ahasenack> sarnold: it's a start :)
<ahasenack> sarnold: realistically, and I know it's early, I think we might be able to disable it on the server side. Not so sure on the client side
<sarnold> ahasenack: yeah, ther'es just so many cruddy old devices out there..
<ahasenack> yep
<ahasenack> and on server people probably know what they are doing, so it's not a big deal if they have to change one line in smb.conf
<ahasenack> but client/desktop is a different matter
<ahasenack> in that regard
<ahasenack> we'll see
<hehehe> qemu stuck - ubuntu said server error pls restart
<hehehe> however I am running windows install in qemu - if I restart what will happen to vm?
<hehehe> clusterfuck or it will be able to pick up?
<hehehe> lol
<gheorghe> i am confused ... so your bare metal is ubuntu, you run qemu-(i suppose)KVM and your VM is windows ...
<gheorghe> am i right?
<Epx998> hmm ubuntu 12 doesnt have hp gen10, just 9. are udeb's still available for ub12?
<oerheks> ubuntu 12 is dead, eol
<Epx998> yeah i know - but some of our prod environment still runs it
<Epx998> our android developers are mostly on 12 I think per some google requirement or something
<nacc> Epx998: your prod environment runs an OS that no longer gets updates??
<oerheks> giving support is against logical sense.
<Epx998> i cannot deploy 16+ and only some servers can get ub14 - it sucks
<Epx998> nacc: yes a problem, if I was allowed to run updates.
<nacc> Epx998: so your production is double insecure?
<Epx998> nacc: you have no idea.
<Epx998> lets see how ub14 netboot does on this gen 10
<gheorghe> oerheks, when you say it's EOL you make me wonder how come i remember the day I installed it the first time and how come so much time has passed :))
<oerheks> checking auth log might help
<Epx998> hmm ub12 works on the G10, but my preseed didnt know what to do with the drive, even though it was detected.
<tomreyn> sounds like you should revolt a little
<tomreyn> (or find a different employer)
<sarnold> Epx998: fwiw if you're stuck on 12.04 LTS you may wish to investigate ubuntu advantage https://buy.ubuntu.com/  -- it isn't as comprehensive as the 14.04 LTS or 16.04 LTS security updates but might help you through a rough patch
<Epx998> sarnold: we are moving to 14, mgt is just dragging their heals 'if it aint broke..' but has we buy newer hardware its becoming a problem.
<sarnold> Epx998: also be sure to file bug reports from the newer stuff on anything that doesn't work. it might take some effort to get things fixed but should help more people than just you :)
<sarnold> Epx998: yeah :/ that's why a lot of people still have WinXP in production.. heh.
<Epx998> today its a random hp gen 10 they to try, last week it was huewei whatever servers
<Epx998> ub12 on a g10 is working, i just need to sort out my partman expert recipe
<Epx998> week before last it was supermicro "micro servers"
<Epx998> makes getting a decent preceed hard when my mgr keeps changing chassis, drives, raid controllers
<sarnold> on the plus side not many people have the chance to see so many different types of hardware in a short time :)
<Epx998> sarnold: yeah very true, I was just thinking that.  I see the problem here, controller is creating sdb and sdc, recipe specifys sda, and when I dont set partman-auto disk - it asks, so hmm.
<Epx998> lets see what partman-auto/init_automatically_partition does
<sarnold> Epx998: ugh and of course those drive names can change at a whim.. rough choice, the /dev/disk/by-* names are stable but not predictable from install to install..
<drab> sarnold: the by-id ones seem predictable in my limited experience
<drab> since they use the type and serial number
<drab> wwn-0x50015179xxxx has been consistent reinstall after reinstall
<sarnold> it should be yes
<sarnold> but that means having an intern to type those in to an installer script of some sort
<hehehe_off> hate hate smokers
<hehehe_off> they are so nasty
<hehehe_off> :D
<hehehe_off> sorry :D
<hehehe_off> just someone smoked in a flat I lived
<Epx998> ugh whomever wrote this ub12 unattended mixed preseed and kickstart configs
<drab> I never quite understood why kickstart became a thing in ubuntu land
<drab> what's it for?
<Ussat> what ?
<Ussat> what dont you uderstand ?
<drab> I mean, what are people using kickstart for when preseeding ubuntu? I saw a bunch of blogs about it when I was figureing out unattended installations and I couldn't quite get why it was needed
<drab> maybe I do simple enough stuff that I don't need it
<Ussat> How many servers you have ?
<drab> a few dozens
<Ussat> you build them all one at a time ?
<Ussat> manually ?
<Ussat> How long that take ya ?
<drab> no, tftp/preseed , preseed files are managed by ansible. there's also about 50 desktops in the mix that get rebuilt regularly
<Ussat> so......what dont you unedrstand then ?
<tarpman> drab: only cases I've seen kickstart used are people coming from redhat land who hadn't learned preseed yet (and the case for wanting to use the same tools everywhere is certainly valid)
<drab> tarpman: oh, ok, that makes sense, I just kept getting the impression kickstart did something "more" and it was better to pair with preseed, but then I could never figure out what that was and why I'd want to use kickstart
<drab> so I didn't, but I kept wondering
<tarpman> not that I know of
 * tarpman just some guy in IRC though
<drab> heh
<drab> it's fairly prevalent if you google for ubuntu unattended install so it seemed more than just an accident, but go figure
 * drab is just another guy on IRC
<sarnold> drab: folks who started with rh tend to find kickstart easier to understand than preseed
<sarnold> drab: I for one never seem to find docs to help people with preseed when they ask questions, so I'm sympathetic tothe idea of wanting to use another tool entirely
<drab> I thought that was true for just about anything :P
<drab> my point :P
<drab> it's one of the few tools I've had to actually look at the source code of
<sarnold> did it help? :)
<drab> of course it didn't, it just made me more confused
<hehehe> hi
<hehehe> who here used playonlinux?
<hehehe> for some bizzare reason after install I am yet to find how to start it gui wise
<sarnold> drab: drat :)
<hehehe> sarnold: so lets write docs
<hehehe> :D
<hehehe> I can help a bit
<drab> sarnold: drat indeed, story of my life, I even tried that as a nick but it was taken :P
<sarnold> lol
<drab> but since I got http images working and figured out I could run ssh inside /target I'm really happy with it
<drab> the options now are endless and it's really zippy compared to tftp
<drab> one day I'll have to bite the bullet and figure out EFI, but for now it
<drab> 's ok
#ubuntu-server 2017-06-20
<symbolzhao> help,how can i install irc-server on ubuntu16.04
<lordievader> Good morning
<cpaelzer> rbasak: are you around so you could kick a import of ntp so that it picks up 1:4.2.8p10+dfsg-4 ?
<gheorghe_> drab: what are you using kickstart/preseed for?
<gheorghe_> i mean, there are lots of other options out there
<cpaelzer> rbasak: I filed a bug about various broken history in ntp bug 1699079
<cpaelzer> rbasak: if anything of that comes up on the re-import you might add that there
<cpaelzer> rbasak: e.g. if the push would cause conflicts
<c4f> o/
<c4f> I've got a problem with AJAX requests [401] on Ubuntu apache2, everything is on Symfony and jquery ajax request + JWT auth and bearer. This is really odd, because everything works as charm on Windows xampp, but on Linux not. Someone something? I suppose its problem with rights or apache config. Idk really what is it and moreover backend guy too. Everything with auth is ok, url ok, i've jwt token which
<c4f> is need to make request by ajax. Help guys :)
<c4f> Its look like a problem with auth, but everything looks OK. GET requests works good.
<gheorghe_> c4f: do you get any errors in /var/log/apache/error.log? i hope i got the file name right
<c4f> gheorghe_: hmm.. I think not, but Ill check again, wait please ;)
<gheorghe_> c4f: you can follow the error file with "tail -f" and retry the token request, to see if any error appears
<gheorghe_> c4f: the fille location is /var/log/apache2/error.log
<c4f> gheorghe_: yeeaa, ok, i got it :) w8 ive got to turn on appache server and etc.
<c4f> gheorghe_: and.. nothing.. 401, to confirm that, symfony toolbar shows info about that. P.S Sorry for my english, I know its suck :)
<c4f> gheorghe_: Log is clear, not any warrning, errors, fails and etc.
<c4f> gheorghe_: https://pastebin.com/m5H6jCsi with tail -f
<c4f> gheorghe_: making requests, a lot of requests
<gheorghe_> you placed symphony in /var/www/html?
<gheorghe_> if you did, did you also change the user that owns the files?
<c4f> gheorghe_: ofc i have in /var/www/html
<c4f> gheorghe_: I use commands from ubuntu apache page to recursive changing owner and group for this files
<c4f> gheorghe_: but hmm.. on the first symfony throw me up some notices [errors] about unwriteable cache folder, but i change it. Can you give me some confirmed commands for that?
<gheorghe_> if you are using ubuntu-server? if yes, the user should be www-data
<gheorghe_> try with chown -r www-data:www-data /path/to/cache/folder
<gheorghe_> also check if the owner has write rights
<c4f> hmm cache wroks well, everything works well, but request put, post, delete not.
<gheorghe_> is delete not blocked by symphony acl?
<c4f> I changed rights and owner for cache immediately as symfony threw me up this error
<c4f> gheorghe_: No. :) It isnt.
<c4f> gheorghe_: Every requests works well on Windows XAMPP, immediately after installing the project [if all is clean]
<c4f> gheorghe_: Im confused.
<c4f> gheorghe_: ive got an idea. I check not on localhost but on 127.0.0.1 I know is equivalent but maybe, who knows.
<c4f> gheorghe_: tail -f on access.log file show notices about 402 error - payment required?! [what?! We don't use that now], but I think it isnt important. Now I start symfony server, maybe with that will work
<c4f> gheorghe_: Ouu ;( On symfony server, took me notice about rights for /var/session/etc..
<c4f> gheorghe_: Could you give commands to change rights to /var/www/html
<c4f> ?
<c4f> gheorghe_: oo f*ck im angry about that. I think i need to makes rights from the begin on main html folder and inner. Help me please :D
<c4f> gheorghe_: Hurraay! It works :D I remove /var/sessions and cache folder, made rights from begin with ubuntu page and i open symfony server aaaanddd its works! :D
<c4f> gheorghe_: but know idk what helped :)
<c4f> gheorghe_: yeaa, that was symfony server. And works well :)
<c4f> gheorghe_: Thank you so much for you time and involve in solving my problem:)
<c4f> gheorghe_: Ive got it go :) 2pm end of job time ;)
<c4f> gheorghe_: thanks again and bye! :D
<RoyK^_> keep in mind that if www-data has write access to its own files, as in scripts, php etc, things can get rather nasty if a security bug appears
<gheorghe_> c4f: to change rights for /var/www/html, use chown
<gheorghe_> c4f: sorry for being afk, i had something to do
<RoyK^_> (s)he left
<ahasenack> rbasak: hi, good morning/afternoon, I have a question
<ahasenack> about https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1689387
<rbasak> ahasenack: o/
<ahasenack> rbasak: \o
<cpaelzer> also reading that bug :-)
<ahasenack> rbasak: I think that guy put the apparmor profile in enforcing mode. That's not how we ship it in X as far as I can tell
<ahasenack> if that's the case, it's still a bug, but then I don't think it's "high"
<rbasak> ahasenack: agreed, though we should still prioritise it as an active contributor
<rbasak> (so still server-next IMHO)
<ahasenack> no doubt about that
<ahasenack> I found other missing configs in that profile once I enabled it in enforcing mode
<ahasenack> I'm grabbing sssd bugs now
<cpaelzer> It also is high because it essentially would be a update-regression of 1566508
<cpaelzer> one that would have set it to enforce and had it working would fail after this bug update as I ready the case
<ahasenack> one thing to check is if it switched between enforcing and complaining in this update
<cpaelzer> it did not
<ahasenack> ok
<ahasenack> cpaelzer: about opevpn, I'm thinking
<ahasenack> cpaelzer: not all bug fixes lead to an sru
<ahasenack> cpaelzer: so I'm inclined to track the sru as separate work
<ahasenack> even though it's the same bug number
<ahasenack> but I'm not sure
<gheorghe_> RoyK^_ i like talking alone ^^
<ahasenack> I dislike cards going "backwards"
<cpaelzer> ahasenack: yeah I'm totally fine with that
<ahasenack> ok, let's experiment
<cpaelzer> ahasenack: I handle most that would go back + span more than a week with multiple cards
<cpaelzer> ahasenack: yet give the card in done a matching title
<cpaelzer> ahasenack: like "artful"
<ahasenack> right
<cpaelzer> ahasenack: and the new one a "SRU"
<ahasenack> move the label too
<cpaelzer> ahasenack: that way tracking and reports do not seem too silly
<cpaelzer> ack
<cpaelzer> rbasak: could you accept the trusty task of 1593907 for me?
<cpaelzer> it seems my upload permissions do only cover bug tasks >=xenial for some packages
<cpaelzer> Oh I see in this case ubuntu-server-dev upload permissions got only added >= xenial
<cpaelzer> that is why I can't ack the trusty task
<cpaelzer> that will also stop me from the upload then, good to check that in advance
<rbasak> cpaelzer: done.
<cpaelzer> thanks rbasak, if you or nacc later find some time to check and sponsor the trusty upload that would be nice
<cpaelzer> as outlined before the teams upload permission only is >=xenial
<cpaelzer> nacc in case you are, that is bug 1593907
<ahasenack> cpaelzer: new samba dep8 tests running, yay
<ahasenack> cpaelzer: http://people.canonical.com/~ubuntu-archive/proposed-migration/artful/update_excuses.html search for 2:4.5.8+dfsg-2ubuntu2
<cpaelzer> ahasenack: yeah I see them, also the skip due to lacking machine level isolation on s390 worke
<ahasenack> cpaelzer: what do we have in s390, just lxd?
<cpaelzer> ahasenack: my usual search on -excuses is "packagename (" that way you always find the actual upload and no other reverese deps
<cpaelzer> ahasenack: yeah only containers, on armhf as well IIRC
<ahasenack> I started like that, but there are still some tests on 2ubuntu1, the previous upload
<ahasenack> cpaelzer: ok, then we only lose one test, the cifs one
<cpaelzer> ahasenack: s390 scalingstack is on the way to become reality, but that it is for quite a while
<cpaelzer> ahasenack: exactly that is what I wanted to check
<cpaelzer> looking good
<ahasenack> nice
<ahasenack> rbasak: could you import openvpn-auth-ldap please?
<rbasak> ack
<ahasenack> thx
<rbasak> Running. It'll take a while I think.
<ahasenack> ok
<ahasenack> is the import "atomic"?
<ahasenack> i.e., once I can git ubuntu clone it, it's done? Or will I get bits and pieces?
<cpaelzer> ahasenack: you can clone now and git fetch later
<cpaelzer> to get the latest bits
<cpaelzer> ahasenack: so if you have something that you can prep now and rebase to the new import alter you are good
<cpaelzer> ahasenack: or is that not yet importet at all?
<ahasenack> it didn't exist at all
<cpaelzer> ahasenack: you can set up a loop that clones and once it worked once wait a bit and then fetch
<cpaelzer> ahasenack: not sure if the push the importer does will lock you in an atomic way
<cpaelzer> but poll until some clone is there + fetch should be good
<ahasenack> rbasak: can you accept my nominations in https://bugs.launchpad.net/ubuntu/+source/openvpn-auth-ldap/+bug/1602813 please?
<ubottu> Launchpad bug 1602813 in openvpn-auth-ldap (Debian) "openvpn-auth-ldap causing segfault on network timeout" [Unknown,New]
<rbasak> ahasenack: done. Also, if you hadn't noticed, the import finished.
<ahasenack> greatÂ²
<ahasenack> just in time :)
<ahasenack> 1,2M	openvpn-auth-ldap/
<ahasenack> there weren't many releases
<drab> gheorghe_: just using preseed, no kickstart, that's why I was asking. to install all my servers and desktops, what else could be done with it?
<drab> all the basic provisioning of baremetal and kvm is done with preseed, then ansible to finish it off
<gheorghe_> drab: AFAIK, MAAS can do a good job at that
<EmilienM> jamespage, coreycb : when do you plan to update openstack packages to m2 in pike?
<jamespage> EmilienM: m2 is in -proposed; needs testing so probably this week I should think
<EmilienM> k
<EmilienM> jamespage: don't you have a staging system where you move stuffs only when passing jobs, etc?
<EmilienM> in RDO, we promote if jobs pass the tests, to make ci/cd
<jamespage> EmilienM: yes thats where it is atm
<jamespage> not promoted yet as its not passing testing :-)
<EmilienM> ok
<jamespage> some new packaged had to go through the ubuntu archive review process - that completed am this morning, everything should now be built and testing
<DammitJim> how do you find out why a server is saying: *** System restart required ***
<Poster> kernel update most likely
<teward> DammitJim: USUALLY it's a kernel update.  Try this command including the semicolon and the second command: echo "Packages causing reboot:"; cat /var/run/reboot-required.pkgs
<DammitJim> I see in /var/run/reboot-required.pkgs that it has: libc6, libssl1.0.0 and dbus
<teward> usually for libssl it makes you reboot
<teward> well sometimes*
<DammitJim> but I just ran dist-upgrade and autoremove like 4 hours ago
<DammitJim> and rebooted the system
<DammitJim> I thought I had disabled all automatic updates
<DammitJim> so, I'm a little lost as to what happened
<DammitJim> especially because I'm about to roll out up to date patches on 100 servers
<DammitJim> and I was assuming that a reboot at the end was going to do it
<DammitJim> but apparently not :(
<Poster> not 100% sure but those updates could have landed between your dist-upgrade and now
<DammitJim> tru
<DammitJim> but I didn't run updates after the reboot
<Poster> you may consider a local mirror if you need updates to be frozen at a certain time
<Poster> which if you have 100 systems might be a good idea anyway
<Poster> just stop syncing it when it's where you want it to be
<DammitJim> yeah, that's a plan for a project we have
<DammitJim> Poster, that's what is driving me nuts
<DammitJim> I don't have anything set up where automatic updates happen
<DammitJim> my 50unattended-upgrades is basically empty
<DammitJim> with the exception of the line: Unattended-Upgrade::Remove-Unused-Dependencies "true";
<Poster> not real sure what to suggest on that one, I've kept mine enabled in just about all cases
<DammitJim> Poster, we defined that to be a policy at our office
<DammitJim> no automatic updates
<DammitJim> besides, the /boot partition gets full pretty fast
<Poster> yeah I get it
<DammitJim> but then, it only has like 100M allocated to our servers
<Poster> my / usually fills up with kernel modules
<nacc> DammitJim: why do you even have a /boot partition?
<teward> nacc: because they wanted one heh
<nacc> DammitJim: and that small is a bad choice anyways, that barely holds two kernels and initrds
<nacc> DammitJim: so won't let autoremove do its job
<DammitJim> honestly, I don't know why it's that small
<DammitJim> actually, it's 236M
<DammitJim> just looked it up
<DammitJim> I just let Ubuntu set that automatically from what I remember when I set up the partitions
<nacc> DammitJim: ah ok that's fine
<nacc> DammitJim: 100M would almost always be an issue
<DammitJim> Yeah, I could see that...
<miceiken> Hi
<miceiken> I changed mobo, how can I "reset" ethernet device?
<teward> miceiken: erm, what do you mean "reset"?
<miceiken> Well, I no longer have internet access, which I guess is because as network card is in the new mobo, I assume it needs to be installed somehow
<teward> miceiken: 16.04?
<miceiken> 17.04
<teward> close enough, predictive interface naming is in play
<teward> miceiken: do you have physical access to the machine?
<miceiken> yes
<teward> ifconfig -a
<teward> get the name of your ethernet card from it
<teward> then adjust /etc/network/interfaces accordingly
<teward> to update the name of the adapter to autoconfigure and set up
<teward> alternatively use network manager and nmcli, but i prefer the old-school /etc/network/interfaces solution except for wifi things
<teward> (servers included)
<miceiken> thanks, now it works techmagus
<miceiken> teward*
<miceiken> quick follow up, if you dont mind. can I ask the machine to lease a certain ip?
<miceiken> dhcp router
<miceiken> or would you do that in the router directly?
<teward> miceiken: depends.  Usually I reserve the IP in the DHCP server (router, etc.) for that MAC address, *and* set it as a static IP on the machine i'm configuring.
<teward> that way there's nothing that can just 'get' the address.
<teward> Though, in my case, *most* of my network segments are small enough I can just static IP everything
<teward> or they're containers on a specific host system and have 1:1 NAT'd IPs.
<teward> so the host node just is static IP'd for all the IPs, and reserved in DHCP as well.
<teward> or, outside the DHCP range, that is.
<teward> it really depends on your environment or setup.
<miceiken> thanks, ill just configure it in the router
<teward> miceiken: sounds good, enjoy :)
<Epx998> Ubuntu OS sees my 6TB raid drive has 600GB - sweet
<dpb1> Epx998: not the best.
<Epx998> dpb1: yeah it's to be expected though.
<Epx998> interesting i am not seeing megaraid loaded
<Epx998> hmm keeps coming up as 600gb
<Guest65463> hello, I am unable to install any packages, I tried install openssh-server and got the following:
<Guest65463> Unable to correct problems, you have held broken packages.
<Guest65463> even after running
<Guest65463> sudo apt-get autoclean $$ apt-get clear cache
<Guest65463> running update and upgrade did nothing to solve the problem, and nothing was upgraded, no error mesages
<tarpman> Guest65463: please pastebin the entire output and consider also using -o Debug::pkgProblemResolver=yes for more info
<Guest65463> how do I use the -o?
<Guest65463> https://thepasteb.in/p/j2hlN95AjG9hP
<tarpman> apt-get -o Debug::pkgProblemResolver=yes install openssh-server
<Guest65463> https://thepasteb.in/p/j2hlN95AjG9hP
<Guest65463> tarpman: ^^
<Guest65463> WTF
<Guest65463> that is not it
<tarpman> :)
<Guest65463> http://paste.ubuntu.com/24912520/
<oerheks> try full-upgrade too, i think there are packages held back
<Guest65463> well, not my apt I was just able to install hexchat via apt install hexchat
<Guest65463> https://thepasteb.in/p/98hR713PKMqfk
<Guest65463> nada
<Guest65463> I'm attempting to set up vnc through ssh
<tarpman> not quite understanding what I'm reading here. it's an amd64 system, but you have openssh-client:i386 installed? am I reading that correctly?
<tarpman> what do you have installed right now as far as libc6 and openssh packages?
<Guest65463> This *was  a clean install of server with vmware and virtuabox and unity added
<Guest65463> how do I tell which libc
<tarpman> dpkg-query -W libc6 openssh-client
<tarpman> also: unity? on a server?
<Guest65463> libc6:amd64 2.23-0ubuntu7
<Guest65463> openssh-client 1:7.2p2-4ubuntu2.1
<Guest65463> tarpman, yeah, cause it's not really a "server" I'm using it to run a number of VM's reallyh
<Guest65463> Suppose I should have done gnome
<Guest65463> or lxfce
<tarpman> I am not skilled enough at reading pkgProblemResolver output unfortunately
<Guest65463> shall I try removing openssh-client?
<tarpman> might be worth a try. as long as it doesn't take important things with it
<tarpman> annoying that dpkg-query didn't say which arch is installed of that
<tarpman> could ask it explicitly: dpkg-query openssh-client:i386
<Guest65463> removed tried to do full-upgrade, nothing installed
<Guest65463> tarpman: now install openssh-server just fine ;-/
<tarpman> so I guess I was right
#ubuntu-server 2017-06-21
<tarpman> wonder how you ended up with that installed
<Guest65463> Dunno
<Guest65463> Know anything about setting up VNC? This server is on my DMZ, i can connect to it from another linux install on the home network
<Guest65463> can't access via WAN even though I have port forwarding on the incoming router
<tarpman> if you can connect to it from another system on the LAN, then VNC isn't the problem, but networking ;)
<tarpman> I have to go, hopefully someone else can help. good luck
<Guest65463> thank you tarpman
<hehehe> hi
<hehehe> :)))
<hehehe> I have to say vulr is awesome
<hehehe> they run whole lot on qemu
<hehehe> can simply attach new iso and say null windows user passwd in case u forgot it
<hehehe> and snapshots are free
<hehehe> is there some web stats
<hehehe> as to when channel is most active?
<hehehe> :D
<hehehe> :)))
<sarnold> it wouldn't be too hard to build a scraper for https://irclogs.ubuntu.com/2017/06/21/
<hehehe> yes
<hehehe> and least active users are klined for 3 days :D
<hehehe> would be fun
<hehehe> sarnold: is your friend here sometimes too? the one who can explain very well
<hehehe> I was reading some material on sales and terms they use influence how one approach it, I say same applies to coding
<hehehe> terms used to visualise stuff can influence how one operate with it
<hehehe> for example if u use this https://sitecdn.adespresso.com/wp-content/uploads/2016/02/sales-funnel-chart.png in a street fight u may get badly beaten
<hehehe> as it implies some pause, stages
<hehehe> :)
<dpb1> hehehe: who needs vulr when you can use lxd. :)
<hehehe> what is lxd?
<dpb1> https://linuxcontainers.org/lxd/introduction/
<hehehe> yes oki
<dpb1> greatly simplifies my day-to-day of testing linux distros, etc
<hehehe> I think subgraph uses them?
<hehehe> lxd or similar
<hehehe> vultr is online vps provider, sure local server is cheaper
<dpb1> sure, not the same
<hehehe> dpb1: what about co location?
<hehehe> that is probably cheap
<hehehe> and them other folks can access machine easier
<hehehe> then
<dpb1> yup, I use lxd corrently more for dev/test
<sarnold> hehehe: no, but some blog posts http://bert-hubert.blogspot.com/
<hehehe> also while I am yet to be good at coding - lxd visual also directs approach  in a certain way
<hehehe> since often `complex` tasks are approach using a specific framework, instead of intuitively enacting most efficient solution at that moment
<hehehe> *approached
<sarnold> hehehe: you may enjoy http://www.paulgraham.com/avg.html
<hehehe> quote `When you choose technology, you have to ignore what other people are doing, and consider only what will work the best.
<hehehe> replace technology with life
<hehehe> :)
<hehehe> sarnold: well I can reply to that article - few points - many words are used to make proposed worldview appear as fact - economics - economise , do we have to economise or not? :D
<hehehe> the whole idea with constant distruptions may not be what it seems @ startups
<hehehe>  Blub is good enough for him, because he thinks in Blub.
<hehehe> sarnold: yes idea is to think not in C or Python - simply see what is wanted and tool
<hehehe> what about go?
<hehehe> many say go is cool
<patdk-lap> it's a pretty complex game
<patdk-lap> attempting to capture territory and all that
<sarnold> level 1 is too easy and level 2 is too hard
<hehehe> the whole thing about competition - money supply is limited by issuers - competition need not to be present, customers demand can simply select who is wanted :D
<hehehe> sarnold: I think coding is only hard cause its taught in a hard way
<hehehe> for example one man goes to toilet to pee, he pees and go - another is though that in order to pee you have to bow to sun 20 times, then sing a song
<hehehe> and then pee :D
<hehehe> mechanics veiled in mental constructs
<sarnold> no wonder so many programs smell like someone peed all over them
<hehehe> what about folks who create new languages? they probably are more fluid with coding?
<hehehe> yet programming often is collective sport so one dude writing fluid genius something yet can next coder easily to extend this code and modify it/
<hehehe> btw who here likes cooking? I plan to dry tomato and store them in oil for entire year :D
<hehehe> cooking is a programming too - you have to select ingredients and combine them well
<hehehe> else all you make is spaghetti :)
<sarnold> hehehe: oh yeah. I like cooking. :) or more to the point I love eating good food...
<hehehe> well eating is more like apt-get install :D
<hehehe> albeit I admit u can eat in many creative ways
<hehehe> any ideas why windows updates take ages to install? :D
<gheorghe_> hehehe: because it is a very bad OS :))
<lordievader> Good morning
<cpaelzer> almost forgot, but still it is morning - so good morning everybody
<lordievader> Hey cpaelzer
<lordievader> How are you doing?
<cpaelzer> hi lordievader, busy but good
<cpaelzer> lordievader: how are you?
<lordievader> Doing good here :)
<cpaelzer> lordievader: I read yesterday you have 40Gbit up on your university link - I'd with I could get 1/40th of that here :-)
<cpaelzer> s/with/wish/
<lordievader> Theoretical ;) The university has a 40Gbit up. The link to my server is a 1Gbit, still nice though :)
<zetheroo> is it normal that smtp port 485 needs to be manually opened?
<andol> zetheroo: That all depends on your firewall policy, if it's all open or all closed by default.
<zetheroo> sorry 465
<zetheroo> smtp ssl port
<zetheroo> well I haven't done any manual configurations of the firewall
<andol> zetheroo: Same answer, even if the questions makes a bit more sense now :)
<andol> zetheroo: Perhaps you could do a pastebin of the output from the command "iptables -L -v" ?
<zetheroo> sure
<andol> Since you haven't done any manual configuration it shouldn't be any sensitive in that output.
<zetheroo> https://pastebin.ubuntu.com/24915684/
<andol> zetheroo: Everything is wide open there, so nothing which needs to be open.
<zetheroo> ok
<andol> You might need to configure your MTA to explictly listen on port 465.
<zetheroo> it's just that I am getting a 'Could not open SMTP Port' error from a Dokuwiki plugin, and I have port 465 selected as the outgoing mailserver port
<zetheroo> I have configured ssmtp on this server
<andol> Now I'm confused :) Is the plan to have the dokuwiki-plugin use the ssmtp on localhost?
<zetheroo> me too ... usual protocol is to have ssmtp setup on our servers so they can mail out ... but then the admin of this wiki instance wants their wiki to send mail from another account ... so I to am confused now :P
<zetheroo> The dokuwiki smtp plugin has it's own config in dokuwiki ... I didn't think it had anything to do with the servers MTA setup
<zetheroo> apparently this plugin 'will contact a configured SMTP server directly to send emails'
<zetheroo> perhaps I can configure an additional account in ssmtp which matches the dokuwiki plugin account info
<seyeongkim> hello, SRU for this https://bugs.launchpad.net/ubuntu/+source/cinder/+bug/1692446 is in progress? it is released for trusty-kilo, but no news for trusty
<ubottu> Launchpad bug 1692446 in cinder (Ubuntu Trusty) "cinder upload-to-image doesn't copy os_type property" [High,In progress]
<mdeslaur> nacc: any idea who I can ask to test the pacemaker security updates I have in the security team PPA?
<ahasenack> cpaelzer: got a minute? I have a question about #1657646. Or are you having lunch?
<cpaelzer> already back
<cpaelzer> giev me 2 min to close out something
<ahasenack> ok
<cpaelzer> then I'll read into the bug
<ahasenack> cpaelzer: tl;dr I changed the title, and then read comments #13 and #14
<cpaelzer> ok more thna 2 min :-/ but with you soon ahasenack
<ahasenack> np :)
<cpaelzer> ahasenack: now I'm with you
<cpaelzer> ahasenack: I already read the comments this morning
<ahasenack> cpaelzer: did you read those comments?
<ahasenack> ok
<ahasenack> so here is my question
<ahasenack> it feels like a bug the fact that I can create thin pools without the package
<ahasenack> but after a reboot they are not there if I do not have the package
<cpaelzer> ack
<cpaelzer> either refuse to create or work
<ahasenack> right
<ahasenack> do you know the history of that package split?
<ahasenack> or any reason why it's split?
<ahasenack> you seemed to know from memory that you had to install it
<cpaelzer> just did more with it in the past, but I don't know why it is split right away
<cpaelzer> ahasenack: well I know
<cpaelzer> ahasenack: component mismatch
<cpaelzer> ahasenack: lvm2 is in main
<cpaelzer> thin-provisioning-tools is not
<ahasenack> does it come from the same source?
<cpaelzer> no
<ahasenack> I see
<ahasenack> is that also why we can't make it a Recommends?
<cpaelzer> yes
<cpaelzer> you sometimes find delta that downgrades recommends to suggests because of that
<cpaelzer> but
<ahasenack> would this be a Foundations bug?
<cpaelzer> in this case even Debian only holds a suggest
<ahasenack> I'm tempted to rephrase the bug, and assign it to lvm2
<ahasenack> but who would get it then?
<cpaelzer> ahasenack: https://launchpad.net/ubuntu/+source/lvm2 see the subscriptions on the right
<ahasenack> foundations
<cpaelzer> isn't too important who will get it - is it?
<cpaelzer> if it is the correct further triage then do it
<ahasenack> yep, thx
<cpaelzer> you can still subscribe(assign us if we want to handle it
<cpaelzer> ahasenack: I'm parsing through history of the package if there could be a hint how to improve
<ahasenack> things that come to mind other than changing the dependency are too intrusive
<ahasenack> something to spit out a message when a thin pool is provisioned, essentially, if the tools package isn't installed
<cpaelzer> config options sound interesting --with-thin=internal --with-thin-check=/usr/sbin/thin_check
<cpaelzer> what would happen without the check defined
<ahasenack> don't know, I haven't used thin pools before coming across this bug
<ahasenack> cpaelzer: I'll rewrite the bug description and change the package, and maybe do some experiments
<ahasenack> cpaelzer: thx for the discussion
<cpaelzer> abtraction FTW - I lost track of the thin check on like the 8th level
<cpaelzer> anyway it is certainly not "trivial"
<ahasenack> heh
<cpaelzer> ahasenack: did you check which part misses the thin check?
<cpaelzer> ahasenack: is it a init script or the binary itself?
<cpaelzer> and if you found it - if it is by Debian/Ubuntu we own to fix it
<cpaelzer> ahasenack: otherwise it might be a valid upstream bug report
<cpaelzer> ahasenack: with the focus on "please reject to create if not all req's are around"
<ahasenack> yeah
<ahasenack> I just saw the think_check error when I tried to run "vgchange -a y" manually
<ahasenack> that is what complained about the missing script
<ahasenack> I think it's fair to say some initscript/systemd job calls vgchange -a y at some point
<cpaelzer> yes
<cpaelzer> ahasenack: the init script does /sbin/lvm vgchange -aay --sysinit
<cpaelzer> is that equivalent?
<ahasenack> let me check the second "a"
<cpaelzer> would it provike the same error
<cpaelzer> it is also the vm binary with vgchange as an arg
<ahasenack> that is ok (lvm vgchange)
<ahasenack> The -aay option should be
<ahasenack>               also used during system boot so it's possible to select which volumes to activate using the activation/auto_activation_volume_list settting.
<ahasenack> "a" is auto
<cpaelzer> nacc: before I file a bug you might point me diretcly to what I'm missing
<cpaelzer> nacc: git merge-changelogs lp1604010/old/debian lp1604010/old/ubuntu lp1604010/new/debian
<cpaelzer> nacc: works fiine from git
<cpaelzer> git+ssh://git.launchpad.net/usd-importer
<cpaelzer> nacc: but fails from the snap complaining there is no merge-changelogs
<cpaelzer> first confusion almost got me as there also is "sudo apt install git-merge-changelog" but that again is something different
<cpaelzer> I couldn't find it anywhere under the "git ubuntu" scope - maybe you renamed it or did a bigger change to it I missed
<cpaelzer> ?
<cpaelzer> nacc: uh that could now be "hidden" under git ubuntu merge finish - is it?
<cpaelzer> nacc: yeah that was it, the wiki really needs an update in that regard
<cpaelzer> nacc: I'll file you a bug listing what I think to be changed instead of messing it up right away
<ahasenack> cpaelzer: ok, lvm2/docker bug reworded and with a simpler test case
<ahasenack> cpaelzer: the moment you create a thin pool LV, vgchange stops working, both to activate or deactivate a VG
<ahasenack> unless you install thin-provisioning-tools
<cpaelzer> ahasenack: yeah much better test than reboot
<cpaelzer> ahasenack: thanks!
<cpaelzer> ahasenack: did you check if it is reasonable to report upstream?
<cpaelzer> sounds that way
<ahasenack> not yet, just finished updating the bug
<cpaelzer> well they might reflect to distro and say "if you enable make it a depends"
<cpaelzer> but still worth to ask
<cpaelzer> a safety check on creation would still be nice
<cpaelzer> the binary could be broken/unavailable for whatever reasons
<ahasenack> creating an actual thin LV also fails
<ahasenack> many failure cases
<jamespage> EmilienM: nearly there - there is a bug in neutron @ pike b2 related to not having the port-security extension enabled; this was blocking testing - I've picked the fix and its working it way through the build system atm
<EmilienM> cool
<ahasenack> cpaelzer: should I change the bug status to "new" after having changed the package, so foundations is better aware of it?
<cpaelzer> ahasenack: yes I thnik so, but add a comment why you do so (for proper re-tirage from their POV)
<ahasenack> done
<cpaelzer> ahasenack: thanks for the updated description - much more readable
<ahasenack> what is this bugproxy thing anyway? :)
<ahasenack> some sort of shared account?
<cpaelzer> ahasenack: the "obvious" blunt solution would be to MIR thin-provisioning-tools and then make it a recommends
<ahasenack> yep
<cpaelzer> ahasenack: yet since none of us knows the package I can't speak for their code quality
<cpaelzer> and that is part of the MIR pre-req
<cpaelzer> at least it has no further non-main dependencies
<cpaelzer> ahasenack: TL;DR bugproxy is a bot on a companies buzilla that maps their internal bugzilla posts to Launchpad
<cpaelzer> ahasenack: and to other projects tracking tools
<cpaelzer> ahasenack:  a bit like LP track remote bug
<ahasenack> ok
<cpaelzer> unfortunately it sometimes gets confsed - posts on wrong bugs, ...
<nacc> cpaelzer: the snap should have both subcommands now (e.g. git-ubuntu.merge-changelogs)
<nacc> mdeslaur: the openstack folks? I honestly don't know :/
<cpaelzer> nacc: I had version 60 I think and there was no refresh
<cpaelzer> available
<nacc> cpaelzer: hrm, one sec
<mdeslaur> nacc: thanks
<mdeslaur> jamespage: any idea who I can ask to test the pacemaker security updates I have in the security team PPA?
<jamespage> mdeslaur: erm
<jamespage> mdeslaur: which ubuntu release?
<mdeslaur> jamespage: trusty, xenial, yakkety
<mdeslaur> jamespage: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
<nacc> cpaelzer: http://paste.ubuntu.com/24917530/
<nacc> cpaelzer: not git-merge-changelogs, git-ubuntu.merge-changelogs
<cpaelzer> nacc:  I used what the doc said which is with spaces still
<cpaelzer> nacc: but since I got it to work I'm fine
<cpaelzer> nacc: I filed bugs for suggested updates to the wiki and man pages to resolve that
<nacc> cpaelzer: right, that last bit (merge-changelogs missing) was my realization that you need that command for the wiki :)
<jamespage> hehe
<jamespage> https://launchpad.net/~james-page/+related-packages
<jamespage> "Timeout error"
<rbasak> jamespage: you work too quickly :-P
<ahasenack> hm, where are the pgsql-auth bugs I triaged yesterday...
<ahasenack> got them
<hallyn> oh?  netplan only supports systemd-networkd and network-manager?
<Epx998> Is there anywhere I can still get ub12 .udeb packages?
<oerheks> !eolupgrade
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<oerheks> maybe that old versions mirror, but i am not even going to look
<oerheks> ubuntu 12 is EOL
<Epx998> yeah i know - but udebs should still be downloadable
<Epx998> i was able to install the scsi module for the netboot kernel on a baremetal ub12 and rebuilt my initrd.gz with the driver i needed, seems to be working
<kyle__> Is there something more than just 'do-release-upgrade' you're supposed to do to move from 14.04 to 16.04 on a server?  I ask because every time, I lose all in-kernel encryption and luks encrypted drives, and have to manually install linux-generic-lts-xenial, bounce again, etc to get it going
<nacc> kyle__: why would you install 'linux-generic-lts-xenial' on 16.04?
<nacc> kyle__: that's a 14.04 package
<nacc> kyle__: also what do you mean by 'in-kernel encryption'?
<nacc> kyle__: oh i see, it's there to allow for clean upgrades from the hwe stack, i suppose -- sorry
<kyle__> The parts of th kernel luks uses for encryption.  cat /proc/crypto.  That stuff.
<nacc> kyle__: but you shouldn't need to manually install it, it should pick it up automatically during hte upgrade
<kyle__> nacc: Probably.  It was that and linux-image-generic that I had to do when I first came across it.
<kyle__> It's not a show stopper for me, just an annoyance, so I thought maybe I missed some vital step.
<nacc> kyle__: i think there's something else going on (possibly a bug). /proc/crypto's presence should not be dependent upon which kernel you have installed (i believe they all have crypto support)
<nacc> kyle__: well, linux-generic-lts-xenial and linux-image-generic are rather different packages
<kyle__> nacc: True.  It could be the linux-generic-lts-xenial package was just an artifact from the server I first saw this on, and not neccesary.
<nacc> kyle__: yeah -- but in any case, do-release-upgrade *should* be sufficient, presuming you weren't dependent on some 3rd party packages, etc.
 * kyle__ shakes his head
<kyle__> We keep that to the barest minimum.
<nacc> kyle__: seems prudent :)
<nacc> kyle__: i guess i'd need to see it in a bit more detail -- that is an upgrade that's in the failed state and see if we can debug it
<kyle__> I'll pop back in tomorrow with one hopefully.
<kyle__> It's quittin time, and I nursed the one I was testing on through
<nacc> kyle__: sounds good, I should be around
<kyle__> groovy.  G'night!
#ubuntu-server 2017-06-22
<gheorghe_> can you pass a shell script when using exec with LXD? example (doesn't work): "lxc exec container < script". please don't send me to #lxd, there are 10 people there and nobody answers.
<gheorghe_> also, please don't tell me to copy the script.sh file to container folder, exec via "lxc exec container /path/to/script.sh", i tried that. i am hoping to get a more elegant way to do this, to keep big scripts clean
<dpb1> gheorghe_: #lxcontainers are where everyone hangs out.
<dpb1> I don't know of a way to do exactly what you are asking, no.
<dpb1> gheorghe_: ah, found it.
<dpb1> gheorghe_: echo 'ls -l /var' | lxc exec artful-nis bash
<dpb1> same would work for cat /script | ...
<gheorghe_> dpb1: indeed, this works great. how did you find this? search on google and found nothing
<lordievader> Good morning
<jamespage> icey: pls can you do the tag work on https://bugs.launchpad.net/ubuntu/+source/nova-lxd/+bug/1692962 and then its eligible for release
<ubottu> Launchpad bug 1692962 in nova-lxd (Ubuntu Zesty) "incompatible with storage pool support in LXD 2.12" [High,Fix committed]
<ztane> any guide for easily setting letsencrypt certs for landscape
<ztane> landscape on premises
<ahasenack> ztane: nothing specific. The landscape frontend is apache (when installed via the packages), or haproxy (when installed with juju), so you should look into how to add letsencrypt to those packages
<dpb1> gheorghe_: checked if lxc exec would pass through stdin, and the help implied it would, then I just tried it. :)
<ahasenack> rbasak: hi, could you please import libapache2-mod-auth-pgsql? :)
<rbasak> ack
<rbasak> running
<ahasenack> should be quick
<ahasenack> rbasak: did it fail?
<ahasenack> or is it still running
<rbasak> Still running.
<ahasenack> interesting
<rbasak> ahasenack: done and pushed
<ahasenack> rbasak: thx
<teward> if I wanted to chair a server team meeting at some point would I just have to add my name to the list of potential chairs or do I need to have that cleared by someone far higher level up than I am :P
<teward> (just curious)
<nacc> teward: that's basically it :)
<nacc> teward: we trust you to do it, i'd say
<rbasak> teward: chairing is a chore for us. Nobody will object to you chairing :-)
<rbasak> (also as nacc says you know what you're doing)
<rbasak> teward: note the post-meeting tasks at the bottom of https://wiki.ubuntu.com/ServerTeam/KnowledgeBase
<rbasak> The logs we're doing slightly differently now; we should update the wiki about that.
<teward> rbasak: chairing is a chore, except that with a flexible work schedule here and 100Mbit pipe that I'm allowed to jack right into for some of my projects, it's, in my opinion, a "Necessary during-the-day distraction to keep myself sane" instead of having fifty projects that all demand my attention.
<teward> hey we all have to divert ourselves into productive things during the day that may not be 100% work related, no?
<teward> (for me, that's the server team meetings on Tuesdays heh)
<teward> besides, I pull enough off-hours work that i bill for :P
<rbasak> Chairing is a chore *for us*. If it gives you a break, please do it! :)
<teward> added myself now :)
<dpb1> teward: nice :)
<teward> rbasak: and a nice 1h block in my schedule is set away so people don't constantly steal me away - indicates Ubuntu Server Team meeting, plus it being non-billable time xD
<teward> so they can't really yell at me xD
<teward> *drifts back to figuring out why his python code is breaking but only on 14.04 systems*
<teward> rbasak: nacc: dpb1: I added myself to the end of the list of chair candidates, do you want me to put me further up in the list, or no?
<nacc> teward: i think that's fine
<teward> cool/.
<dpb1> teward: should be fine.  next week will be ahasenack's first time charing so I don't want to take that privalege away from him :)
<teward> indeed heh
<hehehe_off> hey hey
<hehehe_off> if robots.txt is 640 will it work?
<hehehe_off> permissions 640
<hehehe_off> teward: having schedule is bad sometimes :D too many demands
<genii> 644 is the usual
<Epx998> Is there a dpkg or apt command to see what a package is a prereq for?
<nacc> Epx998: given package X what packages depend on X?
<Epx998> nacc: yes
<nacc> Epx998: reverse-depends
<nacc> Epx998: and apt-cache rdepends
<Epx998> nacc: you're awesome, thank you.
<teward> hehehe_off: [2017-06-22 14:02:16] <hehehe_off> teward: having schedule is bad sometimes :D too many demands  <-- except when you get to set your own schedule.  In which case, ***SCORE***
<teward> anyways
<hehehe_off> teward:  :)
<hehehe_off> whats the danger of having some directories like images set to 755?
<hehehe_off> genii: why 644?
<hehehe_off> ok so bot can read it
<hehehe_off> got it
<hehehe_off> ty
<genii> hehehe_off: So it can never be an executable file and only readable otherwise
<genii> And yes, if 640 then you can't get to it from a webpage or bot
<hehehe_off> :)
<hehehe_off> genii: what is public got read and execute on some folder
<hehehe_off> what can it do?
<hehehe_off> apart trying to pass some php code to php fmp
<hehehe_off> fpm
<genii> Lets say the file is owned by apache and anyone can write and execute that file. They can replace it with a binary and be able to execute that binary file with whatever rights you've given apache.
<hehehe_off> but how they can replace it with binary?
<genii> But what someone would usually try instead is to make a binary which has some exploit to escalate priveleges from apache to root
<hehehe_off> makes sense
<hehehe_off> as apache cant do much
<hehehe_off> how do they load it? :D
<hehehe_off> there are many free file upload sites, they clearly got some protection from ot
<hehehe_off> it
<genii> hehehe_off: Some people make their webfiles priveleges things like 755 or 777 because they can't figure out what's appropriate. So in that case anyone can just overwrite any of their files with whatever they want to
 * genii wanders back to work
<nacc> teward: you're pretty active on AU, right?
<gheorghe_> hehehe_off: even if apache can't do much, it will still be able to cause a lot of damage. apache usually has write access on DBs and other data, so corruption can happen and if you don't have a backup, you are dead. that, or a fork bomb. a fork bomb is always fun. doesn't to that much damage, but it is fun. :D
<gheorghe_> hehehe_off: think about it this way: you get apache writes on a container that is on a hypervisor with other 50 containers, and RAM and CPU have no limits for the container the apache runs on. if you fork bomb, you kill 50 containers. if you plan the fork bomb in the file and keep accessing it, you will fork bomb the server on each reboot. :D
<hehehe_off> :))
<hehehe_off> well here nginx dont have access to db
<hehehe_off> :)
<hehehe_off> gheorghe_: 5 is read and execute
<hehehe_off> how they going to plant file?
<hehehe_off> am I missing something?
<sarnold> if you're running php just assume someone's got remote code execution on your server
<rbasak> nacc: I believe he's a moderator there
<nacc> rbasak: ack, there was a user earlier in #ubuntu who was basically trying to answer AU questions by asking in #ubuntu, then c&p our responses to the AU post.
<nacc> rbasak: was wondering if that violates their policies :)
<rbasak> IMHO it's certainly inappropriate misattribution.
<rbasak> I don't see anything specific in the CoC but it certainly is against the spirit of it, and askubuntu.com applies the Ubuntu CoC.
<rbasak> Anyway, I'll leave it to teward :)
<nacc> rbasak: and they were sort of belligerent about it all...
<nacc> rbasak: but yeah, i'll sync up with teward on it
<hehehe_off> sarnold: what are u saying
<hehehe_off> :D
<hehehe_off> anyways
<hehehe_off> u just need to ask long island medium
<hehehe_off> and she can tell you if server config is ok
<hehehe_off> :D
#ubuntu-server 2017-06-23
<Epx998> can the d-i partman handle setting block sizes for the lvm?
<sarnold> hehehe_off: just that php makes programming safe tools almost impossible
<lordievader> Good morning
<cpaelzer> hi lordievader
<lordievader> Hey cpaelzer, how are you?
<cpaelzer> lordievader: I'm good and feel close to EOW
<cpaelzer> lordievader: everything ine for you as well today?
<cpaelzer> +f
<lordievader> Doing good here, just found out q35 is a lot faster in qemu :D
<cpaelzer> more modern = better most of the time
<lordievader> True, but newer can also mean less stable.
<cpaelzer> lordievader: what was your workload?
<lordievader> Oh very low, just some benchmarking. Was checking nfs performance. It was doing 14MB/s while direct to disk was around 130MB/s.
<lordievader> In iperf there was a difference of 10 times the bandwith between two similar vms, one had the old stuff the other one q35 turned out.
<cpaelzer> I've seen the same when people change from the old default e1000 net to virtio
<cpaelzer> Did not expect that much from q35, but maybe it implied some device changes that triggered your improvement
<lordievader> I think it is the change pci to pci-e. There is a huge difference between e1000 and virtio.
<gheorghe_> hehehe_off you said 755. if the user is www-data, apache can modify the file
<adac> on a auto security update of my openvpn package, it seems that the openvpn is not coming up corectly aynmore
<adac> only a manual restart solves it /etc/init.d/openvpn restart
<adac> This happend on all my machines. is there a bug in upgrading?
<cbauer> I've skipped the process of setting up an account when installing ubuntu-server, I suppose there's no default password for root, right?
<rbasak> adac: perhaps. Can you try downgrading to see if it starts working again? If so, please report a security regression with details.
<rbasak> cbauer: correct
<adac> rbasak, how can I downgrade it to previous version?
<cbauer> when booting the ubuntu-server livecd, switching tty and trying to chroot to set a password for root of the installed ubuntu-server, but not having much luck even mounting the disk
<cbauer> the shell there seems _very_ limited
<cbauer> is it normal that I can't name my account "admin"?
<cbauer> seems reserved
<rbasak> adac: click through the versions on https://launchpad.net/ubuntu/+source/openvpn to find the appropriate debs.
<adac> rbasak, ok thanks I'll try
<adac> rbasak, yes that worked. tun interface is there and all is up and running
<adac> shoudl I try upgrading again?
<adac> upgrading also worked
<adac> hmm
<adac> maybe there is a prblem then wit auto security upgdates?
<adac> *updates
<cbauer> my livecd doesn't appear to be booting in uefi mode, is this normal?
<cbauer> UEFI is of-course enabled on the machine
<cbauer> http://imgur.com/l7rmg7L
<cbauer> writing error but still, there's no efivars mounted
<cbauer> manually mounting it worked though, so not sure if it actually installed in uefi mode
<rbasak> adac: hard to say. Thank you for checking. I guess we'll have to see if others report the same problem.
<adac> rbasak, ok. You're welcome
<frickler> cbauer: check your bios settings, you may need to enable "UEFI CDROM" instead of "CDROM" in your boot device list
<cbauer> 'enable'? you mean select?
<frickler> cbauer: depends on your bios, but yes. took me some time to find that out when trying to install UEFI via network boot
<cbauer> installed it now, as  /sys/firmware/efi/ exist I presume UEFI setup was successfull
<cbauer> issue isn't the UEFI at least
<cbauer> the livecd/ubuntu is just weird to me, that's all, like missing UEFI tools I'm used to on other distros
<cbauer> for some reason lspci doesn't return
<cbauer> ^C is ignored as well
<frickler> rbasak: adac: we are seeing the same issue now, unattended upgrades updating openvpn and vpn broken after that
<adac> frickler, ok thanks for the info!
<adac> rbasak, ^^
<rbasak> frickler, adac: thanks. To confirm, are you both seeing this server side or desktop side?
<rbasak> And could it be that your openvpn clients aren't reconnecting automatically somehow?
<rbasak> Or is it something more than that?
<adac> rbasak, they actually do but only after ah manual /etc/init.d/openvpn restart
<adac> *a manual
<frickler> rbasak: I tried manually reconnecting, got no response from the server. restarting fixes it for me like for adac. nothing obvious in the logs though
<adac> frickler, ok so we have totally the same issues. And int happened on every single serer of mine
<adac> not only one
<frickler> adac: right, four servers here, broken after automatic upgrade. cannot reproduce with manual downgrade/upgrade
<adac> frickler, exactly not reproducable whith manual downgrade/upgrade here as well
<adac> rbasak, ^^
<rbasak> mdeslaur: ^
<rbasak> I'd like to help but the non-reproducibility of this makes it really difficult :-/
<adac> frickler, ubuntu 16.04 right?
<adac> rbasak, yes I understand of course
<rbasak> adac, frickler: could you try downgrading and then upgrading using the unattended-upgrades command? I'm not sure if that suppresses things if it's run recently though.
<rbasak> And it'd be useful if you could file a bug against openvpn to start tracking this please. Tag it "regression-update".
<rbasak> I don't see how the unattended-upgrades command would change things, but at least that's closer.
<rbasak> http://launchpadlibrarian.net/325110671/openvpn_2.3.10-1ubuntu2_2.3.10-1ubuntu2.1.diff.gz is the diff that was applied as the security update. I don't see anything in there that could be causing this, so perhaps it's a latent bug in the packaging rather than something actually introduced by the security update (rather the security upgrade triggered the latent bug).
<frickler> rbasak: adac: https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1700079 , unattended-upgrades run manually also does not reproduce this
<ubottu> Launchpad bug 1700079 in openvpn (Ubuntu) "openvpn broken after unattended security upgrade" [Undecided,New]
<adac> frickler, ok thanks for the info
<adac> frickler, out of curiosity, what did all break for with that? For me of course the communication to the (web) services that are behind the the VPN and can only be access trough the VPN. Second my logging was interrupted, sending everything to to a log server
<adac> trough VPN
<adac> Im also thinking about turning of auto security updates. Maybe have a monitoring when there are security updates and then run them manually
<adac> trough ansible or so
<ahasenack> rbasak: hi, question about the git workflow
<rbasak> Sure
<ahasenack> rbasak: following Deconstruct current Ubuntu delta into logical commits.
<ahasenack> rbasak: let's see if I can point you precise where I am at
<ahasenack> rbasak: I did the big step "2. Deconstruct current Ubuntu delta into logical commits."
<ahasenack> my question is about, at the very end,
<ahasenack> "Interactively rebase the deconstructed Ubuntu delta and drop 'changelog' and 'update-metadata' changes, by simply dropping those lines from the rebase todo file."
<ahasenack> what I have now, is each change in a single commit, as we wanted
<ahasenack> and an out-of-date debian/changelog, because of those drops
<ahasenack> and also out-of-date d/control (no maintainer change, it's still debian)
<rbasak> That's expected for logical
<ahasenack> the next big step is
<rbasak> We're reducing it to git commits only - no changelog changes, only commit messages. And no update-maintainer.
<ahasenack> 3. Rebase delta onto latest Debian release.
<ahasenack> but let's say there was no new debian release
<ahasenack> this was just to bring the repo up-to-date with what was uploaded manually, without the git workflow
<ahasenack> then we would have to reconstruct the changelog here, right?
<ahasenack> and d/control
<rbasak> Yes, though I'm a little confused as to why you need that.
<ahasenack> I don't think I do, I was just verifying each step
<rbasak> But yes, it should be fine to add a commit with the full changelog change, and another commit for the full update-maintainer change.
<ahasenack> and understanding where I was
<rbasak> Then you should have an identical tree to the non-git upload.
<ahasenack> right
<ahasenack> rbasak: ok, the other question I have,
<rbasak> But I'm not sure what you'd do with that tree/commit when you have it. We don't really have a process/use case for that.
<ahasenack> rbasak: when picking each change from debian/changelog, and figuring out the commit that does that,
<ahasenack> rbasak: this delta is old
<ahasenack> rbasak: the d/changelog usually lists something like "Remaining changes" and then a list
<rbasak> You could certainly tag logical (without doing the changelog and update-maintainer commits) and leave that for future merges.
<ahasenack> rbasak: my question is, this section doesn't have the original bug numbers anymore for each one of those old delta changes
<ahasenack> do we care?
<ahasenack> rbasak: http://pastebin.ubuntu.com/24932986/ is what I deconstructed into individual commits
<ahasenack> my git log --oneline: http://pastebin.ubuntu.com/24932993/
<rbasak> I usually drop the bug numbers, so that matches what I would do. I do this because leaving a full LP references leaves a Launchpad-Bugs-Closed against that version, which would technically be wrong. And the bug numbers can be found in previous changelog entries if needed anyway.
<rbasak> ahasenack: on the next merge, feel free to refactor the changelog entry. But you can't change it until then of course.
<rbasak> s/the changelog entry/the remaining changes section/
<ahasenack> ok
<ahasenack> what does this [linux-any] mean in d/control?
<ahasenack>                libaio-dev [linux-any],
<ahasenack> in a Build-Depends line
<powersj> ahasenack: it is an architecture wildcard if I recall.
<powersj> kernel-cpu is the format, so you could say any-i386 for only i386, or in your case only linux kernels and any cpu
<nacc> ahasenack: https://www.debian.org/doc/debian-policy/ch-relationships.html#s-depsyntax
<Epx998> 2
<ahasenack> nacc: when you have a moment, we can talk about the samba merge
<darinavbt> Hi all. Could I get some assistance setting up a test OpenStack deployment using Ubuntu Autopilot? I seem to be running into an issue.
<nacc> ahasenack: give me a few minutes to context switch out of my current stuff
<ahasenack> nacc: yep
<nacc> ahasenack: want to use a HO?
<ahasenack> nacc: yes please
<ahasenack> nacc: let's use the standup one
<nacc> ahasenack: ok
<teward> *beeps*
<teward> finally got IPv6 1:1 NAT working... which is... odd...
<ahasenack> ipv6 nat?
<teward> ahasenack: LXD containers and on-link IPv6 only
<teward> ahasenack: the only 'nat' that exists was the snat/dnat >.>
<ahasenack> nacc: is there a way to insert those empty commits now after all this? Pick one commit in the middle of the rebase somewhere to edit, commit, and rebase --continue?
<ahasenack> I don't mind starting over, btw
<nacc> ahasenack: right, so the easiest way is to edit just before you want to insert
<ahasenack> ok
<nacc> ahasenack: in the rebase -i editor
<nacc> ahasenack: that will drop you to the shell just after commiting the entry you edited
<nacc> ahasenack: so then you can freely do a `git commit --allow-empty -m 'message...'
<ahasenack> great
<ahasenack> thx
<nacc> ahasenack: what's fun is you can actually do that directly in the rebase -i editor
<nacc> with
<nacc> x git commit --allow-empty -m 'message..'
<ahasenack> but I have no commit hash there
<ahasenack> ah, x
<nacc> ahasenack: advanced usage :)
<ahasenack> I'll get there someday :)
<ahasenack> hm, that krb patch isn't upstream yet
<ahasenack> I definitely miss a dep3 header
 * ahasenack puts on the Indiana Jones hat
<ahasenack> heh, found it
<ahasenack> https://bugzilla.samba.org/show_bug.cgi?id=10490
<ubottu> bugzilla.samba.org bug 10490 in Winbind "pam_winbind fails with kerberos method = secrets and keytab" [Normal,New]
<ahasenack> from 2014
<nacc> ahasenack: :)
<nacc> ahasenack: i especially like that last comment from last april
<ahasenack> still scrolling down
<ahasenack> heh
<ahasenack> debian bug is not mentioned in d/changelog or git log
 * ahasenack keeps digging
<ahasenack> found
<ahasenack> https://launchpad.net/bugs/1310919
<ubottu> Launchpad bug 1310919 in samba "pam_winbind krb5_ccache_type=FILE stopped working after 14.04 upgrade" [Medium,Confirmed]
<Epx998> is 17.04 in beta or?
<nacc> Epx998: 17.04 ... came out in april 2017
<nacc> Epx998: as per the name
<Epx998> ah word
<Epx998> is not listed as LTS which is why i asked
<nacc> Epx998: it's not an LTS.
<nacc> Epx998: even year'd april releases are currently LTS
<sarnold> someone usually updates this page when releases are released or retired https://wiki.ubuntu.com/Releases
<Epx998> thanks - saved the link
<Epx998> hmm maybe i should do 16.04.2
<sarnold> do you need the newer kernel?
<sarnold> oh wait you've got crazy hardware issues. you might benefit frmo the newer kernel. :)
<Epx998> no, I am just tinkering with my linux desktop, drive is failing - so giving something new a go
<fullstop> Hi all.  I have a 14.04 server with md raid.  one drive failed miserably and won't spin up.  I have replaced the drive and added the new partitions to the arrays, but it adds them as spares and won't promote them to an active drive.
<fullstop> is there a way to force the spare to be used?
<fullstop> I see a lot of threads online regarding this, but no solutions.
<fallentree> fullstop: how did you remove old and add new drive to the array? what mdadm commands did you use?
<fullstop> I couldn't remove the old one since it was no longer in the device table -- it won't spin up.
<fullstop> so I added a new one with mdadm --manage /dev/md0 --add /dev/sdb3
<fullstop> and it resynced
<fullstop> but now it shows a degraded array with one drive and one spare.
<fallentree> pastebin it?
<fullstop> https://pastebin.com/raw/zRFtJAnZ
<fullstop> I have all of the data backed up, so rebuilding everything isn't the end of the world
<fullstop> but it would have been nice to pop a new drive in and rebuild.
<fallentree> fullstop: can you pastebin /proc/mdstat ?
<fullstop> https://pastebin.com/raw/czawGj7f
<fullstop> I won't know if the larger volume will work or not for a few hours.
<fullstop> I think that I'll wait for the resync to finish and start fresh with two new drives.
<ahasenack> nacc: hi, one more question
<ahasenack> nacc: let me divide up this work in two phases: a) rebase old/debian; b) rebase new/debian
<ahasenack> in (a) I split all the changes into individual commits and so on
<fullstop> I just found a keysense error in the log, fallentree, and I suspect that the "good" drive isn't so good.
<ahasenack> in (b), I apply that to the new debian package, resolving conflicts, dropping patches that are upstream already, etc
<ahasenack> nacc: good so far?
<ahasenack> nacc: oh, hm. Now that I explained it like that, I don't think I have a question anymore :)
<fallentree> fullstop: yeah. --add should've added and activated the drive. see what happens when the sync is done, my guess is it'll promote the drive to active and move to UU status
<ahasenack> nacc: but I can humor you with what it was
<fallentree> fullstop: well, it's been a few years since I used mdadm last. nowadays it's all ZFS for me
<fullstop> yes, we've switched to zfs for new stuff as well.
<fullstop> it took me a few minutes to remember how to do the mdadm stuff.
<fallentree> fullstop: this cheatsheet always  helped me back then   http://www.ducea.com/2009/03/08/mdadm-cheat-sheet/
<fullstop> I have a feeling that it works better if you still have the target disk in place and are able to remove it.
<fallentree> perhaps, yeah
<sarnold> fallentree: that's handy, thanks
<fallentree> I had to replace a drive maybe two or three times and each time they were still visible to the OS so I'd fail it and remove manually, before replacing
<fallentree> sarnold: yw
<sarnold> fallentree: I haven't tried the root on zfs yet but mdadm is so much less fun I really don't know how to drive the root on mdadm that I've got :)
<fallentree> sarnold: grub recognizes it automatically, and you could even reboot into rescue mode / installer USB, recreate partial array (1 disk mirror, with the other "missing" (valid value to mdadm)), rsync files, rinse and repeat on the old drive, sync them up, chroot, update-grub, win
<fallentree> did that a few times. in production. over ssh. :)
<fallentree> no need to separate out /boot, if it's simple RAID1 mirror, for any other level you need separate /boot
<darinavbt> I'm spinning up an OpenStack cloud using Ubuntu Autopilot. I'm setting up MAAS. When I commission machines, should I check "Allow SSH access and prevent machine from powering off"?
<darinavbt> I'd think I'd want to be able to SSH into it, but I don't know why that's linked with "prevent powering off".
<sarnold> fallentree: ohhhhh my. you mean I can probably live migrate to zfs on root? :)
<darinavbt> Or, if that checkbox is unchecked, can I still log in as ubuntu using the SSH key I put into MAAS?
<sarnold> darinavbt: if you don't have sccess in here you can also try in #maas
<fallentree> sarnold: no, you said mdadm, you and yeah you could live migrate to mdadm RAID 1. As for ZFS, thing is you can't create partial mirrors, so live migration is off
<darinavbt> Thanks!
<sarnold> fallentree: you can add a new drive to a mirror vdev any time you want :)
<fallentree> sarnold: yeah but it doesn't auto-rebalance like btrfs
<fallentree> you'd still have to (re)copy data
<fallentree> unless that changed recently
<sarnold> fallentree: that's adding a new vdev entirely; you can add more disks to a mirror vdev, or turn a single disk vdev into a mirror vdev, any time you want
<fallentree> sarnold: I see. in which case it would be possible to live migrate to ZFS root yeah
<fallentree> "live"... you would need a short period of downtime when you assemble the chroot with root mounted from the zpool so grub and initramfs pick it up
<sarnold> fallentree: the mdadm steps seem more complicated than I expected; I'm surprised about the rsync.. are those instructions for going frmo nothing to mdadm root?
<fallentree> sarnold: yeah, I had single drive, plain ext4 partitions, added another, partitioned, created partial mdadm devices (with "missing" in place of original disk), copied data and then from rescue mode assembled the full array and set up grub/initramfs
<nacc> ahasenack: sorry, was afk -- i'm here now
<fallentree> of course ran one final rsync from rescue mode before cleaning up old single drive and adding to the mirror
<ahasenack> nacc: np
<ahasenack> nacc: I found out that one of the patches that still applies is wrong now with this new upstream version, and for a moment wondered in which "phase" it should be dropped: (a) or (b). It's (b), of course, since that's when our changes are being applied on top of the new debian version
<sarnold> fallentree: that's so cool. :D
<fallentree> yeah it was pat-on-the-back-worthy once done :) of course, that was after numerous test attemps with VMs and lotsa failures :)
<sarnold> haha
<sarnold> yeah I can imagine
<SupaYoshi_> anyone experience with pxe / tftp testing?
<SupaYoshi_> I am setting up a clonedeploy server and I am having issues with TFTP
<SupaYoshi_> I would like to test if my TFTP server on Ubuntu is properply working, but I don't know how too. My router seems to properply handle PXE, based on Wireshark packets, and the server IP
<SupaYoshi_> but not sure on the tftp server on the pxe/tftp server.
<ahasenack> nacc: I'm getting a traceback now when I run merge finish: http://pastebin.ubuntu.com/24935370/
<ahasenack> could it be related to the fact I'm no more in detached head state, since I created that branch to push do LP?
<sarnold> SupaYoshi_: can you tftp to the server? :)
<nacc> ahasenack: hrm, it *shouldn't* matter
<nacc> ahasenack: you ran `git ubuntu merge start` with the same args?
<ahasenack> close, I ran with -f
<ahasenack> git ubuntu merge start ubuntu/devel -f
<nacc> ahasenack: ok, that should be ok still for finish (the -f is mosty for the tag overwriting0
<ahasenack> yeah
<nacc> ahasenack: bah, it's my recent change -- one sec
<ahasenack> :)
<nacc> ahasenack: can you push your branch somewhere? i'll see if i can reproduce it locally
<nacc> ahasenack: also i think this will fix it: http://paste.ubuntu.com/24935500/
<ahasenack> nacc: pushed, it's that samba-merge-4.6.5 one from here: https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+ref/samba-merge-4.6.5
<ahasenack> nacc: too bad it's a snap and I can't patch it on-the-fly :)
<ahasenack> r/o filesystem
<nacc> ahasenack: ok, reproduced
<nacc> ahasenack: and fixing
<nacc> ahasenack: pushing, it should refresh in a few minutes
<ahasenack> ok
<ahasenack> thx
<nacc> ahasenack: should be available now
<ahasenack> refreshing
<ahasenack> got r65
<nacc> ahasenack: yeah that should have the fix
<ahasenack> $ git ubuntu merge finish ubuntu/devel
<ahasenack> 06/23/2017 18:20:44 - INFO:Using git repository at /home/andreas/git/merges/samba
<ahasenack> no crash
<ahasenack> and I have a new changelog
<ahasenack> I think
<nacc> ahasenack: cool :)
<ahasenack> some chunks are repeated from previous changelog entries
<nacc> ahasenack: can you show me in a paste?
<ahasenack> it added the changelog from 4.5.8+dfsg-2ubuntu2
<ahasenack> yep
<ahasenack> chrome doesn't like big pastes to pastebin :/
<nacc> ahasenack: to be clear, the tooling doesn't actually look in d/changelog. What it did was use the git commits you ahve in your branch
<nacc> which include the entries (correctly) from 4.5.8+dfsg-2ubuntu2, afaict
<ahasenack> nacc: http://paste.ubuntu.com/24935632/
<nacc> ahasenack: right, so lines 28-30, e.g., come from 03d512aff0e477b9d2094ac128f1f4b349631231
<ahasenack> yes
<nacc> ahasenack: it's looking at every git commit since 'debian/sid' and extracting each message into debian/changelog (basically running `git reconstruct-changelog debian/sid`)
<nacc> ahasenack: which is correct? I mean it's doing what you told it to do
<nacc> ahasenack: you need to push those commit messages in (indentation wise)
<nacc> ahasenack: as they are now carried forward delta
<ahasenack> I thought I had
<ahasenack> no, wait
<nacc> ahasenack: at least in my view of your repo, you haven't yet
<ahasenack> the dep8 one, for example
<ahasenack> that I didn't indent
<ahasenack> because it wasn't old delta
<ahasenack> but I think I see your point
<nacc> it *is* old delta now
<ahasenack> it's about being a delta
<ahasenack> yeah
<nacc> yep
<ahasenack> I purposedly skipped those
<ahasenack> ok
<ahasenack> so it's correct to list all that again, because it's delta from now on
<nacc> correct
<ahasenack> ok
<nacc> and you want to nest it under "remaining chagnes"
<nacc> because it is remaining changes that were previously reviewed/uploaded
<ahasenack> right
<nacc> ahasenack: you can also see the difference between the old changelog and this one, we drop LP: to LP automatically
<ahasenack> how do I do this again? I tagged before running merge finish
<nacc> ahasenack: git checkout <tag>
<nacc> ahasenack: git rebase -i new/debian
<nacc> ahasenack: 'r' the ones you want to chagne the commit message for
<ahasenack> that's ok
<nacc> ahasenack: and then run 'finish' command again
<nacc> ahasenack: does that make sense?
<ahasenack> nacc: http://pastebin.ubuntu.com/24935676/
<ahasenack> nacc: what about   * d/p/krb_zero_cursor.patch: add DEP3 header
<nacc> ahasenack: i think lines 35-39 are part of the old delta too?
<ahasenack> it's a delta, but a change I made while doing the merge
<ahasenack> and when we remove a patch, is that delta?
<nacc> ahasenack: i would keep that dep3 change at the top-level, because it's 'new' delta relative to what was uploaded prior
<ahasenack> removing the patch removed the delta
<nacc> ahasenack: let me look in the branch
<ahasenack> I have to push again, after the commit messages changes
<ahasenack> but the content is untouched
<nacc> ahasenack: that's fine
<nacc> ahasenack: ok, so i think this is a case of delta being added and dropped prior
<nacc> ahasenack: so it shouldn't even be in the new changelog
<ahasenack> which one?
<nacc> ahasenack: e.g., 88c04472396882cc60ea81a57ca6902e20cb77cb and e341bb56cbd3d28907e40b4eeb0ec3e550bfe888 negate each other
<ahasenack> that guy was added and dropped several times
<nacc> ahasenack: or i guess not dropped, but clarified
<nacc> ahasenack: as you didn't undo the debian/rules change (afaict)?
<ahasenack> oh, I might have forgotten that bit
<ahasenack> yep, need to remove it
<nacc> ahasenack: do you want to do another HO? might be easier to clarify this case
<ahasenack> and have to check artful
<SupaYoshi_> hi my tftp gives a timeout
<ahasenack> let's forget fix-1584485.patch for a moment
<ahasenack> I did indeed forget about the debian/rules associated change for that one
<ahasenack> nacc: what about "refresh patches", "add DEP3" and "Remove d/p/winbind_trusted_domains.patch"
<ahasenack> last one is me removing a delta
<nacc> ahasenack: i think refresh patches can be nested, as you're not contentfully changing the delta
<nacc> ahasenack: even the d/p/krb_zero_cursor.patch change, could be nested under the commit corresponding to line 7
<nacc> ahasenack: as just a [..] comment
<SupaYoshi_> http://prntscr.com/fng069 my tftp server times out
<nacc> ahasenack: if you're explicitly dropping delta, it should be in a * Drop: section with a reasoning
<ahasenack> ok, will do
<nacc> ahasenack: and in git, it should end up being an empty commit (as it can't have any content relative to Debian, as the delta didn't exist in Debian)
<ahasenack> hm
<ahasenack> I think that goes back to my reasoning before about (a) and (b) phases
<ahasenack> the patch can only be dropped when applied to the new samba version
<ahasenack> so (b)
<ahasenack> I don't understand how that would be an empty commit
<nacc> ahasenack: sure, a commit can *become* empty
<nacc> ahasenack: ok, so you have some commit X in old/ubuntu
<nacc> ahasenack: it added some functionality relative to old/debian
<nacc> ahasenack: that change is no longer needed in new/debian
<hehehe_off> which channel on freenode is for discussing girls?
<ahasenack> nacc: hold a bit
<ahasenack> nacc: "so you have some commit X in old/ubuntu"
<ahasenack> not really: I have a huge change, not individual commits yet
<hehehe_off> its kinda amusing with so many guys here girls are not a topic
<nacc> ahasenack: well, that should be logical<version>
<nacc> hehehe_off: please stop.
<hehehe_off> nacc why
<nacc> hehehe_off: you can read the topic, you know you're being offtopic.
<hehehe_off> I like girls
<hehehe_off> I asked where is such channel
<nacc> hehehe_off: and that is a ubuntu server discussion, how?
<nacc> !alis | hehehe_off
<ubottu> hehehe_off: Alis is an IRC service to help you find channels. For help on using it, see "/msg Alis help list" or ask in #freenode. Example usage: "/msg Alis list http"
<hehehe_off> I did not find any using alis
<hehehe_off> :)
<nacc> hehehe_off: i don't care.
<hehehe_off> maybe there are none
<hehehe_off> nacc then why talk to me?
<hehehe_off> so u do care :D
<hehehe_off> anyhow I am off :)
<nacc> hehehe_off: because you're leading to noise when i'm trying to actually get something done.
<hehehe_off> you wont use /ignore why?
<hehehe_off> :)))
<hehehe_off> if 1 question about girls provokes u so much
<nacc> hehehe_off: it's not cute or funny. you are being intentionally disrespectful of a channel's rules.
<hehehe_off> :)
<fallentree> nacc: ur just feeding trolls. notify the ops and don't waste your time ;)
<nacc> fallentree: true
<hehehe_off> and coding requires libido :)
<hehehe_off> including ubuntu server
<gheorghe_> i open #ubuntu-server after hours of doing other stuff and i see hehehe_off saying that coding requires libido. well... sorry for evasdropping on this discussion :D
<hehehe_off> :)
<hehehe_off> hi gheorghe_
<Epx998> is there any weird different for dns from 14 to 16?
<ahasenack> thx nacc
<ahasenack> have a great weekend, cya
<nacc> ahasenack: np, you too!
<nergar> hello, I'm checking my seedbox and it is running 2.6 in xenial, why is that? how can I make it boot with kernel 4.8? i already isntalled sudo apt install --install-recommends linux-generic-hwe-16.04
<nacc> nergar: what is a seedbox? like a VPS?
<qman__> nergar: paste the full output of uname -a
<nacc> nergar: ask your hoster, if so, it's probably something you don't get to control
<nergar> i hacve root access
<nacc> nergar: you might not have 'real' root access
<nergar> Linux ss105 2.6.32-042stab120.18 #1 SMP Fri Jan 13 10:32:04 MSK 2017 x86_64 x86_64 x86_64 GNU/Linux
<nacc> nergar: yeah that's a VPS something or other -- i've seen it before
<gheorghe_> mergar: cat /etc/issue
<nacc> nergar: might even just be a container, not a VM
<qman__> yeah, you're probably on a container, not an actual VM
<nergar> yeah, VPS
<nergar> so no chance of changing the kernel? i didn't know this :/
<nergar> why would they give me a xenial install with 2.6??
<nacc> nergar: because they want to control what is in the kernel
<qman__> with containers, the guests use the host kernel
<qman__> so they are stuck with whatever the host is running
<nergar> oh!
<nergar> wow, bummer
<gheorghe_> nergar that is why i was curious what is written in /etc/issue ... i didn't even know xenial can run with 2.6
<fallentree> what can possibly be running 2.6 kernel still?
<nacc> fallentree: plenty of VPS providers, unfortunately
<qman__> 2.6.32 is really old at this point, it's probably an old centos
<nacc> gheorghe_: /etc/issue is a fileystem file, not reflective of anything beyond what (in this case) was untarred tomake the root fs
<nergar> Ubuntu 16.04.2 LTS \n \l
<fallentree> 2.6 doesn't even support containers properly if at all
<nacc> fallentree: a heavily patched one would
<nacc> fallentree: might even be openvz or some such
<gheorghe_> nergar, are you using alibaba cloud?
<qman__> maybe not lxc, but containers have been around a lot longer than that
<Epx998> dang resolv.conf just wont work wth
<nergar> Obtrix, the provider is Obtrix
<fallentree> nacc: that's bordering criminal negligence :)
<nacc> fallentree: it's why they (VPS) are so cheap, on some level :)
<qman__> google suggests it's a RHEL 6 OpenVZ kernel
<fallentree> uname would solve the mistery
<nacc> qman__: sounds about right
<fallentree> ah, it was given above
<nacc> fallentree: provided above already
<nacc> :)
<fallentree> stab, yeah openvz
<sarnold> fallentree: 2.6.32-042stab120.18
<nergar> well, anyhow. i just wanted to try out something, I am dumping them for ByteSized hosting and it runs 4.8
<nacc> the frustrating part, to me, is that tooling reports this as "Ubuntu"
<nacc> when it's quite clearly not Ubuntu ata ll
<nacc> *at all
<fallentree> canonical sued OVH for that particular reason (trademark abuse)
<sarnold> our legal team sometimes contacts such hosters :)
<nacc> fallentree: yeah
<nacc> sarnold: yeah, i'm aware :) -- still frustrating, though
<nergar> not ubuntu?
<nergar> what do you mean?
<nacc> nergar: ubuntu has a kernel they ship
<nacc> nergar: also, containers are ... just processes, they blur the line of what it means to run a distribution
<qman__> it's not really ubuntu, at least not the whole thing - it's a bunch of ubuntu stuff stacked on a RHEL kernel and any hacks they had to do to make that work
<nergar> TIL
<hehehe_off> canonical sued OVH for that particular reason (trademark abuse) link?
<fallentree> google it
<hehehe_off> nah ty
<hehehe_off> :D
<hehehe_off> maybe later
<hehehe_off> I was checking something google done
<hehehe_off> on blockchain
<hehehe_off> apecconnect.org
<hehehe_off> seems like bs
<hehehe_off> maybe usefull for some
<nergar> what about this one?: Linux bermudi 4.4.0-81-generic #104-Ubuntu SMP Wed Jun 14 08:17:06 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
<fallentree> your enter key is stuck.
<fallentree> nergar: that sounds like proper xenial kernel
<nacc> nergar: yeah that looks better
<sarnold> time for a reboot but no terrible :)
<nacc> sarnold: does livepatch change the uname? just thinking out loud
<sarnold> nacc: probably not
<sarnold> a lot of bugs never get livepatched though
<nacc> sarnold: yeah i didn't think so ... interesting, another thing to remember to ask about
<nacc> sarnold: absolutely, was just curious if you knew
<Epx998> figures, network team gave me the wring dns server ip
#ubuntu-server 2017-06-24
<bindi> anyone set up a lancache docker?
<GLaDER> Morning fellas, I am looking to migrate from FreeNAS 9.10.2-U4 to Ubuntu Server 16.04 LTS. Is anything more required than simply installing Ubuntu Server on a disk and import my already existing pools?
<lordievader> Good morning
<ren0v0> hi, my server is reporting 99% disk space used with "df-h". However i can't find any large files
<ren0v0> i've run "du -sch .[!.]* * |sort -h" and it says total is 23/60GB ... ?
<lordievader> Did you remove any log files lately?
<ren0v0> lordievader, no, i mean they are rotated but nothing manually, why?
<lordievader> It is usually the case that the log file is removed but since a syslogger still has a reference to a file that the data of the file is not removed.
<lordievader> This is why du and df sometimes do not agree.
<ren0v0> right
<ren0v0> is this what "sudo lsof | grep deleted | less"   shows?
<ren0v0> found it as a suggestion on stackoverflow to check, there are lots and lots of logfile entries here, but the question is how do i overcome this without rebooting ?
<ren0v0> and then, how do i stop it happening?
<lordievader> Err, it might be. Not sure.
<lordievader> You can't it is inherent to how things work.
<lordievader> As long as an application has a reference to a file the data of that time is not unallocated.
<ren0v0> so my server will fall over because of this unless i reboot it ?
<lordievader> No, finding the application responsible and restarting that is enough.
<ren0v0> so i have to restart my webserver or backend
<ren0v0> its the same thing
<ren0v0> surely this isn't normal as you say
<ren0v0> so like this?
<ren0v0> nginx      7410               www-data   49w      REG              253,1 2746183886    1064873 /home/user/logs/access-api.log.1 (deleted)
<ren0v0> there are 100s of these lines
<lordievader> No, it is not.
<lordievader> Is it cleared though if you restart nginx?
<ren0v0> i don't want to restart it
<ren0v0> it'll knock out all users access, WS etc
<ren0v0> sure it won't be for long, but thats crazy
<ren0v0> guess i have no choice but to try
<ren0v0> yes that cleared the space
<lordievader> I agree that it is not normal behaviour, I don't really know what can be the cause... :(
<lordievader> Hmm
<ren0v0> Process: 27435 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=2)     not sure about this line here, with status=2, thats an error?
<lordievader> Perhaps there is a bug report about this?
<ren0v0> could it be the way my nginx logs are rotated?
<lordievader> Perhaps, is that some in a non standard way?
<ren0v0> well i took the config from nginx, but i believe it was much discussed, i'll revisit it and see if there were any updates
<ren0v0> something else i noticed, in sysctl/journal logs it showed lots of  "ââ11850 nginx: worker process is shutting down"  before i restarted
<lordievader> Perhaps those workers do not fully exit?
<ren0v0> seems so, but god knows why
<Bassetmaster1066> buffer:1
<Bassetmaster1066> oops
<braziercustoms> Hello? I installed ubuntu server 16.04 on my server..  next day I installed ubuntu-desktop via apt-get..  found out my server has too little video ram and did apt-get remove ubuntu desktop, apt-install gnome-panel, reboot.  It was better but I still wasn't satisfied so I apt-get remove gnome-panel, apt-get install lubuntu-desktop, reboot.. then I got ubuntu login screen with ubuntu desktop.  Didn't like so apt-get remov
<braziercustoms> I wanted it gone.. removed.. back to prompt.
<braziercustoms> If anyone can explain this? Braziercustoms$gmail.com I have disabled it, but I would like to start over and try different desktop.
#ubuntu-server 2017-06-25
<drab> GLaDER: that was a long time ago and you probably already figured it out, but no, more is needed: you need to install zfsutils-linux, zfs is not default in ubuntu
<drab> bbl
<GLaDER> drab: It's not? I thought it was since a while back.
<riz0n> Hello, I have a scenario I want to discuss so I can determine the best configuration to deploy... Currently I have two ubuntu servers online. They are both running Ubuntu 16.04.2 with ISPConfig 3.1.3. The first server is the primary web server, which also has the primary DNS. My ISP blocks SMTP port 25, which cripples my ability to send and receive mail from other mail servers using the SMTP port 25. Because of this, the second server (from a
<riz0n> second location) acts as a mail server as well as and secondary DNS. Currently mail that originates from the web server is sent over to the second server using port 587, and that server takes care of the business end of delivering it to the correct destination. The second server also contains all the inboxes, and through Dovecot, allows download by IMAP and POP3. I want to make some changes. I want to bring all the "email" over to the primary
<riz0n> web server, including all inboxes and their mail. The web server already has Dovecot and Postfix installed, so implementing that should be a breeze. I want the primary web server to provide IMAP, POP3, SMTP (using port 587), and Webmail (using Roundcube). So what I would like to do is continue to use the second server strictly as the "MX". Any incoming mail on the MX that is destined to any of my domains would get pushed on to the primary web
<riz0n> server on 587 (or whatever), which would then place them in the appropriate inboxes or return them to sender. When any mail destined for the outside world makes it's way into the Postfix queue on the primary web server, it would continue it's current trend of bouncing those messages back through the MX (secondary server), which does not have port 25 blocked and can complete message delivery. What would be the best way to go about implementing
<riz0n> this configuration, and what kind of limitations would I be looking at with this type of configuration?
<genii> riz0n: Maybe instead move all the inboxes to the primary, share them over nfs with kerberos to the other one which mounts them
<riz0n> Well here is the issue. The plan is to eventually decommission the second system, it is almost 10 years old and only x86, no RAID or anything fancy. The primary web server is pretty new (set up within a few weeks) which runs 64-bit Ubuntu as a VM and it has a RAID10+hotspare. Soon, this system will have a new happy home in a datacenter somewhere, and the secondary server will no longer be needed to use as a MX (or anything mail related). I want
<riz0n> to prepare as much as possible by having the new server handle inboxes, webmail, IMAP, POP3, and SMTP (587) for clients. I want to reduce the responsibilities and roles of the secondary server down to simply being the "Primary MX" that mail from the outside world first hits, which would then be handed over to the new server as if it originally come from the outside world. Any mail generated by the new server would go back to the "Primary MX"
<riz0n> which would deliver it on to it's rightful destination (THIS PART is already in place and functional, as any mail generated by the new server must go through another SMTP, such as the one my ISP provides (no thanks) or one of my own on a port other than 25...
<riz0n> My research says I need to configure Postfix on the second old server as a "primary MX host for a remote site"
<genii> Yes
<Poster> you may also consider keeping a secondary DNS server somewhere
<riz0n> Plus I want the second older server to no longer house any of the accounts, inboxes, or emails. This is in case the system is physically compromised, sabotaged, stolen, or suffers failure, then all the inbox accounts and their contents remain intact and secure on the new server, and there's no private email for the server's new owner to pilfer. Also, the plan is to incorporate into the NEW server a method of inbox messages being encrypted using
<riz0n> something such as GPG..., but that's another story worthy of discussion on another day. :)
<riz0n> Poster, yes. The new server acts as the primary DNS server. The old server is the secondary/slave server.
<Poster> you could probably use an inexpensive VPS for the secondary system
<riz0n> Once my new rack server finds it's way to a datacenter, I run a second VM for the secondary system. My new server has enough disk space, cores, and RAM installed for me to be able to run a few VPS. 2 4-core 2GHz Intel Xeon (8 cores total), 32GB RAM, 5x 300GB 15K SAS (RAID10, two striped "mirrored pairs" which provides 600GB usable space, and a hot-spare). The old server is only 1-core P4 2.4GHZ, 2GB HyperX DDR, 120GB IDE hard disk... yes, I
<riz0n> know, I'm living dangerously on the edge with that old relic!
<Poster> oh, well that's good and bad
<Poster> if something physically happens to the physical system any guests will go too
<Poster> or the datacenter which it resides
<riz0n> I would like to entertain the thought of keeping this "old" system online as a secondary DNS, and also setting up another system here in the new server's place to also act as a secondary DNS.
<Poster> I was referring to a light weight VPS somewhere else, possibly hundreds or thousands of miles away
<riz0n> You sure are right about that. That's why I have the new server set up here at this time, so I can stress test it. I also acquired the "little brother" to this server, which has two 4-core 1.6GHZ Xeons, but can only take two hard disks, which I have 2x 600GB 10K SAS. I thought about also deploying it to the same datacenter as the big brother, simply to sit and run as a spare that I could log into and bring to life if SHTF with the primary
<riz0n> server. But that really wouldn't make a lot of sense, and I think it would be better suited to go to ANOTHER datacenter in another geographical region, connected to a different power grid and different ISP... But, at this time, my needs and the demand on what I currently have now do not merit the added cost. But if I was going to pay for a VPS somewhere else, I would rather put that money towards having a second full-blown server online.
<riz0n> In the past, and currently, I've run the web server from my home on a "small business" cable account. Because of issues with the provider, which left me no choice to move the "old" server to my partner's residence, which operates frmo the same cable carrier. Eventually the phone company came and installed DSL, which providers a faster uplink to the web over the cable company (but not by much, I only get 2Mbps up). So I set up new equipment
<riz0n> here, and eventually transferred all the sites back home, leaving the old server to operate only as a mail server and DNS... it still does Apache2 HTTP/HTTPS, but only for Webmail access... Through the "transferring all the sites back home" I discovered the DSL company had blocked Port 25. Their reasoning is to stop the spread of spam from infected hosts... Oh please, tat sounds so early 2000's lol.... but of course they could unblock port 25
<riz0n> for me IF i signed up for THEIR small business service, which costs about 8x more than what I am currently paying for the same bandwidth. Our monthly service is around $45 before "fees", and their small business is $300 to $350 a month. We could get full duplex fiber with an entire IP block from the electric company for that amount of money (IF'n they had their fiber up my street, AND I had $300 to $350 a month to blow.....). So the cheapest
<riz0n> option was to use the two servers from two locations, and split the roles between them both, at least for now.....
<Poster> If you're just looking for MX and secondary DNS you really don't need much
<Poster> I'm assuming you're not real high volume mail of course
<Poster> I understand the appeal of a true colo, I had one for many years, but the cost in doing so is quite high in comparison to going the VPS route
<genii> Having your own rack space in the datacentre is nice.
<lordievader> Good morning
<PresidentTrump> is there any reason why I shouldn't make my sql backups accessible by www-data?
<lordievader> Is there any reason you should?
<lordievader> Do you want your webserver which may be compromised to be able to mess with sql backups?
<PresidentTrump> lordievader, I don't really but my openswift storage can only be mounted as one user
<lordievader> Make a backup user and give that access to the storage?
<PresidentTrump> lordievader, I am using the openswift storage for other files that need to be accessed by www-data
<lordievader> In the end it is your own decision. But I wouldn't want my webserver anywhere near sql backups or any other backups.
<PresidentTrump> I naturally would want the same
<PresidentTrump> but I was thinking... database credentials are already visible by www-data
<PresidentTrump> lordievader, so if www-data got compromised then they already have access to the database
<lordievader> I may hope to a very restricted db user.
<tomreyn> either have multiple mounts of the openswift stroage as different users or have a dedicated user for the openswift mount and add a cron jobs or incron to copy changes taking place on openswift to locations where they are needed, owned by users who should be able to read/write them.
<lordievader> Indeed, something like that.
<PresidentTrump> lordievader, what permissions should I restrict the db user to?
<PresidentTrump> this is a crud application
<lordievader> PresidentTrump: The bare essentials.
<PresidentTrump> lordievader, what privileges are not bare essential?
<lordievader> Depends on the applications. Make a list of what your application requires, allow that on the database required deny all else.
<PresidentTrump> lordievader, after talking to my colleagues we determined we need everything including drop
<ren0v0> Hi, I'm not able to update my ulimits and make them stick, for some reason /etc/security/limits.conf is changing "file size -f" instead of "open files"  >  https://pastebin.com/USrYRxJ6
<ren0v0> can anyone help ?
<fallentree> ren0v0: limits.conf is ignored under systemd afaik
<linuxn00b> hi all
<linuxn00b> anybody here?
<linuxn00b> i have a question about linux
<tarpman> !ask | linuxn00b
<ubottu> linuxn00b: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<tomreyn> https://lists.debian.org/debian-devel/2017/06/msg00308.html
<tomreyn> [WARNING] Intel Skylake/Kaby Lake processors: broken hyper-threading
<gheorghe_> oh damn, i have i7-6700K
<gheorghe_> skylake
<gheorghe_> seems it easy to solve. apt update; apt-get install intel-microcode
<tomreyn> and reboot. if you have a matching cpu
<gheorghe_> why reboot? it will ruin my uptime
<gheorghe_> i have 7 days uptime on debian stretch
<gheorghe_> this is horrible. my life is over.
<gheorghe_> i want to try now
<gheorghe_> seems i got lucky here guys: https://paste.debian.net/973276/
<gheorghe_> i enabled contrib and nonfree right after installing debian, cause i needed the drivers for GTX 970. i also got the microcode at it has the latest version :D
<gheorghe_> 3.20170511.1 is good, right ?
<tomreyn> i think this is #ubuntu-server
<gheorghe_> yes, this is #ubuntu-server . the questions was regarding the microcode that is also available on ubuntu. also, this will affect all my #ubuntu-server VMs that I am running with KVM on my debian desktop ;)
<tomreyn> i only know what's written in this mailing list post i pointed to.
<odc> too bad the ubuntu package for intel-microcode is out of date :/
<IShavedForThis_> hey guys, Do you know of any good tutorial to set up a VM on Ubuntu? security in regards to keeping people out from my main server is important, and I feel like you guys are the ones to ask/ know of a truly good tutorial
#ubuntu-server 2018-06-18
<cpaelzer> good morning
<lordievader> Good morning
<Epx998> Is there a known issue on some hardware where debian-installer partitions a disk as sdc vs sda?
<madLyfe> went to update my server via update && upgrade and it was running fine till the end. here is the end of the log: https://paste.fedoraproject.org/paste/Ib96aSM5fiupeAbW5-gaqQ/raw
<blackflow> madLyfe:   cp: error writing '/var/tmp/mkinitramfs_sr8t8I//lib/modules/4.13.0-41-generic/kernel/drivers/gpu/drm/i915/i915.ko': No space left on device
<blackflow> the errors that follow result from that (no space left)
<madLyfe> is there a way to see via command the drive breakdown?
<blackflow> madLyfe: install ncdu
<madLyfe> but space.. :P
<blackflow> madLyfe:  then    du -sh /*    and drill down from there
<nacc> i would suggest du -h --max-depth=1
<nacc> on /
<blackflow> well, you need -s(ummary) for each dir
<nacc> no you do't
<nacc> *don't
<blackflow> I see, max-depth does the summary
<madLyfe> is the last number the total?
<nacc> blackflow: right, it's an alternative (du doing the dirlist vs. the shell)
<rbasak> I like baobab for drilling down. It's a GUI but does support investigation remote machines over ssh.
<rbasak> investigating
<madLyfe> i went to root to see the total of everything but only printed ./ .nano and .
<nacc> madLyfe: you don't need to cd, you can just pass the argument
<nacc> madLyfe: and . means the directory
<madLyfe> so go back to home/user?
<nacc> madLyfe: i mean it doesn't matter where you run `du` from, you can tell it where to check disk usage
<madLyfe> so drop the '=1' to search the whole drive? rather than just the dir i was in?
<nacc> madLyfe: which version of the command did you use?
<madLyfe> du -h --max-depth=1
<nacc> madLyfe: run from what location?
<madLyfe> user
<nacc> madLyfe: that's not a location
<nacc> madLyfe: what filesystem path
<madLyfe> home/user
<nacc> madLyfe: /home/<user> ?
<madLyfe> sorry, yes.
<nacc> madLyfe: that will just tell you the usage of that directory
<nacc> madLyfe: that's why I said "on /" immediately after. `du -h --max-depth=1 /`
<madLyfe> oh. wasnt sure that was supposed to be a part of the command
<blackflow> madLyfe: perhaps check the du(1) manpage. it's wise to check the manpage of commands you're given by random people on irc :)
<madLyfe> https://paste.fedoraproject.org/paste/8K5JqNBszC2J5xtjevcwQA/raw
<nacc> madLyfe: and how large is your disk (`df -h` can help)
<madLyfe> 16gb
<madLyfe> its a flashdrive
<madLyfe> https://paste.fedoraproject.org/paste/Xz~tFEKAOKExJAym-vCjHg/raw
<nacc> madLyfe: your / is full
<madLyfe> do updates not overwrite? do they accumulate?
<madLyfe> can that be pruned?
<nacc> madLyfe: what do you mean?
<madLyfe> like are old updated files kept around or are they overwritten?
<nacc> madLyfe: 'updated' in what sense?
<madLyfe> every time you run update && upgrade
<nacc> madLyfe: update just updates the file lists locally
<nacc> madLyfe: are you asking if it keeps around the old .debs?
<madLyfe> ya
<nacc> madLyfe: it keeps some amount in the cache
<nacc> madLyfe: if you think that's a problem, use `sudo apt-get clean`
<madLyfe> hmm i dont think that cleared anything up for me heh
<nacc> madLyfe: usually it's not much space
<nacc> madLyfe: right now your /opt and /var are relatively large
<nacc> madLyfe: which might imply large logs
<nacc> madLyfe: you can run the same du command with /var
<madLyfe> ya its amdappsdk-3.0, amdgpu, amdgpu-pro, rocm.
<madLyfe> in /opt
<madLyfe> just not sure what i can get rid of
<blackflow> anything your  __server__  doesn't need :)
<madLyfe> lel i dont know what it doesnt need.
<madLyfe> i am its plaything.
<nacc> madLyfe: that doesn't make sense
<madLyfe> here is /var breakdown: https://paste.fedoraproject.org/paste/tf6vLUjOZIpEC40USrgtww/raw
<nacc> madLyfe: is it actually your server?
<nacc> your /boot also looked bad, fwiw
<nacc> madLyfe: have you run `sudo apt-get autoremove` recently ?
<madLyfe> ya. its using amd drivers to rung GPUs but i dont remember how i set them up. someone helped me and it was kind of set it and forget it. months ago. update && upgrade never posed a space issue till now i guess.
<madLyfe> nacc: nah
<nacc> madLyfe: becuse you were ignoring the message from apt the whole time
<nacc> it tells you to run autoremove every time, iirc
<madLyfe> https://paste.fedoraproject.org/paste/-RIiGhNJboQs7-Edk7lH4Q/raw
<madLyfe> i dont remember that msg
<nacc> madLyfe: well, that would free up 3G of space if you run it
<nacc> 4G of space!
<madLyfe> yay! ty
<madLyfe> what is that removing? are they old debs from previous udpates?
<teward> old debs, old kernels, packages which were installed as dependencies but are no longer needed since the dependent package or packages are not on the system or the deps changed, etc.
<madLyfe> ah k. tyvm
<nacc> to be clear, what it's removing is *only* the third thing teward listed
<nacc> that happens to include the first two
<madLyfe> i see.
<madLyfe> when should this be ran? i dont recall seeing that msg anywhere.
<nacc> madLyfe: probably worth a perusal of `man apt-get` if you don't know what it does
<nacc> madLyfe: on my system(s) every time I run apt or apt-get it emits a message about X unused packages that can be removed
<madLyfe> man is manual?
<madLyfe> as in RTFM?
<nacc> madLyfe: yeah :)
<madLyfe> ok. i want to thank you guys for the hand hodling today!
<madLyfe> blackflow: i agree about running commands from ppl on the internet but nacc has helped me plenty in the past so i trust the nacc.
<blackflow> madLyfe: it's not just about trust. it's about learning by yourself ;)
<blackflow> blindly running commands, you won't learn a thing.
<madLyfe> unless hes been taken over by a malicious actor. very possible these days. :P
<madLyfe> true.
<nacc> madLyfe: heh
<nacc> madLyfe: unattended-upgrades can be configured to run the autoremove periodically, iirc
<teward> nacc: yes, but it needs you to uncomment some things
<teward> in the default config *otherwise* it doesn't.
<teward> it also can barf if you try and let it upgrade kernels automatically, but that's a different issue.
<teward> (related to not having run autoremove in the past before enabling the option)
<madLyfe> also, the updates that require restarts wont be applied because these servers are rarely restarted.
<teward> you can also have unattended-upgrades do that as well but if uptime is your concern then you shouldn't.  And you should probably reboot every quarter or such because kernel security patches
<madLyfe> ya thats kind of what i was doing today because power went out. good time to run the updates.
<nacc> teward: good points
<madLyfe> well crap it looks like it was removing amdgpu stuffs, hopefully it doesnt take out anything important.
<madLyfe> getting amd drivers working wasnt fun.
<madLyfe> also, if youve run updates and log into a fresh ssh session, it says **a restart is required*, why is the command 'reboot' and not 'restart'? or why does the statement not read '**a reboot is required**'?
<madLyfe> sorry, its '*** System restart required ***'
<jelly> technically you do not require a reboot; shutdown and power on will achieve the same restart goal
<madLyfe> what should i do if one of my servers has just been hanging here for a long time during and update & upgrade? https://paste.fedoraproject.org/paste/J4gA9Z8HRYn5sBG9G0KGQw/raw
<teward> define "a long time" :P
<madLyfe> close to an hour
<madLyfe> previously it got stuck here: https://paste.fedoraproject.org/paste/QcOKX178hCZwEbDNr9MG2Q/raw at fetching.
<madLyfe> had to pull the power on it and power it up again.
<madLyfe> ok it just now lost the ssh connection.
<madLyfe> im guessing it froze up or something
<madLyfe> https://usercontent.irccloud-cdn.com/file/f8el4LyY/image.png
<tomreyn> madLyfe: if you install updates remotely over a non LAN connection, be sure to always run apt in a GNU screen / tmux on the server.
<madLyfe> well i am remote, but  on the lan.
<madLyfe> remote as in from another puter on the lan.
<tomreyn> the L in LAN stands for local
<tomreyn> maybe you need a KVM
<tomreyn> or serial console
<madLyfe> well these are SM servers w/o the IPMI. i only have one server with IPMI
<madLyfe> regardless, i should just go pull the power again and try once more?
<tomreyn> i was thinking they all had *some* kind of ipmi
<madLyfe> not these old ones from what ive gathered.
<madLyfe> still. if it killed the server, wouldnt it kill the server in a tmux session as well?
<tomreyn> if it's frozen, you probably want to power cycle it, then probably take measures to ensure the hardware is in good shape, when continue working on it.
<teward> and if it keeps freezing then I'd start to assume something hardware-based may be at play, since it sounds like this is not hte first freeze you've had on this system.
<tomreyn> sure, GNU screen + tmux dont survive power cycling or reboots in general.
<madLyfe> well this is the second time on this server today after the power outage. other than that ive never had this issue before on any of the servers.
<teward> power outages cause all sorts of problems (this is why UPSes exist heh)
<madLyfe> tomreyn: no i mean it freezing during update & upgrade.
<madLyfe> if it freezes the server then being in a tmux session wouldnt really matter?
<tomreyn> madLyfe: if the system freezes, the session is frozen, too, and it wont magically recover after power cycling.
<madLyfe> what is your definition of a 'power cycle'? im just asking because on the IPMI there is actually a power cycle button..
<tomreyn> you need to make the hardwar enot freeze
<tomreyn> didnt oyu say you had no ipmi there?
<tomreyn> my definition of 'power cycling' is probably the same as everyone elses: cutting power for a short time, then restoring it.
<Tea> Does the name I choose for a DKIM selector matter?
<madLyfe> I have one ipmi. just not on this server.
<madLyfe> holding the power button doesn't even shut it down lol
<teward> sounds like a hardware problem then
<madLyfe> probably the flash drive
<nacc> rbasak: anything you need from me re:git-ubuntu?
<madLyfe> seems to be updating fine now: https://usercontent.irccloud-cdn.com/file/n5wlnmu8/image.png
<madLyfe> welp looks like it froze again
<madLyfe> now it gets stuck during boot. im guessing its because it froze during this upgrade process: https://usercontent.irccloud-cdn.com/file/PAlNMjhv/image.png
<madLyfe> ill try and install the OS again later and see how that goes.
<sarnold> o_O
<sarnold> that's a funny place for it to hang
<sarnold> can you check dmesg output? journalctl output?
<sarnold> filesystem freespace? free inodes?
<madLyfe> nah its a total freeze of the system
<madLyfe> power down button didnt even work when it froze at that point in the apt update progress
<madLyfe> ill just have to restart from scratch on that server. shouldnt take very long once i get rolling.
<sarnold> madLyfe: oh. ew. maybe try the ..
<sarnold> madLyfe: .. fwts package?
<madLyfe> I'll come back if I can't get it situated after a fresh go. I'm not losing any important data so it's ok.
<jamespage> coreycb: around still?
<coreycb> jamespage: yep
<jamespage> coreycb: just wanted to check with you before I upload a whole load of neutron bits with py3 enabled
<coreycb> jamespage: that's fine with me
<jamespage> coreycb: I've been using a <module>-common package for configuration files etc...
<jamespage> coreycb: which the python{3}-<module> packages depend on - does that sound ok?
<jamespage> prior to that the python-<module> package included the etc files
<coreycb> jamespage: that sounds different from python-<module> depending on <module>-common?
<coreycb> sorry. other way around.
<jamespage> yeah it is
<coreycb> jamespage: currently we have <module>-common depending on python-<module>
<jamespage> coreycb: I could not think of a different way todo it - we have to preserve etc files for upgraders who will only have install the python-module
<coreycb> jamespage: that's a good point
<jamespage> coreycb: these are generally python modules with config files, rather than more complex agent based packages like neutron for example
<coreycb> jamespage: that sounds like it makes sense. i missed that. i'm going to have to make a pass on the merged debian packages to do that.
<jamespage> coreycb: did you do it the other way around?
<coreycb> jamespage: yeah
<jamespage> coreycb: well I think its appropriate still for packages with agent binary packages - like neutron, nova cinder etc...
<jamespage> coreycb: http://launchpadlibrarian.net/375048921/python-oslo.versionedobjects_1.33.1-0ubuntu1_1.33.1-0ubuntu2.diff.gz is the diff for the generalized autopkgtest for oslo packages I'm doing
<coreycb> jamespage: i think autopkgtest-pkg-python should cause imports to be tested but maybe not dual stack?
<jamespage> coreycb: tbh it does not deal with the name of the module being oslo.* and the actual module import being oslo_*
<coreycb> jamespage: ok, i see
<jamespage> which is why most of them fail all of the time - I tried to get a fix into autopkgtest but it was rejected in favour of work not done todo better autodiscovery
<jamespage> which I don't have cycles for
<jamespage> the import test is basically autopkgtest-pkg-python and the -ostestr one is extra
<jamespage> basically we'll run unit tests on all reverse-depends changes which is nicer
<coreycb> jamespage: ok makes sense, cool
<coreycb> jamespage: thanks for the update. i'll check out your neutron uploads.
<nacc> powersj: did you see the failure just now? (git-ubuntu-ci): error: flag provided but not defined: -t
<nacc> failed: sudo lxd waitready -t 60
<powersj> nacc: I merged in rbasak's changes let me double check 'em in a bit
<powersj> did that this morning
<nacc> thanks
<nacc> it seems weird, as lxd says it is an option (on my 18.04 using the deb)
<rbasak> I had thought I'd tested the deb version locally
<rbasak> I had to add waitready as on the snap version it takes a while for the socket to become ready (the snap doesn't appear to use systemd to manage the daemon, so no socket activation)
<rbasak> I will check again tomorrow. If necessary I can make the waitready only happen on the snap option.
<rbasak> Then the next change to land is the change of the Jenkins job itself to use --snapcraft-snap
<nacc> sorry, i meant just that i've got the lxd deb locally and it says -t is an option and takes a parameter
<nacc> whatver lxd the ci job is suing is complaing about the passing of -t
<nacc> does it expect -t=60 ?
<nacc> or -t60
<rbasak> I can reproduce now.
<rbasak> Ah
<rbasak> Scrolling back I had tested it but not noticed that it failed :(
<rbasak> Looks like it doesn't have the -t shortcut and it's --timeout=60
<nacc> fun
<rbasak> https://github.com/CanonicalLtd/server-test-scripts/pull/3
<rbasak> Tested and succeeds in both snap and deb modes now
<rbasak> Sorry for my test failure on the last PR
 * powersj pulls
<gordonjcp> hi there
<gordonjcp> is there a way to find out why a package wants to install certain dependencies?
<nacc> rbasak: cool, thanks!
<nacc> gordonjcp: well, each package lists its dependencies
<nacc> gordonjcp: do you mean what they use those dependencies for?
<gordonjcp> nacc: essentially yes
<nacc> gordonjcp: no, i don't think that really makes sense
 * rbasak attempts a retest
<gordonjcp> nacc: I want to install collectd on a server, which is for collecting up various stats into (among other things) an .rrd file
<gordonjcp> nacc: it wants to install a full X desktop
<gordonjcp> like, about 1GB of deps, including X.org, Wayland, all manner of associated libs
<gordonjcp> I know the Ubuntu packagers are generally a bit on crack with their dependencies, but that seems excessive
<nacc> gordonjcp: ignoring the random snark, what version of ubuntu?
<rbasak> gordonjcp: try using --no-install-recommends
<gordonjcp> 16.04
<rbasak> That cuts it down quite a bit.
<gordonjcp> a bit, but it's still trying to install libmir and friends, wayloand and friends and X.org and friends
<rbasak> I don't see that
<rbasak> Can you be specific about a package that you think shouldn't be included?
<nacc> gordonjcp: i don't think that's correct and i just tested in a lxd 16.04
<gordonjcp> libwayland-cursor0 libwayland-egl1-mesa libwayland-server0 libx11-xcb1
<gordonjcp> ^ one line from th edeps
<nacc> gordonjcp: with --no-install-recommends?
<rbasak> Do you have any third party repositories enabled?
<nacc> https://paste.ubuntu.com/p/89dkDNG5Xs/
<nacc> is what you should get
<gordonjcp> I've already got the pango and cairo stuff in, because rrdtool uses that
<gordonjcp> although why collectd pulls it in when it doesn't draw graphs I don't know
<gordonjcp> I don't have any third-party repositories enabled
<rbasak> collectd links with librrd4
<rbasak> librrd4 can render using GDK
<nacc> gordonjcp: please use a pastebin and show the exact output
<gordonjcp> although now you mention it, this is a server on a VPS provider, maybe they've got some "funnies" in
<rbasak> (presumably to the screen, on request)
<rbasak> Try to reproduce on an official Ubuntu image please.
<rbasak> If you can't, then you'll need to figure out how it's different from the OS your provider gives you.
<gordonjcp> https://rangerovers.pub/static/out.txt
<gordonjcp> rbasak: okay, I'll grab a copy of 16.04 server and try that
<gordonjcp> rbasak: that won't be until probably wednesday though
<gordonjcp> so you might miss the fun :-D
<arooni> this line works great ... until the server reboots;  do i need to do something to make it permanent ?
<arooni>  î° sudo iptables -t nat -A PREROUTING -p tcp --dport 500 -j REDIRECT --to-ports 5000
<rbasak> powersj: am I right in thinking that https://github.com/CanonicalLtd/server-test-scripts/blob/master/git-ubuntu/integration_test is dead now as https://github.com/CanonicalLtd/server-jenkins-jobs/blob/master/git-ubuntu/jobs-ci.yaml no longer references it?
<powersj> rbasak: I believe so
<rbasak> OK. I'll drop that file in my next PR then
<powersj> ok
<sdeziel1> arooni: you can install the iptables-persistent package
<sdeziel1> arooni: it will take care of loading your iptables and ip6tables rulesets on boot
#ubuntu-server 2018-06-19
<rbasak> nacc: FYI: https://github.com/CanonicalLtd/server-jenkins-jobs/pull/1
<rbasak> Once that lands I'll try retesting https://jenkins.ubuntu.com/server/job/git-ubuntu-ci/17/ to ensure it doesn't break anything.
<nacc> rbasak: +1 seems like a good idea, thanks for the update
<Randolf> I'm trying to get OpenVPN Server running on Ubuntu Linux 18.04 LTS, but I can't even get it to write output to a log file.  Is there a way to get OpenVPN to display its error output to the screen?  Thanks.
<phibs> I already have a PXE environment w/ a full ubuntu image, but would like to be able to drop the OS onto the local disks via an image.  I don't need partitioning or anything like that. I don't want to have to boot w/ cloud-init as it is bare metal.  Does Ubuntu have anything like this? Would Curtin work? (was not sure how cloud-init plays into it)
<lordievader> Good morning
<TvL2386> morning
<gordonjcp> morning
<moffa> Hi, I'm trying to use the ubuntu-alternate installer with VMWare ESXi 6.7, When I select the Ubuntu installer, after a few seconds I get a white screen with corrupted graphics.  Anyone have a workaround?
<RoyK> moffa: https://www.kernel.org/doc/Documentation/svga.txt <-- read this - perhaps there's an unsupported (by ESXi) vga mode (framebuffer) being used
<moffa> Like when I boot from the iso I select English, then I select Install Ubuntu Server.  Then you see a black screen with kernel msg then it goes to a white/gray screen
<tomreyn> moffa: also note there are two different server installers for ubuntu 17.10 and 18.04 (in case you're using this). the (new) default one is called 'live' installer, and uses a graphics mode and installs fast (but is not flexible). the old one, called 'alternative' (debian) installer, uses plain text mode and offers all the choices.
<blackflow> aren't there... three?  ubiquity, subiquity and debian installer?
<tomreyn> subiquity is the server 'live' installer, ubiquity is the desktop 'live' installer. debian installer is the 'old' one which is used for alternative server installer and mini.iso.
<blackflow> ah so there's no ubiquity on -server isos?
<tomreyn> afaik not. there are canonical repositories for both on github though if you'd like to take a closer lookat the differences though
<tomreyn> https://github.com/CanonicalLtd
<tomreyn> actually just subiquity is there.
<RoyK> tomreyn: (s)he said (s)he's using the alternate instller
<tomreyn> RoyK: oops, right, it helps when one knows how to read properly.
<blackflow> tomreyn: oh okay. I must've misunderstood, thinking they're both present.
<moffa> yeah the live installer works but it runs all that cloud.cfg scripts which setup netplan etc, I don't want to use that as I don't really understand how to configure it.
<cyphermox> moffa: you don't have a choice, if you use the live installer, you get netplan. if you want to do otherwise you'll need to change things yourself after the install (install ifupdown, etc.)
<cyphermox> that said, if you run through the configuration in the live installer and you don't need any special network setup, it'll work just the same
<moffa> oh maybe I'll try that.  I am getting werid dhcp client issues. I get a different IP that expected with netplan. I have to release and renew to get the proper ip.
<cyphermox> ok
<cyphermox> moffa: you using Windows Server as DHCP?
<moffa> I think so, it's my IT department so they don't tell me anything.
<moffa> They have a lot of things misconfigured - so I wouldn't be surprised if the issue is on their end
<v0lksman> anyone know what I'm missing out on if I compile my own nginx vs nginx, nginx-common and nginx-extra?
<v0lksman> or better yet a reliable source for nginx compiled with pagespeed?
<rbasak> teward might know ^
<v0lksman> I think I'm going to route of recompiling the source package from ubuntu rather than the latest from nginx, that way I just need to add my module and compile rather than gather all the modules the packages provide for me and risk missing something
<rbasak> That sounds like a reasonable approach.
<teward> rbasak: hm?
<teward> v0lksman: FWIW, Pagespeed is pretty much deprecated in favor of HTTP/2 nowadays
<teward> you would do better to deploy HTTP/2 instead of the Pagespeed module.
<teward> it's still 'developed' and what not, but HTTP/2 is the faster native solution
<teward> rbasak: do you know if HTTP/2 was released for Apache in 18.04?  I don't remember the state of that, last I heard was it's still disabled because of nghttp2 having issues, but I didn't check/follow it.
<teward> rbasak: also, Debian had the "Add ngx_pagespeed module" request and rejected it, just as an FYI.  It's nontrivial to maintain (just like modsecurity/NAXSI was)
<rbasak> teward: https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#Apache says yes
<v0lksman> huh...so if I have http2 in my listen directive I'm already ahead of the game?  what about all the additional caching that pagespeed does?
<blackflow> with a small caveat that http/2 requires ssl
<v0lksman> (I am using ssl)
<teward> blackflow: the spec doesn't require it, but browsers do.
<teward> so for all practical purposes, yes, it needs SSL.
<blackflow> right so... it's required :)
<teward> v0lksman: the NGINX team doesn't maintain the Pagespeed module, but HTTP2 is pretty fast on its own
<teward> i'm not familiar with the 'caching' part of Pagespeed
<teward> so I can't comment specifically on that, but pagespeed was a 1.1 optimization and an SPDY optimization, both are not necessary with HTTP/2
<teward> (relevant: https://www.nginx.com/blog/7-tips-for-faster-http2-performance/)
<teward> older blog post but still relevant from the NGINX upstream blog
<v0lksman> teward: thanks will digest. would rather not have to maintain a custom compile so if I can avoid it I will
<blackflow> v0lksman: the observed and gained improvement comes only with scale at which there's no more just you trying to figure this out, and supposedly plenty of resources available to track custom builds if really needed.
<teward> v0lksman: I'd strongly recommend doing this as a side-by-side thing, with separate NGINX deployments (even containerized if you wanted to), one with pagespeed and one with pure NGINX; but HTTP/2+NGINX can cause performance *decreases* instead of performance *increases*
<blackflow> in other words, the size of ops at which scale you observe improvement, is beyond just one person trying to figure this out.
<teward> what blackflow said.  HTTP/2 on its own is *speedy* without Pagespeed, so it might be what you need.
<teward> I don't roll HTTP/2 right now, but that's because my servers don't have new enough OpenSSL at the moment to have full HTTP/2.
<teward> (yeah I have a few older servers, don't judge me, i'm working on porting them to 18.04 servers, it just takes *time*)
<blackflow> ewww, still running sslv3?
<teward> oh *god* no
<blackflow> then what do you mean by too old openssl?
<teward> blackflow: ALPN vs. NPN
<teward> needs newer OpenSSL libs to support the ALPN
<blackflow> oh I keep forgetting about that
<blackflow> yeah 1.0.2 or newer
<teward> and i have a couple servers that are still on 14.04 so
<blackflow> mh-hm
<teward> and as an aside I'm an IT security guy, so if I was rolling SSLv3 intentionally I'd probably need to be shot.
<teward> (figuratively speaking)
<teward> *everything* (even my mail servers) are reconfigured to not permit the insecure things
<blackflow> as it should be:)
<sdeziel> while I generally agree that SSLv3 is bad, disabling it on MXes could lead to emails being retransmitted in the clear if the sender doesn't support TLS 1.0
<blackflow> so... basically no loss in security there? :)
<sdeziel> fortunately such senders should be pretty rare nowadays ... or just spammers
<sdeziel> blackflow: I believe that SSLv3 is mostly vulnerable to active attacks which is generally not something that SMTP considers
<sdeziel> things are changing (especially now with Let's Encrypt) but for a long time, most MX to MX communication used self-signed certs
<blackflow> sdeziel: and another problem is, for that to have any effect, you need to configure your MTA to _require_ SSL/TLS and not just on submission (port 587).
<sdeziel> blackflow: per the RFC(s), you cannot mandate SSL/TLS on TCP/25
<teward> sdeziel: the problem is certain policies (HIPAA compliance, PCI DSS compliance) require certain things to be configured even on mail servers, last I checked.  Including disabling SSLv3
<blackflow> ie, for postfix for example, smtpd_tls_security_level at "encrypt"
<teward> but SSLv3 is a problem in and of itself and with various OpenSSL libs and such no longer supporting SSLv3 that's a different issue.
<blackflow> sdeziel: exactly, so it's a moot point. the MITM can downgrade always.
<blackflow> one of the reasons why I dislike STARTTLS.
<sdeziel> blackflow: check https://tools.ietf.org/html/draft-ietf-uta-mta-sts-21 and https://tools.ietf.org/html/draft-ietf-uta-smtp-tlsrpt-23
<v0lksman> well that may be my problem. while I have http2 defined in my config when I curl the site and look at the headers it's an http1 response
<sdeziel> teward: yeah, I agree and I did disable SSLv3 on my MXes too :)
<blackflow> sdeziel: thanks I'll check that out.
<blackflow> I also run with dh params at 2048. We had some issues with some clients using old Java to interface with out APIs, but.... they managed to upgrade :)
<sdeziel> blackflow: re StartTLS, see https://tools.ietf.org/html/rfc8314
<teward> sdeziel: I mean, I still have *optional* encryption (preferred if available) on my MXes, but I follow some of the standard practices and require at least what Mozilla calls an Intermediate grade of security on my web servers.
<teward> s/web servers/mail servers/
<blackflow> sdeziel: yeah, no kidding.
<sdeziel> for those using postfix, you can get better than opportunistic TLS on your outgoing SMTP transactions by setting "smtp_tls_security_level = dane"
<teward> sdeziel: guess I learned something.  *goes to revise his MXes*
<blackflow> yeah, DANE is better but... with these things I tend to quote Theo de Raadt. Optional security is no security.
<sdeziel> http://www.postfix.org/TLS_README.html#client_tls_dane
<rbasak> cpaelzer: what are your plans for merging libvirt?
<blackflow> and funny for ubuntu people to recommend dane.... given that systemd-resolved and all its troubles with DNSSEC being default in Ubuntu   ;)
<sdeziel> blackflow: I'm still wedded to unbound
<blackflow> I'm to bind, but only because I need authoritative serving and wanna use just one tool.
<cpaelzer> rbasak: plan is after vacation
<cpaelzer> I have a set of extra todos around it and a trello card to cover those
<cpaelzer> also we want mroe than the current 4.3
<rbasak> OK
<phibs> I already have a PXE environment w/ a full ubuntu image, but would like to be able to drop the OS onto the local disks via an image.  I don't need partitioning or anything like that. I don't want to have to boot w/ cloud-init as it is bare metal.  Does Ubuntu have anything like this? Would Curtin work? (was not sure how cloud-init plays into it)
<compdoc> just clone the os to existing partitions? never tried that
<dpb1> powersj: so, our manpages regeneration thing appears to be working?
<dpb1> I haven't checked actually
<powersj> yep!
<dpb1> that's neat!
<powersj> all the examples in that bug are fixed now
<dpb1> my crazy sha1 thing
<powersj> heh works
<qwebirc35817> Hello, I've question, does the new ubuntu sevrer 18.04 by default use systemd-resolve, can I turn it of and use the default router or another dns server instead? I'm confused because on 16.04 I never see systemd-resolved listen on port 53
<teward> qwebirc35817: it uses systemd-resolve by default.  systemd-resolve behaves like the Desktop's dnsmasq did, it's just a local caching resolver that will send out to the actual DNS nameserver(s) set in either a static config (with netplan) or with the ones it gets from DHCP.  This is 'typical' behavior.
<teward> I tried removing systemd-resolve from the equation and it didn't end well.
<teward> (on a test install)
<blackflow> qwebirc35817: yup. mask it, unlink /etc/resolv.conf and make it a proper file with whatever nameserver entry you want
<teward> but ^ that
<teward> (I tried that too, it exploded on my test systems, but that was back right before 18.04 release so YMMV)
<blackflow> teward: that procedure works for me just fine since 16.10
<blackflow> the key being unlinking resolv.conf and MASKING, not just disabling, the resolved service.
<teward> blackflow: I believe you.  (But like *every* procedure, YMMV because of various reasons)
<blackflow> I guess.
<teward> I quite like the local caching resolver either way, but that's my opinion :)
<blackflow> I'm just into deterministic computing and software being bent unto MY will, not the other way around .)
<qwebirc35817> blackflow: I'm not found any resolv.conf, I only have resolved.conf
<teward> blackflow: To each their own, I guess.
<teward> not every sysadmin here at work, though, knows LInux so I have to adapt so they don't have to do poweruser custom changes :P
<qwebirc35817> blackflow: Any link that could help me or maybe guide me to approach masking or such? I'm new in ubuntu managing
<blackflow> qwebirc35817: systemctl mask systemd-resolved
<blackflow> also stop the service
<qwebirc35817> blackflow: That mean the systemd-resolved still there right? listen on 53?
<blackflow> teward: well I don' tknow. computers should serve US, not the othre way around :)
<blackflow> qwebirc35817: it should not if you stop the service.
<qwebirc35817> but when I want to solve any domain then it will listen again on port 53 am I right?
<blackflow> qwebirc35817: also, resolv.conf should be at /etc/resolv.conf, and by default it's a symlink to somewhere under /run/
<blackflow> qwebirc35817: no. you set up resolv.conf with proper nameserver entries. I mean that's what you wanted, no?
<blackflow> you asked if oyu could turn off systemd-resolved and "use another dns server instead2.
<blackflow> s/2\./"./
<qwebirc35817> blackflow: no luck, no resolv.conf I guarantee you.. I confused ~_~
<blackflow> qwebirc35817: well create one then. your question seemed to imply that you know what you're doing?
<blackflow> because if you don't, then maybe just leave it as is?
<qwebirc35817> hmmm, so when I set the nameserver then it's done, I could just disable systemd-resolved right?
<blackflow> qwebirc35817: no. not disable. mask it. and stop the service.
<qwebirc35817> so I put name server on resolv.conf and mask the service then reboot?
<blackflow> you don't have to reboot.   systemctl stop systemd-resolved; systemctl mask systemd-resolved; unlink /etc/resolv.conf ; <create new /etc/resolv.conf in whatever way you like>
<qwebirc35817> what it just work like that...?
<blackflow> yeeeees?
<qwebirc35817> blackflow: Oh God.. why they make it so complicated... -_- why they plant a software like that... -_-
<phibs> So does anyone know how cloud-init fits into 'Curtin' and is it required @ boot or how exactly is it used?
<blackflow> qwebirc35817: that's a mystery indeed.
<phibs> looks like it uses cloud-init at first boot, which I spose is fine assuming the metadata is obtained from itself and not a server
<qwebirc35817> blackflow: okay... how about netplan?
<phibs> wondering if I can just use curtin to drop the image on and run some of my own customizations / install grub
<blackflow> qwebirc35817: what about it?
<qwebirc35817> I mean set name server on netplan will also work?
<blackflow> qwebirc35817: probably yes. I'm not really using netplan.
<nacc> phibs: there are also #cloud-init and #curtin channels
<blackflow> qwebirc35817: but I think that will just keep on using systemd-resolved, indirectly.
<blackflow> qwebirc35817: netplan is just configuration abstraction, it doesn't do anything else.
<phibs> nacc: oo thx
<coreycb> jamespage: in case you come across something similar, flask in cosmic is not working with sahara running under wsgi: https://storyboard.openstack.org/#!/story/2002617
<coreycb> jamespage: i think that's fixed now. ^ btw nice little addition to dep8 daemon tests (sahara does it) is a curl of the api port. curl --fail http://localhost:8386
<ahasenack> trying to understand how britney hints work. Why is there one file per user here? https://bazaar.launchpad.net/~ubuntu-release/britney/hints-ubuntu/files
<ahasenack> are all files just concatenated?
<madLyfe> so I'm trying to setup a static IP in server 18 during fresh install and it's asking me for subnet? I don't recall using this before when I manually configured static IP after install using a guide. subnet has a trailing slash?
<madLyfe> the guide I previously used was this: http://www.configserverfirewall.com/ubuntu-linux/ubuntu-set-static-ip-address
<madLyfe> what should I put for the subnet?
<madLyfe> https://usercontent.irccloud-cdn.com/file/PW8JqOxY/irccloudcapture8578377963037103038.jpg
<powersj> madLyfe: yes it is asking for the subnet info all in one line
<powersj> so if you used to say 192.168.0.10 and netmask 255.255.255.0 you would now say 192.168.0.10/24
<nacc> ahasenack: aiui, yes
<nacc> ahasenack: i don't fully undersand why that is the layout
<ahasenack> nacc: it has to do with permissions as far as I gathered
<ahasenack> there is a conf file that has entries like HINTS_<who> = <permissions>
<nacc> ahasenack: ah could be
<madLyfe> powersj: I'm not following
<ahasenack> so the directory has a bunch of <who>-named files, and hints inside them
<madLyfe> where does the 24 come from?
<powersj> madLyfe: do you know what netmask you previously used?
<nacc> https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
<ahasenack> but let's say I want to suggest a new hints change, which file (which <who>) do I pick?  Any? Go by history or resemblance?
<nacc> ahasenack: yeah, i just picked arbitrarily in the past (usually targetting an AA)
<powersj> and the wiki page nacc linked has a table that shows how it works
<powersj> under IPv4 CIDR blocks
<madLyfe> powersj: 255.255.255.0
<madLyfe> I should just put that in the subnet field?
<madLyfe> 192.168.1.202/24 ?
<madLyfe> also, what should I enter in the 'search domains' field?
<nacc> madLyfe: whatever search domains you want to use?
<nacc> madLyfe: we really don't know your network configuration
<madLyfe> i didn't have to use something other than 255.255.255.0 last time so I don't know what it's talking about.
<madLyfe> search domains? like Google? not sure what it's referring to. can I just leave it blank?
<nacc> madLyfe: search domains are for DNS
<madLyfe> I didn't need that last time either.
<madLyfe> can I point to the router?
<nacc> madLyfe: then don't specify one
<nacc> no, i feel like mabye you should google what  domain name is?
<madLyfe> I thought name servers were for DNS
<nacc> name servers and search domains are different things
<sdeziel> madLyfe: a search domain is entirely optional
<nacc> your router might be a name server, but your search domain(s) are used to convert a non-fqdn to a fqdn
<sdeziel> that ^
<madLyfe> I'm standing on this chair trying to fresh install so kind of inconvenient to research from phone atm https://usercontent.irccloud-cdn.com/file/QlIUZzif/irccloudcapture850488677289019516.jpg
<madLyfe> crossed fingers on the 192.168.1.202/24 front lel
<sdeziel> nice tower ;)
<madLyfe> guess that won't work. says 'has host bit set' ?
<madLyfe> super tower o power
<madLyfe> https://usercontent.irccloud-cdn.com/file/xvj3SpTZ/irccloudcapture6736137959835275668.jpg
<sdeziel> madLyfe: could you capture the screen and share? I never used subuquity
<nacc> madLyfe: you used an incorrect value
<nacc> madLyfe: you want 192.168.1.0/24
<nacc> madLyfe: 192.168.1.202 is ahost IP address not a network address
<madLyfe> https://usercontent.irccloud-cdn.com/file/x9My6LbC/irccloudcapture4274224174140271545.jpg
<nacc> madLyfe: well, i guess it might depend on your actual subnet, but tht's my guess of what you want
<sdeziel> madLyfe: in subnet, if you tried 255.255.255.0 and got an error, try "24"
<nacc> sdeziel: it's not a separate field
<nacc> iin any case, it's just an invalid subnet specifier
<madLyfe> subnet at router is 255.255.255.0 iirc
<nacc> it should be network-address/bits
<sdeziel> I don't know why subnet is even a question
<sdeziel> just putting the address/bits should be enough
<nacc> sdeziel: yes, i'm also not sure why it's a separate field, but given that it is you do have to give it valid input :)
<sdeziel> nacc: indeed, 24 or 255.255.255.0 are netmasks so I was wrong
<madLyfe> is there something safe to enter to hopefully not bork it and lock me out?
<sdeziel> the UI doesn't make it clear when a field is optional or required
<powersj> 192.168.1.0/24 I believe is what it is expecting the host bits are the fact that you put in a real host IP
<powersj> the 192.168.1.202 goes on the 2nd line
<sdeziel> I'd try to leave subnet blank and put 192.168.1.202/24 in the address line. This feels like the logical way so maybe it works :)
<madLyfe> https://usercontent.irccloud-cdn.com/file/503jAmwK/irccloudcapture4490501051520289919.jpg
<powersj> there you go
<madLyfe> tyvm guys. *crosses fingers*
<madLyfe> https://usercontent.irccloud-cdn.com/file/upHOsHkP/irccloudcapture263967132717131253.jpg
<sdeziel> I don't like that the DHCP lease is reported without "/24" but the statically configure one does...
<powersj> sdeziel: agreed wanna file a bug? https://bugs.launchpad.net/subiquity/+filebug
<sdeziel> powersj: guess where my browser is pointed at ;)
<powersj> haha
<sdeziel> will also report the useless "subnet" field
<madLyfe> this is a different installer than I remember
<sdeziel> madLyfe: yes, that's the new live installer (subiquity)
<madLyfe> does this let me pick the packages to use still?
<powersj> currently it does not. as a part of being lightweight the tasksel options were removed
<madLyfe> hmm
<sdeziel> madLyfe: could you please review/update https://bugs.launchpad.net/subiquity/+bug/1777729 as I never actually used the live installer so I might have some info wrong
<ubottu> Launchpad bug 1777729 in subiquity "DHCP leases missing CIDR notation in network config summary" [Undecided,New]
<madLyfe> ok. once I come down off this chair.
<madLyfe> I think I may have a hardware problem. system froze again while trying to do fresh install. happened when copying over the files. maybe it's just the flash drive in running the OS on. trying new flash drive now.
<madLyfe> odd that the servers name can't be uppercase anymore
<madLyfe> sdeziel: im looking over the bug report and it looks good from what i can tell. you are just saying that 192.168.1.86 doesnt have the trailing /24?
<sdeziel> madLyfe: correct. The subnet thing was reported to https://bugs.launchpad.net/bugs/1777732
<ubottu> Launchpad bug 1777732 in subiquity "Manual network config uselessly asks for a "Subnet"" [Undecided,New]
<madLyfe> ya i think it should accept both.
<sdeziel> good, thx
<madLyfe> not sure whats up with my server hardware. hopefully its just the ram or something.
<DirtyCajun> Why does the ubuntu repo tgtd not allow -t to define the number of i/o threads
#ubuntu-server 2018-06-20
<sarnold> lets flip that around a bit.. what documentation are you reading that suggests that it should work? I can't find it on e.g. https://github.com/fujita/tgt/blob/master/doc/tgtd.8.xml
<DirtyCajun> https://community.mellanox.com/docs/DOC-1457
<DirtyCajun> which says to clone the github project you just mentioned
<DirtyCajun> and gives the usage as -t
<l4m8d4> Hello, does ubuntu offer an integrated way to create MOK in an EFI secure boot environment and sign bootloaders and other efi binaries with it?
<l4m8d4> Or is it necessary to perform all the steps involved manually? (create all the keys, sign all the binaries, resign on updates)
<sarnold> DirtyCajun: wow... seven years ago. curious. https://github.com/fujita/tgt/commit/18868050236b065b0c66f7832df3763aea2968c8
<DirtyCajun> so it just... does the num of your vkernels
<DirtyCajun> thats stupid
<tomreyn> -h should print "-t, --nr_iothreads NNNN specify the number of I/O threads" if supported, apparently man pages didnt get updated.
<nacc> afaict, still not in manpage upstream https://github.com/fujita/tgt/blob/master/doc/tgtd.8.xml
<nacc> last changed june 5, 2017 :)
<DirtyCajun>  here is the real question. currently, I/O threads are per lun. so 2 luns = 32 threads for 16 core server
<DirtyCajun> if i specify 8 is it total or per lun!
<tomreyn> wait, you do HT, isnt that considered unsafe now?
<DirtyCajun> .. unsafe security or stability wise?
 * tomreyn trolling at https://www.mail-archive.com/source-changes@openbsd.org/msg99141.html - sorry for deflecting
<blackflow> tomreyn: and it's not even April Fools! :)
<blackflow> Next in OpenBSD land: Moving data to memory considered harmful.
<cpaelzer> good morning
<Benl90> Hello, I've question about iptables, I only allow port 22, 80, 443, 10000 and allow from localhost and from my public ip and drop another packet. I've problem with resolving the domain to ip after that, that lead to my ubuntu server can't update and solve ubuntu repo domain name. any idea how to allow nslookup too? Thanks
<cpaelzer> Benl90: should be port 53, but if you really allow everything from local and your IP that should not be blocked
<cpaelzer> I'd assume something blocks it
<cpaelzer> but there are plenty of examples if you search for the buzzwords, like https://gist.github.com/thomasfr/9712418
<Benl90> cpaelzer: Yeah I drop the other, Ive try allow port 53 both tcp udp but still no luck
<Benl90> cpaelzer: In the end I fix the setting, name server allow -_-. bad ways, -_-
<cpaelzer> well, you got it working which is all that matters :-)
<lordievader> Good morning
<blackflow> !info dovecot
<ubottu> Package dovecot does not exist in bionic
<blackflow> !info dovecot-core
<ubottu> dovecot-core (source: dovecot): secure POP3/IMAP server - core files. In component main, is optional. Version 1:2.2.33.2-1ubuntu4 (bionic), package size 2877 kB, installed size 8809 kB
<blackflow> Is there an SRU or something planned to upgrade Dovecot to 2.3.x? 2.2.x is EOL, not sure it'll receive even security fixes
<cryptodan> I am running Ubuntu Server 16.04 and having issues setting up Postfix with Dovecot SASL
<tomreyn> then you should probbaly try to get support with it!
<cryptodan> I have followed numerous guides and cannot get it to work for the life of me on Ubuntu 16.04 had it working flawlessly on Ubuntu Server 14.04
<rbasak> cryptodan: try http://www.sabi.co.uk/Notes/linuxHelpAsk.html to start. That'll help you ask the right questions here.
<cryptodan> no need it has been fixed
<madLyfe> possible to see what packages come with server 18.04?
<v0lksman> madLyfe: https://packages.ubuntu.com/ ?
<Luxray5474> Is this channel dead or can I ask a really quick stupid question?
<blackflow> madLyfe: install and run dpkg -l? also a hint are packages that are dependencies (and their dependencies, and ...)   of the ubuntu-server metapackage
<madLyfe> v0lksman: that looks like for desktop?
<Luxray5474> It's about netplan. I've switched to Ubuntu Server from Windows, and am now trying to set things up as they were before
<blackflow> Luxray5474: you alraedy did, so.... :)
<Luxray5474> I've installer 18.04 and after a bit of research I've foudn that netplan is the only way to set a static IP
<madLyfe> basically I wanted to see if SSH and tmux were installed with iso
<blackflow> Luxray5474: it isn't though. netplan is the novel network configuration abstraction tool. you can configure systemd-networkd directly, instead through netplan.
<rbasak> Generally there are a multitude of ways to do anything. But relatively few that are recommended.
<Luxray5474> which is easier though?
<blackflow> s/novel/new/   to avoid confusion with Novell
<rbasak> netplan is surely the easiest way to set a static IP.
<v0lksman> madLyfe: https://packages.ubuntu.com/bionic/ubuntu-server
<rbasak> One config file and that's it.
<Luxray5474> okay
<v0lksman> madLyfe: then dpkg -l |grep ssh will find that out for youy
<Luxray5474> but i need some help with setting it up
<blackflow> Luxray5474: netplan is meant to be One Config to Rule Them All, via yaml, and different backends -- currently networkd for servers and NetworkManager for desktops.
<Luxray5474> so there's this tag called 'addresses:' under ensxx and ethernets
<rbasak> Luxray5474: https://netplan.io/examples#dhcp-and-static-addressing
<blackflow> rbasak: technically, so is one tiny file in /etc/systemd/network ;)
<Luxray5474> now what I want to know is what is the number that comes after the slash after the IP?
<rbasak> It's the size of your netmask.
<rbasak> Do you know what your netmask is?
<blackflow> Luxray5474: that's the "CIDR" notation, look it up on googs
<Luxray5474> okay so, if it's like "192.168.1.75/24" that's the IP "192.168.1.75" and the subnet mask "255.255.255.0" right?
<rbasak> Yes
<Luxray5474> I get it now, thanks! :D
<rbasak> Luxray5474: try the "ipcalc" tool. "apt install ipcalc" and then "ipcalc 192.168.1.75/24".
<Luxray5474> okay
<rbasak> "sudo apt install ipcalc" I suppose.
<rbasak> It'll do all the calculations for you so you can experiment and verify things that way.
<Luxray5474> what does the 'ens' mean in say, 'ens33'? can i put just any number?
<rbasak> It's the name of your network interface. By default it's fixed, based on where it's physically connected inside your computer.
<Luxray5474> okay
<Luxray5474> and is 'nameservers' equivalent to the DNS?
<rbasak> Yes
<Luxray5474> Thanks :)
<rbasak> You're welcome!
<Luxray5474> okay so i think i did something wrong here
<Luxray5474> so when i do "ip a" it shows that I have 3 adapters i believe. one is wifi, one is Ethernet, and one is bluetooth
<Luxray5474> I'm not sure about the third one but that computer has a bluetooth adapter that supports internet, so I am positiv ethat the one
<Luxray5474> so i did sudo netplan apply and it did it without spitting anything out
<Luxray5474> but i went to my router page and my server is still 192.168.1.7, when i set it to 192.168.1.75
<Luxray5474> actually one of them is loopback/localhost
<Luxray5474> so when i saved the new config and ran 'sudo netplan apply' it said "address already in use"
<Luxray5474> how do i reset configs so i can start from scratch?
<Luxray5474> do i simply delete the file?
<rbasak> What do you mean by "but i went to my router page"?
<rbasak> You mean your router's DHCP leases that it's handed out? If setting a static IP, the router won't know if you're stopped using your DHCP-assigned address.
<sruli> i have an issue with my server, sometimes it crashes and have to reboot, i just manages to get a picture of the tty when it crashed, the screen is running with lots of messages i never saw before, can anyone please take a look and see if they know what it might be https://paste.pics/3AC18 thanks?
<tomreyn> sruli: get a current bios, and all other firmware, too. your system bios dates back to 2014, and there are releases from this year.
<tomreyn> you should probably download the SPP dvd and have it run through that.
<tomreyn> also use ipmi to get a better idea of what may be going wrong.
<tomreyn> i mean ilo, not ipmi
<sruli> i dont have an account with HP so cannot download the SPP
<tomreyn> if neither of those are options (why? this should not be.), review dmesg and syslog for issues reported during boot, and try to fix or work around them.
<epl692_> Hello, I am trying to install ubuntu server 18.04 on an intel board, I can install from usb just fine, but it won't boot afterwords, It looks like grub never gets installed, even though I see that as a step during install.
<tomreyn> sruli: oh they require a login now, thats bad. well you can still download all those pices one by one.
<sruli> tomreyn: this is final shot before it completely froze https://paste.pics/3AC3B
<sruli> tomreyn: i updated as much as i could download from their site, did not notice the bios update, will check now
<tomreyn> sruli: https://support.hpe.com/hpesc/public/home/driverHome?sp4ts.oid=5249572&lang=en&cc=us
<sruli> tomreyn: all BIOS updates are "Entitlement Required"
<tomreyn> sruli: hmm those also require "entitlement"
<tomreyn> :-/
<sruli> i update everything that i can get, but hp needs to be slapped for requiring entitlement for bios updates
<sruli> tomreyn: anything in the second screenshot that sheds light?
<tomreyn> sruli: well the lower ones are edac (ECC memory) issues. but this could be a follow-up issue. you can run memory tests, and you can try disabling acpi if the boot logs suggest this might improve things. also, try using a non tainted kernel.
<sruli> tomreyn: with regards to EEC yesterday "hpasmcli -s "show dimm" showed a few degraded, si i ran memetest all night no errors, all day today hpasmcli showed all ok. what do you mean by "tainted kernel"?
<tomreyn> sruli: one that runs out of tree (often proprietary) kernel modules: https://unix.stackexchange.com/questions/118116/what-is-a-tainted-kernel-in-linux
<tomreyn> check your screenshots which point out that the kernel is tainted
<tomreyn> well just the first one does
<sruli> tomreyn: i only install kernel from apt-update, no custom kernel
<tomreyn> probably some modules though
<sruli> the only modules which might not be from ubuntu repo are the HP tools
<tomreyn> hpe "tools" are not drivers, not kernel modules for all i know. but maybe you have actually installed kernel modules from HPE. i woulod not know.
<sruli> these are all the hp tools i installed "hp-health hponcfg amsd hp-ams hp-snmp-agents hpsmh hp-smh-templates ssacli ssaducli ssa"
<tomreyn> btw. the md5sum for the SPP is 2d1047b00f8cc5645fdc18596ad1183e - you can always put that into a web search engine.
<tomreyn> hp-health sounds like it could do kernel modules. running "lsmod" will show which modules are loaded.
<sruli> i managed to download the bios file, updating it now
<tomreyn> if this issue persists and you want to debug it properly you'll need to get the first of these errors / kernel oopses reported.
<tomreyn> you'll need to attach a serial console (ilo got an internal one if you can use it) or use netconsole to have it written to a different computer on the network before the system freezes.
<sruli> tomreyn: list of my loaded modules https://paste.ubuntu.com/p/vJcX9fMXBG/
<tomreyn> i'm not able to review this for you, sorry
<Luxray5474> rbasak: my router runs a little webpage that i can access using routerlogin.net. it has a tab showing all connected devices, including their ip and mac addresses. my server still had the IP 192.168.1.7 when I put 192.168.1.75 in the config file.
<rbasak> Luxray5474: I suspect that's really showing you DHCP leases. Use "ip addr" to show you what IPs a machine is really using.
<Luxray5474> yes i did that. It still shows ..1.7/24
<Luxray5474> also when i tried to change it again it says that another daemon was running on the port ( i forgot which one)
<tomreyn> sruli: actually the flags set by the kernel as seen on line 15 of your first screenshot https://i.paste.pics/3AC18.png are G D W L. and the G actually states that no out of tree modules are loaded.
<tomreyn> sruli: ...as discussed at https://www.kernel.org/doc/html/latest/admin-guide/tainted-kernels.html
<tomreyn> s/out of tree/non GPL/
<tomreyn> but the remaining flags indicate that waht this screenshot shows is just a follow-up issue. that's why i'm saying you need to get the full output.
<sruli> tomreyn: just checked syslog, when i booted it today for a few seconds i have many 1,000's of messages "ureadahead[635]: ureadahead:dmi: Ignored relative path" is this normal?
<tomreyn> on some releases it is.
<sruli> 18.04
<tomreyn> you can uninstall ureadahead and they'll be gone. it's mostly relevant for desktops
<tomreyn> but you can just keep it, too, no harm there
<tomreyn> also see my private message
<sruli> tomreyn: i see in syslog around the time of the crash a number of messages, regarding the MCE MEMORY, "mce: [Hardware Error]: Machine check events logged" ... "EDAC sbridge MC0: HANDLING MCE MEMORY ERROR"  ... "EDAC sbridge MC0: CPU 2: Machine Check Event: 0 Bank 9: c8014c8700800091" and many 100's of "snmpd[1770]: Connection from UDP: [127.0.0.1]:44561->[127.0.0.1]:161" before and after those mem errors
<tomreyn> sruli: so one of these messages states that memory bank 9 contains a faulty DIMM. this may or may not be so. you could try removing or replacing it and what gives, or to cross test
<tomreyn> but before you do that, i'd recommend you try to get the full output first of all.
<tomreyn> as discussed above, your options for this are to attach a serial console, and the linux netconsole feature
<sruli> how can i connect through ilo?
<tomreyn> you probably have an ilo 4, the user guide is at https://support.hpe.com/hpsc/doc/public/display?docId=c03334051
<tomreyn> if you want to access the console through iLO, you want to use either the "iLO Virtual Serial Port" or just the Text-based Remote Console textcons
<tomreyn> the latter is less user friendly.
<tomreyn> ... but doesn't require configuration changes on ubuntu
<sruli> from hpe doc, Text-based Remote Console "This method increases iLO performance significantly. However, the digital video stream does not contain useful text data, and text-based client applications such as SSH cannot render this data"
<tomreyn> the idea there would be to ssh to your ilo, then run textcons to get the output there. but indeed, as i said, an actual serial console is much better.
<tomreyn> what your quote is basically saying is that you will need to use a special purpose client (textcons) to render the data stream. just using netcat or an ssh client directly will not work
<sruli> textcons - iLO Advanced License required for this functionality.
<tomreyn> is this a personal project, an NGO or a business you run there?
<sruli> just purchased a ilo license on ebay for 19GBP
<Luxray5474> rbasak: okay after a while of trying to figure it out, it's still down. can i send you my config?
<Luxray5474> (so you can check it out and tell me if there's anything wrong w/ it)
<sarnold> Luxray5474: re "ens" and so on, https://github.com/systemd/systemd/blob/master/src/udev/udev-builtin-net_id.c#L20
<sarnold> Luxray5474: https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
<sarnold> Luxray5474: .. and finally https://lists.ubuntu.com/archives/ubuntu-devel/2015-May/038761.html for some ubuntu-specific background
<Luxray5474> ohhh
<Luxray5474> okay so enp3s0 is eth
<Luxray5474> and wlp3s0 is wlan
<Luxray5474> for some reason wlp3s0 showed up as "(ethernet)" when i ran "ifconfig"
<cryptodan> Does anyone have a good guide on settings up DKIM with Postfix on Ubuntu Server 16.04, its just one last thing I need to have setup a good mail server
<sarnold> cryptodan: this looks kinda old but might still be useful https://help.ubuntu.com/community/Postfix/DKIM
<cryptodan> ive seen that one, and for some odd reason my emails are not being signed by dkim
<Luxray5474> rbasak: i understand that naming now, thanks. but one of the things that are displayed when i run netplan -d apply is "netplan/tcp not found in /etc/services, using ports 2983 and 5444"
<sarnold> cryptodan: there's a much smaller mention of dkim on https://help.ubuntu.com/lts/serverguide/mail-filtering.html.en-GB -- but that might go through amavis too to work :/
<Luxray5474> oops i mean sarnold lol
<sarnold> Luxray5474: that's a funny error .. maybe pastebin your config? it feels like a word out of place or missing punctuation mark ..
<Luxray5474> okay I'll do that right now
<Luxray5474> sarnold: https://pastebin.com/cBBGXzzr
<NightMonkey> Hi, all. I would like to downgrade a package that was inadvertantly upgraded, but the old version seems to be gone from apt.
<NightMonkey> The package in question was upgraded, from the apt history log file:
<NightMonkey> Upgrade: ansible:amd64 (2.4.2.0-1ppa~xenial, 2.5.4-1ppa~xenial)
<nacc> NightMonkey: neither of those are ubuntu packages
<nacc> !info ansible xenial
<ubottu> ansible (source: ansible): Configuration management, deployment, and task execution system. In component universe, is optional. Version 2.0.0.2-2ubuntu1 (xenial), package size 992 kB, installed size 7181 kB
<nacc> NightMonkey: PPAs do not keep infinite numbers of packages going backwards
<nacc> NightMonkey: you could see if it's stil present in /var/cache/apt/archives/
<NightMonkey> nacc: Ah, thanks for your help. Sadly, I looked at the PPA after you pointed that out, and indeed, the old version is just gone. :/
 * NightMonkey rages at an indifferent sky
<sarnold> Luxray5474: hrm. I can't spot it :/
<Luxray5474> me neither
<cryptodan> Luxray5474: whats the issue
<Luxray5474> cryptodan: I was trying to set my server's IP to a static IP; 192.168.1.75. I found that making a config in /etc/netplan called 01-netcfg.yaml would allow me to do just that. So I did. But iI believe i did something terribly wrong and now, my server can't connect to the internet. I suspect it's because /etc/services/ doesn't have netplan/tcp.
<Luxray5474> cryptodan: my config is in this pastebin: netplan/tcp not found in /etc/services, using ports 2983 and 5444
<Luxray5474> oops
<Luxray5474> https://pastebin.com/cBBGXzzr
<nacc> Luxray5474: wait a sec
<nacc> netplan != nplan
<cryptodan> Luxray5474: why not just use /etc/network/interfaces
<Luxray5474> i'm on 18.04 and it doesn't exist whenever i try to cd to it
<nacc> Luxray5474: you need to do some work to go back to that if you want
<Luxray5474> yes please
<nacc> Luxray5474: iirc, reinstall ifupdown, then dpkg-reconfigure resolvconf
<cryptodan> you should have an interfaces file
<nacc> Luxray5474: where are you seeing that message?
<nacc> cryptodan: no, you sholdn't not in 18.04
<nacc> well, not necessrily, at least
<Luxray5474> "This new tool [netplan] replaces the static interfaces (/etc/network/interfaces) file that had previously been used to configure Ubuntu network interfaces. Now you must use /etc/netplan/*.yaml to configure Ubuntu interfaces." -https://websiteforstudents.com/configure-static-ip-addresses-on-ubuntu-18-04-beta/
<nacc> Luxray5474: yes, we know that :)
<nacc> Luxray5474: ok, 1) where do you see the netplan/tcp message ?
<Luxray5474> 1. I make the config.
<Luxray5474> 2. I run "sudo netplan apply"
<Luxray5474> 3. spits out the message as the last line, and starts using ports 2983 and 5444
<Luxray5474> now, i try to reconfig, and it says another daemon is using the ports, even when i kill the netplan daemon
<nacc> Luxray5474: `ls -ahl /usr/sbin/netplan` ?
<sarnold> nacc: btw where'd you spot 'nplan'?
<nacc> sarnold: well, i did a quick google for the message pasted, there's a bug from 1998 mentioning it for the *netplan* package
<Luxray5474> "-rwxr-xr-x 1 root root 40K Apr  3 12:39 /usr/sbin/netplan"
<nacc> which is not the nplan package (which is what is netplan.io)
<nacc> yeah
<sarnold> nacc: oh god.
<nacc> Luxray5474: did you try and install netplan at some point?
<nacc> the package netplan that is
<Luxray5474> it comes installed
<nacc> `apt-cache policy netplan`
<nacc> no, *nplan* comes installed
<sarnold> is it too late to give this thing a name that wasn't taken twenty years ago? P)
<nacc> they are very different packages
<Luxray5474> and I ofc can't install anything bc network is unreachable
<dpb1> sarnold: just a bit too late, yes
<dpb1> :)
<nacc> Luxray5474: please pastebin the above (`apt-cache policy netplan`)
<dpb1> but wth, we've changed twice already
<nacc> sarnold: i then did a grep in the srouces and didn't see the strings,
<nacc> sarnold: so i'm thinking that's the bug here, but i'm waiting on confirmation
<sarnold> dpb1: insert joke about snap and click names colliding with existing projects and traditions..
<cyphermox> nacc: Luxray5474: the name of the binary is always "netplan", but the name of the package is "nplan" in 16.04 and 17.10, and "netplan.io" in 18.04
<dpb1> sarnold: ha
<Luxray5474> oh
<nacc> cyphermox: right, but if a user has "netplan" installed, it *also* provides a netplan binary
<cyphermox> nacc: that should conflict
<nacc> is that handled correctly by nplan/netplan.io
<nacc> cyphermox: i agree, but i wonder what is up with the above user's system
<nacc> because on my systems /usr/sbin/netplan is a symlink
<nacc> (one an upgrade, one a fresh install)
<nacc> to /usr/share/netplan/netplan.script
<cyphermox> yes
<Luxray5474> it's too long for me to type, and my server is not in the best spot for me to be looking back and forth to, so: https://i.imgur.com/DRq3LOT.jpg
<nacc> Luxray5474: yeah, so you have netplan installed which you don't want
<cyphermox> Luxray5474: yes, that's the netplan you don't want ;)
<Luxray5474> oh
<nacc> Luxray5474: can you take a pciture of `apt-cache policy nplan netplan.io` ?
<cyphermox> I'm surprised, because 18.04 should have netplan.io installed by default, and when you try to install "netplan" you'll get semi-loud warnings about removing things
<nacc> cyphermox: agreed
<Luxray5474> https://i.imgur.com/LlmQqQK.jpg
<nacc> urgh
<nacc> you don't have netplan installed at all :/
<nacc> (netplan as in the network configuration tool)
<nacc> Luxray5474: is this a fresh install?
<Luxray5474> yes. fresh install this morning
<rbasak> That makes sense as it sounds like the two packages conflict? :)
<nacc> cyphermox: --^ ... not good
<nacc> unless they were using old install media, maybe?
<nacc> rbasak: yeah :)
<Luxray5474> okay so I guess instal of doing netplan apply i do netplan.io apply or nplan apply?
<nacc> Luxray5474: can you look in /var/log/apt/history.log to see when 'netplan' was installed?
<Luxray5474> okay
<nacc> Luxray5474: no, you don't hve the correct package installed
<nacc> Luxray5474: which is confusing, because you say it's a fresh install and the "netplan" (the package) is not installed by default and "netplan.io" (the package) should be installed by default
<nacc> Luxray5474: is this stock Ubuntu etc.?
<nacc> (sorry for all the questions, just want to understand how you got in this situation)
<Luxray5474> steps i took to install:
<Luxray5474> 1. Grabbed Ubuntu Server fomr the official site
<Luxray5474> 2. Used Rufus to burn it onto a USB thumb drive, ISO mode.
<Luxray5474> from*
<Luxray5474> 3. Installed as normal and booted as UEFI
<nacc> Luxray5474: ok, any luck with the apt log?
<Luxray5474> tryna get it to focus properly so you can see the text
<nacc> Luxray5474: sure
<nacc> Luxray5474: as background, there are two pakcages that provide the "netplan" binary. One is old and one is new. The old one is what you have installed, but has nothing to do with netplan.io or the replacement of ifupdown (/etc/network/interfaces). So you've been asking something totally unrelated to "apply" netplan config files
<nacc> now, i think it's rather funny (not haha) that the old netplan doesn't barf on an "apply" subcommand :)
<cryptodan> just a question why remove things that worked and worked well for users to replace it with more complexity
<nacc> cryptodan: because ifupdown has well known limitations
<rbasak> ifupdown definitely didn't work well for users
<nacc> cryptodan: and it's not been removed, it's just not hte default
<Luxray5474> now its uploading
<rbasak> (when trying to do anything remotely complicated)
<cryptodan> it has worked well for me on multiple linux distros including ubuntu
<nacc> cryptodan: that's nice.
<Luxray5474> i was trying to get the right angle so it doesn't reflect the bright light from outside and it doesn't reflect my whole house lol https://i.imgur.com/HRhpYMy.jpg
<nacc> Luxray5474: thanks!
<Luxray5474> and it is barely visible now that i look at it
<nacc> Luxray5474: ok, so that says at 2:23 your time, you issued "apt install netplan"
<nacc> that is the problem
<nacc> don't do that :)
<Luxray5474> ohhh
<nacc> that in turn removed netplan.io
<nacc> and probably told you it would have to
<Luxray5474> okay so i guess i have to do a whole reinstall?
<nacc> it also removed ubuntu-minimal
<nacc> Luxray5474: no, i think you can do `sudo apt install netplan.io nplan ubuntu-minimal`
<nacc> that should remove 'netplan' in response
<Luxray5474> but it isn't connected to any network
<nacc> it might have it cached
<Luxray5474> i'll try
<Luxray5474> yep it can't :P
<nacc> Luxray5474: and then problem remove ifupdown again (as you don't need it)
<nacc> Luxray5474: ok, it's probably fastest to reinstall then honestly
<Luxray5474> okay lol
<nacc> you could also probably configure your static network by hand (`ip`)
<nacc> just to do the apt commands
<sdeziel> dhclient $NIC
<Luxray5474> well thanks for all the help you guys :D
<nacc> sdeziel: i think they were doing static networking
<sdeziel> ah\
<Luxray5474> i'm a noob with linux servers, and still learning in regards to servers in general
<nacc> Luxray5474: but if you do have a dhcp server, sdeziel's suggestion would be ideal
<Luxray5474> holy
<Luxray5474> oh my god.
<rbasak> Oh
<Luxray5474> so
<rbasak> I think I know why he'll have done that.
<Luxray5474> i just found that... when you install it in the first place... you can set a static ip.
<rbasak> Type "netplan apply" and does command-not-found suggest typing "sudo apt install netplan"?
<Luxray5474> i.... i'm a complete idiot for not realizing that XD
<rbasak> Hmm. No. It does nothing (ie. it follows the symlink)
<rbasak> So I don't know.
<Luxray5474> what should be the search domain?
<nacc> rbasak: right, i didn't think cnf knew about the arguments to the binary, cool if it does :)
<Luxray5474> I know the nameservers i want to use and I put in google's and cloudflare's DNS
<nacc> Luxray5474: yes, re: static ip at install time :)
<nacc> Luxray5474: you might not have any, it depends on if you are in a domain
<Luxray5474> also it says that 192.168.1.75 isn't included in the subnet 255.255.255.0 when i obviously have a similar ip and the same subnet on my windows machine (one i'm typing with rn)
<Luxray5474> I put in 255.255.255.0/24 in the subnet field btw
<nacc> Luxray5474: you seem to be combinig two fields
<nacc> you want either 192.168.1.0/24 or 255.255.255.0 iirc
<Luxray5474> ?
<sarnold> 'search' just means how many wrong names do you want to look up before getting right names :) if you owned e.g. luxray.example.com. as your own domain, you could have machines www and ns1 and irc and so on, www.luxray.example.com, ns1.luxray.example.com, ..
<sarnold> so if you stuffed 'luxray.example.com' into the search field, your resolver would look for www.google.com.luxray.example.com and then www.google.com ...
<Luxray5474> nacc: if i only enter the latter, it says it has to be in CIDR notation
<Luxray5474> sarnold: that's pretty neat
<teward> i just had an interesting question asked of me - namely why is the MySQL server version in the repositories so old even for Bionic.  Anyone want to give me a proper answer to give them?
<teward> (MySQL 8 exists upstream now so_
<rbasak> teward: we're working on MySQL 8 packaging.
<rbasak> teward: 5.7 isn't particularly old.
<sarnold> did debian decide to stop packaging mysql and focus on the altneratives instead/
<rbasak> 8.0 was released GA only on April 19 this year.
<rbasak> The release team removed MySQL from testing in Debian. We're still maintaining it together with MariaDB in unstable.
<nacc> Luxray5474: which field are you typing this in? (picture)?
<teward> rbasak: i know it's not particularly old.  Just proxying the request ;P
<sdeziel> sarnold: isn't the search domain only used for non-FQDN names? Unless you have unusual/non-default options in /etc/resolv.conf ?
<nacc> I *think* it's used to try and resolve any name that fails to resolve
<nacc> (on its own)
<nacc> as a FQDN isn't known to be a FQDN until it resolves (in my head)
<sarnold> sdeziel: no one ever types the . though, heh :)
<sdeziel> by default, having at least 1 dot means the initial query will be tried first then search will be attempted
<sarnold> hrm, really? that's not my recollection, lst time i looked at it
<sdeziel> sarnold: I didn't mean '.' (root) but in your example www.google.com this has dots
<sarnold> I thuoght it required the finial . to skip the search
<nacc> quick, somebody strace!
<sdeziel> man resolv.conf see ndots
<nacc> interesting
<sarnold> bummer, no notes on when it was introduced
<sarnold> could be I just noticed 401202 instead and assumed I saw something else, last time I used search
<rbasak> sarnold: looks like it was there in 2008 at least, looking at the git-ubuntu repository for the manpages package.
<nacc> pkg archaeology ftw
<sarnold> rbasak: oh handy :)
<Epx998> anyone know the right way to call depmod in a chroot when updating the netboot image with newer ethernet drivers
<Epx998->  /nick Epx998
<Epx998> Install hung at finishing installation -> preseed, never seen that before
<sarnold> Epx998: you didn't miss anything while you were away
<Epx998> yeah
<Luxray5474> Aww yeah
<Luxray5474> I got almost everything to work now
<Epx998> lies
<Epx998> work is STILL making me build systems on ub12 buh
<nacc> Luxray5474: nice, so the reinstall worked ok?
<Luxray5474> Yep
<Luxray5474> Now have Plex and vsftpd running
<Luxray5474> (after much frustration of course)
<Luxray5474> I'm gonna install UnrealIRCd, and node (for my IRC bot)
<Luxray5474> that reminds me, is there any remote server management applications like Pulseway, but for linux
<Luxray5474> ?*
<sarnold> dozens?
<nacc> typically the answer to "is there any ... " queries is "yes".
<nacc> and or ltmgfy
<nacc> lmgtfy rather! :)
<Luxray5474> is there any for android tho
<Luxray5474> (like pulseway)
<nacc> cf my answer above.
<nacc> as in, go google it?
<sarnold> I installed a nagios frontend on my phone once
<sarnold> it was meant to motivate me to set up nagios
<nacc> pulseway has an android app
<nacc> sarnold: lol
<sarnold> but nagios looks kinda crunky
<sarnold> and the replacements are crunky
<sarnold> and prometheus looks neat but also looks like deploying it is a bit of a procedure
 * nacc pictures sarnold dancing to crunk
<sarnold> crunky ain't dead man
<nacc> heh
<Luxray5474> how do you do those texts? https://s15.postimg.cc/64hfvpwjv/screenshot_61.png
<sarnold> of course reading the pcp sources and docs for the pcp MIR made me want to use it on my own systems.. and netflix's vector thing looks neat..
<sarnold> Luxray5474: /me foo
 * sarnold foo
<Luxray5474> oh
<Luxray5474> thanks lol
<Luxray5474> really off the subject at hand, who else likes i n t e n s e   t e r m i n a l    f l o o d   ?
<Luxray5474> it happens a lot when i tail all Plex's logs
<dpb1> less helps with that
<sarnold> or maybe go the opposite way and use ccze or something to make it much noisier still
#ubuntu-server 2018-06-21
 * runelind_q upgrades LDS
<runelind_q> let's see if it blows up.
<cpaelzer> good morning
<lordievader> Good morning
 * Eichu0Ku_ 
<V7> Hey all
<V7> How to chroot a user correctly, so it won't move upper path ?
<V7> Can't login after adding ChrootDirectory to sshd_config for a user
<V7> Now it looks like: https://hastebin.com/xutizafebu.nginx
<V7> Ubuntu 18.04
<blackflow> V7: can you login with sftp?
<blackflow> V7: also, there are certain rules about chrooted directories. check the ssh logs. Namely, the chroot directory must be owned by root. So it can be something like root:user ownership, and 750 mode, ie. not accessible by others.
<ducasse> V7: please don't crosspost, it's pretty rude and wastes other people's time
<V7> ducasse: No answer there in about 15 mins so
<V7> Thank you blackflow. sftp gives: Couldn't read packet: Connection reset by peer
<ducasse> V7: you posted in #linux 3-4 minutes before here
<blackflow> V7: and what do the server logs say?
<V7> ducasse: Please, sorry.
<V7> blackflow: YOu're right. Says bad onwership or modes for chroot
<blackflow> mmmh-hm.
<blackflow> V7: and btw, that will only allow SFTP access. You can't ssh into that account regularly.
<V7> You mean, force-command ?
<blackflow> if you want to ssh regularly, you'll have to populate the chroot dir with some nodes required for interactive session. see the sshd_config manage on ChrootDirectory directive.
<blackflow> V7: yes, force-command.
<V7> This is an achievement :)
<blackflow> but not just it. like I just said, if you want regular ssh access too, you need some nodes in the chroot dir.
<V7> This user mustn't use ssh
<V7> shell *
<blackflow> V7: it's all explained nicely under the ChrootDirectory option in the sshd_config(5) manpage.
<blackflow> V7: in that case, this config should suffice, assuming you have proper ownership like explained earlier.
<V7> I'm actually, already reading
<V7> Thank you very much blackflow
<blackflow> you're welcome.
<jamespage> coreycb: I'm thinking we should move to <agent binpkg> -> python{3}-<module> -> <module>-common as a general pattern
<jamespage> so all the agent binpkgs do is provide the systemd units
<jamespage> osa will like that as well
<V7> blackflow: Oh dear.
<V7> Now an ownership is okay, isn't it ? https://hastebin.com/ukutogevet.coffeescript
<V7> Although, it shows an error while trying to authorize with user
<blackflow> V7: it's not. mustn't be writable by anyone other than root
<V7> blackflow: somedir or internals ?
<blackflow> somedir
<V7> So, it's not, isn't it ? 755
<blackflow> try 750
<tomreyn> "ChrootDirectory /somedir" for a directory located at /home/user/somedir seems incorrect to me.
<V7> tomreyn: Why home/somedir ?
<V7> Oh, I see, because output, I've sent to you
<tomreyn> "ChrootDirectory %h/somedir" would probably work
<blackflow> wait, is that /somedir or /.../somedir?
<V7> tomreyn: A directory is located in root
<blackflow> the ChrootDirectory is path outside of the directory of course
<V7> blackflow: It's in root
<blackflow> tomreyn: why? just chroot to user's homedir directly.
<V7> tomreyn: And output which you've seen there is little modified, so there's actually:
<V7> user@ubuntu:/$
<tomreyn> blackflow: that probbaly works, too.
<blackflow> V7: make /somedir owned by   root:user   and of mode   750
<V7> blackflow: The same
<blackflow> V7: yeah that error is worded as if you can't have a chroot dir straight under root.  Why not just make it /home/user  ?
<V7> /home/user doesn't exist
<blackflow> why not
<V7> Also, this /somedir is for mounted device
<V7> This /somedir musn't be changed
<blackflow> well I don't know about chrooting to dirs straight under root, but that error message seems to imply you can't
<blackflow> mount it under /mnt/somedir
<V7> Okay, I've changed it to /mnt/somedir
<V7> Copied stuff and now it's: https://hastebin.com/goriqazime.coffeescript
<V7> The same
<blackflow> V7: please pastebin the output of ls -la /mnt/somedir  .   I especially want to see  . and ..
<tomreyn> and ChrootDirectory is /mnt/somedir now? (i dont think it follows symlinks if you have any)
<V7> blackflow: https://hastebin.com/ifaqotosib.rb
<blackflow> great, and the ChrootDirectory is /mnt/somedir/   as tomreyn asked?  And you restarted sshd of course?
<V7> tomreyn: Yes, sshd_config: https://hastebin.com/wiyoguweso.nginx
<blackflow> V7: ugh, why password auth.....   just say no! :)
<V7> blackflow: For testing
<V7> Yes, sshd was resarted
<blackflow> V7: so, you restarted sshd (ssh.service) just to make sure, and it still throws the same mode/ownership error? can you pastebin the error? it lists the path element it dislikes
<tomreyn> ls -la would not output this with trailing slashes, so you must have run something else there: https://hastebin.com/ifaqotosib.rb
<V7> It says: sshd[1387]: fatal: bad ownership or modes for chroot directory component "/"
<V7> tomreyn: Yes, dir1 and dir2 has data
<blackflow> uh, can you pastebin the output of    stat /   ?
<V7> blackflow: https://hastebin.com/higetamagi.http
<blackflow> how did that happen :)
<blackflow> your root is owned by "user"
<V7> oh dear
<jamespage> coreycb: working ceilometer py3 (needed it for networking-odl)
<V7> root is owned.
<blackflow> well according to that pastebin, your root (/) is owned by "user"
<blackflow> tht ain't gonna work.
<V7> of course
<V7> I'll reset it now
<blackflow> how did that happen.... what's the ownership on other dirs under /  ?
<blackflow> like /bin, /usr, /etc, /root/, .... ?
<V7> Already reset all stuff
<V7> Give it some time to reboot
<blackflow> didn't have to reboot tho'
<V7> blackflow: This will reset all changes
<blackflow> how? btrfs/zfs snapshot?
<V7> Just a little tar archive of root
<Ussat> just a little tar archive.......
<V7> Interesting
<V7> I've rebooted and the same. /'s owned by user.
<V7> This might be because of /etc/fstab
<V7> I'll check this now
<V7> blackflow: So, all directoried before chrooted one should be not writeable for a user which should be chrooted ?
<V7> s/sdirectoried/directories
<V7> So, /dir1/dir2/dir3/dir4 all should be 755 ?
<blackflow> it really is all neatly explained in the frist few sentences of the ChrootDirectory option in the manpage :)
<V7> If chrooting to dir4
<V7> Yes, I've seen
<V7> aufs / aufs defaults 0 0
<blackflow> "all components of the pathname are root-owned directories which are not writeable by any other user or group".   That's the second sentence of the paragraph.
<V7> All components of the pathname must be root-owned directories that are not writable by any other user or group.
<V7> All components of pathname
<blackflow> so.... ALL compnents of the path..... ROOT owned...... not writeable by any other user or group.
<V7> This is what it mean, all units of pathname
<V7> means *
<blackflow> so that answers your question. :)
<blackflow> so, of the chroot dir. NOT the dirs UNDER the chroot.
<V7> Yup, thank you very much blackflow
<V7> oh
<V7> You mean, dir1 can be 777, but dir1/chroot should be 755 ?
<blackflow> yes, you can have whatever under it, but naturally, accessible/writable-where-needed to the "user" that's logging into that chroot.
<blackflow> V7: it can be anything, under the chroot.
<V7> Understood
<V7> Hope you'll be okay there blackflow
<blackflow> but chroot iself, the directory turned into "/" for that login session (aka the chroot), must be root owned, not writable by anyone else.
<blackflow> why wouldn't I :)
<HyP3r> Hello I'm searching for Ubuntu server a good tool which is auto remounting samba shares. I have the problem that our Windows File Server sometimes reboots and then my mounted shares are not mounted anymore. Last time I had the problem that the Ubuntu server booted and the Windows File Server was not running. In this case it would be cool if the server is retrying to mount the share consistently
<ahasenack> morning
<V7> Interesting
<HyP3r> lel
<V7> Now all works. SSHD is diabled. SFTP works well, but when I'm trying to authorize via SSH it says: "Could not chdir to home directory /mnt/somedir/: No such file or directory"
<V7> ssh is diabled *
<V7> disabled **
<V7> ... but a directory exists: https://hastebin.com/opowupehiy.scala
<ahasenack> rbasak: hey, question about git ubuntu merge workflow
<ahasenack> cpaelzer: you too are welcomed to chime in :)
<rbasak> o/
<V7> So ChrootDirectory tries to chroot into $h/chroot rather then /chroot firstly ?
<V7> Even if ChrootDirectory /chroot is set
<ahasenack> oh, sorry, left you hanging
<ahasenack> ok
<ahasenack> rbasak: what if our delta includes an upstream version bump?
<ahasenack> rbasak: when I'm in the phase where I git reset HEAD^ and deconstruct the update into individual commits,
<ahasenack> rbasak: I will have a lot of non-debian/ files and directories in there, reflecting the version bump
<ahasenack> should I put all of those under "New upstream version: x.y.z"?
<ahasenack> or just leave that particular commit as is, without deconstructing it?
<rbasak> Let me check the definitions to give you an answer that's consistent with documentation
<ahasenack> I might have used "deconstruct" incorrectly, maybe it's "reconstruct". I'm never sure
<ahasenack> it's the first old/debian rebase you do after merge start
<rbasak> ahasenack: which numbered step is that at https://wiki.ubuntu.com/UbuntuDevelopment/Merging/GitWorkflow please?
<cpaelzer> ahasenack: reading backlog ...
<ahasenack> rbasak: 3.1.3-5
<rbasak> Got it, thanks.
<rbasak> Your suggestion is right
<rbasak> "should I put all of those under "New upstream version: x.y.z"?"
<blackflow> V7: "no such file or directory" probably refers to the shell binary which doesn't exist in the chroot
<rbasak> Yes - stuff all changes not in debian/ into one commit (assuming 3.0 (quilt))
<ahasenack> rbasak: the new upstream version fixed two bugs
<cpaelzer> or is it really a version bump  and not a quilt patch?
<ahasenack> rbasak: group that all together
<ahasenack> cpaelzer: rbasak it's a real version bump, we went ahead of debian
<rbasak> Yes
<ahasenack>   * New upstream version:
<ahasenack>     - Fix database corruption bug when upgrading from samba 4.6 or lower
<ahasenack>       AD controllers (LP: #1755057)
<ahasenack>     - Fix security issues: CVE-2018-1050 and CVE-2018-1057 (LP: #1755059)
<rbasak> Per upload, that is
<ubottu> Launchpad bug 1755057 in samba (Ubuntu) "Samba 4.7.4 should not be shipped as an AD DC" [High,Fix released] https://launchpad.net/bugs/1755057
<ubottu> Launchpad bug 1755059 in samba (Ubuntu Bionic) "Samba [Bug 13272] [SECURITY] CVE-2018-1057" [High,Fix released] https://launchpad.net/bugs/1755059
<ahasenack> so stash non-debian diff under that commit?
<cpaelzer> so it is not keeping debians tarball and adding a qduilt patch and instead really bumped the versions
<rbasak> So for each upload, you may have up to one commit containing all non-debian/ changes
<rbasak> Plus the other usual ones
<ahasenack> yes, it's a new orig tarball
<cpaelzer> yep I'd still group into one
<cpaelzer> which shoud match the diff of the two orig tarballs
<ahasenack> y
<rbasak> You could split it further in theory. It wouldn't cause a problem for the workflow, but it'd be additional work to do and you don't need to go to that depth.
<cpaelzer> in case you have it split already ...
<rbasak> You'll be throwing away this one commit in the next step anyway
<coreycb> jamespage: seems to make sense. is there a package done i can look at?
<cpaelzer> like when the bump was made not from tarball but from git
<cpaelzer> then you could keep it if you want
<rbasak> The only purpose in keeping it now is that it means that the result of the deconstruct step can easily be checked.
<cpaelzer> but I also see coming that you'll drop it anyway ont he merge
<ahasenack> ok, thanks guys
<cpaelzer> the only pain would be if this was bumped via git-commits and Debian moved with the upstream tarball - sometimes  git!=tarball
<cpaelzer> so ensure the orig tarball matches
<ahasenack> this is one of those fun tarballs, with an empty directory
<cpaelzer> yay
<ahasenack> why make it easy, heh
<cpaelzer> ahasenack: are you moving even further by the merge
<cpaelzer> so if Debian was 1, we moved to 2 and he merge is now 3 ?
<coreycb> jamespage: i'm thinking about not merging congress. congress bundles antlr3 which is not ideal, and there's a bug  open upstream. zigo modifies the orig tarball to drop all of the antlr3 code, but i'd prefer to just use the published orig tarball.
<cpaelzer> then the concerns on matching tarballs don't matter
<ahasenack> cpaelzer: no, this one has a debian tarball
<ahasenack> going from 4.7.x to 4.8.x
<ahasenack> debian never released a 4.7.6, and told me they never would
<ahasenack> they went from 4.7.4 to 4.8.x
<cpaelzer> ahasenack: but that is fine, you will now move to 4.8.x and use theirs
<ahasenack> right
<cpaelzer> good
<ahasenack> so the actual merge is normal
<ahasenack> it's the deconstruct phase that had this oddball
<cpaelzer> honestly, it doesn't matter too much
<cpaelzer> as rbasak said, it is mostly to check if old/new match what they should
<cpaelzer> and later in logical to compare if all commits are retained
<ahasenack> and exercise some muscles
<cpaelzer> but since this one will be dropped it doesn't matter if it is one or 2k
<ahasenack> it will be a huge commit indeed
<cpaelzer> ahasenack: when I'm done with my current merge you can exercise some review msucles :-P
<rbasak> You can add everything and then reset out just the debian/ directory
<rbasak> Saves typing
<cpaelzer> rbasak: I added plenty of updates to your merge list
<cpaelzer> all that I thought worth discussing is added as comment's so it can be discussed as needed
<rbasak> Thanks :)
<hehsec> beep boop
<hehsec> How do you guys go about hardening new server installs?
<hehsec> and managing logs
<hehsec> Other than the usual use keys not passwords, change the ssh port to nonstandard to keep from logs getting flooded with crap
<rbasak> ahasenack, cpaelzer: what does Monday triage mean? Sat-Sun inclusive?
<rbasak> Or Mon also?
<cpaelzer> Fr/Sat/Sun
<rbasak> OK thanks
<cpaelzer> Definition; up to including the last workday
<cpaelzer> that works for any day
<cpaelzer> rbasak: also see check_dates in /snap/ustriage/current/lib/python3.5/site-packages/ustriage/ustriage.py
<blackflow> hehsec: apparmor all the things, modify services to run unprivileged wherever possible, take advantage of systemd's security features for services
<hehsec> Systemd comes with security features for services?
<hehsec> O.o?
<blackflow> hehsec: https://gist.github.com/ageis/f5595e59b1cddb1513d1b425a323db04     and then some
<hehsec> blackflow: damn
<hehsec> blackflow: I never knew I could use systemd to manage appamarmour and selinux profiles on services
<hehsec> Why do people hate systemd again?
<genii> Probably mostly because systemd-networkd
<hehsec> genii: blackflow Any suggestions for learning to automate configuration of linux machines?
<hehsec> I'm learning to work with tools like osquery
<blackflow> hehsec: ansible!
<genii> mssh sometimes is useful
<hehsec> blackflow: gah
<hehsec> genii: neat
 * leosilva lunch
<lahlfors> On an ubuntu server with no MTA currently installed, I'd like to arrange it so that regular users cannot send or receive mail, but UIDs < 1000 can send email to root (and only to root) which will be forwarded to an external address via a specified SMTP relay.  What MTA would make this easiest to achieve?
<rbasak> lahlfors: I prefer exim for that kind of level of customisation. I'm not sure about restricting sendmail by uid though. I'd check if that is possible first.
<rbasak> lahlfors: I have a standard exim configuration I use for stub servers for which I only want root email sent to me and nothing else.
<rbasak> lahlfors: https://paste.ubuntu.com/p/TBNgvPnnfP/ is what I use
<rbasak> lahlfors: that should be trivial to adjust to use an SMTP relay. Not sure about the uid restriction.
<rbasak> That doesn't stop users from sending out via SMTP directly.
<lahlfors> rbasak, thanks, this looks very helpful!
<rbasak> I think it might send _everything_ to me regardless of target address
<lahlfors> I don't want to attempt to stop users from making outgoing SMTP connections.  But I would like it to be difficult for users to arrange for any daemon on this machine to make an outgoing SMTP connection on their behalf
<sdeziel> lahlfors: to prevent users from sending to SMTP directly: iptables -A OUTPUT -m owner --uid-owner 1000-65535 -p tcp --dport 25 -j REJECT
<lahlfors> sdeziel, thanks, but that's not exactly what I want.  I want to prevent local users from sending or receiving mail using the local MTA.  Receiving should be easy (some config option).  But sending?
<sdeziel> lahlfors: that was only to prevent bypassing the MTA
<sdeziel> lahlfors: for the MTA part, with postfix you'd use http://www.postfix.org/postconf.5.html#authorized_submit_users
<lahlfors> sdeziel, now we're talking!  That config option should do what I need if I use postfix.  Thanks.
<sdeziel> lahlfors: for other MTA, a hack would be to use to use file ACLs to prevent executing the sendmail binary itself
<lahlfors> Is postfix a good "lightweight" option in general?  I have configured lots of servers but stopped installing MTAs long ago and only ever used sendmail and qmail
<sdeziel> lahlfors: beware that most MTA will let someone directly talk to 127.0.0.1:25 and let you relay with it
<lahlfors> sdeziel, I'll handle that with iptables restrictions on the loopback interface.  Not sure if I need to worry about a unix socket file somewhere, too
<sdeziel> lahlfors: postfix is pretty light IMHO. You can tune it even more if you disable inet services
<runelind_q> oh hey Landscape upgraded cleanly from 17.03 to 18.04
<rbasak> lahlfors: looks like exim has $originator_uid and you can set up an ACL on that
<rbasak> sdeziel: I would just grab a copy of the sendmail binary from somewhere else and run that :)
<lahlfors> rbasak, great, you beat me to it.  (Was looking for exim analogue of authorized_submit_users)
<sdeziel> rbasak: ouch :)
<lahlfors> geeze exim ACLs are complicated.  I guess mail is just fundamentally complicated.  ugh
<teward> yes mail is complicated
<teward> it has its own set of chaos tied to it, especially from a security perspective.
<lahlfors> Basically, I don't want get in the mail business anyway.  But it would be nice to aggregate cron emails and other problem reports at an external address
<lahlfors> Right now problems detected in cron jobs are just ignored because no MTA is installed.  A few manually send their output via amazon SES, but I don't want to be forced to configure that on each job, so I am looking into a very restrictive MTA config
<rbasak> The main security issues with mail are spam and open relays
<rbasak> My exim config attempts to avoid that by overriding everything to me, so it shouldn't be possible for someone to route anything anywhere else. exim's router mechanism is quite clear about the outcome there so hopefully no confusion. And I turn off listening on public interfaces, so I don't have to worry about SMTP ACLs.
<rbasak> (even if someone did manage to get to my exim's SMTP all they'd be able to do is send emails to me since everything redirects to me)
<rbasak> IMHO this is the most minimal and perfectly acceptable config for servers that aren't supposed to have users logged in.
<teward> rbasak: +1.  But getting everything to behave can still be tricky, when it comes to interaction with other mail servers and such
<teward> whether the config is 'perfect' or not.
<rbasak> teward: the point of my arrangement is that it doesn't really talk to other mail servers. Only my one :)
<rbasak> Well, not even "really". It just doesn't!
<teward> indeed.
<madLyfe> so when i did a fresh install of server 18.04 and did a second reboot(had to reboot again after i left the installer usb attached. shouldnt this be aware and pass over it?) it booted up and didnt show 'server login:' it was just a blinking line. i ran 'sudo reboot now' and it then asked me to login. what im getting at is it wasnt very clear where it was at after the boot up.
<madLyfe> https://usercontent.irccloud-cdn.com/file/VOeccHM5/image.png
<madLyfe> not sure if that is a bug or feature request?
<sarnold> probably not much to be done about it
<madLyfe> pretty sure it used to just land you at a login prompt. not just empty blinking cursor.
<sarnold> it did
<sarnold> look up at the tty1 line ..
<sarnold> there's your login: prompt
<sarnold> async tasks run during boot may emit content nearly forever..
<madLyfe> hmm
<ahasenack> how do I link debian merge bugs with the report in http://reqorts.qa.ubuntu.com/reports/ubuntu-server/merges.html ?
<ahasenack> an example is dovecot's entry there, it's pointing at https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/1771524
<ubottu> Launchpad bug 1771524 in dovecot (Ubuntu) "Merge dovecot 2.3.x for Cosmic" [Undecided,Incomplete]
<ahasenack> but that bug has no special tag about it
<lopta> Right, let's see how big this Ubuntu Server thing is.
<lopta> 1,162 MB (i386, 16.04.4).  That's great.
<lopta> I'll try 18.04 next.
<tomreyn> ?
<dpb1> he's downloading over carrier pigeon
<tomreyn> :)
<genii> RFC 1149
<JanC> carrier pigeons can transport quite a lot more than that at impressive speeds   :)
<JanC> e.g. if you let them carry some 256GB (and bigger capacity?) micro-SD cards
 * sarnold wonders what the airspeed velocity of RAICP carrying a RAID array is..
#ubuntu-server 2018-06-22
<cpaelzer> good morning
<lordievader> Good morning
<ahasenack> rbasak: hi, morning
<ahasenack> rbasak: one more g-u question, and I think I asked this already before, but can't remember the answer
<ahasenack> how do I record in a merge that a previous debian release not only fixed a debian bug (closes: #xxx), but also an ubuntu bug?
<ahasenack> let's say we have 1.1-1, 1.1-1ubuntu1, 1.1-2 (Closes: #xx), 1.1-3, 1.1-3ubuntu1 <- my merge
<rbasak> ahasenack: I don't think there's a common pattern to use. You can use free text to explain what happened in your latest changelog entry mentioning the bug. Or close the LP bug manually.
<ahasenack> ok
<ahasenack> rbasak: oh, I had a question I forgot
<ahasenack> rbasak: how can I run dep8 tests with packages from a ppa?
<ahasenack>        --add-apt-source='deb http://MIRROR SUITE COMPONENT...'
<ahasenack> ^maybe I just need that in the command line
<ahasenack> yeah, I'll try that
<ahasenack> rbasak: n/m, carry on )
<ahasenack> :)
<nacc> ahasenack: iirc, that's documented on the ubuntu wiki
<station> so yesturday I recived my first server motherboard A1SRi-2758F set up jumper correctly connected PSU, SSD, keyboard, VGA Monitor and USB OMVault from IMPI started everything OK but noooo since a day I trie to find the solution to the reboots switched PSU, HDD â¦ it restarts itself randomly without any flicker of the LEDS as if it would lose power all seems by the book. Usualy I reach finish coppy of OMV to HDD and even reachin
<station> inal settings to finish install.
<station> but even when only browse the Bios still the same
<sarnold> station: did anything make it to the logs?
<sarnold> station: does the bios expect a watchdog program to run after boot?
<station> bios watchdog enabled and jumper set
<station> logs????
<station> on IMPI ??
<blackflow> in the OS that's rebooting, silly. :)
<station> there isent yet a OS besides the Instal USB stick with OMV
<blackflow> oh sorry, thought it was ubuntu server issue.
<nacc> why are you asking about omvault or hardware issues in #ubuntu-server?
<nacc> station: --^
<station> it only nearly finishes install from USB, didnt yet boot from HDD
<station> hardware issues
<station> OMV is only the testing
<nacc> station: right, so ask in ##hardware?
<nacc> station: sounds like buggy hardware
<station> server hardware â¦
<station> ok sory
<nacc> station: ubuntu server (the software product) can't do anything with buggy hardware
<nacc> i feel like that's rather obvious
<nacc> get your hardware in order
<Ussat> WAT !!!! come on......why cant Ubuntu fix hardware now :)
<Ussat> (I jets obviousely)
<Ussat> jest
<nacc> heh
<sarnold> "bios watchdog enabled"
<sarnold> I have to wonder if this is exactly his  problem
<Goop> Yo, I'm trying to play Minecraft (a Java game) on an Ubuntu server. I was able to VNC into the server, but the game crashes because it doesn't see a screen to use.
<Goop> How do I fix this?
<dlloyd> running it how?
<nacc> !crosspost | Goop
<ubottu> Goop: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<nacc> they are already being helped in #ubuntu
<Goop> vnc4server, running the Ubuntu gnome.
<nacc> ahasenack: fwiw, i think it's easier to put the LP: # in the changelog (so that it's tied to the upload in Launchpad and if a user is affectged by the bug). Also makes it easier to figure out SRUs that way.
<ahasenack> nacc: but it wasn't fixed in that particular version referred to in the changelog, it was fixed before in an intermediary debian release
<nacc> ahasenack: but in ubuntu, it ws
<nacc> *was
<ahasenack> right, in ubuntu, that's the upload that fixes it
<nacc> the effet is this upload to ubuntu does close that bug *in ubuntu*
<nacc> *effect
<nacc> ahasenack: it's also less work for you in theory :)
<nacc> ahasenack: alternatively, you could link the MP manually too
<ahasenack> that I did
<nacc> ah ok
<ahasenack> but it won't close the bug on its own
<nacc> yeah
<ahasenack> nacc: https://code.launchpad.net/~ahasenack/ubuntu/+source/samba/+git/samba/+merge/348424
<nacc> ahasenack: ah thanks; i just saw the mail
<nacc> ddstreet: thanks for showing me up :-P
<ddstreet> nacc lol nah just reinforcing what you said :)
<nacc> ddstreet: yeah, i probably should have done more cursory grepping :)
#ubuntu-server 2018-06-23
<qwebirc50446> I've question about /snap directory, It's occupying my server about 1gbs, and I want to remove it, anyway how to remove it? Thanks
<madLyfe> what does this mean? after a reboot? https://usercontent.irccloud-cdn.com/file/5MDH0Iw7/image.png
<qwebirc50446> anyone ?
<qwebirc50446> hmm..
<ikonia> anyone what ?
<BenyaminL> about snapd. I just remove it. is it safe ?
<BenyaminL> because snapd take so much SSD space on my server after fresh install ubuntu
<andol> BenyaminL: Unless you know that you plan to run snap apps on your server, yes then it's likely safe to remove it.
<BenyaminL> andol: No, I don't use snap tools on server, I just know snap after I run ncdu -_-, too long working on windows server -_-.
<ikonia> }
<ikonia> how much space does snapd actually take up BenyaminL ?
<BenyaminL> 1gb, it's about 1gb
<andol> ...which isn't necessarily neglible if you have a small single-purpose VM.
<BenyaminL> andol: it's, because it's micro vm
<andol> BenyaminL: I'm agreeing with you :)
<arooni> question; i changed the data directory for mysql ; and now it wont start up; i set new data directory to mysql but it wont start https://gist.github.com/arooni/d1b5888a742c7b2751cc4a38a2bfb936 ;; i already added new directory to apparmor (ubuntu 18.04) ; ideas?
<blackflow> arooni: and what does the mysql log say?
#ubuntu-server 2018-06-24
<arooni> you're referring to /var/log/mysql/ error log?
<blackflow> arooni: I guess so
<arooni> because i dont see any entry there
<blackflow> arooni: is any logging configured in my.cnf? and anyway, how exactly did you change the data dir?
<arooni> was folllowing https://www.digitalocean.com/community/tutorials/how-to-move-a-mysql-data-directory-to-a-new-location-on-ubuntu-16-04
<blackflow> arooni: so first things first, put the apparmor profile in complain mode, see if that fixes it.
<arooni> im googlign that
<arooni> i'm not sure how to use sudo aa-complain /path/to/bin/  that would be my path to mysql?
<blackflow> arooni: aa-complain usr.sbin.mysqld
<arooni> ok thats done
<arooni> where is the output of apparmor complaints its not in my mysql error log
<blackflow> arooni: journal, syslog.  grep for "audit"
<blackflow> anyway, if it's in complain mode, then it won't block. if that fixes mysqld starting up, then it means you have to adjust the profile properly.
<blackflow> looking at that DO article, I think the problem is that it didn't reload the modified profile. I'm not sure just "restarting" AppArmor will do that.
<blackflow> I use apparmor_parser -r   directly
<arooni> https://gist.github.com/d5a532fb94c3ff118d2056091e8936db doesnt it mean its allowing stuff?
<arooni> today is the first ive ever heard of apparmor
<arooni> im a bit of a linux noob; excuse the noobness
<blackflow> yeah in complain mode it won't actually block, but will continue auditing. so, did that fix mysql service?
<arooni> sadly no
<arooni> ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<arooni> gawd this is annoying and frustrating
<arooni> it shouldnt be so damn hard just to move data directory
<blackflow> arooni: so you rsynced the original data dir to another location, changed 'datadir' directive of mysqld.conf and restarted the service?
<blackflow> arooni: check the new dir first. that rsync command looks wrong, no trailing slash on the source directory, it'd copy the directory over to the destination
<arooni> i did arsync the original data
<arooni> i changed datadir
<arooni> in the config
<blackflow> check the destination dir you supposedly moved the files to, if it's correct
<arooni> this was my rsync command  sudo rsync -av /var/lib/mysql data/
<blackflow> arooni: right, and now you have .../data/mysql/...     right?
<arooni> theres 3.6 gig there
<arooni> so it looks to be all there
<arooni> blackflow: its in /home/arooni/.mysql/data/mysql
<blackflow> and that exact path is what you put into "datadir" directive of mysqld.conf?
<blackflow> not  /home/arooni/.mysql/data/  ?
<arooni> that was my thought too
<arooni> 90% of the time its a typo
<arooni> mysql starts up just fine when its in the default directory
<blackflow> right, missing trailing slash on the src dir
<arooni> you mean i screwed up my rsync?
<blackflow> arooni: oh another thing... check that all path elements are accessible to the mysqld user
<arooni> or my path in my.cnf
<arooni> https://gist.github.com/c63b27eaa35edd92c099238ebcdd4bbb
<blackflow> let me put it this way.....   rsync  /path/a /path/b/    will create   /path/b/a/...       and    rsync /path/a/ /path/b/       will copy files under a/ to b/
<arooni> blackflow: so maybe i should redo the rsync
<arooni> with full paths
<blackflow> doesn't matter, if this works for you. the question is only fi you want   /home/david/.mysql/data/<files here>    or   /home/david/.mysql/data/mysql/<files here>
<arooni> i dont honestly care
<arooni> i think the files are all there; im just not sure why mysql cant find them
<blackflow> also check that /home, /home/david and /home/david/.mysql   are accessible to the mysql user. those dirs are probably owned by david, so they ALL must have read and exec rights for "others"
<arooni> i also need to eat dinner; but i get stubborn
<arooni> ahhh
<arooni> thats a good point
<arooni> so lets ask this question
<arooni> whats a better directory
<blackflow> why did you even move it?
<arooni> maybe /home/mysql
<arooni> blackflow: was trying to free up space on root partition
<arooni> never again
<blackflow> if I had to do that, I'd create /home/mysql-data   just for those files
<blackflow> and make it owned by "mysql:mysql"
<arooni> see thats what a smart person would do
<arooni> i always though that acls worked on linux like ; as long as the group/owner was there it didnt matter where it was
<arooni> but i think the problem here is
<arooni> the mysql user doesnt have access to /home/david let alone the sub dir its in
<blackflow> no no, i tmatters, ALL path elements must be accessible
<arooni> ahhhhhhhhhhhhh ha
<arooni> so that was the basic lack of knowledge i had
<arooni> lets see if moving it to /home/msyql works better
<blackflow> yeah the kernel is checking them top-down, one by one
<arooni> blackflow: is there anyway to test to see if the mysql user could access manually
<arooni> i guess running su mysql
<arooni> and then seeing if i could navigate there?
<blackflow> yeah that's one way
<arooni> is there a better way
<blackflow> I wouldn't know
<arooni> well
<arooni> that fixed it
<arooni> thanks for the hand holding :)
<arooni> how do i turn off that apparmor complaining thing
<blackflow> don't forget to adjust the apparmor profile
<arooni> i did :)
<blackflow> aa-enforce usr.sbin.mysqld
<arooni> can you explain it like i'm 5 what the point of apparmor is
<blackflow> AA is mandatory access control (MAC). unlike traditional unix (discreet access control) with users, groups and rwx, in a MAC every SUBJECT (process) is checked for access (read, write, execute, create, ......) for any OBJECT (process, file, socket, ...) it wants to interact with.
<blackflow> so you write policies that say:   proces X can READ path Y.  or process X can execute binary Y at path Z, ...
<blackflow> it's a bit more complex, there's more than just filesystem paths involved, but that's the gist of it
<arooni> makes sense;  does all linux use that
<arooni> or is it just ubuntu
<arooni> *all linux distros
<blackflow> ubuntu takes extensive advantage of it. CentOS, Fedora, RHEL  use another MAC system called SELinux
<blackflow> that's pretty much it, I don't know if any other distro makes the effort to enable and provide some default profiles for a MAC like AA or SELinux
<blackflow> at any rate, AppArmor is good. being MAC, your MySQL could get compromised and elevated to root, but root couldn't do anything that's not allowed by the profile.
<blackflow> that's the whole point of it. without it, if your mysqld became root, then it could access anything, because it's root, right?   MAC doesn't care about users or groups, only about explicit access declared in the profiles.
<blackflow> or in other words, with a MAC profile, you render root unprivileged.
<arooni> so they all have their apparmor equivalent
<arooni> when you use MAC ; what is the abbreviation youre using
<blackflow> Mandatory Access Control
<arooni> that makes sense
<arooni> as i learn more about linux; seems its pretty well thought out; and secure
<blackflow> well, it has tools and means to make your computing environment reasonably secure, but it's never absolute.
#ubuntu-server 2019-06-17
<kinghat> i have a supermicro board, its possible to use two different speed memory modules isnt it? it will just use the slower one?
<OerHeks> maybe yes, maybe no, i guess not always.
<JanC> kinghat: depends; it might depend on how many memory banks there are, whether it's a multi-CPU board, etc.
<JanC> you motherboard's manual should have the details
<kinghat> ya its a supermicro dual bulldozer opteron
<JanC> usually you can find those on the manufacturer's site
<kinghat> it doesnt really say about using different speed mem modules.
<JanC> or in the box when you bought it new
<kinghat> just which slots to populate and which types it supports.
<kinghat> definitely dont have the box.
<JanC> then maybe it doesn't matter (and will use the slowest, as you say, or maybe even a slower speed if that's necessary to make both work)
<kinghat> ya im going to give it a whirl.
<JanC> might be a good idea to run memtest86 or similar for a couple days to make sure it's stable  :)
<JanC> if you can, using the same memory is probably a good idea though
<kinghat> ya i just dont have enough lol
<jc_> Hi, Anyone with experience in deploying the OpenStack with provider network. I have configured the openstack without any errors. Floating IPs are getting allocated but I am not able to connect to VMs. Any suggestions, where should i look for identifying actual problem?
<weedmic> something like this but for sound cards - proc /etc/cpuinfo?
<weedmic> nvm - i found my receipt
<Pici> weedmic: theres lshw
<weedmic> ok, great
<weedmic> Pici: that's nice - even lists chips on the mobo - ty
<teward> TJ-: alive?
<TJ-> teward: parts of me are; not sure about the brain though!
<teward> lol
<teward> TJ-: that nginx patch you submitted, you might want to give it a shot at upstream consideration.
<teward> because it's more complex than simply adding a 'sleep' like other patches have done
<teward> and MIGHT actually solve the issue permanently
<teward> was suggested in discussion with one of the upstreams
<TJ-> teward: really? hmmm... OK, I'll fire it to the mailing list then
<TJ-> teward: "as a basis for discussion of the underlying issue" :)
<teward> yep make sure you read their guidelines.
<teward> and yes lol
<teward> http://nginx.org/en/docs/contributing_changes.html?
<teward> needs to be an hg changeset but meh
<teward> would like to test on cent but i'm lazy :p
<TJ-> I've never used nginx :)
<teward> lool
<kinghat> how do i turn off the lock that ubuntu server puts on when you login preventing upgrades?
<kinghat> https://paste.debian.net/hidden/7ce97532/
<teward> kinghat: do you have unattended-upgrades installed and enabled?
<kinghat> not sure it was just a default server install
<teward> i'd advise you check, `sudo apt-cache policy unattended-upgrades` will tell if it's installed
<teward> if it is, chances are what you're seeing are unattended upgrades doing its thing
<teward> it's not when you *login* that it locks, its when unattended-upgrades runs it locks
<teward> so you just wait
<RoyK> teward: check ps axf output - I guess there's an apt process running already
<teward> kinghat: ^
<teward> RoyK: kinghat needs the help :)
<kinghat> https://paste.debian.net/hidden/a56a2031/
<teward> OK so it's isntalled.
<teward> kinghat: check `ps axf` output for anything apt or dpkg related
<teward> see what it says
<teward> (as RoyK suggested)
<kinghat> trying to extract this on server: https://paste.debian.net/hidden/bffdecb8/
<Odd_Bloke> kinghat: That suggests it isn't a valid ZIP file.
<kinghat> extracted the archive fine on desktop
<Odd_Bloke> kinghat: Did it definitely transfer successfully?
<Odd_Bloke> (I'd suggest comparing checksums to be sure.)
<ahasenack> rbasak: still around?
<ahasenack> rbasak: I could use some hints with dpkg-maintscript-helper rm_conffile, it's not doing what I expect
<rbasak> o/
<ahasenack> issue is after the install of the new package, i still have:
<ahasenack> -rw-r--r-- 1 root root 121 Oct 26  2017 /etc/default/ipmidetectd.dpkg-remove
<ahasenack> I wanted it gone
<ahasenack> so let me paste the maintscript file I have, and versions
<ahasenack> rbasak: https://pastebin.ubuntu.com/p/sCN6NxkfBx/ has versions, d/*.maintscript*, and the rendered ones in /var
<ahasenack> my expectation when upgrading from 1.5.7 to 1.6.1 was to have that file removed (I didn't change it)
<rbasak> Looking
<ahasenack> it's no longer shipped in the 1.6.3 (sorry, I meant 1.6.3 above, not 1.6.1) package even
<rbasak> ahasenack: I don't see why that wouldn't work.
<rbasak> ahasenack: if you're sure that the code you're running is the code you're seeing, etc, then I'd instrument the maintainer scripts with set -x and echo "$@" next
<rbasak> ahasenack: and then see if running line 37 from your pastebin afterwards doesn't delete it, and if not why not (I think you need to set environment variables to mimic a maintainer script environment like DPKG_MAINTSCRIPT_NAME
<rbasak> )
<ahasenack> ok
<ahasenack> it was going just like the manpage said
<ahasenack> the name *.dpkg-remove is indicative that it decided the file wasn't changed
<rbasak> Yeah
<ahasenack> so the next script could remove it
<ahasenack> but didn't
<rbasak> So the only question is why the postinst doesn't remove it
<ahasenack> ok, let me add some -x, see how it's called
<ahasenack> rbasak: I added the dist-upgrade output, I forgot to add it before. Just for completeness. But we can see the maintainerscript acting in there for other files: https://pastebin.ubuntu.com/p/8Dj9t92nNF/
<ahasenack> basically "Installing new version of ..."
<ahasenack> rbasak: does this shed any light on the issue, or not yet? https://pastebin.ubuntu.com/p/ykNgxhdhDP/
<ahasenack> my next step is to call that interactively, setting any required env var
<rbasak> ahasenack: I agree with you. That line is definitely running then.
<ahasenack>  /usr/bin/dpkg-maintscript-helper has a "debug" statement, let me see if I can find out how to activate it
<ahasenack> DPKG_DEBUG
<ahasenack> ok
<ahasenack> rbasak: got it!
<rbasak> Now I'm in suspense!
<ahasenack> rbasak: the previous version, 1.5.7-2ubuntu1, due to a bug in that version, was never fully installed
<rbasak> Ah!
<ahasenack> it's a bug I'm fixing in this update (well, debian fixed it)
<ahasenack> but that was enough for postinst to not consider it an upgrade
<ahasenack> so instead of the helper being called like this:
<rbasak> I wonder if that's a dpkg-maintscript-helper bug.
<ahasenack> + dpkg-maintscript-helper rm_conffile /etc/default/ipmidetectd 1.6.3-1.1ubuntu1~ freeipmi-ipmidetect -- configure 1.5.7-2ubuntu1
<ahasenack> it was called like this:
<ahasenack> + dpkg-maintscript-helper rm_conffile /etc/default/ipmidetectd 1.6.3-1.1ubuntu1~ freeipmi-ipmidetect -- configure
<ahasenack> no version at the end
<ahasenack> as one parameter
<ahasenack> the version comparison, to see if finish_rm_conffile should be called or not, is
<ahasenack>                 if [ "$1" = "configure" ] && [ -n "$2" ] &&
<ahasenack> since $2 was ""...
<ahasenack> the renamed conf file was left over
<ahasenack> sorry, I mean the version comparison is going to be called if $2 exists, but it didn't
<ahasenack> https://pastebin.ubuntu.com/p/wVjdpRJKKv/ is the bit in the helper
<rbasak> ahasenack: oddly though your pastebin in https://pastebin.ubuntu.com/p/ykNgxhdhDP/ doesn't show that in line 7 though? That one does have the version.
<ahasenack> rbasak: that was installing the same package over it, I'm ashamed to say
<ahasenack> I didn't bother to downgrade
<rbasak> ahasenack: it's an interesting interaction nonetheless, and one I think is worth documenting somehow.
<ahasenack> and repeat the test
<powersj> teward, congrats!
<teward> powersj: thank you :)
<rbasak> I'm not sure it's possible to fix easily in dpkg-maintscript-helper, but probably worth a bug regardless so this slightly surprising behaviour won't send someone else down your rabbit hole :)
<ahasenack> rbasak: maybe the weird thing is that preinst didn't seem to mind the previous package was in a failed state
<ahasenack> and it did its thing
<rbasak> ahasenack: I believe that's expected behaviour though
<rbasak> ahasenack: the error states and required unwinds are well specified: https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#summary-of-ways-maintainer-scripts-are-called
<ahasenack> I bet they are :)
<powersj> slashd, congrats as well!
<ahasenack> iF  freeipmi-ipmidetect              1.5.7-2ubuntu1              amd64        GNU IPMI - IPMI node detection tool
<powersj> woops lol
<ahasenack> rbasak: that's the state I was starting with^
<powersj> meant ddstreet, congrats as well!
<rbasak> ahasenack: that makes sense.
<rbasak> ahasenack: it does seem wrong though that .dpkg-remove can ever end up outlasting the upgrade after the error state is repaired.
<ahasenack> rbasak: https://pastebin.ubuntu.com/p/cpq7YKQpSz/ line 44:preinst ; line 140:postinst
<ahasenack> so line 144, which is -n "$2", sees an empty $2
<ahasenack> and skips the rest of the removal code
<ahasenack> and we are left with /etc/default/ipmidetectd.dpkg-remove at the end
<ahasenack> is this interesting enough to email ubuntu-devel@?
<ahasenack> or just expected
<ahasenack> expected in retrospect, I mean :)
<ahasenack> it's never expected when it happens :)
<DK2> https://imgur.com/a/oWwlbdC any idea what is broken here? server refused to boot
<solderfumes> <DK2 "https://imgur.com/a/oWwlbdC any "> Not enough info to be sure. The System DBUS failed to start for some reason? Is your rootfs writable?
<DK2> solderfumes: trying got a livesystem now
<rbasak> ahasenack: interesting enough to file a bug against dpkg-maintscript-helper I think.
<rbasak> The user story you have there doesn't clean up .dpkg-remove as expected.
<rbasak> Though since it's cruft it'll probably be low priority, and there isn't an obvious way to fix it I don't think.
<tobias-urdin> coreycb: sending now so i dont forget the details, troubleshooting the puppet CI being broken for ubuntu for some month(s) now
<tobias-urdin> http://logs.openstack.org/04/665704/1/check/puppet-openstack-integration-5-scenario001-tempest-ubuntu-bionic-mimic/f4cd240/logs/nova/nova-compute.txt.gz#_2019-06-17_15_55_04_732
<tobias-urdin> so we install using the nova-compute-qemu (or kvm package), this pulls "qemu"
<tobias-urdin> qemu should pull qemu-system "Depends: qemu-system (>= 1:2.11+dfsg-1ubuntu7)"
<tobias-urdin> but it doesn't, so there is no x86 emulator binary since qemu-system provides (pkg: qemu-system-x86) isn't pulled in
<tobias-urdin> so nova-compute-qemu depends on "qemu", "nova-compute-libvirt", but the "qemu" doesn't depend in "qemu-system" provides properly
<tobias-urdin> if i install "qemu-system" or "qemu-system-x86" directly it works
<tobias-urdin> you can see repos and dpkg
<tobias-urdin> http://logs.openstack.org/04/665704/1/check/puppet-openstack-integration-5-scenario001-tempest-ubuntu-bionic-mimic/f4cd240/logs/apt-cache-policy.txt.gz
<tobias-urdin> http://logs.openstack.org/04/665704/1/check/puppet-openstack-integration-5-scenario001-tempest-ubuntu-bionic-mimic/f4cd240/logs/dpkg-l.txt.gz
<tobias-urdin> hopefully i'll hear from you later today :)
#ubuntu-server 2019-06-18
<teward> TJ-: so as soon as Comcast facilitates me getting my new IP block of 5 static IPs, I"mma be putting your NGINX pidfile changes intoa  production environment for several of my sites, that'll be a good test if it works in a production environment.
<teward> will let you know.
<TJ-> teward: I've not doubt it's fine; it fixes a clear race condition over the fork
<teward> yeah i don't doubt it either
<teward> but i want to test
<teward> in a production env xD
<teward> because i'm picky :)
<Ussat> testing in prod.....
<TJ-> teward: wow, late reply, good job I was connected again :) Talking of race conditions I'm chasing another at the moment. GUI session, Lid-close event suspend, resume->unlock->DPMS off and display blanked, switch to a console TTY and DPMS on, switch back to GUI DPMS off!
<teward> heh
<teward> TJ-: your initial reply to me was 22:44 horus local time
<teward> i was in bed at 22:30 :p
<TJ-> slacker :)
<TJ-> 03:44 TJ- teward: I've not doubt it's fine; it fixes a clear race condition over the fork
<TJ-> my head is spinning getting grips with too many new code bases... got to do that nginx post later, too
<teward> heh
<teward> TJ-: you took on too many tasks
<teward> time to RELAX!  *hits in head with baseball bat*
<TJ-> nah, just some end up sucking up more time than anticipated; it's the #1 bug of bug-fixing!
<TJ-> btw I was up early, not late to bed!
<teward> heh
<blackflow> hey teward, congo rats on devship!
<teward> blackflow: thanks!
<ejat> anyone can help with this : http://paste.ubuntu.com/p/mGdWG5MgwC/
<sarnold> ejat: yes, don't go anywhere while I track down a link
<sarnold> ejat: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832919
<ubottu> Launchpad bug 1832919 in openssl (Ubuntu) "installed libssl1.1:amd64 package post-installation script subprocess returned error exit status 10" [Undecided,Confirmed]
<sarnold> ejat: comment #7 has a suggestion, dpkg-reconfigure libc6
<ejat> how about #10 ?
<ejat> thanks @sarnold
#ubuntu-server 2019-06-19
<tobias-urdin> coreycb: jamespage any of you around?
<sahid> jamespage: morning, I have some snapshots ready for train m1
<jamespage> tobias-urdin: I am
<tobias-urdin> jamespage: sorry for ping, maybe coreycb is on pto, here is a snippet or my irc spam from last night http://paste.openstack.org/show/753171/
<sahid> jamespage: when you have a moement can you sponsor me to syncpackage python3-ddt? cinder is needed version 1.2.1 which is in experimental
<sahid> i successfully built the package on eoan
<jamespage> sahid: yep - do you have alist of things I need to look at?
<jamespage> tobias-urdin: which UCA pocket does that test pull from?
<sahid> jamespage: sure let me prepare one for you
<jamespage> sahid: if we sync python-ddt from debian experimental it drops python-ddt as a binary package which is OK - but we have to be prepared todo the work to drop py2 support from the reverse dependency chain
<jamespage> sahid: 'reverse-depends -b python-ddt'
<jamespage> that's the first set of rdepends, each of those may have some more
<jamespage> without fully dropping the reverse-dependencies, it will just wedge in -proposed until we complete the work
<sahid> jamespage: i probably missed something, i'm asking about to sync the python3
<sahid> or you are saying that, syncing python3-ddt will drop python-dtt?
<jamespage> sahid: yes
<jamespage> sahid: the source package is python-ddt - the version in debian experimental only builds python3-ddt (python-ddt has been dropped)
<jamespage> sahid: ftr we can only sync source packages - python3-ddt is a binary package only - $ rmadison -u debian python3-ddt
<sahid> jamespage: understood, so basically doing a merge by our own like we do with the openstack deps, right?
<jamespage> sahid: to unblock the milestones we're currently working on I'd just do a version bump in Ubuntu; we need todo the python-* drop soon, but I'd try not to entangle it with this first milestone
<jamespage> sahid: working your list of merges now - thankyou!
<jamespage> sahid: one amendment to manila-ui - https://paste.ubuntu.com/p/Jszy3FfJTG/
<jamespage> python versioning is not quite the same as distro versioning
<jamespage> 14.0.0.0b3 is equivalent to 14.0.0~b3 in distro versioning
<tobias-urdin> jamespage: sry, went to lunch, you mean repos? here is the apt cache
<tobias-urdin> http://logs.openstack.org/04/665704/1/check/puppet-openstack-integration-5-scenario001-tempest-ubuntu-bionic-mimic/f4cd240/logs/apt-cache-policy.txt.gz
<jamespage> however we normally just use 14.0.0~ in this case to capture all betas/rcs etc during development
<jamespage> sahid: ok those are all done and uploaded - thankyou :)
<jamespage> tobias-urdin: yeah - qemu has moved to oldlibs in disco/bionic-stein
<jamespage> so we'll need to change the dependency in nova-compute-qemu to pick the right qemu package
<jamespage> is there a bug open for this?
<tobias-urdin> jamespage: no, i wasn't sure if it was a bug :) do you want me to create one?
<jamespage> tobias-urdin: yes please!
<tobias-urdin> jamespage: thanks for the help! https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1833406
<ubottu> Launchpad bug 1833406 in nova (Ubuntu) "nova-compute-qemu package not pulling in proper qemu" [Undecided,New]
<supaman> do system accounts like www-data, openldap etc always get the same UID/GID on ubuntu systems?
<cpaelzer> supaman: there is a set of preallocated IDs, hose using that get the same ID
<cpaelzer> supaman: this is requried fro e.g. cross node NFS UID stability
<cpaelzer> base- something, let me check
<supaman> ok, thanks
<supaman> NFS sharing is excactly what I am thinking about :-)
<cpaelzer> supaman: https://launchpad.net/ubuntu/+source/base-passwd
<cpaelzer> TL;DR: you request a ID, you get one and then the packages postinst can use this ID
<supaman> excellent, thanks
<supaman> aha, /usr/share/base-passwd/{group,passwd}.master contains the info
<sahid> ack for the versionning issue
<sahid> thanks for the review/upload jamespage
<mason> Is there an arm-specific channel? I'm seeing oddly different behaviour writing ubuntu-18.04.2-preinstalled-server-armhf+raspi3.img to a memstick (which works) and an actual hard drive (which ends up not working)
<TJ-> mason: what device are you trying to boot from the hard-disk image?
<ahasenack> rbasak: can an sru, assuming the other changes are ok, also change a package from native to non-native?
<ahasenack> I mean in terms of policy
<mason> TJ-: RPI3b+. It boots Raspbian from the hard drive unproblematically. It boots Ubuntu from the memstick unproblematically, but won't do it from the hard drive. Still exploring
<TJ-> mason: how far does the boot get? what do you see?
<mason> TJ-: It never finds a bootloader.
<mason> I'll find another USB hard drive later and compare what gets written out.
<TJ-> mason: have you see this, and the first para link to  "why some USB mass storage devices don't work"  https://www.raspberrypi.org/documentation/hardware/raspberrypi/bootmodes/msd.md
<mason> TJ-: Doesn't apply.
<mason> TJ-: If it did, I wouldn't be able to boot Raspbian from the drive.
<rbasak> ahasenack: I don't think we have any policy on that. It seems like quite a rare event :)
<rbasak> ahasenack: I don't see any reason it'd be a problem because it's only a source level change that doesn't impact the built binaries.
<rbasak> ahasenack: you should call it out in the SRU documentation though so it doesn't confuse the reviewer.
<ahasenack> sure
<ahasenack> (about the call out)
<ahasenack> I was wondering if it would become a "new" package in the queue
<rbasak> You could probably demonstrate via binary debdiff that it hasn't impacted the output.
<TJ-> mason: so presumably the boot images are subtly different
<rbasak> I don't think it would
<rbasak> ahasenack: I would probably run that by someone to make sure I haven't missed anything before accepting.
<rbasak> But I can't think of any issue.
<mason> TJ-: Yeah, and I need to figure out just how. Having one of each available instead of each in turn, I'll be able to compare directly.
<TJ-> mason: I suspect the image has been designed (expected) to only boot from SD-card
<mason> TJ-: Maybe. I'll explore the differences when I get a chance later.
<mason> TJ-: Do you know if there's a specific channel where folks talk about ARM?
<TJ-> mason: I'm not aware of one, but then again I've never needed to.
<mason> I'll report back whatever I find. Maybe I'll end up constructing the partitioning by hand and copying things over. Be nice if the image worked out of the box, so if I can identify what's different, maybe you guys can make the requisite changes.
<TJ-> mason: I'm not sure who does those builds or if there is a team/project in Launchpad for it even
<mason> TJ-: Eh, we can tackle that after I figure out what's different. :)
<mason> It wouldn't be a problem if Raspbian were more pleasant, but... =cough=
<TJ-> mason: what's wrong with it?
<mason> TJ-: Have you used it much?
<TJ-> mason: this may be the ubuntu image builder but it is difficult to find any info https://launchpad.net/ubuntu-pi-flavour-maker
<mason> Hm, will explore it. Thank you.
<TJ-> mason: Yes
<mason> TJ-: So, they incorporate bits of systemd, but it's hit or missing knowing just what. They have a configuration tool that doesn't wholly configure the things it says its configuring. Just a lot of slap-dash stitching together of tools...
<TJ-> Sounds like typical sysv-init
<mason> TJ-: Nah, sysvinit is a lot more straightforward and approachable.
<mason> TJ-: sysvinit is why we have this playground to experiment and inflict new horrors on the world. It's the sheer success of sysvinit that gives us an industry.
<mason> TJ-: But either way, you saw the bit where they've moved to systemd, yes?
<TJ-> mason: I use it extensively, not had any problems with Rasbian in that respect
<mason> Raspbian
<jamespage> mdeslaur: testing the disco update for ceph at the moment
<mason> TJ-: To be fair, I've never before encountered anyone with my sheer bugfinding potential.
<ahasenack> rbasak: regarding haproxy, we are two versions behind
<ahasenack> us and debian unstable are at 1.8.x, but debian experimental has 1.9.x already, and upstream just released 2.0 which you saw
<mdeslaur> jamespage: thanks
<jamespage> mdeslaur: I'm preparing point release updates for disco and cosmic (13.2.x series) are the security updates included in those releases.
<jamespage> ?
<mdeslaur> jamespage: one sec, let me check
<jamespage> mdeslaur: anyway +1 on the disco update; doing cosmic next
<mdeslaur> jamespage: I gather that is going to be 13.2.6?
<jamespage> mdeslaur: yes
<mdeslaur> jamespage: looks like they are
<supaman> in the output of mount, the rsize and wsize for NFS shares, are they bits or bytes?
<lordcirth> supaman, bytes
<supaman> ok, 256 KB ... thats a bit large isn't it (not sending that large files usually) :-)
<sfx2496> what is the right way to deal with "Ubuntu Server 18.04 Temporary failure in name resolution" at custom DNS, solutions like these give no result: https://stackoverflow.com/questions/53687051/ping-google-com-temporary-failure-in-name-resolution only /etc/resolv.conf works as temporary solution
<lordcirth> sfx2496, please pastebin the output of 'systemd-resolve --status'
<sfx2496> http://termbin.com/ycrz
<lordcirth> sfx2496, so, you don't have a DNS server set there
<lordcirth> sfx2496, How are you configuring your networking?
<sfx2496> in /etc/netplan/50-cloud-init.yaml since other ways are depreciated so it seems
<lordcirth> sfx2496, and do you have 'nameservers:' configured there?
<sfx2496> now I have
<sfx2496> seems to work after reboot
<sfx2496> while still have "prepend domain-name-server" set to my DNS in dhclient.conf
<sfx2496> so I derailed away from the yaml file by random solutions on this error
<sfx2496> ty for pointing out
<lordcirth> no problem
<sfx2496> are those x.x.in-addr.arpa under DNSSEC NTA: default resolvers?
<sfx2496> k, http://www.tcpipguide.com/free/t_DNSReverseNameResolutionUsingtheINADDRARPADomain-2.htm
<tds> sfx2496: DNSSEC NTAs are nagtive trust achors, they tell resolved to not validate dnssec for anything in those zones
<tds> eg that's mostly zones used for reverse dns of private address space
<geard> hey everyone,i have stepped into a new environment with very little documentation on setup, configuration and system state. I am looking for suggestions on how you would approach inventorying a largish(~100 systems) crusty network
<sarnold> ow, that's quite the undertaking
<sarnold> I think I'd try a few prongs -- scanssh to get a quick inventory of what's there and what feels old, collect crednetials to all the machines as you can; maybe some arp scraping to try to find out what's on the network and *not* responding to ssh on the usual port..
<geard> sarnold: yeah, I figured I would get that kind of response. I would eventually like to implement puppet or chef or insert CM solution here
<sarnold> maybe managed switches can dump that information for you already..
<geard> sarnold: I have a decent inventory. luckily we are  amostly virtual shop(vmware) so I have a decent inventory of systems. I am more looking for how to identify which applications are installed first. then backup their configurations.
<sarnold> geard: ohhh, that's (slightly) better than I feared :)
<geard> at some point the old admins went on a real vm sprawl bender
<sarnold> heh, which is better? 1000 unmonitored VMs, each with one purpose? or ten big VMs that each do a hundred things? :)
<geard> sarnold: depends on the medications you injest i suppose
<sarnold> heheh
<sarnold> nmaps to gather rough ideas of what's listening; dpkg -l | grep '^ii' to see what's installed..
<sarnold> (that'll be drinking from a firehose, since of course everything has glibc and vim and so on..)
<geard> I wrote some scripts that grab configurations i know about, rabbitmq, apache, nginx things of that nature but its those one off things that no one knows about that i'm worried about
<geard> sarnold: yeah, i guess i could start off with a single system filter out the things i know i don't care about.
<geard> thanks for a good starting point. out of curiousity what does the '^ii' do?
<sarnold> geard: dpkg -l can show packages that aren't quite installed, or were once installed but then removed, etc.. ii in the first column shows packages installed and configured and everything
<lordcirth> geard, '^' is the beginning of the line. so '^ii' matches any line that starts with 'ii'
<kinghat> i have 2x1 TB drives in a ZFS mirror(pool?). i just got another 1TB drive. i would like to incorporate it into the system somehow. do you guys have any suggestions? i currently have 0 backups of this mirror.
<geard> sarnold: thanks.
<geard> lordcirth: thank you for the explaination
<sarnold> kinghat: first, be sure to use zpool's -n command line option whatever you decide, to do a dry-run. I've seen more than a handful of people screw up and add a vdev with NO REDUNDANCY to their pools and immediately regret life.
<sarnold> kinghat: I'd make it a three-way mirror. that's pretty safe choice, will improve read speeds, and give you a chance to slightly stress the disk to make sure it's not a dud
<sarnold> kinghat: and if you ever get a fourth disk, it'd be easy to split the drive back off to make it into a pool with two vdevs of mirrors
<kinghat> so it would be a mirror on top of the 2x1 mirror? with half the mirror only being 1x1 TB?
<sarnold> kinghat: it'd be three drives with identical data
<sarnold> kinghat: one of my pools here is three vdevs with 3-way mirrors: http://paste.ubuntu.com/p/dV3DzK8NRq/
<kinghat> so the options are 3 way mirror, a backup of the mirror, and then making a 3 way pool of some sort?
<sarnold> I'm not sure what the "3 way pool of some sort" would be -- you could have three vdevs with no redundancy, but that's too scary for me ;)
<kinghat> i mean 3x1TB drives in some sort of combo where there is redundancy?
<sarnold> you could do a raidz1, but that means rebuilding the pool
<sdeziel> sarnold: don't you need to have mirrored logs to survive the lost of your NVME? or are log/zil devices not critical for consistency?
<lordcirth> kinghat, with 3 drives, your only options with redundancy are 'mirror' - all three drives are identical (1TB usable) or 'raidz' - 1 parity drive with 2TB usable
<sarnold> sdeziel: yeah, for this application I'm okay with that. I may even remove the slog at some point, since it's nearly unused
<sdeziel> sarnold: ah OK, I wasn't sure if you wanted to optimize for read speed mostly or reliability with that 3-way mirror ;)
<kinghat> is there a way to do the raidz setup but build it and keep the data somehow? build it on two drives and add the 3rd with the data or something?
<lordcirth> kinghat, iirc it
<lordcirth> *iirc it's possible to build a degraded raidz
<sarnold> sdeziel: at the moment, read speed; the intention was to have a full searachable archive unpacked.. not much need for safety there :)
<kinghat> degraded raidz?
<sarnold> sdeziel: .. but I also thought at some point it'd be nice to consolidate all my photos and 25 years of scattered hard drives into one place, and then it'd be nicely redundant for safety too
<sdeziel> sarnold: so is that single log device putting your array at risk?
<lordcirth> kinghat, you can create a 3-drive raidz using 2 drives and a fake 1GB file, then remove that file. Then you can copy data over and then re-add the 3rd drive. But you should know what you are doing and have backups!
<sarnold> sdeziel: not really. I'm fine with losing five seconds of writes if that nvme doesn't survive a powerless
<lordcirth> Oops, you actually need a 1TB sparse file. But still
<sdeziel> sarnold: ah nice, that's the thing I didn't know. I was (wrongly) assuming the ZIL was always a SPOF.. which makes no sense due to the CoW nature of ZFS
<sarnold> sdeziel: the slog is only ever read at zpool import time, if it's needed
<sarnold> sdeziel: that's low enough risk for me ;)
<sdeziel> sarnold: indeed, thanks for setting me straight on the slog/ZIL :)
<sarnold> sdeziel: and thanks for worrying about my data :D
<kinghat> hmm maybe I'll just toss it in as a 3way mirror for now. extra 2 TB of space would be cool for a raidz.
<sarnold> I'm vaguely thinking of turning my two pools into a single pool with a raidz3 vdev of nine spilling metal disks, and then two 2-way ssds as "special vdevs": https://zfsonlinux.org/manpages/0.8.0/man8/zpool.8.html#lbAK
<sarnold> then I'd go from ~8 tb of storage to ~18 tb of storage
<mason> That level of complexity feels fragily.
<mason> fragile*
<sarnold> "fragily" accurately describes it, yes
<mason> If it were me I'd still be frightened of the SSDs.
<sarnold> I'm hoping others will test out the special classes of vdevs
<sarnold> I *think* that machine has space for two more ssds..
<geard> how is the "62 packages can be updated.
<geard> generated?
<geard> sorryfor the double lines
<sarnold> geard: update-motd(5)
<geard> sarnold: thanks
#ubuntu-server 2019-06-20
<jamespage> mdeslaur: cosmic ceph packages also tested OK
<zetheroo> on several (but not all) of our Ubuntu Server 18.04 installs the hostname resolution seems to intermittently fail and only 'service systemd-resolved restart' will get it working again. Any ideas as to what can cause this kind of behavior?
<blackflow> zetheroo: can you give an example of how it fails, and what the systemd-resolve --status is  (did the upstream NS change?)
<blackflow> meanwhile... due to resolved's stupid design not to obey the list of NS entries given, and many other quirks, my recommendation is always to drop systemd-resolved, esp. on prod servers where DNS config is static and must be consistently reliable (ie. no roaming, changing networks, etc...)
<zetheroo> blackflow: when trying to ping a hostname you get this 'ping: hostname: Temporary failure in name resolution'
<blackflow> there's dnsmasq, unbound, bind, powerdns... pick your poison if you need a local caching, recursive resolver. If not, just statically configure /etc/resolv.conf (and mask out systemd-resolved)
<TJ-> zetheroo: yes, the reason is that when resolved has a list of DNS servers and one is unreachable it'll move onto, and remain using, another in the list. If you've got 'private' DNS as well as public that can then break the ability to resolve public names, for example
<TJ-> zetheroo: if you do have 'private' DNS (for LAN say) that should be set as on-link only so it isn't used globally
<zetheroo> This is the resolv.conf and netplan config from two systems where this happens: https://paste.ubuntu.com/p/mDjnJwQSxm/
<blackflow> zetheroo: ah you have .local . systemd-resolved won't work with those unless you have mDNS in your network
<zetheroo> blackflow: wdym? DNS does work ... 90% of the time ... it just goes dead after some random time ... or something is fritzing it out
<blackflow> systemd-resolved doesn't resolve .local names, and you have mt.local in search so I assumed you're querying for .local names?
<TJ-> zetheroo: what does "systemd-resolve --stauts" show?
<TJ-> The problem I see there is you've got both private and public DNS servers listed "addresses: [192.168.81.9, 1.1.1.1]"
<zetheroo> https://paste.ubuntu.com/p/j9NjmcPFQ3/
<TJ-> zetheroo: 1.1.1.1, if used, is NOT going to resolve .local addresses whereas 192.168.81.9 presumably will
<TJ-> zetheroo: so, if at some point resolved cannot get a response from 192.168.81.9 it'll switch to 1.1.1.1 at which point .local names won't be resolved
<TJ-> zetheroo: is that what is happeing? local names fail? or is it public names fail ?
<zetheroo> TJ-: ah, so if at any point the internal DNS (192.168.81.9) server doesn't work, resolve will use the next one (1.1.1.1) and from then on ignore the internal one?
<zetheroo> TJ-: honestly I didn't try to reach an external hostname ... only internal ones.
<zetheroo> blackflow: just doing 'ping hostname' resolves fine to 'hostname.mt.local'
<zetheroo> blackflow: 'ping hostname.mt.local' also works fine
<zetheroo> TJ-: systemd-resolve --status -> https://paste.ubuntu.com/p/j9NjmcPFQ3/
<TJ-> zetheroo: I think the problem here is you're trying to use netplan to do something it is unable to do; what you need, from what I can see, is a systemd-resolved 'global' DNS server 1.1.1.1 set in resolved.conf (DNS=1.1.1.1) and then only have the 198.168.81.9 in the netplan config
<zetheroo> I guess we are using netplan like we were using interfaces.conf
<blackflow> TJ-: wait, both are in the netplan config?
<TJ-> zetheroo: that should help but if the internal DNS server is unreachable for reasons that is what you ought to focus on because if that is dying then there'll be no mt.local resolution anyhow
<TJ-> zetheroo: DNS should be a highly available service with fast response times; unfortnately it's not given the repsect it deserves in many LANs
<TJ-> often bundled as a service with many others on some poor overloaded sytem :)
<zetheroo> TJ-: ok, but what actually causes resolve to switch to the secondary DNS? is it a timeout? if so ... what time limit?
<TJ-> zetheroo: connection timeout if I recall correctly
<TJ-> zetheroo: remember that DNS uses UDP in the main, and the U stands for Unreliable :)  UDP can be dropped by routers under pressure
<zetheroo> I'm just trying to get an idea of how critical the "drop" in DNS is for resolve - again we have dozens of Ubuntu systems, and this is only happening on 4.
<TJ-> zetheroo: I'd check/monitor their network links
<zetheroo> that's the thing ... 2 of the systems (the ones in the pastebin) are standalone hardware systems, and the other two are VMs on our virtualization, which are living with other Ubuntu VMs which don't do this ...
<blackflow> (UDP is primarily used, but TCP must be allowed for requests and responses larger than single packet size)
<zetheroo> but, OK, if we remove the external DNS address from the netplan config it should never ignore the internal DNS server entirely - right?
<zetheroo> I normally use 'apt autoremove' to free up space in general, and it also frees up space in /boot by removing old kernels, but is there another way to specifically clean up /boot?
<TJ-> zetheroo: clean up? or increase freespace?
<TJ-> zetheroo: you could make the initrd.img smaller, /etc/initramfs-tools/initramfs.conf MODULES=dep
<zetheroo> well it seems that even after the old kernels are removed there is still a bunch of files from those kernels in /boot
<zetheroo> https://paste.ubuntu.com/p/rMRxjb55vy/
<blackflow> zetheroo: you have to explicitly remove the 4.13 kernel (wth btw). autoremove only keeps current and current-1 version of currently (heh) running kernel
<mdeslaur> jamespage: ack, thanks. xenial next?
<supaman> I have an fstab entry to mount a smb share, when running mount -a I get that there is an error in options to the smb mount, here is the options, can someone see the error? credentials=/root/.smbcredentials,iocharset=utf8,sec=ntlm
<supaman> hmmm ... removing sec=ntlm fixes the problem
<supaman> setting sec=ntlmssp works
<kinghat> https://arstechnica.com/gadgets/2019/06/zfs-features-bugfixes-0-8-1/
<mybalzitch> too bad kernel devs are working overtime to neuter ZFS
<kinghat> why is that?
<sarnold> kinghat: the last paragraph here describes the mood well https://marc.info/?l=linux-kernel&m=154714516832389
<kinghat> so because of the GPL?
<tomreyn> because of the CDDL
<swills> i saw the author of that ars article give a pretty decent talk in zfs, part of which talked about how the GPL is unenforcable
<swills> all the stuff with the SFC vs SFLC etc
<lordcirth> While I understand that supporting CDDL is annoying, I find it odd that they don't get that ZFS is good and people want it, regardless of what Sun wanted.
<lordcirth> If they want to make btrfs raid5/6 stable, I'd be ok with that, but it's just not there.
<swills> i think they do get that, but they also get that they are between a rock and a hard place
<swills> and facebook is doing a lot of work on btrfs
<lordcirth> Btrfs is quite nice for root partitions (way easier than ZFS root on most distros, even Ubuntu) but I need raid5 in order to use it for a lot of use cases
<swills> zfs on root is automatic on FreeBSD, fwiw
<swills> but anyway, look at all the talk about btrfs in recent LWN coverage of LSFMM
<lordcirth> I'm aware, but that's not really an option for a lot of systems
<swills> so i dunno, i think ultimately what's going to happen is everone is going to be told "btrfs is good enough, use it, not ZFS" and "if you want to use ZFS, don't expect it to get easier"
<swills> but i could be wrong
<kinghat> you have to set the trim flag with zfs, when setting up an ext4 fs on an ssd is it automagic?
<tomreyn> there's an fstrim systemd timer
<lordcirth> kinghat, iirc Ubuntu does scheduled trim, not instant trim
<kinghat> is one better than the others?
<kinghat> other*
<lordcirth> scheduled is better, assuming you don't fill the entire drive with garbage before it can trigger
<lordcirth> In general, at least
<kinghat> oh wow, its weekly.
<tomreyn> the "discard" mount option can cause serious I/O problems with some SSD / NVMEs.
<tomreyn> https://wiki.debian.org/SSDOptimization#WARNING
<swills> fun fact, some drives are slow at trim, so turning it on can make you disk seem slower
<swills> perhaps schedule trim helps with that, i dunno
<kinghat> so does that only run for the OS ssd or any attached ssds?
<lordcirth> kinghat, well, it just runs "/sbin/fstrim -av"
<tomreyn> https://wiki.archlinux.org/index.php/Solid_state_drive#Periodic_TRIM  "The service executes fstrim(8) on all mounted filesystems on devices that support the discard operation. "
<lordcirth> And "man fstrim" says that "-a" is all supported mounted devices
<kinghat> ah. would arch be applicable to ubuntu?
<tomreyn> i think it's the same systemd service + timer
<tomreyn> systemctl list-timers fstrim.timer
<kinghat> ah
<tomreyn> hmm the timer seems to lack randomization, always runs at 00:00.
<tomreyn> if you want to review the timer + service: ls -l /lib/systemd/system/fstrim.*
<kinghat> time is just a social construct tomreyn.
<tomreyn> my point is you don't want all your servers to become I/O loaded at 00:00
<tomreyn> RandomizedDelaySec= should be used
<kinghat> agreed
<lordcirth> Note that if you want to change a timer/service, do not edit the one in /var. Copy it to the equivalent directory in /etc and edit that. The /etc one will override the one in /var when read, but will not interfere with the packaged file.
<tomreyn> bug 1833593 files
<ubottu> bug 1833593 in util-linux (Ubuntu) "fstrim.timer always triggers at 00:00, use RandomizedDelaySec" [Undecided,New] https://launchpad.net/bugs/1833593
<tomreyn> *fileD
<tomreyn> if some of you have access to I/O load logs across larger server farms, it'd be great to check (and comment) whether this has any noticable impact.
<lordcirth> Most of our servers have separate SSDs for root and data, so the root ones don't have much load. Maybe our DB servers?
<lordcirth> Er, I meant, SSDs for root and HDDs for data.
<lordcirth> It's Monday at local midnight? I will ask
<sdeziel> lordcirth: 'systemctl edit $foo' lets you create an override snippet, add '--full' to it and it will do a full unit copy for you to edit
<lordcirth> sdeziel, cool, didn't know that!
<sdeziel> a bit like upstart's .override files but better
<geard> exit
<mybalzitch> Can I go from 18.10 to 18.04.2?
<mybalzitch> I tried do-release-upgrade but it wants me to go to 19.xx
<sarnold> you really can't go backwards
<sarnold> individual packages might downgrade alright, once in a while, but the packages are packaged with the assumption that you only ever move forward along with the passage of time
<mybalzitch> ok, I was trying to get zfs 0.8.1 with Jonathon F's packages, but it seems he only supports LTS releases, so I don't have a "easy" way to get it installed. I will have to do dkms myself I think
<sarnold> oh dang. :/
<sarnold> you could probably just build his packages locally
<teward> wooooooooooow I feel like an imbecile today...
<teward> i totally forgot to save a switch config so I thought my Ubuntu gateway machine in this one lab env was broken
<teward> and ended up realizing after puttering with it for 2 hours that it was the switch
<teward> >.<
<teward> anyways... sarnold I'mma bother you again like I normally do :p
<sarnold> teward: sounds like a problem best solved with a sandwich. or pizza. with beer.
#ubuntu-server 2019-06-21
<jiffe> if I have a drive mounted which has ubuntu server installed on it, is there a way to see what packages were installed on it?
<sarnold> if there's enough of it there, the easy way is to chroot to it and then use dpkg -l
<jiffe> no there's not enough
<jiffe> dpkg: error while loading shared libraries: libpcre.so.3: cannot open shared object file: No such file or directory
<sarnold> dang
<sarnold> jiffe: I think all the data is in /var/lib/dpkg/status
<sarnold> Package: libasan0
<sarnold> Status: install ok installed
<sarnold> etc
<jiffe> gotcha
<sarnold> hm. maybe you could move your desktop's copy aside, drop that one in place, and try dpkg -l? :) see if that works out.
<jiffe> nah status file is good enough, thanks
<tomreyn> see also the files in /var/backups/
<jamespage> mdeslaur: the xenial ceph update regresssion tested ok as well
<jamespage> coreycb: ftr autopkgtest-pkg-python does not work with the oslo.* packages
<jamespage> it can't deal with the switch from oslo.X to oslo_X inside the package
<jamespage> I have submitted bugs with patches
<jamespage> mdeslaur: thanks for those ceph security updates btw
<blackflow> cephcurity updates! ;)
<jamespage> coreycb: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884181
<ubottu> Debian bug 884181 in autodep8 "autodep8: Fix autopkgtest-pkg-python module import test for python{3}-oslo.*" [Normal,Open]
<sahid> jamespage, coreycb, I have version bump for python-ddt and python-os-traits ready
<jamespage> sahid: lp:~ubuntu-server-dev/ubuntu/+source/python-falcon
<sahid> oh sorry i was sure have checked for python-falcon
<st4rf0x64> Good morning, I am looking for a simple way to bring a number of Ubuntu Servers into a Windows Active Directory for the sake of using accounts in said AD for verification with the Ubuntu Servers.
<odc> st4rf0x64: you are probably looking for this: https://help.ubuntu.com/lts/serverguide/sssd-ad.html
<mdeslaur> jamespage: awesome, thanks for testing them! :) I'll release them on tuesday (mon is a holiday for me)
<Walex> st4rf0x64: what "odc" says is probably the simplest method. If your requirements are straighforward.
<Walex> st4rf0x64: that that the AD needs to have the POSIX or UNIX account schemas merged in.
<Walex> st4rf0x64: for things like home directory path; there are several howtos.
<st4rf0x64> Well ideally we would like to use the same administration identification that we use elsewhere, on the ubuntu machines. currently we are doing it all through root.
<jamespage> mdeslaur: fair nuff - I've uploaded the 13.2.6 releases for cosmic and disco ready for when they roll out
<jamespage> sahid: no you where right - I just created that repo
<coreycb> jamespage: thanks for submitting those patches! that should clear up some of the failures in proposed.
<jamespage> coreycb: yeah but not anytime soon with the autodep8 stuff
<jamespage> coreycb: the problem is we've move from a in -tree import test that passes to the autodep8 one which is unhappy
<coreycb> jamespage: ok i can restore the old tests and add a note with link to the bug
<jamespage> so we're blocked - we might want to switch back to in-tree to unblock
<jamespage> coreycb: +1
<coreycb> jamespage: seems like an XS- field would be a reasonable general solution
<coreycb> jamespage: anyway i'll cycle through the oslo's right now and restore them and then look at proposed failures in my afternoon
<jamespage> coreycb: thankyou
<jamespage> cpaelzer: ok so what's the right way to set the vhost-user and vhost-perm with DPDK 18.11 via OVS?
<teward> rbasak: sarnold: do we want to consider going to NGINX Mainline for Eoan?  There's only been one 1.17.x release thus far.  Or do we want to stick with Stable branch?
<rbasak> teward: I don't know. What do you think? :)
<rbasak> teward: F will be an LTS, so will we definitely be on nginx stable again by then?
<teward> rbasak: that remains the 'dilemma'
<rbasak> :)
<teward> because they release **around the same time we do**
<teward> so unless we get a total release bump exception for LTS to jump from 1.16.x stable to 1.18.x stable post-release (which includes ALL the features)...
<rbasak> Do they do that deliberately?
<teward> rbasak: no, it's coincidental that their 'new stable branch' release cycle happens to land on/around our release time
<teward> been that way since ever
<teward> rbasak: in other news though, starting in Eoan, we won't have to worry about the 1CPU SystemD PIDFile race conditions
<teward> you can thank TJ- for that patch when they show up next
<teward> (i just uploaded that to Eoan)
<rbasak> Nice. Thanks!
<lopta> Can Ubuntu Server provide desktops to RDP terminals or would I need X terminals?
<lordcirth> lopta, you mean clients logging in to an Ubuntu server over RDP, and getting desktops?
<lopta> lordcirth: Hopefully. :-)
<lordcirth> lopta, "sudo apt install ubuntu-desktop xrdp; systemctl enable xrdp". Then give it a try. I don't know if you can have multiple users simultaneously, though.
<lopta> lordcirth: Thanks!  I will test that!
<kinghat> if you have a backup drive, do you keep it powered on all the time or do you power it up when you want to make the backup and then back off?
<sarnold> teward: let me guess, nginx's plans include releasing their next stable release about two weeks after we release ours?
<teward> sarnold: as they *typically* do every year
<teward> or same-week when we're in absolute final freeze
<lordcirth> kinghat, You should probably unplug it, and preferably store it a distance away
<kinghat> this is just another option for my 3x1TB setup i have now. figuring out what to do with my extra 1TB drive
<kinghat> unplugging/off site is not in the cards. something automated and attached to the same puter.
<ahasenack> rafaeldtinoco: that import commit you got, that is what you have to "split"
<rafaeldtinoco> yep, i did, missing changelog only
<rafaeldtinoco> now im doing last commit before --continue
<ahasenack> k
<rafaeldtinoco> i saw in git diff changelog is good to go
<rafaeldtinoco> i thought it would be ugly (Import....) but its not
<ahasenack> what do you mean?
<rafaeldtinoco> ahasenack: i thought the changelog would have import patches-unapplied version XXXX
<rafaeldtinoco> but saw that the changelog was actually good already (for the single commit I had to split)
<rafaeldtinoco> so I committed changelog as "changelog" and continued the rebase
<rafaeldtinoco> now im tagging split
<ahasenack> no, that was just the commit message
<ahasenack> yep
<lordcirth> kinghat, you could use systemd automounting to take care of cleaning up / spinning it down after
<kinghat> well i mean maybe thats not even worth it? which is what i was wondering? if using it to backup a mirror, would it be better to power up/down daily for a backup, if thats my frequency, or to just leave it on and perform a backup daily?
<lordcirth> kinghat, I don't think it's very important to make sure it spins down.
<kinghat> for some reason i thought that it might be worse for the drive to power it on/off than to just leave it running.
<rafaeldtinoco> ahasenack: should I drop all merge-changelogs, update-maintainer commits or just the last one ? (i got 2 from a previous ubuntu merge)
<rafaeldtinoco> (after the tag split phase)
<rafaeldtinoco> im doing the "logical" delta iirc
<ahasenack> rafaeldtinoco: logical must not have changelog/update-metadata commits
<rafaeldtinoco> cool i dropped it all
<rafaeldtinoco> it worked :o)
<ahasenack> the split phase must remain identical to what was there before
<ahasenack> in terms of git diff old/ubuntu
<rafaeldtinoco> it does a update-maintainer and reconstruct-changelog at the end
<ahasenack> merge finish does that, yes
<rafaeldtinoco> yep, its perfect i suppose
<rafaeldtinoco> nice, will verify and propose it again
<rafaeldtinoco> try to build, etc etc
<rafaeldtinoco> it was good to re-do, now with a split need
<rafaeldtinoco> i could understand better =)
<rafaeldtinoco> argh
<rafaeldtinoco> +Signed-off-by: Rafael David Tinoco <rafaeldtinoco@ubuntu.com>
<rafaeldtinoco> reconstruct-changelog brought by signed-off
<rafaeldtinoco> let me rebase this
<ahasenack> rafaeldtinoco: this is a great command to check merges
<ahasenack> git range-diff rafaeldtinoco/old/debian..rafaeldtinoco/logical/1%9.11.5.P4+dfsg-4ubuntu2  rafaeldtinoco/new/debian..rafaeldtinoco/eoan-bind9-merge
<ahasenack> that will show if there have been changes between old delta and new delta
<rafaeldtinoco> humm
<rafaeldtinoco> yep, ive used it before, but i have to get used to the tag names and meaning
<rafaeldtinoco> having "ubuntu" was a wrapper makes git to have some "black holes" in what we're doing, so i have to recap from time to time
<ahasenack> old/debian..logical is the old delta (logical, no changelog)
<ahasenack> new/debian..HEAD is what you are proposing on top of the new debian package, aka, the new delta
<ahasenack> but this one has changelog in the last few commits
<rafaeldtinoco> yep got it
<rafaeldtinoco> ahasenack: so it says basically the difference is the metadata itself
<rafaeldtinoco> merge-changelogs, reconstruct-changelog, update-maintainer
#ubuntu-server 2019-06-22
<peepsalot> hi, i just set up a compute with ubuntu-server, and I'm wondering why this snapd process has 27 threads?
<bipul> I am getting this message https://paste.ubuntu.com/p/ZyBngJ2xS5/  , I have checked inside .bashrc and  .profile as well /etc/environment . Everything looks good.
<bipul> Ok Fixed !
#ubuntu-server 2019-06-23
<lordievader> Good morning
<foo> Does this look acceptable? I had a postgres server randomly restart in production: https://paste.ofcode.org/pTsNXxfXPBuCFZ3fTiLmQr
<blackflow> foo: there's /var/log/postgresql/...   log, what does that say for those time frames?
<foo> blackflow: I have nothing there in postgresql-10-main.log. hmm
<blackflow> foo: checked the rotated logs?
<blackflow> Jun 21st was two-ish days ago, the logs rotate daily
<blackflow> foo: however.... "Starting Daily apt upgrade and clean activities" ... do you have unattended upgrades or something? did the package upgrade? that would restart the service.
<foo> blackflow: yes, I did - I checked both /var/log/postgresql/postgresql-10-main.log and /var/log/postgresql/postgresql-10-main.log.1 ... .1 starts at 2019-06-16 13:01:33. I would expect to see something there too.
<foo> Not that I know of. And I don't think I have any automatic apt updates or anything in place
<foo> This is the first time I've seen this behavior in 6 months
<blackflow> foo: check /var/log/apt/history.log for that time frame
<foo> blackflow: thank you, didn't realize apt kept a log. Great. https://paste.ofcode.org/XPJPcfdPTYi94CAnsv9j2i
<foo> blackflow: Upgrade: postgresql-10:amd64 (10.8-0ubuntu0.18.04.1, 10.9-0ubuntu0.18.04.1)
<foo> blackflow: I wonder if that's a needed security update? This is on digital ocean. I didn't realize this was happening but maybe it's a critical postgres security issue or such
<foo> ... if it's even DO.
<blackflow> I don't do unattended upgrades for this very reason. Always review and test updates manually.
<blackflow> restarting postgres DB is a bad thing. many apps don't re-connect and hang in broken state with no DB connection, so restarting postgres needs to be done carefully and in concert with those apps. I so much hate .deb world and its idiotic maintainer scripts that restart services willy nilly
<foo> blackflow: ... agreed. I've never had this happen before... in about 10 years. We migrated to 18.04 early this year. I wonder if this was a new thing?
<blackflow> it's not, maybe you just didn't pay attention
<blackflow> or actually.. I think unattended upgrades are now default on -server? dunno. I install from debootstrap, because the default image is chock full of bloatware like snapd, cloud-init, netplan....
<blackflow> (now = as of Bionic; but I'm not sure, I never install it, and debootstrapped ubuntu-minimal doesn't either)
<foo> blackflow: aha, thank you. Ok.
<foo> blackflow: I'm going to be moving postgres to digital ocean's managed database service soon anyway. But this is still good to be mindful of. I'll likely disable.
<foo> ... although posgres is the most critical thing
<blackflow> foo: this managed db, is it postgresql?
<foo> blackflow: yes
<foo> blackflow: similar to amazon rds
<blackflow> but is it actually postgres, or some in-house concoction like amazon's?
<foo> blackflow: postgres. Ain't nobody got time for amazon's concotions! (And I'm actually on digital ocean, using something similar to rds, with postgres)
<blackflow> I see.
<foo> blackflow: Do you have opinions on such systems?
<blackflow> I do. I don't trust them and prefer my own installations. In fac, since january 2018, we no longer touch public clouds with a ten feet pole.
<foo> blackflow: good to know. I've been doing my own installations for over 20 years. I thought I'd give it a try... alternative option is to spin up another digital ocean instance and devote it to postgres.
<blackflow> I don't know how anyone can use public clouds in the post-meltdown-spectre era :)
<blackflow> they were problematic even before (eg. rowhammer attacks at cheap VPS providers that never used ECC, there's an PoC in one of CCC conferences from few years go)
<blackflow> *ago
<foo> blackflow: thank you!
<foo> I like the idea of not thinking about the database performance or optimizing and thought I'd give it a shot... but I could re-evaluate
<blackflow> you know what they say. If you want something done right.... do it youself :)
<foo> haha
<foo> true.
