#ubuntu-server 2006-09-18
<dura> .
<dura> any life in here?
<dura> I have to build magickwand from scratch against PHP5 (which is installed) and I'm wondering if I do apt-get source for the PHP5 src...
<infinity> To build an extension against php5, you want php5-dev installd.
<infinity> Then you can use phpize and all that jazz.
<infinity> You should be able to untar magickwand, run "phpize", then ./configure --with-magickwand=/usr
<dura> okay cool
<dura> still learning lamp
<dura> will there be a .deb for it soon by any chance?
<infinity> No idea, never heard of it until just now.
<dura> it's imagemagick for php5
<infinity> Yeah, I see that.
<infinity> Obviously, I read far enough to tell you how to use it. :)
<dura> i could ahve sworn I saw something in apt last night regarding imagemagick and php5 but... it's not there now lol
<dura> lol sorry
<infinity> There's php5-imagick, but I think it's from a different codebase.
<dura> i'm learning 2 CMS's, maintain 4 servers including 2 lamps' learning css, php, and python, and i'm also a father and a consultant
<dura> yeah when I try to apt it it tells me it's missing or another packages refers to it
<infinity> It's in universe, do you have universe enabled
<infinity> ?
<infinity> It certainly works here.
<dura> hmm let me check I thought I did
<dura>  deb http://us.archive.ubuntu.com/ubuntu/ dapper universe
<dura> Package php5-imagick is not available, but is referred to by another package.
<dura> This may mean that the package is missing, has been obsoleted, or
<dura> is only available from another source
<infinity> Ahh, it's only in edgy.  My bad.
<dura> what's edgy?
<dura> unstable?
<infinity> Yeah, it's the release we're working on, due out in October.
<dura> nice
<dura> how unstable is it?
<dura> i've been thinking about trying to build a .deb for things like joomla, bitweaver and the like that would include all their requirements
<Netslayer> do the regular desktop cd images contain a "server" installation mode at the prompt?
<Netslayer> or do i have to download the actual server image
<fabbione> Netslayer: yes they do, but on CD there are no server packages or server kernel
<fabbione> you will have to install the rest from archive.ubuntu.com
<Netslayer> is that all automatic off the internet when i start the installation?
<Netslayer> is there any other diff in a server vs desktop installation than just a GUI (kde/gnome)? for example default settings in confs, etc.. ?
<dura> from what I see using both side by side, daily, server is more akin to Debian
<Netslayer> so it is slightly different?
<dura> stability and security is more important then latest and greatest
<dura> in some aspects yes
<dura> but it's still easy...
<dura> imo
<Netslayer> does amd64 bit ubuntu installs really restrict package availability? i'm coming from gentoo 64 so i'm a newb at it
<dura> excellent documentaion, support, packag selection, etc.
<dura> heh
<dura> I'm on gentoo-amd64 right now
<fabbione> Netslayer: it depends.. if you do a netinstall it's all automatic, but if you install from the desktop CD, no, you will need to install the other stuff manually
<dura> it's like every thing else
<dura> gentoo has things ubuntu doesn't, and ubuntu has things gentoo doesn't
<fabbione> Netslayer: no there is no limitation. same packages are available for amd64 and i386 (modulo some restricted crap=
<Netslayer> fabbione, auh cool
<Netslayer> dura, i hope i dont find that out to be a problem
<fabbione> for server they are exactly the same
<dura> Netslayer: I haven't yet
<Netslayer> fabbione, what's a net install?
<dura> and I have isp-style postfix, two LAMP servers one using php4, the other 5
<fabbione> Netslayer: installing from the network
<dura> Netslayer:  like a Gentoo install
<dura> only not as long
<dura> lol
<dura> it's like a Gentoo install with the base packages on cd and ready to install
<Netslayer> is that a diff installer image i dl?
<dura> no
<Netslayer> i actually need to do a full LAMP install but i'm thinkin of doing a desktop install since i may have use for a gui on it
<dura> It has a LAMP install option on boot
<dura> you can also make use of X11 over ssh with x11-common
<Netslayer> oh cool i'll have to check the boot flags then
<dura> if you *need* a gui
<dura> it boots to a frame buffer with the option right there
<dura> down arrow, enter, off you go
<Netslayer> well i may be using it as a mythfrontend, not sure yet so dont want to kill that possibility if i install server
<dura> ahh yeah...
<dura> i've used ubuntu for a server and it's fine imo
<dura> just uses a bit more space/resources
<Netslayer> dura, you talking ubuntu server or ubuntu desktop?
<dura> desktop
<dura> i've used it as a server
<Netslayer> ya i may end up doing that, plus is i have a pressed cd right here :-P
<dura> hehe
<dura> I spent 14 hours on a hardened gentoo + selinux lamp install... 
<dura> got ready to load my site...
<dura> hard drive died
<Netslayer> dura, dude ouch O_o
<dura> yeah... i wasn't very... happy...
<AviaX> hi
<AviaX> ich habe mit dpkg bldsinn gemacht, knnte mir eventl jemand helfen?
<AviaX> ah sorry, better in english here i think
<AviaX> anybody available?
<TrioTorus> dries@adam:/Users$ sudo /etc/init.d/autofs stop
<TrioTorus> Password:
<TrioTorus> Stopping automounter:
<TrioTorus>   Couldn't stop automount for /net done.
<TrioTorus> Anybody got an idea why this occurs?
<TrioTorus> Is there another process that needs stopping first?
<lionelp> TrioTorus: some process may lock this directory
<lionelp> check with a lsof
<TrioTorus> dries@adam:/Users$ lsof /net
<TrioTorus> lsof: WARNING: can't stat() nfs file system /net/god/Volumes/G-RAID/production
<TrioTorus>       Output information may be incomplete.
<lionelp> try to unmount /net/god/Volumes... manually
<TrioTorus> ha, okay, that worked
<TrioTorus> nice, thank you.
<AviaX> hi anybody can help me, i killed my system, by removing a package with dpkg force-depends
<lionelp> I do not think this a server related problem
<lionelp> #ubuntu is a better place for that
<AviaX> ah ok yes, thx
<AviaX> hi
<AviaX> after a system crash, i reinstalled the server
<AviaX> after installation, my computer cant boot
<AviaX> failure finding boot device
<AviaX> i have one hd
<AviaX> i tried booting in rescue mode reinstalltin grub with grub-install /dev/hda
<AviaX> but it doesnt help
<AviaX> any idea?
<AviaX> i used ubunutu-server cd 6.06
<dura> does the BIOS still see the hard drive?
<AviaX> yes
<AviaX> im online with knoppix at the moment, there the hd is accesable fine
<AviaX> i also tried fixing it by chrooting from knoppix into my system
<dura> hmmm
<dura> when you reinstalled did you wipe the drive and re-partition?
<AviaX> on the drive there are following partitions: hda1 for system, hda3 for data and hda5 for swap file (which is in an eytended partition
<AviaX> no, first i tried to install into existing system, after that i formated hda1, cause i thaught maybe that was the failure
<AviaX> but i didnt changed the partitions
<AviaX> so with the partitiontable should be everthing fine
<AviaX> any idea?
<dura> maybe the partitions tables are messed up...
<dura> heh
#ubuntu-server 2006-09-19
<AviaX> hi
<AviaX> dura did we talk about bootproblems this day?
<dura> hmm yeah
<dura> someone was in saying they had trouble
<AviaX> ah cool
<AviaX> yeah the solution was, i had changed the ide-cable
<AviaX> it was an older one
<AviaX> and obviuosly, the harddisk workfine with installation and mounting under knoppix, but BIOS couldnt boot from it
<dura> yeah makes sense
<nictuku> would I be unfair if I complained about these crazy release cycles?
<dura> wtf
<dura> another new kernel-image?
<dura> dare I ask why? hehe
<infinity> Security?  You can read the changelog.
<dura> just found it strange for two images on one day is all
<dura> no offence...
<infinity> Erm.. Two in one day?
<infinity> 2006-09-15 00:17:04 EST  Superseded  dapper   Security  main  devel  2.6.15-26.47
<infinity> 2006-09-19 01:03:26 EST  Published  dapper   Security  main  devel  2.6.15-27.48
<infinity> Looks like 4 days to me. :)
<dura> i update 3 times/day
<dura> I got both images within 4 hours today
<infinity> Odd.
<dura> .25 and then .27
<dura> oh well... 
<dura> everything is rebooted and happy again :)
<cf12345> does some know how to monitor hp proliant server with ubuntu? for red hat, suse and ms there are hp-insight-manager-tools available. 
#ubuntu-server 2006-09-20
<thefish> anyone know how to do either mass "push" updates, or automatic updates to (k)ubuntu workstations?
<thefish> im thinking of setting up apt-proxy on a server, just dont know how to get em down to the boxen
<thefish> anyone got installer for windows services for unix 3.5? f****ing removed from the ms site!
<J_P> hi all
<unimatrix9> hello there
<unimatrix9> i have setup an ubuntu LAMP server...
<unimatrix9> but am new to this...
<unimatrix9> now if i setup xoops, it fails to connect to the database...?
<unimatrix9> whats the default name of the ubuntu data base?
<unimatrix9> any one around?
#ubuntu-server 2006-09-21
<nixternal> quick question. i am doing release notes for Edgy docs and just want to know one thing, besides the kernel updates, has there been anything significant with the server updates between dapper and edgy?
<infinity> Nothing particularly big, no.
<nixternal> i didn't think so this time around...just some kernel tweaks is all i have found..LAMP seems to be the same
<RedRose> How Do I get mouse support in the terminal? I installed server linux but it won't let me use the mouse to slecte text
<RedRose> the people at #ubuntu told me to come here
<infinity> This isn't a support channel, but the package you're looking for is probably "gpm".
<RedRose> that's all I needed. that you very much
<oliver_savage> I just installed AIDE for intrusion detection, like Tripwire. It had Postfix as a dependency. Is it possible to uninstall Postfix without removing AIDE?
<infinity> Only if you install some other MTA in its place.
<infinity> You may wantto try nullmailer or ssmtp, if you don't really need a full-featured MTA.
<oliver_savage> Thanks, yes I just need to have this machine mail messages, reports, and form mail as it is a webserver. Then I will have a dedicated Postfix. So I install the other MTA then remove Postfix?
<infinity> Installing any other MTA will remove postfix.
<infinity> "apt-get --purge install exim4" for instance, would install exim4 and purge postfix.
<infinity> Since all MTAs conflict with each other.
<oliver_savage> Thank you very much.
* Starting logfile irclogs/ubuntu-server.log
<J_P> hi all
#ubuntu-server 2006-09-22
<knixtech> hello all
<knixtech> what can i use in the server to see what i am downloading?
<knixtech> oops, srry
<J_P> hi all
<thefish> anyone here managed to get otrs (from apt universe) working on 606?
#ubuntu-server 2006-09-23
<seer> can anyone here help with a raid issue?  my /dev/md0 does not exist
<seer> i am trying to setup a software raid after install
<seer> anyone with any experiance with raid?
<Unimatrix9> would it be wiser to activate universe by default?
<Unimatrix9> this way you get acces to phpmyadmin, of thats your cup of thea...
<Unimatrix9> and , maybe there is an way around the issue of sudo 
<Unimatrix9> the first thing you do is sudo passwd and change it
<Unimatrix9> but if there was an option during install for the sudo passwd, would that not be nice?
<Unimatrix9> for the rest, nice product...
<larryone> hi
<larryone> how do I set up coinsole access to my server
<larryone> ?
<larryone> it has a graphics card, and so switches away from the console
<larryone> but I want to be able to do maintainance and switch off networking
<larryone> is ther any way to tell it to use the console?
<Overand> do you mean serial console or do you mean text-mode TTY?
<larryone> serial
<shambala> buenas
<shambala> alguien de mexico df?
<_xs> hi
<_xs> i have 670764KB of cached memory and i want to free it, can i ?
<_xs> ops sorry, ive read the topic now :P
<dura> anyone here have any input on what goes on ubuntu.com ?
<dura> I see lot's of confusion regarding the install/livecd
<Xoritor> does anyone know of any apic issues with SMP k8 kernels?
<Xoritor> i am for no apparent reason getting kernel panics now
<Xoritor> im trying to figure out if its my hardware
<Xoritor> it ran for months with no issues at all
<Xoritor> no changes to the system and its just dying
<Xoritor> i have now managed to get it to upgrade to the newest 2.6.xx-xx kernel (badger) but it still panics
<Xoritor> but it started a few days ago when nothing was really going on with it... it just died
<Xoritor> no updates to speak of
<Xoritor> no reboots for months
<Xoritor> im wonderining if its not hardware
#ubuntu-server 2006-09-24
<npowell> I have been having trouble installing Java Sun 1.5 on Ubuntu 6.06 server.
<npowell> Does anyone know anything about this process?
<npowell> Thanks!
<npowell> Oh. I guess this is a support question.
<npowell> Let me go to #ubuntu
<Denstark> Hi there
<Denstark> I have a question... I've set up an apache server, it works, except i can't get to it only from the local computer, no one else
<edgy> Hi, my server gives lots of 1 Time(s): [84974.240821]  drivers/usb/input/hid-core.c: control queue full, what's wrong please?
#ubuntu-server 2007-09-18
* Starting logfile irclogs/ubuntu-server.log
<kraut> moin
<luk3> hi could anyone help me with a network card isue in server?
<luk3> i have an acer machine and it will not detect my onboard network card
<luk3> anyone got any ideas?
<luk3> anyone there?
<luk3> could someone please help me with a ntwork card issue ?
<soren> Which nic is it?
<luk3> it is an onboard card built into my mb
<luk3> it is an acer machine
<luk3> asm1600
<luk3> any ideas?
<soren> What's the problem?
<luk3> it does not detect my card
<soren> What makes you say that?
<luk3> when i type ifconfig i am just presented with the loopback info
<luk3> and when i installed the os it said it could not find any network interfaces
<soren> Type "ifconfig -a"
<luk3> just comes up with loopback info
<soren> Alright. Throw the output of lspci onto pastebin
<soren> !pastebin
<ubotu> pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)
<luk3> i cant because its not on the net
<soren> Ah, right :)
<soren> Well, give me the PCI id of the nic, then.
<soren> Also, which version of Ubuntu is this?
<luk3> its ubuntu server feisty
<luk3> how do i get the pci id?
<soren> lspci
<luk3> ok done that what will it look like?
<soren> identify the nic, "lspci -n" will show you the ID's.
<soren> It will say "blahblahblah network blahblahbah"
<luk3> 00:04.0 ethernet controller : silicon integrated system [sis]  191 gigabit ethernet adater (rev 02)
<soren> Alright. And "lspci -n | grep 00:04.0" ?
<luk3> 00:040 0200: 1039:0191 (rev 02)
<luk3> any ideas?
<soren> I'll just fire up my feisty box. Hang on.
<luk3> thanks
<luk3> im assuming that ubuntu hasnt gt the apropriate drivers for this ?
<soren> That's why I'm checking my Feisty box.
<soren> Gutsy has them.
<soren> Feisty might not have.
<luk3> 1039:0191 is the controller id right?
<luk3> you you should be able to get a driver for that ?
<luk3> i have never come across this before i have set up lods of boxes
<luk3> :s
<soren> It's the vendor and device id of the network interface card.
<luk3> http://listing.driveragent.com/pci/1039/0191/10390191?r=02
<luk3> so thats the right indows driver?
<soren> Feisty has the driver too.
<soren> Try: sudo modprobe sis190
<soren> and see what dmesg says
<soren> luk3: I have no idea what that is.
<luk3> no message
<soren> Then it was probably already loaded.
<soren> Remove it and load it again.
<luk3> what ?
<soren> Or dig through dmesg and see what it says.
<soren> The driver
<soren> sis190
<soren> remove it and insert it again.
<luk3> how?
<soren> rmmod sis190
<luk3> ok done
<luk3> now restart the server?
<soren> No.
<soren> Just reload the driver
<soren> modprobe sis190
<luk3> ok
<luk3> still not there
<soren> whre?
<luk3> ifconfig
<soren> no... We haven't changed anything.
<soren> Look in dmesg
<luk3> ye sis190 gig....... loaded
<soren> Nothing else?
<luk3> well it has all the other things but thats the ref to the network device
<luk3> gigabit ethernet driver 1.2
<soren> And still nothing in "ifconfig -a" ?
<luk3> no
<soren> There's not much I can do from here, then.
<soren> I'd recommend you shove in a cheap-o NIC from your local hardware dealer instead.
<luk3> only thing i can do is put another nic in i guess
<Kamping_Kaiser> is it possable to get the tasks lists used to create the ubuntu cds?
<m12> hello
<Kamping_Kaiser> hi
<m12> hi kamping_kaiser
<Kamping_Kaiser> :)
<m12> :)
<Kamping_Kaiser> how are you?
<m12> i got today two HDD's about same size 20.0GB and 20.5GB
<m12> i would like to setup raid on it
<m12> but never done that
<m12> any tips ?
<soren> Kamping_Kaiser: What particularly are you looking for?
<Kamping_Kaiser> soren, i'm trying to use debian-cd, and i thought if i had the tasks it might be easier
<soren> Kamping_Kaiser: That did not really answer my question :)
<Kamping_Kaiser> soren, oh :|
<soren> Kamping_Kaiser: Ok.. What are you trying to do?
<Kamping_Kaiser> soren, create an install cd that works the same as an ubuntu 'alternate' cd from scratch
<soren> Kamping_Kaiser: Ok... So what exactly are you looking for? The list of packages on the server cd?
<Kamping_Kaiser> soren, yes the package list, but for the desktop cd
<soren> Ah, sorry, I mean "alternate".
<soren> Look at the manifest on the cd?
<Kamping_Kaiser> i'll grab an image later and have a look. thanks.
<TeTeT> jdstrand: is there a graphical interface for auth-client-config?
<jdstrand> TeTeT: no
<jdstrand> TeTeT: I just put up https://wiki.ubuntu.com/AuthClientConfig
<jdstrand> TeTeT: its not a 'configurer', but rather a 'configuration manager'
<jdstrand> TeTeT: if that makes any sense... :)
<TeTeT> jdstrand: makes perfect sense, IMO authconfig from Red Hat follows a similar approach
<jdstrand> TeTeT: it is really a low-level tool that other tools like debconf or authtool can use
<TeTeT> jdstrand: anything planned for Hardy?
<jdstrand> TeTeT: it is in gutsy universe and slated to go into main soon.  ldap-auth-client will use it for configuring ldap authentication.  After that, I imagine a kerberos-auth-client that will use it, and possibly integration with libpam-runtime and base-files, if the community wants that
<TeTeT> ok
<TeTeT> jdstrand: would you mind update me when a new configuration tool utilizes auth-client-config? The current list contains ldap-auth-client.
<jdstrand> TeTeT: np
<TeTeT> jdstrand: thanks for the extremly fast feedback
<jdstrand> TeTeT: :)
<spiekey> hi
<spiekey> how can in install ubuntu server lts with a i386 kernel?
<spiekey> it gets stuck at "configuring evms" when in install in within vmware
<soren> spiekey: which version of Ubuntu is that?
<Burgundavia> hey soren
<soren> Hey, Corey! What's up? Long time!
<Burgundavia> just back from vacation
<zul> how was south africa?
<soren> Burgundavia: Cool.
<Burgundavia> very good
<Burgundavia> saw all my relatives I haden't seen in a while, saw the local wildlife, etc.
<Burgundavia> marvelled at the terrible bandwidth
<zul> heh could be worse
<Burgundavia> the Uni of Stellenbosch, one of the larger and more techincal unis in SA pays 500,000 R/yr for 20 mbit
<zul> Burgundavia: pretty normal for southern africa
<Burgundavia> yep, sadly
<Burgundavia> are there relatively recent x86 isos floating around?
<Burgundavia> desktop ones, I meant
<Nafallo> Burgundavia: tribe-5?
<soren> I have no clue how much 500,000 Rand is in pounds or dollars or anything else I can relate to?
<Burgundavia> about 75,000 USD
<Nafallo> soren: google probably knows ;-)
<soren> O.O
<soren> Wow.
<soren> I can get that for 400 pounds a year.
<soren> Roughly.
<ScottK> soren: Where are you?
<Burgundavia> we are a little more
<soren> ScottK: My basement :p
* Nafallo gets 1Gbps for free
<ScottK> Heh.
<soren> ScottK: ...which is in Denmark.
<ScottK> OK.
<soren> Nafallo: Hm?
<Nafallo> soren: mhm?
<Nafallo> soren: work benefit ;-)
* ScottK just though pounds was an odd choice for a currency for .dk.
<zul> isnt it kroner?
<soren> ScottK: It is, but DKK wouldn't mean a lot to you people, I suppose?
<soren> zul: Yes.
<soren> Nafallo: Cool.
<ScottK> Right, but I'd have guessed you'd generalize in Euro (I thought .dk was in the Euro zone)?
<Nafallo> ScottK: not all counties in EU use EUR...
<soren> ScottK: Nah, we didn't like the Euro.
<Nafallo> countries even
<ScottK> OK.
* ScottK loses track.
<Nafallo> sometimes I wonder if any countries do :-P
<nealmcb> where can I get Ubuntu's JeOS?  Re: http://www.ubuntu.com/news/ubuntu-jeos and http://www.vnunet.com/vnunet/news/2198483/ubuntu-expands-virtual
<nealmcb> though it seems that there would be many JeOS's, one per application.  But the core, or one targeted at django or apache or something, is what I'm looking for.
<ScottK> Anyone here who uses clamav-milter on Feisty?  We have a security patch we'd like to test.
<mralphabet> any suggestions about how to decompile a .dll file?
<wasabi> mralphabet: This seems a strange place to ask that.
<mralphabet> wasabi: true
<theacolyte> What does this mean? And how can I fix it? Seems like one of those really dumb errors
<theacolyte> http://pastebin.ca/702389
<theacolyte> why won't it replace the deleted config file
<theacolyte> i'm in some kind of retarded dbconfig loop
<wasabi> Because dpkg doesn't do that.
<theacolyte> Ok, so how can I fix this?
<wasabi> Deleting a config file is a change that should be preserved.
<wasabi> Just like altering a config file.
<wasabi> Pass --force-confmiss to dpkg.
<theacolyte> I'm not sure what dpkg that's an option for, it doesn't seem to work for dpkg-reconfigure
<wasabi> dpkg itself.
<wasabi> It's described in the man page.
<theacolyte> ok well maybe I'm missing something here
<theacolyte> If I do a dpkg --force-confmiss packagename, it says it needs an action
<wasabi> uh huh. -i
<wasabi> Something to install.
<theacolyte> if I do a dpkg packagename --force-confmiss, it says I need an action
<wasabi> You aren't trying to tell dpkg to fix your config file. You're trying to tell it to reinstall a given .deb file, replacing missing config files.
<theacolyte> ahhhhhhhhhhhhhhhhhh
<wasabi> I have no idea what dbconfig is, though.
<theacolyte> Replacing config file /etc/cacti/debian.php with new version
<theacolyte> Not replacing deleted config file /etc/cacti/apache.conf
<theacolyte> awesome.
<theacolyte> at this point I could have just reinstalled ubuntu-server faster
<theacolyte> I foolishly assumed that mysql would use a root password from the get-go =/
<theacolyte> yup
<theacolyte> just gonna reload it
<theacolyte> this is silly
<nealmcb> theacolyte: I recall a mysql bug report and much discussion about the difficulties of dealing securely and clearly with root pws....
<nealmcb> IIRC upstream was going to make some changes
<SuperLag> nealmcb: you get an answer to your JeOS question? or have you found it on your own, yet?
<theacolyte> nealmcb: ahh interesting
<theacolyte> Actually I did get it to work once I walked away. Did an apt-get remove cacti, dpkg --purge cacti, reinstalled using apt-get, and configured the db manually
<m12> hello
#ubuntu-server 2007-09-19
<nealmcb> SuperLag: nope, haven't found JeOS
<nealmcb> it sounds like JeOS would be great for ec2.  I've been impressed at how quickly the django gentoo image (I think ami-29947140) starts up.
<m12> nealmcb, do you know where one can donwload JeOS ?
<EvaLuaTe> hello
<EvaLuaTe> i've read on the net that there should be a 'mail' command on linux to send e-mails with it, but it seems it doesn't install by default with ubuntu server, is there any apt-get package i could install so i can run that command ?
<leonel> EvaLuaTe: install  mailx
<m12> where can i download JeOS ?
<EvaLuaTe> is there any example on how to send a mail with the 'mail' command ? because i can't seem to do it right
<EvaLuaTe> and finding something usefull by google-ing for 'mail' is even harder, lol :)
<ajmitch> EvaLuaTe: mailx
<EvaLuaTe> yeah, i already installed it, but i would like to test if it works by sending myself an e-mail, to my yahoo account
<EvaLuaTe> it doesn't seem to work though
<EvaLuaTe> maybe i'm not doing it right ...
<ajmitch> you have an MTA installed?
<EvaLuaTe> if it installes by default with ubuntu server, yes, if not, how could i install one ? :)
<ajmitch> sudo apt-get install postfix
<EvaLuaTe> it was already installed
<ajmitch> then you may need to check its configuration :)
<EvaLuaTe> although, i have read in the introduction of mailx that i would have to run dpkg-reconfigure Postfix, I did, but it didn't return anything
* ajmitch hasn't used postfix for several years, so can't help with anything specific to it
* EvaLuaTe is google-ing for 'configure postfix'
<kgoetz> is there no libapache-mod-ldap for apache2? or is this builtin somehow
<h4wk0> mic.com
<Janet32766> can anyone tell me why my static IP addr keeps changing (feisty)? /etc/network/interfaces lists interface as static
<soren> Could you throw your entire /etc/network/interfaces onto pastebin?
<soren> !pastebin
<ubotu> pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)
<Janet32766> i would, but i now can't ssh in to the box that has the issue, from memory, /etc/network/interfaces is iface eth0 inet static
<Janet32766> and works fine for several hours after an ifdown/ifup
<Janet32766> but then changes to an IP that looks like a DHCP assigned addr
<Janet32766> first started happening when i was running iptraf (monitor) as root, i wonder if some odd promiscus mode issue
<Janet32766> my static IP keeps changing from .20 to .104, which then wont let me log in :(
* `6og lols
<Janet32766> i think network-manager is playing games
* `6og would agree
<Janet32766> any ideas how to resolve?
<Janet32766> besides putting ifup/ifdown in cron every minute :))
<soren> Janet32766: Um..
<soren> Janet32766: Is this a server?
<Janet32766> y
<soren> Janet32766: ...and you have network-manager installed?
<Janet32766> i installed a fairly generic edubuntu server , didn't specifically install nm
<soren> Ah, edubuntu.
<soren> Um.. No, I don't think that involves nm.
<soren> Janet32766: Did you perhaps install it using dhcp and then later switch it to static?
<soren> ...and not reboot(!) it inbetween?
<soren> You see, ifupdown doesn't maintain much state in between invocations.
<Janet32766> could be, not, a reboot has occurred, but my eth1 interface changed to eth2 for no reason last boot
<soren> All it knows is "yes, i've configured this interface". If it's been brought up while configured as dhcp, ifup has started dhclient. If the config is changed to static and then ifdown is ran, it doesn't kill the dhclient, because it doesn't know that it started it (because it doesn't know that it was a dhcp interface when it was upped).
<soren> so chances are that theres a dhclient still around that might be refreshing its IP every now and again. An hours lease time on dhcp sounds sensible enough.
<Janet32766> kill dhclient?
<soren> Yup.
<soren> Well, pkill or killall, bt you get the idea.
<Janet32766> any idea why my eth1 boots as eth2 sometimes? that may have been the start of this issue, as eth1 was static, nut now it's not in /etc/network/interfaces, eth2 is
<soren> It's hard to say. Which version of Ubuntu?
<Janet32766> fei
<Janet32766> 704
<soren> Look in /etc/udev/rules.d/70-persistent-net.rules
<Janet32766> will check asap, thanks!
<soren> np
<ghatak> Hi, i installed apache2, but it wont start. when i do /etc/init.d/apache2 start. nothing happens and no errors in errorlog
<ghatak> what is wrong ?
<luk3> hi i have installed pptpd on ubuntu server i can access the server from outside with no connection problems however when i try to access a web server on the netwok it wont work even though i can ping the machine. any ideas?
<luk3> if anyone has any suggestions i would be very greatful
<luk3> its quite urgent as my company has no vpn :(
<luk3> anyone?
<luk3>  hi i have installed pptpd on ubuntu server i can access the server from outside with no connection problems however when i try to access a web server on the netwok it wont work even though i can ping the machine. any ideas?
<ScottK> luk3: Repeating your question when no one new has joined is unlikely to get you a better answer.  If I had any suggestions, I'd have given them to you the first time.
<luk3> sorry i actually posed it in the wrong window
<luk3> have you got any suggestions as to rooms i could try?
<ScottK> No, sorry.
<`6og> anyone familar with bind8 here atm?
<`6og> er, bind9
<`6og> i'm after some help.. think my serials are too long
<Nafallo> `6og: YYYYMMDDSS is the general format.
<`6og> cheers. i'm currently racing sleep to see if i can get bind working first or pass out ;)
<[DarkSun] > hello all
<n0e> hi, i'm having problems installing mysql...its the first time i'm having issues with mysql especially on ubuntu
<n0e> what logs do i have to check? can't find anything atm
<[DarkSun] > I have installed ubuntu server 7.04 on a Pentium-MMX 200MHz and doesn't boot
<[DarkSun] > just after showing "Loading..." it reboots
<[DarkSun] > what parameters should I try in grub?
<nealmcb> for comic relief in stressful times:      The Unix Sysadmin Song   sung to the tune of the   "I Am the Very Model of a Modern Major-General"   from  Gilbert and Sullivan -  http://www.harley.com/harley-quotes/unix-sysadmin.html
<nealmcb> gotta' love a song that rhymes sysadmin with slash usr bin
<kraut> moin
<dantalizing> moin
<zul> anyone seen this problem before under fiesty " start-stop-daemon: nss_ldap: could not connect to any LDAP server as (null
<zul> ) - Can't contact LDAP server"
<soren> I've put the proposed new tasks at: http://people.ubuntu.com/~soren/new-tasks/
<soren> Unless anyone objects wildly soon, I'll get them rolled into the seeds.
<ajmitch> hi soren
<soren> ajmitch: Hi, Andrew.
<ajmitch> able to test samba?
<soren> I'm apt-geting it right now. :)
<ajmitch> thanks :)
<mathiaz> ajmitch: hi
<mathiaz> ajmitch: did you have a look into the samba bug I mentionned yesterday ?
<soren> ajmitch: It seems to work like a charm.
<soren> ajmitch: I'd be happy to give my thumbs up on a UVFe if you file one?
<soren> Why is our default Samba workgroup "MSHOME"?
<mathiaz> soren: that's the default from Microsoft
<soren> mathiaz: Oh.
<soren> mathiaz: Good point.
<ajmitch> soren: pitti was already willing to give a UVFe
<ajmitch> not so keen on feature changes like net usershare
<soren> ajmitch: No, but that hasn't been enabled, right?
<mathiaz> ajmitch: I don't think so.
<ajmitch> no, but I think that's what mathiaz is referring to
<ajmitch> right?
<mathiaz> ajmitch: I've reworked the patch and submitted it to debian today
<mathiaz> ajmitch: nope. It was another bug.
<ajmitch> mathiaz: yeah, I saw when reading my email before work :)
<ajmitch> ok, which one?
* ajmitch was looking at that & cups by default
<mathiaz> ajmitch: yes. that's it.
<mathiaz> ajmitch: we're already exporting the printer share by default.
<mathiaz> ajmitch: but because cups is not configured by default, printers won't show up.
<ajmitch> right, slangasek said that the better way to do it was to drop the cups.patch from debian/patches
<ajmitch> 17:43 < slangasek> well, there are some behavior differences when using the cups support, last time I used it there was some raciness on startup because cups would accept connections and provide printer lists to smbd queries before it had finished loading its own list of printers
<ajmitch> 17:44 < slangasek> but that was years ago, I have no idea if that's a current issue or if there are other issues taking its place
<ajmitch> and when I asked pitti about it a couple of minute before that:
<ajmitch> 17:36 < pitti> ajmitch: makes me a little nervous TBH (FF and all that)
<mathiaz> ajmitch: hum... It may be to late in the release cycle then
<ajmitch> yeah
<ajmitch> otherwise, packages are on my ppa, soren tested them
<mathiaz> ajmitch: ok. The reason I asked was that the bug is milestoned for beta
<mathiaz> ajmitch: so the milestone should be removed.
<ajmitch> ok
<ajmitch> milestones are not my call :)
<ajmitch> the only patch I added was http://ajmitch.net.nz/debuild/ubuntu/samba/samba-3.0.26a/debian/patches/chgpasswd.patch
<soren> ajmitch: I'm all for getting 3.0.26 in. It mostly a bugfix and security release than anything else, afaict.
<ajmitch> definitely
<ajmitch> I'm just rebuilding the source for upload now
<ajmitch> shame that it takes so long to upload at 256Kbps :)
<mathiaz> ajmitch: did you take the CVE patch from debian ?
<ajmitch> it's 3.0.26a-1, so yes, it has the fix for 3.0.25's security issue
<ajmitch> it doesn't affect any other versions, just gutsy
<mathiaz> ajmitch: of course...
<ajmitch> makes keescook's life a little easier :)
<soren> ajmitch: I can push the orig.tar.gz for you, if you want? :)
<ajmitch> I think it needs to be in 1 ftp session to to the way soyuz works :)
<ajmitch> unlike debian
<ajmitch> it's ok, I can just ignore irc for 20 min while ssh is lagged
* ajmitch dputs
<mathiaz> ajmitch: works here too
<ajmitch> great, thanks for testing
<ajmitch> ok, it should be accepted & built soon
<soren> ajmitch: So you and pitti ended up OK'ing it then?
<maxter> hola!!
<maxter> How I install Cpanel in my Ubuntu Server 6.06?
* soren goes to bed
<ajmitch> soren: yeah, he's wanting a more relaxed UVF, allowing bugfix-only releases through
#ubuntu-server 2007-09-20
<keescook> ajmitch: yay samba!
<ajmitch> :)
<mikubuntu> hey guys, just downloading dapper server, no; i mean, burning it now ... it's a livecd, yes?
<kgoetz> server? no
<mikubuntu> kgoetz: hmmmm, so to check it out, have to install?
<kgoetz> anyone good -=> verry good with apache2 here?
<kgoetz> mikubuntu: afaik yes
<mikubuntu> what's the least amount of resources it needs?  i didn't see system requirements anywhere on the download page ... wonder if i could install it on an old box?
<kgoetz> server should be able to yes. i'd guess 128mb ram
<mikubuntu> and then i can add whatever ecommerce/content management i need to it?  i need to start working on a project that will entail an ecommerce activity managing 5-10000 items...
<kgoetz> well YVMV trying to run heavy web apps on SFA resources
<mikubuntu> translation?
<mikubuntu> yvmv? sfa?
<kgoetz> your value may vary, not a whole lot
<kgoetz> in that order
<mikubuntu> hmmmm.  ok. thanks.
<mikubuntu> kgoetz: ok, got it in the box, and the choices are install to hard disk, or install a lamp server ... i thought the lamp was part of the hard install?
<mikubuntu> does it mean i have to do both?  first install, then lamp?  or just lamp?
<kgoetz> mikubuntu: you can install a minimal system (first option) or a lamp server (2nd option)
<mikubuntu> kgoet
<mikubuntu> do you think the old box can handle lamp?  that's the setup of choice right?
<kgoetz> whats the old boxes spec?
<mikubuntu> hmmmmm... i know i *should* know that, but i dont.  it's an older compaq presario had about a 10gb hard drive, but i dont know about ram .... i installed puppy on it couple weeks ago for hell of it
<kgoetz> you can start developing on it. i wont commit to any sort of prediction howwell it handles it
<mikubuntu> guess i can't hurt anything trying to go lamp right, if it doesn't work out i can switch out
<mikubuntu> you know anything about magento?
<mikubuntu> there she goes, problem already .... entering lowmenory mode ... wonder if i should leave this box alone with puppy and look for something a little more robust...
<kgoetz> no
<kgoetz> lowmem already? you dont have 64mb of ram in it - give up now
<kgoetz> could someone bug fixy/apache knowledgeable look at this ticket? it is by someone having teh same problems with apache i have https://answers.launchpad.net/ubuntu/+source/libapache2-mod-auth-pam/+question/10853
<mikubuntu> before i installed puppy i tried to get xubuntu on that box, but could not get it installed for anything, finally got puppy on it with a lot of help from their room... the problem with xubuntu seemed to be related to the low memory mode situation
<kgoetz> your box doesnt have enough ram to be useful
<mikubuntu> kgoetz: sorry, my chatzilla froze up... so the installer goes into low mem mode for UNDER 64 ram?  it's more of a dog than i thought, i guess ... lol
<kgoetz> 15:21 < mikubuntu> before i installed puppy i tried to get xubuntu on that box, but could not get it installed for anything, finally got puppy on it with a lot of help from their room... the problem with xubuntu seemed to be related to the low memory mode situation
<kgoetz> 15:21 < kgoetz> your box doesnt have enough ram to be useful
<mikubuntu> ya, i'll have to find something else to put it on.  i thought i had installed lamp on this laptop, but after the whole process, i can't find it anywhere.  see some of the packages in synaptic, but i dont think the install went right.  or, there's always the possibility i just don't know what i'm doing.
<kgoetz> mikubuntu: visit 'localhost' in a web browser
<mikubuntu> just put 'localhost' into the address bar?
<kgoetz> yes
<mikubuntu> ok, ya, says apache server at port 80.
<mikubuntu> has parent directory and apache2-default
<mikubuntu> so is that 'my environment'?
<kgoetz> means you have a web server running
<mikubuntu> i clicked on apache2 and got a page 'it works!' ... i'm still lost, tho, how do i start building into the server?
<mikubuntu> i think i want to try magento but i don't know how to integrate/pull it up even...
<mikubuntu> oh, well, i'm tired and everybody seems kind of busy tonite, better call it a nite for now; thanks for your help
<kgoetz> later mate
<kgoetz> for some reason, apache2 doesnt have an ldap or (working) pam auth module, or a generic 'external auth' module :(
<kraut> moin
<kgoetz> hey
<c1|freaky> hi all. i run a server with a few shell users. is there a way to see what a user is doing on his/her login terminal? it's a ssh login session and i want to be able to see, what that user is doing at the moment - is that possible?
<soren> c1|freaky: w
<c1|freaky> thanks
<kgoetz> rhubarb, my dns is teh borked :(
<kgoetz> talk about owning yourself :|
<kgoetz> is fetchmailconf ncurses or X11?
<soren> kgoetz: I think it's x11.
<soren> kgoetz: ...it depends on python-tk
<kgoetz> soren: ta... suppose i'll be configuring by hand
<lafuma> hello, anyone around ?
<kgoetz> sort of
<lafuma> do you use ubuntu server edition ?
<kgoetz> at work. thats irrelevent though - if you want help, say what the problem is
<kgoetz> if someone can help they will speak up
<lafuma> i read that it has some sort of preinstalled apache+php+mysql installation
<lafuma> is that true ?
<kgoetz> theres a 'lamp' install option yes
<lafuma> okay
<lafuma> is it safe and good to go ?
<kgoetz> safe?
<lafuma> which version to prefer ?
<lafuma> 7.04 or 6.06
<kgoetz> whats the server for?
<lafuma> web, about 5 different domains, ftp, mailserver (about 40 accounts)
<kgoetz> if you need the LTS (eg if it has to stay the same for another few years) go with 6.06
<kgoetz> if you can wait a few weeks and want to upgrade in 6 months, go with 7.10 which is out mid next month.
<kgoetz> or 7.04 so you can update to 7.10
<lafuma> is there any place i can read about differences of 7.04 and 6.06 ?
<kgoetz> um. maybe the release notes
<kgoetz> not sure tbh
<ScottK> lafuma: Unless you are building a pile of custom code on top of Ubuntu that has to have a static environment for years, go with 7.04 would be my recommendation.
<kgoetz> night all
<kgoetz> lafuma: good luck with it all :)
<lafuma> thanks
<lafuma> night
<mikubuntu_> hello guys; i'm kind of a newb, to everything.  anyways, i downloaded magento to my ubuntu 7.04 laptop.  it downloaded to desktop, and then i did a 'extract here' on it and got an icon on the desktop... but, i'm not really sure it's installed.  when i click on it, screem launches, but i don't seem to locate any kind of dashboard for magento.
<lafuma> i'll go with the new version then
<soren> mikubuntu_: You need to put it somewhere your webserver knows about.
<mikubuntu_> soren: like i said, i'm still a knucklehead with this, can you be more specific?
<soren> mikubuntu_: Have you done any sort of programming before? (Not meant to be offensive, it just helps me give you answers)
<lafuma> any chance i can do the installation over ssh ?
<lafuma> ubuntu server that is
<soren> lafuma: Umm... Install it onto what?
<lafuma> server ?
<lafuma> i can put the cd in it before :)
<lafuma> but connecting it with monitor and keyboard would be pain in the ass
<lafuma> it would be much easier to operate it over ssh
<soren> lafuma: I don't think you can do that very easily.
<mikubuntu_> soren: nope, completely green ... well, i did do a simple website for my car service www bestcab dot net, but nothing like what i want to do now.  i need to set up a catalog/ecommerce site with a starting inventory of about 5000 items.  what i think i understand about the process?: that i need server stuff, so i 'think' i have downloaded last week the lamp setup, and when i go to localhost...
<mikubuntu_> ...on my browser it tells me apache2 is working.  i know i need to make some kind of database, with the items, images, and other fields relating to inventory ...
<lafuma> damn, really ?
<soren> lafuma: Well, yes. You could probably shove a openssh server into the installer, but you'd have to set up the network first and some sort of username/password combination.
<soren> mikubuntu_: I see. Um... It's sort of an involved process setting all this up. Doesn't magento come with some sort of documentation?
<mikubuntu_> soren: well, ya, i've tried to meet all their system requirements, getting the server stuff, and all, but i'm not having any luck even getting magento open to get access to it's help menus or anything
<soren> mikubuntu_: I meant like an installation guide.
<mikubuntu_> soren: is it possible for me to take a screenshot of the directory and put that in a pastebin?
<soren> mikubuntu_: WEll... Yes, but it wouldn't do you much good :)
<mikubuntu_> hmmmmm...
<mikubuntu_> i wish i was smarter than george bush sometimes
<soren> mikubuntu_: You need to set up a database first. Then you need to tell magento where to find that database. Then you need to move magento to somewhere apache knows about.
<soren> mikubuntu_: You are.
<mikubuntu_> soren: i must be; i din't vote for him
<mikubuntu_> soren: i started playing around with the openoffice database; is that suitable?
<soren> mikubuntu_: http://www.magentocommerce.com/boards/viewforum/9/
<soren> mikubuntu_: That looks like a good place to get specialised magento help.
<soren> mikubuntu_: Half an hour ago, I had never heard of it. :)
<mikubuntu_> soren: i think i need to better understand the relationship between linux-apache-mysql-php-magento ...
<mikubuntu_> yes, i will of course be studying there, but i was thinking to come here for some general help in understanding the bigger picture of how it all fits together
<soren> mikubuntu_: linux == operating system, apache == http server (speaks to the webbrowser), mysql == database server (keeps your data), php interprets php scripts (apache tells it to do this and php gives the answers to apache), magento -> have no clue.
<mikubuntu_> soren: so is mysql a database just like openoffice database?
<soren> mikubuntu_: I don't know what an openoffice database is, actually.
<soren> mikubuntu_: But possibly, yes.
<mikubuntu_> soren: openoffice is the suite of business apps that come with the ubuntu desktop
<mikubuntu_> like spreadsheet, word processor, database, etc..
<mikubuntu_> soren: but if i am understanding you, maybe i should learn mysql way instead of openoffice?
<soren> mikubuntu_: I know what openoffice is, but how openoffice relates to databases... No clue :)
<mikubuntu_> openoffice database; i don't know, my brain is slow cooking
<mikubuntu_> :)
<m1r> hello
<AnRkey> where is ubuntu-server +1 discussed?
<AnRkey> here?
<ScottK> Sure.
<pfein> anyone have a HOWTO on building your own .deb?
<mathiaz> pfein: https://help.ubuntu.com/6.10/ubuntu/packagingguide/C/index.html
<AnRkey> ScottK, is ebox gonna be ready for release
<ScottK> No.
<AnRkey> with a capital N :)
<AnRkey> pfein, the motu team would be happy to help you too...
<pfein> AnRkey: thanks, I'll try there.
<AnRkey> you can also join their list
<pfein> this is (hopefully) a one-off... need to version bump my load balancer.  Most of my servers are Gentoo, unfortunately.
<xdcdx_> hello
<xdcdx_> I'm setting up a cluster, I have several intel xeon nodes
<xdcdx_> I configured a server node which serves the kernel and a initramfs by netboot
<xdcdx_> the server also serves a nfs filesystem, and the client nodes mount it
<xdcdx_>  some nodes, with a fixed hardware configuration, boot fine over the net
<xdcdx_>  but we bought some newer nodes, and the boot-by-net and mount the remote nfs filesystem process won't work
<xdcdx_> the new nodes have a different intel motherboard, with different ethernet integrated chipsets
<xdcdx_> however, boot-by-net and mount the local filesystem works fine with the new nodes
<xdcdx_> so it's not a hardware support issue; rather the new hardware messed up with our current boot-by-net and mount nfs filesystem method
<xdcdx_> we have 6.06
<xdcdx_> any happy ideas, or method for debugging this problem?
<xdcdx_> we have the default initramfs, built with mkinitramfs... when the server sends the local-initramfs to the new nodes, they boot fine (given the local disc has a working filesystem)
<xdcdx_> when the server sends the nfs-initramfs to the new nodes, they won't boot (the old nodes do boot)
<nealmcb> xdcdx_: it may be that the folks that do ltsp (probably in #edubuntu) would have more experience with that
<pteague> good grief... i was bashing my head all last night trying to get userdirs to work on apache.. finally gave up & rebooted & went to bed... now it works
<mralphabet> pteague: of course
<osmosis> anyone use xen in gutsy ?
<mralphabet> not I, but yes, there has been lots of talk about xen
#ubuntu-server 2007-09-21
<stiv2k> hi.. webmin is configured to sync my server's clock once a day at midnight, but i don't think it's doing it because every time i sync it manually, it's always way off
<mathiaz> !webmin | stiv2k
<ubotu> stiv2k: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system
<stiv2k> mathiaz: i see... any alternatives?????
<stiv2k> mathiaz: what about usermin? same dilemma?
<mathiaz> stiv2k: yeah... it'S the same project.
<mralphabet> !rtp
<ubotu> Sorry, I don't know anything about rtp - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<mralphabet> hrm
<stiv2k> mralphabet: what is rtp?
<mralphabet> !ntp
<ubotu> Sorry, I don't know anything about ntp - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<mralphabet> http://www.ntp.org/
<mralphabet> stiv2k: ^^
<sahafeez> question - i just nuked my gentoo server and moved it over to ubuntu server 7.04
<sahafeez> before i did that i cp -R about 400gb of stuff of to a usb2 hd
<sahafeez> i am trying to move the data back now after installing ubuntu and the system is just drag and slow when the copy from the usb is going....
<sahafeez> is there something about moving from usb to local vs the other way that would cause this to drag so much
<sahafeez> can i remount an active filesystem with noatime? like /
<kgoetz> anyyone here running with dspam-web frontend?
<sahafeez> question - i just moved from gentoo to ubuntu server.
<sahafeez> i am trying to copy my data back from a usb attached drive.
<sahafeez> when the copy is running the system is well - slugish as heck. simple cmds take secs to return
<sahafeez> both filesystems have been mounted with noatime
<sahafeez> anyone>/
<maestrojed> I want to turn my ubuntu feisty box into a file server for my small office.  I decided to go the route of running SAMBA.  I followed this tutorial http://ubuntuforums.org/showthread.php?t=202605 and understand how to have windows users connect.  What do I need to do (if anything) to have my Macintosh users connect?
<maestrojed> I am running a LAMP server on my linux box,  What do I need to do to change the webroot directory?  Do I just change it in apache, Do I have to edit php, mysql?
<kraut> moin
<AnRkey> will ebox be ready for gutsy?
<dexem> AnRkey: I think soren was doing that job, and he wrote one post on his post giving few hopes, but I don't know current status
<dexem> on his blog :P
<soren> AnRkey: No, it won't.
<soren> Sorry
* AnRkey breaks down in tears
<AnRkey> but it's soooo cool for my techs here
<AnRkey> soren, how can i help out?
<soren> AnRkey: You can't, really :) It's too late. It simply didn't make it in time.
<soren> AnRkey: Rest assuered, though, that it will be ready and shiny for hardy.
<AnRkey> soren, I will be testing it for, thanks for the work so far
<soren> :)
<AnRkey> i want to move all my suse box's to ubuntu and use them for my whitelisting on our school network
<AnRkey> we have 2 proxies and I need techs to be able to use them easily, so it's looks exciting
<soren> AnRkey: eBox is a very exciting project indeed. I'm very enthusiastic about getting it into Ubuntu for our next release.
<AnRkey> i have just downloaded the debian iso for it
<AnRkey> gonna give it a go and see if it can tide us over
<AnRkey> we have switched to a whitelisting proxy due to kids getting hold of porn all the time
<AnRkey> later
<soren> ./
<soren> Um..
<c1|freaky> hi all. i have a problem with svn since 2 days, it's not ubuntu specific but it would be nice if someone familiar with svn would have a look at it. in #svn 3 people also couldnt help me. http://main.freakyy.de/svn_err.txt
<c1|freaky> another question: how much experience should one have to be able to help with server related stuff?
<Jonex> When I try to ssh to my server box, the password doesn't seem to work, can it be some config error?
<c1|freaky> it can if you for example only allow spefic users to log in using ssh.
<c1|freaky> *specific
<Jonex> But this is the main user (only on I have)
<Jonex> And I haven't edited the ssh config at all.
<c1|freaky> so you can't get onto the box right now?
<Jonex> Nope
<Jonex> Shouldn't it say "user not authenticated" or something like that?
<Jonex> Well, I haven't been able to do it before either.
<Jonex> But the config should be like on a fresh install.
<c1|freaky> usually, if it is the only user beside root, and if u have not changed any of the ssh configs, you should be able to login using the right password
<Jonex> Is there any unix command to open an upnp port?
<Jonex> *linux
<c1|freaky> no idea ;)
<Jonex> Where can I see who have rights to ssh to the computer?
<soren> Everyone does.
<soren> Unless you've blocked them in iptables or locked them out in /etc/ssh/sshd_config or disabled their shell or..
<soren> :)
<Jonex> I don't think I have, but I get "permission denied" when I try to connect.
<Jonex> Well, when I try to enter my password.
<Jonex> It doesn't say if it is because the password is wrong, the user doesn't have access, the ip is wrong or there is no such user
<Jonex> ju "Permission denied, Please try again."
<Jonex> Is there any simple command to reset any ssh-settings?
<Jonex> s/any/all/
<Jonex> In case I have done something stupid to them.
<soren> It's not really something you can do by accident.
<soren> And no, it purposely doesn't reveal why you can't log in. That's a security measure.
<soren> You can, however, look in the auth.log on the server.
<soren> Jonex: ^^
<Jonex> soren: Oh, where is auth.log?
<soren> Jonex: /var/log along with all your other log files :)
<Jonex> ok, thanks, gonna try that
<soren> np
<Jonex> Hmm, auth.log.0 is it?
<soren> no.
<soren> That's the old one.
<Jonex> ok
<lafuma> hello, can anyone help me with openssl ?
<lafuma> anyone ?
<soren> ask your question
<lafuma> well, i installed apache, mysql,php, ssl etc. after this tutorial http://www.howtoforge.com/perfect_setup_ubuntu704
<lafuma> it worked fine after restart
<lafuma> i read it demands open_ssl passphrase at the beginning when i started the server
<lafuma> i suspect this is the problem why ssl is not working
<lafuma> any chance i can make it not to ask the ssl passphrase upon restart ?
<lafuma> since i cant access the machine physically
<soren> lafuma: Don't set a passphrase for your private key.
<soren> openssl rsa -in key.pem -out keyout.pem
<lafuma> okay
<lafuma> i'm not so familiar with this thing
<lafuma> can you be more precise ?
<lafuma> it would mean a lot, since i have to take the server to the server housing today
<soren> Uh.. I can't possibly be more precise than give you the exact command you need to type :)
<soren> You have a key.
<lafuma> yes
<soren> Let's call it key.pem
<lafuma> i have lots of them
<soren> Then you write:
<lafuma> yes
<soren> openssl rsa -in key.pem -out keyout.pem
<soren> Henceforth, use keyout.pem. It's the key without the passphrase.
<soren> Done.
<lafuma> bah, i must be a complete idiot
<lafuma> keys, certificates, passphrases.... argggh
<lafuma> the thing is
<soren> keys are the secret stuff. passphrases is what you use to encrypt your key. certificates are like the public keys.
<lafuma> i have lots iof .pam files under /etc/ssl/certs
<soren> /etc/ssl/certs
<soren> Er..
<soren> No.
<soren> /etc/ssl/private.
<lafuma> oh
<soren> You've created this key yourself, right?
<lafuma> there i have .key file
<lafuma> yes, i remember creating it
<lafuma> but my real problem is that it asks it upon restarting
<lafuma> how can i make it not to ask it :)
<soren> I've already told you.
<soren> Twice.
<soren> openssl rsa -in key.pem -out keyout.pem
<soren> That's it.
<soren> If there's no passphrase, it won't ask.
<lafuma> allright
<lafuma> i dont have the key.pem under /etc/ssl/private
<soren> ...
<soren> Where is it, then?
<lafuma> i dont even have a file named key.pem
<soren> Look....
<lafuma> i have loads of *.pem files under /etc/ssl/certs
<soren> You haven't told me where it is or what it's called..
<soren> It doesn't matter.
<lafuma> where is what ? :(
<soren> You need to go to the right directory (only you know this) and type that command and use the filenames *you* used.
<lafuma> where is it by default ?
<soren> There is no default.
<lafuma> well, i followed this tutorial
<soren> WEll, yes, under /etc/ssl somehwere.
<lafuma> http://www.howtoforge.com/perfect_setup_ubuntu704
<lafuma> this one
<lafuma> okay
<lafuma> i've got only certs/ and private/ there
<soren> This is the webserver, right?=
<lafuma> yes
<lafuma> open_ssl is used for postfix and ISPconfig
<lafuma> as far is i know
<lafuma> as*
<soren> So you've used ispconfig to setup the webserver?
<lafuma> havent got that far
<lafuma> cannot connect to ispconfig since it uses ssl
<lafuma> well, i got to connect there the first time, right after installation
<lafuma> right
<lafuma> i created pam file under /private
<lafuma> called cacert.pam
<lafuma> with this command openssl req -x509 -newkey rsa:2048 -out cacert.pem -outform PEM -days 1825
<lafuma> someone suggested
<lafuma> could this fix my problem now ?
<soren> ....
<soren> You could have mentioned that.
<lafuma> what ?
<soren> That you created that key!
<lafuma> no, i just created it
<lafuma> not before
<lafuma> 1 min ago :)
<ivoks> howdy
<lafuma> safe to try and restart the server ?
<lafuma> and see if that works ?
<soren> It's hard to tell. I don't know what else you've done.
<lafuma> nothing actually
<lafuma> only the things said in the tutorial
<soren> Then it's probably fine.
<lafuma> still the same
<lafuma> damn thing
* soren goes to lunch
<marekr> how can i restart the whole runlevel ?
<kgoetz> init <some other run level>
<marekr> hmm
<TeTeT> is it possible to have user specific apparmor profiles? E.g. one user may use a printer from firefox, while another may not?
<termitor> hello
<termitor> someone cant help me for make freenx + xfce running proprely ?
<wasabi> Hmm. We should distribute a 32 bit version of nss_winbind
<ScottK> lamont: Unless you say don't do it very quickly I'm going to ack the feisty-backports request for Postix (runs great on my test server).
<lamont> whatever
<lamont> iz backports
<ScottK> OK.
<lamont> I use feisty-home :)
<ScottK> Someon asked and it's as technically sound as backports get.
<lamont> which, yes, has an autobuilder
<ScottK> Figured.
<lamont> I suppose I could use a PPA now
<ScottK> Gah.
<ScottK> Just don't put an orig.tar.gz in your PPA that Ubuntu doesn't have already.
<ScottK> If you do, currently, Soyuz will believe it has it already, decline to fetch it, and then fall over later when it can't find it.
<sahafeez> is there a time out on ssh connection to a ubuntu server?
<mralphabet> sahafeez: I don't believe so, the sessions I use have been logged in for _weeks_
<mralphabet> sahafeez: months even
<sahafeez> well i just moved a box from gentoo to ubuntu server and my ssh's to the box drop after a bit if i am not doing anything
<sahafeez> Connection reset by peer
<mralphabet> ;( I don't have an answer, that hasn't been my experience
<sahafeez> thanks.
<ScottK> lamont: It is nice the result of all the effort that goes into making Postfix upgrades painless (both upstream and the packaging).
<ScottK> lamont: The server in question uses a milter, a filter, and a policy server and then all just kept working after the upgrade.  No tweaks required.
<okaratas> hello
<sahafeez> greetings earthling.
<Jowi> hi, I just installed a barebone server feisty system with only windowmaker and slim (simple login manager). the gtk programs seem to have different sized fonts for menus etc. I have created .Xresources and .gtkrc.mine to set the fonts, which works well on another edgy system that has got gnome, gdm and wmaker installed. but it seems like this barebones setup does not see .gtkrc.mine properly. anyone has any hints/tips/solution fo
<Jowi> r this?
<lamont> ScottK: thank you
<Nafallo> Jowi: this is the server channel. maybe you want #ubuntu ?
<Jowi> yeah, tried there. no answers. I installed the server version because that is what I mostly use this PC for (lighttpd, postfix etc) but I want a somewhat uniform UI as well ;)
<Jowi> without the heavy gnome that is
<Nafallo> Jowi: still think you're better of in #ubuntu then here actually. we serverpeople use CLI ;-)
<Jowi> I can edit .Xresources with nano if that make you feel better haha
<Jowi> nah, seriously, it was just to try to get a good tip
<lamont> "server" == "command line" :-(
<lamont> what's gnome?
<Nafallo> lamont: why the sorry face? ;-)
<lamont> Nafallo: it's called "sympathy" :-P
<Nafallo> lamont: hmm. I think I heard of that... can't remember what it is though :-)
<Jowi> lamont, Nafallo: no hard feelings. I knew I was probably in the wrong place but thought that, "hey, if anyone know anything about this it's probably these guys"
<Nafallo> Jowi: sorry to disappoint you ;-)
<Jowi> Nafallo, have a very nice weekend anyway and if I need help with LAMP I'll be back ;)
<lamont> Jowi: yeah  -sorry to disappoint.  and yes, I know what gnome is... and I use it, even though ubuntu's primary gnome-guy has asked me why I bother several times.
<Nafallo> :-D
<lamont> "why do you even use gnome?" he asks. regularly.
<Nafallo> lamont: hehe
<Nafallo> lamont: what do you answer? :-)
<Jowi> lamont, I can't stand gnome. haven't used it since '01 something. always seemed too.... ummm... windows for me :)
<Jowi> cy guys. take care
<lamont> Nafallo: the original answer was "because ubuntu == gnome"
<lamont> mind you,I generally use xterms not gnome-terms.
<lamont> and metacity has a keyboard focus policy that is all lamont
<leonel> Jowi:  gnome-panel gdm metacity xserver-xorg firefox xfonts-base firefox-themes-ubuntu gtk2-engines-ubuntulooks ubuntu-artwork gnome-applets  gnome-system-tools nautilus gnome-terminal ubuntu-docs update-manager   <-- that's for a basic  gnome desktop  for a server
<Nafallo> lamont: I love gnome-terms. and use gnome mostly so that I can have more terminals opened, and now also with tabs! ;-)
<Jowi> ion3 is not bad for multiple xterms without using screen. too bad is changing license after the rc I heard...
<leonel> that's what I install to servers when the  client  asks for a  graphical  "face" on the server
<Nafallo> leonel: must be talking about ncurses ;-)
<Jowi> leonel, yeah, that's what I thought. think it has more to do with me lacking gdm and that I use custom .xinitrc then anything else. my .gtkrc* seems to be ignored...
<leonel> Nafallo: hahaha
<Jowi> I will find a solution somewhere. take care all.
#ubuntu-server 2007-09-22
<sahafeez> use a console with screen!!
<ScottK> lamont: You're welcome.  Neither the fact that I use Postfix nor the fact that I'm using it in a Debian derived distribution are random, I assure you.
<Jowi> hi, since I wasted your time earlier I just wanted you to know that the solution to the problem was in the display manager and not the gtkrc files or anything else. :)
<Jowi> (/etc/slim.conf, set the correct dpi)
<Jowi> thanks again. good night!
<ivoks> it took exactly one year, but finally ubuntu-server installtion will work in 4 keyboard layouts in which it didn't work since 6.10
* Starting logfile irclogs/ubuntu-server.log
#ubuntu-server 2008-09-15
<limitedwisdom> greetings. Clean install of 8.04 - can't send/rcv email. When I type mail -s Test myother@emailaddy It just never shows up.
<hads> /var/log/syslog
<bytor4232> Not sure this is the right place to ask this, but
<bytor4232> can you do a network installation of JeOS?
<bytor4232> I've been able to set up xubuntu live, as well as the regular netboot stuff.  However when I use the same process I get "unable to mount cdrom" error.
<bytor4232> I'm trying to find the difference between ubuntu cli and jeos.  Any ideas?
<bytor4232> Other than the -virtual kernel.
<hads> It's all the same thing, JeOS is just a minimal install
<bytor4232> Is cli a minimal install as well?
<hads> You mean the server install?
<bytor4232> no, the mini.iso, or netboot.tar.gz
<hads> Haven't installed with them.
<bytor4232> I can't get JeOS to netboot, thats why I'm asking.
<hads> Ubuntu is Ubuntu is Ubuntu though. It's all the same thing with different packages.
<bytor4232> Indeed.
 * bytor4232 wonders if he need to go outside and build a boat.
<bytor4232> Or at least put my car on pylons of some sort.
<bytor4232> I'll just have to install JeOS and compare.
<bytor4232> Yikes, 375.  Mini.iso is like 701
<bytor4232> What I'm trying to do is create a netboot install of JeOS for a product I'm working on.
<jga> anybody know how to mount an iphone in ubuntu server?  I got vmware to read the iphone in ubuntu desktop, but it doesn't automount the iphone in ubuntu server, so vmware doesn't see it
<jga> or is there anyway to enable automount for usb devices?
<kraut> moin
<Adri2000> so, no one wants to comment on my email about vsftpd? or is it still too early monday morning? :p
<nooga> hi
<stapel> How can I install dhcp3-server when I have no internet connection. Can I do this from the install cd?
<nooga> i've got a computer, outside the office, that runs ubuntu and it connects to the internet using ppp and gsm modem. The problem is a pptp tunnel that i've set up to connect that computer to our office VPN. When the tunnel goes down it also "damages" ppp internet connection. It looks as if ip-down for the tunnel cleans resolv.conf
<nooga> is there a way to avoid damaging the internet connection when the tunnel goes down?
<mib_t3gz38> Salamo Alekom
<mib_t3gz38> I need some information about how to setup DNS Server, DHCP Server, and Proxy Server, and one can send me a link to understand what DNS, DHCP and Proxy server and router is and how to install them, pleae I need some link about that
<mib_t3gz38> please I need some link about how to install and configure DNS, DHCP and Proxy servers
<henkjan> https://help.ubuntu.com/community/dhcp3-server
<mib_t3gz38> henkjan: thank :D
<mib_t3gz38> henkjan: do you have any links about what is the DNS and the best proxy server, some people said squid is the best one, do you have any idea ?
<nooga> ah
<nooga> so nobody knows? :|
<mib_t3gz38> nooga: :(, I though it's the professinal server Ubuntu  IRC, isn't it ?
<nooga> yea, but my question is quite professional though
<nooga> ;}
<henkjan> mib_t3gz38: search on the wiki for 'proxy' and 'dns'
<mib_t3gz38> mib_t3gz38: can I configure DHCP and DNS servers, -static name for each PC- in the same servers
<mib_t3gz38> henkjan: can I configure DHCP and DNS servers, -static name for each PC- in the same servers?
<ghaleb> mib_t3gz38: can u rephrase your question ?
<stapel> I am trying to set up an ubuntu server with two NICs. I have 2 windows boxes that I want tyo connect to this server with crossover cables. I also want to assign IP addresses from the ubuntu server with dhcp, how can I achieve that?
 * Koon lunches
<CrummyGummy> Hiya, anyone using backuppc?
<spiekey> hey!
<spiekey> has anyone here some experience with bind?
<spiekey> i would like to forward dns requests within a zone
<spiekey> e.g. a reqtest for 123.lan.foo.bar (zone lan.foo.bar) should be resolved by a 2nd dns server.
<_ruben> 123 in ns ot.her.name.server
<spiekey> _ruben: i want it for every request. like: *.lan.foo.bar
<spiekey> http://pastebin.com/m5037bd23  --> maybe something like this?
<_ruben> ah .. hmm .. dunno .. never tried
<uvirtbot`> New bug: #270512 in openssh (main) "openssh-client could suggest xauth rather than recommend it" [Undecided,New] https://launchpad.net/bugs/270512
<zul> is there a reason why we cant enable ssl with freeradius?
<henkjan> openssl license?
<soren> I woould assume so, too.
<zul> well since fedora and novell do it
<soren> Heh :)
<zul> besides users just recompile it with ssl enabled
<soren> I wouldn't base licensing decisions on what they do :)
<zul> I know :)
<soren> zul: That's fine. They're allowed to. We're just not allowed to distribute them linked together.
<soren> http://changelogs.ubuntu.com/changelogs/pool/main/f/freeradius/freeradius_1.1.7-1build4/freeradius.copyright
<zul> *grumble* *grumble* ;)
<soren> Last 10 lines or so are of particular interest.
<zul> yeah yeah....its kicking my ass
 * soren pats zul on the head
 * delcoyote hi
<bendable> Hi guys, I've got a noob question for you and I hope someone can point me in the direction of an answer.
<henkjan> !ask
<ubottu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<uvirtbot`> New bug: #270521 in postfix (main) "package postfix 2.5.1-2ubuntu1.2 failed to install/upgrade: subprocess post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/270521
<bendable> I'm migrating a server from Debian Etch (which uses init) to Ubuntu Hardy (upstart).  I've never used upstart before.  But I'm trying to get krb5-ftpd running.  The package placed an appropriate line in /etc/inetd.conf, but my guess is that this isn't the right thing to do for upstart.  So what is the right way to activate krb5-ftpd?  Is there another package I need to install or do I need to hack it myself?  (And if I need to hack it myself, 
<sommer> during the "software updates" question of the installer, does the "automatically install security updates" option use a cron job?
<sommer> just wondering because I couldn't find on the specific job
<mathiaz> sommer: my guess is that it uses the unattended-upgrade package.
<sommer> mathiaz: ah, that makes sense
<sommer> mathiaz: thanks
<mathiaz> sommer: it's based on a cron job IIRC
<uvirtbot`> New bug: #270570 in samba (main) "cifs mounts and unmounts properly for a day or so, then hangs on future mounts" [Undecided,New] https://launchpad.net/bugs/270570
<Adri2000> so, should I just go ahead with vsftpd?
<w8tah> hi folks - have sysklogd running as my logging agent in ubuntu heron server - its almost working too well -- i have tons and gobs of packet drops from my firewall - -the vast majority of which are network broadcasts -- is it possible to configure sysklog so that it doesnt send the internal broadcast drops to my log server?
<dendrobates> coffeedude: are you around?
<jimcooncat> apt-cacher or approx? any opinions, please?
<uvirtbot`> New bug: #270663 in mysql-dfsg-5.0 (main) "needless use of "m" flag now that PROT_EXEC bug on i386 was solved" [Undecided,New] https://launchpad.net/bugs/270663
<uvirtbot`> New bug: #270675 in net-snmp (main) "package snmpd 5.4.1~dfsg-7.1ubuntu5 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/270675
<Goosemoose> im trying to connect to a domain via likewise while doing a network install. logs show it joins the domain but then has a bunch of pam errors after. Can anyone make sense of this: http://pastebin.com/d734c4899 ?
<ivoks> there's no user root in your domain
<Goosemoose> but why would there need to be?
<ivoks> who said it need to be
<ivoks> it just pam telling you that there's no root user in domain
<Goosemoose> why is it bothering to tell me though? it says it joined the domain, but then i cant login as a user in the domain
<ivoks> that's another problem
<Goosemoose> oh
<ivoks> and you are doing this on livecd?
<aless> hi, after i login to my sftp server it hangs up. What could be wrong?
<Goosemoose> yeah when i telnet in to it, it shows error before the login prompt
<Goosemoose> no using network
<Goosemoose> preseed.cfg file
<ivoks> what error?
<Goosemoose> it literraly just says error
<Goosemoose> i can log in as root but that's it
<Goosemoose> but the logs show it joined the domain
<ivoks> Goosemoose: on installed system or live one?
<ivoks> aless: check /var/log/auth.log
<Goosemoose> ?
<Goosemoose> on the installed system
<ivoks> Goosemoose: domain ends with .local?
<Goosemoose> yes
<Goosemoose> thats why i editing the nsswitch.conf
<ivoks> ok then
<Goosemoose> part of my script
<aless> ivoks, thanks !
<Goosemoose> hosts:          files dns mdns4_minimal [NOTFOUND=return] mdns4
<Goosemoose> changed the line to that which allows the .local to work ok
<Goosemoose> at least when i do it manually it works
<Goosemoose> that was one of the 2 fixes I found for the .local bug
<Goosemoose> the other is to turn off the service which I didn't want to do
<ivoks> i don't know what could be the problem
<ivoks> is there anything in logs?
<aless> ivoks, ssh works but it hangs up after i login in scp/sftp. The auth.log says session closed for user .. and authentication failure
<aless> and i reports success for ssh connections
<Goosemoose> ivoks, talking to me or aless
<ivoks> no one at the moment :)
<Goosemoose> lol
<Goosemoose> http://pastebin.com/d734c4899
<Goosemoose> thats the log where the error is
<Goosemoose> but it shows joining the domain properly
<Goosemoose> im going to add a root user and see what happens
<Goosemoose> ok ivoks, one other question. any idea what I need to set to get edubuntu-desktop to install? i have: tasksel tasksel/first multiselect standard, edubuntu-desktop but I end up at the terminal
<ivoks> sudo apt-get install edubuntu-desktop
<ivoks> oh, in preseed
<ivoks> i haven't played with this for some time
<ScottK-laptop> ivoks: Had a chance to test clamav yet?
<ivoks> ScottK-laptop: i'll build in an hour or two
<Goosemoose> hmm
<Goosemoose> yeah in preseed
<ScottK-laptop> ivoks: Great.
<ivoks> ScottK-laptop: this is patch for 0.94
<ivoks> i have 0.92 in 8.04
<ScottK-laptop> ivoks: Yes.  I thought we agreed you'd grab the Intrepid source package and build/test that.
<ivoks> oh...ok
<ivoks> anyone got problems like this:
<ivoks> # do-release-upgrade -d
<ivoks> Checking for a new ubuntu release
<ivoks> No new release found
<ivoks> while running gutsy
<ScottK-laptop> ivoks: -d would upgrade you to the development release and you can't do that from Gutsy.
<ScottK-laptop> Without the -d should get you to Hardy.
<ivoks> ScottK-laptop: atm, clamav is working fine
<ivoks> ScottK-laptop: with or without -d - same problem :/
<ScottK-laptop> Hmmm.
<nxvl> -f always make things work, well if it has that option
<ivoks> -f FRONTEND :)
<nxvl> mmm
<nxvl> then that's not the option i was talking about
<nxvl> --force?
<ivoks> no, no such option
<nxvl> :(
<ivoks> but... interesting...
<ScottK-laptop> ivoks: Works fine here from my gutsy pbuilder.
<ivoks> select(0, NULL, NULL, NULL, {0, 500000}) = 0 (Timeout)
<nxvl> i can't make pbuilder work on my netbook :(
<ivoks> ScottK-laptop: it worked on all my prevoius gutsy machines :)
<ScottK-laptop> ivoks: Odds are, unless you've got MD devices apt-get dist-upgrade will work fine.
<ivoks> and, of course, i have md devices :)
<ivoks> funny machine
<ivoks> parted shows 3TB partition, but df shows only 700GB :)
<aless> ivoks, found the answer, .bashrc was asking for the sudo password. That confused sftp/scp
<ivoks> :)
<Goosemoose> ok, installer logs show the domain was joined fine
<Goosemoose> but i cant login as a domain user
<Goosemoose> how can that be?
<Goosemoose> that's the whole point of likewise-open
#ubuntu-server 2008-09-16
<Goosemoose> so i installed ubuntu over the network, add to late_command to join an AD domain, the computer shows up in AD and domainjoin-cli query shows it's on the domain. But I can't login as a domain user. Any suggestions?
<uvirtbot`> New bug: #270713 in net-snmp (main) "snmpd: error getting netmask for interface" [Undecided,New] https://launchpad.net/bugs/270713
<uvirtbot`> New bug: #270720 in mysql-dfsg-5.0 (main) "ty" [Undecided,New] https://launchpad.net/bugs/270720
<twb> What's the difference between the "generic" and "server" kernel flavours?
<docta_v> anyone tried building a newer e1000 on a somewhat older kernel? (2.6.16)
<docta_v> supposedly it's possible but i'm running into a lot of issues with missing header files and undefined symbols
<twb> docta_v: are you referring to the kernel driver for the e1000 intel gigabit NIC?
<docta_v> twb: yes.. I need to install a newer version of the driver but it won't compile
<twb> docta_v: I don't think you can just use a driver from a newer kernel.
<docta_v> it's not from a newer kernel
<docta_v> you can download the driver standalone
<docta_v> says it supports 2.4.x and 2.6.x
<ScottK-laptop> docta_v: What system are you running.  Ubuntu never shipped 2.6.16 in a final release.
<docta_v> yeah this is a debian system unfortunately
<docta_v> but i use ubuntu everywhere else
<ScottK-laptop> Well Debian and Ubuntu kernels are completely different.
<docta_v> we bought this nfs head product from a vendor that has a really old kernel on it
<ScottK-laptop> So Ubuntu kernel advice is unlikely to apply.
<twb> docta_v: you should ask #debian on OFTC (irc.debian.org)
<docta_v> those guys never answer any questions
<docta_v> but i'll try
<chmac> Any bright ideas on how to shred the disk of a running machine to which I only have ssh access?
<twb> chmac: if /home is on a separate partition, it's easy.
<chmac> twb: Yeah, no separate partitions
<chmac> twb: Turns out my host turned off my server already, so it's no longer an issue! :)
<twb> I guess you could do sudo find /home -type f -exec shred {} + -delete
<twb> Oh well.
<chmac> twb: Shred has an option to delete the file
<chmac> shred -u I think
<chmac> I'm not too worried though :)
<twb> Is it a bad idea to use /etc/hosts.{allow,deny} instead of iptables rules, when setting up some basic rules like "hosts on the WAN shouldn't be allowed access to my services."
<vk5foss> i've done it before, its not the most secure way of doing things aiui, but it does work
<twb> I was hoping for a blog article or suchlike that explains exactly WHY it's less secure than iptables DROP/REJECT rules, with example attack vectors.
<vk5foss> never looked sorry.
<twb> vk5foss: a brief google suggests that it avoids DOS attacks (if you DROP packets instead of REJECTing them), and it also guards against the case where a package isn't built with tcp-wrappers support (in which case hosts.deny would be ignored).
<vk5foss> random question: should i recomend users use rsa or dsa keys for their ssh? i thought rsa was 'it', but i've seen dsa recomended
<twb> Hmm, I wonder if, with "ALL: 192.168.: ALLOW" and "ALL: ALL: DENY", my server will respond to DHCP requests.
<slangasek> tcpwrappers doesn't generally block udp traffic, no
<Koon> slangasek/coffeedude: did you sync on the likewise-open PAM subject ? Is my help needed in any way ?
<Koon> kgoetz: based on recent research I'd recommend RSA now
<Koon> kgoetz: you could ask in #ubuntu-hardened to get more experts opinions
<kgoetz> Koon: i've gone with rsa, as thats what i seemed to recall debian now required of its devs. i was hoping for a 'comfort factor' 2nd opinion :)
<slangasek> Koon: no, I ended up fighting with the pam-auth-update stuff all afternoon and have just now posted a patch to the bug
<Koon> kgoetz: I'd say they are both safe, but DSA usually fails less gracefully
<slangasek> I also suspect that likewise-open may be killing my network-manager :/
 * Koon looks
<slangasek> Koon: I've posted a patch rather than just uploading, to get a second opinion on the change first; it's the best I can come up with at the moment, but I'm not entirely happy with it
<Koon> slangasek: i'll test it. It may not fix the issue in the best way, but it would be nice to have in in alpha6 instead of the currently broken version we have atm
<slangasek> Koon: well, if we decide that this is the wrong way to do it, it may become substantially harder to back out afterwards
<Koon> slangasek: what would be your choice between patching 2956 to just fix the PAM issue and the libwbclient0 incompatibility and switching to 2982 bugfix microrelease (through a FFe ?)
<slangasek> Koon: uhm, AFAIUI 2982 does not fix the PAM issue, suffering from the problem I pointed out in https://bugs.launchpad.net/ubuntu/intrepid/+source/likewise-open/+bug/262264/comments/13, so this isn't an either/or choice
<uvirtbot`> Launchpad bug 262264 in likewise-open "Fails to join a domain: Unknown pam configuration" [Critical,Triaged]
<Koon> slangasek: I mean 2982 + your patch instead of Jerry's one
<slangasek> ok
<slangasek> well, I haven't reviewed the upstream diff for 2982 yet, and we're into Tuesday already, so I think that for alpha-6 we ought to just patch the bugs and go
<Koon> OK, will test that then
<slangasek> I'm puzzled by the incompatibility issue, though, I thought ABI compatibility between the samba and likewise-open versions of libwbclient was a non-negotiable requirement for Likewise
<Koon> slangasek: jerry said "compatible but not equivalent" and said my fix (using samba's lib) is incorrect
<slangasek> ah - yes, the likewise-open one is meant to take precedence :)
<Koon> probably :)
<Koon> I agree it could be fixed in a nicer way but we are running out of time
<slangasek> so ideally, likewise-open would Conflict/Replace/Provide libwbclient0 to satisfy the dep of other packages; but this might not work because of versioned deps, I haven't looked
<Koon> slangasek: so basically in your patch you always enable the pam config, but it doesn't break if no domain is joined
<slangasek> I believe so
<slangasek> let me fix another bug in pam itself here, and I'll do a bit more testing to confirm ;)
<Koon> when no domain is joined, does it delay before failing ? Don't want us to add 30 second timeouts ;)
 * Koon will build and test against his Windows AD test infra
<slangasek> in my testing so far, no, there was no delay; and there shouldn't be, as I asked dendrobates earlier about whether lwi does "winbind use default domain" by default
<slangasek> so lwi will acknowledge that any non-domain-y names are not for it
<Koon> right
<slangasek> ah, bug in that patch
<slangasek> Koon: the prerm needs to call pam-auth-update --package --remove likewise-open, not --remove likewise
<slangasek> updated patch to post shortly
<Koon> slangasek: noted
<Koon> slangasek: your patch is also missing the debian/control modification, I'm adding them
<slangasek> hrm, so it is; thanks for noticing
<slangasek> ah, domainjoin-cli *is* to blame for my desktop crashes
<Koon> slangasek: something like bug 222224 ?
<uvirtbot`> Launchpad bug 222224 in likewise-open "likewise-open: blows up session when joining the domain" [Undecided,New] https://launchpad.net/bugs/222224
<slangasek> title sounds like it :)
<Koon> slangasek: not sure the workaround in the bug applies to you
<slangasek> Koon: the domain I'm joining to isn't a .local
<Koon> yes, the two bugs are completely distinct
<slangasek> then I'm not clear on what the workaround is
<slangasek> listing dns before mdns4_minimal?
<slangasek> that would be an inappropriate workaround (because it means misconfiguring mDNS), so I'll pass. :)
<Koon> slangasek: I don't think there is a known workaround. The BrianDrab in the bug was confused by another bug
<slangasek> ok
<Koon> slangasek: I think this is the result of changing system files in the middle of a session, this still has to be investigated
<slangasek> I'd be surprised/dismayed if glibc were that fragile
<Koon> one problem being it doesn't /always/ crash.
<Koon> slangasek: I've a segfault during domain join/leave
<slangasek> yes, so do I
<slangasek> but I don't think I caused it :P
<Koon> Wasn't there before. Investigating
 * slangasek grabs a backtrace, then
<slangasek> #0  0x00007fd713101003 in free () from /lib/libc.so.6
<slangasek> #1  0x00007fd714431b73 in LWHandle () from /usr/lib/libcentutils.so.1
<slangasek> inconclusive
<slangasek> it's possible it's due to my patch, then; coffeedude would probably be able to tell easily
<Koon> what does the LW_RAISE do ?
<slangasek> probably something it shouldn't ;)
<Koon> rebuilding with it commented
<Koon> slangasek: shouldn't you be sleeping ?
<slangasek> yes
<slangasek> the LW_RAISE() was what you get if you take apart LW_CLEANUP_CTERR(), which I wasn't using because the cleanup: label was commented out
<slangasek> but even that may not be needed, since we never have any errors
<ghaleb> hello, I have scheduled a cron task with the config */4 * *  * * root  /bin/updateStatus.sh > /home/log.log  but it's not working
<slangasek> Koon: right, now instead of a segfault I just get "Error: Module not configured".  So I'm missing something about how the return handling is supposed to work.
<Koon> I'm onit
<slangasek> I'll leave you to it, then; if you get it figured out and need an upload, I'll be back in ~6h :)
<Koon> slangasek: sounds like a plan
<Koon> sleep well (and fast)
<ghaleb> hello, how can I be sure that a shell script executed successfully
<ScottK-laptop> ghaleb: Use set -e
<ghaleb> ScottK-laptop: hmm .. how do I call the script then ?
<ScottK-laptop> Add set -e to the script so that it will exit if it encounters any errors.
<NCommander> ScottK-laptop: isnt' set -e a bashism?
<ScottK-laptop> NCommander: No.
<NCommander> ok
 * NCommander returns to his quiet hole in the wall
<\sh> hmm..something is wrong with the bonding network stuff...
<\sh> auto bond0 \n iface bond0 inet static \n address...\n slaves eth0 eth1 \n bond-mode 0 \n ... works as expected
<\sh> auto bond1 \n iface bond1 inet static \n ... doesn't work...
<\sh> is there some magic step to tell modprobe somehow to use modprobe -o bond0 bonding \n modprobe -o bond1 bonding ? because with the second modprobe statement bond1 comes up
<\sh> (and yes, modprobe.d/aliases -> alias bond1 bonding is in place, but doesn't get recognized anymore it seems
<Koon> slangasek/coffeedude: please see patch @ https://bugs.launchpad.net/ubuntu/intrepid/+source/likewise-open/+bug/262264/comments/19
<uvirtbot`> Launchpad bug 262264 in likewise-open "Fails to join a domain: Unknown pam configuration" [Critical,In progress]
<\sh> damnit.-..
<\sh> with alias and optins inside /etc/modprobe.d/ it doesn't work...and the old line "install /sbin/modprobe --ignore-install bonding ..." works
<Pizarro> Hi everyone
<Pizarro> I have to issues: the first one is that I would like to perform a daily backup of some folders to a CD-RW, is there anyway?
<Pizarro> I want to erase and burn a cd everyday for example at midnight, is there anyway to do so under Ubuntu Server?
<sommer> Pizarro: you can probably script cdrdoa or another utility... I've never done it myself though
<Pizarro> sommer, what I want to do is very simmple in others server plattforsm
<Pizarro> What is cdrdoa?
<Deeps> !backup | Pizarro
<ubottu> Pizarro: There are many ways to back your system up. Here's a few: https://help.ubuntu.com/community/BackupYourSystem , https://help.ubuntu.com/community/DuplicityBackupHowto , https://wiki.ubuntu.com/HomeUserBackup , https://help.ubuntu.com/community/MondoMindi - See also !sbackup and !cloning
<Pizarro> Deeps, I've seen all those links but unfortunatly all are talking about tar files
<Pizarro> my probelm is how to erase a CDRW and burn it daily with the back up files
<Pizarro> the cd will saty always in the recorder, so everyday we have a hardcopy of our data
<Deeps> might wanna read up on command line cd recording utilities, such as cdrdoa i guess
<Pizarro> Deeps, yes, I am now looking at cdrdao web site
<Deeps> good luck!
<Pizarro> so I think I can put this into a cron script right?
<Pizarro> First obstacle:
<Pizarro> Cdrdao records audio or data CD-Rs in disk-at-once (DAO) mode based on a textual description of the CD contents
<Pizarro> CD-R
<Pizarro> so no disk erase
<Pizarro> It's strange, none wanted to do this before?? This is a server!!, the data should be stored periodically
<Deeps> cdrtools
<Deeps> cdrecord -blank=fast -force
<Deeps> first hit on google for "erase cdrw command line"
<Deeps> and heh, you might find few people trust their backups to cdrws
<Pizarro> Deeps, my concern is for example the HD gets damaged,...so what??'
<Pizarro> all the stuff lost
<Pizarro> even if we use a replicant HD, 2 or 3
<Deeps> backup to another hd, backup to another machine
<Pizarro> you are still having a risk
<Deeps> backup over net offsite
<Deeps> tape drives
<Pizarro> tape drives? aren't DVDs more flexible and stable?
<Deeps> well DVDs certainly do bend easier
<Deeps> but i've dropped a tape on it's side and not suffered any damage
<Deeps> ive dropped a cd and a dvd on it's side and the dye's run
<Pizarro> Iam probably wrong, but what I wanted to do is to keep always a CDRW or DVDRW into the server, and everynight store to it the most relevant info
<Deeps> the reliability of a cdrw tends to get pretty poor after a few uses too
<Pizarro> and what about DVDs?
<Deeps> dvdrw seems to be similar
<Deeps> i haven't used them as much as i did cdrws, mostly for not wanting to take the risk
<Deeps> that and i invested in a couple of NAS units instead
<Pizarro> are they expensive?
<Deeps> depends on what you consider expensive
<Deeps> qnap 409pro is a pretty nice 4disk nas enclosure, good for small businesses, costs about $600
<Pizarro> that's expensive now for us, we are a very small buisness just started 6 months ago (3 people)
<Deeps> well, if you're looking to scrape the bottom of the barrell, i'd recommend backing data up from your server to your desktops (and vice versa i guess)
<uvirtbot`> New bug: #270899 in apache2 (main) "apache doesn't come back up after weekly logrotate restart" [Undecided,Incomplete] https://launchpad.net/bugs/270899
<Deeps> along with cdr and dvdr backups every week or so
<Deeps> if you insist on cdrw/dvdrw i'd bin hte disk and replace it every 2-3 weeks
<Deeps> well, 20-30 burn cycles, anyway
<Deeps> all depends on how valuable the data is and the cost of recovery in the event of disaster
<Pizarro> ok, we proably will go like that for 4 - 6 month until the budgets lets us go for a best equipment
<Pizarro> however cdrtools is not present in apt-cache
<Pizarro> cdrw-taper - taper replacement for amanda to support backups to CD-RW or DVD+RW
<Pizarro> What about that?
<Pizarro> Hi,
<Pizarro> How can I mount the dvdrw on my ubuntu server? I am trying "mount /dev/dvdrw" but I get an error
<Koon> kirkland: about service --status-all, I think we need some way to distinguish in /etc/init.d between scripts that just do an action at startup/shutdown and daemon initscripts that really (should) have a status. The current filname-based filter in service doesn't catch them correctly
<kirkland> Koon: i think that's a great idea
<Koon> or maybe making sure they have a status action before calling them, which somehow solves it too
<Koon> kirkland: we can also beautify the output using status's $?, allowing to have a nice table output (in the ideal world where all status return correct values)
<kirkland> Koon: let's continue this after the meeting ;-)   i'd love to flesh this out some more
<Koon> kirkland: sure :)
<uvirtbot`> New bug: #270961 in net-snmp (main) "snmpd isn't stopped before postinst tries to start it" [Undecided,New] https://launchpad.net/bugs/270961
<Fenix|work> Greetings
<Fenix|work> quick question on file systems
<RediXe> Just installed the mailserver, where/how do I setup accounts?
<Fenix|work> I'm setting up a web proxy... and would like to get the best performing file system for the task... any recommendations?
<Koon> coffeedude: ping
<Koon> slangasek/coffeedude: will be back in a couple of hours if you want to discuss https://bugs.launchpad.net/ubuntu/intrepid/+source/likewise-open/+bug/262264/comments/19
<uvirtbot`> Launchpad bug 262264 in likewise-open "Fails to join a domain: Unknown pam configuration" [Critical,In progress]
<Pizarro> Esto:
<Pizarro> genisoimage -V"mis datos" -R -hide-rr-moved -J -joliet-long /home/share/ | wodim -v -eject dev=/dev/scd0
<Pizarro> no va
<coffeedude> Koon: sounds good.
<Koon> coffeedude: the patch, or discussing it in two hours ?
<coffeedude> discussing.  Sorry.  was wresting with git :-)
<Koon> coffeedude: great, see you in two hours then
<RediXe> How do I add a user to postfix?
<slangasek> Koon: your mod looks good / makes sense to me
<Koon> slangasek: feel free to upload it if coffeedude is OK with it
<slangasek> coffeedude: have any time to discuss sooner? :)
<no0tic> hi, I'm trying to configure postfix with smtp authentication via sasl+mysql but it doesn't work. logs and probably other useful information here: http://pastebin.ca/1204482
<no0tic> I'm using this guide http://flurdy.com/docs/postfix/
<no0tic> anyone can help me out?
<ScottK> no0tic: Did you look at the Ubuntu Server Guide?
<spiekey> hi
<no0tic> ScottK, not yet..
<ScottK> no0tic: OK.  I'd look at that.
<spiekey> hey...anyone here with xen experience?
<spiekey> soren seems to be away
<soren> wazzup?
 * soren will be back later
<no0tic> ScottK, it uses completely another method :) good to know
<ScottK> no0tic: That's the approach you're most likely to get help with here.
<no0tic> ScottK, I'll follow your advices, as always
<spiekey> if i do a dumpe2fs /dev/lvm/HOST_A and /dev/lvm/HOST_B then i get tehe same Filesystem UUID. (this is LVM and ext3)
<Pizarro> Hi everybody
<spiekey> is this normal?
<Pizarro> I have isntalled Ubuntu server plus OpenVPN which seems is UP, but I don't knwo how to go further to set up my VPN network, can anyone help me please?
<Pizarro> I mean, I don't know id something is still needed to make it to work, or it is already confugured, etc..????
<RediXe> is there a way to do mail.internalip ? ... mail.domain.com isn't up so I have to use the server's ip address but can't figure out how to do it
<Pizarro> Nobody made a vpn server????
<Goosemoose> anyone with experience with likewise? I have it joining the domain via preseed.cfg over the network. The installer logs show it's sucessfully. domainjoin-cli query shows it's joined, AD shows it's joined, but I can't log in to the domain. If I leave and rejoin it works fine. Any ideas on why that would be?
<spiekey> how do i exit an xen console?
<sommer> kirkland: pong
<no0tic> ScottK, the postfix guide in the ubuntu server guide sets up a server that authenticates mail users against system users, not against a properly populated mysql table.. Authenticating against real system users can constitute a security threat...
<ScottK-laptop> OK.  Virtual is another way to do it.  In my experience if you're doing a non-trivial installation of Postfix, having a copy of "The Book of Postfix" on your desk when you do it is a very good idea.
<no0tic> ScottK, I have one in pdf right here :)
<ScottK-laptop> no0tic: OK.  With the one exception that Debian/Ubuntu have postfix in chroot by default, all the stuff in that book should work.
<danielm_mc> gah!  i keep getting stuck in ubuntu-read-topic when i try and join #ubuntu - anyone know what's up with this?  i'm behind a NAT, but it looks like there's some issue in there
<danielm_mc> whats up with that?
<danielm_mc> !help
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://tinyurl.com/5zfb6t - Usage info: http://wiki.ubuntu.com/UbuntuBots
<danielm_mc> !#ubuntu
<ubottu> Ubuntu is a complete Linux-based operating system, freely available with both community and professional support. It is developed by a large community and we invite you to participate too! - Also see http://www.ubuntu.com
<danielm_mc> stupid bot
<no0tic> hi RoAkSoAx ;)
<RoAkSoAx> hi no0tic long time no see :)
<RoAkSoAx> no0tic, what have you been up to
<no0tic> RoAkSoAx, I'm desperately triyng to set up a mail server :)
<RoAkSoAx> no0tic, have you tried: http://www.howtoforge.com/perfect-server-ubuntu8.04-lts-p5 ?
<Goosemoose> is there some way to 'push' programs to ubuntu workstations like there is in windows?
<sommer> Goosemoose: ssh
<Goosemoose> no fun when you have 500 machines
<sommer> Goosemoose: actually I think apps like cfengine and puppet can do that, and maybe landscape...
<Deeps> ssh in a script?
<Goosemoose> deeps, yeah but still a pain tracking all the computer names
<Goosemoose> ill check out the programs sommer mentioned
<Goosemoose> ive never used any of them
<no0tic> RoAkSoAx, as I said before you joined.. I need virtual mailboxes :)
<no0tic> RoAkSoAx, thanks anyway
<danielm_mc> yah, cfengine and puppet are stock, puppet kind of sucks, and cfengine really sucks
<RoAkSoAx> no0tic, oh i see... browse there in howtoforge.. i think i've seen how to set up virtual mailboxes :)
<danielm_mc> why are you asking about basic system administration in #ubuntu-server though?
<Deeps> Goosemoose: they're not all stored in a db/ldap/something else?
<danielm_mc> deeps: yeah no kidding, i'm just working on my own thang like that
<Goosemoose> deeps, yes but i have a mix of windows & linux machines
<Goosemoose> it's a school
<Goosemoose> i should make my login script add the computers to a ubuntu group, hmm
<Pizarro> alguien por favor puede echarme una mano en montar una red VPN por favor os lo ruego
<Pizarro> Can anyone PLEASE help me with a VPN server on Ubuntu Server????????
<Pizarro> I NEED HELP!!!!!
<danielm_mc> yeah
<danielm_mc> whats up pizarro
<danielm_mc> you need help with vpn?
<danielm_mc> what is the problem
<Pizarro> danielm_mc, thanks for your attention,
<danielm_mc> whats up
<Pizarro> I am trying to set up a VPN server in Ubuntu server
<danielm_mc> which vpn server
<Pizarro> OpenVpn is already installed
<danielm_mc> okay, whats the problem
<Pizarro> I folowed https://help.ubuntu.com/community/VPNServer
<Pizarro> but when I try to start the server it fails
<Pizarro> I followed exactly what the wiki say
<danielm_mc> did you read: http://openvpn.net/index.php/documentation/howto.html
<danielm_mc> that's an old doc on ubuntu wiki
<Pizarro> a little
<danielm_mc> should go straight to the distribution wiki
<Pizarro> that document is huge!
<danielm_mc> i've had bad experiences with tun+ (bridged networking in openvpn)
<danielm_mc> welcome to sysadmin hell
<danielm_mc> anyways, use the tap+ interfaces, not tun+
<danielm_mc> it's much easier, and it's SSL + PKI
<Pizarro> puff
<danielm_mc> puff puff, you need help i served
<Pizarro> I apreciate it
<Pizarro> and I thank you
<danielm_mc> no prob, have fun reading
<danielm_mc> just make sure you switch to the tap+ ; don't do bridged ethernet
<Pizarro> but frankly spoken, that's a nightmare to set up a simpel VPN neetwork
<danielm_mc> no no, it's really _not_
<_ruben> danielm_mc: tap+ is bridging, tun+ is routing
<danielm_mc> ehhh
<Pizarro> well, the only time I set a vpn server was in Xp, and was 6 clicks
<danielm_mc> tap is SASL/TLS -
<Pizarro> and it is still working fine since 2 years ago
<danielm_mc> try setting up FreeSWAN
<_ruben> freeswan's dead .. openswan is pretty much a breeze to setup really
<Pizarro> what's that?
<_ruben> openswan is ipsec vpn software
<Pizarro> ok, so I will start reading,
<Pizarro> you said bridged vpn right?
<_ruben> (openvpn is ssl vpn software)
<danielm_mc> http://openvpn.net/index.php/documentation/howto.html#vpntype
<_ruben> with bridged vpn your vpn clients will be part of (logical) subnet/network of the server .. with routed vpn your vpn clients will be in a dedicated subnet
<_ruben> off to watch a movie .. g'luck
<danielm_mc> ... i'm off to build some python modules ...
<Pizarro> ok, thanks
<w8tah> i am setting up keypair auth on my firewall - i created my keys there -- the pub key stays on the firewall -- where do i put my private key on my laptop that i'll use to connect to it?
<ScottK-laptop> leonel: Any progress on clamav patches?
<sommer> kirkland: bing
<kirkland> sommer: hey
<kirkland> sommer: okay...  the server guide ;-)
<sommer> kirkland: have a chance yet?
<kirkland> sommer: doing it now
<sommer> kirkland: ah, cool
<kirkland> sommer: serverguide/C/installation.xml?
<sommer> kirkland: yep, or http://doc.ubuntu.com/ubuntu/serverguide/C/advanced-installation.html
<kirkland> sommer: i just pulled the source
<sommer> kirkland: that works too :)
<Goosemoose> dendrobates Are you around? Im having a likewise issue. I have it join the domain in a late_command while installing over the network and the logs show it installed fine. If I run domainjoin-cli query is shows I'm joined. If I look in AD the computer is listed, but I get an error if I log in as a domain user. If I then leave then rejoin everything works fine.
<kirkland> sommer: hmm, i think step 6, "#Choose "bootable flag" setting it to "on". Then select the "Done setting up the partition" option." might need to be removed
<dendrobates> Goosemoose: in hardy or intrepid?
<kirkland> sommer: i can test again, but I'm not sure if that works or not
<kirkland> sommer: i know if works if it's NOT selected
<kirkland> sommer: there may be a bug, when selecting it
<sommer> kirkland: okay, I'll update that... it also should mention the degraded question somewhere
<kirkland> sommer: yeah, i'm getting to that
<kirkland> sommer: after step 5, Finally, select "Finish partitioning and write changes to disk".
<kirkland> sommer: i'll paste the exact text in a pastebin....
<sommer> kirkland: cool
<kirkland> sommer: the screen will look something like this:
<kirkland> sommer: http://pastebin.ubuntu.com/47562/
<Goosemoose> dendrobates, in hardy
<Goosemoose> dendrobates, the installer logs show a sucessfull join, as does domainjoin-cli query, that's the wierd thing
<kirkland> sommer: add maybe just that last line as step 6
<dendrobates> Goosemoose: it is a bug.  The likewise daemon isn't starting.
<kirkland> sommer: this paragraph should be updated.... "By default Ubuntu Server Edition will not boot using to a degraded RAID device, due to the chance of data corruption This may or may not be the desired behavior you want, especially if the machine is in a remote location. "
<sommer> kirkland: gotcha will do
<kirkland> sommer: we should probably define the Dapper - Hardy behavior, and then also the Intrepid+ behavior
<Goosemoose> dendrobates, ok, suggested fix then? i added this to my late_command script before joining: /etc/init.d/likewise-open start
<Goosemoose> just to make sure it was started
<kirkland> sommer: ie, what you've said there is true up to and including Hardy
<dendrobates> Goosemoose: sudo update-rc.d defaults
<Goosemoose> dendrobates, add that to my late script?
<dendrobates> Goosemoose: no run it once.
<Goosemoose> dendrobates, on the server? or run it manually on the workstation
<sommer> kirkland: mentioning previous releases may be better suited to the wiki... at least in the past the serverguide has been focussed on the current release
<kirkland> sommer: for Intrepid and beyond, the BOOT_DEGRADED question will appear in the installer, and if the user wants to change this at a later time, they should run "dpkg-reconfigure mdadm"
<kirkland> sommer: fair enough.....
<dendrobates> Goosemoose: the workstation that is trying to connect using likewise-open
<Goosemoose> dendrobates, i can just leave the doing and join it again and that works fine too
<kirkland> sommer: as for the kernel option, i don't think that's necessary to mention, though it doesn't hurt
<Goosemoose> dendrobates: sudo update-rc.d defaults also isn't valid
<kirkland> sommer: the key thing is that the user will also get an interactive prompt
<Goosemoose> dendrobates: i get the help screen
<kirkland> sommer: if their raid has become degraded and they haven't chosen to boot degraded
<kirkland> sommer: after the 30 second timeout looking for disks, the initramfs will prompt, saying:
<Goosemoose> dendrobates: problem is im about to roll out to 500 computers and dont want to manually rejoin domains
<dendrobates> Goosemoose: oops.   sudo update-rc.d likewise-open defaults
<kirkland> sommer: http://pastebin.ubuntu.com/47564/
<kirkland> sommer: that question is on a 15 second timeout
<sommer> kirkland: good call I'll mention the prompt
<kirkland> sommer: i figure if someone has interactive access to the console, that prompt is more useful than the kernel param
<sommer> kirkland: ya that makes sense, plus if they know about the option they'll probably edit the file
<kirkland> sommer: right
<kirkland> sommer: i guess the kernel param *might* be useful to override, though
<kirkland> sommer: it's your call
<kirkland> sommer: i don't mind it there, and you've written it up already
<kirkland> sommer: i'd just ask you to make the dpkg-reconfigure and the interactive prompt more prominent than the kernel parameter bit
<sommer> kirkland: I'll take another high level look after the updates you mentioned and make sure it still fits
<kirkland> sommer: are you making these changes that I mentioned, or are you expecting a diff from me?
<sommer> kirkland: I'll just make them, I've been taking notes, shouldn't take long
<sommer> kirkland: I appreciate the feedback
<kirkland> sommer: awesome
<Goosemoose> dendrobates, ok doing that and then rebooting worked. can i just add that to my late command script?
<kirkland> sommer: i think that's it
<sommer> kirkland: cool, should have it updated this evening
<kirkland> sommer: awesome, you da man!
<dendrobates> Goosemoose: It is only needed when you first join a domain, and it is fixed in intrepid.
<Goosemoose> ok ill add it in then. lol, i just got around to reinstalling from fiesty to hardy
<LMJ> hi
<LMJ> is there a way with find to look for *.jpg OR *.GIF ?
<LMJ> yes, with -or ;)
<leonel> ScottK-laptop: Those patches  where non critical when they released  0.94  but now checking  cve  looks  scary ..
<ScottK-laptop> leonel: OK.  Please get us some debdiffs.
<leonel> ScottK-laptop:  there are for   cve-2008-3914 cve-2008-3913 cve-2008-3912
<uvirtbot`> leonel: Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3914)
<Goosemoose> dendrobates, is something broken in hardy with using sudo as well if you enable root via the preseed.cfg?
<uvirtbot`> leonel: Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to the "error path." (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3913)
<uvirtbot`> leonel: libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3912)
<dendrobates> Goosemoose: not that I am aware.
<Goosemoose> hmm
<Goosemoose> can't sudo i get an error that the current user isn't in sudoers
<leonel> http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/2008-September/000049.html  <--  ScottK-laptop  reading the thread looks that the only  worry would be  for cve-3914
<ScottK-laptop> Yes.
<Goosemoose> hmmm, might be a conflict between the root user in AD
<ScottK-laptop> I think that's the most important one.  Preferably I'd like to close them all if it's reasonable to do so.
<danielm_mc> anyone know whats up with #ubuntu today?  i can't join
<Goosemoose> probably the 1350 people in there
<danielm_mc> yeah thats not too bad, usually around 1500
<danielm_mc> i keep getting something about the DCC exploit, but wtf
<ScottK> Wahoo.  FWIW openchange has landed in Intrepid.
<mathiaz> !help cve
<ubottu> Sorry, I don't know anything about help cve
<mathiaz> CVE-2007-2727
<uvirtbot`> mathiaz: The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-dependent attackers to decrypt certain data more easily because of the guessable encryption keys. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2727)
<mathiaz> kees: jdstrand: how do I know if this one ^^ has been fixed ?
<mathiaz> kees: jdstrand: nm - I've found it on LP
<jdstrand> mathiaz: can also use http://people.ubuntu.com/~ubuntu-security/cve/2007/CVE-2007-2727.html
<uvirtbot`> jdstrand: The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-dependent attackers to decrypt certain data more easily because of the guessable encryption keys. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2727)
<mathiaz> jdstrand: ah - that's muchhh better
<mathiaz> jdstrand: you should add this to the FAQ/Knowledge
<mathiaz> jdstrand: I've been looking around for this url
<jdstrand> mathiaz: you can also just use http://people.ubuntu.com/~ubuntu-security/cve/CVE-2007-2727.html which is helpful with firefox keywords
<uvirtbot`> jdstrand: The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-dependent attackers to decrypt certain data more easily because of the guessable encryption keys. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2727)
 * jdstrand kicks uvirtbot` 
<jdstrand> uvirtbot`: just simmer down already :P
<uvirtbot`> jdstrand: Error: "just" is not a valid command.
<mathiaz> uvirtbot`: chussh
<uvirtbot`> mathiaz: Error: "chussh" is not a valid command.
<jdstrand> mathiaz: (that last url omits the '2007' part of the url)
<jdstrand> mathiaz: kees and I are planning to make that public once things are finalized on that
#ubuntu-server 2008-09-17
<joebob777as7> where would I go to talk about beowulf clusters or any linux cluster information?
<RoAkSoAx> joebob777as7, maybe the best place to talk about clustering would be in mailing lists :)
<RoAkSoAx> joebob777as7, what do you need to know?
<joebob777as7> wondering how well vmware esxi or esx server would work on a clustered linux box :) couldn't find anything online
<RoAkSoAx> joebob777as7, so you want to create multiple VM's and create a cluster based on those VM's or something like that?? Otherwise.. you'll just have to try it and test it :)
<joebob777as7> RoAkSoAx, no I want to build a hardware cluster for more processing power and then install esx on the cluster to have vm's as a way to build a 8 or 16 core server without paying for the server hardware
<RoAkSoAx> joebob777as7, well i guess it will work since esx suits for that... you just need to give it a try ;)
<joebob777as7> yeah I just didn't want to buy the hardware to find out it didn't work :)
<uvirtbot`> New bug: #271115 in samba (main) "Automatic upgrade in Ubuntu Hardy breaks Samba - 9-13-08" [Undecided,New] https://launchpad.net/bugs/271115
<owh> I'm seeing a "426 upgrade required" for cups on a gutsy server. I found bug 44931, which says that it's fixed. I can see the directory and the symlinks that are described here: https://bugs.launchpad.net/ubuntu/+source/cupsys/+bug/44931/comments/14, but the cupsys user does not exist. I'm confused why this is the case. Suggestions?
<uvirtbot`> Launchpad bug 44931 in cupsys "CUPS tries to auto-generate SSL key, fails" [Medium,Fix released]
<uvirtbot`> Launchpad bug 44931 in cupsys "CUPS tries to auto-generate SSL key, fails" [Medium,Fix released] https://launchpad.net/bugs/44931
<owh> I also note that the /etc/cups/ssl has these permissions: drwx------ 2 root lp 4096 2008-03-29 09:36 /etc/cups/ssl
<uvirtbot`> Launchpad bug 4096 in meld "meld: merge new debian version" [Medium,Fix released] https://launchpad.net/bugs/4096
<owh> Hmm, the 'bot thinks that I gave it a bug number to munch on :)
<owh> I can change ownership permissions, update the cupsys.conf file, add a user, none of which seems an obviously "correct" fix.
<owh> I've now compared this to another gutsy install, which shows that the cupsys exists there, but the second-working-gutsy is an upgrade from edgy-feisty-gutsy, where the non-working server was a fresh install. I'm still no closer to any idea why I'm seeing this, or how best to fix it.
<owh> s/that the cupsys/that the cupsys user/
<nullack> Hi server people :)
<nullack> I wrote a how to about getting a upnp server together for the xbox 360 sharing media
<nullack> Its at http://ubuntuforums.org/showthread.php?t=848144
<nullack> However, users on the server edition of Ubuntu cant compile it
<nullack> And I dont know why, they meet the dependencies
<nullack> We tried reinstalling a dependant lib but that didnt work
<owh> nullack: Any reason you're not just installing gmediaserver ?
<nullack> owh - please gimme a few mins to answer your Q properly
<owh> Sure
<nullack> owh - MS implemented a non standard upnp for the 360
<nullack> owh: gmediaserver does not use the special 360 mode
<nullack> owh: also the amount of dev activity on gmediaserver doesnt seem as high as others
<owh> nullack: Is there a bug report indicating that gmediaserver isn't operating wtih the 360?
<nullack> owh: Yes there is numerous entries on xbox 360 failures for gmediaserver
<owh> I'm asking because the packaged upnp server is gmediaserver. If it's broken people need to know. If it no longer provides required functionality and isn't being developed then a different upnp server needs to be found. None of this helps you compile your upnp server under u-server, but I'm getting to that :)
<nullack> owh : The ushare server is packaged in Ubuntu
<owh> nullack: So, there are bug reports in launchpad that describe this problem?
<nullack> owh : But that revision is highly broken
<owh> nullack: So, is there a bug report about that?
<nullack> owh : to be clear, the gmediaserver problems with the 360 are reported yes
<owh> The challenge I have is while I want to help you fix your specific problem, right now, it doesn't fix anything long-term, so I'm loathe to do anything until I've figured out if the real - long-term problem is addressed before spending energy helping you compile a package from source. I'm not trying to piss you off, but I could stay here all...
<owh> ..day and help fix little problems one at a time, rather than make Ubuntu better, which is what I care about.
<nullack> owh : I understand fully and I support your principles fully
<owh> Cool
<nullack> owh : Ive been down this road
<owh> So, my second question was, is there a bug report about ushare?
<nullack> owh : I cant submit a please update ushare right now due to ushare not having a new release
<owh> Ah
<nullack> owh : upstream are slow
<nullack> owh : I cant even compile the SVN of upstream
<owh> So, if you were to download the ushare source from ubuntu, that is apt-get src, can you compile that?
<nullack> owh : the ushare revision in Ubuntu is broken
<nullack> owh L there is patches, which I use
<owh> nullack: If the upstream SVN isn't compilable, then there are some major issues with their development process IMHO.
<nullack> owh : totally :)
<owh> Right, so, the reason I'm asking about the source package within Ubuntu, is that it has most likely got a bunch of build-depends, so it can be compiled.
<nullack> owh : Yes it can be, but the thing is, that revision is broken
<owh> I'm getting to the bit where you install those, then compile to prove that it works, then patch it, then have success.
<owh> So, lemmie get this straight. You can compile the ushare source from ubuntu, on ubuntu-server, regardless of the actual application being broken?
<nullack> I dont have Ubuntu server, I dont know about compiling on Ubuntu server
<hads> It's all the same packages
<owh> nullack: There is very little difference where you'd notice.
<owh> Yup
<nullack> hads : I know, and when we query apt-cache it says the dependencies are met
<nullack> Even reinstalling the dependent lib doesnt work
<owh> nullack: Step back a moment. You told us that you cannot compile. What causes you to say that?
<nullack> owh : its here http://ubuntuforums.org/showthread.php?t=848144&page=4
<nullack> owh : It does compile on Hardy and Intrepid desktops
<owh> Right, first of all, none of those comments show how they actually installed the source and it doesn't look like they did so properly. Gimmie a mo...
<nullack> owh : thanks
<hads> `apt-get -s build-dep ushare` whill show you the dependancies
<hads> I haven't read that thread to see if you've done that or not.
<owh> That was what I was looking for hads, thanks.
<hads> The -s is a dry run BTW
 * owh nods
<nullack> The following NEW packages will be installed:
<nullack>   autoconf automake1.7 autotools-dev cdbs fdupes intltool libavcodec-dev
<nullack>   libavformat-dev libavutil-dev libdc1394-22-dev libdlna-dev libdlna0
<nullack>   libgsm1-dev libraw1394-dev m4
<nullack> 0 upgraded, 15 newly installed, 0 to remove and 0 not upgraded.
<nullack> Inst m4 (1.4.11-1 Ubuntu:8.10/intrepid)
<nullack> Inst autoconf (2.61-7ubuntu1 Ubuntu:8.10/intrepid)
<nullack> Inst autotools-dev (20080123.1 Ubuntu:8.10/intrepid)
<nullack> Inst automake1.7 (1.7.9-9 Ubuntu:8.10/intrepid)
<nullack> Inst fdupes (1.50-PR2-1 Ubuntu:8.10/intrepid)
<nullack> Inst intltool (0.40.1-1 Ubuntu:8.10/intrepid)
<nullack> Inst cdbs (0.4.52ubuntu7 Ubuntu:8.10/intrepid)
<nullack> Inst libavutil-dev (3:0.svn20080206-12ubuntu1 Ubuntu:8.10/intrepid)
<owh> ;-(
<nullack> Inst libgsm1-dev (1.0.12-1 Ubuntu:8.10/intrepid)
<nullack> Inst libraw1394-dev (1.3.0-4 Ubuntu:8.10/intrepid)
<nullack> Inst libdc1394-22-dev (2.0.2-1 Ubuntu:8.10/intrepid)
<nullack> Inst libavcodec-dev (3:0.svn20080206-12ubuntu1 Ubuntu:8.10/intrepid)
<nullack> Inst libavformat-dev (3:0.svn20080206-12ubuntu1 Ubuntu:8.10/intrepid)
<nullack> Inst libdlna0 (0.2.3-0ubuntu2 Ubuntu:8.10/intrepid)
<nullack> Inst libdlna-dev (0.2.3-0ubuntu2 Ubuntu:8.10/intrepid)
<nullack> Conf m4 (1.4.11-1 Ubuntu:8.10/intrepid)
<nullack> Conf autoconf (2.61-7ubuntu1 Ubuntu:8.10/intrepid)
<nullack> Conf autotools-dev (20080123.1 Ubuntu:8.10/intrepid)
<nullack> Conf automake1.7 (1.7.9-9 Ubuntu:8.10/intrepid)
<nullack> Conf fdupes (1.50-PR2-1 Ubuntu:8.10/intrepid)
<nullack> Conf intltool (0.40.1-1 Ubuntu:8.10/intrepid)
<nullack> Conf cdbs (0.4.52ubuntu7 Ubuntu:8.10/intrepid)
<hads> Oh dear
<nullack> Conf libavutil-dev (3:0.svn20080206-12ubuntu1 Ubuntu:8.10/intrepid)
<nullack> Conf libgsm1-dev (1.0.12-1 Ubuntu:8.10/intrepid)
<nullack> Conf libraw1394-dev (1.3.0-4 Ubuntu:8.10/intrepid)
<nullack> Conf libdc1394-22-dev (2.0.2-1 Ubuntu:8.10/intrepid)
<nullack> Conf libavcodec-dev (3:0.svn20080206-12ubuntu1 Ubuntu:8.10/intrepid)
<nullack> Conf libavformat-dev (3:0.svn20080206-12ubuntu1 Ubuntu:8.10/intrepid)
<nullack> Conf libdlna0 (0.2.3-0ubuntu2 Ubuntu:8.10/intrepid)
<nullack> Conf libdlna-dev (0.2.3-0ubuntu2 Ubuntu:8.10/intrepid)
<owh> hads: This just proves our point :)
<nullack> Im confused, sorry
<hads> Firstly, please don't do that again :)
<hads> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<nullack> Ok, why?
<nullack> Oh, ok, sorry
<owh> nullack: The list that you just pasted is the list of things that are needed to build this application properly.
<nullack> Right, dependencies
<owh> So, your howto is broken :)
<nullack> For server?
<hads> In general, it's probably just the case that those dependancies are pulled in already on the desktop
<owh> nullack: Well, no, for the actual build of ushare.
<owh> Indeed.
<nullack> How do I determine what packages are not installed for the server build?
<nullack> by default :)
<owh> nullack: apt already worries about it, you should not.
<owh> nullack: You should install the build-deps for ushare, then proceed from there.
<hads> So you need to add that to your howto. `apt-get build-dep ushare`
<owh> nullack: The maintainer for ushare has already done this work for you :)
<nullack> I know apt-get wont install packages allready existing so I guess theres no harm in putting them all there
<owh> nullack: Yes there is harm.
<nullack> How so?
<owh> nullack: In a future universe, your howto will be incorrect, but apt-get build-dep won't be.
<nullack> Right, smart
<nullack> I get it
<owh> nullack: If it all of a sudden depends on shark-fins, your howto will need to be maintained, but the build-dependencies will already be up to date.
<nullack> Thanks very much
<owh> Pleasure.
<nullack> One thing though, why did it complain about a missing package that isnt actually missing? i.e. its missing something else
<nullack> A program error?
<owh> nullack: Because the ./configure command is trying to make do with what it has. It's not that smart. It can only test for things it knows about.
<nullack> Right
<owh> nullack: Autoconf and automake are smarter, but they were missing :)
<nullack> owh : I promise as soon as Ushare gets a new release I will contribute to the Ubuntu long term future by following it being upgraded
<nullack> Thanks to all who helped, legends :)
<owh> So, use the build-dep and your world will be happier :)
<nullack> Yes :)
<hads> Good on you nullack :)
<owh> nullack: You are already doing it by asking questions, learning and writing howto's.
<mylogic> rubble rubble
<didymus7777> Real quick question, when setting up a raid 1 system, does the drives the you want to "raid" need to unmounted?
<owh> didymus7777: Uhm, well, given that you're going to format it, yes.
<owh> didymus7777: I don't know how you would create a raid device without formatting, but I might be wrong.
<didymus7777> OK that helps, kinda, my problem is though Its a clean format
<didymus7777> and I thought I set it up right.
<owh> didymus7777: How did you set it up?
<didymus7777> well I have to hard drives drive a  / and swap.  Drive be same size but linux raid for first partion and linux raid same size for swap
<didymus7777> But I have a hunch that when I set up the first drive I did it wrong
<owh> didymus7777: Did you do this from a command-line, from an installer, using magnets -- how did you set up raid?
<uvirtbot`> New bug: #271184 in openssh (main) "ssh client not using correct identity key" [Undecided,New] https://launchpad.net/bugs/271184
<didymus7777> Actally I used webmin,
<owh> Aaargh.
<didymus7777> All I need is you to tell me to start over and I will :)
<didymus7777> No problem.
<didymus7777> I can and do use the command line
<owh> didymus7777: Well, before you do any of that...
<didymus7777> Idea!!  cool like thouse
<owh> didymus7777: I don't know how you'd use webmin on a running system, so there must be something you're not telling us.
<owh> At the moment using webmin to do this sounds like you used magnets :)
<didymus7777> Well, the one thing that I didnt tell you is Yes I am new to this raid thing, and I would have to say yes I am using magnets ... I think.  I do aplogise for my ignorance
<didymus7777> The system IS running already, with a os on it "ubuntu server" and I thought I could just set up raid with that.
<owh> didymus7777: When I say "magnets", I mean "some magic process that you're not telling us about" - and webmin qualifies :)
<didymus7777> I ran the install disk for the server
<didymus7777> OH well then yes
<owh> didymus7777: Is there any actual data on the server?
<didymus7777> other then the install no, and yes I am willing to start over agian.
<didymus7777> Do I need sometype of hard ware to make sure this raid works?
<didymus7777> or can it be all software
<owh> didymus7777: Well, I've just been reading a SuSE instruction set here which seems to indicate that you can do this on a running machine. For my money I'd let the installer do it, but since you already installed, have a look at it: http://linux.derkeiler.com/Mailing-Lists/SuSE/2003-11/3029.html
<owh> didymus7777: As for software raid vs. hardware raid, it depends on the load.
<didymus7777> I am going to guess that hardware is better
<owh> didymus7777: Some swear by hardware raid and never touch software raid, others don't have the hardware and make do.
<didymus7777> thats me
<didymus7777> I just wanted to make sure I could be done
<owh> didymus7777: Well, better is often a matter of requirements, horses for courses if you like.
<owh> didymus7777: Personally, the commands on the URL I showed you give me the willies and I would not use them. I cannot think of a good reason to bypass the installer to achieve this.
<owh> didymus7777: I'm sure that if you ask often enough, you'd find others that both agree and disagree with me.
<didymus7777> owh: OH that makes sence
<didymus7777> If I was to do this on the install how would you go about doing that. Ubuntu server comes not with the mdadm software and that's all I was seeing as far as setting this up.  If I set the partions up for raid it will not auto do it will it?
<owh> didymus7777: http://doc.ubuntu.com/ubuntu/serverguide/C/advanced-installation.html
<didymus7777> thank you thats what I wanted right there.  you have been a huge help
<owh> Pleasure.
<didymus7777> I will fallow this and get it done.  again thank you
<uvirtbot`> New bug: #271254 in drbd8 (universe) "drbd doesn't start: "No response from the DRBD driver! Is the module loaded?" but module is loaded" [Undecided,New] https://launchpad.net/bugs/271254
<kraut> moin
<Popz> hey
<Popz> i've just installed ubuntu server 8.04
<Popz> and 'w' is not showing any users as being connected
<Popz> when i'm connected from ssh
<Popz> i have an identical setup on another box and it shows the users that are logged in
<Popz> anyone know how to setup remote desktop from windows xp to ubuntu server 8.04?
<didrocks> Popz: not really. You can use VLC which is enabled by default
<didrocks> s/VLC/VNC
<didrocks> sorry :)
<didrocks> (but ubuntu server has no x server by default BTW)
<didrocks> no like windows server one
<didrocks> so, you have to setup one if you really want to have a "graphical" access to your server
<hads> Graphics are overrated.
<didrocks> hads: +1
<didrocks> it just adds an non-value and guide you into bugs you really don't want to deal with for a server.
<Popz> it'd be quite useful for some of the gameserver control apps i run
<Popz> the server has about 16GB ram
<Popz> so the graphics overhead is no problem :P
<Popz> 8GB physical, 8GB virtual
<hads> So, 8
<Kamping_Kaiser> hads, well said
<Kamping_Kaiser> Popz, so what are you actually trying to do? turn a server intoa  desktop, or ssh into the box?
<Popz> i need a visual environment for some applications, most of the time i'll be using ssh
<elnewb> Popz Do this:
<elnewb> *gimme a min while i type all the commands out
<Popz> sure... :p
<elnewb> sudo aptitude install xorg
<elnewb> sudo apt-get install ubuntu-desktop
<elnewb> startx
<elnewb> sudo apt-get install gdm
<elnewb> sudo /etc/init.d/gdm start
<hads> Ew
<Popz> i'd rather not install ubuntu-dekstop
<elnewb> then try gnome-core
<Popz> how can i view that remotely?
<elnewb> Once you have gnome-core installed
<elnewb> sudo apt-get install vino
<elnewb> Then get a VNC client on whatever PC you use as your desktop machine
<Popz> ok thanks
<Popz> i'll try it out
<_ruben> remote x ftw
<elnewb> Popz:  Any luck?
<remote> _ruben: ?
<ghaleb> hello, do anybody know how can I show the owner user in for each file in svn ?
<_ruben> remote: wasnt talking to you ;) .. "remote x" ftw :p
<remote> oh
<frith> I am looking for an imap server that does not require the user to have a local user account, accounts would come from ldap
<henkjan> !imap
<ubottu> IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol
<henkjan> dovecot does support ldap
<frith> hmm cyrus could well be the way to go
<ScottK-laptop> However dovecot is the one we primarily document and support in Ubuntu.
<frith> not worth it if you can auth from ldap
<ScottK-laptop> It all depends on how much help you want from Ubuntu docs and such.
<frith> i just don't want to sent ages setting up something that i can't manage from a directory server
<frith> oh seems like you can auth from ldap after all
<frith> I would love to stick all my config into an ldap server
<Koon> kirkland: about service --status-all, there are two ways imho of making the output (more) useful
<Koon> 1/ get rid of everything that doesn't have a status
<Koon> 2/ try to uniformize the output rather than letting all status actions echo their own thing
<Koon> one way of doing it is to call only scripts that have a status action, and just checking the return code, displaying all results in a table
<kirkland> Koon: right...  ideally, we'd have much better policies in Debian/Ubuntu as to status reporting
<kirkland> Koon: and these problems would go away
<kirkland> Koon: but I agree, that --status-all gives us 1 place to solve that
<Koon> you'd still need a way of telling which /etc/init.d/script should have a status
<kirkland> Koon: grep "status)" usually gets it
<Pizarro> Hello to everybody
<kirkland> Koon: they're almost *always* handled by a case statement
<Koon> Doing it in --status-all supposes an ideal world where all daemons have a status action that returns proper codes
<Koon> we might need to have a way of marking conformant scripts
<Pizarro> I installed poptop to my Ubuntu Server and everyhing is going ok, peoplle is able to coonnect remotly with VPN to our network, however we noticed that whenever sombody connects from outside, the people at internat networs side can't access our server, Can anyone help me please'
<kirkland> Koon: i'm not sure i like the idea of a static list ....  would be better to be more dynamic than that
<Koon> a specific comment in the initscript
<RediXe> running ./file.bin ... just returns me to a new line. It's supposed to start a setup wizard I believe ... trying to install KnowledgeTree
<Koon> kirkland: or even a specific action that would just point to status)
<kirkland> Koon: if we're going to touch a bunch of init scripts, i would just as soon fix them and get their status actions working properly
<Pizarro> Now sombody is connected with VPN to our server, but I can't get ping now from the server
<kirkland> Koon: before running the invoke-rc.d, i suggest we grep for "status)"
<Koon> Pizarro: looks like a network conflict
<RediXe> Nevermind, I just ran it on my desktop and it started up a GUI... server has no gui :(
<Koon> then use the return code to return [Started] or [Stopped] ?
<kirkland> Koon: and only run invoke-rc.d if a "status)" action is found
<nxvl> Koon: --status-all will show the status of every daemon running on my machine or i get the wrong idea?
<kirkland> nxvl: it will basically just run everything in /etc/init.d with the "status" action
<nxvl> kirkland: so yes
<kirkland> nxvl: unfortunately, not all Ubuntu init scripts have status actions
<Koon> nxvl: which makes up a noisy useless output
<kirkland> nxvl: and also, not all report status in the same way
<kirkland> Koon: i suggest we add a "--uniform" option, or something
<Koon> nxvl: lots of scripts in /etc/init.d are not about daemons, but rather one-time boot/stop actions
<kirkland> Koon: and if that is passed with --status-all, then we simply look at the error code
<Koon> kirkland: yes
<kirkland> Koon: and print [OK] or [NOT OK]
<nxvl> Koon: but the message saying that there is no status action goes to stdout? i think it goes to stderr, and if it is, it's easier to filter IMHO
<kirkland> nxvl: depends greatly on each script
<nxvl> Koon: well, yeah, but you understand what i meant :D
<nxvl> kirkland: right
<kirkland> nxvl: which are not required to follow a standard
<Koon> kirkland: sounds good, the only drawback is that it's difficult to point out a misbehaving script that doesn't handle return codes properly
<kirkland> Koon: which is why i suggest we leave --status-all as is, and add a compound parameter
<kirkland> service --status-all --uniform
<Koon> kirkland: maybe have a check mode that displays both
<kirkland> Koon: where we try to intelligently interpret/clean the results of --status-all
<Koon> * atd is started      [NOT OK]
<kirkland> interpret/clean/filter
<Koon> that would be easy to spot problems
<kirkland> Koon: i don't think we're going to get any of this into Intrepid
<kirkland> Koon: at least i would find it highly unlikely
<Koon> kirkland: oh no, it's more a general discussion -- in the meantime we should not advertise --status-all too much
<kirkland> Koon: fair enough
 * Koon looks up an example
<Koon> I seem to remember that rc-status --all in Gentoo had a pretty output
<Koon> can't find it, might need to reinstall to see ;)
<kirkland> Koon: i have a Fedora 9 KVM
<Koon> kirkland: search for rc-update --all in http://tinyurl.com/4ybsv6
<kirkland> Koon: its status-all output is pretty ugly too
<kirkland> Koon: nice
<kirkland> Koon: one minute, i'll pastebin the Fedora output
<Koon> I mean search for "rc-status --all" (no rc-update)
 * Koon should install a gentoo vm, the output was nicely right-aligned iirc
<kirkland> Koon: http://pastebin.ubuntu.com/47798/
<kirkland> Koon: that's from Fedora 9
<Koon> kirkland: ew.
<kirkland> Koon: well, it's better than ours
<kirkland> :-)
<Koon> rc-update uses runlevels to determine what should be running -- that's one way of doing it
<Koon> looping through /etc/init.d catches all those manually-started ones
<Koon> that said, removed packages (not purged) usually leave their /etc/init.d/ script behind
<Koon> could that screw up our output ?
<Koon> kirkland: ^^
<kirkland> Koon: definitely
 * Koon is not a big fan of LSB putting init scripts in /etc
<Koon> they are not configuration files.
<kirkland> Koon: it wasn't LSB that invented that one :-)
<kirkland> Koon: that's as old as Unix itself
<Koon> kirkland: but they mandate it, rigth
<kirkland> Koon: yeah
<Koon> kirkland: i seem to remember the rationale was that links in /etc/rc.d should not cross filesystems
<Pizarro> Did anyone configured POPTP?????????? for VPN connections?
<Pizarro> poptop sorry
<Pizarro> the manual web site is down
<Pizarro> and I just need to know how to grant VPN clientes to see each others not oblu the server
<Pizarro> in OpenVPN this was just a command line
<nandersson_> The number one MS Exchange replacement Zarafa is going 100% open source
<nandersson_> http://www.zarafa.com
<nandersson_> Bad news for Microsoft - good news for everyone else
<Pizarro> Hi
<Pizarro>  I have set a VPN server, the clients can connect but they only can ping the server, PLEASE I NEED HELP, thanks
<tristanbob_> anyone else having problems with Ubuntu 8.04 LTS locking VMware ESX 3.5?
<mathiaz> kirkland: do you think it would be possible to automate the testing of Boot-on-Raid option in -server ?
<kirkland> mathiaz: yes, i think so
<kirkland> mathiaz: i'd need some help with the preseed/kickstart file for the partitioning, etc.
<mathiaz> kirkland: right - could this be added to https://wiki.ubuntu.com/Testing/Cases/ServerInstall ?
<\sh> any heartbeat crack there? /me has a problem with using heartbeat and some bonded interfaces
<mathiaz> kirkland: I think I can sort out the automate part of it (preseed)
<mathiaz> kirkland: I'm more interested in the testing procedure.
<kirkland> mathiaz: my KVM testing is pretty throughly described on the BootDegradedRaid wiki page
<kirkland> mathiaz: but it boils down to "kvm -hda disk1.img -hdb disk2.img" for the installation
<kirkland> mathiaz: and then the two test scenarios are "kvm -hda disk1.img" simulating loss of disk2
<kirkland> mathiaz: and "kvm -hdb disk2.img" simulating loss of disk1
<mathiaz> kirkland: ok - I'll have a look at the wiki page and see if the testing instructions could be adapted to ServerInstall
<kirkland> mathiaz: you'd probably want to add a script in the preseed to put something in /etc/rc.local, to signal that it's up
<kirkland> mathiaz: wget http://10.0.2.2/AM_ALIVE :-)
<kirkland> mathiaz: and monitor the apache error log or something
<mathiaz> kirkland: right - this use case is a bit more complicated that the other.
<kirkland> mathiaz: other?
<kirkland> mathiaz: other what?
<mathiaz> kirkland: there are other test cases listed on ServerInstall
<kirkland> mathiaz: ah
<mathiaz> kirkland: eg mailserver, lamp, etc...
<kirkland> mathiaz: well, it would be great to automate this
<mathiaz> kirkland: I'd like to add a test case for RaidBoot
<kirkland> mathiaz: right, make sure that it boots from each disk
<mathiaz> kirkland: but the testing instruction will be different
<kirkland> mathiaz: oh, there is one trick...
<kirkland> mathiaz: let's say you boot degraded on disk1 alone
<kirkland> mathiaz: actually, strike that
<kirkland> mathiaz: what i was about to say is wrong ;-)
 * mathiaz forgets everything
<kirkland> mathiaz: right, so the test should be to first boot with both disks attached, ensure that both are up and actively synced
<kirkland> mathiaz: then boot from disk1, make sure it comes up
<kirkland> mathiaz: then boot from disk2, same
<kirkland> mathiaz: that's assuming you have BOOT_DEGRADED=yes
<kirkland> mathiaz: which you'll define in the preseed
<mathiaz> kirkland: right - and what happens if you boot from disk1 only after booting from disk2 ?
<mathiaz> kirkland: actually it doesn't make sense to test.
<kirkland> mathiaz: this is the complex scenario i was about to mention....
<kirkland> mathiaz: so let's say you boot with just disk1 attached
<mathiaz> kirkland: rather make sure that you boot from disk2 if you boot with disk1 and disk2 the third time
<kirkland> mathiaz: in the OS running on disk1, mdadm will mark disk2 as faulty
<kirkland> mathiaz: so if you then reboot with both disk1 and disk2 attached, you will still be running degraded
<kirkland> mathiaz: because the system doesn't know what went wrong, and doesn't trust disk2
<kirkland> mathiaz: at that point, if you know that disk2 is good, or perhaps brand new, you can add it back to the raid
<kirkland> mathiaz: mdadm /dev/md0 --add /dev/sdb1
<Vajiman> is there anyone willing to help me privatly with an ubuntu 8.04 server instaall with samba?
<kirkland> mathiaz: then you need to wait for the disks to re-sync
<kirkland> mathiaz: which will take a while, i use `watch -n1 cat /proc/mdstat` to monitor
<Vajiman> any help would be greatly appreciated
<kirkland> mathiaz: basically, all of disk1 will get copied to disk2
<mathiaz> kirkland: right - what about the following scenario:
<mathiaz> kirkland: Boot1. disk1 only - Boot2. disk2 only - Boot3 disk1 and disk2.
<mathiaz> kirkland: which disk should be used ? disk2 I'd guess
<kirkland> mathiaz: yuck, that's a really gross scenario
<kirkland> mathiaz: kvm will boot off of the first disk, -hda
<kirkland> mathiaz: so its mbr will be read
<kirkland> mathiaz: system will boot, but the data on those two disks have diverged
<kirkland> mathiaz: so it's really in a bad, unclean, dirty scenario
<kirkland> mathiaz: you'd want to force a rsync (if this were a real system)
<mathiaz> kirkland: right - but with BOOT_DEGRADED to yes what would happen ?
<kirkland> mathiaz: i don't think that has any effect, if i'm understanding you correctly
<kirkland> mathiaz: wait, i see what you mean
<mathiaz> kirkland: well disk1 and disk2 have diverged. BOOT_DEGRADED=yes means you want to boot no matter what - which disk is used ?
<kirkland> mathiaz: the one that BIOS (or KVM's pseudo BIOS) says to boot off of
<kirkland> mathiaz: -hda disk1.img will boot off of disk1
<kirkland> mathiaz: and the RAID will be degraded, running only on disk1
<kirkland> mathiaz: disk2 will just be a "Faulty" disk
<kirkland> mathiaz: that you can re-add, if you're confident that it's good media
<mathiaz> kirkland: right - that's the boot part
<mathiaz> kirkland: I'm interested in the RAID part
<kirkland> mathiaz: the re-add will trigger a complete resync
<mathiaz> kirkland: which disk will be used to create the degraded RAID array ?
<kirkland> mathiaz: the first one
<mathiaz> kirkland: hm - why ?
<mathiaz> kirkland: disk2 has fresher data than disk1 (from the RAID info) ?
<kirkland> mathiaz: because that's the one that BIOS/KVM said to boot off of
<Pizarro> Hi,
<mathiaz> kirkland: rather than discussing this, I think I'll just test it
<kirkland> mathiaz: even when both disks are in good shape, the MBR from the first disk is run
<kirkland> mathiaz: me too :-)
<mathiaz> kirkland: isn't booting and assembling the RAID array two orthogonal tasks ?
<kirkland> mathiaz: i have a few
<Pizarro> Can anyone help me with a VPN server I mounted in Ubuntu Server that is working but doesn't allow VPN clients to see my network ??? PLease, I am really deseperated
<Vajiman> is there anyone willing to help me privatly install a gui for samba?
<Vajiman> please?
<kirkland> Pizarro: Vajiman: you may try #ubuntu, if you don't get anything here
<Pizarro> kirkland, #ubuntu told me the same about #ubuntu-server
<Vajiman> ive been trying in there also, thank for the suggestion though
<kirkland> sorry, guys, this is one big volunteer effort
<kirkland> Vajiman: what gui do you want to use for Samba
<Pizarro> kirkland, I know and I appreciate it
<kirkland> Pizarro: looks to me like you may have routing issues
<mathiaz> Pizarro: are you pushing the correct routes to your clients ?
<Pizarro> kirkland, yes, everybody tell me same, but not how to solve it :)
<Pizarro> I don't know how to check that guys, routes, etc..
<Vajiman> jsut the desktop
<Vajiman> *just
<mathiaz> !server-gui | Vajiman
<ubottu> Sorry, I don't know anything about server-gui
<Pizarro> I will appreciate if oyu can give me a hand on this, I have been working on this since today on mornig
<mathiaz> !servergui | Vajiman
<ubottu> Vajiman: Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<kirkland> Vajiman: what are you trying to do with samba that requires a gui?
<kirkland> mathiaz: Wow, I stand corrected....
<mathiaz> Pizarro: have you looked at the Openvpn documentation page ?
<Vajiman> ok, ty ill look
<mathiaz> Pizarro: http://openvpn.net/index.php/documentation/howto.html
<Pizarro> I have to finish this asap, and I am seriously think giving up
<kirkland> mathiaz: i tested your scenario, and my raid is running just on -hdb disk2.img
<mathiaz> Pizarro: there is a comprehensive collection of how-to there
<mathiaz> Pizarro: http://openvpn.net/index.php/documentation/howto.html#scope <- should cover your issue
<kirkland> Vajiman: are you on Ubuntu Desktop, or Ubuntu Server?
<kirkland> Vajiman: are you trying to host a share, or mount one on another machine?
<RediXe> Anyone know of a way to install KnowledgeTree without installing a desktop on the server?
<Pizarro> mathiaz, thanks I will try
<kirkland> RediXe: no idea what KnowledgeTree is
<RediXe> Document management software
<RediXe> It has a file.bin and when you run it, it starts up a gui installer
<Vajiman> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Pizarro> mathiaz, that is for OpenVPN, I am using POPTOP, ppptdp,
<mathiaz> RediXe: have you tried to forward your X connection when you log on your server via SSH
<Pizarro> mathiaz, OpenVPn is very complicated cause you ahce to set up certifications, etc..
<kirkland> RediXe: that's not really "supported" by the Ubuntu community.  I mean, if it works, great.  But if not, there's very little we can help with.
<kirkland> RediXe: if you want to try what mathiaz says, it's "ssh -X ..."
<Vajiman> to install ebox am i supposed to type "sudo apt-get install "^ebox-.*" exactly like that?
<RediXe> I will try that
<Vajiman> anyone?
<mathiaz> Pizarro: have you looked at the PopTOP documentation - http://poptop.sourceforge.net/dox/diagnose-forwarding.phtml ?
<mathiaz> Pizarro: ^^ seems that outlines the problem you have
<Vajiman> mathiaz: me?
<kirkland> Vajiman: sudo apt-get install ebox
<kirkland> Vajiman: there are other packages available, related to ebox, some you may want, some not
<kirkland> Vajiman: apt-cache search ebox
<Vajiman> readin package list... done
<Vajiman> building dependancy tree
<Vajiman> reading state information... done
<Vajiman> e: couldn't find package box
<kirkland> Vajiman: sudo apt-get update
<kirkland> Vajiman: sudo apt-get install ebox
<Vajiman> i get a lot of w: filed to fetch's
<Vajiman> *failed
<kirkland> Vajiman: sounds like you're having network issues
<Vajiman> could not resolve
<Vajiman> i was kind of suspicious when it didnt ask for any networkd info
<Pizarro> Ok thank you for all, I give up, I am installing tomorrow Windows Server since we cna't lose more time on this
<Pizarro> thanks
<Vajiman> but i thought it was using dhcp
<Vajiman> i suppose i was wrong
<Vajiman> is there any way i can input my network settings?
<Vajiman> to get connected?
<kirkland> Vajiman: you can use the "ifconfig" and "route" commands
<kirkland> Vajiman: you can try restarting your network
<mathiaz> Vajiman: https://help.ubuntu.com/8.04/serverguide/C/networking.html
<kirkland> Vajiman: /etc/init.d/network restart
<kirkland> Vajiman: /etc/init.d/networking restart
<Vajiman> ok tyh
<Vajiman> *ty
<zul> git status
<zul> sorry
<Vajiman> it seems i can trun the /etc commands
<Vajiman> gives the error "-bash /etc/resolve.conf : no such file or directory"
<Vajiman> is etc a directory?
<kirkland> Vajiman: yes, /etc is a directory
<kirkland> Vajiman: it sounds like you have a bad installation, if you're missing /etc/resolve.conf
<Goosemoose> im trying to script install libpam-mount by , sudo apt-get -y install libpam-mount but it comes up with an ascii gui of sorts asking yes/no question
<Goosemoose> any idea on avoiding this?
<nxvl> kirkland: it's /etc/resolv.conf
<nxvl> kirkland: the script has a typo
<kirkland> nxvl: ew, that's a bug
<RediXe> My server is behind a router at the moment that isn't mine. Am I able to set ssh to listen on port 80 for the time being so I can access from home?
<nxvl> RediXe: yup
<nxvl> i have ssh's listenig to 21 and 443
<nxvl> :D
<nxvl> to aviod the university firewall
<nxvl> :D
<mathiaz> RediXe: why don't you use the standard port 22 ?
<nxvl> mathiaz: because he can't open port 22 in his router
<RediXe> mathiaz, I can't forward the port
<nxvl> IIRC
<nxvl> yes i get it right
<Goosemoose> dendrobates, with likewise-open installed will i still to use libpam-mount to network to a windows share using a script?
<mathiaz> RediXe: I'd suggest to use port 443 (https) instead
<mathiaz> RediXe: if you're ISP uses a transparent proxy for http traffic you won't be able to connect.
<RediXe> mathiaz, We are using another office's internet until our line's are installed and so I can't log into the router to forward the port. I'll give it a shot.
<nxvl> RediXe: but still port 80 must be redirected to your firewall
<nxvl> there wasn't an option about reverse tunneling
<RediXe> nxvl, must be redirected to my firewall?
<nxvl> nop
<nxvl> from your router to your server
<nxvl> as in redirecto por 80 to server
<danielm_mc> grr still can't get into #ubuntu today
<mathiaz> Goosemoose: what kind of questions are asked with libpam-mount ?
<Goosemoose> its asking about a conversion to a new xml format
<Goosemoose> yes/no
<Goosemoose> but -y doesn't cover it
<mathiaz> Goosemoose: which release are you using ?
<mathiaz> Goosemoose: oh - I see the code - there is a bug in there
<Goosemoose> doh, figures!
<mathiaz> Goosemoose: if you preseed libpam-mount/convert-xml-config to false
<mathiaz> Goosemoose: you won't be prompted
<dendrobates> Bug #279899
<RediXe> ssh -X didn't work :( ... guess I have to install xfce .... can't I do apt-get install xubuntu-desktop
<dendrobates> mathiaz zul: who is working on bug 279899?
<zul> dendrobates: gimme a sec to have a look
<zul> it doesnt exist?
<Boxici> hi there
<Boxici> i need some help
<jmedina> Boxici: what kind of help?
<Boxici> i need to know if i can add some subdomains at my server...
<Boxici> i have to register other domains or i just need to add some things in my config files...
<Boxici> i am a new user of ubuntu 8.04
<jmedina> well there is no need to buy a subdomain if you already own a TLD doman,
<jmedina> you just need to add records to your zones files
<jmedina> Boxici: by the way, what do you mean with add some subdomains?
<Boxici> i mean that i have a domain www.boxici.ro
<Boxici> and now i want to add to my host cs.boxici.ro
<Boxici> forum.boxici.ro
<Boxici> only those things
<jmedina> do you already have a DNS server working?
<Boxici> yes i am on it now
<Boxici> ubuntu 8.04
<jmedina> with bind9?
<Boxici> and the www.boxici.ro domain is forwarded to this computer
<Boxici> no i don't know how to work in bind9
<jmedina> so where is the dns server?
<Boxici> is my ip
<jmedina> o_O
<jmedina> did you install and configure a DNS server in your ubuntu machine?
<Boxici> no
<Boxici> i installed apache
<Boxici> 2
<Boxici> php curl and all that things
<Boxici> i type my ip in my browser and works
<jmedina> ok, then we are taking about different things
<Boxici> maybe i don't know so much about this things
<Boxici> i am new to ubuntu/linux OS
<jmedina> you mean apache virtual hosts, or virtual web sites
<jmedina> not DNS domains/subdomains
<Boxici> i didn't configure anything on it
<jmedina> Boxici: well you need to configure your apache web server and use virtual hosts
<Boxici> so... what i know for now is that my ip is my webserver ok?. ...and the domain www.boxici.ro is forwarded to my ip address
<Boxici> that's all i know
<jmedina> if you want, forums.boxici.ro, you need to add another record in your dns server, ask your dns admin/provider and point it to your ip address
<Boxici> oh... i thoght that i can add the subdomains my self on my apache server or something like that
<jmedina> and then configure a virtualhost in apache, this vhost will use forums.boxici.ro as ServerName and pint to the location of the furum application
<jmedina> nop, you need a way to let other people where to reach your "subdomain" that is where DNS enters
<jmedina> and then configure your web server to accept and pubish data for that domain (with virtual hosts)
<Boxici> how can i make and configure some DNS with bind9?
<Boxici> it will work if i manage to do that?
<jmedina> if you want to manage your own DNS server for boxici.ro you need to change some things (NS Records) at your registrar (where you buyed your domain) and point it to your ip address
<jmedina> and then install and configure your bind9 dns server
<jmedina> there is a chapter in the ubuntu server guide
<Goosemoose> mathiaz, ok ill try that
<grumpling> Who knows of a good open source listserv software?  I know of MajorDomo but am looking for other options as well.  Thanks!
<sommer> grumpling: you might look into mailman
<grumpling> Do you know if that's what lists.ubuntu.com uses?
<slangasek> it is.
<slangasek> (wow, does anyone still use majordomo?)
<grumpling> Great!  I was going to ask about that too.
<grumpling> I don't know.  I just remember that package name from years ago.
<grumpling> I work at a small college and we're looking at listserver replacements since our POS won't be able to move to Exchange 2007.
<Goosemoose> anyone have their home dir pointing to a windows share? I can't find good documentation on this for hardy
<slicslak> i'm inspecting a bunch of php files and looking for a viewer (not an editor) that will do syntax highlighting.  does less or cat support that?
<slicslak> Goosemoose, i wouldn't recommend it.   but what issue are you having with it?
<Goosemoose> slicslak, well i have the user logins authenticating against AD which works fine. Having a hard time getting any user folders mounted though
<Goosemoose> this is for a school so the students roam between machines
<Goosemoose> trying to use pam_mount seems to be the only way I can do this at login
<Goosemoose> but the documentation on pam_mount.conf.xml is throwing me off
<slicslak> so you want to automount a directory when a user logs in
<Goosemoose> yes
<Goosemoose> on windows i just have this setup via group policies
<Goosemoose> problem is i have the users split into 4 groups shared at server/students/2009 , server/students/2010, etc
<slicslak> ya, not sure, sorry
<Goosemoose> but if i can at least mount it to /server/students then they can go find their own user file
<Goosemoose> ok
<slicslak> you ought to be able to script it easily enough, but i'm not sure where you would hook the script as i've never had to do that
<Goosemoose> ok
<Goosemoose> back to google
<declassico> can someone please tell me how to execute files such as the /etc/resolv.conf file?
<declassico> hello?
<RogueEntity> You dont execute that file.
<RogueEntity> When you make changes to it, they take effect instantly.
<indi_> hello
<indi_> i have a internet connection sharing problem
<indi_> my xubuntu computer is connected with a usb modem via pppoa
<indi_> this make a ppp0 connection in ifconfig
<indi_> i've got a laptop with vista connected through crossed LAN to the xubuntu pc
<indi_> ...and i cant share the connection....
<indi_> easy :)
<RogueEntity> And you want your laptop to be able to connect to the internet through your ubuntu machine?
<indi_> yes i want :)
<RogueEntity> The simplest way I can think of, is to configure forwarding using IPTables.
<indi_> already do
<slangasek> you need to configure your xubuntu computer to enable packet forwarding, and to turn on NAT; I don't believe there's anything included by default in Xubuntu or Ubuntu that does this
<RogueEntity> But I am more familier with working through the command line, and not GUI's
<slangasek> you've turned on packet forwarding?
<indi_> torwarded ppp0 to eth0
<RogueEntity> I have an IPTables script you can use, you just need to edit it to suit your needs.
<danielm_mc> yeah but did you echo 1 /proc/sys/net/ip_fowarding
<danielm_mc> or wtfe
<slangasek> /proc/sys/net/ipv4/ip_forward
<danielm_mc> yeh :)
<indi_> so..
<indi_> ?
<indi_> what i can do?
<slangasek> what does /proc/sys/net/ipv4/ip_forward say on your system?
<indi_> how i can do that?
<RogueEntity> sudo cat /proc/sys/net/ipv4/ip_forward
<RogueEntity> It should return either 1 or 0.
<RogueEntity> Preferably 1 if you want forwarding to work.
 * danielm_mc notes the sudo is excessive
<slangasek> indi_: how did you configure iptables?  Are you following a howto for this?  A good howto should have covered this part, I would think
<indi_> ok ... just lol ... retourn is 0
<indi_> slangasek: yes howto from ubuntu
<RogueEntity> I posted my IPTables gateway script here (http://ubuntuforums.org/showthread.php?t=922646) if you want to use it, just modify it for what you need.
<indi_> i'll try :D
<RogueEntity> Basically all mine does, is allow incoming connections from the network, forward connections from the network to the internet, accept the reply packets from the internet, enable forwarding and NAT.
<slangasek> indi_: you will want to uncomment the line 'net.ipv4.ip_forward=1' in /etc/sysctl.conf, then run sudo /etc/init.d/procps start
<RogueEntity> Though mine goes on to poke holes to allow connections in to the webserver and SSH from outside, so I can remotely login (I use my server as a proxy to bypass content filters at college)
<mathiaz> jdstrand: does ufw support that kind of use case ^^ ?
<slangasek> AFAIK ufw doesn't try to do forwarding/NAT yet?  (I hope not, it's more important to get the host-based stuff right first)
 * jdstrand reading
<jdstrand> no it doesn't do NAT via the command line utility. but it provides the infrastructure to do so
<jdstrand> (eg, but editing /etc/ufw/*)
<jdstrand> s/but/by/
<sommer> :-) : http://doc.ubuntu.com/ubuntu/serverguide/C/firewall.html#ip-masquerading
<jdstrand> thanks sommer! I was just going to refer to that :)
<indi_> slangasek:  if i uncomment that line what will do??
<slangasek> it will turn on packet forwarding
<indi_> :)
<indi_> nice :)
<indi_> ok packet forward now works!!
<indi_> but vista laptop don't go to the net
<indi_> :(
#ubuntu-server 2008-09-18
<mathiaz> dendrobates: what do you think about moving partman-auto-raid to main ?
<mathiaz> dendrobates: that way RAID installation could be preseeded.
<dendrobates> mathiaz: I think that is fine.
<leonel> ScottK: are you working on    bug 271546 ?
<uvirtbot`> Launchpad bug 271546 in clamav "[hardy] Multiple unfixed CVEs" [Undecided,New] https://launchpad.net/bugs/271546
<ScottK> leonel: I thought you were?
<leonel> I am
<ScottK> Great.
<leonel> A saw your mail and  think you were  :)
<ScottK> Nope.  I meant you.
<andriijas> I have ubuntu-server on a laptop, anyone who knows how i can enable cpu speedstep so the cpu doesnt go for full spin all the time?
<_ruben> andriijas: install powernowd oughta do the trick i think
<andriijas> _ruben: thx
<andriijas> _ruben: does it do the trick automaticly or do i just apt get it?
 * delcoyote hi
<andriijas> hmm. that question was wierd. gues i havent waked up yet
<sander__> Hello everyone
<kgoetz> allo
<sander__> ive set up share folders on two ubuntu systems but as yet all they see is the windows computer.
<sander__> i want to share deb files from one ubuntu system to the other
<kgoetz> what sort of share?
<sander__> folder
<kgoetz> ...
<kgoetz> smb/nfs?
<sander__> ok in nautilus I right clicked the folder i wanted to share clicked 'properties' and then 'share' clicked all three boxes and then the 'share' button. samba was downloaded and installed
<sander__> i also rebooted after that
<sander__> oh and im running hardy heron
<kgoetz> this is an #ubuntu question, not one for -server
<sander__> well i gathered that server would mean networking
<sander__> lets say i wanted my second ubuntu system as a server
<kgoetz> when its running as a server, come and ask again. while its a 'i clicked in nautilus' question, its not relevent here
<sander__> meh
<kgoetz> sydneysiders.
<\sh> did anyone tested heartbeat2 (but with V1 config style) together with bonding interfaces? I have a problem with it, that heartbeat doesn't recognize when all cables are removed from the NICs and kernel just saying: "ok, bond interface doesn't have any active net connections anymore"...
<ghaleb>  hello, how can I print a list of directories and the size of each one ?
<_ruben> dh -h *
<_ruben> df -h *
<_ruben> (fat fingers)
<\sh> df -h is more on filesystem basis....
<\sh> ls -ladh * lists all directories from . including human readable sizes....
<\sh> and "find  / -type d -exec ls -lhd {} \;" just prints all directories in longformat + human readable sizes
<\sh> or "find  / -type d -exec ls -shd {} \;" just prints all directories in short format + human readable sizes (like: 4.0k <dirname>)
<Roy_M> Hi I am trying to configure westwood congestion control on ubuntu server. You do this by just changing the name in this file /proc/sys/net/ipv4/tcp_congestion_control . The problem is that for some reason, even running as root, it says that I do not have permission to modify this file. Does anyone here have any experience with this?
<_ruben> Roy_M: how are trying to alter that 'file' ?
<Roy_M> _ruben, I have tried modifing it with vi and also doing echo "westwood" > /proc/sys/net/ipv4/tcp_congestion_control
<_ruben> /proc entries being 'special', vi tends to no work .. with echo you'd need to do echo "westwood" | sudo tee /proc/....
<Roy_M> _ruben, that seems to work, what is special about this file that requires tee?
<_ruben> its not the file that requires tee .. when doing 'sudo echo blaat > /some/file', the echo is done as root, but the output redirection is done by your own unprivileged user
<_ruben> using 'sudo tee' works around that
<Roy_M> ahh, well thanks a lot for your help _ruben
<_ruben> no problem
<didrocks> jdstrand: around?
<esbek> hi
<esbek> what cpu's are supported by ubuntu 8.04 standard linux-image-server kernel?
<esbek_> is Celeron D 215/220 (1.2GHz) supported?
<hads> Should be fine.
<esbek_> thanks
<ghaleb> hello, I want to backup 200 GB into 40G tapes using cpio, how can I make parts or multiple tapes ?
<henkjan> ghaleb: http://linux.ncl.ac.uk/backup/
<henkjan> ghaleb: see the 'backup on cdr' part
<henkjan> its about splitting your backup into volumes of 650Mb. Its easy to take that script/oneliner and modify it for your usage
<ghaleb> henkjan: thank you
<esbek_> how to switch computer to use grub? or standard ubuntu kernel? i have slightly modified ubuntu (by ovh) with 2.6.24.5-grsec-xxxx-grs-ipv4-32 kernel and lilo ; installed grub, but system still uses lilo
<esbek_> sorry for my english :(
<soren> esbek_: ovh?
<esbek_> ovh.com - french hosting
<esbek_> ubuntu 8.04 lts distro that they install (choosen in their web manager) is modified that way
<sommer> morning
<ScottK> esbek_: Ubuntu uses grub normally, so if it's using lilo, that's something they've changed and you'll probably have to ask them.
<esbek_> :(
<Koon> sommer: wrote draft of the Tomcat6 section as an ubuntu-doc branch, see: https://code.launchpad.net/~tcarrez/ubuntu-doc/ubuntu-intrepid
<Koon> sommer: (whenever launchpad will catch up with my push)
<sommer> Koon: awesome
 * sommer looking
<Koon> hmm. not yet
<Koon> sommer: i did it as a web-servers.xml subsection, feel free to move it to a more appropriate place (if there is)
<sommer> Koon: I think that's the correct place, at least that's where I thought it would fit :)
<Koon> sommer: I had a problem with the push, repushing now
<Koon> sommer: will let you know when it's in
<sommer> Koon: that's cool, I was just about to attempt a merge
<Koon> I don't get why it's so slow
<Koon> sommer: it's in now
<uvirtbot`> New bug: #271772 in sysstat (universe) "iostat -k units are wrong when using large blocks" [Undecided,New] https://launchpad.net/bugs/271772
<Radiactive> hello, i have a question about usbadslmodemmanager ... at every startup the module ask me for password and say: The application 'lsusb -vvv' lets you modify essential parts of your system  (there is a way to get rid of this annoying windows??)
<Radiactive> any idea?
<CrummyGummy> Hiya, any openvpn maintainers here?
<uvirtbot`> New bug: #271777 in openvpn (universe) "Exit status 127 when starting openvpn when its already started." [Undecided,New] https://launchpad.net/bugs/271777
<mathiaz> zul: samba 3.2.4 has been realeased - only a bug fix apparently.
<mathiaz> zul: should we try to get it into intrepid ?
<mathiaz> zul: I'm not sure if debian will take it.
<RediXe> Anyone have success installing the DMS KnowledgeTree on 8.04 server?
<ScottK> Since Debian is in freeze for Lenny, we should probably worry about will they take it less than usual.
<Lamba> (joined at request from #ubuntu-motu)  - where would be the right place to request deb rolling of some code ? ebox has a deb in ubuntu repos together with a few of its modules, but ebox svn has code for other modules.
<mathiaz> Lamba: foolano is using a PPA IIRC
<mathiaz> Lamba: you may wanna ask him about it - (he is one of the ebox dev).
<Lamba> yea but i bugged him enough today about ebox coding :)
<zul> mathiaz: yeah we should according to the changelog Ive asked slangasek about it
<zul> mathiaz: ill poke it with a stick this afternoon
<RediXe> Anyone have success installing the DMS KnowledgeTree on 8.04 server 64 bit?
<RediXe> Trying to install a filename.bin and I chmod +x and then run it but it doesn't do anything. No errors just puts me on a fresh line. Ex: $sudo ./file.bin [enter] $
<RediXe> Is there any way to figure out what the issue is?
<sommer> RediXe: what kind of file is it?  try file filename.bin
<RediXe> sommer, it's the knowledetree stack installer. On the site it says to run the chmod +x and then to run ./file.bin ... if I just try file.bin I get command not found
<RediXe> sommer, tried file file.bin and I see ELF 32-bit LSB executable ... i'm trying to install on 64-bit server
<sommer> RediXe: that would be an issue... you'll need a 64 bit install file, or install knwoledge tree on a 32 bit system
<RediXe> guess I have to try and install from source :(
<sommer> RediXe: that'd probably work too
<RediXe> sommer, Yeah I thought the bin would work for both 32 and 64 but guess not
<_ruben> installing ia32-libs *might* help
<RediXe> _ruben, I can give it a shot
<RediXe> _ruben, Woot that seems to have helped it along :) .. got "Fontconfig error: Cannot load default config file" but seem's to be just font issue nothing important??
<_ruben> sounds warning'ish
<valpine8> hello I am new to servers can some one help me with ubuntu server
<RoAkSoAx> valpine8, good place to start is: https://help.ubuntu.com/8.04/serverguide/C/index.html
<valpine8> after trying to connect to the server I get mesaage "its works" but I am not able to see any folder or drive . Any help
<valpine8> after trying to connect to the server I get mesaage "its works" but I am not able to see any folder or drive . Any help
<ivoks> you have to configure web server
<RediXe> valpine8, Look's like you setup a LAMP server. The html files for it should be under the /var/www/
<ivoks> of course, web servers don't display whole directorty structure :)
<valpine8> i need to setup a domain server and local network
<valpine8> i followed http://www.howtoforge.com/samba_setup_ubuntu_5.10_p3
<valpine8> I am trying to connect my local windows client machine to my server which is ubuntu
<bn43> hi I'm looking for some advise on hardware specs for a fileserver
<bn43> I'm in south africa - we get most hardware componants here
<Scunizi> I'm looking for info on setting up RAID on server for a friend that's just converted from windows for his hosting business.
<bn43> I'm in south africa - we get most hardware componants here?
<bn43> can someone help me on suggested specs?
<Scunizi> bn43: takes time to get answers here.. you'll have to wait without getting frustrated..  You can also check in #linux.
<bn43> Scunizi: thank you for the advice - I will try #linux as well thanks
<Scunizi> bn43: np
<Jowi> hi everyone. what do i need to enable on a server install to get users-admin's buttons enabled? policykit is installed.
<Jowi> I didn't have this problem with the feisty install. I am a member of admin group but even for root it they are disabled. I can add/remove users normally with useradd.
<Pizarro> HI
<Pizarro> I configured a VPN server into my Ubuntu Server that it is correctly working. However when clients establish the VPN connection, after some seconds (40-50) it disconnects without any explanation. Can anyone help me on this please?
<uvirtbot`> New bug: #271922 in samba (main) "Default ACL not applied on files created through CIFS filesystem (mount.cifs)" [Undecided,New] https://launchpad.net/bugs/271922
<EvilDaemon> Is this a good place to shoot out questions for Ubuntu Server help?
<EvilDaemon> No?
<EvilDaemon> I'm going to ask anyways. :)
<EvilDaemon> I wrote a live CD (Can't remember what kind) and it said on bootup: "This kernel requires x86_x64 CPU, but only found i686 CPU
#ubuntu-server 2008-09-19
<EvilDaemon> So, uh, what did I do wrong? Made an x86_x64 cd?
<EvilDaemon> And then what kind do I need for my kind of box?
<slangasek> you need the i386 one instead of the amd64 one.
<EvilDaemon> okay, thanks.
<EvilDaemon> This server isn't hooked up to the internet. Can I sneakernet Apache, php5, etc.  Over to it?
<slangasek> those are included on the server CD; so for values of "sneakernet" that include "the install CD", yes
<philsf> how hard is it nowadays to setup a NIS+ on ubuntu? (I have used NIS in the past, and the docs made clear that NIS+ was pretty hard to do by then, some 8 years ago)
<slangasek> setting up a server, or a client?
<slangasek> AFAIK, there has never been support for setting up an NIS+ server with free software; by the time people got around to thinking about it, LDAP had taken over
<slangasek> I think Novell (SuSE) had a non-free NIS+ server implementation
<philsf> slangasek: I was thinking both client and server
<philsf> I'm in the very least, interested in the same thing NIS accomplishes, but securely. in a near future, I'd like to incorporate PIM features, as I understand it can do (LDAP). any pointers?
<philsf> by "what NIS accomplishes" I mean at least a remote login integrated with local file ownership
<uvirtbot`> New bug: #271942 in samba (main) "DBus Error samba " [Undecided,New] https://launchpad.net/bugs/271942
<youbuntu2008> I'm trying to 'insmod' my own driver to access parallel port, but parport0 has already got there earlier :-o   Then I tried to 'rmmod parport', but its says it's in use by ppdev,lp,parport_pc :~o~~  But, checking on 'ps -e' it doesn't show these processes. How to remove the current driver having parport??? :-)
<youbuntu2008> My `uname -r` = 2.6.24-19-server , and i installed it from downloaded ISO image from web.
<hads> In use by tells you the modules which are using it.
<hads> lsmod | grep par
<youbuntu2008> 'lsmod | grep par' returns zpar, parport_pc, parport. Actually 'zpar' is my driver I tried to 'insmod' once just now but it gave some error message.
<youbuntu2008> Tried to rmmod zpar but 'is in use'; tried to rmmod parport_pc but 'is in use'; finally rmmod parport_pc but 'is in use by ppdev,lp,parport_pc'. I think i'm gonna reboot the server.
<youbuntu2008> rebooting.... (BTW this is not a production svr :)
<youbuntu2008> OMG!!! During reboot, at 'Start up ...', the kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)     -- u think i can recover or correct this?
<youbuntu2008> already recovrin... foooohh!!!! (exhale)
<youbuntu2008> hads - thanks!!!
<youbuntu2008> bye bye
<lukehasnoname> mdz: /Off topic You have a wikipedia entry. Not only that, but it's listed as one of the main articles of the Linux portal in Wikipedia.
<kraut> moin
 * delcoyote hi
<remote> hi
<uvirtbot`> New bug: #272060 in likewise-open (main) "Missing DDNS update when a domain is joined" [Medium,In progress] https://launchpad.net/bugs/272060
<sommer> Koon: just committed the tomcat section, thanks again
<Koon> sommer: you're welcom !
<Koon> e
<uvirtbot`> New bug: #272132 in likewise-open (main) "Likewise Open starts at S20, then at S92 when a domain is joined" [Low,In progress] https://launchpad.net/bugs/272132
<uvirtbot`> New bug: #272134 in likewise-open (main) "[FFe] Update to 4.1.2982 bugfix microrelease" [Undecided,New] https://launchpad.net/bugs/272134
<raraujo> hi all
<raraujo> I got a dedicated server with ubuntu 8.04 on it and I only have root access, I created a user and I would like to have access to sudo commands, in 6.10 I could usermod -a -G admin user, but it seems group admin doesn't exist any more
<raraujo> can someone help me
<raraujo> please
<SchneeSchwarz> raraujo: if there really is no admin group (grep '^admin:' /etc/group) you could create it (addgroup --system admin)
<SchneeSchwarz> Or you could add your user account directly to sudoers (visudo)
<raraujo> thx I figured it out know
<raraujo> there was a group sudo
<raraujo> but in /etc/sudoers it was commented
<raraujo> but now I have another problem
<raraujo> bahs completion doesn't work properly as user
<raraujo> if I try to vi /et<TAB> it doesn't wokr
<raraujo> vi /et-sh: <( compgen -d -- '/et' ): No such file or directory
<raraujo> -sh: <( eval compgen -f -X '*.@(o|so|so.!(conf)|a|rpm|gif|GIF|jp?(e)g|JP?(E)G|mp3|MP3|mp?(e)g|MPG|avi|AVI|asf|ASF|ogg|OGG|class|CLASS)' -- $(quote_readline $cur) ): No such file or directory
<raraujo> but as root it works and also if I don't put anything like vi/cd or so in front of the path it works
<raraujo> any ideas why?
<raraujo> thanks a lot for your help and c u
<zul> mathiaz: for samba-3.2.4 changelog should we list all of our Debian changes again?
<mathiaz> zul: is it a merge ?
<zul> nope its new
<mathiaz> zul: so no - the changelog entry should list what has changed between the last upload/entry and the current one.
<zul> Im just trying to figure out what I should put in the changelog other than its a New upstream version
<mathiaz> zul: new upstream version with a list of LP bugs that it may fix.
<zul> k
<mathiaz> zul: you could also list the mini changelog entry from the annoucement
<zul> yep
<mathiaz> zul: http://paste.ubuntu.com/48329/ <- I'd include that part in the changelog entry
<zul> gotcha..
<zul> mathiaz: test building..
<espacious> can someone help wit this eroor
<espacious> PHP Warning: PHP Startup: Unable to load dynamic library
<espacious> http://pastebin.com/m29b19e19
<espacious> Your PHP installation appears to be missing the MySQL extension which is required by WordPress.
<espacious> some modules for php are missin i presaude
<sommer> espacious: do sudo apt-get install php5-mysql
<espacious> sommer
<espacious> now i reinstalled php5
<espacious> seem ok
<sommer> cool
<espacious> seems ok
<espacious> but
<espacious> pages load from outside but from inside only in IE lol not in Firefox
<espacious> strange
<espacious> firefox still ask to save a file
<espacious> also in IE crashes
<espacious> damn
<sommer> espacious: you might try restarting apache
<espacious> im reboting the whole pc
<espacious> also my workstation brb
<espacious> sth is causing problems
<espacious> still the same
<espacious> firefox wont open localy
<espacious> externaly no problem
<espacious> i think now its an apache thing
<lukehasnoname> Is anyone U-S for KVM-based virtualization (multiple VMs, production environment)?
<lukehasnoname> just curiou
<lukehasnoname> s
<mathiaz> lukehasnoname: I'm using it.
<lukehasnoname> hm
<mathiaz> zul: we should have a look at the latest upload of mysql in debian.
<mathiaz> zul: there may be important fixes that have been uploaded that are worth porting to 5.0.67
<lukehasnoname> Idea: Dynamic web environment builder: Linux/Apache/(MySQL||PostgreSQL)/(PHP||Python||Perl||Ruby) auto configured at or immediately after tasksel
<trashguy> get rid of ruby and perl then maybe
<lukehasnoname> damnit
<trashguy> lulz
<Izinucs> lukehasnoname: check on #ubuntu-server
<trashguy> ?
<Izinucs> oops.. I am on "server.. " sorry just noticed that..
<Izinucs> too many open channels.
<kiko> hey there
<mathiaz> hi kiko
<kiko> question for KVM people: is it possible for the host to access a guest's filesystem directly?
<mathiaz> kiko: while the guest is running ?
<kiko> yeah
<mathiaz> kiko: if so - you could use a network file system to do it.
<kiko> mathiaz, NFS being the most obvious?
<mathiaz> kiko: yes
<mathiaz> kiko: what do you want to do exactly ?
<kiko_> mathiaz, considering running PQM jobs inside a KVM
<mathiaz> kiko: and you'd like to copy the job inside the guest ?
<kiko> mathiaz, well, I need to kick off the job, so there's that, but I also want to read the log and figure out if it succeeded or failed.
<kiko> I realize I could write a server to run on the client and allow manipulation that way
<mathiaz> kiko: right - I'd tend to try to pull things from the guest in that scenario
<kiko> was just musing
<kiko> right.
<mathiaz> kiko: I've been thinking about that use case too while doing automated iso testing.
<mathiaz> kiko: and I've experimented with the client pulling stuff from the server
<kiko> mathiaz, really! we should swap notes. I only just thought about doing it.
<mathiaz> kiko: I don't think that having a server runing on the guest and pushing things to the guest is the best way to do it.
<mathiaz> kiko: a pull architecture seems more appriorate in that use case IMO
<kiko> mathiaz, in part I agree because you'd want the guest to be as untainted as possible
<kiko> mathiaz, so exporting via NFS for instance is pretty transparent
<kiko> but running a service etc less so
<mathiaz> kiko: right - and it scales better also
<mathiaz> kiko: I've taken that use case as an excuse to play with couchdb
<mathiaz> kiko: http://incubator.apache.org/couchdb/
<kiko> yeah, I know of that project
<mathiaz> kiko: for each test case (which is a guest) a document is created. inside there is the test script to run.
<mathiaz> kiko: and the guest just needs to know the document id/url and pull and the things from there.
<mathiaz> kiko: it can also push all the information it wants (such as log, debug info, etc...)
<kiko> interesting plan
<mathiaz> kiko: and then you can just look at the document to see where the test case is.
<mathiaz> kiko: couchdb has an integrated scripting/search engine to create views.
<mathiaz> kiko: so you can create your own views to see which test cases have failed, and then drilled down to the failure and look at the logs.
<kiko> I'm going to take a look at it
<kiko> it looks interesting
<mathiaz> kiko: awesome - let me know what you came up with.
<kiko> mathiaz, will do. thanks for the help!
<howdy1234567890> hi... i installed/setup an ircd properly, it's running... though am unable to connect with a client, any ideas?
<howdy1234567890> I'm not sure why I'm unable to connect to my fresh ircd install. . . it is set up and everything.
<howdy1234567890> i followed these steps exactly: http://www.irchelp.org/irchelp/ircd/h7setup.html
<zul> which ip address is it bound to?
<howdy1234567890> ah was i just disconnected... (sigh) well that could be one problem, though it's not my internet, it was working fine when i attempted to connect.
<howdy1234567890> test123
<howdy1234567890> test 1 2 3
<howdy1234567890> am i on ?
<howdy1234567890> ok i'm back on now... i was disconnected.
<howdy1234567890> (sigh) well that could be one problem, though it's not my internet, it was working fine when i attempted to connect.
<howdy1234567890> I just received the message "which ip address..." from zul, though if anyone said anything before that i missed it. :(
<howdy1234567890> If the ip address question was going to me... it's an active ip, on a website i run, on another server... it's running.
<howdy1234567890> just can't seem to connect.
<compengi> if i built window manager like nautilus and other applications from ubuntu server's edition. would it more memory as in ubuntu's gnome distro?
<howdy1234567890> am i in the wrong channel?
<compengi> would it eat*
<bytor4232> compengi: No
<compengi> bytor4232, but i would require to install Xorg right?
<howdy1234567890> ah, where should i go to ask about irc server?
<compengi> howdy1234567890, you are building IRCD?
<howdy1234567890> i built
<howdy1234567890> i followed these steps exactly: http://www.irchelp.org/irchelp/ircd/h7setup.html
<compengi> i think if things related to that IRCD built, you should better ask them in their dev's channel
<howdy1234567890> uh
<howdy1234567890> ...well it's pretty generic.
<howdy1234567890> And "hybrid" doesn't appear to have a chan in here
<compengi> in that site, it's stated where the support is
<howdy1234567890> ah
<Fenix|work> Question on UFW ...
<Fenix|work> ... can I use iptables commands to set up routes with UFW?
<jdstrand> Fenix|work: routes? like your routing table?
<Fenix|work> I want to do a series of redirects for specific ports for squid
<jdstrand> Fenix|work: the ufw command does not have that functionality. hover, the ufw system lets you do anything that iptables can do.
<jdstrand> s/hover/however/
<Fenix|work> nice
<Fenix|work> so I can disable UFW and just use iptables directly then
<jdstrand> Fenix|work: look in /etc/ufw/*rules for where to put them and see https://help.ubuntu.com/8.04/serverguide/C/firewall.html
<jdstrand> Fenix|work: you can always use straight iptables of course
<jdstrand> Fenix|work: however, if you want to still take advantage of the ufw command with some added advanced functionality of iptables, just use ufw like normal, and add appropriate iptables commands to /etc/ufw/*.rules
<jdstrand> Fenix|work: you'll get a lot for free that way (eg, dhcp, avahi, etc work, logging, boot script, etc)
<Fenix|work> jdstrand, what do you mean about a lot for free... could you elaborate on that just a tad?
<jdstrand> Fenix|work: I thought I did...
<jdstrand> Fenix|work: with straight iptables, it all up to you to make sure the rules survive on reboot
<Fenix|work> I have the propensity to be dense :)
<jdstrand> Fenix|work: you need to decide on logging
<jdstrand> Fenix|work: if it is a general purpose firewall, you'll also need to make sure other things work right
<jdstrand> like dhcp, or avahi, or other things
<Fenix|work> I actually want minumal firewall... I'm creating a new gateway.  I have a firewall further up the connection that handles all rules and such.
<jdstrand> Fenix|work: if the only thing you want to do is redirect, maybe a few rules in a script is all you need
<Fenix|work> but because this gateway is also a squid proxy I need some redirects so that port 80 requests end up in squid
<jdstrand> Fenix|work: do you want a host-based firewall on this machine?
<Fenix|work> nope... this gateway is attached to a firewall.
<jdstrand> Fenix|work: then probably just adding a few iptables commands in /etc/rc.local would be enough
<Fenix|work> I just want it to pass everything through, except for the squid stuff which I'll handle with -A PREROUTING commands
<jdstrand> Fenix|work: but that gives you no management or anything else...
<jdstrand> see the above link I gave for how to do that with iptables
<jdstrand> s/that/that type of thing/
<Fenix|work> the serverguide link?
<jdstrand> yes
<Fenix|work> ok
<jdstrand> though it talks about nat only, not redirects
<jdstrand> but you'll get the idea
<Fenix|work> yeah
<Fenix|work> thanks jdstrand much appreciated
<jdstrand> np
<Fenix|work> I may take advantage of ufw's logging functionality but using iptable rules
<jdstrand> Fenix|work: then add your rules to /etc/ufw/*.rules and set your default policy to ALLOW
<jdstrand> (in ufw)
<jdstrand> see man ufw for details
<Fenix|work> ufw default allow
<jdstrand> yep
<jdstrand> (then do 'sudo ufw disable ; sudo ufw enable'
<Fenix|work> prerouting rules go in before.rules ?
<jdstrand> Fenix|work: yes, but be sure to add them in the nat table
<jdstrand> Fenix|work: like in the server guide:
<jdstrand> *nat
<jdstrand> <your rules>
<jdstrand> COMMIT
<jdstrand> Fenix|work: put that at the top of before.rules
<Fenix|work> and the rules are written as if it were the iptables command without the iptables command itself
<jdstrand> (that's discussed in 'ufw Masquerading' in the guide)
<jdstrand> Fenix|work: basically. the specific syntax is 'iptables-restore'
<Fenix|work> so in nat... -A PREROUTING -i eth0 -p tco --dport 80 -j REDIRECT --to-port 3128
<jdstrand> change tco to tcp and you should be in business
<Fenix|work> hehe... typo
<jdstrand> Fenix|work: you may also want to add ':PREROUTING ACCEPT [0:0]' right after the '*nat' line
<jdstrand> tha'll set the default policy to ACCEPT and reset the counters on reload
<bdmurray> kirkland: do you know much about cryptsetup?
<jdstrand> Fenix|work: also, if you haven't already, set net/ipv4/ip_forward=1 in /etc/ufw/sysctl.conf
<kirkland> bdmurray: i do not...  i've used it to encrypt my swap, that's about it
<kirkland> bdmurray: something specific you're looking for?
<jdstrand> (then disable and enable)
<bdmurray> http://people.ubuntu.com/~brian/tmp/cryptmount-message.png
<bdmurray> whether or not I should report that about crypt-setup or ?
<kirkland> bdmurray: actually, yeah, i see the same thing on my laptop every day, and every day i mean to report it, but always forget once my browser and everythign is running
<kirkland> bdmurray: looks to me like some stuff might be missing from the initramfs
<kirkland> bdmurray: like /lib/lsb/init-functions (the log_*_msg)
<kirkland> bdmurray: and /sbin/udevsettle
<bdmurray> kirkland: great, I'd seen it in kvm and wasn't sure if it was related to it
<kirkland> bdmurray: file it, and subscribe me to it
<kirkland> bdmurray: i might be able to fix those, possible
<kirkland> bdmurray: i've been dorking around in initramfs more than i care to admit lately :-)
<bdmurray> heh
<kirkland> bdmurray: priority is probably "low", because I'm not seeing any ill-effects
<kirkland> bdmurray: and i've had those errors for months now
<zoredache> does anyone know of an http(s) reverse-proxy that can will to the http authentication on the proxy?  We have a web server on our internal network that we can't change.  We need to make it available to the world if someone can authenticate to the proxy...  I have proposed ssl/ssh based VPNs but that was vetoed from on-high
<mathiaz> zoredache: have you looked at the apache proxy module ? It may fit your scenario.
<Fenix|work> jdstrand, thanks a lot
<Fenix|work> have a good one
<jdstrand> np-- you too
<zoredache> mathiaz: a little, you don't happen to know of a configuration sample somewhere that is close to what I am trying to do?
<mathiaz> zoredache: not from the top of my head - try to google for apache reverse-proxy
<bdmurray> kirkland: submitted
<kirkland> bdmurray: just in time...  http://pastebin.ubuntu.com/48417/
<kirkland> bdmurray: that will silence the log_*_msg errors in cryptsetup
<kirkland> bdmurray: but i'm looking at initramfs-tools, to see if we can just add /lib/lsb/init-functions and /sbin/udevsettle into the initramfs
<kirkland> bdmurray: actually, it's simpler than that....
<bdmurray> kirkland: oh?
<frith> hi, i was looking at graphing systems
<frith> i was wondering if there is something more complete than cacti
<uvirtbot`> New bug: #272306 in openssh (main) "apt-get doesn't work properly on ssh-ed pc" [Undecided,New] https://launchpad.net/bugs/272306
<zoredache> frith: graphing of what?   Are you looking for a network monitoring applicationor?
<frith> zoredache, well i like collecting as much as i can io throughput, cpu, net, disk etc, my switch, etc
<frith> like cacti
<frith> just cacti takes ages to setup
<zoredache> I don't know of anything that is easier to setup.  Zenoss, and Opennms are both tools that will monitor and collect data...
<mathiaz> frith: have you looked at munin ?
<frith> those two are a bit bloated for what i was after
<frith> mathiaz, isn't that purely plugin based?
<mathiaz> frith: what do you mean by purely plugin ?
<mathiaz> frith: there is a plugin system IIRC
<frith> to get info into it, you have to install the plugins on each box
<mathiaz> frith: IIRC yes.
<frith> i think i will try and find an snmp based system
<zoredache> how about just mrtg?
<mathiaz> frith: both munin and cacti support snmp.
<frith> cacti is better
<mathiaz> frith: they're mainly focusing on the graphing part
<frith> mathiaz, cacti is fine, apart from its not very complete
<mathiaz> frith: while snmp is geared towards collecting the data to graph.
<frith> zenoss is kinda funky, point it at a system and it does the rest pretty much
<garrettkajmowicz> I have an upgrade problem:  My server is running 6.10 and I want to upgrade (I only recently discovered that there is a useful upgrade tool).  Anyways, I run do-release-upgrade and it rewrites the sources list to include everything for feisty, but then complains that it can't pull the entries for edgy (because edgy is no in old-releases).  Any idea how I can make this work sanely?
<NCommander> garrettkajmowicz, I assume you want to upgrade to hardy, right?
#ubuntu-server 2008-09-20
<NCommander> garrettkajmowicz, ping?
<garrettkajmowicz> NCommander: Anything more recent would be good.
<garrettkajmowicz> Sorry - phone call with relatives.
<NCommander> first try do-release-upgrade -p
<garrettkajmowicz> I c an always do a multistage upgrade.
<NCommander> If that doesn't work, I'll talk you through doing a direct dapper->hardy upgrade via editing sources.list
<garrettkajmowicz> Trying...
<mathiaz> NCommander: considering that he's running edgy, I wouldn't recommend to upgrade to hardy directly.
<NCommander> No, he's running dapper
<mathiaz> This upgrade path (edgy -> hardy) has never been tested.
<NCommander> The do-release-upgrade tried to upgrade him to edgy which doesn't exist anymore
<mathiaz> NCommander:  My server is running 6.10
<NCommander> garrettkajmowicz, you are running dapper, or did I misunderstand you
<mathiaz>                           and I want to upgrade
<NCommander> Er
 * NCommander shoots his foot :-)
<NCommander> Ok
<NCommander> My mistake
<NCommander> I thought he was running dapper, not edgy (I thought dapper = 6.10)
<garrettkajmowicz> NCommander: Currently 6.10 - edgy
<NCommander> garrettkajmowicz, it will require multiple upgrades to get you to the current release
<garrettkajmowicz> That's fine - the first one's going to be hard.  -p gave me the same problem as before.
<NCommander> (it might be possible to go straight to hardy, but it might also break your system, this is the only sane way)
<NCommander> Yeah
<NCommander> No problem
<NCommander> do sudo nano /etc/apt/sources.list
<mathiaz> garrettkajmowicz: if do-release-upgrade doesn't work, you can try apt-get dist-upgrade
<garrettkajmowicz> NCommander: Opened for edit.
<mathiaz> garrettkajmowicz: it's not really supported, but for servers there is good change it will work.
<NCommander> mathiaz, the problem is do-release-upgrade trying to get its updated core from the repos, but edgy been removed from the mirrors
<NCommander> And then do a search and replace for edgy, and replace with feisty
<NCommander> ^- garrettkajmowicz
<uvirtbot`> NCommander: Error: "-" is not a valid command.
<NCommander> -_-;
<NCommander> stupid bot
<garrettkajmowicz> Should I convert old-releases.ubuntu.com to archive.ubuntu.com as well?
<NCommander> Yes
<NCommander> garrettkajmowicz, yeah. We're going to upgrade you to feisty by hand, then you can do do-release-upgrade to go from feisty to gutsy to hardy
<garrettkajmowicz> OK - edit complete.
<NCommander> Save and close
<NCommander> type: sudo aptitude update
<NCommander> (this will prepare aptitude to do the actual upgrade, the next command will update your system)
<garrettkajmowicz> Oops - missed a case of old-releases.
<garrettkajmowicz> I assume I should shut down unneeded processes like the web server...
<NCommander> garrettkajmowicz, nope, aptitude will take care of that as needed
<garrettkajmowicz> Update complete
<NCommander> Ok
<NCommander> sudo aptitude dist-upgrade
<NCommander> This will take a LONG time depending on how many packages you need to update, but once its done, you'll be running Feisty Fawn
<garrettkajmowicz> Cool.  Now fetching package 2/351.  This should take about 2 hours to download.  Hopefully you'll be around in the unlikely event that something goes wrong then.
<NCommander> Once thats done
<NCommander> Run do-release-upgrade to go from feisty to gutsy, and again to go to hardy, which is the current LTS
<NCommander> (what we just did was what do-release-upgrade pretty much does internally)
<garrettkajmowicz> Cool.  I've done that before and it's really quite nice.  I ran into the same problem with my desktop, but I kludged a different solution.  I created a local merged repository on my desktop containing both edgy and feisty, which allowed the dist upgrade to work.  That took 2 days to do, and I knew there had to be a better way!
<NCommander> Ew
<NCommander> Yeah
<NCommander> This is the easier way ;-)
<garrettkajmowicz> Thank you so much.
<NCommander> Just remember to keep your system more up to date next time if possible ;-)
<garrettkajmowicz> Well, until about 3 months ago I didn't know about/trust the upgrade tools.  My main experience with that had been Mandrake (ick), or Windows (they have 20k engineers - how can upgrade NOT work?).  So I had planned to wait until I couldn't take it any longer and do a complete upgrade.
<garrettkajmowicz> Ie re-install.
<NCommander> Heh
<NCommander> Upgrades on Ubuntu pretty rarely break
<NCommander> Its a fairly well tested process as long as you don't attempt to jump releases
<garrettkajmowicz> Hmm.  Since We're on the subject - my laptop has the same problem.  What scares me it that it uses LUCKS (encryption) for everything but a 200M boot partition, and I'm nervous that things might go boom.
<NCommander> I can help you upgrade
<NCommander> But I recommend that you hug your backup first
<garrettkajmowicz> Yeah.  My laptop doesn't actually have much on it.  It does mail by IMAP and most everything is dumb internet videos or dupliucate copies of documents which are out of date by 8 months.  I guess there's my freecell stats, but I'm not too worried.  I'm going to wait until my server works before I try something a little more risky, though.   :-)
<NCommander> heh
<NCommander> normally after each upgrade you should reboot, however, given that your simply going from release to release, its not necessary to reboot until after hardy is install
<garrettkajmowicz> I *expect* to loose my laptop.  People think it's valuable (I bought it used for $200 3 years ago), and it's likely to be dropped.
<garrettkajmowicz> OK - once download is done (198/351) we can start all over again
<garrettkajmowicz> ! :-)
<NCommander> Yeah
<NCommander> Well, this is what you get for not upgrading ;-)
 * NCommander is shot
<garrettkajmowicz> Long day, or perforated?
<NCommander> Huh?
<garrettkajmowicz> Err - you are shot.  That either implies fatigue (you've had a long day), or that you've been shot with a projectile (thus having hole(s) in you, thus perforation).
<garrettkajmowicz> It sounded funnier in my head...   :-)
<NCommander> -_-;
<NCommander> how goes the upgrade?
<garrettkajmowicz> Downloading 386/351
<garrettkajmowicz> OK - done fetching.  Now extracting.
<garrettkajmowicz> Some problems with Apache - but I can deal with those later.  Regenerating the initramfs
<NCommander> 386/351 O_o;
<NCommander> Errr
<garrettkajmowicz> OK - I ran into a problem with configuration.
<garrettkajmowicz> NM - diff just took 3 minutes
<garrettkajmowicz> Unpacking more stuff while I manually update the mdadm config files...
<garrettkajmowicz> OK - upgrade is done (though Wordpress isn't working correctly at the moment...)
<garrettkajmowicz> Should I try another update, reboot, or try to get current applications working correctly?
<garrettkajmowicz> OK - let's go for a reboot!
<garrettkajmowicz> See you on the flip side (loosing network connectivity momentarily)
<garrettkajmowicz> Awesome.  A reboot and wordpress is working again.  Now to check mail services...
<garrettkajmowicz> Looks good, too.  I guess I'll move forward to the next version and see how that works.  Thanks for all your help!
<NCommander> no problem garrettkajmowicz
<frewsxcv> how many gigabytes are in one U?
<hads> Huh?
<frewsxcv> hads: how much storage do you get with this? https://serverpronto.infolink.com/colopronto/order.php
<hads> No idea, ask them.
<hads> http://en.wikipedia.org/wiki/Rack_unit
<MythbuntuGuest38> 54
<ghaleb_> hello, I get this error when I start my freeradius server: Error: rlm_eap: Unable to load EAP-Type/peap, as EAP-Type/TLS is required first.
<randomlogic78> I just installed Ubuntu 8.04 LTS Server Edition and I want to put the server on my wireless network with a D-Link AR5212.  Do I need to install everything from scratch, or is madwifi support built into the server edition?
<tacone> hello, I need a lightweight smtp for local website testing. any suggestion ?
<sommer> tacone: ssmtp works well for that type of situation
<tacone> nice, thanks
<sommer> welcome
<mib_h5z0mp66> how to Installing Ubuntu 8.04 server in Virtual PC 2007
<randomlogic78> I followed the directions on this site -> http://madwifi.org/wiki/UserDocs/802.11i to set up my wifi card on Hardy-server and I'm not getting connected to my network.  When I try to ping the router, the network is unreachable, and the link light blinking slowly on my nic
<randomlogic78> sudo wpa_supplicant -w -Dwext -i ath0 -c/etc/wpa)supplicant.conf repeats the error "No such device" and "Could not set interface 'ath0' UP
<Crewsr3> Can I set up a server that everyone can get to but lock down the content filtering part of just one user.  Is it as simple as user rights?  I'm installing Dansguardian and I want to be the only person that can access those settings
<Crewsr3> I also have webadmin set so so would I have the same setting for web admin access
<randomlogic78> On bootup my server gives the error that apache can not determine my domain name and it uses 127.0.0.1 instead... how do I set the domain name?
<blue-frog> just a warning, not an error
<blue-frog> give a FQDN in /etc/hosts
<randomlogic78> thanks... just added the FQDN to hosts and rebooting now
<blue-frog> reboot?
<randomlogic78> I'm still annoyed that I have to run two commands to connect to my wireless network though, I wish this would happen at boot.
<randomlogic78> I suppose I could have restarted apache, but don't know how yet
<blue-frog> server? on wireless?
<randomlogic78> yea
<randomlogic78> I know, everyone thinks it's strange... but it's the best solution for me
<lukehasnoname> am I crazy or does visudo use nano in ibex
<jac> hi
<D3RGPS31> under LAMP, my virtualhosts arn't responding to .htaccess files, any suggestions?
#ubuntu-server 2008-09-21
<ghaleb__> hello, when I start my freeradius server, I get the following error: rlm_eap: Failed to link EAP-Type/tls: rlm_eap_tls.so: cannot open shared object file: No such file or directory
<linuxonlinehelp_> hello @ all, does anyone knows setup of "Bionic"?
<linuxonlinehelp_> to keep power of 3 servers as one virt.
<frith> being an idiot i forgot to bookmark the page with the information on how to configure n-way replication for ldap
<frith> hmm i can get the ldap to replicate but not the config
<uvirtbot`> New bug: #272712 in mysql-dfsg-5.0 (main) "package mysql-server 5.0.67-0ubuntu5 failed to install/upgrade: BalÃ­k je ve velmi Å¡patnÃ©m, nekonzistentnÃ­m stavu - pÅed" [Undecided,New] https://launchpad.net/bugs/272712
<ghaleb__> hello, how can I get rlm_eap_tls.so module to run freeradius server ?
<d7415> After a postfix update a while ago, I started getting the error: "__fop_file_setup:  Retry limit (100) exceeded" "postalias: fatal: open database /etc/aliases.db: File exists" whenever postalias or newaliases is run, including on install. This results in Postfix being listed as "not fully installed or removed" by apt-get. I have used find (as with sudo) and cannot find the aliases.db file anywhere, which seems to make a nonsense of the "file exists" erro
<Bassetts> hi, I am trying to setup a mail server on my VPS and I keep getting "Relay access denied" when sending a message from or to the server.
<Gargoyle> Is there a prefered way to run rsync daemon under ubuntu?
<Gargoyle> Anyone got any good tips for rsync security? I have set hosts allow = just the IP of my remote machine. Is that enough?
<Kamping_Kaiser> i'd recomend doing it over ssh myself
<Gargoyle> Instead of running the daemon?
<Kamping_Kaiser> yeah.
<Deeps> likewise
<Gargoyle> Do I still leave my rsyncd.conf and use the module paths?
<Kamping_Kaiser> i've never used rsyncd. sshd executes rsync
<linuxhelp_de> yepp
<linuxhelp_de> runs stable and secure..
<Gargoyle> Kamping_Kaiser: So do you just use full destination paths? (eg. rsync /var/www/ user@host:/var/www
<Kamping_Kaiser> Gargoyle, man page will help, but in short - `rsync -avze ssh path user@host:path
<Kamping_Kaiser> `
<linuxhelp_de> is there a way to hold file rights with rsync without to tar /var/www?
<Kamping_Kaiser> linuxhelp_de, ownership?
<Kamping_Kaiser> doesnt -a do that?
<linuxhelp_de> yes
<Gargoyle> linuxhelp_de: The a option does that... Well, technically its a bunch of options, but they can all be applied with -a
<linuxhelp_de> i made my backup skripts with rsync -avz /source/  user@IP:/dest
<Kamping_Kaiser> when i run by hand i use --progress
<linuxhelp_de> the problem is that i have diffrent second admins for /var/www files, not root, but crontab runs out of root
<linuxhelp_de> -a set the file rights, but skripts over crontab set owners to root
<linuxhelp_de> i will test something later
<linuxhelp_de> the most backupskripts uses a TAR to pack all /var/www into a archive then send it over net to Backupengines
<linuxhelp_de> bye make a break now
<d7415> After a postfix update a while ago, I started getting the error: "__fop_file_setup:  Retry limit (100) exceeded" "postalias: fatal: open database /etc/aliases.db: File exists" whenever postalias or newaliases is run, including on install. This results in Postfix being listed as "not fully installed or removed" by apt-get. I have used find (as with sudo) and cannot find the aliases.db file anywhere, which seems to make a nonsense of the "file exists" erro
<Gargoyle> d7415: /etc/aliases.db is its normal location
 * Gargoyle is one step closer to happyness.
<Gargoyle> Finally getting round to a remote backup for my webserver.
<d7415> gargoyle: yup - it's not there
<Gargoyle> do you have a file called /etc/aliases (should be plain text)?
<d7415> yes
<d7415> but not aliases.db
<Gargoyle> what happens if you run newaliases (as root) ?
<d7415> martin@lapserv:/etc$ sudo newaliases
<d7415> [sudo] password for martin:
<d7415> __fop_file_setup:  Retry limit (100) exceeded
<d7415> postalias: fatal: open database /etc/aliases.db: File exists
<d7415> big pause before the retry limit from all the retrying
<Gargoyle> odd!
<Gargoyle> Is it possible you have an error in your aliases file that it's not catching?
<d7415> possible...will check through again
<d7415> it all appears to be in the correct format (certainly one which used to work)
<Gargoyle> d7415: Nothing extra in syslog or messages to help you out?
<d7415> ooh - i looked in the mail logs before, stupidly didnt think to look in syslog...
<d7415> Sep 21 16:51:10 lapserv postfix/smtpd[1803]: fatal: open database /etc/aliases.db: No such file or directory
<d7415> Sep 21 16:51:11 lapserv postfix/master[4527]: warning: process /usr/lib/postfix/smtpd pid 1803 exit status 1
<d7415> Sep 21 16:51:11 lapserv postfix/master[4527]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
<d7415> looks about the same message really though, and responses rather than causes
<d7415> ooh
<d7415> the mail log has "fatal: open database /etc/aliases.db: No such file or directory" rather than "File exists"
<d7415> i'm not sure how that can work
<d7415> (that's mail.err)
<d7415> nothing in messages
<Gargoyle> d7415: Not much more I can think of, never seen anything like that before!
<d7415> ok, well thanks for trying
<frith> i am reviewing the openldap docs for intrepid and i am trying to setup my ldap replication
<frith> i seem to have loads of errors in my log file saying it can't bond to the remote server
<uvirtbot`> New bug: #272812 in samba (main) "package samba 3.0.28a-1ubuntu4.5 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/272812
<uvirtbot`> New bug: #270395 in samba (main) "cannot resolve windows host name" [Undecided,New] https://launchpad.net/bugs/270395
<NCommander> soren, ping
<uvirtbot`> New bug: #268974 in mysql-dfsg-5.0 (main) "MySQL Socket Sharing in OpenVZ" [Undecided,New] https://launchpad.net/bugs/268974
<MasterShrek> can anyone help me with pam authenticaion and dovecot? cant seem to authenticate
<Gargoyle> MasterShrek: Possibly... lemme dig up my old notes!
<Gargoyle> MasterShrek: Oops, nope. I used a MySQL database.
<frith> this is weird, my cn=admin users keeps getting deleted
<frith> i wonder do i need a different user per server
<frith> damn you ldap
<frith> damn you replication why are you deleting my admin user
<d7415> ARGGHHH - for anyone following my problem, aliases.db DID exist, but was named /etc/__db.aliases.db. deleted it and all is well
<frith> http://pastebin.com/m347e394c
<frith> anyone seen this before?
<frith> replication that likes to delete the admin user
<citizen42alpha> hello chaps.
<frith> gu
<frith> hi
<Gargoyle> Two quick questions. 1.) Is setting the sticky but for my /var/www/xyz directories the correct/best way to make sure all future content created in those directories retains the mywebuser:www-data ownership? and 2.) Does that apply recursively, so will sub directories retain those permissions?
<frith> 1, i think so, 2, -R
<thenewguy> e
<Gargoyle> poo nope. I made a test file and that got ownership of mywebuser:mywebuser (not in the group www-data) :(
<guntbert> Gargoyle: wo's the owner-group of /var/www/xyz ?
<Gargoyle> myuser:www-data
<Gargoyle> I think I am looking for the -s flag, not the -t flag
<blue-frog_> Gargoyle: you need to use ACL
<frith> setting the sticky bit will do the job
<Deeps> s is setuid
<Deeps> t is sticky
<Gargoyle> hmm, I have tried with just s and with both s and t.
<Gargoyle> the files in the sub directories are getting the correct owner webuser:www-data, but they loose the group write permission
<Gargoyle> *lose
<Gargoyle> Just having some rsync trouble. I think I'll just make it so both systems have the same users.
#ubuntu-server 2009-09-14
<marshall_> i've installed apache, I want to host a site under /var/www/jeff so that whenever you go to <my server's ip>/jeff it takes you there and recognizes it as a virtual host. What would the virtual host entry look like?
<slestak> hey guys.  setting up a tinyproxy + dansguardian server at home for this kids.  the docs at ubuntu.com (community, i know) appear to have a typo.  wonder if im reading it incorrectly.  one place says to change dansguardian from the default port of 3128 to 8888, then it says to test your proxy on 8080?  this makes no sense to me.
<slestak> url in tlking about is https://help.ubuntu.com/community/Servers/DansGuardian
<slestak> s/this/the
<slestak> well, regardless of how it looks, it works.  strange.
<slestak> when i proxy to 8888, it doesnt work, to 8080, it does filter.
<slestak> thx
<AnAnt_> Hello, debian made a new release of mutt that Recommend default-mta instead of exim4, which means, that it no more needs merge, but sync
<twb> AnAnt_: that is probably an issue for -motu or -devel
<soren> Oh, they finally did the default-mta thing?
<DizzyDoo> hi, just trying to set up my static IP with my fresh Ubuntu Server installation by following this tutorial: http://bit.ly/EPWDi . I have confirmed I have put in my ISP's nameservers correctly, but I am unable to ping google, what should I look into?
<AnAnt> soren: yup
<KurtKraut> DizzyDoo, are you able to ping 208.69.38.160 ?
<DizzyDoo> KurtKraut, that ip, like all the others, are 'unreachable'
<KurtKraut> DizzyDoo, your ISP does not offer a DHCP server... you have to configure the static IP manually?
<DizzyDoo> KurtKraut, is that not what I have been doing?
<KurtKraut> DizzyDoo, I am asking if your ISP has a DHCP server from where you could pick up the IP address easily instead of being oblighated to configure it manually.
<DizzyDoo> KurtKraut, I'm sure it does have a DHCP server, but I specifically require a static IP
<KurtKraut> DizzyDoo, I am asking this because DHCP servers can offer a static IP address too, based on your MAC ADDRESS.
<blue-frog> DizzyDoo: we got that. does it work when your IP is set on dhcp?
<DizzyDoo> KurKraut, ah okay, I had to phone my ISP in order to get a static IP though, so I don't think it's based on my MAC address (although it could be)
<DizzyDoo> blue-frog, it works when set on dhcp, so clearly, something I have typed in is not correct, but I have no idea what
<jmarsden> DizzyDoo: Default route may be incorrect?
<blue-frog> DizzyDoo: the error message is   connect: network is unreachacble, correct?
<DizzyDoo> blue-frog, correct
<blue-frog> DizzyDoo: is your card up and running?
<blue-frog> DizzyDoo: ifconfig eth0 up
<KurtKraut> DizzyDoo, do you have more than one ethernet card in your hardware?
<DizzyDoo> KurtKraut, just the one
<DizzyDoo> blue-frog, the card is running, yes
<blue-frog> DizzyDoo: what's it's address?
<DizzyDoo> blue-frog, how can I find out it's address?
<blue-frog> DizzyDoo: wow
<KurtKraut> DizzyDoo, please tipe in your terminal the following command: ifconfig
<blue-frog> DizzyDoo: you just set it , right? you don't rememeber where you set it?
<KurtKraut> DizzyDoo, the information display is exactly how your ISP told you to set?
<KurtKraut> *displayed
<DizzyDoo> blue-frog, set 'it'? forgive me, I have no idea what 'it' is, I should of thought it quite clear I have very little clue at all about linux here
<DizzyDoo> KurtKraut, the information in the nameservers resolv.conf is as my ISP has provided. I don't think that's the main problem right here, more to do with the network IPs I have provided
<jmarsden> DizzyDoo: /sbin/ifconfig eth0     will display info about how eth0 is configured... KurtKraut was suggesting you check that, not DNS.
<DizzyDoo> jmarsden, ah right, I'll try that now
<DizzyDoo> right, it's running on inet 192.168.1.100
<blue-frog> DizzyDoo: ping 192.168.1.100     gives what?
<DizzyDoo> blue-frog, a series of successful pings are displayed, and their times taken
<blue-frog> ok
<jmarsden> DizzyDoo: 192.168.1.100 is probably not the static IP your ISP gave you... so either you have a router between the Ubuntu machine and the Internet, or you misconfigured that eth0 interface
<ttx> soren: do you agree the eucalyptus task in bug 422870 is "invalid" (bug was in euca-commons-ext and was fixed) ?
<uvirtbot> Launchpad bug 422870 in eucalyptus-commons-ext "Eucalyptus cloud controller fails to start" [Undecided,Fix released] https://launchpad.net/bugs/422870
<DizzyDoo> jmarsden, I do have a router between my Ubuntu machine and the internet, yes
<jmarsden> Then that router is where you configure the static IP, not in the Ubuntu machine :)
<DizzyDoo> but the router has the static IP configured correctly, surely. I'm connected to freenode right now through it
<jmarsden> DizzyDoo: Does the router provide DHCP to your local LAN?  If so, set the Ubuntu server eth0 back to using DHCP.
<DizzyDoo> jmarsden, I'll do that now
<soren> ttx: /me looks
<soren> ttx: Oh, yes, definitely.
<ttx> ok, I was wondering, since you set it to Triaged after opening the commons-ext task :)
<soren> ttx: Not everything I do is supposed to make sense.
<soren> :)
 * soren goes to grab a snack
<uvirtbot> New bug: #422870 in eucalyptus-commons-ext (main) "Eucalyptus cloud controller fails to start" [Undecided,Fix released] https://launchpad.net/bugs/422870
<uvirtbot> New bug: #427937 in krb5 (main) "dependency problem for krb5-kdc in intrepid" [Undecided,Incomplete] https://launchpad.net/bugs/427937
<soren> Interesting. I'm consistently getting better throughput from host1 to vm-on-host2 than from host1 to host2 (as reported by iperf).
<soren> Not by much, but still.
<soren> The former ranging from 931 Mb/s to 936 Mb/s, and the latter between 924 Mb/s and 929 Mb/s.
<ewook> I'm getting really weird results with iperf =(
<soren> Weird how?
<uvirtbot> New bug: #429286 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/429286
<garymc> anyone know if i can remotley access my office router?
<garymc> i need to open some ports on the router but im 9 miles away right now, so if there is a way of doing that without going back to the office that would be good?
<_ruben> depends on which ports are already open
<_ruben> and 9 miles aint all that much :)
<garymc> no, but its a pain in the arse
<garymc> can i do it?
<_ruben> depends on which ports are already open
<garymc> ok ports 21 21 80
<garymc> 22
<garymc> ok i reckon i cant
<_ruben> 22 .. that means you should have ssh access, and thus can do pretty much anything on it
<garymc> well i can get ssh access to a server on that port but no my router
<garymc> nope I need to get to the main broadband router at the office
<garymc> looks like ill have to go there
<garymc> What about checkin UDP ports are open from herE?
<_ruben> login on that server and then use a ssh tunnel to access the appropriate ports on the broadband router
<zul> morning
<_ruben> afternoon :)
<garymc> im using winscp32 how would i do a tunnel on that software?
<garymc> ok anyone know how to test if a UDP connection is open on a particular ip?
<clusty_> hey. some qt code cannot compile on the server. complains about a lib missing: cannot find -lgobject-2.0
<clusty_> any clue whatsoever what packages provides this?
<clusty_> all serches inside packages were useless
<_ruben> garymc: use a ssh client like putty instead
<whalesalad> hey guys, a startup of mine running on debian boxes (small custer, 1 front-end, 2 app, 1 db) is really struggling all of a sudden. app servers are swapping like mad and have almost no free memory, any idea how to debug this?
<garymc> yeah i got putty too
<garymc> but dont knwo how to do this tunneling thing
<pmatulis> garymc: "ssh tunnel" is an abused term, forget about it.  what you want to do is set up your reachable server as a proxy that will contact the router
<pmatulis> garymc: unfortunately, i don't use putty so you need to research how to do this
<garymc> ok i dont know how to do that, is there a simple way of testing if UDP ports are open to my server?
<pmatulis> garymc: nmap can do this
<garymc> what do i need to put in the nmpa text to test?
<pmatulis> garymc: what?
<pmatulis> garymc: you can install cygwin on your windows box to get a more native unix ssh client or of course just use linux/ubuntu
<pmatulis> garymc: (in order to use the proxy idea)
<garymc> ive installed nmap on my server in the office. I can ssh to it
<garymc> and run an nmap command in the Server CLI
<pmatulis> garymc: good
<Jeeves_> Anyone here using kvm professionally?
<Jeeves_> As in, offer kvm to customers?
<soren> Jeeves_: Yes :)
<Jeeves_> soren: Also the latter?
<soren> Jeeves_: Sure.
<Jeeves_> soren: What do you use for management and access for customers?
<soren> ttx: Do you remember why Eucalyptus need to be able to tunnel ethernet frames? EBS is specific to an availability zone, so why does it need tunnelling between clusters?
<soren> Jeeves_: You may need to refine your initial question. I work for Canonical. kvm is supported in Ubuntu by Canonical.
<soren> Jeeves_: Canonical does not offer hosted virtual machines.
<ttx> soren: IIRC in multicluster use, EC2 provides a VPN to other availability zones, for any purpose
<ttx> not just EBS
<Jeeves_> soren: :)
<soren> ttx: Yes, but ethernet tunelling seemed to be a requirement.
<soren> ttx: ...and I'm not sure why that is.
<ttx> soren: I think that EC2 provides layer-2 tunneling to that effect... so Eucalyptus mimics it.
<soren> ttx: If they could live with basic IP tunneling, they could just use the in-kernel tunelling.
<Jeeves_> soren: Nevermind, I think I know the answer allready. :)
<Jeeves_> There does not seem to be a usable frontend for kvm to do 'hosted' kvm
<ttx> soren: that would not be strictly equivalent to what EC2 provides. But I agree with you it should satisfy 95% of use cases
<soren> Jeeves_: /If/ I were to offer virtual machines to customers, I'd probably use something along the lines of zinn: http://www.niftyname.org/about/
<ttx> soren: question is... do we prefer unsupported (and using a broken encryption scheme) that does exactly the same as what EC2 does... or something that works but isn't strictly equivalent
<soren> Jeeves_: Are you sure EC2 lets you speak raw ethernet across availability zones?
<soren> I'm not.
<Jeeves_> soren: I guess you meant ttx there? :)
<Jeeves_> soren: Thanks, I'll look into niftyname
<soren> Jeeves_: Sorry, yes.
<soren> ttx: Are you sure EC2 lets you speak raw ethernet across availability zones?
<ttx> soren: I'm not. I thought the eucalyptoids would know, though.
<soren> ttx: I seem to remember that AoE factored into it, and I don't quite understand why.
<orudie> will my website break if i move it from /var/www to /var/www/mywebsite.com for example ?
<_ruben> could be
<Jeeves_> orudie: If you don't change your webserver configuration it will, obviously
<kpettit> orudie: you would need to change your apache configuration to match your new location.  Not to hard.  Depending on your web app through it might have some hard coded file locations
<orudie> kpettit-> yeah i'm thinking about using vhosts
<kpettit> orudie: that's pretty easy to do and very common.
<kpettit> is this a remote server or a desktop server?
<orudie> remote
<kpettit> You can see some examples in /etc/apache2/sites-available and sites-enabled
<kpettit> I do alot of testing on my local ubuntu desktop so I just mess with my /etc/hosts file.  Makes it easy to test virtual hosts before I commit a DNS or Apache change
<kpettit> orudie: This is a pretty good ubuntu type guide for doing vhosts.  http://ubuntu-tutorials.com/2008/01/09/setting-up-name-based-virtual-hosting/
<Jeeves_> soren: Do you know a nice howto for this niftyname stuff?
<Jeeves_> There's not really a howto-setup-document
<Jeeves_> the API is very much documented, byut the rest... :)
<soren> Jeeves_: Sorry, no.
<Jeeves_> soren: Hmm :)
<Jeeves_> That's a shame
<Maleko> on *nix, what people usually use to setup socks 5 proxy?
<giovani> Maleko: what would you like to use the SOCKS proxy for?
<ahasenack> Maleko: openssh can behave as a socks5 proxy server
<ahasenack> Maleko: I think it's the simplest way
<Maleko> giovani: tunnel traffics from some applications..
<Maleko> and ahasenack, yeah openssh but it needs a ssh client to create the tunnel
<soren> I'd be hard pressed to find a system without an ssh client on it.
<soren> I don't see how an ssh client is worse than a big, dedicated socks server.
<giovani> the openssh client can creats a SOCKS4/5 proxy easily
<giovani> I suggest using it
<Maleko> soren: this is actually gonna be a public socks proxy..
<giovani> Maleko: public SOCKS proxies are a bad idea
<KurtKraut> soren, using SSH would require permanent TCP connection. He'd have to handle with disconnects.
<giovani> you're going to get your internet connection abused very badly, and possibly get yourself in some legal trouble
<Steve[work]> morning everyone
<soren> Steve[work]: I disagree.
<Maleko> giovani: sorry not really public but it will be used by a closed group of users
<soren> Steve[work]: I have data that strongly suggests that it is no longer morning and that is hasn't been for quite a few hours.
<zul> afternoon soren
<giovani> Maleko: I don't see why they shouldn't each have their own SSH-tunneled SOCKS proxy then
<soren> Maleko: How about you describe what you are trying to achieve instead of unveiling it a tiny bit at a time?
<soren> zul: Thaaaaat's right.
<Maleko> giovani: because not all of them are familiar with ssh and those techinical things
<giovani> Maleko: but they're familiar with SOCKS?
<giovani> it's just as technical
<Maleko> is there ways to make the proxy authenticates login through username and password?
<giovani> sure
<Maleko> without using putty ofc
<soren> ofc?
<soren> Oregon Fried Chicken?
<Maleko> of course*
<giovani> "of course" I believe
<Maleko> :D
<soren> I see.
<Maleko> giovani: so whats the solution?
<giovani> use a socks server?
<soren> Maleko: You still have no explained what you're trying to do.
<giovani> that's clearly the solution you want
<giovani> despite me recommending otherwise
<Maleko> yeh, socks server software i mean
<giovani> just search the package list
<giovani> dante-server seems to do what you want
<soren> ttx: When you upload a new axis2c, can you take care of the multithread thing, too?
<soren> ttx: Or will you be longer than that?
 * ttx looks
<soren> ttx: it's just about adding another configure option to the build.
<ttx> soren: then sure :)
<soren> ttx: bug 428060
<uvirtbot> Launchpad bug 428060 in axis2c "axis2c unstable when multi-threaded" [High,New] https://launchpad.net/bugs/428060
<Maleko> giovani: what about socks 5 using openssh? any way to make it auth using username and pass?
<zul> soren have you had a chance to look at that grub2 and vmbuilder issue yet?
<ttx> soren: will take a few minutes, I'm testing the build w/testsuite in PPA build to make sure it's not playing funny network test games or anything else build-daemon-adverse
<uvirtbot> New bug: #427288 in eglibc "Karmic i386 EC2 kernel emulating unsupported memory accesses" [High,Fix released] https://launchpad.net/bugs/427288
<soren> zul: I did, and decided it was really hairy, and took a step away from it.
<soren> zul:  I need peace and calm to work that out.
<zul> soren: ah sucky
<soren> zul: Peace and calm are a sparse resource these days.
<zul> indeed ;)
<giovani> Maleko: ssh will ask for a username/password by default -- I don't understand what you're asking
<uvirtbot> New bug: #429443 in kvm (universe) "/usr/bin/kvm-ok should be disassociated from kvm" [Undecided,New] https://launchpad.net/bugs/429443
 * soren goes to do dinner-ish sort of stuff
<ttx> soren: axis2c_1.6.0-0ubuntu5 uploaded. Bug 428060 is still left todo.
<uvirtbot> Launchpad bug 428060 in axis2c "axis2c unstable when multi-threaded" [High,Triaged] https://launchpad.net/bugs/428060
<incorrect> I have a server that is complaining about not being able to fork processes
<incorrect> i think at some point it ran out of ram
 * IanFHood thinks that's forked up
<erichammond> smoser: You available to join an EC2 kernel status meeting over on #ubuntu-kernel?
<kaushal> hi
<kaushal> I have enabled ubuntu backports in Ubuntu 8.04 to install mysql-5.1, but i dont find it after apt-get update ?
<kaushal> hi
<kaushal> I have enabled ubuntu backports in Ubuntu 8.04 to install mysql-5.1, but i dont find it after apt-get update ?
<ruben23> how about this guys are they any how to or guide to install my ubuntu server with proper setting of system partitions and LVM..?
<ScottK> kaushal: This is because it's never been backported to Hardy.
<kaushal> ScottK: ok
<embrik> What do I do to let all my users to store  settings, homefolder and so on on the server?
<kaushal> ScottK: any plans to backport it to ubuntu 8.04 hardy in near future ?
<ScottK> Not as far as I know.  It'd take a fair bit of testing.
<kaushal> ScottK: is it documented :)
<kaushal> ?
<ScottK> !backports | kaushal
<ubottu> kaushal: If new updated Ubuntu packages are built for an application, then they may go into Ubuntu Backports. See https://help.ubuntu.com/community/UbuntuBackports - See also !packaging
<kaushal> ScottK: i have read it already :)
<ScottK> mysql is particularly tricky because the packages are not well designed to be co-installable for different versions.
<ScottK> So if we provided 5.1 packages in backports, it'd have to work with ~all of the mysql rdepends.
<kaushal> rdepends ?
<ScottK> For Hardy, the testing for this would be a huge job.
<ScottK> Reverse dependencies.
<ScottK> The packages that depend on mysql.
<smoser> jjohansen, erichammond i think that jjohansen is intending on / will fix bug 428692 .
<uvirtbot> Launchpad bug 428692 in ubuntu "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Confirmed] https://launchpad.net/bugs/428692
<smoser> but i wont insist on that being delivered for alpha-6.
<kaushal> Hi,
<kaushal> I have enabled ubuntu backports in Ubuntu 8.04 to install mysql-5.1
<kaushal> server, but i dont find it after apt-get update ?
<kaushal> Please suggest/guide
<kaushal> Thanks,
<kaushal> sorry
<jjohansen> yes it will be fixed by either me or rtg
<bhodder> Hey  I installed ubuntu server and LAMP but then I installed opensips and while doing so ruined my LAMP install
<smoser> just because I know how much black magic any kernel work is on ec2, and with black magic comes time delays
<erichammond> smoser: Then a workaround would be to include the kernel modules in the AMI and add "loop" to /etc/modules
<kaushal> ScottK: co-installable ?
<ScottK> You can't (in most cases) install two versions of mysql at the same time.
<bhodder> is there any way to fix this without reinstalling the whole ubuntu server?
<ScottK> The packages aren't designed for that and so getting it to work is tricky
<kaushal> ScottK: so i need it to install it from src packages ?
<ScottK> Probably.
<kaushal> is there a HowTo install src packages on Hardy about mysql-server-5.1 ?
<ScottK> No idea.
<smoser> erichammond, yeah. its easily enough worked around for an alpha
<jjohansen> smoser: what plans do we have for beyond alpha
<smoser> and i agree that we need some way to solve eric's bug 429169
<uvirtbot> Launchpad bug 429169 in vm-builder "ec2: Include kernel modules in AMIs" [Undecided,New] https://launchpad.net/bugs/429169
<smoser> beyond alpha, assuming our kernel is fairly solid, i dont forsee much else kernel related, jjohansen or erichammond do you ?
<bhodder> does anyone know how to fix a LAMP install?
<smoser> https://bugs.launchpad.net/ubuntu/+bugs?field.tag=ec2-images is the bug list
<jjohansen> smoser: only setting a few configs to y
<jjohansen> hrmm, and we should test VOIP/Asterisk and consider the Hz setting
<kaushal> Thank ScottK
<erichammond> jjohansen: I have a user who will test Asterisk using Jaunty on the new kernel once it's stable and permanent-ish.
<jjohansen> erichammond: that would be great
<smoser> jjohansen, we should test that, yes. or have someone test it for us.
<erichammond> He's currently using Jaunty on the Intrepid EC2 kernel (2.6.27)
<smoser> a-n-d, he s-o-n-ds ch-o-ppy sometimes
<smoser> and lossy
<bhodder> hey can anyone help me install apache2
<erichammond> smoser, jjohansen: Once we have a great EC2 Karmic kernel, the next step I see for the EC2 kernel is making sure we're just as solid for Hardy.
<jjohansen> erichammond: have you gotten any feedback on your jaunty support question?
<erichammond> ...unless you are confident that Hardy can run on 2.6.31 (?)
<smoser> erichammond, right, which is where we should be for approaching beta
<bhodder> It was installed with LAMP but then was reinstalled and removed via apt-get and now will not install?
<jjohansen> erichammond: hehe, that may just happen
<uvirtbot> New bug: #423865 in eucalyptus (main) "[FFE] Image Store UI in Eucalyptus needs local proxy" [Undecided,In progress] https://launchpad.net/bugs/423865
<rickspencer3> HI all
<erichammond> smoser: Was your "right" talking about that we should build a Hardy EC2 kernel?
<rickspencer3> I see some incoming euc bugs, who is triaging these
<rickspencer3> ?
<rickspencer3> https://bugs.edge.launchpad.net/ubuntu/+bugs?field.tag=eucalyptus
<smoser> i dont think so
<smoser> for hardy, i do not have any plans to change the existing kernel.
<smoser> if a user wants to start with a karmic kernel, then they're welcome to
<erichammond> smoser: Were there no bugs against the Hardy kernel on EC2?  There were a lot of bugs against that release, but I didn't track to closely if any were in the kernel.
<smoser> we will publish an updated hardy kernel with bug 420635 fixed.
<jjohansen> smoser: I don't know how this affects what we are doing with EC2 but there are plans to provide backport kernels for hardy
<uvirtbot> Launchpad bug 420635 in linux "Update Hardy kernel AKI for local privilege escalation" [Medium,Triaged] https://launchpad.net/bugs/420635
<smoser> the list of issues with hardy that i expect to address are https://edge.launchpad.net/ubuntu/hardy/+bugs?field.tag=ec2-images
<smoser> any service to that release requires a SRU request
<erichammond> smoser: great, thanks.
<erichammond> jjohansen: Nope (regarding Jaunty). I submitted a few bugs so people can respond officially: bug 429122, bug 429121, bug 429120
<uvirtbot> Launchpad bug 429122 in ubuntu "ec2: Build Ubuntu 9.04 Jaunty AMIs" [Undecided,New] https://launchpad.net/bugs/429122
<uvirtbot> Launchpad bug 429121 in ubuntu "ec2: Build new Ubuntu 8.10 Intrepid AMIs" [Undecided,New] https://launchpad.net/bugs/429121
<uvirtbot> Launchpad bug 429120 in ubuntu "ec2: Build new Ubuntu 8.04 Hardy AMIs" [Undecided,New] https://launchpad.net/bugs/429120
<jjohansen> erichammond: yeah I saw those, but I haven't made it through all my mail yet this morning
<smoser> jjohansen, the priority right now is karmic. if we can get fully kernel team serviced and updated kernels to hardy, that is a "very nice thing"
<jjohansen> smoser: yes
<smoser> erichammond, note, that outside of kernel, the amis will have all other SRU updates applied.
<erichammond> smoser: Yes, I understand that.  Somebody asked a question about the future which is why I brought up Hardy.
<jjohansen> smoser: I only asked because erichammond brought up the VOIP under Jaunty+Intrepid kernel
<smoser> "someone" ? or you :)
<smoser> erichammond, i'll respond to your query on the mailing list regarding service.
<erichammond> smoser: You: "beyond alpha, assuming our kernel is fairly solid, i dont forsee much else kernel related, jjohansen or erichammond do you ?"
<jjohansen> erichammond: no
<jjohansen> erichammond: as time permits I plan to pursue the pv-ops kernel issues with amazon
<smoser> in short, the priorities in order are karmic, hardy, intrepid, jaunty.  but once karmic releases, there is not a lot of use for jaunty and intrepid. and
<smoser> and once karmic is released, the top priority will be karmic+1/10.04, but hopefully we'll have some more time to address the inadequacies of the other releases.
<digilord> Does anyone here do network installs?  I am having a prob doing them where Ubuntu is not able to write a temp file for the dhcp client on the system being installed.
<erichammond> Perhaps I misinterpreted this a bit too widely in anticipation :)
<erichammond> smoser, jjohansen: I think all my questions are answered for this meeting now.
<erichammond> smoser: I'd like to summarize my understanding of what the plan is so you can clarify if I'm incorrect:
<erichammond> You do not plan to publish any further AMIs until Karmic Alpha 6.
<erichammond> Alpha6 should include the loop module fix one way or another.
<erichammond> Alpha6 should include the kernel modules.
<erichammond> You will test the libc fix before Alpha6.
<erichammond> ?
<erichammond> smoser: Hm, taking a second glance at your comment about bug 429169, you didn't commit to anything but did want more discussion, right?
<uvirtbot> Launchpad bug 429169 in vm-builder "ec2: Include kernel modules in AMIs" [Undecided,New] https://launchpad.net/bugs/429169
<smoser> i dont want to promise the kernel modules in the image right now, but i'll look at it.
<smoser> and we absolutely need a solution
<smoser> if they're not there, I'll document how to get them (adn it should be a cut and pastable command line tha tcould even be run from a user-data)
<erichammond> smoser: If it's that easy, why not add the commands to the vmbuilder --exec script so that the kernel modules are included in the image as they are with other AMIs?
<smoser> erichammond, i thought exec script for vmbuilder ran at build time
<erichammond> smoser: Exactly.
<smoser> if so, then it would pull those into the image, which wastes space for uec portion
<smoser> see my comment there (the bug) about less than ideal for uec
<erichammond> smoser: Ah, I just woke up for this meeting and didn't see that comment yet.
<erichammond> Well, my position would be that for Alpha6 we should make it work as expected for EC2 and slightly inconvenience the UEC folks :)
<erichammond> I think it's more than an inconvenience not to have the kernel modules available on EC2.
<smoser> <sarcasm>really ? that surprises me</sarcasm>
<smoser> i agree
<smoser> we'll figure something out.
<erichammond> We can document all we want and answer questions on the mailing lists, but this only reaches a small percentage of the user population.
<smoser> the really nice thing about soren's "copy from initrd -> /" proposal is that it can work for ubuntu and non-ubuntu images (with a little enlightenment in user space)
<smoser> and also, it has no negative side effects on uec
<erichammond> smoser: Yep, it's pretty cool, which is why I suggest adding the kernel modules to the image be a temporary workaround.
<erichammond> smoser, jjohansen: Ok, it's time for me to wake up and get on with my day job.  Thanks for a great meeting.
<jjohansen> erichammond: thanks for comming
<Jeeves_> soren: niftyname.org seems nice, but unfinished
<Jeeves_> the serverpart is not documented at all
<Jeeves_> There's no documentation on how to set it up
<digilord> I am guessing that this is not the channel for Ubuntu server setup/deployment help?
<Jeeves_> digilord: I think it is
<digilord> Hmmm ok
<Jeeves_> digilord: What's your problem exactly?
<digilord> I am doing a netbooted install and the installer is failing because it can't write the temp files for the dhcp client.
<kaushal> ScottK: is it safe to use https://wiki.ubuntu.com/Prevu/ to build mysql 5.1 ?
<ScottK> It's not supported, but the author of Prevu is an Ubuntu developer who generally knows what he's doing.
<digilord> Jeeves_: I think the problem is in the ramdisk part of the kernel init line.  http://pastebin.com/d1539f296 is from the installer.  Did I miss an option?  It's also not skipping the keyboard selection and using what is in the init line.
<Jeeves_> digilord: We pxe-boot daily, and that works fine
<digilord> Jeeves_: So there isn't anything wrong with my kernel init line
<Jeeves_> digilord: We use this line
<Jeeves_>     kernel 172.17.145/hardy-amd64/kernel append tasks=standard pkgsel/language-pack-patterns= pkgsel/install-language-support=false base-installer/kernel/override-image=linux-server console-setup/ask_detect=false vga=normal initrd=172.17.145/hardy-amd64/initrd.gz --
<Jeeves_> That works fine
<digilord> Jeeves_: What are you using for the install repos? http, ftp, nfs, tftp?
<Jeeves_> hmm? We pxe boot
<Jeeves_> fetch the initrd and kernel via tftp
<digilord> Jeeves_: Ahhh BOOT not INSTALL
<Jeeves_> We boot the installer ...
<uvirtbot> New bug: #382599 in php5 (main) "php5 metapackage pulls apache-common (dup-of: 420639)" [Wishlist,Triaged] https://launchpad.net/bugs/382599
<smoser> bug/launchpad wizards (kirkland or anyone) , i've a bug that is currently open (https://bugs.launchpad.net/ubuntu-on-ec2/+bug/398568).  is there a way to indicate that this bug is not relevant to the current devleopment release (karmic) without nominating it for a release ?
<uvirtbot> Launchpad bug 398568 in linux "ami-bbf514d2: Sometimes does not start booting (empty console output, no network)" [Critical,Confirmed]
<smoser> ie, this bug is now "fixed released" on karmic (or close to it) but I'd like to indicate somewhere that it affects jaunty
<b0sc0> I have an 8.10 ubuntu install running Xen kernel 2.6.24-24. After about 3-4 weeks, I notice quite a few deadlocked processes on dom0 and eventually not long after, the system freezes until it is reboot. Any ideas?
<digilord> Jeeves_: Is there a good place for me to look for info on netboot & install?  I changed a few of the things from the line you gave to add in the things that we have and I am still getting the language selection screen
<geekboxjockey> I have an 8.10 ubuntu install running Xen kernel 2.6.24-24. After about 3-4 weeks, I notice quite a few deadlocked processes on dom0 and eventually not long after, the system freezes until it is reboot. Any ideas?
<digilord> Jeeves_: I followed one of the Ubuntu How-To docs to get things booting and now it appears I am stuck.
<kirkland> smoser: just nominate for jaunty
<kirkland> smoser: and mark the main task fix released
<kirkland> smoser: it's always assumed that the default task only applies to the current development tree
<smoser> kirkland, yes, but doesn't "nominate for jaunty" indicate some request to have it fixed in jaunty ?
<smoser> i really dont care about getting it fixed (at the moment) just want to mark that it affects jaunty only
<kirkland> smoser: nominate for jaunty
<kirkland> smoser: accept it
<kirkland> smoser: mark won't fix
<kirkland> :-)
<kirkland> smoser: that's the tracking you need
<kirkland> smoser: google will turn it up
<kirkland> smoser: and show that a decision was reached not to fix it
<uvirtbot> New bug: #331278 in php5 (main) "php5-cli + PHP bug 42682: stream_select() indicates bad number of readable descriptors" [Undecided,Incomplete] https://launchpad.net/bugs/331278
<mathiaz> kirkland: hey - do you have some time to a new package review later today?
<mathiaz> kirkland: to *review* a new package
<kirkland> mathiaz: probably, how big is it?
<kirkland> mathiaz: also, are you aware of ubuntuserver.org ?
<mathiaz> kirkland: small
<mathiaz> kirkland: yes
<kirkland> mathiaz: i stumbled upon it
<kirkland> mathiaz: sure, point me at it
<mathiaz> kirkland: it's a python program (the image-store-proxy)
<mathiaz> kirkland: I'm finishing testing it
<mathiaz> kirkland: I'll upload it to REVU once I'm done
<kirkland> mathiaz: k
<mathiaz> kirkland: just wanted to give you heads up
<smoser> kirkland, can you please accept the nominate for release of 398568
<kirkland> bug #398568
<uvirtbot> Launchpad bug 398568 in linux "ami-bbf514d2: Sometimes does not start booting (empty console output, no network)" [Critical,Confirmed] https://launchpad.net/bugs/398568
<kirkland> smoser: done
<smoser> kirkland, please click the same for bug 415032
<uvirtbot> Launchpad bug 415032 in linux "no console output for ec2 instances via ec2-get-console-output" [High,Confirmed] https://launchpad.net/bugs/415032
<kirkland> smoser: done
<cemc> anybody using clusterssh ?
<cemc> on ubuntu
<pmatulis> for lvm, how can i view how much free space is available on a vg so i can grow a lv?
<_ruben> vgdisplay
<soren> smoser: The initrd->filesystem module copy thing doesn't strictly need help from the ec2-init script.
<soren> smoser: I can think of at least two ways around it.
<uvirtbot> New bug: #429590 in eucalyptus (main) "Cannot upload bundle to Walrus" [Undecided,New] https://launchpad.net/bugs/429590
<soren> smoser: One is to simply bind-mount the module directory directly on top of /lib/modules/`uname -r`.
<soren> smoser: The disadvantage is that you don't get to reclaim the memory it takes up.
<smoser> soren, yeah. you could do that
<uvirtbot> New bug: #416445 in samba "mount.cifs crashed with SIGSEGV in main()" [Unknown,Confirmed] https://launchpad.net/bugs/416445
<soren> smoser: The other approach is to remount the file system read-write and do it all from initramfs. On EC2, this is actually not /that/ bad, since the filesystem images are rarely in an inconsistent state :)
<dan> how can I tell on the command line if I have ubuntu server or ubuntu desktop?
<guntbert> dan: I just looked - jaunty server: 2.6.28-server - jaunty desktop:2.6.28-15-generic
<dan> both of mine read generic
<dan> I definitely have server installed because it's not even running an X server
<frith> i have a fairly decent spec server, I was wondering which VM solution to use?
<ruben23> hi how do i adjust screen resolution on terminal server...not graphical
<pmatulis> on lvm, lvscan gives 'ACTIVE            '/dev/data/backuplv' [256.00 MB] inherit
<pmatulis> what does 'inherit' mean?
<soren> pmatulis: Probably the allocation policy.
 * soren checks
<soren> pmatulis: Yes, I think that's accurate.
<soren> pmatulis: It means that it'll use the allocation policy set for the volume group.
<pmatulis> soren: where did you "check"?
<soren> pmatulis: lvm source code.
<soren> pmatulis: ...which revealed that the lvm man page also explains it.
<pmatulis> soren: alright, thx
<soren> pmatulis: look for "inherit" on the lvm(8) man page.
<pmatulis> soren: reading now
<pmatulis> soren: lv inherits allocation policy from vg
<soren> pmatulis: Exactly.
<uvirtbot> New bug: #429691 in mysql-dfsg-5.0 (main) "MySQL installation failed (using tasksel)" [Undecided,New] https://launchpad.net/bugs/429691
 * soren looks forward to shutting down his eucalyptus testing machinery again. Having to wear noise cancelling earphones just to maintain sanity is no fun.
<pixlbox> ive got a big problem, i have ubuntu server 9.04 (64 bit) installed and for some reason it keep randomly losing network connection, i cant connect to it via ssh or even ping
<pixlbox> is this a common fault ?
<soren> pixlbox: No.
 * soren goes to bed
#ubuntu-server 2009-09-15
<Bookman> Is there a LPI exam prep available online that is free/low cost?
<ae> ubuntu hardy is currently using mysql server 5.0.x, intrepid+ are using 5.1.x - will hardy ever move up to 5.1? how can I find out about these policies?
<thiagocrepaldi> hello, dears, i just installed slapd (openldap server) and executed sudo dpkg-reconfigure slapd to configure ldap server. it's done and working. However, i can't find slapd.conf anywhere. Where does ubuntu store it ? I am using a brand new ubuntu 9.04 server edition
<mathiaz> thiagocrepaldi: 9.04 doesn't use slapd.conf. It uses the cn=config backend by default instead.
<mathiaz> ae: hardy will probably never move up to 5.1.
<mathiaz> ae: you could try to get a backport at https://help.ubuntu.com/community/UbuntuBackports.
<ae> mathiaz: Thanks - I thought that might be the case but couldn't be sure.
<docko> i have a software raid1, a fail event has been detected on /dev/sdb1 and /dev/sdb2. then /dev/sdb just disappeared, how is it possible?
<ae> mathiaz: ahhh backports... good call
<thiagocrepaldi> mathiaz, how can i see all configguration now ?
<mathiaz> thiagocrepaldi: do a ldapsearch on the cn=config tree
<mathiaz> thiagocrepaldi: https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html
<thiagocrepaldi> mathiaz, i am in this link already, but it's configuration to authenticate my console with ldap cited there do not work
<thiagocrepaldi> additionally,  ldapscripts throws errors when i try to execute them. It's logs are too superficial, so it's not useful to debug =/
<fbc-mx> My hosting company is giving me a choice of quad core opteron or xeon. Which would give me the best performance under ubuntu server?
<KurtKraut> fbc-mx, if anyone that offer you a answer, it will be based on pure witchcraft.
<KurtKraut> fbc-mx, I tend to prefer the processor with the biggest cache built in.
<fbc-mx> KurtKraut, Intel Xeon DP E5405 or AMD Opteron 2344 HE?
<KurtKraut> fbc-mx, I suggest you reading about them on Wikipedia.
<fbc-mx> KurtKraut,  I have however the articles do not tell me about performance under ubuntu.
<KurtKraut> fbc-mx, there is nothing specifically on Ubuntu that would differ performance on those processors.
<fbc-mx> KurtKraut, ok the wikipedia article tells me that the xeon has 2x6mb L2 cache and the AMD has L1-Cache: 64 + 64 KB (Data + Instructions) per core L2-Cache: 512 KB, fullspeed per core L3-Cache: 2048 KB, shared.  If I had to decide just by L2 cache it would appear the xeon has more, but the way they break it out makes it confusing. Which on would you pick?
<qman__> fbc-mx, if the Xeon is i7-based (Nehalem) it will outperform the Opteron
<qman__> otherwise, they will be fairly similar in performance per clock
<qman__> historically, Xeons usually have the performance edge, where Opterons have the power efficiency edge
<qman__> though there are plenty of exceptions
<fbc-mx> qman__,  it says 5400 "harpertown" series . does nto appear to be nehalem series. So if it's not nahelem based the AMD should outperform right?
<qman__> no, they will be very similar in performance
<qman__> the nehalems are the only ones with any significant performance advantage
<qman__> go with number of cores, amount of cache, and clock speed as your judges in this case
<fbc-mx> qman__, ok, then since they are similar in performance then my only consideration would fall back on compatability.. opteron or xeon more compatible with ubuntu?
<qman__> they're both equally compatible
<fbc-mx> qman__,  wow.. hard decision to make then... it sounds like a flip of a coin situation.
<qman__> pretty much
<qman__> I'd go with the opteron, but that's just because I'm an AMD fanboy, there's not an obvious choice
<qman__> one probably is faster than the other, but not enough that you'll notice
<KurtKraut> fbc-mx, ... remember what I said about witchcraft?
<KurtKraut> :P
<qman__> they're definitely in the same bracket
<qman__> normally the deciding factor would be power consumption and cost
<fbc-mx> hmm.. thanks guys... it appeared to be an exercise in futility
<qman__> but since you've alluded that those are irrelevant, that makes the choice harder
<fbc-mx> Heads XEON, tails Opteron.
<fbc-mx> OK, it's XEON.
<twb> i7 would make me nervous for a Linux system right now
<twb> Since I haven't actually seen a Linux system handling e.g. the PCIE replacement
<fbc-mx> twb, well, its for a dedicated server colocated server.. I'm not gonna be putting cards into it. Just using the stuff on the motherboard.
<twb> fbc-mx: PCIE is what the previous generation uses between the CPU and the I/O controller.
<twb> fbc-mx: in i7, it has been replaced with a new thing (quicksomething?)
<twb> QuickPath Interconnect
<twb> I mean, maybe the kernel doesn't need to understand such things, and they will Just Work.  But I'd still want to SEE it working before I laid down a couple grand for an i7 server.
<amites> Any idea what I'm missing to access a directory? The steps I'm taking are add user to group and set directory permissions? http://pastebin.com/m2f2b58bf
<jmarsden> amites: as I just said in #ubuntu, log out and back in so your user is really in the www-data group
<jmarsden> But why are you doing that in the first place?
<jmarsden> You shouldn't need to chmod the public_html directory for it to work...
<amites> I logged out and logged back in - working now, thank you
<qman__> your own public_html shouldn't need to belong to www-data
<qman__> it should belong to the user
<amites> apache runs as www-data
<qman__> yes
<amites> I use that dir to host all the sites on the server
<amites> not just personal
<qman__> standard practice is to put non-personal sites in /var/www/site-name
<qman__> putting them in your own public_html is generally a bad idea
<qman__> because that inherently breaks the automagic user site
<NCommander> Does anyone know if Ubuntu supports dhcpv6 out of the box?
<twb> What is DHCPv6?
<twb> Do you mean DHCP over IPv6?
<twb> Ah, apparently "DHCPv6" is a recognized term for that.
<twb> Debian has an ongoing goal to support IPv6 throughout, so Ubuntu should have/get DHCPv6.  I don't know whether it's supported in any existing releases.
<twb> http://packages.ubuntu.com/dhcpv6 indicates that WIDE DHCPv6 has been in Ubuntu for some time.
<jmarsden> twb: rmadison shows it as being present only as a source package, though, which seems odd.
<twb> Shrug
<twb> I've never tried rmadison with Ubuntu
<twb> Maybe universe packages aren't listed?
<twb> jmarsden: nope, it's simply that the wide-dhcpv6 package doesn't produce a binary of that name.
<jmarsden> Ah, OK.
<uvirtbot> New bug: #303882 in vm-builder (universe) "python-vm-builder --raw doesn't set size correctly" [Medium,Fix committed] https://launchpad.net/bugs/303882
<uvirtbot> New bug: #429872 in tcpdump (universe) "/sbin/apparmor_parser: ... Profile doesn't conform to protocol" [Undecided,New] https://launchpad.net/bugs/429872
<error404notfound> using "mail" command, how can i send out an email with a tgz attached?
<twb> You need something that can talk MIME
<twb> I don't know if mail can.
<jmarsden> error404notfound: It would be easier to install mpack and use that
<jmarsden> mpack file.tar.gz user@example.com
<error404notfound> hmmm, twb yup, MIME...
<error404notfound> jmarsden, i see....
<error404notfound> lemme check
<jmarsden> sudo apt-get install mpack    # then  mpack file.tgz user@example.com    should work
<twb> I still need to debug MIME attachments in my mbox.py plugin for roundup...
<_ruben> i tend to use mutt instead of mail when i need to send attachments
<twb> _ruben: even from a cron job?
<_ruben> yes
<twb> Hm.
<_ruben> its pretty much a drop-in replacement for nail, which is a mail variant that does support attachments .. -a filename
<twb> Yeah, I just never considered that mutt would work without a pty
<_ruben> echo blaat | mutt -s subject -a file to@some.one
<twb> If SHELL=/bin/bash, you can <<<blaat, btw
<twb> herestrings ftw
<error404notfound> i get sendmail: fatal: root(0): message file too big :D
<jmarsden> So try it with a smaller file :)
<_ruben> mail isnt best suited for transfering large files
<twb> A nickel says error404notfound is doing this from PHP
<error404notfound> twb, nope, commandline
<twb> Darn
<JanC> you can always try telnet/nc  :P
<twb> socat!
<error404notfound> twb, postdrop: warning: uid=0: File too large
<error404notfound> see, sending file from root account
<twb> I'm usually lazy and use tar c | ssh tar x instead of nc
<twb> Who cares if it takes a couple more days
<JanC> error404notfound: that sounds like the mail is too large for your postfix settings ?
<error404notfound> JanC, lemme see...
<error404notfound> anyone rememer how much large attachments gmail support? :P
<error404notfound> got set one value which would last for ages
<JanC> error404notfound: it looks like 'postdrop' issued the error/warning, not gmail?
<error404notfound> JanC, yes, but i wana make both allowed attachment sizes equal as i use postfix +sasl + gmail
 * soren goes for coffee
<Jeeves_> Hey, where did kvm-pxe in hardy go?
<soren> Jeeves_: It was never there.
<soren> etherboot (5.4.3+dfsg-0.1ubuntu2) intrepid; urgency=low * Add kvm-pxe package containing the PXE ROM's kvm needs to pxeboot. -- Soren Hansen < soren@ubuntu.com>   Fri, 04 Jul 2008 15:22:12 +0200
<Jeeves_> soren: ok, etherboot it is :)
<soren> Ng: Ok, test building new Eucalyptus snapshot. If it works, I'll upload. ETA 15 in.
<soren> min, even.
<Ng> soren: excellent :)
<zul> morning
<heath|work> I'm having to type my password twice in order to sudo. This didn't start happening until I installed and configured an LDAP server on the system. Any ideas as to what might be happening?
<pmatulis> heath|work: sounds like your PAM config is not optimized
<heath|work> hmm. would that be a common-auth issue?
<pmatulis> heath|work: look inside /etc/pam.d/sudo
<heath|work> ah that would make sense. I didn't even see that one
<heath|work> lol... well that says @include common-auth @include common-account
<pmatulis> heath|work: yup
<pmatulis> heath|work: maybe pastebin common-auth
 * soren takes a break
<heath|work> pmatulis, http://pastie.org/617305
<soren> Ng: Eucalyptus is building, by the way: https://edge.launchpad.net/ubuntu/+source/eucalyptus/1.6~bzr746-0ubuntu1
<pmatulis> heath|work: did you edit this file by hand?
<heath|work> common-account is a single line: account required	pam_unix.so
<heath|work> pmatulis, no virtualmin
<heath|work> is it jacked up?
<Ng> soren: cool thanks, I'll watch that
<pmatulis> heath|work: yeah
<heath|work> oh great.
<pmatulis> heath|work: to begin, common-auth should only have lines beginning with auth
<pmatulis> someone else may want to corroborate
<pmatulis> heath|work: having to enter your p/w twice may indicate that authentication with ldap is failing, you probably don't want to use ldap with sudo right?
<heath|work> pmatulis, correct. The only concern there is making sure virtualmin can still perform system tasks
<heath|work> This looks very understandable. I will backup what I have and start here: https://help.ubuntu.com/community/LDAPClientAuthentication
<pmatulis> heath|work: ok
<heath|work> pmatulis, thanks for the help
<pmatulis> heath|work: i haven't tried it myself but it seems you could just take the auth lines from common-auth (minus the ldap line) and replace the include common-auth line with them
<pmatulis> in /etc/pam.d/sudo
<pmatulis> heath|work:
<heath|work> I can try that first. It looks like virtualmin just dumps everything in the common-auth file instead of breaking it up across the normal three
<pmatulis> heath|work: note that you should have a root shell in another terminal when you're messing with pam to prevent locking yourself out
<heath|work> will do.
<uvirtbot> New bug: #429083 in eucalyptus (main) "axis2c segfaulting, causing CC to crash  (dup-of: 428060)" [Undecided,New] https://launchpad.net/bugs/429083
 * soren dogfoods and does an upgrade
<heath|work> pmatulis, after cleaning everything up following the guide it appears all is well
<pmatulis> heath|work: can you paste your /etc/pam.d/{sudo,common-auth} again
<heath|work> pmatulis, I'm going to put the sudo back to the orig next and check it out: http://pastie.org/617355
<heath|work> I'm not sure why my password one has anything about smb in there, but I left it
<pmatulis> heath|work: you must have samba installed
<heath|work> or auth for that matter
<heath|work> That's just it, I don't. Not even the client
<pmatulis> heath|work: maybe virtualmin up to its tricks again?
<heath|work> I guess so. I choose virtual cause from what I read it doesn't jack up your configs with proprietary crap. You can uninstall virtualmin and still have a working system. (unlike others I have tried)
<pmatulis> heath|work: ok.  your pam configs look good to me
<heath|work> and sudo is cooperating! :)
<heath|work> pmatulis, thanks again for the help.
<pmatulis> heath|work: np, pass it on
<heath|work> that's my motto. Pay It Forward
<heath|work> It even resoled not being able to log in virtualmin as administrator! I had to enable the root account (which I hate) in order to use virtualmin.
<pmatulis> heath|work: probably b/c that user is not in ldap
<heath|work> yep
<heath|work> so to disable the root password again: sudo passwd -d root ?
<pmatulis> heath|work: doesn't look right
<heath|work> from the man page: 'Delete a user's password (make it empty). This is a quick way to disable a password for an account'
<pmatulis> heath|work: ok, i'm used to another way
<pmatulis> (usermod -p '!' root
<pmatulis> )
<heath|work> weird, I will look into that
<garymc> Anyone got a softphone they could do a quick voip test to my server for me?
<zul> hi mathiaz
<zul> mathiaz: puppet issues have been fixed with the testsuite and your bug has been fixed
<mathiaz> zul: great - so the MIR has been acceptedÃ
<mathiaz> zul: ?
<zul> ill let kees now today
<ttx> mathiaz: I pushed your MIR for image-store-proxy and pinged the MIR team about it... You might want to ping again at one point in your Tuesday though
<mathiaz> ttx: yop - I'll take over for today :)
 * mathiaz loves 20 hour long days
<ttx> mathiaz: I pushed a new ServerTeam/Roadmap btw, let me know if it doesn't make sense
<mathiaz> ttx: great - did you generate the first table by hand?
<ttx> mathiaz: yes. I wish there was a way to find those blueprints. Or to tag them.
<mathiaz> ttx: we should be able to use LP for that
<ttx> yes, we should.
<mathiaz> ttx: https://blueprints.launchpad.net/~ubuntu-server/+specworkload
<mathiaz> ttx: ^^ that may be the best option we have - but it times out for me now
<oversize> hi, i am new to kvm and try to read through al that whats avail to read. now there are documents talking about python-vmbuilder while others (as the ubuntu server guied) use virt-install, are these the same with different names (versions), which should i get to know when i am just starting with kvm? thx
<mathiaz> ttx: anyway - we should look into that later or for the next release cycle
<uvirtbot> New bug: #429636 in apache2 (main) "ubuntu 8.04 cannot install apache2-prefork-dev" [Undecided,Incomplete] https://launchpad.net/bugs/429636
<uvirtbot> New bug: #430075 in ubuntu (main) "eucalyptus-nc fail to upgrade to 1.6~bzr746-0ubuntu1" [Undecided,New] https://launchpad.net/bugs/430075
<uvirtbot> New bug: #429106 in vm-builder (universe) "kernel and initramfs should be available for uec" [Medium,New] https://launchpad.net/bugs/429106
<smoser> man /join #ubuntu-meeting
 * smoser joins #ubuntu-meeting, for anyone who missed that :)
<zul> sure you did
<agussman> According to this my ec2 instance might be vulnerable to "proxy request attacks": http://tiny.cc/BrgSh .  How do I a) test if I am vulnerable and b) prevent apache from forwarding url?
<szczym> helo i have eth0 confugured as static at external ip in /etc/network/interfereces , now i added next net card with link to localnet/dhcp how i could initialize new card ? just add new entry to /etc/network/interfereces ?
<genii> szczym: For eth1, yes
<szczym> thanx genii
<genii> np
<szczym> auto eth1
<szczym> iface eth1 inet dhcp
<szczym> ?
<genii> szczym: Looks good
<szczym> thanx
<genii> szczym: You can then bring it up manually with something like:  sudo ifconfig eth1 up && sudo dhclient eth1
<szczym> how i could find out if i have dhcp client running ?
<szczym> i know, just type dhclient ;)
<szczym> thanx
<orudie> hi. i need help with vhosts
<orudie> i moved my site from /var/www to /var/www/mysite.com , and i am having trouble making it to work
<qman__> pastebin your site configuration file
<Keizer> Sup homies
<genii> I'm not sure "somewhere.com" as a directoryname in which to put content works that great
<soren> We're not homies.
<soren> We're geeks.
<soren> :)
<Keizer> What is the best way to go about setting up a VPN connection on ubuntu server that only goes out that interface if those resources are requested?
<Keizer> Been staring at the screen too long so my eyes are unhappy
<soren> Keizer: What is the use case?
<qman__> what exactly do you mean
<Keizer> The RHEL network init scripts are awesome but I've decided to rawk out ubuntu
<Keizer> qman__: I need to setup a VPN connection and I don't want all traffic on the machine going out that interface
<qman__> that's a simple flag in openvpn
<qman__> on or off
<qman__> ;push "redirect-gateway"
<qman__> uncomment to funnel all traffic through VPN, leave commented to split it
<orudie> qman__-> about to paste it
<orudie> qman__-> http://pastebin.com/d3970b9da
<qman__> orudie, ok, first thing, is mod_rewrite installed and enabled?
<qman__> a2enmod rewrite   I think
<orudie> umm
<orudie> what does it do ?
<orudie> redirects from domain.com to www.domain.com ? if yes than its enabled
<qman__> you are using rewrite in your site configuration
<qman__> so, you need the rewrite module enabled in apache
<qman__> it's not there by default
<orudie> its enabled
<qman__> ok
<qman__> well, I don't see anything wrong with it, unless there's something wrong with the rewrite rules, I don't know enough about them to say
<qman__> does apache throw any errors, or can you simply not access the site?
<Keizer> Thanks qman__
<Keizer> http://www.youtube.com/watch?v=R-Yjlx4MRUQ <--- laff
<Keizer> qman__: OpenVPN is the defacto VPN correct? I'm used to OpenBSD VPN configuration
<qman__> Keizer, it's pretty common, at least, I don't really know of any other full VPN solutions
<Keizer> OpenSwan was one back in the day
<sub> Thought everyone just used ipsec for site-to-site and PPTP for client access
<Keizer> sub: Right
<jjohansen1> smoser: hey you around for the kernel meeting
<smoser> here
<smoser> jjohansen1, here
<erichammond> smoser: Over in #ubuntu-kernel
<rtg> jjohansen1, moving.
<jjohansen1> here
<erichammond> her
<erichammond> e
<smoser> ==== ec2 kernel meeting =====
<smoser> i'm planning on later today publishing the karmic kernels to eu-west-1, and getting ec2-version-query updated so that it will be the current karmic kernel
<smoser> so that will mark bug 418130 as done
<uvirtbot> Launchpad bug 418130 in Ubuntu Karmic "Karmic EC2 images don't use a karmic kernel" [High,In progress] https://launchpad.net/bugs/418130
<rtg> smoser, when will you be ready for the config updates?
<rtg> shall I wait until after A6?
<jjohansen1> rtg: we should test the config updates before committing them
<smoser> for bug 428692, if you want to try something we can. and i'd love it if it had less drivers (ie, more like -virtual than -server)
<uvirtbot> Launchpad bug 428692 in ubuntu "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Confirmed] https://launchpad.net/bugs/428692
<rtg> jjohansen1, I've pushe3d them, so feel free
<jjohansen1> rtg: right I will start a kernel build
<smoser> good deal. that'd be great if we could get that for alpha6, but if not, i dont think its the end of the world.
<smoser> the other kernel related bug is bug 429169
<uvirtbot> Launchpad bug 429169 in vm-builder "ec2: Include kernel modules in AMIs" [Medium,Triaged] https://launchpad.net/bugs/429169
<rtg> smoser, its getting pretty late for A6
<smoser> rtg, i agree. so no big deal. we use the previous ones.
<rtg> smoser, so, what you have in the archive right now is what's going out with A6
<smoser> fine.
<lukehasnoname> clear
<rtg> erichammond, any issues from you?
<erichammond> I think everything is being tracked in LP
<smoser> so for 429169, after the MIR takes place (bug 427658) there will be a 'linux-ec2' metapackage in the archive that depends on the latest linux-image-... ?
<uvirtbot> Launchpad bug 427658 in Ubuntu Karmic "Main Inclusion Request: linux-ec2" [High,Fix released] https://launchpad.net/bugs/427658
<smoser> for 429619, i'd like to have that so vmbuilder can just know it needs to get 'linux-ec2' rather than knowing what version that is.
<smoser> sorry if this is all obvious to everyone else
<rtg> smoser, yeah, I need to do a meta package. I'll get that today
<Steve[work]> morning everyone
<smoser> rtg. great.
<rtg> smoser, incidentally, the MIR is complete and the package is accepted
<Steve[work]> I have a minbor issue with the multipath-tools package on 9.04 64bit.  It picks up the paths and seems to be handling it properly, however will not create a /dev/dm-0
<rtg> jjohansen1, anything else ec2 related?
<jjohansen1> nothing I can think of
<Steve[work]> I do see a /dev/mapper/*LONGSTRINGOFSTUFF* entry however
<rtg> jjohansen1, when do you leave for ATL ?
<jjohansen1> friday
<rtg> ok, I suggest you suspend these meetings Friday-Fri since you're on the road.
<jjohansen1> rtg: good idea, I will send a mail out, also include moving them to #ubuntu-server
<rtg> k, is that a wrap for today?
<erichammond> I thought these were already canceled on Fridays because of the Karmic status meeting?
<rtg> erichammond, could be.
<jjohansen1> I think we should, unless people want to move the time
<rtg> well, for the next 2 fridays its a moot point
<jjohansen1> rtg: true, really wed,thurs,friday next week too
<rtg> which is why I suggested Friday through Friday.
<rtg> cover it in an email.
<jjohansen1> will do
<erichammond> And perhaps update http://kernelcalendar.notlong.com
<jjohansen1> erichammond: yes, thanks
<erichammond> I guess the EC2 kernel status meeting is adjourned.
<jjohansen1> yes sorry,  EC2 kernel meeting adjourned
<uvirtbot> New bug: #241949 in kvm (universe) "computer freeze on kvm startup" [High,Fix released] https://launchpad.net/bugs/241949
<uvirtbot> New bug: #251480 in kvm "X hangs in Intrepid in KVM" [High,Confirmed] https://launchpad.net/bugs/251480
<uvirtbot> New bug: #286101 in kvm (universe) "kvm guests not using virtio for networking lose network connectivity" [High,Fix released] https://launchpad.net/bugs/286101
<uvirtbot> New bug: #254492 in kvm (universe) "kvm guests randomly freeze when using SMP, start again when key pressed in vnc console" [Medium,Fix released] https://launchpad.net/bugs/254492
<uvirtbot> New bug: #316861 in kvm (universe) "Virtio not working in Hardy 64bit" [Medium,Fix released] https://launchpad.net/bugs/316861
<uvirtbot> New bug: #359447 in kvm "kvm segfaults" [High,Fix released] https://launchpad.net/bugs/359447
<kansan> i'm trying to shut down mysql server and i'm getting a [fail] message ... any ideas on how i can fix?  also is it ok to reboot a server with "sudo reboot" ... if mysql is running and apache is running too?
<qman__> kansan, are you sure mysqld is running? in any case, a sudo reboot will attempt to stop them cleanly, then kill them if it can't
<kansan> qman__, yes its running
<qman__> and 'sudo /etc/init.d/mysql stop' fails?
<kansan> yes
<qman__> was the current instance of mysqld started with the init script, or manually
<qman__> you could try to give it a friendly exit signal manually, 'sudo kill -1 1234' where 1234 is the PID for the process
<qman__> that sends a HUP, -15 sends a TERM, and -9 sends a KILL
<szczym> helo i setup webdev server, i would like to write and read all in /var/www/ - its all belonging to www-data:www-data so i added my self to group www-data and still cant write there, what is wrong ?
<qman__>  /var/www belongs to root on all my systems
<qman__> did you change it?
<mathiaz> kees: hi!
<qman__> also, /var/www is 755, so only the owner can write to it, not group owner
<qman__> you'd have to change that to 775
<mathiaz> kees: do you have some time to conduct a review of the image-store-proxy (bug 429894)?
<uvirtbot> Launchpad bug 429894 in image-store-proxy "MIR for image-store-proxy" [High,New] https://launchpad.net/bugs/429894
<szczym> that is example dir where i cant write drwxrwxrwx 2 www-data www-data 4096 2009-09-08 07:37 includes
<mathiaz> kees: it's a python daemon that is required for the image store on UEC
<szczym> higher dir also belongs to www-data
<qman__> since the permissions are 777 you don't even need to be in www-data to write there
<szczym> yes but i can`t ...
<szczym> btw i just added new user via useradd and i do it as that user
<szczym> that user belongs to www-data but not to sudoers
<qman__> you don't need to be in sudoers or www-data to write there
<qman__> the problem must be elsewhere
<szczym> ls
<kees> mathiaz: sure, was going to look at that today
<mathiaz> kees: great - thanks!
<kees> mathiaz: could it be made to run its tests during the build?
<mathiaz> kees: I could look into that - I just received the code yesterday
<mathiaz> kees: gutsavo said the test suite almost covered everything
<mathiaz> kees: one of the goal would be to get it on the -server iso for alpha6
<kees> mathiaz: yup, which is why I'd love to see it enabled in the build.
<mathiaz> kees: would that be a blocker for main promotion?
<mathiaz> kees: I can commit to enable it in the build for karmic
<mathiaz> kees: may be not in time for alpha6 though
<kees> mathiaz: let me make note in the bug
<kansan> having trouble loading up mysql on ubuntu hardy; heres my error message when attempting to start mysql: http://pastie.org/617720
<Hypnoz> does this file exist /etc/mysql/debian.cnf
<Hypnoz> and permissions look ok etc
<kansan> Hypnoz, huh?
<Hypnoz> not sure how else to phrase that. Does that file exist?
<kansan> no it doesnt
<kansan> Hypnoz, how do i create it
<Hypnoz> I think its supposed to be created when mysql is installed
<Hypnoz> but it looks like mysql is checking that file before it starts
<kees> mathiaz: I can't do promotions (you'll need an archive admin for that), but I have approved it in the bug report.
<mathiaz> kees: thanks!
<kees> np :)
<kansan> Hypnoz, so what to do
<Hypnoz> did you have anything in your mysql database or is this a new install?
<mathiaz> kees: should the status of bug 429894 be set to In Progress?
<uvirtbot> Launchpad bug 429894 in image-store-proxy "MIR for image-store-proxy" [High,Incomplete] https://launchpad.net/bugs/429894
<kees> mathiaz: probably, yes
 * mathiaz updates the status
<mathiaz> soren: where is the image store UI located? in the eucalyptus-cloud package?
<mathiaz> soren: I'm looking where to image-store-proxy should be added as a dependency
<mathiaz> soren: https://code.launchpad.net/~mathiaz/eucalyptus/image-store-proxy-recommends/+merge/11819
<mathiaz> soren: I've added python-image-store-proxy as a recommends on eucalyptus-cloud
<kirkland> mathiaz: howdy
<mathiaz> kirkland: yo!
<kirkland> mathiaz: do you still need that package reviewed?
<kirkland> mathiaz: sorry i'm just getting to it now
<mathiaz> kirkland: nope - it's already in the archive
<mathiaz> kirkland: MIR accepted and promoted to main
<kirkland> mathiaz: sorry about the delay, man
<axisys> where can I get the netboot image for ubuntu 7.10 sparc version
<mathiaz> kirkland: np
<axisys> ?
<kirkland> mathiaz: i've been swamped
<kirkland> mathiaz: okay, question for you ....
<axisys> i dont see it here http://old-releases.ubuntu.com/releases/7.10/
<mathiaz> kirkland: sure
<kirkland> mathiaz: how would preseed the debconf questions for moodle image built by vmbuilder?
<mathiaz> kirkland: hm - I don't know how vmbuilder support preseeds?
<mathiaz> kirkland: does it support preseeds?
<kirkland> soren: ?
<kirkland> hmm, okay another question ...
<kirkland> is it legit to "run" an image once, to fix up a few things, before making it an appliance image?
<mathiaz> kirkland: hm - I would guess so
<mathiaz> kirkland: It's like rebundling an image in EC2
<kirkland> smoser: have you done this before?
<mathiaz> kirkland: it's just that it's very reproducable
<soren> kirkland: It doesn't, no.
<mathiaz> kirkland: given the time frame I would do this for the moodle appliance
<kirkland> mathiaz: gotcha
<mathiaz> kirkland: and since vmbuilder doesn't support preseeds
<smoser> i've somewhat rebundled.
<smoser> i dont knwo what sort of doc we have for it.
<mathiaz> kirkland: it seems that's the only option for now
<kirkland> mathiaz: gotcha
<smoser> and personally i expect that its not perfectly bug free
<kirkland> okay, next question ... suggestions on what to do about this FQDN question?
<smoser> what is the FQDN question , for those of us who haven't been playing along at home
<kirkland> smoser: it's the one question I can't just choose a sane default for, in the moodle image
<kirkland> smoser: FQDN = fully qualified domain name
<kirkland> smoser: moodle's debconf uses this for the apache config, seeding the database, etc.
<kirkland> ideally, the user would choose this appropriately on first login to the system
<smoser> i'm guessing you've already tried and failed with localhost.localdomain or for some reason that isn't sufficient, right?
<kirkland> smoser: can't really point a web browser at that
<kirkland> smoser: after you do this, you just point a web browser at the hostname, and you work through a web-based setup utility
<kirkland> smoser: to customize your instance
<mathiaz> kirkland: hm - so you're trying to provide a default answer to the debconf question when the admin logs in?
<kirkland> mathiaz: there are about 5-6 questions
<kirkland> mathiaz: most of which we can "just pick"
<kirkland> mathiaz: do you want to use http or https?  we'll select http for this appliance
<kirkland> mathiaz: do you want to be able to access this from outside of localhost?  yes, of course
<smoser> but if you select localhost.localdomain, does it not listen then on all ip addresses ?
<kirkland> mathiaz: what is your FQDN, this is a critical question...?  ermmm, i was picking "moodle.local" and installing avahi-daemon
<kirkland> smoser: i don't think so... i'll try again, though
<kirkland> smoser: i think the apache conf sets it up to match only on this name
<mathiaz> kirkland: don't you have the remote hostname when the user logs in via ssh?
<mathiaz> kirkland: hm - well nevermind
<smoser> if it doesn't listen on all ips and you have to give it one (the *right* one) then i have no solution
<kirkland> smoser: okay, thanks for playing
<mathiaz> kirkland: well - my point being that the end user already knows what the FQDN of the appliance is
<mathiaz> kirkland: since he uses it to ssh into the vm
<mathiaz> kirkland: could it be possible to get that information automagically?
<kirkland> mathiaz: that's what I'm asking :-)
<mathiaz> kirkland: right - I don't how to do that.
<mathiaz> kirkland: so just ask the question on first login
<kirkland> mathiaz: okay
<mathiaz> kirkland: well
<mathiaz> kirkland: hm - if you need the fqdn for the apache virtualhost
<mathiaz> kirkland: you can configure the default virtualhost to server the moddle install
<mathiaz> kirkland: then you can also configure the db connection to use localhost
<mathiaz> kirkland: for what else is the FQDN needed?
<kirkland> mathiaz: i'm not sure
<smoser> wait
<mathiaz> kirkland: if it's just needed for the DB connection and the apache virtual host then you're good to go
<smoser> i'm sorry
<smoser> i misunderstood the question
<smoser> i thought you were wanting to provide an IP address at *build* time
<smoser> is that wrong ?
<smoser> if you want to find out the IP address of the running system at runtime, then thats easy. and also the fqdn at that time.
<kirkland> smoser: well, i can put a script in the image to run on first boot
<smoser> i'm confused . how were you trying to find the info ?
<smoser> or when did you want it ?
<kirkland> smoser: okay ... ideally, i think, the user would deploy this image
<smoser> you can't possibly know it at image build time (other than by using localhost or some canned IP and then doing some magic at boot to make that IP work like the real one)
<kirkland> smoser: and just point a web browser at a hostname or ip address
<kirkland> smoser: and just configure it from the web
<kirkland> smoser: never actually logging in over ssh
<kirkland> mathiaz: okay, here's a question i think you probably can answer ...
<kirkland> mathiaz: i'd like to write a script to set some debconf values, and then pass it to dpkg-reconfigure
<kirkland> mathiaz: that should be pretty doable, i think
<kirkland> hmm, that's kinda how d-i works....
<mathiaz> kirkland: yes - look at debconf-set-selections
<kirkland> mathiaz: thanks
<mathiaz> kirkland: right - I'm not sure that you'd actually need to run such a script
<mathiaz> kirkland: depending on what the FQDN is used for, you could just install a moodle in a vm
<mathiaz> kirkland: and rebundle it
<kirkland> mathiaz: hmm, i don't think i can have vmbuilder install the moodle package in the image for me
<kirkland> mathiaz: right, so i was going to use vmbuilder to create a jeos appliance
<mathiaz> kirkland: right - if that's the case, then you need to install the package manually
<kirkland> mathiaz: then run the image, install moodle
<kirkland> mathiaz: in debconf there, I would set all of the selections to sane defaults
<kirkland> mathiaz: then, i was going to leave a script to run at first boot
<kirkland> mathiaz: that would autodetect FQDN, and debconf-set-selection to that detected value
<mathiaz> kirkland: well - I'd investigate first what the FQDN is used for
<mathiaz> kirkland: you may be able to by pass it completely if it's not used for anything else than the DB connection and the apache virtual host
 * kirkland is looking at the source now
<kirkland> mathiaz:  Moodle will be configured to use this system's Fully Qualified Domain Name
<kirkland>  (FQDN). This must be correct, and you cannot easily change this after your
<kirkland>  Moodle installation is complete.
<kirkland> mathiaz: okay, so i don't have to provide that as input into moodle debconf...
<kirkland> mathiaz: its just that the system's hostname *must* be set correctly when moodle's debconf runs
<MK-ubuntu> hi, i was wondering
<MK-ubuntu> on my vps I was assigned 2 IPs ..
<MK-ubuntu> but, I cant seem to get the 2nd one to work.
<MK-ubuntu> can you guys help me?
<MK-ubuntu> anyone here at the moment?
<uvirtbot> New bug: #430226 in eucalyptus "modify image attribute (launch perms) always displays image as public" [Undecided,New] https://launchpad.net/bugs/430226
<MK-ubuntu> quiet everytime i come in
<mushroomtwo> MK-ubuntu: lurk moar
<MK-ubuntu> pardon?
<MK-ubuntu> mushroomtwo, ?
<apache> I have this entry on my Apache 2 access.log file but I have not 192.168.23.13 machine on my LAN. How is this possible?
<apache> 192.168.23.13 - - [15/Sep/2009:19:41:25 +0200] "GET /virtual/ HTTP/1.1" 200 12294 "http://my.host.name/" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.14) Gecko/2009082707 Firefox/3.0.14 (.NET CLR 3.5.30729)"
<genii> apache: Spoofing?
<genii> apache: If you have some unsecured wifi router, someone can manually put an IP address for themself that is on same segment and specify the router as gateway, etc all manually so no dhcp records get left.
<LeChacal> hello, i need to change the order in which certain modules are loaded so that one is loaded before the other, if i change the order of the lines in /lib/modules/2.6.28-15-server/modules.dep and /lib/modules/2.6.28-15-server/modules.order is that all i need to do?
<genii> LeChacal: They are loaded in the order listed
<LeChacal> genii: so i just change those two files and I am good, no where else?
<genii> LeChacal: If you have some list in /etc/modules  maybe
<LeChacal> geniiL i don't have anything in there, ok thank you I will try changing the orders
<thrillyb> hello #ubuntu-server
<domas> hello thrillyb
<thrillyb> do people talk a lot on irc anymore these days?
<thrillyb> or is it better to go to forums for help / discussion?
<thrillyb> lots of idlers?
<Slimu_> Hello
<Slimu_> Can anyone help? my hardy server wont go back online after a pwoer outage
<Slimu_> *power
<thrillyb> how far does it get?
<thrillyb> does it post video at all?
<Slimu_> It boots, and starts apache
<Slimu_> , and when i run ifconfig i can see the router
<Slimu_> but the networking directory has gone!
<thrillyb> oh!
<Slimu_> I looked in /etc/networking, and got: no such file or directrory
<Slimu_> erm - i mean /etc/network
<thrillyb> hehe
<thrillyb> was about to say
<Slimu_> Im still learning, but i got it all up and running for over 3 months before the power cut
<thrillyb> have you ever done a reboot successfully?
<Slimu_> thats one of the 1st things I tried, but no joy
<Slimu_> this is ODD: this time the /etc/interface directory is there, but the interfacces file is empty!
<thrillyb> before the power outage were you able to reboot though?
<Slimu_> yes
<thrillyb> k
<Slimu_> but i only rebooted after an update
<thrillyb> have you tried rerunning anything like this guide: http://www.ubuntugeek.com/ubuntu-networking-configuration-using-command-line.html
<Slimu_> I'll check that out now
<thrillyb> if the device is there that should work
<Slimu_> thanks for the pointer
<thrillyb> but if you had a power surge maybe something got toasted in your nic card
<kirkland> soren: what's the state of vmbuilder in LP and in karmic?
<kirkland> soren: i'm generating images, but they're not bootable
<kirkland> soren: at least not under kvm
<mathiaz> soren: from karmic?
<Slimu_> my router and server are on a surge protected cable and live behind a ups
<mathiaz> kirkland: do you know that karmic is broken right now?
<kirkland> mathiaz: yes, the image is jaunty
<thrillyb> k, you should be good then! :)
<Slimu_> brb
<mathiaz> kirkland: hm ok. if you're building an jaunty guest, then I don't know
<frojnd> Does anyone here connects with a phone using java MIDP 2.0 to a ssh and if so what java app do you use?
<rickspencer3> kirkland: I have a buddy who is starting a business, and thinks he is going to need to wrap some of the aws commands into a web UI
<rickspencer3> is there such a think already, or should he roll his own?
<kirkland> rickspencer3: possibly elasticfox
<rickspencer3> kirkland: what a name!
<rickspencer3> sounds like a plugin
<kirkland> rickspencer3: heh
<rickspencer3> I think he wants to render web pages
<kirkland> rickspencer3: its a firefox plugin
<rickspencer3> is there a project for that, I guess aws web interface?
<kirkland> rickspencer3: hmm, i might have misunderstood the question ...
<erichammond> rickspencer3: What exactly are you looking for
<erichammond> ?
<kirkland> rickspencer3: what sort of aws commands?
<rickspencer3> kirkland: create instance, etc...
<rickspencer3> describe instance
<rickspencer3> I think just so you can do it via a web ui instead of command line
<rickspencer3> hi erichammond :)
<erichammond> AWS is a (W)eb (S)ervice so all of the functionality is available through web APIs.
<erichammond> (programmable)
<kirkland> rickspencer3: people have put frontends around it ... eg elasticfox, rightscale
<rickspencer3> erichammond: right, but I think he wants to make his own that do specific tasks
<Slimu_> thrillyb: DAMIT: I went through the link that you posted, but i still cant get it online!
<rickspencer3> kirkland: erichammond - thanks!
<rickspencer3> I'll check those out
<kirkland> rickspencer3: no problem; come back if you get some specific questions ;-)
<erichammond> rickspencer3: What I'm saying is that he would put a human-usable web interface and interact with the AWS API on the back end, probably through one of the many programming language APIs.  If you know what programming language, we can point you in the right direction there, too.
<thrillyb> slimu_: what's your ifconfig say now?
<rickspencer3> erichammond: right
<Slimu_> thrillyb: it shows ip of 192.168.1.11, so ther router has assigned the ip address
<thrillyb> slimu_: can you ping the router and vice versa?
<Slimu_> thrillyb:the router conf page (on other desktop) shows the server as connected, but it wont let me ping
<thrillyb> hey everyone else... anyone have any experience setting up directory service with ec2? is it reasonable to even try?
<Slimu_> thrillyb: scap that. just refreshed the page and is says disconnected
<MK-BB> on my vps I was assigned 2 IPs ..but i got the 1st ip working but cant seem to set the second one up. can u help?
<thrillyb> erichammond: btw thanks for all your work with ec2 amis. I have used a handful and they're lovely
<thrillyb> slimu_: that's pretty effed up sounding
<erichammond> thrillyb: Glad to hear they're working for you.
<Slimu_> thrillyb: :-(
<thrillyb> slimu_: what does your /etc/interfaces look like?
<Slimu_> one mo
<Slimu_> its blank!
<Slimu_> i dont remember whats supposed to go in there anymore
<thrillyb> erichammond: we just updated to your 9.04s a month or so ago. currently trying to figure out a way to get multiple users on all our amis without updating them everytime we wanna add someone
<thrillyb> Slimu_: read the example for some good help > file less /usr/share/doc/ifupdown/examples/network-interfaces.gz
<Slimu_> thrillyb: ok. many thanks for that. sounds like i've found the problem
<thrillyb> Slimu_: no problem! access to the internet is probably pretty important for your server :)
<erichammond> thrillyb: What do you mean by "multiple users"?
<Slimu_> thrillyb: yea, I've been rendering some animations and wanted to add them to my site, and found the problem while trying to ssh into it
<erichammond> thrillyb: i.e., ssh accounts?  client web sites? ...?
<thrillyb> erichammond: admins and such. yeah ssh accounts mainly
<thrillyb> erichammond: i've been messing around with the idea of setting up LDAP to authenticate but the idea seems a lot simpler than the implementation
<erichammond> thrillyb: You should be aware that the current Amazon 2.6.21 kernel has a bug which allows normal users to gain root access.  It is possible to close this by downgrading to their latest 2.6.18 kernel or upgrading to Canonical's 2.6.27 kernel.
<erichammond> thrillyb: So the problem you're trying to solve is having users be able to log in to new instances started from your private AMI?
<thrillyb> erichammond: exactly. centrally stored usernames, passwords, home directories etc
<thrillyb> erichammond: and thanks for the note on the kernel vulnerability - that's frightening
<erichammond> thrillyb: Got it.  Lots of ways to do this, I suppose, depending on your requirements.  Also consider: (1) passing in user-data script which creates all accounts at instance boot, (2) startup script which downloads list of users to create from S3, possibly using private URL.
<erichammond> thrillyb: Adding users to existing instances could be done with chef/puppet/... or simple automated ssh scripts or cron jobs.
<erichammond> thrillyb: But if the list changes a lot, central service sounds like a good approach.  You just have to keep it running and solve the problem of having all instances talk to the correct master, especially if it needs to be replaced.
<erichammond> thrillyb: This approach may help with the last issue: http://alestic.com/2009/06/ec2-elastic-ip-internal
<thrillyb> erichammond: i've thought about a cronjob/rsync type situation, it sounds more legit the way you described it
<erichammond> thrillyb: I'm a fan of clean, simple, understandable systems. In many cases chef/puppet/et.al. is just complicating things.
<thrillyb> erichammond: LDAP or any of it's brethren are probably over kill
<thrillyb> erichammond: thanks for the guidance. i'll see give this a try.
<kirkland> mathiaz: smoser: \o/ moodle configurable by ip address alone
<ahe> kirkland: so does it work?
<kirkland> ahe: i'm getting there....
<ahe> cool
<ahe> i'm always interested in modifications, escpecially if there is something you couldn't do before
<dayo> how do i use something like `passwd -l` for users with ldap authenticated nfs home directories?
<uvirtbot> New bug: #430266 in eucalyptus "Failures in image registration should be reported as HTTP error codes" [Critical,Confirmed] https://launchpad.net/bugs/430266
#ubuntu-server 2009-09-16
<mathiaz> kirkland: hey - how could you check if you run in a virtual machine?
<kirkland> mathiaz: /proc/cpuinfo gives some hints
<kirkland> mathiaz: QEMU Virtual CPU version 0.10.92
<mathiaz> kirkland: I've been playing with facter (related to puppet)
<mathiaz> kirkland: it's used to provide facts about your system
<kirkland> mathiaz: neat
<mathiaz> kirkland: http://bazaar.launchpad.net/~vcs-imports/facter/master/annotate/head%3A/lib/facter/virtual.rb
<mathiaz> kirkland: ^^ this is the ruby code that checks whether you're running in a virtual or physical machine
<mathiaz> kirkland: http://bazaar.launchpad.net/~vcs-imports/facter/master/annotate/head%3A/lib/facter/util/virtual.rb
<mathiaz> kirkland: ^^ that's the actual code
<mathiaz> kirkland: kvm/qemu doesn't seem to be supported - how could you detect that?
<kirkland> mathiaz: /proc/cpu/info
<kirkland> mathiaz: /proc/cpuinfo
<kirkland> mathiaz: yeah, it's not in that file
<kirkland> mathiaz: kvm/qemu is easy
<mathiaz> kirkland: and grep for module name?
<kirkland> mathiaz: grep "^model name.*QEMU Virtual CPU"
<kirkland> mathiaz: grep "^model name.*QEMU Virtual CPU" /proc/cpuinfo
<kirkland> mathiaz: grep "^model name.*QEMU" /proc/cpuinfo
<kirkland> that would do it
<mathiaz> kirkland: great - thanks
<dna265> hello all
<kirkland> mathiaz: make sure you give me copyright assignment!
<kirkland> mathiaz: j/k :-)
<mathiaz> kirkland: http://projects.reductivelabs.com/issues/2067#note-10
<mathiaz> kirkland: they mentions having the hypervisor flag set
<docko> please recommend some good tool to check HDD in ubuntu 8.10. the disk was in software as a part of software raid1, there were some problems with the drive, now it's mounted in my desktop and seems to be working, but i want to check it
<zul> kees: http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/agent/mibgroup/host/hr_proc.c?r1=17265&r2=17415
<kees> zul: oh nice!  Can you add that to the bug report?
<kees> zul: changed again later: http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/agent/mibgroup/host/hr_proc.c?r1=17415&r2=17616
<kees> http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/trunk/net-snmp/agent/mibgroup/host/hr_proc.c?view=log#rev17415
<kees> I think two authors fixed the same bug differently.  ;)
<zul> kees: ill take a crack at fixing it tomorrow
<kees> cool, thanks
<zul> watching flight 666 right now
<mathiaz> kirkland: sure
<mathiaz> kirkland: let me check the moodle maintainer scripts
<kirkland> mathiaz: it's dh_input critical * in config
<uvirtbot> New bug: #430358 in bind9 (main) "bind9 + DLZ core dumps on AFXR request" [Undecided,New] https://launchpad.net/bugs/430358
<mathiaz> kirkland: hm - and the dependencies will screw everything
<mathiaz> kirkland: the moodle .config script will run *before* the moodle-appliance .config script
<mathiaz> kirkland: since the moodle-appliance would depend on moodle
<kirkland> mathiaz: poop
<mathiaz> kirkland: next solution in the line: puppet
<mathiaz> kirkland: you can create a puppet manifest that will configure everything at boot time
<mathiaz> kirkland: did your brain just explode because of how brilliant my solution is?
<kirkland> mathiaz: i'm thinking about it
<kirkland> mathiaz: i'm just really frustrated vmbuilder can't put the goddamn package into the image
<mathiaz> kirkland: right
<mathiaz> kirkland: another solution is to add support for preseed to vmbuilder
<mathiaz> kirkland: both puppet and d-i support this
<kirkland> mathiaz: yes
<kirkland> mathiaz: that needs to be done
<mathiaz> kirkland: so two solutions: 1. puppet recipe 2. vmbuilder preseed support
<mathiaz> kirkland: 2. requires some python hacking
<mathiaz> kirkland: 1. requires a new system to learn
<kirkland> mathiaz: there's no reasonable way i can force moodle-appliance to be installed before moodle ?  (besides pre-depends, which i don't want)?
<mathiaz> kirkland: well - you'd have to modify the moodle package
<kirkland> mathiaz: that's the only way?
<mathiaz> kirkland: uploading a moodle package to the virtual-appliance PPA
<kirkland> mathiaz: yeah, i'm thinking about that
<mathiaz> kirkland: with a moodle package depending on moodle-appliance
<kirkland> mathiaz: i was thinking that moodle could provide moodle-appliance
<mathiaz> kirkland: hm - well then you don't a moodle appliance package
<mathiaz> kirkland: you just modify the moodle package to actually do what you want
<mathiaz> kirkland: now - does vmbuilder support insalling packages from another PPA?
<kirkland> mathiaz: yes, it does do that
<mathiaz> kirkland: probably yes - as the postinst script
<mathiaz> kirkland: ah! what about using the --exec option?
<mathiaz> kirkland: http://paste.ubuntu.com/271763/
<mathiaz> kirkland: you can preseed all the debconf question in there and *then* apt-get install moodle
<mathiaz> kirkland: there == postinst script
<kirkland> mathiaz: hmm, that looks promising
<kirkland> mathiaz: rock on, i'll knock this around
<mathiaz> kirkland: yeah -that should do it
<kirkland> mathiaz: thanks
<mathiaz> kirkland: moodle config doesn't reset debconf question
<kirkland> mathiaz: thank goodness
<mathiaz> kirkland: so preseeding with debconf-set-selection *before* installing the package should work
<mathiaz> kirkland: well - some scripts reset the seen flag
<kirkland> bastards
<mathiaz> kirkland: under some circumstances
<mathiaz> kirkland: anyway - looks like a promising solution to me
<kirkland> mathiaz: i think so
<kirkland> mathiaz: thanks for the brainstorming
<mathiaz> kirkland: ah no
<mathiaz> kirkland: won't work
<mathiaz> kirkland: the mysql database is not running in the guest :/
<mathiaz> kirkland: so the postinst will fail
<mathiaz> kirkland: is it will not be able to create the tables
<kirkland> mathiaz: doh
<mathiaz> kirkland: wait
<mathiaz> kirkland: I'm reading moodle postinst script
<mathiaz> kirkland: hm
<mathiaz> kirkland: so it may be possible
<mathiaz> kirkland: the postinst script checks whether you want to create the db manually
<mathiaz> kirkland: so you can preseed that question
<thiagocrepaldi> any auth-client-config magician around ? i followed openldap server tutorial on ubuntu server 9.04 guide and it do not authenticate pam against ldap =/
<mathiaz> kirkland: moodle/db_create
<mathiaz> kirkland: what the script actually does (in DoMySQL) is to create a database
<kirkland> mathiaz: and then do that at machine startup
<mathiaz> kirkland: right
<mathiaz> kirkland: I was checking if you could use mysqldadmin to actually create the database when building the appliance
<mathiaz> kirkland: but it requires a running mysqld
<kirkland> mathiaz: well, i'm using postgres
<kirkland> mathiaz: but i get your point
<mathiaz> kirkland: ah - I haven't checked postgres
<kirkland> mathiaz: it defaults to postgresql
<mathiaz> kirkland: oh - then I think you're lucky
<mathiaz> kirkland: IIRC postgres doesn't require a running daemon
<mathiaz> kirkland: I may be wrong though
<mathiaz> kirkland: the rest of the postinst looks good to me
<mathiaz> kirkland: it may well work correctly
<kirkland> mathiaz: cool, thanks for the look
<uvirtbot> New bug: #305071 in vsftpd (main) "Corrupted file on anonymous upload" [Undecided,Incomplete] https://launchpad.net/bugs/305071
<uvirtbot> New bug: #403969 in eucalyptus "high CPU usage from cloud controller" [High,Fix committed] https://launchpad.net/bugs/403969
<uvirtbot> New bug: #385435 in eucalyptus "In MANAGED mode, with CLC and CC on same host, on first boot of CLC, Walrus URL is detected as 169.254.169.254" [Medium,Fix committed] https://launchpad.net/bugs/385435
<uvirtbot> New bug: #425526 in samba (main) "Kubuntu Karmic i386  Alpha 5 network copy/stream from samba share glitch approximately every 5 minutes" [Undecided,Incomplete] https://launchpad.net/bugs/425526
<kansan> how do i get rubygems > 1.3.1 on ubuntu hardy?  http://pastie.org/618463  is my attempt; failed :(
<twb> kansan: you don't.
<twb> Installing newer releases into an LTS environment breaks the whole point of using an LTS environment.
<CppIsWeird> im trying to get cpu temps on my server, from what ive read i should be seeing something in /proc/acpi/thermal_zone. If i see nothing in thermal_zone, does this mean that I do not have the ability to see my cpu's temp or do I have to install something further?
<_ruben> installinst lm-sensers tends to be a good start
<_ruben> s/installinst/installing/
<CppIsWeird> i have also done that
<CppIsWeird> i still see nothing in thermal_zone
<CppIsWeird> would a reboot be required?
<_ruben> run sensor-detect to configure, then sensors to see the result
<CppIsWeird> do you want to add these lines automatically? NO is bold. what does this mean exactly?
<CppIsWeird> nvm, i figured it out
<_ruben> some stuff needs to be added to some files
<_ruben> ok
<CppIsWeird> my modules file
<CppIsWeird> sensors command displays what i want, however i still have nothing in thermal_zone. any idea why?
<_ruben> nope, never used /proc for temp info
<_ruben> might need to load some (acpi) modules or so
<CppIsWeird> ah, ok, i'll have to google around with it some more. thanks for the help getting me started. :)
<soren> Whoo! My ISP just started offering 40/8 Mbit (down/up) connections.
<_ruben> nice
<_ruben> my cable isp can get me 50/3 atm .. downstream increasing to 100+ early next year .. rather pricy tho
<_ruben> currently at 20/1 dsl
<henkjan> soren: fiber to the home?
<soren> henkjan: VDSL2.
<soren> _ruben: 40/8 weighs in at around â¬65.
<twb> .au maxes out at ADSL2+, which IIRC is 20mbps down.
<twb> With throttling or excess charges if you download more than xGiB/mo.
<henkjan> FttH overhere 35,- for 35/35 (with a free upgrade to 100/100)
<_ruben> henkjan: where's that?
<henkjan> _ruben: Rijssen
<soren> FttH?
<_ruben> soren: abount the same for 50/3 i think, tho it'd include tv and phone as well
<_ruben> henkjan: which isp?
<soren> _ruben: Oh, right, this includes phone as well.
<henkjan> concepts ict
<henkjan> (the 100Mbit is not from concepts ;) )
<soren> henkjan: 35 what? Euros?
<henkjan> yep, 35,- EUR
<soren> henkjan: And why on Earth would anyone be on 35/35 if the upgrade to 100/100 is free?
<twb> http://en.wikipedia.org/wiki/National_Broadband_Network is the .au government propaganda about FTTH.
<henkjan> not exactly free
<henkjan> poking the right persons :)
<_ruben> i pay about 30 euro for my 20/1 now i think
<twb> henkjan: photos of the right people doing the wrong things
<henkjan> i just asked for native ipv6 and got 100/100 :)
<_ruben> in my area they're determining the possible userbase for ftth .. so far only 10% is interested, and they need like 40% or so in order to get the investors curious
<henkjan> too bad for you
<_ruben> kinda lame for a city that calls itself "the ict city" (zoetermeer)
<ftherese> how do I search the entire /etc directory to find a particular setting?
<ftherese> for example, a proxy server continues to get set system wide, and I don't know exactally where to disable it
<_ruben> grep -r somestring /etc/*
<_ruben> might wanna sudo do that
<ftherese> thank you ruben
<ftherese> how do you go about unsetting stuff in the gconf xml tree?
<ghostlines> hi all
<heath|otg> I need dovecot 1.2 for hardy, is there a good guide for how to build debs from source?
<dayo> where can i get a list of universities and colleges that use linux/ubuntu?
<uvirtbot> New bug: #429769 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: subprocess post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/429769
<_ruben> heath|otg: i'd use the dovecot 1.2 packages from debian (testing or unstable) and rebuild them for ubuntu
<heath|work> _ruben, what do you mean rebuild for ubuntu
<zul> morning, afternoon for you  danes
<heath|work> morning
<soren> zul: o/
<heath|work> Any way to build dovecot 1.2 for hardy?
<smoser> soren, i assume you must have looked at that build failure on nectarine ? there is a 20090916 and 20090916.2.
<smoser> had you ?
<soren> I'm working on it right now.
<soren> The first problem was that your patch from yesterday wasn't python 2.5 friendly. I did not catch this :(
<soren> Now it's just hanging during package install. I'm trying to work out why that might be.
<soren> ...and now I can't log into nectarine.
<soren> smoser: Can you?
<smoser> i'm in on nectarine now
<smoser> but i have been all night
<smoser> so i wont log out
<soren> Oh.
<smoser> sorry about the python 2.5... didn't know. when i saw locally there i didn't understand how my tests could have worked. the 2.5/2.6 makes sense.
<uvirtbot> New bug: #420960 in kaffeine "Karmic Alpha 4 playback stops when playing media stored on samba share" [Undecided,Invalid] https://launchpad.net/bugs/420960
<soren> smoser: Your ssh connection there is responsive?
<soren> smoser: No, it won't be, because it was just bounced. Never mind :(
<smoser> not now. it was 3 minutes ago
<soren> I'm back in.
<soren> Ng: Thanks.
<smoser> and now that evil peer reset my connection :)
<soren> I knew a guy called Peer once, actually.
<soren> Way before I saw that error for the first time, though.
<soren> Like... '93-ish.
<ghostlines> hi all, it shouldn't be a problem switching a between a amd motherboard and cpu with an intel motherboard and cpu right?
<soren> ghostlines: For Ubuntu? No.
<soren> Other than that? No clue.
<ghostlines> or during installation special configuration are done for the specific setup?
<ghostlines> no problems for ubuntu/linux huh, how are you so sure
<ghostlines> tried it already ?
<soren> It's just the sort of thing I know.
<soren> Hey, you asked. I answered.
<a_ok2> i want to connect to an iSCSI target what do i need?
<soren> a_ok2: open-iscsi.
<a_ok2> ty
<ghostlines> soren, no problem just checking
<garymc> im trying to enable AllowOveride=All so i can put a password in my website. Anyone help me do this?
<soren> garymc: What's the problem?
<garymc> i want to put a username and password on my server web site
<soren> Yes...
<garymc> using .htaccess and .htpasswd
<garymc> i created thos files put them in the web folder but it doesnt work
<garymc> I read that i gotta put "AllowOverride All" somewhere?
<soren> Don't put your .htpasswd in your web folder.
<garymc> i only got /var/www/webfiles
<soren> "AllowOverride  AuthConfig" will do.
<garymc> i only got /var/www/webfiles.htm
<garymc> where do i put that?
<soren> and it belongs in your apache configuration for the given virtualhost.
<garymc> in the htaccess?
<soren> No.
<soren> It defines what you can do from .htaccess.
<soren> If you could change it from .htaccess it'd be pointless :)
<garymc> ok where do i put the allowoverride?
<soren> 12:37:33 < soren> and it belongs in your apache configuration for the given virtualhost.
<garymc> thats my problem im a newbie and not sure where that is
<soren> Where are these files?
<soren> What's your webroot?
<garymc> my web files? /var/www/
<zul> soren: was Peer danish?
<garymc> soren : I put web pages in this folder /var/www/ if thats what you mean
<smoser> garymc, http config files should be under /etc/apache2. but my guess is that soren was going to give you a stanza here in a minute
<garymc> ok yeah i got a /etc/apache2 aswell
<smoser> for me, there is a file /etc/apache2/sites-available/default that has conf for that dir.
<smoser> :q
<garymc> i have that folder sites enabled with one file in there. 000-default
<garymc> i found it
<garymc> nice one smoser
<smoser> soren, i think that libc6-xen being added to the package list is causing the hang
<garymc> good stuff it works now
<smoser> after ctrl-c'ing it, the process that is stopping the unmount is '/sbin/getty 38400 xvc0'
<soren> zul: He was, yes.
<soren> smoser: could be. Let me try adding that locally and see if that makes it equally unhappy.
 * soren takes a quick break
<smoser> soren 2 things
<smoser> a.) that process definitely gets started in the jail, and detached, and is blocking the unmount on failure
<smoser>   granted i did ctrl-c the vmbuilder process though
<smoser> b.) vmbuilder/VMBuilder/plugins/ubuntu/hardy.py installs libc6-xen in a different way...
<smoser>  self.run_in_target('apt-get' ,'--force-yes', '-y', 'install', 'libc6-xen')
<smoser> but  my assessment was "it shouldn't need to do that, it should just work" and since i couldn't test it...
<uvirtbot> New bug: #405715 in janino (main) "Main Inclusion Report (Eucalyptus dependencies set 1)" [Undecided,Confirmed] https://launchpad.net/bugs/405715
<smoser> ugh.
<smoser> soren, no nectarine has no /dev/loop* devices
<garymc> smoser : how do i change the output folde of my web files from /var/www/ to /var/www/html/?
<uvirtbot> New bug: #423076 in qemu-kvm (main) "[patch] `kvm -name TITLE` option does not set gnome-panel name correctly" [Wishlist,Confirmed] https://launchpad.net/bugs/423076
<smoser> garymc, probably that same file
<garymc> yeah im trying that but its giving me errors in the browser now
<garymc> 500 internal server error
<garymc> anyone else know how i change this?
<Pici> garymc: What does your apache log file say about the errors?
<smoser> soren, well, i "fixed" hat wit 'udevadm trigger' now devices are back at least
<garymc> hang on ill do it again Pici
<garymc> it says all sorts of stuff
<garymc> ok its working now sort of?
<soren> smoser: Sure it does?
<soren> smoser: Oh.
 * ttx isotests and is amazed how fast the server boots now.
<uvirtbot> New bug: #430730 in freeradius (universe) "freeradius config needs freeradius-mysql" [Undecided,New] https://launchpad.net/bugs/430730
<garymc> how does adding a domain name to my web server work? Do i just point the domain at my ip?
<garymc> and how would i define if i had differnt .com addresses and more than one website hosted?
<uvirtbot> New bug: #430732 in freeradius (universe) "radclient doesn't work" [Undecided,New] https://launchpad.net/bugs/430732
<SockPant1> hi all
<SockPant1> i seem to have set a wrong password when i was installing ubuntu on one pc, how can i boot into SU mode and reset it?
<heath|work> SockPant1, just hit escape when loading Grub pops up and choose the recovery mode options
<KurtKraut> SockPant1, http://burnz.wordpress.com/2008/09/09/how-to-reset-ubuntu-root-password/
<heath|work> garymc, apache virtual hosting
<garymc> ok google it and read up on it i will
<heath|work> garymc, go to support.ubuntu.com and look at the server manuals. there are probably how to's in there
<SockPant1> how can i list users?
<smoser> garymc, i am not familiar with apache in many years, but it would appear that the way the ubuntu packages lay things out, you probalby want something in /etc/apache2/sites-enabled/000-my-new-site
<a_ok> soren: tried open-iscsi, is there something also something with decent documentation?
<KurtKraut> garymc, if you're not experienced in Apache, I'd recommend you trying lighttpd. It is faster and easier to configure.
<garymc> ok thanks
<heath|work> awsome: http://tomasz.sterna.tv/2009/07/dovecot-1-2-0-for-ubuntu-hardy/
<heath|work> s/awsome/awesome/
<SockPant1> i forgot what i set for a non-root user :S how can i see which users there are?
<KurtKraut> SockPant1, cat /etc/passwd | cut -d":" -f 1
<garymc> how do i chown a user to a directory and all of its contents?
<alab> Are there any options for server management gui beside ebox on ubuntu 9.04?
<garymc> i did "sudo chown gary:gary /var/www/html/"   but all contents have padlocks on them
<SockPant1> ah got it
<SockPant1> now, is it easy to change the hostname of the server? or would i have to change it in 1000 places
<heath|work> sudo chown -Rv gary:gary /var/www/html/
<heath|work> garymc, ^^
<garymc> thanks heath|work
<heath|work> SockPant1, 2 places
<SockPant1> heath|work: that's doable
<heath|work> /etc/hosts, /etc/hostname
<heath|work> then /etc/init.d/hostname.sh
<heath|work> all sudo of course
<atomic_1> anyone using ksplice on ubuntu server 8.04 ?
<SockPant1> alright that worked
<heath|work> SockPant1, check it out with hostname and hostname -f
<heath|work> the -f should show the fqdn
<SockPant1> i'm using 8.04 LTS because it's pretty old hardware, how do i make sure everything is as up to date as possible?
<heath|work> you mean packages?
<SockPant1> yeah, i suppose, what else?
<heath|work> sudo apt-get update && sudo apt-get dist-upgrade
<SockPant1> i mean, to the extent that it would still work and not increase system requirements by a significant amount
<SockPant1> what does dist-upgrade do?
<heath|work> grabs the new kernels
<SockPant1> but i would still be on ubuntu 8.04?
<heath|work> yes
<SockPant1> ok
<SockPant1> how about stuff like apache
<heath|work> the above command updates all packages
<SockPant1> alright :)
<heath|work> Anyone using dovecot 1.2 ?
<heath|work> on hardy
<orudie> is anyone interested in system admin job in NJ ?
<jgjones> NJ?
<orudie> yeah NJ
<jgjones> New Jersey?
<orudie> yes yes
<jgjones> (I'm from UK myself hence the question)
<Nafallo> ah. not New Jork
<jgjones> I'm looking for a job, but I think the work trip is a tad too far to NJ :)
<orudie> heh
<heath|work> orudie, how about remote?
<orudie> no remote sorry
<heath|work> :(
<JohnD23> where in NJ?
<orudie> JohnD23-> the recruiter didnt tell me, i live in NY so I said its too far for me , she said if i know someone then let her know
<jcastro> kirkland: dunno if you saw this yet: http://www.phoronix.com/scan.php?page=article&item=ubuntu_910_encryption&num=1
<leaf-sheep> Oh boy. Have I got a question for you! If I apt-mirror a repo, is it possible to create a hybrid merge of (private lan repo) and (public ubuntu repo) so the packages will first check private lan, then public ubuntu repo for packages?
<leaf-sheep> Somewhere in /etc/apt/sources.list
<_ruben> specify both repos in that file .. for each package apt will check which repo holds the most recent version and use that one
<clusty> how can I disable cpu throtelling and set to max freq?
<kirkland> jcastro: hadn't see it
<kirkland> jcastro: thanks
<KurtKraut> clusty, are you sure you want that? It will probably just increase your energy consumption without having an improvement on performance.
<clusty> KurtKraut, need to compile ATLAS
<ScottK> It still won't be any faster.
<clusty> ATLAS gives bad results when throtelling is enabled
<clusty> pfff
<clusty> i know
<clusty> ATLAS does timings on different params
<clusty> throtelling interferes
<clusty> is the maxperformance the governor
<clusty> ?
<clusty> cause it does not work
<clusty> but ondemand does
<clusty> performance is the name
<erichammond> jjohansen, smoser: EC2 kernel meeting?
<smoser> i'm here... i just pinged jjohansen separately, and no response yet, though
<erichammond> I think I'm an hour early.
<zul> he was up pretty late last night
<jjohansen> erichammond: yeah there will be a meeting, in about 45 min
<zul> smoser: you might be hitting the alpha breakage in your image
<smoser> zul, no
<smoser> soren figured it out.
<zul> oh what was it?
<SockPant1> this is probably a very nooby question but ive never done this before..
<SockPant1> how can i configure a static IP on eth0?
<SockPant1> on the cli
<heath|work> SockPant1, best thing to read: https://help.ubuntu.com/9.04/serverguide/C/index.html
<heath|work> item 4 in your case
<heath|work> Does anyone happen to know if managesieve support was compiled into dovecot for Hardy?
<soren> zul: You'll see :)
<smoser> https://code.launchpad.net/~soren/vmbuilder/smallest-patch-ever
<ttx> soren: if you plan another round of eucalyptus updates before alpha6, please consider fixing bug 430758
<uvirtbot> Launchpad bug 430758 in eucalyptus "Cloud installer / Cluster install hangs at reboot after install" [High,Triaged] https://launchpad.net/bugs/430758
<soren> It's a 4 bit patch.
<smoser> ttx, so should i start looking at filing a MIR for euca2ools ?
<ttx> soren:  the right fix is to rewrite those initscripts completely, but I guess some bandaid is better than nothing
<soren> ttx: You're core-dev, aren't you?
<soren> You are! pfffft... Then do it yourself.
<smoser> do others here agree that euca2ools really needs to be in main ?  the UEC really does depend on it, although (because he just wanted to argue) ttx argues that Eucalyptus does not strictly depend on euca2ools
<ttx> soren: I am ;) Just wanting not to collide with any other update you might have planned :P
<soren> smoser: I absolutely agree.
<soren> ttx: Oh, we do it all in bzr.
<zul> smoser:yes
<soren> ttx: And the way we do it makes it really easy to have multiple people working on it at the same time.
<smoser> ok, given that we need MIR for euca2ools for UEC, i am going to suggest replacement of ec2-ami-tools with euca2ools rather than removal of them from ec2-images.
<soren> ttx: If you have 5 minutes, I'd love to help you set it up.
<ttx> soren: I have, but I don't want to waste your precious alpha6-generation time
<uvirtbot> New bug: #430758 in eucalyptus (main) "Cloud installer / Cluster install hangs at reboot after install" [High,Triaged] https://launchpad.net/bugs/430758
 * smoser doesn't know that bzr qualifies as "really easy to have multiple people working on it"
<soren> ttx: Oh, I'm waiting for a build to finish anyway.
 * ttx smacks smoser on the head
<ttx> soren: ok, go
<SockPant1> hm
<SockPant1> it doesn't work.
<soren> ttx: Alright, create a suitable basedir for this. I use $HOME/src/Eucalyptus
<soren> ttx: In there, do "apt-get source eucalyptus".
<SockPant1> i've edited /etc/network/interfaces and /etc/resolv.conf, ping 10.0.0.1 gives 'connect: Network is unreachable'
<soren> ttx: To get the tarball.
<soren> ttx: Create a file called $HOME/.devscripts
<soren> put these two lines in there:
<soren> DEBCHANGE_RELEASE_HEURISTIC=changelog
<soren> DEBCHANGE_MULTIMAINT_MERGE=yes
<mathiaz> soren: https://code.launchpad.net/~mathiaz/eucalyptus/image-store-proxy-recommends/+merge/11819
<heath|work> SockPant1, did you restart networking?
<mathiaz> soren: ^^ did you get a chance to look at the image-store-proxy integration?
<ttx> soren: done
<mathiaz> soren: which is rather simple - -cloud recommends image-store-proxy
<SockPant1> heath|work: i was lazy and restarted the entire box
<SockPant1> ifconfig -a doesn't list an ip for eth0 eihter
<soren> ttx: Sorry, mathiaz disturbed me :)
<heath|work> SockPant1, pastebin your /etc/network file
<soren> ttx: Ok, now in that basedir you created, you do: bzr co lp:~ubuntu-core-dev/eucalyptus/ubuntu
<SockPant1> heath|work: difficult. i'll type it out
<kirkland> jcastro: he sure picked the worst platform to run these benchmarks on
<kirkland> jcastro: that's really disappointing
<soren> ttx: That will create an "ubuntu" directory. Every time you change something, you use dch to document the change ("dch 'Added a dependency on foo'") and debcommit to commit (and push, since it's a checkout)
<heath|work> brb
<ttx> ok
<SockPant1> heath|work: http://sockpants.pastebay.org/54772
<smoser> erichammond, i just sent a mail to ubuntu-ec2@lists.ubuntu.com regarding ec2-ami-tools in ec2 images that i would like your thoguths on
<jcastro> kirkland: he's been keen in the past on getting feedback on his methods.
<soren> ttx: When someone wants to make a new upload, they "dch --release", do whatever is needed to save the changelog (which gets opened in $EDITOR), and do a "debcommit --release".
<kirkland> jcastro: postgres, on a mini9, in an encrypted home directory?  seriously?
<soren> ttx: If anyone else should happen to have done the same, bzr will make a fuss.
<SockPant1> btw, this is ubuntu 8.04, i don't expect theres any difference in this case thought
<SockPant1> oh screw me i forgot 'auto eth0'
<SockPant1> ok
<SockPant1> ping works now, but it doesn't get any replies
<acalvo> hi
<SockPant1> probably a problem with my firewall
<acalvo> anyone knows the differences between rsync and rsyncd? maybe the final d is for daemon?
<nxvl> i think i just hited a bug, using gnome-terminal or terminator when i have two files with a space on it autocompletion doesn't work (as in "file 1 foo" and "file 2 foo" they won't complete with "file \ 1<tab>")
<nxvl> should i report the bug against bash-completion?
<nxvl> cjwatson: ^^
<cjwatson> surely that ought to be "file\ 1<tab">?
<cjwatson> err
<cjwatson> "file\ 1<tab>"
<nxvl> i just tested on the system terminal (<Cntrl><Alt><F1>) and it's present aswell
<cjwatson> but yes, it works fine without bash_completion and bash_completion breaks it
<cjwatson> it wouldn't be terminal-specific
<cjwatson> yes, file a bug on bash-completion
<nxvl> ok, thank you!
<Pici> nxvl: Are you using double quotes and backslash escaping??
<kirkland> soren: cjwatson: what writes the /etc/network/interfaces file in on the node during installation?  there's a bug in there
<kirkland> bridge_ports has no parameter (should be eth0 for me)
<kirkland> and thus, networking is broken on the node on first boot
<nxvl> Pici: nope, just using the quotes here to mark the start and end of the filename
<Pici> nxvl: Okay, just checking ;)
<cjwatson> kirkland: eucalyptus-udeb
<kirkland> cjwatson: thanks, i'll have a look there
<cjwatson> debian/eucalyptus-udeb.finish-install, specifically
<kirkland> i'll file a bug in the mean time
<cjwatson> kirkland: attach /var/log/installer/cdebconf/questions.dat, please
<nxvl> ugh
<kirkland> cjwatson: ack
<nxvl> why https://bugs.edge.launchpad.net/ubuntu/+source/bash-completion/+filebug redirects to https://help.ubuntu.com/community/ReportingBugs
<cjwatson> yes, it's very annoying
<cjwatson> either use 'ubuntu-bug bash-completion'
<cjwatson> or use +filebug?no-redirect
<ScottK> nxvl: There was mail to devel-discuss yesterday explaining it.
<jjohansen> ----- Alright time for the EC2 kernel status meeting ----
<nxvl> ScottK: ugh, well, i found how to avoid the redirection :D
<ScottK> Just don't file bugs is another option.
<jjohansen> smoser, erichammond: ready?
<rtg> smoser, jjohansen - any changes or progress since yesterday.
<rtg> ?
<nxvl> ScottK: not an option for me, filing bugs is fun :D
<erichammond> o/
<jjohansen> rtg: a little
<cjwatson> ScottK: I can't see it on devel-discuss. Am I missing something?
<jjohansen> smoser had an image lock up
<ScottK> cjwatson: Maybe I mis-remember.  Let me look.
<rtg> smoser, 32 or 64 bit?
<smoser> 32
<jjohansen> we need to try and duplicate, there is really nothing useful in the logs
<SockPant1> can i see whether a network interface is 10
<smoser> the thing was mostly idle and had been up for close to 2 days.
<SockPant1> *10-BASE-T or 100-BASE-TX
<rtg> smoser, how could you tell it was a lockup? no net access?
<jmarsden> cjwatson: It was on ubuntu-devel-announce from Brian Murray
<smoser> my open ssh connection went dead. no ping, no new ssh connections.
<smoser> yeah, not much science involved... i waited a few minutes, it didn't come back, i rebooted, it was back.
<rtg> smoser, any possibility that Amazon did something to it?
<smoser> there is obviously the possibility of ill timed temporary network issues
<erichammond> smoser: Was the problem experienced in the last few hours?
<smoser> yeah
<ScottK> cjwatson: It was the ubuntu-motu list.  Oddly, I see replies to the mail, but not the actual mail in the list archive: https://lists.ubuntu.com/archives/ubuntu-motu/2009-September/006141.html
<erichammond> http://ec2status.notlong.com
<erichammond> There were temporary, isolated network issues
<erichammond> but the reboot timing seems suspect
<rtg> smoser, I _hope_ thats what it was.
<smoser> well..
<jjohansen> well it is the first time we have seen it
<smoser> uptime shows "up  1:01"
<smoser> i've not rebooted it sense, so that puts my issue smack dab in between
<smoser> 07:41:11 AM PDT We are investigating connectivity issues in US-EAST-1.
<smoser> 08:18:25 AM PDT We have identified a problematic
<smoser> i'll put this information in the bug. thank you mr hammond
<rtg> smoser, erichammond: I'm still working on linux-meta-ec2, I kind of got distracted yesterday. jjohansen has been checking out some config changes.
<jjohansen> we should still make sure to launch some images and keep them up
<jjohansen> right
<jjohansen> gone through testing of EC2 kernels with a more virtual like config and i386 has problems, but 64 bit boots
<erichammond> I just switched an automated process of mine to the Karmic AMI to test it out. It was pingable, but port 22 never came up.  At first glance the console output seems odd, ending at "udev: starting version 146"
<nxvl> cjwatson: Bug #430817, can you please Confirm it, so it gets more attention?
<uvirtbot> Launchpad bug 430817 in bash-completion "Bash completion doesn't work on files with a space" [Undecided,New] https://launchpad.net/bugs/430817
<jjohansen> erichammond: which ami
<rtg> erichammond, are we getting smacked by archive inconsistencies? it was a mess yesterday.
<erichammond> ami-a40fefcd - I'm trying to reproduce
<rtg> smoser, I suggest you not update userspace wholesale until slangasek declares a stable A6.
<erichammond> rtg: What's an archive inconsistency?  Ubuntu archive mirrors?
<slangasek> update what wholesale?
<slangasek> erichammond: packages in the archive not installable
<slangasek> minor things like ubuntu-minimal
<rtg> slangasek, EC2 AMI
<slangasek> rtg: er, certainly not, we need test AMIs made available *before* Alpha 6 can be released
<slangasek> for inclusion in the alpha
<erichammond> rtg: I don't see how archives could affect an instance at startup or running when it's not doing an upgrade or install.
<rtg> slangasek, I guess it depends on what we're testing. I've been focused on kernels.
<jjohansen> erichammond: the ami could have been built from an inconsistent archive
<smoser> erichammond, http://paste.ubuntu.com/272180/ is a log of mine, that was reachable... the udev messages should be real close to when network pops up.
<slangasek> jjohansen: it probably wouldn't have built at all in the case of an inconsistent archive.  But maybe it would fail to boot in interesting ways :)
<rtg> slangasek, kind of like my server this morning?
<rtg> woudln't boot
<cjwatson> nxvl: in reality it makes no difference, so I'm not going to spend time on paperwork
<smoser> little things like not booting should be ignored
<cjwatson> rtg: separate /usr or /var?
<slangasek> rtg: if you dist-upgraded it yesterday, definitely possible.  Do you have that sorted yet?
<rtg> seperate /home, raid0
<rtg> slangasek, just reinstalled / with an older CD
<smoser> but despite that, today, I hope to get an ec2 built and upto ec2. soren has debugged some issues we were having with vmbuilder and i think we can at least get one built at the moment.
<nxvl> cjwatson: heh, ok :D
<rtg> smoser, jjohansen: ok, anything else?
<jjohansen> not from me
<slangasek> rtg: ah; doesn't sound like any of the other bugs I know about, would be good to have some debugging info so that alpha6 isn't broken for that case
<erichammond> investigating... will respond in a moment
<rtg> slangasek, I can likely reproduce it.
<rtg> slangasek, how do I enable boot script debug?
<slangasek> um... ask Keybuk
<slangasek> the debugging I've been doing has all been interactive
<rtg> slangasek, ok, I'll update and see if I can repro.
<erichammond> smoser: Thanks for the console output.  Mine seems similar at first glance.  I was able to reproduce port 22 not responding on boot.  I will investigate more and submit a bug if I can figure things out.
<smoser> port 22 doesnt respond, but ping does ?
<smoser> oh. never mind. ping never does.
<jjohansen> erichammond: are you specifying user data
<erichammond> smoser: Correct: ping works.  Without any evidence I am going to start by suspecting something to user data
<erichammond> jjohansen: Is user-data broken?
<smoser> the ami that erichammond said he was using is the alpha5.1, which has function when no user-data
<erichammond> ah
<smoser> the alpha5 hung if no user data was passed.
<jjohansen> smoser: ah, I haven't tested with that one yet
<erichammond> no, the other way around
<erichammond> I'm getting problems with the instance that gets user-data.  I don't know if this is the entire cause, I'll investigate later.
<uvirtbot> New bug: #430825 in bind9 (main) "package bind9 1:9.6.1.dfsg.P1-3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/430825
<erichammond> I didn't quite follow some of the comments.  Is a new karmic AMI or AKI going to be published before Alpha6?
<erichammond> (I think it's a great idea to know that what is going to be built will work, instead of having to followup with more fixes)
<smoser> i will put todays nightly up to ec2 for my own testing.. and i can give others access to it, but i wont send mail about it. just to see if there are issues that would prevent alpha6 from arriving tomorrow.
<erichammond> cool
<smoser> there will not be a new aki
<erichammond> smoser: I would normally ask for access, but doubt I'll have time to test today.
<erichammond> unless I figure out this startup bug and we need to verify a fix
<smoser> erichammond, the only aki change is that i uploaded the current karmic kernels to canonical-cloud-us and canonical-cloud-eu buckets
<smoser> (rather than being in karmic-kernel-zul)
<erichammond> smoser: good idea
<smoser> the new aki/ari are:
<smoser> current/us-east-1/i386/karmic   aki-841efeed ari-9a1efef3
<smoser> current/us-east-1/x86_64/karmic aki-9c1efef5 ari-901efef9
<smoser> current/eu-west-1/i386/karmic   aki-4879523c ari-4a79523e
<smoser> current/eu-west-1/x86_64/karmic aki-34795240 ari-36795242
<smoser> and, erichammond i *really* want to get to a consistent naming format, so your thoughts on that mail i sent would be appreciated (but i recognize you being busy).
<smoser> i have to work on a suggestion for kernel naming format, though
<erichammond> smoser: It's in my todo queue, but reminding me is fine :)
<jjohansen> anything else? or can we adjourn
<erichammond> I'm good.  (Board meeting coming up)
<jjohansen> alright lets adjourn, thanks everyone
<rtg> later
<Vashta_Nerada> On my private Ip addressed Lan, I'm trying to get my xp to connect to and view my ubuntu via NX, result:"Connection refused".....  I then try to make an ssh connection using putty, result "Putty fatal error, network error, connection refused".... I believe i have setup ssh correctly on the ubuntu, although I don't know for sure, I've looked into it and I think it's a "key" issue, but I can't...
<Vashta_Nerada> ...be sure, any ideas?
<hjmf> Vashta_Nerada: silly question: do you have openssh-server installed and configured in your linux box
<hjmf> ?
<Vashta_Nerada> not a silly question at all
<Vashta_Nerada> i believe i do
<hjmf> Vashta_Nerada: if so, can you nmap your linux box to see if your ssh port is open?
<Vashta_Nerada> possibly with your help
<Vashta_Nerada> hold on, i'm telnetting in
<hjmf> Vashta_Nerada: OMG! telnet! :-( disable it ;.)
<ghostlines> :p
<Vashta_Nerada> eventually!
<hjmf> Vashta_Nerada: do apt-get update && apt-get install openssh-server
<Vashta_Nerada> i thought i should nmap
<KillMeNow> ummm yea, i only use telnet for troubleshooting network port connects
<Vashta_Nerada> i think i did openssh already
<KillMeNow> never run a telnet daemon, very bad
<hjmf> yep, just to confirm
<Vashta_Nerada> why? i'm behind my router
<hjmf> Vashta_Nerada: do you have wifi?
<Vashta_Nerada> the ports are blocked
<Vashta_Nerada> yeah
<hjmf> then disable telnet :-)
<KillMeNow> cause everything is sent clear text, including passwords
<Vashta_Nerada> ok well
<Vashta_Nerada> i guess you have a point
<hjmf> sniffing wifi traffic is funny
<Vashta_Nerada> no, i see your point
<hjmf> telnet is easy to watch
<Vashta_Nerada> ok so how do i nmap?
<Vashta_Nerada> just type nmap?
<Vashta_Nerada> ha
<KillMeNow> nmap requires some extra switches
<Vashta_Nerada> you're going to kill me
<hagedorn> hey, cant resolve dns names with telnet,ssh,w3m etc bunt able to ping host over dns names,... whats wrong ?
<Vashta_Nerada> its not installed
<hjmf> Vashta_Nerada: install it and run: nmap your-linux-ip
<Vashta_Nerada> will do
<hagedorn> http://pastie.org/619016
<hjmf> Vashta_Nerada: you'll have to see the port 22 open
<Vashta_Nerada> ya know i know i tried to mess with the port as per instructions of nx
<Vashta_Nerada> so i'm pretty sure i have that mess to deal with
<hjmf> Vashta_Nerada: then check the port you defined is open
<Vashta_Nerada> but let's make sure of all the ducks
<Vashta_Nerada> nmap is installed, do you have a command suggestion?
<hjmf> nmap your-linux-server-ip
<Vashta_Nerada> sorry you had said that
<hjmf> or nmap your-linux-server-ip -p the_port_you_think_should_be_listening_by_ssh
<Vashta_Nerada> ummm
<Vashta_Nerada> 22 is not open, and the port that i changed ssh to is not open!
<hjmf> If you are not sure what did you change I suggest to do
<hjmf> apt-get remove --purge openssh-server
<hjmf> apt-get remove openssh-server
<bdmurray> Is there a difference between the uec-images tag and the ec2-images tag?
<hjmf> after that, port 22 should be back
<Vashta_Nerada> i remember the port
<hjmf> apt-get install openssh-server
<hjmf> i meant
<Vashta_Nerada> how do i open it
<hjmf> editing the /etc/ssh/sshd.conf file
<hjmf> and restarting the openssh server
<Vashta_Nerada> ok let me see
<hjmf> as /etc/init.d/sshd restart
<Vashta_Nerada> (thanks for all this btw)
<hjmf> K ;-)
<mathiaz> kirkland: are you doing some iso testing for alpha6?
<bdmurray> smoser: Is there a difference between the uec-images tag and the ec2-images tag?
<Vashta_Nerada> vi sshd.conf
<Vashta_Nerada> absolutely nothing in it
<hjmf> Vashta_Nerada: trust me, do:
<hjmf> apt-get remove --purge openssh-server
<Vashta_Nerada> lol
<hjmf> apt-get install openssh-server
<Vashta_Nerada> you got it
<smoser> bdmurray, yes.
<smoser> ec2-images is restricted to things that affect the images on ec2
<Vashta_Nerada> i'll take care of that and come back
<smoser> uec would be for things wrong with the images not only on ec2
<Vashta_Nerada> thanks hjmf
<bdmurray> smoser: could you add them to https://wiki.ubuntu.com/Bugs/Tags?
<smoser> mainly the difference is kernel
<smoser> bdmurray, i can
<bdmurray> smoser: great thanks!
<Vashta_Nerada> hmmm, i forgot to be sudo when i tried that vi
<Vashta_Nerada> forgive my n00bishness
<KillMeNow> so anyone know when they are going to push out a new kernel for Ubuntu 9.x where we can disable IPv6?
<ink> Does anyone have mod_jk working with tomcat6 and apache in Karmic?  I can't get apache to pass requests off over ajp13
<Vashta_Nerada> eh,..... nm .... purging .....
<smoser> bdmurray, where do you think those fall ? what category there
<bdmurray> smoser: more specific seems like the closest fit, the tags could use a reorg
<smoser> ok. i'll put them there.
<bdmurray> I could add them to the greasemonkey tagging script too if you'd like
<smoser> interesting bug in sudo that i'm seeing on jaunty
<clusty> got a small problem about nfs performance. i recently configured homes on new machines on NFS mounts. thing is that write performance stinks. 1 single compile task on some node loads up the hdd to 95+%
<clusty> any options i shoul dbe using?
<clusty> so far i have: rw,sync,no_subtree_check
<Vashta_Nerada> hjmf: you rock
<Vashta_Nerada> i'm sshed into it
<Vashta_Nerada> now.... how do i disable telnet?  XD
<KillMeNow> turn off the daemon and make sure it doesn't start at any run level
<Vashta_Nerada> hmmm
<Vashta_Nerada> ok, i'll google that stuff
<Vashta_Nerada> thanks guys!
<smoser> sudo bug on jaunty: http://paste.ubuntu.com/272257/
<uvirtbot> New bug: #430820 in eucalyptus (main) "eucalyptus node install results in broken /etc/network/interfaces" [High,Triaged] https://launchpad.net/bugs/430820
<heath|work> Anyone know how I can get the phone number off my internal aircard to get it activated in my laptop through ubuntu?
<jbernard_> smoser: only jaunty it looks like, works fine in karmic for me
<ahasenack> smoser: what if you run it as "bash /tmp/test.sh"?
<smoser> jbernard_, right. same here.
<smoser> ahasenack, even stranger
<mushroomblue> hosed sshd?
<ahasenack> or "sh /tmp/test.sh"
<mushroomblue> nevermind.
<ahasenack> and yeah, there is that signal bug in udev that was fixed yesterday or so
<smoser> $ sudo -i bash /tmp/test.sh
<smoser> /bin/bash: /bin/bash: cannot execute binary file
<ahasenack> but doesn't seem to apply
<ahasenack> smoser: I mean without sudo
<smoser> well then it shouldn't get the set -e, and should print out both
<smoser> (and does)
<ahasenack> smoser: isn't that what sudo -i does?
<ahasenack> -i says it will use the user's shell
<ahasenack> so I'm thinking the "-e" in your bangline will be ignored. In fact, the whole line
<smoser> hm... i gues you're right. so as far as "use shell", thats good behavior, if you want to just get initial login like behavior , its bad.
<ahasenack> it has to add a parameter to the shell
<ahasenack> better to use "set -e" explicitly in the shell script
<MagicFab> Hi all
<MagicFab> I've just created an LVM volume
<MagicFab> How can I have it mount at boot ? Should I just stick vgchange -ay in an init script ?
<KillMeNow> MagicFab:  http://ubuntuforums.org/showthread.php?t=83813
<MagicFab> KillMeNow, that's from 2005 - and I do have a proper entry in fsatb but I still have to activate the LVM manually.
<MagicFab> fstab*
<KillMeNow> https://bugs.launchpad.net/ubuntu/+bug/368551
<uvirtbot> Launchpad bug 368551 in ubuntu "Ubuntu 9.04 does not run vgchange before mounting filesystems" [Undecided,New]
<KillMeNow> looks like there may be a bug
<KillMeNow> check that and see if it fits
<MagicFab> KillMeNow, geez, can't believe I'm going to confirm that one :(
<cjwatson> smoser: indeed, what ahasenack said - I've got into the habit of always using 'set -e' explicitly rather than putting it on the #! line, not least because it means that if you do 'sh -x script' to debug it you don't also change its error handling behaviour!
<smoser> for what its worth, karmic's sudo fixes all those issues.
<cjwatson> it's a good idea to adjust practices anyway though
<smoser> are there guidelines for a main inclusion request ?
<ink> is anyone else having problems booting with karmic server 64bit since the updates this week?
<ink> can't find network, can't find USB (which makes logging in impossible)
<zul> smoser, https://wiki.ubuntu.com/MainInclusionReportTemplate
<smoser> yeah, i just saw that. thank you zul
<zul> np
<soren> mathiaz: We'd like to get a bunch of eucalyptus fixes onto the CD, so we'll respin them. Are you up for another round of iso testing?
<mathiaz> soren: sure
<soren> Cool.
<heath|work> SockPant2, sorry I was afk for a while. Did you get everything sorted out?
<superbeef> I'm running 2.6.24-24-server #1 SMP on 8.04LTS 64bit........ When I watch top, I notice that nomatter what load i put on it, the 2nd CPU core stays idle.    Even if I do like make -j4 on some source, the 2nd core is abandoned......    Any idea as to what would cause that?
<SockPant> hi
<SockPant> how can i list packages that are installed?
<SockPant> and how can i search for new packages/
<thiagocrepaldi> did anyone try follow https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html to build an openldap server with PAM authentication ? auth-client-confi is modifying nsswitch.conf, only. common-* aren't being updated when auth-client-config si runned
<heath|work> SockPant, dpkg -l  lists installed packages
<heath|work> apt-cache search  or  aptitude search
<kansan> i cannot shut down mysql server on ubuntu hardy server with sudo /etc/init.d/mysql stop ... any suggestions on how to make this work?  i also looked log files in /var/log/mysql and didnt see anything.
<guntbert> kansan: what happens when you try?
<kansan> guntbert,  * Stopping MySQL database server mysqld                                                                                                                                                                [fail]
<guntbert> kansan: I'm following in #ubuntu :-)
<kansan> ok ;p
<thiagocrepaldi> try cat /var/log/mysql.log or cat /var/log/mysql.err
<SockPant> my system time seems to be off by a few years, how can i sync it with the intenet? shouldnt it do so automatically/
<guntbert> SockPant: see https://help.ubuntu.com/9.04/serverguide/C/NTP.html
<smoser> slangasek, at the moment i have
<smoser> alpha-6 ec2 amis:
<smoser> us-east-1.i386.karmic.ami:    ami-fa658593
<smoser> us-east-1.x86_64.karmic.ami:  ami-1a658573
<smoser> i've sniffed both of those and am migrating to eu
<slangasek> smoser: thanks, posting to the tracker
<slangasek> poted
<slangasek> posted, rather
<smoser> slangasek,
<smoser> us-east-1.i386.karmic.ami:    ami-fa658593
<smoser> us-east-1.x86_64.karmic.ami:  ami-1a658573
<smoser> eu-west-1.i386.karmic.ami:    ami-56785322
<smoser> eu-west-1.x86_64.karmic.ami:  ami-50785324
<slangasek> smoser: ok, all posted
<soren> smoser: Updated the version query thingie.
<thiagocrepaldi> how can i authenticate my jaunty thorugh openldap ? i followed https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html but looks like that auth-client-config is not being a good boy
<soren> smoser: If I want to make a git tree look the way it did at a particular revision, what do I do?
<soren> smoser: "git reset sha"? Or is there more to it?
<soren> --hard helps somewhat...
 * soren calls it a day
<thiagocrepaldi> JAUNTY does not have ldap.conf in slapd package ?
<KillMeNow> IIRC it uses the CN
<Vashta_Nerada> I previously turned telnet on in my ununtu 9.04, I've searched for documentation for this but can't find any.... can someone help me "turn off the telnet daemon and make sure it doesn't start at any run level"
<KillMeNow> to stop the daemon:  /etc/init.d/telnet stop
<KillMeNow> you can install chkconfig if you like
<Vashta_Nerada> init.d is not there
<Vashta_Nerada> ouch sorry
<KillMeNow> and then use chkconfig to "list" its currently level
<Vashta_Nerada> it is there
<Vashta_Nerada> trying /etc/init.d/telnet stop.........no such file or directory
<Vashta_Nerada> althought i can get to the directory
<Vashta_Nerada> ... something confusing to me....
<Vashta_Nerada> it is
<Vashta_Nerada> i'm in init.d and i ls
<Vashta_Nerada> and don't see telnet
<KillMeNow> then there isn't a telnet daemon running
<KillMeNow> netstat -nap | grep 23
<KillMeNow> are you mixing up Telnet with SSH?
<Vashta_Nerada> then how have i telnetted into it almost every day for the past month
<Vashta_Nerada> no dude, you guys helped me set up ssh today!
<KillMeNow> ok
<KillMeNow> well i was in and out all day
<Vashta_Nerada> nahh, that's cool
<KillMeNow> telnet runs on port 23
<Vashta_Nerada> i appreciate the help btw
<Vashta_Nerada> ummm, i'm installing chkconfig
<Vashta_Nerada> installed
<KillMeNow> if port 23 isn't being actively listened on, there is no daemon  unless you bound the daemon to a non statndard port
<KillMeNow> chkconfig --list telnet
<Vashta_Nerada> well if i did, putty didn't know it and it still worked
<KillMeNow> well, if we set up ssh today
<KillMeNow> so, do this
<KillMeNow> find /etc/init.d/ -name telnetd
<Vashta_Nerada> ESTABLISHED 24391/in.telnetd: 1
<KillMeNow> ok then you have telnetd
<Vashta_Nerada> that's from netstat
<KillMeNow> try this:  /etc/init.d/telnetd stop
<Vashta_Nerada> ok golly
<Vashta_Nerada> in /etc/init.d# ls t*
<Vashta_Nerada> no such file or directory
<Vashta_Nerada> haven't got a telnet in the init.d
<Vashta_Nerada> if i
<Vashta_Nerada> locate telnet
<Vashta_Nerada> i get a bunch of entries
<Vashta_Nerada> wanna hear a few?
<Vashta_Nerada> or am i just n00bing out on you
<KillMeNow> at the moment, i wanna take a nap
<KillMeNow> LOL
<Vashta_Nerada> lmao
<KillMeNow> look for the PID entry
<Vashta_Nerada> that's how i felt when i asked you before!!!
<Vashta_Nerada> and that's what i did
<KillMeNow> there has to be the telnetd daemon running
<Vashta_Nerada> dude, i'm gonna try tomorrow
 * KillMeNow been burning the candle at both ends for 2 weeks
<Vashta_Nerada> i don't know how to look for one
 * KillMeNow needs a break
<Vashta_Nerada> but this is fuuuuunnn
<KillMeNow> ps -ef | grep telnetd
<KillMeNow> or ps aux | grep telnetd
<KillMeNow> otherwise do a lsof -i tcp:23
<Vashta_Nerada> telnetd  24391  0.0  0.1   2064   760 ?        Ss   12:40   0:00 in.telnetd: 192.168.2.4
<Vashta_Nerada> among other stuff that might be relevant
<Vashta_Nerada> program tenetd can be found in
<Vashta_Nerada> inetutils-telnetd
<Vashta_Nerada> krb5-telnetd
<KillMeNow> are you telnetting in to this box?
<Vashta_Nerada> ah, that happened when i accidentally entered telnetd
<Vashta_Nerada> oh yeah i'm in
<Vashta_Nerada> sshed at the same time
<KillMeNow> ok drop the telnet connection
<Vashta_Nerada> lol
<KillMeNow> only use the ssh
<Vashta_Nerada> you hate me now
<Vashta_Nerada> ok
<Vashta_Nerada> i'm only in with ssh
<Vashta_Nerada> sorry, i forgot i wanted to see if i could pull the carpet out from under it
<Vashta_Nerada> go take a nap dude
<Vashta_Nerada> i'll ask the magic 8-ball again tomorrow
<KillMeNow> heh
<Vashta_Nerada> thanks!
<KillMeNow> ok
#ubuntu-server 2009-09-17
<eqx311> hi
<mathiaz> smoser: hi!
<mathiaz> smoser: I'm going through the test case "EC2 Single instance"
<mathiaz> smoser: at http://testcases.qa.ubuntu.com/System/CloudImages
<mathiaz> smoser: what's that actual things I need to do for point 7.?
<mathiaz> smoser: "Pass a --user-data script to the new instance" ??
<KillMeNow> no idea mathiaz
<erichammond> mathiaz: I added that --user-data note so it wouldn't get lost.  I'm about to head to an interview dinner, but I'll be online in a few hours.  If it's urgent you can also call my cell (number sent separately).
<mathiaz> erichammond: ok - not urgent.
<erichammond> mathiaz: I do think this is important to test because I believe the last public AMI might have a problem with user-data that I was going to test later.
<mathiaz> erichammond: just wondering about the actual step required. I'll give it a try
<mathiaz> erichammond: agreed.
<mathiaz> erichammond: I'll update the test case if I can find something
<erichammond> For now, any simple --user-data-file will do as long as it starts with #!/bin/bash and runs a few commands.  Then look in /var/log/syslog and search for "user-data" (I think) to see if it got run.
<erichammond> mathiaz: The problem I was having was that sshd never started listening on port 22 when I ran with --user-data-file
<erichammond> I don't know if it was the specific script I passed or the fact that I was passing user-data.
<smoser> mathiaz, erichammond is right on how to test
<mathiaz> smoser: ok - great.
<mathiaz> smoser: bug 431103
<uvirtbot> Launchpad bug 431103 in ec2-init "ssh host key fingerprint no longer available in the console log" [Undecided,New] https://launchpad.net/bugs/431103
<mathiaz> smoser: ^^ reported from an AMI using ubuntu-bug
<smoser> printf "#!/bin/sh\necho =========== HELLO =============== | tee /tmp/my.txt\n" > /tmp/user-data.sh
<smoser> printf '#!/bin/sh\necho =========== HELLO =============== | tee /tmp/my.txt\n' > /tmp/user-data.sh
<mathiaz> smoser: I had to add the ec2-images tag when filing the bug though
<smoser> then start instance with --user-data-file /tmp/my.txt
<mathiaz> smoser: could you update the test case with the exact steps?
<smoser> sure.
<centaur5> Can a MySQL and PostgreSQL database be retrieved even if you can't chroot into the Ubuntu install to use mysqldump?
<smoser> mathiaz, is that system still up ?
<mathiaz> smoser: hm -bug 431103?
<uvirtbot> Launchpad bug 431103 in ec2-init "ssh host key fingerprint no longer available in the console log" [Undecided,New] https://launchpad.net/bugs/431103
<mathiaz> smoser: the system nope - I've booted another one
<mathiaz> smoser: and it's still the same issue
<smoser> seriously?
<mathiaz> smoser: going through the syslog shows that the fingerprint is actually printed to syslog
<mathiaz> smoser: this is eu-west1 though
<smoser> yeah, i noticed that too
<mathiaz> smoser: ha - Sep 17 01:21:11 ubuntu rsyslogd-2039: Could no open output file '/dev/xconsole' [try http://www.rsyslog.com/e/2039 ]
<smoser> yeah. somethign needs to be told to write to /dev/xvc0
<smoser> where di dyou see that message ?
<mathiaz> smoser: in /var/log/syslog
<mathiaz> smoser: http://paste.ubuntu.com/272455/
<mathiaz> smoser: more contextual lines: http://paste.ubuntu.com/272456/
<smoser> do you know why it looks there ? as opposed to anywhere else ?
<smoser> oh. xconsole.
<smoser> as in bootsplash or things such as that ?
<mathiaz> smoser: line 14 is the last one printed on the console
<mathiaz> smoser: I don't know
<mathiaz> smoser: IIRC zul was working on a similar bug in the first AMIs
<smoser> yeah. i think we've seen something like that before.
<mathiaz> smoser: found it: http://paste.ubuntu.com/272457/
<mathiaz> smoser: ok - I've updated bug 431103 with my findings
<uvirtbot> Launchpad bug 431103 in ec2-init "ssh host key fingerprint no longer available in the console log" [High,Triaged] https://launchpad.net/bugs/431103
<mathiaz> smoser: it's probably a blocker for release (I've marked as High) however I haven't milestoned it
<smoser> i dont think its blocker.
<mathiaz> smoser: well - you can't trust if your connecting to the right host
<mathiaz> smoser: I didn't mean a blocker for alpha6
<mathiaz> smoser: I think it should be fixed for karmic
<smoser> absolutely
<smoser> have you seen: http://alestic.com/2009/08/ec2-poll-fingerprint
<smoser> thats why i didn't think blocker for alpha6
<mathiaz> smoser: oh right. not a blocker for alpha6
<mathiaz> smoser: but it should probably be milestoned for beta
<smoser> yeah.
<smoser> done
<mathiaz> smoser: can you accept nominations?
<mathiaz> smoser: I just did it for the bug
<mathiaz> smoser: but I was wondering if you could accept a nomination
<smoser> i dont think i can.
<ScottK> mathiaz: Is that for 431103?
<mathiaz> ScottK: yes
<ScottK> Someone milestoned it for beta.
<mathiaz> smoser: it's all set correcty now
<mathiaz> ScottK: yes - I nominated/accepted it for karmic
<ScottK> OK
<mathiaz> ScottK: and smoser assigned itself and milestoned it for beta
<mathiaz> *himself*
 * ScottK nods.
<szczym> helo all i use ubuntu 8.04.3 server on p4 with 720 mb ram, i have only 2 copy processes over sshd (sshfs) and one cp from local ntfs disk to local ext3 (other disk). all system is very slow, i have 4.05 in top and its not very responsive. the cp process is 500 KB/s but should be 5MB/s. how i could diagnose its problem ?
<szczym> in top the moust intensive process is sshd with 0.3 cpu and mount.ntfs with 0.2 cpu. system is using only 200k of swap
<smoser> mathiaz, with the data center cloud that i have access to, do i have ability to upload-bundle and such ?
<mathiaz> smoser: it should be possible
<mathiaz> smoser: I haven't tested it yet
<mathiaz> smoser: I was debugging it with Ng - but I didn't get through the whole process
<mathiaz> smoser: but the goal is to make it possible
<ScottK> No iotop in hardy, so that won't work.
<mathiaz> kirkland: right - I've seen the fixes
<mathiaz> kirkland: I've noticed some strange things in my seeded node controller install
<mathiaz> kirkland: I end up with a cloud controller rather than a node controller
<mathiaz> kirkland: it may be related to bad preseeds - I'll investigate later
<mathiaz> kirkland: if you could check that both cloud installs are working correctly I can focus on the other tests in the meantime
<kirkland> mathiaz: where working correctly means making it through the install, and services running on reboot?
<kirkland> mathiaz: i haven't tried to get past that (ie, registration, running an image, etc)
<mathiaz> kirkland: yeah - I think that's enough for now
<mathiaz> kirkland: making the right packages get installed
<eqx311> g'
<quizme> libqt4-dbg  <--- where can i get this?  don't i need to modify /etc/apt/sources.list  ?
<kirkland> mathiaz: yeah, that's what ttx told me earlier
<Bytes> Buenas noches!!!
<kirkland> mathiaz: \o/
<kirkland> mathiaz: my tests seem to work, save one networking issue on the -nc
<kirkland> mathiaz: i'm going to commit a fix for that now
<mathiaz> kirkland: cool!
<mathiaz> kirkland: by testing, you meant that you've got an UEC cloud up and running on your two computers?
<kirkland> mathiaz: on the -nc, i found that i had to change iface eth0 inet from dhcp to manual
<kirkland> mathiaz: i have a cc/cloud/storage system
<kirkland> mathiaz: and i have an nc
<kirkland> mathiaz: both installed from the latest iso
<kirkland> mathiaz: all services up and running on boot
<mathiaz> kirkland: and you can register/start instances?
<kirkland> mathiaz: i have not tried to register
<mathiaz> kirkland: oh ok.
<kirkland> mathiaz: come one, now, you're asking too much :-)
<mathiaz> kirkland: so you've checked that the expected packages are there
<mathiaz> kirkland: which is what is written in the test case
<mathiaz> kirkland: was this with amd64 or i386?
<kirkland> mathiaz: amd64
<graphic> Hey I need some help with make files
<graphic> Anyone point me in a good direction, I dont know how to get the load_makefile statement to work
<Tazm> Hey guys, quick question. Is there any way you can check the raid-5 status of an unbuntu 6.1 server?
<ScottK> You mean 6.10?
<Tazm> Yeah 6.10 sorry
<ScottK> You know 6.10 hasn't been supported in about a year and a half, right?
<mathiaz> Tazm: try to look into /proc/mdstat
<Tazm> Thanks guys.
<kirkland> smoser: manpage search at http://people.canonical.com/~kirkland/search.html is fixed ;-)
<artillerytx> Hey guys for some reason my zone files are not updating with my slave server
<error404notfound> i have a machine with vpn configured over it, iptables with everything allow and nat for the wan interface. Problem is systems behind that router can't access vpn, not even ping. I found that machines behind the router dont get any route add for the vpn.
<twb> Is your server configured to route packets?
<soren> Is "the router" and the machine with the vpn connection the same thing?
<twb> Good question
<error404notfound> twb, ?
<error404notfound> soren, yes..
<twb> The VPN endpoint must be configured to route packets between the "real" network and the VPN.
<soren> Also, why would they get a route for the vpn? Have you configured your dhcp to give one?
<error404notfound> soren, i call it router.
<soren> Well in that case, why do you need a specific route
<soren> +?
<error404notfound> twb, how to do that? i never knew :(
<twb> error404notfound: turn routing on in sysctl.conf, and make sure your FORWARD chain isn't too liberal (or too restrictive).
<twb> net.ipv4.ip_forward=1 and net.ipv6.conf.all.forwarding=1
<error404notfound> i have forwarding allowed
<error404notfound> twb is gone :(
<_ruben> error404notfound: you should do some traffic sniffing (wireshark/tcpdump) to see where you packets are going
<error404notfound> _ruben, hmm, ok..
<error404notfound> _ruben, 08:13:21.772241 IP (tos 0xa0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 757) 192.168.1.123.2048 > 192.168.56.1.5060: SIP, length: 729	REGISTER sip:192.168.56.1 SIP/2.0
<error404notfound> that tells me that snom voip phones behind router are sending requests for register, but they can't reach 56.1 vpn ip, i have a tcpdump there as well
<_ruben> what kind of vpn is this?
<_ruben> and on which interface did you run tcpdump?
<uvirtbot> New bug: #430486 in samba (main) "net.samba3 crashed with SIGSEGV in free()" [Medium,New] https://launchpad.net/bugs/430486
<error404notfound> _ruben, openvpn
<error404notfound> _ruben, on all
<error404notfound> i will be back in a while
<error404notfound> _ruben, i am back
<ttx> soren: I've been trying to rebuild eucalyptus from the bzr tree you helped me to setup yesterday... But my pbuilder is stopping asking me questions about already-applied patches: http://pastebin.ubuntu.com/272655/
<buckethead> Hey guys, I can't get the apparmor module to load. Anybody know what I might be missing?
<soren> ttx: Just accept the defaults.
<ttx> soren: regular buildds apparently don't care.
<soren> ttx: Right. Their stdin is /dev/null, so patch accepts the defaults for you.
<ttx> soren: I figured that :) Just wondering if that's something we should fix
<soren> ttx: Feel free :)
<soren> ttx: Just move the patch thing inside the REBUILD_STUBS conditional, and you should be good.
<ttx> soren: ok
<_ruben> error404notfound: did you run tcpdump on the internal (lan) interface or on the tun/tap (openvpn) interface?
<error404notfound> _ruben, i just ran: tcpdump -v | grep ".123"
<error404notfound> _ruben, on tun0 e.g. vpn interface: 09:35:13.834107 IP (tos 0xa0, ttl  63, id 0, offset 0, flags [DF], proto: UDP (17), length: 757) 192.168.1.123.2049 > 192.168.56.1.5060: SIP, length: 729
<error404notfound> so request is going fine from here..
<_ruben> but nothing on the tun interface on the remote box? .. then next would be to check if you see the encapsulated vpn traffic on your wan interface
<error404notfound> okay...
<error404notfound> _ruben, how do i check for vpn traffic?
<_ruben> error404notfound: tcpdump -nvi *yourwaninterface* port *portconfiguredinopenvpn*
<error404notfound> _ruben, i do get "11:39:56.229785 IP (tos 0x10, ttl 64, id 43253, offset 0, flags [none], proto UDP (17), length 75) 192.168.56.1.7410 > 192.168.56.6.iax: UDP, length 47" on remote hosts tun interface
<_ruben> looks NAT'ed
<_ruben> wait .. which ip is trying to contact which ? which is client and which is server? .. because first snippet shows 192.168.1.123 -> 192.168.56.1 and second shows 192.168.56.1 -> 192.168.56.6
<error404notfound> _ruben, okay, i see a lot of openvpn packets being sent to remote host from the router
<error404notfound> first was from the local router, second one was from remote router
<error404notfound> local router vpn ip is 56.22, and remote host's is 56.1
<error404notfound> no vpn ip of local router is 192.168.1.1, and that snom voip phone has 1.123
<error404notfound> on remote host i get: Sep 17 11:44:47 server ovpn-iaxvpn[7093]: snom-home/202.35.120.118:2049 MULTI: bad source address from client [192.168.1.123], packet dropped
<error404notfound> where 1.123 is the ip assign by local router to my snom voip phone
<error404notfound> nat is not working good on vpn packets?
<_ruben> NAT shouldnt be used at all with VPNs .. that's pretty much the whole idea of VPNs
<_ruben> well .. one of several ideas of VPNs
<error404notfound> _ruben, so i should remove that line of "MASQUERADE" from my firewall script?
<_ruben> error404notfound: probably not, but you should exempt your VPN traffic from it
<error404notfound> _ruben, iptables -nvL doest print anything..
<error404notfound> _ruben, like? sorry, i am total noob in this case...
<_ruben> because its in the nat table and not filter .. use iptables-save to see full output
<error404notfound> _ruben, redirect traffic from certain ports to tun0?
<_ruben> no, dont touch it at all, just accept it .. assuming you want 192.168.1.123 to able to talk with 192.168.56.6 'directly' and your openvpn config allows that
<_ruben> basically, firewalling and vpns are very noob-friendly in my experience
<error404notfound> _ruben, have i show you my iptables rules script?
<error404notfound> _ruben, http://pastie.org/619956
<error404notfound> tells about my interfaces on router and iptables rules and policies
<uvirtbot> New bug: #431274 in eucalyptus (main) "Cluster controller initscripts do not output messages at boot" [Low,Triaged] https://launchpad.net/bugs/431274
<oversize> hello, where can i modify the command that starts dnsmasq with libvirtd? I would like to change the ip range of the dhcp that the libvirt guests use by default but cant find where. htop shows the command with --dhcp-range but as said, where can i modify it?  thx
 * soren lunches
<maxagaz> how to check which application use which port of the network ?
<oversize> maxagaz: try lsof -i
<oversize> use sudo to see all daemons
<maxagaz> oversize, thanks :)
<jdstrand> oversize: see the net-define, net-dumpxml and net-destroy commands for virsh (see man 1 virsh). I also see a 'net-edit' command on karmic, but am not sure when it was introduced
<acalvo> hi, anyone using backuppc? (#backuppc is almost dead...)
<soren> ttx: My eucalyptus install picked a heck of a time to blow up :(
<ttx> soren: beh
<ttx> soren: any sign of potential recovery ?
 * soren tries wiping it from the face of the Earth again and starts over
<ttx> soren: in the meantime I'll ask smoser to do the UEC repack dumbtest, and zul to run the EC2 multipleinstances one. That should get us covered.
<soren> ttx: /me hopes so
<ttx> zul: could you take care of running the EC2/multiinstance tests from http://iso.qa.ubuntu.com/qatracker/build/all/all ?
<zul> ttx: sure
<uvirtbot> New bug: #431815 in samba (main) "pdbedit crashed with SIGSEGV in talloc_free()" [Undecided,New] https://launchpad.net/bugs/431815
<ttx> zul: unless you prefer to test rebundling of the UEC images to EC2, your call.
<zul> ttx: heh ill do the multiinstance tests
<smoser> ttx, rebundling to ec2 ?
<ttx> smoser: see "EC2" at the bottom of http://testcases.qa.ubuntu.com/System/CloudImages
<ttx> smoser: I know it must look a lot like what you originally did to get those EC2 deliverables.
<smoser> ttx, i can do that test. thats fine.
<ttx> smoser: we might have trouble (again) completing the UECimage/UEC test, so having a +1 in that UECimage/EC2 checkbox might help.
<ttx> smoser: thx
<zul> hah...it would help if I was using the right key
<smoser> yeah. fwiw last night i tried to interface with the canonical-cloud instance
<smoser> the intent was to upload those to there
<smoser> but it seems ill at the moment
<ttx> smoser: and soren's setup also blew up, he's working on fixing it.
<soren> I think I'm almost there.
<ttx> smoser: and the Eucalyptoids are sleeping.
 * soren found a few /rather/ annoying issues.
<zul> smoser: did the libc6 stuff get fixed?
<smoser> yes, but you still see the message if thats what the next question is :)
<smoser> the message comes from the glibc in the initramfs
<zul> ok
<smoser> i'm not 100% certain on that, but definitely all programs that you run in user space are getting the correct libdl and libc
 * soren shouts and screams
<zul> smoser: also the regular boot messages (ie syslog starting) after that message is not coming up either
<soren> smoser: Have you used euca-bundle-kernel?
<soren> Err..
<soren> euca-bundle-image, I mean.
<smoser> soren, i have. i think.
<soren> What did you pass as the user id?
<soren> I don't see where Eucalyptus exposes my user id.
<soren> Oh!
<soren> Found it!
<smoser> hm...yeah. ec2
<soren> hm?
<smoser> i'm guessing thats like the aws account number, right?
<soren> Right.
<soren> It's listed in eucarc.
<soren> And nowhere else, as far as I can see.
<soren> and only in one of the alias wrappers around ec2-foo-bar
<kwork> hello, i have ubuntu on my hdd, now i accuired new pc with new hdd, so i want to transfer my old system to new box
<kwork> any ideas
<kwork> my first idea was to use dd, but im not sure can i do it, when the size of disks isnt the same
<giovani> kwork: the cleanest method would be to do a fresh install on the new hard drive -- but, there are ways of expanding partitions once you copy them over
<kwork> im kinda lazy to install all the packages i have installed at the moment
<giovani> you could export a list of installed packages, and have them all reinstalled in one shot
<giovani> like I said, you can dd the drive over to the new one, and then work to expand the partition(s) -- it's just not always very clean
<uvirtbot> New bug: #406346 in netty (main) "Main Inclusion Report (Eucalyptus dependencies set 2)" [Undecided,In progress] https://launchpad.net/bugs/406346
<garymc> i know this may not be the right channel, but If I DMZ my home router to my XBOX360 my gaming stuff works super quick. More so than just with the specified ports opened. What i wanna know is, is it risky to leave my XBOX360 on DMZ. Cos I thought it wouldnt matter so much
<soren> ttx: Ok, I've managed to bundle, upload, and register kernel, ramdisk, and image. I can't boot an instance, though.
<zul> hah eucalyptus has surpassed mysql in the bug count
<soren> How about php5?
<soren> I thought that was worse.
<ttx> zul: it's still far from beating samba yet.
<zul> soren: nope php5 is under control ;)
<zul> ttx: its getting there
 * soren is fetching the euca2ools bzr branch
<soren> 23 MB so far...
<soren> ?!?
<ttx> smoser: how is the UEC rebundling doing ?
<smoser> rebundled, uploaded, registered, waiting on exit from 'pending'
<smoser> for both x86_64 and i386
<Ng> soren: kirkland: have either of you guys successfully brought up eucalyptus in karmic yet?
<Ng> EtienneG and I have both failed so far ;)
<kirkland> Ng: define "brought up"
<kirkland> Ng: i have installed the cc and the nc
<kirkland> Ng: and the services run
<kirkland> Ng: i have not registered the nc with the cc
<kirkland> Ng: nor run images
<Ng> kirkland: ok. I guess I mean "seen it actually work" :)
<soren> I'm failing at running instances.
<soren> I'm getting authentication failures.
<soren> com.eucalyptus.ws.AuthenticationException: User authentication failed.
<soren> Specifically.
<jpds> http://www.datacenterknowledge.com/archives/2009/09/14/video-data-center-floods-in-istanbul/
<ttx> soren: I want to get rid of eucalyptus-javadeps in karmic (was only needed for euca-1.5) -- any objection ?
<soren> ttx: No, the sooner the better.
<ttx> soren: the process is to subscribe ubuntu-archive to the bug, right ?
<soren> ttx: I was /just/ discussing this with Ng.
<soren> ttx: Yes.
<soren> ttx: And we should make eucalyptus-cloud conflict with it (or Breaks:? I'm not sure) as well.
<Ng> \o/
<smoser> ttx, where it that i log that i ran that test ? the rebundle-to-ec2 ?
<smoser> is it one of http://iso.qa.ubuntu.com/qatracker/test/3007 ?
<ttx> http://iso.qa.ubuntu.com/qatracker/result/3006/358
<ttx> http://iso.qa.ubuntu.com/qatracker/result/3007/359
<ttx> The naming is incorrect
<ttx> should be a "rebundle to EC2" test
<ttx> not "Install (EC2 Single Instance)"
<smoser> ok. i marked those 2 as passed. (which they did)
<smoser> also, i attached step by step instructions to the test doc
<ttx> smoser: I think the rebundle (step 8) in the EC2 single instance test should be a separate test
<ttx> ttx: as well as the user-data test.
<ttx> ttx: yes, you're right.
 * ttx disconnects dual personality mode for a bit.
<smoser> well, rebundling it is essentially exactly what i did
<smoser> other than i didn't run all of the tests
<smoser> i agree, it should be a separate test
<ttx> except that the rebundle in the first case is from EC2, not starting from the img.tar.gz
<ttx> smoser: do you have the Alpha6 HEADER on standby ?
<soren> jdstrand: https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/431090   Something you could look at?
<uvirtbot> Launchpad bug 431090 in eucalyptus "libvirt apparmor profile is preventing libvirt from running eucalyptus VMs" [Undecided,New]
<jdstrand> soren: sure thing
<ttx> soren: did you tag your recently-filed new eucalyptus bugs ?
<smoser> ttx, i do have it ready
<soren> ttx: I believe so.
<ttx> smoser: so you are ready to trigger, right
<smoser> safety is off
<uvirtbot> New bug: #431114 in eucalyptus (main) "/var/run/eucalyptus is not being set with correct permissions on machine reboot" [Undecided,New] https://launchpad.net/bugs/431114
<mcupples> I'm running the following script as root and it gives me a value for the variable CONSUMPTIONS.  When I run it as a daemon (user: nagios) the variable is not set.  http://pastebin.com/d7bbd9b7d
<samuel> hi, looking for a recommendation for what kind of setup to do for SSO (Single Sign On Setup)
<samuel> i'm setting up a 80% Linux Desktop & Server network - with a few potential windows clients
<samuel> do i use Kerberos? NIS, LDAP, Samba+Winbind?
<soren> ttx: I've milestoned my favourite Eucalyptus bugs now.
<ink> mcupples:  you have to "source" the script; in bash you'd do `. blah.sh`
<mcupples> ink: I'm sorry, I don't follow.  Lemme see...
<jjohansen> well its time for the EC2 kernel status meeting
<jjohansen> smoser, erichammond: you ready
<smoser> ready
<erichammond> jjohansen: as I'll ever be.
<jjohansen> alright, lets start then
<mcupples> ink: Do you mean for me to change this line to something else?  In my paths?  CONSUMPTIONS=`/usr/sbin/rabbitmqctl list_queues | /bin/grep consumptions | /usr/bin/awk '{print $2}'`
<jjohansen> So I don't have much to update from yesterday
<jjohansen> I started looking at i386 configs to get the more virtual like config working but didn't get very far on it
<smoser> i dont have any progress either.
<ink> mcupples:  can the nagios users run /usr/sbin/rabbitmqctl?
<smoser> erichammond, without releasing to much information, i'll just comment that the casual browsing user might see images labeled alpha6 in available images on ec2.
<smoser> and we've been working on testing those.
<ink> su to nagios and try out `/usr/sbin/rabbitmqctl list_queues`
<jjohansen> smoser: ohh!, I will have to test that out.
<jdstrand> soren: re bug #431090
<uvirtbot> Launchpad bug 431090 in eucalyptus "libvirt apparmor profile is preventing libvirt from running eucalyptus VMs" [High,Incomplete] https://launchpad.net/bugs/431090
<mcupples> ink: This happens when I try that: sudo -u nagios /usr/sbin/rabbitmqctl list_queues | /bin/grep consumptions | /usr/bin/awk '{print $2}'
<mcupples> Kernel pid terminated (application_controller) ({application_start_failure,kernel,{shutdown,{kernel,start,[normal,[]]}}})
<soren> jdstrand: shoot
<mathiaz> samuel: have a look at https://help.ubuntu.com/9.04/serverguide/C/network-authentication.html
<erichammond> smoser: sweet
<jcastro> https://wiki.ubuntu.com/Testing/EC2
<jdstrand> soren: are they using a patched libvirt? how did they specify the radically different location for the log (and I assume pid and monitor)
<smoser> i really hate that you can't rename files on ec2
<jcastro> hear ye, hear ye, feedback on EC2 testing plan wanted!
<smoser> err... rename images.
<jcastro> (and good morning everyone)
<smoser> as such, if i want to test am image (and record results against that ami) i have to publish it with its final name
<erichammond> smoser: yeah
<smoser> (granted, i could one-by-one add launch permissions)
<mcupples> ink: So I'd imagine no?  It doesn't have permission?  How would I go about giving the nagios user permission to run that?
<erichammond> smoser: You can ... right
<smoser> i guess once we (if we ever) get to nightly pushes, then i would feel ok telling people to test against the nighly and then just promoting it to a new name
<soren> jdstrand:         <serial type="file">
<soren>             <source path='BASEPATH/console.log'/>
<soren>             <target port='1'/>
<soren>         </serial>
<soren> Like so.
<soren> ...where BASEPATH is something exotic.
<jdstrand> soren: ah, ok. so the pidfile and monitor file should be fine
<ink> mcupples:  you could change permissions, but that may not work entirely
<ink> another option is to allow the nagios user to run that command w/o a password by editing /etc/sudoers
<erichammond> smoser: Sounds reasonable since it would be the same image.  I can't think offhand how that could go wrong.
<smoser> jdstrand, sorry to ignore you, but rushing to get final pieces of this release in place.
 * jdstrand didn't feel ignored at all
<erichammond> jjohansen, smoser: anything else?
<jjohansen> nope
<smoser> no.
<jjohansen> oh 1 more thing
<smoser> we've got a busy beta coming up though
<zul> stupid internets
<jjohansen> though the meetings are canceled for the next week, I will be around mon and tues
<ttx> soren, smoser: I'll be afk for the next hours, checking backlog regularly though.
<jjohansen> so we might just want to do an informal update tuesday when we are all online at somepoint
<jjohansen> smoser, erichammond: thanks, lets call it meeting adjourned
<erichammond> thanks
<soren> ttx: Alright.
<ttx> soren: UEC image test should be completed in ~1h
<soren> Awesome.
<smoser> so if i want to push something to launchpad
<smoser> am i right that the new repo has to be lp:~smoser/some-existing-project-here ?
<smoser> i can't just push to lp:~smoser/my-test-stuff
<smoser> i see https://help.launchpad.net/NonProjectBranches
<jcastro> you need to register a branch first
<jcastro> in the webui, you can't just push to an arbritary url
<smoser> for anyone interested, i just pushed to https://code.launchpad.net/~smoser/ubuntu-on-ec2/ami-pages . i was annoyed by my un-organized managing of ami pages and HEADER pages for uec-images.ubuntu.com
 * soren calls it a day as well
<jdstrand> soren: the proper fix for bug #431090 is to get the path to the serial console from xml and the libvirt-<uuid>.files dynamically. I should be able to do this in my resubmission to upstream. In the meantime, as soon as Daniel responds to my requests, I can provide a workaround and upload it today
<uvirtbot> Launchpad bug 431090 in eucalyptus "libvirt apparmor profile is preventing libvirt from running eucalyptus VMs" [High,Incomplete] https://launchpad.net/bugs/431090
<jdstrand> soren: are you interested in a quick workaround to be removed at some later date when the proper fix is available?
<smoser> thanks jcastro
<uvirtbot> New bug: #431969 in php5 (main) "php-pear installation through aptitude is not working" [Undecided,New] https://launchpad.net/bugs/431969
<slicslak> i'm updating an old box and i can't seem to update or install any packages.  when i update it erros with lines like: Failed to fetch http://security.ubuntu.com/ubuntu/dists/gutsy-security/main/binary-i386/Packages.gz  404 Not Found
<smoser> jcastro, ideally my new branch wouldn't be tagged as "junk" just because its nto a fully hosted launchpad project
<aubre> in Karmic Eucalyptus 1.6 when I try to use the web interface to specify a custom location for my bukkits what should I use in the "Walrus host" field?
<aubre> when I try to save the defaults it says "Failed to save! Check hostname" the default host name is "host"
<giovani> slicslak: isn't gutsy EOLed?
<aubre> I tried localhost, it didn't seem to like that
<jdstrand> slicslak: gutsy is end of lifed (EOL)
<jdstrand> slicslak: you need to adjust your sources.list to point to http://old-releases.ubuntu.com/ubuntu/
<jdstrand> slicslak: but gutsy does not receive security support anymore, so you are highly encouraged to upgrade to a supported release (you can upgrade to hardy, the LTS release, directly from gutsy)
<slicslak> bleh, yeah, ok i'll upgrade.  thanks.
<jcastro> smoser: unfortunately all branches not assigned to a project get tagged as "Junk", there's an ongoing discussion/bug about that. :-/
<mathiaz> soren: smoser: have you heard about http://libcloud.org/?
<erichammond> jcastro: How does http://testcases.qa.ubuntu.com/System/CloudImages relate?  Should it be replaced with a pointer to https://wiki.ubuntu.com/Testing/EC2 ?
<jcastro> erichammond: I am not sure, let me ask someone on the QA team
<jcastro> actually, yes it should, on it
<smoser> if its not hosted on launchpad, it must be junk
<smoser> mathiaz, i hadn't seen that, but was actually going to do some digging for ec2 interface libraries/toolkits today
<smoser> (assuming i got all the other stuff done that i had to do, which is a bit like assuming that the grass is blue)
<mathiaz> erichammond: the first section is redundant with the EC2/Testcase page
<mathiaz> erichammond: the second section (UEC Images) isn't.
<aubre> hmm, when I do a sudo euca_conf -addnode 192.168.44.2, and it succeeds via scp, and I do a sudo euca_conf -addnode 192.168.44.2 my node doesn't show up
<zul> ttx: our version of samba is FTBFS investigating
<nijaba> smoser: It seems that you have completely removed instructions for vmbuilder from https://help.ubuntu.com/community/Eucalyptus?action=recall&rev=66#STEP%205:%20Obtain%20a%20Virtual%20Machine%20(VM)%20Image
<smoser> that was by design
<smoser> but i'm not set on it.
<nijaba> smoser: I understand why, but still think that the instruction were somehow interesting.  Could we add it back at the end of the doc as an optional procedure?
<smoser> you're surely welcome to do that. i just wanted the easiest possible route through.
<smoser> i also think then that you should like to http://open.eucalyptus.com/wiki/EucalyptusUserImageCreatorGuide_v1.5
<nijaba> smoser: understood, and I am going to leave the "main route" as is
<smoser> using existing images is a lot easier (at least for getting off the ground)
<SyL> is there a way to force a package to be removed if the "stop" action keeps failing?
<aubre> I want to restart my eucalyptus install from scratch. Is there a way to do it which removes the /etc/eucalyptus directory structure?
<aubre> purge didn't work
<SyL> aubre: I had to remove them by hand
<aubre> SyL: ok thanks
<SyL>  /etc/eucalyptus /var/log/eucalyptus & /var/lib/eucalyptus too
<aubre> SyL: tyvm
<SyL> the /var/lib/ one will have your keys so you'll have to remove them from node too
<aubre> ok thanls
<aubre> its not wanting to work, guess I need to reinstall the os
<aubre> when I try to reinstall, it says "can't find eucalyptus configuration"
<aubre> and I don't understand why it is looking for it when I removed the packages
<aubre> I guess with version 1.6 it is best, if you are going to have separate partition to host your walrus / block storage mount it under /var
<aubre> because it won't let me configure it otherwise
<nijaba> smoser: done.  Let me know what you think
<erichammond> Congrats, all: Here's an AMI built on the Karmic (Alpha 4) AMI: http://developer.amazonwebservices.com/connect/entry.jspa?externalID=2803&categoryID=208
<smoser> nijaba, looks fine.
<smoser> but your ping was ill timed, and got you copied on a response i was writing to someone about that very page
<nijaba> :(
<nijaba> smoser: ah, ok, got you, now that I have received your reply :)
<smoser> ill timed for you (as it got you more mail in your inbox. i wouldn't hvae otherwise thoguht to copy you)
<mcupples> Is there a way, in a shell script, to verify that a certain string is present in some output?  CURL=`curl google.com | grep "UA-7277777-1"`
<mcupples> I would like to verify that the grep returned a result or did not find it.
<mcupples> ink: I added him to sudoers, made sure he didn't have to have a tty and made sure he didn't need a password and it finally worked.  :)
<Hypnoz> mcupples, that string should return a 0 or 1 right
<mcupples> Hypnoz: No, it returns the line of the curl with that string on it.
<Hypnoz> try grep -c
<Hypnoz> then test for 0 or 1
<mcupples> Hah.  Thanks, Hypnoz!
<rickspencer3> hi kkelly18
<uvirtbot> New bug: #428150 in qemu-kvm (main) "qemu-system-sh4 assertion failure" [Undecided,Fix released] https://launchpad.net/bugs/428150
<roodyk> hello i have problem. i make in limit.conf nproc limit 4 for user. after i save user cannot connect to ssh. help please
<ink> mcupples:  good deal
<uvirtbot> New bug: #379991 in qemu-kvm (main) "Certain VMs do not run under KVM using karmic's kernel" [High,Confirmed] https://launchpad.net/bugs/379991
<roodyk> hello i have problem. i make in limit.conf nproc limit 4 for user. after i save user cannot connect to ssh. help please
<cocoa117>  is there a way to disable user login from tty/console?
<henkjan> change his shell to /bin/false
<cocoa117> henkjan, thanx
<orudie> is anyone familiar with pathauto module? how do i make it by default not to do automatic alias?
<aubre> I'm running Karmic and Eucalyptus 1.6 - when I try to upload a bundle I get the following error : http://paste.ubuntu.com/273061/
<aubre> I think it is walrus related
<orudie> sorry wrong chan
<Yakuza> 	
<Yakuza> hello!! I need a server  mail for my company .... your could show me one?
<ikonia> Yakuza: exim, postfix both good, sendmail if you fancy a bigger challange
<ScottK> Postfix is the one that's primarily supported here and in the Ubuntu Server Guide.
<roodyk> hello i have problem. i make in limit.conf nproc limit 4 for user. after i save user cannot connect to ssh. help please
<ink> roodyk:  i don't know what limit.conf is, but on a blank login I use 3 processes already; I can imagine that things in the profile would push that over 4 during login
<ink> which could then cause the login to die
<roodyk> may be u can tell me best way to limit process for shell users?
<ink> roodyk:  probably pick a larger number; like 50
<batfastad> Hi everyone. I'm about to start experimenting with ESXi and VMware Server and it seems like JeOS is the ideal candidate for a basic guest installation
<batfastad> I've checked through here http://cdimage.ubuntu.com/jeos/ and there;s only 32bit versions
<batfastad> But where can I get hold a 64bit version of JeOS 8.04 LTS?
<JanC> batfastad: a minimal install of the 64-bit server version should work too...
<Tim__> I need help setting up the internet
<Tim__> I am connected with an ethernet cable, however I am not receiving internet... I accidentally bypassed the auto setup while installing
<batfastad> JanC: Right ok. I know in later versions of the Server CD there's an installation option of "install a minimal virtual machine"... is that what you mean for the 64bit 8.04 server CD?
<Tim__> Because I forgot to plug in the ethernet cable... :facepalm:
<viezerd> batfastad: I dont think it exist as the linux-image-virtual is only available in 32 bit for hardy --> http://packages.ubuntu.com/search?keywords=linux-image-virtual
<viezerd> intrepid and later it will give you 64 bit
<batfastad> viezerd: ah right. Because I know JeOS uses the tuned -virtual kernel rather than the regular -server. Might have to go for a full 8.04 server installation in that case
<viezerd> do you *really* need the 64 bit ? cause I have the 32 bit jeos hardy running in vmware esxi also
<viezerd> and it is really OK
<JanC> batfastad: you can always change to the -virtual kernels (unless none exists for hardy?)
<Tim__> Anyone know?
<Tim__> How to set up an internet connection w/ Ubuntu Server 9.04?
<batfastad> I'm looking to allocate 6GB memory to a Zimbra mail VM so I thought that would need 64bit
<JanC> hm, apparently only for i386 on hardy...
<Tim__> Does *anyone* know how to set up internet on Ubuntu Server 9.04??
<Tim__> Screw it I'll just reinstall v.v
<SyL> Tim__: what are you trying to do?
<Tim__> SyL: I was trying to get my internet working... I got it now
<SyL> Tim__: ok
<Tim__> Okay, so I just did "sudo aptitude install x-window-system xubuntu-desktop"
<Tim__> I was wondering if xubuntu comes with a login manager or if I will have to download and install GDM
<Tim__> And I would also like to keep it from starting automatically, I want to have to enter into it from command line
#ubuntu-server 2009-09-18
<bnjmn> anyone using ubuntu on ec2? i'm trying to decide which version to use
<bnjmn> also-- anyone know where i can get the kernel source w/ any patches used to create ubuntu's ec2 kernels?
<bnjmn> can't seem to find that anywhere...
<Debolaz> Are there any good NAS server management software packaged for Ubuntu?
<erichammond> bnjmn: What do you mean "which version to use"?
<erichammond> bnjmn: The EC2 kernel source may or may not be available, but it isn't much use since you can't build your own kernels for EC2.
<uvirtbot> New bug: #288379 in virt-manager (universe) "4th network extremely slow/broken" [Undecided,New] https://launchpad.net/bugs/288379
<crashsystems> I'm trying to install Ubuntu 9.04 server onto a computer that has no CD drive, via a USB stick. The installer does not like this, and wants me to give it a CD drive. Google is not pointing me in the right direction. Does anyone know how to do this?
<bnjmn> i want to build my own kernel module
<bnjmn> if i could just get the config that would be great
<uvirtbot> New bug: #335809 in kvm (main) "KVM activates (GNOME) Screensaver when inside SDL window" [Low,Fix released] https://launchpad.net/bugs/335809
<uvirtbot> New bug: #362550 in kvm (universe) "ignores -no-shutdown" [Low,Fix released] https://launchpad.net/bugs/362550
<uvirtbot> New bug: #365569 in kvm (universe) "KVM segfaults with a specific disk image." [Low,Invalid] https://launchpad.net/bugs/365569
<uvirtbot> New bug: #370270 in kvm (universe) "ttyS0 pass through in guest running  in KVM doesn't work and eventually hangs" [Low,Fix released] https://launchpad.net/bugs/370270
<uvirtbot> New bug: #390278 in virtinst (universe) "Windows 2000 server won't install on kvm84/hardy" [Undecided,New] https://launchpad.net/bugs/390278
<erichammond> bnjmn: Yep, kernel modules are buildable for EC2.  What EC2 kernel are you using?
<yonatan> hi
<yonatan> i'm looking for some help with ubuntu server 9.04 "minimal virtual machine" option
<lukehasnoname> soooo.... something happened to Samba so it doesn't start on my server at startup. It doesn't fail out, it stops the startup process so the server doesn't start.
<twb> lukehasnoname: echo /etc/rc?.d/???samba
<Chris-Away> anyone around? (with lib mono exp & apache)
<uvirtbot> New bug: #333000 in kvm (universe) "qemu/kvm incorrecty enters fullscreen when using nvidia twinview" [Wishlist,Incomplete] https://launchpad.net/bugs/333000
<uvirtbot> New bug: #353995 in kvm "BLTs appear broken - moving blocks on the remote leaves cruft" [Wishlist,Fix released] https://launchpad.net/bugs/353995
<uvirtbot> New bug: #393430 in kvm "kvm: please prefer ALSA over OSS" [Wishlist,Fix released] https://launchpad.net/bugs/393430
<altf2o> hello all, i have 'git' up and running on my Ubuntu 9.04 server perfectly. Only issue is i'd like to start the daemon automatically on each reboot. Perhaps i'm just searching for the wrong thing, but i'm not finding where to add that into Ubuntu's normal boot\startup process, any ideas?
<twb> If there's a daemon, there should already be an init script.
<twb> Which package provides the daemon?
<altf2o> git itself. You can launch it as a daemon, via: sudo -u git git daemon --base-path=/home/git/repositories/ , i just need that to launch when i startup.
<twb> OK, you mean "git-core".
<twb> That has no init script, so you will need to write one.
<twb> It is probably simplest to put it in /etc/rc.local, which runs at the end of the boot process.
<twb> You should also use start-stop-daemon rather than sudo -u git.
<altf2o> awesome, found a couple things on it so far, let me give it a whirl. (Good thing for test virtual servers, have a feeling i'm gonna get this wrong before right :). )
<twb> You can run /etc/rc.local by hand until you get it riht
<twb> *right
<altf2o> cool, so i got that working w/ rc.local. Now while i investigate the actual 'init script' i did notice it launches the process as user 'root' i definitely want to change that to user 'git.' Any ideas? My searches are coming up with a lot about 'fork' or Perl function, not just a generic way to launch /any/ process as another user.
<altf2o> n/m, got it. Awesome thanks for the help :) I'll continue to read this tutorial on init scripts. Ultimately that's what i want.
<twb> altf2o: you need to pass --user to start-stop-daemon
<twb> (--run-as?)
<altf2o> ahh, perfect...
<android60> just curious, what does everyone use for ftp server and why
<android60> software wise
<qman__> android60, openssh-server
<qman__> because ftp is insecure
<android60> well, I am just looking to use the ftp on my lan, of course i use winscp and openssh to do over internet transfers :)
<android60> its b.c some of the programs i have will connect either via samba or ftp, and id rather avoid samba
<qman__> over a lan, smb or nfs are better choices
<twb> For anonymous read access, HTTP beats FTP.
<twb> For uploads, use SFTP (OpenSSH)
<qman__> and yes, read-only, http is great
<android60> i also have apache because as a hobby i do websites with php etc
<twb> Both in terms of security and protocol design, FTP has serious limitations that make it unsuitable for use in production.
<altf2o> i just finished setting up Samba on my little test server, i was amazed how easy it was. I changed 1 line, added my shares, added libpam-smbpass, rebooted, done.
<qman__> ftp was originally designed before the concept of firewalls existed
<qman__> as such it's completely obsolete and difficult to work with
<android60> altf2o: what did libpam-smbpass do?
<qman__> libpam-smbpass makes samba authentication less difficult
<altf2o> android60: Samba keeps it's own db of user\pass's. That PAM module syncs Samba w/ local Linux user\pass's.
<android60> I've tried samba but I was having user permission problems. and I don't like having to add a user to samba access, i wish i could just create a user on the system and have it automatically allow them access to specified shares
<android60> well then,
<altf2o> So if i add user 'steve' instead of having to then do: smbpasswd .... to give him a Samba password, it updates it for me. I maintain one, much easier.
<android60> thats exactly what i want
<android60> i better write it down before i forget
<android60> is there any setup for libpam-smbpass or once installed its good to go
<altf2o> android60: what i've done 2 things. If i'm creating private shares, i add it to my home directory, limit access to myself. If i need a public share for multiple people i create a group, add them to that group, create the directory i want to share and assign it to that group. I usually: chmod 0775 the folder and just use "read only = user, list here" for folks i want to be 'read only' on it.
<qman__> samba's magic homes share is incredibly useful
<qman__> you can usually just use that, plus a public share
<altf2o> android60: yep, should be good to go. One thing i noticed is it won't update for me until that user 'logs in' even: su steve , <steves pass> did it. Can't figure out how to manually say "please re-sync"
<altf2o> agrees w/ homes share.
<android60> ya, see im mostly using mine as a nas, so all relevant files and folders are not on the system hard drive. that was another question i had
<android60> was is there a way to have the home directories point to like /media/MainStorage1/Documents/usernames_here
<android60> b.c i would like encrypted home directories
<android60> just not on my 40gb system drive
<qman__> you can create a separate /home partition
<android60> ya, i just kinda didnt want to do that
<qman__> that's the usual way to do that, or use ecryptfs for encrypted homes
<android60> i have 2 1TB drives, one is for archive via cron job rsync
<qman__> you could use symbolic links, but be aware that if the target is ever missing, it will break logins
<android60> ya thats what i was trying to avoid also
<android60> ubuntu server is great for my needs, and the system its on is only like sempron 1250+ and 1 gb ram
<android60> i think i might up ram alittle bit once i get mythtv backend going
<qman__> what is probably ideal for what you want is to have a separate /home partition, and use ecryptfs for homes
<qman__> putting the /home partition on a separate hard drive
<android60> ya, i might do that down the line. im not in a hurry to do that right now
<android60> does widnows support nfs? like if i want to map a network drive?
<qman__> no
<android60> didnt think so
<qman__> windows uses SMB
<qman__> which is what samba does
<qman__> there are NFS clients for windows, but I've never used them, and from what I've read, they're rough
<android60> ya same here
<android60> i didnt know if vista/win7 supported it or what
<qman__> nfs is generally something to be avoided also, unless you're really taking care to set up a secured nix enviroment
<android60> oh, i wasnt aware of that
<qman__> unless you're using an nfsv4 with kerberos setup, it's pretty insecure
<qman__> and it uses RPC, which is somewhat painful to deal with
<android60> never really heard of any of that, but ill take your word for it
<qman__> it's another one of those really old protocols that just weren't built in today's internet
<qman__> samba's not much better, but on a LAN you're fine
<qman__> it's also pretty much the only way to integrate well with windows
<android60> ya
<altf2o> Kerberos looks really nice, and not to bad to setup. That's sort of my next project LDAP + Kerberos
<qman__> openssh is the swiss army knife of secure protocols
<qman__> shell access, tunnels, file transfer, even mounting filesystems
<qman__> all on one port
<qman__> all encrypted
<altf2o> i'm new to it, but i don't know what i'd do without it now.
<swoody> I have a guy with an issue about how to use a custom 404 page on his Apache server
<swoody> can anyone help me/him out?
<swoody> "i run apache built into a WAMP server for my website, but i cant figure out how to set the 404 page to a custom one in the httpd.conf file for apache"
<twb> We do not support Windows.
<twb> Try apache's channel, which IIRC is #httpd.
<swoody> twb: ok, thanks for the pointer :)
<swoody> there's just not many people around, so I figured I'd see if anyone here was familiar with it as well
<lukehasnoname> twb: I can't even log in. It stops the boot process. Is that not a bug? Should a program be able to lock a server up like that? I know I could probably go in grub and boot to single user mode, wipe Samba or take it out of the startup list, but wtf mang
<acalvo> hi
<uvirtbot> New bug: #432291 in php5 (main) ""Fatal error: Call to undefined function gzopen()" on php5 5.2.10.dfsg.1-2ubuntu3" [Undecided,New] https://launchpad.net/bugs/432291
<acalvo> I've been trying to set up squid with NTLM auth without succeed
<acalvo> it seems that my main problem is that winbind is not working properly because squid is not in the same machine as samba PDC
<acalvo> but I'm not able to find any site which talks about this
<acalvo> and all tutorials I've been reading point to the same scenario: samba and squid in the same computer
<acalvo> now I'm able to do a wbinfo -t and wbinfo -a domain\\user%password and it works
<acalvo> but wbinfo -u nor wbinfo -a work
<_ruben> bah .. why do customers still request servers with php4 installed .. its been dead for years
<henkjan> do you still install php4?
<henkjan> on request?
<Maelos`> because dead isn't defined by whether or not there are still releases occurring
<Maelos`> people with revenue generating apps don't necessarily convert to the latest version of a language
<_ruben> henkjan: sortof .. i completely firewall the box and them fuck things up themselves
<uvirtbot> New bug: #423465 in eucalyptus (main) "euca.p12 owned by root" [Undecided,New] https://launchpad.net/bugs/423465
<SockPants> hey all
<SockPants> i have a standard install of 8.04 server. how can i configure ftp?
<ivoks> install vsftpd
<SockPants> i'm finding stuff about vsftpd and proftpd but what's the difference, and which is installed by default?
<SockPants> ah, none is installed/
<ivoks> ubuntu server by default doesn't install any services
<ivoks> it has no open ports
<SockPants> i chose to install LAMP though
<SockPants> and apache is on by default
<ivoks> you don't get ftp service with that
<SockPants> ok
<ivoks> brb
<SockPants> then whats the difference between the different ftpds?
<ivoks> it's up to you
<ivoks> i prefere vsfptd
<ivoks> some like proftpd
<ivoks> you can't go wrong with eny of them
<ivoks> any
<ivoks> brb
<acalvo> how can I get a version of a packages installed?
<acalvo> s/get/check
<ivoks> dpkg -l
<acalvo> thanks
<ivoks> dpkg -l | grep package
<_ruben> dpkg -l package ;)
<ivoks> or that :)
<twb> apt-cache policy package
<SockPants> are there no suitable alternatives to ftp for accessing files?
<ivoks> of course there are
<ivoks> sftp, scp, webdav
<ivoks> etc...
<twb> afs :-)
<SockPants> does ubuntu come with netatalk client?
<SockPants> or is it easy to set up?
<ivoks> no, n/a
<SockPants> i'm installing netatalk anyway for my mac
<soren> jdstrand: Yes, a quick workaround would be lovely.
<himanshurauthan> how can I use ubuntu server to host any website
<ivoks> himanshurauthan: you should install web server
<twb> himanshurauthan: you can't host other people's websites
<himanshurauthan> on ubuntu server can't I do
<himanshurauthan> what is this web server then
<himanshurauthan> in ubuntu?
<twb> Unfortunately, unlike Debian, Ubuntu's initrd does not include a web server.
<himanshurauthan> So for what purpose I can use ubuntu server
<ivoks> apache
<twb> break=bottom, busybox httpd FTW
<ivoks> himanshurauthan: sudo tasksel install lamp-server
<ivoks> himanshurauthan: https://help.ubuntu.com/community/ApacheMySQLPHP
<himanshurauthan> ok so after installing lamp server can I host a website in that
<ivoks> himanshurauthan: yes
<himanshurauthan> so what all other stuffs do I need if I want to host websites on a ubuntu server
<himanshurauthan> do I need some special hardware also
<twb> himanshurauthan: "I want to host a website" is not really a meaningful approach.
<ivoks> you need a working system
<ivoks> hardware depends on how serious you are
<twb> Why do you want to host a website?  What are you intending to host?
<ivoks> and how many websites you plan to have
<himanshurauthan> no it is not for hosting many sites but it is about hosting my own site
<twb> Are you intending to host an intranet CMS, a family photo album, a flash-heavy bulletin board, or what?
<himanshurauthan> my business site
<himanshurauthan> should I go for shared server or my own dedicated server
<himanshurauthan> since I want to expand it in future
<twb> OK, then the next question is: do you want to do this yourself, or do you want to hire an expert to handle it for you?
<himanshurauthan> I'm a web developer basically
<twb> You're a webdev, but you don't know how to set up a webserver?
<ivoks> then install lamp-server
<himanshurauthan> for this what type of expert I need
<ivoks> none
<ivoks> you install it
<ivoks> and it works
<ivoks> you just need to put your website on disk
<himanshurauthan> is it networking or webdev
<twb> So you're already familiar with developing with technologies like PostgreSQL (or MySQL), Apache, and Python (or PHP)?
<himanshurauthan> yes
<ivoks> is it networking or webdav?
<ivoks> huh?
<SockPants> its not networking
<twb> himanshurauthan: OK, so really all you need to do is learn how to do the underlying system administration.
<SockPants> its not webdev
<himanshurauthan> ok
<ivoks> oh, how do you access the disk?
<ivoks> however you want - SMB/SCP/FTP/SFTP...
<twb> If you already understand how to USE stuff like Postgres, then you can probably pick up sysadmin of those services easily.
<ivoks> but you need to configure server for that
<twb> Installing the lamp-server task, as already recommended, will give you a basic setup that you can then tweak if/as necessary.
<himanshurauthan> hm ok
<SockPants> basically once you install it you can just put your files there and it will work
<SockPants> it's not very difficult
<twb> himanshurauthan: as for hosting your own server vs. buying hosting space or a VPS, that comes down to issues like cost and who administers what.
<himanshurauthan> for external purpose means not for interanet I need server right??
<himanshurauthan> that has access to the world
<himanshurauthan> then I need to go for Domain name also
<twb> himanshurauthan: for a website you will also need to sort out an adequate network connection, a domain name, etc.
<SockPants> btw, is there a way to install i386 packages on a 64 bit OS (its a fuse filesystem)
<twb> SockPants: in general, no.  It requires fundamental changes in dpkg, which are pending.  There are various workarounds, however.
<twb> SockPants: I don't know what you mean by "it's a fuse filesystem"
<SockPants> well that's what i'm installing, afpfs-ng
<SockPants> there's only a .deb for 32 bit
<ivoks> bye
<twb> SockPants: good luck with that
<SockPants> >.>
<SockPants> how so
<twb> SockPants: why are you still running MacOS 9?
<SockPants> twb: whats an alternative, and i'm not
<twb> SockPants: AFP sucks.  You would be better off using CIFS (Samba) and/or NFS.
<SockPants> i always thought cifs sucked
<SockPants> and i never got nfs to work
<twb> CIFS does suck.
<SockPants> but if afs is that bad i'm willing to try again
<twb> But AFP sucks more unless you are stuck on MacOS 9 where it's your only option.
<SockPants> ok
<twb> Note: AFS is not AFP.
<SockPants> well then i'll try nfs again
<SockPants> unless that's not very good either
<twb> AFS is for people who have thousands of users around the world.
<SockPants> yeah
<SockPants> i don't
<twb> If you are in a heterogeneous environment, CIFS is by far the easiest to set up
<SockPants> twb: the clients are only ubuntu or os x
<twb> SockPants: what do you need a client on, other than OS X, Ubuntu and Windows?
<twb> Oh sorry, I misunderstood
<SockPants> so nfs would work i suppose
<twb> If you are only using Ubuntu and OS X, NFS or CIFS is appropriate.
<SockPants> but is nfs any good
<SockPants> fundamentally
<twb> I hear that NFS is much easier on recent versions of OS X.
<SockPants> it seems all the file sharing protocols suck
<twb> YES
<twb> Basically you have to choose which kind of suck to have
<SockPants> cifs sucks, ftp sucks, afp sucks
<SockPants> hahah
<SockPants> ok
<SockPants> but nfs sucks less than those three?
<SockPants> what sucks most about nfs?
<twb> OS X and Ubuntu both have good CIFS and NFS clients, and Ubuntu has good servers for both of those.
<SockPants> ok
<twb> Probably the suckiest things about NFSv3 are its (lack of) security and its dodgy locking.
<SockPants> locking?
<twb> But basically all network filesystems have broken locking semantics
<SockPants> alright well
<twb> SockPants: as in, stopping two computers from trying to edit the same file at the same time
<SockPants> if it's not a severe problem
<SockPants> and i don't think that will happen btw
<SockPants> then i'll go with NFS
<twb> e.g. dodgy locking can break OpenOffice and Firefox 3, if /home is on a network filesystem.
<SockPants> for security i would be tunneling over ssh anyway whenever i'm outside of the lan
<twb> This happens with CIFS and NFS, and probably all other network filesystems.
<twb> SockPants: if you are outside the lan, sshfs is very good for small files
<SockPants> sshfs != sftp/
<SockPants> +
<SockPants> ?
<twb> Correct.
<twb> sshfs is a way to mount SFTP as if it is part of the filesystem
<SockPants> ok
<twb> So programs that don't know SFTP can just read and write files normally
<SockPants> i'll start with nfs since i'm on the lan most of the time
<SockPants> what port does nfs run on
<SockPants> mm many
<SockPants> does ssh tunnel both tcp/udp?
<twb> SockPants: yes
<twb> You will not successfully tunnel NFS over ssh -w.
<twb> Not without great pain.
<twb> NFS not only uses multiple ports, it will by default negotiate additional ports during MOUNTP
<twb> And by default it refuses to countenance ports that can be bound to by unprivileged users (i.e. >= 1024).
<SockPants> hurrr but then how will it ever get past my firewall
<SockPants> i could open the default ports but it still couldnt negotiate any additional ones
<twb> SockPants: DO NOT use NFS over the WAN without using encryption (e.g. ssh, openvpn).
<SockPants> hence ssh
<SockPants> brb
<twb> If you need a network filesystem on the WAN, either use SSHFS or AFS.
<twb> NFS is only appropriate if you're inside LAN or an encrypted VPN
<SockPants> i might just try to set up a vpn then
<acalvo> what do I need to be able to use winbind in one computer to auth against a samba PDC in another computer?
<SockPants> though i've never used vpn so that should be interesting
<SockPants> but that would solve all my problems in one go i suppose
<twb> acalvo: first of all, make sure the samba side works
<acalvo> twb: it is working (wbinfo -u, wbinfo -g, wbinfo -a worked but no plaintext support)
<twb> acalvo: OK, I don't know what is next
<twb> I never got samba auth working right
<uvirtbot> New bug: #408947 in likewise-open5 (universe) "@reboot local crontabs do not run for likewise-open5 domain users." [Low,In progress] https://launchpad.net/bugs/408947
<Jeeves_> Hmm
<Jeeves_> [  392.560519] vcpu not ready for apic_round_robin
<Jeeves_> soren: How can I fix that? You're the KVM-guru, aren't you? :)
<soren> Jeeves_: Just ignore it?
<Jeeves_> soren: :)
<soren> Jeeves_: IIRC, it's just informational.
<Jeeves_> kvm migration makes the vm crash
<soren> I need more detail to form an opinion on that :)
<Jeeves_> which is kinda annoying
<Jeeves_> What detail do you want? :)
<Jeeves_> I'm currently testing convirt
<soren> You migrate a vm from one machine to another, and in the process, the vm crashes?
<soren> Oh. With convirt, you're on your own.
<Jeeves_> Why?
<soren> I have no clue about convirt.
<Jeeves_> Ok
<soren> and it doesn't use libvirt.
<Jeeves_> Well, I've never seen it work with libvirt either, so :)
<soren> ..so it's /completely/ unknown territory.
<soren> Well, that I /might/ be able to help you with, given enough detail.
<Jeeves_> just a sec, i'll install libvirt
<garymc> Yo!
<Jeeves_> soren: Same thing happens :)
<Jeeves_> What do you need to know?
<soren> Jeeves_: Everything.
<soren> Jeeves_: What are you doing? Which version of ubuntu, libvirt, and kvm are you using?
<soren> Jeeves_: Where's your storage?
<soren> Jeeves_: What's the guest OS=
<soren> ?
<soren> Jeeves_: Define "crash".
<Jeeves_> soren: Right.
<Jeeves_> Running Ubuntu Jaunty on Sun Fire X2200's
<Jeeves_> Shared storage is nfs on a Ubuntu Jaunty server
<soren> Those are Intel boxes, right?
<Jeeves_> No, AMD
<soren> Ok.
<Jeeves_> Quad-Core AMD Opteron(tm) Processor 2376
<soren> Cool.
<Jeeves_> Quad-Core AMD Opteron(tm) Processor 2354
 * soren prefers AMD
<Jeeves_> Both boxes have 8GB RAM
<Jeeves_> When migrating, the bridge interfaces become busy
<Jeeves_> So, migration is done
<soren> Right.
<Jeeves_> when it (seems to be) is finished
<Jeeves_> I can use the vnc-like interface to view
<Jeeves_> but the vm hangs
<Jeeves_> the kvm process is moved (or restarted) on the target host
<Jeeves_> and is using 100% cpu load
<soren> Fantastic.
<soren> Ok.
<soren> The NFS is mounted in the same place on both hosts?
<soren> (let's start with the basics)
<Jeeves_> it is
<soren> Ok.
<Jeeves_> 10.0.0.1:/export/vmstore /mnt/vmstore1 nfs rw,vers=3,rsize=8192,wsize=8192,namlen=255,hard,nointr,nolock,proto=tcp,timeo=4,retrans=9,sec=sys,mountaddr=10.0.0.1,mountvers=3,mountproto=tcp,addr=10.0.0.1 0 0
<soren> Can you pastebin the contents of /var/log/libvirt/qemu/name_of_the_domain.log from both hosts?
<Jeeves_> http://pastebin.ubuntu.com/273366/
<Jeeves_> http://pastebin.ubuntu.com/273367/
<soren> Nothing jumps out at me. Erm..
<soren> Can you start up the domain again and look for a few things for me?
<Jeeves_> sure
<Jeeves_> what should i look for?
<soren> /sys/devices/system/clocksource/clocksource0/current_clocksource
<Jeeves_> both tsc
<Jeeves_> Anything else?
<soren> Can you change that?
<soren> Try "echo acpi_pm | sudo tee /sys/devices/system/clocksource/clocksource0/current_clocksource"
<Jeeves_> Done
<Jeeves_> Doesn't help
<soren> Did it accept the change?
<Jeeves_> root@kvm4:/var/log/libvirt/qemu# cat /sys/devices/system/clocksource/clocksource0/current_clocksource
<Jeeves_> acpi_pm
<soren> Alright.
<Jeeves_> restarted the vm
<Jeeves_> deleted sound devices
<Jeeves_> that doesn't help either
<uvirtbot> New bug: #428650 in php5 (main) "PayPal WPP requires the PHP cURL library. (Currently using cURL Not found)" [Undecided,Confirmed] https://launchpad.net/bugs/428650
<Jeeves_> soren: Switched to cifs storage, doesn't change a thing
<soren> Jeeves_: No, it wouldn't.
<soren> Jeeves_: I'm afraid I don't have a Jaunty rig to test this on.
<Jeeves_> soren: Need access? :)
<Jeeves_> (i'm serious though)
<yonatan> hi anyone here who can help me with the "minimal virtual machine" installation option in Ubuntu Server 9.04?
<soren> yonatan: Just ask your question.
<soren> We won't know unti lwe know what the question is.
<yonatan> towards the end of the installation you get a choice of what packages to install. I don't understand the option: "basic ubuntu server" should I select this option as a minimum?
<soren> Depends. What's the server for?
<soren> yonatan: It's kind of like asking "should I install a web server?". We have no way to know.
<yonatan> ok i'll elaborate
<yonatan> i'm looking to create a "management" virtual machine that will run Splunk, VMware vCLI and that's pretty much it
<yonatan> what is installed with the "basic ubuntu server"? is there a way of listing the packages?
<Jeeves_> yonatan: The safest option is to choose nothing
<Jeeves_> and apt-get install it later on
<yonatan> Jeeves_: Ok. Can you tell me when using apt-get is it possible to get a list of available packages?
<zul> morning
<Jeeves_> yonatan: yes. 'apt-cache search .'
<Jeeves_> But that's not what you want
<Jeeves_> you want to apt-cache search 'the stuff i need'
<yonatan> ok and can a similar command be used to see what is actually installed on my ubuntu server?
<Pici> yonatan: dpkg -l | grep "^ii"
<yonatan> ok thanks Pici
<Jeeves_> Pici: That only shows packages that are installed, or have been installed
<Pici> Jeeves_: Thats what he asked, isn't it?
<yonatan> yep I want to know what is installed so that I know if I need to get anything else
 * soren takes a break
 * Jeeves_ curses on kvm
<yonatan> might sound strange but I'm having problems installing something called VMware vCLI
<yonatan> and haven't found an answer anywhere
<Jeeves_> nothing concerning 'vmware' and 'problems' is strange
<henkjan> :)
<ewook> well, perhaps the absense for problems.
<Jeeves_> ewook: Yes, that would be surprising indeed :)
<Jeeves_> henkjan: How's your redhat install on vmware going? :)
<ewook> as suprising as if my grammar would be correct all the time.
<Jeeves_> ewook: :)
<yonatan> Jeeves_: hehe do you know how to get vCLI installed and working?
<Jeeves_> yonatan: No. And I don't want to know either
<ttx> smoser: ping
<jdstrand> soren: re workaround> ok
<jdstrand> soren: do you think I should allow rw for the initrd? what about the kernel?
<soren> No.
<soren> Just r.
<soren> ...but you already do that, right?
<soren> I know I tested that.
<soren> jdstrand: ^
<jdstrand> soren: well, I'm looking at https://bugs.launchpad.net/ubuntu/+source/eucalyptus/+bug/431090/comments/4
<uvirtbot> Launchpad bug 431090 in eucalyptus "libvirt apparmor profile is preventing libvirt from running eucalyptus VMs" [High,Incomplete]
<soren> jdstrand: Right. I thought that was just the console thing.
<jdstrand> soren: Daniel says it is also the kernel and initrd
<soren> Oh... Perhaps I tested everything before we ould go into enforce mode?
<jdstrand> soren: possibly... though -10 fixed all that
<soren> I *know* I tested with a domain that booted form an external kernel and ramdisk.
<jdstrand> soren: anyhoo, this is just a workaround until I get virt-aa-helper to use the xml
<soren> jdstrand: Well, this was back when you first asked me to test. :)
<zul> ttx: do you have any patches you are sitting on for samba for karmic?
<ttx> zul: no.
<zul> k
<jdstrand> soren: I've added kernel, initrd, serial, console, attach-disk and detach-disk to the list of tests in https://wiki.ubuntu.com/SecurityTeam/Specifications/AppArmorLibvirtProfile. I'll get all that working
 * soren hugs jdstrand
<jdstrand> soren: I'll upload a eucalyptus specific workaround in the meantime
<soren> Thanks!
<smoser> ttx, here. whats up?
<ttx> smoser: bug 364916
<uvirtbot> Launchpad bug 364916 in eucalyptus "When running Ubuntu as an Eucalyptus VM instance, module acpiphp is not available to be loaded, complicating the use EBS volume" [Undecided,Confirmed] https://launchpad.net/bugs/364916
<ttx> smoser: is there still something to do on that precise bug ?
<zul> ttx: http://pastebin.ubuntu.com/273481/
<ttx> zul: sounds good
<smoser> ttx, comment 13 is correct there
<smoser> the eucalyptus page does now mention how to get acpiphp into the ramdisk
<ttx> smoser: a) is done and b) is todo but has another bug opened to track it ?
<smoser> but we really should be producing a kernel and ramdisk alongside the images
<smoser> so yeah
<smoser> you're correct.
<ttx> ok, will close this one and point to the other then.
<uvirtbot> New bug: #432481 in vm-builder (universe) "please provide a man page for ubuntu-vm-builder" [Wishlist,New] https://launchpad.net/bugs/432481
<kpettit> I've got a Xeon quad-core, and when I run backup's and such a single gzip process seems to slow down my entire machine
<kpettit> When I look at resources the gzip process isn't taking much memory, but it still slows down my entire system make it unresponsive and pokey until it's finished.
<kpettit> Any ideas on how to make this better?
<kpettit> If I had a single-core processor I'd understand but it doesn't make sense to me when I have a quad-core
<ScottK> If you're running Intrepid or later, use iotop to see what's going on with io.
<kpettit> I'm running 9.04
<kpettit> I'm installing it now.  I'll start backup's again to see what happens with it
<jdstrand> soren: does 'attach-disk' work for you at all in karmic? I added to /etc/libvirt/qemu.conf 'security_driver = "none"' to make sure apparmor wasn't getting in the way (see 'virsh capabilities' after libvirt restart to be sure) and then did:
<jdstrand> virsh attach-disk testme /var/lib/libvirt/images/mini.iso hdc --driver file --type cdrom --mode readonly
<jdstrand> error: internal error No device with bus 'ide' and target 'hdc'
<jdstrand> soren: am I doing something wrong? is this a regression? bug #203020 indicates it is a long-standing problem
<uvirtbot> Launchpad bug 203020 in libvirt "virsh attach-disk doesn't work" [Undecided,Confirmed] https://launchpad.net/bugs/203020
<kpettit> ScottK, anything specific I'm looking for.  I can see the gzip/tar runnning with iotop
<ScottK> I guess see if it seems to be 'a lot' of IO.
<kpettit> The gzip is the top process and I see tar as a second process popup then remove then popup.
<ScottK> Hard for me to say what that would be for your system
<kpettit> Under the IO column it's always 0.00, there is of course alot of disk read/write activity
<ScottK> Perhaps do something you know is IO intensive, like copy a file, and see how it compares.
<soren> jdstrand: It worked in Jaunty.
<soren> jdstrand: I haven't really used it in Karmic, I guess.
 * soren has to go pick up his daughter..
<kpettit> Scott the system gets slow when I do a normal cp as well.
<kpettit> It's anoying.  I know there is alot of disk IO from my one disk to the other, but that shouldn't slow down process that are in memory and already running.
<kpettit> Like firefox for example.  Why would copying things slow down a web browser, can't figure that out.
<kpettit> ScottK, thanks for showing me iotop though, I like it alot better than top.
<_ruben> because firefox uses the disk for cache
<ScottK> BTW, since you mention firefox, it's also relatively clear that this isn't the right channel for the question in any case.
<kpettit> It's not just firefox, it's everything on the sytem.  Doing server backup's shouldn't slow down all the other processes
<kpettit> I do VoIP on this box and any slow downs will mess up the phone calls.
<kinnaz> you never run Xorg on server
<kpettit> I'll figure it out, was just wondering if it was something obvious.  Haven't delt much with quad-cores so wasn't sure if it was something I needed to configure for it to better handle resources
<kpettit> kinnaz: for production that's what I do, this is a dev box at my house though.
<kinnaz> thou dunno, if i copy files i doesnot affect my box performance so bad
<kinnaz> that everything would lag
<clusty> hey
<kpettit> kinnaz: that's what's tripping me.  I've never seen disk i/o effect running processes like this.
<clusty> still having trouble with local DNS. anybody willing to help me diagnose the issue?
<kpettit> clusty: descriibe the problem, somebody will help if they can
<aubre> after doing dist-upgrade all my image bundling problems were solved with eucalyptus-1.6, but when I try to run an instance I get the following: http://paste.ubuntu.com/273505/
<clusty> so: i am having a linux box doing bind+dhcp. I wrote a zone ffile to the best of my ability
<clusty> thing is I can resolve form any computer the name of the dns server, but pc's can't resolve each other, nor can the server resolve computres
<aubre> but after dist-upgrade, walrus and sc both work well
<clusty> i am stuck for a week now. don't know how to proceed. I think the only way is for somebody to tak a peak at my conf files
<aubre> ahh I see bug https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/430093 addresses this
<uvirtbot> Launchpad bug 430093 in eucalyptus "Eucalyptus "403 Forbidden" when trying to run instance" [High,Triaged]
<kpettit> clusty: Sorry, I can't help with that one, it's been awhile sense I've done those.
 * kpettit installing more memory
<uvirtbot> New bug: #368718 in dbconfig-common (universe) "package dbconfig-common 1.8.40 failed to install/upgrade: o subproceso post-installation script devolveu o estado de saÃ­da de erro 1" [Undecided,Incomplete] https://launchpad.net/bugs/368718
<aubre> on my new install of karmic alpha 6 I am using XFS and was amazed how fast the filesystems were created, and it was nice to see that there wasn't going to be any fsck happening at boot
<clusty> aubre, i thought xfs had a few showstoppers, like FS cannot be shrunk
<clusty> this makes it really annoying for a desktop installation
<aubre> well I am not planning to shrink my server file systems
<aubre> clusty: so I don't think it will bother me too much
<aubre> aubre: what I'd really like is for Oracle/Sun to give ZFS a linux-compatible license
<clusty> aubre, i loved ZFS
<clusty> dunno how fast it is, but is insanely easy to admin
<uvirtbot> New bug: #341003 in php5 (main) "php5 crashed with SIGSEGV in start_thread()" [Low,Incomplete] https://launchpad.net/bugs/341003
<zul> ttx: we said yes to bug #403599 right?
<uvirtbot> Launchpad bug 403599 in php5 "Installing PHP5 performs a reload to apache instead of a restart" [Low,Confirmed] https://launchpad.net/bugs/403599
<ttx> zul: looked alright to me, and you confirmed it. Some validation testing is in order, I guess
<ScottK> WRT 341003, isn't a php crash a security feature?
<zul> hmmm?
<clusty> are the zone files in /var/cache/bind automatically generated?
<ewook> it's a windows look-a-like feature.
<incorrect> can i build a software raid10 set ?
<BrixSat> hello
<BrixSat> im root on my server but i cant remember mysql login
<incorrect> just google for a mysql recovery
<incorrect> you can easily do it
<BrixSat> i have removed mysql and installed it but it does not ask for the password
<incorrect> apt-get --purge remove mysql
<incorrect> or you could try dpkg-reconfigure mysql-server-5.0 iirc
<JoshL> mysqld_safe --skip-grant-tables
<JoshL> Then you can login as root with no password and manually change the user information in mysql.users
<clusty> i got dynamic dns to work for all the windows machines on the LAN, but linux is still resilient :(
<clusty> i configured send host-name "blahh";
<clusty>  on all dhcp linux clients
<clusty> what else can i do
<clusty> grrr
<teddymills> deleted the /var on a production server...restored the /var/www...and /var/logs...any reason to rebuild the server..or can i patch this up?
<clusty> teddymills, depends what you had there
<clusty> like /var/lib is where postgres has the database files
<mathiaz> ttx: re bug 348990
<uvirtbot> Launchpad bug 348990 in postfix "Deinstallation doesn't delete all files" [Low,Fix released] https://launchpad.net/bugs/348990
<mathiaz> ttx: did you check with lamont if it makes sense?
<ttx> mathiaz: yes
<ttx> mathiaz: no. I checked that it was needed for proper purging though
<mathiaz> ttx: hm right.
<mathiaz> ttx: I had a discussion about what should be done on purge for daemons
<ttx> mathiaz: ah ?
<mathiaz> ttx: with slangasek when I was reviewing stomp-server
<mathiaz> ttx: deleting a user on purge wasn't suggested
<mathiaz> ttx: just to make sure that the system uid is not reused
<ttx> mathiaz: that's not what the patch does though.
<mathiaz> ttx: agreed
<mathiaz> ttx: I just so it in the patch
<mathiaz> ttx: as far as /var/lib/postfix
<mathiaz> ttx: the suggestion was that if there were files in /var/lib/package that weren't reproducable/recoverable it should never be deleted by the maintainer scripts
<mathiaz> ttx: however it's a grey area
<mathiaz> ttx: policy doesn't say anything about it
<ttx> not sure the master.lock is really unrecoverable
<mathiaz> ttx: right - master.lock should be removed
<ttx> but it for sure prevents reinstall of a purged postfix
<mathiaz> ttx: may be not with a rm -rf /var/lib/postfix
<ttx> agreed.
<mathiaz> ttx: as this could potentially deleted other things
<ttx> mathiaz: could you bring this up to lamont ? I'm nearing the end of the day and I still have plenty of things to finalize.
<mathiaz> ttx: sure - not urgent though
<ttx> mathiaz: I plan to spend some time on basic first-user-experience / usability Eucalyptus bugs next week. Do you think you will have time to participate in that effort ?
<mathiaz> ttx: I'll be in portland for ldapcon and linuxcon next week
<ttx> arg.
<mathiaz> ttx: so I doubt it.
<ttx> ok.
<zul> ttx: can you have a eucalyptus cluster with different arches ie one being i386 and the other amd64?
<incorrect> i hope a RAID10 mdadm setup will improve disk performance for my vm's
<ttx> zul: You mean nodes with different arches ? I don't know. nurmi or soren would know for sure.
<zul> ttx: if yes then I could probably help
<ttx> zul: ok, noted.
<lamont> ttx: doesn't prevent reinstall of a purged postfix
<lamont> mathiaz: ^^
<clusty> pfff gave up setting dynamic DNS for localhost
<clusty> wrote a zone file and that's that :(
<incorrect> i should have used the server preseed file for my pxe install
<incorrect> urg this server is going to need some apt-get --purge loving
<bnjmn> if i try installing gcc on canonical's hardy image on ec2, it says i need to remove libc6-xen. what gives?
<uvirtbot> New bug: #432581 in libvirt (main) "[karmic] libvirt/apparmor breaks non-default serial, console, kernel and initrd" [High,In progress] https://launchpad.net/bugs/432581
<yonatan> hi how do I check that the following packages are installed on my system: binutils, glibc or libc6, libxml2, perl-doc, liburi-perl ?
<SyL> yonatan: dpkg -l |grep package
<SyL> if it has an ii on the left, it's installed
<yonatan> cool thanks will try now
<SyL> no problem
<yonatan> dpkg -l | grep binutils doesn't return anything
<SyL> can you try something that you know is installed?
<blistov> What's being used these days, for a distributed, replicated, elastic file system?
<yonatan> i just installed a clean system but added wget at the end
<SyL> also you can just run "apt-get install binutils" and it will try to install it and if it's already installed it will say that
<yonatan> it returns ii wget
<SyL> ok, then they aren't installed
<yonatan> ah
<blistov> Looking into Eucalyptus, but it doesn't seem to have anything that does distribution, replication, and elastic growth.
<SyL> yonatan: "apt-cache search package" will show you what could be installed by apt-get.
<SyL> blistov: what do you mean by elastic file system?
<SyL> crap, lunch, I'll be back later
<yonatan> ok thanks SyL
<blistov> SyL: IE: I have 5TB of data between 2 physical units.  Data is replicated and striped.  I need to increase capacity to 10TB by adding a few more physical units.
<blistov> I don't want to have to build new partitions all over.
<blistov> I'm really looking for a p2p fs, providing aggregate performance.
<bnjmn> how can i get the kernel config for canonical's ec2 hardy image?
<erichammond> bnjmn: I would not recommend Canonical's EC2 Hardy image at this point.  It was last published in April and has a number of serious bugs filed against it.  Most of these bugs have been fixed in revision control, but a new image may not be published for a while yet.
<aubre> erichammond: I read your comments about XFS after I had used it on my Eucalyptus proof of concept system and I have to say I am so far impressed with it.
<yonatan> i'm getting the following error message ""hiding the command line arguments : symbol lookup error: /usr/lib/perl/5.10/auto/Crypt/SSLeay/SSLeay.so: undefined symbol: Perl_Tstack_sp_ptr""
<erichammond> aubre: I'm not a filesystems expert, but I started using XFS on EC2 and it's worked well for me.
<uvirtbot> New bug: #431063 in image-store-proxy (main) "Enable tests during build" [High,In progress] https://launchpad.net/bugs/431063
<Hypnoz> seeing a strange NIC issue. I have a server with 2 nic cards, each on a different subnet (10.1.10.xx and 10.1.11.xx). I start a ping to both interfaces, and disable the switch port that the .10 interface is going to, but it continues to ping. Then I disable the switch port that the .11 interface goes to, and they both stop pinging at the same time
<Hypnoz> the /etc/network/interfaces is setup correctly, giving each server its own ip, and the mac addresses on the cards are different in "ifconfig"
<incorrect> when netboot installing, what does 'basic server' install?
<uvirtbot> New bug: #432659 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: podproces post-installation script zwr?ci? kod b??du 1" [Undecided,New] https://launchpad.net/bugs/432659
<Keizer> Hey guys
<Keizer> How can I see the IO taking place so I can identify what is locking up my server
<Pici> Keizer: Install and run iotop?
<mcupples> I'd like to see all the mail leaving my server.  Is there an outgoing maillog?
<mcupples> /var/log/mail.log?
<mcupples> And that's it?
<incorrect> stupid fake RAID controllers
<mcupples> incorrect:
<incorrect> damn, i wish i hadn't old the installer to erase data from a partition
<EtienneG> hey guys ... where should we report bugs against the UEC karmic image?
<EtienneG> not about a specific package, but the AMI itself?
<Hypnoz> I have a server with two nic cards, and both have their own ip. But both are pushing traffic through the same cable. Anyone know how thats possible?
<SyL> Hypnoz: it isn't, how do you know they are pushing through both IPs?
<Hypnoz> if i disable the switch port for one of the nics, it keeps pinging
<Hypnoz> and it's running at 100mbit instead of 1gig, same speed as the other port
<Hypnoz> and if i disable the switch port for the 100mbit connection, both stop pinging at the same time
<SyL> then I would imagine that you have 2 IPs on 1 NIC card.
<SyL>  /sbin/ifconfig will show you. eth0 and eth1 will have tx and rx
<zul> smoser: ^^^
<Hypnoz> eth0      Link encap:Ethernet  HWaddr 00:21:5e:4d:c7:41
<Hypnoz>           inet addr:10.1.11.195  Bcast:10.1.11.255  Mask:255.255.255.0
<Hypnoz>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
<Hypnoz>           RX packets:668438 errors:0 dropped:0 overruns:0 frame:0
<Hypnoz>           TX packets:389284 errors:0 dropped:0 overruns:0 carrier:0
<Hypnoz>           collisions:0 txqueuelen:1000
<Hypnoz>           RX bytes:61820665 (58.9 MB)  TX bytes:50181250 (47.8 MB)
<Hypnoz>           Interrupt:16
<Hypnoz> eth1      Link encap:Ethernet  HWaddr 00:21:5e:4d:c7:42
<Hypnoz>           inet addr:10.1.10.195  Bcast:10.1.10.255  Mask:255.255.255.0
<Hypnoz>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
<Hypnoz>           RX packets:1694179 errors:0 dropped:0 overruns:0 frame:0
<Hypnoz>           TX packets:983370 errors:0 dropped:0 overruns:0 carrier:0
<Hypnoz>           collisions:0 txqueuelen:1000
<Hypnoz>           RX bytes:2178889683 (2.0 GB)  TX bytes:102839047 (98.0 MB)
<Hypnoz>           Interrupt:18
<Hypnoz> shit
<Hypnoz> sorry
<Hypnoz> http://pastebin.com/d403b2ac9
<Hypnoz> thought the link was in my clipboard
<smoser> EtienneG, https://bugs.launchpad.net/ubuntu/+filebug?field.tags=uec-images
<Hypnoz> both interfaces look good right. both have their own IP and mac
<incorrect> i have 4 disks, i've set up a swap partition on each, a /boot RAID 1(x4) same for / and /var and a /srv as a raid10
<EtienneG> AAAAaaaargh! filebug redirection
<SyL> Hypnoz: can you do "route -n" for me and put it in a pastebin?
<Hypnoz> http://pastebin.com/d6dec17b5
<zul> have a good weekend
<Hypnoz> the 10.1.5.0 to 10.1.11.190 is an openvpn static route
<mathiaz> EtienneG: https://bugs.edge.launchpad.net/ubuntu/+filebug?no-redirect&field.tags=uec-images
<EtienneG> mathiaz, that is so much better
<Hypnoz> SyL, there is one weird thing, I have my default gateway set for the 11 interface in /etc/network/interfaces
<Hypnoz> but still showing 0.0.0.0 in route -n
<Hypnoz> err nevermind, its the default one at the bottom
<SyL> Hypnoz: I don't know the full details, but I'm guessing the traffic is going out the vpn.
<SyL> there are 2 ways you can test what's going on. unplug cables one at a time, or shut down the interfaces one at a time.
<incorrect> this expert installer doesn't seem too stable
<bnjmn> erichammond, which Ubuntu ec2 image would you use at this point?
<erichammond> All of my production systems run on the Ubuntu 8.04 Hardy AMIs I publish on http://alestic.com (32- and 62-bit) though I sometimes use the 9.04 Jaunty as well.  As far as I know, these are probably the most popular two Ubuntu images out there at this time.
<erichammond> I'm supporting the Canonical AMI development process with the goal of having those AMIs become the public standards.
<bnjmn> cool. great, I will check those out. how might I also get the kernel source & config used on those so i can build my own kernel module?
<incorrect> so, like mdadm RAID10 is a bad idea
<qman__> why
<bnjmn> erichammond, nevermind, i see your AMI is using one of amazon's kernels, so I know where to get the stuff i need. thanks
<erichammond> bnjmn: http://alestic.com/2008/05/kernel-modules-2-6-21
<erichammond> bnjmn: Yes, and you should be aware that using Amazon's kernel makes it not not completely "Ubuntu".  It's just the most reliable way I've found to run Ubuntu on EC2 at this time.  I believe better times are coming :)
<erichammond> bnjmn: If you need to use XFS on 2.6.21, you'll need to pick up a special xfs.ko built by Amazon.  Ping me later if you can't find this.
<bnjmn> erichammond, actually, i needed a newer squashfs of all things. i got it worked out now.
<bnjmn> thanks
<axisys> how do I make my ubunut server a print server ? i like to take print requests and send it over to the printer which is on different network
<mathiaz> axisys: https://help.ubuntu.com/9.04/serverguide/C/cups.html
<mathiaz> axisys: this is for jaunty though.
<axisys> mathiaz: that is what i am running
<axisys> it does not explain how i can take a request from another server and send it over to a printer which is on a different network..
<axisys> mathiaz: does it? may be i should read it again?
<axisys> how do I send a print request from client 192.168.0.21 to a cupsd running on a remote machine 192.168.0.98 ?
<incorrect> right, so RAID10 is a no go
<incorrect> so what kernel should i use to run a kvm server?
<EtienneG> am I correct in thinking that ec2-init in jaunty do not work when the instance is run on Eucalyptus?
<axisys> looks like this is what i was looking for http://ubuntuforums.org/showpost.php?p=511007&postcount=3
<smoser> EtienneG, i dont know why hat would  be
<EtienneG> smoser, I am filing a bug
<EtienneG> hold on
<EtienneG> smoser, if you care, it is bug #432773
<uvirtbot> Launchpad bug 432773 in ec2-init "ec2-fetch-credentials do not work in jaunty instance being run on Eucalyptus" [Undecided,New] https://launchpad.net/bugs/432773
<swoody> is there a way to connect to a remote server, like with SSH, but be able to see/use the desktop on that server?
<mushroomblue> swoody: FreeNX
<mushroomblue> swoody: VNC can tunnel through SSH
<mushroomblue> swoody: RDP can be used, as well.
<swoody> ok, I'm going to point someone in here, if you guys can help him out with that? :)
<mushroomblue> hah.
<mushroomblue> sadly, my tech support shift is over now.
<swoody> haha
<johndoe14> ok was told by swoody to come ask for help in here
<swoody> :)
<johndoe14> I have a remote server with ubuntu desktop 9.04 and am wondering if i can access the gui on it via remote
<mushroomblue> https://help.ubuntu.com/community/FreeNX
<mushroomblue> read that.
<mushroomblue> that's by far the easiest solution.
<johndoe14> k will try ty ill probaly beback :/
<incorrect> kernel does not matter for kvm?
<hokatichenci> I just installed server 9.04 but I can't get the static network configuration to work
<hokatichenci> I edited /etc/network/interfaces as the documentation says, but "/etc/init.d/networking restart" and reboots do not bring the interface up
<hokatichenci> However, "ifup eth0" works
<blak111> do you have "auto lo eth0" in the /etc/network/interfaces?
<cemc> what filesystem to use for a large number of small files, like /usr/src, lots of small source files and headers
<hokatichenci> blak111 - danke :)
<hokatichenci> I've found reiserfs to be good with large numbers of small files
<hokatichenci> <4kb
<johndoe14> im having problomes installing nx does someone have time to go to a msg box and help me walk thru the steps i am new to ubuntu
<hokatichenci> linux is pretty good at storing a lot of metadata in cache so if you're doing repeated actions you'll see decent lookup performance
<android60> I want to be able to access my computer via ssh over internet, but I am worried about security. a WOL udp port 9 and 777-> 22 for ssh are the only ports I have open on my router. any suggestions?
<mathiaz> bdmurray: hey - any news on running my bug scripts on qa.ubuntu.com?
<bdmurray> mathiaz: hey - yes I'm actually work on that right now! ;-)
<mathiaz> bdmurray: \o/
<mathiaz> bdmurray: let me know if you have any question
<bdmurray> mathiaz: line 86 in acceptedbugs.py should be Distro Series I think
<mathiaz> bdmurray: http://people.canonical.com/~mathiaz/buglists/acceptedbugs.ubuntu-server.latest.html
<mathiaz> bdmurray: ^^ it's just one serie
<mathiaz> bdmurray: or may be I'm confused by the spelling
<bdmurray> mathiaz: okay, how about we call it Release ?
<mathiaz> bdmurray: sure
#ubuntu-server 2009-09-19
<bdmurray> mathiaz: still around?
<mathiaz> bdmurray: yes!
<bdmurray> Traceback (most recent call last):
<bdmurray>   File "./dailynewbugs.py", line 88, in <module>
<bdmurray>     if task.date_created.date() <= end_date:
<bdmurray> AttributeError: 'unicode' object has no attribute 'date'
<bdmurray> qa.ubuntu.com is running hardy
<bdmurray> and an older version of launchpadlib
<mathiaz> bdmurray: hmmm
<mathiaz> bdmurray: of course I was developing on karmic :/
<bdmurray> right who would use hardy...
<martin-rightscal> smoser: you still around?
<mathiaz> bdmurray: well - launchpadlib wasn't in hardy either
<mathiaz> bdmurray: it seems that this is the problem
<mathiaz> bdmurray: which version of launchpadlib is installed?
<bdmurray> 0.2~bzr25-0ubuntu1~CAT.8.04.1
<bdmurray> I can probably sort this out
<mauren> anyone using bazaar
<mauren> I'm going to make myself a development environment tomorrow. I was thinking about bazar.
<mauren> I've never actually used a revision control system before *shame*
 * mauren prays
<mauren> Isnt it supposed to be more distributed and has some coupling with launchpad/
<mauren> ?
<uvirtbot> New bug: #432810 in libvirt (main) "[karmic] Can't start qemu system VMs via virt-manager due to AppArmor error" [Undecided,New] https://launchpad.net/bugs/432810
<mauren> I've read about cvs, svn and bzr, and the impression I get is that people don't like bazar mainly because they're already accustomed to another revision control system.?
<bdmurray> mathiaz: okay all sorted - http://qa.ubuntu.com/reports/ubuntu-server-team/
<mathiaz> bdmurray: this is awesome!
<mathiaz> bdmurray: are the cron jobs setup correclty?
<bdmurray> mathiaz: in a moment
<bdmurray> mathiaz: I might send you the hardy patches too
<mathiaz> bdmurray: yes - if you could actually push a bzr branch
<mathiaz> bdmurray: and let me know where it is - I'll merge it
<bdmurray> mathiaz: its really irritating that date objects are different depending which version of launchpadlib you have
<erichammond> mauren: I've used cvs and svn seriously for over a decade, and others before that (rcs, ClearCase, ...).  I recently picked up a little bzr so I could interact with launchpad and didn't have any complaints about it.  git seems more fashionable outside of Ubuntu at the moment, but I think bzr would be a fine place to start given what I've seen.
<mauren> alright
<mauren> erichammond thanks for your input
<ScottK> On a commercial project I'm involved in they just picked bzr due to the extreme pain associated with using git when you haven't used it before.
<mauren> i've always used SVN
<ScottK> To start with bzr, you can bzr co, bzr up, bzr ci, just like you would with svn.
<ScottK> Then you can learn to use it as a dvcs on a pace you decide.
<mauren> nice
<mauren> i'll give it a try now
<ScottK> That was another consideration for the other project.  No immediate hate from svn users.
<erichammond> :)
<mauren> :P
<cemc> I just moved my 9.04 install from a hdd to another. everything's working fine except the network, which I'm not sure why but doesn't want to (at least the ipv4 part, it's getting no ip address, no nothing). any ideas?
<jmarsden> cemc: Different NICs -- and so different MAC addresses?  or was the HD really the only thing that changed?
<s0|> hello, what command (or serieries of commands) can i use to determine the model of 3ware raid card that a machine has in it?
<jmarsden> s0|: lspci  is probably a start
<XiXaQ> is it ok to put my FQDN in /etc/hostname or should I only use the machines name without any dots?
<s0|> jmarsden, thanks, couldn't seem to put a good enough google string togeather to get that.
<jmarsden> s0|: No problem.
<jmarsden> XiXaQ: You can use the FQDN if you wish to, bit it is more common to use the short name in there.  When you are done, hostname should output the short name, dnsdomainname should output your domain, and hostname --fqdn  should output the whole thing.
<jmarsden> XiXaQ: Also check /etc/mailname   if you are editing this stuff by hand.
<Vashta_Nerada> how do i turn off telnet?  (telnetd actually)
<Vashta_Nerada> ubuntu 9.04
<Vashta_Nerada> i think i turned it on, now that I have ssh up and running i want to disable it
<jmarsden> Vashta_Nerada: sudo apt-get purge inetutils-telnetd     But how did you "accidentally" turn it on??
<Vashta_Nerada> no i turned it on
<Vashta_Nerada> i mean i believe it was not on by default
<Vashta_Nerada> and i wanted it on
<jmarsden> Vashta_Nerada: Right, telnetd is not installed by default, because it is a huge security risk.
<Vashta_Nerada> right
<jmarsden> So to undo that, you just uninstall the package.
<Vashta_Nerada> this is not a mission critical server, it's my let's learn linux server
<Vashta_Nerada> thank you sir
<jmarsden> Vashta_Nerada: Sure.. but be careful.   You'll "learn" alright, if it gets hacked and someone on another continent uses it to spam half the planet, or to distribute child porn or whatever...!
<Vashta_Nerada> i see
<Vashta_Nerada> well, i suppose i can use wireshark to make sure it's not doing wacky stuff right?
<jmarsden> In other words, servers can be worth hacking into even if they contain no valuable data... they end up being used for bad things... so you should keep all machines on the Internet secure, whether they are just learning machines or production servers.
<Vashta_Nerada> i hear ya
<jmarsden> Wireshark might show you the traffic, unless the bad guys tweaked libpcap to hide their traffic, or something like that -- possible, but unlikely.
<Vashta_Nerada>  i could re-install just in case
<jmarsden> Sure, that would be one way to be a lot more sure.
<Vashta_Nerada> weird
<Vashta_Nerada> would you like me to show you the output
<Vashta_Nerada> do you guys use a pastebin?
<jmarsden> use any one you like... pastebin.ubuntu.com is fine
<jmarsden> If you install pastebinit you can do pastebin-creation from the command line, which is often convenient.
<Vashta_Nerada> http://pastebin.ubuntu.com/273876/
<Vashta_Nerada> did i get rd of it? should i remove any of that other stuff?
<jmarsden> So you didn't have inetutils-telnetd installed, and you have a few packages you no longer need.
<Vashta_Nerada> yeah, i'm confused actually
<jmarsden> Are you sure you *have* telnetd running?
<Vashta_Nerada> because telnet works
<Vashta_Nerada> well, no, i'm a n00b
<jmarsden> OK, what does    sudo netstat -ntlp | grep :23      output
<Vashta_Nerada> i thought i did because of another session
<Vashta_Nerada> tcp        0      0 0.0.0.0:23              0.0.0.0:*               LISTEN      2202/inetd
<XiXaQ> jmarsden, thanks. How does it know the fqdn if I don't add it to /etc/hostname? reverse dns?
<jmarsden> Vashta_Nerada: Hmmm, so inetd is listening on port 23...
<Vashta_Nerada> i guess so....
<jmarsden> XiXaQ: More likely the entry in /etc/hosts
<Vashta_Nerada> hmmm
<Vashta_Nerada> i'm not sure what that means
<jmarsden> Vashta_Nerada: What did you do to enable telnet, exactly?
<Vashta_Nerada> so i didn't have to sit at the desk
<XiXaQ> jmarsden, oh, that works both ways? Ip to hostname as well?
<jmarsden> XiXaQ: It's mildly complicated, but yes.  The hostname man page says in part:    Technically: The FQDN is the name gethostbyname(2) returns for the host name returned by gethostname(2).  The DNS
<jmarsden>        domain name is the part after the first dot.
<Vashta_Nerada> i also tried to enable vnc and nx for pretty much the same reason
<jmarsden> Vashta_Nerada: No, I don't care about *why*, I care about what you actually *did* to enable telnet... what commands did you type to enable it?
<Vashta_Nerada> : /
<Vashta_Nerada> idk
<jmarsden> How is this "learning", if you do not know what you have done?
<Vashta_Nerada> lol
<XiXaQ> jmarsden, are there any negative side effects of putting an FQDN in /etc/hostname?
<jmarsden> XiXaQ: Not that I know of, but it's not something I have done in the Ubuntu world.
<XiXaQ> ok, thanks. I guess I'll read up on this :)
<Vashta_Nerada> well i guess i've learned something
<jmarsden> Vashta_Nerada: I'll check for what you might have done to get inetd listening on pport 23...
<Vashta_Nerada> how will you do that
<jmarsden> Combination of google, apt-file and looking around on my own machines :)
<jmarsden> Do you have inetutils-inetd installed?
<Vashta_Nerada> dude, i couldn't tell ya
<jmarsden> What does dpkg -l inetutils-inetd    output?
<Vashta_Nerada> you're making me think i should re-do the whole machine and use a notebook for the next one
<jmarsden> That would probably be good, actually :)
<Vashta_Nerada> http://pastebin.ubuntu.com/273880/
<jmarsden> BTW, you might want to read through http://tldp.org/LDP/intro-linux/html/intro-linux.html
<jmarsden> OK, the un means the package is not installed.  So something else installed inetd and set it to listen on port 23...
<Vashta_Nerada> i will do that
<Vashta_Nerada> i did get an A in my intro to linux class though
<Vashta_Nerada> that was two years ago though
<Vashta_Nerada> i'm not bragging, trust me, i forgot a lot
<jmarsden> So hopefully reading through it will be a good refresher and bring you back up to speed.
<Vashta_Nerada> and this is debian that was fedora
<Vashta_Nerada> yes sir it will
<Vashta_Nerada> and i'll try to get to it
<Vashta_Nerada> working on my ccna atm
<Vashta_Nerada> and in the home stretch
<Vashta_Nerada> linux is actually for stress relief !
<jmarsden> OK.  What does     dpkg -l | grep inetd    output
<Vashta_Nerada> o.O
<XiXaQ> jmarsden, ah.. It looks in /etc/hosts for an FQDN where the leftmost part is equal to /etc/hostname and then appends the rest of that as its FQDN? What, then, if my /etc/hosts contain several, like I might have both "www.ubuntu.com" and "www.wikipedia.org" in /etc/hosts and /etc/hostname is "www"?
<Vashta_Nerada> http://pastebin.ubuntu.com/273882/
<jmarsden> XiXaQ: Usually /etc/hosts entries are like 192.168.1.1   myname.mydomain.com myname
<jmarsden> XiXaQ: So you get the FQDN first and the the short name as an alias after it.
<XiXaQ> ah, I see.
<jmarsden> Vashta_Nerada: aha, openbsd-inetd... interesting choice of inetd, but there we go.. I'd suggest uninstalling that    sudo apt-get purge openbsd-inetd     and then recheck  with     sudo netstat -ntlp | grep :23
<XiXaQ> no, really, I mean it this time! :)
<Vashta_Nerada> wow apt-get autoremove as seemed to removed a week and a halfs worth of boneheadery, i gotta look that feature up
<Vashta_Nerada> no output from : sudo netstat -ntlp | grep :23
<Vashta_Nerada> thanks jmarsden
<jmarsden> It will clean out all packages that were installed as dependencies of stuff you actually asked for at some point, but have since uninstalled.    OK, looks like you are all set.
<jmarsden> No problem.
<Vashta_Nerada> yeah
<Vashta_Nerada> ok, advice corner time
<Vashta_Nerada> should i install nx?
<jmarsden> What do you need or want it for?
<Vashta_Nerada> so i can disconnect the monitor an keyboard and still use the gui when i so desire
<Vashta_Nerada> i did it once for a client and i liked it
<fj> hi
<Vashta_Nerada> i tired vnc, you might have seen that, and i couldn't get it to work properly
<fj> I am new here and I got a quick question regarding Cisco VPN Client
<jmarsden> Vashta_Nerada: You can use ssh for that, X over SSH works fine.  Or use VNC if you really must.  Overall I think the "more Linux-oriented" approach would be ssh and X, but it's your choice
<fj> anyone can help setting it up?
<Vashta_Nerada> X?
<jmarsden> fj: There is a Cisco VPN Client package for Ubuntu Server?
<jmarsden> Vashta_Nerada: The X Window System... :)
<Vashta_Nerada> can you link me to an explainaition
<Vashta_Nerada> yes, i mean i believe i'm running X but i want to remote into the box
<Vashta_Nerada> i mean, the gui IS x
<fj> jmarsden: not very sure
<Vashta_Nerada> i thought
<jmarsden> Right, so get an X server on the local PC, and then ssh to the remote machine and run whatever X client programs you need and their display will be on your local machine...
<fj> jmarsden: but i am keen to know if there is one
<Vashta_Nerada> hmmm
<Vashta_Nerada> i'll google that
<jmarsden> fj: Why would you want one on a server, exactly?  A Ubuntu server, with no GUI... ? What purpose would a Cisco VPN client have on such a machine?
<Vashta_Nerada> can i do that from a windows xp pc?
<jmarsden> Vashta_Nerada: well, you'll need to find an X server for Windows XP, which is awkward but possible.  Better to use a Linux desktop box as the client, I would say :)
<fj> jmarsden: i'm sorry, maybe i joined try the wrong channel. Someone in #ubuntu suggest I join this channel to post this question. I am actually running Ubuntu 9.04
<Vashta_Nerada> : /
<Vashta_Nerada> that's why i wanted nx
<fj> jmarsden: i didn;t know there is a different version of Ubuntu
<Vashta_Nerada> no i remember the problem back then
<Vashta_Nerada> *now
<jmarsden> fj: #ubuntu-server is for support of the Ubuntu server edition, which has no GUI.
<fj> jmarsden: ah...ok
<jmarsden> Vashta_Nerada: There is Xming which could work for you under XP if you want to try the X approach that way.
<fj> jmarsden: so which channel you would recommend me to join?
<Vashta_Nerada> i will look at that, thank you jmarsden
<jmarsden> fj: I'm not really sure.  http://compnetworking.about.com/od/vpn/p/ciscovpnclient.htm   suggests there is a Linux version of that client, you might start there.
<jmarsden> Argh, now I found a HOWTO for that client on Ubuntu, fj is not here any more... oh well... http://www.longren.org/2007/05/17/how-to-cisco-vpn-client-on-ubuntu-704-feisty-fawn/ (old, but maybe a start).
<hokatichenci> Are you kidding me? NRPE depends on the kitchen sink?
<pwnguin> well, npre is kinda creepy
<pwnguin> "please run this script with these parameters and return the output to me"
<hokatichenci> Yeah, with a couple caveats about timing and whatnot.
<hokatichenci> I mean sure you could replace that with a couple lines of well, probably anything...
<Zermelo-Fraenkel> Somebody tell me how to start conversation here
<mushroomblue> talk about your local sports team.
<Zermelo-Fraenkel> Hello Mushroom
<hokatichenci> Talk about web 2.0 blogosphere synergy with rabid, maneatig republican bears?
<Zermelo-Fraenkel> Can anyone hear me?
<mushroomblue> what?
<Zermelo-Fraenkel> Please if anyone hears me out, acknowledge by uttering my name Zermelo
<Zermelo-Fraenkel> I don't how to use this, good grief
<jmarsden> !ot | Zermelo-Fraenkel
<ubottu> Zermelo-Fraenkel: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics. Thanks!
<Zermelo-Fraenkel> Oh thanks so the thing did work, thanks ubottu
<Zermelo-Fraenkel> All right I'll go over there to #ubuntu
<android60> which channel helps with karmic server?
<jmarsden> android60: Interesting question... probably #ubuntu+1 if the question is definitely Karmic-specific.
<android60> well its not quite, even though I have my drive listed in /etc/fstab. it is not mounted on boot. a sudo mount -a mounts it. I have 2 identical entries for my 1tb drives. only diff is uuid for sda1 and sdb1
<android60> and sdb1 mounts fine
<android60> on boot
<jmarsden> Sounds odd... but you mount partitions, not drives.  Is this order-dependent -- is the mount point for sda1 in the filesystem that is on sdb1 ?
<android60> no
<android60> i have 3 drives, a 40gb system, and the 2 1tb drives, they are mounted at /media/MainStorage1 and /media/ArchiveDisk1
<android60> im thinking its just a karmic big
<android60> bug**
<jmarsden> Seems unlikely... is the system brand new and so "expendable" at this point -- if so, install 9.04 Server as a test, and see if it does any better :)
<android60> i never had problems with 9.04 but i didnt use it very long
<ScottK> Actually the mount system is part of what got re-engineered in the breakage earlier in the week.  I'd ask in #ubuntu+1
<foxbuntu> evening/morning all, Im going to pull a newb question and ask where my apache2 log sits, for some reason it wont start and I am trying to figure out why
<Vashta_Nerada> jmarsden: are you around?
<Vashta_Nerada> well if you notice this and remember me, i'm seriously considering reinstalling
<Vashta_Nerada> just too many variables, idk if it's me or if it's just normal linux fun
<martinjh99> Running Server 9.04 and when it installed it asked me wether I wanted to do updates - I said yes and I was wondering how it did them as I can't find a cronjob entry for updating...
<andol> foxbuntu: /var/log/apache2/
<andol> foxbuntu: You might also take a look inside /var/log/syslog, in case the problem arise before apache2 is actually started
<foxbuntu> andol, yes thanks, I remembered and promptly gave myself a dork stamp
<Maelos`> How can I go about installing newer versions of a given package?  Jaunty comes with ejabberd 2.0.3, but I'd like the 2.0.5 package.  Is it possible to install that set of packages?
<cemc> is it just me or is jfs a lot slower at deleting a bunch of small files than ext3?
<Debolaz> JFS should generally be avoided imho.
<cemc> Debolaz: why ?
<Debolaz> In my personal experience, it has bricked my system twice when shutting down properly, and it's not actively developed (For Linux anyway) either.
<Debolaz> when not shutting down properly even
<Debolaz> I just don't trust it with my data anymore.
<cemc> what else do you use ?
<Debolaz> And from what I've read, though for different than my own reasons, it seems people recommends against using it.
<cemc> hm, it's deleting my Maildir/ folder for like 10 minutes now, and it's not done yet
<Debolaz> I've settled for ext3 on Linux. I've not had any major disasters with it, and it has an overall good performance.
<cemc> yeah, my instinct always said just stick to ext3, I dunno why I'm wasting time trying anything else ;)
<cemc> xfs is a pain to fsck, jfs is slow to delete, and don't even get me started on reiser. eh, fsck it, I'm going back to ext3 and no more messing around ;)
<Vashta_Nerada> Hey, anyone I'm trying to be able to view my linux gui on my xp via ssh.  I have an ssh connection  and someone suggested installing xming.  I have xming running but i get certain errors that lead me to believe that maybe iI haven't a clue as to what i'm doing.... things like Xauthority not writeable.  I know I've gotten some of it done but I really don't know what i might need to do more, ...
<Vashta_Nerada> ...Question: is Xming all I need to view the linux gui? or will i need some other application to do it?  does anyone have any ideas on how i can finish this little project?
<incorrect> not that i've benchmarked kvm, but you got to love being able to vnc into a vm
<chrisw> Greetings everyone. I have a question. Is there an easy way to create a Windows-like domain in Linux, but with no Windows machines (and therefore no need for Samba).
<Gnea> syslog-ng isn't working anymore, I don't know why, I don't know where to start... I've tried restarting it, but nothing will log!  I tried the logger command, and nothing, at all.  There was some error about running out of drive space, but that problem was fixed... so it thinks there's still no drive space? there's over 8G free!
<Anirban1987> > I have set memory_limit = 16M in php.ini file , but sometimes when I run a php script it goes beyond that limit !
<Anirban1987> how to restrict RAM usage by an apache script on Ubuntu ?
<wildgoosed> hey everyone. i just finished installing 9.04 server. can i somehow get back to the setup screen and install the lamp role ?
<ScottK> wildgoosed: sudo tasksel should do it (IIRC)
<wildgoosed> awesome worked thanks!
<ScottK> You're welcome.
<XiXaQ> I'm having some problems with guest vms crashing because of cpu frequency scaling. If I use cpufreq-set -g performance, will that be remembered between boots, or do I have to run it after each reboot?
<giovani> XiXaQ: cpufreq-set is just a frontend to some /sys settings
<giovani> XiXaQ: and since those are kernel variables, they'll need to be set every boot, which is typically done in /etc/sysfs.conf
<XiXaQ> I don't have a /etc/sysfs.conf?
<giovani> what verison of ubuntu-server are you running?
<XiXaQ> jaunty.
<giovani> XiXaQ: then you may need to create it -- it's on every system I have
<XiXaQ> where do I find out what format it should have?
<giovani> XiXaQ: well if it were me, I'd be using google
<XiXaQ> hehe, yes, I'm sorry about that. :)
<XiXaQ> sometimes the fingers are faster than the mind, it seems. :)
<giovani> sudo apt-get install sysfsutils
<giovani> that'll provide sysfs.conf, and associated applications
<alex-weeej> i can't start my vm with virt-manager due to some bug in the new apparmor/libvirt stuff, does anyone know how to start them via command line?
<XiXaQ> giovani, I installed sysfsutils (which gave me /etc/sysfs.conf) and added "devices/system/cpu/cpu0/cpufreq/scaling_governor = performance", but when I rebooted the server, it was back to ondemand.
<XiXaQ> what am I doing wrong?
<XiXaQ> alex-weeej, virsh start <domain name>
<arrrghhh> so i'm trying to switch from using alsa as my local sound output to using pulse - and yes, this is on ubuntu-server w/o an X server.
<arrrghhh> i use mpd to put pulse out to a network stream, which works well.  but it's not quite in sync.  alsa handles the local sound, but i was thinking if pulse did it all it would be more in sync.
<android60> I am having user problems. How can I add a user and allow them ssh access? every time i add a user even if i specify a password i get authentication failed when i try to login with it
<alex-weeej> XiXaQ, error: AppArmorGenSecurityLabel: cannot generate AppArmor profile 'libvirt-5539255a-03ec-319f-10af-79f8efbf7195'
<XiXaQ> are you in the libvirtd group?
<XiXaQ> alex-weeej?
<alex-weeej> XiXaQ, alex : alex adm dialout cdrom plugdev lpadmin admin sambashare libvirtd
<jdstrand> if you want to take AppArmor out of the equation, see /usr/share/doc/libvirt-bin/README.Debian.gz
<jmarsden> giovani and XiXaQ : The file with the kernel vars in it is /etc/sysctl.conf
<jdstrand> (but dmesg will tell you what apparmor is denying, if anything)
<XiXaQ> jmarsden, then I should add the line to sysctl.conf instead? Same line?
<jmarsden> XiXaQ: I think so.  I'm not familiar with the CPU frequency scaling stuff, but that is the file that stsctl uses to set a bunch of kernel variables at every boot...
<jmarsden> *sysctl
<alex-weeej> jdstrand, i'm not sure what to do -- it doesn't seem as if apparmor is even denying anything, rather the code that prepares an apparmor profile for a kvm instance is falling over? (i don't know...)
<alex-weeej> jdstrand, i ran the two commands to disable the aa profile at the bottom of the README and it's still giving the same error
<jdstrand> alex-weeej: it may not be apparmor at all. you need to restart libvirt too
<jdstrand> alex-weeej: /etc/init.d/libvirt-bin restart
<alex-weeej> jdstrand, ok it starts now
<jdstrand> alex-weeej: you can see if it is disabled by doing 'virsh capabilities' and seeing if apparmor is listed in the host section
<jdstrand> alex-weeej: the vm starts now?
<alex-weeej> jdstrand, yes, just making sure it's all coming up now...
<jdstrand> alex-weeej: do you have auditd installed?
<alex-weeej> not sure
<alex-weeej> how can i tell?
<jdstrand> alex-weeej: dpkg -l|grep auditd
<alex-weeej> no lines
<jdstrand> alex-weeej: can you paste the output of 'dmesg | grep audit' somewhere?
<alex-weeej> jdstrand, http://pastebin.ca/1572111
<jdstrand> alex-weeej: can you file a bug using 'ubuntu-bug libvirt-bin'? I'll follow up with you in the report
<alex-weeej> jdstrand, https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/432810
<uvirtbot> Launchpad bug 432810 in libvirt "[karmic] Can't start qemu system VMs via virt-manager due to AppArmor error" [Undecided,New]
<alex-weeej> jdstrand, do you need to me to attach data using apport?
<arrrghhh> can anyone help me switch from using alsa to pulse as the local audio output device?
<jdstrand> alex-weeej: I added what I need right now to the bug report
<jdstrand> alex-weeej: but, doing 'apport-collect -p libvirt-bin 432810' would also be helpful
<alex-weeej> jdstrand, do you want me to run those commands having already disabled the apparmor stuff?
<alex-weeej> and if not, you need to tell me how to undo what i did with the two commands at the bottom of the README :)
<jdstrand> alex-weeej: if you could renable it that would be great. 'sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.libvirtd ; sudo /etc/init.d/libvirtd restart'
<jdstrand> alex-weeej: that left it disabled on reboot for now
 * ink hates pulse-audio
<ink> tell me all about latency and per-application mixers all you want, but give me oss4 without it's borked master mixer and without audio snaps any day of the week
<arrrghhh> ink, well i'll tell you why i want pulse.  i have alsa/mpd pumping out local audio to an amp.  i want to stream the audio to a lappy in another room.  so in the mpd room the suggested pulse.  pulse works ok, it lags a little behind alsa.  plus, when there's nothing listening on the pulse stream and it's enabled alsa skips.  disable pulse or put something up to listen to it, and alsa is fine.
<ink> arrrghhh:  just tell me how to get Pidgin to play buddy sounds without obnoxious static all over the place, and how to get Rhythmbox to use its mixer without rebooting (is this Windows??)
<arrrghhh> ink, hrm... i don't run X on my server...
<ink> after a day or so, Rhythmbox will just start ignoring the gnome-volume-control, and I have to reboot to get it to work again
<arrrghhh> or pidgin or rhythymbox.
<ink> what are you streaming audio with?  :-)
<alex-weeej> jdstrand, Skipped: /etc/apparmor.d/disable/usr.sbin.libvirtd
<arrrghhh> ink, pulse & mpd.
<jdstrand> alex-weeej: ok, rm that symlink (I forgot that apparmor_parser would do that)
<arrrghhh> mpd plays music to my amp thru alsa, and i just setup pulse to stream audio across the local network.
<alex-weeej> alex@whoosh:~/Desktop$ sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.libvirtdCached reload succeeded for "/etc/apparmor.d/cache/usr.sbin.libvirtd".
<alex-weeej> jdstrand, ok?
<jdstrand> alex-weeej: sounds good
<alex-weeej> jdstrand, also the init script is libvirt-bin, not libvirtd i think
<jdstrand> alex-weeej: yes, you are correct
<alex-weeej> jdstrand, https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/432810
<uvirtbot> Launchpad bug 432810 in libvirt "[karmic] Can't start qemu system VMs via virt-manager due to AppArmor error" [Undecided,New]
<jdstrand> alex-weeej: meh, typed to fast. need ls -lR /etc/apparmor.d. sorry
<jdstrand> s/to/too/
<alex-weeej> jdstrand, ok, done
<hexa> hi
<hexa> does anybody know about why munin sucks up my graph? :D http://www.ubuntu-pics.de/bild/25117/screenshot_120_IbnI4p.png
<hexa> daily is fine, weekly, monthly, yearly however isn't
<hexa> i can't really get a clue
<jdstrand> alex-weeej: can you give me the xml for that machine? Eg:
<jdstrand> virsh dumpxml <vm name> > /tmp/<vm name>.xml
<jdstrand> alex-weeej: please substitute <vm name> for the actual name of the machine
<alex-weeej> :)
<alex-weeej> jdstrand, you want it on the bug report or just pastebin?
<jdstrand> alex-weeej: pastebin is fine for now
<alex-weeej> jdstrand, http://pastebin.ca/1572135
<alex-weeej> out of interest, what is the point in all this apparmor stuff?
<jdstrand> alex-weeej: it is to protect hostile virtual machines
<jdstrand> alex-weeej: err
<alex-weeej> ...the host from
<jdstrand> alex-weeej: protect you from hostile virtual machines
<jdstrand> alex-weeej: https://wiki.ubuntu.com/SecurityTeam/Specifications/AppArmorLibvirtProfile
<alex-weeej> so rather, to protect us from buggy hypervisors?
<alex-weeej> ah right, yes :)
<jdstrand> specifically: Virtual machines started by libvirt run unconfined. If there is a bug in the hypervisor, a guest could potentially attack other guests or the host. Providing an AppArmor profile would help protect against this."
<jdstrand> Libvirt now contains AppArmor integration when using KVM or QEMU. Libvirtd is now configured to launch virtual machines that are confined by uniquely restrictive AppArmor profiles. This feature significantly improves virtualization in Ubuntu by providing user-space host protection as well as guest isolation.
<jdstrand> alex-weeej: ok, I can reproduce. thanks for your help!
<alex-weeej> jdstrand, ok but i get this even when creating new VMs
<alex-weeej> jdstrand, dunno whether that counts for anything
<jdstrand> alex-weeej: feel free to disable for now and check back after the next libvirt update
<alex-weeej> jdstrand, thanks
<alex-weeej> byee
<hexa> hm ist es mÃ¶glich, dass seit Ã¼ber einem monat keine updates fÃ¼r ubuntu jaunty server rauskamen?
<hexa> oops
<hexa> is it possible that for over a month there haven't been any upgrades to ubuntu jaunty server?
<mauren> hi
<mauren> not sure if i have a bug here, an issue with kdebluetooth
<hexa> mauren kde is not related to ubuntu-server, is it?
<mauren> hexa its just an issue with kde bluetooth on my server
<hexa> i was just wondering
<mauren> i submitted the issue on launchpad
<mauren> but didnt get any response which is why im ehre
<mauren> :)
<hexa> so what is it? :)
<mauren> im trying to lookup the launchpad number
<mauren> what do you call those
<mauren> where i submit bugs
<hexa> bug number? :D
<mauren> yes
<hexa> https://bugs.launchpad.net/bugs/+bugs?field.searchtext=kdebluetooth&search=Search+Bug+Reports&field.scope=all&field.scope.target=
<hexa> take your pick
<mauren> hexa bugs #136307
<mauren> similar to that issue
<uvirtbot> Launchpad bug 136307 in kdebluetooth "kblueplugd crashed with NameError in <module>()" [Medium,Fix released] https://launchpad.net/bugs/136307
<mauren> crashed when i closed my bluetooth after i finished sending the file using bluetooth
<mauren> but its a similar issue to that
<hexa> I actually don't use kde nor bluetooth within my server
<mauren> ok
<hexa> so I can't verify that
<mauren> ok
 * mauren nods
<aubre> EtienneG: I got my image packaging problems over with but I am having the same 403 Forbidden problem you are/were having when I try to fire up an instance
<aubre> EtienneG: I do have Walrus/SC working though
<aubre> I'm sitting in on zoopster's talk at ALF right now
<Skaag> I am running 'watchdog' on Ubuntu but it's "defunct" although syslog shows no complaints from the watchdog process
<Skaag> I made sure the softdog kernel module is loaded
#ubuntu-server 2009-09-20
<giovani> jmarsden: unless ubuntu has changed recently -- sysfs.conf is used to change /sys values, while sysctl.conf is used to change /proc values -- this is a /sys value
<jmarsden> giovani: OK, could be... sysctl.conf is the one that is always there on my systems, and which I have used, not sysfs.conf.  When using sysfs.conf didn't seem to work for the OP, I thought maybe there was confusion over the filename.
<giovani> nah, this is a /sys value, I'm 95% sure
<Vashta_Nerada> .,.,.,.,.
<uvirtbot> New bug: #430189 in apache2 (main) "Apache Php Segfault crti.S" [Undecided,Incomplete] https://launchpad.net/bugs/430189
<android60> is there a log file for transmission-daemon?
<tpeden> I'm trying to run gvim or redcar from my ubuntu server over ssh to edit some files using X11 Forwarding, but I get this error: Xlib:  extension "Generic Event Extension" missing on display "localhost:10.0".
<jmarsden> tpeden: That should be harmless... see http://lists.freedesktop.org/archives/xorg/2008-October/039134.html
<tpeden> is anyone alive in here lol
<tpeden> oh snap!
<tpeden> It's slowing the app startup and the app itself WAY down
<jmarsden> Odd, it's not supposed to matter. Maybe run a local editor and edit the files over sshfs?  or use Emacs and use TRAMP to get at the files??  I don't know if vim has a remote file access setup like Emacs TRAMP...
<tpeden> I mean, the apps do start, just takes like a minute (no exaggeration either) and then they are very slow at responding (and the server is on gbit network, sitting next to my dt)
<tpeden> A friend of mine suggested using -YC
<tpeden> but it didn't seem to help, plus I don't know what -Y is on PuTTY (when I'm in Windows)
<giovani> tpeden: what makes you think the slowness is related to the warning?
<tpeden> Well, I was doing this in 8.10 just fine, no errors and no slowness. I had to reinstall ubuntu (hardware upgrade) and I of course installed Jaunty and started getting this error and the slowness... tho I did study statistics so I am aware correlation does not prove causation... so they could very well be unrelated
<jmarsden> tpeden: Your desktop is running Windows?  With what X server?  Can you upgrade that to a newer version, maybe??
<tpeden> Xming?
<jmarsden> If you pay, the Xming guy will give you access to a newer version that the one he makes available free of charge... no idea if that would help, but
<jmarsden> it might be worth a try?
<tpeden> lol awesome!
<vraa_> does someone know how to set 3 of the 4 network interfaces to be "down" so my 'server' reboots without having to press ctrl+alt+del at the ubuntu boot up portion?
<vraa_> i think that's what i need to do
<vraa_> http://pastebin.com/m39bad4cc -- that is my /etc/network/interfaces
<vraa_> http://pastebin.com/m1a421cf9 -- and that's "sudo ifconfig -a"
<uvirtbot> New bug: #433383 in samba (main) "package samba-common 2:3.4.0-3ubuntu4 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/433383
<Vog> morning all...
<Vog> Have a question about what the fastest method would be to send lost of small files over a fast network between 2 servers. Basically getting one home directory and moving it over to another machine maintaining the permissions.
<Vog> ^^lots of
<uvirtbot> Vog: Error: "^lots" is not a valid command.
<maxb> I would tar | ssh othermachine untar
<Vog> yeah I was thinking the same thing....
<Vog> somethign like tar -cf - /path/to/dir | ssh remote_server 'tar -xvf - -C /path/to/remotedir'
<twb> The quotes are optional, and -f - is totally unnecessary.
<twb> e.g. tar -C /etc -c ssh | ssh fs tar -C /etc -x
<Vog> I'll give that a shot thx for the input...
<twb> FWIW I do that regularly and it works fine.
<twb> Though doing it over ssh is slow if you are on a trusted network
<twb> ssh fs -f 'nc -l 12345 | tar -C /etc -x' && tar -C /etc -c ssh | nc fs 12345
<twb> ...something like that would do it unencrypted (untested).
<Vog> ooo... good point\
<twb> You will also probably want to run tar as root on both ends, because only root can do some chown-type operations.  And if you are dealing with heterogeneous chroots, --numeric-owner is vital.
<twb> Finally, I can't vouch for whether it will preserve extended attributes or sockets.
<Vog> I'll try this now and report the results so far it is progressing nicely.
<twb> Oh, and if this is a local network, you might be able to tune NFSv3 to be faster.
<twb> Out of the box, I think it'll be slower than tar + nc
<Matty-uk> Is there an alternative keyserver that i can use instead of keyserver.ubuntu.com.  I've googled it without success?
<twb> Matty-uk: depends what keys you want.
<twb> I have "keyserver hkp://subkeys.pgp.net" in my .gnupg/gpg.conf, but that's probably old-school.
<twb> I think MIT also has a reasonably centralized keyserver.
<Matty-uk> Cheers MIT one worked
<twb> What is the MIT one, btw?
<Matty-uk> pgp.mit.edu
<Vog> twb: I htink I had something wrong with my syntax. Copy was successful but it left out files with long filenames.
<twb> Vog: hmm, are both hosts running Ubuntu?
<twb> Matty-uk: thanks.
<Vog> Yep
<twb> Vog: dunno, then
<twb> Vog: are both filesystems ext3?
<Vog> Let me check one of the systems has been thgough a dist upgrade
<Vog> yeah both ext3
<twb> Vog: did you capture stderr from both processes?  Maybe they complained?
 * Vog checking logs
<incorrect> apt-get install ubuntu-xen-server install everything i need for xen?
<uvirtbot> New bug: #371612 in php5 (main) "[needs-packaging] php5-litespeed" [Wishlist,Confirmed] https://launchpad.net/bugs/371612
<android60> besides df -h is there a way from command line to view disk usage
<blak111> du
<android60> ok
<pipedream> df is quikc, du might take time and should be used with care on a busy fileserver
<android60> I have a problem then, I have 2 1TB drives, 1 part on each, sda1 = /media/MainStorage1 sdb1 = /media/ArchiveDisk1, when I do rsync with "rsync --progress -r --delete-before /media/MainStorage1/ /media/ArchiveDisk1" Archive disk shows 29GB more is used than MainStorage1 on completion. I have checked samba etc, and I only see the exact same files.
<RoyK> ionice du, perhaps
<RoyK> android60: what filesystem(s)?
<android60> RoyK: both are XFS
<RoyK> k
<RoyK> hm
<RoyK> try -avP
<RoyK> -a == archive
<RoyK> man rsync
<RoyK> I won't think it'll make much difference, though
 * RoyK uses opensolaris/zfs for that sort of stuff - zfs send/receive is neat
<android60> so you think zfs better than xfs?
<KurtKraut> android60, I'd say ZFS is more feature rich than XFS
<RoyK> android60: way better
<RoyK> android60: but not gpl, so you need to use it with FUSE on linux
<RoyK> generally, it's better to use opensolaris
<RoyK> btrfs is an attempt to make a zfs-like FS on linux, but it's not stable yet, and probably won't be for some time
<RoyK> give btrfs 6-12 months and it might stabilise - zfs has been stable for some time
<RoyK> zfs is close to four years old (after initial stable release)
<RoyK> android60: http://en.wikipedia.org/wiki/ZFS <-- it's a wee bit more than XFS and the rest
<android60> ok ill check it out
<Debolaz> ZFS++
<Debolaz> But while ZFS has some very cool technical features, the biggest plus it has is the extreme ease of administration. The tools are almost self-documenting in their simplicity. This is what I'm concerned about if btrfs will be able to replicate. When I've asked questions, I've been told that userfriendly tools aren't a focus.
<RoyK> Debolaz: let's hope they will mend their ways - adminfriendlyness is quite important
<RoyK> adminfriendliness, even
<RoyK> imho userfriendliness doesn't apply to filesystems
<Debolaz> The admin is the user of the filesystem tools.
<RoyK> well, yes
<RoyK> but I like to differ between "userfriendly" and "adminfriendly"
<BrixSat> help :S
<BrixSat> http://pastebin.com/m2431e1af
<BrixSat> i cant solve this (fresh install)
<RoyK> you probably have an apt-get update running by another process
<shally87> hi, anyone can help me forwarding my server?
<shally87> I have a dynamic address, and also ip80
<shally87> port 80 i mean
<shally87> I follow the instruction from portforward.com
<shally87> but still I could not access my server from external IP
<shally87> anyone can help me?
<BrixSat> yes that was coorect RoyK
<BrixSat> thanks
<BrixSat> shally87 that is a router issue
<BrixSat> nat problem
<BrixSat> reboot the router and try again
<shally87> how could i fix that?
<BrixSat> also inside network try  on browser put the machine ip
<shally87> I reboot it for more than 20 times since yesterday
<shally87> when i put the machine IP it is functioning
<shally87> but when I access the external ip, i could not access
<shally87> it show me the log in to the router
<shally87> then I change the router to use port 88
<shally87> and now I access my router through 192.168.1.1:88
<shally87> DCHP is set up for the machine..
<shally87> Forgot to mention, i was using vbox.. and every virtual machine got own IP address..
<qman__> shally87, many residential grade ISPs block port 80 on their end
<shally87> qman_: I've called the ISP and they mention it was not blocked..
<shally87> does the ebox disturb this?
<qman__> if it shows the log in to the router, the router is preventing it from working
<shally87> yes
<qman__> in the router, disable remote administration
<qman__> and see if that fixes it
<shally87> ok..
<shally87> oh, my router is DLINK-500T
<shally87> remote web management was disable from thebeginning...
<bogeyd6> :(
<qman__> but accessing your external IP still shows a router login?
<shally87> do i need to enable ppoe pass through?
<qman__> no
<qman__> just port forwarding
<shally87> no since I change the router administration to port 88
<qman__> if the router has an SPI firewall, that may be interfering
<qman__> I've never luck with those on
<shally87> but accessing the external IP will give me failed to connect
<shally87> :-(
<shally87> does ebox disturb the connection?
<qman__> does the server have a firewall on?
<shally87> on ebox do you mean?
<qman__> sudo iptables -L
<qman__> I don't know ebox
<qman__> web interfaces are overrated
<shally87> Chain input, forward and output is accept
<qman__> ok then, the server is not dropping the connection
<qman__> it must be the router
<shally87> should be..
<shally87> any fix for that?
<shally87> My last resort is buying a new router
<qman__> that's pretty much the fix, there's only one more thing for testing
<qman__> if the router has a DMZ setting, point it at your server
<qman__> this is not a secure setup and is only for testing, of course
<qman__> if it still doesn't work, the router is just not going to do it
<shally87> if i set up to DMZ, the other should I reset to original or I can keep the modified setting?
<qman__> try it both ways
<shally87> in modified setting, I already make it using DMZ but not functioning..
<shally87> what left is resetting it..
<shally87> brb
<shally88> hi
<shally88> qman__: it's not working
<qman__> if even the DMZ setting isn't working, that narrows it down
<qman__> we've established that the server is not blocking the connection, so that's not it
<qman__> the only remaining things are, if you are using the wrong internal IP, which is unlikely with the amount of work you've been doing
<qman__> if the ISP is actually blocking the port, even though they said they aren't
<qman__> or if the router is malfunctioning and won't forward traffic
<shally88> maybe the router
<shally88> my internal Ip i set for the VM is what it was used in the router..
<qman__> those three are the only real possibilities left
<shally88> then i forward it to the ip which i get.
<shally88> but I have confusion over eth0 and eth1.
<qman__> oh, wait
<qman__> this is more likely a virtual networking problem
<okaratas> benc ?
<qman__> can you get to the VM from a separate physical machine on the network?
<shally88> it is fixed when i dont use virtual machine is it?
<okaratas> nick in this way should be BenC..
<okaratas> and benc nick not registered..
<okaratas> benc is not identified to services (nickserv)
<shally88> wait..
<qman__> actually, this is really easy to diagnose
<qman__> in the virtual machine
<qman__> attempt to ping a site on the internet, like google.com
<okaratas> this nick registered BenC to debian developer Ben Collins..
<qman__> if it doesn't work, you have a virtual networking problem
<shally88> I could
<qman__> ok
<qman__> what type of virtual networking are you using? NAT or bridging?
<qman__> NAT could cause issues
<shally88> i was wondering in the ifconfig, i was using eth0 in my virtual machine
<shally88> bridging
<shally88> but when i see the vbox, it was set to eth1
<qman__> your virtual machine will have network interfaces and so will the host
<qman__> so, the naming could be confusing
<qman__> just make sure that whatever interface the virtual machine is bridging to is connected to the network
<qman__> if the virtual machine can get to the internet, it's probably set up correctly
<shally88> it could
<shally88> do you mean if i set the vm to eth1, in the ifconfig of the vm i should see eth1 too?
<qman__> no
<qman__> in the VM config, you are choosing the host's interface, not the guest's
<qman__> the ifconfig in the VM shows the guest interfaces
<shally88> ok
<qman__> but, all that aside
<qman__> if the VM can reach the internet, and you can reach the web site running on the VM from the LAN, the virtual networking is working correctly
<shally88> ok
<shally88> then should it be the modem itself?
<shally88> or?
<qman__> could be the router, or the ISP
<shally88> the isp should be ok
<qman__> yeah, so it's most likely the router itself
<shally88> yes.
<shally88> I did check the port 80 to my external ip from some website, and it says it is not blocked.
<shally88> so this means the router is the problem.
<qman__> actually
<qman__> if you would /msg me your IP, do you mind if I test?
<shally88> i get this from one website now since i change the router admin page to port 88
<shally88> Error:Â I could not see your service on 124.13.94.125 on port (80)
<shally88> Reason:Â Connection timed out
<shally88> sorry i went to paste my ip here..
<qman__> that's fine, some people are just paranoid about giving that information out
<shally88> ok
<benc> okaratas: good to know
<qman__> yeah, I'm not getting anything at all either
<qman__> it's blocking pings too
<okaratas> benc, this nickname is owner Ben Collins..
<okaratas> /ns info benc
<shally88> that is when the DMZ is enable..
<shally88> so it is the router problem is it?
<qman__> yes
<qman__> with DMZ enabled, it should be answering pings
<shally88> ok, but does it is affected by the page to the router admin page is change to port 88?
<qman__> it doesn't seem to be making a difference
<shally88> ok
<shally88> since it is like that, what router should be best>
<qman__> I like linksys units, the WRT54GL in particular
<qman__> but that's a wireless one, it really depends on your needs
<shally88> ok..
<qman__> I recommend getting a separate modem and router
<qman__> the all in one units are prone to these kinds of problems
<shally88> what you mean by separate modem and router?
<qman__> getting a modem that is not a router, one that only acts as a gateway, and then a router which connects to it, to manage your DHCP and port forwarding, etc.
<shally88> owh..
<shally88> i guess I have router with modem inside as the phone line directly connected to it..
<shally88> btw I still use switch to divide the other pc
<qman__> that also increases the number of choices of router you can use
<shally88> ok
<shally88> here I usually found dlink and aztech..
<shally88> which one in your opinion is better?
<qman__> I don't know aztech
<qman__> but I would not recommend dlink
<shally88> oh haha..
<shally88> I try to look for linksys
<qman__> netgear has some good products too, just make sure you look up the model before you buy to see if it has issues
<shally88> ok
<shally88> before i try on my server.. do you think a 1mbps download with 384kbps upload is suitable for server?
<shally88> web hosting which has around 300visitors daily
<qman__> that depends entirely on what you intend to serve and how many people to serve to
<qman__> small files, that should be no problem
<qman__> keep your images under 500k, no file downloads, etc...
<shally88> it is usually depending on the upload is it?
<qman__> yes
<benc> okaratas:  are you bored?
<benc> okaratas:  leave me alone
<shally88> if in case the upload is lower than 384 it will not be suitable for a web hosting is it?
<shally88> 128kbps for example
<qman__> probably not, it depends entirely on how much users need to download from you
<qman__> if each web page is only 50k in total, it could work
<qman__> if it's image heavy, then no
<shally88> oh, haha. The wordpress installation itself is a heavy web app, then that would not work even in 384kbps
<qman__> well, the server load is fine, it's the size of the final web pages being served
<qman__> how much the users need to download
<shally88> ok..
<qman__> when that saturates the 384k, you can't serve any faster
<Bilge> You two sure are having fun
<qman__> if you have a lot of big images or flash objects, it won't work
<shally88> ok.
<qman__> but if it's mostly just text, you should be fine
<shally88> yeah.
<shally88> i guess home server is not ok with it... now the index file is 1180.6 KB
<qman__> yeah, that's way too much for a 384k line
<shally88> hi Bilge..I was asking few questions.. need pro to help me.
<qman__> that would take...25 seconds for one user to download
<shally88> :-/ I should then get a dedicated hosting itself..
<shally88> and should serve more than 25sec when there is 20 user at a time..
<qman__> you can get a VPS cheap
<giovani> indeed -- VPSes can be had for dirt-cheap
<shally88> can recommend me one?
 * okaratas I'm away..
<shally88> ok
<shally88> I was using shared hosting, and there is a problem with the cache.
<shally88> the server will load when i get sudden traffic.
<giovani> I can't personally vouch for the company -- but VPSLink is quite large -- http://vpslink.com/ubuntu-vps/
<shally88> it's a wordpress installation with wp-supercache
<giovani> there are dozens of providers out there though -- google around, hit www.webhostingtalk.com -- there's a section for VPS deals
<shally88> that is helpful giovani..
<shally88> btw, thanks a lot qman__ and giovani.. I would get my router fixed, and gotta look for VPS too..
<shally88> Thanks again qman__ for spending your time helping me..
<qman__> not a problem, good luck
<shally88> thanks..
<shally88> bye
<uvirtbot> New bug: #433556 in dhcp3 (main) "ethernet network connection not automatically connecting" [Undecided,New] https://launchpad.net/bugs/433556
<uvirtbot> New bug: #406122 in bind9 (main) "BIND Dynamic Update DoS" [High,Fix released] https://launchpad.net/bugs/406122
<uvirtbot> New bug: #413587 in libcommons-fileupload-java (universe) "Update license to Apache-2.0" [Undecided,Fix released] https://launchpad.net/bugs/413587
<alex-weeej> i've found a bug in karmic kvm or something that causes an instance to just die when i do something specific
<alex-weeej> i can ssh to it, i can request web pages from a basic vhost, but if i try and use my webapp it explodes
<alex-weeej> anyone know how i can debug?
<alex-weeej> jdstrand, could this have anything to do with the apparmor stuff we did yesterday?
<domas> Hi! will next LTS have systemtap with uprobes?!!? :)
<domas> hhhmmmm, where is kernel debug symbol package in jaunty
<domas> heh, hardy has linux-image-debug in 'main'
<domas> meh, there's oprofile, there's systemtap, and there's no linux-image-debug
<giovani> domas: check ddebs
<domas> giovani: they have just karmic builds
<domas> giovani: now intrepid/jaunty ones
<domas> *no
 * domas eyes http://ddebs.ubuntu.com/pool/main/l/linux/
<giovani> ah, just build it yourself then?
<domas> well, that means I will have to build myself all kernel packages
<domas> an unwelcoming path that will get too much attention :)
<domas> why would canonical package oprofile, systemtap and other stuff
<domas> without adding debug symbols
<uvirtbot> New bug: #427856 in bacula (universe) "bacula install script did not complete job (dup-of: 384607)" [Undecided,New] https://launchpad.net/bugs/427856
<Chr1831> what is a good smtp server for php?
<qman__> supported mail servers for ubuntu include postfix and exim
<Chr1831> qman__, does postfix require any setup for php to use sendmail?, also does postfix allow users to connect and send mail (i don't want that...)
<qman__> Chr1831, it all depends on how you configure it
<KurtKraut> Chr1831, I don't think you'll see a clear advantage in a option comparing to another. They're quite similar and equivalent
<steady2023> can someone reccomend me raid card for 15 hard drives good price good performance and reliability
#ubuntu-server 2010-09-20
<Guest22179> How are we supposed to get sun-java6-jre on 10.04?
<cakeep> test
<ftcameron> gday .. I'm sorry to ask this, but I've been searching for ages now to get networking running ... 10.04 standard kvm.  tun is 666 and I'm in libvirtd,kvm groups.  error is failed to add tap interface to brudge...
<ftcameron> brctl addif virbr0 tap0 -> interface tap0 does not exist!
<MTecknology> So.. I thought I was using ecruptfs- now I'm not sure. Is there any really really easy to to tell if I am or am not using it?
<MTecknology> I looked in mount and didn't see .Private mounted which is what's making me second guess this
<arrrghhh> ok so i'd like to visualize free hard disk space on my server - is there a PHP gui or some such thing i can use on my server?  file light is cool... i guess i could forward it over X...
<SJr> How do I prevent a package from being upgraded in ubuntu?
<arrrghhh> SJr, let me google that for you.... http://www.ubuntugeek.com/how-to-prevent-a-package-from-being-updated-in-ubuntu.html
<SJr> thanks you saved me the trouble of having to google it myself
<astm> SJr: you set in /etc/apt/apt.conf.d/50unattended-upgrades
<astm> Unattended-Upgrade::Package-Blacklist {
<arrrghhh> astm, that only works for automatic updates...
<ScottK> SJr: Why do you think you want to stop a package upgrade?
<SJr> Because the update version is the devil
<arrrghhh> lol
<arrrghhh> settle down there mrs. palin...
<ScottK> SJr: If there's a broken update, we should address the problem.  What package and what update and why?
<SJr> autofs is broken in Ubuntu 10.04, after months of trying to fix it, and live without it, I came accross the idea of simply using the one from 9.10, and that worked, except I just found out that it got upgraded.
<SJr> I can't find a good link but there are a bunch of bug reports out there for this already
<sandGorgon> anybody know if there is a postgresql-9 ppa for ubuntu ?
<YankDownUnder> ...have you checked their project home page?
<lifeless> SpamapS: hey, around?
<Name141> What is LVM?
<Name141> !lvm
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<Name141> oh
<Name141> so I don't need it for a home server
<Name141> Will I be able to select what I want during setup , or will it be like the desktop edition and just install stuff at random
<mgolisch> Name141: i think the server setup runs tasksel during installation
<Name141> mgolisch: yeah I (tried) to select samba server
<Name141> and then let it go
<Name141> hopefully it'll be more compact
<ejat> hi .. may i know what the differ between root device : instance vs ebs ?
<Name141> how do I force acpi again ?
<Name141> I have to edit grub2 right?
<Zaas> i am stuck on user permissions: can you create a user that cannot browser your config files (/etc/apache2/sites-available for example)
<Zaas> or am i not thinking straight here? running php with fcgid and suexec and open_dir('/') just worries me
<Zaas> anyone can help me on user permissions?
<Zaas> does anyone see my chat? (had before that webchat from me was not visible)
<zaas> hi, can anyone see me? (webchat failed 10 mins ago)
<Daviey> zaas, o/
<zaas> nice. so i have a question about user permissions. I run apache, suxexec, fcgid and php and i don't like that open_dir('/') works fine... am i missing something?
<zaas> or more general: can you prevent users to list directories?
<joschi> zaas: in general yes, make sure that the user/group don't have read or execute rights on the directory
<joschi> zaas: in your special case open_basedir restrictions in PHP might do the trick
<zaas> joschi: but there must be a reason that /etc/apache/sites-available/ has r on user, group and world? figuring out wether openbase_dir is considered safe, read something about that not being true
<zaas> can't chmod my whole server :)
<zaas> in sftp mode it was quite easy
<joschi> zaas: why shouldn't /etc/apache/sites-available/ be world readable?
<zaas> you can read its config?
<joschi> zaas: what?
<zaas> well, is it not bad that any user on the system sees how my virtual hosts are configured?
<joschi> zaas: that depends on your users. you can change the permissions if you need to.
<joschi> zaas: if you want it really secure, don't give anyone an interactive shell and remove PHP or any other dynamic scripting languages from your webserver
<zaas> haha :)
<zaas> the shell is not so hard
<zaas> and exec and some other commands are easy to disable in php.ini, but the fact they can list and read stuff outside /var/www/user/public just bugs me
<zaas> can you change those permissions on user-level?
<joschi> zaas: I already told you to set open_basedir accordingly
<zaas> i know, and i responded to that as well: heard some rumors of it not being safe
<joschi> zaas: of course you could always put the php processes inside a chroot environment. but that's a lot of management overhead
<joschi> zaas: well, if you don't like it, don't use it.
<zaas> i would like it a lot, if it works of course. you rely on it?
<zaas> just wondering how veteran ubuntu server maintainers deal with these kind of things
<joschi> zaas: yes, but not exclusivly
<zaas> semi-new to it all
<zaas> what other measures have you taken then in your PHP environment?
<joschi> zaas: proper permissions, SuExec/SuPHP and for "special guests" chrooted php processes
<joschi> zaas: plus a sensible AppArmor configuration
<joschi> zaas: or grSecurity/RBAC on other systems (!= ubuntu)
<zaas> just ubuntu. Boy, it's no walk in the park to manage a server :) fun though. Does ubuntu come with apparmor configured sensible?
<joschi> zaas: not for all applications
<joschi> zaas: and it depends a lot on your setup
<zaas> i have done a apt-get only
<zaas> nothing preinstalled but ssh
<zaas> just apache, ruby, php and mysql
<zaas> but did you change persmissions on your sever config folders like apache?
<Tomash> hey ....
<Tomash>  i have a problem with my ubuntu server installation, i try to install 10.04 on a ibm server with hardware raid5 on a 2.5 tb volume, after a successful installation, my server donÂ´t find any bootloader. hope for help
<\sh> Tomash: gpt partition table?
<Tomash> \sh : yes ...becaus >2tb
<\sh> Tomash: imho grub can't boot from gpt tables...but there should be a new gpt partition table label, named gpt-bios
<Tomash> \sh : yes, right ... this is already there
<\sh> ok..then I don't know...I just have always a system partition with msdos label for the system to boot, and the storage device is mostly gpt with partitions > 2TB
<Tomash> \sh : ok , then I ll try this ... thx
<Tomash> \sh : how I change in the installer the label to msdos ?
<progre55> hi guys. How can you install sun-java6-jdk on ubuntu-server from a command line, and automatically accept the licence agreement, without user interaction?
<\sh> progre55: via preseeding and these settings: http://paste.ubuntu.com/496972/
<\sh> Tomash: I never did that via installer, I'm deploying via FAI...
<\sh> Tomash: eventually you need to trigger "parted" manually from the CLI
<Tomash> \sh : i ve no parted and mklabel in the installation process :( ....
<Tomash> \sh : i ll think, first install the system, then change the label and try a new installation
<pmatulis> has anyone ever heard of the root account expiring?  :)
<pmatulis> i'm seeing this on a hardy server
<pmatulis> pam_unix(cron:account): account root has expired (account expired)
<\sh> Tomash: oh well...what about totally recreating your partition layout? it should automatically detect the right label...sorry...I'm long gone to deploy any server manually with big storages, only doing that automatically
<\sh> pmatulis: On hardy I don't have any root password which could expire ;)
<Tomash> \sh : no, the server set automatically an gpt label
<progre55> \sh: thanks. and what's preceeding?
<pmatulis> \sh: it's not the password, it's the account
<\sh> Tomash: yes, when you created a partition first with >2TB, yes...you need to get rid of the partition layout first...could you make 2 volumes on your raid device, one less 2TB for system, and the other one with the >2TB part?
<\sh> progre55: man debconf-set-selections.... there you have a manual about preseeding..the license agreement is a debconf questions, which can be preseeded
<Tomash> \sh : ok, thx, then i try this
<\sh> pmatulis: I never heard about "account expiring" but "password expire" (man password /-e)
<\sh> pmatulis: oh, i never tried usermod --expiredate on a root account, eventually someone tried that ? ;)
<pmatulis> \sh: i saw that as well but i'm looking for a cause right now
<\sh> pmatulis: "usermod --expiredate 1 root" ? I don't know if that will ever work, but that could be a cause
<progre55> \sh: thanks, appreciate
<progre55> \sh: another question, please. As far as I got it, you can just put those settings in a file (e.g. java_license), and before you "apt-get install" java, you say "sudo debconf-set-selections java_license", right?
<ztripez> i'm trying to install slapd in ubuntu 10.04 server.. but i can't find slapd.conf
<pmatulis> ztripez: there is none
<ztripez> pmatulis, oh?
<ztripez> i guess https://help.ubuntu.com/community/OpenLDAPServer is out of date then..
<pmatulis> ztripez: did you read the first few paragraphs?
<ztripez> pmatulis, uhm no.. did i miss something?
<pmatulis> ztripez: yes.  please read
<pmatulis> ztripez: since Oct 2008 ubuntu does not use slapd.conf.  now using so-called 'cn=config' configuration method
<ztripez> pmatulis, oh.. i miss that part yes ;)
<pmatulis> ztripez: so ldap configuration is in ldap itself.  changes are immediate, no need to restart, blah blah blah
<ztripez> pmatulis, i see
<pmatulis> ztripez: https://help.ubuntu.com/10.04/serverguide/C/index.html
<ztripez> pmatulis, thanks
<pmatulis> ztripez: yw
<uvirtbot> New bug: #643477 in nmap (main) "package nmap 5.00-3 failed to install/upgrade: Package is in a very bad inconsistent state - you should  reinstall it before attempting a removal." [Undecided,New] https://launchpad.net/bugs/643477
<ehcah> Hello. Can someone point me to a tutiorial that will allow me to have vnc4server start automatically after a reboot? I'm running Ubuntu Server 10.4 without a desktop enviroment.
<ehcah> Everything I find is old.
<\sh> progre55: yes that's the thing to do
<\sh> progre55: sorry...had a meeting
<progre55> \sh: thanks man, truly appreciate )
<zaas> do you know if with php-cgi (mod_fcgid) and suxexec you can parse a second php.ini and also use /etc/php/cgi/php.ini?
<zaas> (not using php)
<zaas> can you do this in a vhost?
<uvirtbot> New bug: #643531 in samba (main) "package winbind 2:3.4.0-3ubuntu5.6 failed to install/upgrade: subprocess new pre-removal script returned error exit status 137" [Undecided,New] https://launchpad.net/bugs/643531
<duaneb> I have a *NEW* question: does the server install force you to install all the files included on the cd? Or does it install a minimal base system + optional packages?
<peaces> are there any problems with putting a normal user in the www-data group
<remix_tj> peaces: no there is not
<remix_tj> *are not
<duaneb> Right now I'm debootstrapping a bare bones system onto a hard drive and finishing the "installation" with a chroot
<duaneb> which is less than optimal
<remix_tj> duaneb: it does install only the needed things, the others are optional
<duaneb> any chance there's a list somewhere of what is installed with zero extra packages?
<duaneb> or at least how large the base system is?
<remix_tj> duaneb: if you use the alternate cd you can install only the base system, whitout any optional
<duaneb> hrm
<duaneb> interesting
<duaneb> that's the ncurses interface?
<duaneb> I mean, I am interested in running server software, so the ubuntu server image is useful
<duaneb> I'm just wary of installing it with my limited space
<uvirtbot> New bug: #642932 in mysql-5.1 (main) "mysqld crashed with SIGSEGV" [Low,Incomplete] https://launchpad.net/bugs/642932
<peaces> does/can a system-wide ssh authorized_keys file exist?
<oracle> i want all the crap that runs on startup, like bluetooth which i dont need
<oracle> to stop loading modules
<hggdh> bug 5608 <- can't we fix it? Seems only a change on permissions would do the trick
<uvirtbot> Launchpad bug 5608 in samba "SWAT expects to authenticate as root" [Unknown,Confirmed] https://launchpad.net/bugs/5608
<ehcah> Hello. Can someone point me to a tutiorial that will allow me to have vnc4server start automatically after a reboot? I'm running Ubuntu Server 10.4 without a desktop enviroment.
<arrrghhh> ehcah, without a DE...?  so what does vnc do for you?
<ehcah> I just want to be able to get to the terminal.
<arrrghhh> ssh :D
<ehcah> or basic x in environment.
<arrrghhh> much much easier & more secure.
<ehcah> I want to do this from my LAN though.
<arrrghhh> well if you don't have any DE, what does X do for you?  you can just forward any X apps over ssh as well.
<arrrghhh> doesn't matter
<ehcah> ok.
<arrrghhh> i ssh on my lan every day.
<arrrghhh> if you have a DE, using vnc makes sense
<ehcah> The other option is to manage through webmin?
<arrrghhh> without one... it really doesn't to be honest.
<arrrghhh> i thought you wanted the terminal...
<ehcah> I do.
<arrrghhh> i use webmin as well tho
<permalac_> hi, my apache 2.2.14 has exploded on ubuntu 10.04 .    this is the answer to a restart : /usr/sbin/apache2: symbol lookup error: /usr/sbin/apache2: undefined symbol: apr_atomic_xchgptr
<arrrghhh> so you can manage thru the terminal or webmin.  i wouldn't do updates or installs thru webmin tho.
<permalac_> i've been googling arround and looks like there is no fix yet.
<ehcah> Webmin updates are horrible.
<ehcah> too slow or times out.
<arrrghhh> ehcah, yes so just do updates thru aptitude or apt-get via ssh ;)
<permalac_> so, how I can go back on the package versiÃ³n ?   by command line if possible.
<ehcah> Ok.
<arrrghhh> permalac_, so you compiled apache yourself?
<ehcah> I started out with Fedora 12 and a product called Amahi.
<arrrghhh> ehcah, amahi's cool.
<ehcah> Yep.
<arrrghhh> if that's what you need haha
<ehcah> I think I can replicate it with Ubuntu
<ehcah> ?
<arrrghhh> i just want a few pieces of it
<arrrghhh> oh yea
<arrrghhh> i have
<permalac_> arrrghhh: nope, just updated, and installed munin-node
<arrrghhh> some parts are harder than others i would imagine
<arrrghhh> permalac_, so you think munin-node did it...?  i'm not sure what that is.  i run apache, but am by no means an expert on it.
<ehcah> I'm very new to linux. I got comfortable with Ubuntu and F12 started to mess me up.
<arrrghhh> lol
<ehcah> I knwo they're close, but...
<arrrghhh> yea, fedora is a little odd
<ehcah> I also have xbmc live on a few pc's and ubuntu DE + xbmc in my theatre room.
<arrrghhh> there's a lot of differences.  granted it's all the linux kernel... but a lot of the userland stuff is different, which is to be expected.
<ehcah> I was starting to confuse the OS's.
<permalac_> arrrghhh: no, I don't think so, now it's not activated on the sites, and still does not work. I just though that if I want help I must give all the information. that's all
<arrrghhh> but yea if you don't have a DE, just use ssh.
<ehcah> k.
<ehcah> ssh will also allow me to remote in over the web as well I beleive?
<arrrghhh> permalac_, huh... well i'm not sure and i'm late for work :P  just copyin stuff over to my phone before i leave.
<arrrghhh> ehcah, if you open up the ports
<arrrghhh> i forward ssh to an odd port above 1024
<permalac_> arrrghhh: any suggestion? fast fast. :)
<arrrghhh> if you forward 22 over the internet, you're just asking people to brute force it.
<arrrghhh> permalac_, i mean you could try purging & reinstalling apache...
<arrrghhh> alrighty g2g
<arrrghhh> have a good one guys
<SpamapS> lifeless: pong
<ztripez> When i use the install guide (https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html) for slapd, and when i'm about to add the frist entry i get an error
<ztripez> ldap_add: Naming violation (64)
<ztripez> 	additional info: value of single-valued naming attribute 'dc' conflicts with value present in entry
<mdlueck> I am not able to get our Ubuntu Server 10.04 to detect USB HDD's or USB Flash Drives currently. Last worked around two months ago. Linux seems to see the USB 2.0 and 1.1 as I see those drives load at boot time. Anyone else having similar troubles?
<maedox> mdlueck, you mean they don't show up with fdisk -l ?
<mdlueck> maedox: Usually I see messages in syslog for the PnP event. syslog is completely quiet currently. Verbose as ever on Ubuntu Desktop.
<mdlueck> maedox: Also /dev/disk has only the internal RAID drives
<mdlueck> maedox: Excuse me, /dev is where the recognized partitions show up at
<maedox> mdlueck, ok, odd. Not sure I can help you. Are your USB-ports working with a keyboard?
<mdlueck> maedox: I guess I could double check. Server is connected to a KVM via PS/2 connectors currently.
<mdlueck> maedox: Good idea, will IPL the server... be back in a while...
<maedox> mdlueck, best to be sure. I have to run now, but I'll be back later. Someone else can hopefully give some input.
<mdlueck> maedox: Thanks for that idea at least! :-)
<pmatulis> has anyone used the pkinit protocol extension to kerberos?
<hallyn> ttx: anyone in particular who should be assigned the ubuntu-release-notes part of the qemu-sdl bug?
<ttx> hallyn: no, those will get reviewed as we go closer to release
<hallyn> ttx: ok, thanks
<SpamapS> pmatulis: that rings a bell.. is that the stuff that helps you talk to windows?
<pmatulis> SpamapS: it provides SSL certificate support to kerberos
<MACscr> is there a hotfix available for ubuntu 8.04 LTS for this new kernel exploit?
<Pici> MACscr: Yes. http://www.ubuntu.com/usn/usn-988-1
<pmatulis> Pici: i think he means a fix that does not require a reboot
<Pici> pmatulis: Then no, its a kernel bug.
<mdlueck> "kernel = IPL" in my mind at least
<pmatulis> MACscr: some hotfixes have been proposed but have not stood up to the test
<pmatulis> MACscr: what release are you running?
<pmatulis> MACscr: sorry, 8.04
<MACscr> unfortunately 8.04, so i cant use ksplice =/
<MACscr> as they dont have a xen kernel version
<MACscr> for hardy
<MACscr> man i love ksplice
<Skaag> Hey
<Skaag> I started installing the Percona binaries of MySQL Server, for Ubuntu. But in the middle of installation, a conflict was discovered with mysql-server-core-5.1, since both packages contain some man file. now I can't remove the old one, and can't install the new one.
<MACscr> all of the rest of my servers were pretty much patched instantly
<pmatulis> MACscr: Hardy is at least not vuln to 3301 AFAIK
<Skaag> how to I cancel the pending percona installs
<Skaag> so I can quietly remove the original mysql-server
<Skaag> s/to/do/g
<Skaag> ok never mind, I managed with aptitude
<SpamapS> pmatulis: ahh, not the same thing then
<MACscr> ok, im a bit confused, i just ran apt-get update/upgrade and i see that it setup: linux-headers-2.6.24-28-xen (2.6.24-28.79). It also says im running 2.6.24-28-xen right now. I do not see a kernel available in my /boot/ folder to change to the .79 version
<MACscr> since its a minor change, do i just need to reboot and the new kernel just replaced the existing one?
<pmatulis> MACscr: yes
<FunnyLookinHat> Whoah - just got this error: Err http://archive.ubuntu.com/ubuntu/ lucid-updates/main libwbclient0 2:3.4.7~dfsg-1ubuntu3.1 :  404  Not Found [IP: 91.189.88.30 80]
<FunnyLookinHat> Trying to install mencoder...
<SpamapS> FunnyLookinHat: apt-get update
<FunnyLookinHat> Ah of course.
<FunnyLookinHat> Wow
<FunnyLookinHat> Thanks SpamapS
<SpamapS> FunnyLookinHat: its a good idea to just apt-get update before every apt-get install/upgrade/etc.
 * SpamapS wonders if aptitude does it automatically
 * FunnyLookinHat doubts it - given the error I just encountered.  :)
<MACscr> FunnyLookinHat: were you using aptitude then? or apt-get
<FunnyLookinHat> Yeah
<FunnyLookinHat> I always use aptitude
<FunnyLookinHat> apt-get feels too cheeky
<MACscr> lol
<FunnyLookinHat> SRSLY!
<etheretic> hello! is this the place to ask network-related questions?
<Jeeves_> That depends!
<Jeeves_> Give it a try :)
<mdlueck> etheretic: Try, this is the place for chat related to Ubuntu Server
<etheretic> Jeeves_: keywords - wifi, partially work, wonky dns, heeelp. qualify? 8-)
<etheretic> was tossed over here from #ubuntu.
<Jeeves_> etheretic: Just ask the question :)
<mdlueck> OK, from above, starting over... >    I am not able to get our Ubuntu Server 10.04 to detect USB HDD's or USB Flash Drives currently. Last worked around two months ago. Linux seems to see the USB 2.0 and 1.1 as I see those drives load at boot time. I attached a USB KB directly and the server boots up and is able to use the USB KB plugged into the same USB port I was trying the USB HDD in.
<mdlueck> etheretic: And you are running Ubuntu Server? If not, then I have no idea why you would get "tossed" to the server room.
<etheretic> Jeeves_: i'm on an open access wifi signal. it usually behaves, but lately it has bcome unreliable; irc and p2p (transmission) works, whereas ping, amule, firefox and updates don't. ried other dns servers (8.8.8.8, 8.8.4.4) but no joy.
<Jeeves_> etheretic: Who runs the wifi network?
<etheretic> mdlueck: no, desktop. which is why i though the #ubuntu hint a bit odd.
<Jeeves_> Anyway, diner!
<etheretic> Jeeves_: no idea. but they are connected to getinternet.no
<Jeeves_> etheretic: You're not seriously asking people all over the world why your neighbous network doesnt work, right?
<Jeeves_> Anyway, diner
<mdlueck> etheretic: Perhaps you just fried their brain circuits (shrug)
<etheretic> why isn't there an #ubuntu-networking channel, anyway?
<SpamapS> etheretic: err, this is about as close as it gets. :)
<mdlueck> etheretic: There is... Networking the desktop OS or serer OS... :-)
<etheretic> mdlueck: #ubuntu-wifi-woes then.
<SpamapS> etheretic: wifi networks are quite prone to external interference...
<SpamapS> etheretic: what actual evidence do you have that transmission works?
<mdlueck> etheretic: reminds me of the old usenet group barny.die.die.die.die
<etheretic> SpamapS: think you're right. only sensible explanation for the mercurial behaviour of this connection.
 * etheretic pines for alt.pave.the.earth
<SpamapS> etheretic: a nice simple test of your wifi network is just to ping your gateway IP with 1500 byte packets
<SpamapS> sudo ping -s 1500 x.x.x.x
<SpamapS> etheretic: if you're getting packet loss with that, then your issues are the wifi. I'd suggest repositioning the anetenna, or changing wifi channels.
<mdlueck> Isn't there a nice GUI signal quality indicator in Ubuntu Desktop? If so, what signal strength does it show?
<etheretic> 31%
<macno> hi guys, I'm having a strange issue with apache2 and ipv6 virtualhost
<etheretic> guess canging to vicd wouldn't make a difference.
<mdlueck> etheretic: Perhaps that is not enough signal to get a reliable connection
<macno> is there someone who have it working?
<etheretic> mdlueck: have had peachy connection with 20%.
<mdlueck> The cards I have are NetGear brand, with the Athos chipset. I do not normally use wireless though.
<mdlueck> I have used their PCI cards, and PCCard is a WAG511
<mdlueck> I forget the PCI PN#
<SpamapS> mdlueck: signal *strength* yes
<SpamapS> but quality is another thing ;)
<SpamapS> 31% should be fine
<etheretic> SpamapS: can't for the life of me remember the relevant command to map the immediate network neighbourhood.
<mdlueck> SpamapS: Like I said, I prefer sending my data over ether vs air! ;-)
<SpamapS> etheretic: map? why would you want to map it?
<SpamapS> mdlueck: convenience trumps performance for the more pragmatic. :)
<etheretic> SpamapS: to find the address of my gw.
<jjohansen>  
<SpamapS> etheretic: route -n | grep 0.0.0.0
<etheretic> route!
 * etheretic beams
<etheretic> paste? not much.
<etheretic> I'd hazard 192.168.1.0 .
<SpamapS> etheretic: take off the grep portion and you'll see that the second column is the gateway
<etheretic> 192.168.1.1 then.
<smoser> kirkland, http://aws.typepad.com/aws/2010/09/new-amazon-ec2-feature-bring-your-own-keypair.html
<etheretic> SpamapS: pinged. it's in the 4-70 millisecond range.
<etheretic> link monitor is nice and blank, suddenly. h'm.
<uvirtbot> New bug: #625849 in clamav (main) "Upcoming release fixes bzlib security issue" [Medium,Fix released] https://launchpad.net/bugs/625849
<etheretic> SpamapS: this smacks of wifi woodoo - just poked it, and it suddenly decided to work!
<uvirtbot> New bug: #643682 in clamav (main) "DoS due to PDF parsing issues" [Undecided,New] https://launchpad.net/bugs/643682
<SpamapS> etheretic: :)
<SpamapS> etheretic: your neighbors probably turned off their phone. ;)
<etheretic> 8-)
<etheretic> anyone encountered the iotop/iowait bug?
<etheretic> CONFIG_TASK_DELAY_ACCT not enabled in kernel, cannot determine SWAPIN and IO %
<etheretic> ...which makes iotop rather stunted.
<SpamapS> We've heard cries for it to be re-enabled yes.
<kirkland> smoser: it's about damn time
<etheretic> oh.
<etheretic> back in 10.10? :)
<uvirtbot> New bug: #643698 in net-snmp (main) "Can not install snmp" [Undecided,New] https://launchpad.net/bugs/643698
<thesheff17> has anyone purchased EC2 reserved instances here?  I was wondering how long they take to become available?  Mine just keep saying payment-pending...I'm also checking with my company to see if something is wrong with the credit card.
<peaces> if i add a user whom i want sudo privileges granted, i add the user and put them in sudo group. i put their public key in authorized_keys and they can ssh in without a password. but sudo asks them for a password and none is set. is there a solution for this that doesn't involve giving them a password? also what about 'su'ing to different users (without passwords set) once logged in as one with pub key auth?
<\sh> peaces: sudo without a password doesn't work....you can give the NOPASSWORD: flag in your sudoers file, or set a password
<peaces> \sh: i've read you are only supposed to edit the sudoers file with visudo as root. can this operation be scripted?
<au> or nano /etc/sudoers as root :>
<maswan> peaces: I set passwords, is there a particular reason why you don't want to set them? :)
<peaces> maswan: users won't use passwords for anything else, they log in over ssh with key authentication. i was just hoping i could get away with giving them sudo power without a password as well
<maswan> peaces: sure. hm. can you set the NOPASSWORD flag on the adm group perhaps?
<Pici> Its the 'admin' group, 'adm' is for log file access mostly.
<\sh> peaces: you can script it, or much better use sudo-ldap with a ldap server
<maswan> well, yes, that one
<peaces> why should i not add a line to /etc/sudoers with a bash script
<t11m> got a box with logical volumes and i need to expand one.  is there any prep i need to do prior or can i just run lvresize
<Qwert> update-manager
<Pici> out-of-context-words
<Qwert> Sorry
<Pici> Okay then.
<azaq> Is it advisable to install ubuntu-desktop package on Ubuntu server?
<Pici> azaq: Most people don't, then again, we get alot of people here asking how to do it.
<azaq> Pici: Yes, but is it advisable to install?
<Pici> azaq: I'd say no.  There aren't many graphical administrative anyway, you'll be doing most of your admin work on the terminal/tty.
<azaq> Pici: Agreed, but is there any harm to have a desktop?
<mathiaz> ttx: hi!
<ScottK> Part of the answer depends on if you care about long term support.
<mathiaz> ttx: I ran into bug 641001
<uvirtbot> Launchpad bug 641001 in puppet "cacrl should be use instead of hostcrl when generating apache2 passenger configuration" [Medium,Triaged] https://launchpad.net/bugs/641001
<ScottK> Server is supported 5 years, desktop only 3.
<mathiaz> ttx: I was wondering if I should push that in maverick or wait for maverick-updates to open?
<mathiaz> ttx: the impact is that apache2 ssl configuration uses the wrong CRL
<azaq> Scottk: Yes, but I'm still not able to understand as to why one cannot have display manager?
<mathiaz> ttx: thus revoked puppet client won't be denied access to the puppet master by apache
<ScottK> azaq: You can.
<ScottK> It's just no longer what we'd call a server.
<azaq> Pici: Well i wanted to know about using display manager and not tranforming it to ubuntu desktop
<azaq> Scottk: using 'sudo apt-get install ubuntu-desktop' will only give it a display manager. Why it would not be called server? Will that transform it to ubuntu-desktop(As in transforming Ubuntu to Kubuntu by removing ubuntu-desktop, libroot2 and then installing kubuntu-desktop) ?
<ScottK> It wiil.
<azaq> But I'm not removing server..
<ScottK> Right, but the base server is essentially desktop without the desktop.
<Name141> how do I setup a user for the secured samba folders so that I can login to that folder?
<azaq> ScottK: Then why it should affect?
<ScottK> It mostly shouldn't.
<ScottK> But use of desktop apps isn't supported in this channel.
<Name141> do I put the normal user as 'admin users = melissa
<Name141> er..
<azaq> ScottK: Sure..Most likely what all can it affect? All ttyl work can be performed by terminal
<Name141> do I put the normal user as 'admin users = loginname' , then use explorer to login like I would on the machine ?
<Name141> Or is there another way?
<ScottK> azaq: More packages installed, more load on the system, more things to go wrong.  Generally on a server you want to limit it to what you need to do the servers job for performance and security reasons.
<azaq> ScottK: Pici: Could you suggest me commands manual for working on ttyl?
<azaq> ScottK: Agreed.
<ScottK> azaq: The Ubuntu Server Guide gives lots of examples https://help.ubuntu.com/10.04/serverguide/C/serverguide.pdf
<azaq> ScottK: Thank you
<azaq> ScottK: Most likely I woudn't be going for display manager.
<azaq> ScottK: But at the same time I not confident enough to use ttyl on ubuntu-server ....
<ScottK> My very first Linux server I thought the same.  After a week I didn't need it again.
<azaq> ScottK: Then how did you manage on using ttyl for all the administrative chores?
<ScottK> The server guide gives examples for pretty much everything.
<lifeless> SpamapS: I wanted to move that java packaging discussion forward
<azaq> Thanks
<Name141> I think I found it, I needed to run ' smbpasswd -a user '
<Name141> I guess
<ejat> any testimonial running Active Directory as guest on kvm + virtIO ?
<etheretic> ScottK: sg good for network info on a noob level as well? defining terms without presumptions of prior knowledge etc.
<pedahzur> I'm having a problem with nssldap-update-ignore-users.  It bases it's config on a minimum user ID, so will add, say, www-priv will get added to the ignore list every time nssldap-ignore-users is run. BUT: www-priv is in a group in LDAP, so LDAP will then not be asked about this group, breaking privs.  Is there a way to tell it to exclude adding certain users to this list?
<markatto> regarding the recent 32-bit compatability kernel vulnerability: The security bulletin seems to be telling me to update a 'linux-image' package, but I don't actually have that package installed and apt-get upgrade doesn't seem to want to give me anything that looks like a kernel
<pedahzur> markatto: What does 'dpkg -l|grep linux-image' give you?  That's dpkg -(little L)
<markatto> nothing
<markatto> pedahzur: This is a vps, rackspace may have given me a different kernel package, but I don't see any extra entries in the apt sources
<pedahzur> markatto: What about 'dpkg -l|grep linux'
<Nafallo> ls /boot ?
<markatto> pedahzur: no kernels, just some libs and headers
<pedahzur> odd.
<pedahzur> markatto: dpkg -l|grep image
<markatto> still no kernel
<markatto> cups, imagemagic, libgif, etc
<Nafallo> right. ignore me then ;-)
<pedahzur> markatto: odd.
<markatto> maybe my host is using openvz and I don't know it?
<pedahzur> markatto: I would assume they would update the kernel as needed.
<pedahzur> markatto: what does the command 'uname -a' return?
<markatto> I didn't set it up myself, but I would assume that rackspaces uses xen
<markatto> wait, I do indeed have a rackspace kernel
<markatto> it's a *-rscloud
<pedahzur> markatto: Yeah, I assume since it's a custom kernel, they'll update it when they have a package ready.
<markatto> Linux development 2.6.34.1-rscloud #1 SMP Thu Jul 22 18:04:40 UTC 2010 x86_64 GNU/Linux
<markatto> the thing is, it doesn't look like there's actually a package for it
<pedahzur> So Rackspace VPS's are using Ubuntu? Cool!
<ScottK> Rackspace was well represented at the last Ubuntu Developer Summit.
<_Techie_> alot of different server platforms use ubuntu-server
<markatto> I dunno if they all do, i'm not actually a big ubuntu fan/user but this what I inherited when I got the job
<shauno> I wonder how many treat it like I do; like a debian with a predictable release schedule
<pedahzur> ScottK, _Techie_: I just wish their Managed platform offered Ubuntu. The last time I asked them about it, they said they could not yet get the same kind of vendor support they can with Redhat, so were not offering it in a managed platform yet.
<ScottK> That's a completely different part of the company than does the cloud stuff, AIUI.
<pedahzur> ScottK: Ah.  Still want Rackspace Managed Ubuntu. :)
<ScottK> markatto: As I understand it, Ubuntu and Red Hat are the only ones doing a lot of work on proactive security features and so one of the two are definitely the way to go if you care about security.  https://wiki.ubuntu.com/Security/Features
<markatto> ScottK: I don't know how you can say that
<markatto> unless you're talking about SELinux vs AppArmor or something
<ScottK> Apparmor versus SELinux is a reason I prefer Ubuntu, but that wasn't what I was getting at.
<ScottK> Meh.  Left.
<pedahzur> Anyone have any ideas about my nssldap-ignore-users issue? :)
<etheretic> ah
<pedahzur> etheretic: Ah?
<etheretic> got disconnected while afk - didn't know.
<blue-frog> hi, what is the mechanism triggered when I insert a usb key in a machine, please? I'd like to be able to eject it and then remount it without having to unplug it phisically
<blue-frog> s/phi/phy
<pedahzur> blue-frog: this isn't server specific, but you can just do: mount /path/to/device /mount/point
<blue-frog> yes sure but my problem doesn't lie there
<blue-frog> working on a usb mulitboot key. everytime I do a change in grub.cfg for the sake of it, I have to unplug the key to have /dev/sdx shows the changes
<smokie> anyone know a proper virtulazation envirenment like HyperVM but for ubuntu?
<pedahzur> smokie: define "proper."
<smokie> pedahzur, for production use and something other then virtualbox
<pedahzur> blue-frog: Not sure what' you're getting at.
<pedahzur> smokie: Xen and KVM come to mind.  I'd read up and KVM.
<pedahzur> smokie: read up *on* KVM...
<blue-frog> pedahzur, I have a usb key bootable with grub2. if I do any change to grub.cfg (edit, save, close) then when boot the key using qemu the changes I made are not there. I have to unplug the key and reinsert it.
<blue-frog> to see the changes
<pedahzur> blue-frog: Odd...that doesn't bring anything to mind...sorry.
<lifeless> SpamapS: whats jos' email?
<blue-frog> ok thx for thr try
<SpamapS> lifeless: jos.boumans@canonical.com
<smokie> pedahzur, thanks dude will read up on that
<lifeless> SpamapS: thanks
<AlexMax> Question.  I have 2 gigs of memory.  Due to a leaky program, my memory usage was about 1.0 gigs of RAM but with cache and buffers it was hitting 2 and starting to swap
<pranjal> hi all
<AlexMax> should i care about cache/buffers or should i only worry if my real app memory usage approaches 2
<AlexMax> in terms of adverse performance
<RoyK> AlexMax: monitor the program's usage of memory, if that gets too high, give it a kick
<AlexMax> RoyK: Which is what I've done. :)
<AlexMax>  http://imgur.com/RjuGM
<AlexMax> for this picture I restarted the program and also force cleared the cache/buffers
<RoyK> AlexMax: if swap gets to high, do something, but a fair use of swap is always good, it just keeps the parts of the memory not used in swap, which is a gain
<AlexMax> green usage = my actual app usage, blue = cache usage
<RoyK> cache use is good
<RoyK> hard memory use is bad
<AlexMax> I guess I'm just asking if i should care about cache getting swapped since it's not 'real' program memory usage
<AlexMax> since i still seemed to have plenty of hard memory usage headroom
<RoyK> in your case, the cache released was a lot, and you might have invalidated a lot of cache in that
<qman__> yeah, cache shouldn't actually be swapped
<qman__> just cleared
<AlexMax> heh i actually have no idea if it was cache that was being swapped
<AlexMax> but i was using a little swap memory
<_Techie_> my cache doesnt seem to swap, so must be something wrong with yours AlexMax
<_Techie_> AlexMax, how much swap was being used/
<AlexMax> just a little bit
<qman__> you could turn swappiness down if it's causing a big effect
<AlexMax> 1 sec
<AlexMax> bah, its out of my scrollback
<_Techie_> AlexMax, ill give you a link to my servers status page, its got 2gigs of RAM so it should serve as a reference
<AlexMax> thanks
<qman__> the only programs I have that leak memory are web browsers
<_Techie_> AlexMax, http://phpsysinfo.technz.info/
<qman__> unfortunately the only one that doesn't is elinks
<AlexMax> _Techie_: Ah i see
<AlexMax> You have 1.62 gigs of stuff in cache
<_Techie_> AlexMax, yeah
<AlexMax> so technically you're also using all your memory
<_Techie_> technicaly
<qman__> I like that script, is it custom or part of a package?
<_Techie_> but cache is dropped to make room for processes
<AlexMax> phpsysinfo
<_Techie_> its phpsysinfo, its php
<qman__> ok
<_Techie_> links at the bottom
<AlexMax> _Techie_: Okay that's pretty much what i needed to know
<AlexMax> so aside from kicking my runaway process i didnt have to clear the cache/buffers
<_Techie_> nah
<_Techie_> i used to think like that
<_Techie_> i used to have a cron job to wipe my cache every few hours
<_Techie_> qman__, phpsysinfo is in the repo's but its not a very new version
<qman__> every week or so I have to close out of all my web browsers, or else my memory will fill up
<qman__> freshly opened they only use a hundred megs or so, but after a week it's up over 700
<qman__> regardless of what's open in them
<_Techie_> qman__, you should just have a weekly cron job to kill and re open them
<AlexMax> Super Italian Plumber Bros.
<kevinash> Hello. Newbie Question. I've got an Ubuntu 10.0.4 virtual server. I'm told to run 'aptitude update' followed by 'aptitude safe-upgrade' Do I need to restart the server afterwards?
<AlexMax> only if it tells you to
<kevinash> AlexMax: Thanks.
<kevinash> Is there a difference between running an 'aptitude safe-upgrade' and 'aptitude upgrade' command?
<qman__> probably, but I couldn't tell you what that is without reading the manual
<qman__> see man aptitude
<_Techie_> most of here use apt instead of aptitude
<qman__> the only time you should ever need to reboot is for a kernel update
<kevinash> Thanks all. Actually, I'm running aptitude in the command line, not the graphical interface. I read somewhere it was a little more robust. Probably worng aboutthat.
<qman__> aptitude is more featureful, I use apt-get out of habit
<qman__> they'll both get the job done
<kevinash> Yes. I was told to use one of the other and stick to it. That's what I've done. I'm happy enough (I have no prior history with these commands anyway!)
<_Techie_> just a heads up, 99% of the time we will use apt when helping people
<_Techie_> as long as you know how to do each command in your package manager you will be fine
<kevinash> _Techie_: I understand. Thanks, all, for your help.
<_Techie_>  kevinash no problem
<_Techie_> you should also propbably thank qman__, he contibutes alot to this channel
<hallyn> zul: still around?
<yeshuah> can anyone point me to a short to-the-point guide to setup dns on a vps running ubuntu?
<pedahzur> yeshuah: Do you want a DNS server (bind) or a local caching DNS setup?
<yeshuah> pedahzur: server I presume
<yeshuah> pedahzur: but I just realized I can use a tool at my registrar - so I don't have to setup the server
<yeshuah> pedahzur: but if you know a good tutorial - I would be thankfull for future reference
<pedahzur> yeshuah: Yeah, if you have a server that will do it for you, then setting one up yourself isn't usually needed, but it's never a bad learning experience.  If you're running Ubuntu on that VPS, this should get you going: https://help.ubuntu.com/community/BIND9ServerHowto
<pedahzur> yeshuah: BTW, that was the first result when googling: ubuntu bind howto :)
<yeshuah> pedahzur: thanks - sorry
<blue-frog> any users of udevadm who could explain me the use of udevadm test --force (as per the man page) because so far it is telling me that --force is not a recognised option. bug?
<blue-frog> great as per https://bugs.launchpad.net/udev/+bug/315979 seems that udevadm do not have the option anymore
<uvirtbot> Launchpad bug 315979 in udev "mknod for /dev/pktcdvd/control fails after update to udev 136" [Undecided,Fix released]
#ubuntu-server 2010-09-21
<ScottK> yeshuah: The ubuntu server guide (see /topic) tells how to do this.
 * e_t_ is away: Gone away for now
<wizardslovak> hello ppl
<wizardslovak> whats the command if i want to install packages LAMP, i forgot it
<wizardslovak> that which brings you same screen as on server install
<wizardslovak> its not ap-get
<wizardslovak> that blue screen
<zachtib> also posted in #ubuntu: anyone know of a way w/ libvirt and kvm to have separate users that can only access their own virtual machines?
<zachtib> trying to set up a vm server for our LUG so that new users can have a machine to learn on
<Datz> Is there a way to see descriptions for updates using aptitude or other?
<uvirtbot> New bug: #644074 in ec2-api-tools (multiverse) "upgrade ec2-api-tools to 1.3-57419 (api version 2010-08-31)" [Undecided,New] https://launchpad.net/bugs/644074
<JasonMSP> Trying to get virtual users to work with VSFTPD.  this http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/ hasn't worked.  Error 530 Login incorrect when trying to login.
<JasonMSP> ??
<uvirtbot> New bug: #644097 in clamav (main) "clamAV's scan stop on /sys dir." [Undecided,New] https://launchpad.net/bugs/644097
<uvirtbot> New bug: #644095 in dbconfig-common (main) "dbconfig shouldn't attempt to configure a database when no database server is available" [Wishlist,Triaged] https://launchpad.net/bugs/644095
<blue-frog> hi when inserting a usb key in a machine, it triggers some kernel uevent. Have I a way to recreate those uvent via command line. I hoped udevadm test --force --action=add would have done the trick but apparently --force is not an option anymore.
<zaas> hi, i have question about php fast cgi (fcgid) and php.ini
<zaas> can i use a master php.ini and extend it with a .ini per user?
<zaas> my setup it with suexec and having a /var/www/username dir per site
<moob> Hello.
<moob> testing 1 2 3
<zaas> hi moon
<zaas> *b
<moob> Hi
<moob> You wouldn't happen to know any thing about Amazon EC2?
<zaas> no, only s3, never worked with EC2
<moob> darn
<zaas> anyone knows how to use a 2nd php.ini?
<zaas> (fastcgi)
<remix_tj> zaas: i've used it
<uvirtbot> New bug: #644156 in clamav (main) "package clamav-base 0.96.1+dfsg-0ubuntu0.10.04.2 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 10 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/644156
<ttx> mathiaz: I'd fix it for maverick release. This has security implications and is realtively self-contained, I suppose
<uvirtbot> New bug: #644288 in mysql-dfsg-5.0 (universe) "mysql-server-5.0 on 08.04 LTS leaks filedescriptors" [Undecided,New] https://launchpad.net/bugs/644288
<domas> heh
<domas> my bug
<domas> (http://bugs.mysql.com/bug.php?id=35477)
<_ruben> nice
<domas> I certainly don't understand why people use distro mysql packages
<domas> distros should treat 5.x.* as patch-levels, not as separate versions
<domas> only bugfixes go there usually
<domas> now distro maintainers think they will do better job at bugfixing than hundred-people-teams
<alvin> How do I set a default printer? Man lpadmin tells me it's # lpadmin -d [destination], but lpstat -d still reports the wrong printer as default
<alvin> Do I have to restart cupsys for this?
<_ruben> domas: easy of maintenance (have the distro maintainer keep track of the versions/issues/etc) .. but as always, its a double-sided knife ;)
<alvin> ok, I tried lpadmin -d on different systems with multiple printers. It doesn't work anywhere.
<domas> _ruben: hehe, true. but still, I think distros should be more aggressive about getting patchlevel releases
<domas> I'm sure more people get bitten by old bugs than new ones :)
<_ruben> domas: hard to tell, as even known-to-be-bleeding-edge distros (like ubuntu is often categorized) still lag behind quite a bit ;)
<domas> well, ubuntu hardy never had anything else than 5.0.51
<domas> I guess lucid is now lagging with 5.1 ones
<_ruben> yeah, should be 6.x ;)
<domas> there's no 6.x
<domas> it is 5.1.41 in ll
<alvin> setting default printer reported as 644304. Would this qualify as a server papercut?
<alvin> bug 644304
<uvirtbot> Launchpad bug 644304 in cups "lpadmin -d does not set default printer" [Undecided,New] https://launchpad.net/bugs/644304
<_ruben> ah, 6.0 has been abandoned
<domas> ye
<domas> 5.5 is next
<uvirtbot> New bug: #644308 in unixodbc (main) "package odbcinst1debian1 (not installed) failed to install/upgrade: impossÃ­vel acessar arquivo: Arquivo ou diretÃ³rio nÃ£o encontrado" [Undecided,New] https://launchpad.net/bugs/644308
<_ruben> hrm, needa brush up my perl/xml skills stat .. the code i've been producing lately is ugly as fuck :p
<pmatulis> !language | _ruben
<ubottu> _ruben: Please watch your language and topic to help keep this channel family friendly.
<uvirtbot> New bug: #644310 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/644310
<maedox> _ruben, isn't that a feature of perl, to create self-obfuscating code? :D
<bobslaede> Hi. Im trying to set up some virtual hosts, using libvirt, kvm and qemu and following all guides on the ubuntu website. I used ubuntu-vm-builder to create the guest and everything seemed to work just fine. However i cannot connect to this new guest, and it seems that its not getting an IP thru the default NAT setup. Also I cannot connect to the console via virsh
<soren> bobslaede: "virsh console" is only for text consoles. Use virt-viewer instead.
<smoser> ttx, arond ?
<ttx> smokie: o/
<ttx> smoser: o/
<ttx> (sigh)
<smoser> sigh to you too
<smoser> !
<smoser> :)
<ttx> now I have to type 4 characters to tabcomplete you
<smoser> i was going to ask what i should need to do to get https://bugs.launchpad.net/ubuntu/+source/ec2-api-tools/+bug/644074 in
<uvirtbot> Launchpad bug 644074 in ec2-api-tools "upgrade ec2-api-tools to 1.3-57419 (api version 2010-08-31)" [Undecided,New]
<DigitalDeviant> Is there a way I can keep chown the same on ftp uploads using pureftpd ?
<ttx> smoser: discussion of benefit vs. risk with the release team. Note that this is technically multiverse, so the rules are relaxed.
<smoser> yeah.
<ttx> I'd say... given that it's binary-only, the risk is contained
<ttx> smoser: when were those released ?
<smoser> yesterday.
<ttx> ah.
<smoser> well, at least announced yesterday.
<ttx> so you can't really say they had field testing yet.
<smoser> i can't say for certain that the binaries were not available without mention piror to that.
<ttx> that's my only gripe about it. It's a young release.
<ttx> smoser: if my vote is asked for, I'd +1.
<ttx> benefits outweigh risks.
<smoser> well, yes. the only thing that i have to alleviate that is a.) its multiverse b.) we've never (and they've never) released a bug fix release soon after.
<ttx> smoser: sounds like you have a good case.
<_ruben> pmatulis: my apologies, i actually had to reread my own text a few times in order to notice the profanities, what's this world coming to :(
<smoser> so i should right up a justification for this and then upload ?
<bobslaede> soren: sorry for the delay. This is a headless server
<soren> bobslaede: So?
<bobslaede> soren: no X
<soren> bobslaede: Is it headless or is it X-less?
<bobslaede> soren: both
<soren> bobslaede: So you're not going to be at its console when you're doing this anyway.
<soren> bobslaede: again: virt-viewer is your friend. Run it on your desktop.
<bobslaede> soren: i dont have any access at all to the guests
<bobslaede> soren: also, my desktop is a windows machine
<soren> bobslaede: Then you're screwed.
<soren> out-of-the-box at least.
<bobslaede> I do have access to the servers console
<soren> You can set up a serial console in the guests or whatnot.
<soren> bobslaede: I thought you said it was headless?
<bobslaede> soren: thru virsh console?
<bobslaede> soren: well, i can connect a screen to it
<bobslaede> soren: its just not at my current location
<soren> it's really quite simple. qemu (and hence kvm) emulates a framebuffer. To look at a framebuffer, you need something that can show graphics.
<soren> Like, say, a monitor.
<bobslaede> soren: which should work thru ssh no?
<soren> monitors? No, they require VGA cables.
<soren> Or similar.
<soren> My knowledge may be slightly outdated.
<bobslaede> soren: does it matter if im connected to the server thru ssh, or at the console?
<soren> All I'm saying is that the solution to your problem is virt-viewer. You can use other VNC clients, but you need to do your own connection forwarding and whatnot.
<soren> bobslaede: Depends on what you want to do. If you want to look at the framebuffer of one of your VM's, it certainly helps to in an environment where such a thing can be easily represented. This could be a modern Linux desktop, like Ubuntu, or maybe Windows if you're happy to do your own ssh+vnc connection plumbing (and generally endure using it).
<bobslaede> soren: so in order for me to access a guest system, i need something with direct access to the guest, X, and virt-viewer (or whichever vnc client)
<soren> bobslaede: What do you mean "direct access to the guest"?
<bobslaede> soren: since the guest apparently doesnt have an ip address
<soren> bobslaede: Yes, but what does "direct access to the guest" mean?
<bobslaede> soren: on the host system i suppose, since i wouldnt have access to any guests from outside of the host
<soren> bobslaede: You're not really answering the question. You're asking me to verify this: "so in order for me to access a guest system, i need something with direct access to the guest, X, and virt-viewer (or whichever vnc client)". I can't do that when I don't understand what you mean by "direct access".
<soren> bobslaede: You don't have to be logged into the host machine.
<soren> bobslaede: You need a) a vnc client, and b) way to connect to the guest's vnc port.
<soren> bobslaede: The guest's vnc port is on the host.
<bobslaede> soren, but the guest doesnt have an IP, or anyway to connect to it?
<soren> 13:34 < soren> bobslaede: The guest's vnc port is on the host.
<soren> bobslaede: The guest doens't run a vnc server. The hypervisor does.
<bobslaede> but shouldnt the hypervisor then be able to connect to the console? Im asking here because i cannot find any info about libvirt or any of this on google, theres only the default guides, none answer my questions
<soren> Let's start over.
<bobslaede> alright :)
<soren> You want to log into the guest.
<soren> Right?
<bobslaede> Yes, which Ive created with ubuntu-vm-builder for libvirt
<soren> Doesn't matter.
<soren> Its network is screwed, so you can't use ssh.
<soren> So you want to connect to its console.
<bobslaede> Seems like it
<bobslaede> Exactly
<soren> You (wrongly) assume you should use "virsh console".
<soren> I tell you: 12:45 < soren> bobslaede: "virsh console" is only for text consoles. Use virt-viewer instead.
<bobslaede> but is a text console not enough?
<bobslaede> there is no X on the guest aswell
<soren> bobslaede: What happened when you tried?
<bobslaede> 'error: no valid connection'
<soren> And no, a text console is not enough, because 13:26 < soren> it's really quite simple. qemu (and hence kvm) emulates a framebuffer. To look at a framebuffer, you need something that can show graphics.
<bobslaede> alright, sorry, wrong error before
<bobslaede> 'Failed to connect to the hypervisor'
<soren> That sounds like a different problem.
<soren> But it really doesn't change the fact that you need a vnc client.
<soren> QEmu emulates a framebuffer.
<bobslaede> Yeah
<soren> On real hardware, even if you decide to just show text, the monitor still shows it as pixels. Same here.
<bobslaede> soren: so then i would still need X on the host, or a vnc viewer on my windows desktop?
<permalac_> hi, amb looking for a landscape(canonical), spacewalk(red hat), xCat (not-debian) suitable alternative for my .deb based infrastructure. Does anyone know any server-management solution with web-based frontend which supports .deb systems? thanks
<soren> bobslaede: You can put the VNC client whereever you want.
<jrib> permalac_: umm isn't landscape such a thing?  Maybe ebox?
<jrib> !away > dendrobates
<ubottu> dendrobates, please see my private message
<soren> bobslaede: I can't really say putting anything on a Windows desktop is a good idea, but a vnc client on a server also doesn't sound good.
<bobslaede> soren: i will try a viewer on windows
<permalac_> jrib: it is the thing, but it cost like 30k a year. And there is no way to link unsupported machines. And most of my machines will have no support cause we have some libraries done by ourselfs. :(
<jrib> permalac_: does ebox do what you want?  Don't really know much about either
<permalac_> jrib: ebox , as I see , and if nobody else replays, it's a suite to manage services, almost like  webmin. What am I looking for is a system manager, like puppet, cfengine or chef, but with web-based frontend. Something to be able to delegate some administrative tasks to others on the corporation.
<jrib> permalac_: I see
<smoser> kirkland, you around ?
<kirkland> smoser: barely
<pmatulis> why would one use iptables "downrules" when the interfaces are going down?
<smoser> can i call?
<RoyK> pmatulis: erm ... to stop the firewall so that people can get into the now "down" interface? :Ã¾
<kirkland> smoser: sure
<pmatulis> RoyK: how can you access an interface that is down?
<RoyK> pmatulis: ever heard of something called irony? :)
<pmatulis> RoyK: ok
<shauno> I imagine if you had rules that NAT'd to that interface, you'd want to replace them when that if goes down
<RoyK> pmatulis:  I guess it's just how ubuntu works - you want to get rid of anything not related to the current setup once you don't need it
<pmatulis> shauno: replace them with what?
<Raboo> Hi
<Raboo> is this a good channel to get help with setting up a IPSEC tunnel using racoon and ipsec-tools?
<RoyK> well, just shoot - someone might know
 * RoyK doesn't
<_ruben> racoon *shiver*
<Raboo> hehe
<_ruben> messed with it ages ago, its quite flexible, in fact, its flexibility makes it near useless for the average task
<Raboo> should i like pastebin my error?
<_ruben> that'd be a decent start (though i doubt i'd be of any help personally)
<Raboo> hehe
<Raboo> well it's like 2-3 lines of error
<Raboo> will i get beaten for pasting that here?
<_ruben> pastebin allows for easier referencing in case you need to restate your issue
<Raboo> well i have problems with my phase 1 negotiation due to send error
<Raboo> it also says IPsec-SA request for xx.xx.xx.xx queued due to no phase1 found.
<_ruben> dont bother with debuggin ipsec-sa issues as long as your phase1 doesnt work ;)
<Raboo> so if someone here has setup ipsec using racoon before, please let me know and i will expalin further and show my configuration file
<Raboo> Well, the thing is, it did work.. I think..
<_ruben> just out of curiosity, why use racoon and not strongswan/openswan/etc? they tend to be much more user/admin friendly
<_ruben> if it stopped working without you changing anything, perhaps the remote end changed something :)
<Raboo> ohh
<Raboo> well i choose racoon, cause i thought it was the easier method
<_ruben> racoon is very low-level
<Raboo> so which is best, strongswan or openswan
<_ruben> need to define every detail "by hand"
<_ruben> matter of personal preference really .. i prefer openswan, but must also admit i never used strongswan ;)
<_ruben> both are forks of the old frees/wan
<Raboo> are they both up-to-date?
<Raboo> ok
<_ruben> openswan is actively maintained, dunno about strongswan, but i think it is as well
<Raboo> ohh yea, it was freeswan that was the obsolete one
<Raboo> ipsec gives me headache
<_ruben> ipsec sure is a complex matter
<Raboo> i think starcraft 2 is the solution to my headache
<_ruben> heheh
<Raboo> is that like cussing in here?
<Raboo> a game, that requires windows or OS X
<_ruben> as far as im concerned: no :)
<_ruben> each os has its purposes
<_ruben> we dont expect you to run ubuntu-server on your desktop ;)
<hggdh> Daviey: another go at euca lucid?
<Raboo> You don't? :-)
<_ruben> correction: *i* don't ;)
<Raboo> hehe
<_ruben> i cant speak for others obviously
<Raboo> well i will have a look at the *SWAN
<Raboo> se which one has easiest documentation
<\sh> _ruben: my laptop is running -server kernel on my laptop ;) but that's me
<_ruben> for openswan be sure to check #openswan (not that active) and its mailinglists, the website is kinda outdated (most resources go into the code, not the web)
<\sh> oh my...now I repeat already words ... too much server deployment today error
<_ruben> \sh: still, running -server on a desktop isnt the same as expecting others to do so ;)
<_ruben> desktop in the broadest sense, thus including laotops :)
<_ruben> woah, laptops :)
<_ruben> anyway .. time for me to head home .. bbl
<smoser> kirkland, ami-7238cd1b
<smoser> is ebs/ubuntu-maverick-daily-i386-server-20100921
<smoser> us-east-1
<smoser> use that
<kirkland> smoser: would prefer 64 bit
<smoser> price goes up
<smoser> us-east-1 ami-7638cd1f canonical ebs/ubuntu-maverick-daily-amd64-server-20100921
<SpamapS> kirkland: do you want my "maverick" script that automatically spawns the cheapest possible instance given the size (defaults to c1.medium because I find myself doing builds more often than anything else)
<Datz>  Is there a way to see descriptions for updates using aptitude or other?
<hggdh> Datz: aptitude changelog xyz
<Datz> hggdh: thank you :)
<smoser> SpamapS, i want ot see it
<Daviey> hggdh, i386 is fail on my local :(
<Daviey> hggdh, testing amd64 lucid -> maverick is more useful at this stage, i think
<Datz> hggdh: I'm tring somethign like this with no result:" aptitude changlog linux-headers-2.6.32-24-server
<hggdh> Daviey: pretty much all the failures I got are related to the apparmour bug ttx raised
<Datz> hggdh: I realize my error, working, thanks
<sbeattie> hggdh: which bug?
<\sh> _ruben: that's right :)
<hggdh> sbeattie: looking
<hggdh> Datz: try linux-headers-generic
<ttx> hggdh: but you got instances running ?
<ttx> hggdh: or you had to disable apparmor to get them running ?
<hggdh> ttx: yes, about 40%
<hggdh> ttx: no, I did not disable apparmour. Which is weird, but ah well
<Datz> hggdh: having a look, thanks
<ttx> hggdh: hrm
<ttx> hggdh: please comment on that bug, that will prove I'm not insane
<hggdh> ttx: what is the bug#? I cannot find it
<hggdh> ttx: I will do more, I will add a link to the logs
<Datz> hggdh: lastest -generic and -server changelog is the same FYI ;)
<hggdh> Datz: darn!
<hggdh> Datz: well, if it is installed you can always look at /usr/share/doc/<packagename>
<ttx> hggdh: Bug 628055
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly: Security Labeling error running aa_change_profile()" [High,Incomplete] https://launchpad.net/bugs/628055
<ttx> hggdh: maybe there is a eucalyptus bug in there, after all.
<hggdh> ttx: thank you; sbeattie ^
<Datz> hggdh: tis not, just wondering if I needed to update to latest kernel right away. :)
<ttx> sbeattie: our latest suggestion is that it's not an apparmor bug, rather a libvirt bug that leaves a strange error message pointing to apparmor
<ttx> and potentially a eucalyptus bug triggering a weird libvirt behavior triggering an apparmor-related error message.
<ttx> the whole thing being a bit clouded by bug report hijacking.
 * ttx will be back in 2 hours
<hggdh> ttx, sbeatie: I will be uploading full logs (that is, the whole of /var/log) plus the test programme, and will add a link on the bug
<sbeattie> hggdh: okay. It *is* possible that there's a bug in the apparmor kernel code where it might not be logging a rejection of something when it should.
<hggdh> ttx, sbeattie: rephrasing: on Lucid, I had 63% success; on Maverick, all failed
<hggdh> sbeattie: so it is consistently failing on maverick, after all
<uvirtbot> New bug: #644481 in multipath-tools (main) "95-kpartx.rules uses invalid -Q argument to modprobe(8)" [Undecided,New] https://launchpad.net/bugs/644481
<crankygeek01> When I log into my server I am getting this error message
<crankygeek01>                       "/usr/bin/xauth:  /home/matt/.Xauthority not writable,
<crankygeek01>                       changes will be ignored" This was not there yesterday and
<crankygeek01>                       I am not sure what it means....any help?
<crankygeek01> When I log into my server I am getting this error message "/usr/bin/xauth:/home/matt/.Xauthority not writable,changes will be ignored" This was not there yesterday and I am not sure what it means....any help?
<pmatulis> with virt-manager, is it normal that i cannot remove guests image files when deleting guests?
<pmatulis> (there is a yellow triangle with and exclamation mark)
<pmatulis> filesystem permissions look ok
<uvirtbot> New bug: #644489 in multipath-tools (main) "constantly changes /dev/disk/by-id/{scsi,wwn}-* LUN symlinks with multipathing" [Undecided,New] https://launchpad.net/bugs/644489
<Daviey> ttx / hggdh: My local i386 Maverick... 2 instances ran, one went from pending -> running -> terminated... the other seemed to go from pending -> terminated
<hggdh> Daviey: were you able to copy the console.log and .mxl from them?
<hggdh> .xml
 * hggdh is, meanwhile, netbooting to Maverick
<Daviey> hggdh, didn't attempt to :(
<Daviey> but i'm pretty sure it's the same failure
<Daviey> hggdh, Give me some good news :)
<hggdh> I am falling from the tenth floor, right now at the third, and all looks good so far ;-)
<hggdh> Daviey: I should have them in about 30min
<mathiaz> SpamapS: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-announce
<uvirtbot> New bug: #644538 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/644538
<hggdh> mathiaz: could you adjust the flowcharts on https://wiki.ubuntu.com/ServerTeam/SRUPolicy -- where is says 'verification-succeeded' to 'verification-done'
<hggdh> mathiaz: alternatively, if you give me the sources, I can do it
<mathiaz> hggdh: I've attached the origianl dia files
<hggdh> mathiaz: thank you
<uvirtbot> New bug: #644549 in dovecot (main) "package dovecot-postfix 1:1.2.9-1ubuntu6.1 failed to install/upgrade: subprocess installed post-removal script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/644549
<hggdh> smoser: there?
<smoser> here
<hggdh> what happened with --use-loader from uec-publish-tarball?
<smoser> what do you mean ?
<hggdh> I just tried it, from a netbooted install of Maverick -- it is not there anymore
<smoser> hggdh,
<hggdh> cloud-utils https://wiki.ubuntu.com/ServerTeam/SRUPolicy
<hggdh> dammit
<hggdh> cloud-utils 0.11-0ubuntu1
<smoser> $ apt-cache policy cloud-utils
<smoser> cloud-utils:
<smoser>   Installed: 0.15ubuntu1
<smoser>   Candidate: 0.15ubuntu1
<hggdh> oh
<hggdh> I know what I did :-(
<hggdh> installed bloody lucid instead of Maverick :-(
<hggdh> ah well. since it is there, I will test upgrading
<hggdh> sorry smoser...
<uvirtbot> New bug: #644562 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/644562
<uvirtbot> New bug: #644566 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/644566
<Four2zero> hello everyone. I'm running samba and i have installed webmin, and i am noticing multiple entry's displaying in my Network that are from the same box: http://www.upload3r.com/serve/210910/1285092388.jpg I have checked the smb.config and it does not show any other entries
<Four2zero> how can i fix this ?
<nakhlawi> As far as I know, webmin is not supported anymore in Ubuntu. Maybe others can verify?
<Pici> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Four2zero> ah crap...lol
<Four2zero> need to remove it then
<Four2zero> thnx
<_ruben> what tend ppl to use nowaydays as fs for a fileserver?
<nakhlawi> _ruben: come again please
<Four2zero> _ruben ext4
<_ruben> woah, kinda cryptic indeed now i read it back :p
<Four2zero> or reiserFS
<_ruben> which is the recommended filesystem to use for a fileserver .. was kinda defaulting to ext4, but curious how others might think of it
<Four2zero> _ruben http://en.wikipedia.org/wiki/Comparison_of_file_systems
<nakhlawi> I use ext3 for Samba sharing, on a small installation though.
<Four2zero> http://www.linux.org/lessons/advanced/x1254.html
<Four2zero> im using ext4 on ubuntu-server
<Four2zero> ext3 for boot
<_ruben> for /boot i tend to use ext2 even
<ScottK> reiser is pretty unmaintained for a long time.
<_ruben> my previous install was using xfs, but heard quite some horror stories about that one in the mean time ;)
<Four2zero> stick with ext4
<Four2zero> its made for high performance
<Four2zero> :)
<_ruben> software raid5 over 6 1tb disks .. performance isnt the key here ;)
<pwnguin> so i get in today and my ubuntu vm has crashed pretty badly
<pwnguin> "task apache2:<pid> blocked for more than 120 seconds"
<_ruben> oh well .. 686mins to go for raid volume initialization ;)
<pwnguin> unresponsive on ssh
<pwnguin> unresponsive on http
<quentusrex> pwnguin, that is a kvm issue
<quentusrex> I have had the same issue before.
<pwnguin> its vmware =/
<quentusrex> nvm
<pwnguin> vmware console isn't responding to keyboard input
<pwnguin> well not true
<pwnguin> i can switch vts
<pwnguin> but i cant log in
<pwnguin> short of rebooting, is there anything else one can try?
<pwnguin> quentusrex: indeed, a lot of googling suggests kernel bugs
<Four2zero> should i change the default port that ebox uses for better security enhancement.
<ScottK> How would that improve security?
<quentusrex> pwnguin, I was able to resolve the issue with "sudo /etc/init.d/networking restart"
<pwnguin> quentusrex: i can't log in =/
<quentusrex> if you can get in any other way
<quentusrex> you can't do it over standard networking
<pwnguin> its a vm
<Aqaz> If spamassasin can filter spam why one need to use SquirrelMail plugins?
<quentusrex> kvm has a recovery console
<pwnguin> ive tried ssh, ive tried the vmware virtual console interface
<quentusrex> and I can get in over that.
<pwnguin> i can switch vts on the virtual console, but the login prompt isn't responding
<pwnguin> it kinda looks like reboot territory. it's not a mission critical system, and it's already as bad as it can get
<pwnguin> i guess the only question is what logs will still be around after a reboot
<slyboots> Hi
<slyboots> Jsut notced some new behavior from my Ubuntu-server; its set to forward on email from root to my email account, and the last two three weeks been getting this email about.. twice a ay?
<slyboots> "start: Job is already running: anacron"
<axisys> how do I let another group to install pkgs ? giving them full sudo is the only option ?
<u92> I cant find an up to date package for ClamAV
<ScottK> u92: What release are you on?
<slyboots> Im not even sure what Anacron is; I was under the impreeion that you just used.. cron; I checked Crontab but I have no tasks running
<slyboots> So; Im unsure whats calling anacron; or what its supposed to be doing that its producing the error
<u92> hardy 8.04
<ScottK> u92: The version in hardy-backports is ~ up to date.  We're working on testing the new release now.
<u92> the 0.96.* release,   cause i updated apt, and i keep getting 0.92.*
<ScottK> u92: Then you don't have -updates enabled.
<ScottK> 0.95.3 is in hardy-updates and 0.96.1 is in hardy-backports
<uvirtbot> New bug: #641771 in samba (main) "caplock not active when the remote to the computer windows" [Undecided,Incomplete] https://launchpad.net/bugs/641771
<kevinash> Hi, I don't want to mess this up, so could someone help me write a crontab command that runs 'apt-get update' then 'apt-get safe-upgrade'?
<pedahzur> kevinash: Which file are you editing?  The user's crontab?
<pedahzur> For y'all's information, I just reported: https://bugs.launchpad.net/ubuntu/+source/libnss-ldap/+bug/644632
<uvirtbot> Launchpad bug 644632 in libnss-ldap "nssldap-update-ignoreusers needs to be configurable to ignore users" [Undecided,New]
<kevinash> pedahzur: the admin user I've set up (a sudoer)
<pedahzur> kevinash: So you invoked 'crontab -e' as that user?
<kevinash> pedahzur: From the command line I do 'sudo crontab-e'
<pedahzur> kevinash:
<pedahzur> oops
<pedahzur> kevinash: OK, what schedule to you want for the update commands?
<kevinash> pedahzur: daily at about 5am (I'm actually OK with doing the timer bit, though)
<pedahzur> kevinash: 0    5    *    *    *    apt-get update && apt-get safe-upgrade
<pedahzur> kevinash: You can do tabs between columns, instead of spaces.
<kevinash> pedahzur: Ah, so the && means 'wait until the first command has finished'?
<_Techie_> just wondering, whats the flag safe-upgrade do?
<pedahzur> kevinash: Basically, execute the next command if the previous command completed successfully (exited with an exit code of zero), but yes, 'wait' is implied.
<kevinash> _Techie_: Truth be told, I'm using 'aptitude', but I was told that most of you folks use apt-get, so I thought I'd phrase it that way.
<zoopster> kevinash: any reason you wouldn't just install unattended-upgrades? and use the /etc/cron.daily/apt script to manage it?
<uvirtbot> New bug: #644632 in libnss-ldap (main) "nssldap-update-ignoreusers needs to be configurable to ignore users" [Undecided,New] https://launchpad.net/bugs/644632
<kevinash> pedahzur: Thank you so much. That's extremely helpful
<pedahzur> kevinash: no problem
<_Techie_> kevinash, if you were told that the otehr day, it was me who told you
<kevinash> zoopster: If I knew that was possible I'd have done it that way! Thanks for the tip.
<kevinash> _Techie_: <g>
<kevinash> zoopster: Do you know if this is available for aptitude too (Don't answr if it's a RTFM, response...)
<zoopster> kevinash: this==unattended-upgrades?
<kevinash> zoopster: yes. sorry.
<zoopster> kevinash: looks like it uses the python apt:: library? so I'd say no
<kevinash> zoopster: thanks for looking. I guess I'll use pedahurz cron script
<zoopster> kevinash: it's a project on launchpad.net so you can dive into the code, just a FE for what's already there for apt
<kevinash> zoopster: I'll take a look. Thnanks for your help
<theyranos> Anybody know a reference comparing Postfix and Exim? I'm rebuilding my mail system from scratch and not sure whether I should stick with my old MTA?
<javatexan> howdy all
<pwnguin> quentusrex: well, alt+sysrq+e seems to have fixed part of it
<pedahzur> theyranos: no reference off the top of my head, but in my (somewhat limited) experience, Postfix has been easier to configure.
<pwnguin> silly question: what log files are deleted on reboot?
<theyranos> pedahzur: i've heard that too, which is why I'm considering the switch.
 * theyranos will now go read the postfix manual
<pedahzur> theyranos: How complex is your setup? You may be able to configure everything you need for Postfix just from the Debconf install questions. :)
<javatexan> where is the ubuntu custom error page for apache2 on ubuntu server?  Is it just the apache default or...\\
<_ruben> theyranos: a rather common response to such a question is: use whichever you are (currently) most comfortable with
<nakhlawi> pwnguin: that depends on the logrotate configuration. Also syslog configuration.
<pwnguin> nakhlawi: i know dmesg is gonna dissapear
<pwnguin> cd
<pwnguin> whoops
<pwnguin> javatexan: check /usr/share/apache2/error/
<_ruben> theyranos: if you're used to exim and know how to tell it to do what you want it to do, why bother switching to an alternative?
<theyranos> pedahzur: Not very. It's the primary MX for my domain. Messages get dumped in a dovecot maildir.
<theyranos> _ruben: While I've been using exim for several years, I still get hopelessly confused every time I try to change even the slightest thing about its configuration. So the idea behind possibly switching is hoping to find something easier to manage.
<_ruben> theyranos: ah ok, that's a pretty valid point then ;)
<pedahzur> theyranos: Yeah, sounds pretty easy.  I'd install postfix, answer the basic questions, and see how far that gets you.  You can always 'apt-get remove --purge' if you want to start over.
<theyranos> pedahzur: Fair enough.
<_ruben> if you got the resources, you could setup 2 vms, one with exim and one with postfix, try to configure them identically (the way you want), and see which works best for ya ;)
<_ruben> postfix+dovecot integration is quite simple indeed
<theyranos> _ruben: On one hand, cloning VMs is trivially easy on my host machine. On the other, your suggestion, while intriguing, probably doesn't get me off the backup MX today :-)
<_ruben> theyranos: i wasnt aware of you being pressed for time :)
<_ruben> a "decent" mail solution takes a fair bit of planning and research
<theyranos> not so much pressed as frustrated with the limitations of the backup
<_ruben> ic
<_ruben> i know the feeling, i've been wanting to overhaul the corporate mail infra for years now, just cant find enough time for it
<_ruben> by the time i get halfway making plans, so much new software and other changes have occured, that i might as well start from scratch again ;)
<theyranos> well, i discovered recently that the boot files on our primary MX have been corrupted for so long that the "good" backups have been overwritten
<_ruben> ouch
<theyranos> so it's an opportunity to start from scratch, albeit an annoying one
<theyranos> odds are nobody ever would've noticed had the building containing the primary MX's host machine not needed to be rewired.
<_ruben> that as well, is a feeling/scenario/whatever i'm too familiar with unfortunately .. been planning and designing for weeks, am like half-way and *boom* .. the current live environment burns down in flames and you need to deploy a replacement like yesterday
<_ruben> theyranos: nice
<theyranos> i'm grateful the backup MX exists in the first place... it's relatively new :-)
<javatexan> okay, that didnt work, i changed both bottom.html and top.html and restarted apache2 with no change in error message
<javatexan> I really just want to add a picture to the page and take away the information line at bottom below the spacer
<javatexan> for all the error pages
<javatexan> :)
<PiratedUnderwear> Hello :)
<PiratedUnderwear> Does anybody know how to encrypt an Amazon EC2 ami?
<veenenen> hey, how is sasl handled by default in postfix? I'm having an issue transferring over my old postfix configurations.
<veenenen> I'm switching over to maverick (long story), and the ubuntu+1 chatroom doesn't seem to have anyone that knows anything about postfix.
<veenenen> my mail relay provider is throwing an error saying I'm not passing my username and password
<PiratedUnderwear> Did you check the documentation for it on the website?
<veenenen> but I am, or atleast this same config file used to on my old server.
<veenenen> I can't really find anything obvious that has changed.
<pedahzur> veenenen: Does anything about SASL on this page help? https://help.ubuntu.com/community/Postfix
<pedahzur> veenenen: Do you have control over the SASL provider? Or is that someone else's box?
<veenenen> Its a third party
<veenenen> So, nothing helpful there.
<_ruben> veenenen: you are a sasl client right? as in sending the credentials, not the one checking 'em?
<veenenen> That community page told me to install a totally new sasl library, but that seems silly
<veenenen> It used to just work
<veenenen> yeah, I'm the client
<_ruben> sasl client config is fairly simple afaik, never hadda use it though
<veenenen> I have the credentials in the main.cf file
<_ruben> might wanna ask in #postfix .. quite active and a fair ammount of very knowledgable ppl, though they're also likely to tell you too rtfm though ;)
<_ruben> postfix.org has a sasl page iirc
<pedahzur> http://www.postfix.org/SASL_README.html
<_ruben> grmbl .. phpsysinfo package is still broken
<veenenen> ugh. this is going to be painful.
<pedahzur> veenenen: All the howtos I just browsed through seem to assume your SASL provider is on the same host as your postfix install, and that you have control over said SASL provider.
<pedahzur> veenenen: I'd also try the Postfix mailing list if #postfix doesn't work out.
<veenenen> alright, thanks
<_Techie_> php no longer seems to be working after a failed update
<pedahzur> _Techie_: Oh goody...What updated?
<_Techie_> was using webmin this morning to update
<_Techie_> had to close the browser half way through
<guntbert> !webmin | _Techie_
<ubottu> _Techie_: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<_Techie_> it in turn raped my apache, ive since recovered apache, but still havent got php5 working
<_Techie_> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<guntbert> _Techie_: I don't like ebox, to be honest, tried it twice and removed it "immediately"
<pedahzur> guntbert: And eBox has now turned into this: http://www.zentyal.com/
<_Techie_> ive been sticking with webmin, as it makes it really easy to manage users virtualhosts in apache
<pedahzur> ebox has gone from being a config front end to wanting to be "the server"
<pedahzur> Maybe that's just marketing. Maybe you can still use it just for your configuration.
<guntbert> pedahzur: I never used it for config because it uses its own files - not the system config files as webmin does
<_Techie_> well if ebox can manage my virtualmin GPL servers, maybe ill switch
<guntbert> _Techie_: I never trusted it - but as webmin damaged your system...   but be warned...
<_Techie_> yeah, i dont trust it fully either
<_Techie_> i have mine so it only allows localhost logins, and i use apache to proxy to it and force SSL on the connection
<_Techie_> thats how much i trust it
<_Techie_> also, i have apache map it to a subdomain
<_Techie_> i cant quite get php5 workign again
<_Techie_> im about to fully purge anything php5 related
<_ruben> _Techie_: define "doesn't work" .. as you reinstalled apache, it *could* be as simple as sudo a2enmod php5 && sudo restart apache2
<_Techie_> _ruben, i havent re installed apache, that works, ive re installed using apt-get remove and install, php5* and libapache2-mod-php5
<_Techie_> also enabled php5 and restarted apache
<_Techie_> _ruben, http://pastebin.com/FZB2WaLx
<uvirtbot> New bug: #644707 in clamav (main) "FFe for clamav 0.96.3" [Undecided,New] https://launchpad.net/bugs/644707
<_Techie_> _ruben, any idea on that error?
<_ruben> do you really need libapache2-mod-php5filter ?
<_Techie_> shouldnt
<_ruben> then remove it
<shauno> that looks like you just did apt-get install php5* ?   that's almost terrifying
<_Techie_> phpfilter isnt installed
<_Techie_> and yes atm im being lazy
<_Techie_> once i figure out how to recover it, ill remove it and be picky
<_ruben> ah, installing using wildcards is asking for trouble
<_Techie_> im in the middle of class so i cant fully concentrate on selecting individual packages
<javatexan> are webalizer and awstats the only 2 in repos?  I am sure there is a bot answer for this  ;)  Looks like that last love either of these packages got was back in 2008
<_ruben> if you just want php5 support for your apache2, all you need to install is libapache2-mod-php5 (and its dependencies)
<_Techie_> _ruben, done that, but ill purge and re install
<_Techie_> php module is purged
<pedahzur> javatexan: The last releaes for AWStats was December 2008.  The package in the repositories is up to date.
<_Techie_> gimme a sec and ill restart apche
<_Techie_> _ruben, okay, this is where im at
<_Techie_> _ruben, purged both libapache2-mod-php5 and php5* and restarted apache
<_ruben> might even wanna purge *php5* or atleast check with dpkg if you have any more php related packages hanging around
<_Techie_> *php5* returned E: Regex compilation error - Invalid preceding regular expression
<_Techie_>    and some other stuff, but that was the error line
<_ruben> dpkg -l \*php\* should give some insights
<_ruben> especially the lines starting with 'ii'
<_Techie_> gimhttp://pastebin.com/RNEkAVM4
<_Techie_> http://pastebin.com/RNEkAVM4 *
<_ruben> looks clean enough
<_ruben> install libapache2-mod-php5 again
<_Techie_> http://pastebin.com/Bm5bkQpV
<_ruben> your apache2 config looks quite botched
<_Techie_> yeah
<_ruben> "Warning: DocumentRoot [/etc/apache2/!] does not exist" sounds way wrong
<_Techie_> its been poked and prodded alot
<_Techie_> it was doing that before the screwup
<_ruben> /etc/apache2 should exist, but should not be your docroot
<_Techie_> i dont think it is
<_ruben> oh .. the ! is part of the path
<_Techie_> ill restart apache, a2enmod php5 and then restart again
<_Techie_> that sound good with you
<_ruben> search your apache2 config files for any stray exclamation marks
<ehcah> Hello. When setting up DDNS, do zone files get created/saved in /etc/bind/ or /var/cache/bind/ ?
<_ruben> /var/cache/bind iirc
<_ruben> /etc/bind shouldnt be writable by bind itself
<ehcah> cool thanks.
<ehcah> I'm using a tutorial, but I'm not 100% it is Ubuntu 10.4.
<ehcah> Not safe...
<Four2zero> wtf, ebox or zentyal will not remove from the system....lol...i ran "sudo apt-get remove zyntal" and im still getting the web configuration page, how do i completely remove it ?
<_Techie_> _ruben, i supressed that error via sudo mkdir /etc/apache2/\!
<Four2zero> and ran command sudo autoremove
<_ruben> _Techie_: nasty ;)
<_Techie_> i wouldnt mind re installing and starting again, but its too much work atm
<_ruben> _Techie_: though assuming your apache config isnt *too* botched, and you did a full restart of apache2 (not just reload), php oughta be working again
<_Techie_> always restart
<_Techie_> never reload
<pedahzur> ehcah: Unless you have a need for Bind, you might look at dnsmasq.  It does DNS caching, and DHCP serving all in one.
<_Techie_> _ruben, still not working, http://phpsysinfo.technz.info/
<ehcah> I'm trying to setup DYNDns
<_ruben> _Techie_: works for me
<_Techie_> _ruben, really, green page with info?
<shauno> _Techie_: ditto
<_ruben> yup
<pedahzur> ehcah: Then you shouldn't need bind at all.  Just a client that updates dyndns when your IP changes.
<_Techie_> hrmm, doesnt work here, ill reload my web browser
<ehcah> pedahzur: The tutorial I'm using suggests I create files rather than use a client?
<shauno> not sure you really need 6Gb of swap, but it's not showing me php errors :)
<_Techie_> _ruben, im stil getting prompted to save the php file
<pedahzur> ehcah: What's the URL?
<_ruben> _Techie_: try different browser to rule out cache?
<_Techie_> _ruben, it asks to save the file both in firefox and IE
<_Techie_> ill give firefox portable with socks a stab
<pedahzur> ehcah: Yeah, that's setting up dynamic DNS and DHCP on your local box.  Is that what you want?  Or are you setting up http://www.dyndns.com/
<_Techie_> _ruben, okay, portable firefox via socks usign ssh is workign
<qman__> ehcah, there are two kinds of dynamic DNS -- one kind is to have an internet-based subdomain service like dyndns point to your changing IP, this kind does not require BIND at all
<ehcah> I'm fairly sure this URL is what I need?
<qman__> the other kind is to dynamically set local DNS to all your DHCP clients on the LAN
<qman__> which does require BIND, and is probably what you're following a tutorial for
<ehcah> qman: You have me thinking now.
<_ruben> _Techie_: clear the caches of your browsers then, or do a force reload (ctrl-f5 i think)
<qman__> if you're using dyndns, all you need to do is wget the URL they give you at regular intervals
<ehcah> I'm trying to replicate a different service I tried.
<ehcah> The other service was using Open DNS on Fedora.
<ehcah> I liked it.
<qman__> I use afraid.org
<ehcah> Regardless, I'm 3/4 down the path I started.
<ehcah> I just wasn't sure I was going to create files in the right directory.
<qman__> what I'm getting at, is that these are two completely different things
<qman__> so what are you after, exactly?
<ehcah> Everything to this point has been mostly editing, not net new.
<ehcah> Accessing my box through URL like ACME.homelinux.com
<ehcah> Or something like that.
<qman__> then you don't need BIND at all
<ehcah> You're killing me.
<qman__> you just need a dynamic DNS service like dyndns or afraid.org
<qman__> and a simple wget script at regular intervals
<ehcah> Using their client?
<ehcah> oh.
<qman__> the BIND tutorial is for using DNS on your LAN, instead of things like hosts files or netbios
<qman__> yeah, or their client
<qman__> there are a number of ways to update it
<ehcah> host access is what I wanted my lan. Ie. router.mylan.com
<qman__> I do the wget route with a script in /etc/dhcp3/dhclient-exit-hooks.d/
<ehcah> or brother7440n.mylan.com
<pedahzur> apt-cache search dyndns will give you a list of clients that come with ubuntu.
<qman__> so you want internal DNS, or from the internet?
<qman__> because they're separate
<qman__> also, you shouldn't use .com
<qman__> not unless you own that domain name
<qman__> it'll cause problems
<qman__> use something like .lan
<ehcah> I know, but thought I needed both if I'm using my server for DHCP and other lan services.
<ehcah> My telco gateway only provides internet connectivity.
<hggdh> Daviey: bug 644733 ;-)
<uvirtbot> Launchpad bug 644733 in eucalyptus "On upgrade from Lucid to Maverick CC entries in /etc/eucalyptus/eucalyptus.local.conf are commented out" [Undecided,New] https://launchpad.net/bugs/644733
<qman__> yes, but what I'm asking is, do you want to access your box by a DNS name from the internet, or from your LAN?
<ehcah> I may not be answering you correctly, but both???
<_Techie_> qman__, lemme try, ehcah do you want other people to be able to use the domain name?
<ehcah> Funny.
<_ruben> hmm .. should see if can get working temps on my sysinfo as well .. http://jupiter.ipv6.tun0.nl.ipv4.sixxs.org/phpsysinfo/index.php?disp=dynamic
<qman__> and you want all your names to be internet accessible, such as router. and brother.?
<ehcah> Kids/wife.
<_ruben> then again, time for bed now
<qman__> because that's incredibly risky
<ehcah> only my server.
<qman__> ok, then you need to do both things
<_Techie_> _ruben, its not hard
<qman__> the BIND tutorial will provide the local DNS
<ehcah> and just for vpn or ssh.
<qman__> and dyndns/afriad.org/etc will provide the internet name
<_ruben> _Techie_: depends on whether the hardware is supported or not ;)
<_Techie_> _ruben, most likely it is
<qman__> I'd also suggest using two different names
<_ruben> 514minutes left to init the raid volume, should be done by morning .. i hope
<_ruben> bbl :)
<qman__> your internet name could be yournetwork.dyndns.com, while your local DNS could be mylan.lan
<ehcah> In my last config, everything was .com.
<qman__> using a .com domain for local DNS can cause problems
<ehcah> k.
<qman__> as can any real TLD
<qman__> don't use .local either, that can cause problems too
<qman__> but pretty much anything else is okay
<_Techie_> often people use .internal
<qman__> you could call it .omgwtfbbq if you wanted
<ehcah> If it makes any difference. I actually own the .com domain name that I'm using.
<ehcah> LOL
<ehcah> The .com is not published or active.
<qman__> you just want it to be distinctly fake, because it doesn't work from the internet
<ehcah> got it.
<ehcah> Knowing that I control if that domain ever goes active, I thought I was safe.
<qman__> you would be safe, but it's still a good idea not to use it
<qman__> some applications are dumb
<qman__> and expect .com to be on the internet
<ehcah> so is me
<qman__> even when it clearly isn't
<qman__> now, if you own your own .com domain, you could have that point to you from the internet
<qman__> but that's beyond the scope of that tutorial, it's a separate task
<ehcah> Funny as it sounds, I feel a bit safer with ***.dyndns.com domain rather than a ***.com domain.
<ehcah> It is also a different DYN service.
<qman__> yeah
<qman__> sorry for the confusion, I simply assumed you were looking for one or the other
<ehcah> No worries. I'm the problem as I'm not able to articulate my requirements clearly.
<ehcah> My life would be easier if I could just hire someone to do this for me.
<qman__> indeed
<qman__> on a related note, if you're serving SSH to the internet, make sure you take steps to protect it, such as a limiting firewall or fail2ban
<qman__> also suggest using key based auth
<ehcah> ok.
<qman__> there are bots that constantly scan for and brute force them
<ehcah> The other setup I ran for a bit was on Fedora.
<ehcah> I have had enough trouble learning bits and pieces of Ubuntu.
<ehcah> I also have 5 desktops running ubuntu, so to me, it only made sense to go full in.
<ehcah> My original goal was to replicate WHS.
<qman__> well, the debian way is quite a bit different from redhat/fedora
<ehcah> yes.
<qman__> as I'm sure you've figured out
<ehcah> Big time.
<_Techie_> bbs
<ehcah> Every box I have is different too.
<ehcah> hardware wise.
<qman__> I first tried ubuntu with 5.10 and fell in love with the way it does things
<qman__> I was never much of a redhat fan
<qman__> but that's all personal preference
<ehcah> Agreed.
<ehcah> and based on one's experiences.
<qman__> in my opinion, it's worth the effort to learn the differences, because in the end, it'll make things easier
<_Techie_> that bad update did more than rip apart my php
<_Techie_> =(
<_Techie_> now i gotta re tweak lighthttpd and my sockets
<_Techie_> along with checking all the required php stuff is installed
<hggdh> Daviey: and... bug 644759
<uvirtbot> Launchpad bug 644759 in eucalyptus "After upgrade Lucid->Maverick, all nodes need to be re-registered" [Undecided,New] https://launchpad.net/bugs/644759
<Daviey> hggdh, oh joy.
<hggdh> Daviey: aye. So two of them so far (not counting the images being lost)
<Daviey> :(
<ghaleb> q
<uvirtbot> New bug: #644759 in eucalyptus (main) "After upgrade Lucid->Maverick, all nodes need to be re-registered" [Undecided,New] https://launchpad.net/bugs/644759
<ghaleb> hello, I have files in range of 3 to 5 GB on two vpn sites, I would like to use rsync to keep them synchronized, moving the whole file is a heavy process over the internet, is it possible to move only the difference within the file ?
<theyranos> What can cause "ssh main process terminated with status 255"? openssh-server works for the first five or so minutes the server is running, then kicks off any logged in user and dies with that message in /var/log/syslog. If I manually restart with /etc/init.d/ssh start it works for about the same amount of time. I already have ListenAddress 0.0.0.0 in my sshd_config.
<pwnguin> theyranos: oom?
<theyranos> pwnguin: eh?
<pwnguin> out of memory
<pwnguin> although i guess ssh shouldn't exit in that case
<pwnguin> as the kernel will straight up kill it
<theyranos> Got 200 of 512 MB free.
<pwnguin> theyranos: 255 means that the ssh connection died, not the process you're trying to run
<pwnguin> that's about all that you can glean from that message
<pwnguin> you can turn on debugging
<theyranos> oddly, setting LogLevel to DEBUG2 seems to have solved the problem
<pwnguin> heh
<theyranos> spoke too soon... just took longer to die
#ubuntu-server 2010-09-22
<theyranos> something is sending sigterm to anything that listens on port 22
<ethicalhack3r> hi Guys, any one know how I install my remastered ubuntu server livecd to harddrive?
<ethicalhack3r> is there a built in tool or external script I can use?
<JasonMSP> I've got VSFTPD setup and working with TLS/SSL.  I'd like to configure it for virtual users on top of this.  I've tried a few solutions that have not worked.  I get login 530 error.  Does anyone have this working?
<kevinash> Can anyone suggest a good backup script for MySQL 5.1 databases for use on Ubuntu Server 10.0.4? I've found a few on google but I'd like to know someone is using their chosen script with good results
<Four2zero> hey guys, i was running samba for filesharing with windows 7 and now i installed ebox(zyntal) and was trying to configure it with samba but it woudn't work. now im stuck with multiple samba network on my windows 7 machine that will not go away, how can i make sure samba is still not running or installed ?
<Four2zero> I ran top and i dont see any smb services
<Skaag> can someone remind me how to tell apt not to upgrade a certain package?
<uvirtbot> New bug: #644799 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/644799
<uvirtbot> New bug: #644798 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/644798
<uvirtbot> New bug: #644853 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/644853
<JasonMSP> trying to setup virtual users with VSFTPD using this http://viki.brainsware.org/?en/Virtual_Users_simple I get this error 530 Login incorrect.
<JasonMSP> Login failed.
<_Techie_> JasonMSP, whats wrong with creating real users?
<pedahzur> Not strictly server related, but this is on Ubuntu server, so....: Weird dependency problem: trying to install gitosis. Says it can't install because Depends: git-core (>= 1:1.5.0) but 1:1.7.3-0ppa2~hardy1 is installed.  Ideas?
<JasonMSP> I was hoping for easy managemnt of users by only allowing them access using httpaswd to create users.  Basically it would keep the ftp users all in one place and not in the passwd file.
<JasonMSP>  _Techie_: I expect as things progress on our server that we will have more and more FTP users.  I don't want them to have shell access, or any other access to the system.
<shey> Question: I have a webcam on my Ubuntu Server in my office, and was wondering if there was a way I can install some sort of monitoring software so I can see my office, from home lets say. There is no X Server installed on it.
<shey> Is something like this possible?
<ecelis> yes it is posible
<shey> Well, this is linux, I am sure everything is possible, care to elaborate?
<ecelis> depending on your webcam, you might make it to take still images and store them somewhere an then write some PHP or web front end
<ecelis> which can use imagemagik to create clips for  you to download
<ecelis> or maybe an streaming solution such as videolan
<ecelis> I have done the first one
<ecelis> google a bit, there are lots of resources about this out there
<erichammond> shey: zoneminder is available in Ubuntu and seems to be popular, but I recommend the  "motion" software which is much easier to set up and can create simple video files to peruse.
<Datz> humm, just checking munin stats today. would there be any alarm seeing number of threads take a sudden jump? http://datzfunk.net/munin/localdomain/localhost.localdomain/threads.html
<Datz> I just installed some updates today, I don't know if it would be related to any of them..
<twister004> hi guys!...
<twister004> hi guys!...
<twister004> have a query on BIND in ubuntu... if i add a CNAME in the db.xx.xx file, do I need to restart/reload the BIND service on the DNS server?
<ehcah> Hello. Can anyone help me with the following error: "could not create key from $KEY_HMAC: bad base64 encoding". I have been systematicaly working through errors on getting DDNS up and running.
<uvirtbot> New bug: #644910 in apache2 (main) "Hardy: apache2-mpm-itk cannot be installed due to dependency" [Undecided,New] https://launchpad.net/bugs/644910
<SpamapS> ehcah: you're trying to do DDNS using rndc ?
<SpamapS> twister004: reload, yes. Did you also make sure to change the serial number?
<ehcah> yes
<ehcah> I'm down to my final error.
<ehcah> I've been at this for 8 hours.
<RoAkSoAx> SpamapS: where's the HOWTO to set the loadbalancer in the cloud?
<SpamapS> RoAkSoAx: still working on it. https://wiki.ubuntu.com/CloudLoadbalancingHowto
<SpamapS> RoAkSoAx: I packaged clb today so it should make the instructions much simpler.
<RoAkSoAx> SpamapS: ty :). Yeah I just saw it :). How do you feal about automatically starting/stoping webservers based on the load?
<SpamapS> RoAkSoAx: I was discussing it with mathiaz though, and really, with the puppet stuff he's rolling out, it should be really easy to do puppet in the cloud.
<SpamapS> RoAkSoAx: there are already a number of autoscaling solutions out there.
<RoAkSoAx> SpamapS: oh I see
<SpamapS> RoAkSoAx: I'm not really very proud of clb. It needs to switch to using basic AUTH.. and SSL
<SpamapS> RoAkSoAx: but its purely a proof of concept at this point.
<RoAkSoAx> SpamapS: well, that's how everything starts though :)
<SpamapS> RoAkSoAx: my original goal was to make tools that worked just like the amazon ELB tools
<SpamapS> actually i have some time this week, maybe I'll try that again
<RoAkSoAx> SpamapS: well you can achieve that overtime
<RoAkSoAx> SpamapS: if I knew how that works I'd help but unfortunately I don't since I don't use the cloud yet :(
<RoAkSoAx> since I don't really have the resources for this now
<sandGorgon> anybody know what is the upgrade path for postgres 8.4 -> postgres 9.0 is on Ubuntu ? The problem is that installing postgres-9.0 overwrites the pg_config binary and so my upgrade command fails : http://ubuntu.pastebin.com/0FXhQUZC
<ttx> SpamapS: I think the graph is still buggy
<SpamapS> ttx: maybe we should get one of those UV zappers for it?
<ttx> The solid line points in the middle of the inprogress now
<ttx> and the dotted line points to something HIGHER than  the total amount of WI
<ttx> I'm not exactly sure where that extra amount comes from though
<SpamapS> ttx: hmm, works fine on my personal page..
<SpamapS> http://people.canonical.com/~pitti/workitems/maverick/u/clint-fewbar-ubuntu-10.10.html
<SpamapS> so maybe its a team thing
<ttx> SpamapS: http://people.canonical.com/~pitti/workitems/maverick/canonical-server-ubuntu-10.10.html
<ttx> SpamapS: it's recent
<SpamapS> hm maybe the paints are backwards for foreign/team
<SpamapS> I think they are
<ttx> rigth, therte shoudl be some foreign things
<ttx> the graph don't show them anymore
<SpamapS> ttx: I think they're behind the other stuff
<ttx> so the three TODO's from hggdh don't add up on the bar
<ttx> hmm, the difference is not "3" though
<ttx> more like "1"
<SpamapS> it may be cumulative
<SpamapS> the foreign numbers are not missing in the previous milestone tho...
<ttx> SpamapS: we need to fix it because it adds confusion on the meaning of the lines... I can have a shot at it if you want
<ttx> hmm
<ttx> I think it was introduced when I added TODOs on james plate
<SpamapS> ttx: should be pretty simple.. just 3 coordinates to get right ;)
<ttx> SpamapS: why is http://people.canonical.com/~pitti/workitems/maverick/u/james-page-ubuntu-10.10.html using the classic burndown ?
<ttx> hmm
<ttx> the team membership is not refreshed at every run, maybe
<SpamapS> ttx: those are explicitly set in config
<SpamapS> ttx: did not have an easy way to determine team membership
<ttx> SpamapS: or maybe it's the 1 inprogress / foreign that screws it
<SpamapS> or rather, did not take the time to do that. ;)
<ttx> (from andresrl)
<ttx> SpamapS: no need to duplicate effort -- want me to do it, or you're on it ?
<ttx> (you should rather be sleeping, but hey)
<SpamapS> ttx: Yeah, I'm waiting for a build of drizzle then I'll be sleeping
<SpamapS> ttx: It looks to me like the stacking just isn't right
<SpamapS> ttx: if I generate a chart w/o inverted, I see some foreign done/inprogress
<ttx> SpamapS: ah! you broke it!
<ttx> SpamapS: that used to work alright ! :P
<ttx> (I agreee it's pretty brittle, though) :)
<SpamapS> ttx: when it was 3 things (todo/done/postponed).. no foreign/team .. no blocked.. in progress.. inverted.. the manual chart build was a nice simple way to go
<SpamapS> but now.. it needs some dynamism
<ttx> SpamapS: yep, it could use a bit of abstraction
<ttx> or crazy things like an object to represent the data.
<SpamapS> no, remembering what number has "todo foreign" in it is easy
<ttx> SpamapS: except that it tends to change when you add new "stuff"
<ttx> so it makes regressions easier (like this one)
 * SpamapS forgot to pay the bill on his lease for the sarcmark
<ttx> SpamapS: heh, joking with me before I got my first coffee of the day is always dangerous :P
<SpamapS> ttx: got it
<ttx> SpamapS: what was the offender ?
<SpamapS> ttx: bzr diff -c 228 lp:launchpad-work-items-tracker
<SpamapS> >:
<SpamapS> I was seriously just joking
<ttx> ah
 * ttx fetches coffee
 * RoyK steals ttx's coffee
<Name141> Will ubuntu-server tell me when it needs to restart in the terminal ?
<Name141> (over ssh)
<Name141> (after an upgrade..)
<kklimonda> Name141: not after an upgrade (unless you are running a byobu) but after you log in, you will get a message in motd
<uvirtbot> New bug: #645009 in spamassassin (main) "spamd segfaults a message" [Undecided,New] https://launchpad.net/bugs/645009
<Name141> kklimonda: So I wont notice anything after the upgrade but the new packages ?
<Name141> kklimonda: but later on, it will tell me after a new login ?
<kklimonda> Name141: yes
<kklimonda> Name141: there aren't that many packages that require a restart - I think only kernel updates trigger the message
<uvirtbot> New bug: #645015 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/645015
<Name141> kklimonda: Ok, so instead of the disk and processes, etc.. I will see like "Hey baby, this OS needs a restart sugar.."
<kklimonda> Name141: you will see *** System restart required *** at the bottom of the motd
<Name141> OK.
<baffle> Our VM management project: http://www.dropbox.com/gallery/1314391/1/Vilma%202010-09-22?h=9ba7cc
<uvirtbot> New bug: #645061 in clamav (main) "apparmor blocks freshclam process info after latest update" [Undecided,New] https://launchpad.net/bugs/645061
<lau> hello, I am runnin exim4 4.69 on ubuntu box
<lau> when I use the ubuntu init exim4 scrit and ps aux | grep exim I get
<lau> /usr/sbin/exim4 -oP /var/run/exim4/eximqr.pid -q30m
<lau> and the server is not listening on local if port 25
<lau> If I start it manually via /usr/sbin/exim4 -bd -q30m
<lau> the server is listenning on localhost 25
<lau> why does the init script not start the daemon with the -bd option ?
<google-fu> lau, change the init script to do what you want
<uvirtbot> New bug: #645082 in bacula (main) "bacula misses requirement of gawk" [Undecided,New] https://launchpad.net/bugs/645082
<joschi> lau: what's the content of /etc/default/exim4? (use a pastebin)
<Daviey> jdstrand, Are you free to talk about libvirt i386?
<lau> good catch joschi thanks
<uvirtbot> New bug: #645126 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/645126
<mdeslaur> ttx: what was the outcome of the apache2 problem?
<ttx> mdeslaur: looks like we have a pile of bugs coming in each time we upgrade apache
<ttx> mdeslaur: when people manually play with mods.available
<mdeslaur> oh, yeah, the maintainer scripts are really fragile
<ttx> mdeslaur: we should add some || true on the a2enmod call on the NEXT update
<ttx> to make it less brittle
<mdeslaur> ttx: AFAIK, the server team has some pending apache2 stuff to push to lucid -proposed, so add it to them
<ttx> mdeslaur: but that's nothing specific to your update
<mdeslaur> ttx: ok, cool :)
 * mdeslaur wipes sweat from forehead
<ttx> mdeslaur: I overreacted to those 3 bug reports over the course of a couple hours
<ttx> zul: if you're on top of that lucid-proposed  apache2 stuff that mdeslaur is talking about, please add that bug to your queue
<zul> ttx: acked
<zul> we need to do an apache-mpm-itk update for hardy if its not done already
<Daviey> zul, mdeslaur is on that one :)
<zul> Daviey: ah ok i just woke up ;)
<mdeslaur> zul: I'll push them out as soon as they finish building
<jdstrand> Daviey: hey. what's up?
<Daviey> jdstrand, OK.. regarding this issue we have been seeing with i386 with libvirt.. /me finds bug number
<jdstrand> mdeslaur: I wonder if we could have a reminder in umt for apache2
<jdstrand> bug #628055
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly: Security Labeling error running aa_change_profile()" [High,Incomplete] https://launchpad.net/bugs/628055
<jdstrand> yes
<mdeslaur> jdstrand: yeah, I was thinking about that
<Daviey> 628055
<Daviey> yes!
<Daviey> jdstrand, OK... pulling a euca libvirt.xml and trying to run it externally gives the same issue
<jdstrand> mdeslaur: there are probably going to be other cases where we need to do funky stuff, so something general where we have '<package>:<commnet>' or something
<Daviey> (on the same box, running a manual libvirt instances DOES work)
 * jdstrand is just thinking otoh
<Daviey> So i'm guessing it's something in the xml which is causing an explosion
<jdstrand> Daviey: interesting
<jdstrand> Daviey: before we go that route. do the instances *ever* start in euca on i386 or they always fail?
<Daviey> jdstrand, I can do one of two things to help... you can ssh to the box i'm seeing this on... or i can try and tar up the whole shindig including disk image.
<Daviey> jdstrand, Well i did get a report of running... but went directly to terminate afterwards... I'm certain it's a red herring - but i didn't check the logs.
<jdstrand> Daviey: ok. that is good-- it consistently fails
<Daviey> I am reasonably conformable saying it's always failing
<jdstrand> Daviey: what is this 'libvirt.xml' file?
<Daviey> jdstrand, pastebin on the way
<hggdh> I thought I had had a mix of failures & starts, but it ended up I was on the wrong version
<Daviey> jdstrand, http://pastebin.daviey.com/QycQ/raw/ <-- this is what euca throws at libvirt
<Daviey> libvirt, naturally adds the defaults.. want to see what libvirt generates?
<jdstrand> Daviey: so that is the domain xml for an individual machine, correct?
<jdstrand> Daviey: yes
<Daviey> yeah
<jdstrand> so there is no uuid, which implies this is doing a 'create'
<Daviey> jdstrand, http://pb.daviey.com/Q8Pm/raw/
<Daviey> that is what libvirt throws out
<mdlueck> Anyone having trouble with US 10.04.1 LTS failing to recognize USB HDD's and USB Flash Drives? I verified and it correctly works with a USB Keyboard, so USB is not totally dead.
<jdstrand> Daviey: right, so euca takes the first, does a create and ends up with the second-- is that accurate?
<jdstrand> Daviey: if you take the second on its own and define it, it works?
<jdstrand> Daviey: (eg, if you change the name and uuid)
 * jdstrand notices the 'sda' and thought euca was moving to 'vda'... (just an aside)
<Daviey> jdstrand, no
<Daviey> the second is what is in /etc/libvirt/qemu/
<Daviey> i defined it, and tried to start
<jdstrand> Daviey: that is what I meant
<Daviey> (expecting it to work)
<Daviey> but got the security labelling error
<mdlueck> And what package should I even open a bug about USB drives not being recognized? The kernel itself, or... ???
<Daviey> which means there is something in the xml it doesn't like
<jdstrand> Daviey: to get the second, it is doing a 'virsh create', no?
<jdstrand> Daviey: or is it creating the 2nd on its own somehow?
<hggdh> mdlueck: open the bug against linux, yes
<Daviey> jdstrand, yeah, from a define i think
<jdstrand> Daviey: I don't understand (that was an either/or)
<mdlueck> hggdh: http://packages.ubuntu.com/lucid/linux correct???
<hggdh> mdlueck: 'linux' means the current kernel *whatever version it is).
<mdlueck> hggdh: K, thanks, I think I got to the correct place. Will log away.
<hggdh> mdlueck: so 'ubuntu-bug linux' will grab all data considered interesting for kernel bugs
<mdlueck> hggdh: Extra thanks!
<jdstrand> Daviey: can you do:
<jdstrand> qemu-img info /var/lib/eucalyptus/instances//admin/i-49C008EB/disk
<jdstrand> Daviey: you know what, I'll take that ssh access
<Daviey> jdstrand, ok :)
<Daviey> jdstrand, i'll get that organised now
<jdstrand> Daviey: ok, thanks
<jdstrand> Daviey: so, am I allowed to do anything I want on this machine to triage this?
<jdstrand> Daviey: hmmm, that machine has no machines defined
<Daviey> jdstrand, you can, yes
<Daviey> it's a throwaway machine
<jdstrand> Daviey: can you get it to the point where it has just thrown the error? I'm sorry, I know next to nothing about euca specifics
<Daviey> jdstrand, ok.. sorry for the delay
<Daviey> jdstrand, are you seeing that?
<jdstrand> Daviey: yes
<Daviey> okay..
<jdstrand> Daviey: how are /etc/libvirt/qemu/*xml being created?
<Daviey> jdstrand, In that case... i found the one euca throws out, and did a virsh define
<jdstrand> ok
<jdstrand> let me see what the problem is, then we can figure out what is causing it
<Daviey> jdstrand, feel free :)
<Daviey> jdstrand, if the box goes bang, it's no concerns
<jdstrand> I shouldn't be doing anything that crazy :)
<Daviey> jdstrand, passwd in ~/PASSWD.txt if sudo times out
<jdstrand> ok :)
<ehcah> Does anyone here have experience setting up dyndns without installing their update client locally?
<pmatulis> ehcah: have you reason to believe that it's possible?
<ehcah> I was running F12 and opendns without a client installed locally?
<Daviey> jdstrand, looks like euca has done a garbage collect
<jdstrand> Daviey: can we stop that? it is kinda a pain
<Daviey> jdstrand, it "is stopped"... or at least the setting is made for this to be the case.
<Daviey> :/
<Daviey> jdstrand, I'll fire another instance over
<jdstrand> Daviey: thanks
<Daviey> done
<jdstrand> Daviey: so, that one started?
<Daviey> geez it has!
<jdstrand> hold on
<Daviey> hmm
<Daviey> euca thinks it has started
<Daviey> (doesn't look like it to me tho)
<jdstrand> Daviey: did it garbage collect again? I need the i-433... or at least something that doesn't keep disappearing
<hggdh> jdstrand: Euca will garbage-collect all terminated instances
<Daviey> hggdh, I've set the value that should stop it! :(
<Daviey> jdstrand, I think we might need to cp -R it.
<Daviey> then if it does collect, we can put it back in place
<hggdh> Daviey: and, of course, you started it CLEAN=1?
<Daviey> i-4BFC08F4
 * hggdh hopes this is it
<Daviey> hggdh, hmm... no
<jdstrand> Daviey: are you restarting libvirt?
<Daviey> jdstrand, no
<jdstrand> meh
<Daviey> hggdh, MANUAL_INSTANCES_CLEANUP=1
<Daviey> jdstrand, i need to go AWOL soon... can you make sure you have a snapshot of that instance incase the garbage collect happens again?
<jdstrand> libvirt is hanging on me
<hggdh> Daviey: and that goes where? In the -cc init?
<jdstrand> ok, there we go
<Daviey> hggdh, i put it in both :)
<Daviey> hggdh, /etc/eucalyptus/eucalyptus.conf
<jdstrand> Daviey: it is gone already
<Daviey> but it's failing to do it
<Daviey> *sigh*
<jdstrand> I'll do it totally outside of euca
<Daviey> one moment
<Daviey> jdstrand, see byobu window "1"
<Daviey> press f4
<Daviey> that is ssh'd to the euca server
<Daviey> if you press return on that, it will fire an instance
<jdstrand> how do I get back?
<Daviey> f3
<jdstrand> no\
<jdstrand> I hit something and it looks like another window was created
<Daviey> yeah
<Daviey> f2 = new window
<Daviey> f3 = previous window
<Daviey> f4 = next window
<jdstrand> gotcha
<Daviey> i think you hit f2 twice
<Daviey> jdstrand, /me afk
<jdstrand> k
<uvirtbot> New bug: #645288 in dovecot (main) "dovecot fails to find mailbox of new users" [Undecided,New] https://launchpad.net/bugs/645288
<zorton> update-grub results in: "/usr/sbin/grub-probe: error: unknown filesystem"
<cdubya> I'm looking for recommendations on vulnerability scanners.....
<zorton> nmap for single hosts, nessus has gone commercial but will scan a small number of hosts under the home license
<zorton> nmap will also do full IP ranges now that I think of it, I suppose nessus is just more comprehensive
<cdubya> zorton, I've used nmap on simpler scans internally (-F -T4 options) but I think that only scans the 100 most common ports. Is there a good reference on setting up "best practice" vulnerability scans that are comprehensive enough?
<zorton> well, if you want more port coverage just increase the port range nmap is using, if you do the full port range it will take more time per host
<zorton> plus if you add in UDP
<SpamapS> zorton: nessus is to nmap as MI5 is to 007 ;)
<zorton> heh, nice one
<SpamapS> I haven't used nessus in like, 5 years. Is it still being updated with new signatures/tests?
<zorton> i've had a pentester run everything with nmap and shell scripting
<zorton> oh yeah, they've just gone comercial now so the plugin feed is free to home use but requires a full up copy for commercial/gov/more than 10 or so hosts
<SpamapS> makes sense that was happening when I was playing with it
<zorton> yeah, nothing really in the OSS world is keeping up and alive
<zorton> writting the plugins takes time and really should be done by someone being paid to do it
<SpamapS> Who says open source precludes being paid to work on it? ;)
<\sh> does anybody has a clue how to prevent udev to overwrite an already created 70-persistent-net.rules file? whatever I do, it doesn't listen to the admin ;)
<SpamapS> \sh: if its in /etc and has been changed, you should be prompted for what to do with it
<\sh> SpamapS: no...what I mean is that /lib/udev/rules.d/75-persistent-net.rules always triggers the write_net_rules script, which overwrites a 70-persistent-net.rules file from /etc/udev/rules.d/ .. I don't talk about packages
<zorton> really? I did a custom name for one of my network devices in that same file and didn't have any trouble
<\sh> zorton: on jaunty that worked...now I can reproduce it all the time
<\sh> now == lucid
<zorton> yeah, this is on lucid
<\sh> zorton: and I write it from scratch I don't change it manually when it was created by first startup
<zorton> ahhh, that might be why it didn't get overwritten.  I'm too lazy to write it from scratch
<\sh> zorton: well actually it's automatically written from scratch from out deployment system
 * SpamapS is completely and totally confused now
<\sh> SpamapS: why?
<uvirtbot> New bug: #645367 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/645367
<ehcah> ! Static IP
<SpamapS> \sh: I don't mess with udev stuff. ;)
<SpamapS> I've struggled mightily to avoid having anything in a server more complicated that 2 bonded ethernet ports. Network complexity belongs on routers/switches/firewalls only.. and I don't use Linux for any of those. ;)
<zorton> i'm with you on that one, the only thing i'm using it for is to give pretty names to the ethernet interfaces, admin, management, recorder and such
<SpamapS> zorton: interesting
<zorton> makes life a little easier that's for sure
<SpamapS> zorton: does it work for say,  tcpdump -i admin instead of tcpdump -i eth0 ?
<zorton> yeah, it's accutaly the same mechanism that keeps eth0 bonded to the right mac address
<zorton> code that accesses the device dosen't care, eth0 is the same as admin
<zorton> just make sure you update /etc/network/interfaces with the right name first :)
<RoyK> zorton: I just came in, but if you have replaced a nic, just reset the udev stuff to get eth0 back
<zorton> RoyK: wan't the issue :)
<RoyK> :)
<zorton> thanks though, i'm currently fighting grub issues
<ehcah> What would I search to find a tutorial on assigning specific clients, static IP's vs. DHCP. My LAN will have a combination of both. All my search's come back with makign eth0 or eth1 on my server static.  :(
<zorton> take a peak at the manpage for interfaces
<RoyK> ehcah: you can use dhcp to assign static IPs
<RoyK> imho a good solution
<RoyK> ehcah: example http://pastebin.com/DYYJ7B8c
<ehcah> That is what I would like to do, but can't find the option. I know on my previous box, there were files under bind dns that contained host hames and host ip's etc...
<RoyK> ehcah: you bind the mac address to a specific IP in the dhcp server
<RoyK> outside of the dynamic scope
<ehcah> RoyK: Thanks' for the pastebin.
<RoyK> dunno what happens if you allocate an address in the dynamic scope, though, but I guess you'll be playing with matches and gasoline
<ehcah> My last box wasn't ubuntu, (F12). Must have been done differently.
<RoyK> ehcah: same dhcp server on the two
<ehcah> I'll paste one of the files from the box I haven't turned off yet.
<RoyK> ISC dhcpd
<ehcah> just a sec.
<uvirtbot> New bug: #645396 in samba (main) "package winbind 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/645396
<ehcah> RoyK: This is an example. The host was already assigned at this point? http://paste.ubuntu.com/498635/
<ehcah> RoyK: On second glance, those may be solely for the purpose of internal DNS?
<RoyK> ehcah: that's just DNS - that won't give you a fixed IP if the PC is offline for some time
<ehcah> k.
<RoyK> if using rfc1918 addresses, just allocate a /24 part for static IPs
<RoyK> say 192.168.0.0/24 for dynamic and 1.0/24 for static, set the netmask to 255.255.254.0 and they're on the same net
<ehcah> I use webmin for management. I know it's not preferred for most of this group. Under DHCP, I have a Host & Host Group option that also allow me to assign a name, or IP via mac address?
<ehcah> ok.
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<RoyK> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<ehcah> Alright. Where it's description talks about not all modules being enabled, will it be difficult for me to install or enable the missing?
<ehcah> Webmin has always been easy for me as it generally picks up everything that is installed on first opening.
<RoyK> ehcah: webmin was written for redhat, but isn't really compatible with debian-based distros
<ehcah> ok.
<ehcah> I'm trying to install ebox now.
<Daviey> jdstrand, Did you have any joy?
<jdstrand> Daviey: I know what is failing. I don't know why yet
<Daviey> jdstrand, OK... that is something :)
<jdstrand> Daviey: please do not turn off that machine. I need the disk
<jdstrand> Daviey: and am copying it over
<Daviey> jdstrand, Okay.. that is fine.
<jdstrand> I'm trying to reproduce locally
<Daviey> jdstrand, I don't suppose you could, erm - run "ssh-import-lp-id davewalker" could you?  I've erm, sort of not made a note of the password.
<jdstrand> INFO: Successfully authorized [davewalker]
<Daviey> Even thought the machine is in arm distance... that just makes life easier :)
<Daviey> thanks!
<jdstrand> sure
<jdstrand> Daviey: btw, I've marked the bug confirmed and assigned it to me
<Daviey> jdstrand, Expect many drinks at UDS.
<jdstrand> hehe
<jdstrand> I know right where the failure happens in virt-aa-helper, I just need to reproduce locally, and then I can hopefully zero in on it
<jdstrand> I think it may be related to all their recent disk probing changes (which virt-aa-helper is affected by), but I need to investigate more
<ehcah> RoyK: Is ebox exclusively firefox or will Google Chrome work also?
<ehcah> Royk: I really don't like firefox. It's a pig. IMO
<RoyK> ehcah: I have no idea - I use the commandline for configuring servers :Ã¾
<ehcah> LOL
<RoyK> ehcah: take some time reading some docs, playing with a system with the commandline, and you'll never go back to some fancy gui trying to do what's done in 30 seconds in the commandline
<RyanP> I'm in need of some routing help. I have a machine with a bunch of OpenVPN tunnels into remote sites. I'd like to route traffic from the local office over the tunnels into the remote sites. I have the VPN tunnels set up, and I know how to setup routing on the local office computers. I'm not sure how to correctly allow the OpenVPN machine to forward packets over the tunnels. How do I do this?
<ehcah> RoyK: Thank you for your assistance.
<RoyK> ehcah: that last comment was not meant as arrogant - just honest
<ehcah> I know. You're a real Linux guy! :)  I'm not, and not offended at all.
<ehcah> I'm trying to do as much command line as possible. But, I need google's assistance for that!!!  LOL
<RoyK> even my windoze-loving boss uses the commandline to configure linux
<RoyK> sure, google (and man pages) are there to help
<ehcah> In the meantime, I'l try to get eBox up and running. The repos installed version 1.5. It looks like there is a 2.0 available under a new name of Zental? Have i got those packages mixed up on the web?
<RoyK> ehcah: not to be a bitch, but if you had spent five minutes looking through the dhcp config, you had been finished by now :P
<ehcah> I actually made those changes before ebox. They were changes I could easily handle.
<ehcah> ebox would work best for me when I'm in unfamilliar territory.
<RoyK> I don't really agree - if you're on unfamiliar territory, explore it and it'll be quite familiar next time you go there
<RyanP> It seems all I need to do is ask here, and then I can figure the question out myself. In answer to the OpenVPN question, it's just a simple NAT, but you have to be sure to actually type the commands correctly, like I wasn't doing.
<cemc> what's the easiest/best way to turn a server install into a desktop install (and back) ?
<nich0s> cemc: What?
<cemc> say I've installed 10.04 server edition, but I want to turn it into desktop (install packages for X, gnome, etc)
<cemc> is it enough to just install ubuntu-desktop package?
<nich0s> I believe that package should cover just about everything.
<nich0s> You'll want to go through updaterc.rc and clear out any daemons set to load on start.
<nich0s> update-rc.d*
<cemc> and can I go back to server after that? or going back is not se easy?
<bobslaede> Hi, Im having a small problem with autofs and sshfs, as it seems that autofs doesnt recognize the pub_keys for the user, where sshfs does
<bobslaede> and Im not fond of the idea of creating pub keys for the root user
<nich0s> cemc: Ultimately you can remove any packages you want to.
<nich0s> cemc: Server edition is simply a base version of Ubuntu set up to function more like a server than a personal computer.
<cemc> nich0s: I know, I was looking for an easy way ;) I guess there isn't, I can't just remove ubuntu-desktop :)
<cemc> or I can do a list of all installed packages when I installed ubuntu-desktop, and apt-get purge them
<ScottK> cemc: In theory, sudo apt-get remove ubuntu-desktop && apt-get autoremove would do it.
<ScottK> You can, although remember that even purge doesn't always put your system back exactly like it was before.
<cemc> ScottK: you think all those packages will be marked 'not needed' because I removed ubuntu-desktop? ;)
<ScottK> Since they are pulled in by ubuntu-desktop and not installed directly, that should be the case.
<ScottK> No promised though.
<ScottK> (I'd still keep the list)
<nich0s> pipe it in to a install log.
<RoyK> cemc: if you want server and desktop on the same box, just install desktop and disable X when you don't need it anymore
<RoyK> cemc: ubuntu desktop and server is really the same thing
<cemc> I know, I was merely wondering about the theory in doing server->desktop and back
<cemc> thanks for the tips
<RoyK> cemc: just install desktop - the only problem will be that it's not supported for 5 years, but only a mere 3 years
<u92> what is a .listing file is it like a thumbs.db?
<cemc> RoyK: I guess that's ultimately is decided for every package individually, right?
<RoyK> cemc: not sure, but then, I don't use desktop distros for my servers
<nich0s> bobslaede: Something like http://www.tjansson.dk/?p=84 should help you out.
<cemc> if you install ubuntu desktop it doesn't mean you won't get ANY updates after 3 years, you should get updates for 'server packages' if you have any installed, maybe you won't get update for say firefox
<cemc> but you should get updates for postfix, squid and the like, hm?
<nich0s> cemc: That's going to depend on which repos you're pinging with apt-get.
<nich0s> cemc: you should be able to uncomment the lines for universe, etc.
<ScottK> nich0s: No.  All the server and desktop packages are in the same repository
<RoyK> cemc: use a server distro for a server
<nich0s> cemc: /etc/apt/sources.list, I believe.
<lamont> nich0s: there's no diff between the server and desktop repos
 * RoyK doesn't get why anyone would want X on a server
<lamont> some people like guis on their servers.  I've never really understood that so much either
<RoyK> well, X libs, of course, but then you can run commands over ssh
<cemc> RoyK: I don't, it's just for argument's sake
<RoyK> menus belong in restaurants :)
<cemc> :)
<ehcah> Anyone using ebox 2.01 (Zentyal) and reccomend bypassing 1.5?
 * RoyK diverts ehcah to vimtutor
<bobslaede> nich0s: thanks
<bobslaede> nich0s: went with the root public key
<RoyK> erm - do you allow root ssh logins?
 * RoyK thinks that's a BAD idea
<bobslaede> RoyK: root login? not really
<bobslaede> RoyK: if that was for me anyway
<bobslaede> RoyK: its just that autofs doesnt see the correct public keys, like sshfs on its own does
<bobslaede> apparently still using the correct user to login
<bobslaede> altho im not 100% sure
<bobslaede> but it works now
<cemc> say I'm logged in as a user and want to do sudo command > afile.txt in a directory I don't have write permissions to as a normal user, how can I work around this?
<nich0s> sudo -i
<nich0s> sudo command > /dir/you/have/write/access/to/something.log
<cemc> I knew this ;) no other way?
<cemc> that the logfile gets written directly to the current dir?
<cemc> http://pastebin.ubuntu.com/498693/
<_Techie_> cemc, sudo command > /tmp/afile.txt && sudo mv /tmp/afile.txt ./
<cemc> :)
<_Techie_> that should do the trick
<cemc> I knew this trick ;) is there any trick that doesn't require this one? :)
<_Techie_> not that i can think of at 7a
<_Techie_> 7am*
<cemc> it's insane how fast a 10.04 server boots as a kvm guest ;)
<jdstrand> Daviey: you can destroy that instance. I have what I need now and can reproduce locally
<Daviey> jdstrand, ok - great.. i'll turn them off, as they are making the room warm now :)
<Daviey> jdstrand, thanks for looking into it
<jdstrand> Daviey: sure
<WinstonSmith> hi ppl :) . just updated an remote server. is there a command that would let me restart all the affected services (apache, mysql, etc) in 1 go? or restart the whole runlevel? thx
<nich0s> WinstonSmith: You could run a for loop.
<WinstonSmith> nich0s, but that would require me knowing all the affected services
<nich0s> WinstonSmith: That would be helpful information to have.
<WinstonSmith> i sure could write a script that starts & stops a lot of services with a loop but i was looking for a way to "restart the runlevel" so to speak
<nich0s> I'm not familiar with a way to restart a runlevel outside of reboot.
<WinstonSmith> nich0s, ok. another thing learned. thanks !
 * WinstonSmith goes away to script 
<guntbert> !runlevel | nich0s WinstonSmith  (just as a reminder)
<ubottu> nich0s WinstonSmith  (just as a reminder): In Ubuntu all runlevels except 0,1 and 6 are by default equal. Also keep in mind that Ubuntu now uses !Upstart instead of System V init so there is normally no /etc/inittab.
<WinstonSmith> guntbert, thank you. but in my (very) limited knowledge the implementation of upstart is far from complete?
<guntbert> WinstonSmith: that seems to be true, but that doesn't alter the fact that !all runlevels except 0,1 and 6 are by default equal"
<WinstonSmith> guntbert, cause it seems not all services can be controlled properly by the "service" command
<guntbert> "all...
<guntbert> WinstonSmith: yes, some services are still handled by sysv init - but no differences between runlevels
<WinstonSmith> guntbert, yes ok
<WinstonSmith> guntbert, just curious : how does on add a service to upstart like update-rc in sysv?
<Four2zero> can ubuntu-server show the repos what's available such as version numbers of a software thats available without doing actual download first ?
<Four2zero> is there a command for that ?
<guntbert> WinstonSmith: not surem have a look at insserv please
<WinstonSmith> ok cheers have a nice 1
<g0tcha> anyone have a script that auto adds ip addresses if the server got rebooted by any chance?
<guntbert> g0tcha: ?
<g0tcha> guntbert, i have a HE tunnel setup on my ubuntu server, if it gets rebooted, i have to readd everything manualy
<g0tcha> so i thought mayb someone has a script that does it automaticly or something
<guntbert> g0tcha: aha - no idea, sorry
<Four2zero> can ubuntu-server show the repos what's available such as version numbers of a software thats available without doing actual download first ?
<Four2zero> is there a command for that ?
<g0tcha> guntbert, np thanks for trying dued
<guntbert> Four2zero: aptitude search ..., and aptitude show <package>
<Four2zero> thank you guntbert
<guntbert> Four2zero: you're welcome :-)
<Kyle__> how do you setup a syslog server with rsyslogd?
<Kyle__> There's no refrence to how to do it in the man page that Ic ould find.
<savid> Hi, I have a script in /etc/cron.d,   but I'm not sure if it's running.  Is there a way to verify whether or not the script is being executed?  Is there a log somewhere I can check?
<nakhlawi> savid: ps -ef | grep <script name>
<savid> nakhlawi,  it'd be difficult to tell using ps when it's just a cron.  The command runs very quickly.
<savid> nakhlawi,  I'm pretty sure the command isn't running.  Just can't figure out why.
<nich0s> savid: Add a line to the end to the script which appends the time and date.
<savid> nich0s, huh?  appends to what?
<savid> If I place a crontab in /etc/cron.d,  that crontab should be processed, right?
<nakhlawi> try this: grep -l CRON /var/log/*
<guntbert> !details | Kyle__
<ubottu> Kyle__: Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<nakhlawi> savid: also: grep CRON /var/log/*
<savid> Ok, I see where cron logs things.  I don't see anything about my crontab that I entered.
<nakhlawi> savid: it means your script didn't run
<savid> http://dpaste.com/247544/
<savid> nakhlawi,  yeah,  I'm trying to figure out _why_ it didn't run
<savid> I have it set up for ever minute
<guntbert> savid: did you give full paths to the files you want executed?
<savid> guntbert, yes, but even if I didn't, shouldn't I see an error somewhere?
<nakhlawi> savid: try adding it in /etc/crontab
<guntbert> savid: not necessarily
<savid> If I copy and paste the command into the shell it works fine
<savid> guntbert,    shouldn't   /etc/crontab be referring to cron.d ?  I don't see it in there
<guntbert> savid: in your shell there are search paths set wich are probably not set in the cron environment
<savid> guntbert,  I'm using absolute paths
<savid> guntbert,  http://dpaste.com/247544/
<uvirtbot> New bug: #645532 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/645532
<guntbert> savid: for a test: put a simple line there (use logger to write to the syslog) and try that
<savid> guntbert, it's working when I crontab -e root's crontab.
<guntbert> savid: I see - I have to tell you that I'm already to tired to think properly - sorry
<savid> guntbert, tell me about it :-P
<jdstrand> Daviey: I have the fix for bug #628055
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly: Security Labeling error running aa_change_profile()" [High,Confirmed] https://launchpad.net/bugs/628055
<guntbert> savid: then call it a day and try tomorrow :-)
<savid> guntbert,  heh,  unfortunately I have deadlines :-P
<savid> oh well,  I'll keep working at it
<guntbert> savid: Good luck :-)
<pretto> can anyone show me why this is not working using iptables dnat http://pastebin.com/aevKupST? thanks in advance
<Ad0> hi
<Ad0> I have issues compiling a v4l2 driver
<Ad0>  media/v4l2-ioctl.h: No such file or directory
<soren> pretto: What do you expect it to do?
<Daviey> jdstrand, you are full of awesome
<Ad0> I guess I have to run and set up the script
<Ad0> oops
<pretto> soren, just to redirect http from external port 8080 to internal server at port 80
<ewook> hey, anyone had perl , 5.10 it seems start bailing out on ya?
<pretto> soren, as you can see the firewall is just a router
<ewook> upgraded to latest patches (10.04), rebooted, and now things are just plain broke. did a new apt-get upgrade, it started to "re-install" bunch of packages, but still, ie - irssi is busted for my regular user, but now at least runs fine for root.
<soren> pretto: And what happens?
<pretto> soren, from outside it shows filtered when i do a nmap -p 8080 serverip
<pretto> soren, if i use the browse it ends in a timeout
<soren> pretto: And you're sure a) something is listening on  192.168.0.30:80 and b) that you can actually reach port 8080 on that box from the outside?
<hallyn> zul: around?
<hallyn> zul: for bug 645082, should i propose the trivial patch adding gawk to depends in debian/control, or do you want to handle it with upstream some way?
<uvirtbot> Launchpad bug 645082 in bacula "bacula misses requirement of gawk" [High,Confirmed] https://launchpad.net/bugs/645082
<pretto> soren, yes, I can even ssh the server from the outside
<soren> pretto: On port 8080?
<pretto> soren, no 22
<pretto> the only one i want to redirect to another server is the port 80 soren
<soren> And I'm asking whether you're sure you can reach that port from the outside.
<soren> And you answer that you can reach another port.
<soren> which isn't what I'm asking.
<pretto> yes, i do
<soren> win 61
<soren> Whoops
<pretto> soren, i can, the log shows it in the forward
<jdstrand> Daviey, ttx: ok, uploaded fix for bug #628055. Can you guys follow up with whoever you need to to get that accepted? the debdiff is in the bug
<uvirtbot> Launchpad bug 628055 in libvirt "Instances don't start correctly on 32bit systems with large disk files" [High,Fix committed] https://launchpad.net/bugs/628055
<Daviey> jdstrand, Thanks... i'll try and chase the release team - as it would be nice to get it on tomorrows ISO
<jdstrand> Daviey: sounds great
<ehcah> I'm going to get laughed at - again - but I can not get vnc working correctly. My xstartup file appears to be fine, but some files it references are not. I have an error opening the security policy, can init several files and finally a permission error. Does seem to matter if i start VNC as root or me?
<_Techie_> is the release date for maverick 10/10/2010, or 11/10/2010 ?
<EtienneG> _Techie_, the former
<_Techie_> anyone wanna integrate a ssh server and some form of implementation of screen, so that i can re inatll my server without having to rip a graphics card out of my desktop to use the installer
<uvirtbot> New bug: #645630 in samba (main) "Unable to connect to CIFS host" [Undecided,New] https://launchpad.net/bugs/645630
#ubuntu-server 2010-09-23
<JasonMSP> im having problems setting up virtual users with VSFTPD.  I have VSFTPD working by itself. when i try to login with a virtual user it says login info incorrect.  Im sure that the problem is in the pam.d configuration file.  http://howto.gumph.org/content/setup-virtual-users-and-directories-in-vsftpd/  Im using this setup.  The error I get is "530 Login incorrect."
<Four2zero> hello everyone, i have installed vlc 1.0.6 on ubuntu-server 10.4 and when i try to access via local-host i get a prompted username and password, which i do not have, however it does say something "the site syas: "network camera"
<Four2zero> how can i get around this ?
<Four2zero> i do own this box
<Four2zero> and i do not have a network camera.
<Four2zero> any suggestions is apreciated.
<hmca> !undelete
<ubottu> Some tools to recover lost data are listed and explained at https://help.ubuntu.com/community/DataRecovery - Recovering deleted files on !ext3 filesystems can be virtually impossible, although methods that might work is some cases are described at at http://www.xs4all.nl/~carlo17/howto/undelete_ext3.html and http://projects.izzysoft.de/trac/ext3undel
<aetaric> eh. how about recover files from xfs :p
<uvirtbot> New bug: #645654 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/645654
<osmosis> why did #ubuntu-virt  go invite only?
<Kooothor> plop
<zul> hallyn: yes please
<ohad_> hello
<ScottK> osmosis: IIRC there was a view that we had too many server IRC channels and so we're trying to consolidate.
<ohad_> is there a way to go back to the real #ubuntu channel? I used to be able to enter that channel and now I can't. And I've never been a registered user.
<ohad_> I also have a question that maybe someone could help me with. I'm using lucid (on my laptop, not a server edition) and I was wondering if someone can tell me what's a normal quantity of processes that should run in the background? I have some 60 processes running...
<ScottK> ohad_: Both of those questions are off topic for this channel.  You might try to join #ubuntu-irc and ask why you can't join #ubuntu.
<hmca> ohad_: ibook g4 800mhx 512mb ram,  pas aux | wc -l gives me 170, maverick development , got it  Scottk
<uvirtbot> New bug: #632202 in whois (main) "whois 5.0.7 tries to overwrite mkpasswd" [Undecided,Fix released] https://launchpad.net/bugs/632202
<Four2zero> anyone running vlc streaming server on ubuntu-server ?
<Four2zero> im trying to get this streaming to work on local lan but haveing no luck with it.
<Four2zero> any feed back is appreciated
<Four2zero> http://pastebin.ca/1946995
<Four2zero> when i run command: vlc -I http
<Four2zero> the video lan channel is responding to my posts....!
<Four2zero> " is not"
<ScottK> Excellent.  After the feedback that community people feel like Ubuntu Server is just cloud and not about traditional servers anymore, response that, no, that wasn't true, for the next UDS, there's no mention of server at all in the tracks, just cloud.  http://uds.ubuntu.com/tracks/
<hmca> regarding my !undelete, photorec recovered 118000 something files, many kernel-sources i think... , i think this could qualify a server/maintenance/admin  question on a ubuntu server, trying to recover a SentMails Maildir Folder for a company with no backups, a simple cat */* | grep company allready showed me that the emails have been recovered , can someone give me a hint on how to seperate the emails files from the reste of those 118000 fil
<hmca> es, my apologyes if wrong channel
<hmca> sorry long line
<JanC> hmca: sounds like an interesting problem, good luck!  âº
<JanC> and photorec is totally awesome
<hmca> JamC: :) kind off , i keep forgeting stuff , but basicly the worst is done, if it wasnt for the fact that there are k's of .c .h files ..... ,   photorec saved my 2am day in one hour, had the same problem on an hfsplus fs of 10TB and i took 140hours ...
<kuttan_> Hi , where can I get this file config.flavour.core2 , i tried search for it - no luck. Could somebody help me with a link
<kuttan_> this if for kernel building
<kuttan_> Oops this is for kernel building
<Antyx> Can anybody suggest a PCI wireless card (preferably cheap) to use with ubuntu server 10.04 natively?
<chrismsnz> Hey guys, I want to configure my servers to boot even when I have a degraded disk array
<chrismsnz> I found the command to run and it just seems to be echoing an environment variable to the initrd configuration
<chrismsnz> do i need to rebuild the initramfs or something before i reboot for this to take affect?
<Antyx> ...Seems to quiet to be useful...
<chrismsnz> yeah can be quiet
<chrismsnz> i keep an eye on things and help if i can, but if i don't know much about it I just be quiet :)
<Antyx> You dont by chance have a wireless card in your ubuntu server do you ?
<chrismsnz> nope, all rack-mounted beasts
<Antyx> ...someday I'll get there...
<chrismsnz> Antyx: Ubuntu's wifi support is getting quite good these days
<chrismsnz> to be safe, I'd stay away from the N cards as they're newish and often have poor support
<chrismsnz> More important than the brand of card you buy is the brand of the chipset on the card
<chrismsnz> that's what ubuntu really has to work with
<chrismsnz> So: Go to your favourite hardware retailer, pick a few cards that you might like, look up their model numbers using google and see if any others have some experience with that particular chipset or card
<chrismsnz> for the record I had a dlink card in my desktop that worked OK under 9.10 - i've since got rid of it so not sure what model it was
<Antyx> Thanks for the advice...I'll take a look at what the chipset is, then search for it  :)
<chrismsnz> you may have to use google to find the chipset even - manufacturers don't really like to tell people :\
<chrismsnz> Also, take a look over here and see if helps: http://wireless.kernel.org/en/users/Devices/PCI
<chrismsnz> Finally, https://help.ubuntu.com/community/WifiDocs/WirelessCardsSupported
<chrismsnz> should help you
<Antyx> both links look useful!  Thanks for the help!!!
<stevieB> i'm trying to setup an ec2 instace; i want to use the most basic ubuntu 10.04 install; how do i pick an ami and what would you recommend?
<uvirtbot> New bug: #645745 in puppet (main) "Some package dependency should be moved to puppet" [Undecided,New] https://launchpad.net/bugs/645745
<Four2zero> hey guys how can i check in ubuntu-server to see if port 8080 is being used or not ?
<scar> Four2zero, maybe with netstat?
<SpamapS> Four2zero: sudo netstat -tnlp
<SpamapS> best command evar ;)
<Four2zero> i found that command already.
<Four2zero> thanks
<Four2zero> to the reply
<SpamapS> oh you can also use fuser
<SpamapS> sudo fuser -n tcp 8080/tcp
<SpamapS> with -v .. its pretty comprehensive. :)
<Four2zero> okay. does anyone know how to disable this: /etc/dhcp3/dhclient-enter-hooks.d/ebox-enter: line 8: /etc/init.d/ebox: No such file or directory
<Four2zero> every time i do /etc/init.d/network restart
<SpamapS> Four2zero: dpkg -S /etc/dhcp3/dhclient-enter-hooks.d/ebox-enter
<SpamapS> Four2zero: that will tell you what package owns that file
<SpamapS> my guess is you've removed, but not purged, ebox
<Four2zero> right on, but i removed with #sudo apt-get -V purge ebox
<Four2zero> and following #sudo update-rc.d -f ebox remove
<Four2zero> here is the output of that command you gave me: ebox-network: /etc/dhcp3/dhclient-enter-hooks.d/ebox-enter
<ttx> jdstrand, Daviey: great work on libvirt/i386 !
<Four2zero> SpamapS google is not telling me how to remove it or disable it. ?
<Four2zero> i think i may have found it.
<Four2zero> ebox-enter file was still in the dhcp3/dhclient-enter-hooks.d/ directory
<yann2> soren, sorry to disturb, but could you remind me the PPA for python-vm-builder for lucid that has many bugs fixed?
<yann2> ok I think I found it https://edge.launchpad.net/~vmbuilder/+archive/daily/+packages
<Ad0> hey, how do I get the v4l2 headers in the server kernel headers?
<scar> Four2zero, ebox-network probably needs to be removed/purged as well
<Four2zero> scar it had to be manually removed since i have officially remove from the dhcp3/...directory
<Four2zero> every thing is good now.
<Four2zero> thanks for the reply
<scar> cool
<uvirtbot> New bug: #645808 in dovecot (main) "mail-stack-delivery wont install: preinst: 67: Syntax error: end of file unexpected " [Undecided,New] https://launchpad.net/bugs/645808
<Ad0> whelp
<rahman> Hi, any freeradius experts around?  I am trying to authenticate users via their postfix mail adress and password. Users stored in OpenLdap and I have configured radius to look for mail attribute for username. The user passwords are stored in md5 base64 format in OpenLdap. The problem is PAP is assuming that user password is in plain text thus it comparing "123456" againts "{MD5}4QrcOUm6Wau+VuBX8g+IPg==" so it fails.
<lifeless> SpamapS: so, solr
<slide23> Does anyone know how to do a DynDNS type service off my own server? I have a webserver and I want to use a subdomain for my home comp but it changes
<Raboo> slide: you can use everydns
<Raboo> for instance you can have your domain.com and add the records NS for subdomain.domain.com and point the NS to everydns
<slide> Raboo, i dont want to use my own nameservers =\
<Raboo> everydns.net
<slide> oh i see
<slide> thanks
<bobslaede> Does anybody know if autofs can leave the mount folder in place when a mountpoint is not mounted? So that the dir to be mounted would still be visible even though it wasnt mounted yet?
<Martens1984> anyone knowing somthing about vmserver on ubuntu? not like the VMWare server, but like the 'minimum install virtual machine
<soren> Martens1984: What do you want to know?
<soren> ScottK: Still around?
<ScottK> soren: Sort of
<soren> ScottK: Cool. So this it the openstack release schedule: http://wiki.openstack.org/Release
<soren> ScottK: I'm wondering how to best make that fit with Maverick's release schedule.
<ScottK> Complain bitterly about the 10.10.10 thing?
<soren> ScottK: I'm shooting for something that will actually make a difference.
<ScottK> It's not in the archive at all right now, right?
<soren> ScottK: I don't think anyone really gains anything by having Ubuntu push its release data at this point.
<soren> Oh, sure it is.
<soren> All of it.
<soren> Has been for quite a while.
<ScottK> OK.
<soren> Well, it feels like quite a while. Probably a month or so.
<ScottK> So you want to update it.
<soren> Before Feature Freeze.
<soren> Right.
<ScottK> OK.
<soren> I have two milestones I want to upload to Ubuntu before Maverick releases.
<soren> One is almost ready and removes a dependency that I'm quite keen to be without at release time.
 * ScottK nods
<soren> The second is less very well defined.
<soren> ...but falls after our (OpenStack's) feature freeze, but obviously before Maveric's release.
<ScottK> OK.
<soren> These are all leaf packages, so they shouldnt' affect anything else.
<soren> ...and I fully expect to SRU the final release.
 * ScottK isn't on the sru team, so somebody else's problem ...
<soren> I'm really just pointing all this out so that it doesn't come as a surprise that I want to refresh the packages another couple of times before elease.
<soren> ScottK: Right, right.
<ScottK> Is milestone one to milestone two bugfix?
<soren> No.
<soren> But milestone two to final release is.
<SpamapS> ScottK: speaking of rackspace sponsored exciting software that needs updating before Maverick's release.. I've been working with mtaylor on Drizzle..
<soren> So says my crystal ball, at least.
<ScottK> OK.  File an FFe bug explaining the whole plan.
<soren> ScottK: Cool. Will do.
<ScottK> SpamapS: Is it in Debian yet?
<SpamapS> ScottK: thats where we're stuck right now.. google protobuf is a different version in sid (higher), so the symbols are incompatible.
<soren>  drizzle | 2010.03.1347-1 | sid | source, all
<ScottK> SpamapS: OK.  What's your recommendation?
<SpamapS> ScottK: that we not try to sync it because of that.
<SpamapS> ScottK: it would end up being a merge anyway.
<SpamapS> ScottK: I do think we should have a -0ubuntu1 version that is just the upstream update.
<ScottK> SpamapS: I'd still like to see it in Debian first, even if there is a merge needed.  If this new update is so wonderful, he ought to be willing to upload it there.
<SpamapS> Monday's tarball would be the ideal version, as it is the first beta release of drizzle, and they're guaranteeing backward compatibility with it going forward.
<soren> \o/
<SpamapS> And there's no resistance to uploading it into sid.
<ScottK> OK.
<SpamapS> Just checking in with you about the symbols issue.
<soren> I didn't know they were this far along. That's awesome news.
<SpamapS> So if it hits sid early Monday, and we get the symbol issue merged shortly thereafter, are you still good with a final freeze exception on Monday?
<ScottK> SpamapS: Yes.
<SpamapS> ScottK: OK, I will make sure that happens. This is really us doing Drizzle a big favor.
<SpamapS> having the beta in Maverick is really good for them.
<SpamapS> soren: have you played with it lately?
<SpamapS> soren: the thing is *tight*
<soren> SpamapS: It's been a couple of months, I think.
<Kooothor> Question : Why is it unnecessary to open port 443 to connect in https ?
<SpamapS> Kooothor: you are connecting from  yourbox:randomport -> server:443
<Kooothor> SpamapS: yep
<Kooothor> I can connect in https with port 443 supposedly closed.
<SpamapS> Kooothor: what makes you suppose that it is closed.
<Kooothor> SpamapS: nevermind, now it doesn't work anymore, maybe I just reloaded a cached page...
<soren> ScottK: bug 645936 filed. Thanks for your help.
<uvirtbot> Launchpad bug 645936 in nova "[FFe] Plan for Nova for Maverick" [Undecided,New] https://launchpad.net/bugs/645936
<ScottK> Looking.
<ScottK> soren: Is the other bug I commented on a dependent variable in this or completely separate?
<soren> ScottK: Dependent variable.
<soren> I should point that out..
<ScottK> Yes.  Please.
<soren> Done so.
<ScottK> And what is the expected date of this magical feature freeze?
<soren> ScottK: It says in the bug. Sep 30th.
<Ad0> hey, how do I get the v4l2 headers in the server kernel headers?
<Ad0> I can't compile a v4l2 driver
<Ad0>  media/v4l2-ioctl.h: No such file or directory
<Ad0> it's supposed to be in 2.6.27 and later
<Ad0> and I got 28
<Ad0> err no...
<Ad0> I got 24 :(
<soren> Ad0: Running Hardy?
<Ad0> yeah
<Ad0> and I have so much stuff set up on it that I kinda don't want to upgrade heh
<Ad0> don't want to break it
<soren> Well, if you need a newer kernel, you need a newer kernel. Upgrade.
<Ad0> I guess so soren
<Ad0> can I do an upgrade directly to the newest one?
<Ad0> or do I have to do each version
<soren> "directly"?
<soren> Oh.
<Ad0> yeah hardy -> 10.4
<soren> Hardy->Lucid upgrades are supported.
<Ad0> ok
<Ad0> it's a headles server so I have to do this by console
<Ad0> headless*
<soren> We support LTS->LTS upgrades, so Hardy->Lucid is fine. We also support LTS->Next-non-LTS-release, so Hardy->Intrepid is also fine.
<Ad0> cool
<soren> ..but e.g. Hardy->Jaunty needs to go through Intrepid first.
<Ad0> I'll just go to the newest one at once
<soren> Use do-release-upgrade
<Ad0> ok thanks a lot soren !
<ScottK> soren: OK.
 * SpamapS groans at the absolute insanity that it takes ot get a CentOS 5 server running php 5.3
<\sh> I never used CentOS ;)
<ttx> ScottK: I'll sponsor the fix for bug 645808 and let you review it in the queue
<uvirtbot> Launchpad bug 645808 in dovecot "mail-stack-delivery wont install: preinst: 67: Syntax error: end of file unexpected " [High,In progress] https://launchpad.net/bugs/645808
<ScottK> ttx: Great.
<uvirtbot> New bug: #645956 in clamav (main) "appamor denying clamd access to its own process" [Undecided,New] https://launchpad.net/bugs/645956
<ScottK> soren: I approved all that.  On the bug for your nova plan, just keep it updated and then close it with your last upload.
<soren> ScottK: Fantastic, thank you!
<zul> morning
<JamesPage> zul: morning to you to :-)
 * zul thinks he almost got sprayed by a skunk this morning
<zul> JamesPage: how is the bug triaging going?
<JamesPage> zul: OK - one Server MRS raised with ttx; just looking at an apache upgrade issue (which seems to have cropped up a number of times)
<zul> JamesPage: cool
<ScottK> ttx: Accepted.  Thanks.
<ttx> ScottK: you're welcome, thank you !
<zul> Daviey: *cough*
<Daviey> zul: ;)
<hggdh> ttx: have you thougth of asking for bug-control membership for the server team?
<ttx> hggdh: the canonical-server one ? The other one is almost completely open
<ttx> hggdh: what are your criteria for acceptance ? A beer at the bar ?
<hggdh> ttx: I would rather have the community one (but this is personal preference)
<hggdh> ttx: beer in the bar sounds good enough ;-)
<ttx> hggdh: the ubuntu-server team is opened to every ML subscriber, so that may lower your own criteria
<hggdh> ttx:  yes, this goes against...
<ttx> I'd rather keep the usual individual procedure.
<ttx> hggdh: set up an interview with JamesPage to check he has common sense :)
<hggdh> ttx: the criteria are: (1) closed/restricted teams; a member of the team set as a 'responsible driver'
<hggdh> ttx: and yes, I was looking at JamesPage's work, and it sounds pretty much sane (as I expected ;-)
 * JamesPage glad I've managed to keep my sanity :-)
<ttx> JamesPage: that shouldn't last long, trust me
<hggdh> LOL
<hggdh> yes, goes with the territory
<ttx> JamesPage: wait until a canadian caveman throws Mentos at you the whole day.
<ttx> though in your case, working with java should turn you insane faster.
<hggdh> JamesPage: meanwhile, please ping me when you need status/importance change
<JamesPage> ttx, hggdh: maybe I'll setup hudson todo a daily check on my sanity and email you all if I've gone over the edge
<screen-x> Hello All, anyone know if there are any plans to collaborate with openstack for uec?
<hggdh> JamesPage: now, why stop on only checking yourself? Check the whole team... just be sure to lower the minimum sanity level required...
<JamesPage> ttx: spot on - I've looked a three 'enable test suite' bugs related to Java and none of them work in the same way (or at-all in some cases...)
<JamesPage> hggdh: will have to think of some test cases to measure general sanity in that case to make sure we get a trend...
<hggdh> A starter test: if throwing Mentos, sanity -= 200
<JamesPage> I'll have to introduce you to the scoreboard functionality at some point in time - great for this sort of thing :-)
<JamesPage> hggdh: I do have a couple of queries re triaging if you have a few mins?
<zul> ttx: ping
<zul> ttx: dude...caveman?
<zul> i got a haircut last night
<hggdh> zul: very good answer! :-)
<JamesPage> hggdh: you beat me to it (bug 645745)!
<uvirtbot> Launchpad bug 645745 in puppet "Some package dependency should be moved to puppet" [Low,Triaged] https://launchpad.net/bugs/645745
<hggdh> JamesPage: shoot
<hggdh> I have the time
<ttx> zul: pong
 * patdk-wk fires a shot at hggdh
 * hggdh ducks
<ttx> zul: what makes you think I'm speaking about you ? :)
<zul> ttx: then you are talking about mdeslaur then? :)
<ttx> zul: maybe. Does he throw any Mentos ?
<zul> ttx: not yet....but we could always get him started next month
<mdeslaur> wth are "Mentos"
<Daviey> hggdh, hmm there are three teams... ubuntu-server (pretty open to all), ubuntu-server-dev (member of ubuntu-dev, therefore bug control) and canonical-server (not relevant IMO)
<hggdh> Daviey: then you are all covered (including JamesPage). Cool, thank you.
<Daviey> \o/
<hggdh> mdeslaur: a menthol candy, loved by ttx (and distance-provided to him)
<JamesPage> hggdh, Daviey: not sure I'm a member of ubuntu-server-dev
<Aqaz> lol
<hggdh> JamesPage: for server-dev you need ttx to act on it
<Daviey> JamesPage, That team gets you upload access to the package set for ubuntu-server.  You will need to build up some history, then ask the relevant board to be allowed access :(
<JamesPage> Daviey: thought so; feels like I need to build some experience; however means I need a triage buddy until then :-(
<Daviey> JamesPage, you can independently request membership :)
 * hggdh reminds JamesPage of self
<Daviey> hallyn and SpamapS recently did this... and it went well for them.
<JamesPage> Daviey: thats true - build up my triage experience today for my application :-)
<Daviey> cool!
<Daviey> JamesPage, Read the mailing list for history of previous applications to see what you need to compare against
<JamesPage> Daviey: thanks for the tip
<hggdh> JamesPage: when you request membership in -control -- it helps if (1) you show good bugs (in triaging work), and that a member of, say, server-dev, vouches for you
<JamesPage> hggdh: thanks - will do (assuming one of them will :-))
<hggdh> JamesPage: then there will be a review of the application and, with two positive votes, you get it. The vouch counts as a positive vote
<hggdh> JamesPage: finally, I usually do not throw stones on the applicants ;-)
<patdk-wk> hmm, two positive votes?
<hggdh> patdk-wk: yes
<hggdh> or two negatives -- which means you will not be accepted on that specific application
<hggdh> it there is a mix of positive/negative, it will be up to the -control administrators
<uvirtbot> New bug: #646032 in samba (main) "package winbind 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 127" [Undecided,New] https://launchpad.net/bugs/646032
<hggdh> ttx: how do we split samba issues between server and desktop?
<ttx> hggdh: it becomes desktop when it's not samba anymore
<ttx> hggdh: like a gvfs issue
<Ad0> oops
<Ad0> hey
<Ad0> virtualhost stopped working after apache upgrade :S
<Ad0> from hardy to lucid
<uvirtbot> New bug: #564678 in libvirt (main) "unable to add existing storage image to KVM" [Undecided,Confirmed] https://launchpad.net/bugs/564678
<Ad0> fied it
<uvirtbot> New bug: #646054 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu7.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 3" [Undecided,New] https://launchpad.net/bugs/646054
<dv_> hi guys
<dv_> where are the virtio modules for the server kernel in 10.04 ?
<Ad0> soren: now it worked with the driver :)
<Ad0> upgrade was pretty good
<soren> Ad0: Great :)
<JamesPage> zul: any chance you could take a look at bug 645630 to see if I'm missing something
<uvirtbot> Launchpad bug 645630 in samba "Unable to connect to CIFS host" [Undecided,Incomplete] https://launchpad.net/bugs/645630
<zul> JamesPage: sure gimme a sec
<zul> JamesPage: thumbs up
<JamesPage> zul: thanks
<permalac_> hi , there is anyone with experience on fibrechanel with multipath?
<JamesPage> zul: I think that we may have a regression issue in lucid - bug 512975 looks like it may have been re-introduced in dovecot-1:1.2.9-1ubuntu5 - report of the same issue in bug 645288
<uvirtbot> Launchpad bug 512975 in dovecot "mail_location not set and autodetection failed: Mail storage autodetection failed with home=/home/USERNAME" [Medium,Fix released] https://launchpad.net/bugs/512975
<uvirtbot> Launchpad bug 645288 in dovecot "dovecot fails to find mailbox of new users" [Undecided,New] https://launchpad.net/bugs/645288
<patdk-wk> permalac, heh, just works for me :)
<zul> uvirtbot: *sigh* ill take a look this afternoon
<uvirtbot> zul: Error: "*sigh*" is not a valid command.
<zul> i mean JamesPage:
<JamesPage> zul: thanks :-)
<JamesPage> permalac_: whats your question? might be able to help
<permalac_> JamesPage: lets see
<permalac_> I have a storedata device : SD Raid 2*7260-R-16F-SA
<permalac_> through our NAS is pressented with multipath to my 2 fiberchanel cards
<permalac_> I've rebooted the server and installed mdadm
<incidence> Hi, when ever I run aptitude/apt-get, I get error: syntax error: unknown user 'nsd' in statoverride file
<incidence> and apt exits
<permalac_> when installing it said Possible missing firmware /lib/firmware/2.6.31-14-generic/ql8100_fw.bin for module qla2xxx
<permalac_> but what I have is a ql ISP2532-based
<permalac_> so, I do not worry on this.
<permalac_> but, and here is my problem. I have no knowledge on what to do it to be able to format it.
<permalac_> fdisk -l don't show it to me
<permalac_> any guess JamesPage
<JamesPage> permalac_:  which version of ubuntu are you running?
<permalac_> JamesPage: 9.10
<hallyn> zul: around?
<zul> hallyn: yes
<hallyn> zul: cool.  regarding dailydeb,
<hallyn> zul: i removed source/format like you'd suggested, but now patches aren't being applied :)
<zul> hallyn: *sigh* lemme check something
<hallyn> zul: do you ahve a better suggestions?  1.0 (quilt) was failling bc of some dependency, while 3.0 (quilt) failed due to knwon bug...
<hallyn> ok
<zul> hallyn: not yet :)
 * hallyn waits patiently :)
<zoopster> incidence: package removal didn't clean something up? man dpkg-statoverride to find it and fix it
<JamesPage> permalac_: have you checked support for you FC adapter in the linux kernel you are using?
<zul> hallyn: you might might want to check with james_w
<permalac_> JamesPage: how do I do that? sorry, I know you can send me to google , but I'm completely offuscated
<JamesPage> permalac_: this is a good place to start https://wiki.ubuntu.com/HardwareSupport
<permalac_> many thanks
<permalac_> thanks a lot
<JamesPage> permalac_: however the issue may be outside of your server i.e. in the SAN network itself
<Slyboots> Hello
<permalac_> JamesPage: we checked that. If I present it on the same way to a machine actually running other LUN it has no problems.
<JamesPage> permalac_: I'm not familiar with storedata devices but you probably need to check that zones have been setup on the SAN for your server
<JamesPage> permalac_: and that the storage array is masking LUNs correctly
<Slyboots> is there a way to see if yiu are being ddosed ir something
<Slyboots> i cant keep up a connection with ny server over ssh
<Slyboots> i.. dont know why anyone would but.. something weird is going on
<Slyboots> anyone..?
<daxroc> Evening
<daxroc> I need to install php5 packages from karmic  on lucid but i get "php-pear: Depends: php5-common (>= 5.2.10.dfsg.1-2ubuntu6.5) but 5.2.10.dfsg.1-2ubuntu6 is to be installed"
<daxroc> any one know how I would set the version to install
<Slyboots> ffs x.x
<permalac_> JamesPage: I've checked, but remembered that another linux has the same HBA , with the difference that is not connected through NAS, insted is pluged directly to the storagedata(same type) and it works. This one is a hardy.
<daxroc> Slyboots: 'ffs' that part of ubuntus code of conduct ?
<permalac_> JamesPage: so I understand that there is support for the storagedata and the HBA. The issue must be in the multipath configuration. Which I do not know how to manage.
<Slyboots> Just fustrated
<daxroc> No excuse !
<Slyboots> lost access to tge server totally now
<Slyboots> cant figure out what to do though
 * daxroc understands , downgrading php5 to check if theres an unknown bug with php5.3.2
<ehcah> Is there a command to enable RAID? I thought it was a service you simply configured, but that it is "enabled" by default?
<SpamapS> ehcah: when you say "enable" what do you mean?
<SpamapS> ehcah: RAID's really must be "built"
<ehcah> You just confirmed what I thought.
<ehcah> I'm getting an error message in an appl
<SpamapS> ehcah: ?
<resno> is it possible to setup a server to retrieve emails from a pop3 server?
<zoopster> resno: fetchmail
<resno> thanks zoopster
<zoopster> resno: certainly welcome!
<JamesPage> permalac_: sorry I need to be somewhere else right now - can we pick this up in say 1 hour?
<uvirtbot> New bug: #646212 in nagios3 (main) "package nagios3-common 3.2.0-4ubuntu2 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/646212
<AbhiJit> hello
<AbhiJit> anyone here or any better channel which can guide me step by step to setup and configure lamp?
<resno> AbhiJit: whats up?
<AbhiJit> resno, hi struggling with lamp!
<resno> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<AbhiJit> i asked!
<AbhiJit> anyone here or any better channel which can guide me step by step to setup and configure lamp?
<resno> yes. if you want step by step, look somewhere online.
<AbhiJit> i dunno anything about lamp etc. i have printed book of apache with me i go thro its index and it tooooooooo horrible to understand
<resno> if you have a question ask
<AbhiJit> i dont have any question i just need that step by steop help
<resno> what are you trying to do?
<resno> you're not giving me anything to start with.
<resno> is it installed and you cant configure it?
<ScottK> AbhiJit: The Ubuntu Server guide (see the link in the channel topic) has lots of step by step help for Ubuntu Server in it.  You should check that if you haven't.
<AbhiJit> resno, i installed lamp with. and now i need to createa  web site with database connectivity for our college mini project. and after this step i dunno anything about servers. how to get taht apache thing working? etc
<AbhiJit> ScottK, ok i wll check
<AbhiJit> thanks
<zul> SpamapS: ping
<AbhiJit> i currently  have lamp installed on desktop edtition. is it like that if i get server edition then majority of lamp configuration is already done?
<AbhiJit> and ready to use?
<AbhiJit> resno, ??
<RoyK> AbhiJit: most of it is already there, yes
<RoyK> AbhiJit: try setting up a virtual machine with ubuntu server, and see for yourself
<AbhiJit> RoyK, ok i wll download sever edition now
<RoyK> AbhiJit: in the server install, LAMP is one of the meta-packages that can be installed
<AbhiJit> RoyK, hmm
<AbhiJit> bye and thanks all
<AbhiJit> :) gn
<Ayrton> Hi, there is some protocol that access the port 9977 for default?
<Ayrton> and if yes, what is it?
<qman__> not that I'm aware of, google should help with that
<qman__> `netstat -nlp | grep -v ^unix` should also help
<hggdh> Daviey: all 3 upgrade bugs commented; I also added upstream tasks for them
<Daviey> hggdh: thanks!!
 * hggdh goes for a late lunch now
<Ayrton> qman__, thanks
<CharlieSu> All, I'm using an ELB to goto my webserver.. my webserver has an apache frontend which proxies requests to HAProxy, but It doesn't look like the X-Forward-For headers are being sent correctly.. They come in the the private IP for the ELB..   X-Forwarded-For: 10.207.2.142   any ideas?
<SpamapS> zul: pong whats up?
<zul> SpamapS: can you look at that plymouth apache bug for me? im running out of time i think
<SpamapS> zul: the one where people can't enter the password?
<zul> SpamapS: yes....how did you know? ;)
<SpamapS> zul: sure. I saw that cjwatson suggested that plymouth has something built in
<zul> SpamapS: yeah you have to use plymouth --ask-password and pipe it to apache somehow
<zul> look at cryptsetup
<Name141> will ubuntu-server install any desktops?
<mathiaz> JamesPage: o/
<Name141> or will I have to start over from an install of Ubuntu desktop edition ?
<uvirtbot> New bug: #646267 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/646267
<qman__> Name141, I'm not sure what you're asking -- ubuntu server will install ubuntu server
<cdose1> hey guys, i have a very puzzling problem.  bind9 won't start, last message in daemon.log is "named[6474]: using up to 4096 sockets"  with no errors or anything indicating what's wrong...  what else can I check?
<cdose1> syslog tells me one extra thing, but I don't know what to make of it: "kernel: [ 2502.143477] type=1503 audit(1285270960.289:39):  operation="open" pid=6778 parent=6777 profile="/usr/sbin/named" requested_mask="::r" denied_mask="::r" fsuid=104 ouid=0 name="/etc/ssl/openssl.cnf""
<qman__> cdose1, check /var/log/syslog
<qman__> pretty sure that's where bind logs its errors
<qman__> that's where it does on mine, anyway
<qman__> it logs all kinds of stuff there, such as
<qman__> Sep 23 15:47:44 gatekeeper named[3149]: unexpected RCODE (REFUSED) resolving 'ucomics.com/A/IN': 207.67.20.219#53
<cdose1> qman__: yeah I did, that was my second post.  syslog and daemon.log mirror each other as far as bind starting up, they both have the same messages.
<qman__> well, that second message there is saying that named was denied read access to /etc/ssl/openssl.cnf
<qman__> are you using DNSSEC or something?
<cdose1> nope
<cdose1> it's a dns slave server though
<cdose1> also, I don't think it was denied read access, permissions on the file are correct, and its just says "denied_mask", that doesn't imply it was denied.
<qman__> that's exactly what it's saying
<cdose1> but i could be wrong
<qman__> let me check for sure
<cdose1> what's really baffling me is the lack of error messages from bind
<qman__> bind normally is quite verbose with its errors, and they should be in /var/log/syslog
<Name141> qman__: I'm asking if I can do something like 'sudo apt-get install lxde' , so I can run a few graphical things I wanted
<Name141> like a SNES emulator
<qman__> Name141, you can install a desktop on ubuntu server with `sudo apt-get install ubuntu-desktop`, or kubuntu-desktop or xubuntu-desktop for the respective environments
<qman__> otherwise, it will attempt to install just enough to run your program
<qman__> which may or may not work
<Name141> qman__: So I 'could' try it without installing a bulky desktop?
<qman__> could, but it probably won't work the way you want
<qman__> by default it installs recommends, which will pull in just as much stuff
<qman__> and it will choose your environment arbitrarily
<Name141> OK.  so I might as well try xubuntu-desktop
<Name141> then install lxde later
<Name141> (I assume)
<qman__> that, or you could build your environment package by package, not sure how much time you want to put in
<Name141> about 30 seconds
<qman__> well, it's going to take longer than that just to download
<qman__> but if quick is what you're after, go for xubuntu-desktop
<tomsdale_> I have vim-nox installed on my server but I need a vim version which is compiled with ruby support - where could I find
<tomsdale_> sry - I didn't have vim nox installed - vim nox HAS ruby support.
<uvirtbot> New bug: #646453 in irqbalance (main) "package irqbalance 0.55 20091017-3ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/646453
<krabador> hi, i've intention to recycle an athlon xp 3000+ 1gbram, as homeserver, if i install ubuntu server, what can i do for power consumption?
<RoyK> it will do its own regulation
<krabador> RoyK, i know that is hardware with more power consumption than now, but shure i won't be at 100% cpu and system consumption
<krabador> it will be cpu, 1gbddr1, integrated lan, 2 pata hdd
<RoyK> krabador: ubuntu will clock things down when speed isn't needed
<krabador> RoyK, can i set it wothout gui?
#ubuntu-server 2010-09-24
<ruben23> hi guys..
<ruben23> anyone have idea how to run wireshark on commandline..?
<theyranos> ruben23:  sudo apt-get install tshark
<Four2zero> has the file permissions changed in 10.10, cuz when i want to take ownership of the directorys on ext device with command " chown -R user:user /srv/storage/ ''
<Four2zero> it still shows root as owner.
<Four2zero> I have set fstab as so: '' /dev/sdb1 /srv/storage auto auto,user,uid=1000,gid=1000 ntfs 0 2 ''
<ruben23> theyranos: yes  but how to run and start capturing packets..?
<Four2zero> easy, follow the guide or tutorial who's ever network your trying to hack !!!
<Four2zero> google
<Four2zero> hacking other peoples network for free internet is against the law, illegal in the U.S.A !
<theyranos> ruben23: sudo tshark -w filename will load filename with something in pcap format. man tshark for more information.
<ScottK> Four2zero: There are plenty of legitimate reasons to run wireshark.  No need to make negative assumptions.
<Four2zero> ScottK im not assuming, im letting them be aware of it.
<coafcv> hey. what do I have to install to make the PHP postgresql functions available?
<coafcv> PHP says it cannot find pg_connect.
<theyranos> coafcv: php5-pgsql   (apt-cache search postgre | grep php)
<coafcv> theyranos: thanks for the explanation of what you did, this helps. I entered php- and hit tab, no wonder I haven't found anything.
<ScottK> OK
<coafcv> theyranos: and it worked, thanks
<Scunizi> How do I change the domain/workgroup name of the computer?
<Scunizi> Is this done only in the smb.conf file or is there another file I can do that with?
<wdarosh> Ubuntu Server 10.04 is no longe booting-  Unit is reporting that it is unable to find /dev/root /sys/root and then crashes out unable to load.  System has been booted via Live CD and unit is showing access to SDA5.  SDA1 is showing up as LVM2 Format and is inaccessable.  Is there a way to get the unit to boot?
<pudgypaw> ppl online?
<wdarosh> Is there a chance of data recovery if I were to convert the LVM2 Partition into ext3?
<pudgypaw> isn't it currently ext4?
<wdarosh> currently the /dev/sda1 is listed as Linux LVM in fdisk
<pudgypaw> i wouldn't know, i just got into the room but everyone seems unresponsive
<pudgypaw> anyone else home?
<coafcv> yes, but I'm without any clue either.
<coafcv> I'm just listening to what other people say...
<wdarosh> Thanks anyway
<coafcv> next time, stay a little longer.
<pudgypaw> lol
<pudgypaw> ok i did come in with a question of my own
<pudgypaw> but it's about EC2 cloud computing, dunno if anyone in the house knows about the AMI ami-12f3a257
<pudgypaw> EC2 cloud computing, dunno if anyone in the house knows about the AMI ami-12f3a257
<fakhir> hello I am wondering why Disk Swap is being used when over 50% of my RAM is being used for cache.
<MTecknology> So.. I'm trying to run dpkg-reconfigure locales ... but it hates me :S
<MTecknology> I'm getting this - http://dpaste.com/248164/
<pudgypaw> looks like "no locale or directory"
<pudgypaw> wonder if u make a dummy directory they'll complain about something else XD
<MTecknology> what directory is it looking for?
<four2zero> hey guys is there a fix for "vino" for 10.10 ?
<four2zero> or can i just sudo apt-get remove vino
<MTecknology> Can I get php5-5.3.3 for Ubuntu 10.04? I'm trying to find a PPA for it..
<four2zero> MTecknology: go to howto forge
<four2zero> the perfect server setup for ubuntu 10.04
<MTecknology> four2zero: you mean this? http://www.howtoforge.com/installing-php-5.3-nginx-and-php-fpm-on-ubuntu-debian
<four2zero> it will show you how to install php
<four2zero> yes.
<MTecknology> I've found a world of breakage in howtoforge and I tend to not follow then anymore..
<four2zero> http://www.howtoforge.com/how-to-set-up-apache2-with-mod_fcgid-and-php5-on-ubuntu-10.04
<four2zero> will show you how to properly install php 5.3
<MTecknology> that looks directed for apache
<four2zero> okay i have another link
<four2zero> MTecknology: https://help.ubuntu.com/10.04/serverguide/C/php5.html
<four2zero> that will help you
<MTecknology> that doesn't discuss 5.3.3 :P
<four2zero> good luck
<MTecknology> I'll try to wade cautiously through howtoforge
<four2zero> php5 is 5.3.3
<four2zero> all you need : sudo apt-get install php5 libapache2-mod-php5
<four2zero> minus the libapache2
<four2zero> if your not running apache2
<MTecknology> I need 5.3.3 specifically
<MTecknology> !info php5
<ubottu> php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.3.2-1ubuntu4.5 (lucid), package size 1 kB, installed size 20 kB
<four2zero> MTecknology: apt-get install -t experimental php5
<pudgypaw> !info php5
<ubottu> php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.3.2-1ubuntu4.5 (lucid), package size 1 kB, installed size 20 kB
<four2zero> or go to #php
<pudgypaw> Here's my current issue w/ php
<pudgypaw> server 10.04 LAMP stack works great on virtual host
<MTecknology> four2zero: does that pull from 11.04?
<pudgypaw> but i tried EC2 micro instance and php throws me a WSOD
<meh2> hey guys, i installed webmin on a VPS to test it, it supports https, but when i go to https://myvps.com it tells me the certifacte is broken and its untrusted website.. any ideas how to fix this?
<pudgypaw> currently trying to debug but i jsut might hitup a diff image
<MTecknology> four2zero: oh......
<MTecknology> four2zero: spiffy
<four2zero> MTecknology: did it work ?
<MTecknology> four2zero: I started going the howtoforge route.. I like what you said a lot better....
<MTecknology> four2zero: how hard would it be to purge everything installed from dotdeb and the .debs ?
<four2zero> okay.
<four2zero> not hard at all just sudo apt-get purge <package>
<MTecknology> then rm the line from sources.list, apt-get update, and anythign else?
<four2zero> damn vino is broken on ubuntu-server 10.10
<MTecknology> yup... looks like that worked grand
<MTecknology> four2zero: I just tried to do apt-get install -t experimental php5-fpm
<MTecknology> !info php5-fpm maverick
<ubottu> php5-fpm (source: php5): server-side, HTML-embedded scripting language (FPM-CGI binary). In component universe, is optional. Version 5.3.3-1ubuntu9 (maverick), package size 2875 kB, installed size 7624 kB
<MTecknology> four2zero: -t experimental doesn't seem to be looking at maverick
<MTecknology> -t maverick doesn't seem to be either
<kbutler> I'm running ubuntu server 8.10. Something screwy just started happening with my filesystem tonight. I can no longer create directories anywhere. mount says that the filesystem is mounted rw, and umounting it or remounting it rw doesn't affect the problem
<kbutler> any suggestions?
<kbutler> Basically the filesystem appears to be readonly, even though it's mounted rw
<kbutler> we noticed because php can no longer create sessions :/
<ScottK> kbutler: If you are really on 8.10, then the first suggestion is upgrade since that version is no longer supported.
<jjcm> Hey all, I'm trying to get mail stuffs set up properly on my server. I use google apps for my domain, so my mail server isn't the same as my local box. However right now when sending soemthing to one of my google apps emails from sendmail, the relay gets set to local (which obv isn't correct as the mail servers are googles)
<jjcm> How can I fix this? Is it a sendmail conf?
 * freeflying 
<ScottK> jjcm: Postfix is the standard MTA for Ubuntu, so the odds of there being much Sendmail expertise here are low.
<Datz> hi, I thought updates to the kernel were the only ones that required a system restart?
<Datz> I've updated everything but the kernel, and it's asking for a restart.
<ScottK> Datz: There are a few others.
<Datz> ah
<Datz> is it dangerous in anyway to update kernel.. etc and not restart for awhile?
<Datz> for example if there were a power outage
<ScottK> Datz: The major risk is that you don't gain the benefits of whatever fix the new kernel has.  So if it's a security issue, you're vulnerable until you reboot.
<Datz> ok
<Datz> thanks
<Datz> Of the other package upgrades that require restarts, are they a specific set, or random?
<theyranos> is there an easy way to tell which package install created a particular user?
<ScottK> Datz: It tends to be function of the specific update.
<ScottK> Sometimes service restarts that are hard to get without a reboot are required, sometimes not.
<Elixtang> Yeal
<Datz> Ah, I understand a bit better now. Thanks ScottK. :)
<aarcane> how to convert a standard install of ubuntu desktop to ubuntu server ?
<Datz> I'd assume remove GUI (ubuntu-desktop) and install -server kernel version?
<Datz> I'd just do a fresh install myself
<aarcane> yeah, I'd rather take a few extra hours but get it done without appreciable downtime, as it's a high visibility system.
<Datz> ah
<theyranos> last time I tried, apt-get remove ubuntu-desktop did precisely nothing in addition to removing the metapackage. You can get part of the way there with this http://www.psychocats.net/ubuntu/purekde but get rid of the kubntu-desktop at the end and replace it with ubuntu-minimal.
<Datz> long commands :p
<theyranos> exceptionally. and i should note that in the end, I did end up having to zero the drive and start over from a server iso
<theyranos> albeit for unrelated reasons
<theyranos> one thought would be to install the server iso on a virtual machine, do apt-get install -s ubuntu-desktop and see which packages get added because of the -desktop metapackage
<theyranos> but certainly you'd want to actually check all those packages to make sure you're not removing something your high-visibility system needs to remain visible.
<aarcane> hrrm
<aarcane> so the only differences are the presence of the GUI and the -server kernel and whatever server packages are needed?
<theyranos> pretty much. it's effectively the same OS. unless you're hurting for drive space, I'd say the safest bet is to just disable gdm and leave the packages there.
<Datz> would aptitude remove ubuntu-desktop work any differently?
<Datz> (or am I a silly goose)
<theyranos> on my desktop system (kubuntu) aptitude -s remove kubuntu-desktop just offers to delete the metapackage again
<theyranos> coulda sworn that worked a couple versions ago, though.
<Datz> ah, I see
<zanthir> Anyone familiar with the Ubuntu 1:1.13.3-1ubuntu11 built-in shell (ash)?
<zanthir> I'm just trying to re partition my hard drive.
<zanthir> For an Ubuntu Server install, no less.
<zanthir> I had some problems loading the partitioner. Ended up here, in recovery mode.
<zanthir> 270 users. Are you all asleep?
 * theyranos is awake but not familiar with your problem
<zanthir> Thanks. I appreciate the attention.
<zanthir> I'm just trying to do a clean install, but am having problems. My first install failed. Now I can't load the partitioner (like step 3 of the install process).
<zanthir> But I can get to a built-in shell (ash).
<theyranos> any chance the fdisk command works from there?
<zanthir> how would I test?
<zanthir> yes
<theyranos> fdisk /dev/sd0
<theyranos> it's a command-line based partitioner that's fairly well documented
<zanthir> unable to open /dev/sd0
<zanthir> ok, I'll google it.
<zanthir> Found it. Upon "fdisk /dev/sda" I get a WARNING: DOS-compatible mode is depreciated...something about (command 'c') and (command 'u')
<zanthir> does that mean I should use "fdisk -c -u /dev/sda" or something like that?
<zanthir> If you couldn't tell yet, I'm quite green. :)
<theyranos> it should have brought up an interactive shell despite the warning
<theyranos> try "p"
<zanthir> Oh. It did. I just didn't notice.
<theyranos> theoretically, that should show whatever your hard drive partition layout is now
<zanthir> Right.
<zanthir> I have a /dev/sda1 Linux, /dev/sda2 Extended, and an sda5 Linux LVM. Which is what I was trying to setup... but I didn't finish the install...
<theyranos> but you did apparently successfully partition the drive
<theyranos> which means i'm out of ideas
<zanthir> I'm trying booting from my disk now... I should be able to start from scratch using fdisk though, right?
<theyranos> originally, my suggestion was going to be be to manually partition the drive the way you want it, then tell the installer to skip that step and use an existing volume
<theyranos> yes. if you can get as far as fdisk, you can wipe and replace your partition table
<zanthir> Thank for your ideas. I think they were very good. Very helpful. Booting from disk isn't working.
<theyranos> if it failed right after the partitioner, your drive probably doesn't have a boot sector yet
<zanthir> Only problem is I don't know how I want it... But I'm sure I can look up some default config or something.
<theyranos> one other thing you might try is to dd if=/dev/zero of=/dev/sda for a few minutes to just erase the mbr and partition table entirely, then try the automatic partitioner thingy again
<zanthir> It actually didn't fail until it was installing software the first time, but then I went back and screwed it up good.
<theyranos> aaah
<theyranos> did you get as far as that list of checkboxes asking what software you wanted installed?
<zanthir> Yes. But that failed, and I went back one step at a time, and it kept failing at each step. Now if I start form scratch I only get as far as lodaing the partitioner.
<theyranos> okay, yeah
<theyranos> dd if=/dev/zero of=/dev/sda
<theyranos> that will keep running indefinitely. let it go for about a minute then ctrl+c it
<theyranos> then try the installer again
<theyranos> when you get to that screen with the checkboxes, leave them all blank
<zanthir> okay. type that in to fdisk command?
<theyranos> sorry no into the shell
<theyranos> q to get out of fdisk
<zanthir> okay.
<zanthir> I'm not there any more, rebooting in recovery mode (from the CD)
<zanthir> (since booting from the disk failed)
<theyranos> k
<zanthir> Ok. It's doing something. What is it doing?
<theyranos> writing 0s to your hard drive
<zanthir> Cool.
<theyranos> you only really need to zero out the first few KB, though, for this to work. That's where the partition table and MBR live
<zanthir> Right.
<theyranos> which is why you can ctrl+c it :-)
<zanthir> So, I'm probably good after 30 seconds or so?
<theyranos> yeah
<zanthir> yup
<zanthir> fdisk, p, p: not found.
<zanthir> I'll try the partitioner again...
<theyranos> best of luck. since it worked before, there's no reason it shouldn't work now
<theyranos> but in my experience, installing stuff with those checkboxes is unreliable
<theyranos> so i'd strongly recommend leaving them blank and just using apt-get install once you've got a live system.
<zanthir> Ok. You suggest installing nothing, then adding software after the initial install?
<zanthir> Right.
<theyranos> yup :-)
<zanthir> Sounds like a plan to me.
<zanthir> You're the best!
<zanthir> <3
<theyranos> nah, I'm just bored watching progress bars
<zanthir> downloading/installing?
<theyranos> migrating some services from one virtual machine to another on a different host
<zanthir> hm, interesting. I thought about that. I run a web site on an OpenSolaris machine, but have no idea how to use most of the stuff on that OS, so I'm setting this up, because it seems a little easier to find people who are doing what I want to. Basically, games, web sites, the usual.
<theyranos> ah, yeah. Solaris variants take quite a bit of getting used to.
<zanthir> I feel like Linux is probably a good stepping stone from windows to Solaris. The ZFS seems very cool, but I didn't even get as far as turning it on.
<theyranos> well, yes and no
<theyranos> one one hand, linux and ubuntu in particular is trivially easy to operate when compared with solaris
<theyranos> on the other, once you use ubuntu for a while, if you want to go to solaris it'll be similar enough that you'll spend half your days banging your head against a monitor screaming "why must they make this so complicated?"
<zanthir> Hah.
<zanthir> partitioning failed again. At least the partitioner loaded and tried though.
<theyranos> could your drive be bad?
<theyranos> i'm really reaching now
<theyranos> no error message?
<zanthir> guiding me to remove /dev/sda5 now. That is the problem.
<zanthir> Error message was "look at virtual terminal 4" which I knew by reading the Ubuntu book that I could look at by pressing Alt+F4.
<theyranos> what was there?
 * theyranos is trying to guess at what might be happening to your machine
<zanthir> Oh, I forget, but now I'm watching here to realize that something is actually happening while I'm stuck at 60% done partitioning.
<theyranos> i'm tempted to try to reproduce this in a virtual machine, but i don't think i have time before my progress bars finish
<zanthir> I'm getting messages that look like Sep 24 05:20:16 kernel: [ 724.544667] ata1: EH complete
<zanthir> and Sep 24 05:20:16 kernel: [ 724.544667] Buffer I/O error on device dm-0, logical block1
<zanthir> ....end_request error: I/O ...
<theyranos> okay, the EH complete one can be safely ignored
<theyranos> the others suggest your hard drive is actually failing
<zanthir> ...failed command: READ MULTIPLE
<zanthir> ...exception Emask 0x0 SAct 0x0...
<theyranos> got another drive floating around?
<zanthir> On terminal 1 it says, "computing the new partitions," for the LVM I guess.
<theyranos> yeah... but that shouldn't be generating kernel IO errors on a healthy drive.
<zanthir> It probably is working, I just need to let it do its thing, and not worry that it is stuck at some specific %
<zanthir> oh...
<zanthir> bad drive then, probably. Lol.
<theyranos> there is a chance that if you just let it sit for a while, it'll successfully mark all the bad sectors and avoid them from now on
<zanthir> Right, which would be cool...
<theyranos> but in general, by then you're just gambling anyway
<zanthir> Ok, GF says I have to go to bed. She's so smart. I do go to work in 7 hours.
<theyranos> you might boot six times, get it configured just the way you want, and then have the MBR turn into a brick.
<theyranos> best of luck, though
<theyranos> yes, listen to the gf :-)
<zanthir> lol
<zanthir> thanks
<zanthir> *nod*
<zanthir> nice to meet you
<theyranos> thanks. ditto.
<MTecknology> !info libxml2
<ubottu> libxml2 (source: libxml2): GNOME XML library. In component main, is standard. Version 2.7.6.dfsg-1ubuntu1 (lucid), package size 807 kB, installed size 1588 kB
<MTecknology> hrm...
<theyranos> MTecknology: just on the off chance you don't know, you can get that same information locally with apt-cache show libxml2 typed from a terminal
<MTecknology> theyranos: I was comparing what I have to what's installed.. I don't know what's broken. :(
<theyranos> ah
<hungnv> I got stuck with OpenVZ on Ubuntu 9.04. I cannot stop, restart a VE, or enter to it.
<hungnv> so, someone can tell me how can I kill that VE process to start it again?
<hungnv> thank youi
<hungnv> anyone, please?
<uvirtbot> New bug: #646617 in mysql-dfsg-5.1 (main) "package mysql-client-core-5.1 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/mysql', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/646617
<daxroc> Morning
<IanY57> newbie question: have 10.4 server - bind9 running behind a router with static IP - have domain name - do i put the static IP address or the server (local 10.1.1.XXX) into the default db.file?
<uvirtbot> New bug: #646694 in autofs (main) "autofs does not stop when the system is halted" [Undecided,New] https://launchpad.net/bugs/646694
<soren> jdstrand: Your comment wanted on bug 646706.
<uvirtbot> Launchpad bug 646706 in libvirt "NWFilter support broken due to Apparmour restrictions" [Undecided,New] https://launchpad.net/bugs/646706
<soren> jdstrand: I desperately need it for EC2 style security groups to work in Nova.
<uvirtbot> New bug: #646706 in libvirt (main) "NWFilter support broken due to Apparmour restrictions" [Undecided,New] https://launchpad.net/bugs/646706
<ttx> Daviey: did smoketest basic install on today's ISO -- will smoketest UEC topo1/amd64 now
<Daviey> ttx: Ok.. dandy, i'm reproducing some upgrade results at the moment
<ttx> Daviey: I'm concentrating on pre-RC smoketests right now
<Daviey> ttx: Ok.. i was also taking a sniff at the image proxy user-non-admin bug
<Daviey> but i don't think it is release crticial
<ttx> Daviey: btw I'll be at a conference Thursday, so I'll rely on you and mathiaz for release management coverage
<ttx> will travel a few hours on Wednesday too
<Daviey> ttx: Ok.. It would be handy to have a hand over briefing of things you are concerned about.. Wednesday lunchtime?
<ttx> I'm leaving at 1000 UTC, then back online ~1400 UTC
<ttx> hm, make that 0900 and 1300.
<ttx> Daviey: my gcal is up to date
<Daviey> ttx: Ok.. great - fancy picking a time that suites you to schedule a quick call?
<Daviey> or jot it in an email, what ever suites
<soren> ttx: Oh, you're only going to be there Thursday?
<ttx> soren: and Friday
<ttx> but Friday is post-RC so nobody carez
<soren> ttx: Ah, gotcha.
<doko> ttx: is it correct that heartbeat can be demoted to universe for maverick?
<EvilPhoenix> !maverick
<ubottu> Maverick Meerkat is the codename for Ubuntu 10.10, due October 2010 - Maverick is NOT released and NOT Stable, discussion and support in #ubuntu+1
<pmatulis> what was that for?
 * ttx is a bit lost in rhcs pacemaker transition
<ttx> doko: RoAkSoAx should be able to confirm that for you
<EvilPhoenix> oops
<EvilPhoenix> wrong channel sorry
<doko> ttx: US timezone?
 * EvilPhoenix kicks his touchpad
<ttx> doko: yes, eastern
<ttx> Daviey: full success on topo1/amd64. Anything you want me to check before I tear it down ?
<Daviey> ttx: hmm... nothing coming to mind :/
<Daviey> certainly nothing that is release blocking
<Daviey> (IMO)
<zul> morning
<doko> JamesPage: hi, any chance that we can demote ant1.7 already in maverick?
<hggdh> morning folks
<JamesPage> doko: not sure what you mean by demote?
 * JamesPage is showing his ignorance a bit
<doko> JamesPage: removing from main, and putting into universe (which will only work if there no build dependencies or dependencies left in main)
<soren> jdstrand: You know this better than I.. The libvirt thing is clearly a bugfix. Do we need any sort of freeze exception?
<soren> jdstrand: It's amazing how quickly you forget these things.
<soren> jdstrand: /me needs to head out... will be back 1800 UTC-ish.
<doko> JamesPage:
<doko> -- maverick/main build deps on ant1.7:
<doko> libservlet2.4-java
<doko> so the question extends to libservlet2.4-java
<doko> and the question: Can libaxis-java be built with libservlet2.5-java?
<overlord_tm> after using vmbuilder, do i have to use virt-install for VM to show up in virtsh list?
<pmatulis> overlord_tm: no
<JamesPage> doko: thought thats what you mean't but wanted to check
<overlord_tm> pmatulis, i ran vmbuild kvm ubuntu -c myconfig.cfg. Everything went ok, i can run machine with included run.sh script, but it does not show up in virtsh -c qemu:///system list
<crankygeek> Good morning, I am lookking for some help setting up a SSH tunnel, to my server. What I am trying to do is tunnel to my server, change my proxy setting in internet explorer and use that to browse using the tunnel....any help?
<pmatulis> overlord_tm: i always use '--libvirt qemu:///system' in my vmbuilder command,  did you?
<crankygeek> I am using PuTTY for windoze and can't seem to get a successful proxy connections
<overlord_tm> pmatulis, http://pastebin.com/9YyvqJVB
<overlord_tm> this is the config i used
<JamesPage> doko: feels like a good bit of housekeeping
<pmatulis> overlord_tm: is the machine running?
<overlord_tm> pmatulis, if i run it with sudo sh run.sh, it boots up
<pmatulis> overlord_tm: you'll need 'virsh list --all' to see non-running machines
<overlord_tm> i know :)
<pmatulis> overlord_tm: dunno then
<overlord_tm> but it list only one VM (not the rigth one)
<pmatulis> overlord_tm: using lucid?
<overlord_tm> yes
<pmatulis> overlord_tm: i heard vmbuilder was in a bad state in lucid.  i use karmic only for that
<JamesPage> doko: I can't see the build-dep from libaxis-java -> libservlet2.4-java http://paste.ubuntu.com/499689/
<overlord_tm> pmatulis, thanks for info :)
<doko> JamesPage: ahh, libaxis-java-gcj still depends on the 2.4, not the 2.5 package ...
<pmatulis> overlord_tm: np.  i also don't use cfg files.  i use a single shell script with a longass vmbuilder command (using '\' of course).  that way i see everything at once
<JamesPage> doko: shall we continue this conversation in ubuntu-java?
<overlord_tm> pmatulis, virt-install --import did the job i think :)
<doko> JamesPage: for the next one ;) fix uploaded
<JamesPage> doko: OK!
<Daviey> hallyn / smoser: Any idea why i386 (maverick uec daily images), when started either through UEC (on i386) or libvirt directly are stuck at "Starting SeaBIOS (version .*)" ?
<hallyn> Daviey: there have been bugs about that before...  lucid?
<smoser> Daviey, i have no idea. has there been seabios or kvm updates ?
<smoser> and are you using the loader or the kernel?
<Daviey> smoser: don't think so
<Daviey> kernel
<smoser> k
<smoser> then i suspect seabios update, kvm update, or, libvirt / app armor
<smoser> :)
<Daviey> <kernel>/var/lib/eucalyptus/instances//admin/i-4C3F0942/kernel</kernel>
<Daviey> Ahhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh
<smoser> i think your h key is stuck
<jpds> smoser: He's merely training for the opera.
<Daviey> hah
<zul> Daviey: serenity now! serenity now! insanity later!
<Daviey> stability now please :)
<smoser> festivus!
<jdstrand> soren: I don't think we need a FFe-- it is like you said a bug fix, but we need the right fix
<jpds> Daviey: "Keep calm".
<Daviey> :)
<hggdh> actually, better would be "don't panic"
<hallyn> Daviey: 'kvm -kernel' works on 64-bit guest on maverick with 32- and 64- bit emulated cpu, at any rate.  do you have a 32-bit physical server install you can test on?
<hggdh> Daviey, zul: eventually I will need sapodilla and soncoya, for the fully-distributed tests
<zul> hggdh: they are all yours
<Daviey> hggdh: you are welcome to them... thanks for lending them to us :)
<hggdh> you are all welcome. I will grab then, now, and try euca on all, from the current ISO
<Daviey> i don't know if i do have any physical 32 bit servers...  this is a 64 bit arch, running i386 install
<Daviey> hggdh: good to hear!
<a_ok> I'm trying to start a chrooted mysqld however it complains about a missing upstart socket. is this something I can fix?
<Daviey> smoser: I see you are the maintainer of cloud-utils .. do you have an upload planned?
<smoser> no. do you need one ?
<Daviey> jah!
<smoser> what is needed ?
<Daviey> smoser: have you ran uec-run-instances recently? :)
<smoser> no
<Daviey> smoser:  We don't have paramiko as base anymore... needs to be a depends
<smoser> ugh.
<smoser> can you open a bug ?
<smoser> and i'll try to get that fixed today.
<Daviey> smoser: I am raising a bug right now... I don't mind fixing it, unless you really want to
<smoser> well, trunk is:
<smoser> lp:~ubuntu-on-ec2/ubuntu-on-ec2/cloud-utils/
<smoser> give me a bug number and i have commit ready
<smoser> the only issue is that there are 2 other things fixed in trunk
<smoser> one a bug, one a feature
<Daviey> smoser: i saw :/
<Daviey> https://code.edge.launchpad.net/~davewalker/ubuntu-on-ec2/cloud-utils/
<Daviey> smoser: ^^
<Daviey> bug there... i don't care if you discard that branch..
<smoser> so what should we do ?
<smoser> i'm ok if we think we need to re-order and drop the feature
<smoser> Daviey, ^
<lool> Hey folks
<lool> I'm trying to resize a qcow2-backed kvm disk
<lool> and it's been two times that I fail and get an unbootable system and lose the data
<lool> (fortunately, it's a copy of the data)
<Daviey> smoser: Well... you are the maintainer :)
<smoser> well, i'm not the release admin
<smoser> and it is definitely a (small) feature
<lool> It's a lucid vm created with ubuntu-vm-builder, which I shutdown before resizing; I do something like qemu-img convert -O raw tmpHbobjA.qcow2 rootfs.raw, dd if=/dev/zero of=rootfs.raw count=0 bs=1 seek=48G, reboot, and then I fiddle with fdisk; at that last step, the system becomes unbootable for some reason
<ttx> soren: you are past FinalFreeze, so you need to make that a RC issue, then convince the release team the risk/benefit tradeoff is worth it
<Daviey> I sort of expected that the bzr branch is now pinned until Natty opens... and cherry pick backports back and apply to apt-get source
<Daviey> but it's up to you smoser :)
<Daviey> ttx: was that for smoser ?
<smoser> ok. then, feature is no.
<smoser> so then we have 2 bugs that can be fixed.
<smoser> should i not fix the other ,and just get daviey's ?
<Daviey> smoser: you are the maintainer :)
<Daviey> make a decision man! :P
<smoser> feature out. 2 bugs in.
<ttx> Daviey: no. It was for soren.
<smoser> it was well timed :)
<Daviey> ttx: oh, ok :)  you managed to answer two questions concurrently :)
<ttx> I have the Ring of Timing +8
<Daviey> smoser: surely we want the bugs *out*?
<smoser> the rhinoceros never stood a chance.
 * Daviey has felt the desire of ttx's ring.
<ttx> smoser: it was a triceratops.
<smoser> true
<smoser> did that answer anyone elses question ? (that it was a triceratops)
<pmatulis> the triceratops never existed
<patdk-wk> some would say I don't exist also
<pmatulis> patdk-wk: who would say such a thing?
<ttx> pmatulis: I think someone already objected to that.
<patdk-wk> most everyone would say hatsune miku doesn't exist :)
<pmatulis> ttx: really?
<ttx> pmatulis: see thread at https://lists.ubuntu.com/archives/ubuntu-server/2010-August/004474.html
<ttx> in particular https://lists.ubuntu.com/archives/ubuntu-server/2010-August/004476.html
<pmatulis> ttx: oh ok
<ttx> and wikipedia says it existed: http://en.wikipedia.org/wiki/Triceratops
<pmatulis> ttx: well if wikipedia says it existed then it existed
<ttx> pmatulis: or maybe.. someone is wrong on the Internet.
<ttx> we should ask jcastro, he is the in-house specialist.
<smoser> Daviey,
<smoser> dpkg-gencontrol: warning: package cloud-utils: unused substitution variable ${python:Depends}
<smoser> i'm guessing the intent of that variable was to automatically pick up the paramiko
<smoser> but i know not much about that. hints ?
<Daviey> smoser: none.. sorry.
<smoser> Daviey, upload is done. 2 bugs fixed.
<smoser> trunk re-worked so the feature is in 0.17ubuntu1
<Daviey> smoser: super
<smoser> so what do i have left to do there, ?
<smoser> i guess i need to put some justification in the bugs ?
<ttx> SpamapS: ping
<zul> ttx: also i would like to get windows live network authenitcaion bug fixed as well
<zul> https://bugzilla.samba.org/show_bug.cgi?id=7577
<ttx> zul: sounds... risky
<uvirtbot> bugzilla.samba.org bug 7577 in File services "SPNEGO auth fails when contacting Win7 system using Microsoft Live Sign-in Assistant" [Major,Resolved: fixed]
 * ttx looks up the patch
<ttx> zul: sounds like a worthwhile goal
<ttx> the patch is reasonable
<ttx> zul: do you have an ubuntu bug number for it ?
<zul> ttx: lemme pull up the lp bug
<ttx> I'll add it to maverick targets of opportunity
<zul> ttx: bug #458637
<uvirtbot> Launchpad bug 458637 in samba "Windows Live Sign-In assistant prevents samba from accessing Windows 7 shares" [Medium,Confirmed] https://launchpad.net/bugs/458637
 * zul pauses
<uvirtbot> New bug: #646858 in dovecot (main) "dovecot-postfix and upstart incompatibility" [Undecided,New] https://launchpad.net/bugs/646858
<MTecknology> zul: Is there any ppa or anything I could grab php5_5.3.3 from? The dotdeb version is kinda broken. :(
<zul> MTecknology: nope...download the maverick version and build it
<MTecknology> zul: it's in maverick!
 * MTecknology hugs zul 
<ttx> SpamapS: ping
<ttx> mathiaz: ping
<mathiaz> ttx: o///// ^^^^^ 555555
<ttx> mathiaz: Missing current status for server-maverick-uds-seed-review (0% completion)
<ttx> still on track / will potentially be completed post-release ?
<mathiaz> ttx: deferred to natty
<ttx> ah, ok.
<mathiaz> ttx: mainly pre-uds things
<ttx> mathiaz: please mark items postponed then
<mathiaz> ttx: will do
<ttx> you'll mark all postponed ?
<ttx> i'll move it out of the releas e team radar then.
<mathiaz> ttx: done
<ttx> mathiaz: thanks !
<ttx> mathiaz: i'll be at a conference on Thursday, which is RC milestone day. Will you be able to cover for me ? I already asked Dave to cover on the EU shift.
<mathiaz> ttx: sure
<mathiaz> JamesPage: gobby
<lool> Ok; I solved my resizing issue
<hallyn> mathiaz: could you take a look at https://code.launchpad.net/~serge-hallyn/ubuntu/lucid/lxc/fix-separate-var and consider sponsoring, pretty-plz?
<SpamapS> ttx: pong
<ttx> SpamapS: see pm
<ttx> quick
<ttx> :)
<ehcah> hello. What is the best/safest way to connect to the server desktop gui? I currently use putty to terminal, but would like to be able to access the desktop GUI from time to time. I have enable remote desktop sharing, but that only seems to work if I leave myself logged in at the physical console?
<patdk-wk> ehcah, lots of options, vnc, nx, ...
 * patdk-wk doesn't think ubuntu server has a gui though
<ehcah> I've been using vnc a bit, but it doesn't always allow me to login? I often get a connection not found message...
<weekly> question: So i have a freshly upgraded server edition ubuntu install (upgraded from 8.04 to 10.04.1) and upon restart, im greeted by a GUI login screen that should NOT be there, its a file server that does nothing but host samba shares. Now when i try to SSH in it crashes the box and makes the shares un-avaliable. What should i look at if SSH'ing in is crashing the thing?
<weekly> also if i let it sit at the GUI login screen it eventualy bugs out and i get some odd messages across the screen that look like "[82962.0560046] EDAC MCO : UE page 0x0 offset, grain 536870912, row 4 label ":" i3200 UE"
<weekly> any help would be awsome! the shares work and people can access it an work but im afraid if i leave it too long something is gonna blow up
<ScottK> The GUI looking splash screen is on purpose (even if a bit unfortunate), so that part isn't a suprise.
<weekly> yeah i think the guys that worked here before me tried to insall the GUI and failed, and my upgrade finished what they were starting
<mealstrom> hi
<AnirbanHazra> I want to install curl on my hardy vps.. how to do that
<weekly> ScottK, is their a command to check if everything installed correctly like the apt-get -f type deal?
<ScottK> sudo apt-get update && apt-get -f install should do it.
<mealstrom> hi, does anybody have a problem with printing from firefox where youve got only US-letter paper size ?
<ScottK> I suspect the kernel message is harmless, but Google may know more.
<weekly> thanks Scott, ill try that tonight when all the employees are gone. SHould i try to re-install SSH? what command would you use to do that?
<AnirbanHazra> I want to install curl on my hardy vps.. how to do that
<jrib> !apt > AnirbanHazra
<ubottu> AnirbanHazra, please see my private message
<aetaric> AnirbanHazra: hardy!?
<AnirbanHazra> aetaric : Ubuntu 8.10 LTS
<AnirbanHazra> sorry Ubuntu 8.04 LTS
<aetaric> AnirbanHazra: yeah. there is a new lts... :/
<AnirbanHazra> aetaric: but need to upgrade my knowledge also before upgrading to 10.04 LTS. Have no time to do that. :( . help me out on the curl issue,
<aetaric> sudo apt-get install curl
<AbhiJit> hi
<AbhiJit> anyone can suggest me a good step by steop guide for setting up lamp on ubuntu? for beginners?
<ScottK> The ssh business, I'm not sure of.
<aetaric> to remove and reinstall ssh?
<aetaric> sudo apt-get purge openssh; sudo apt-get install openssh
 * AbhiJit just found one!
<weekly> thanks aetaric ill try that
<AbhiJit> mysql -u root
<AbhiJit> ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
<AbhiJit> while configuring mysql getting that error! any help?
<aetaric> AbhiJit
<AbhiJit> aetaric, yes?
<aetaric> mysql -u root -p
<AbhiJit> aetaric, thanks!
<aetaric> no problem
<woodsman> Anyone have any experience getting ubuntu server to deploy from cobbler?
<AbhiJit> while trying to do this command sudo apt-get install libapache2-mod-auth-mysql php5-mysql phpmyadmin after insatllation it is now asking me to choose between two servers apache2 and lighttpd
<AbhiJit> which one to select?
<AbhiJit> anyone please tell me?
<AbhiJit> i am stuck in middle of that installation?
<AbhiJit> aetaric, help?
 * AbhiJit selected apache2
<ScottK> AbhiJit: Either are fine http servers.   apache2 is the one that's the most supported by Ubuntu server, so if you don't know, I'd go with that one.
<AbhiJit> ScottK, yah i selected that only
<aetaric> apache2
<AbhiJit> aetaric, yah thanks!
<mathiaz> hallyn: looking at https://code.launchpad.net/~serge-hallyn/ubuntu/lucid/lxc/fix-separate-var
<mathiaz> hallyn: bug 566827 - IIUC it's fixed in maverick?
<uvirtbot> Launchpad bug 566827 in lxc "[lucid] 0.6.5 cannot umount /var properly if it is on a separate partition - container does not start" [Medium,Confirmed] https://launchpad.net/bugs/566827
<hallyn> mathiaz: yup, maverick has 0.7.2, which has the fix
<ScottK> mathiaz: Do you think you could arrange for someone who knows about perl and backtraces to have a look at the last comment in Bug #645009
<uvirtbot> Launchpad bug 645009 in spamassassin "spamd segfaults a message" [Medium,New] https://launchpad.net/bugs/645009
<mathiaz> hallyn: ok
<mathiaz> ScottK: you may wanna ask jiboumans about perl backtraces
<ScottK> mathiaz: I think you just did.
<mathiaz> hallyn: ok - I've update bug 566827
<uvirtbot> Launchpad bug 566827 in lxc "[lucid] 0.6.5 cannot umount /var properly if it is on a separate partition - container does not start" [Medium,Confirmed] https://launchpad.net/bugs/566827
<mathiaz> hallyn: so that it can be turned into a SRU
<mathiaz> hallyn: https://wiki.ubuntu.com/StableReleaseUpdates outlines the process
<mathiaz> hallyn: what I did was to make sure the bug was fixed in the development release (ie maverick)
<mathiaz> hallyn: and then accepted the lucid nomination
<mathiaz> hallyn: as a prerequisite of an SRU is to fix the bug in the develpment version
<hallyn> mathiaz: i noted in the description that it was fixed in amverick...
<hallyn> well lemme go see what you did
<hallyn> mathiaz: i see.  got it.  thanks!
<mathiaz> hallyn: no problem.
<mathiaz> hallyn: I don't think you can accept a nomination yet
<hallyn> ?
<mathiaz> hallyn: I don't know which team you need to be part of to do so
<mathiaz> hallyn: accepting a nomination allows to create lucid task
<mathiaz> hallyn: you've correctly nominated the bug for a specific release
<mathiaz> hallyn: I've just accepted your nomination
<mathiaz> hallyn: at some point down the line you'll be able to nominate+accept a bug in one step
<hallyn> i'm pretty sure that my lack of clearly understanding what you're saying means i'm not ready for that yet anyway :)
<mathiaz> hallyn: :)
<hallyn> but i think i've got it, thanks again.
 * mathiaz looks at the merge proposal
<uvirtbot> New bug: #647038 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/647038
<alex88> hi, i'm trying to use aria2 to download a file, but the download won't start..for example i use: aria2c http://www.google.it and it stays to [#1 SIZE:0B/0B CN:1 SPD:0Bs]..no way to go on..
<AbhiJit> newbie question
<AbhiJit> please help
<EvilPhoenix> AbhiJit, ask your question please
<AbhiJit> after installing lamp where is that 'www' folder where i suppose to keep .php files and etc
<EvilPhoenix> AbhiJit, /var/www
<AbhiJit> EvilPhoenix, ^^ please help
<EvilPhoenix> ?
<AbhiJit> EvilPhoenix, that one is there but i cant save file there it needs sudo
<AbhiJit> is that ok?
<AbhiJit> i mean normal?
<EvilPhoenix> AbhiJit, the default web directory is /var/www.  use sudo to write to it
<AbhiJit> EvilPhoenix, ok thanks
<EvilPhoenix> it doesnt hurt to move files to there with sudo
<EvilPhoenix> it keeps other ssh users from messing with the files too x]
<EvilPhoenix> but cp files to ther
<EvilPhoenix> e
<EvilPhoenix> not mv
<EvilPhoenix> or edit them with sudo nano <file>
<EvilPhoenix> or whatever editor you like
<AbhiJit> yah done EvilPhoenix thanks!
<EvilPhoenix> AbhiJit, no problem, I have that setup for all my servers: root only can write to the www dir
<EvilPhoenix> or sudo users x]
<AbhiJit> yah
<EvilPhoenix> its also by default...
<EvilPhoenix> so...
<EvilPhoenix> x]
<mdlueck> I have documented a kernel regression with the latest 10.04 kernel. I have purged off of my server older kernels already. Where can I fetch an older build of the kernel from so that the regression may be worked around. (Yes, I know "with known security risk".)
<mdeslaur> mdlueck: from launchpad: https://edge.launchpad.net/ubuntu/+source/linux/+publishinghistory
<mdlueck> I believe I have seen sub-revisions of the 2.6.32-24 kernel install
<mdeslaur> mdlueck: click on the version you want, and then click on the right on the architecture you want
<mdeslaur> and you should get a list of binaries you can click to download
<mdlueck> mdeslaur: aahhh, thanks
<failover> Hey, my postfix send messages to procmail, procmail can delivery messages to /var/mail/sysadmin/new but can't delivery to /var/mail/sysadmin/.Junk/ show this error on log: procmail: Unable to treat as directory "/var/mail/sysadmin/.Junk"
<failover> Anyone know why this happens ?
<soren> zul: Ok, so according to ttx, I need to get bug 646706 considered an RC issue before I'm allowed to fix it. What's the trick?
<uvirtbot> Launchpad bug 646706 in libvirt "NWFilter support broken due to Apparmour restrictions" [Undecided,New] https://launchpad.net/bugs/646706
<soren> zul: I imagine it involves subscribing ubuntu-release. What else? Should I target it for the release or is that only for the release team?
<zul> soren: looking
<ScottK> soren: "Before you upload, please let the release team know about it." is satisfied by subscribing us to the bug, which you've done.  I'd say fire away.
<zul> soren: looks good to me...i nominated it for maverick and subscribed the release team just ping them in #ubuntu-release
<soren> ScottK: Excellent, thanks.
<qjcg1> is there a package for the Amazon elastic load balancing API tools somewhere?
<qjcg1> (ie http://developer.amazonwebservices.com/connect/entry.jspa?categoryID=88&externalID=2536 )
<zoopster> qjcg1: unlikely...Amazon has an unfriendly license
<qjcg1> zoopster: ok thanks, good to know
<fx3> is there any way to handle boot errors that are after bios but pre init 4 on a headless server?
<zul> have a good weekend
<soren> jdstrand: Ok, now I'm confused.
<jdstrand> ?
<soren> jdstrand: The problem the bug from earlier was meant to address was seen on an older kernel.
<soren> jdstrand: On the current Maverick kernel, I cannot reproduce it.
<soren> jdstrand: Which baffles me. I see the socket call in strace, but it's not being blocked by apparmour?
<jdstrand> soren: you might see it again. there were some problems with network mediation. ask jjohansen for details
<jdstrand> soren: that sounds consistent with the problems with network mediation that are going to be fixed in a 0day maverick kernel
<jdstrand> soren: ie, you want to fix it
<soren> jdstrand: Ah, so the fact that apparmour isn't blocking it is a bug?
<jdstrand> soren: yes
<soren> jdstrand: That's good, I suppose. It makes providing a test case kind of difficult, though.
<jjohansen> yeah
<soren> I can test it on the box with the older kernel, though, I suppose.
<jjohansen> soren: I can provide you with a test kernel
<soren> jjohansen: I have a lucid box and a backported libvirt.
<soren> jjohansen: The apparmour profiles should be compatible, right?
<jjohansen> that should work
<jjohansen> yeah
<soren> Great, thanks.
<soren> jdstrand: Do I need to do anything clever at postinst time to make this apply or does magic just happen?
<jjohansen> soren: just make sure to use apparmor restart, it will regenerate caches, and make sure the new profile is loaded
<jdstrand> soren: it should just happen
<soren> jdstrand: Yup, just found the snippet in postinst. Great.
<jjohansen> jdstrand: hrmm, what do you mean just happen?  Don't you have to trigger a restart/reload
<soren> jjohansen: That libvirt-bin postinst already does that.
<jjohansen> ah
<soren> jjohansen: So magic needs to be done, but I don't need to do it myself.
<jdstrand> jjohansen: libvirt's postinst uses apparmor_parser
<jjohansen> jdstrand: right, libvirt is special
<jdstrand> jjohansen: well, it is in its VMs, but the use of apparmor_parser is how we do all packages with apparmor profiles these days
<jjohansen> ah, I wasn't aware we had done that
<jdstrand> jjohansen: ie, there is no reason to invalidate all the cache everytime a package is updated when only the one profile needs to be updated
<jdstrand> dh_apparmor was written to do all the magic
<jdstrand> it uses -r -W -T
<jjohansen> right, I need to finish getting the update flag in so only those that require updates are done
<jdstrand> some packages don't use dh_apparmor, but they do the equivalent
<jdstrand> *shrug*
<jdstrand> no big woo
<jdstrand> it works fine for now
<Qwert> Are mirror servers slow today?
<soren> I would be surprised if all >100 mirrors all decided to be slow on the same day.
<Nafallo> soren: you haven't been around at release day, have you? ;-)
<soren> Let me rephrase. :)
<soren> I would be surprised if all >100 mirrors all decided to be slow today.
<ScottK> jdstrand: After soren uploads is fix, I'd appreciate it if you'd review/comment in the bug on it.
<jdstrand> ScottK: k
<pudgypaw> hey guys, i have trouble getting php to parse
<pudgypaw> it worked before but yesterday my setup suddenly quit on me, can anyone walk it through w/ me?
<pudgypaw> I can try apache+php or nginx+php whichever will work
<EvilPhoenix> um...
<EvilPhoenix> what's your current setup
<pudgypaw> virtualbox, bridged internet, openSSH and LAMP stack installed
<EvilPhoenix> doesnt LAMP come with apache or smth?
 * EvilPhoenix yawns
<EvilPhoenix> forgive me if i state the obvious
<EvilPhoenix> been awake several days now
<pudgypaw> I used this: LAMP, zip, php for cmd line
<pudgypaw> $ tasksel install lamp-server
<pudgypaw> $ apt-get install zip php5-cli
<pudgypaw> whoah sleep is needed man @_@
<EvilPhoenix> mmm
<EvilPhoenix> not if you have an unlimited supply of BAWLS or COFFEE
<EvilPhoenix> anyways
<pudgypaw> lol
<EvilPhoenix> never used lamp-server
<EvilPhoenix> my system's a VPS, but apache + phpaddin for it has worked
<EvilPhoenix> got phpBB running to prove it
<EvilPhoenix> but
<EvilPhoenix> i digress
<EvilPhoenix> x]
<EvilPhoenix> you could always try loading apache2
<EvilPhoenix> and its php addons
<EvilPhoenix> ehh darn
<pudgypaw> I've tried that too, used
<EvilPhoenix> which ones are they
<pudgypaw> sudo apt-get install apache2 lib-apache2modsomethinglikethat php5
<EvilPhoenix> *opens Synaptic*
<pudgypaw> hmm
<EvilPhoenix> libapache2-mod-php5 would probably work
<EvilPhoenix> lemme check aptitude on my server
<pudgypaw> let me try that..
<pudgypaw> root@ubuntu:/etc/apache2# sudo apt-get install libapache2-mod-php5
<pudgypaw> Reading package lists... Done
<pudgypaw> Building dependency tree
<pudgypaw> Reading state information... Done
<pudgypaw> libapache2-mod-php5 is already the newest version.
<pudgypaw> 0 upgraded, 0 newly installed, 0 to remove and 22 not upgraded.
<pudgypaw> root@ubuntu:/etc/apache2#
<EvilPhoenix> mmm
<EvilPhoenix> you restarted LAMP or Apache2 (assuming you have apache2)
<pudgypaw> yeah
<pudgypaw> darn thing is.. my setup worked for 6 straight months
<EvilPhoenix> lol
<EvilPhoenix> check to make sure the php packages are updated
<pudgypaw> don't know why  it suddenly doesn't work anymore, tried apache, nginx abunch of different setups
<EvilPhoenix> whats your version of php5-* btw
<pudgypaw> I also did virtualbox, VMware, amazonEC2, all the same issue
<EvilPhoenix> they should be all the same
<EvilPhoenix> well
<pudgypaw> latest one from repos
<EvilPhoenix> just tell me the version you have of php5
<EvilPhoenix> lucid?
<pudgypaw> lemme check (yeah lucid)
<EvilPhoenix> that should be 5.3.2-1ubublah
<pudgypaw> php 5.3
<pudgypaw> yeah that one
<EvilPhoenix> yep
<EvilPhoenix> i'm looking at aptitude now (dual screens ftw)
<EvilPhoenix> hmm
<EvilPhoenix> i dont know what to say
<pudgypaw> i was starting to think the php repository is handing out buggy ones now
<EvilPhoenix> except
<EvilPhoenix> restart
<EvilPhoenix> from scratch
<EvilPhoenix> i.e.
<pudgypaw> rebuild
<EvilPhoenix> uninstall keep configs
<EvilPhoenix> and rebuild
<pudgypaw> rebuilt 20 times in past 3 days x.x
<qman__> clear your apt cache too
<EvilPhoenix> ouch
<EvilPhoenix> oyea what qman said
<pudgypaw> well it's all virtual instances so it's ok but, yeah lots of code 14hrs straight everyday
<qman__> one corrupt download could be throwing the whole thing off
<EvilPhoenix> indeed
<qman__> I helped a guy about a week ago and that was the case
<EvilPhoenix> didnt even think about othat there qman
<EvilPhoenix> must mean i'm dead tired
<pudgypaw> how do i purse the apt cache?
<EvilPhoenix> BLAHHHHHHHHHHHHHHHHHH
<EvilPhoenix> darn *away*
<qman__> remove all .deb files in /var/cache/apt/archive
<pudgypaw> kk *goes to remove*
<qman__> then rebuild
<pudgypaw> mk
<pudgypaw> tasksel: aptitude failed (100)
<EvilPhoenix> o.o
<EvilPhoenix> ouch
<EvilPhoenix> brb
<pudgypaw> hmmm, i'm gonna re-build from scratch, and slam a sudo apt-get update && upgrade first
<doko> RoAkSoAx: ping
<zanthir> pong [round trip: 2 minutes]
<soren> ScottK, jdstrand: I'll get it done today, the real world is just quite demanding on me right now.
<zanthir> er, 3 minutes, if you actually look at the clock...
<MTecknology> !openvz
<mathiaz> ScottK: hi - could you help out on moving things forward on bug 638213?
<uvirtbot> Launchpad bug 638213 in lucid-backports "Please backport puppet 2.6.1-0ubuntu2 from maverick" [Undecided,New] https://launchpad.net/bugs/638213
<incentient> hello was wondering if someone can help, i lost /bin/ls and a few other commands, ownership changed on them to 122 and group haldaemon
<incentient> how is it possible ownership changed on these by themselves?
<incentient> can anyone help me with this?
<jrib> incentient: solar radiation?
<incentient> lol
<incentient> i saw haldaemon i figured mat daemon
<incentient> it's happening on almost all of my ubuntu-server deployments, he's been busy
<jrib> incentient: on lucid?
<incentient> actually on 9.10 and 10.04
<incentient> the one im looking at is 9.10
<pudgypaw> well I just tried scratch start from AmazonEC2, Virtualbox, VMware, SliceHost, all with new apt-get update/upgrade. Still can't get php to parse
<incentient> are there alot of problems with the 64 bit version?
<pudgypaw> i'm so confused as to why will php parse last week but not this week, nginx setup, apache/lamp setup, all fail. I'm seriously eyeballin the php repository as broken
<pudgypaw> oh yeah, ur right, i'm doing x64 builds so far
<pudgypaw> but it worked without fail for past 6 months
<incentient> every install of ubuntu 64 i have is breaking
<incentient> i lost ls
<pudgypaw> you lost ls?!?
<incentient> 122 haldaemono now owns ps, ls, netstat
<incentient> yea
<pudgypaw> even on fresh builds?
<incentient> on production servers this keeps happening randomly
<incentient> no rhyme or reason
<incentient> yea well
<incentient> i built one last week 10days
<incentient> happened already on ls
<incentient> eventually scp, ssh
<incentient> prob happen in a few days... i dont get it
<pudgypaw> what....
<pudgypaw> should we downgrade for stabilityi?
<incentient> my vm of ubuntu is fine htough, this is happening only on deployments
<incentient> hah chill imean this might just be my problem
<incentient> i still have no idea what's wrong.. someone made a comment tome
<pudgypaw> not sure about that, all my new setups are breaking, only one still alive is production
<incentient> huh
<incentient> well
<soren> jdstrand, ScottK: Uploaded libvirt.
<incentient> whats your situation
<pudgypaw> i didn't touch that for 3 months tho
<pudgypaw> basically php will give me either WSOD or no-parse
<incentient> hmm
<incentient> php version ?
<pudgypaw> my setup suddenly no longer works, same build etc
<pudgypaw> 5.3
<incentient> we use 5.3.2?
<incentient> oh
<incentient> when does that happen
<incentient> i havent seen mine do anythign like that
<pudgypaw> I've been doing various builds at least several times a week w/ no issues till this week
<pudgypaw> was wondering if the repo system for php went buggy
<incentient> php commabnd line doesnt work?
<pudgypaw> that works
<incentient> i use dotdeb's package
<pudgypaw> hmm, let me look at taht
<incentient> add them to to the repos
<incentient> i didnt know ubuntu had 5.3 in it's default repos yet
<pudgypaw> interestingly, i think i only started seeing that this week
<incentient> we started seeing all this happen within a few months
<incentient> but now more often
<incentient> a server we installed 6 months ago was solid until we began sshing into it to pull code
<incentient> now has these syptoms
<incentient> and one i built 10 days ago same thing
<incentient> in fact the older ones running desktop 9.10 64 bit
<incentient> newer one is runinng 10.04 server
<incentient> both have same thing
<pudgypaw> did you set them to autoupdate?
<incentient> hmm on the new one owner is 122, group is 114 instead of root root
<incentient> nah
<incentient> def not
<incentient> thats default no i think
<pudgypaw> yeah
<incentient> i dont know much about haldaemon
<jdstrand> ScottK: bug ACKd
<incentient> why the heck would ls become owned by that
<jdstrand> ScottK: err, soren's bug ACKd (646706)
<illytacos> Hi folks, long story but I'm trying to take users and file permissions from a server running ubuntu 9.04 and put them on a different server running 10.04. I'm trying to build a test environment without having to recreate all the groups and users. Any easy way to do this?? Thanks for the amazing work and taking the time to help!!
<_Techie_> illytacos, i would think rsync would handle the file permissions
<_Techie_> illytacos, but as far as migrating the user database, i dont know
<illytacos> hm yeah I'm trying to move it over so that I am able to recreate the exact same environment without having to create the file permissions from scratch. that would take a while....
<_Techie_> illytacos, http://nigibox.wordpress.com/2010/01/20/migrate-user-from-old-server-to-new-server-for-debian-ubuntu-or-linux-generally/
<jrib> illytacos: would just copying the relevant parts of /etc/passwd /etc/group and /etc/shadow not work?  (while preserving permissions on the user's files during the transfer of course)
<illytacos> ahhhh no I'm not trying to migrate all the files. I already did that. Just the users and permissions
<illytacos> sorry i should have been more clear
<illytacos> jrib: I have no idea never tried. :)
<_Techie_> illytacos, okay, then i got another tutorial that tells you whats what
<_Techie_> http://www.cyberciti.biz/faq/howto-move-migrate-user-accounts-old-to-new-server/
<_Techie_> i would just ignore /var/spool/mail and /home
<illytacos> ah thanks folks! between the two of you I think I have my answer. I was trying to search on the net and I ended up with tonnes of documentation on how to create and change permissions and groups but not much on how to migrate them. Thanks folks!
<_Techie_> illytacos, galad we could help
<_Techie_> glad*
<illytacos> I'm a total noob but in an org with no IT support
<MattTheComputerG> I just installed the latest ubuntu-server over an old gentoo installation, snd now the bios hangs when its gose to list the drives, it also dose the same thing when i try to enter the bios
<MattTheComputerG> can anyvody help, or is anybody even here?
<RoAkSoAx> doko: pong
<pudgypaw> im here, but struggling w/ php issues
<ScottK> soren and jdstrand: accepted.  Thanks.
<_Techie_> is anyone able to tell me what they think a fair charge for creating a dialip modem box for someone would be?
<_Techie_> dialup*
<MattTheComputerG> can anyvody help, or is anybody even here?
<jdstrand> ScottK: thanks
<ScottK> jdstrand: Always nice to have someone to share the blame with if something goes wrong.  Thanks for reviewing.
<_Techie_> MattTheComputerG, bios hangs can be caused by bad formatting
<jdstrand> ScottK: hehe. if something goes wrong with that patch, that is pretty bad ;)
<jdstrand> ScottK: but absolutely
 * ScottK doesn't touch apparmor profiles without you  checking them ...
<jdstrand> ScottK: I think that is wise. not for you or me specifically, but to get someone from the security to ack a change is appropriate
<ScottK> Yep.
<uvirtbot> New bug: #647195 in samba (main) "Package Manager freezes while "Entpacke Ersatz fÃ¼r libwbclient0"" [Undecided,New] https://launchpad.net/bugs/647195
<Verahsa> Does someone have a few minutes to help me setup a newly installed ubuntu server as a caching DNS server & file server? :) I attempted to go through the server guide, but for whatever reason it's not cooperating.
#ubuntu-server 2010-09-25
<ScottK> Verahsa: It's much better to ask specific questions rather as for an unspecified commitment of people's time.  If people know, they will usually answer.
<Verahsa> I gathered that just about 10 seconds ago as I started reading the terms of service *blush* My apologies. I'll be properly rewriting my question here in a moment.
<ScottK> No problem.
<Verahsa> When setting up bind9 as a caching DNS server, for whatever reasons it's taking -longer- than using my ISPs DNS (which pings at 350 ms on average) even though pinging the system itself is of course nigh-on instantaneous. How do I go about fixing this?
<Verahsa> ** and repeatedly takes the same much larger amount of time after repeated dig commands of the same server name.
<ScottK> I'd start by looking in /var/log/syslog and seeing if there are apparent large delays or errors from named (the bind daemon)
<ScottK> Also you could pastebin  /etc/bind/named.conf.options so we could have a look at it.
<Verahsa> ScottK: define "pastebin" please? :)
<ScottK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<KurtKraut> Verahsa, how are you measuring the speed took by your cache versus your ISP's DNS server?
<Verahsa> response of dig -x 127.0.0.1
<Verahsa> and then the response of dig google.com a few times
<Verahsa> pasted on pastebin, and I'm not seeing any kind of oddities in /var/log/syslog
<doko> RoAkSoAx: still there?
<Verahsa> * /etc/bind/named.conf.options specifically
<Verahsa> (paste # 500026 which i assume is needed)
<doko> RoAkSoAx: just the question, if it's intended that hearbeat is demoted to universe?
<MattTheComputerG> how do i start the xubuntu gui after i installed it
<MattTheComputerG> what is the command
<ScottK> Verahsa: Just copy/paste the fill link to your paste.
<ScottK> MattTheComputerG: That's a question for #xubuntu.
<Verahsa> http://paste.ubuntu.com/500026/
<ScottK> Verahsa: I'd look into disabling IPv6 resolution.
<ScottK> (I can't tell you exactly how to do that, but I predict Google will know)
<RoAkSoAx> doko: well for maverick we don't actually need it in main because we couldn't get the other packages into main (such as cluster-glue and pacemaker)
<RoAkSoAx> that needed heartbeat as a dependency
<doko> RoAkSoAx: but it is planned for natty?
<RoAkSoAx> doko: yes, for natty we should have everything in main
<RoAkSoAx> and hopefully by early stages of the cycle
<doko> RoAkSoAx: ok, will seed it, and open a task for heartbeat to remove it from the seeds (in 527142)
<RoAkSoAx> doko: for natty you mean?
<doko> RoAkSoAx: it doesn't make sense to demote it now, if you'll readd it in some weeks
<RoAkSoAx> doko: ok , will do then. Thanks for letting me know :)
<doko> RoAkSoAx: is there an extra server seed besides supported-server?
<RoAkSoAx> doko: huh? :)
<doko> RoAkSoAx: because it's emptu
<doko> y
<RoAkSoAx> doko: I don't know actually
<RoAkSoAx> doko: I think mathiaz was the one working on the seeds
<doko> RoAkSoAx: ok, see #527142, added to supported-misc-servers
<RoAkSoAx> doko: ok thanks :)
<MTecknology> wow...
<MTecknology> I tried to upgrade an openvz system from 10.04 to 10.10
<MTecknology> I guess this is bad.
<MTecknology> root@wiki2:~# dpkg --configure procps   Setting up procps (1:3.2.8-9ubuntu3) ...   start: Job failed to start   dpkg: error processing procps (--configure):    subprocess installed post-installation script returned error exit status 1   Errors were encountered while processing:   procps
<MTecknology> Any ideas how I can resolve that?
<MTecknology> I guess a lot of things depend on that package being set up right - but I can't set it up..
<MTecknology> obviously I can't just purge it and try to reinstall it either
<EvilPhoenix> is there something that replaced inetd?  or does inetd exist but is just inactive
<MTecknology> Why does php-apc depend on apache stuff?
<hggdh> MTecknology: start by lookin at the /var/log/apt/term.log, and find out what error was it
<MattTheComputerG> how do i enable the internet in ubuntu server if i did not set it up durring install, please tell me how searched goodl for hours with no luck and im loosing it.....
<MattTheComputerG> *I searched google...
<MattTheComputerG> so dose anyone know how? the second i talked the room went dead
<_Techie_> MattTheComputerG, is one of your interfaces setup with a gateway address and a DNS address?
<pudgypaw> OK, I've found out something new: all my php files are being interpreted as pHTML files. can someone throw some light onto this weirdness i got w/ my default lamp stack?
<MTecknology> can you add info to crontab from a command?
<MTecknology> ie- not crontab -e
<joschi> MTecknology: either use the crontab files in /etc/cron.{daily,weekly,monthly,d} or create the user specific crontab file (e. g. export it with `crontab -l > /path/to/file` and do your modifications) and import it (`crontab /path/to/file`)
<MTecknology> joschi: thanks
<Callum__> ooohkay, so I have SMTP AUTH enabled in Postfix's settings but its not actually enabled according to telnet, and when Thunderbird tries to connect to the serving using a user name and password it doesn't work... I'm using Webmin to configure Postfix, any ideas?
<Callum__> server*
<ScottK> Callum__: Don't use webmin to configure postfix.
<ScottK> I've seen it screw up Postfix configs before.
<Callum__> heh
<ScottK> If you look at the server guide (see /topic) it's got detailed information on how to set up smtp auth for Postfix on Ubuntu.
<Callum__> okay, well I have used the server guide and everything seems to be correctly configured, but it still won't work
<Callum__> telnet EHLO <mailserver> is now saying the right things and all that...
<Callum__> hmm, hang on
<uvirtbot> New bug: #647337 in dovecot (main) "upgrade of packages freezes when upgrading dovecot-common" [Undecided,New] https://launchpad.net/bugs/647337
<Callum__> Sep 25 19:28:01 webserver postfix/smtpd[28583]: setting up TLS connection from 122-59-229-61.jetstream.xtra.co.nz[122.59.229.61]
<Callum__> Sep 25 19:28:07 webserver postfix/smtpd[28583]: SSL_accept error from 122-59-229-61.jetstream.xtra.co.nz[122.59.229.61]: -1
<Callum__> Sep 25 19:28:07 webserver postfix/smtpd[28583]: warning: TLS library problem: 28583:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:562:
<Callum__> Sep 25 19:28:07 webserver postfix/smtpd[28583]: lost connection after STARTTLS from 122-59-229-61.jetstream.xtra.co.nz[122.59.229.61]
<Callum__> Sep 25 19:28:07 webserver postfix/smtpd[28583]: disconnect from 122-59-229-61.jetstream.xtra.co.nz[122.59.229.61]
<Callum__> oops a bit longer than I thought
<Callum__> but still, .................................................
<FusionX> i requested only 2 CDs from ubuntu but i got all the 4 CDs, thanks alot!!
<MalkavianManiac> does a fee of $25 USD sound right to you guys, for setting up a server with dialup dhcp and forwarding packets for use as a gateway?
<qman__> quite low, depends on who it's for though
<qman__> I charge $35 per half hour
<qman__> general on-site service rate
<eljak> hello if i have a guest with IP address 216.60.75.228 and the guest its IP address in the range of 66.240.192.141 how would i configure bridging so the guest is visible on the net? thanks
<joenslf> how can i change the hostname of ubuntu server?
<mytc> hi there!! can any one show  me how to allow ubuntu-server (lucid)  with two Nics comunicate with the public ip address
<RoyK> !guide
<uvirtbot> New bug: #647489 in dovecot (main) "package dovecot-postfix 1:1.2.11-1ubuntu1 failed to install/upgrade: subprocess installed post-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/647489
<imoschak> I need some help setting up networking for a vm
<imoschak> anybody interested in helping?
<RoyK> imoschak: I think you should as a real question about the problem for getting help
<imoschak> Ok i've setup a bridge br0 and i'm using virt-manager to define a network device for the vm
<imoschak> so i define br0 as the virtual network interface
<imoschak> but the vm can't reach outside
<imoschak> is there a guide apart from the one in ubuntu docs for networking vms
<imoschak> ?
<AbhiJit> hello
<AbhiJit> when i run the file.php with this code <?php phpinfo(); ?>
<AbhiJit> i got the proper output
<AbhiJit> but when i try to run the file.php with this code http://paste.ubuntu.com/500319/ i am not getting anytihng
<AbhiJit> nothing on page not ever that html msg
<AbhiJit> anyone please help
<leftyfb> AbhiJit: did you look in your access and/or error logs for apache?
<AbhiJit> leftyfb, no i am noob in this. how to look that log? i dont know how to understand any error in log file
<AbhiJit> :(
<AbhiJit> anyone else??????
<dvrvm> how can I make an init.d script run after NFS volumes are mounted (or why is the NFS directory not seen)? it is already on S99
<RoyK> AbhiJit: what happens if you 'wget -qO - http://name-of-site' ?
<RoyK> dvrvm: perhaps trying with upstart?
<AbhiJit> RoyK, mine is loclahost. what to write in name-of-site?
<AbhiJit> google.com?
<AbhiJit> or mine one?
<dvrvm> RoyK: so i have to learn this incredible mess of upstart to get my script running? i thought it was a rather trivial task :D
<AbhiJit> <html><body><h1>It works!</h1>
<AbhiJit> <p>This is the default web page for this server.</p>
<AbhiJit> <p>The web server software is running but no content has been added, yet.</p>
<AbhiJit> </body></html>
<AbhiJit> RoyK, i got that in wget -q0- http://localhst
<AbhiJit> brb
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<RoyK> AbhiJit: that's not your php script you're testing, is it?
<AbhiJit> m bck
<AbhiJit> RoyK, ok wait
<AbhiJit> RoyK, i am testing wget -qO - http://localhost//abhitest.php and getting no output for it
<RoyK> no idea, then
<RoyK> check the error log
<RoyK> apache error log
<AbhiJit> RoyK, where to check?
<RoyK> /var/log/apache is a good place to start
<AbhiJit> RoyK, ok
<AbhiJit> RoyK, it says that error in this line die (âcheck your server connection.â);
<AbhiJit> RoyK, anythin wrong in syntax etc?
<RoyK> perhaps trying to ask on #php would be a good idea.....
<AbhiJit> RoyK, ok
<dvrvm> RoyK: does upstart really use only the /etc/event.d directory? there are like 5 scripts there...
<dvrvm> nvm, found em
<AbhiJit> RoyK, soleved in #php. thanks to you too!!! :) now everything is working! :)
<RoyK> :)
<dvrvm> hm. WHY does my upstart script ALSO not see my directory, even if i start it with "start on filesystem" and it runs perfectly fine from the command line?
<ScottK> ttx and zul: I've just triaged Bug #646858 - I don't recall the server specific triage tag you were using, so I didn't add it.  This looks like one that needs to be addressed before release.
<uvirtbot> Launchpad bug 646858 in dovecot "dovecot-postfix and upstart incompatibility" [High,Confirmed] https://launchpad.net/bugs/646858
<dvrvm> anyone here with expertise about network-manager vs. NFS race conditions?
<mrmonday> I'm trying to get wireless working with my ubuntu server (I know, not my choice :3), and would like to know if there's a certain set of steps I should go through to debug it? I can pick up my network with iwlist, I can't seem to get it to actually connect though (I've followed the setup steps listed at http://ubuntuforums.org/showthread.php?t=571188 under WPA-PSK with Ra Based Chipsets)
<uvirtbot> New bug: #647647 in postfix (main) "postmap -u segfaults" [Undecided,New] https://launchpad.net/bugs/647647
<wieshka> hey there - how can i mirror directories with rsync ..... now only all files copied, but also, if on source file is deleted, also it deletes on backup destination
<wieshka> -- delete ?
<pmatulis> wieshka: i don't think rsync cam do that
<Ad0> hey
<Ad0> after upgrade from hardy to feisty, I get access denied when going into a folder on the computer
<Ad0> main share root is OK
<Ad0> but any directory under that fails
<_ruben> feisty is older than hardy...
<Ad0> err
<Ad0> lucid
<Ad0> sorry
<Ad0> heard that samba 3.4.0 is buggy
<Pecores_Connass> hi
<Pecores_Connass> can u help me, after update : init: plymouth min process (1414) Killed by sevg signal
<Ad0> ouch
<Pecores_Connass> ?
<Ad0> not sure
<MalkavianManiac> how stable will 10.04 be when 10.10 is relesed... sure everybody says its stable being the LTS... but alot of people have trouble with it
<Pecores_Connass> kernel panic - not syncing: vfs: unable to mount root fs on unknow-block(8,1)
<amine_> MalkavianManiac, I think that it's a big mistake to qualify a new released distribution as STABLE ! NO SOFTWARE CAN BE STABLE AT FIRST RELEASE !
<Nafallo> well, 4.10 was our first releae... :-)
<Pecores_Connass> can u help me i can just boot on rescue mode
<Pecores_Connass> how to reupdate
<amine_> Nafallo,  it means that since 4.10 you didn't reach  the stability yet :P it's a shame to say that :P
<Nafallo> amine_: well, the servers I run are just fine...
<amine_> Nafallo, I know I am just kidding ! me too ! I have never found a high level of stability until using ubuntu !
<Pecores_Connass> .
<MalkavianManiac> is their any form of caching server for samba?
<MalkavianManiac> i have about 700gigs of movies on my desktop machine, and i like to turn my desktop off at night, and i cant do this while somebody is watching a movie on the media center
<MalkavianManiac> so is there any caching program that will act as a relay to my desktops shares, but when a file is requested, load it tempoarily onto my server
<qman__> not that I'm aware of, the system is designed from the perspective that your servers will be on 24/7
<MalkavianManiac> yeah, well my server is
<MalkavianManiac> my desktop isnt
<qman__> yes, but your desktop is performing the server role here
<MalkavianManiac> my srever being a dualcore athlon, and my desktop being a quadcore phenom
<qman__> the 'right' way is to put the movies on the server
<MalkavianManiac> i really wish i could do that
<MalkavianManiac> but im not gonna shift my terabyte hard drives from my desktop to my server
<qman__> entirely up to you
<qman__> but a server can't serve something it doesn't have
<qman__> it's a matter of design choice
<qman__> the software you envision is unlikely to exist because it would consume an absurd amount of bandwidth just for one client, and has no other practical use
<qman__> the best solution is to have the server store all the files, so that any client can get them at any time
<qman__> it also makes clients somewhat disposable
<qman__> you put all your effort into the server, and if a client crashes, it's no big deal, because the important files are on the server
<RoyK> ffs - if the linux  people doesn't come    up   with a decent filesystem  like zfs soon, it'll die in  a storage respective
<uvirtbot> New bug: #647785 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/647785
#ubuntu-server 2010-09-26
<Pecores_Connass> hi
<Pecores_Connass> i cant open nx connexion after update ubuntu
<Pecores_Connass> Warning: Unrecognized session type 'unix-gnome'. Assuming agent session.
<Pecores_Connass> Error: Call to bind failed for font TCP port 11000. Error is 1 'Operation not permitted'.
<Ad0> Pecores_Connass: pretty bad error
<Ad0> sounds like access rite problems
<Ad0> Pecores_Connass: http://wiki.centos.org/HowTos/FreeNX#head-da1c62bfe81bf13866060aca4cd1565a4de6bb25
<Ad0> check the  sshd part
<Ad0> nite
<MTecknology> This is awesome... http://lease-color-copiers.com/Why_is_Microsoft_Word_So_Expensive.html
<sport_> I just installed Ubuntu Server as a VM, but the font is too large.  How can I adjust screen resolution
<uvirtbot> New bug: #647873 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/647873
<jtraylor> looks like everyone is still quietly buzzing away with work after the past 4 years.
 * Callum__ explodes
 * MalkavianManiac stands there with a shocked look upon his face... then starts to wonder if superglue will be enough to put Callum__ back together
<Callum__> Dovecot won't create the bloody /var/spool/postfix/private/auth socket file so everything can work, I'm 99.9% sure everything is configured properly but Dovecot is just being an asshole
<MalkavianManiac> Callum__, i got dovecot working on my server ages ago, but then i broke it and havent bothered to fix it since... so im not much help
<MalkavianManiac> i just switched to google apps
<Callum__> ugh I need this to work
<G> Callum__: you set the option correctly in dovecot.conf?
<Callum__> yeah
<Callum__> it just won't work
<Callum__> G: http://pastebin.com/UZa0hiWv
<G> try 0600
<Callum__> still not there...
<Callum__> still doesn't work
<G> errr 0660
<Callum__> 0660 was in there, it just says 432 on "dovecot -n"
<G> in fact mine does too
<G> but it works correct
<Callum__> mine doesn't >_>
<G> does the directory exist?
<Callum__> /var/spool/postfix/private? yeah, and its got a while other load of socket files in there
<G> Callum__: btw, are you running AppArmor, just occured to be that it could be denying it
<G> Callum__: check /var/log/syslog
<Callum__> G: well, apparmor is installed, but there is no apparmor related errors in /var/log/syslog
<G> Callum__: hmmm okay, it was just a sudden thought, I can't think of anything else, unless there is something in the mail.log
<Callum__> http://pastebin.com/x06XfjkU - a portion of mail.log when I try to send an e-mail
<G> anything from dovecot?
<G> (maybe from dovecot startup)
<Callum__> G: nothing unusual
<Callum__> Sep 26 16:00:38 webserver dovecot: dovecot v1.1.11 starting up (core dumps disabled)
<MTeck> if I just toasted a config file... how can I get that back short of purge and reinstall?
<pfifo> im having some trouble getting postfix todo what i want. I have successfully sent mail to root@pfifo.net from my gmail, but if i send it to test@pfifo.net it get sent back saying its undeliverable. I understand that is because there is no user named test on my system. What I would like it todo is instead of sending mail for test@pfifo.net back to gmail, have it dump this mail into root@pfifo.net mailbox
<pfifo> actually, i would prefer that every email that comes in on port 25 goes to root@pfifo.net
<pfifo> and also to be complete, i ran sudo postmap /etc/postfix/aliases, and got a file not found error which is where I am now
<RudyValencia> If I'm gonna be pushing Ubuntu installs out over PXE, how much of the repositories should I mirror locally?
<RudyValencia> Is just main enough?
<joschi> RudyValencia: it depends on what packages you're going to install
<RudyValencia> Well, I don't want future installations from PXE to take hours
<joschi> RudyValencia: although I personally wouldn't mirror the whole repositories but use a package cacher like apt-cacher, apt-proxy or approx instead
<RudyValencia> apt-cacher-ng was recommended
<joschi> RudyValencia: I like approx. small, simple, reliable.
<RudyValencia> I'll install approx then
<RudyValencia> OK, so it's installed; what do I do from here?
<joschi> RudyValencia: configure your approx.conf (e. g. add the upstream mirrors) and add the URL of your approx cache to the sources.list
<RudyValencia> so like, "main http://ubuntu.mirror.here/ubuntu" ?
<RudyValencia> er, wait, should be "lucid"
<RudyValencia> and lucid-security from security.ubuntu.com and etc.
<RudyValencia> right?
<joschi> RudyValencia: take a look at your current sources.list and use these URLs
<joschi> RudyValencia: using a mirror nearby will give you bonus points ;)
<RudyValencia> I do have those URLs.
<RudyValencia> But is it "lucid"/"lucid-security"/"lucid-updates" that I put in the list or "main"/"restricted"/"universe"/"multiverse" that I put on lines in the approx.conf file?
<RudyValencia> joschi: Never mind I figured it out
<RudyValencia> but I can't seem to get my laptop to use the approx cache
<joschi> RudyValencia: that's a nice and detailed error description...
<RudyValencia> When I enter the information into the ubuntu-installer, it says:
<RudyValencia> Bad archive mirror
<RudyValencia> The specified Ubuntu archive mirror is either not available, or does not have a valid Release file on it. Please try a different mirror.
<joschi> RudyValencia: either the URLs in your sources.list or the ones configured in approx.conf are wrong
<RudyValencia> It works on the server side
<RudyValencia> I set up two mappings - ubuntu http://ubuntu.osuosl.org/ubuntu
<RudyValencia> and security http://security.ubuntu.com/ubuntu/
<RudyValencia> Or do I need something like lucid, lucid-updates, and lucid-security ?
<joschi> you'll need to use these in your sources.list
<joschi> e. g. deb http://your-approx-host/ubuntu/ lucid main restricted
<RudyValencia> I figured out how to set up the sources.list
<RudyValencia> it's the /etc/approx/approx.conf I'm trying to get working
<joschi> ubuntu          http://archive.ubuntu.com/ubuntu
<joschi> that's the only line in my approx.conf (except for third party repositories which don't matter to you)
<RudyValencia> So I only need one and can just set lucid, lucid-updates, and lucid-scurity to use approx in my /etc/apt/sources.list ?
<RudyValencia> *lucid-security
<joschi> yes
<joschi> you actually have to. see `man 5 sources.list`
<RudyValencia> I set each of those to use approx instead.
<RudyValencia> I can't seem to get my laptop (PXE-booted currently) to work with the server
<RudyValencia> Ah, I have to configure it as if it were a proxy
<joschi> no, you actually use it as source URL, not as proxy
<joschi> RudyValencia: but there are other solutions that work like that if you prefer it
<RudyValencia> I tried that and got the "Bad archive mirror" error
<joschi> probably because your URLs were wrong...
<RudyValencia> I'll try it again
<RudyValencia> It still isn't letting me do it, same error
<RudyValencia> I'm putting the hostname in as (not literally): http://[server IP]:9999
<RudyValencia> and the directory of the archive as /ubuntu/
<RudyValencia> and no proxy
<RudyValencia> I don't even know how to check the port from the notebook itself other than maybe trying to send an HTTP header through nc
<RudyValencia> (the PXE boot image is very limited in what it has on it
<joschi> RudyValencia: paste your approx.conf and your sources.list and don't anonymize anything in it...
<RudyValencia> ok
<RudyValencia> but the server doesn't have a GUI
<RudyValencia> how do I get it over to a pastebin?
<joschi> RudyValencia: either use copy&paste from your shell or use something like http://sprunge.us/
<RudyValencia> approx.conf: http://pastebin.com/4PVejEWP
<RudyValencia> sources.list: http://pastebin.com/5fNnnYdR
<joschi> RudyValencia: both files look correct to me
<RudyValencia> And I'm typing in http://192.168.37.253:9999
<RudyValencia> (as the host)
<RudyValencia> Maybe I should try mirroring main locally
<joschi> if 192.168.37.253 is the host running approx that should be fine
<RudyValencia> it is
<joschi> does approx listen to that interface?
<RudyValencia> I see it in netstat as:
<RudyValencia>  tcp        0      0 0.0.0.0:9999            0.0.0.0:*               LISTEN
<RudyValencia> It apparently starts from inetd
<joschi> RudyValencia: ok, but is there maybe a packet filter which denys access to that port to other machines?
<joschi> RudyValencia: does `aptitude update` work on the host with the sources.list you've just posted?
<RudyValencia> Yes
<RudyValencia> It goes through the list several times, sometimes Hit and sometimes Ign
<joschi> that's ok and it means that approx is working correctly and actually serves the correct files
<RudyValencia> Just not sure why the PXE boot environment doesn't like it
<RudyValencia> joschi: I figured out the problem
<RudyValencia> OSUOSL's mirror confuses the installer
<RudyValencia> Because I was using it as an approx source, all approx did was forward their mirror's page on and it confused the poor lappy
<RudyValencia> I'm going to reinstall it and just use Ubuntu's default servers.
<RudyValencia> er, no
<RudyValencia> it was my fault
<RudyValencia> I was entering http:// before the server name and that's what was wrong :o
<RudyValencia> it works fine!
<RudyValencia> PEBCAK.
<flecharota> help
<flecharota> i m lost..for modify server..
<flecharota> hello
<RudyValencia> May I help you?
<flecharota> RudyValencia, dime xfa
<flecharota> donde metes una url?
<flecharota> x q la guarde..en servidor a conectar
<flecharota> uso xchat y ubuntu
<RudyValencia> Sorry, I don't speak spanish
<RudyValencia> You might try #ubuntu-es
<flecharota> RudyValencia, ok thanks
<flecharota> i am here
<flecharota> the channel spanish no reponse
<flecharota>  i am desesperate..
<flecharota> my url is diferent..or bad
<flecharota> where modified this url on xchat?
<flecharota> please
<flecharota> !serverlist
<flecharota> RudyValencia, your nickname is spanish!!!
<flecharota> you don t speak spanish..?
<flecharota> or you not say
<flecharota> resolve my problem..
<flecharota> hi
<RudyValencia> I just don't speak spanish
<RudyValencia> do you need to change what server you connect to in xchat?
<RudyValencia> go to XChat > Network List... in the menus
<RudyValencia> then click on the IRC network you want to edit and press "Edit..."
<RudyValencia> click on the server listing you want to edit and it'll turn into a test entry
<RudyValencia> er, text enry
<RudyValencia> sorry, been up all night
<RudyValencia> enter the correct info in it, then click OK and next time it should work right
<flecharota> ok thans..ufff complicated for me
<flecharota> thanks  i am lost sorry
<flecharota> my english is not good
<RudyValencia> no problem
<flecharota> test entry?
<flecharota> where is itÂ¿
<RudyValencia> I meant 'text' entry
<RudyValencia> you click on the server listing you want to edit and it should let you edit it
<flecharota> o ok
<flecharota> maybe its not modified
<flecharota> no save,,
<flecharota> the correct server is modified
<flecharota> ok
<flecharota> mindforg is on 6667
<flecharota> ok
<flecharota> but the real direction
<flecharota> is modified
<flecharota> is bad ok
<flecharota> the server have out
<flecharota> 3 days
<flecharota> ok
<flecharota> RudyValencia,  ok?
<flecharota> this url..is not exactly
<RudyValencia> lemme see what i can find out about that network
<flecharota> and the program says
<flecharota> sorry read me
<flecharota> expired conect...
<flecharota> its not one server
<flecharota> the url ,,,,
<flecharota> is not write ok
<flecharota> my qustion is
<RudyValencia> does it still say 'newserver/6667' or something
<flecharota> uf
<flecharota> still?
<flecharota> im spanish men...
<RudyValencia> all I can think of is talk to #ubuntu-es, sorry
<flecharota> help me sorry..
<flecharota> ubuntu-es not reponses
<RudyValencia> I'm not sure i understand what you mean
<flecharota> ok..my url is not write ..ok
<flecharota> the port yes,,but the url noooo
<FusionX> *right
<uvirtbot> New bug: #648120 in squid (main) "Squid doesn't start at boot" [Undecided,New] https://launchpad.net/bugs/648120
<FusionX> what is ur problem flecharota?
<flecharota> wher modified,,xchat/
<flecharota> server
<flecharota> my direction url is not write ok
<flecharota> i am modified
<flecharota> after ataks for server irc funkyHat
<flecharota> FusionX, sorry tellme
<progre55> hi guys. Is it okay to do-release-upgrade a server over ssh? from karmic to lucid
<flecharota> FusionX, tell me please..im desesperate ..this is message of error
<flecharota> conect expired FusionX ?
<flecharota> i want introduce 56.67.456....etc where introduce the correct url please?
<flecharota> i say the direction ....lost
<flecharota> and expired
<flecharota> logical..is bad
<flecharota> modified ..where FusionX ????
<flecharota> where please..
<flecharota> and memorize this new server ...
<flecharota> very dificult for me..i m spanish sorry..y understand litle words
<flecharota> technical problem for me..not connect!
<flecharota> no
<flecharota> the irc ....
<FusionX> errr....i cant understand anything flecharota sorry can't help.
<flecharota> ok
<flecharota> FusionX, not problem..im continue in other chanel spanish thanks
<progre55> anyone? Is it okay to do-release-upgrade an ubuntu server over ssh? from karmic to lucid
<iceflatline> progre55: I recently upgraded 8.10 to 10.10 over ssh. The upgrade broke several packages but ssh was fine.
<hggdh> progre55: it is not a good idea, things may go wrong, you lose your SSH session and... there is nothing there to SSH back in
<progre55> hggdh: but what if I dont have physical access to the server at the moment? Is it worth a risk? )
<hggdh> progre55: the upgrade process will start a second SSH server on a different port. If you lose the session, and your firewall rules allow, you can SSH into this second instance
<hggdh> but if your firewall rules block the access, you *will* have to get physical access
<aetaric> as a rule, i always removed the execute perms from iptables or csf/lfd and killed the process when i updated remote servers.
<aetaric> better safe then sorry
<progre55> hggdh, aetaric: thanks guys, appreciate
<progre55> apparently my firewall blockes that port..
<aetaric> progre55: well, to be safe and prevent you from breaking packages... run the program in screen... that way when you get console access, you can just reattach with screen -x
<aetaric> at least it is a decent failsafe
<aetaric> just run screen sudo do-release-upgrade
<progre55> aetaric: thanks, I'll do that
<progre55> is it safe even if I dont have the alternate port open?
<aetaric> it will keep the update runnning... and visable via any connection you can make...
<aetaric> if it is a VPS, i'm sure you can get console access
<progre55> the only connection I have to the server right now is ssh on port 22
<aetaric> fun... anyone know if you can force the backup ssh port to 22?
<progre55> oh wait, actually I can get access on the internal IP from another server in the same LAN
<progre55> damn, I'm too tired =)
<aetaric> progre55: oh, well, there you go..
<progre55> aetaric: thanks =)
<aetaric> progre55: np, hope that update goes well
<progre55> =) thanks
<progre55> oh and btw, how do you enable the "tab" thing when you type a part of a command and tab finds it for you?
<progre55> dont even know how to properly explain it ))
<mgolisch> it should be enabled by default
<progre55> mgolisch: but what if it's not? how do you enable it?
<vbabiy> Hey should ubuntu 9.10 have start-stop-daemon installed?
<mgolisch> progre55: did you do anything funny? it realy should work out of the box
<mgolisch> the default dumb completion should complete executable names in $PATH+filenames+directories
<mgolisch> progre55: so you say the tab key does nothing for you?
<progre55> mgolisch: I havent set the server up myself.. I just got it
<progre55> well anyways, let me try to release-upgrade, maybe it will work then )
<progre55> oh and another issue.. how do you forward all the calls to a virtual host in mysite.com (say, developer.mysite.com) to a localhost port 8080?
<progre55> is it the apache mod_proxy using ProxyPass?
<mgolisch> yeah
<progre55> thanks
<progre55> hmm.. I'm having this problem while release-upgrading http://pastie.org/1182588 can anyone please have a look and tell me what's wrong?
<progre55> it seems that I dont have the PATH var
<progre55> but echo $PATH shows this: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
<mgolisch> its probably something wrong with your /etc/environment
<mgolisch> no idea if thats why it fails to upgrade that package though
<mgolisch> so id start by fixing the /etc/environment file, if it still fails to install the package afterwards look at the failing postinstall script
<progre55> yeah, I fixed it.. someone had messed up /etc/environment
<progre55> adding JAVA_HOME there, and then trying to append it to the PATH, but instead, overrighting PATH )
<uvirtbot> New bug: #648202 in vsftpd (main) "vsftpd started even if not in standalone mode" [Undecided,New] https://launchpad.net/bugs/648202
<harrisonk> what is a good irc server program?
<mgolisch> what for?
<arrrghhh> so i'm looking at upgrading my processor in my server, and i figured i should also go 64-bit when i do this.  i'd like to make sure i can reinstate everything, what's the best way to do that?
<harrisonk> arrrghhh are you still there?
<arrrghhh> yes
<harrisonk> what services do you run on your server?
<harrisonk> are they Artdetecture dependant?
<RoyK> arrrghhh: first, if you think you need a new server, setup sysstat or similar software to check where the bottleneck is
<arrrghhh> huh?  bottleneck?
<arrrghhh> i just want to upgrade the processor
<arrrghhh> dual-core low cache to a quad-core higher cache proc
<arrrghhh> harrisonk, i'm not sure.  the one that worries me the most is webkeypass
<arrrghhh> that was the biggest PITA to get installed/working correctly on startup.
<arrrghhh> er
<arrrghhh> webkeepass i guess is the name sorry.
<harrisonk> ether way I have never heard of that program
<arrrghhh> based on keepass
<arrrghhh> but a web interface
<arrrghhh> basically
<arrrghhh> it's dependent on java
<harrisonk> arrrghhh what Royk means is: Why do you want to upgrade the processer, is it because the systems slow or something? maybe you need more RAM for example.
<arrrghhh> oh i see
 * RoyK pats harrisonk 
<arrrghhh> no i know the processor is the bottleneck
<uvirtbot> New bug: #648272 in samba (main) "non executable bit on cd rom media" [Undecided,New] https://launchpad.net/bugs/648272
<arrrghhh> the only problem i have is transcoding media on the fly
<harrisonk> very well what is the processer now?
<RoyK> arrrghhh: what is the sar output over time?
<arrrghhh> and i can watch htop peg the cores
<RoyK> ah
<RoyK> ok
<arrrghhh> intel e2180
<arrrghhh> dual core 1mb cache 2.0ghz
<RoyK> arrrghhh: most transcoders don't support parallel transcoding, though
<arrrghhh> and i want to go to the q9500.  quad core 6mb 2.8ghz
<RoyK> ffmpeg supports it with h.264, but that's the only one I know
<arrrghhh> really?  hrm.
<arrrghhh> i use ps3mediaserver
<arrrghhh> i think it uses mplayer or vlc to transcode
<RoyK> probably single-threaded
<RoyK> most are
<arrrghhh> i think you can choose to set it to be mutli-threaded as i recall
<arrrghhh> either way the dev said that if you want to transcode 1080p on the fly you'll need a quad-core minimum.
<RoyK> I used to work with MÃ¥ns RullgÃ¥rd, who wrote the multithreaded h.264 transcoder bits
<arrrghhh> the rig can transcode 720p on the fly
<arrrghhh> but 1080p it fails
<arrrghhh> i have a gigabit network
<arrrghhh> and i don't think RAM is the issue
<RoyK> while transcoding, run top and press 1
<RoyK> it'll show cpu usage per core
<RoyK> I would guess only one core is in use
<arrrghhh> i think htop splits out the cores by default
<RoyK> MÃ¥ns' stuff went into libavcodec iirc, so it may be used from there
<arrrghhh> and i basically see one core peg, then the other core.  it doesn't peg both at the same time.
<arrrghhh> so does that mean it's only using one core?
<harrisonk> I would think so.
<harrisonk> just switching betwean them
<arrrghhh> how else can i tell?
<harrisonk> that I don't know.
<harrisonk> Royk?
<arrrghhh> i'm just going off of what the dev of the project states.
<RoyK> arrrghhh: the hard thing about transcoding media in parallel is that you need to take the time from an I frame and through the B or P frames and run that in a separate thread
<RoyK> harrisonk: ?
<harrisonk> I was asking you for another command to check core activity
<arrrghhh> look, i'm pretty sure i want to upgrade my processor.  that's not a big deal, i've already determined that's what i'd like to do
<RoyK> harrisonk: sar -P ALL is good
<harrisonk> okay
<RoyK> harrisonk: just setup sysstat to run regularly
<RoyK> apt-get install sysstat
<RoyK> and then enable it in /etc/default/sysstat, then start it
<harrisonk> arrrghhh do you have the codename of your current processer?
<RoyK> for some stoooopid reason, debuntu leaves it disabled unless you specifically enable it
<arrrghhh> lol ok
<arrrghhh> harrisonk, not sure.  e2180 wasn't enough?
<arrrghhh> RoyK, so what do i do after i enable it...?
<RoyK> just run sar
<arrrghhh> says that i should make sure data collecting is enabled
<arrrghhh> which i just enabled it
<arrrghhh> do i have to wait some time?
<RoyK> http://pastebin.com/cmkibRid
<RoyK> arrrghhh: /etc/init.d/sysstat start
<harrisonk> I walk up to random person and say e2180 I would get a look of 'what?' I could always look it up though.
<arrrghhh> RoyK, ah ok
<arrrghhh> harrisonk, lol sorry
<arrrghhh> i don't know 1 sec
<harrisonk> I found it
<RoyK> http://ark.intel.com/Product.aspx?id=31733
<harrisonk> and what is the number of the new proc?
<arrrghhh> yea i'm looking at that intel page
<arrrghhh> i don't see any common name tho
<arrrghhh> q9500
<harrisonk> I wikied it it is a Conroe or allendale processer
<arrrghhh> so that's more accurate of a description?  lol
<RoyK> arrrghhh: can you start a transcode and see if it really uses more than one core?
<arrrghhh> i did the sar -P ALL and it doesn't really have much output
<arrrghhh> sure
<RoyK> use top
<RoyK> or htop if you like
<arrrghhh> htop is easier to read for me
<arrrghhh> pretty colors haha
<harrisonk> Royk what does transcoding do?
<RoyK> harrisonk: decoding and encoding a media stream
<arrrghhh> harrisonk, converts one type of media format to another
<harrisonk> okay
<harrisonk> like MP3 to OGG?
<RoyK> yes
<arrrghhh> so for example my PS3 doesn't play MKV (matroksa video)
<RoyK> that's transcoding
<arrrghhh> indeedy
<arrrghhh> but i'm doing it for video :D
<arrrghhh> 720p works great
<arrrghhh> but 1080p and it gets choppy
<harrisonk> can you use 720P?
<mgolisch> if its just about the container you dont need to reencode the video/audio
<mgolisch> just swap the container
<RoyK> arrrghhh: I used to work for this company doing VoD and we did some research on transcoding
<mgolisch> mkvextract and then use mp4box to pack it into a mp4 container
<mgolisch> or whatever your ps3 supports
<mgolisch> thats what i used to do for my xbox360
<arrrghhh> mgolisch, yes but not all files are just a simple container switch
<arrrghhh> like sometimes the PS3 doesn't feel like playing older forms of DIVX
<mgolisch> oh yeah i just us a computer currently
<mgolisch> less hazzle
<arrrghhh> there's so many different forms of DIVX, it plays xvid but not some old format, can't remember the name.  there's some other crap too.
<mgolisch> mplayer just eats everything i feed it
<arrrghhh> yea, i used a computer but then i had issues with surround sound.
<RoyK> arrrghhh: so what does htop say?
<arrrghhh> i'm watching it now
<arrrghhh> it seems to be more than handling this movie wth
<arrrghhh> cores are running at like 10%
<arrrghhh> 2% right now
<RoyK> sar -P ALL 1 100
<arrrghhh> huh
<arrrghhh> ok
<RoyK> sar -P ALL 1
<arrrghhh> what am i looking for
<RoyK> that'll sample cpu usage once per second
<arrrghhh> yes
<arrrghhh> idle is all in the 90's
<arrrghhh> jeebus
<arrrghhh> i don't get it
<arrrghhh> let me try a different file
<arrrghhh> that says it was 1080p tho crazy
<RoyK> what does iowait say?
<arrrghhh> 0's
<arrrghhh> well
<arrrghhh> 1.98
<arrrghhh> 1.0
<arrrghhh> mostly 0's
<RoyK> low
<arrrghhh> had one that was 5.71
<arrrghhh> then 0's
<arrrghhh> ah
<arrrghhh> this one is pegging the proc more
<RoyK> well, start a transcode and let it run for some time
<arrrghhh> it's not choppy on the tv tho
<arrrghhh> blargh
<arrrghhh> crap only fails when my gf is around.  wtf.
<RoyK> female vira, perhaps
<arrrghhh> i swear we tried watching this exact movie and it was so choppy it was unbearable.
<arrrghhh> lol
<arrrghhh> seriously
<arrrghhh> yea one core will be 96% while the other one is 17 or 20
<arrrghhh> and it seems to alternate
<arrrghhh> one core will peg, one core will be using very little.
<arrrghhh> sometimes i'll see when both are at 60%
<arrrghhh> ah ha
<arrrghhh> this one is choppy
<RoyK> doesn't sound multithreaded to me
<arrrghhh> three mencoder processes are running
<RoyK> pastebin ps fax
<arrrghhh> http://pastebin.com/YG65uXdX
<arrrghhh> what's weird is
<arrrghhh> mencoder looks like it's running a bunch of stuff that's unrelated
<arrrghhh> wth
<RoyK> erm - you have lots of mencoder processes there
<arrrghhh> lol
<arrrghhh> i stopped playback
<arrrghhh> and those processes are still in there
<RoyK> killall -9 mencoder
<arrrghhh> huh
<arrrghhh> tsMuxer seems to be doing the same
 * RoyK thinks there should be an alias for killall -9 like 'slaughter'
<arrrghhh> i'm sure you could make one haha
<arrrghhh> hrm
<arrrghhh> it seems perhaps ps3mediaserver doesn't clean up after itself so well
<arrrghhh> those were all movies/shows that the ps3 said it couldn't play
<RoyK> well, try starting a new transcode and monitor the cpu usage
<arrrghhh> k
<arrrghhh> so now 2 mencoders
<arrrghhh> running on the same file
<arrrghhh> perhaps that's how it's multithreaded lol
<RoyK> and what does sar say?
<arrrghhh> one core will peg
<arrrghhh> and the other will be lame
<arrrghhh> like 96% on core 0 and 19% on core 1
<RoyK> to/from what are you transcoding?
<arrrghhh> well it's mkv currently
<RoyK> mkv?
<arrrghhh> h264 video
<arrrghhh> i think the audio is dts
<arrrghhh> 1 sec lemme open it with vlc
<arrrghhh> yea it's mkv
<arrrghhh> and i think any of the transcoding stuff just dumps it to an m2ts
<arrrghhh> mpg2
<arrrghhh> somethin like that
<arrrghhh> yea the video is mp4 h264
<arrrghhh> audio is dts
<RoyK> the two processes are probably transcoding a stream each, then, video and audio
<arrrghhh> ah
<arrrghhh> that would make sense
<RoyK> with ffmpeg you can transcode in parallel, but then, you won't get a nice gui for it
<arrrghhh> then remuxing to vlc
 * soren doesn't see how any of this is relevant for ubuntu-server.
 * RoyK agrees
<RoyK> arrrghhh: try #ffmpeg
<arrrghhh> dude, you took the conversation on this freakin trip
<RoyK> soren: it all started out with arrrghhh wanting to get a new CPU for his box, so it's legitit somehow
<arrrghhh> i just started asking how to backup my server so i could upgrade the proc and go to 64-bit
<RoyK> hehe
<arrrghhh> thank you lol
<RoyK> my pleasure :)
<arrrghhh> so what would be the best way to ensure my new 64-bit server has all the necessary data from my 32-bit server...?  i want to make sure to backup anything i can data wise, obviously programs have to be reinstalled.
<RoyK> arrrghhh: the data will be consistent
<arrrghhh> well all the configuration crap i have in here
<arrrghhh> startup scripts
<RoyK> arrrghhh: even moving from big endian to little endian ensures constant data - 32/64bit is not an issue
<RoyK> just move the scripts
<arrrghhh> hrm we may not be talking about the same thing
<osmosis> any gotchas for setting up a win2003 virtual guest on ubuntu server? I tried, but it ran unusably slow. Retrying again now.
<MalkavianManiac> osmosis, does your CPU support virtualization?
<mgolisch> also what virtualisation software do you use?
<osmosis> MalkavianManiac, yes. i have a bunch of ubuntu virt servers running using HVM already. Just trying to get a virtual win2003 instance to work correctly.
<mgolisch> you using kvm or what?
<MalkavianManiac> mgolisch, HVM
<mgolisch> whats that supposed to mean?
<MalkavianManiac> just ignore me
<osmosis> anyone know what exactly virt-install's  --os-variant  option does?
<andreserl> osmosis, man virt-install
<andreserl> it will tell you there
<osmosis> andreserl, says  "Further optimize the guest configuration for a specific operating system"  , not very specific. If I do an install manually, i want to know what difference it would make. I can tell what the 'optimizations' are.
<osmosis> cant
<andreserl> osmosis, well I guess that's internals of each OS, such as some might not use ext4 by default as others and things like that (that's a guess) Probably in upstreams website is better explained
<osmosis> andreserl, unfortunately not much docs there either. thx though.
<osmosis> for ubuntu kvm, should I be running a win2k3 guests as  arch='x86_64'  or  arch='i686'  ?
<andreserl> osmosis, i686 afaik
<mgolisch> probably depends on what you tell it to do
<mgolisch> theres 64bit versions of 2k3 server too
<uvirtbot> New bug: #648404 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/648404
<koltroll> Good evening people.
<koltroll> I've been setting up a lamp-server, and it's been going quite well actually. The only problem I'm having is with postfix. Some mail gets to me, some ends up in junk and some won't even get delivered. They get rejected by the mail host who's getting the mail.
<koltroll> I really haven't done any configuration besides installing postfix. My server is a VPS-server.
<koltroll> *any postfix-configuration.
<koltroll> I have numerous questions but I'll wait and see if there's anyone active before I keep on writing :)
<cemc> can I change that instead of rebooting, ctrl+alt+del will shutdown 10.04 server ?
<cemc> found it: /etc/init/control-alt-delete.conf
#ubuntu-server 2011-09-19
<Durg> hey guys, I posted this yesterday but didn't really get an answer - I'm not sure if this is the right place to ask this, but I'll take a random stab at it; I've got a theoretical question for you guys - I've got a SaaS type service that moves data from one point to another; sometimes, that data is behind a VPN. I've got multiple clients on a single server, so plugging that entire box
<Durg> into the VPN isn't an ideal solution; do you guys think it'd be possible to connect an external "worker box" to the VPN and then connect through that box via a proxy connection? Would that work or am I pounding sand?
<twb`> That would depend on a bunch of things
<twb`> Like: is there a proxy available for the protocol in question?
<smoser> Daviey, where'd that come from ?
<Durg> twb`: typically, proxies can be configured for any TCP service yeah?
<jmarsden> Durg: No, application proxies are protocol specific by definition.
<twb`> Perhaps you should describe the service in more detail
<Durg> interesting
<Durg> it's essentially an API to API middleware app
<Durg> takes data from one enterprise system and moves it into another
<Durg> such as a CRM to an ERP, ERP to Fulfilment, etc
<Durg> but it's built around a SaaS model; completely hosted environment, so accessing on-site applications and databases that contain critical customer data is a significant challenge
<twb`> Is it using a custom layer 7 protocol, or is it layered on top of e.g. HTTP?
<Durg> HTTP
<twb`> Then in principle you could use something like squid or nginx as the proxy
<twb`> Although IIRC HTTP requires the client side to know it's going via a proxy, or for you to do dirty transparent proxy hacks
<Durg> well, essentially the goal is to be able to access network services and clients for single-use calls; that's why I thought a proxy option might work
<Durg> the back-end database I'm connecting to might be MSSQL, MySQL, Oracle, etc. or even file-based
<Durg> might not have an HTTP endpoint
<Patrickdk> isn't that what soap was made for?
<Durg> well, REST, SOAP, XMLRPC, but that requires the application to adapt to meet the middleware, not the other way around
<Durg> my second solution is to build a mini-instance that contains all of the network-specific code and can be accessed by a REST interface, but that raises my cost per client significantly compared to building 5 or 10 relay boxes for my entire network of clients
<twb`> I don't think I really understand the problem
<twb`> I'm not saying "there's no problem", I mean that I can't get my head around all the bits
<twb`> A network diagram and/or user stories would probably help
<Durg> unfortunately very few do, lol - it's my specialty field
<Durg> well, here's a use case, that might help
<twb`> Well, it's also that I don't do stuff like saas much
<Durg> Company ABC has MAS500, an on-premise based application with an MSSQL database for their finance system, which is blocked off by their firewall (for good reason, it contains critical financial data about the company) - they want to move sales orders from Salesforce.com (SaaS) into their MAS500 instance
<Durg> so it goes Salesforce -> DatixPanel.com (my middleware app) -> MAS500
<Durg> from a low level standpoint, the concept is:
<Durg> Salesforce -> Message Processing Server - > Action Server (retrieves, transforms and sends data) -> VPN Tunnel -> MSSQL
<Durg> companies don't want to expose MSSQL through their firewall, because it would pose a significant security risk
<Durg> so the problem is, how do I get to MSSQL?
<twb`> Something like stunnel I guess
<twb`> Er, no, brain fart
<twb`> No, you know what, a properly secured TLS-encrypted version should be fine to allow through the firewall
<twb`> I mean that's how stuff like IMAPS and HTTPS work
<Durg> you know that, and I know that, but they don't want to admit that
<twb`> OK, so that's not allowed because <customer> is retarded?
<twb`> I mean plan A is "convince the customer to do it right" :P
<Durg> lol, of course, but my target audience is small to mid biz, not enterprise
<Durg> enterprise IT guys typically know that
<Durg> but small to mid are... frankly, idiots
<twb`> IME enterprise-level ones are the idiotest
<twb`> Two-thirds of SMEs will just do what you recommend
<Durg> well, that's not 100% false either
<Durg> but typically the CIO is more intelligent than not
<Durg> and they've typically done something like this with their data in the past
<twb`> Yeah right
<Durg> it's more about experience when I say 'intelligent'
<twb`> My dad was CIO for a multinational for a couple decades, and he doesn't know shit about the lower layers.
<Durg> I think that's part of the reason they're more willing to say go
<Durg> lol
<twb`> He deals with issues more like "how do I convince Cisco to give me a 60% discount" not issues like "why do we even need Cisco"
<Durg> yeah, that sounds typical
<Durg> just from my experience, I've had a lot less resistance from enterprise clients than SMEs
<twb`> I guess it depends on how much their guy trusts you, and whether he realizes that he doesn't know what he's talking about.
<Durg> well, the goal is to reduce the amount of end-client configuration to as low as possible; so setting up a PPTP login usually requires less effort
<Durg> unless I'm wrong about that?
<Durg> I'm a programmer, not a sysadmin
<Smaug> hey all, I'm looking for a good resource that explains how the permissions of directories affects access to subdirectories and files with differing permissions
<idlemind> smaug: you talking about permission inheritance?
<Smaug> idlemind: very possibly
<Smaug> sounds like it means what i'm after
<twb`> You can't have that with POSIX DAC
<Smaug> u have a resource for it?
<twb`> If you use something else, like POSIX ACLs, NTFS or NFS4 ACLs, then I guess so
<twb`> I've always put ACLs into the "too hard" basket.
<idlemind> see acl's i think are really important
<twb`> (Actually I tell a lie, there is one specific kind of inheritance you can have in POSIX DAC -- setgid dirs.  But that's unlikely to be what you want.)
<Durg> and you guys just blew my little admin mind.
<Durg> lol
<idlemind> the fine grained options they give just outweigh the crap out of traditional owner / group / system perms
<twb`> idlemind: yes but then I have to learn how to use them
<idlemind> problem is they always come off as an afterthought in linux, the tools just don't seem to be their yet
<twb`> Personally I'd like to do it properly with grsec RBACs, but ICBF recompiling the kernel on all my hosts
<twb`> idlemind: yeah that's the other issue
<idlemind> smaug: https://help.ubuntu.com/community/FilePermissions
<idlemind> smaug you will probably want to look into using acl's
<twb`> AFAIK BCP is to use NFSv4 or NTFS acls; not POSIX acls.
<Smaug> idlemind: thanks for the link, but I'm not sure if that includes what i'm interested in.   what I want to know is, if a directory has, for example, drwx------ and a file inside it has -rwxrwxrwx or whatever, what happens?  can the file be read by a random user?  or not since you can't get into the directory?
<Smaug> that sort of behavior
<Smaug> i'll look into ACLs
<idlemind> http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html
<Smaug> but from your discussion it appears that they don't always work?
<idlemind> it's an all or nothing type setting with the default rwx rwx rwx permissions as far as i know
<idlemind> so acl's (nfs v4 ones) may be your best option to make it behave more like the ntfs file perms you are most likely used to
<Smaug> idlemind: thanks for the link, it was helpful but also did not answer my question.  i am not seeking to make ubuntu behave as ntfs, I am simply attempting to understand how it does behave so I can use it properly
<Smaug> the umask was a pretty interesting read and i thank you for it
<idlemind> smaug that's basically it
<idlemind> when you create a file it doesn't inherit permissions
<Smaug> one of the questions i am trying to answer, for example, is - if a directory has a set of permissions, how does that affect the permissions of the files inside
<Smaug> it
<Smaug> and if the directory does not affect the perms of the files inside it
<Smaug> what is the point of directory perms
<Smaug> do you have situations where you cannot cd to the directory but if you know the path of the file you can still access it?
<idlemind> 1. a directories permissions do not affect the permissions of the files inside only if you can view those files or not
<idlemind> well i guess i answered both there
<jmarsden> idlemind: True, but setting g+s affects ownership of files created inside the directory, though!
<Smaug> so is the answer to my secondn question yes? that surprises me
<jmarsden> Smaug: Yes, you can set things up so a user cannot read a directory to discover what files are in it, but if the user knows a filename they can read it.
<Smaug> hmm okay
<idlemind> well i do stand slightly corrected u+s and g+s would allow you to force inheritance for files created within a directory
<idlemind> so that maybe something you want to research smaug
<Smaug> my end goal is being able to add a user to help with creating a website, without letting him have access to other, private parts of the server
<Smaug> like other sites of my own
<idlemind> o well that's simple
<idlemind> when you create the user don't give him a home directory (or assign his home to the web-sites root) and add that user to a group with your other users and assign that group the rwx you want on those files
<idlemind> you may want to then set the g+s on the web-sites root so that files that user creates inherits the group perms
<idlemind> ne who i gotta run
<idlemind> tty laters
<Smaug> thanks you idlemind
<DanaG> Just got this oops on natty, when detaching a serial console from byobu:
<DanaG> http://pastebin.com/E0JU0nmg
<DanaG> Oddly enough, my znc is still running.
<DanaG> (10:25:03 PM) DanaG: Just got this oops on natty, when detaching a serial console from byobu:
<DanaG> (10:25:04 PM) DanaG: http://pastebin.com/E0JU0nmg
<ThomasB2k> How do I access the GRUB cli when on boot I'm taken directly into Ubuntu without a grub menu?
<twb`> Hol- oh, he's gone.
<twb`> Damn impatient kids
<s10loridr> i changed the ssh port on a 10.04 server, i can not connect to it with the new port (or old port) do i need to regenerate the keys on it after i change the port? I get a connection refused when trying to ssh into it now
<twb`> Host keys are not port-specific
<twb`> You probably forgot to deal with the firewall or something
<greppy> s10loridr: I would check the firewall, and you should be able to run on multiple ports for testing.  Just add another "Port 2222" or whatever line, leaving the original "Port 22" there.
<s10loridr> actually i made a dumb mistake, was editing the wrong fiel
<s10loridr> i used the ssh_config by accident
<s10loridr> im an idiot
<s10loridr> all fixed now, thanks
<koolhead11> hi a;l;
<koolhead11> *all
<jamespage> morning all
<phretor> "error: invalid argument in libvirt was built without the 'gsx' driver" - any chance that I can connect virsh to a GSX hypervisor on 11.04?
<twb`> phretor: you can rebuild your own version
<phretor> twb`: well, I'd have preferred not to screw with the packaging system
<twb`> phretor: since 11.04 is released, you're unlikely to get a new version that has new features enabled
<phretor> I'm trying to migrate out from vmware
<twb`> Apparently GSX driver just backs onto HTTP, so I would guess it wasn't in 11.04 because it wasn't in that version of libvirt
<GeorgeJ> Hello folks
<GeorgeJ> My base instalation of ubuntu server 11.04 seems to come with udhcpd as a default dhcp daemon. Can I change it to ISC?
<phretor> when I upgraded from 10.10 to 11.04, GRUB attempted to boot Xen DOM0. Does this have to do with the upgrade, or I installed Xen stuff by mistake?
<twb`> GeorgeJ: try apt-get install isc-dhcp-client
<GeorgeJ> Aye, just did so, I was just a bit confused because dhcpd3-server did not exist in /etc/init.d
<soren> phretor: You must have installed Xen. By mistake or not, I can't say :)
<soren> phretor: It's most certainly not part of the standard upgrade procedure.
<twb`> Didn't kernels recently get the ability to be dom0's OOTB ?
<soren> Yes.
<phretor> soren: I should go for libvirt/kvm instead, right?
<smb> Kernels, yes. But to boot in that mode you need xen-hypervisor
<soren> phretor: If you're not on ancient hardware, yes.
<twb`> just checking
<soren> twb`: Right, they can act as dom0, but you still need the Xen hypervisor to run first (which then in turn runs the dom0 kernel).
<phretor> soren: I've got a Dell PowerEdge 1950 with 8 cores and 8G of RAM. smb: what do you mean by "to boot in that mode"?
<smb> Normal upgrade should not pull that hypervisor package.
<soren> twb`: So a standard install can't function as a Xen host. You must manually choose to install the Xen hypervisor.
<smb> Unless somebody put it into a meta package that pulls it.
<soren> phretor: KVM is what I'd recommend for sure.
<Daviey> soren: I bought a server last year that oddly, Intel excluded virt extensions.
<Daviey> fairly modern CPU aswell.
<soren> Daviey: True.
<smb> phretor, In that mode means the xen hypervisor is booted and loads a kernel as dom0
<phretor> smb: maybe I installed xen on 10.10 and then disabled it and forgotten. And the upgrade simply reactivated it by mistake.
<soren> Daviey: They still produce new models that don't have the virt extensions. The feature support matrix of Intel processors is a massive clusterfuck.
<Daviey> smoser: slow reply, must have been an issue in my bundling.
<twb`> soren: that's for price differentiation
<soren> twb`: potato, potato.
<twb`> soren: like "$100 more for the VT version!!1!"
<twb`> It shits me that the only atoms that have VT are the pouslbos
<smb> phretor, Maybe. I have not checked really, but the last working xen hypervisor I know of in Ubuntu was 8.04.
<twb`> OTOH my main machine I'm switching to ARM this month, and I managed to get the only one that doesn't have SIMD (NEON) :-///
 * smb misses a "was"
<smb> Sorry not fully awake, yet
<soren> AMD gets this right. They don't mix and match features. Each new processor offers a superset of the features of its predecessor. There might be the odd exception to this rule, but it's just that: and odd exception. Intel offers virtually any combination.
<twb`> soren: I guess my point was just that it's a *deliberate* clusterfuck
<soren> twb`: True, and good point.
<phretor> smb: ah, true, I migrated all the way from 8.04 -> 8.10 -> 9.04 -> 9.10 -> 10.04 -> 10.10.
<smb> phretor, Ah ok. Hm, interesting to remember that xen can be that persistent...
<soren> Well, if you've had the hypervisor installed, but not had a kernel that could be a dom0, you're fine.
<Daviey> smb: I believe you are correct about 8.04 being the last working xen hypervisor release, which is why the buildd's never upgraded to Lucid.
<phretor> smb: http://paste.pocoo.org/show/478406/
<Daviey> soren: I was rather unhappy.. i stopped checking virt extensions before purchase as it seemed they all had them now.. being left with a lemon made me cry.
<smb> Daviey, yep. And thats why they really like us to have something before Hardy goes out of service. :)
<soren> Now that the standard kernels can be a dom0, and you happen to have a hypervisor installed (which would have been useless for the past X releases), suddenly you'll boot into Xen. I guess this is somethis update-manager should warn about.
<Daviey> smb: Yep, which is why we single-handed pushed xen into mainline :P
<twb`> smb: good luck with that
<twb`> smb: wasn't xen axed in lucid, along with vserver and openvz?
 * twb` bitches about LXC not being ready in .32
<soren> twb`: It was axed right after ahrdy because it wasn't supportable (not being in mainline)
<soren> ...but now it's in mainline, so it's a different story.
<twb`> soren: non-LTS releases don't matter anwyay
<twb`> They are just an ephemeral fog
<soren> twb`: Also, the dom0 kernel in Hardy wasn't in main.
<twb`> Nor was openvz or vserver, shrug
<smb> soren, phretor Maybe that is related to the old 3.1 hypervisor. On my test system with the 4,1 one there is a special grub entry for starting as xen and it is not the first thing
<twb`> And current lucid-security .32 has LXC support disabled to keep stupid vsftpd happy :-/
<phretor> smb: that was 3.3
<soren> twb`: whuh, really?
<twb`> yeah
<smb> twb`, Not so much axed as ignored as it was already enough pain to drag a patchset for getting a pv-ops domU
<twb`> SOmeone noticed that vsftpd used cgroups and DOSd it, so the "fix" was to disable cgroups (thus, no LXC), rather than to, I don't know, turn off that feature in vsftpd
<smb> soren, twb` It has net namespaces disabled
<twb`> smb: still annoying, because the upgrade path from hardy openvz was to lxc, which IMO isn't ready as at .32
<Daviey> twb`: It's all very well identifying failings... people tend to come to UDS to help fix these things. ;)
<smb> Right, because you can create them quick but it takes about two seconds for each to get torn down in Lucid
<twb`> Daviey: go stick your head up a dead bear's bum :P
<Daviey> heh
<smb> twb`, The option would be to take one of the backport kernels
<twb`> smb: yeah, that's what I'm doing now, I just don't like it
<twb`> I would just prefer vsftpd be penalized for being stupid
<smb> Well, _if_ vsftp is the only thing
<smb> Which you never can say
<twb`> Yeah yeah, I know you're right
<twb`> I'm probably extra pissed off because the power outage that triggered the new .32 kernel happend at like 4AM sunday
<twb`> And it was totally unexpected that it LXC would Just Not Work anymore after a kernel -n+1 update
<smb> twb`, Yes, I can understand that. I'd preferred to have had another option. Or at least a way to warn about the change
<twb`> I'm mainly just venting (again)
<twb`> FWIW libvirtd-bin has been doing OK, apart from ridiculous errors from the stupid broken virt-managers in lucid and natty
<twb`> e.g. apparently natty's v-m goes "oh, you are connecting as chris, I will just add /home/chris on the server, which has a root_squashed /home, as a VM volume.  And then try to scan it all the time"
<soren> twb`: When was this kernel update, btw?
<twb`> Dunno, there's a ticket in LP about it
<twb`> [Bug 790863] Re: Unable to start lxc container after update to 2.6.32-32
<uvirtbot> Launchpad bug 790863 in linux "Unable to start lxc container after update to 2.6.32-32" [Critical,Confirmed] https://launchpad.net/bugs/790863
<soren> Oh, a long time agi.
<soren> ago, even.
<twb`> qemu/kvm and me are BFFs, tho. I can do ttyS0 and TFTP booting and stuff, /me love.
<soren> And looking at an architecture diagram of kvm doesn't make me facepalm unlike the equivalent for Xen.
<twb`> Eh, isn't xen designed by the same people that try to use microkernels in the real world?
<soren> Xen is a microkernel.
<twb`> There you go then
<soren> But that's hardly the worst of it.
<stiv2k> is there a program that I can run on my server that will forward ports in my router via uPnP for me? so if I switch it between wireless / wired i dont need to manually change port forwarding settings... etc
<twb`> About as clever as hurd or ntoskrnl :P
<twb`> stiv2k: last time I looked, UPNP was basically a big hole that said "exploit me!".  Do you really want that?
<stiv2k> twb`: i dont know much about that, can you elaborate
<twb`> If mean if you're doing port forwarding maybe you want more like SOCKS5 (ssh -D) or something
<stiv2k> twb`: its just to make the machine visible from behind a NAT device
<stiv2k> it happens to have a wireless card and i'd like to make it easier to switch between the two interfaces
<twb`> Oh one of THOSE.  Is Ubuntu running on the router, or is it some crappy vendor-provided vxworks image?
<stiv2k> while still keeping the machine visible on the net
<stiv2k> it runs a custom fw
<twb`> Like OpenWRT?
<stiv2k> Tomato
<stiv2k> same idea
<twb`> Are the wifi and ethernet networks bridged together (on the router)?
<stiv2k> how to tell?
<twb`> Pastebin the output of "ip a" and "ip r" for each network
<twb`> If they're the same range (e.g. 192.168.0/24), then they're bridged
<twb`> Since you don't know, they probably are
<twb`> In which case, the easiest solution would just be to make sure you use the same IP address regardless of which interface you're using.
<stiv2k> hold on
<stiv2k> let me ssh in
<twb`> Failing that, rather than UPNP you could just ssh into tomato and use a shell script
<jamespage> Daviey: any chance you could sponsor the MP for bug 852019?
<uvirtbot> Launchpad bug 852019 in octopussy "Octopussy not installable due to renamed dependency" [High,In progress] https://launchpad.net/bugs/852019
<stiv2k> twb`: the router has a lot of interfaces
<stiv2k> br0, eth0, eth1, lo, vlan0, vlan1
<Daviey> jamespage: no, because i hate you.
 * jamespage is feeling the love this morning :-)
<stiv2k> vlan1 has my public ip
<twb`> stiv2k: no, the interfaces on your laptop or whatever
<stiv2k> oh
<Daviey> jamespage: crappy weather for you aswell?
<twb`> SOmething like http://paste.debian.net/130942/
<jamespage> Daviey: meh - kinda average here
<stiv2k> twb`: wtf is ip a ?
<twb`> A command.
<twb`> Like "ifconfig" only not shit
<stiv2k> twb`: http://pastebin.com/GWRpJcNm
<stiv2k> hahaha
<stiv2k> i use wicd to connect to the wireless network
<twb`> stiv2k: yeah, OK, now check if when you switch to wired, it also gets a 192.168.1/24 address
<stiv2k> twb`: it does
<twb`> OK, so then just make sure you get the same IP on both
<stiv2k> hmm ok
<Daviey> great, LP seems OOPsy today :(
<twb`> Not that the same time; I mean whichever you're on, it is always (say) 192.168.1.10/24
<stiv2k> what if the wired connection is plugged in and wireless is still on too?
<twb`> stiv2k: then it explodes
<twb`> stiv2k: but it should explode in that case anyway
<stiv2k> will the machine become unreachable
<stiv2k> to anyone
<twb`> Depends
<twb`> Probably something like RPF will just throw away half the packets
<stiv2k> what is RPF
<twb`> Magic
<twb`> Short version is: make sure you don't raise both networks at once
<stiv2k> there is a wireless switch on the machine
<twb`> (It *can* be done, but it's a huge pain in the arse and you don't want to do it.)
<stiv2k> i just need to remember to disable the wireless before plugging in the ethernet
<stiv2k> i should test it out
<stiv2k> i imagine it would still destroy all the existing connections
<stiv2k> meaning i would get kicked off irc and all my clients would get kicked off too
<stiv2k> ok here we go
<twb`> stiv2k: or script it to do so
<twb`> SOmething dirty like this http://paste.debian.net/130943/
<stiv2k> hello
<stiv2k> i'm still here
<stiv2k> cool
<stiv2k> it worked, twb`
<stiv2k> twb`: how would i script the system to do that
<Markslap> Good day everyone. I'm trying to enable and use IPv6 on my Ubuntu Server 11.04-machine, I've tried to add my IPv6 address to eth0 (I still want to be able to use IPv4) and add the correct route, but nothing seems to work. And this https://wiki.ubuntu.com/IPv6 article did not help at all, it's just about tunneling.
<Markslap> And it's on the machine that the problem is, not the network. :)
<twb`> stiv2k: to do what?
<stiv2k> yo, wtf
<stiv2k> every time i plug in the cat5 cable, it gets a dynamic ip
<stiv2k> i have to do /etc/init.d/networking restart
<stiv2k> and THEN it gets the static ip i assigned it
<twb`> Markslap: you should already have an IPv6 address listed in "ip a", that is autonegotiated a la IPv4's zeroconf
<Markslap> inet 78.46.87.39/27 brd 78.46.87.63 scope global eth0
<Markslap> inet6 2a01:4f8:120:14e1::10/64 scope global
<phretor> has anyone deployed openstack or eucalyptus on ubuntu yet and want to share thoughts?
<Markslap> Like that?
<twb`> Markslap: well, yes, that's your IPv6 address
<stiv2k> twb`: http://stats.stiv2k.info
<stiv2k> tell me you like my load averages
<twb`> stiv2k: doesn't work.  You shouldn't be using PHP anyway
<stiv2k> huh
<stiv2k> so its not visible then
<stiv2k> whats not working?
<twb`> stiv2k: I get a response, but there's no load average there.
<stiv2k> what do you see?
<twb`> http://paste.debian.net/130947/
<Markslap> twb`: Mkay, but when I tell Irssi to use that IP address i just get this error when trying to connect to a IPv6-enabled server: 11:04:21 -!- Irssi: Unable to connect server efnet.xs4all.nl port 6667 [No route to host]
<stiv2k> what...oh
<stiv2k> twb`: stop being a smart ass
<stiv2k> you could have just said "i dont have a browser"
<twb`> stiv2k: if you expect me to be using a browser with js, or css, or colour, or images, you are wrong.
<twb`> My browser implements HTML.  That's it.
<stiv2k> lol
<stiv2k> so you can't look at at like... 90% of the internet
<twb`> It means I have a nice consistent interface and you stupid webdevs can't fuck it up or spam me with ads
<twb`> stiv2k: yes, the 90% that is where 4chan and youtube and other useless time-wasters hang out
<twb`> technical and academic resources work just fine
<stiv2k> hehehe
<twb`> (Except blackboard, but that's retarded.)
<stiv2k> twb`: i use youtube for technical and academic resources all the time
<ersi> Now now, stop quibbling. You got different needs and tastes.
<twb`> IME there are no technical youtube videos where you can't jsut throw away the video stream
<twb`> In any case, mplayer can do youtube better than some silly browser
<twb`> ersi: right.  It's just MY needs are more important :P
<stiv2k> lmao
<stiv2k> anyhow
<stiv2k> what i was saying earlier was
<stiv2k> can i write a script that will bring wlan0 down upon plugging in the ethernet cable
<stiv2k> or bring wlan0 up upon disconnecting it
<twb`> stiv2k: on plugging it in, or on DHCP completing?
<twb`> I showed you how to do the latter
<stiv2k> i dont use dhcp
<twb`> The former would go in /etc/network/if-up.d or so
<stiv2k> otherwise i wouldnt be able to get my port forwards to stay consistent
<twb`> Sure you woud
<twb`> *would
<stiv2k> explain?
<twb`> Just teach the DHCP server to supply the correct IP
<stiv2k> hmmm
<twb`> Admittedly that might be hard to make it send the same IP to both
<twb`> But failing that you could tell your DHCP client to refuse leases that don't match, and to specifically ask for the lease you want
<twb`> You'd have to make sure you released the lease on the old iface before switching, tho
<stiv2k> i think im going to finally fall asleep
<stiv2k> 5:12am
<twb`> Likewise
<koolhead11> kim0:
<kim0> koolhead11: hey man
<koolhead11> came to know about this company called system76 they sell hw with only ubuntu as sw on it. :D
<koolhead11> os
<koolhead11> Daviey: hello
<kim0> yeah some nice laptops there I guess :)
<Daviey> hey koolhead11
<koolhead11> kim0: they are selling servers too man. :D
<Daviey> rbasak: Fancy reviewing a branch for me please?
<rbasak> Daviey: sure
<Daviey> rbasak: it's updating the diff... but https://code.launchpad.net/~davewalker/ubuntu/oneiric/dnsmasq/add_dnsmasq-utils_package/+merge/75988
 * rbasak waits
<Daviey> maybe i borked it by requesting a merge before LP had scanned the branch
<koolhead11> rbasak: hey
<rbasak> hey koolhead11
<koolhead11> how have you been? and is cobbler thing got solved for you?
<koolhead11> rbasak: am waiting for your blog on same. :D
<rbasak> I got it working in the end, thanks. There were a few hurdles - remind me of the one you are thinking about?
<rbasak> Was it the installer not finding the disk and ending up in a loop?
<Daviey> jamespage: Do you fancy review and if suitable sponsoring, https://code.launchpad.net/~allison/ubuntu/oneiric/backuppc/bug-852484/+merge/75973 ? :)
<jamespage> Daviey: sure - lemme just finish up what I am working on
<Daviey> jamespage: no hurry.
<jamespage> Daviey: ack
<rbasak> Daviey: should I be testing the build? In principle it looks good to me. What's the purpose of the Conflicts: line, and if to stop it going with a previous version before the new package, then surely it should be against 2.58 and not 2.40?
 * rbasak isn't really sure how to go about doing a review here
<Daviey> rbasak: My assumption was that the contrib script wasn't in <2.40.
<Daviey> rbasak: Is there anything cosmetic, does it build, does the new binary deb contain files you'd expect?
<Daviey> does the damn thing install?
<Daviey> pick a few of the above.
<rbasak> Daviey: but the contrib scripts are built in the source. What's that got to do with a binary dependency?
<Daviey> Tear me apart. kkthnx
<Daviey> rbasak: Yes, but i assumed the upstream source of <2.40 didn't include contrib/wrt/dh*
<Daviey> oh
<rbasak> yeah but why would one need a conflicts for that? A binary built from this source would have them
<Daviey> rbasak: honestly, i don't know.. perhaps <2.40 produced the same binary?
<Daviey> NFI, it's a change that came from the debian maintainer.
<rbasak> I don't suppose it matters
<Daviey> But good question, one that i now want to find out.
<rbasak> That was the one thing in the diff I didn't understand, that's all
<Daviey> rbasak: Great, so add a comment to the merge proposal, if you approved it - i'll upload it.  If it turns out to be bad, i'll blame you.. thanks :)
<jamespage> Daviey: minor version bump with just bug fixes does not need a FFE right?
<Daviey> jamespage: correct-a-mundo.
<jamespage> coolio - lgtm - uploading now
<rbasak> Daviey: :-)
<Daviey> jamespage: rocking.
<rbasak> Daviey: I need to do a build test first though
<Daviey> jamespage: I raised the "Please Merge" bug and put that as a comment :P
<jamespage> doh!
<jamespage> missed that comment
<jamespage> Daviey: gah - not in the ubuntu-server packageset!
<nijaba> smile of the day http://www.datamation.com/news/tech-comics-finding-a-job-in-the-cloud-computing-era-1.html
<koolhead11> nijaba: sysadmins will get it all if amazon goes for toss!! :D
<Daviey> jamespage: rly?!
<Daviey> jamespage: I was sure it was :/
<Daviey> nijaba: heh
<jamespage> Daviey: backuppc_3.2.1-1ubuntu1_source.changes rejected
<jamespage> quack quack oooppps
<jamespage> normally check before I upload but not today :-)
<Daviey> rbasak: You'll notice that i didn't include the manpages as a patch.  That package doesn't have a patching system, and i was hessitant to introduce one.  So i included the mangpages directly.  The other thing i could have done, was put them in debian/ .. but I wanted to align as close to possible to the Debian package for easier future merge/syncing.
<Daviey> jamespage: yeah, it looks like a package we subscribe to for bug triage, but not in the damn package set.
<Daviey> jamespage: hurry up and get coredev :)
<jamespage> Daviey: thats not fixing the problem tho
<jamespage> there are quite a few I expected to be in the package-set which are not
<jamespage> I know that I'm currently the only 'just' ubuntu-server-dev
<jamespage> but I expect there to be more in the next 6 months
<Daviey> jamespage: This is a problem. :(
<Daviey> yeah.
<soren> jamespage: Do you have a list?
<Daviey> soren: of the packageset?
<soren> Of the delta between the packageset and the subscribed packages.
<soren> It shouldn't be a big deal to sort that out.
<jamespage> soren: I don't but I could generate one
<Daviey> soren: I do have a script i wrote to compare.
<jamespage> in which case I won't :-)
<soren> Daviey: so why is there still a delta? :)
<soren> This must have been a point of discussion before (otherwise why did you write that script?).
<Daviey> soren: The script was actually to produce the report, which is based on all packages in both the subscribed and packageset.. measuring the delta came as a freebie.
<soren> Ah.
<soren> Who signs off of additions to the packageset?
<Daviey> jamespage: at least you can upload gimp.
<soren> I forget.
<jamespage> w00t
<jamespage> I'm always doing that
<Daviey> soren: technically the TB, but i think cjwatson can throw stuff on there that is logical.
<Daviey> hmm, perhaps even the DMB.
<Daviey> ego, it;s not clear.
<Daviey> ergo*
<soren> That's what I thought.
<jamespage> Can't we add them to some sort of seed that gets them in the right packageset (think I asked this question on -devel)
<Daviey> jamespage: Yeah, i think that is the expectation.
<Daviey> However, not all packages in the packageset should be seeded.
<cjwatson> false
<cjwatson> the ubuntu-server package set is constructed only of seeded packages
<Daviey> cjwatson: You don't think Server developers should have upload access to things like asterisk (universe)?
<cjwatson> I think (a) you should get it into main if your team is interested in maintaining it (b) I don't see why qualified server developers can't get MOTU
<soren> jamespage: Why can you upload gimp, by the way?
<Daviey> soren: we seed one of it's binary packages.
<soren> *blink*
<soren> Erm. ok.
<Daviey> GUI-less image manipulation, think for PHP
<soren> Ah.
 * soren needs lunch
<jamespage> that sounds like a good idea
<jamespage> Daviey: BTW eucalyptus-commons-ext now builds from source again
<jamespage> boy did that package make me feel dirty :-)
<Daviey> cjwatson: I agree, but it doesn't exactly make the packageset useful if you really need to have MOTU aswell.
<Daviey> jamespage: \o/
<cjwatson> I'm not happy with maintaining an arbitrarily extensible package list that has to be maintained by manual requests to me
<cjwatson> that sucks
<rbasak> Daviey: yeah the package doesn't really have anything does it? :)
<cjwatson> if you have broad enough capabilities to contribute to a wide range of packages in universe, get MOTU
<Daviey> cjwatson: Can it not also be linked to the packages the team subscribe to?
<cjwatson> far too little access control on subscribing a team to things
<cjwatson> I'm not at all happy with using that to grant upload access
<cjwatson> I want an audit trail
<uvirtbot> New bug: #853791 in chkrootkit (main) "chkutmp assert failure: *** stack smashing detected ***: ./chkutmp terminated (dup-of: 623144)" [Undecided,New] https://launchpad.net/bugs/853791
<Daviey> cjwatson: IMHO ~ubuntu-server should not just be looking after things in main.  ubuntu-server not having upload access to the things we claim to look after, feels wrong.
<cjwatson> it might be possible to construct an "interested" seed or something which is not considered for promotion to main
<Daviey> Especially as we want to try and grow contributors.
<Daviey> cjwatson: that sounds ideal
<cjwatson> the Ubuntu project as a whole wants to grow contributors
<cjwatson> I'd quite frankly be much happier with people targeting this kind of breadth going through the MOTU -> core-dev chain
<Daviey> cjwatson: Other corners of the project are not suffering from lack of contributors as we are.
<cjwatson> rather than being siloed off into ubuntu-server-dev
<cjwatson> jamespage is a classic example of somebody who historically would've had no problem with that
<Daviey> Well yes, but PPU's etc was created purely to give granular access.. when really, we are going to find that there is a subset of stuff people do not have access to.
<cjwatson> (PPU is different, let's not conflate)
<Daviey> In the current form, the packageset serves little purpose - other than a trial to make sure people do not mess up too badly, before going for broader sets.
<cjwatson> the problem is that server covers such a wide range of stuff
<cjwatson> honestly I'm not sure it's focused enough for a packageset, under the terms you want to apply
<Daviey> cjwatson: Do you think it would be better to just drop it, and try to mentor people into MOTU->CoreDev?
<cjwatson> I don't see it being significantly easier to demonstrate competence across such a package set than it would be to demonstrate competence across the archive
<cjwatson> I think it's useful for your team to be able to directly maintain the product you release; it's when it starts drifting out into universe without any obvious limit that I start getting itchy
<cjwatson> (FWIW I say the same thing to desktop people when they ask for universe packages to be added to their package set)
<Daviey> Yeah, there are a bunch of openstack packages that will be in Universe this cycle, which is really part of the server product - but not quite the same promise of security or stability, hence not pushing for main.
<cjwatson> honestly that kind of thing sounds like it should be part of a specific cloud package set to me
<Daviey> cjwatson: Well as it stands, cloud and server is one product.
<cjwatson> I want to keep the automatically-maintained-from-seeds package sets strictly separate from the manually-maintained ones (which isn't to say that they can't have the same access control)
<cjwatson> it gets completely unmanageable otherwise
<cjwatson> but manually-maintained sets do exist
<Daviey> Half of me is tempted to propose a UDS session for this, the other part wants this to just go away so we can get stuff done. :/
<cjwatson> it's just a matter of defining sensible parameters for them and asking the DMB to authorise it
<cjwatson> the "just go away" option is to mentor staff through MOTU/core-dev so that none of it is an issue ...
<cjwatson> TBH
<Daviey> s/staff//
<cjwatson> I probably should have said "developers"
<soren> jamespage: eucalyptus-commons-ext? I thought the Eucalyptoids had assumed responsibility for the whole stack?
<jamespage> soren: me to
<jamespage> working through FTBFS's
<Daviey> soren: Oh they have.. but the contributions haven't been what we hoped.
<Daviey> I was convinced until last week that Euca in Oneiric wouldn't work, and natty users wouldn't have an upgrade path.
<Daviey> Well they would.. but it would be upgrade to disaster.
<soren> Daviey: Then you sprinkled a bit of pixie dust^W^W^W^W^Wput jamespage on the case?
<jamespage> well TBH it still does not work
<Daviey> Clint drove the upstream patch into Oneiric.. James Page fixed a few other things, and smoser did the dance.
<Daviey> jdstrand: IIUC bug 801299 is waiting for a decision from the security team if not using SSL by default is acceptable?
<uvirtbot> Launchpad bug 801299 in glance "[MIR]glance" [High,Incomplete] https://launchpad.net/bugs/801299
<jamespage> Daviey: might be our euca issue - https://bugzilla.redhat.com/show_bug.cgi?id=663136
<uvirtbot> bugzilla.redhat.com bug 663136 in bouncycastle "bouncycastle 1.45 incompatible with openssl 1.0." [Medium,Closed: errata]
<jamespage> we use 1.44 in Ubuntu
<smoser> Daviey, i now realize your "multiboot loading" message did in fact come from the "multiboot support" that I added to Eucalyptus.
<smoser> The context of Eucalyptus threw me for  aloop as I didn't know how you would have hit that code in openstack
<smoser> (or anywhere else)
<Daviey> ahhhhhhhhh bouncycastle!
<Daviey> smoser: no, that pastebin was against nova..
<smoser> hm... well then maybe i'm wrong about where the msg came from.
<Daviey> altohugh, i suspect i might have been using your loader that was targeted for openstack
<Daviey> (i was using some old scripts.)
<smoser> as you most certainly should not hit that code path there.
<smoser> k
<Daviey> s/targeted for openstack/targeted for euca/
<Daviey> jamespage: you think we need that patch?
<Daviey> jamespage: best not spend much longer investigating this.. post your findings to a bug, and invite upstream comment.
<jamespage> Daviey: OK - I was just trying to hack a later version in but it appears to have made no differenc
<Daviey> :(
<jamespage> Daviey: updated bug 851611
<uvirtbot> Launchpad bug 851611 in eucalyptus "Oneiric: Upgrade to 2.0.1+bzr1256 blocks" [High,Confirmed] https://launchpad.net/bugs/851611
<Daviey> jamespage: rocking
<zul> morning
<Daviey> SpamapS: When you are alive, could you look at Ben's MP on bug 831628?  Seemed you were close to it.
<uvirtbot> Launchpad bug 831628 in squid "squid upstart script doesn't check for filesystems" [Low,Fix committed] https://launchpad.net/bugs/831628
<kirkland> DanaG: is that oops reproducible?  ie, does it happen every time you detach a serial console from byobu?
<kim0> hmm, trying to get a KVM VM to PXE boot, it's not even trying to DHCP
<kim0> I could almost sware I did that before
<kim0> does that not work?
<soren> IT should.
<kim0> Virt manager says "Network selection does not support PXE" besides a little red warning icon .. which is weird!
<kim0> I'm using an isolated network, coz the other server is doing the PXE stuff
<zul> you have the boot roms installed right?
<kim0> hmm
<kim0> checking
<zul> in this case kvm-pxe
<kim0> wasn't yay!
<kim0> zul: thanks :)
<kim0> alright my testing orchestra env working
<kim0> hmm, I didn't use cobbler add, just PXE booted the VM, wonder what exactly is it loading :)
<kim0> it's maxing the cpu as well
<m_tadeu> hi everyone...I'm trying to send mails with postfix+opendkim. my problem now is that mail that I send to hotmail goes to the junk box
<m_tadeu> analysing the headers a bit, I see a "sender-id=temperror". any idea what this means?
<zul> Daviey: can you review a branch for me? https://code.launchpad.net/~zulcss/glance/glance-add-group/+merge/76036
<kim0> the loading of pxelinux.0 is super slow (5 dots till now, each dot taking like 1 min) normal ?
<Daviey> zul: no purge target?
<zul> Daviey: point taken
<zul> Fixed
<ivoks> m_tadeu: https://help.ubuntu.com/community/Postfix/DKIM
<DanaG> kirkland: I'll have to check that serial console oops again, this evening.
<kirkland> DanaG: thanks!  i'd be much obliged
<DanaG> Now, my Microserver has a jumper (that I added a button to), that'll inject an NMI into the system.  Should be useful, if I can figure out how to make that trigger a crashdump.
<kirkland> DanaG: i've never tried byobu on a serial link
<klaas> is it possible that fdisk causes problems with the partition table of 2tb drives?
<DanaG> kirkland: Seems to work well as long as you avoid having things (like the clock) that update frequently.
<kirkland> DanaG: interesting;  i should add that to the byobu manpage, then
<DanaG> I also seem to have to manually "eval resize" (no baxktixk on iPhone keyboard) from outside the console.
<DanaG> Hah, and it didn't autocorrect "backtick" typo.
<DanaG> I just wish HP had enabled the serial-over-LAN feature the chip on the remote-access card supports.
<DanaG> Actually, ncurses apps are sometimes odd on serial console.
<DanaG> I've seen aptitude just plain hang forever, before showing anything.
<jamespage> Daviey: does the asterisk merge need a FFE?
<DanaG> And same is true with byobu, I think.  Sometimes I have to start it elsewhere, then reattach from console.
<dori922> hey
<dori922> im after posting a thread(http://ubuntuforums.org/showthread.php?p=11265788#post11265788), if anyone can help <3
<uvirtbot> New bug: #853908 in m2crypto (main) "urllib.urlopen patch causes reading beyond last byte of https responses to take unreasonably long" [Undecided,New] https://launchpad.net/bugs/853908
<kirkland> DanaG: interesting;  tell you what ... if you add a few notes in a byobu bug about using byobu + serial, i'll consolidate them and add them to the manpage
<DanaG> kirkland: I can do that, though I may have to do it another evening when I have more time.
<kirkland> DanaG: sure, no worries, no rush ;-)
<tdn> I recently helled a party (wedding) with lots of guests taking pictures that they would like me to have. What software exists that I can apt-get install that allows my (non-computer savvy) guests to give me a copy of their pictures? I have a server that is on a public IP. Guests are probably using Mac and Windows.
<cloakable> hmmm
<genii-around> tdn: Perhaps zoph ... although I have not used this myself, it looks promising
<jamespage> tdn: try gallery2 - I've not used it in a while but it used to be pretty good
<tdn> These two projects looks like web galleries. How do they help my guests send/upload me some files?
<sms_> http://blog.zioup.org//2008/iptables_recent/ I'm trying to do this, but I get sudo iptables -A INPUT  -t filter -i $OUTS -j DROP -m recent --set --name badguys -->  Bad argument `DROP'
<genii-around> tdn: eg: You put some generic guest account which allows them to upload the wedding photos, give them the URL and password
<tdn> genii-around, can I be sure that gallery will not touch the files? I.e. make a lossy compression,etc.? Some of this is RAW data that I would like to keep.
<cloakable> ftp server with upload only for anonymous accounts? Windows will deal with FTP links automatically.
<tdn> If the users were savvy enough to know about FTP I would not have this problem. I think it must be web based.
<cloakable> they don't need to know about ftp
<cloakable> http://www.ncsu.edu/resnet/file_transfer/ftp-windows-explorer.php
<cloakable> Just give them an ftp link and windows explorer will do everything else
<tdn> cloakable, if that works it is nice. However, last I checked, Windows Explorer will not let you upload -- only download via FTP.
<tdn> Same with Firefox.
<cloakable> tdn: http://allwebco-templates.com/support/S_FTP_Windows.htm
<cloakable> can upload
<tdn> Ok.
<tdn> cloakable, thanks.
<tdn> Will try it.
<rbasak> Daviey: Won't your solution to bug 832507 cause all instances to share the same console.log, or am I missing something?
<uvirtbot> Launchpad bug 832507 in nova "console.log grows indefinitely" [High,In progress] https://launchpad.net/bugs/832507
<cloakable> Well, handing a ftp://yourserver to your guests is pretty simple :)
<rbasak> Daviey: never mind: "You can create as many devices as you like. Internally, emlog uses the file's inode and device numbers to identify the buffer to which the file refers. "
<lynxman> morning fellas o/
<Doonz> hey guys, i have a vps that i would like to use as a http/https proxy. can anyone recommend a guide i could follow on setting this up . the guides all deal with if the proxy server is onyour local network. I would like to do this with the proxy server being external
<dori922> im after posting a thread(http://ubuntuforums.org/showthread.php?p=11265788#post11265788), if anyone can help <3
<SpamapS> Doonz: whats the purpose of the proxy?
<Daviey> rbasak: my solution for emlog cannot really be merged.  I thought we had a new plan that you were driving?
<rbasak> Daviey: Yes, working on it now.
<Daviey> jamespage: the asterisk merge seemed to be a bug fix only release?
<jamespage> Daviey: yes
<Daviey> rbasak: awesome.. how close is it looking?
<Daviey> ttx: What is the cut off for bug fixes in diablo?
<Daviey> ttx: Will diablo have a -fixes (post release) branch?
<rbasak> Daviey: Not very close yet. I have a plan which is mostly complete. I haven't yet figured out how to manage the lifetime of the fifo reader
<Daviey> rbasak: the scheduled task?
<rbasak> Daviey: yeah - actually I think I can implement a better fifo reader without difficulty, but with either that or the scheduled task I need to know where to hook in to start and cancel the task
<rbasak> (I haven't finished digging through the nova code to my satisfaction yet)
<Doonz> SpamapS: bypassing geoblocking
<SpamapS> ttx: while we're discussing Diablo.. will bug 838419 be included? Its rather important to us. :)
<uvirtbot> Launchpad bug 838419 in nova "nova-compute crashes when applying a security group rule" [High,Fix committed] https://launchpad.net/bugs/838419
<SpamapS> Doonz: in that case you probably just need to configure it to require some kind of authentication.
<Daviey> rbasak: I might be badly advising you, but nova/scheduler/zone_manager.py seems to be an example of a schduled task.
<Daviey> i'm sure soren will take pleasure in correcting me, if I  am wrong :)
<rbasak> Yeah I understand how to start and stop a scheduled task, and in fact I think rather than polling I know how to make it evented having looked at the eventlet docs. What I don't know yet is where to set up the task/thread and where to tear it down, since it's a per-instance thing
<koolhead17> hi all
<Daviey> lynxman: what is the status of bug 653405?
<uvirtbot> Launchpad bug 653405 in rabbitmq-server "rabbitmq-server fails to start if hostname is unresolvable or has changed since first starting" [Undecided,Confirmed] https://launchpad.net/bugs/653405
<Daviey> rbasak: seems you have it in hand!
<lynxman> Daviey: supposedly it should have been resolved by fixing the bug in Erlang or upgrading to a new version
<lynxman> Daviey: so we've been just avoiding the bug by going around it, no direct solution is desirable since the hostname is also used for the db filesystem structure
<SpamapS> I thought we updated erlang
<rbasak> Daviey: I'll figure it out. I'm not confident I'll have it in time for beta 2 though
<SpamapS> In fact, I updated erlang
<Daviey> rbasak: It's not urgent for beta 2.. but on the other hand, that is when openstack releases!  So i am trying to find out if openstack will support a -fixes branch, or if we'll have to distro-patch it.
<rbasak> Daviey: Incidentally, today I discovered that this will be a nova+libvirt -specific fix. Although I think you might already know this. Some of the other drivers (eg. vmware) do other stuff.
<Daviey> rbasak: yeah, i don't care about that :P
<SpamapS> lynxman: I commented in the bug.. it should be "fixed" according to upstream which says that rabbit 2.2.0 and later, + erlang R14B, should solve the reported issue(s).
<lynxman> SpamapS: agreed, that's why it's hanging there and we're just going around it
<koolhead17> hey all
<lynxman> hey koolhead17 o/
<koolhead17> lynxman: hello
<ttx> Daviey: tomorrow, and "no"
<robbiew> SpamapS: call time?
<SpamapS> robbiew: si
<zul> jdstrand: so glance and doesnt look like is going to have ssl supported in oneiric but it looks like it going to be in oneiric+1 can we treat it the same as nova?
<koolhead17> zul: is openstack-dashboard going to be a pkg on diablo/ oneiric this time?
<zul> koolhead17: im trying
<koolhead17> am thinking of trying it with source as i did in cactus, need to get it tested. Is it still stuck because of same bug?
<koolhead17> zul: now in diablo everything is changed i heard, keystone API and stuff
<zul> koolhead17: pretty much..
<koolhead17> zul: so is it still stuck because of that python bug i remember.
<koolhead17> Daviey: hey
<zul> koolhead17: what dashboard?
<koolhead17> yeah
<zul> ill try
<jdstrand> zul: I need to review it more closely
<zul> jdstrand: k
<dioxin> I'm trying to get DHCP to function in Ubuntu but the package doesnt seem to install correctly
<lickalott> explain "doesn't seem to install correctly"
<dioxin> sorry I think I resolved it.... the default dhcp installed is isc-dhcp-server, not dhcp3-server
<dioxin> I was trying to follow directions for a different ubuntu version and expecting it not to have changed much
<bfreis> I have some trouble with Ubuntu Enterprise Cloud. I've managed to setup a cloud, but after a while, one of the node controllers won't work anymore. The "euca-describe-availability-zones verbose" command will show less resources available than the total (the difference correspond exactly to 1 node being down). In the logs, cc.log shows that the node controller didn't respond some requests, and in the node controller's axis2c.log I see "invalid
<bfreis>  timest amp" problems. I've already installed and correctly configured NTP on the cloud controller and the node controllers, the time is perfectly synchronized. Still, I get these errors! I've googled for many hours, but no solution beyond "install ntp" has been proposed. Any ideas?
<bfreis> After booting the machine, everything goes back to normal
<SpamapS> wow.. the upstart jobs for eucalyptus are really.. really impossibly complicated
<SpamapS> bfreis: are you sure ntp is working?
<bfreis> SpamapS, ntpq -c peer on the NCs will show a very tiny offset
<bfreis> SpamapS, (right now it shows 0.084 us)
<SpamapS> bfreis: and still getting invalid timestamps? hrm
<bfreis> I've just rebooted the machine, now it works
<bfreis> but after a while, the problem will come back
<bfreis> I've checked other logs (syslog, dmesg, among many others) to see if there's something happening at the moment when the timestamp problem starts, but there's nothing!
<bfreis> it's getting worse. Less then 5 minutes after boot it stopped working again!
<bfreis> "rampart_timestamp_token.c(179) [rampart]Timestamp not valid: Created time is not valid"
<SpamapS> bfreis: is it possible that there is data causing the issue, not the current time?
<bfreis> SpamapS, hmm, I'm not sure I understand what you mean
<bfreis> The error specifically says "Timestamp not valid: Created time is not valid", and there's nothing running on the NCs. I've just installed them from the CD
<bfreis> Actually, the steps I did were: I installed the cloud controller / cluster controller / ... on one machine, then apt-get update, apt-get dist-upgrade, and reboot.
<bfreis> oh
<bfreis> before the reboot I installed ntp
<bfreis> Then I did exactly the saame thing for the NCs
<bfreis> it's a clean, up to date installation
<SpamapS> interesting
<SpamapS> bfreis: have you tried stopping the ntp service and actually running 'ntpdate ip.of.other.box' ?
<SpamapS> bfreis: I know its only getting skewed after 5 minutes.. just wondering if its something weird with even small deviations
<bfreis> I've just did it, it says "adjust time server 10.20.200.1 offset 0.029159 sec", but the problem is still there
<bfreis> Is there any difference between running ntp (configured to use the other server) and ntpdate ?
<SpamapS> yes, ntpd will never repeat a second
<SpamapS> or sorry
<SpamapS> will never skip a second, it just shortens/lengthens them
<SpamapS> so it can take a *long* time to cross even short distances
<bfreis> hmm
<SpamapS> ntpdate shoves the time in
<bfreis> oh, it's working now
<bfreis> strange, very strange
<bfreis> do you have an idea of the maximum acceptable offset?
<bfreis> ntpdate said it corrected something around 20ms! it's nothing!
<SpamapS> No, but that would be a bug if it was less than 0.089us ;)
<bfreis> ahah
<SpamapS> It *might* be that one side is only allowed to be behind or ahead
<SpamapS> which would be stupid
<bfreis> actually, I think it is exactly that
<SpamapS> if so..
<bfreis> ntpq -c peer
<SpamapS> hrm
<bfreis> on one node (the one that was not working) was showing "+" (or "-", can't remember)
<bfreis> the other, was showing the opposite offset
<uvirtbot> New bug: #574244 in etckeeper (main) "etckeeper hook breaks upgrade with "Argument list too long"" [High,Fix released] https://launchpad.net/bugs/574244
<bfreis> Now I see: the NC that works shows a negative offset with respect to the cloud controller. The other one shows a positive offset
<bfreis> (both around tens of microsseconds, nothing that is)
<bfreis> Is there a way to tell NTP to sync to an offset of the reference server?
<SpamapS> I'd bet there's an open bug about this already
<SpamapS> bfreis: that I don't know, but you could of course just cron ntpdate rather than use ntpd
<SpamapS> bfreis: still this sounds a little *crazy*
<SpamapS> bfreis: an offset of us is not a real enough offset given network latencies and the like.. it should be tolerant of many ms of offset either way
<bfreis> take a look here: http://wso2.org/project/wsf/php/1.1.0/docs/code-coverage/rampartc/src/util/.libs/rampart_timestamp_token.c.gcov.html
<bfreis> line 146
<bfreis> a comment says: Check whether created is less than current time or not
<SpamapS> yeah
<SpamapS> that sux ;)
<bfreis> maybe that is the problem, it can be late, but not in the future
<bfreis> (or the other way round, it's just too confusing! lol)
<bfreis> I have no idea if this code is up to date, but is the only I could find googling for 5 seconds
<lynxman> Daviey: ping
<SpamapS> but really.. those are char fields..
<SpamapS> so they are probably carrying too much precision
<bfreis> crap, it stopped working again
<bfreis> Well, the problem is really the time, that tiny positive deviation
<bfreis> I have no idea what to do!
<bfreis> What I'd really like to do is to comment out that code that checks for deviation :D
<bfreis> Where would be the better place to report this? Ubuntu? Eucalyptus?
<SpamapS> bfreis: I think thats part of axis2c but I'm not sure
<SpamapS> or maybe part of rampart?
<Daviey> lynxman: hey
<SpamapS> bfreis: yeah looks like rampart
<uvirtbot> New bug: #686625 in asterisk "attended transfer does not work in 10.04" [Undecided,Fix released] https://launchpad.net/bugs/686625
<SpamapS> bfreis: are you maybe hitting this: http://open.eucalyptus.com/wiki/EucalyptusKnownBugs_v1.5.2
<SpamapS> ?
<lynxman> Daviey: hey, one question, would you help me out if I had questions about merging puppet to 2.7.3? We're slightly behind debian and would like to try to make it for oneiric
<bfreis> SpamapS, no...
<bfreis> SpamapS, acutally, when I see that error (which is not an error according to many sources on the net), it is when everything works!
<SpamapS> Oh.. doh
<SpamapS> bfreis: its possible that the euca tools are sending a timestamp that is too accurate too.. not sure really.
<SpamapS> bfreis: anyway, you can probably patch it out of rampart.. but I don't know if its a good idea, they put that validation in for a reason :p
<Daviey> lynxman: can you check out the final freeze exception process?  Check the debian and upstream changelog delta, and try to do an analysis of what gain we get.
<Daviey> ?
<bfreis> damn! now the other NC has a positive offset, and is down!
<lynxman> Daviey: final freeze isn't until nex tweek right?
<bfreis> How can people live with these problems?!
<bfreis> Unless I find a way to tell ntp or ntpdate to set the time to some negative offset of the reference time, my cloud won't work!
<Daviey> lynxman: well, as each day passes - the test it has to pass to be approved gets harder.
<Daviey> :)
<lynxman> Daviey: I like a challenge :)
<Daviey> heh
<SpamapS> utlemming: wow you've been a machine today working on those runlevel1 bugs. :)
<JoeCoder> Hello.  I have this (https://gist.github.com/9268ef1dcd5875c025be) saved to /etc/iptables.rules.  I rebooted my server and ran iptables--list , but nothing is listed.
<JoeCoder> I think I am missing a step?
<lynxman> Daviey: I'll try to get that merge proposal by today, to avoid running last minute
<utlemming> SpamapS: yeah, low hanging fruit that is easy
<Daviey> lynxman: well do the groundwork first to see if it is viable.
<Daviey> Would be a shame to do the merge for it to be nacked.
<lynxman> Daviey: yeah of course, no worries :)
<Daviey> SpamapS: btw, i tried your redshift debdiff.. it was kinda sneaky, having unrepresented binary changes..
<Daviey> ie, make sure you don't base an upload on the debdiff.
<SpamapS> Daviey: huh?
<Daviey> *THE* reason i opened a debian bug to get them to update to the new upstream version was the geoclue support, and they failed to enable it.. oh joy.
<JoeCoder> what is the recommended way to load an iptables config file when the system starts?
<SpamapS> Daviey: Oh the debdiff. yeah I should have done a branch instead since it was an upstream release.
<SpamapS> Daviey: that debdiff was a result of bzr merge-upstream .. and its just been uploaded actually. ;)
<Daviey> SpamapS: well that isn't a big deal, but the translations are treated as binary files - making a debdiff suck.. grep for "Binary files" :/
<SpamapS> Daviey: redshift suddenly not working anymore, and me forgetting about it, probably cost me 10 sleepless nights. :-/
<Daviey> Yeah, i'm glad to have red burning my retina again :)
<SpamapS> Daviey: right, the debdiff was just me following FFE process. I did the changes in bzr branches, and the translations are properly included..  I think.
<Daviey> ah
<Daviey> super
<patdk-lap> joecoder, isn't that a rhel/centos thing?
<Daviey> well if debuild didn't report 'upstream changes should have used a patch' then you are good.
<JoeCoder> patdk-lap:  I don't know.  I just want to enable a firewall.
<patdk-lap> iptables-persistent - Simple package to set up iptables on boot
<JoeCoder> thanks.  I'll check it out
<patdk-lap> ubuntu normally uses ufw? but it kindof has it's own language
<JoeCoder> ufw?
<JoeCoder> are you talking about the language for the iptables.rules file?
<patdk-lap> it's slightly more advanced than iptables.rules, but not much
<JoeCoder> I had used this as a template:  http://www.rackspace.com/knowledge_center/index.php/Sample_iptables_ruleset
<JoeCoder> will this format not work for ubuntu?
<patdk-lap> it's plain iptables
<JoeCoder> is it supposed to be plain iptables?
<patdk-lap> plain iptables can be a pain to work with though, after you get a few thousand lines
<patdk-lap> for iptables to use it, yes
<patdk-lap> for ufw, no
<JoeCoder> I don't plan on adding any more than I have?
<JoeCoder> Why would it need several thousand lines?
<patdk-lap> to control traffic between networks?
<patdk-lap> I have like 13 interfaces on that box
<JoeCoder> I have one box with a public and private network.
<JoeCoder> eth0 and eth1.  I didn't plan on adding any firewall rules to eth1.
<JoeCoder> apt-get install iptables-persistent
<JoeCoder> after doing this there is no man entry for it, and no binary with this name.
<JoeCoder> I'm having trouble finding documentation.
<JoeCoder> perhaps it automatically keeps the current rules after a reboot?
<patdk-lap> google seems to work pretty good
<patdk-lap> http://www.ubuntucy.org/wiki/index.php/A_persistent_iptables_startup_script_for_Debian_based_systems
<JoeCoder> I read that and still didn't understand how to use it.
<JoeCoder> I put the config script at teh bottom in /etc/init.d/iptables-persistent?
<JoeCoder> there seems to already be a completely different script at that location.
<JoeCoder> and it looks like that one loads from /etc/iptables/rules , so I'll put my config file there and reboot to see what happens.
<JoeCoder> still no luck.  my iptables --list is empty
<JoeCoder> ubuntu doesn't allow empty lines in the config file.  Removing those has fixed it and now persistence works.
<lynxman> smoser: ping
<hazmat> smoser, is the fix for bug 845155 in the openstack oneiric packages?
<uvirtbot> Launchpad bug 845155 in nova "instance launched without key has incorrect metadata" [Medium,Fix committed] https://launchpad.net/bugs/845155
<lynxman> smoser: Concerning bug #845155 do you know if this is merged in the oneiric packages?
<lynxman> hazmat: jinx :D
<hazmat> lynxman, :-)
<uvirtbot> New bug: #571271 in cloud-init (main) "uec images should wait longer for metadata service" [High,Fix released] https://launchpad.net/bugs/571271
#ubuntu-server 2011-09-20
<twb`> smb: re vsftpd vs. lxc earlier, it looks like Debian "fixed" it by updating the version of vsftpd in stable to 2.3.4 -- bleh
<smoser> lynxman, if its not in the packages now it will be thursday
<smoser> it will be thursday
<Daviey> seeing twb` online makes me sad.  It's a reminder that he has gone home, had an evening, slept, had breakfast, and gone back to the office - with me barely leaving the computer.
<patdk-lap> heh
<twb`> What is "breakfast"?
<twb`> It's only 11AM, I have yet to break fast
<uvirtbot> New bug: #854343 in rabbitmq-server (main) "erlexec crashed with SIGSEGV in free()" [Undecided,New] https://launchpad.net/bugs/854343
<lynxman> smoser: rocking!
<smoser> lynxman, it looks like that should have it
<smoser> https://launchpad.net/ubuntu/+source/nova reports we're currently at revno 1173.  that commit went in at 1171
<smoser> so, fingers crossed, canonistack will have it soon.
<lynxman> smoser: While it's in the repo this week I'm happy
<smoser> we're hoping / expecting to grab another snapshot tomorrow morning
<smoser> https://launchpad.net/nova/+milestone/2011.3
<smoser> i'm the only one on that list.
<smoser> weee!
<lynxman> smoser: You have too much fun
<CluelessPerson> hey guys, what would you suggest to use as an email server?
<qman__> CluelessPerson, postfix is the recommended option, this is covered in some detail in the ubuntu server guide
<CluelessPerson> qman__,  Cool, thanks
<Tohuw> Can someone confirm the current kernel version in 11.04 server please? I have 2.6.28-11-server
<jmarsden> Tohuw: rmadison -s natty-updates linux-server says:   linux-image-server | 2.6.38.11.26 | natty-updates | amd64, i386
<Tohuw> hmmm. thanks, jmarsden. So, I have 11.04, 2.6.28-11-server, and am facing this problem:https://bugs.launchpad.net/ubuntu/+source/linux/+bug/852972 . Does anyone have any insights as to how I can get to a bootable system?
<uvirtbot> Launchpad bug 852972 in linux "Kernel 2.6.28 Returns NAK bailout from sendbytes on startup" [Undecided,Won't fix]
<Tohuw> For some reason, Brad Figg decided my bug was against Jaunty, but it really isn't. The install started life as an 11.04
<jmarsden> Tohuw: Ask about that in #ubuntu-bugs, and hopefully get that bug back to New or whatever status it should be in.
<Tohuw> Thank you
<jmarsden> Tohuw: You're welcome.
<CluelessPerson> Is there a way to configure post fix to not need users to be on the system?
<CluelessPerson> So that you can just have as many users as you want, but don't need that many user accounts?
<jmarsden> Tohuw: Hmmm, the natty base kernel is 2.6.38, not 2.6.28.  That might explain why people think you are running Jaunty :)
<Tohuw> Haha yes I just realized that
<Tohuw> I could have sworn it said a 2 there...
<Tohuw> :(
<jmarsden> CluelessPerson: Yes, it is called virtual mailboxes.
<Tohuw> I suppose I'll just refile the bug... getting no feedback out of #ubuntu-bugs
<Tohuw> jmarsden: why can't I pick a specific kernel to file the bug against, only the "linux" package?
<CluelessPerson> jmarsden, Thanks.  I just wouldn't know what to search for in google to find those answers.
<Tohuw> After all, my bug is really 2.6.38-11-server specific, I believe
<qman__> CluelessPerson, there's a few different ways to set them up, too, so make sure you stick with one guide
<CluelessPerson> qman__, got it. :D
<jmarsden> CluelessPerson: For an example direct from the postfix documentation, read http://www.postfix.org/VIRTUAL_README.html#virtual_mailbox
<kaushal> Hi
<kaushal> my pastebin is here http://pastebin.ubuntu.com/693541/
<kaushal> I have 2 physical CPU and 4 physical CPU
<kaushal> let me pastebin it again
<kaushal> http://pastebin.ubuntu.com/693544/
<kaushal> core is seen as 16 in 4 physical CPU and not as 32
<kaushal> help me understand
<ajmitch> one has hyperthreading & the other doesn't?
<kaushal> which one has HT ?
<kaushal> 2 physical CPU or 4 physical CPU ?
<ajmitch> probably the first, if it's 2 CPUs of 4 cores each
<kaushal> oh ok
<kaushal> is there a way to see HT is enabled ?
<ajmitch> ht in the flags line should show if it's capable of it, not sure if it's enabled
 * ajmitch may be wrong there
<kaushal> is there a way to see HT is enabled ?
<ajmitch> afaik, just from looking at the numbers that you saw in /proc/cpuinfo - number of physical CPUs & number of cores
<twb`> kaushal: you can often toggle it in the BIOS
<kaushal> twb`: ol
<kaushal> ok*
<uvirtbot> New bug: #854457 in samba (main) "Panic or segfault in Samba every 30 mins" [Undecided,New] https://launchpad.net/bugs/854457
<Daviey> Morning rat fans!
<iuytfr> hello
<iuytfr> is it possible to backup file with tar ?
<greppy> iuytfr: yes.
<iuytfr> how ?
<Daviey> iuytfr: The question is far too opened ended.
<uvirtbot> New bug: #706354 in ntp "dpkg-maintscript-helper: warning: environment variable DPKG_MAINTSCRIPT_PACKAGE missing" [Undecided,Confirmed] https://launchpad.net/bugs/706354
<iuytfr> just give me some clues to begin
<airtonix> wtb double check on amazon web services network load
<uvirtbot> New bug: #854518 in samba (main) "package libsmbclient 2:3.5.8~dfsg-1ubuntu2.2 failed to install/upgrade: subprocess dpkg-deb --fsys-tarfile returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/854518
<koolhead11> hi all
<stiv2k> hi
<stiv2k> i noticed something weird with my server
<stiv2k> it tries to give a dynamic ip to eth0
<stiv2k> whenever i plug the cable in
<stiv2k> even though its configured static in /etc/network/interfaces
<stiv2k> also it seemed to try to 'renew' the lease on its own and my server became inaccessible for a short while
<ersi> sounds weird indeed. Mind pasting your interfaces file on fpaste.org?
<stiv2k> lol fpaste.org
<stiv2k> one sec
<stiv2k> ersi: http://fpaste.org/JxLO/
<ersi> @aspire .. Is this a laptop? Do you have NetworkManager running?
<stiv2k> its a netbook
<stiv2k> there is no graphical interface
<stiv2k> but i use wicd for the wireless card (wifi disabled right now)
<ersi> oh, I get your 'lol' now. I just took whatever pastebin was in my memory :)
<stiv2k> not sure about network manager though
<stiv2k> heh
<ersi> well, wicd is a 'network manager'
<stiv2k> ersi: does it manage wired interfaces?
<ersi> I would not be suprised if wicd is making this happen. Does it happen if you leave wicd off?
<ersi> Yes, wired and wireless. It's a full fledged network manager
<stiv2k> ok
<stiv2k> that probably explains it
<ersi> probably, but I'm unfortunally not certain
<stiv2k> i should probably just configure wicd to use a static ip and then leave /etc/network/interfaces as it was
<ersi> check if there's any way for it to leave your wired interfaces
<ersi> yeah, sounds like a good plan
<stiv2k> lets put it to the test
<iuytfr> hello
<iuytfr> there
<iuytfr> there is one memory which is in failure on my server
<iuytfr> how to find the one in failure ?
<ersi> You remove the sticks and test them one by one with memtest
<ersi> That's what I would do.
<iuytfr> no
<iuytfr> that's boring
<iuytfr> i want to identify the one in failed by cli
<RoyK> hrmf... I have this apache virtualhost, enabled under /etc/apache/sites-enabled/icinga.nilu.no.conf. Even though the config looks right, apache falls through to the 'default' site. See http://paste.ubuntu.com/693652/ for the virtualhost
<RoyK> I've seen this before, but never managed to fix it without removing the default site - any idea how I can fix this?
<iuytfr> where is no ?
<iuytfr> icinga lol
<iuytfr> that's a perfect solution to hacking your server
<iuytfr> well do you ensite your conf ?
<just-a-visitor> RoyK: please see http://httpd.apache.org/docs/2.2/vhosts/name-based.html  "The main host goes away" section should refer to your situation.
<ersi> iuytfr: Well, good luck and tell me if you find a solution
<ersi> Only thing I could imagine would be if you'd somehow correspond the memory locations that are broken to which stick handles that location
<iuytfr> you can also find with dmidecode
<Joe-> anyone have any experience using pptp on a virtual interface, or routing all of its traffic over one?
<jasonmsp> hey all..  Easy question here.  I just created a new logrotate file that I want to run now.  I thought the command logrotate newfile would run it now but it didn't seem to work.  What am i missing?
<jasonmsp> nevermind.  Ran with -d and then -f.  All is well.
<nigelb> Hi, I'm awfully confused with bash on a lucid machine.
<nigelb> I'm sourching a file in our .bashrc and setting some environment variables
<nigelb> but those variables don't seem to be accessible from any cron
<nigelb> Even though my cron has a (. /home/username/.bashrc && /path/to/script)
<nigelb> the script doesn't seem to know of any of the environment variables which is in another file and sourced in .bashrc
<nigelb> Thoughts? :)
<Daviey> nigelb: Hmm.. so you've caught on that cron doesn't know about evn variables.. good.
<Daviey> I normally declare them *IN* the crontab.
<Daviey> Odd that sourcing doesn't work :/
<nigelb> Daviey: Yeah
<nigelb> BUt I have a bunch of common variables.
<nigelb> Common to the code I'm deploying. Like, its part of the codebase.  So we source all that into the user's bashrc
<jamespage> Daviey: I just prepared a MP for the merge of asterisk from debian if you would like to review
<iuytfr> hi
<iuytfr> what is the tool for simulating traffic
<Daviey> jamespage: rocking, will do
<jamespage> Daviey: I reviewed the upstream changelog and it appears to be bugfix/secfix only
<jamespage> but would appreciate a second opinion
<jamespage> there are **alot** of them
<Daviey> jamespage: yeah, seemed silly to even consider cherry pickin
<jamespage> Daviey: I was unsure about the VCS change in the MP - the branch it points to seems out-of-date so we might drop that
<Daviey> jamespage: Yes, that must go - please
<jamespage> Daviey: ack - I'll remove it now
<jamespage> switch back to debian stuff
<Daviey> nigelb: so, crontab isn't using bash?
<Daviey> nigelb: stock .bashrc isn't suitable for sourcing.
<nigelb> Daviey: crontab is using bash.
<Daviey> nigelb: create a crontab with:
<nigelb> Daviey: and we have done it before
<Daviey> MAILTO:nigel@funkyguy.com
<Daviey> * * * * *  . /home/dave/.bashrc && env
<Daviey> email address and ~ needs updating.
<hallyn> hggdh: hey, my bugcontrol membership is about to expire, and it told me to ping you about it :)
<Daviey> hallyn: You know you get it for free now, right?
<Daviey> hallyn: you are in two teams which give you indirect membership.  What more do you want? :_)
<nigelb> Daviey: I sort of hacked a fix.
<nigelb> I sourced the file which has our custom env varibales
<nigelb> that fixes "most" problems
<nigelb> The rest, I'll just manually correct the scripts to work with that.
<zul> Daviey: will you hate me even more if i uploaded a new nova snapshot today?
<Daviey> zul: no, we've planned for it.
<nigelb> zul: I like how you assume that Daviey hates you already :P
<zul> Daviey: ok...i have to check the tarball first
<jamespage> Daviey: asterisk branch updated
<zul> nigelb: oh i already know he has lots of love for me
<Daviey> zul: Can you merge vish's branch?
<Daviey> zul: dnsmasq-utils one.. and might want to check how change our conf to enable it by default.
<zul> Daviey: right did the new dnsmasq make it in?
<Daviey> zul: yup
<Daviey> well, i cherry picked that single part.
<zul> Daviey: where is it right now?
<zul> like bug number etc etc etc
<Daviey> https://code.launchpad.net/~vishvananda/nova/ubuntu/+merge/75875
<Daviey> and bug to reference is bug 852771
<uvirtbot> Launchpad bug 852771 in nova "dhcp leases are not released on instance termination" [Medium,Confirmed] https://launchpad.net/bugs/852771
<hallyn> Daviey: ok then i'll ignore :)
<zul> Daviey: thanks
<hallyn> zul: I'm trusting that you still have the nova-spawning-multiple-containers bug under control.  Pls ping if you want me to look at it after all.
<zul> hallyn: yeah its still on my list
<hallyn> zul: excellent
<zul> hallyn: i know where its failing though at least
<hallyn> my last reproduction attempt was still failing due to the other nova bug you were solving :)
<Daviey> That is like looking down the barrel of a rifle, whilst holding the trigger and saying - "well, i know where the bullet comes from"
<Guest76352> Hi I'm trying to install server 11.04 amd64 but the installation hangs around the network config point before partitioning). Could anyone help with why, (server 10.04 installs fine)?
<Daviey> who wants to review a diff i'm about to upload?
<Daviey> (limited time offer, open to anyone)
<pmatulis> Guest76352: feel like trying the 11.10 beta?
<koolhead11> zul: around
<zul> koolhead11: kind of...kind of busy right now
<koolhead11> zul: openstack-dashboard is broken pkg
<zul> koolhead11: yeah debdiff welcomeed
<koolhead11> zul: http://paste.ubuntu.com/693777/  python-django-mailer seems to be the culprit
<zul> koolhead11: cool...can you open up a bug about it...ill try to have a look at it today
<Guest76352> pmatulis: is that going to be lts?
<pmatulis> Guest76352: no
<koolhead11> zul: cool. at same time i will try installing dashboard using the github source.
<Guest76352> pmatulis: but 12.04 will be?
<pmatulis> Guest76352: yes
<koolhead11> i will use keystone packge from our oneiric repo
<Guest76352> pmatulis: so if I install 11.10 beta I can just update and will, somewhere around release day, be using the stable version?
<pmatulis> Guest76352: yes
<Guest76352> pmatulis: ok then, I'll give it a go - I just booted from the 11.04 desktop cd alright and it's found my LSI SAS OK
<Daviey> zul: Have you added conf for nova to use dnsmasq-utils thingy by default?
<zul> Daviey: yep i added vishy changes and doing a testbuild and testrun
<Daviey> awesome.
<zul> vishy changes being the add dnsmasq-utils and updating the nova-sudoers
<koolhead11> zul: https://bugs.launchpad.net/openstack-dashboard/+bug/854732 let me know if you need more info
<uvirtbot> Launchpad bug 854732 in openstack-dashboard "Broken openstack-dashboard package" [Undecided,New]
<zul> koolhead11: thanks
<Daviey> koolhead11: More info, in the form of a patch, would be great
<koolhead11> Daviey: ?
<Daviey> koolhead11: If you had a patch which fixes it, it would be great! :)
<koolhead11> Daviey: i will try installing it from the source. The way dashboard keeps changing it must be 2 difficult to keep updating dashboard package.
<Daviey> koolhead11: well we need to update soon.
<koolhead11> Daviey: after 22ned once diablo relases will be good time i think. :)
<Daviey> heh
<robbiew> jamespage: call time?
<jamespage> robbiew: sure
<robbiew> jamespage: g+?
<jamespage> robbiew, +!
<jamespage> or +1
<robbiew> heh
<zul> Daviey: the problem is that quantum is a package dependency of dashboard now
<Guest76352> pmatulis: so far so good, 11.10 b is installing and it's way past where 11.04 go stuck (which looks to perhaps be the ipv6 bit)
<pmatulis> Guest76352: how did you try installing 11.04?
<pmatulis> Guest76352: sounds fishy (10.04 good, 11.04 bad, 11.10 good), after confirming beta is good you may consider remaking your 11.04 CD (or however you installed).  also consider testing 10.10
<Daviey> zul: quantum?!
<Daviey> do we care for this release?
<Daviey> oh!
<zul> Daviey: yes and no
<Daviey> dashboard is a dep of quantum!
<Daviey> i see
<Daviey> bah
<Guest76352> pmatulis: 11.04 was a default install. I ran the media test also
<Guest76352> pmatulis: with 10.04, 11.04 and 11.10 all just boot from CD and hit 'Install Ubuntu'
<Guest76352> pmatulis: 11.04 just gets stuck around the network config area before the partitioning - tried it 3 or 4 times
<pmatulis> Guest76352: if you want to help you can re-attempt a 11.04 install and when it gets stuck get to a console (alt-F2) and look at the logs
<pmatulis> /var/log/installer/syslog
<Guest76352> Yeah I don't mind doing that
<Guest76352> be good if I could help
<zul> Daviey: nova has been uploaded
<robbiew> Daviey: hey...so with eucalyptus still broken....do we want to consider removing it from the archive and either pulling the upcoming 3.0 release into partner or pointing users to the eucalyptus website?
<robbiew> zul: \o/
<zul> robbiew: it isnt the final version :(
<robbiew>  /o\
<zul> robbiew: should be there friday
<hallyn> smoser: if you're not going to have time to sanity-check bug 850309, can you re-assign it to SpamapS?  (and if he doesn't have time, he can toss it back ot me and i'll just "go for it")
<uvirtbot> Launchpad bug 850309 in libvirt "libvirt fails to autostart VM attached to a bridged port" [Medium,Confirmed] https://launchpad.net/bugs/850309
<robbiew>  *\o/*
 * robbiew stops his irc mime practice
<hallyn> here i thought those were pom-poms :)
<hallyn> "give me a j!  give me a u!  give me a j..."
<gondoi> i'm having the hardest time figuring out the differences between the -virtual kernel and the -server
<gondoi> can anyone help?
<hallyn> i think virtual has xen support and fewer hw drivers
<hallyn> aiui it's designed to run optimally in cloud instances
<Daviey> robbiew: So, it looks like it is much closer to being fixed than ever
<robbiew> Daviey: ah
<Daviey> I think let it run, and hopefuly fixed before release - if not, SRU
<Daviey> jamespage and SpamapS have both touched it this week.
<robbiew> Daviey: well jamespage is less confident than you are
<robbiew> ;)
<robbiew> Daviey: if it's busted at release, I'm fearful of users upgrading without reading release notes...and breaking their Euca deployment
<Daviey> robbiew: yeah, that is valid.
<Daviey> jamespage: Has upstream responded for your call for help?
<Daviey> robbiew: The problem is, that even just removing it from the archive, will still result in a broken system... it's not euca that induced the explosion, it's the depends.
<Daviey> So it's not even as if they can upgrade, and still keep the euca version from Natty.
<jamespage> Daviey: actually yes they have - yesterday
<jamespage> I'd not spotted the update
<robbiew> Daviey: ah, damn
<robbiew> jamespage: doh!
<jamespage> bug 851611
<Daviey> james, james, james
<uvirtbot> Launchpad bug 851611 in eucalyptus "Oneiric: Upgrade to 2.0.1+bzr1256 blocks" [High,Confirmed] https://launchpad.net/bugs/851611
<robbiew> fired
<gondoi> hallyn: yeah I know it has specifically the /proc/xen hooks, but wasn't sure if there was anthing else
<gondoi> hallyn: thanks
<jamespage> as penance I'll look at it now
<robbiew> lol
<lynxman> morning fellas o/
<koolhead11> hey lynxman
<Olotila> how do i change keyboard layout to scandic?
<jamespage> Daviey: apologies your optimism was well founded
<Daviey> jamespage: Initial signs look promising?
<jamespage> Daviey: yes
<Daviey> Great, now we need to sort out the nova to openstack migration path ;)
<savid> Is there some kind of tool I can use to get update notifications for my ubuntu servers?  Something like update manager for desktop,   but something I can access remotely that is aggregated for all my servers?
<Daviey> !landscape | savid
<ubottu> savid: Landscape makes the management and monitoring of Ubuntu systems simple and effective by combining world-class support with easy to use online management tools. https://landscape.canonical.com/
<Daviey> Anything else is going to require some thought..
<savid> Hmm, looks cool, but no free/open-source solutions?
<Daviey> nagios or zabbix could also do it, but would require some hacking
<savid> Ok.  Thanks!
<doko> Daviey, get I faster bug fixes when I chase you down on this channel? ;-P
<doko> Daviey, zul, ping on bug 831100
<uvirtbot> Launchpad bug 831100 in mysql-cluster-7.0 "mysql-cluster-7.0 version 7.1.9a-0ubuntu1 failed to build in oneiric" [High,Confirmed] https://launchpad.net/bugs/831100
<zul> doko: ill take care of that one as well
<Daviey> doko: Okay - If you use ~ubuntu-server, you get 10 free L3 ping-on-irc credits. :)
<Daviey> doko / zul: 831100 is in the unapproved queue
<Daviey> I uploaded it a few hours ago
<zul> Daviey: ah ok
<doko> L3?
<Daviey> doko: Level 3.
<Daviey> zul: wow, fast fix on php-imap!
<zul> Daviey: i didnt do it
<Daviey> ah
<Daviey> \sh fixed it
<smoser> gondoi, the answer is mostly 'nothing'
<jamespage> Daviey: working now - just booted an instances OK
<smoser> hallyn, sorry, i didn't know that had gotten assigned to me.
<hallyn> smoser: whoa - did it not send you an email?
<smoser> i get like 40,000 emails from launchpad
<hallyn> should run a filter for 'has beena ssigned to you' :)
<doko> zul: and any idea about the php-gettext failure?
<gondoi> smoser: hallyn: another difference I've seen is /dev/sda vs /dev/xvda
<gondoi> :/
<zul> doko: not yet
<hallyn> smoser: like i say just lemme knwo if you have no time for that
<gondoi> smoser: hallyn: cept for mav which sticks to sda
<Daviey> smoser: i'm close to using /dev/null as my Maildir store, i keep running out of inodes.
<smoser> gondoi, -virtual is basically -server with a subset of modules
<smoser> drivers not relevant to "virtual" are removed. so install size is vastly smaller
<zul> lynxman: you said you were going to do a merge for puppet 2.7.3? you will probably need a FFE
<lynxman> zul: yeah I'm working on that right now, it's not too many lines, ffe?
<lynxman> zul: ah yeah, exception :)
<lynxman> zul: would make the puppet users happy, that's all the reasons I can think of
<zul> lynxman: and then pay with your blood...i mean beer
<lynxman> zul: my blood is beer at this point already :)
<aot2002> How can I check my virtual host file when I used to use apachectl?
<smoser> gondoi, that will be gone post maverick
<gondoi> smoser: yeah, it's fixed in natty
<smoser> "fixed"
<gondoi> lol
<gondoi> smoser: so speaking of removed modules :D
<gondoi> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/761809
<smoser> plesae open a bug
<uvirtbot> Launchpad bug 761809 in linux "Quota modules are missing from the package" [Undecided,Expired]
<smoser> ah, you did.
<gondoi> lol
<gondoi> been there a while
<smoser> gondoi, sorry for missing that.
<gondoi> smoser: no prob
<gondoi> obviously it hasn't been hurting us too bad, but we do still get complaints
<smoser> please verify it is the case on the oneiric kernel (just unpacking that and listing modujles is enough), then copy me on it, and move it from 'expired' to 'confirmed'
<gondoi> k
<smoser> gondoi, i think we can get that fixed in oneiric
<gondoi> sweet
<gondoi> what about backporting?
<aot2002> how do I check the syntax of changes in sites-available directory?
<gondoi> smoser: specifically lucid
<smoser> gondoi, well, it has to be fixed in oneiric first
<gondoi> k
<smoser> i believe on lucid you can just use the -server modules, right?
<smoser> i know that sucks.
<gondoi> smoser: yes and no, it blows things up cause of the /dev/sda change with using -server
<gondoi> smoser: it can be done, but we will need to rework a few things
<smoser> gondoi, but you can just cheat, right and lay down the -server modules on top of -virtual install ?
<gondoi> smoser: ahh yes, that is actually the current "workaround" ;-)
<Daviey> multitask++
<gondoi> smoser: how can I unpack the deb package to the directory the file is currently in?
<smoser> dpkg -c <deb here> .
<smoser> wait
<smoser> dpkg -x
<smoser> hm..
<smoser> actually -c will give you contents
<smoser> -x extract
<gondoi> ahhh I overlooked that one
<gondoi> thanks
<smoser> gondoi, so...
<smoser> apparently there is a '-virtual-extras' package coming to an 11.10 release near you
<gondoi> ..
<smoser> and it will have the modules that are in -server that were stripped.
<smoser> so you can get them that way.
<gondoi> hmm
<gondoi> you see that on launchpad somewhere?
<gondoi> and what about lucid :( "LTS"
<smoser> gondoi, right. checking on that.
<gondoi> okay
<smoser> so the way to request that is to have it fixed in devleopment release
<smoser> and then request it to be SRU'd
<smoser> by "target"ing it to lucid
<smoser> but the -extras will not be SRUd
<crass> is there a way to have a block device in qemu mapped on to a directory on the host? or something like a directory on the host presented as a cifs server?
<patdk-wk> with qemu? doubt it
<crass> oh, wow, there is for the second question... now can I use it through libvirt?
<crass> yeah the first, would be pretty difficult (but I don't think theoretically impossible)
<patdk-wk> it is with vmware, not sure if virtualbox does it also
<crass> patdk-wk: not following, what is with vmware?
<patdk-wk> it can mount directories as a shared folder in the vm
<crass> ahh, ok, that must be over cifs/smb or some network fs, sounds like
<patdk-wk> nope
<patdk-wk> it looks like cifs, but it's a custom thing
<crass> hmm, then there would have to be special drivers for it
<patdk-wk> yep
<patdk-wk> vmhgfs
<crass> unfortunately it looks like libvirt doesn't support the -smb option for qemu, might there be an xml option for passing an arbitrary string to the qemu command line?
<patdk-wk> dunno, never used libvert
<patdk-wk> normally just run qemu directly
<crass> its pretty nice for managing your vms in an agnostic way, though iirc it ony supports qemu and xen right now
<robbiew> adam_g: need to push back our 1:1 by 30min...let me know if that's a problem
<adam_g> robbiew: fine by me
<slyboots> Im curiuos, if your running several ubunut servers at one time.. Are there any ways of managing them from a single infterface (other than Landscape, which isnt free)
<slyboots> Right now Im finding it hard-going to manage packages and software and security across several machines
<lynxman> Daviey: bug #854899 submitted for Puppet package FFE
<uvirtbot> Launchpad bug 854899 in puppet "Update to puppet-2.7.3" [Undecided,New] https://launchpad.net/bugs/854899
<zul> hallyn: you should about to reuse cgroups shouldnt you?
<hallyn> rephrase
<hallyn> zul: assuming you mean't 'should be able to', yes.
<hallyn> of course if you didn't rmdir it before, and you try to mkdir it now, you will get an error...
<hallyn> best to rmdir(); if error and error is not -ENOENT then assume it's still in use; else mkdir
<zul> hallyn: cool....me lunches
<smoser> utlemming, it would seem we have to re-roll images
<smoser> bug 854927
<uvirtbot> Launchpad bug 854927 in openssl "wget, curl can't verify certificates" [Undecided,New] https://launchpad.net/bugs/854927
 * utlemming acks
<gondoi> smoser: I know we've already had that conversation regarding the ticket, just figured it could be documented
<utlemming> smoser: I'm going to mark that bug as high
<smoser> i was just going to ask in ubuntu-release if it would cause global respin
<smoser> so yes, i woudl say "high"
<smoser> :
<smoser> :)
<utlemming> marked as high and confirmed
<zul> jamespage: im not able to reproduce the concurrency bug
<zul> jamespage: however i suspect what happens when you switch from kvm to lxc nova reuses the same instances and confuses the hell out of the libvirt because you are restarting the same vms wth the same name
<crass> hallyn: how hard would it be to make a debug build of qemu?
<hallyn> crass: not that hard.  in fact can't you just load the debuginfo package?
<hallyn> crass: see http://askubuntu.com/questions/53708/how-to-create-debuginfo-package
<hallyn> crass: if you want to compile your own anyway, still not bad.  do 'pull-lp-source qemu-kvm', make your changes, then either 'fakeroot debian/rules build; fakeroot debian/rules binary', or dpkg -S -us -uc and then use pbuilder to build
<crass> thanks hallyn, let me look into those options
<hallyn> (or sbuild, but that takes a bit more initial setup, though it's worth it if you'll be doing a lot of builds)
<hallyn> np
<cjs226> anyone using imfile with rsyslog?
<cjs226> I'm having a problem where imfile is sending the same lines over and over to my central server. Â I assume it has something to do with the statefile not being used even though it's set in the config: https://gist.github.com/1229913
<uvirtbot> New bug: #756107 in php-imap (universe) "php-imap version 5.3.5-0ubuntu1 failed to build on i386" [High,Fix released] https://launchpad.net/bugs/756107
<uvirtbot> New bug: #854614 in nova "metadata service local-hostname is not fqdn" [Undecided,New] https://launchpad.net/bugs/854614
<uvirtbot> New bug: #854899 in puppet (main) "Update to puppet-2.7.3" [Undecided,New] https://launchpad.net/bugs/854899
<uvirtbot> New bug: #854946 in eucalyptus (universe) "Rampart's configuration on Ubuntu's package doesn't define a default ClockSkewBuffer" [Undecided,New] https://launchpad.net/bugs/854946
<Daviey> adam_g: patdk-wk is seeing this, do you think that is related to what you saw.. http://pb.daviey.com/bh4Z/ ?
<uvirtbot> New bug: #854555 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 75" [Low,Invalid] https://launchpad.net/bugs/854555
<uvirtbot> New bug: #854705 in bind9 (main) "dig returns 0 regardless of result of query" [Undecided,New] https://launchpad.net/bugs/854705
<uvirtbot> New bug: #854731 in nova (main) "PPA: nova_sudoers has bad dnsmasq line" [Medium,Fix committed] https://launchpad.net/bugs/854731
<uvirtbot> New bug: #854779 in vm-builder (universe) "change behavior on ubuntu with proxy apt" [Undecided,New] https://launchpad.net/bugs/854779
<Daviey> Who wants to have a go at landing the patch attached to bug 854946 in oneiric?
<uvirtbot> Launchpad bug 854946 in eucalyptus "Rampart's configuration on Ubuntu's package doesn't define a default ClockSkewBuffer" [Undecided,New] https://launchpad.net/bugs/854946
<philsf> hi, I need to create lots of user accounts in batch, and some of them I'm importing from debian servers, and I'd like to use those hashed passwords. However lucid's chpasswd utility (1:4.1.4.2-1ubuntu2.2) doesn't offer the -e parameter for supplying encrypted passwords, whereas debian's version (1:4.1.1-6+lenny1) does. Short of using debian lenny's chpasswd binary directly, is there a "proper" way of supplying encrypted passwords in lucid?
<patdk-wk> I always just edit /etc/shadow
<genii-around> philsf: Perhaps usermod -p <hashed-password> name
<philsf> genii-around, Will try that, thanks.
<Daviey> jdstrand: Am i correct in saying that adding the 'fix' for bug 844935 to Ubuntu, doesn't change anything for us?
<uvirtbot> Launchpad bug 844935 in nova "Nova should not assume the default iptables INPUT filter policy is accept" [Medium,Fix committed] https://launchpad.net/bugs/844935
<dv310p3r> I've added my user to www-data, and I've added www-data to my group. If the owner of all the directorys and the files is my user, shouldn't I not get any permissions errors.
<Daviey> DROP is just evil IMO.
<coleix> Hi anyone knows howto set up openvpn? IÂ´ve been following this guide http://goo.gl/cwFeF and http://goo.gl/ZCElC but it just wont start, it always says fail to start daemon.
<GeorgeJ> Hello
<GeorgeJ> I'm trying to get some virtualization runnng on an ubuntu-server with KVM
<GeorgeJ> Is there any decent management interface I could use?
<jdstrand> Daviey: it shouldn't no, cause we don't enable a firewall by default
<Daviey> jdstrand: thought so, thanks for the confirmation.
<adam_g> Daviey: regarding that iscsi thing, im not sure. need more detail?
<Daviey> patdk-wk: Are you able to provide more detail to adam_g, regarding your iscsi issue?
<patdk-wk> not so far
<patdk-wk> the only thing I see, it all starts up, mounts the iscsi filesystem
<patdk-wk> then says, starting network
<patdk-wk> then it says, waiting for network, 60 seconds
<patdk-wk> ...
<patdk-wk> ...
<patdk-wk> then it continues on normally
<patdk-wk> I won't have time to check more into it till later tonight
<patdk-wk> but I booted wrong the first time, on an old alpha kernel/initrd, and it didn't pause
<patdk-wk> but all 4 of my iscsi tests, did
<patdk-wk> my 2 local drive installs, didn't have that issue
<patdk-wk> all 6 installs, used vmxnet3 nic
<patdk-wk> I can probably try on real hardware tomorrow, doing an iscsi test
<patdk-wk> only the client machines are virtualized, the dhcp/dns/iscsi/... servers are real
<uvirtbot> New bug: #855023 in openssh (main) "64 bit ssh client fails to connect, 32 bit succeeds" [Undecided,New] https://launchpad.net/bugs/855023
<Daviey> thanks patdk-wk
<adam_g> i wonder if this is related to bug #847782?
<uvirtbot> Launchpad bug 847782 in netcfg "installer writes a permanent ethernet entry in interfaces file" [High,Confirmed] https://launchpad.net/bugs/847782
<creatorbri> I think I've been hacked. Can someone help me?
<qman__> depends on what exactly you need help with
<Daviey> jdstrand: Is there any chance of socat being security MIR reviewed today?
<jdstrand> Daviey: I am doing it now
<jdstrand> Daviey: it may not be done today, but I am actively working on it
<creatorbri> qman: agreed -- its a bit lengthy, I just didn't want to waste my time if no one is here :)
<Daviey> jdstrand: rocking, appreciated
<creatorbri> I've got a suspicious cron entry involving a "y2kupdate" entry, daemons shutting down 'on their own', and instances of extremely high I/O and CPU activity without explanation
<creatorbri> I've shut down the server, but I need to get back into it and fix this without giving the perpetrator access again
<SpamapS> Daviey: should we drop collectd and ganglia's MIR's ?
<qman__> I'm afraid that's nigh impossible
<qman__> the most effective way and only certain way is to reload the server and reconfigure your software
<SpamapS> oh thats a bit extreme
<SpamapS> unplug the network.. see if you can get your data off safely..
<SpamapS> then reinstall
<qman__> of course
<qman__> I didn't mean to give up on his data
<qman__> what I'm saying is, once a server is rooted, none of the binaries can be trusted
<creatorbri> well yeah I'd definitely rather not lose all my data -- but problem is, I'm running on Linode, so all I have is console -- anyone know if I can boot up in the console but disable SSH, Apache, etc?
<qman__> boot to single user
<qman__> binaries are still not trustworthy though
<creatorbri> fair point about the binaries qman -- I hadn't considered that but you're right, I should just offload all my data and start over..
<creatorbri> I really wish I knew how this happened so I could prevent it.. I thought I was being careful heh
<creatorbri> unfortunately i'm no security expert
<qman__> what software do you run
<creatorbri> apache, mysql, postfix/dovecot -- those are the main ones
<qman__> the most common points of entry are badly configured SSH or other remote access, and badly written PHP sites
<qman__> if the attacker is at all smart, he would have deleted the logs telling you anything about it
<qman__> remote logging is the only way around that
<SpamapS> SSH is the most likely if you were up to date w/ security
<creatorbri> hm, its very possible a PHP app is the culprit actually
<creatorbri> well
<creatorbri> hm
<hgb^harry> qman__: what are examples for badly configured ssh, besides weak passwords?
<qman__> weak keys
<qman__> permitting root login if you don't need it
<qman__> and using password authentication on a multiuser system, where you don't know all the passwords are good
<SpamapS> hgb^harry: strong passwords will fall too
<qman__> yep
<qman__> can be a combination too
<SpamapS> password auth, honestly, is a *bad* idea. period.
<qman__> a bad site can get the attacker read access to password hashes
<qman__> and a few rainbow tables later, they have root
<creatorbri> hm, good point
<SpamapS> creatorbri: one common thing too is that they'll steal your strong password from some other site during a hack, then try the same strong password with the same username on a bunch of machines.
<qman__> and you should _never_ allow password authentication and root access
<SpamapS> keys at least require them to steal *the key*
<qman__> ubuntu's default setup prevents root from logging on at all with a password, so permitrootlogon is yes
<creatorbri> OK so what I need to figure out now, is how to get access to my data safely, without allowing the attacker further access
<qman__> but if you set a root password, you need to either disable password auth or permitrootlogon
<qman__> if linode gets you a 'local' console, boot single user and shut off all the services
<jdstrand> Daviey: actually, I do have a question (in the bug), but am not blocking on it
<qman__> then enable a vector for you to get to it
<SpamapS> creatorbri: since you have console, you can use something super hacky like zmodem to download a tarball of it. ;)
<qman__> but that's still not perfect
<qman__> a hacked kernel or other secret service might be installed
<creatorbri> hmm
<SpamapS> again, just get the data, and leave everything else behind
<qman__> yep
<SpamapS> if they were able to sneak a hack into your data.... god help you ;)
 * Daviey looks, jdstrand 
<SpamapS> creatorbri: also why aren't you backing up your data?
 * SpamapS goes to lunch
<creatorbri> dang.. I just realized the high I/O, CPU, and Network activity this morning probably means they've downloaded loads of stuff.. including data
<creatorbri> sigh
<qman__> if you're worried about legal issues, don't blow away the old server
<qman__> just shut it down and make a new one
<qman__> also, any passwords you used for anything on that machine are no good, change them if you've shared with anything else
<creatorbri> *nod*
<koolhead17> (02:05:49  IST) qman__: a hacked kernel or other secret service might be installed
<creatorbri> Well thanks for your help qman.. guess I've got some work ahead of me.
<Daviey> jdstrand: Do i understand that glance (bug 801299) MIR is accepted, accepting the lack of SSL support?
<uvirtbot> Launchpad bug 801299 in glance "[MIR]glance" [High,Incomplete] https://launchpad.net/bugs/801299
<jdstrand> Daviey: I told zul yesterday I need to look at it. all the mirs on on my todo for this week
<jdstrand> Daviey: I need to come up to speed on them as they were only recently handed off to me
<Daviey> jdstrand: ah, ok - missed that.
<Daviey> zul: nova is now depwait, waiting on glance.
<Daviey> jdstrand: understood.
<lynxman> Daviey: any news about #818177 ? This one is a nasty one if we let it slip into Oneiric
<lynxman> bug 818177
<uvirtbot> Launchpad bug 818177 in udev "HP DL380G5 root disk mounted read-only on boot and boot fails" [High,Confirmed] https://launchpad.net/bugs/818177
<Daviey> lynxman: If you were at the server meeting earlier today, you'd know. :P
<lynxman> Daviey: *blushes*
<lynxman> Daviey: I didn't know I was supposed to go :)
<Daviey> lynxman: Oh, i thought you were part of the Ubuntu Server community.. my mistake :P
<lynxman> Daviey: lol, so sorry
 * lynxman adds +1 to beers owed to Daviey
<hallyn> Daviey: lynxman: I assume that's the same thing I'm trying to wrap my head around
<tony_787> I have questioin -> 8 WinXP SP3 computers are connected to single Ubuntu Server using a Switch device and a wireless ADSL router which has internet in it is also connected to the Switch device.. All the computers are receiving internet & also the server. What I want is I want to block certain website to these computers.. How can I achieve this using Ubuntu Server or something else ? Please Help
<lynxman> hallyn: I think so...
<Daviey> hallyn: And i believe it might also be hitting iscsi.
<hallyn> Daviey: right i'ts just udev
<Daviey> patdk-wk hit something, perhaps similar.. as did adam_g
<Daviey> living the dream.
<lynxman> Daviey: we all hit the same rock, isn't that fun :)
<lynxman> Daviey: that rock is pretty promiscuous as far as I'm concerned
<hallyn> lynxman: have made any progress with it?
<lynxman> hallyn: adam_g proposed a patc
<lynxman> hallyn: patch even
<Daviey> adam_g's patch was nacked.
<Daviey> I'll chase it tomorrow with foundations
<lynxman> Daviey: so slangasek is on it right?
 * lynxman has deja-vu
<tony_787> anybody !
<Daviey> lynxman: i thought smoser thought that he was, but jhunt is assigned.
<lynxman> Daviey: hmm...
<hallyn> tony_787: look at ufw
 * hallyn out, bbl
<tony_787> so it will apply to all computers running windows xp ?
<hallyn> no.  assuming the ubutu server is a gateway, it can filter based on the xp box' ip addresses
<hallyn> (or just their subnet)
<tony_787> i see
<lynxman> Daviey: would be good to ping jhunt and see how it goes
<Daviey> lynxman: keep up at the back
<Daviey> see -devel
<lynxman> Daviey: aha :)
<lynxman> Daviey: what's that vacation thing?
<Daviey> lynxman: i think it is where you are away from the office, working from McDonalds wifi instead.
<lynxman> Daviey: so that for me is when the power goes out
<Daviey> zul: So, dashboard depends on python-django-mailer, this is not in Debian or Ubuntu.  Are you planning to package it?
<uvirtbot> New bug: #855136 in samba (main) "package samba 2:3.5.11~dfsg-1ubuntu1 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/855136
<zul> Daviey: yeah im pretty sure i did though
<zul> Daviey: ill work on it tonight after liam goes to bed
#ubuntu-server 2011-09-21
<eross> i installed ubuntu 64bit server on a VM and I can't access the internet although it should work. i think i bjorked my network settings, how do i reset them to 'default' ?
<aot2002> I'm trying to activate curl with php but it just won't acknowledge the extension is installed.
<twb`> Maybe ask #php
<aot2002> it's currently invite only
<twb`> That probably means you need to register your nick with freenode
<aot2002> twb`, no it means that you cannot join because the channel is locked
<aot2002> hence invite only
<twb`> Plonk.
<twb`> (Oh, it's ##php, you might be hitting the funky redirect misfeature.)
<twb`> (Namely if you're already in the channel you're redirected to, you get an error.)
<twb`> (Certainly, ##php is not invite only for registered users.)
<patdk-lap> #php ##php :Forwarding to another channel
<patdk-lap> heh, stupid
<patdk-lap> and I'm registered
<twb`> patdk-lap: yes, but he wasn't
<patdk-lap> this channel redirection stuff on freenode really pisses me off though
<twb`> I don't really see what the alternative is, though
<twb`> Register #php and set /topic to "join ##php" ?
<patdk-lap> if I wanted to join #php, I want to join #php not ##php
<patdk-lap> if I can't join #php, ok, tell me, don't force me into ##php
<twb`> I guess
<twb`> FYI, it's ##foo not #foo because the latter is reserved for official channels
<patdk-lap> same goes for #ubuntu+1 :)
<patdk-lap> if I wanted #ubuntu, I would join #ubuntu :)
<twb`> What, #ubuntu+1 redirects now?
<twb`> That's lame
<patdk-lap> it will, oct 31st
<twb`> Why?
<twb`> +1 will still be +1 after a release
<patdk-lap> cause 12.04 won't exist in the build yet
<patdk-lap> once the package system is done, it's unredirected
<patdk-lap> happens every release cycle
<patdk-lap> #ubuntu+1 closes for about a month
<twb`> I guess given that ubuntu is mostly used by noobs, I can understand doing that to flush them out
<patdk-lap> but, I hardly talk in ubuntu+1 anymore, moved more to ubuntu-testing now
<patdk-lap> oh ya, I was suppost to file bugs tonight
<patdk-lap> but stupid hp firmware died on me, and had emergancy downtime :(
<twb`> Ubuntu doesn't have a testing alias :P
<patdk-lap> #ubuntu-testing: Currently testing Oneiric Beta 1 candidates | http://qa.ubuntu.com/testing/iso-testing/ | http://iso.qa.ubuntu.com
<twb`> I know I dropped #debian for #debian-next to reduce noise.
<twb`> Obviously the right name should be #fooâ² :p
<[1]VampsDaBeast> hey guys. i have a question bout setting up a server to share external hard drives thru my network, how difficult is that to do
<idlemind> [1]VampsDaBeast it depends. do you want to manage file sharing permissions to lock areas down do you want to mix in authentication? what os's are you working with?
<[1]VampsDaBeast> idlemind, sorry bout that. net went out on me
<idlemind> vampsdabeast np so you are running linux and windows boxes?
<VampsDaBeast> idlemind, yes.. my network is a mix of both win and ubuntu.... i want to set up a box to share 3 external HD's
<idlemind> i'd roll with samba
<VampsDaBeast> can 10.04 setup with a LAMP/ISPConfig be able to handle that
<idlemind> not sure what ISPConfig is but yes you can throw SAMBA on a server that has a LAMP stack installed
<VampsDaBeast> ISPconfig = web hosting system
<idlemind> if that LAMP box is connected to the Internet you may be opening up your data to any attack that gets into your server
<jamespage> morning all
<jamespage> Daviey: would you like me to pickup that extra euca security fix into the MP I have already raised for the SSLv3 compatibility?
<Daviey> jamespage: that sounds like a great idea.
<Daviey> jamespage: wow, this debdiff for asterisk is huge.
<jamespage> yeah - makes be kinda nervous TBH
<nigelb> woah.
<nigelb> mysql installation just threw gibberish at my terminal
<nigelb> Anyone ever seen something like that before?
<koolhead11> hi all
<koolhead11> nigelb: gibberish ? pastebin/screenshot
<Daviey> nigelb: no, can you pastebin?
<Daviey> hey koolhead11
<koolhead11> hey Daviey :)
<Daviey> nigelb: did you get your cron issue sorted btw?
<Daviey> jamespage: $ wc -l *.debdiff
<Daviey> 92404 asterisk_1.8.4.4~dfsg-2ubuntu1.debdiff
<nigelb> Daviey: yep
<Daviey> 10MB!
<jamespage> yikes
<jamespage> even though it is just bug fixes it feels like that really needs a FFE for sanity
<twb> Grumble, should be using .debian.tar.gz by now
<Daviey> Well that is how i'm treating it.
<nigelb> koolhead11 / Daviey - http://people.ubuntu.com/~nigelbabu/mysql-wtf.png
<Daviey> twb: uh?
<nigelb> the dbconf prompt for root password had something similar too.
<Daviey> nigelb: do you hav a funky locale set?
<twb> Daviey: re .debdiff.  Except I guess that's a diff between debian and ubuntu or something, not upstream and ubuntu
<twb> nigelb: something has asked to move from G0 to G1 mode
<Daviey> twb: diff between ubuntu old and ubuntu new, bringing in debian changes.
<twb> nigelb: you need to run "reset" (type it blind) to get back to normal
<twb> Daviey: ok nm then
<nigelb> Daviey: Nope, its en_US; twb - thanks!
<nigelb> Oh hell.
<twb> As to *why*; I don't know
<nigelb> I managed to lock dpkg
<twb> Usually it's when you cat a binary file
<twb> I suppose it might be possible to do it by mashing your head on the keyboard, too
<Daviey> nigelb is well known for head smashing the keyboard.
<nigelb> :D
<Daviey> nigelb: what was the instance ami id?
<nigelb> I maintain summit! Its understood! :P
<Daviey> nigelb: /etc/cloud/build.info
<twb> Perl programmer hey
<koolhead11> zul: hey
<nigelb> Daviey:
<nigelb> build_name: server
<nigelb> serial: 20110719
<twb> What happens if you do >1 build in a day?
<Daviey> twb: .X
<Daviey> For Kubuntu Oneiric it reached .8 yesterday. :)
<Daviey> hah, .9, http://cdimage.ubuntu.com/kubuntu/daily/
<twb> Fair enough
<twb> I was gonna suggest following the DNS convention
<Daviey> twb: zone files?
<twb> yes
<twb> YYYYMMDDNN
<nigelb> YAY! All restored :-0
<Daviey> twb: Yeah, i'm not a fan of having .'s in names.. but meh, it works.
<Daviey> nigelb: Would be interesting to find out what caused it
<twb> The .N scheme means you have to stop at 9 or break LC_COLLATE=C
<nigelb> Daviey: I'm been pro yaking shaving this week :-)
<Daviey> I've never seen that before following an apt install of a package
<nigelb> Neither have I.
<nigelb> I'm guessing I've screwed up mysql totally.
<nigelb> I've been setting it up since 9 in the morning. Its 2 pm now.
<twb> Is it a mysql package you just built?
<Daviey> twb: TBH, if we roll >9 images in a day, we are doing it wrongâ¢
<twb> Daviey: optimist
<nigelb> twb: I don't build packages for production :)
<twb> nigelb: so how did YOU screw it up?
<nigelb> twb: Actually, I think he means given the time it takes, there may not be enough time :)
<nigelb> twb: chaging datadir
<nigelb> its always a mess.
<nigelb> Thank you apparmor.
<Daviey> twb: The reason there were 9 yesterday for Kubuntu, was due to archive inconsistencies on the build archive.  Ie, a bug.
<Daviey> so it was restarted multiple times.
<Daviey> jamespage: Just gone through the changelog, and it does seem to all be bug fixes, High/Medium and making stuff DTRT.
<jamespage> Daviey: yes - that was my take as well
<jamespage> but there are **alot** of them
<Daviey> jamespage: i'm going to try the package myself for a bit.. to see if it WFM.
<Daviey> https://launchpad.net/~davewalker/+archive/junk/+sourcepub/1949848/+listing-archive-extra
<nigelb> oh, WIN.
<nigelb> mysql doesn't start up anymore \m/
<nigelb> Anyone knows which package has my.cnf?
<RoyK> mysql-server
<nigelb> thanks!
 * popey hands nigelb a "dpkg -S /etc/mysql/my.cnf"
<nigelb> popey: I don't have the file :D
<nigelb> popey: Right. I could just run it on the laptop. Thanks!
<twb> Even if you deleted it, if it's a connfile it'll still be listed by dpkg -S / dlocate
<popey> indeed
<popey> also
<nigelb> AHH!
<twb> However if it's e.g. ucf'd, then you'd need to read /var/lib/dpg/info/...
 * popey hands nigelb http://packages.ubuntu.com/search?searchon=contents&keywords=my.cnf&mode=exactfilename&suite=natty&arch=any
<nigelb> <-- sucks as a sysadmin.
<twb> nigelb: you are not alone
<twb> Much of my job is cleaning up after that kind of sysadmin.
 * koolhead11 thinks going to be tough day figuring out keystone 
<jamespage> Daviey: MP for euca updated with the clock difference patch
<jamespage> just testing it now
<Daviey> jamespage: rocking
<jamespage> i love cobbler - makes tearing down and rebuilding systems for testing so much quicker
<koolhead11> jamespage: totally agree,  although am yet to find way to provide custom partitioning
<koolhead11> :(
<hkraal> Hi, I'm having a problem with a fresh installed Ubuntu 10.04.3 LTS server with MySQL 5.1.41-3ubuntu12.10. I've imported 1500 databases, 10 GB, (including the mysql DB) and copied the /etc/mysql/debian.cnf from the old (Ubuntu 8.04.4 LTS, MySQL 5.0.51a-3ubuntu5.7)  to the new server. All went fine and everything is up and running. The only problem I've is debian-start is running 16 times pushing the load to 17 and keeps doing this continuesly. Is anyone
<hkraal> fammiliar with this kind of behaviour?
<koolhead11> zul: there is no keystone configuration file with pkg keystone?
<hkraal> some log and ps aux information can be found here: http://pastie.org/private/ivf3wb7jzuorq3mdlazfya
<koolhead11> Daviey: ping
<Daviey> hey koolhead11
<lambda_x> I have one 8.10 ubuntu-server, is it possible to upgrade this system to LTS?
<lambda_x> (8.10 repositories are currently unavailable)
<koolhead11> Daviey: am uninstalling the keystone package as well and trying the pkg from github. I have no luck in running keystone yet :(
<Daviey> koolhead11: Yeah, keystone is erm, interesting at the moment
<Daviey> lambda_x: yes
<Daviey> !oldreleases | lambda_x
<koolhead11> Daviey: whole openstack is running around keystone :D
<Daviey> koolhead11: well yes.. did you see the meeting last night?
<koolhead11> Daviey: read the final outcome of the meetup. :D
<koolhead11> long mail with plans
 * koolhead11 wants to see dashboard replaced from django to something simpler :P
<Daviey> koolhead11: nah, django is a good choice.
<koolhead11> Daviey: i would love to see http://flask.pocoo.org/ instead :D
<koolhead11> i find django jumbo app :D
<AdamBlack> im trying to figure out a way to set up an incremental backup, to backup .tar files from server1 to server2 over a WAN.. would RSYNC work or is there something better
<zul> koolhead11: son of a....can you open up a bug about that
<ersi_> rsync is freggin' awesome. It's up for the task.
<Daviey> AdamBlack: you need tarballs?
<Daviey> rsync is not good for doing incremental tarballs, is it ersi_ ?
<koolhead11> zul: hehe. i thought i should not. :D
<koolhead11> zul: i will replace ... to 'god' :D
<ersi_> Daviey: True, not to my knowledge atleast. I was more on track about that rsync is great at transfering. The data to be transferred should be fixed prior to rsync use ;p
<AdamBlack> Daviey: Server1 hosts websites and uses DirectAdmin, DA stores the site backups in tarball and nobody knows where the sites are stored on the server(just joined this place) its not usuall www
<Daviey> AdamBlack: DirectAdmin.. :(
<Daviey> Can't easily help with that myself.
<AdamBlack> worst case scenereo i can backup the whole server1 and scp it to server2 :P
<rbasak> AdamBlack: Try my tool, www.synctus.com/ddar. It'll de-duplicate what it transmits over the wire and store it in an archive at the remote end.
<rbasak> AdamBlack: it'll work for tarballs - letting you store/trasmit multiple ones that are similar efficiently
<Daviey> rbasak: interesting!
<AdamBlack> rbasak: having a look now :D
<koolhead11> rbasak: hey.
<rbasak> hey koolhead11!
<koolhead11> zul: okey, am reporting it sir. :D
<Daviey> koolhead11: less bugs, more patches :P
<koolhead11> Daviey: :)
<eagles0513875> hey guys im running into an issue where i cannot set my locale when running tzdata anyone else experiencing this issue
<eagles0513875> im on 10.04.3
<eagles0513875> this is the output im getting
<eagles0513875> http://pastebin.com/byk0TbNT
<pmatulis> eagles0513875: do you want me to google that for you?
<eagles0513875> no need just the first time im seeing that
<eagles0513875> pmatulis: i ran dpkg-reconfigure tzdata and set it to my right time zone yet it still brings what i pasted up
<eagles0513875> pmatulis: why are these msg's popping up about lc_ctype cannot change and warning about setlocale lc_ctype cannot change locals when i do a tab completion
<Jeeves_> Anyone familiar with Symfony (PHP) here?
<koolhead11> https://bugs.launchpad.net/openstack-dashboard/+bug/855467
<uvirtbot> Launchpad bug 855467 in openstack-dashboard "Keystone fails to locate any configuration file." [Undecided,New]
<koolhead11> Jeeves_: ?
<Jeeves_> koolhead11: If anyone is familiar with it
<koolhead11> Jeeves_: you can ask the question if its related to ubuntu server i suppose :)
<Error404NotFound> i am about to launch 2 webservers. Both of these will host same app code. I want both server's nginx, php conf and app code to be in sync. Whats the best way? NFS? cron'ed rsync? something else?
<jamespage> Daviey: euca appears to still work with both of those patches applied
<zul> good morning
<jamespage> morning zul
<jamespage> good if you want to sponsor - https://code.launchpad.net/~james-page/ubuntu/oneiric/eucalyptus/fix-sslv3-compat/+merge/76258
<zul> but i would be tainted
<Daviey> jamespage: you've missed the fact that you can upload that yourself
<Daviey> :)
<jamespage> I don't think so
<jamespage> I used to be able to
<Daviey> ah
<jamespage> nope - I can't :-)
<Daviey> Yes, sorry.. you can for SRU, oddly :)
<Daviey> jamespage: you used to be trusted, but not anymore :)
<jamespage> yes - but thats because its generated from the seed
<jamespage> and the seed if difference pre oneiric
<Daviey> wel yes
<jamespage> zul: I saw that cgroups/libvirt issue again last night - bug 842845
<uvirtbot> Launchpad bug 842845 in libvirt "problems starting multiple lxc instances concurrently" [High,Confirmed] https://launchpad.net/bugs/842845
<zul> jamespage: bah
<jamespage> but I was only trying to start one instance this time :-(
<zul> jamespage: did you switch between like kvm to lxc?
<jamespage> nope - it was a fresh install with just lxc only
<Daviey> In other news, turns out rice cooked in a microwave is less than good.
<zul> Daviey: duh..
<jamespage> I started up a 4 OK (in a single reservation) - left it overnight and then tried to start one this morning - quack quack oooppps
<zul> jamespage: can i get acccess to the machine?
 * koolhead11 kicks himself
<jamespage> zul: nope - I had to scrub it to test the euca fixes :-(
<zul> jamespage: doh
<jamespage> but I'll set it up again ~ 20 mins
<zul> jamespage: ok lemme know when you can give me access
<jamespage> sure
<Daviey> zul: whilst you are waiting, you could setup ipv6 to connect to jamespage's network. :)
<jamespage> that you could
<zul> jamespage: how can i do that?
<jamespage> I'm IPv6 enabled so all my servers get globally accessible IP addresses
<zul> okies...meaning :)
<jamespage> I'll have to permit you access through my firewall
<jamespage> zul: you don't have IPv6?
<zul> jamespage: ok
<Daviey> zul: forwarding you a mail
<zul> jamespage: no
<jamespage> :-(
<zul> still old school
<Daviey> zul: chuck.shortk right?
<zul> Daviey: eh?
<Daviey> zul: you have mail.
<zul> oh goody i love email
<jamespage> this might be a stupid question
<jamespage> but how do I easily see what preseed configuration parameters a package has?
<rbasak> What's the preferred way of getting a nova test environment going on oneiric? I'm trying https://github.com/vishvananda/novascript/blob/master/nova.sh but it doesn't seem to want to work with lp:ubuntu/nova
<jamespage> rbasak, all-in-one install try this - https://wiki.ubuntu.com/ServerTeam/Oneiric/OpenStackTestPlan
<Daviey> jamespage: something like, $ debconf-get-selections  | grep mysql
<Daviey> ?
<rbasak> jamespage: thanks, but can I run out of my own nova source tree?
<Daviey> rbasak: if using lp:nova, i would use nova.sh
<rbasak> Daviey: nova.sh works with lp:nova but evidently not with lp:ubuntu/nova
<Daviey> rbasak: if using lp:ubuntu/nova, i'd probably generate a deb TBH
<rbasak> I have a patch that may or may not work but I can't get a sensible environment to test it in
<lynxman> morning everyone
<aubre> does anyone know how to make iscsi connection logins persistent across reboots on the initiator ? using 10.04 server LTS
<koolhead11> jamespage: i don`t see mysql there :P
<jamespage> it does not need it
<jamespage> for all-in-one anyway
<uvirtbot> New bug: #628039 in open-vm-tools (multiverse) "open-vm-tools requires xorg but is supposed to be CLI only (dup-of: 604998)" [Undecided,Confirmed] https://launchpad.net/bugs/628039
<uvirtbot> New bug: #855366 in openssh (main) "package openssh-server 1:5.3p1-3ubuntu7 failed to install/upgrade: procedure installed post-installation script returned error code 2" [Medium,Incomplete] https://launchpad.net/bugs/855366
<uvirtbot> New bug: #855401 in exim4 (main) "package exim4-config 4.74-1ubuntu1.2 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 2" [Undecided,New] https://launchpad.net/bugs/855401
<uvirtbot> New bug: #855411 in kvm (main) "kernel BUG at /build/buildd/linux-3.0.0/arch/x86/kvm/../../../virt/kvm/kvm_main.c:2275!" [Undecided,New] https://launchpad.net/bugs/855411
<uvirtbot> New bug: #855416 in net-snmp (main) "package snmpd 5.4.3~dfsg-2.2ubuntu1 failed to install/upgrade: ErrorMessage: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/855416
<soren> Daviey: Is there any documentation at all for the orchestra stuff?
<soren> Daviey: I've installed ubuntu-orchestra-provisioning-server. Now what?
<RoAkSoAx> soren: in progress
<soren> RoAkSoAx: Does that mean "no"?
<RoAkSoAx> soren: there is
<soren> Great! :)
<soren> Where?
<RoAkSoAx> soren: but im in the mprocess of writing it on help.u.c
<RoAkSoAx> soren: starting to
<lynxman> jcastro: ping
<soren> RoAkSoAx: Where is it now?
<RoAkSoAx> soren: private
<koolhead11> jamespage: earlier we used mysql for all in one on natty and were thinking the same for oneiric. :d
<soren> I see.
<koolhead11> hey soren
<soren> The problem is that from what I can see, it's completely and utterly broken, but the docs might tell me that this is how it's supposed to (read: not) work.
<hkraal> Hi, I'm having a problem with a fresh installed Ubuntu 10.04.3 LTS server with MySQL 5.1.41-3ubuntu12.10. I've imported 1500 databases, 10 GB, (including the mysql DB) and copied the /etc/mysql/debian.cnf from the old (Ubuntu 8.04.4 LTS, MySQL 5.0.51a-3ubuntu5.7)  to the new server. All went fine and everything is up and running. The only problem I've is debian-start is running 16 times pushing the load to 17 and keeps doing this continuesly. Is anyone
<hkraal> fammiliar with this kind of behaviour? some log and ps aux information can be found here: http://pastie.org/private/ivf3wb7jzuorq3mdlazfya
<Daviey> soren: what specific issues are you seeing?
<soren> Daviey: I don't know. What is it supposed to do?
<soren> Almost every conceivable answer I've been able to come up with for that answer, it doesn't do.
<Daviey> soren: I was expecting you to reply with package conflicts, or a traceback or something!
<soren> So maybe I'm not veyr good at guesssing what it's meant to do.
<soren> I install the package. It goes... err... fine, I guess. It asks a bunch of questions. I provide answers. When it's done, I haven't a clue what to do.
<soren> There's a new file in /etc/apache2/sites-available.
<soren> (even thought it's not a site)
<soren> ...I enable that..
<soren> and try to access the URL it "suggests".
<soren> and I get a 403.
<soren> It points to an empty dir, so it's not very interesting anyways.
<RoAkSoAx> soren: what dir?
<soren> So maybe I'm doing this *all* wrong.
<soren> /var/lib/orchestra/www/
<soren> RoAkSoAx: ^
<RoAkSoAx> soren: that might be just leftovers
<soren> From what? I *just* installed it.
<soren> It's not been half an hour.
<RoAkSoAx> soren: from previous orchestra version 1.x
<RoAkSoAx> soren: hehe just hold on for a while and I'll have some documentation ready
<soren> In the packages or on my system?
<RoAkSoAx> soren: packages
<soren> Ah.
<soren> Am I installing the wrong pacakge, perhaps?
<soren> If I want the thing that can provision new servers, what should I have installed?
<smoser> soren, i think you're not in RoAkSoAx's target audience
<smoser> :)
<RoAkSoAx> soren: ubuntu-orchestra-provisioning-server
<soren> smoser: I'm sure I'm not.
<soren> RoAkSoAx: YEah, that's what I got.
<soren> SHould I be using a PPA instead?
<RoAkSoAx> soren: so that should have pulled cobbler
<RoAkSoAx> soren: then imported ISO's automatically to cobbler
<RoAkSoAx> soren: now you need to add systems into cobbler
<soren> I'd be *happy* to report these as bugs, but I don't know if they are. I might be doing this *all wrong* and it's behaving exactly like it's meant to.
<smoser> you should have a cobbler web ui at http://127.0.0.1/cobbler_web
<soren> cobbler*_web*.
<soren> Of course.
<soren> Why didn't I guess that?
<soren> Great.
<soren> What's the username? I was only asked for a password during install.
<smoser> cobbler
<smoser> as root, you can run 'cobbler' commands
<smoser> and it has useful-ish help
<smoser> but i agree that the http:// is completely un-discoverable
<andreserl> soren, cobbler
<andreserl> soren, it tells you that the username is cobbler and you need a password for it xD
<Daviey> smoser / soren: think it requies a debconf note?
<smoser> i dont know. i think soren should have just known to go to /cobbler_web
<smoser> seriously
<soren> Daviey: debconf note, mention in package description, in /usr/share/doc/<whatever>/README, on help.ubuntu.com. ANywhere, really. Just *somewhere*.
<soren> Not just in the logs from this channel :)
<Daviey> soren: google will parse this channel shortly.
<smoser> fwiw, i only knew cobbler_web because it is in my browswer history
<zul> ok next upload will ship configuration files for keystone
<Daviey> zul: er, for what part?
<zul> Daviey: it doesnt ship configuration files in the first place so it doesnt know about the sqlite database that it uses
<Daviey> zul: ah, ok - you are not coupling anything to keystone, right?
<zul> Daviey:  hell no im just making it usuable
<jamespage> smoser, utlemming: beta-2 ec2 tests look OK - a couple of failures where ec2 failed to provision anything
<jamespage> and one where the network did not come up on first boot - http://tinyurl.com/6dxsazg
<Daviey> zul: hmm.. we don't want stuff easy to use, do we? :)
<koolhead11> RoAkSoAx: supp?
<zul> Daviey: of course not :)
<RoAkSoAx> koolhead11: nothing much, you?
<koolhead11> RoAkSoAx: hitting head against keystone. planning to finish my cobbler left over work. Am yet to able to succeed in automated custom partitioning. :(
<lynxman> Daviey: easy of use? pft
<koolhead11> hey lynxman
<lynxman> hey koolhead11 o/
<zul> jamespage: can you try applying this patch? people.canonical.com/~chucks/nova-get-info-exception.patch
<jamespage> zul: sure
<koolhead11> rbasak: have you documented the cobbler VM install steps somewhere?
<rbasak> koolhead11: I ended up using http://pad.ubuntu.com/arm-server-netboot (not by me)
<jamespage> zul - testing that now
<Error404NotFound> i am about to launch 2 webservers. Both of these will host same app code. I want both server's nginx, php conf and app code to be in sync. Whats the best way? NFS? cron'ed rsync? something else?
<koolhead11> Error404NotFound: rsync
<koolhead11> i have herad of people using for the same
<zul> rsync
<koolhead11> *hear :D
<Error404NotFound> what about the part which would involve creating new vhosts? i would also have to do a graceful web server restart for those rsync'ed files.
<koolhead11> Error404NotFound: i am not very sure of your application but what you can do is check for nginx as load balancer and rsyc to sync up data on both the systems.
<Error404NotFound> hmmm, i went another way around, my scripts test for /etc/nginx.reload and if it exists, reload nginx, deletes that from from source as well as destionation.
<Error404NotFound> destination*
<Error404NotFound> though still one problem : single point of failure.
<koolhead11> rbasak: https://gist.github.com/1205825 is not accessible to me. am i the only one in world facing that ?
<Error404NotFound> koolhead11: yes
<rbasak> koolhead11: wfm
<hkraal> http://www.downforeveryoneorjustme.com/gist.github.com/1205825
<koolhead11> rbasak: hkraal seems like websensce is culprit
<Daviey> smoser: you were asking why nova hasn't built?
<Daviey> Since the last nova built, it was promoted to main.
<smoser> i was, how did you know, Daviey
<Daviey> glance isn't yet in main, and is a build dep
<smoser> ok, so lets pretend for a moment that i dont care why
<smoser> and i want to be able to install nova
<smoser> just say someone actually wanted to try that
<Daviey> jd-strand is reviewing glance as we speak, once that is good, we are GOLD>
<smoser> ok.
<Daviey> smoser: then the prior built binary will be installed.
<Daviey> Until a binary is produced, it will not be superseeded.
<smoser> complete with crippling bugs
<smoser> :)
 * Daviey cripples smoser 
<smoser> knowledge of this came from agy telling me that there were no nova updates for Canonistack.
<koolhead11> Error404NotFound: http://wiki.nginx.org/LoadBalanceExample  this is what i meant
<Error404NotFound> hkraal: isup.me
<Error404NotFound> koolhead11: even with this, configs would have to be copied between both backends and also single point of failure with respect to copying configs.
<Daviey> smoser: http://pb.daviey.com/qdVg/
<smoser> suck
<smoser> open a bug on this.
<Daviey> smoser: i think you need to, $ ubuntu-bug ubuntu-bug
<smoser> no
<smoser> i think i discovered the problem
<smoser> and i feared this would happen
<smoser> :)
<smoser> i think its because 'telnet 169.254.169.254 80' hangs
<Daviey> smoser: uh?
<Daviey> smoser: can you explain?
<smoser> apport checks to see if it is in ec2
<smoser> by checking for the metadata service
<smoser> Daviey, ok. any idea why its not a genuine package?
<smoser> so i veriifed that the 169.254.169.254 was the issue
<smoser> i did:
<smoser> route add -host 169.254.169.254 reject
<smoser> which can then be removed by
<smoser> route del -host 169.254.169.254 reject
<CluelessPerson> h5
<CluelessPerson> '
<CluelessPerson> I'm getting an error whenever I boot up my server.
<CluelessPerson> init: ureadahead-other main process (712) terminated with status 4
<CluelessPerson> [   103.509461] [drm:pch_irq_handler] *ERROR* PCH poison interrupt
<CluelessPerson> What does this mean?  google is unhelpful.  although I do think it does have something to do with checking the disks.
<Daviey> CluelessPerson: What ubuntu release?
<CluelessPerson> 11.04
<CluelessPerson> before that error, a couple lines above it speaks about forcing a check on the drives, it being mounted 38 times without a check
<Daviey> CluelessPerson: Looks like a kernel bug, and known.
<Daviey> It would help i you raise a bug, or continue the discssuion in #ubuntu-kernel
<CluelessPerson> I did see a post about a bug related, but didn't realize that this was specifcially it
<CluelessPerson> I'll look in to i
<Daviey> it might not be, but the kernel folks will be able to help more.
<CluelessPerson> thanks
<smoser> Daviey, bug 855651 opened for the apport issue we saw.
<uvirtbot> Launchpad bug 855651 in apport "apport can hang when checking for ec2 metadata" [Low,Confirmed] https://launchpad.net/bugs/855651
<Daviey> cool
<smoser> bug 855660 for the DescribeInstances bug that we were seeing which now seems gone.
<uvirtbot> Launchpad bug 855660 in nova "DescribeInstances fails sporadically" [Undecided,New] https://launchpad.net/bugs/855660
<Daviey> wron
<Daviey> g
<Daviey> adam_g: around?
<adam_g> Daviey: hey
<Daviey> adam_g: rocking
<lynxman> adam_g: morning ;)
<Daviey> adam_g: can you see my message?
<smoser> is/has anyone (utlemming, jamespage) looked at results at https://jenkins.qa.ubuntu.com/job/oneiric-server-ec2/
<jamespage> smoser: I took a run through earlier
<smoser> did we opne bugs ?
<smoser> or mark failures as a particular bug ?
<smoser> is there any sane way to do that in jenkins ?
<jamespage> there are only three test failures
<jamespage> two looked like ec2 rather than Ubuntu errors - machines where never provisioned
<jamespage> and one was lack of network on first boot
<zul> jamespage: shazbutt
<jamespage> smoser: http://tinyurl.com/6zfumu2
<jamespage> as utlemming just asked me to re-run against the most recent images I stopped filing results
<smoser> oh. those are against yesterdays images ?
<smoser> we really need to improve our test suite.
<smoser> as openssl was broken for https traffic yesterday :)
<jamespage> smoser: 20110920
<smoser> jaso i ask a general question....
<smoser> we're going to be running these tests more often (i hope)
<smoser> is there a way that we can attach bug numbers and or data to the results ?
<jamespage> smoser: yes
<jamespage> https://jenkins.qa.ubuntu.com/job/oneiric-server-ec2/ARCH=i386,REGION=ap-southeast-1,STORAGE=instance-store,TEST=simple-user-data,label=ubuntu-server-ec2-testing/
<jamespage> for example
<smoser> ah. ok. that is useful somewhat.  that comment there i son the parituclar test ?
<smoser> that is nice.
<Daviey> smoser: great! instances refuse to die
<Daviey> ah, just slow to die for some reason
<smoser> i think they're dead now
<Daviey> yeah
<smoser> that is know behavior
<smoser> terminate-instances; list
<smoser> will show terminated instnace as 'running'
<adam_g> i think i saw that yesterday
<adam_g> instance is dead, /var/lib/nova/instances/instance-* is deleted, etc. but updating host status in db seems delayed
<adam_g> or instance status
<lynxman> I had that several times myself, I had to delete the objects from the DB manually at the end
<zul> heh....im dont dead im just resting
<zul> sorry i watched monty python last night
<lynxman> zul: bring out yeh deaaad
<Daviey> smoser: do you have a euca-terminate-all helper?
<Daviey> I made one a while ago, but wonderd if you had anything clean?
<smoser> i can make one
<Daviey> smoser: mine was euca-describe | grep running | awk | -> for i in that ; terinate $i
<Daviey> smoser: see win #4
<Daviey> 011-09-21 13:18:53,070 WARNING nova.scheduler.manager [-] Driver Method schedule_run_instance missing: 'ChanceScheduler' object has no attribute 'schedule_run_instance'.Reverting to schedule()
<Daviey> nice
<adam_g> oh
<adam_g> hold on
<Daviey> adam_g: do you have an idea why only the first node is working?
<adam_g> yes
<kirkland> RoAkSoAx: yo!
<kirkland> RoAkSoAx: mtaylor has a some ideas about the pxe preseed opts in Orchestra
<kirkland> RoAkSoAx: you around?
<lynxman> kirkland: that sounds interesting :)
<kirkland> mtaylor: RoAkSoAx: I'm nibbling on lunch, so make sure you highlight my nick when you speak :-P
<mtaylor> RoAkSoAx: so - I was checking in with kirkland about whether or not orchestra had done anything about preseed's inability to properly deal with multiple nics. (last I checked, I needed to add "netcfg/choose_interface=eth0" to the kopts even if I had that in the preseed file)
<mtaylor> RoAkSoAx: so I guess the inquiry is in two parts - is there a way to get preseed itself to do what I'm asking it to do without having to pass kopts, and if not, is there a way to make orchestra scan through stuff and do the right thing so that folks don't get screwed by doing a preseed config that still asks menu questions
<RoAkSoAx> mtaylor kirkland im on way to lunch too can we talk in ~1hr? im from cell atm
<smoser> mathiaz, meet utlemming .
<kirkland> mtaylor: what would your desired behavior be?
<mtaylor> RoAkSoAx: sure
<smoser> utlemming, is doing much of the ec2 work now. you can ping him if i'm not available for sure.
<kirkland> mtaylor: ie, you don't want it to be an orchestra-wide setting, do you?
<kirkland> mtaylor: different machines might have different nic counts, right?
<mathiaz> smoser: great -thanks!
<kirkland> matttthiiiiiiiiiaaaaaaaazzzzzzzzzzzzzzzzzzzzzzzz
<mathiaz> kirkland: :)
<kirkland> :-)
<mathiaz> kirkland: how are you doing/
<mathiaz> ?
<kirkland> mathiaz: well, man :-)
<kirkland> mathiaz: et toi?
<Daviey> mathiaz: I seem to remember you saying, "I won't be a stranger"
<smoser> yes, its good to see the ubuntu hero mathiaz around.
<smoser> we were just swearing^H^H^H^H^H^H talking about some of your work yesterday
<mathiaz> smoser: ah nice! Hopefully some of it is still used :)
<mathiaz> kirkland: doing well here
<smoser> hoping to get some of the euca-stress tests pointing at openstack
<mtaylor> kirkland: well, thing number one is that if I put netcfg/choose_interface=eth0 into a preseed file, I'd love for that to work
<DanaG> weird... looking at my management tool's results for chkdsk eventlogs, I see some computers where it did this:  Check C:, fix C:.  Reboot.  Check D:, fix D:.  Check D:. No errors.
<DanaG> Note that the "C:" is one event, and the "D:" pair is another event... yet the TimeGenerated field is the same on both.
<mtaylor> kirkland: BUT - if that doesn't work, it would be a nice hack if orchestra could look in the preseed file for netcfg/choose_interface and if it's there toss something into the kopts
<zul> mathiaz: hey!
<DanaG> oops, wrong channel.
<lynxman> DanaG: :D
<SpamapS> mtaylor: is this a well known bug in netcfg or something?
<mtaylor> SpamapS: afaik - I learned about the kopt workaround from a blog somewhere a couple of months ago
<mtaylor> SpamapS: so, I think so
<mtaylor> SpamapS: related (marginally) ... how does one connect a node in orchestra to a particular set of juju charms (that's never going to get easy to say)
<SpamapS> mtaylor: juju wants to be the thing that tells orchestra to turn a machine on / configure it..
<SpamapS> mtaylor: so you use the orchestra provider
<mtaylor> SpamapS: AH
<kirkland> mtaylor: orchestra sort of becomes your EC2 or OpenStack, so to speak
<SpamapS> mtaylor: I believe adam_g is working on a blog post for Juju+Orchestra == OpenStack
<lynxman> darn, somebody released mcollective on debian after our package, now we have delta :(
<zul> lynxman: how big of a delta?
<lynxman> zul: afaict biggest thing being the recommend activemq instead of rabbitmq
<lynxman> zul: and a couple small details
<zul> lynxman: do you know why that is?
<lynxman> zul: I have a friend who's a maintainer in debian, he recommends me to join the maintenance team for the package :)
<zul> lynxman: good idea
<lynxman> zul: because upstream recommends activemq
<mtaylor> maybe because activemq doesn't require erlang?
 * mtaylor hides
<zul> erlang is off the hook
<lynxman> mtaylor: well player sir, well played
<lynxman> s/player/played/
<lynxman> zul: I think they'll eventually switch to rabbitmq tbh
<lynxman> zul: anyhow I need to get involved :)
<kpettit> any good opensource database browser/query tools for talking with M$ databases?
<lynxman> kpettit: odbc I reckon should do the job, that's how I do it normally
<kpettit> I'm not that familiar with dealing with ODBC.  I just need to be able to talk to it so I can run sql queries and such.
<kpettit> is there good ODBC query/browser tool?
<SpamapS> I think the only reason upstream recommends activemq is that its what they started with.
 * SpamapS said referring to mcollective
<SpamapS> kpettit: I believe libreoffice-base can use any odbc driver
<kpettit> worth a try.  thanks
<lynxman> SpamapS: yeah actually mcollective upstream recommends activemq as well, but I'm in close contact with the author and he blesses our use of rabbitmq :)
<lynxman> SpamapS: he's thinking about switching to rabbitmq at some point
<SpamapS> lynxman: right, thats what I mean.. AMQ is just what he used first, so he can confidently recommend it.
<SpamapS> my experience with ActiveMQ was that it was dog slow, crashy, and frustrating to configure.
<lynxman> SpamapS: deffo but it's a big delta with our package :)
<lynxman> SpamapS: and it's not even packaged for Ubuntu
<SpamapS> libactivemq-java - ActiveMQ message broker core Java libraries
<SpamapS> not that?
<lynxman> SpamapS: those are just the java libraries, not the server
<SpamapS> Oh is there some reason the server isn't available?
<SpamapS> I'm sure somebody might like to use it. :p
<lynxman> SpamapS: well... I think I can take it from debian, would be a good exercise :)
<lynxman> SpamapS: considering that packaging activemq is a b**tch
<lynxman> SpamapS: so if the work has already been done... :)
 * lynxman tries to have fun while at puppetconf
<SpamapS> lynxman: what do you mean "take it" from debian? it should get synced automatically.
<lynxman> SpamapS: it's in unstable
<SpamapS> for how long?
<SpamapS> Ahh its just arrived.
<lynxman> SpamapS: http://packages.debian.org/sid/activemq
<lynxman> SpamapS: yeah, it's new and fresh
<SpamapS> lynxman: you should file a sync request
<lynxman> SpamapS: oh, do explain :)
 * lynxman learns something new
<SpamapS> lynxman: 'requestsync' on any ubuntu system with ubuntu-dev-tools installed
<lynxman> SpamapS: cool, ty
<SpamapS> lynxman: its a bit late, but I think its worth putting it in 11.10
<lynxman> SpamapS: maybe it can get in universe, but yeah I think it's late for 11.10
<smoser> hallyn, so you were asking me to sponsor ifupdown for bug 850309, right ?
<uvirtbot> Launchpad bug 850309 in libvirt "libvirt fails to autostart VM attached to a bridged port" [Medium,Confirmed] https://launchpad.net/bugs/850309
<SpamapS> lynxman: everything starts in universe :)
<CluelessPerson> I get an error while booting my server now....
<CluelessPerson> init: ureadahead-other main process (712) terminated with status 4
<hallyn> smoser: for starters just a sanity check.  But if it looks good to you then sure.
<lynxman> SpamapS: as it should be ;)
<hallyn> smoser: it'll need the teensiest of libvirt update as well :)
<CluelessPerson> while doing it's check mount/disk thing after however many boots, I'm getting that and this other line and several others
<SpamapS> CluelessPerson: do you have a separate /var partition ?
<CluelessPerson> [   103.509461] [drm:pch_irq_handler] *ERROR* PCH poison interrupt
<smoser> hallyn, i generally think its sane.
<CluelessPerson> SpamapS, No, or, not that I know of, then again I'm a new.  JNot that I set up.
 * mtaylor is currently battling libvirt. swings arms aimless in the air. collapses sobbing
<uvirtbot> New bug: #855800 in qemu-kvm (main) "KVM crashes when attempting to restart migration" [Undecided,New] https://launchpad.net/bugs/855800
<SpamapS> CluelessPerson: ahh ok.. that used to cause a similar error. ureadahead is just an optimizer, so that message is probably just an annoyance.
<smoser> and i even generally think it is non-intrusive
<SpamapS> mtaylor: use fire
<mtaylor> SpamapS: trying man
<smoser> hallyn, i guess i dont have anything terribly against it.  i can't see how it would regress anything, its just an upstart event that nothing would ever listen for (until you hadded libvirt, where youd' ahve to depend on that version or greater of ifupdown)
<SpamapS> smoser: +1 from me.. not having the 'wait forever for dhclient' part of static-network-up is disappointing, but it makes it so people will be setup for a better experience on upgrade.
<hallyn> great, thanks guys.
<hallyn> objections to doing the same for lucid?
<SpamapS> I think it should go all the way back to lucid
 * mtaylor thinks SpamapS should go all the way back to lucid
<smoser> i have no objections.. but see what the patch looks like. if it actually is as trivial and non-intrusive as it is here.
<SpamapS> There will be plenty of people who will appreciate that.
 * SpamapS thinks mtaylor should stop being so hoary
<mtaylor> SpamapS: but the breeze is so karmic...
<smoser> hallyn, one comment, if you're merging changelog entries, you might as well merge them all i think
<smoser> rather than confusing *\n[Scott Moser]\n...[Clint]\n...[Scott ]\n...
<lynxman> SpamapS: btw you're packaging juju right? Let me know when I can sync my port :)
<SpamapS> lynxman: right, we're waiting for all the eureka features to land then will upload it.
<lynxman> SpamapS: schweet
<CluelessPerson> SpamapS, It's keeping my server from booting
<SpamapS> CluelessPerson: it may be a symptom of whats keeping your server from booting, but its probably not the root cause. What version of Ubuntu?
<CluelessPerson> 11.04
<CluelessPerson> SpamapS, ^
<soren> Phew. Finally got a server off of its 2.6.24-19 kernel.
<soren> Tough nut to crack, that one. It was infected with evms, which held my boot record hostage.
<soren> /boot was an lvm volume that lived on top of a software raid1 set.
<soren> Because evms had been installed at some point (this is a rather old server, let me tell you), it was in the initrd.
<soren> ...this meant that instead of having md0 (the raid1 set holding my lvm stuff) be built up of sda1 and sdb1, it was built up of dm-0 and dm-1 which were in turn evms crackpot aliases for sda1 and sdb1.
<soren> ...and lilo refused to install an mbr on a devmapper device.
<soren> ...but I couldn't get rid of evms, because that would require installing an initrd that didn't have evms in it.
<soren> I finally had the epiphany that I could use kexec to load a new kernel and initrd.
<soren> and rid myself of this ancient kernel. I can't imagine how many security bugs have been fixed between 2.6.24-19 and 2.6.24-29.
<j0nr> \leave
<SpamapS> CluelessPerson: maybe try editting the command line in grub and remove the 'quiet' keyword so you can see what the system is doing before it fails.
<Daviey> CluelessPerson: did you speak with kernel?
<Dulcin> I'm getting this error when starting mysql: ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
<Dulcin> I've tried like the first 20 google results, but can't find a solution
<Dulcin> I'm not sure what caused it, it used to work...
<jeblair> SpamapS: do you have any pointers to docs on how to get started using orchestra with juju?  ie, how to have certain charms run on a (physical) server bootstrapped with orchestra?
<SpamapS> jeblair: docs are being worked on right now.. its only just started working reliably in the last week or two. ;)
<SpamapS> jeblair: Assigning services to specific machine types is one of those "oops we need to do a better job of that" problems. I believe the way right now is to change environments.yaml when deploying so that a certain mgmtclass of machines is chosen.
<SpamapS> jeblair: its equally painful on EC2 .. so its a juju-wide problem. ;)
<jeblair> SpamapS: is there a sample environments.yaml that uses orchestra?
<jeblair> (or cobbler)
<jeblair> ah, i think i see what i need in the source.  i'll try to follow that. :)
<lynxman> SpamapS: juju-wide? :)
<ScatterBrain> I just updated my laptop with the newest Kernel - came in as a software update.  When I rebooted, EVERYTHING is slower now.  Booting, Starting Gnome everything except for typing is slower.  Anyone know of a problem with the newest kernel?
<GRMrGecko> What would you guys recommend using for Dell PowerEdge T710? Ubuntu Server or Debian?
<lynxman> GRMrGecko: I think it'd work properly yeah, T710 has pretty standard components :)
<RoyK> GRMrGecko: just try ubuntu 10.04 on it - if it works, well, you'll have a good server
<RoyK> if lucid fails, try something newer
 * RoyK prefers LTS for servers
<lynxman> RoyK: definitely LTS for server good choice
 * RoyK is managing about 40 ubuntu servers and doesn't want to upgrade them every 6 months
<StevenR> upgrading is dull. it's much easier to do that every few years
<RoyK> I still have a few 8.04 boxes running
<StevenR> GRMrGecko: we have a load of R710 (I guess the rack version of the T710) running Lucid with no problems
<RoyK> no problems with those
<GRMrGecko> ok
<GRMrGecko> thanks
<RoyK> GRMrGecko: use cutting edge software when you need the latest and hottest. use LTS if you need something stable. use the former LTS release if you want something rock stable
<RoyK> 8.04 is the most stable ubuntu release I've seen so far
<RoyK> but then, it's old, and may lack a few drivers etc
<RoAkSoAx> mtaylor: sorry for the delay got stuck in traffic, and phone run out of battery so no 3g
<mtaylor> RoAkSoAx: that sounds terrible!
<RoAkSoAx> mtaylor: anyway, as far as I know, there's been many people trying to configure many nics
<RoAkSoAx> in a preseed
<RoAkSoAx> and they have been unsucessful
<mtaylor> RoAkSoAx: yes - well, I don't even care about configuring all of them, as much as just selecting the default one
<mtaylor> but it, indeed, does not even come close to working
<mtaylor> which would make orchestra/cobbler/pxe/preseed kind of useless in most server environments if it weren't for being able to pass netcfg stuff in to the kernel as boot options
<kirkland> mtaylor: would gpxe help?
<kirkland> mtaylor: i've heard its more configurable...though I've not used it myself
<mtaylor> kirkland: I don't think it's a pxe problem as much as it's a preseed problem
<mtaylor> everything _does_ work if you pass the extra kopt
<mtaylor> it's just why preseed doesn't honor the value in the preseed file for default nic is beyond me
<RoAkSoAx> mtaylor: there's mtaylor right, but how are you thinking to select the default network interfacE?
<RoAkSoAx> mtaylor: we could do some tricks to get things passed "automatically"
<mtaylor> RoAkSoAx: well, I'm fine with even coding the default interface into the preseed file in a normal cobbler setup (if that worked)
<kirkland> RoAkSoAx: worst case, each machine's kopts can be edited in the web interface, right?
<kirkland> RoAkSoAx: and on the cli, too, right?
<mtaylor> yes. which is what I've been doing
<kirkland> mtaylor: was that "yes" to me?  for the web ui or the cli?
<mtaylor> well, cli - but it's the same overall effect - I have to configure extra kopts, which is very counter-intuitive
<mtaylor> given that preseed HAS the option listed
<mtaylor> in any case- I would think that a) fixing preseed would be stellar - but b) if preseed can't be fixed for some reason, it would be a nice user-friendly hack to have orchestra scan the preseed file it's using for that machine and if it finds the appropriate netcfg line to add it to kopts
<mtaylor> (since orchestra seems to be doing a great job of providing sensible default setups for cobbler)
<RoAkSoAx> kirkland: yes we can
<RoAkSoAx> mtaylor: but for example, if we modify network values on a system, those network values do not reflect in the preseed as we arent actually editing the preseed for that
<kirkland> RoAkSoAx: I think mtaylor's request is reasonable, though landing this in 11.10 might be hard, with final freeze next thursday
<RoAkSoAx> or cobblre is not automatically editting the preseed to introduce network values
<kirkland> mtaylor: would you mind filing a bug against orchestra so that we can document this as a bug/feature-request?
<mtaylor> kirkland: sure! although I tihnk I should probably also file a bug against preseed... any idea where the right place to file that one is?
<kirkland> RoAkSoAx: cobbler has support for some variables to get passed through to the preseeds;  smoser did some work around that
<kirkland> mtaylor: file it against debian-installer
<RoAkSoAx> kirkland: yeah we can pass variables and stuff
<kirkland> mtaylor: you can click "also affects" orchestra
<RoAkSoAx> kirkland: we can even obtain the info for eth0 ip, mac, etc etc and put it in the preseed
<kirkland> mtaylor: so that it shows up in both lists
<mtaylor> kirkland: sweet
<RoAkSoAx> kirkland: however, in cobbler system we cannot say which interface is default
<kirkland> mtaylor: cjwatson will move around the "debian-installer" bit to the right component
<kirkland> RoAkSoAx: understood;  i think i told mtaylor as much
<mtaylor> RoAkSoAx: would it perhaps be reasonable to file a bug against cobbler for a way to express default interface?
<mtaylor> I mean - it's rare to find a machine _without_ 4 NICs these days
<kirkland> RoAkSoAx: mtaylor: orchestra assumes that eth0 is the default interface;  machines where that's not true are handled on a one-off basis
<RoAkSoAx> mtaylor: I guess we could but that would be a new feature
<smoser> what is "default interface" ?
<kirkland> RoAkSoAx: new features are okay for 12.04, just not 11.10 at this point
<kirkland> smoser: i think mtaylor means "the netboot" interface, right?
<mtaylor> kirkland: I'm fine with that assumption - the main thing I want to make sure is that booting the machine doesn't hang on a menu option
<kirkland> mtaylor: +1, agreed
<kirkland> mtaylor: so when you file your bug, express it in that manner
<mtaylor> I shall attempt to do so
<kirkland> mtaylor: "the bad thing that happens here is that headless, orchestra-installed machines are hanging on a menu option...etc."
<mtaylor> yes. which is - you know - not usually what one is trying to accomplish
<kirkland> mtaylor: :-)
<smoser> why would a machine hang on the menu entry ?
<smoser> the mnu is supposed to time out and fall back to locak disk.
<smoser> no?
<smoser> i'm clearly missing something. so i'll be quite.
<smoser> quite quiet even.
<RoAkSoAx> kirkland: yeah we could use the netboot interface as the default interface
<RoAkSoAx> kirkland: an we could fill kopts or the preseed with that
<smoser> there is an 'early_command' (similar to 'late_command')
<mtaylor> smoser: so, outside of the orchestra context - if you pxeboot an image and hand it a preseed file, and in that preseed file you have netcfg/choose_interface=eth0
<mtaylor> smoser: to tell the machine on what interface to listen for dhcp
<mtaylor> smoser: it doesn't work
<mtaylor> and it pops up a menu and asks you what interface you want as your default interface
<mtaylor> if, however, you pass netcfg/choose_interface=eth0 to the kernel as a boot option - it works as expected
<kirkland> mtaylor: okay, if that's the issue, that's a bug; and a big one
<kirkland> mtaylor: i'm sorry if i missed that part directly, from the start
<kirkland> mtaylor: that's a debian-installer issue
<mtaylor> kirkland: yes. sorry - I may not have been clear earlier
<kirkland> mtaylor: i probably just read right past that, and assumed it was an orchestra bug :-)
<mtaylor> kirkland: totally - I was just thinking since it seems to be a known issue, perhaps orchestra could help work around it
<kirkland> mtaylor: can you pastebin all or part of your preseed?
<kirkland> mtaylor: any chance its just grammar/syntax?
<kirkland> mtaylor: http://www.debian.org/releases/lenny/example-preseed.txt
<kirkland> # To pick a particular interface instead:
<kirkland> #d-i netcfg/choose_interface select eth1
<RoAkSoAx> mtaylor: yeah that's totally a bug in the preseed
<kirkland> RoAkSoAx: have you seen this before?  reproduced it?
<mtaylor> kirkland: d-i netcfg/choose_interface select eth0
<RoAkSoAx> kirkland: i have never personally tried but adam_g encountered the problem and used kopts to chose default interface
<RoAkSoAx> kirkland: so yeah we encountered the same issue but was work arounded the same
<mtaylor> kirkland: I ran in to this 2 months ago in a data center - and then I found a blog post about using kopts
<kirkland> RoAkSoAx: hmm, okay, we need a pretty urgent bug filed and assigned to cjwatson, then
<RoAkSoAx> kirkland: i'll test it again and see what I find though
<mtaylor> speak of the devil
<RoAkSoAx> kirkland: the thing is withing cobbler we could actually just add an option to select the default interface to place it in the preseed
<RoAkSoAx> kirkland: i'll look into that though
<RoAkSoAx> kirkland: will investigate a bit more how was that done in rhel
<mtaylor> of course, in _my_ personal usecase, I'd also need it backported to d-i of lucid, maverick and natty ... so I might just need to keep doing kopts for those. but still
<kirkland> hmm, the closest bugs I see are:
<kirkland> https://bugs.launchpad.net/ubuntu/+source/netcfg/+bug/713385
<uvirtbot> Launchpad bug 713385 in netcfg "netcfg/choose_interface=auto fails to find the right interface" [Medium,Confirmed]
<kirkland> and https://bugs.launchpad.net/ubuntu/+source/netcfg/+bug/56679
<uvirtbot> Launchpad bug 56679 in netcfg "provide a method to use a specified MAC-address as the installation device" [High,Fix released]
<smoser> mtaylor, thank youfor explanation.
<mtaylor> smoser: sure! thanks for asking the question - it seems to have caused me to re-explain in a more useful way :)
<mtaylor> kirkland: https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/855921
<uvirtbot> Launchpad bug 855921 in debian-installer "does not honor netcfg/choose_interface in preseed" [Undecided,New]
<kirkland> mtaylor: this is Oneiric?
<kirkland> mtaylor: one thing you might want to edit in your bug description ....
<kirkland> <mtaylor> kirkland: d-i netcfg/choose_interface select eth0
<mtaylor> kirkland: tbh, I haven't tried oneiric - it wasn't booting last time I was setting up cobbler
<kirkland> mtaylor: whereas you say: "in that preseed file you have netcfg/choose_interface=eth0"
<mtaylor> kirkland: good point
<kirkland> mtaylor: okay, so this is natty?
<kirkland> mtaylor: or something else?
<kirkland> mtaylor: i'd like to note which version you're seeing this one
<mtaylor> kirkland: it was either natty or maverick
<mtaylor> kirkland: I _believe_ both
<kirkland> mtaylor: k
<mtaylor> kirkland: I'll work on re-reproducing it
 * mtaylor just got 5 machines in a lab for cobbler/install use
<kirkland> i wonder if I can reproduce this in a vm with multiple nics ....
 * kirkland tries
 * RoAkSoAx waaaaaaaaaaaaaaaaaa compiz acting up grrr
<kirkland> RoAkSoAx: unity2d, baby
<RoAkSoAx> kirkland: hehe yeah I'm gonna have to change
<kirkland> RoAkSoAx: for bonus, you'll get 3 extra hours of battery, too!
<RoAkSoAx> kirkland: really? heh good to know
<RoAkSoAx> brbr
<RoAkSoAx> lol
<RoAkSoAx> exit
<kirkland> RoAkSoAx: um
<kirkland> RoAkSoAx: how does cobbler feed the preseed to the machine being installed?
<kirkland> RoAkSoAx: over http?  or pxe?
<RoAkSoAx> kirkland: http
<kirkland> mtaylor: hmm
<kirkland> mtaylor: we need the network to be "up", to retrieve the preseed
<kirkland> hello chicken, my name is egg!
<segv> so, i installed mongrel-clustesr and it has a sites-enabled/sites-available dir, but no examples or anything really, is there a stock page or package documentation for the repo version so I don't have to modify anything
<RoAkSoAx> kirkland: basically, cooobler just creates a pxe file that lists auto url==http://blablablala/bla/preseed/
<mtaylor> I thought it did the preseed as a bit of the dhcp netboot interaction
<RoAkSoAx> or something like that
<segv> cobbler is awesome
<segv> :)
<mtaylor> yes - no, you're right
<kirkland> mtaylor: i'm confirming with RoAkSoAx, but it looks like it's using the url= param on the kernel line
<mtaylor> but this is the funny part - because of the netboot part - the network is actually WORKING just fine
<RoAkSoAx> kirkland: yes it does
<mtaylor> which is what makes the netcfg/choose_interface=default thing not working all the more funny
<kirkland> mtaylor: okay, i'm disecting this ....
<segv> you know you can just grab the pxe grub init etc. and use grub to netboot yeah?
<segv> I do it all the time :)
<kirkland> mtaylor: basically, i think the assumption should be in debian-installer
<kirkland> mtaylor: that if you netbooted using some interface, then that's your damn default!
<RoAkSoAx> kirkland: http://paste.ubuntu.com/694771/
<mtaylor> kirkland: YES
<kirkland> mtaylor: hmm, any idea, top your head, how to determine that inside of the OS?
<mtaylor> uhm
<mtaylor> netstat ?
<mtaylor> kirkland: ip route | grep default | awk '{print $5}'
<kirkland> mtaylor: heh, we have to do this *before* ip has a route :-)
<kirkland> mtaylor: we're trying to determine which interface to use, right?
<kirkland> mtaylor: fwiw, i've reproduced this in a VM with multiple nics
<kirkland> RoAkSoAx: so...here's what i'm thinking
<RoAkSoAx> kirkland: shoot
<kirkland> RoAkSoAx: i _think_ we should perhaps set that netcfg/choose_interface=eth0 in the kernel opts, by default
<mtaylor> kirkland: YAY
<kirkland> RoAkSoAx: and document that that needs to be changed for machines where that's a bad assumption
<kirkland> mtaylor: ^
<kirkland> mtaylor: what do you think?
<mtaylor> kirkland: I think that's an excellent default for orchestra to do
<mtaylor> kirkland: it catches the 90% case and is inline with your assumtions already
<kirkland> mtaylor: i thought you might like that :-)
<mtaylor> kirkland: you've figured me out
<kirkland> mtaylor: yeah, i think so
<mtaylor> sensible defaults ftw
<RoAkSoAx> kirkland: we can do that
<RoAkSoAx> kirkland: I'll look into doing it on orchestra or simply just changing a template whithin cobbler
<segv> hmmm
<segv> What's a stock mongrel-cluster enabled site config look like, just a default mongrel cluster file?
<jdstrand> Daviey: I'm looking at the iscsitarget mir (bug #843808)
<uvirtbot> Launchpad bug 843808 in iscsitarget "[MIR] iscsitarget" [High,In progress] https://launchpad.net/bugs/843808
<jdstrand> Daviey: why did tgt get demoted and we are asking for a mir of iscsitarget?
<jdstrand> zul: ^
<jdstrand> well, I guess because nova doesn't have tgt support
<jdstrand> zul: I found this actually: https://bugs.launchpad.net/nova/+bug/819997
<uvirtbot> Launchpad bug 819997 in nova "Nova volume should support tgt rather than iscsitarget." [Wishlist,In progress]
<Daviey> jdstrand: tgt was considered to be less reliable than iscsitarget
<Daviey> IIRC
<Daviey> ah no
<kirkland> jamespage: don't you have an enjumble charmula for jenkins?
<mtaylor> jamespage: hey
<Daviey> jdstrand: i might be talking tosh
<jdstrand> Daviey: I'm trying to find the origins of tgt, but I thought it was a rewrite and supported by RHEL
<jdstrand> well, I know it is supported by RHEL
<Daviey> jdstrand: https://bugs.launchpad.net/nova/+bug/819997
<uvirtbot> Launchpad bug 819997 in nova "Nova volume should support tgt rather than iscsitarget." [Wishlist,In progress]
<jdstrand> I don't know its origins
<jdstrand> Daviey: yes, I just pasted that bug :)
<mtaylor> jamespage: I was just thinking that, in addition to me ever finishing the jclouds plugin - we should write a jenkins plugin that just makes juju calls
<Daviey> https://code.launchpad.net/~markmc/nova/iscsi-tgtadm-choice/+merge/75906
<Daviey> good description
<kirkland> mtaylor: https://code.launchpad.net/~charmers/charm/oneiric/jenkins/trunk
<jdstrand> Daviey: ok, I updated the bug asking for server team imput regarding tgt
<jdstrand> input
<mtaylor> kirkland: so, uh, can't use orchestra to deploy anything less than oeneric, apparently, because it wants to install ubuntu-orchestra-client on the machine. ?
<kirkland> mtaylor: good point -- RoAkSoAx we need to fix that
<kirkland> mtaylor: you'll need to drop that out of the preseed file
<mtaylor> kirkland: ok. it'll still work and stuff?
<kirkland> mtaylor: we'll ge that fixed
<kirkland> mtaylor: yeah
<mtaylor> cool.
<RoAkSoAx> kirkland: uhmmm i can do something else to work around that problem
<kirkland> RoAkSoAx: cool -- what?
<mtaylor> kirkland: need a bug filed?
<kirkland> mtaylor: please
<kirkland> mtaylor: assign it to RoAkSoAx (andreserl)
<RoAkSoAx> kirkland: put that in a preseed, and do and if/else to see the version of the OS
<RoAkSoAx> s/preseed/snippet
<RoAkSoAx> so if it is natty or lower, not install the client
<kirkland> mtaylor: we definitely want orchestra to be able to install lucid - oneiric
<kirkland> RoAkSoAx: rock!
<mtaylor> https://bugs.launchpad.net/orchestra/+bug/855956
<uvirtbot> Launchpad bug 855956 in orchestra "can't use orchestra to deploy anything less than oeneric" [Undecided,New]
<RoAkSoAx> mtaylor: thanks
<kirkland> mtaylor: cool
<kirkland> mtaylor: you coming to Orlando?
<mtaylor> kirkland: yup.
<kirkland> mtaylor: cool!  I'll make RoAkSoAx buy you a beer :-D
<kirkland> LoL
<mtaylor> kirkland: whole openstack community team is coming, actually - me, and jeblair  and jaypipes and ttx and reed
<kirkland> neat
<kirkland> I'll be at ODS too
<mtaylor> yup. it's gonna be baller
<mtaylor> sweet
<RoAkSoAx> coolio
<RoAkSoAx> cool*
<RoAkSoAx> lol
<Daviey> thanks jdstrand
<Daviey> jdstrand: Do you have any findings from glance?
<jdstrand> Daviey: haven't looked yet. rest assured, I will get there. other than 3 phone calls today, all I have been doing is server team MIRs (and that doesn't count all the hours on monday and tuesday)
<jdstrand> (please bear with me, code audits, even at this shallow depth take a while)
<Daviey> jdstrand: Yes, sorry - i didn't mean to seem to be keeping on, I was really just seeing if there is anything we can do based on initial findings.
<Daviey> We do appreciate your time :)
<jdstrand> no worries
<zul> jdstrand: yeah thats a rewrite of what i did (the nova branch)
<jeblair> so another workaround to bug 855956 is to install oneiric... it prompted with an option to configure iscsi volumes, which isn't desirable in an unattended orchestra installation...
<uvirtbot> Launchpad bug 855956 in orchestra "can't use orchestra to deploy anything less than oneiric" [High,Triaged] https://launchpad.net/bugs/855956
<jeblair> kirkland: does that sound like an installer bug, or something we should be setting in orchestra?
<bfreis> Is there a Natty cloud image very very small, smaller than those available at http://cloud-images.ubuntu.com/server/natty/current/ ? I'd like it to have only cloud init, and a very small set of packages
<bfreis> Or how could I build such an image?
#ubuntu-server 2011-09-22
<thanatos> good evening
<thanatos> is anybody familiar with the establishing of a connection to localhost?
<thanatos> in specific, do i have to be connected to a network in any kind, to connect to my localhost?
<TheEvilPhoenix> thanatos:  no, localhost references only the system that you're on
<TheEvilPhoenix> for example, this system i'm on is a laptop
<TheEvilPhoenix> i can be disconnected from the internet
<TheEvilPhoenix> in every way shape and form, and be able to access localhost
<TheEvilPhoenix> because it goes through the `lo` interface
<TheEvilPhoenix> which is the loopback interface that your computer uses to communicate with itself
<thanatos> is it possible that the connection to my self is in anykind of way blocked?
<thanatos> for example default blocked, via internal firewall or something like that?
<thanatos> because if i try to connecto to my self, via local host, i get connection refused errors
<thanatos> my machine is not connected to any kind of network at all, on which i am trying to build a server client with python
<thanatos> as soon as i connect to a network, the error does not occure
<thanatos> but if i am offline, there is a connection refused
<thanatos> so i was woderning if there is some kind of restriction if connecting to my self
<thanatos> if i am not in a network
<K4k> is there a way to use ssh in such a way that you can "connect" to the server, in the sense that whatever you type is run on the remote server, but what you type is not sent to the server in real time? In the same way running a remote command would almost but without having to run the ssh command every time.
<pmatulis> K4k: rephrase
<K4k> Sorry, I'm having trouble putting what I'm looking for into words
<K4k> As in I type the commands in a terminal and when I hit enter, it sends the command but as I'm typing that command I
<K4k> *** I'm not affected my network latency
<K4k> I have a server that's on a really high latency network and there are often times 30 second periods where I get no response and that would be fine if my typing was not affected
<pmatulis> K4k: you want to avoid having your typing affected by the latency?
<K4k> pmatulis: yea, I'm not sure if this is possible with ssh though. The closest I've found is called "sshpass" but getting that to work is a bit of a "hack"
<qman__> any solution for that would be a hack
<qman__> that happens because of the design of SSH
<K4k> I figured as much
<qman__> it funnels your keyboard to the server, then feeds back the server's output
<K4k> Yea, that's where I'm having an issue
<qman__> any workaround would have to preprocess your input, then wait until you hit enter to send it
<K4k> there's not enough bandwidth for that much traffic
<qman__> which would cause issues with anything interactive
<qman__> such as less
<K4k> ...oh, hadn't thought of that...
<pmatulis> K4k: if your typing often results in the same commands you could write scripts on the remote end, possibly passing an argument here and there
<qman__> the best solution is getting a better link
<qman__> the second best is typing very carefully
<K4k> hmmm
<K4k> Wasn't there, way way back, some kind of connection you could make to a machine that would do essential what I'm thinking of though? I could swear there was...
<qman__> not any that connects directly to the built in terminal systems
<qman__> it would have to have its own shell
<qman__> serial terminals have similar behavior to what you desire, but that's simply because it sends the characters immediately regardless of what's going on
<pmatulis> K4k: you could also just send remote commands: "ssh user@host 'aptitude search foo'" or use a script like i said: "ssh user@host 'script argument'"
<K4k> pmatulis: I'm starting to think that's what I'll do
<K4k> can bash aliases take $1 $2, etc?
<K4k> I could make a bash alias that would do what I need I think
<K4k> (using what you suggest pmatulis)
<K4k> yup, ok that will work for what I need
<pmatulis> K4k: super
<uvirtbot> New bug: #856027 in postfix (main) "package postfix 2.8.2-1ubuntu2.1 failed to install/upgrade: Î· ÏÏÎ¿Î´Î¹ÎµÏÎ³Î±ÏÎ¯Î± installed post-installation script ÎµÏÎ­ÏÏÏÎµÏÎµ ÎºÎ±ÏÎ¬ÏÏÎ±ÏÎ· Î»Î¬Î¸Î¿ÏÏ 75" [Undecided,New] https://launchpad.net/bugs/856027
<aot2002> My package libxml2-dev is at 2.6 on the server but latest is 2.7 ? how can I properly update
<jmarsden> libxml2 | 2.7.6.dfsg-1ubuntu1.2 | lucid-updates | source, amd64, i386
<jmarsden> aot2002: as long as you have lucid-updates enabled, you should get 2.7.6 as seen above
<aot2002> nope still at 2.6
<aot2002> just applied all outstanding updates non of which were libxml2
<jmarsden> aot2002: Is lucid-updates in your sources.list ?
<aot2002> hmm let me check
<aot2002> yes
<aot2002> I wonder if it was installed through compile
<jmarsden> Oh.  If you are silly enough to use un-packaged software, then any mess you end up in is yours to sort out :)   What does   dpkg -l libxml2-dev    output?
<aot2002> dpkg -l libxml2-dev
<aot2002> |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
<aot2002>  Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend
<jmarsden> aot2002: No actual line with a version number in it??
<aot2002> 2.7
<aot2002> but seems to show 2.6 in php
<aot2002> something went wrong with 2.7 update i guess at some point
<jmarsden> aot2002: For a -dev package, there is no harm in doing   sudo apt-get purge libxml2-dev && sudo apt-get install libxml2-dev     #to reinstall it, if you think the installation is incorrect.
<twb> If there is stuff in /opt or /usr/local, they have probably "sudo make install"'d
<twb> That's when you go back to $customer and tell them the rate just doubled
<aot2002> jmarsden, still in bad state
<jmarsden> aot2002: Be specific... define "bad state".
<jmarsden> How are you checking the state, and what is the result of that check?
<aot2002> Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
<aot2002> doesn't that say reinstall-required
<jmarsden> That is a header line.  Where is the one with the version number in, that you seem to be avoiding posting???
<twb> aot2002: that's telling you what the letters are in the columns
<jmarsden> aot2002: Let me ask again slightly differently:  what does     dpkg -l libxml2-dev | tail -1      output?
<aot2002> http://pastebin.com/2QQzSN0d
<jmarsden> aot2002: That says that you have installed libxml2-dev 2.7.6.dfsg-1ubuntu1.2 correctly.  No problem visible.
<aot2002> hmm
<jmarsden> So, why are you asking abou how to do something you already did?
<aot2002> because php is reporting 2.6 is installed
<jmarsden> That is what it links against or finds, and it does not link against -dev anyway :)
<aot2002> I have lamp on compilation to keep the latest versions... do I need to recompile again when upgrading libxml2-dev
<jmarsden> the whole point of a package-managed distribution like Ubuntu is to use packaged software.  Doing anything else is a bad idea.  If you need to backport the latest packages, and then install them, do so.
<aot2002> well that makes sense except php5-curl doesn't install the extension into the package
<aot2002> hence why I'm using a compilation
<aot2002> I did a simple apt-get install php5 php5-curl apache2
<jmarsden> aot2002: OK, so download the package sources, edit them to compile with whatever options you like, and build your new packages...
<jmarsden> Just don't mix packaged software and totally unpackaged "I will just compile this" software...
<jmarsden> aot2002: Maybe you just need to edit your php.ini file to tell it about pgp5-curl ?
<jmarsden> *php5-curl
<jmarsden> But if that is the real issue, ask us about that, not about "My package libxml2-dev is at 2.6 on the server but latest is 2.7 ? how can I properly update" :)
<twb> It comes up often enough here that you should just program ubottu with a set response
<twb> Along the lines of "stable means it doesn't change; if you want to rice it up, #gentoo and #lfs are over there" (only more polite)
<aot2002> Okay sorry how can I get php5-curl working with the installed package from the repo's....then I can kill off hte compiled ver
<jmarsden> aot2002: What happens when you install it and edit php.ini to use it?
<aot2002> In php info it shows the ini is loaded but does not show up in the list like the compiled version shows the version #. Also if I do a var_dump(curl_version()) the compiled shows the version of curl but the package version just throws a 500 error
<jmarsden> OK... and you have software that really absolutely needs to do that, on a production server?
<jmarsden> What is the *real* problem you are trying to solve here?
<aot2002> yes I use it with a custom software that uses curl to communicate with a remote payment system...
<jmarsden> And that software calls curl_version() ?
<aot2002> no that's just how to show what version is installed since any call using curl fails
<aot2002> i was just pointing out the fact that it should return the version
<jmarsden> OK.  So the real issue is that you can't get any of the PHP curl functions to work, when using the packaged version.
<aot2002> yes
<jmarsden> OK.  Let me see if I can reproduce the problem, now we know what the problem is :)
<aot2002> also the compile version is linking to a 2.6 libxml which mediawiki needs 2.7 or it wont install
<aot2002> so i'd rather use package management system anyway
<aot2002> Got most of it setup
<aot2002> just can't get the regular extensions I use installed
<jmarsden> OK, what does     php -r 'phpinfo();' |grep -i curl | tail -3      output on your system?
<jmarsden> (make sure the php binary you run is the one from a Ubuntu package, not one you compiled yourself!)
<aot2002> hmm how can I make sure
<jmarsden> If you don't know, then I am not sure I have time to do this at this level of detail.  I suggest you remove all the stuff you manually compiled, reinstall all your php packages from real official Ubuntu packages, and then see how well things work.
<T3CHKOMMIE> hey guys, i have to tweak an OS for one of my operating system classes. i was wondering if anyone had some thoughts, insight, or pointers on an idea i have about making a version of ubuntu with a building SVN esk type volume shadowcopy filesystem. any ideas?
<jmarsden> T3CHKOMMIE: #ubuntu-server is for Ubuntu server support, not for doing your homework :)  You can add arbitrary filesystems to Linux, either in kernel space, or userspace via FUSE.
<T3CHKOMMIE> jmarsden, its not really a homework assigment. I am looking for ideas on makeing an operating system specific for a specific task thought some of the guys on here would have some tips about OSes,
<T3CHKOMMIE> nevermind tho, ill just check some other channels and see if somone else is more knowlegable about operating systems and ubuntu. thanks tho.
<twb`> haha, he sure schooled you
 * ball snorts
<aot2002> jmarsden, thanks I think the compiled version is mucking with the package version -rw-r--r-- 1 root root 67936 2011-05-02 21:01 /usr/lib/php5/20090626/curl.so
<jmarsden> Quite possibly.  Removing all the stuff you manually added should help :)  Now you see what I meant earlier, when I said: <jmarsden> Just don't mix packaged software and totally unpackaged "I will just compile this" software...
<twb`> It's basically the same as being compromised -- the only way to clean up properly is to do a full reinstall from scratch
<aot2002> :(
<twb`> The lesson here is: don't do it again
<uvirtbot> New bug: #856092 in cyrus-sasl2 (main) "11.10 beta1 alternate install broken dependency libsasl2-modules xserver-xorg-video-ati" [Undecided,New] https://launchpad.net/bugs/856092
<DanaG> Hmm, how do I get my server to accept the ipv6 range my router offers?
<DanaG> It's radvd, not dhcpv6.
<twb`> Don't you need to enable RA in /proc/net somewhere?
<DanaG> I mean, the router is handing it out, and OS X and Win7 accept it.
<DanaG> Natty seems not to.
<twb`> accept_ra
<twb`> I don't have it in mine because I explicitly disable IPv6 until I'm ready to lock it down
<twb`> But I found that in five seconds from https://duckduckgo.com/lite?q=linux+enable+ipv6+ra
<uvirtbot> New bug: #856149 in bacula (main) "bacula-fd won't automatically start at boot" [Undecided,New] https://launchpad.net/bugs/856149
<Daviey> jamespage: The jenkins iso testing looks less than cool?
<jamespage> Daviey, lemme take a look
<Daviey> jamespage: see -testing
<angelete2> hi
<dori922> hey! :D im rsyncing a 20gb folder(/home) to a remote server and its at "Building File LIsts..." anyone have a ball park figure of how long it'll take to complete?
<dori922> like 1-3hrs, 3-6hrs etc :P
<angelete2> i'm using 11.04 in a virtual machine with 512Mb RAM
<angelete2> and my applications using apache2, php5.3 and mysql are telling me "can't allocate memory"
<angelete2> why?
<angelete2> dori922: it depends on your bandwidth and your remote server's, but it will more than a pair of hours
<dori922> and after that how much would the speed improve? :P
<angelete2> the time i told is for both reading and transfering
<angelete2> try to use  -v switch to get more info
<dori922> thanks :D
<koolhead11> hello all
<koolhead11> :D
<jamespage> morning koolhead11
<koolhead11> hey jamespage
<koolhead11> zul: hey
<AlecTaylor> hi
<AlecTaylor> Guess what? - We might be able to install Linux! - My advert: "Linux is much faster, has better security, and scales much better than Windows OSs. Not to mention it have many more features and supporting much more software. Maintenace is also much easier, and upgrading/installing new software never requires a restart."
<koolhead11> AlecTaylor: this channel is not for Linux PR
<koolhead11> Daviey: hello
<AlecTaylor> koolhead11: Why not?
<AlecTaylor> koolhead11: Gave him this link: http://narendrapatel.com/2011/05/installing-ubuntu-serve-11-04-64bit-on-hyper-v/
<koolhead11> well am wrong in that case, that`s what i though all this while.
<AlecTaylor> Hyper-V support was added by Micrsoft to Linux, right?
<AlecTaylor> Hyper-V support was added by Microsoft to Linux, right?
<soren> AlecTaylor: Because it just isn't. I you want to advertise, do it somewhere else.
<AlecTaylor> Hyper-V support was added by Microsoft to Linux, right?
<soren> AlecTaylor: They contributed some network drivers for some stuff at some point. It may have been for Hyper-V.
<soren> "contributed" makes it sound like they did it of the goodness of their hearts. They were obligated to do so due to licensing.
<soren> "Microsoft contributes network driver to Linux" just sounds much better than "Microsoft finally rectifies licensing violation".
<soren> AlecTaylor: why?
<twb`> So quick question before I fuck off and go home: anybody used unbound with a stub-zone, whose stub-addr had a non-default port?
<twb`> Like stub-addr: 127.0.0.1@1053
<twb`> I ask because I just tried that on lucid and everything worked perfectly with unbound on 1053 and dnsmasq on 53 (during testing), but when I swapped them around, unbound just returned SERVFAIL for the stub zone, without even TRYING to ask dnsmasq.
<twb`> http://paste.debian.net/131544/
<monkd> howdy, I installed postfix+dovecot. I'm able to receive email but not send it. I got 250-starttls and 250-auth plain login when running telnet localhost 25, ehlo localhost.
<greppy> monkd: start by looking in your /var/log/mail.log file to see why it's not sending mail.
<monkd> greppy: [62.zz.yyy.xx]:25: No route to host
<monkd> isp blocking my port 25?
<greppy> well, that would be a problem.
<greppy> could be, can you ping that IP address?
<monkd> yes
<greppy> Then yes, your ISP could be blocking outbound port 25 access as an anti spam measure.
<twb`> Some ISPs will let you opt out of that
<twb`> Otherwise you'll need to tell postfix to relay all mail via their smart server
<monkd> but shouldn't the 587 line in my master.cf also open port 587 for sending mail?
<monkd> and in my mail client I got host:587 as my smtp server?
<greppy> but to send mail out, it's trying to connect to port 25, which is the default.
<monkd> hmm.. so changing the relayhost in main.cf?
<greppy> yeah, one sec.
<greppy> monkd: relayhost = smtp.your.isp.whatever:25
<monkd> tried that. then I get a rcpt error
<monkd> wait I'll check it
<monkd> Relay access denied (in reply to RCPT TO command)
<greppy> *blink*
<greppy> relay denied by the relayhost server?
<monkd> :$
<BuenGenio> hi
<BuenGenio> mysql doesn't start after server reboot
<BuenGenio> no error messages, no logs, nothing
<monkd> greppy: can I get my ISP's MX with dig MX isp?
<BuenGenio> mysqld -v simply drops me back to shell without error
<uvirtbot> New bug: #771849 in glance "Port not parsed correctly in Swift URI" [High,Fix released] https://launchpad.net/bugs/771849
<uvirtbot> New bug: #799008 in glance "glance creates zero-length images in local file store on Ubuntu oneiric" [High,Fix released] https://launchpad.net/bugs/799008
<greppy> monkd: the MX record may not be the server they want you to send mail with.
<greppy> monkd: start poking around on their website to see what they recommend for outgoing mail settings, that is the server you want to use as your relayhost.
<monkd> shits.. greppy, I know too little about this, I confed the relayhost as my own host. and that's why I got the relay access denied
<monkd> so I have to know my isp's outgoing mail server for sending mail?
<monkd> I thought it was possible to send mail directly from my server to anywhere
<monkd> but it has to got through a relayhost?
<greppy> monkd: if your ISP is blocking outbound port 25 except to their own host, then yes, you need to relay through them.
<monkd> but isn't it possible to send via some other port for example 587?
<b0nghittr> i really was hoping to use ubuntu server. but i guess cpanel is going to force me to crapOS
<greppy> monkd: 25 is the default port for servers to talk to each other.
<greppy> not every mail server listens on other ports, or allows non-auth sending on other ports.
<monkd> why am I able to send mail to myself then? is it because of the local network?
<\sh> monkd: don't forget that most IPs from Cable, DSL, Dial-In Networks are blocked/blacklisted by other ISPs smtp servers.
<greppy> monkd: your server will accept mail for local accounts.
<monkd> so what exactly does it mean when I try to send mail out I get No route to host error, even when I can ping that ip
<greppy> from your server, try to telnet to port 25 of the ip that is saying there is no route to
<monkd> yea, it doesn't work
<greppy> bingo, need to set your relayhost to your ISPs outgoing mail server. :)
<monkd> so if I do that. and get it to work. are my emails readable to my ISP?
<koolhead11> Dead loop on virtual device bridge100 :(
<koolhead11> Daviey: another one for today!!
<greppy> monkd: they are sent through the server, so if they archive every mail that goes through them, then yes.
<greppy> but they could read them anyway if they sniff the network.
<monkd> ok I think I found the outgoing server. can I test that it is the one, without trying to conf the postfix and trying to send mail
<greppy> telnet to port 25 of the server
<greppy> see what it tells you.
<monkd> 220 balbalba service ready
<monkd> guess that's the one?
<greppy> yup
<Daviey> hey koolhead11
<monkd> greppy: is it possible to encrypt the messages and receivers, so even if they do sniff around they can't "access" the data?
<BluDog_A1chorite> i have a had drive i suspect was pulled for failure.  other than intstalling on it, and running a few smartctl passes, can anyone recomend a way to "test" the drive ?
<greppy> monkd: you can encrypt the content using gnupg/pgp/s-mime, but the recipient needs to be know how to decrypt it.
<koolhead11> Daviey: another bug for the day. i am filing it it has to do with bridge on one of the interfaces
<monkd> ok
<Daviey> koolhead11: cool
<soren> koolhead11: Ok, start over. One step at a time.
<koolhead11> okey
<koolhead11> this is my hardware on interface 1 http://paste.ubuntu.com/695033/
<koolhead11> This is my network bridge configuration on eth1 http://paste.ubuntu.com/695038/
<monkd> greppy: didn't work :D
<monkd> the relayhost is mail.inet.fi
<soren> koolhead11: Please don't redact your interfaces file. Pastebin the whole thing.
<monkd> and now I get mta.inet.fi no route to host
<koolhead11> ok.
<soren> koolhead11: Also, start by explaining what the problem is.
<soren> koolhead11: All of this is debugging information.
<AlecTaylor> WOOT - Finally have an Ubuntu Server to work with, Goodbye Windows Server 2003!
<soren> AlecTaylor: If you consider that an accomplishment, I'd be quite hesitant to offer consulting services helping other people install Ubuntu.
<soren> You don't become a mechanic by starting a car for the first time either.
<Daviey> I do.
<soren> Well, you're awesome.
<Daviey> :)
<monkd> ;>
<soren> Most people need more training.
<koolhead11> soren: http://paste.ubuntu.com/695041/
<soren> koolhead11: Your eth0 config is invalid.
<soren> "netmask 255.255.0.0" and "network 192.168.1.0" are incompatible.
<soren> Also, having eth0 and br100 in the same subnet might not be what you want.
<koolhead11> soren: http://paste.ubuntu.com/695043/
<koolhead11> soren: they are in different subnet
<soren> Not really.
<soren> 2 seconds ago they were in the same subnet.
<koolhead11> eth0 is in 10.X.X.X
<soren> Nonsense.
<soren>         address 192.168.1.5
<soren> 2 seconds ago they were in the same subnet.
<soren> Now they're in overlapping subnets.
<soren> One containing the other. I don't even know how that can make sense.
<greppy> monkd: what error did you get?
<koolhead11> okey i will get back with all details in sometime.
<soren> koolhead11: But, as I said: This is all debugging information.
<soren> koolhead11: Start by explaining what the problem is.
<koolhead11> soren:  the network configuration are same we used when we tested cactus in natty. :)
<soren> koolhead11: I never asked for you network configuration.
<soren> koolhead11: ...but when you started handing it out, I asked for it to be true.
<koolhead11> just after assigning the IP information when i boot my system i get error on boot screen saying " dead loop on virtual device br100, fix it urgently"
<soren> koolhead11: I probably don't care about it at all.
<koolhead11> and notthing happens after that.
<monkd> i put the relayhost = mail.inet.fi:25 in my main.cf and I have my own server name as smtp server in the mua. I tried to send mail and got: http://pastie.org/2573222
<koolhead11> to boot my system i have to remove that inteface information from my interfaces file while going in safe/single user mode
<\sh> monkd: you see that the IPs it resolves are different? .12 and .15?
<\sh> monkd: oh you send to mta.inet.fi (which is .12) and your isps mail server but is mail.inet.fi?
<soren> koolhead11: Ok, if this is what you want to talk about, I'm going to have to insist on your actual configuration.
<soren> koolhead11: Clearly, you've misconfigured something. If you're giving me anything other than your actual configuration, I can't (and won't) help you.
<monkd> yeah, \sh mail.inet.fi is the mail server. I don't know when mta.inet.fi is coming to play.. that's a different isp I tried to send mail to..
<\sh> monkd: looks like that mta.inet.fi is still your relayhost
<\sh> monkd: did you restart postfix after your changes to main.cf?
<monkd> sure did
<\sh> monkd: but it's not what your logfile says..it still say: I'm sending to mta.inet.fi
<koolhead11> soren: k
<monkd> tried again. checked the main.cf -> relayhost = mail.inet.fi:25
<monkd> /etc/init.d/postfix restart
<monkd> send mail
<monkd> same error
<monkd> complaining about mta.inet.fi
<monkd> should mail.inet.fi be in mydestination too?
<koolhead11> soren: http://paste.ubuntu.com/695054/
<soren> koolhead11: And "ip route"?
<AlecTaylor> How do I install+setup ssh on Ubuntu Server 11.04?
<hgb^harry> apt-get install openssh-server ;)
<koolhead11> soren: not given in the interfaces configuration
<soren> koolhead11: Er..
<soren> koolhead11: What?
<AlecTaylor> hgb^harry: Is that all that's needed, or do we need to configure some keychains?
<koolhead11> soren: this is what the cofig file is
<soren> AlecTaylor: Dude. fire up Google. In the box, type: How do I install+setup ssh on Ubuntu Server 11.04?
<soren> AlecTaylor: Click the first link.
<soren> AlecTaylor: If you still need help, *then* come here and ask.
<soren> koolhead11: HAng on, how did you get to that config file?
<soren> koolhead11: You said you coulnd't boot because of it.
<koolhead11> soren: i had to go in single user mode. and disable the eth1 intefrace entry.
<soren> So this is the config that works?
<koolhead11> soren: i have to disable this entry of eth1 in order to get my system into normal boot
<soren> koolhead11: The configuration you've shared has no eth1 entry.
<soren> koolhead11: So if you're using  http://paste.ubuntu.com/695054/ everything is fine?
<kiranmurari> soren: koolhead11 meant br100
<koolhead11> soren: the one mapped  to eth1
<koolhead11> so only entry with eth0 the system works
<koolhead11> now once am booted then manually i configure http://paste.ubuntu.com/695054/
<koolhead11> to get my bridge working via eth1
<soren> Ok. So if you "sudo ifup br100" now, what happens?
<koolhead11> soren: ifup br100 ifup: interface br100 already configured
<koolhead11> because i manually added eht1 and br100 and then restarted the network
<soren> So this is only a problem on first boot?
<uvirtbot> New bug: #856309 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/856309
<koolhead11> soren: yes whenever i boot. which means if i reboot my system with eth1 configuration i will again get the same "dead loop" error
<koolhead11> and to overcome that i have to again boot in single user and remove the entry
<soren> ok..
<soren> Is there anything else you think might be relevant that you've also not yet pointed out?
<koolhead11> soren: Linux server1 3.0.0-11-generic #18-Ubuntu SMP Tue Sep 13 23:38:01 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
<koolhead11> i have allready given the harware information
<soren> I meant about the problem.
<koolhead11> soren: nope. next issue is with nova-network.
<soren> I don't want to spend another 20 minutes asking questions and then have you tell me that it also goes away if you take all the network cables out or something.
<soren> You say when it boots with this, it echoes this error "11:02 < soren> koolhead11: I probably don't care about it at all."
<soren> What does that mean, exactly? What are you expecting to happen that doesn't happen?
<soren> Whoops
<soren> That came out entirely wrong.
<soren> You say when it boots with this, it echoes this error "11:03 < koolhead11> and notthing happens after that."
<soren> What doesn't happen? What doesn't work? What makes you think it's frozen?
<koolhead11> soren: it should normally boot when i have eth1 info configured on it, right?
<soren> A misconfigured network usually shoulnd't cause the system to freeze, no.
<koolhead11> it throws error on boot " dead loop on virtual device br100, fix it immidiately"
<koolhead11> that it
<koolhead11> notthing happens after that
<soren> 11:38 < soren> What doesn't happen? What doesn't work? What makes you think it's frozen?
<soren> What did you expect to happen?
<soren> Why should anything "happen"?
<koolhead11> soren: my system should normally boot and give my console screen :D
<soren> So you usually get a login prompt, but when this happens, you don't get a login prompt.
<soren> Is that accurate?
<koolhead11> indeed
<soren> Did you check the other virtual consoles?
<soren> Did you check the logs to see if the system still is active during this time?
<koolhead11> soren: there is no access to any of the consoles. the only message i get is :-
<koolhead11> [28.500035] Dead loop on virtual bridge device br100 fix it immidiately"
<koolhead11> it keeps coming on the screen
<koolhead11> with [] value changing
<soren> ....
<soren> If it's frozen, how can it keep printing errors?
<koolhead11> soren: as in am not able to do any operations on it :(
<zul> Daviey: yeah so ill backport the iscsitarget branch when it gets accepted
<Syria> Hello! I have hired A VPS with Ubuntu server 10.4.3 lts installed on it. Can I use that VPS as a proxy for browsing the internet?
<maswan> yes
<maswan> you need to either install a proxy or vpn software on it then and configure your client to use that
<soren> Or just use ssh's SOCKS implementation.
<Syria> soren:  How can I do that please?
<Syria> soren:  Because it seems to be easier than installing a vpn software and configuring it.
<maswan> true, I guess sshd is already installed, no need to look for something else
<soren> Syria: E.g. "ssh -D 1234 username@server"
<soren> Syria: Complete the login.
<soren> Syria: Tell your browser to use a SOCKSK proxy on localhost on port 1234.
<koolhead11> soren: should i file it bug or leave it ?
<soren> Done.
<soren> koolhead11: I think you should file a bug about this. Don't waste time on the hardware specifics and whatnot. Just include the problem description.
<soren> Don't leave *Anythin* out of the problem description.
<koolhead11> okey. done will do :)
<soren> Specify what happens, when it happens, what you expected to happen, etc. etc.
<koolhead11> soren: and the nova-network issue is related to same i suppose
<koolhead11> i will do
<Syria> soren:  can I know why 1234?
<soren> Syria: Because it's the first number that popped into my head.
<Syria> soren:  I will test this now it seems so easy!
<soren> Syria: You can use any number you please (provided it's between 1024 and 65535)
<soren> (inclusive)
<Syria> soren:  ssh -D 9050 [username]@[remote.server.name]  should i use this example?
<Syria> soren: !!! you gave me the same example.
<Syria> :S i did not notice.
<Syria> soren:  It works!!!
<Syria> soren:  Thank you.
<soren> Sure
<Syria> soren:  How can i know if other users are doing this using the VPS?
<Syria> Is it possible?
<soren> Syria: Depends on how badly you want to know.
<Syria> soren:  It is not that important.
<Syria> soren:  Thnx for everything. :D
<soren> Sure.
<soren> smoser: Are the images on http://cloud-images.ubuntu.com/server/oneiric/current/ supposed to be usable in plain kvm?
<smoser> yes.
<smoser> they'll complain to the serial console that they can't find a meta-data service.
<smoser> you can deal with that in a number of ways with or without human intervention on boot.
<soren> How do I log in?
<soren> smoser: or is that not supported? :)
<smoser> hold on
 * soren holds on
<smoser> soren, at https://help.ubuntu.com/community/UEC/Images you should see some doc on booting in kvm
<smoser> thats related to the partition images (the .tar.gz files).
<smoser> the same command line options appply, and you can still use the floppy (i think) to boot from to get you a menu option
<smoser> hm... but it seems like that page has changed osme in ways i'd not like to advertise (uncloud-init)
<soren> smoser: Ok. When I boot it, I just get a login prompt.
<smoser> were you hoping for x ?
<soren> smoser: ...and I hadn't wired up the serial port, but I guess I'll just have to do that to get the password.
<soren> smoser: No, login prompt is fine... but the password isn't shown there.
<smoser> ah.
<smoser> so here is what i would really suggest. i just tested on daily
<smoser>  * download current/oneiric-server-cloudimg-amd64-disk1.img
<soren> Done
<smoser>  * qemu-img create -f qcow2 -b oneiric-server-cloudimg-amd64-disk1.img disk.img
<smoser>  * kvm -drive file=disk.img,boot=on,if=virtio
<soren> Well, I'm using libvirt, but whatever.
<smoser>  * at grub boot, go in and append to kernel command line: ds=nocloud-net s=http://tinyurl.com/sm-
<smoser> that makes cloud-init read http://smoser.brickies.net/ubuntu/uec-seed/user-data
<soren> You now that's a link to something on e-bay, right?
<smoser> and http://smoser.brickies.net/ubuntu/uec-seed/meta-data
<smoser> i assumjed you wanted to buy that thing on ebay :)
<soren> It's been removed. What was it, what was it?
<smoser> you can register similar urls
<smoser> i have no idea
<soren> Aw.
<smoser> wait.
<smoser> i pasted badly
<smoser> it makes it read: http://tinyurl.com/sm-user-data and http://tinyurl.com/sm-meta-data
<smoser> for metadata and user-data
<smoser> so you can get similar urls and use that. then you can enable password login through cloud-config.
<smoser> http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt
<soren> This is a little much for my little brain right now.
<smoser> its really not that bad. i promise.
<smoser> alternatively if you boot off of the floppy disk that is in the tarball, it will give you prompts that have some of this stuff filled out.
<soren> What's "ds" short for?
<smoser> datasource
<soren> Ah.
<soren> And "nocloud-net" means..
<smoser> s short for 'seed'
<smoser> well "nocloud" as in you aren't under a cloud provider
<soren> Right.
<smoser> and net means that it should run when network is up
<soren> So that makes it use the s= parameter?
<smoser> well, the s= will also be read from 'ds=nocloud'
<soren> Right.
<smoser> but not guaranteed to be done so before network is up
<smoser> err... after network is up
<soren> Ah.
 * soren ponders
<soren> Having to interrupt grub is a pain.
<smoser> the third option is to use the ovf data source
<smoser> i agree about grub
<smoser> you create a cdrom with some data on it, and cloud-init sees that as the data source.
<smoser> but now you're going to ask me how to do that.
 * soren concocts way to extract the kernel from the image.
<smoser> well, the kernel is available in the tarball
<soren> I don't have a tarball.
<soren> I have the img
<smoser> right.
<smoser> but that requires both having root, and knowing what command line options are. which, obviously you know, but is pronte to breakage.
<soren> Won't using the tarball require knowing what the command line options are, too?
<smoser> well, the boot floppy kind of knows that, but yes.
<soren> Oh, right. The boot floppy.
<soren> I can't believe I just typed "floppy".
<soren> It's 2011.
<smoser> are you opposed to the http://tinyurl/ stuff ?
<soren> Not per se.
<smoser> ok. then this is pretty easy i think
<smoser> with ovf cdrom
<smoser>  * download http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt
<smoser>  * rename to ovf-env.xml
<smoser>  * modify the 'seedfrom' to your liking
<smoser>  * mkdir my-iso
<smoser>  * mv ovf-env.xml my-iso/
<smoser>  * genisoimage -o transport.iso -r my-iso
<smoser>  * kvm -drive file=disk.img,boot=on,if=virtio -cdrom transport.iso
 * smoser tests this
<soren> Just having the cd be there makes it use it?
<soren> No need to pass anything extra?
<smoser> yes.
<zul> good morning
<smoser> soren, i just booted that way here.
<smoser> and it says "successfully authorized [smoser]" (ie, it grabbed my ssh keys from launchpad)
<smoser> if you're opposed to the need for network, then you can actually shove base64 encoded user-data into the 'user-data' field in the ovf-env.xml
<smoser> i should probably get a tinyurl that simply sets password to something and document this as a functional demo
<smoser> :)
<soren> smoser: I'll take it for a spin.
<soren> smoser: It takes a *long* time before the login prompt pops up.
<ersi> I'm getting a lot of "kernel: [7170012.183313] lo: Disabled Privacy Extensions" messages on my Ubuntu 10.04 server. It seems to be related to IPv6? How do I fix this spamming?
<soren> smoser: Hm... Maybe I did it wrong.
<patdk-wk> ersi, why did you enable privacy extensions on lo?
<ersi> patdk-wk: AFAIK I have not done such a thing.
<ersi> Where would one have enabled that, in the first place? :o
<patdk-wk> sysctl net.ipv6.conf.all.use_tempaddr
<patdk-wk> also replace all with default and lo
<smoser> soren, hm...
<smb> Enabled on normal interfaces , but loopback is special. Frankly they removed that "hint" in newer version
<soren> smoser: Ok, here's what I did.
<patdk-wk> sysctl net.ipv6.conf.lo.use_tempaddr = -1, on my system
<ersi> patdk-wk: It's set to '0'.
<soren> smoser: I created a file with a single line in it: "password: ubuntu"
<smoser> soren, 2 thinkgs. 1, it seems that sometimes when using that image, initramfs kind of hangs. i think this is due to disk being really slow reads (due to compression)
<soren> smoser: And used that as my "xml" file.
<smoser> soren, that wont work.
<ersi> patdk-wk: sysctl net.ipv6.conf.lo.use_tempaddr is set to -1 though.
<patdk-wk> odd
<soren> smoser: That's what you told me to do. Sort of.
<soren> Isn't it?
<ersi> patdk-wk: and I havn't set it in /etc/sysctl.conf or so.. :o
<ersi> seems to be.. a default value? >_<
<ersi> oh well, I'll set it to 0 then
<smb> ersi, That message is more of a hint. Rather ignore it. It does not happen really often
<ersi> smb: It happens very often on this machine
<zul> ttx: did the arping changes make it in?
<patdk-wk> ersi, odd, many people saying it's a vsftpd issue
<ersi> Hmmmm, I do have vsftpd running on this machine
<smb> patdk-wk, I think it used to be as vsftp makes a new net namespace on every connection
<smb> Though I would have guessed it would stop now as we disabled that in recent kernels
<ersi> Ah! Hah :) isolate_network = no should make it stop
<ttx> zul: should have
<patdk-wk> smb, dunno if he is updated though :)
<smb> patdk-wk, True. :)
<patdk-wk> though, I don't have that issue and running vsftp :)
<soren> smoser: You said to grab that cloud config file.
<smoser> soren i meant to modify the http://tinyurl.com/sm-
<ersi> Uhm, yeah. Seems I'm not totally updated on that machine either
<ersi> smb, patdk-wk ^
<soren> smoser: Ok, now you've lost me.
<Fantec_> hello
<Fantec_> is there any doc that list needed kernel options to compile ?
<soren> smoser: Completely :)
<smb> patdk-wk, If you run a recent kernel we had to remove the ability to do a net ns on clone because cleanup is way too slow
<Fantec_> (11.04 just stop at init with own kernel, a init=/bin/bash is OK)
<smoser> soren, in that xml, there is a 'seed' attribute/element/whatever
<Fantec_> s/own/my own/
<smoser> modify that to point to one of your own with similar data.
<soren> smoser: What XML?
<soren> smoser: Did you perhaps paste the wrong link?
<smb> ersi, So isolate_network = no should help there
<soren> 12:46 < smoser>  * download http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt
<soren> 12:46 < smoser>  * rename to ovf-env.xml
<smoser> soren, yes
<smoser> :)
<smoser> hga
<smoser> gah
<smoser> sorry
<ersi> smb: Indeed. I've changed my config to reflect that. Thanks :)
<soren> smoser: :(
<soren> smoser: Can I pass stuff to cloud-init on a CD?
<smoser> download http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/ovf/environment.xml
<smoser> yes.
<soren> Whee.
<smoser> i just gave the wrong url.
<smoser> use that, modify the 'seed'
<soren> No, no, I mean..
<smoser> you can read that, and it will also tell you how to put user-data in.
<soren> Oh.
<soren> Gotcha.
<smoser> but you have to base64 encode it
<smoser> :-(
<soren> I can manage tha :)
<smoser> so... would you open a feature request for "simple user-data/meta-data on cdrom" ?
<smoser> if you think that would be useful.
<smoser> s/feature-request/bug/
<smoser> it also seems that sometimes i'm getting dns resolution issues
<smoser> in OVFDataSource with seedfrom
<smoser> probably because kvm's guest networking that i'm using is just not really ready at that point although it has given my guest a ip address.
<soren> smoser: I see a bunch of errors on the serial console that it can't find the meta-data service.
<soren> smoser: I thought if I passed that CD-ROM it wouldn't waste time on that.
<smoser> i think you're hitting the dns resolution failure
<smoser> are you using seedfrom ?
<smoser> if you're not, then take it out.
<soren> I'm not.
<soren> Oh.
<soren> The OVF data source thing raised an error.
<soren> Maybe I screwed up the XML.
<smoser> i think what is happening is that it sees the seedfrom, and is trying to get it
<soren> ER,,
<smoser> it then fails on dns resolution but does not retry
<soren> Erm... Yeah, my fault entirely this time :)
<smoser> and then bails. then DataSourceEc2 takes over.
<soren> Whee.
<soren> That was way faster. Great.
<smoser> soren, one thing you might want to do, if you're going to do this....
<smoser> is to qemu-img convert  it to raw
<soren> I'm doing that right now.
<smoser> i think that will stop some of the hangs in initramfs
<soren> :(
<smoser> even qcow2 would be fine
<smoser> just drop the compression
<smoser> i think its just racey and seems to be a slow disk
<smoser> :-(
<zul> gah launchpad hasnt updated yet ill just grab the tarball
<AlecTaylor> Where is the binary for the "Terminal" app? - I can't get the mouse to work, so I'm browsing /bin for it
<rbasak> AlecTaylor: /usr/bin/gnome-terminal
<AlecTaylor> Thanks
<koolhead11> soren: https://bugs.launchpad.net/ubuntu/+bug/856417
<uvirtbot> Launchpad bug 856417 in ubuntu "Dead loop on virtual device br100, fix urgently." [Undecided,New]
<AlecTaylor> Hyper-V: Are there tools available that let me use the mouse in the VM?
<soren> AlecTaylor: Wrong channel.
<soren> AlecTaylor: In so many ways.
<soren> AlecTaylor: Hyper-V is not us, and ubuntu server has no use for a mouse.
<soren> koolhead11: It doesn't cease. It keeps outputting that error over and over again.
<AlecTaylor> soren: My client added GUI support :\
<patdk-wk> who is hyper-v?
<AlecTaylor> MS
<koolhead11> soren: it ceases after outptting that error message for n-number of time.
<zul> Daviey: im pending approval for ubuntu-server-dev?
<zul> oh nm
<AlecTaylor> "/etc/rc.d/init.d/functions: No such file or directory" <--- Where do I find this to install?
<patdk-wk> you don't
<patdk-wk> isn't that like a redhat thing?
<AlecTaylor> dunno, trying to install a package, that's the debug output
 * AlecTaylor thinks it might be in the 'lsb' package
<smoser> SpamapS, around ?
<smoser> i'm booting a cloud-image in kvm locally (using 'guestnet', which is questionable).
<smoser> but on boot /etc/resolv.conf is empty, but network is up (i think)
<smoser> checking that.
<smoser> soren, ok. so i figured out what was going wrong before when we were modifying cmdline params. i had given you bad data (for the Nth time).
<smoser> if you want to do it that way (which i realize the cdrom is so much more usable in many ways), then you need to append to the cmdline this:
<smoser>  ds=nocloud-net\;s=http://tinyurl.com/sm-
<smoser> you have to either quote that to protect the ';' from grub cmdline parsing or backslash the ';' as shown above.
<jibel> smoser, utlemming could you update the iso tracker with results from ec2 testing  ?
<smoser> jibel, yeah.. i'll get to that now.
<jibel> smoser, great, thanks
<RoAkSoAx> kim0: pin
<RoAkSoAx> kim0: ping
<kim0> RoAkSoAx: hey
<kim0> RoAkSoAx: what's up
<RoAkSoAx> kim0: so I';m writing orchestra documentation that will include how to use juju with it
<SpamapS> smoser: here now, sup?
<smoser> hm..
<smoser> i wonder what i was goin gto say
<smoser> i think most of it was lockal issues.
<smoser> but it seems that if i boot on my laptop, with qcow-compressed disk image, i can more reliably see boot race issues.
<SpamapS> smoser: resolve.conf ?
<smoser> that one was wierd
<smoser> i think that for some reason dhcp was unable to update resolv.conf
<smoser> but i can't reproduce it.
<smoser> well, i can't in a way that i can look at it.
<SpamapS> So whats the other boot race?
<smoser> well, initramfs and such sometimes hang. i think thats the udev issue.
<smoser> but i'm not seeing either one reliably now
<smoser> :)
<kim0> RoAkSoAx: sure thing .. if I can help somehow, feel free to involve me
<smoser> SpamapS, there.
<smoser> so i recreated a failure of /etc/resolv.conf not existing
<smoser> while ifup worked and i have a functional network otherwise
<smoser> SpamapS, you have thoughts on what i should look for here as to why this would have failed ?
<AlecTaylor> http://askubuntu.com/questions/62556/cant-use-mouse-hyper-v-with-ubuntu-server-11-04
<smoser> timestamps in /run/network seem reasonable
<skaet> smoser, utlemming - any reservations on the cloud images?
<smoser> skaet, no.
<smoser> but i would like to hear from utlemming , i've not seem him today
<skaet> smoser,  who should I coordinate with for push the button publishing timing?   you or smoser?
<skaet> urk
<skaet> utlemming?
<skaet> :)
<smoser> well.... me since he's not here. and i'm going to make sure we're pre-published, or do that if we are not.
<skaet> smoser,  coolio.
<SpamapS> smoser: dhclient is most likely the culprit
<SpamapS> smoser: my guess would be that it doesn't consider failing to write resolv.conf a failure so we're not getting an error state... maybe you can get ifupdown to run it with debugging on or something
<smftre> hey guys, can anyone help me get my wireless to connect to my accesspoint!?
<SpamapS> smoser: that said.. I use kvm to test a *lot* ... and have had no issues. I use it through virt-manager though.. what is 'guestnet' anyway?
<smoser> skaet, we are pre-published.
<smoser> just ping me in ubuntu-release when your'e ready and we'll push 'go'.
<aot2002_> How can I tell if libxml2 is installed twice diff versions?
<smftre> anyone?
<smoser> SpamapS usermode networking
<smoser> SpamapS, and you dont use a qcow compressed image as the backing disk
<smoser> so disk read-io is all sorts of different
<skaet> smoser,  will do.  Thanks.
<smoser> but it should not fail to write /etc/resolv.conf
<smoser> here is a hint maybe: http://paste.ubuntu.com/695178/
<smoser> notice that app armor message about profile_replace on /sbin/dhclient is 1.5 seconds after cloud-init ran (which should only happen after network is up)
<skrite> hey gents, what is the most simple way to get an email server up and running if i don't care about quotas or spam filters ( they are machines that will communicate by email with usernames and passwords)
<hggdh> smoser: I am getting in late, and beg pardon in advance. But the EC2 EBS multi-instance run -- will it be executed?
<smoser> hggdh, no
<smoser> it never has been
<smftre> can anyone setup wireless on ubuntuserver?
<hggdh> smoser: so should we update the tracker?
<smoser> what do you mean ?
<smoser> i am updating results as we speak
<hggdh> smoser: oh. Then I will stop...
<smftre> I'm getting Unknown error 132? anyone?
<SpamapS> smoser: that pastebin you showed.. thats network manager.. what are you testing?
<M^jseongtae76> Hello, everyone
<smoser> SpamapS, that is strange. there is no network manager installed in cloud-image
<Haro> hi
<Haro> I could use some advice here. I'm setting up a 1U HP server, I configured its RAID controller to turn my 2 HDDs into a RAID1 volume. The controller looks fine. When I try to install Ubuntu Server though, it sees 2 HDDs and asks me which one I want to install it on.
<M^jseongtae76> Hrllo,everyone
<smoser> yeah, and those files (conmann and network manager) do not exist
<Haro> how come it's seeing more than one volume?
<M^jseongtae76> Hello, everyone
<M^jseongtae76> My apache2 server is not work
<M^jseongtae76> I moved my DocumentRoot to my other hard disk
<M^jseongtae76> I think my hard disk's permission is wrong
<uvirtbot> New bug: #856530 in nova (main) "nova user should not be in the nogroup group" [Undecided,New] https://launchpad.net/bugs/856530
<M^jseongtae76> error message is 404 Forbidden
<M^jseongtae76> Anybody, give some help?
<SpamapS> [    8.199102] type=1400 audit(1316705930.125:6): apparmor="STATUS" operation="p
<SpamapS> rofile_replace" name="/usr/lib/NetworkManager/nm-dhcp-client.action" pid=677 com
<SpamapS> m="apparmor_parser"
<SpamapS> smoser: ^^
<antares79> Haro: it sounds like your RAID controller is not a real hardware RAID controller. Have a look at dmraid.
<Daviey> adam_g_: So, the block migration requires libvirt config changes, which i believe i have now done.. but still no dice.
<smoser> SpamapS, what are you saying ?
<smftre> M^jseongtae76: goodluck, people dont help over here...
<SpamapS> smoser: that was just my evidence of network manager.. which surprised me to see.
<Haro> antares: would dmraid get me a RAID1 config if I only have 2 HDDs? Or would I need another to use as a system drive?
<smoser> SpamapS, right. i knew that.
<smoser> but it seems app armour is wanting to process those, even though those files arent there.
<smoser> i'm nto sure why that would be
<adam_g_> Daviey: as of last night, DHCP isn't working on the test setup with one network/nic. id rather we get that figured out before worrying about block migration.
<smoser> i think its red herring, but i was a fraid that the dhclicne was occuring after cloud-init had stopped
<smoser> because clearly if app armour needed to do something for dhclient, that needs to have happened before it runs.
<RoAkSoAx> adam_g_: dhcp in orchestra?
<SpamapS> smoser: not really, apparmor loaded after an executable just means it won't apply to the running executable
<adam_g_> RoAkSoAx: no, dhcp in nova
<smoser> well, yes, which kind of means its not going to help anything
<SpamapS> smoser: sounds like whats really worrying you is that cloud-init terminated and then eth0 was brought up 8 seconds later, right?
<antares79> Haro: dmraid is sort of like a driver for the kind of RAID controller you have. You setup your RAID using the controller BIOS, and dmraid should recognize and use it.  I never had the need to use it myself, so I can't tell you much about configuring it. Your first step should be to find out if dmraid supports your controller.
<smoser> in this case, it probably means that dhclient ran un-guarded, and thus was *more* likely to have been able to write to /etc/resolv.conf, but i was thinking that maybe it had some restricted profile, then after processing it would have gotten a morem open one.
<RoAkSoAx> adam_g_: maybe having orchestra's dhcp is affecting somehitmg?
<smoser> SpamapS, no.
<smoser> you're talking about the 'eth0: no IPv6" message?
<adam_g> RoAkSoAx: nope. http://bazaar.launchpad.net/~hudson-openstack/nova/trunk/revision/1607 switched some stuff that break our single network setup.
<RoAkSoAx> adam_g: ahh ok
<Haro> antares: OK, but can I do a dmraid RAID1 just 2 HDDs? I install Ubuntu on HDD #1. I then set up dmraid, and do what you're suggesting, using both HDDs (I make a partition out of theu nused HDD1 space). I let dmraid do its thing and mirror stuff. What happens if I unplug HDD1? Is HDD2 going to boot Ubuntu and let me access my data?
<antares79> Haro: have a look at this: https://help.ubuntu.com/community/FakeRaidHowto
<lynxman> morning everyone o/
<rbasak> Should "virsh list" be able to hang?
<antares79> good evening, good sir!
<antares79> rbasak: no it shouldn't. But I've had that happen to me, too. It looked like apparmor's fault, but I'm not sure, after two reboots, the problem solved itself...  can you run virsh by itself?
<rbasak> antares79: sorry I've just tried a reboot so it's gone. I'll try next time. It seems to keep happening to me.
<rbasak> actually the reboot didn't work, which seems to be another problem
<rbasak> "sudo virsh" then "list" hangs on the list.
<antares79> rbasak: oh, so the virsh shell opens all right? that's a different issue then
<rbasak> yeah it opens fine
<antares79> ok. i'd probably check if the sockets libvirt uses look like they should (in /var/run/libvirt). Otherwise I don't have a clue how to debug that one. Maybe check for D state processes or strace virsh
<rbasak> Looks like it's waiting on a read poll on /var/run/libvirt/libvirt-sock (or a write to fd 6, which I can't find what that is)
<antares79> ls -l /proc/`pidof libvirtd`/fd/6 should tell you
<Daviey> adam_g_: Do you want to continue smoking the block migration?
<rbasak> oh yeah thanks
<rbasak> it's now working though :-/
<rbasak> This is frustrating
<antares79> yeah, I hate it when stuff works :-)
<rbasak> I did virsh list instead of sudo virsh list
<Daviey> adam_g_: Ah!  Doesn't seem to be listening on the tcp port
<rbasak> it's blocking on a read poll on either 5 or 6. 5 is /var/run/libvirt/libvirt-sock, 6 is a pipe
<antares79> so it's working when run as root, but not as a regular user?  is the user member of the libvirtd group?
<adam_g> Daviey: whats not listening? libvirt?
<Daviey> adam_g: yeah
<rbasak> no, it's working (gives an empty list) as a user, but hangs as root
<Daviey> Grr
<antares79> ok that's weird
<rbasak> restarting libvirtd seems to have fixed it
<rbasak> maybe some weird interaction with nova
<raubvogel> openldap's default (as in created when you install slapd) homedir is created in /etc/passwd as something like /var/lib/ldap, and not as /nonexistent, right?
<Daviey> adam_g: nah, still failed
<hroberts> can someone here help me with a CUPS issue on Ubuntu 11.04 (not server), noone in ubuntu or CUPS answers
<hroberts> or can you point me to the proper channe
<hroberts> l
<RoyK> hroberts: this is a server channel, so I seriously doubt it.
<RoyK> #ubuntu or #cups should be the ones
<Dice-Man>  /j #ubuntu ?
<RoyK> just remember that people might not know what you're looking for
<hroberts> thanks no one there is answering me they just ignore the question
<TheEvilPhoenix> hroberts:  you need to be highly patient
<RoyK> be patient...
<TheEvilPhoenix> !patience > hroberts
<ubottu> hroberts, please see my private message
<zul> so its fixed? :)
<KM0201> hroberts: i doubt they are ignoring, just likely nobody knows the answer (i'm not that familiar w/ CUPS)
<hroberts> thanks
<koolhead17> diablo is finally out!!
<ersi> hroberts: I'd go and poke CUPS documentation or FAQs
<koolhead17> RoyK: hey
<ersi> Also, asking to ask is not a reciept for answers :P
<zul> jdstrand: there is an upstream branch to drop socat in favor of netcat fyi
<RoyK> koolhead17: ehlo
<koolhead17> RoyK: wassup?
<hroberts> ersi: not asking to ask, just typing question over and over
<ersi> That's not a reciept for getting an answer either
<ersi> but you did ask, to ask - here. :P
<ersi> (I'm not bashing you, just giving you a few friendly hints)
 * RoyK just ordered a Packard Bell Liberty Tab priced at NOK 2k
<jdstrand> zul: excellent! :)
<kirkland> kim0: jcastro: hey guys, do you know cole?
<kirkland> kim0: jcastro: he's looking for some PDFs or slides that give a decent overview of Ensemble
<jcastro> sure
<jcastro> I can send him the entire stack of a few
<kim0> kirkland: everything is in that U1 folder
<kim0> yep
<kirkland> kim0: is that publicly shareable?
<kim0> kirkland: jcastro can grant access
<kirkland> kim0: outside of Canonical?
<jcastro> what's his email, I can send him the main one that's like "the important one to know"
<kim0> hmm .. it's probably better to be selective
<kim0> yeah
<kirkland> jcastro: I'll email you
<jcastro> rock
<GeorgeJ> Hello folks! I'm having some strange isues with a network bridge. I'm trying to setup bridged networking for a KVM guest OS. So far so good, I've created a network bridge(br0) as suggested in most tutorials I've read, set it up, installed the guest os(ubuntu server 11.04, same as the host). The bridge works for a while then stop
<GeorgeJ> I can ping the host from the guest and vice-versa, but no communication with the outside is working untill I do a full reboot of the host. I can find nothing in the syslog
<GeorgeJ> What could cause the bridge not to forward packets?
<koolhead17> GeorgeJ: you mean  to say bridge on one of your interfaces ceases whole system? If my understand is correct
<koolhead17> *understanding
<GeorgeJ> Only the communication between the VM and the network stops, the communicatino between the VM and the host still works
<Dulcin> Hi, for some reason I am unable to chmod through ftp, with vsftpd. I have set chmod_enable=YES (though docs say default is yes) and uncommented the local_umask=022 line. Not sure what the problem is
<Dulcin> anyone familiar with this?
<Dulcin> do i have to add the user to an ftp group or something?
<dob_> are u using phpmyadmin package or manual install? How do you restrict it to a single vhost?
<dob_> Just delete phpmyadmin.conf in /etc/apache/conf.d and add it to the vhost.
<dob_> Will that be replaced after a update of phpmyadmin?
<Dulcin> me?
<dob_> Any suggestions?
<Dulcin> whats the problem?
<dob_> Best practice on how to restrict access to my phpmyadmin installed via package or install it manually. Thought using the package, cause of the security updates.
<creatorbri> Question: Can someone assist me in setting up key-only root SSH access to my Ubuntu server, from a Windows app?
<creatorbri> I'm a little rusty :/
<dob_> creatorbri: Installed putty agent?
<creatorbri> ah.. well I use Absolute Telnet, but if its easier to work off of putty I can grab it and translate after..
<creatorbri> I'm assuming the steps will be similar.
<TheEvilPhoenix> wth are you  doing telnetting into an SSH server >.>
<dob_> creatorbri: You can not use telnet to ssh
<creatorbri> lol
<creatorbri> Absolute Telnet is just the name of the app, folks. Its a multi-tool of sorts.
<creatorbri> pretty sweet actually, for a one-man-racket commercial app.
<creatorbri> anyway. Putty!
<dob_> i have no idea about your special telnet, but you need the putty key agent.
<TheEvilPhoenix> ^
<dob_> creatorbri: Install the complete suite! Not just the putty client exe.
<dob_> http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.61-installer.exe
<creatorbri> pageant, check!
<creatorbri> yep, got it, thanks dob!
<dob_> ur welcome
<creatorbri> so now I generate a key using PuttyGen. Then I'm a little hazy on what goes over to the server I'm trying to access, and how to set that up
<creatorbri> I know, I'm being newbish, keys are just not something i've dealt with in a long long time
<SpamapS> creatorbri: the public portion needs to be imported into $HOME/.ssh/authorized_keys
<SpamapS> creatorbri: IIRC, puttygen doesn't save them in openssh format, so you probably need to do something like this
<SpamapS> ssh-keygen -i yourkey.pub >> ~/.ssh/authorized_keys
<Dulcin> Hi, for some reason I am unable to chmod through ftp, with vsftpd. I have set chmod_enable=YES (though docs say default is yes), anyone any idea what the problem might be?
<SpamapS> Dulcin: maybe you don't have write perms on the directory?
<creatorbri> SpamapS: There's a bit of a complication in here -- until I get this setup, I only have direct console access to my server, not SSH access (yet); is there a way to "copy-paste" the key data?
<SpamapS> creatorbri: cat > yourkey.pub
<SpamapS> creatorbri: when the content is there, hit <enter> then ctrl-D
<creatorbri> SpamapS: Are you talking about doing this on the server or client?
<SpamapS> creatorbri: ctrl-D, btw, is "EOF"
<SpamapS> creatorbri: do that on the server
<uvirtbot> New bug: #856726 in rabbitmq-server (main) "Rabbitmq warns about migration from old release even on new install" [Undecided,New] https://launchpad.net/bugs/856726
<SpamapS> creatorbri: another cool thing you can do is use ssh-import-id your-launchpad-userid
<SpamapS> creatorbri: or just put the file somewhere public and wget it. ;)
<creatorbri> SpamapS: Would you mind elaborating on ssh-import-id?
<Dulcin> SpamapS: Should I change the permissions on the www folder then through ssh?
<Dulcin> SpamapS: even with 777 it still fails
<Dulcin> all I can see in the logs is that it fails (in /var/log/vsftpd.log)
<SpamapS> creatorbri: launchpad accounts can have ssh keys associated (for working with branches). You can attach your public key to your launchpad account, and then ssh-import-id will download it from launchpad.. its a very convenient way to have your keys distributed. :)
<SpamapS> Dulcin: can you paste the log somewhere?
<Dulcin> SpamapS: http://paste.ubuntu.com/695268/
<SpamapS> Dulcin: so yuga is allowed to chmod, but jos is not?
<Dulcin> well, she's actually the one that mailed me that her chmod was not working, maybe she was able to fix it somehow, but I just looked into it now and I'm not able to
<Dulcin> she mentions "One more thing -- when I upload files via ftp, permissions to these files are set the way it's impossible to read them by anyone except the root user, which is inconvenient a bit."
<SpamapS> Dulcin: I would still suspect the underlying dir perms.. but if its 777.. thats confusing. :p
 * kirkland ssh-import-id's SpamapS :-)
<SpamapS> Dulcin: honestly.. FTP is a dinosaur, why aren't you guys using SSH?
 * SpamapS shreds ~kirkland
<Dulcin> SFTP?
<Dulcin> we are using ssh
<Dulcin> ftp just for uploading it, i guess i could move to sftp
<SpamapS> Dulcin: SFTP and/or SCP are far more useful and safe.
<SpamapS> I seriously wish ftp would die in a fire. :p
<Dulcin> is vsftpd also a daemon for sftp?
<Dulcin> looks like sftp works too, but same problem:
<Dulcin> set attrs for /var/www/index.html: permission denied
<Dulcin> I'm a sudo user, should i add my user to a specific group or something? or should it work out of the box?
<Dulcin> I checked the vsftpd.conf but it is not very helpful
<ikonia> Dulcin: what are you actually trying to do ?
<Dulcin> chmod through ftp/sftp :D
<ikonia> Dulcin: chmod outside ftp, ftp/sftp is for up/downloading files
<Dulcin> why not use sftp for it as well if the options are there?
<Pici> Changing file attributes should still work within them though.
<creatorbri> SpamapS: I just discovered that when you generate a key with PuttyGen, it actually gives you the output "for pasting into OpenSSH authorized_keys file" :)
<SpamapS> creatorbri: sweet
<ikonia> the ftp chmod it very dodgy, especially in a chroot environment
<ikonia> hence why no-one uses it
<Dulcin> i want to use it :(
<ikonia> why make it hard ?
<SpamapS> Dulcin: that you can't do it with sftp as well further speaks to possible restrictions outside the normal permission bits.
<ikonia> just set the file systems permissions correctly, and the user permisions correctly and it should be a smooth and clean process
<SpamapS> Dulcin: sftp is provided by sshd and has nothing to do with vsftpd (Or the FTP protocol at all)
<Dulcin> ah i see
<Dulcin> if I seem unspeakably plain, I just started setting up a server for the first time last weekend, maybe I'm just too used to what I know best
<Dulcin> i guess i can chmod everything through ssh
<bau_> hi all, i have a problem with my server: yesterday evening i could access to shared folders via lan using samba, but now I can't see the server but i can ssh and ping it... what's wrong?
<ikonia> samba service not running ?
<bau_> i made sudo service smbd stop and sudo service smbd start
<ikonia> what happens when you try to map a network drive to it (I'm assuming the client is windows)
<cloakable> Does it actually start the service?
<ikonia> a better question
<bau_> cloakable, don't know it shows me this message: smbd start/running, process 8676
<bau_> ikonia, can't access from ubuntu client too
<ikonia> what happens when you try to mount the remte share
<bau_> ikonia, unable to mount location
<cloakable> bau_: have you run a network scan over the server to see if the port is open?
<bau_> cloakable, how can i do it?
<genii-around> typically with nmap
<cloakable> bau_: sudo apt-get install nmap && nmap <server ip>
<bau_> here: http://pastebin.com/M3Tpw35M
<genii-around> bau_: nmap is also available for Windows platform if you don't have a second linux box handy
<lajjr> kim0, are you online??
<bau_> should i see samba service also?
<genii-around> bau_: 139 and 445 are shown on that scan. Did you run nmap on the server where samba is running, or on an exterior box of the network?
<bau_> genii-around, lol directly from the server, wait
<bau_> here, from another linux box: http://pastebin.com/y1jRj7n5
<bau_> any suggestions?
<genii-around> bau_: Apologies on lag, work required me.
<bau_> ok
<genii-around> bau_: if you run: testparm   on the server, does it say your smb.conf file is good?
<bau_> genii-around, here: http://pastebin.com/kNueuXFf
<uvirtbot> New bug: #851860 in glance (universe) "glance user should not be in the 'nogroup' group" [High,Fix released] https://launchpad.net/bugs/851860
<genii-around> bau_: Looks OK there.
<genii-around> bau_: What is result of: smbclient -L <ip-of-server>
<bau_> genii-around, from ubuntu clients, when i go to network folder, i need to enter on Windows netowork, is it normal?
<genii-around> bau_: Yes
<bau_> ok
<bau_> that command, always from the server?
<genii-around> bau_: No, from a client
<genii-around> ( to see what shares, etc the server is advertising)
<bau_> ok
<bau_> genii-around, http://pastebin.com/iPysQrkZ
<genii-around> bau_: OK, also looks good.
<genii-around> bau_: When you go in Windows to Network Neighbourhood or similar, the server is not visible?
<bau_> windows to Network Neighbourhood ?
<genii-around> bau_: Normally yes. Sometimes you may need to specifically put in the IP of the server there, if it is not announcing itself
<bau_> you mean ctrl+l on nautilus?
<genii-around> bau_: All the client machines are linux?
<bau_> no there is also 1 windows at least
<genii-around> bau_: In Nautilus you should be able to put in the URL area something like:  smb://<ip-of-server>/sharename
<bau_> yeah it works!
<genii-around> bau_: Good. It is probably that the server is not announcing itself
<genii-around> ( eg: make sure it's broadcast IP or netmask is properly set)
<bau_> genii-around, i don't remember how to do it :/
<bau_> under /etc/network/interface
<bau_> i set up static addresses
<genii-around> bau_: Usually in one of two ways. If the server is set to auto-get by dhcp, check the dhcp server and make sure it's settings are correct... also probably to always assign the server same IP by it's MAC. Second way is interfaces file manually.
<genii-around> bau_: Could you pastebin the interfaces file?
<bau_> sure
<bau_> http://pastebin.com/e5kPrUvN
<genii-around> bau_: netmask is set, but would not hurt to probably add: broadcast 192.168.0.255      ..also if your router is at 192.168.0.1 you may want line: dns-nameservers 192.168.0.1      (or put in actual nameserver IP here)
<bau_> genii-around, sorry i'm using 11.10 beta
<genii-around> bau_: No worries, these instructions are pretty much the same across all versions.
<bau_> so is interfaces ok?
<genii-around> bau_: Did you see my last message about broadcast, and dns-nameservers ?
<bau_> no...
<genii-around> bau_: netmask is set, but would not hurt to probably add: broadcast 192.168.0.255 ..also if your router is at 192.168.0.1 you may want line: dns-nameservers 192.168.0.1 (or put in actual nameserver IP here)
<uvirtbot> New bug: #856789 in mysql-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/856789
<bau_> ok now i give it a try
<bau_> after i edit it?
<genii-around> bau_: an: sudo ifconfig eth0 down && sudo ifconfig eth0 up   should make the changes take. Although sometimes it also requires sudo ifdown/ifup eth0  cycle for some reason. Simplest way is of course just to reboot it.
<bau_> ok i'll reboot
<bau_> :)
<genii-around> ( I am assuming here eth0 interface but yours may be different)
<bau_> yeah it should be eth0
<bau_> genii-around, ok now it's working
<bau_> so it was interface problem?Ã¹
<genii-around> bau_: The server announces to the network on the broadcast IP, so clients do not know it exists if the broadcast is not set or set incorrectly
<bau_> he goes away too...
<Daviey> smoser: did you do triage today?
<Daviey> hallyn: is bug 855411 expected behaviour?
<uvirtbot> Launchpad bug 855411 in kvm "kernel BUG at /build/buildd/linux-3.0.0/arch/x86/kvm/../../../virt/kvm/kvm_main.c:2275!" [Undecided,New] https://launchpad.net/bugs/855411
<hallyn> Daviey: uh, kernel BUG is not expected behavior :)
 * hallyn look
<hallyn> s
<Daviey> hallyn: okay, is it a regression? :)
<hallyn> Daviey: i can't reproduce
<hallyn> Daviey: is the hardware b0rked?
<hallyn> oh
<hallyn> heh, just saw the rest.
<hallyn> Daviey: still can't reproduce
<jdstrand> Daviey: responded to glance mir
<jdstrand> Daviey: (fyi)
<Daviey> jdstrand: \o/
<hallyn> Daviey: can *you* reproduce?
<Daviey> jdstrand: You sir, are my hero
<jdstrand> Daviey: heh
<tarvid> synced and installed an Oneric-server image in test-drive, how do I find it to run it later?
<tarvid> I have two images I created today - a small one 197120 and a larger one 1650393088, what does the small image do
<Daviey> smoser: can you reproduce 546572 against nova?
<tarvid> aqemu insists on a new machine, why can't I get it to import the one made with testdrive?
<kirkland> what's aqemu?
<kirkland> tarvid: ^
<kirkland> tarvid: you should be able to use a machine that you installed via testdrive
<tarvid> a gui qemu manager
<tarvid> yes I should but Launch starts a new install
<tarvid> there is no apparent way to start a vm you created before
<kirkland> okay, sorry;  no idea about aqemu
<uvirtbot> New bug: #525684 in clamav (main) "clamscan crashed with SIGSEGV in mpool_free()" [Medium,Incomplete] https://launchpad.net/bugs/525684
<uvirtbot> New bug: #856828 in cloud-init (main) "package grub-legacy-ec2 0.6.1-0ubuntu8 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/856828
<tarvid> I've posted at launchpad, I may as well post a bug
<tarvid> looks like virtualbox-ose will not install an amd64 iso
<TheEvilPhoenix> tarvid:  you need to be on a 64bit system to use amd64 virtualbox
<tarvid> I am on a 64 bit system
<tarvid> model name	: AMD Athlon(tm) 64 Processor 3200+
<tarvid> virtualbox-ose says the CPU it is a QEMU
<tarvid> does that mean the ose version is a 32 bit machine?
<qman__> tarvid, just because you have a 64-bit capable processor doesn't mean you're using a 64-bit operating system, libraries, or software
#ubuntu-server 2011-09-23
<rocio> alguien habla espaÃ±ol
<twb> !es
<ubottu> En la mayorÃ­a de canales de Ubuntu se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter.
<twb> Solo ingles in esta canal, por favor
<smoser> Daviey, it seems that i cannot.
<smoser> # euca-modify-image-attribute --launch-permission --add foof ami-0000003; echo $?
<smoser> ApiError: user or group not specified
<smoser> 1
<smoser> not a good error, because clearly a user or group *was* specified, but at least it exited non-zero
<rocio> alguien????
<twb> rocio: no.
<rocio> que tal
<twb> GRARGH
<twb> http://paste.debian.net/131692/
<twb> I am *REALLY* sick of ubuntu doing that
<twb> I think it's because of that crap PATH setting moved from /etc/profile to pam_environment.so or something
<twb> *because of that crap where
<twb> Basically what happens is, if you ssh to root@<lucid host>, PATH is not set appropriately.
<twb> OK, I have an airgapped network.  I need NTP to work on it.  I cannot afford a cesium hardware clock, and I am not allowed to deploy a hardware clock that uses GPS.
<twb> Currently, the NTP server reports a stratum of 16, which I *think* is why the desktops are ignoring its time information.
<twb> Can I simply tell NTP on the server to force its stratum to 3 ?
<CluelessPerson> how do I setup my server to allow for VMware?
<twb> CluelessPerson: define "allow vmware"
<CluelessPerson> twb, I'm learning about stuff, I don't know much about it, and I'm googling it and stuff, wondering if someone could tell me what they think
<twb> That is not a sufficient answer.
<CluelessPerson> twb, What do I need to use it?
<CluelessPerson> minimum specs?, etc
<CluelessPerson> twb,  I have a headless ubuntu server.
<twb> To use what?
<CluelessPerson> twb,  How do I handle virtualization?
<CluelessPerson> I know OF it, but I odn't know it
<twb> Is your actual goal something like "I want to learn how to make VMs"
<CluelessPerson> twb, I think so. :p
<twb> In that case, don't use VMware
<twb> The technology you should be using is KVM, which is built into Linux.  The userspace component is also called "KVM" (based on "QEMU"), which is a CLI program.  There is an optional abstraction layer called "libvirt" to help manage VMs, and a GUI for that called "virt-manager".
<CluelessPerson> twb, So if I wanted to run ubuntu -netbook on my netbook, and remote ui to a virtual os running in kvm on the server, what do you think of that?
<twb> The key hardware requirement for x86 and x86-64 systems is hardware VT
<twb> 13:32 <dpkg> To confirm if your processor supports x86 virtualization extensions. run: egrep -q -e '^flags.*vmx' -e '^flags.*svm' /proc/cpuinfo && echo 'virtualization extensions available'.  Note that Intel VT (IVT) support may be switched off in firmware for some implementations.  See also <virtualization>.
<CluelessPerson> twb,   It tells me "virtualization extensiosn available"
<twb> Then you are fine
<CluelessPerson> twb,  so you suggest installing kvm
<twb> Yes.
<twb> You should read the Ubuntu Server Guide corresponding to your release.
<CluelessPerson> on it
<Jasonn> anyone know how to make user-specific disk space limits without making partitions in a user friendly way?
<qman__> Jasonn, quotas
<Jasonn> qman__: And can I use that to create them too
<Jasonn> and if so, what is the command to do that
<AlecTaylor> hi
<AlecTaylor> How do I stop the default VNC server of Ubuntu via CLI?
<qman__> it requires extra packages, a quick google found this guide: http://www.debianadmin.com/implement-and-manage-disk-quotas-in-linux.html
<qman__> AlecTaylor, ubuntu server does not have a VNC server by default
<AlecTaylor> Mine does!
<AlecTaylor> :\
<Jasonn> AlecTaylor: killall *vnc*
<Jasonn> qman__: thanks :)
<qman__> ubuntu server does not have a GUI by default, either
<qman__> a prerequisite to running VNC
<AlecTaylor> Jasonn: No process found
<qman__> the point of this being, either you installed it and should know which one you installed, or you are not running ubuntu server
<Jasonn> AlecTaylor: sudo apt-get install htop && sudo htop
<Jasonn> find it there
<qman__> you may be able to determine it with something like 'dpkg -l | grep vnc'
<AlecTaylor> Jasonn: htop? - Hmm, what does the h stand for?
 * AlecTaylor has ntop and top installed
<Jasonn> its another prog
<AlecTaylor> Jasonn: htop? - Hmm, what does the h stand for?
<Jasonn> imo, its the best one
<Jasonn> its another prog
<Jasonn> imo, its the best one
<AlecTaylor> Hmm, what does the h stand for?
<Jasonn> I dont know
<AlecTaylor> k
<Jasonn> qman__: And what would the command be to set a limit of 1GB on user a ?
<Jasonn> user_a *
<qman__> I don't know, see the man pages for the various quota programs
<qman__> I'd start with quotaon
<qman__> also, please disregard the webmin stuff, as webmin is not supported on ubuntu
<qman__> I didn't notice that bit when I first linked
<qman__> the rest applies
<Jasonn> oh
<Jasonn> alright
<Jasonn> thanks :)
<AlecTaylor> I'm controlling a VNC session through RDP (xrdp) remotely. How do I force a change in resolution to one not listed?
<Jasonn> take out the host comp's monitorr
<AlecTaylor> :P
<qman__> you'd have to hack X up to include your desired video mode
<qman__> but that's not really a question suited to this channel, since ubuntu server does not have a GUI by default
<twb> AlecTaylor: iirc the h in htop is the author's first name initial
<AlecTaylor> qman__: Using that logic, anyone with a non clean install of Ubuntu Server can't ask questions here?
<AlecTaylor> twb: Ahh
<twb> AlecTaylor: like, his name is Hagbard or whatever
<Jasonn> qman__: ok, if you install this for me and make it work, I will let you use my dedicated server and give you like 50GB HDD space
<qman__> AlecTaylor, not exactly, but X and GUIs in general are a very wide subject and are outside the scope of ubuntu server's typical, supported configurations
<qman__> I didn't say it wasn't allowed, just not well suited
<qman__> you'll have better luck elsewhere, in more X specific places
<qman__> Jasonn, I appreciate the offer but I don't really need such a thing, and I unfortunately don't have time to help you in further detail right now
<qman__> if you still need help saturday or sunday I may be able to
<Jasonn> alright
<Jasonn> thanks man :)
<AlecTaylor> How do I upgrade from 11.04 to 11.10?
<jmarsden> AlecTaylor: You wait for 11.10 to be released.
<twb> jmarsden: say, do you run unbound?
<jmarsden> twb: No, sorry.
<twb> Oh well
<AlecTaylor> jmarsden: So I can't upgrade to beta?
<twb> AlecTaylor: if you have to ask, you shouldn't be running pre-releases
<AlecTaylor> But I want this package, only available in oneric: http://packages.ubuntu.com/oneiric/request-tracker4
<jmarsden> So backport it.
<jmarsden> Migrating to a a beta OS for one package is totally outrageously overkill...
<AlecTaylor> How to backport?
 * AlecTaylor thought it might be easier to upgrade rather than backport
<AlecTaylor> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<jmarsden> AlecTaylor: Download the package sources, rebuild the package under your current production OS, and install the resulting package.
<AlecTaylor> Easier to upgrade methinks
<jmarsden> You will note the advice in the first of your two links re betas is "skilled and confident users may wish to upgrade" .  if you were a skileld and confident user of Ubuntu Server, you would not be asking these questions.  Therefore, upgrading to a beta is, for you, a bad idea.
<Jasonn> AlecTaylor: yes, for a basic user to upgrade to a highly-unstable beta OS, sounds like a good idea to me :D
<jmarsden> There is another option: patience.  11.10 will be released in October.
<AlecTaylor> Jasonn: It'll be released next month, so why not make upgrading easier for the WinAdmin who takes over?
<Jasonn> why not wait a month and let him do it?
<AlecTaylor> Jasonn: Then he'd call me back in. I'm just doing 1 project, I don't want callbacks!
<Jasonn> lol
<Jasonn> youd get paid more!
<AlecTaylor> Reputation would go down
<CluelessPerson> So I'm thinking
<CluelessPerson> from inside this network, I could create my own private network with my router, server, and netbook, while my family resides on the outer shell.
<CluelessPerson> my server could act as an anonymolizing proxy to tor for all connections on whatever port
<CluelessPerson> and my server could run vms, for various functions, including dummy vms that upon access could lock down the private network.
<CluelessPerson> for some reason I can't install java 6 on my ubuntu server
<ikonia> define "can't"
<ersi> CluelessPerson: Please detail what your troubles are. Not finding a suitable package? Getting complains from apt installing a specific package?
<CluelessPerson> can't find the package to install
<CluelessPerson> sudo apt-get install sun-java6-bin
<CluelessPerson> fails, can't find it
<ersi> "sun-java6-jre - Sun Java(TM) Runtime Environment (JRE) 6 (architecture independent files)"?
<ersi> Oh. sun-java6-bin.
<ersi> What specific error are you getting? That apt isn't finding it on the mirror?
<CluelessPerson> ersi, sudo add-apt-repository ppa:ferramroberto/java
<CluelessPerson> "command not found"
<CluelessPerson> like, wtf.
<ersi> Uh.
<ersi> That package is available in the regular mirrors though
<ersi> Atleast in 11.04.
<AlecTaylor> This upgrade is taking forever. How long is it meant to take to upgrade from 11.04 to 11.10?
<ikonia> depends on a lot of factors
<AlecTaylor> Hmm, what were the specs...
<ikonia> (have a look on another terminal what processes are up to)
<ikonia> what specs ?
<AlecTaylor> 2GB of RAM
<AlecTaylor> 2 processors
<AlecTaylor> So about how long? (estimate)
<ikonia> you can't estimate
<AlecTaylor> Currently installing ubufox
<AlecTaylor> Is it in alphabetical install order?
<ikonia> have a look in antoher terminal if any processes are hung
<ikonia> or if anything's going on
<AlecTaylor> Nothings hung, it's progressing
<AlecTaylor> Just want to know how much longer I need to wait
<ikonia> there we go then, so sit tight
<AlecTaylor> Yay, up to "Setting up" stage, after 1 or 2 hours
<AlecTaylor> :D
<ersi> AlecTaylor: Packing up packages and putting them in their places can take a while.
<AlecTaylor> What are they, union workers?
<ersi> Without the breaks, and it works for free.
<ersi> And doesn't mind worse conditions
<ersi> So I guess.. No :P
<AlecTaylor> hehe
 * AlecTaylor can't wait any longer, time to watch some more anime!
<ersi> Sounds like a good distraction :]
<AlecTaylor> Hmm, PostgreSQL upgrading to 9.1 from 8 but 8 db server still running
<AlecTaylor> strange
<soren> AlecTaylor: It depends on how much stuff is installed on the system being upgraded.
<soren> AlecTaylor: ...and how fast the machine is.
<AlecTaylor> It's currently at the remove redundant apps stage
<CluelessPerson> does anyone here play minecraft?
<CluelessPerson> I need help with an init script
<AlecTaylor> WOOT - Restart stage
<CluelessPerson> I'm looking for an init script that uses ramdisk and backups
<Daviey> adam_g_: are you alive?
<SpamapS> Daviey: he may not be, but I am.. :-P
<SpamapS> 3 nights in a row of severe onset insomnia brought on by late coffee ingestion .. :-P
<Daviey> SpamapS: heh, good to see your dedication :)
<SpamapS> Mostly just tweaking my demo toy so I'll look smart with Jane and Jorge on stage at ODS :)
<Daviey> SpamapS: non-shared storage instance migration is working \o/
<Daviey> which is perfect for rebooting compute nodes \o/
<Daviey> SpamapS: Ah, so you'll get the blame when i goes wrong? :)
<Daviey> You keep signing up to stuff that'll backfire >:)
<SpamapS> No, I'm preparing to throw rbasak under the bus. New guys are always at fault.
<Daviey> True.
<rbasak> :-(
<SpamapS> Thankfully JamesPage stepped right in the pile of euca after I stepped in it.. :)
<SpamapS> rbasak: buck up.. its only a 5 minute demo.. I'm sure they'll just give you a warning for screwing it up. ;)
<AlecTaylor> I've got no screens. I've tried apt-get remove ubuntu-desktop, apt-get remove xauth. I then rebooted and reinstalled them. I still can't startx due to no screens being found. What's next?
<rbasak> Hmm, maybe it's a good thing I'm not going to ODS :)
<SpamapS> "If only rbasak would have showed up, we could have had a good demo."
<jamespage> SpamapS: I noticed your footprint just as I did :-)
<rbasak> lol
<rbasak> Daviey: qemu-nbd: Could not access '/dev/nbd15': No such file or directory
<rbasak> Daviey: what was the fix for that?
<jamespage> SpamapS, other than whats in PPA whats the current state of Cassandra packaging?
<jamespage> or is that it?
<Daviey> rbasak: NFI
 * rbasak reboots
<AlecTaylor> I can't ping google via its hostname. When I try via its IP Address I get "Packet filtered" errors
<ersi> AlecTaylor: Well, what have you done? Just apt-get remove and apt-get upgrade a lot of stuff? Did you have Networkmanager taking care of your connections before? (You're converting from a desktop install to a server install?) Have you configured any interfaces in /etc/network/interfaces?
<rbasak> Daviey: you were right, libvirt is hanging because it's trying to open the fifo
<Daviey> Gah
<Daviey> rbasak: does echo > fifo unblock it ?
<rbasak> Daviey: yep. Well "cat > fifo" does.
<rbasak> (so just the open, no write required)
<rbasak> I'm just trying a workaround by having my logger hold it open for write :)
<Daviey> rbasak: Sounds like as part of the fifo creation hunk, touching the fifo might be the solution?
<Daviey> ah!
<Daviey> :)
<jamespage> Daviey: asterisk merge? hows that working for you?
<Daviey> jamespage: Hmm
<nigelb> Hi, I have a very curious problem.
<nigelb> When I run a bash script, the $PATH is empty inside that script.
<nigelb> Its normal wen I echo $PATH in my shell.
<ersi> Is there anyone familiar with freeRadius here? Im trying to locate why my radiusd is checking the system/local passwd file, even though I've commented out 'unix' and have 'file' uncommented in sites-available/default
<SpamapS> jamespage: Cassandra puts out their own packages
 * SpamapS should sleep soon :p
<SpamapS> jamespage: that is the primary reason I stopped maintaining the PPA.. nobody cared about my packages when upstream was always more up to date. :)
<Daviey> SpamapS: sleep is for the weak.
<uvirtbot> New bug: #857175 in lm-sensors (main) "i2c-i801 kernel module needlessly blacklisted" [Undecided,New] https://launchpad.net/bugs/857175
<nigelb> Daviey++
<jamespage> SpamapS, I thought that was the case
<jamespage> I was reviewing negronjl's cassandra charm
<jamespage> which ATM pulls a .deb from elsewhere
<jamespage> which felt a bit odd - I'll ping him later
<SpamapS> We need to start thinking *very* hard about cryptographic guarantees on files that charms pull.
<jamespage> yes
<Daviey> We discussed using archive, PPA and upstream source in charms - but i don't think external debs was considered
<jamespage> I agree
<SpamapS> And on configurability so that they are repeatable.
<jamespage> I did a branch of the jenkins charm yesterday which defaults to the distro, but has configuration to use upstream stable or trunk archives as well
<SpamapS> I'd actually move that we have an apt plugin for charms to make use of which also builds a repository of packages on the bootstrap node so that updates happen when you ask for them, not just when you add-unit and oops new package, yay.
<jamespage> SpamapS, that would be nice
<SpamapS> its needed for juju as well
<jamespage> true
<SpamapS> this business ofpulling from ppa or distro or branch or wtf ... its not going to fly
<Daviey> SpamapS: Well it's plausible that upstream doesn't allow rebuilding of debs, ie, hacked packages... So something like debmarshal would be a good win for that.
<SpamapS> Should be relatively easy actually. Just stick an apt-get and add-apt-repository in the path which use this plugin...
<SpamapS> Daviey: yeah, the cassandra upstream debs are nearly impossible to rebuild
<SpamapS> I *did* solve that.
<SpamapS> but then I started trying to get rid of the embedded jars
<Daviey> The key needs to be exposed aswell
<SpamapS> and thats where I started wanting to throw cassandra off a moving high speed train
<Daviey> heh
<rbasak> OK now I'm hitting an apparmor problem: [Errno 6] No such device or address: '/home/ubuntu/nova/nova/instances/instance-0000000a/console.fifo'
<rbasak> I've tried aa-complain on libvirtd
<SpamapS> Daviey: right, we can think it through at implementation time. The idea is to be able to know that add-unit will actually add the same unit... not one with updates.
<rbasak> That didn't work but I didn't really expect it to - how is it that apparmor is being applied to nova? Is libvirt doing it?
<SpamapS> Anyway
<twb> rbasak: apparmor has per-VM profiles instantiated from a libvirt template
<Daviey> rbasak: You can reproduce it with apparmour teardown?
<twb> rbasak: maybe you need to set the specific VM profile to complain?
<SpamapS> chatting about work has made me want to sleep
<Daviey> apparmor*
<SpamapS> \o/
<Daviey> SpamapS: hah, nn
 * rbasak doesn't know that much about apparmor
<SpamapS> goodnight, especially to my long lost english cousins ... :)
<rbasak> Can I just disable the whole thing for testing?
<rbasak> twb: how do I do that?
<rbasak> Daviey: I don't follow, what's apparmor teardown?
<Daviey> rbasak: as in, you get the same error with apparmor not part of it.
<twb> rbasak: nfi
<Daviey> rbasak: sudo /etc/init.d/apparmor teardown
<twb> teardown will basically turn off apparmor AIUI
<rbasak> Ah that is what I was after, didn't know how to achieve it
<rbasak> No, same error :-/
<rbasak> But doesn't libvirt dynamically create the profiles - will apparmor teardown work with that?
<Daviey> It *should* do.
<twb> Perhaps a better question is how to ask apparmor what profiles are currently enforced
<twb> Anyway what makes you think that's an apparmor problem?
<Daviey> if you stop + start libvirt you know for usre.
<Daviey> (restart doesn't have the same behaviour as stop/start btw)
<twb> They usually take the form of a dmesg/syslog audit() complaint
<twb> Eh, I rewrote my libvirtd job so that containers will not be hard-killed if the host OS is shut down
<Daviey> twb: Interesting, care to share the diff?
<twb> http://paste.debian.net/131730/
<rbasak> I thought it was an apparmor problem as occasionally I saw apparmor complaints in the nova-compute trace
<twb> TBH I don't understand how ubuntu/libvirt could even THINK of shipping a system that just hard-kills VMs
<twb> Daviey: note that this means you can't reconfigure libvirtd without rebooting all VMs
<twb> kirkland: ^^ FYI, paste might interest you
<rbasak> OK it's not apparmor at all
 * rbasak looks sheepish
<koolhead17> hi a
<koolhead17> *all
<spajderix> hi
<Daviey> twb: nice!
<Daviey> twb: you don't fancy raising a bug with that attached do you?
<twb> ICBF, sorry
<Daviey> :(
<soren> twb: I don't see how that is functionally different from what we have in Oneiric now? Both first attempt a shutdown, wait for a while, then kill them hard if they're not yet stopped.
<twb> soren: I only look at LTS, maybe you already have it in non-LTS versions
<soren> twb: Ah.
<twb> If so, sorry for the noise
<soren> twb: Yeah, in Lucid it doesn't do anything at all, right?
<soren> twb: So they just die.
<soren> bug 350936
<uvirtbot> Launchpad bug 350936 in libvirt "Should shut down domains on system shutdown" [High,Fix committed] https://launchpad.net/bugs/350936
<twb> Right, they just run until the old sysvinit shutdown code does a killall -9
<soren> twb: Looks like it was pushed to Lucid as well.
<HellSpawn1> Ð´Ð¾Ð±ÑÑÐ¹ Ð´ÐµÐ½Ñ
<HellSpawn1> Ñ ubuntu server Ð½Ð° hyper-v ÑÐ°Ð±Ð¾ÑÐ°Ð» ÐºÑÐ¾-ÑÐ¾ ?
<Myrtti> !ru | HellSpawn1
<ubottu> HellSpawn1: ÐÐ¾Ð¶Ð°Ð»ÑÐ¹ÑÑÐ° Ð½Ð°Ð±ÐµÑÐ¸ÑÐµ /join #ubuntu-ru Ð´Ð»Ñ Ð¿Ð¾Ð»ÑÑÐµÐ½Ð¸Ñ Ð¿Ð¾Ð¼Ð¾ÑÐ¸ Ð½Ð° ÑÑÑÑÐºÐ¾Ð¼ ÑÐ·ÑÐºÐµ. | Pozhalujsta naberite /join #ubuntu-ru dlya polucheniya pomoshi na russkom yazyke.
<Myrtti> HellSpawn1: alternatively you could try English
<HellSpawn1> Hi! I'm try use ubuntu server 10.04 x86_64 with Hyper-V. Have a problem with a large HDD
<HellSpawn1> after instalation, i'm use hv_ modules for emulated hardware. And in my system appear second storage. And i have 2 HDD: first - sda and size 137Gb and second hda - full size.
<HellSpawn1> after mounting system via hda drive, i'm receiving errors about write buffer at disk sda
<Retrik> anybody know how stop this error: segmentation fault, i use ubuntu server 64 bit 10.04
<rbasak> Daviey: was it lp:~hudson-openstack/nova/milestone-proposed you pulled from last time?
<Daviey> rbasak: yes
<twb> soren: in backports, or updates?
<twb> soren: I haven't seen any dpkg merge offer with the latter enabled...
<Daviey> rbasak: BTW, nova trunk has now moved to git.. so once you have a patch, we'll try and get it lnded in trunk before cherrypicking it back to our packages
<rbasak> OK
<HellSpawn1> some one using Ubuntu Server on Hyper-V ?
<rbasak> HellSpawn1: I think AlecTaylor was yesterday
<soren> twb: /me checks
<soren> twb: It's in proposed.
<soren> twb: Not sure why it hasn't move on from there.
<twb> inertia
<soren> twb: I have a guess, but I'm verifying.
<twb> Don't trouble yourself on my account
<soren> Too late.
 * twb recoils in horror
<Guest43860> Q). i just did a tasksel install lamp-sever but am unsure why i cant get .htaccess files working ? any clues?
<Guest43860> im working on the default site at the mo but will need other vhost to include there own .htaccess file as well as directory level access control based on ip.
<uvirtbot> New bug: #801299 in glance (universe) "[MIR]glance" [High,Fix released] https://launchpad.net/bugs/801299
<jamespage> \o/
<Dulcin> Hmm, for some reason my system fails to fetch packages with apt-get update
<Dulcin> I get a lot of 404 errors, I tried changing my sources list
<Dulcin> but the same problem, any idea waht it could be?
<rbasak> OK now I really am getting an apparmor problem: (nova.exception): TRACE: libvirtError: internal error cannot load AppArmor profile 'libvirt-984032ec-630f-c8e1-36ce-8d7b6efd1266'
<rbasak> I can't see a file with that name in /etc/apparmor.d/libvirt, but similar ones from successful previous instances refer to a console.log file
<rbasak> which I've now changed to console.fifo and it's now a fifo rather than a plain file
<rbasak> Next I'm going to have to pull nova out of the equation and try getting libvirt to start instances with fifos manually unless anyone has any ideas?
<rbasak> soren: ^^, re https://bugs.launchpad.net/nova/+bug/832507
<uvirtbot> Launchpad bug 832507 in nova "console.log grows indefinitely" [High,In progress]
<soren> Oh.
<soren> jdstrand: One for you ^
<soren> jdstrand: The filename referencing a fifo in the libvirt xml is really a basename for the actual fifos.
<soren> jdstrand: So, if you specify a fifo named "foo", the actual fifos will be named "foo.in" and "foo.out".
<soren> jdstrand: I guess the apparmor magic will need to take that into account.
<soren> jdstrand: (the logic that defines that lives in kvm, not libvirt)
<soren> rbasak: jdstrand is your man when it comes to apparmour and libvirt.
<rbasak> soren: I've not actually told libvirt that it's a fifo
<soren> rbasak: ?!?
<soren> rbasak: So how is kvm supposed to know?
<rbasak> well, this is what I wondered when we started this conversation a couple of weeks ago!
<rbasak> that's why I said it sounded dodgy!
<ersi> Hm. I'm trying to bring up a VLAN Interface on my Ubuntu 11.04 with a Realtek RTL8111/8168B NIC and I'm getting "SIOCSIFADDR: No such device" when I try to bring up eth.100 - what gives? Here's my /etc/network/interfaces - http://dpaste.org/dx8MH/
<rbasak> I suppose I could change it to do that, but I will have to sort out a writer for the other direction that's not used
<Daviey> erm, why does kvm care it's a fifo?
<Daviey> soren / rbasak ^
<rbasak> imho, fifo semantics are different (eg. blocking, EPIPE, SIGPIPE) so it stops random breakage like the libvirtd hanging problem we had earlier
<patdk-wk> ersi, did you install the vlan package?
<ersi> patdk-wk: No. Lol.
<soren> Daviey: So that it can do the right thing. I suppose it's possible that it'll work without telling it that it's a fifo (the special care you need to take with fifo's doesn't hurt if applied to other files), but I think it's probably safer to let kvm know what's going on.
<ersi> patdk-wk: Doing that now, I'll also sit in the shame corner for a min :]
<patdk-wk> don't worry, I use vlans all the time, and last install had the same issue
<soren> rbasak: Just ignore the .in fifo.
<patdk-wk> took a few min to figure that out myself :)
<ersi> patdk-wk: Dunno why I assumed I had all the prerequisites :D
<ersi> Might be cause I had fiddled with networking on that machine earlier, setting up bridging and shiz
<ersi> Uhh, weird. Why is it still routing traffic for 10.100.0.0/16 through my default gateway on another device :E
<Daviey> soren: it worked fine with my mknod from my legacy branch, i can't see why kvm would care what is under it.
<soren> Daviey: Shall I repeat myself or can you read it again on your own? :)
<Daviey> soren: either way.
<soren> Daviey: Ok. Are you aware of the special care one needs to take to work with fifo's?
<rbasak> soren: so http://libvirt.org/formatdomain.html#elementsCharPipe ?
<soren> Daviey: Specifically fifo's where "the other end" might go missing and you don't want to let that take you down with it?
<Daviey> soren: you'll notice i didn't ask a question, but made a statement agreeing with your supposition.
<Daviey> soren: I always put on eye protection.
<jdstrand> rbasak, soren: re .in and .out> this relates to 832507? if so, could someone connect the dots with xml to reproduce and I'll write a fix
<soren> rbasak: Yes.
<Daviey> soren: Do i need to provide logs of this same conversation from 2 weeks ago?
<soren> Daviey: Sorry, I don't see your agreeing with me. I do see you, once more, question its necessity? What am I missing?
<koolhead17> hey soren
<soren> koolhead17: o/
<Daviey> soren: I didn't ask a question.
<rbasak> soren: just to make sure I understand, if I use type="pipe", I still need to append .in and .out? And by ignore are you saying that I need to open for write (so it won't block the open for read at the qemu end), or just do nothing?
<soren> Daviey: It's not my fault you failed to punctuate correctly.
<koolhead17> soren: got keystone working finally. :D
<soren> Daviey: "i can't see why kvm would care what is under it" is a question in my book regardless of the lack of question mark at the end.
<rbasak> jdstrand: yes, it's for 832507, but atm I'm not telling libvirt that it's a fifo, and that's what's not working. I'll try the type="pipe" as soren says and see if that works.
<jdstrand> it'll be interesting to see if it does
<jdstrand> (from an apparmor driver perspective)
<soren> Daviey: Anyways.. You say you can't see why it would care. It would care, because you need to do someting special in order to properly handle it when the other end of a pipe dies (or closes the fd).
<jdstrand> I was not aware of the .in and .out parts. incidentally, if you are seeing apparmor denials, they will be in kern.log (of audit.log if using auditd)
<soren> Daviey: We can hope that kvm applies this same care to every fd, regardless of whether it *knows* that this special care is needed..
<soren> Daviey: Or we can tell it that it needs to do it and be sure.
<soren> Daviey: Seems like an easy decision in my book. I don't understand why you're so opposed to telling it that it's talking to a pipe? (question mark)
<rbasak> jdstrand: right now I'm just seeing libvirtError: internal error cannot load AppArmor profile 'libvirt-984032ec-630f-c8e1-36ce-8d7b6efd1266' which doesn't make sense to me
<rbasak> soren: this is exactly what I thought I was raising a week ago, and I went away from the conversation thinking that you didn't think it was an issue
<Daviey> soren: ISTR it was me that raised reservations with the fifo concerns? :)
<jdstrand> that can happen if things die prematrely. the logging in the security drivers leaves something to be desired
<ersi> patdk-wk: Would you mind looking at this route table ( http://dpaste.org/UerNe/ ) and helping me understand why I can't reach 10.100.0.0/16 over eth0? Do I need a default gateway?
<rbasak> jdstrand: aiui, all I'm doing different that is triggering that is that I've renamed console.log -> console.fifo (so the xml has changed accordingly) and that the file is now a fifo instead of a plain file
<soren> rbasak: What I remember was you wanting to take care of the fifo specificities outside of kvm, because you didn't seem to trust it.
<ersi> patdk-wk: I get routed via my default gateway over eth1 for some reason >_>
<soren> Daviey: So why are you going the opposite way now?
<soren> Is this candid camera?
<jdstrand> rbasak: reading backscroll-- you are doing this currently with apparmor disabled, for testing purposes?
<rbasak> jdstrand: no I rebuilt the instance since then. do you want me to try that?
<Daviey> soren: Expect a cream pie in the face, shortly.
<jdstrand> rbasak: no, not particularly. I just wanted to verify that if you tried to disable the driver, you did it correctly
<soren> ersi: Which IP are you trying to reach?
<rbasak> soren: I didn't trust it because I thought you were telling me to not tell it about the fifo, and I was worried that this would break something!
<soren> ersi: ...because you're not routing 10.100.0.0/16 over eth0.
<soren> ersi: only 10.100.0.0/18 (if my binary arithmetic is right)
<ersi> soren: Uhm, I'm trying to reach 10.100.66.12, which is my VLAN network, which should get sent on eth0
<rbasak> jdstrand: I don't understand why it would fall over at this point, but I might as well make the change to type="pipe" and worry about it if it persists then. I might have to get back to you :)
<ersi> yeah, I meant /18.. Crazy ass Set top boxes want them netmasks
<patdk-wk> that is like a /26 netmask, not /16 or /18
<soren> ersi: ersi 10.100.66.12 is in 10.100.64.0/18
<patdk-wk> oh, I can't read :)
<patdk-wk> just got out of bed
<soren> ersi: Not 10.100.0.0/18
<ersi> Mmmh, d'uh. How silly of me
<ersi> Wonder if I made it more silly now... :D Dosh darn this crazy network. > http://dpaste.org/X6PKE/
<someuser> i'm trying to install glpi, but the install procedure says: can't create or write to <various names> folder. this is weird, since i'm the owner of these folders. any suggestions?
<soren> rbasak, Daviey: I think it's fair to say that someone misunderstood someone. Now, can we please just fix this?
<rbasak> soren: np
<rbasak> soren: just to make sure I'm clear now though
<rbasak> <rbasak> soren: just to make sure I understand, if I use type="pipe", I still need to append .in and .out? And by ignore are you saying that I need to open for write (so it won't block the open for read at the qemu end), or just do nothing?
<ersi> soren or patdk-wk: mind having another look? http://dpaste.org/X6PKE/
<soren> rbasak: Just ignore it. Forget it exists. <jedi mind trick>there's no .in pipe</jedi mind trick>
<rbasak> soren: so I shouldn't even create the .in fifo?
<rbasak> ah: "QEMU will not create these fifos, and requires them to be present."
<rbasak> But if I create it and don't write to it, qemu will block on opening it for read
<rbasak> But if I create and and don't _open_ it for writing, qemu will block on opening it for read
<soren> What makes you say that?
<rbasak> which part? manpage says that they must be present. fifo semantics are that opens block when opening for read if no writers, unless O_NONBLOCK is specified
<soren> This part: 12:39 < rbasak> But if I create and and don't _open_ it for writing, qemu will block on opening it for read
<soren> We established this weeks ago.
<soren> QEmu *knows* this is a pipe, becuase we tell it's a pipe.
<soren> So it doesn't do stupid things like hang when we don't write to it or die when we stop listening.
<rbasak> OK, now I'm clear on what you're saying - thanks
<soren> As I said back then: 10:35 < soren> Daviey: If everyone knows they're taling to a fifo, the semantics are well understood and pretty easy to deal with.
<soren> Complete with typos and everything.
<rbasak> Yeah a big "If" there. As I thought you were proposing that we *didn't* tell qemu that it was talking to a fifo, the sense in that sentence is completely reversed
 * Daviey screams
<soren> Ah.
<soren> No, qemu lets you specify the type of file its chardevs are connected to. There are a bunch of them.
<soren> There are plain files, pipe, serial, parallel, stdio, braille, udp, tcp, socket, tty.
<soren> And more.
<soren> Each with their own idiosyncracies.
<twb> You're supposed to call them "features" until the users are at the gates with pitchforks and torches
<Daviey> twb: Shouldn't you be asleep?
<zul> morning
<soren> It's amazing anyone lets me talk to other devs, let alone users.
<twb> Daviey: 10PM
<twb> Er, 11
<Daviey> ah, ok.
<zul> soren:  i agree :)
<twb> I'm trying to replace crappy ol' Ubuntu armel with nice shiny Debian armhf, on my new netbook
<Daviey> soren: It's amazing you are still breathing.
<Daviey> twb: happy days
<twb> I fucked up the bootloader so now I'm recompiling u-boot, and since the host is hosed, I'm doing so in a qemu-user-static chroot, from my old Atom netbook
<spajderix> I have apache2 with mod_php enabled, hosting around 40 vhosts. I noticed something which I can't explain. I have entry in access.log with ip sending POST request to a page, and in this exact second, a file with random_numbers.php name get's created. There is no form or POST data processing what so ever on a given page. I have no idea how this happens, and more importantly how to prevent this
<spajderix> from happening. Could you help me with figureing this out?
<soren> Daviey: I may very well not be.
<twb> Daviey: if I'm lucky qemu won't cause gcc-4.6 gnueabihf to have an internal error, like it does when compiling yacc output
<soren> spajderix: Someone's found a bug in the page they're posting to that lets them hack you. Probably.
<twb> \begin{bigot}The bug is: he enabled PHP.\end{bigot}
<zul> php is still evil
<rbasak> libvir: QEMU error : internal error Process exited while reading console log out
<rbasak> put: chardev: opening backend "pipe" failed
<rbasak> Am I missing something obvious?
<rbasak> My xml is http://paste.ubuntu.com/695611/
<spajderix> soren: That was my first thought, but i've checked the code. There is only a few lines of code getting items from db, and checking for pagination stuff. That's all. Is there a way to get POST data logged for requests in apache?
<rbasak> Incidentally if I write to console.fifo.out then it goes into the ringbuffer OK :)
<soren> rbasak: 2 pipes will be created called path.in and path.out. Data written to path.in will be received by the guest. Data written by the guest can be read from
<soren>            path.out. QEMU will not create these fifos, and requires them to be present.
<soren> rbasak: Maybe they both need to exist. Do they?
<rbasak> soren: yes I've created them both
<rbasak> prw-r----- 1 root root        0 2011-09-23 12:50 console.fifo.in
<rbasak> prw-r----- 1 root root        0 2011-09-23 12:52 console.fifo.out
<twb> rbasak: what's the kvm invocation look like?  (it's logged into /var/log/libvirtd-bin somwhere)
<soren> rbasak: Oh.
<soren> rbasak: Then need to not be owned by root.
<soren> rbasak: ..but libvirt should be handling that :(
<rbasak> soren: I'm running everything as root at the moment
<soren> rbasak: Are you absolutely sure?
<soren> rbasak: How did you do that?
<twb> You can probably cheat in the short term by making those fifos 666
<soren> twb: I don't love you anymore.
<twb> *in the short term*
<soren> mmmm
<twb> I'm assuming this host is not connected to another
<rbasak> I can try that
<soren> I kind of doubt that you're actually running kvm as root.
<twb> *I* do, because I'm a bastard :-)
<rbasak> twb: qemu invocation: http://paste.ubuntu.com/695616/
 * koolhead17 bows to Daviey 
<koolhead17> hey zul
<twb> goddamn ubuntu
<twb> I don't want to log into openid just to get "download as text"
<soren> twb: Yeah, that's pretty obnoxious.
<twb> It probably won't work anyway in w3m
<soren> rbasak: Well, unless you've changed it, kvm runs as some other user.
<soren> libvirt-qemu or something.
<rbasak> soren: OK, I'll try 666
<twb> XSLT to the rescue
<ersi> soren, patdk-wk: nevermind. I was using a IP-address that was in the wrong subnet/netmask. That's why "nothing" worked :)
<twb> rbasak: why --no-kvm there?
<rbasak> twb: no idea. I'm just using nova.sh
<twb> rbasak: do you have hardware VT?
<rbasak> twb: I don't know, but it does work without my patch
<twb> 23:00 <dpkg> To confirm if your processor supports x86 virtualization extensions. run: egrep -q -e '^flags.*vmx' -e '^flags.*svm' /proc/cpuinfo && echo 'virtualization extensions available'.  Note that Intel VT (IVT) support may be switched off in firmware for some implementations.  See also <virtualization>.
<rbasak> evidently I don't
<rbasak> (it is virtualised once already)
<twb> Oh
<twb> I was about to say "who cares about the actual problem, first go buy some appropriate hardware"
<rbasak> OK same error: libvir: QEMU error : internal error Process exited while reading console log out
<rbasak> put: chardev: opening backend "pipe" failed
<rbasak> FIFO is now 666
<rbasak> Is there a component of qemu I'm missing or something?
<twb> rbasak: can you just run kvm by hand, and if so does it get at least as far as that error?
<rbasak> I tried running the same command line but it didn't work - I think because lots of setup like maybe pts etc that nova provides is missing
<twb> yeah i had that problem with libvirt too
<rbasak> I will need to cut the line down carefully to a version that will work to test just the fifo behaviour
<twb> Well, you can test taht bit just using the fifo part plus a d-i kernel and initrd
<rbasak> OK
<rbasak> I just checked the docs carefully
<rbasak> The manpage contradicts itself
<rbasak> "On other hosts, 2 pipes will be created called path.in...QEMU will not create these fifos..."
<soren> Check dmesg
<soren> See if apparmour blocks it.
<rbasak> Aha, yes it is
<rbasak> Thanks soren, that just saved me the next half hour
<twb> Good catch
<rbasak> OK so this is where jdstrand comes in I think? The generated profiles have console.fifo only, not console.fifo.in and console.fifo.out
<rbasak> jdstrand: example xml is here: http://paste.ubuntu.com/695611/
<jdstrand> rbasak: and do you have apparmor denials?
<rbasak> jdstrand: example generated profile: http://paste.ubuntu.com/695621/
<rbasak> jdstrand: dmesg: http://paste.ubuntu.com/695622/
<rbasak> jdstrand: they may not match exactly, if you need them to let me know and I'll do another test run
<jdstrand> rbasak: can you attach all that to the bug?
<rbasak> jdstrand: will do
<uvirtbot> New bug: #857021 in glance (main) "glance (2011.3-0ubuntu1) fails to install, error in .postinst" [High,Fix released] https://launchpad.net/bugs/857021
<rbasak> jdstrand: I'll tidy up and make everything consistent and attach my patch to the bug as well then. It's a good point to have a checkpoint anyway
<uvirtbot> New bug: #857366 in cloud-init "support configuring landscape-client in cloud-config format" [Medium,Triaged] https://launchpad.net/bugs/857366
<uvirtbot> New bug: #857378 in cloud-init "make a DataSource supporting simple local media (configdrive, simple iso)" [Medium,Triaged] https://launchpad.net/bugs/857378
<uvirtbot> New bug: #857380 in cloud-init (main) "stack trace if 'local-hostname' is not in meta-data" [High,In progress] https://launchpad.net/bugs/857380
 * Daviey wonders if smoser will ever cut a new upstream version of cloud-init
<hallyn> Daviey: he's on a 'linux 3.0' schedule
<twb> kool-aid boy, huh
<zul> if i create a nova group it shouldnt do anything bad should it?
<laos> hey there guys - i was wondering if any of you would know if apache2 would start acting weird and ddns also after an internal ip change from 192.168.1.7 to 192.168.1.10
<raubvogel> Anyone using k5start?
<laos> i had a similar issue in the past and it went away after the router gave the original ip back to the server, but now my router is refusing to release the lease on the device that took the server's old IP
<lynxman> morning everyone o/
<Daviey> hey lynxman
<Daviey> zul: Are you working on s/socat/netcat ?
<lynxman> Daviey: hello sir
<zul> Daviey: yeah
<Daviey> zul: right now?
<zul> Daviey: 10 minutes ago i moved on to the iscsi stuff
<zul> why?
<Daviey> zul: Just prepairing for the release meeting, wondered ETA
<zul> Daviey: this afternoon
<Daviey> cool!
<zul> ill do the dh_python2 stuff while we are at it
<smoser> new upstream version of cloud-init coming, dont worry daviey.
<smoser> i was kind of hoping to have it not *terribly* broken for gholms' fedora work.
<bcessa> hi, I've a problem, how can I adjust the SMPT port from 25 to something else to use it with postfix?
<rbasak> Am I supposed to be able to submit multiple attachments in a bug comment? Or is a tar acceptable?
<rbasak> jdstrand: I've updated bug 832507. Can I leave the apparmor fix to you please?
<uvirtbot> Launchpad bug 832507 in nova "console.log grows indefinitely" [High,In progress] https://launchpad.net/bugs/832507
<jdstrand> rbasak: yes, thanks
<bcessa> got it
<robbiew> Daviey: adam_g:  so it just occurred to me when we rollout official HowTo documentation for Orchestra, we should include any ARM specific gotchas (in terms of pandaboards)
<robbiew> rbasak: zul: ^
<zul> robbiew: just the cobbler bits afaik
<robbiew> zul: that's what I thought
<Daviey> Talking of which, i'm not sure the PXE fix has landed in uboot.
<rbasak> I have followed http://pad.ubuntu.com/arm-server-netboot through for cobbler (directly, no Orchestra) and it worked without any issues
<rbasak> Although I did some of the parts by hand so didn't test the scripts
<Daviey> rocking.
<Daviey> robbiew: Next week probably involves doc consolidation.. pushing together all the snippets into the main docs.
<MiaFarrows> Hello there
<MiaFarrows> I've just installed 11.04 and I don't know how to change the keyboard layout so it uses the Spanish(Spain) keyboard layout
<RoAkSoAx> robbiew: I should have the orchestra/juju docs finished by the end of the day today then adam_g_ could add the openstack stuff
<MiaFarrows> I've tried dpkg-reconfigure console-setup, but just lets me select the encoding, charset and font settings
<RoAkSoAx> robbiew: i should aslo include ARM if desired
<robbiew> Daviey: RoAkSoAx: ack
<Daviey> zul: Is "List of missing bits pieces of libvirt for lxc (libvirt 0.9.1-1 merge is pending)" still required?
<zul> nah i think we are good
<Daviey> cool
<Daviey> RoAkSoAx: Did you have a chance to "Validate desktop deployment through cobbler" ? (alt cd?)
<MiaFarrows> Anyone can help me please?
<RoAkSoAx> Daviey: I did once long ago, I;ll do it again today
<Daviey> RoAkSoAx: awesome
<MiaFarrows> As I've already said, how can I change the keyboard layout from Ubuntu Server 11.04's console?
<Daviey> RoAkSoAx: If it works, can you update the blueprint?
<RoAkSoAx> Daviey: sure
<MiaFarrows> AAAAAAAAAAGGGGGGHHH Fuck you all! and Thanks for nothing idiots!
<robbiew> MiaFarrows: are you using ubuntu server?
<robbiew> or desktop?
<MiaFarrows> Server, as I said like 3 times
<oCean> MiaFarrows: better drop that attitude
<MiaFarrows> im so fuckin desperate+
<robbiew> MiaFarrows: calm down
<oCean> MiaFarrows: control your language here, please
<MiaFarrows> alright sorry, I've been in front of the console for 2 hours
<robbiew> MiaFarrows: understand the frustration...give me a sec
<MiaFarrows> I'm kind of irritated right now.
<MiaFarrows> Sorry for the attitude, once again.
<koolhead17> MiaFarrows: your not alone hitting your head against it
<robbiew> koolhead17: is this a known bug?
 * robbiew asks before diving into it
<koolhead17> robbiew: no. i dont think so
<robbiew> ok, thx
<zul> Daviey: can you have a quick look at lp:~zulcss/nova/ubuntu-changes
<koolhead17> MiaFarrows: so when you installed the server did it not asked you for keyboard layout?
<MiaFarrows> nope
<MiaFarrows> after installing the server I got the loving prompt
<Daviey> zul: you know nova has moved to git now?
<koolhead17> MiaFarrows: care to explain once more please
<MiaFarrows> damn autocorrection lol, logging*
<zul> Daviey: yeah i know
<zul> this is packaging changes for ubuntu
<Daviey> oh
<Daviey> zul: stacked against nova?
<zul> yes the diablo packaging branch
<robbiew> MiaFarrows: sudo dpkg-reconfigure console-setup
<just-a-visitor> (I'd suggest to check /etc/default/keyboard and set XKBLAYOUT="your_2_letters_language_code")
<koolhead17> echo "setxkbmap us" >> ~/.bashrc
<koolhead17> :)
<zul> Daviey: like we talked about
<Daviey> zul: rev 197 to head?
<MiaFarrows> I downloaded the 11.04 64 bits .iso from ubuntu.com, installed it on vmware and as soon as it finished installing the server, vmware-tools were installed, and after that a login prompt appeared on the server's console, I can log in, but the keyboard layout is set to english I guess, so I did dpkg-reconfigure console-setup but there is no option to change the keyboard language, just let's you change the encoding that the
<MiaFarrows> console uses, the font size/face and the charset.
<zul> Daviey: the latest and greatest
<MiaFarrows> So whenever I want to type '-' I get '/' instead
<MiaFarrows> the Ã± is a ; and so on
<Daviey> MiaFarrows: vmware does some magic to make the install less (more) painful.
 * koolhead17 have never used VMware
<MiaFarrows> Davley, I've installed it manually, no easy install
<Monotoko> hey guys...I'm trying to create a global LAN...in that I want people to be able to connect to my server (authenticated, there will be about 100 users) and then go where they need to. I want to add another TLD inside the network, for example www.main.dev takes a user to the main page...could OpenVPN do this?
<Daviey> MiaFarrows: you probably want to change, /etc/default/locale
<hallyn> Daviey: should bug 842845 be assigned to someone (zul :)?  If not, I might feel like I have to go spend time on it
<uvirtbot> Launchpad bug 842845 in libvirt "problems starting multiple lxc instances concurrently" [High,Confirmed] https://launchpad.net/bugs/842845
<zul> i wasnt able to reproduce it actually
<Daviey> hallyn: sounds wonderful, zul you are pretty loaded at the moment! :)
<zul> but there is some funkyness when you are shutting down the instances
<Daviey> zul: Have you tested the deprecated auth stuff?
<zul> Daviey: no...i was waiting to get the package out of the pending state :)
<Daviey> zul: it has been for a few hours.
<zul> eh? even with iscsitarget and socat?
<Daviey> zul: those are not build deps.. :)
<zul> Daviey: gah...interesting well it wont be using them in ubuntu2
<Daviey> zul: Hmm d/changelog has duplication?
<koolhead17> zul: hope your not doing anything to the keystone.
<zul> Daviey: hold on lemme check
<hallyn> Daviey: zul: I should take the bug?
<zul> hallyn: please
<Daviey> hallyn: +1
<hallyn> kewl, thx
<Daviey> zul: the netcat replacement - is it tested?
<hallyn> I've got some kernel patches to fix up first though.  Kick me if you want me to get to it today.
<zul> no i dont think anyone tested socat either
<zul> Daviey: pushed
<Daviey> zul: regarding the patch, is it worth linking to the gerrit review page?
<Daviey> for Forwarded:
<zul> Daviey: good idea
<Daviey> zul: Yeah, i think you are right.. if we can just get socat off the list, it helps.. we should make a point of testing it this week
<zul> agreeed
<Daviey> zul: Do you want to add one more patch?  Seems silly for me to do it seperately
<zul> Daviey: sure
<Daviey> zul: https://code.launchpad.net/~nttdata/nova/850602/+merge/75480
<Daviey> the test didn't cleanly apply.. it might do now with a new snapshot
<zul> Daviey: ok ill pick it up after I eat
<zul> but other than that you are ok with it?
<Daviey> zul: i think so
<Daviey> zul: changelog exceeds 80 chars width
<Daviey> zul: In retospect, as it seems to build on Lucid - perhaps we should keep that change?
<zul> the dh_python2 change?
<Daviey> yeah
<zul> nah
<Daviey> adam_g_: are you alive?
 * SpamapS just had MAJOR de ja vu
<lynxman> Daviey: he was pretty tired yesterday after the talk
<Daviey> SpamapS: you've only been gone 3 mins!
<Daviey> you didn't sleep
<Daviey> lynxman: thanks
<SpamapS> Daviey: son of a!
<SpamapS> jdstrand: some time last week you pinged me about PHP 5.3.8 .. http://news.php.net/php.internals/55598 ... I raised the issue that we had been dragging our feet on shipping it and it seems Rasmus agrees that they need to revert the change, so 5.3.9 should be good.. but too late for 11.10. :-/
<SpamapS> Or that might have been 2 weeks ago
<SpamapS> time is a blur :p
<jdstrand> SpamapS: thanks
<jdstrand> sbeattie: ^ for your updates
<jdstrand> SpamapS: it may have even been 3 :P
<koolhead17> soren:
<jdstrand> SpamapS: thanks for following up though
<adam_g> Daviey: here
<lynxman> hey koolhead17 o/
<robbiew> adam_g: how'd the juju talk go?
<robbiew> you survive?
<adam_g> robbiew: eh
<koolhead17> hey lynxman
<adam_g> Adri2000: :)
<adam_g> er
<koolhead17> am much relaxed today
<Daviey> adam_g: Cool!  I got live migration working..
<Daviey> the charm could do with some changes to enable it by default?
<adam_g> Daviey: yeah, it would be easy. what was needed?
<Daviey> adam_g: generating and sharing a psk.. and a /etc/default/libvirt* change
<Daviey> I'm currently using it with noauth, rather than a psk
<adam_g> Daviey: /etc/default/libvirt* changes on the compute nodes i assume, but psk shared between who?
<Daviey> adam_g: the compute nodes need to talk directly with eachother.. so the psk between them
<Daviey> /etc/default/libvirt to add -l (listen mode)
<adam_g> Daviey: ah yeah, should be doable in the charm. what about migration flags in nova.conf? did you figure out exactly which ones were required?
<zul> Daviey: just doing a test build
<Daviey> adam_g: Yeah... don't touch the flags :)
<Daviey> red herring :P
<Daviey> leave it as default
<SpamapS> is the nova in the archive the final diablo release?
<zul> yes
<SpamapS> zul: <borat>HIGHFIVE</borat>
<zul> hehe
<adam_g> Daviey: dont touch as in dont set them at all?
<Daviey> adam_g: yeah, vanilla settings
<Daviey> smoser: hmm, why do you hate dep3 so much?
<smoser> i didn't realize i did
<smoser> oh. in cloud-init ?
<smoser> i think its cleaner and more obvious when you're just cherry picking
<smoser> they're straight forward
<Daviey> smoser: It does feel pretty damn ugly to include a LICENCE as a pach to 'upstream'
<Daviey> yeah
<smoser> i use some text in debian/README.source to easily cherry-pick
<smoser> and turning that into a DEP-3 formated diff would be a PITA and useless.
<Daviey> smoser: why not just cut a new release?
<smoser> because i got close enough to what i had hoped was going to be in oneiric that i just said "i'll cut a release with what is in oneiric"
<smoser> :)
<Daviey> smoser: Considering you are upstream, and you are including all patches to upstream (right?), this aproach seems to be doing it wrong :)
<smoser> cutting binaries every 3rd day is wrong
<smoser> uploading binary snapshots to ubuntu as new releases is wrong
<smoser> both of those make it harder to see what is changing than this.
<Daviey> smoser: well i disagree, but i won't block on it.
<smoser> really?
<smoser> how would you review the changes in a new snapshot?
<smoser> here there is a single new patch
<smoser> and launchpad is less filled with meaningless binary original source tarballs
<Daviey> smoser: Launchpad generates diffs
<Daviey> as in debdiff's
<Daviey> http://launchpadlibrarian.net/80735555/cloud-init_0.6.1-0ubuntu19_0.6.1-0ubuntu20.diff.gz is what i reviewed.
<smoser> ok, so in this rare case that you're reviewing something post upload
<Daviey> smoser: if it was a bzr merge proposal it would STILL be easier to review if it wasn't flat patches.
<smoser> completely disagree
<smoser> if it was a bzr merge proposal, and i was making changes to the files (as opposed to patching them) and using quitl 3.0, you'd get double diffs
<Daviey> smoser: how?
<Daviey> smoser: exactly.. by using flat patches i'd get double diffs.
<Daviey> if you cut a new release, i'd get single diffs
<smoser> you dont have doulbe diffs now. you have a diff that adds a patch
<smoser> if i were using quilt 3.0, you'd get a diff that added a patch, and diffs to the files
<smoser> and you'd have to use 'filterdiff' or some other sillyness to tell bzr to do what it should do
<smoser> anyway
<Daviey> smoser: no.. i think you are failing to listen to what i am saying :)
<Daviey> if you didn't patch, but cut a new release - what job does quilt have?
<smoser> why would i cut a new release?
<smoser> for 3 lines of changes?
<smoser> what upstream woudl do that?
<zul> alrighty...nova ubuntu2 coming your way
<robbiew> RoAkSoAx: hey, so awhile back I created https://wiki.ubuntu.com/ServerTeam/Orchestra
<robbiew> could you take ownership of that?
<RoAkSoAx> robbiew: sure
<RoAkSoAx> robbiew: I will jupdate it accordingly
<robbiew> thanks!
<koolhead17> hey robbiew RoAkSoAx
<robbiew> koolhead17: what's up?
<koolhead17> robbiew: notthing much. much relaxed today !! :D
<koolhead17> RoAkSoAx: and am still stuck at same bloody custom partitioning in cobbler :(
<RoAkSoAx> koolhead17: hehe how so
<koolhead17> RoAkSoAx: http://www.tylerlesmann.com/2008/jul/06/fun-preseed/  This is what some wise man suggested me to go through, but was too occupied with dear keystone. :D
<koolhead17> zul: just request. don`t spend time on this https://bugs.launchpad.net/keystone/+bug/855467 i think it has much to do with path.
<uvirtbot> Launchpad bug 855467 in keystone "Keystone fails to locate any configuration file." [Undecided,New]
<koolhead17> i have keystone working now from github i will see if i can check this issue myself
 * koolhead17 rushes home
<adam_g> Daviey: details about the psk stuff around anywhere?
<Daviey> adam_g: libvirt wiki
<Daviey> one mo
<Daviey> adam_g: http://libvirt.org/remote.html#Remote_certificates
<adam_g> Daviey: thanks
<Jasonn> hi, I have a problem when uploading files via FTP. IT seems to give me: 550 Permission Denied. When I try to upload to my home dir.,
<SpamapS> Jasonn: your ftp service probably doesn't run with enough privileges to write to your home directory
<soren> koolhead17: hm?
<koolhead17> soren: was trying dashboard with keystone, was stuck somewhere then got https://github.com/cloudbuilders/devstack/blob/master/files/keystone_data.sh
<koolhead17> so pinged you that time. am home so will try it 2morrow
<koolhead17> :)
<soren> alright.
<uvirtbot> New bug: #857746 in qemu-kvm (main) "Drop capabilities bit in emulated e1000" [Undecided,New] https://launchpad.net/bugs/857746
<uvirtbot> New bug: #857759 in libaio (main) "package libaio-dev (not installed) failed to install/upgrade: trying to overwrite '/usr/include/libaio.h', which is also in package libaio 0.3.104-1" [Undecided,New] https://launchpad.net/bugs/857759
<uvirtbot> New bug: #857765 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed pre-removal script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/857765
<uvirtbot> New bug: #852848 in php5 (main) "MOPS-2010-006: PHP addcslashes() Interruption Information Leak Vulnerability" [Undecided,Fix released] https://launchpad.net/bugs/852848
<uvirtbot> New bug: #852868 in php5 (main) "php5 var_export() information leak" [Undecided,Confirmed] https://launchpad.net/bugs/852868
<uvirtbot> New bug: #852871 in php5 (main) "PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability" [Undecided,Confirmed] https://launchpad.net/bugs/852871
<uvirtbot> New bug: #852885 in php5 (main) "PHP rfc1867_post_handler File Path Injection Vulnerability" [Undecided,Confirmed] https://launchpad.net/bugs/852885
<uvirtbot> New bug: #852847 in php5 (main) "MOPS-2010-008: PHP chunk_split() Interruption Information Leak Vulnerability" [Undecided,Fix released] https://launchpad.net/bugs/852847
<uvirtbot> New bug: #852910 in php5 (main) "PHP Magic Quotes Fails to Protect mysqli_fetch_assoc" [Undecided,Confirmed] https://launchpad.net/bugs/852910
<uvirtbot> New bug: #852913 in php5 (main) "PHP trim()/ltrim()/rtrim() Interruption Information Leak Vulnerability" [Undecided,Fix released] https://launchpad.net/bugs/852913
<uvirtbot> New bug: #852916 in php5 (main) "http://php-security.org/2010/05/31/mops-2010-054-php-zend_concatzend_assign_concat-opcode-interruption-information-leak-and-memory-corruption-vulnerability/index.html" [Undecided,Fix released] https://launchpad.net/bugs/852916
<uvirtbot> New bug: #852865 in php5 (main) "strrchr() functions information leak" [Undecided,Confirmed] https://launchpad.net/bugs/852865
<uvirtbot> New bug: #852907 in php5 (main) "PHP Iconv Improper Handling of Unrecognized Encodings" [Undecided,Fix released] https://launchpad.net/bugs/852907
<Dulcin> is setting the /var/www mode to 755 secure enough?
<uvirtbot> New bug: #852853 in php5 (main) "CVE-2010-2101" [Undecided,Fix released] https://launchpad.net/bugs/852853
<stiv2k> ok wtffffff
<stiv2k> i dont understand why this keeps happening
<stiv2k> every morning at ~5:45am, my server gets a dhcp address from my router... even though it's configured static in /etc/network/interfaces and also configured static by wicd
<stiv2k> and i have to unplug/replug the network cable to make it get a static address again
<stiv2k> suggestions?
<lynxman> smoser: ping
<adam_g> lynxman: lol
<lynxman> adam_g: hm? :)
<adam_g> lynxman: cloud-init?
<lynxman> adam_g: lol, yes
<lynxman> adam_g: where are you
<qman__> stiv2k, make sure it's configured in /etc/network/interfaces, then sudo ifdown, find and kill any DHCP processess still running, then sudo ifup
<adam_g> lynxman: back row.
<qman__> also, if you have networkmanager, remove it
<lynxman> adam_g: I'm 2nd row
<stiv2k> qman__: i dont have networkmanager but i use wicd
<qman__> I don't know anything about wicd
<stiv2k> holy fuck
<stiv2k> i think the apocalypse is happening
<qman__> but the above process will resolve any other rogue DHCP configurations
<stiv2k> qman__: ill show you my interfaces file
<stiv2k> qman__: http://fpaste.org/MFu1/
<stiv2k> no ip info there, i let wicd get the static ip
<qman__> well, you have to configure an address
<stiv2k> wicd does it
<qman__> like I said, I don't know anything about wicd
<stiv2k> ok
<stiv2k> well, i pretty much did everything you said EXCEPT i never issued ifdown and ifup commands
<stiv2k> and
<stiv2k> i wouldn't know which processes are dhcp processes
<qman__> dhclient mostly
<stiv2k> aha
<qman__> it's very persistent that once it's run, it'll stick around and keep renewing it
<stiv2k> thats probably where my problem is
<qman__> unless it is killed off, it'll override your static configurations
<stiv2k> root     32240  0.0  0.0   2548   792 ?        Ss   Sep20   0:02 dhclient3 -e IF_METRIC=100 -pf /var/run/dhclient.eth0.pid -lf /var/lib/dhcp3/dhclient.eth0.leases eth0
<stiv2k> ^
<qman__> the ifdown/up process does that
<stiv2k> okay
<qman__> so does a reboot
<stiv2k> yeah never rebooted since installing
<qman__> provided it's configured properly, at least
<stiv2k> 38 days, 12h ago
<stiv2k> ok this should resolve it then
<stiv2k> im going to ifdown ifup
<stiv2k> brb
<qman__> it's always a good idea to reboot a new server at least once after it's set up, to make sure it comes back online
<qman__> because it will inevitably reboot when you're not around to fix it
<stiv2k> ok
<stiv2k> wtf
<stiv2k> qman__: after ifdown/ifup, the process is still there
<qman__> that's what the other bit was for, sometimes they're stubborn
<qman__> ifdown, kill manually, ifup
<stiv2k> ah
<stiv2k> ok
<qman__> if it comes back, something is misconfigured
<qman__> if not, you're good
<stiv2k> i think i goti t now
<stiv2k> got it*
<smoser> lynxman, what is up ?
#ubuntu-server 2011-09-24
<lynxman> smoser: one of the AWS guys openly praised cloud-init in an awesome talk at puppetconf, thought you would like to hear it
<smoser> :)
<smoser> cool
<gibbs> Hi. I've used rsync to copy over Maildir email accounts to a new server. Will email clients re-download emails from the new server? I am not too clued up on email
<patdk-lap> gibbs, that depends on many things
<patdk-lap> what server do you use?
<gibbs> ubuntu 10.04 LTS
<patdk-lap> doesn't sound like an email server to me, but an os
<gibbs> I'm just concerned clients are going to get flooded with old email
<gibbs> oh sorry lol, its late
<gibbs> dovecot
<gibbs> and postfix MTA
<patdk-lap> and the old server was using?
<gibbs> the same
<patdk-lap> then as long as you copied all the dovecot.* files, and configure it the same your ok
<patdk-lap> http://wiki.dovecot.org/Migration
<Jasonn> qman__: You around?
<patdk-lap> you need the UID's to stay consistant
<gibbs> ah that's ideal. thanks for the lead patdk-lap.
<patdk-lap> ya, that is for non-dovecot to dovecot though
<patdk-lap> don't see a dovecot to dovecot one, cause I think it's assumed you read the manual :)
<patdk-lap> but it's simple :)
<gibbs> i haven't encountered any problems. just on the look out for "gotchas" :)
<patdk-lap> ya, I converted all my maildir's to mdbox
<patdk-lap> and was forced to redo all my uid's
<gibbs> yeah I had to do that but vice-versa at one stage
<jseongtae76__> Hello, everyone
<jseongtae76__> My, apparmor.d has a problem
<jseongtae76__> I was change mysql directory
<jseongtae76__> error message is .: 35: Can't open /lib/apparmor/functions
<Jasonn> do you have permission to open it?
<Jasonn> jseongtae76__: ^
<Jasonn> qman__: You around man?
<jseongtae76__> Jason, Do you want die?
<jseongtae76__> Jason, Hey, comeon
<jseongtae76__> Jason, Hey, come on
<jseongtae76__> Jason, hey, fucker
<jseongtae76__> Jason, hey come on yo
<jseongtae76__> Jason, fucker bye
<Jasonn> uhh
<Jasonn> saving HIS ip
<uvirtbot> New bug: #857987 in amavisd-new (main) "package amavisd-new-postfix 1:2.6.5-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/857987
<koolhead17> hi all
<uvirtbot> New bug: #858102 in libcgroup (universe) "cgroup service prevents VMWare services stopping" [Undecided,New] https://launchpad.net/bugs/858102
<Dulcin> How are the rights a user has when using SFTP set?
<wooy> Hi, I dont have ubuntu question, rather server hw oriented. My favourite bittorrent tracker just announced they are going to buy new server for $14,000. It seems pretty expensive, considering they are serving (not more than) 200,000 users. They run only tracker, website and forum. Lot of small http requests and no big data transfers. Is it reasonable price?
<Dulcin> no its not
<Dulcin> 200,000 active users?
<wooy> 200k registered users, i think they wont have more than 150k active users.
<Dulcin> well its hard to say, but they can buy a reasonable server for 14k
<Dulcin> so perhaps they expect to grow
<wooy> Well maybe, from what i can say, there is not much space to grow. They are getting in performance troubles just once a day in the highest peak, and thus they decided to buy new server (just for the peak). I am wondering if they took a look at amazon web services or similar...
<Dulcin> well it makes sense if your server cannot handle it you are going to buy a new service
<Dulcin> and amazon's web services aren't all that either
<Dulcin> why is it a problem
<Dulcin> are they asking to donate?
<Dulcin> that's about $0.10 per active user
<Dulcin> not bad :)
<wooy> Ive just read that admin is thinking of blade server from IBM. Yeah they ask to donate and I could get rid of feeling he's going to buy the server and new car for him  as a bonus :D
<Dulcin> :) maybe so, but who cares if they are the guys keeping the community running?
<Dulcin> 14k for a blade server seems fair btw
<wooy> Anyway, he sells 1 year subscription for $1. What price is that? If he set  it bit higher he could earn fortunate and new server... :)
<Dulcin> well if there's 150k active users, with 150k a year he should be able to afford it easily :)
<Dulcin> and his new car, salary and house :P
<wooy> right?! :D
<Dulcin> but is he reselling something?
<Dulcin> maybe he loses a lot in data traffic
<Dulcin> because 1$ per user is not that much taken over a year
<wooy> reselling what for example? He pays approximately $1200 for internet connection.
<wooy> Well no one would blame him to rise the price above $5. For some reason, he doesnt want to.
<Dulcin> users are more easily convinced to register for 1$
<wooy> I know, but if i were the admin i would not try to get as much users as i can, but rather as much profit as i can.
<wooy> Well i guess he got his reasons... Thx for the chat.
<sampiale> Hello
<uvirtbot> New bug: #858247 in samba (main) "Mounting SMB:// shares from a Mac, via GVFS, doesn't allow copying of data in either direction" [Undecided,New] https://launchpad.net/bugs/858247
<padhu> MiniHOWTO is needed for simple & easy mail server configuration on ubuntu 10.04 for private LAN
<ikonia> padhu: please don't cross-post, I've already responded in #ubuntu with help
<padhu> ikonia: sure, but it is server, That's why :-)
<ikonia> padhu: sure, but I've already responded with help, so no need to cross-post it
<padhu> okey...
<padhu> ikonia: Is iti suitable for LAN network. My need is 15 to 100 users, 2MB attachment. That's all
<ikonia> yes
<padhu> what is the combination?
<creatorbri> Question: My server was hacked a few days ago and a large volume of data appears to have been downloaded, based on Linode activity logs. Is there some way to figure out what was actually downloaded?
<qman__> creatorbri, not with any certainty
<qman__> if they used HTTP it may still be in the logs, but otherwise, it's probably unlogged
<qman__> proper auditing is resource heavy, so it's not usually set up
<creatorbri> qman: thanks
<Daviey> smoser: around?
<tarvid> i want to build a vm like my Ubuntu 10.4.3 web server which I can hand to coients for use to backup and as a sandbox for their websites
<tarvid> current thought is virtualbox 256MB 4.7GB disk 32bit
<tarvid> Does that make sense?
<tarvid> the goal is to run on the most ubiquitous host machine
<uvirtbot> New bug: #858493 in ntp (main) "By default ntpd listens on all interfaces" [Undecided,New] https://launchpad.net/bugs/858493
<vilho> does anyone have an explanation why pppd throws up these errors: http://paste.ubuntu.com/696353/ - I'm using version 11.04 (32 bit)
<KM0201> well, it looks like its saying /dev/ppp does not exist
<spacechicken> hi - I'm trying to install 10.04 server. I keep getting a setup failed error on the set up users step. Can anyone help with that?
<efxhoy> describe your problem?
<KM0201> you're getting a "failed" on setting up users?... .thats a first
<spacechicken> yeah - I've spent a fair bit of time getting the partition table all set up (RAID, LVM, the lot) and now I keep getting this error
<spacechicken> I am asked if I want to set up shadow passwords, then root user config, then normal user config then it fails out with a red screen
<spacechicken> then drops me back to the main menu
<KM0201> root user config?.. are you installing ubuntu server?
<spacechicken> I've tried using and not using shadow passwords, allowing and not allowing root user login, creating and not creating normal users - all the same result
<spacechicken> I am installing ubuntu server
<KM0201> i dunno, i'd say you'r edoing something wrong
<spacechicken> any idea what?
<efxhoy> im no pro but why don't you finish the install with just one user and add more users later?
<spacechicken> If I could get past that step I would
<efxhoy> faulty install media maybe?
<DeltaEpsilon> how do I create an admin account on my ubutnu serber?
<DeltaEpsilon> server
<koolhead17> DeltaEpsilon: ?
<TheEvilPhoenix> koolhead17:  he needs to create a user and give them sudo access
<TheEvilPhoenix> (to translate into Linux-speak)
<koolhead17> DeltaEpsilon: man sudoers and then do changes in /etc/sudoers
<koolhead17> :D
<koolhead17> TheEvilPhoenix: :D
<TheEvilPhoenix> koolhead17:  he's not sure of how to add the users  though
<TheEvilPhoenix> he's probly a CLI newbie or smth
<TheEvilPhoenix> or just doesnt know enough CLI
<TheEvilPhoenix> tbpfh
<TheEvilPhoenix> i dont even know the syntax offhand
<TheEvilPhoenix> they'll need a guiding hand ;P
<koolhead17> TheEvilPhoenix: in that case should not jump to servers :D
<TheEvilPhoenix> koolhead17:  +1
<TheEvilPhoenix> in any case, they need help ;P
 * TheEvilPhoenix is busy fixing KDE so meh
 * koolhead17 loves kde
<Pici> DeltaEpsilon: just drop the user into the admin group to grant them sudo access.
<koolhead17> hey Pici
<DeltaEpsilon> is it a good idea to use svn for backup purpose?
<TheEvilPhoenix> no
<DeltaEpsilon> why?
<koolhead17> Daviey: am going to trouble you in understanding role based access control in case am stuck, #openstack
<TheEvilPhoenix> never use version control systems for backups, in my opinion
<TheEvilPhoenix> always make physical backups
<DeltaEpsilon> why not? it is good to have sevral verison so you can nroll back
<TheEvilPhoenix> either .tars or actual clones of the system
<DeltaEpsilon> easily!
<TheEvilPhoenix> DeltaEpsilon:  svn is inherently insecure
<TheEvilPhoenix> you know, i'm too busy to explain, but IMHO you should never use version control for backups
<DeltaEpsilon> TheEvilPhoenix, svn over ssh is secure
<koolhead17> DeltaEpsilon: man rsync
<TheEvilPhoenix> its too much like Windows
<TheEvilPhoenix> which is a crappy system as it is
<DeltaEpsilon> TheEvilPhoenix, what do you think? svn over ssh
<TheEvilPhoenix> i told you my opinions
<TheEvilPhoenix> btw, trying to change my opinion wont help you
<TheEvilPhoenix> it'll just annoy me ;P
<koolhead17> gudnyt guys!!
<TheEvilPhoenix> if you 100% tunnel your connection via SSH then MAYBE
<efxhoy> is it possible to clone a running system with dd? I've done it from a live-cd but never from inside the running system. I used dd then
<TheEvilPhoenix> but only use an svn server you run yourself
<DeltaEpsilon> just bought a vps 50GB storage for 5usd a mmonth
<DeltaEpsilon> too cheap?
<mfranz> exit
<uvirtbot> New bug: #858554 in nova (main) "keypairs missing following upgrade" [Undecided,New] https://launchpad.net/bugs/858554
<DeltaEpsilon> svn over ssh is really slow
#ubuntu-server 2011-09-25
<b0nghitter> i hope it would be possible for ubuntu server 10 to be supported by cpanel.. hopefully the devs could contact them and get it going..
<b0nghitter> i was forced into using centos for now. very disappointed..
<uvirtbot> New bug: #858644 in drbd8 (main) "DRBD Linux Headers Required" [Undecided,New] https://launchpad.net/bugs/858644
<KM0201> why is it that sudo fdisk -l always shows my /dev/md0 as not having a valid partition table?
<KM0201> i formatted it as ext4, before install
<qman__> md raid devices don't have partition tables, normally
<qman__> they either have LVMs or filesystems
<KM0201> qman__: oh ok
<KM0201> well, it has a filesystem (i can read/write to it no problem)
<KM0201> i jus tthought that was a weird output ... guess i was wrong.
<KM0201> tx
<koolhead17> hi all
<uvirtbot> New bug: #344613 in eucalyptus "NC reports failed AttachVolumes in DescribeInstances" [Critical,Fix released] https://launchpad.net/bugs/344613
<uvirtbot> New bug: #344620 in eucalyptus "Volumes marked as "deleted" cannot actually be deleted" [Critical,Fix released] https://launchpad.net/bugs/344620
<uvirtbot> New bug: #345004 in eucalyptus "add missing config flag for disabling block storage" [Critical,Fix released] https://launchpad.net/bugs/345004
<uvirtbot> New bug: #347629 in eucalyptus "in SYSTEM mode, CLC tries to discover elastic IPs from CC even though elastic IP support is not enabled in SYSTEM mode" [Critical,Fix released] https://launchpad.net/bugs/347629
<MACscr> my ubuntu server is running as a xen pvm and its having major time issues, look how fast the time is moving here: http://screencast.com/t/TbiEYeMMRIJ
<Abhijit> hi
<Abhijit> help
<Abhijit> apache and phpmyadmin are running but still php scripts are not being parsed firefox ask to download. this is local server. help please
<Abhijit> itsa  lamp on lucid 64 bit
<andygraybeal> MACscr, i like how 11 seconds went by after one second :)
<MACscr> andygraybeal: i know, its screwed up. THe clock is already 2 hours ahead and i just set it 20 or so minutes ago
<MACscr> any ideas?
<Abhijit> apache and phpmyadmin are running but still php scripts are not being parsed firefox ask to download. this is local server. help please
<andygraybeal> MACscr, no man, i have no idea
<andygraybeal> i don'yt know much about any of this
<GG111> greetings all,  I got a real bad one with PopTop , ( PPTPD),  "
<GG111> "  GRE: Bad checksum from pppd " is the error, cannot connect  ( after being able to ) from XP and Win7 machines to my PPTP server .
<archayl> hi, how do i make ubuntu samba wins server to appear in network browsing through pptp? i'm able to access using unc but the name doesn't seems to be broadcasted. tq.
<RoyK> archayl: wins may help
<RoyK> archayl: windows traditionally uses smb broadcasts to locate services, and those broadcasts may not be forwarded over the tunnel. wins is the old name resolution system. later versions (from win2k etc) have changed this to using dns
<archayl> RoyK: i've already made smbd as wins server. I've used nblookup in windows and found the wins server using netbios name. should i look into dns for network browsing purpose? trying to access from windows 7.
<RoyK> win7 is set to use the particular wins server?
<archayl> RoyK: in the connection status for pptp connection it states the IPv4 WINS server. tcpdump states that there are netbios communication happens in the tunnel.
<archayl> RoyK: one of them http://dpaste.com/620658/
<koolhead17> RoyK: howdy
<archayl> RoyK: query using nblookup which returns as expected (tcpdump) http://dpaste.com/620664/
<RoyK> archayl: does ipconfig /all return the wins server?
<RoyK> it may have to be set in the windows network config
<archayl> RoyK: yup, it's there http://dpaste.com/620668/
<RoyK> sorry, don't know then
<archayl> RoyK: thank you anyway for trying to help me :)
<RoyK> np :)
<mfranz> has anyone ever got PXE boot working with through a KVM created through virt-manager?
<mfranz> I'm sniffing on the network and never even see the DHCP request go out
 * RoyK just bought a AOC-SAT2-MV8 over ebay for $38
<RoyK> good for a home server :D
<x404x> do i need postfix to have ubuntu email reports ?
<RoyK> x404x: you need an mta, postfix is good for that
<juliux_> hi, i have a problem with adding something to my ldap as non admin user, you can find everything on http://paste.ubuntuusers.de/402882/ what have I done wrong with my acl's?
<maxb> olcAccess: {2}to * by dn="cn=admin,dc=juliux,dc=de" write by * read
<maxb> takes precedence over what follows it
<maxb> The "to * ... by * read" matches everything, so nothing after that in the ACL will take effect
<maxb> juliux_: ^
<juliux_> maxb: ok
<juliux_> maxb: so the solution would be to change the order of the acl's?
<maxb> yes
<juliux_> maxb: what would be the easiest way to do this?
<maxb> I don't know... I greatly dislike the slapd.d/**.ldif configuration model, and stick with a plain slapd.conf myself
<juliux_> maxb: :D
<juliux_> maxb: also if i delete the  to * by dn="cn=admin,dc=juliux,dc=de" write by * read
<juliux_> it is not working
<b0gatyr> hello, I have a perl script that uses IO::Socket::INET and when executing I get this message: Your vendor has not defined Socket macro SO_REUSEPORT, used at /usr/lib/perl/5.10/IO/Socket/INET.pm line 193
<b0gatyr> any clues?
<LinuxAdmin> Hi, I forgot a KVM VM password, but I can mount it's filesystem with kvm-nbd on a local folder
<LinuxAdmin> what do I do next to change the password?
<LinuxAdmin> I already upload ssh certificate to .ssh/authorized_keys, to try login with passwordless, but it didn't work
<LinuxAdmin> what can I do next?
<LinuxAdmin> I can mount it on a local folder in the host
<ersi> Can you or can you not mount the filesystem?
<ersi> If you can, just change your password in /etc/shadow
<LinuxAdmin> yes I can
<LinuxAdmin> but /etc/shadow is encrypted and the same password on different hosts give different hash result and I'm afraid of copy from another host
<ersi> It's alright to copy it from another host
<ersi> It's supposed to be different, since it's a salted password
<ersi> if it's the same, it's bad.
<LinuxAdmin> why does the same password give different hash?
<LinuxAdmin> on different hosts...
<ersi> because extra information is added, to make the hash different
<ersi> so that some wiseguy can't make a huge list with "password1 = this hash, pass2 = this hash"
<LinuxAdmin> and will it work copy and past from another host?
<ersi> Yupp. You could copy the old file so that you'll have it later if you want to
<LinuxAdmin> ok, I'll try it. Thanks
<LinuxAdmin> I give feed back in a minute
<ersi> np :)
<LinuxAdmin> ersi, it doesn't work, I already restart VM but I can't login. any more ideias?
<LinuxAdmin> I already did this in a physical machine, I boot from a live cd, chroot to the right mounted folder, and passwd the user account
<LinuxAdmin> I'm afraid of doing chroot on the VM host
<LinuxAdmin> any more ideias?
<ersi> You could just reboot the virtual machine, press edit when it boots and add init=/bin/bash to your bootline
<ersi> that'll hax your way into the machine and you can 'passwd <user>' it like usual
<LinuxAdmin> press edit? Portuguese keyboard does not have that key
<LinuxAdmin> when I used lilo a few years ago, after I choose the kernel to boot I would write single and I could single-user (root), now I don't know how to do this
<LinuxAdmin> it's in grub I suppose
<cloakable> the grub menu will tell you how to edit entries
<LinuxAdmin> I think I'll try to boot VM from a live CD and chroot it as I would with physical machines
<LinuxAdmin> I think this should work
<LinuxAdmin> I'm a little bit disappointed because I can access file system and this should be enough :(
<LinuxAdmin> ersi, I tryed to copy /etc/shadow line of the same user, from different VMs with same user/password, restarted the VM, but login fails
<LinuxAdmin> Any more ideias? I think I'll restart VM from CD and use a live CD to chroot and passwd user
<LinuxAdmin> I can't find any other option
<LinuxAdmin> I'm just a little bit disappointed because I can access file system :(
<Dulcin> Hi, I'm wondering, I just enabled the rewrite module for apache, and restarted apache, but mod_rewrite still doesn't seem to work?
<Dulcin> any idea what this could be?
<Dulcin> ah, had to allow it in the config file for the vhost as well in apache
<Dulcin> thanks!
<x404x> what is the best way to ensure file integrity ? I want a script to check weekly all files and report bad/changed ones by email , is sfv good enough for this ? or should i use sha1 or something similar ? the sha1 i use makes different checksums for windows and linux and are thus not compatible, what software packages are most useful for this purpose ?
<x404x> I am also thinking of putting all the check files on a mirror on the os disk to not clutter up the file drive too much
<mfranz> well one way (which not only reports) but changes them is to use puppet to enforce that only the right versions are installed (primarily for config files)
<mfranz> x404x: also "apt-cache search iwatch"
<mfranz> and "apt-cache search inotify"
<x404x> can puppet change the windows sha1 files into ones usable for linux ?
<mfranz> no, so you want something cross platform?
<mfranz> if you need something cross platform there is the closed-source/commercial versions of tripwire
<x404x> it would be a big plus if it could use existing sfv and sha1 files to check
<mfranz> what is sfv?
<x404x> I guess i could do a sha1 check in windows and the nuke those files and put in something for linux
<x404x> its the most common crc file used http://en.wikipedia.org/wiki/Simple_file_verification
<x404x> most of my older files have these already
<x404x> hm ill look into inotify and iwatch
<x404x> seems theres a ton of utils there to mirror and check stuff
<mfranz> those are just for monitoring (vs. deviation from a known good signature)
<mfranz> BTW
<x404x> im mostly interested in mirror any file thats not there already to a backup server and check for integrity if a drive starts failing
<mfranz> inotify is kernel-space so that is nice, no daemon or agent running hash checks
<x404x> hm rsync might work to mirror drives
<mfranz> hehe, yeah (there is also something called lsyncd)
<x404x> i see
<x404x> another congress liberary of docs to read lol
<dassouki> is there a web app that one can host on their server to design uml and allow teams to build/design umls
<mfranz> I think that is basically just inotify+rsync
<mfranz> haven't tried it though
<x404x> no man for iwatch
<x404x> when i installed ubuntu 11.04 i got a different desktop than the one im used to from 10 something, can i change that ?
<guntbert> !classic | x404x
<ubottu> x404x: The default interface in Ubuntu 11.04 is !Unity. To switch back to regular !GNOME: log out, click your username, click the Session box at the bottom of the screen, and select "Ubuntu Classic".
<x404x> here i need to open +apps and scroll forever just to open a terminal window
<guntbert> x404x: why are you asking that in #ubuntu-server ?
<x404x> well thats what im building hehe
<guntbert> x404x: with a desktop environment? if you say so,...
<x404x> hm yes i though it odd that id did not ask me for that
<x404x> maybe i should get ubuntu server version ?
<x404x> anyway some utils are gui based so i need something to handle that anyway
<x404x> just text based wont do for all utils
<guntbert> x404x: I don't know what you want/need but *this* channel is intended for the server version
<x404x> if i logout will that stop a copy operation i have going ?
<guntbert> x404x: if you didn't employ screen, yes
<LinuxAdmin> ersi, I copyed /etc/shadow respective line from other host and now it's working, now I can login. thanks
<LinuxAdmin> I was mounting another VM, that's the reason why it wasn't working :)
<x404x> hm I guess it never occured to me to get the server version (blush) maybe i should try that instead, does that use gnome as default ?
<x404x> well im building a fileserver to hold most of my files in a central place instead of over a lot other pcs, since im tired of replacing and checking for files that go bad when drives wear out it should have some good integrity checks for that and also another server as a backup for the first one
<x404x> now i have several dozen drives in pcs all over and its hard to find something i need lol
<x404x> kinda neat with hotswap cages ;=)
<x404x> a lot more neat than the old stack where i had to dismantle the whole box to change a drive
<patdk-lap> sounds like a case for zfs :)
<x404x> hehe if it was easyer to replace drives in a raid when they fail i would agree
<patdk-lap> easier to replace?
<x404x> but i tryed for days and finally gave up, also the 2+ days to resync the raid is not fun
<patdk-lap> didn't know drives in a raid are hard to replace, normally I just pull out bad one, insert new one, click, rebuild
<x404x> yes to get the system to accept the new drive and rebuild it
<patdk-lap> there is no way to get around rebuild time
<patdk-lap> except to have a faster drives
<x404x> I tryed that but it failed
<x404x> coz the drives are not identical
<x404x> used a 3ware controller
<patdk-lap> they don't really have to be identical, they just have to be larger
<x404x> I tryed anything to make the new drive identical to the old including dd the whole drive to copy it , but still no deal, I found no way to make it work again
<x404x> i ended up with the broken raid and a new drive alone
<x404x> i had a lot of power failures here also and in the end I found raid to be not fun to play with
<x404x> although im impressed i managed to reconver all the data from it even after all the mayhem
<x404x> I still havent got my ups running
<x404x> single drives are easyer to handle if somthing goes wrong
<x404x> and as storages gets bigger the recovery will wear out new drives before its done
<x404x> I read raid5 and even raid6 is becoming obsolete now
<twenty2two> hi all...i am running g-apps for my mail server, but am trying to get the contact forms to work on the actual server...does anyone know the process? do i need to just add postfix/will that interfere with g-apps mail?
<x404x> by the time it runs again another drice is sure to have failed
<arooni-mobile> i'm trying to figure out why i'm not currently able to receive paypal notifications on my web app server.  i am in the paypal sandbox but i can't get a paypal notification to be sent to my server "IPN delivery failed. Unable to connect to the specified URL. Please verify the URL and try again." ... is there a way to see if any ip addresses have been banned etc?
<lenios> try a wget URL
<x404x> whats a good program to compare directory trees to see if all files are identical to a backup ?
<jeeves_moss> is there a way I can thin out my configs and fix the "relay not premitted" errors that I'm getting?  postconf -n=http://pastebin.com/JxyCMen3   http://pastebin.com/ENHnVqrT      http://pastebin.com/M9F0tpNK
<arooni-mobile> i'm trying to figure out why i'm not currently able to receive paypal notifications on my web app server.  i am in the paypal sandbox but i can't get a paypal notification to be sent to my server "IPN delivery failed. Unable to connect to the specified URL. Please verify the URL and try again." ... is there a way to see if any ip addresses have been banned etc?
<JamesT_> Hi, I am having trouble connecting my ubuntu server macine to my university campus wifi. The details we are given about the network are here: http://www.ucc.ie/en/sit/network/wireless/tech/ This is my wpa_supplicant.conf http://pastebin.com/WnrpP3j5 It seems to be connecting (according to iwconfig). But dhclient doesnt work.)
<arooni-mobile> hi folks;  i just bought a mobile broadband wireless card.  it give me an ip address of x.x.x.x;  i'd like to make it so i can access my web app via http://ip-address-of-moile-wifi-card:80  ; or http://ip-address-of-moile-wifi-card:3000 ... i'm running ubuntu linux 11.04; is this possible?
<cloakable> arooni-mobile: depends on if the IP is behind a NAT; many mobile broadband ip's are.
<arooni-mobile> cloakable, how would i find out
<cloakable> arooni-mobile: look at the ip address. Is it in the RFC private address space?
<cloakable> arooni-mobile: http://en.wikipedia.org/wiki/Private_network#Private_IPv4_address_spaces
<drapedup> anyone recommend a good, recent php/mysql book ?
<Ash-Fox> If I wanted to setup a port forward in Ubuntu server, do I just write a simple script with my iptables rules that cron launches on @reboot, or does Ubuntu have some specific firewall system that I /should/ be using instead?
<ChmEarl> Ash-Fox, same as other distros, try using iptables-restore
<Ash-Fox> Alrighty, thanks.
<talntid> I have an Ubuntu Server, and when I try to ping a host (google.com, for example)... it immediately resolves to IP, but the pings don't start happening for like... 4 seconds..  then they have 23ms response times.... what could be slowing this down?
<talntid> and its like 3-4 seconds between each ping response.. but the latency is low
#ubuntu-server 2012-09-17
<three18ti> AlphaWolf, sorry for abandoning you earlier, had to do my real job.  doesn't look like you're still around but I hope you got it figured out.
<danawar2> Hey #ubuntu i have a server and a user connects to that server types some commands via ssh then clears thier bash history, is there any way to recover that bash history
<qman__> no
<linocisco> hi all
<pythonirc101> what's the pro/cons of running debian server vs ubuntu server ?
<koolhead17> hi all
<lordievader> Good morning
<jamespage> morning all
<lordievader> Hey jamespage, how are you?
<jamespage> good thanks lordievader - hows your monday so far?
<lordievader> jamespage: Just woke up, but so far pretty good. Got tea :)
<randomDude> http://kuvaton.com/browse/23550/pizza_rolls_cooking_instructions.jpg
<randomDude> oh woops
<lynxman> morning jamespage o/
<jamespage> morning lynxman!
<TREllis> morning lynxman
<TREllis> :)
<lynxman> TREllis: morning good sir!
<jamespage> hey TREllis
<TREllis> afternoon all :)
<rbasak> Could someone please check that I'm not missing something? It's RTC related. In http://paste.ubuntu.com/1210813/ line 5 was not what I expected. What am I doing wrong? Is this a hardware bug?
<koolhead17> hi all
<knxville> Hello, I got a ubuntu server running where my 3 video surveillance cameras record to. It takes a picture every second there is movement. This leads to thousands of pictures. Do you guys have any recommendations to sorting these pictures in some way, so it is easier to look through?
<knxville> This might be the wrong channel, but I have no idea where to ask.. I was thinking of some sort of software that organized the pictures.. At the moment I just made a bash script that zips all pictures, and another that deletes pictures that are 30 days old or older..
<rbasak> convert them to video perhaps? Look up mjpegtools, libav, ffmpeg for some tools
<balboah> how do you disable ipv6 alltogether? Tried sysctl as http://www.noobslab.com/2012/05/disable-ipv6-if-your-internet-is.html but that didn't make a difference
<balboah> ah maybe the module blacklist should help
<balboah> nope still got tcp6 in netstat -na
<knxville> rbasak: yeah that might be a solution, problem is, I wouldn't get a timestamp on the video, so you wouldn't know what time of the day it is. I think perhaps a solution would be a script that takes files and puts it in the folders according to what day it is recorded.
<rbasak> Do you know about http://www.lavrsen.dk/foswiki/bin/view/Motion/WebHome ? Does all of this for you. Pretty astonishing that other solutions can't insert timestamps into captured frames!
<rbasak> If you have the information you could superimpose a timestamp into the frames yourself though
<rbasak> http://www.imagemagick.org
<rbasak> specifically http://www.imagemagick.org/Usage/draw/#text
<knxville> rbasak: woow! I will look into that! Thanks
<knxville> rbasak: You might not know, but in case, why is there a ; in front of some of the options in the motion.conf file?
<rbasak> I don't know, but at a guess a ; means a comment in there perhaps?
<knxville> well # is used elsewhere..
<knxville> You're right.. ; is in from of options with parameters, # is for regular comments.. most login, username and other options is commented with ; so it doesn't break the config file
<DoomGuy> hello all
<DoomGuy> is there any problem with installing apache in ubuntu server 12.04
<DoomGuy> after installing apache in my remote server and access it from my browser I got this message
<DoomGuy> Forbidden
<DoomGuy> You don't have permission to access / on this server.
<chris||> DoomGuy, that means your apache is running, you just haven't configured it yet/wrong
<DoomGuy> chris||, but the default installation must show me at least the famous message "it works !"
<DoomGuy> chris||, the default vhost is setup and running
<DoomGuy> I am trying to access the page from the internet is that an issue about access forbidden ?
<DoomGuy> all I did is apt-get install apache2... I try to access the page
<doko> kirkland, is there a FFe for anerd?
<ogra_> a nerd ?
<ogra_> :)
<doko> zul, is there a FFe for websockify?
<zul> doko: i believe so
<zul> doko: gimme a sec
<zul> doko: https://bugs.launchpad.net/bugs/1048679
<uvirtbot> Launchpad bug 1048679 in ubuntu "[needs-packaging] FFE for websockify" [Wishlist,New]
<doko> zul, thanks
<zul> doko: no
<zul> doko: no problems
<zul> hallyn: ping
<koolhead17> zul: https://bugs.launchpad.net/swift/+bug/1051998 Daviey ^^^
<uvirtbot> Launchpad bug 1051998 in swift "Unable to create a container" [Undecided,New]
<hallyn> zul: spu
<hallyn> sup
<zul> hallyn:  did you say there was a cve going in for libvirt?
<rocky> anyone have experience setting up 9p mounts between host and guest vm's (libvirt) ?
<rocky> having difficulty getting it to work and docs online that i can find are kinda vague
<hallyn> zul: it's in
<zul> hallyn:  k cool
<zul> hallyn: thanks...i need to update libvirt in the CA
<hallyn> CA?
<kirkland> doko: sorry, no;  it's targeted for universe, didn't realize I needed one
<kirkland> ogra_: yeah, anerd :-)
<doko> zul, is this going to universe, or main?
<doko> # Degraded functionality if these imports are missing
<doko> for mod, sup in [('numpy', 'HyBi protocol'), ('ssl', 'TLS/SSL/wss'),
<zul> doko: universe
<doko> zul, numpy should be a recommendation, imo. or this the HyBi protocol essential to have?
<doko> you could even hint at this (when the warning is printed)
<doko> ohh, and it's even only for optimization
<zul> doko: it isnt
<doko> zul, why?
<zul> doko: its only used by novnc which we dont really care about in openstack but people use it
<zul> since novnc is in universe as well
<doko> zul: please look at the code. it really is only used as an optimization
<doko> no need for a dependency
<zul> doko: i agree
<doko> ahh, ok
<doko> kirkland, rejecting anerd for now. contains binary files, config.log, etc ...
<kirkland> doko: okay, thanks
<doko> looks like the package doesn't clean
<kirkland> doko: hmm, yeah, I need to add a better automake clean rule
<doko> kirkland, and for the FFe please subscribe ubuntu-release. they seem to be picky about it
<kirkland> doko: ack
<zul> doko:  so did it get accepted?
<doko> zul, now
<zul> doko: cool thanks
<DoomGuy> hello all
<DoomGuy> wired problem..I have a server with a fresh with ubuntu 12.04.. the server can ping any machine in the LAN but the clients cannot ping the server until I initiate the pinging from the server
<DoomGuy> can anybody explain this problem to me
<TheLordOfTime> first question, do you have any firewall rules running?
<TheLordOfTime> on the server
<TheLordOfTime> (might sound stupid, but... :P)
<ikonia> DoomGuy: probably a firewall rule that's connection established only, or something like that
<DoomGuy> TheLordOfTime, No I have no firewall
<DoomGuy> TheLordOfTime,  ikonia when I restart the server, everything looks OK.. clients are able to ping it
<DoomGuy> but later on it doesn't work.. I don;t know why
<ikonia> DoomGuy: are you sure you have no firewall ?
<ikonia> DoomGuy: do the clients have firewalls ?
<DoomGuy> ikonia, nobody has firewall the firewall is the external  ports
<ikonia> the external ports ?
<ikonia> DoomGuy: what OS is the clients running
<DoomGuy> ikonia, Windows 7, Ubuntu 12.04
<DoomGuy> nobody is able to ping the server
<ikonia> DoomGuy: so the windows 7 firewall isn't on ?
<ikonia> DoomGuy: can they do anything else on the server, eg use any other services,
<thierry> hi everyone, i configured an access point on my ubuntu-server image using this tuto ( part 2 http://doc.ubuntu-fr.org/tutoriel/wifi_ad-hoc) , the prob is that i see that in my Pandaboard that wlan0 is connected and that iwconfig returns the correct parameters
<thierry> but i'm not able to find the network on any other device!
<DoomGuy> ikonia, I have doubts on physical cable.. maybe it's the real problem.. because when I changed it everyting works fine
<ikonia> DoomGuy: a cable wouldn't stop "ping" it would either be on the network or off the network
<smoser> kirkland, ping
<kirkland> smoser: pong
<smoser> how would you recommend i initialize byobo for a user with a given set of status notifiactions to run
<kirkland> smoser: just write their ~/.byobu/status for them?
<kirkland> smoser: or do you want to do it system wide?
<smoser> per-user is fine.
<kirkland> smoser: yeah, just write out their ~/.byobu/status for them
<kirkland> smoser: was this a trick question?
<TheLordOfTime> lol?
<thierry> up
<thierry> :)
<smoser> kirkland, well, only that i kind of wanted ot explicitly disable some things.
<smoser> and kind of leave the others be
<smoser> but yeah, i can just specify it
<FFForever> Good morning -- What kernel version is ubuntu server 12.04 packaged with?
<Awaken> cant remember but it's definitely over 3
<FFForever> Do you remember if it's at least 3.4? I'm looking into distros compatible with working on HVM oob
<iqualfragile> Linux vm-fai-ubuntuserver 3.2.0-30-generic-pae #48-Ubuntu SMP Fri Aug 24 17:14:09 UTC 2012 i686 i686 i386 GNU/Linux
<Awaken> i could find out, but my virtu server currently on my desk waiting for a RAID card, and it's REALLY noisy, so I don't want to turn it on :P
<Awaken> what he said :P
<FFForever> thanks iqualfragile, I also just found it on the release notes.
<bjf> i have a quantal ubuntu server install and i'd like to add a ppa to my list of sources. apt-add-repository is not found even though i have installed python-software-properties
<bjf> is that expected behavior?
<iqualfragile> well then: question for you: im trying to get this kerberos-autoconfiguration-thing to work as described in https://help.ubuntu.com/12.04/serverguide/kerberos.html#kerberos-server configuration-point 5
<iqualfragile> there are some bits i should add to my local dns
<iqualfragile> but it just wont blend
<iqualfragile> http://sebsauvage.net/paste/?729504745596ccfe#3ncmoooSfY0L9l0qqJQO9Vy0pICyaSADOYIbNpjYT0U=
<iqualfragile> when trying to combine those two the dns-server just stops working, at least for me.
<iqualfragile> how do i add those enteries the right way?
<thierry> have u tried adding the sources manually? i had that problem but i forget what have i done
<thierry> hi everyone, i configured an access point on my ubuntu-server image using this tuto ( part 2 http://doc.ubuntu-fr.org/tutoriel/wifi_ad-hoc) , the prob is that i see that in my Pandaboard that wlan0 is connected and that iwconfig returns the correct parameters but i cant find the network on anyother device!
<doko> jamespage, do we want to fix the class format issues?
<jamespage> doko, I think so; we said that for quantal backwards compatibility of libraries was important
<jamespage> even if they are not issues in the package in the archive now - as soon as someone uploads a new version it will be
<iqualfragile> hey guys, can you help me figuring out whats wrong with my reverse dns lookup configuration? http://sebsauvage.net/paste/?53ded84c2e97c6ea#QowJWl4cVuooagNLhsHVOnwQOKyGmDx4bKLp0lJh+ew=
<hallyn> highvoltage: bug 529611 - would you be interested in writing a 'transitioning from openvz' section for the server guide lxc chapter?
<uvirtbot> Launchpad bug 529611 in lxc "No Upgrade Path from openvz to lxc available" [Wishlist,Triaged] https://launchpad.net/bugs/529611
<highvoltage> hallyn: I might at least be able to write some things about how to do openvz things in lxc. Actual upgrade path from openvz containers to LXC containers is a lot more tricky.
<highvoltage> (expecially since we can't anticipate what people actually did inside those containers)
<highvoltage> (and especially judging by the hacks I've already seen in some containers :p)
<highvoltage> but yes, sounds like something good for the server guide.
<hallyn> highvoltage: cool, thanks!  i assume you're plenty busy - we can just talk at UDS about it ?
<hallyn> (or of course you can just start if you like :)
<highvoltage> hallyn: sounds good!
<highvoltage> hallyn: I restarted my rlxc efforts based on the python3-lxc stuff (so it's now in python) and called llxc (but I'd still like to call it something nicer once it's more releasable
<highvoltage> hallyn: it currently works well, I still need to package it and write something up about it, I'm planning to do so once I have 0.3 done: https://github.com/highvoltage/llxc
<hallyn> highvoltage: cool :)
<resno> hey yall question
<highvoltage> it could potentially also make the transition from openvz easier. or perhaps just be nice for existing lxc users.
<resno> accessing webmail, you generally use ssl. ssl certs arent expensive are they?
<hallyn> highvoltage: should we schedule a demo session at uds?
<hallyn> (perhaps others can demo their lxc-based things too, andw e can look for commonalities)
<highvoltage> hallyn: good question. it's not particularly exciting from a technical perspective, I wouldn't want to bore people :)
<highvoltage> (but I wouldn't mind showing it if there's a demo session)
<resno> highvoltage: you use lxc?
<highvoltage> resno: yep
<resno> thats one the virtualizers that hasnt been on my radar for whatever reason
<resno> oh, ya its openvz
<resno> right?
<resno> i like proxmox
<resno> debians webgui thing
<highvoltage> openvz is similar to lxc, but they're completely different implementations
<resno> highvoltage: whats the major difference?
<highvoltage> I played with proxmox for the first time last weekend. it's ok. I'd like to do something similar for lxc, at current pace I hope to have something nice'ish by the end of the year.
<highvoltage> resno: openvz is a huge kernel patch, lxc uses technologies that already exists inside the kernel
<resno> gotcha
<highvoltage> (that's pretty much the biggest difference)
<highvoltage> openvz will eventually start using more of the lxc stuff itself, but keep the current openvz userspace tools for that
<resno> but lxc still uses the host for kernel stuff?
<highvoltage> yep
<resno> gotcha
<jan__> Hi. Have a problem with bind9 installation, http://pastebin.com/v9GtuAcW
<jan__> http://pastebin.com/930eY7t0
<iqualfragile> apt-get install -f
<jan__> iqualfragile, thank you.
<iqualfragile> do you know something about bind9-configuration?
<jan__> iqualfragile, did not help. Configuration? Soon, I am going thru the docs found online
<iqualfragile> i guess you have tried apt-get update before
<jan__> iqualfragile, sure thing
<iqualfragile> and check your sources.list
<jan__> iqualfragile, that is the latest output with -f , http://pastebin.com/ZFscgJVp
<iqualfragile> no, just apt-get install -f
<iqualfragile> without a packet
<jan__> iqualfragile, "0 upgraded, 0 newly installed, 0 to remove and 5 not upgraded."
<jan__> iqualfragile, Ubuntu 12.04 LTS, precise
<iqualfragile> so: have you added some additional repositories/ppa's?
<iqualfragile> or did you interupt an previous installation
<jan__> iqualfragile, no additional repositories/ppa's added, no interuption whatsoever
<iqualfragile> apt-get install libbind9-80=1:9.8.1.dfsg.P1-4
<iqualfragile> ?
<jan__> iqualfragile, yeah. Something moved:)
<iqualfragile> repeat for every lib
<jan__> iqualfragile, thanks, much obliged.
<pythonirc101> is anyone using http://www.anandtech.com/print/5850 on their servers by any chance?
<SpamapS> pythonirc101: people still build servers?
<RoyK> home servers, sure
<RoyK> but something meant to be in production, probably not
<pythonirc101> SpamapS: what else?
<SpamapS> Even for home usage..
<SpamapS> http://h10010.www1.hp.com/wwpc/us/en/sm/WF05a/15351-15351-4237916-4237918-4237917-4248009.html?dnr=1
<RoyK> SpamapS: de der stÃ¸tter ikke ECC, sÃ¥ det er omtrent som en pc
<SpamapS> RoyK: no hablo!
<RoyK> like greit Ã¥ kjÃ¸pe et billig hovedkort+cpu+minne og stappe inn store disker i en pc enn Ã¥ kjÃ¸pe de jallagreiene der
<RoyK> oops
<RoyK> wrong language ;)
<RoyK> SpamapS: those things don't support ECC, so better get some el cheapo PC hardware and setup something
<patdk-wk> hmm, two x8, x4 and x1
<patdk-wk> guess the question is, if you use one of the x8 slots does that disable the onboard video?
<patdk-wk> if so, doesn't that make it kind of useless?
<SpamapS> I don't think anybody cares about the video on those :)
<patdk-wk> it helps when diagnosing, and installing :)
<RoyK> patdk-wk: last I checked, those 8x or 16x slots worked well unless I tried to plug an LSI card into them
<Karou1> could somebody lend me a hand?
<Pawki> I need to boot via usb
<Pawki> and can't really figure it out
<morfeu> hi
<Pawki> hi
<morfeu> Pawki Can you help me configure dhcp-server
<Pawki> dude
<Pawki> I wish
<TheLordOfTime> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<Pawki> I can't even get my own server working
<Pawki> :P
<Pawki> my issue is that my old pc won't read the boot.img
<Pawki> and idk what to do the only way I can install is via usb
<Pawki> if somebody could pm me if they can help that would be awesome
<Pawki> until then
<Pawki> ima chill in #ubuntu-ca
<Pawki> anybody?
<sarnold> Pawki: what's your actual question? I've seen a few pleas for help but insufficient details about what you're trying to accomplish, what you've tried, and how that failed. Be precise about what you've tried and how it failed.
<iqualfragile1> TheLordOfTime: jup, but i asked about 3 hours ago and nobody answered till now
<Pawki> basicly I have a older dell
<Pawki> and a sub drive
<Pawki> usb*
<Pawki> I can only install from usb
<Pawki> it has a internet connectio
<Pawki> connection
<Pawki> but for one reason or another will not boot to the usb drive
<Pawki> any ideas?
<sarnold> (a) are you confident the BIOS is set to boot to USB devices? (Not all systems even support it, even if the BIOS has the option -- perhaps yours does not?) (b) are you confident your drive is actually bootable?
<Pawki> drive is bootable
<Pawki> and the bips is able
<Pawki> bios
<sarnold> Pawki: have you tested the drive to boot another system? Have you tried booting a different USB Mass Storage device on your system?
<sarnold> Pawki: is there any chance that your NIC supports bootp or something else friendly that would let you skip the USB end of things?
<Pawki> other usb drives were problenatic
<Pawki> no
<Pawki> now what exactly should be on the drive tho
<Pawki> just boot.img?
<sarnold> best is if you can write it using usb-creator-gtk, it'll Just Do The Right Thing
<Pawki> I have a ubuntu partion on my current pc
<Pawki> but my other pc can only be running ubuntu server
<sarnold> it'll create the bootable stick from whichever ISO you hand it, iirc
<Pawki> perfect tyvm
<Pawki> I will be back wih my results
<GEM> Hello, does anyone know what ports need to be open on the router to access ISPConfig?
<patdk-lap> not really, ispconfig isn't a part of ubuntu
<GEM> I know, but I do not know where else to go.  I have the ISPConfig manula, but I cannot find where it mentions what ports need to be open.
<patdk-lap> that will defently be hard for this channel to answer, as ubuntu doesn't support it, and generally don't recommend using software like that
<patdk-lap> !ISPConfig
<GEM> Why do they not recommend it?
<patdk-lap> cause they are not distro friendly, they do things their way, and then you cause all kinds of issues is you update anything
<patdk-lap> if you even get that far
<GEM> So is there something else comparable Ubuntu suggests?  I am relatively new.
<GEM> I wish people would not make a negative comment without a solution.  I.E. the comment patdk-lap made about ISPConfig
<Pawki> hey
<Pawki> im back
<Pawki> im having a issue with the images i been getting they are all corrupt
<patdk-lap> gem, if there was a solution, I might recommend one
<patdk-lap> as there is none, I will not recommend any
<patdk-lap> and ubuntu doesn't suggest any, why there are none that come with ubuntu
<sarnold> Pawki: the .iso images don't sha1sum validate or something?
<Pawki> pretty much
<Pawki> when i do check disk for errors
<sarnold> GEM: what does ISPConfig _do_? Why do you want to run it? What "native" tools might do the job instead?
<Pawki> its always something
<GEM> Well, first, like I said, I am relatively new to Ubuntu.  It looks as though ISPConfig offers a package that contains an interface for e-mail, websites, etc.  Am I wrong?  Should I really stay way from it?
<patdk-lap> They claim they support ubuntu, ubuntu doesn't claim to support it
<patdk-lap> so you will have to depend on them for your support
<GEM> Gotcha
<GEM> It's not that it is a problematic app, it's just not "supported" by Ubuntu.
<GEM> Vecause I tried to Goolge complaints, issues, concerns, etc. about ISPConfig
<patdk-lap> those types of apps tend to cause problems
<patdk-lap> cpanel/plesk/webmin/...
<GEM> Cpanel is better?
<sarnold> GEM: what does it mean to "contain an interface for email, websites, etc"?
<sarnold> GEM: does it provide something like kmail and chrome?
<sarnold> GEM: or does it provide something to write nginx and postfix configuration files?
<GEM> Don;t know yet
<sarnold> GEM: hehe. Well, why do _you_ want it? :)
<GEM> My peeps will get a hold of your!  :)
<mklappstuhl> hey people. I have a machine with a process in state "D" which means "reboot to kill" afaik. I need to kill this process. I rebooted the machine but the process is still there. it even has the same PID
<andol> GEM: Zentyal might do some of what you are after, perhaps. If nothing else, it is at least included in the repos.
<sarnold> mklappstuhl: does that process rely upon a dead disk or unreachable network filesystem mount?
<GEM> I guess I am wanting a GUI that I can offer to my clients
<mklappstuhl> sarnold, apparently the machine didnt reboot. at least uptime says so. and yes the process is running on a mounted disk. thats also the reason why I want to kill it
<andol> GEM: If you are relativly new to these things, do you really want to offer hosting services to others?
<sarnold> mklappstuhl: is the process waiting for IO on a dead/dying disk?
<mklappstuhl> sarnold, lol. I did "reboot" and "shutdown -r now" and I always get the "shutting down" message but it doesnt shut down?!
<sarnold> mklappstuhl: hunh, I would hope that after N seconds of waiting politely that the system would reboot regardless.
<GEM> I am in the learning process, that is why I am asking questions.  I do not intend on offering something I know nothing about.  Never have, never will
<mklappstuhl> sarnold, Its an lvm volume. I would not saying that it is dying but I tried to use cat on a file of that fs and than trouble started
<GEM> is cpanel free?
<mklappstuhl> sarnold, that would be around 120 seconds now
<sarnold> mklappstuhl: okay that's plentyh long then. reboot takes a --force option that pokes the reboot(2) system call _directly_. Be careful. Sync and umount all the filesystems yourself before using this. (Be sure to have multiple root terminals open before starting -- you will probably _not_ be able to unmount that wedged filesystem, and it'll probably put that shell into D when you try.)
<xnox> GEM: it's free, doesn't mean it's not evil.
 * xnox cpanel is the most evil thing you can do to yourself
<GEM> xnox, I do not believe cpanel is free
<GEM> I have no problem with free
<GEM> Free is good
<mklappstuhl> sarnold, _all_ filesystems? like / and sysfs and proc?
<xnox> GEM: hm... wp says it's proprietary
<sarnold> mklappstuhl: ah, you can tell my age, I forget about sysfs and friends. :)
 * xnox ponders when did I get the idea that cpanel is free
<xnox> GEM: php is free, yet evil ;-)
<sarnold> mklappstuhl: you can use mount -oro,remount / for root
<GEM> Who's line is "Free is when you don't have to pay for nothing or do nothing, we want to be free, free as the wind"?
<mklappstuhl> sarnold, so I ignore sysfs and friends and just leave those mounted?
<sarnold> mklappstuhl: yeah, no harm there if those are still mounted.
<mklappstuhl> "/" is busy ...
<mklappstuhl> sarnold, how can I remount a busy mount ro?
<sarnold> mklappstuhl: that's where the leap of faith comes in, I'm afraid. :(
<sarnold> mklappstuhl: just hope that your filesystem is in a fairly stable state before you hit that reboot --force. :(
<mklappstuhl> sarnold, what about fuser -v -m /
<sarnold> mklappstuhl: definitely useful
<sarnold> make sure that you've stopped as many processes by hand as you can.
<sarnold> but at some point I think you may just need to leap an reboot.
<mklappstuhl> sarnold, wish me luck
<sarnold> mklappstuhl: good luck! :)
<mklappstuhl> sarnold, yeah, ... reboot -f isn't restarting the machine either
<sarnold> o_0
<sarnold> mklappstuhl: is there anything enlightening in dmesg output?
<mklappstuhl> lots of those:
<mklappstuhl> [2509798.184874] parent transid verify failed on 42250240 wanted 312981 found 313007
#ubuntu-server 2012-09-18
<mklappstuhl> sarnold, what do you think about this: http://hack2live.blogspot.de/2009/07/force-reboot-linux-server.html
<sarnold> mklappstuhl: ah! that's easier than writing a little tiny shutdown program, which is where I was headed next.
<sarnold> mklappstuhl: be sure to echo "s" first to _sync_, then "u" to umount
<mklappstuhl> [2510048.769174] SysRq : HELP : loglevel(0-9) reBoot Crash terminate-all-tasks(E) memory-full-oom-kill(F) kill-all-tasks(I) thaw-filesystems(J) saK show-backtrace-all-active-cpus(L) show-memory-usage(M) nice-all-RT-tasks(N) powerOff show-registers(P) show-all-timers(Q) unRaw Sync show-task-states(T) Unmount show-blocked-tasks(W) dump-ftrace-buffer(Z)
<mklappstuhl> sarnold, I just tried with "b" in the meantime â oops :)
<sarnold> mklappstuhl: any success?
<mklappstuhl> sarnold, dmesg output above. server still running
<mklappstuhl> this is way to fucked up for 2am alread
<sarnold> mklappstuhl (!) maybe you need to enable the sysrq sysctl first? Try sysctl -w kernel.sysrq=1
<mklappstuhl> sarnold, and then echo "s" > sysrq-thing
<sarnold> mklappstuhl: yes
<mklappstuhl> looks like im fucked...any new ssh session isnt responding except for a login message
<IdleOne> Please stop swearing
<sarnold> ouch :/ do you have any serial access? or are you stuck driving?
<mklappstuhl> sarnold, no serial access and I'm in my bed right now so I might just do it tomorrow in the morning
<sarnold> mklappstuhl: ooof. Good luck.
<mklappstuhl> sarnold, thanks for your help... lets see if I'm back in 7 hrs :D
<sarnold> mklappstuhl: sorry we couldn't get it to work; hopefully you can get some sleep this way though :)
<codepython7771> does it help to have a swap on a SSD drive? Is anyone using that here?
<slyboots> codepython7771: You shouldnt really
<codepython7771> slyboots: why is that? glad i asked
<slyboots> SSD's you want to reduce writes where you can.   Plus your better just.. you know, buying more RAM
<slyboots> RAms cheap :)
<slyboots> And faster
<qman__> SSDs are fast, and suited to certain purposes
<qman__> but they're not reliable yet
<qman__> more RAM is always better, and it is cheap
<fdge> with a SSD there are NO signs of impending failure
<fdge> it will just stop working
<qman__> it's still bleeding edge to be sure
<qman__> that said, it does have its uses
<qman__> when speed is everything, SSD is a good choice
<uvirtbot> New bug: #1048770 in juju "juju-origin: PPA will tend to diverge from released versions of juju" [High,In progress] https://launchpad.net/bugs/1048770
<qman__> and they're really nice in laptops for the battery life
<fdge> they are very nice, you just need some form of backup
<uvirtbot> New bug: #529611 in lxc (universe) "No Upgrade Path from openvz to lxc available" [Wishlist,Triaged] https://launchpad.net/bugs/529611
<uvirtbot> New bug: #1049314 in glance (main) "glance-registry package drops incorrect logrotate config" [Undecided,Confirmed] https://launchpad.net/bugs/1049314
<uvirtbot> New bug: #1051942 in dovecot (main) "Upgrade pigeonhole to 0.3.1" [Undecided,New] https://launchpad.net/bugs/1051942
<qcjn> hi, anybody knows about quotas ? i've got error " can't guess filesystem" and "can't find a filesystem to check" but when i do a mount, the "usrquota" is there ?
<uvirtbot> New bug: #1051846 in tomcat6 "tomcat 6 deadlock in connector thread" [Undecided,New] https://launchpad.net/bugs/1051846
<qcjn> thats when i do the quotacheck command
<codepython7771> for running a server, how essential is the RAM be ECC?
<ikonia> codepython7771: nothing to do with a server, that's a hardware requirement
<ikonia> and that's not really anything to do with ubuntu either
<codepython7771> ikonia: is there an easy way to find out if ubuntu is running on ecc or non-ecc?
<codepython7771> also do you use ecc or non-ecc memory for your server?
<ikonia> it's nothing to do with the OS
<ikonia> it's a hardware requirement
<ikonia> codepython7771: research your hardware platform and it will tell you if it NEEDS eec ram or not
<uvirtbot> New bug: #1024595 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Expired] https://launchpad.net/bugs/1024595
<uvirtbot> New bug: #1025349 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1025349
<uvirtbot> New bug: #1025932 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1025932
<uvirtbot> New bug: #1025963 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Undecided,Expired] https://launchpad.net/bugs/1025963
<uvirtbot> New bug: #1052315 in lxc (universe) "lxc-create -t ubuntu always says 'ubuntu' is default user/password" [Low,Triaged] https://launchpad.net/bugs/1052315
<lordievader> Good morning
<linocisco> hi all
<linocisco> hi all
<linocisco> According to this http://iso.qa.ubuntu.com/qatracker/milestones/219/builds, do I have to download .iso file daily?
<Kentos> hey all
<Kentos> getting very slow speeds on proFTP through Filezilla, other LAN traffick methods work well enough (roughly 2Mb/s) though i believe i should be getting a much stronger connection in either case on a 10/100 router connection
<Kentos> what might be the source of a 32KB/s transfer speed on filezilla but getting 2MB/s on other transfers
<theguywithanaxe> lol
<linocisco> According to this http://iso.qa.ubuntu.com/qatracker/milestones/219/builds, do I have to download .iso file daily?
<lordievader> linocisco: That is the daily build, in other words everyday a new version gets uploaded without any testing. Would be strange if you need to download the iso daily, I assume that 12.10 updates daily. However I don't know, I guess you should ask in #ubuntu+1 (I believe that is the channel)
<DoomGuy> this looks wired but true.. I am using ubuntu 12.04 in 3 machines, Ubuntu machines can't ping each other without restarting the network interfaces
<DoomGuy> but Windows machine can ping ubuntu's one
<DoomGuy> can someone tell me what's happening ?
<koolhead17> hi all
<ikonia> DoomGuy: can they use any other services on the machine
<DoomGuy> ikonia, who ?
<DoomGuy> it's 3 different machine : 1 server and 2 clients
<ikonia> DoomGuy: whoever can't ping
<DoomGuy> ikonia, of course !
<DoomGuy> but they work normally
<DoomGuy> ikonia, I am getting crazy really :(
<ikonia> DoomGuy: ok, what services is the server running for example
<ikonia> DoomGuy: (why do you care about ping )
<DoomGuy> ikonia, Git, httpd, mysql
<DoomGuy> it's web server
<ikonia> ok, so they all work fine
<ikonia> so you know there is base network connectivity
<DoomGuy> ikonia,  nothing of them until the ping works
<ikonia> so it has to be ICMP - and the only thing I can see that would behave like that is either a.) wake on lan b.) firewall - allowing established connections
<DoomGuy> but from windows machine everthing woks fine
<ikonia> DoomGuy: so one linux client, one windows client ?
<DoomGuy> ikonia, 2 linux clients and 20~ windows clients
<DoomGuy> ikonia,  the linux machine cannot access any service on the server. windows machine can
<ikonia> DoomGuy: that really sounds like iptables
<DoomGuy> I can do anything I want from a windows machine (ssh, commiting..)
<DoomGuy> ikonia, does Ubuntu server come with iptables configured on it
<ikonia> DoomGuy: yes
<ikonia> DoomGuy: I asked you to check this the other day and you said it had no firewall
<DoomGuy> ikonia,  hmm I will check that to see if any rules is setup
<DoomGuy> ikonia, I didn't touch iptables
<DoomGuy> ikonia, Policy Accept in every chain
<DoomGuy> INPUT, FORWARD....
<DoomGuy> by default it allow anything I guess
<ikonia> can th eserver ping the client
<DoomGuy> ikonia, yess !
<DoomGuy> ikonia, if so then the client  start ping too
<DoomGuy> ikonia, it looks like it's relative to standby functionality
<ikonia> I wonder if network manager is putting the card to sleep
<DoomGuy> if the server is in standby linux client lost connections
<ikonia> ICMP is then waking it up
<DoomGuy> ikonia, maybe it's that !
<ikonia> it's an odd one if it is that
<koolhead17> Daviey: around
<thierry> hi everyone, i configured an adhoc network on my ubuntu-server image using this tuto ( https://help.ubuntu.com/community/WifiDocs/Adhoc) , the prob is that i see that in my system that wlan0 is activated connected and that iwconfig returns the correct parameters but i cant find the network on anyother device!
<DoomGuy> ikonia, any idea about that subject ?
<ikonia> DoomGuy: have a look at the card in network manager, also look at it in ethtool
<DoomGuy> ikonia, have a look at the card in network manager => how to do so ?
<DoomGuy> for ethtool I will check in the net
<DoomGuy> ikonia, you're right dmesg show me that messages
<DoomGuy> eth0 NIC is Down
<ikonia> perfect
<DoomGuy> later on eth0 NIC LINK is up
<ikonia> so ethtool can disable sleep
<ikonia> DoomGuy: may also be speed negotiation making it flap
<DoomGuy> ikonia, OK this is the real issue
<DoomGuy> thanks a lot I will check for that subject
<ikonia> no problem
<theguywithanaxe> minute**
<freakynl> Hi, I'm in need of some assistence. We have a 7 disk RAID-5 (mdadm) that's exported over LIO (ISCSI / buffered) to a windows machine
<freakynl> especially the write performance is horrible, read is pretty much ok. Currently I'm only copying a DVD (contents) to the storage. It's doing a - hold your horses - whooping ~3MB/s.
<freakynl> If you look here: http://pastie.org/4746029 you can see writes issues to md4, no read are issued to it however. Yet, the disks the RAID consists of do read 6x what they write and I think the whole issue comes from there. Especially since this is largely sequential write it should be writing entire stripes at once and then it doesn't need to read a single bit single the whole stripe is replaced
<freakynl> sde-sdl is md4 btw, but sdl is hotspare so you don't see I/O on it
<freakynl> beh last single should be since
<xnox> freakynl: work out the bottleneck: try local writes, test network, try another client (e.g. a linux client). Then you will know who is the bottleneck / culprit.
<xnox> freakynl: with mdadm linux-raid mailinglist is good at helping troubleshooting performance, if indeed even the local writes are slow.
<freakynl> xnox: obviously something in the LIO/mdadm stack. There are no reads issued whatsoever currently. I don't have the knowledge to work out bottlenecks that deep in the kernel
<freakynl> I've been running on 3.5.3 for a while - that was much faster. However, it was also unstable approx 1 - 1.5 days until crash... Might try 3.5.4
<xnox> freakynl: no, it's not obvious. No need to have kernel knoweledge. Simply dd /dev/zero into a file on the mdadm e.g. 2 GB and see the throughput.
<freakynl> dd local is fine
<freakynl> the issue exists in the combination lio/mdadm. For some reason an immense load of reads are send to the devices, this is done by mdadm as otherwise they would show up on the md device in iostat
<freakynl> 3.5 kernel also has a black screen btw, passing nomodeset to the kernel doesn't help. can ssh into it just fine however
<ogra_> did you try switching to a tty and back ?
<DoomGuy> ikonia, sorry for disturbing but I am still unable to wake up my e1000e ethernet card :(
<ogra_> oh, wait i'm in #ubuntu-server, ignore that
<ikonia> DoomGuy: no need to apologise
<ikonia> DoomGuy: do you still see if going up / down in the syslog
<freakynl> ogra_: :)
<ikonia> DoomGuy: as in the interface going up/down
<DoomGuy> ikonia, yes many messages like that
<ikonia> ok so it's still flapping
<ikonia> DoomGuy: I guess we need to work out why
<ikonia> can you post the output of sudo ethtool $interface
<ikonia> (pastebin)
<DoomGuy> ikonia,  OK friend
<DoomGuy> ikonia, http://pastebin.com/020BJR7b
<ikonia> DoomGuy:
<ikonia> Advertised auto-negotiation: Yes Speed: 100Mb/s Duplex: Full
<ikonia> DoomGuy: is it possible it's flapping as it's set to auto neg ?
<ikonia> DoomGuy: also check what the "wake-on" option "g" is
<DoomGuy> ikonia,  I tried to make autoneg off in both side (server and client linux machines) but it has no effect and windows machine can't do any automatic wake up to the ethernet  card
<ikonia> DoomGuy: do you see it flapping on the switch
<DoomGuy> ikonia, how to do so ? I am not network guru
<DoomGuy> :(
<ikonia> DoomGuy: is this a "home" network, or a work network ?
<freakynl> xnox: switching to 3.5.4 kernel (from mainline repository) increases throughput to ~25-30MB/s with no other changes whatsoever. Still seeing a lot of reads however, but much much faster now (still not anywhere near what I was hoping for... sequential should easily fill the GBe wire there's no other I/O on it currently)
<DoomGuy> ikonia, work network with HP procurve  big switch
<ikonia> ok, you need someone who can manage the procurve, I can't I don't know procurve well at all
<DoomGuy> ikonia, what do you need exactly ?
<DoomGuy> do you think it's a switch issue ?
<ikonia> look at the switch port the machine is pluged into, see if it is disconnecting at the switch and the server end, or just the serer or switch end
<DoomGuy> ikonia, hmm OK I will check this
<ikonia> it's worth looking it can often give you a clue
<eagles0513875> any email server experts in here willing to help me with an issue which has me pulling my hair out
<ikonia> eagles0513875: you've been told what to do in #postfix and #dovecot, don't start in here
<eagles0513875> ikonia: feel free to put me on ignore
<ikonia> eagles0513875: no, feel free to stop wasting peoples time spamming channels with the same questions and ignoring the answer
<ikonia> DoomGuy: when you put the machine on no-auto-neg did you set it to forced speed on the switch too ?
<ikonia> DoomGuy: if the switch is set to auto neg, and the machines aren't that can cause you a problem
<Kentos> figuring out LAN speed problems?
<ikonia> Kentos: possible lan speed problem, card dropping off the lan
<ikonia> Kentos: maybe a speed issue or a WOL issue
<ikonia> just working it through for DoomGuy
<Kentos> i have some fairly low LAN speeds myself, only gets about 2-3MB/s have a 10/100 ethernet router and the NIC's for the two machines im using should be the same if not the full GB speed
<freakynl> anyone aware of tools that can move a partition table? I currently have a md4 device, with 2 partitions, the partitions itself are exported over iSCSI, so the partition contains a partition :). I want to make the partition that's currently on /dev/md4p1 the partition that is on /dev/md4. So basically I need /dev/md4p1p1 to become /dev/md4p1 so I can just export /dev/md4 instead of /dev/md4p1 if that makes sense :)
<ikonia> Kentos: why are you expecting 1GB out of a 10/100 router
<Kentos> sorry for the caps, gigabit, you know the highest internet speed for NICs
<ikonia> freakynl: you can do it with dd workout the stop/start
<ikonia> Kentos: yes, but the router they are plugged into is 10/100 - so they will never do 1GB
<Kentos> and i didnt say i expected anything, just more the a 16megabit connection
<freakynl> yea I could - just really worried I'm gonna f* that up :P
<ikonia> freakynl: easy on the language please
<ikonia> freakynl: yes, it is a concern / risk
<freakynl> I could just calculate where md4p1p1 starts and where md4p1 starts and the offsets and start new partition there with old size
<ikonia> Kentos: you asked why they where not using 1GB connection, because the router is 10/100MB
<freakynl> and/add
<ikonia> freakynl: I don't think it will work with software raid disks - but it's worth looking how the clonezilla process would work
<DoomGuy> ikonia, "when you put the machine on no-auto-neg did you set it to forced speed on the switch too ? " I don't know how to configure the switch to do so
<ikonia> freakynl: or look at how it clones
<Kentos> no, i told you the specs of my NICs, which should be gigabit speed capable, not what i expected
<ikonia> DoomGuy: may also be a problem too
<freakynl> ikonia: don't get that, clones what?
<DoomGuy> ikonia, for the LAN speed issue it's possible but tell me how you can explain this
<ikonia> Kentos: ok,
<Kentos> i also said im getting 2-3 MB, so roughly 16-24 megabit speed, i should be able to get 100 or at least somewhere close
<ikonia> freakynl: there is a tool call clonezilla - it is veyr good at cloning disks
<DoomGuy> ikonia, one linux machine is connected to the server via SSH and the other machine linux cannot ping the server
<ikonia> Kentos: is that router connnected to the internet ?
<freakynl> concerning networks, you either force both sides to the same speed / duplex or use autoneg on both sides. Don't ever force one side and autoneg the other - it will mess up
<DoomGuy> ikonia, I have no problem with Windows machine connected to the server
<Kentos> yeah it is
<freakynl> ikonia: yea, I don't have the space to clone this, nor the time. ~11TiB
<ikonia> DoomGuy: basically you need to try setting the speed and duplex on the server's interface card AND the HP swithc port
<ikonia> freakynl: no, but looking at how it takes the partitions table maybe worth while
<ikonia> Kentos: are you measuring performance via the internet ?
<eagles0513875> ikonia: whats the difference between the server guide and help.ubuntu.com
<freakynl> ikonia: do you happen to know where gpt is stored? with mbr I could just copy the first 1MiB of the device and restore it with dd in case of emergency and I could test with ro I suppose
<eagles0513875> cuz i have noticed they have 2 different things when it comes to setting up certain things like dovecot and postfix
<EMKO> What's your routers speed.? I had to get a gigabit router to use my 100mbit connection
<ikonia> eagles0513875: look for yourself
<ikonia> eagles0513875: I'm not reading them for you to tell you the answer for you to then ignore
<Kentos> im measuring performance based on transfers in filezilla and uploads via a web interface on the local network
<eagles0513875> ikonia: all im asking is what is the difference im not expecting you to read them
<ikonia> eagles0513875: how do I know the difference without reading them
<eagles0513875> ok
<ikonia> Kentos: Hmmm I wonder if that routes through the public interface
<ikonia> Kentos: mabe explaining your slower performance
<ikonia> "maybe"
<Kentos> ikonia: could be right, but i dont see why, i was using a different router yesterday, still got around the same speeds though, up 5MB at times
<Kentos> ikonia: not sure where the setting differences are with that
<Kentos> far as router configuration on the new one goes
<ikonia> I guess it would be router specific
<EMKO> Are you transferring large files or a bunch of small files
<freakynl> anyone aware of a tool that will dump partition table for gpt in a way it can be imported again? Like you can with sfdisk -l (but that doesn't support gpt)
<ikonia> freakynl: did you say you where going to check out clonezilla and how it dumped the partition table ?
<ikonia> freakynl: (apologies too many conversations lost track)
<xnox> freakynl: you switch to mainline 3.5.4 from what kernel/which release? is there a performance regression in the ubuntu delta? or where you using an older kernel?
<freakynl> xnox: compared to the latest 3.2 that 12.04 has
<xnox> freakynl: ok. there are quantal kernel backported to 12.04 somewhere, which will be supported after quantal is released.
<freakynl> ikonia: I'll have to see if I can boot that - however if there's something like sfdisk dumping it'll be way easier, I can just mod the current partition table, see if I can mount it ro and see my data, if not just sfdisk -l equivalent restore it
<ikonia> freakynl: I was wondering if you could see what it called and then just use that tool
<xnox> freakynl: such that throughout 12.04 support lifespan you can use newer and newer kernels.
<freakynl> xnox: not sure what you mean by that but it's running quantal: http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.5.4-quantal/
<xnox> freakynl: that one is without ubuntu-specific patches I think. Just vanilla kernels.
<jamespage> zul, do we still need to maintain the delta against debian for less.js?
<jamespage> 'Drop BD on uglify whatever'
<DoomGuy> ikonia, I think it was resolved now.. The problem was that the switch used for the server was a little D-LINK switch connected to the biggest one HP procurve
<DoomGuy> now I have plugged the cable directly to the biggest switch and use the port of Gigabite connection and it works just fine
<DoomGuy> ikonia, thank you a lot for your advices
<DoomGuy> it looks like it was conflict between 100Mb port and 1G port
<zul> jamespage: nope
<xnox> freakynl: https://launchpad.net/~ubuntu-x-swat/+archive/q-lts-backport are the kernels that have ubuntu-patches applied and will be supported.
<xnox> supported in precise that is.
<freakynl> xnox: thx
<freakynl> xnox: the weird thing is, I never had such performance issues when I was still using ietd
<freakynl> what's also weird is that it seems to be between lio's buffer and mdadm. That is, the first copy after restarting or flushing buffers goes really fast until the buffers are full. At that point it becomes horribly slow. Moving from buffer to disk is thus where the issue seems to exist, but as stated, I didn't have that with ietd and that was using write back (thus buffers too)
<freakynl> xnox: went back to ietd, buffers are full now, instead of copying from local to iscsi I'm copying from iscsi to iscsi now (so it both reads and writes instead of only writing) and it's still over 10 times faster... there's about 110-120% reads (kB/s compared to writes) instead of 600-700% reads vs writes. This is whilst reading from the disk too, whereas with lio I wasn't even reading from the disk, only writing, which would come down to 10-2
<jotterbot> Is someone able to help me configure Apsis Pound on ubuntu?
<ikonia> I've never even heard of Apsis Pound
<ogra_> thats likely not a british pound :)
<jotterbot> http://www.apsis.ch/pound
<jotterbot> it is a reverse-proxy similar to nginx
<jotterbot> anyone?
<jotterbot> I am trying to make Apache on OSX log the CLIENT IP of requests
<jotterbot> instead i am getting the local PRIVATE IP address of the ubuntu reverse proxy server
<jotterbot> any help?
<freakynl> in #osx perhaps?
<jotterbot> It is Pound that i think needs configuring though. Which is running on Ubuntu Desktop 12.04.1
<jotterbot> I am surprised no one has ever used Pound
<freakynl> jotterbot: I take it you're not using %a but %A http://httpd.apache.org/docs/2.2/mod/mod_log_config.html but this is not an apple/osx help channel
<jotterbot> for load balancing
<jotterbot> I understand it is not an apple channel
<jotterbot> I will follow that up though. thankyou
<freakynl> xnox / ikonia : thx for the help - I gotta run unfortunately. Have it running on ietd now - way faster. I'll take it up with the mailing lists of mdadm and lio
<freakynl> jotterbot: usually not that hard, just need the right LogFormat directive. %a should do it
<freakynl> lower case thus :) capital A is local IP
<jotterbot> Aha! I will hit up the OSX channel to help configure
<jotterbot> I then have to sort out Rumpus ftp
<jotterbot> :(
<jotterbot> but thanks guys!
<koolhead17> zul: zul zul zul zul
<zul> koolhead17: seriously we are worknig on it calm down ill let you know
<koolhead17> zul: okey :P
<koolhead17> zul: marked the swift bug as invalid as it was our config issue
<zul> koolhead17:  k
<uvirtbot> New bug: #1010791 in tomcat7 (main) "tomcat7 upgrades fail if /etc/tomcat7/tomcat-users.xml is removed" [Low,Triaged] https://launchpad.net/bugs/1010791
<uvirtbot> New bug: #1050461 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,Invalid] https://launchpad.net/bugs/1050461
<codepython777> I've 4  x 1TB drives and would like to run RAID on them. Whats the best way to load and run ubuntu server on it?
<TheLordOfTime> anyone here able to set a bug as applying to a specific release of a package for me?
<xnox> codepython777: simply install ubuntu-server on them.... there is raid options in the installer. See the server guide, advanced installation.
<codepython777> xnox: thanks
<jamespage> TheLordOfTime, bug #
<TheLordOfTime> jamespage, standby
<TheLordOfTime> jamespage, bleh system futz'd up :/
<TheLordOfTime> one moment
<TheLordOfTime> jamespage, https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1046150  can you set that to precise?  its possible quantal may already have that fix, i'm checking now
<uvirtbot> Launchpad bug 1046150 in nginx "nginx segfaults when a try_files directive is used" [Low,Triaged]
<TheLordOfTime> since i plan on getting that SRU'd.
<TheLordOfTime> i'm tired of not seeing that package be fixed :P
<codepython777> xnox: what kind of raid do you recommend for running on a 4disk system? Can I build the raid before i install the ubuntu on that raid? I would prefer some kind in which if 1 disk fails, i can just replace it
<gsteinert> codepython777: RAID10 would suit your needs... but its all a compromise between recoverability and capacity. check the wikipedia article... that's got a pretty good overview of the differences
<sarnold> codepython777: hopefully useful: http://www.miracleas.com/BAARF/
<xnox> codepython777: read wikipedia page about RAID, there are many raid levels. Each raid level has it's own: read/write performace increase/descrease, space efficiency and fault tolerance.
<xnox> codepython777: http://en.wikipedia.org/wiki/RAID#Standard_levels
<jamespage> TheLordOfTime, Priority: Low? really
<TheLordOfTime> jamespage, upstream requested lowest priority
<TheLordOfTime> i could set it higher
<TheLordOfTime> at the time, i was headed out the door
<xnox> codepython777: RAID 1, 10, 5, 6 all sound suitable, e.g. "replace one drive", but check the table and related links for more info as to which one you want.
<TheLordOfTime> jamespage, its impossibly hard to replicate, afaict
<TheLordOfTime> i even tried replicating
<patdk-wk> actually, these days it's more complex
<patdk-wk> the larger the disk you use, the longer it takes to recover from a failed disk
<TheLordOfTime> it took upstream to confirm the bug
<patdk-wk> and the more likely you will have a second failure, or more
<TheLordOfTime> jamespage, i've been debating setting it higher, but i use 1.1.19 in a production environment with try_files, no segfaults in the 8 months I've had it running
<TheLordOfTime> (pulled 1.1.19 from Debian before Precise was even out)
<jamespage> TheLordOfTime, fixed in 1.2.1 right?
<TheLordOfTime> jamespage, that's what its *reported* as in the bug, trying to confirm with upstream
<TheLordOfTime> since they're evil with identifying what commit ties to a given version
<TheLordOfTime> upstream tracker reports it was fixed but doesnt say *when* it was fixed
<TheLordOfTime> i'm *assuming* it was fixed in 1.1.20, but...
<TheLordOfTime> http://trac.nginx.org/nginx/changeset/4601/nginx  <--
<TheLordOfTime> jamespage, i'm also treating it differently than, say, Apache, with priority setting, because its Universe
<jamespage> TheLordOfTime, don't - if it breaks stuff its still important even if its in universe
<TheLordOfTime> jamespage, therefore, what would you use?>
<jamespage> TheLordOfTime, a good test case to reproduce will be important for the SRU
<TheLordOfTime> jamespage, tell me about it
<jamespage> TheLordOfTime, sounds like you have not see the issue right?
<TheLordOfTime> i havent found *one* test case that works
<jamespage> hmmm
<TheLordOfTime> jamespage, only found one test case outlined on trac
<TheLordOfTime> but they're using a nonstandard setup
<TheLordOfTime> s/nonstandard/different/
<TheLordOfTime> if you look at the trac bug, they've got some session tracker or something
<TheLordOfTime> which may or may not contribute to the triggering of this bug
<TheLordOfTime> jamespage, mind a /query?
<jamespage> TheLordOfTime, feel free :-)
<zul> jdstrand: quantum should be good now
<jdstrand> zul: ok, I'll take a look
<gholms> smoser: It seems that create_user in cloudinit/distros/__init__.py has a bunch of options with underscores, but the docs all use hyphens.  Is there some character mapping going on here that I just haven't found yet?
<utlemming> gholms: yes...there is
<smoser> gholms, utlemming did that. yeah, it does do mapping.
 * gholms tries to find the code for that
<utlemming> gholms: give me a minute and I'll find that for you
<utlemming> gholms: cloutinit/config/cc_users_groups.py line 71
<lordievader> Good evening
<gholms> utlemming: Thanks
<uvirtbot> New bug: #1052614 in munin (main) "Missing dependcy libipc-sharedcache-perl" [Undecided,New] https://launchpad.net/bugs/1052614
<Joel_re> hey, does anyone know how to get rid of the prompt - as whats mentioned in this question - http://askubuntu.com/questions/187337/unattended-grub-configuration-after-kernel-upgrade
<hallyn> zul: did i ask you last week to try an openstack testrun (whatever that means) with ppa:ubuntu-virt/virt-daily-upstream installed
<zul> hallyn: im not sure if you did
<hallyn> zul: could you?  i'm just looking for some stress testing.
<zul> hallyn:  check with adam_g
<hallyn> if jdstrand finds it works for him, i'd like to go to release team and ask for it to be considered a new upload
<hallyn> zul: thanks
<hallyn> adam_g: ^
<jdstrand> zul, adam_g: hey, in order to check over the quantum updates, I just upgraded my quantal openstack vm and things all seem to be working except for horizon. I get this: http://paste.ubuntu.com/1213617/
<jdstrand> Endpoint not found
<jdstrand> is there something new I need to do to get horizon to work? (I'm using https://wiki.ubuntu.com/SecurityTeam/TestingOpenStack, like always)
<jdstrand> cli stuff seems to work fine
<jdstrand> well, I haven't tested everything
<adam_g> hallyn: what needs to be tested specifically? i can probably just manually upgrade an existing installation and poke at it however you wanted
<hallyn> adam_g: just spinning up some images, making sure they come up...
<adam_g> jdstrand: meaning you can spin up instances, list images, etc using CLI but you cant use horizon? are you getting an error in the browser or just a 50x?
<adam_g> hallyn: yah, i can do a basic test for you in a few
<jdstrand> adam_g: I can list images using cli. I get a 401. no error in the browser
<adam_g> jdstrand: you get a friendly authentication erorr within the dashboard? or something else?
<jdstrand> adam_g: not friendly. the username and password just clear themselves
<adam_g> jdstrand: but using the same username/password  with the CLI tools (asOS_USERNAME, OS_PASSWORD in env) works?
<jdstrand> oh weird, 'nova list' says "Please enter password for encrypted keyring:"
<jdstrand> adam_g: well, euca-describe-images works fine. nova list is prompting me for the keyring password. I have not seen that before
<jdstrand> that seems to be bug #1020238
<uvirtbot> Launchpad bug 1020238 in python-novaclient "nova client keeps asking for a keyring password " [Undecided,New] https://launchpad.net/bugs/1020238
<jdstrand> adam_g: ok, so now I have:
<jdstrand> $ nova --no-cache list
<jdstrand> ERROR: n/a (HTTP 401)
<jdstrand> so apparently the ec2ools are working, but not nova
<adam_g> jdstrand: i'd check the nova-api.log and keystone.logs to see whats going on. could be anything :|
<jdstrand> ok thanks
<adam_g> hallyn: sorry, i actually wont be able to get that libvirt version tested. im currently trying to get unblocked from https://bugs.launchpad.net/bugs/1035172
<uvirtbot> Launchpad bug 1035172 in linux "DHCP broken for Openstack Nova instances  since kernel v3.3" [High,Triaged]
<adam_g> hallyn: i can try that version to at least make sure instances startup, but beyond that not much
<jdstrand> adam_g: what logfile should I be looking in for: http://paste.ubuntu.com/1213679/
<jdstrand> nova-api.log gives me: http://paste.ubuntu.com/1213681/
<hallyn> adam_g: ok, thanks anyway
<adam_g> jdstrand: see if nova-compute.log reports anything. if theres no trace of any activity there, see nova-scheduler.log
<adam_g> jdstrand: also, waht is the output of 'euca-describe-availability-zones verbose' assuming you're an admin user?
<adam_g> jdstrand: the 'endpoint not found' error + that compute error leads me to believe nova-compute is not okay
<jdstrand> adam_g: I fixed the endpoint not found
<adam_g> jdstrand: what was it?
<jdstrand> adam_g: the [filter:authtoken] in /etc/nova/api-paste.ini, /etc/glance/glance-api-paste.ini, and /etc/glance/glance-registry-paste.ini had these lines removed:
<jdstrand> auth_host = 127.0.0.1
<jdstrand> auth_port = 35357
<jdstrand> auth_protocol = http
<jdstrand> (on upgrade)
<jdstrand> I put those in and nova list gives me output, but with that status error
<jdstrand> nova-compute.log and nova-scheduler.log were silent when running nova --no-cache list
<adam_g> jdstrand: id try to boot another, see that nova scheduler casts it to a compute node, and compute attempts to boot it
<jdstrand> adam_g: ah, that seems to be working. the instance started
<jdstrand> ok, so I had some crufty image I guess
<jdstrand> instance
<uvirtbot> New bug: #1052664 in cloud-init (main) "12.10 cloud-init injects comment into /etc/HOSTNAME" [Medium,Confirmed] https://launchpad.net/bugs/1052664
<jdstrand> hrmm, now horizon gives me a 501
<adam_g> jdstrand: apache error log should give you some info, maybe have to enable debug in /etc/openstack_dashboard/local_settings.py
<jdstrand> yeah, that is what I'm trying
<jeiworth> hi all, playing around with maas and juju, it appears that i can only deploy max as many instances as i have hw nodes, is this correct?
<jdstrand> error_log just isn't giving me anything
<adam_g> jdstrand: is debug enabled?
<jdstrand> DEBUG = True in /etc/openstack-dashboard/local_settings.py
<jdstrand> I didn't do anything else
<jdstrand> adam_g: ok, it seems I did not solve the endpoint problem for horizon
<jdstrand> http://paste.ubuntu.com/1213727/
<jdstrand> if I restart my browser and try to login, I get that in error_log
<jdstrand> keystone endpoint-list shows me everything
<adam_g> jdstrand: what about 'keystone catalog' (with SERVICE_TOKEN, SERVICE_ENDPOINT unset)
<jdstrand> adam_g: http://paste.ubuntu.com/1213732/
<jdstrand> it seems ok...
<jdstrand> /etc/openstack-dashboard/local_settings.py has OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member", should that be "admin"?
<jdstrand> doesn't help
<jdstrand> OPENSTACK_KEYSTONE_BACKEND. what is that...
<adam_g> jdstrand: try clearing your browser cache
<adam_g> jdstrand: horizon keeps a cache of the service catalog in the users browser, it might be stale
<jdstrand> adam_g: didn't work... :\
<jdstrand> ah, I needed to restart apache after setting Debug = True
 * jdstrand should have known that
<jdstrand> Exception Type: 	ServiceCatalogException
<jdstrand> Exception Value: 	
<jdstrand> Invalid service catalog service: volume
<jdstrand> adam_g: so, is swift required these days?
<jdstrand> seems so https://answers.launchpad.net/horizon/+question/189551
 * jdstrand doesn't even have nova-volume installed
<jdstrand> seems to be bug #946874
<uvirtbot> Launchpad bug 946874 in horizon "Document that Nova Volume is a required service" [Medium,Fix released] https://launchpad.net/bugs/946874
<adam_g> jdstrand: hmm didnt know volume was a hard requirement now.
<adam_g> jdstrand: i think you can get by with just having a volume api service and endpoint, no necessarily a functioning volume server. one sec
<jdstrand> adam_g: ok, thanks
<adam_g> jdstrand: try registering another service in keystone of type 'volume', and register a set of endpoints associated with the service, with all 3 URLs pointing to: http://localhost:8776/v1/$(tenant_id)s
<adam_g> nova-api should be listening on 8776 already
<jdstrand> yes, 8776 has a listener
<jdstrand> adam_g: \o/
 * jdstrand updates wiki
<adam_g> jdstrand: nice
<jdstrand> adam_g: thanks! I never would have gotten there today :)
<adam_g> jdstrand: if you really want to provide a volume service, you can initialize a LVM volume group named 'nova-volumes' and install nova-volume, i think thats all thats needed
 * jdstrand nods
<cornfeed> hello hello, I have added a custom PPA source, and for some reason apt-get update is not pulling in the newest ones...is there a  cache I need to flush or something? I am lost. if i use chrome to browse the source I added in sources.list then I can see that the package has been updated to a newer 3.0.1 but my system wont upgrade from 2.3.3
<patdk-lap> apt-get would automatically upgrade
<cornfeed> thats what I thought, but its not
<patdk-lap> unless it's being held back (missing dependency) or maybe they named it different, so it's a totally different package
<patdk-lap> cornfeed, revise what you said
<cornfeed> let me put up a dpaste so you dont think i am crazy
<cornfeed> brb
<patdk-lap> it will, something else is wrong :)
<cornfeed> :-D
<cornfeed> i really hope so
<patdk-lap> all we really need to see is
<patdk-lap> dpkg -l chrome
<patdk-lap> apt-cache show chrome
<cornfeed> hahaha, yes nvm
<cornfeed> i am just silly
<cornfeed> thanks
<patdk-lap> chromium vs chrome?
<cornfeed> no its a zentyal package (ebox formerly)
<cornfeed> i will put a dpaste so you see what I was hung up on
<cornfeed> http://dpaste.org/IE6qe/
<cornfeed> in apt-cache show, it says the version is 3.0.1 and 2.3.3 :-/
<cornfeed> oh shit i get it now, apt is very different than portage
<patdk-lap> well, apt-cache shows what is available
<patdk-lap> not what is installed
<patdk-lap> dpkg shows what is installed, 3.0.1 :)
<cornfeed> its listing all packages available in the repo where dpkg is what is installed
<cornfeed> yeah i was just typing that :-P
<patdk-lap> yep
<cornfeed> thanks for the help man, no better lessons than feeling retarded
<cornfeed> :-P
<jdstrand> adam_g: so, there should be any problem with me using 'keystone service-create --name nova --type volume ...' and 'keystone service-create --name nova --type compute ...' should there? notice that --name is the same
<jdstrand> the description is different
<jdstrand> meh, I'll just change it
<adam_g> jdstrand: IIRC, the name can be the same, type needs to be unique. might as well just keep them distinct, tho
<jdstrand> yeah
<jmedina> Hi there, anyone have experience with iscsi and multipath in 12.04?
<patdk-lap> iscsi yes, multipath yes, multipath on linux no
<jmedina> patdk-lap: thanks, I having problemas with a IPSAN DELL Powervault MD3200i
<jdstrand> zul: ok, one last question for the quantum MIR
<zul> jdstrand: okies
<zul> jdstrand: ill fix that up with the rootwrap with the cisco plugin and niciria plugin im not sure if it uses rootwrap or not
<jdstrand> jdstrand: yeah, there were no comments in the plugin .ini files for those two, so not sure if upstream has support for it yet. let me know what you find out
<jdstrand> zul: I'm heading out now-- feel free to let me know on irc or the bug
<zul> jdstrand: yeah i have mentally head out already ill comment on the bug
<jdstrand> thanks
<uvirtbot> New bug: #1052707 in openssh (main) "ssh client ignores PasswordAuthentication no" [Undecided,New] https://launchpad.net/bugs/1052707
<patdk-lap> jmedina, iscsi multipath seems to just work
<patdk-lap> nothing needed to make it work, atleast it works here, 9 way multipath
<jmedina> patdk-lap: I just removed multipath because I think it is a problem with iscsi initiator
<patdk-lap> hmm?
<patdk-lap> I installed multipath, logged into my iscsi target, and it just all came up
<patdk-lap> and new multipath devices in /dev/mapper
<patdk-lap> lots and lots of /dev/sd* devices
<jmedina> I have to paths to the target
<patdk-lap> I have 9 paths :)
<patdk-lap> 9 paths, two luns
<jmedina> the problem is when loggint to the second target
<patdk-lap> I was able to read and write fine
<patdk-lap> you sure the dell unit is setup for multipath?
<jmedina> patdk-lap: yeap, the problem occurs when I use both RAID controllers in the SAN
<jmedina> I just changed to using both ports on the first controller, I'm going to test with this
#ubuntu-server 2012-09-19
<rtdos> what's a good rss reader (command line) for ubuntu-server 12.04?
<patdk-lap> jmedina, oh, most *san* units don't allow you to use lun's in active active mode across multible controllers
<patdk-lap> some do, but you get decreased performance
<mike3000> Hello I am having some trouble mounting a truecrypt drive under ubuntu-12.04 server without its usb adapter
<mike3000> with the adapater i get 2 partitions (sda1 and sda5: and i mount sda5) without the adapter I get only sda1
<jdstrand> hallyn: argh, I got sidetracked with a bunch of last minutes reviews. I am installing it now and will run overnight
<tazmania> I have a Canon BJC-6500 with driver CUPS+Gutenprint v5.2.5(color) connected and configured on my ubuntu server 10.04 LTS.  I was able to setup a network share from my XP machine. However, I can't print from my XP.  I tried to print the test page on 192.168.0.x:631/printers/Canon_i6500 page with no luck either. Anybody?
<tazmania> I am able to see the print queue in "Show All Jobs"
<hallyn> jdstrand: thanks, talk to you in the morning
<jdstrand> hallyn: ok, wish me luck, it is running :)
<hallyn> :)
<jdstrand> it looks like the cirrus bug may be fixed...
<jdstrand> but I'll need to test more
<jdstrand> oh, it was the 12.04 qemu-kvm that crashed, nm
<jdstrand> not crashed-- the cirrus driver didn't work with quantal's unity
<jdstrand> or compiz or whatever
<jdstrand> anyhoo-- talk to you later :)
<bitfury_> how can I change the default mta in ubuntu?
<bitfury_> it's currently using 'mail' and I would like to change it to 'ssmpt'
<qman__> possibly update-alternatives
<qman__> but that's not the mta, that's mail client
<qman__> mta is like, postfix, exim
<qman__> sendmail
<qman__> and to select which one you want to use, you install it, and remove any others
<qman__> and ensure /usr/bin/sendmail links to it
<patdk-lap> ssmtp is a mta (nullmailer)
<sarnold> bitfury_: did you mean msmtp instead? install msmtp-mta as well
<patdk-lap> but it and mail aren't in common at all
<sarnold> patdk-lap: incidentally, mailx (which can supply /usr/bin/mail) actually _can_ do smtp directly: http://heirloom.sourceforge.net/mailx.html
<sarnold> boggles the mind
<patdk-lap> smtp directly != mta
<sarnold> true.
<patdk-lap> outlook does smtp directly :)
<sarnold> but the lines are blurrier now than they used to be.
<sarnold> haha :)
<patdk-lap> defently not
<patdk-lap> now, we can debate if a nullmailer is a real mta or not :)
<patdk-lap> nullmailer being nullmail/ssmtp/msmtp/...
<SpamapS> ugh, hpcloud needs 12.04.1 cloud images
 * SpamapS drums fingers as all 12.04.0 -> now updates download and install on hpcloud's dog slow I/o
<jaslap> openvpn help here?
<jbicha> pmatulis_: howdy, what do you think of https://code.launchpad.net/~evarlast/serverguide/wordpress/+merge/117135
<jbicha> the postgres & /24 parts have already been merged
<jbicha> if you've got the time, there's several MPs to be reviewed at https://code.launchpad.net/~ubuntu-core-doc/serverguide/quantal/+activereviews
<sabgenton> hi all I made a virtual host but apache keeps saying
<sabgenton> [Wed Sep 19 16:13:48 2012] [warn] NameVirtualHost *:80 has no VirtualHosts
<sabgenton> I tried the main config file and the sites-available file
<sabgenton> (and symlinked it)
<jamespage> ivoks, around?
<uvirtbot> New bug: #1052815 in munin (main) "Perl warnings break plugins" [Undecided,New] https://launchpad.net/bugs/1052815
<sabgenton> solved
<ivoks> jamespage: somewhere above sibir, yes :-)
<jamespage> ivoks, hello!
<jamespage> ivoks, I'm following up on work items in preparation for beta-2 of quantal
<ivoks> ok
<jamespage> ivoks, I have one for you "Expand existing test cases to support different configuration options for mail-server: TODO"
<ivoks> i'm sure it looks like im slacking
<jamespage> ivoks, nope - I understand we all have other stuff todo as well
<ivoks> ok, test cases
<jamespage> ivoks, I'd actually like to defer that one for quantal; we should switch over to the new UTAH framework for r-series opening
<ivoks> ok
<ivoks> fine with me
<jamespage> ivoks, great - we can pick that up next release then
<ivoks> yep
<jamespage> UTAH does make things a little easer TBH
<ivoks> i can always test it manually
<jamespage> but its not quite in production yet for QA
<ivoks> ok
<jamespage> ivoks, that would be great in the interim
<ivoks> right
<tasslehoff> The 10.04 lts kernel has pae even if uname doesn't say so, right?
<patdk-lap> no
<patdk-lap> the server kernel installs generic-pae for i386
<eagles0513875> Hey guys im trying to use squirrelmail to connect to dovecot imaps server + postfix and im getting a connection refused on squirrelmail Error connecting to IMAP server: localhost.
<eagles0513875> 111 : Connection refused any ideas woudl be greatly appreciated as to how to fix this issue
<patdk-lap> logs would be helpful?
<patdk-lap> but are you using a secure imap connection?
<eagles0513875> patdk-lap: yes i am and nothing is oddly showing up in the logs in terms of dovecot and any issues
<patdk-lap> well, if nothing is showing up
<patdk-lap> did you specify the correct port?
<patdk-lap> don't have odd firewall rules?
<patdk-lap> actually told dovecot to run imap?
<eagles0513875> patdk-lap: no firewall as of yet and i told dovecot to run imaps
<eagles0513875> and im using ports 993 and 25
<eagles0513875> patdk-lap: not sure what else the issue could be?
<eagles0513875> ill compare configs between my 2 servers
<eagles0513875> i think its possibly a postfix issue
<patdk-lap> heh
<patdk-lap> it's clearly NOT a postfix issue
<patdk-lap> unless you typed IMAP instead of SMTP
<patdk-lap> and you where testing sending email
<eagles0513875> patdk-lap: im trying to login with squirrelmail into my mailbox
<eagles0513875> patdk-lap: coudl the issue be that i only updated the A record to access squirrelmail this morning
 * eagles0513875 starts pulling hair out and swearing
<Patrickdk> eagles0513875, none of those are the issue, if they where, the error would state so
<eagles0513875> then what is the issue cuz i have no idea where i should be looking
<eagles0513875> Patrickdk: :( where
<eagles0513875> where is the problem and where i shoudl be looking I have checked and rechecked my issue
<uvirtbot> New bug: #1052924 in samba (main) "winbind init script not LSB compliant" [Undecided,New] https://launchpad.net/bugs/1052924
<uvirtbot> New bug: #1052928 in launchpad "launchpad bug report package option not respected" [Undecided,New] https://launchpad.net/bugs/1052928
<SpamapS> hrm, hpcloud doesn't seem to like euca tools anymore
<zul> SpamapS: eh/
<uvirtbot> New bug: #1052932 in qemu-kvm (main) "[FFE] merge upstream v1.2.0" [Critical,New] https://launchpad.net/bugs/1052932
<doko> Daviey, was there a plan for ipmitool promotion?
<uvirtbot> New bug: #1052952 in samba (main) "samba-3.6.3 (precise) fails to build from source" [Undecided,New] https://launchpad.net/bugs/1052952
<kydan> hey guys, I am trying to a restore of a innoDB style DB from a crashed ubuntu 10.04 server. I have the innoDB files and .frm files on a VM that I am trying to use for the recovery. I have tried hitting up #mysql but no one is available to help. I have followed http://egil.biz/how-to-recover-mysql-data-from-innodb/ but I am getting hung up on starting teh server in "recovery mode"
<SpamapS> kydan: hung up how?
<kydan> executing the following command: /usr/sbin/mysqld âinnodb_log_file_size=5242880 âinnodb_force_recovery=6 . However, it seem to hang there for quite awhile can I cant kill the process.
<kydan> sorry, for the grammer there, I copied it from another message
<kydan> grammar*
<SpamapS> kydan: btw, #mysql is answering you (better place really)
<kydan> SpamapS: ahh just did!, thanks
<ninjix> I am having some trouble with my 12.04 not mounting glusterfs volumes on boot. They only mount automatically from fstab about 1/4 reboot.
<ninjix> I have to ssh in and run "sudo mount -a"
<SpamapS> ninjix: perhaps mountall doesn't see glusterfs as a remote filesystem
<ninjix> I have _netdev in the fstab
<SpamapS> ok that should work
<ninjix> feels like an upstart sequencing issue but haven't been able to nail it down
<ninjix> does the _netdev work in a general way or is it specific to nfs?
<uvirtbot> New bug: #1050492 in maas (main) "MAAS uses the 'guest' account to communicate with RabbitMQ" [Critical,Triaged] https://launchpad.net/bugs/1050492
<uvirtbot> New bug: #1052972 in lxc (universe) "lxc-debian cannot create a testing release container" [Undecided,New] https://launchpad.net/bugs/1052972
<uvirtbot> New bug: #1052973 in lxc (universe) "align lxc-debian and lxc-ubuntu options" [Undecided,New] https://launchpad.net/bugs/1052973
<blendedbychris> if i have a deb.bin file, how can i make something like puppet install it?
<blendedbychris> can i extract the actual deb out of it?
<uvirtbot> New bug: #1036175 in cliff-tablib (universe) "[MIR] cliff-tablib" [High,Fix released] https://launchpad.net/bugs/1036175
<SpamapS> blendedbychris: .bin meaning a shell script with a binary embedded?
<SpamapS> blendedbychris: most of those will have some way to say --extract instead of --install
<uvirtbot> New bug: #1052985 in autofs5 (main) "No reference to configuration file in autofs manual" [Undecided,New] https://launchpad.net/bugs/1052985
<uvirtbot> New bug: #1052989 in maas-enlist (main) "Enlistment fails" [Medium,In progress] https://launchpad.net/bugs/1052989
<hallyn> stgraber: bug 1052973, for now i'm just going to mark it wishlist, but i'm thinking we just want to punt on that until a general redesign of the template system is discussed?  (maybe at uds, maybe based on api)
<uvirtbot> Launchpad bug 1052973 in lxc "align lxc-debian and lxc-ubuntu options" [Undecided,New] https://launchpad.net/bugs/1052973
<stgraber> hallyn: sounds good
<hallyn> not that i have any specific ideas.  just nebulous 'it should be better and more maintainable' :)
<blendedbychris> SpamapS: oh doiâ¦ it extracts is all the executable does
<SpamapS> :)
<hallyn> stgraber: any fixes you want to queue up for lxc?  else i'll push ubuntu:lxc (which has two trivial fixes)
<stgraber> hallyn: nope, don't have anything queued for quantal here
<hallyn> cool, pushing
<hallyn> jdstrand: test-qemu.py gave me 3 failures (http://paste.ubuntu.com/1215183/).  i think two just need updates to the parsing, but there was one segfault of qemu-system-i386, which i think accounts for the middle failure
<hallyn> stgraber: when you get a chance, can you review+merge github.com/hallyn/lxc#staging.2
<stgraber> hallyn: sure
<hallyn> thx
<stgraber> hallyn: pulled into staging
<hallyn> stgraber: thx
<lordievader> Good evening
<jdstrand> hallyn: interesting
<uvirtbot> New bug: #1053020 in cloud-init (main) "SRU: fix 1042758 (dup-of: 1042758)" [Undecided,New] https://launchpad.net/bugs/1053020
<jdstrand> hallyn: so, if I do: qemu-system-i386 -M pc-0.10 -clock dynticks -rtc base=utc -monitor tcp:127.0.0.1:4444,server,nowait -hda ./qatest-virtio.img, I don't have the '1, function 2:' in the output
<jdstrand> hallyn: ok, here is the reproducer: http://paste.ubuntu.com/1215297/
<jdstrand> hallyn: seems a legit bug. maybe contact ligouri or upstream?
<jdstrand> the few seconds might actually be apport
<Monotoko> best ask here... I would like to reinstall the OS on my server... does anybody know how I can backup my rtorrent if I don't have the .torrent files anymore?
<hallyn> jdstrand: thanks.  will inquire
<hallyn> jdstrand: when i tried that a few days ago, it didn't seem to crash, but maybe i didn't wait long enough
<jdstrand> hallyn: fyi, this is a quantal amd64 host that is mostly up to date. I have qemu-common, qemu-kvm and qemu-utils at 1.2.0+noroms-0ubuntu1~ppa1
<pramodns> hello all, Im trying to get apache 2.4 installed with ldap support
<pramodns> it errors our saying apr/apr-util is compiled without ldap support
<pramodns> and mod_authnz_ldap has been requested but can not be built due to prerequisite failures
<pramodns> I have the http package downloaded and the apr and apr-util packages under srclib/
<hallyn> jdstrand: so what exactly is o 0xae08 2 meant to do?
<jdstrand> hallyn: you are making me lookup the CVE :P
<jdstrand> hallyn: (sorry, I was on the phone)
<jdstrand> hallyn: http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-1751.html
<uvirtbot> jdstrand: The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arbitrary code by sending a crafted value to the 0xae08 (PCI_EJ_BASE) I/O port, which leads to a use-after-free related to "active qemu timers." (http://cve.mitre.
<jdstrand> that sounds right, it hotunplugs the PCI-ISA bridge
<jdstrand> which it shouldn't allow
<hallyn> so that value to that mem location says 'unplug it pic-isa bridge'?
<jdstrand> from the redhat bug: "Writing the value 2 to I/O port 0xae08 ("PCI_EJ_BASE") initiates the PIIX3 PCI-ISA bridge removal."
<hallyn> interesting
<hallyn> thanks
<jdstrand> np
<adam_g> zul: where did packaing come from for the python-swiftclient upload?
<zul> for quantal?
<adam_g> yea
<zul> ci branches
<adam_g> the one that was uploaded today/yesterday
<adam_g> eh its not installable, but is from the CI branches
<adam_g> actually wait
<zul> adam_g: gah?
<adam_g> 1:1.2.0-0ubuntu1
<adam_g> ya, python-swiftclient is uninstallable
<adam_g>  python-swiftclient : Depends: python2.7-swiftclient but it is not installable
<zul> adam_g: crappers ill have a look
<adam_g> zul: i had worked around that in the CI branch, but that change is missing from the upload.  tho, im not sure that is the correct fix. i uploaded a python-quantumclient with the same fix and got called out on ubuntu-devel :)
<zul> adam_g: heh more like i get called out for something you did ;)
<zul> anyways ill have a look at it
<adam_g> zul: no, actually the other way
<adam_g> :)
<zul> adam_g: meh
<zul> adam_g: anyways if you want to fix it....im away from computer for a while
<uvirtbot> New bug: #1053090 in tomcat7 (main) "tomcat7 cannot find server.xml in /usr/share/tomcat7/conf" [Undecided,New] https://launchpad.net/bugs/1053090
<lickalott> anyone have a suggestion for a good bandwidth usage monitor for server ed.?
<plars> anyone here happen to know if post-upgrade on -server, a fsck is forced?
<plars> I'm trying to test upgrade under kvm, and everytime I install fresh, then upgrade, despite the fact it seems to shutdown cleanly, it wants to fsck on the next boot
<plars> (this is precise->quantal btw)
<plars> the more interesting problem is that kvm seems to just hang when it gets to the fsck, if it's making progress, it's so slow I can't see it
<iohn> Hi, I'm in dire need of help. Everytime I reboot my ubuntu server I need to attach keybaord/monitor because my SSH is failing to listen to the ethernet interface, but when I login I simply restart the service and it's good to go. I was thinking that delaying the SSH startup would fix it, how could this be done?
<iohn> this has been occuring since I bridged my interface, I do however need it bridged.
<sarnold> iohn: are there any messages in the logs about why ssh failed to listen in the first place?
<sarnold> iohn: it seems to me that fixing the underlying problem would probably be easier than trying to delay the start of the program for some reason
<iohn> all right, let me check, thanks for the reply
<wkharold> juju issues on new maas install; after bootstrap, status checks fail. it looks like zookeeper isn't installed/listening: 2012-09-19 16:24:17,216:2850(0x7f576eec6700):ZOO_ERROR@handle_socket_error_msg@1579: Socket [127.0.0.1:51377] zk retcode=-4, errno=111(Connection refused): server refused to accept the client
<mark1234567>  hello. does anybody know how to enable console access for a vm, runnign qemu as a hypervisor, kvm as the vm manager, and ubuntu 8.04 as the os?
<cornfeed> is there a popular place to get custom repo source lists? i know in gentoo they have layman that allows for the easy addition and listing of popular repo maintainers
<cornfeed> mark1234567: are you using qemu or vbox?
<cornfeed> oh nvm
<mark1234567> qemu
<cornfeed> http://www.cyberciti.biz/faq/linux-kvm-vnc-for-guest-machine/mark1234567:
<cornfeed> that gives a decent overview
<mark1234567> sorry i have already gone through this https://help.ubuntu.com/community/KVM and hit a wall i have the xml configured and running and the ttyS0 configured in init.d but when i try to start it, it says "start: Unknown job: /etc/init.d/ttyS0"
<mark1234567> i have also tried to add a console def to the xml and on resart it dropped from the devices def so i have no console access to the vm
<cornfeed> mark1234567: yeah that tty setting is supposed to done inside the guest, not the host
<cornfeed> is that where you set it?
<mark1234567> oh. that isn't my setting. here for server stting https://help.ubuntu.com/community/SerialConsoleHowto
<mark1234567> for the init.d file
<sysadmin_no_1> Tossing it out there: I installed Quantal server yesterday. In the installer, it showed the new deterministic network naming format (p13p1 instead of eth0), and in /etc/network/interfaces, that name was there. However, when I ran "ip addr" or had to manually configure a bridge, I had to use the ethX name.
<cornfeed> is this on a headless box? (not the vm, the host)
<cornfeed> sysadmin_no_1: wtf
<cornfeed> sysadmin_no_1: weird
<mark1234567> no. but vm's are using bridged netowrking so i can access them directly i.e. instead of with routing/forwarding
<mark1234567> the original vm is setup to have a static ip but it too has no console access so i can ssh to it but not the new one.
<mark1234567> so either they disconnected the console after they setup or they did something i am missing
<sysadmin_no_1> cornfeed: I know... Configuring lxcbr0 I was scratching my head for a few minutes. Tried the old name and it works. Nowhere in my networking stats do I see the "new" names used. (Also, I couldn't find any details on the new naming scheme in the Ubuntu site, though Fedora seems to have a small amount of info. Is it a kernel change, or a userland change?)
<mark1234567> sudo virsh -c qemu:///system console domain which when i set the xml def to have a console should let me in to my understaning but when i fire up the vm it drops the console def from the xml file
<mark1234567> found an answer for anyone that cares. http://askubuntu.com/questions/50947/starting-a-service-from-etc-event-d-works-but-not-from-etc-init 8.04 used a older version of upstart and the script has to be placed in event.d not init.d
<mark1234567> thank you for the help. i appreciate it
#ubuntu-server 2012-09-20
<tshauck> Hi, I'm trying to use an ubuntu ec2 instance and cloudinit to copy files from s3 to the instance, but it isn't workingâ¦ what's the best way to diagnose the issue
<sarnold> "isn't working" is vague -- what specifically doesn't work?
<tshauck> sorry - so the files aren't getting copied over from s3 to the instance
<sarnold> do you get any errors or warnings anywhere along the process?
<tshauck> No, I tried checking the cfn-init and cloud-init logs, but didn't notice anything
<tshauck> although I'm a neophyte at this
<tshauck> I tried it with the standard amazon ami and it worked
<sarnold> tshauck: does it matter if the instance is up and running or spun down or ..? (I'm newer at it than you, hehe)
<tshauck> yaâ¦ don't know, I mean the whole idea of cloud formation is to start up the instance with the config of the cloud formation
<sarnold> tshauck: so, both amis were spun down when doing the cloudinit?
<tshauck> there was only one instance, cloud formation takes a template then using cloudinit to startup the instance
<neunon> hi everyone. who owns uec-images.ubuntu.com content? for an internal tool, my company's been using an automatically generated JSON file from there (containing a big list of EC2 AMIs and some metadata), and the file vanished sometime over the past few days.
<Tohuw> When isc-dhcp-server is configured to update bind9, to where are the A records for new clients written?
<patdk-lap> into bind
<patdk-lap> it directly modifies the zone file
<gerbilcabbagehai> U.S.12.04 , How do I check if the server can view the internet via CLI
<gerbilcabbagehai> for that matter, what do i type to see what packages are installed on the server?
<Guest98952> this room is dead bro
<Tohuw> gerbilcabbagehai: Define "view the the Internet". If you mean testing to see if it can reach networks across the WAN, a ping test never hurts: ping 8.8.8.8 or ping google.com (assuming a DNS client is configured).
<gerbilcabbagehai> true
<Tohuw> gerbilcabbagehai: To view installed packages, try dpkg --get-selections
<Guest98952> tohuw how do you get the address lik www.yoursite.com
<Tohuw> Guest98952: Register a domain with a registrar, then point the domain to something. A registrar's site often has helpful guides on this process. Try www.namecheap.com.
<gerbilcabbagehai> what is the unix form of dir /p I've tried |more but it only does one list item more, rather than a whole page full
<gerbilcabbagehai> looking up man more now
<Tohuw> gerbilcabbagehai: If you want to list files a page at a time, try ls | more
<Tohuw> Good on you for surfing the manpages. That will get you far.
<gerbilcabbagehai> oh lol. i was overthinking. page up page down will probably do it
<gerbilcabbagehai> i pushed enter
<gerbilcabbagehai> space is the equivalent. lol i feel silly. thanks for your help so far Tohuw
<gerbilcabbagehai> alright, ill take a step back, how can i see if my server box is connecting to the router?
<Tohuw> gerbilcabbagehai: The best first step is probably to see the current active configuration of the network interfaces. Check man ifconfig
<gerbilcabbagehai> network not accessible. reading man now
<gerbilcabbagehai> im not scared of cli anymore
<gerbilcabbagehai> i used to be. This is the fourth time I've installed ubuntu (since 5.04) and have slowly been learning to use it
<gerbilcabbagehai> a couple of times i uninstalled after getting frustrated and went back to win. but i haven't given up, and now things are starting to make sense...(have to unlearn win/dos bad habits)
<uvirtbot> New bug: #1027079 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1027079
<gerbilcabbagehai> does ifconfig stand for InterFace Configuration?
<uvirtbot> New bug: #1053215 in krb5 (main) "My repository is broken: package libk5crypto3 1.10+dfsg~beta1-2ubuntu0.3 failed to install/upgrade: libk5crypto3:amd64 1.10+dfsg~beta1-2ubuntu0.3 cannot be configured because libk5crypto3" [Undecided,New] https://launchpad.net/bugs/1053215
<joeb3_> gerbilcabbagehai, yes it does.
<gerbilcabbagehai> thanks joeb3_
<gerbilcabbagehai> im starting to think my server is not installed correctly. would i need to restart the server after having disconnected then reconnected the router, or will the server sense the reconnection?
<joeb3_> it should sense the connection
<gerbilcabbagehai> i rebooted just in case and now it wont boot at all. im going to check this out. ill be awhile. thanks for your help
<gerbilcabbagehai> i think... the server might have been running off a dvd... when i removed it, and rebooted it could no longer work...
<gerbilcabbagehai> problem was, i removed the dvd a week ago. :)
<gerbilcabbagehai> is it common to need to reinstall US1204 often?
<gerbilcabbagehai> ok, my server is up and running again. how do i see the public www page from another computer on the same network? typing in my address bar the name of the server isn't working so im typing something wrong
<gerbilcabbagehai> is it //servername ?
<gerbilcabbagehai> never mind. i found the ip address of teh server and its working
<jibel> cloud-init update to 0.7.0~bzr659-0ubuntu1 is broken. I filed bug 1053239
<uvirtbot> Launchpad bug 1053239 in cloud-init "cloud-init 0.7.0~bzr659-0ubuntu1 upgrade fails: Template #2 in /var/lib/dpkg/info/cloud-init.templates does not contain a 'Template:' line" [Undecided,New] https://launchpad.net/bugs/1053239
<uvirtbot> New bug: #1053239 in cloud-init (main) "cloud-init 0.7.0~bzr659-0ubuntu1 upgrade fails: Template #2 in /var/lib/dpkg/info/cloud-init.templates does not contain a 'Template:' line" [Undecided,New] https://launchpad.net/bugs/1053239
<railsraider> hi i need to automate the aptitude safe upgrade and keep the local version of grub installed how to i set it via debconf or something?
<xnox> railsraider: google for apt pinning, then use unattended-upgrade
<railsraider> xnox: thanks
<linocisco> How could I get free LAMP cloud server with webconsole without having credit card of my own?? I looked at Amazon EC2 but that registration needs credit card info.
<linocisco> I dont want to use one month cloud offier by ubuntu cloud. which is short term
<linocisco> I dont want to use one month cloud offer by ubuntu cloud. which is short term
<Japje> linocisco: build your own cloud, then you can have a lamp server for free
<linocisco> Japje, I have no domain registered . How can I?
<Japje> linocisco: http://bit.ly/S9r9yi
<Japje> there you can find how to build a cloud
<linocisco> Japje, thanks
<linocisco> Japje, I will look at it
<Japje> np
<linocisco> Japje, it is nothing. I searched similiar like that. I want to know the site with free cloud based LAMP server ready for me to upload only web application with free registration
<Japje> linocisco: i dont think there are such providers
<Japje> free is never free
<eagles0513875> hey guys I ran a few more tests to see why i cannot connect to my dovecot imaps + postfix setup everythign is configured correctly yet squirrelmail gives me an error 111 connection refused and nothing is showing up in the mail logs or apache logs
<eagles0513875> any help would be greatly appreciated
<linocisco> Japje, someone said http://java.dzone.com/articles/free-ec2-cloud-server-based-0 . but it asked for Credit card when I click on EC2 tab
<Japje> why dont you just pay for something you need?
<Japje> like the rest of the world
<Japje> buy some quality, and you know what you want, so you can shop for it
<Japje> if the product is free, you are the product
<linocisco> Japje,  As I am user of ubuntu, I like the spirit of ever Free
<Japje> Free as in free speech, not free beer
<linocisco> Japje, free in imagination not in reality?
<CluelessPerson> Hello all.
<CluelessPerson> Can someone help me with chroot with a fstab mounted shared folder on virtualbox?
<Japje> linocisco: then goodluck with finding a free cloud server with lamp ;)
<CluelessPerson> When I try to SFTP in as group:user I get the error  "fatal: bad ownership or modes for chroot or component 'mounted drive' "
<CluelessPerson> My fstab is setup: SFTP /media/sftp vboxsf rw,auto,umak=0755,gid=sftp,uid=root,async 0 0
<CluelessPerson> My understanding is that the direcotry that's shared is required to be locked down with chmod 755 or 750.  Has to be root, but group accessible to the sftp user.
<Korsakof> Hi everyone! Anyone is using LXC?
<Korsakof> I want to migrate my old shared web server with traditionnal chroot to lxc virtual server.
<Korsakof> Since each lxc server receives a private ip, I don't know how to route request from the host to the container...
<Korsakof> ex: in the dns www.mysite.com -> (1.2.3.4 thehost.com) but all request to www.mysite.com should be route to 192.168.52.4 lxc
<Korsakof> so a client that "ssh user@www.mysite.com" connect automatically in the container forwarded from the host :)
<Redoubt> Hello all. I'm need some preseeding help in Ubuntu Server
<Redoubt> Is there a reason that, in the my custom preseed file, I cannot access /cdrom ?
<Redoubt> As a simple example, take the following late_command: preseed/late_command string df > /target/home/df.txt; ls -Rl /cdrom > /target/home/cdrom.txt; ls -Rl /target/media/cdrom > /target/home/target_cdrom.txt\
<Redoubt> Oops-- missed the d-i
<Redoubt> d-i   preseed/late_command string df > /target/home/df.txt; ls -Rl /cdrom > /target/home/cdrom.txt; ls -Rl /target/media/cdrom > /target/home/target_cdrom.txt
<Redoubt> The only part of that command that works is the df. And the result of the df do indeed show /cdrom! The Ubuntu Server install tells me that command fails, and neither of the other two files contain any text
<Redoubt> All I want to do is add a repository key offline. So I included the key with the ISO. But I can't seem to get at the key!
<smoser> hallyn, ping
<smoser> hallyn, i'd like your thoguhts on https://bugs.launchpad.net/maas/+bug/1051626 (i tried to summarise in comment 14)
<uvirtbot> Launchpad bug 1051626 in maas "next-server written wrong" [Critical,Confirmed]
<gerbilcabbagehai> on my server is it safe to just type sudo reboot now?
<gerbilcabbagehai> or are there some unmounting i need to do first?
<hallyn> smoser: looking
<Redoubt> gerbilcabbagehai: Should be safe
<smoser> hallyn, i can set you up access to a recreate if you're interested
<smoser> this does seem to me like "should work"
<smoser> hallyn, random other somewhat related question, would you know how to make libvirt manage a network but not run dnsmasq on it at all ? ie, i dont want it to run a dns server *or*  a dchp server.
<smoser> maybe jdstrand knows that
<hallyn> smoser: i think you're supposed to be able to do that - not specify dhcp?
<hallyn> yeah i think if you don't specify <dhcp> ... </dhcp> in the network.xml
<smoser> http://bazaar.launchpad.net/~smoser/maas/maas-pkg-test/view/head:/maas-ephemeral-test-quantal.txt
<smoser> see line 32 there.
<smoser> thats what i'm wrigint.
<smoser> but it still runs a dnsmasq (and a DNS server)
<smoser> s/wrigint/writing/
<smoser> jibel, thank you for opening 1053239. fix just uploaded.
<hallyn> smoser: near as i can tell that's a bug.  but what release is that?
<smoser> that was precise pxelinux, but quantal everywhere else.
<smoser> you would think bug in pxelinux, right?
<smoser> or are you saying the dnsmasq is a bug
<hallyn> dnsmasq
<smoser> ah.
<smoser> that was quantal.
<smoser> i haven't tried anywhere else, but i can trivally test.
<hallyn> smoser: hm, but the comment in code says:     /* start dnsmasq if there are any IP addresses (v4 or v6) */
<hallyn> smoser: heh.  ok.  yeah, so i guess pxelinux bug for not picking its own ip addr on the interface from which the request came?
<smoser> hallyn, well, yeah. thats what i thought.
<hallyn> xkvm?
<doko> zul, I assume there was a FFe for nova?
<zul> doko: afaik there is a standing FFE for nova
<doko> ahh, ok
<hallyn> stgraber: all sorts of acks coming in on eric's most recent userns patchset to lkml.  \o/
<stgraber> hallyn: yay!
<stgraber> hallyn: so we might be getting something working for 3.7 then? or do we need even more patches than what he submitted?
<smoser> hallyn, https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1053408
<uvirtbot> Launchpad bug 1053408 in libvirt "libvirt always runs DNS server (dnsmasq) on networks" [Undecided,New]
<jdstrand> smoser: remove the default network, or have it autostart
<smoser> hallyn, xkvm is just some crappy thing i wrote.
<jdstrand> smoser: rather, not have it autostart
<smoser> http://smoser.brickies.net/git/?p=tildabin.git;a=blob;f=xkvm;h=18da66440b23ad1100e24c0e85d1357ad17d12eb;hb=HEAD
<smoser> it just wraps kvm but does tap networking and teardown more easily.
<jdstrand> smoser: actually, that is more than you want
<jibel> smoser, yw. thanks for the fix.
<smoser> jdstrand, i'm confused.
<smoser> see bug. i was wanting to run my own dns (bind) on that network
<jdstrand> smoser: you want a libvirt managed network with no dns or dhcp. what I suggested gets rid of the network (and by extension, dbs and dhcp), but that is too much
<smoser> and my own dchp. i was just wanting to have libvirt create it so it would bring it up on startup and do the NAT stuff.
<smoser> jdstrand, right. its nto the 'default' network that was a problem.
<smoser> it runs one on my crafted network explicitly.
<hallyn> smoser: of course, i fail to see how writing libvirt network xml is easier than just creating your own bridge by hand
<smoser> its easy to create the bridge, yes.
<ninjix> smoser: hah. I ran into the same dnsmasq/user problem with libvirt the other day
<smoser> but then i have to:
<smoser> a.) have it come up on boot
<smoser> b.) do the NAT
<jdstrand> smoser: so, people have often done this by using a bridged network, but that gets rid of nat. I've not done what you are requesting, but you can look at http://libvirt.org/formatnetwork.html
<hallyn> trivial, see lxcbr0
<smoser> so i have to write my own upstart job
<hallyn> yup
<hallyn> well no
<hallyn> i've done it with /etc/network/interfaces before
<smoser> you're suggesting that is easier and preferred over using an existing documented tested supported solution.
<smoser> network/interfaces doesn't support NAT
<smoser> that i know of
<smoser> and that means i have to edit that file
<hallyn> no, but it supprots running scripts after it come up
<smoser> so anyway... i decided to use libvirt because it sure seems easier to me.
<hallyn> and no, i'm not saying you should have to do that.  just saying you and i would have done it differently :)
<hallyn> not excusing the libvirt bug
<smoser> additionally, i actually *want* libvirt running.
<smoser> as i'm going to use it to power on and off nodes
<smoser> but i still think just the creation of the network and nat is more straight forward by declaring it and saying "bring that up on boot"
<smoser> than writing upstart jobs and fiddling with /etc/network/
<hallyn> <shrug>  that's all in your biased descriptions :)
<hallyn> I say i'ts "just defining the bridge and its startup", you say it's "writing upstart jobs and fighting the minotaur'
<smoser> hallyn, tell you what. you figure out how you can do the setup in that bug in a shorter bit of text for copy and pasting and easily checking for errors (set -e) and i'll take your solution.
<hallyn> nah.  i've got other bugs i need to track down.  thanks for the offer :)
<hallyn> like bug 1053408
<uvirtbot> Launchpad bug 1053408 in libvirt "libvirt always runs DNS server (dnsmasq) on networks" [Undecided,New] https://launchpad.net/bugs/1053408
<smoser> :)
<smoser> hallyn, thanks for your work.
<smoser> so where should i go with my pxelinux ug?
<smoser> it seems serious, and strange to exist dont you think?
<pmatulis> hallyn: i punted your lxc branch back to you
<hallyn> pmatulis: saw that - thanks, i'll take a look in deatil later today
<hallyn> smoser: well it's isc-dhcp-server responsible, or what?
<smoser> hallyn, i dont think so.
<hallyn> doesn't it handle next-server?
<smoser> why would you think isc-dhcp-server is responsible.
<smoser> oh. sorry.
<smoser> isc-dhcp-server is *told* to use that address by maas (which i consider a bug in maas)
<smoser> and its easily fixable by telling it 'next-server' of the bridge.
<smoser> but it should work anyway
<smoser> and clearly pxeboot downloads the pxelinux.0 content from that tftp server, so it *can* get there.
<hallyn> is there an option to tell it 'use whatever address belogns to the interface'?
<smoser> probably not.
<smoser> but that wouldn't be necessarily desireable anyway
<hallyn> i dunno, if you tell isc-dhcp-server to use the other addr, i'm not sure asking it to second-guess is right
<smoser> i very well might want to run a tftp server on a separate host (and network) from my dhcp server.
<hallyn> of course
<smoser> and thats essentially what i'm doing.
<smoser> (when misconfigured)
<hallyn> but you segragated networks are really nothing out of the ordinary
<smoser> right.
<hallyn> so there must be a standard way to handle this
<smoser> i think it "should work"
<hallyn> and you can't say "on eth0, use ip1, on eth1, use ip2" ?
<smoser> i'm confused.
<smoser> yes.
<smoser> i can make this work
<smoser> but i think it should work without that.
<smoser> it seems to me that pxelinux is freaking out.
<hallyn> when you say 'pxelinux' you mean tftpd-hpa?
<smoser> no. i mean pxelinux.
<hallyn> i'm lost in the stack
<smoser> https://bugs.launchpad.net/maas/+bug/1051626/comments/7
<uvirtbot> Launchpad bug 1051626 in maas "next-server written wrong" [Critical,Confirmed]
<smoser> look at that comment, hallyn
<smoser> in the "working" case:
<smoser>  a.) pxeboot gets an ip address, sees next server, downloads pxelinux.0
<hallyn> yes i was looking at that comment
<smoser>  b.) requests pxelinux.cfg/01-52-54-00-12-34-01
<smoser> in the broken case:
<smoser>  a.) same as above
<smoser>  b.) requests pxelinux.cfg/00000000-0000-0000-0000-000000000000
<smoser> why did it decide to do something different?
<smoser> it clearly has access to the tftp server.
<smoser> (it got the pxelinux.0 payload)
<lordievader> Good afternoon
<hallyn> is 01-52-54-00-12-34-01 the macaddr of the guest?
<smoser> yes.
<smoser> well, '01' is not part of the MAC, but that is part of pxe
<rbasak> smoser: looks like a syslinux bug to me. Either that or a BIOS bug, but that seems less likely.
<uvirtbot> New bug: #1053414 in samba (main) "smbd crashed when trying to connect from Ubuntu" [Undecided,New] https://launchpad.net/bugs/1053414
<smoser> rbasak, i agree, but what i cant figure out is how such a bug would exist
<smoser> as this seems not at all an uncommon setup
<hallyn> smoser: set one up physically and see what it does
<rbasak> smoser: can you check the exact number of zeroes in the request that it does make?
<smoser> its the SYSUID
<smoser> rbasak,
<rbasak> yeah, but is it, or is it a corrupt pointer pointing to the middle of memory that holds the SYSUID?
<smoser> right. thats also possible.
<rbasak> eg. off-by-one going off the end of the IP address string and into the next one that happens to be the SYSUID
<rbasak> hence I wanted you to count the zeroes :)
<smoser> rbasak, 32 zeros
<hallyn> rbasak: before he yells at you, quick, open https://bugs.launchpad.net/maas/+bug/1051626/comments/7
<uvirtbot> Launchpad bug 1051626 in maas "next-server written wrong" [Critical,Confirmed]
<hallyn> jdstrand: i was trying to bisect the cause of that qemu bug, but i was thwarted by random segfaults at startup.  i HATE that
<smoser> anyone know of a "diffpastebin" ?
<smoser> http://www.diffchecker.com/diff http://www.textdiff.com/ http://www.comparemyfiles.com/
<smoser> are some. the first is actually nice.
<smoser> but i can't give a link.
<smoser> oh wait. i can!
<smoser> http://diffchecker.com/dasJyJ16
<rbasak> smoser: how reproducible is it? Consistently?
<rbasak> smoser: how about on a different VM?
<smoser> always.
<smoser> there are different vms ?
 * rbasak finds this intriguing
<smoser> i'm not going to try it in virtualbox if that is what you mean
<smoser> :)
<rbasak> I mean another one eg. with a different MAC
<smoser> well, i can try different macs. i've tried same one then :01, :02, :03 ...
<smoser> note, the mac that 'xkvm' chooses is actually the same one that kvm would choose if not provided.
<smoser> it uses that range.
<smoser> rbasak, the othere thing i really *should* try... before i got hallen and you dragged in is a newer pxelinux.0
<smoser> or older
<smoser> :)
<rbasak> That's an idea :)
<rbasak> I was going to ask you what version you were using
 * rbasak is pulling the Source
<smoser> its what comes down from maas-import-pxe
<smoser> (which is precise)
<rbasak> OK
<uvirtbot> New bug: #1053424 in rabbitmq-server (main) "rabbitmq-server-2.7.1-0ubuntu4 discards log output" [Undecided,New] https://launchpad.net/bugs/1053424
<hallyn> jdstrand: hm, looking at the fix for the CVE, (505597e4476a6bc219d0ec1362b760d71cb4fdca), it does look like it was undone in later changes!
<hallyn> gotta run for a bit, bbl and will test that
<jdstrand> hallyn: oh! well, thank goodness for QRT :)
<jdstrand> hallyn: if you confirm it, let me know, it'll need to be addressed on oss-security (or upstream may announce it-- keep me posted)
<undave> hi all, new to ubuntu servers and servers in general. have three ubuntu 12.04 servers running as file backup servers using ssh on a non-standard port. is there any "security" tools i need to be using, please?
<Daviey> jamespage: we seem wedged, http://pb.daviey.com/nYx7/
<Daviey>  (/job/precise_folsom_deploy/332/console)
<rbasak> undave: make sure you install security updates promptly, and run regular backups. That's all I do.
<lordievader> undave: I recommend reading this: http://ubuntuforums.org/showthread.php?t=510812
<undave> thanks to you both, i'll go read that now
<rbasak> I disagree with some of that. "In general, do not write your passwords down, and if you must, keep them in a secure place (Do not put them on a sticky note attached to your monitor for example)." for example
<Daviey> jamespage: odd, it became unwedged.. was that you?
<jamespage> yep
<Daviey> ah
<rbasak> Bruce Schneier, who has just about the best security expert credentials possible: http://www.schneier.com/blog/archives/2005/06/write_down_your.html
<roaksoax> zul: do you have an example of a package that replaces a config file, and avoids the dpkg question?
<zul> which dpkg question?
<jamespage> Daviey, it all looks a bit crud to me
<Daviey> jamespage: Yeah, but that is what we have to deal with :)
<roaksoax> zul: when you upgrade, and the previous config file differs from the new one (due to user modifiying it). it asks whether you want to replace it, or not do anything, etc
<zul> roaksoax: not off the top of my head samba might be one
<zul> roaksoax: but i think you want to look at ucf
<zul> the configuration management tool
<zul> not the package :)
<Daviey> jamespage: I assume you didn't mean create, read, update and delete ?
<roaksoax> zul: cool thanks
<undave> rbasak: yeah i disagree with that as well. odd that it'd be on a security thread.
<rbasak> undave: I think the first rule of security is to be careful about who you take your advice from
<roaksoax> zul: so yeah, I want to avoid ucf from asking questions
<zul> roaksoax: ssh might be another one
<roaksoax> cool thanks
<jamespage> Daviey, its looking a bit better now
<jamespage> I've done nothing....
<jamespage> I really need to get adam_g to give me a 'catchup' on the CI stuff
<jamespage> I've been lagging badly - and I want to plug in ceph at some point in time as well.
<Daviey> jamespage: no, it's still poorly
<Daviey> it's the damn chmod issue
<WormDrink> hi
<WormDrink> someone installed ubuntu desktop on a headless server here - I cleaned up most things thats not needed - like X, and networkmanager and dbus - but should I have acpid running ?
<WormDrink> also - something is setting cpu cpufreq/scaling_governor scaling to ondemand
<WormDrink> what is this and how do I stop it ?
<ogra_> why would you want to stop it
<WormDrink> cos I suspect it set cpufreq/scaling_governor to ondemand ...
<WormDrink> and maybe did some other things which is highly innappropriate on a server
<ogra_> yes, thats a default in every modern distro nowadays
 * patdk-wk loves using cpu scaling on his servers
<ogra_> its not inappropriate at all
<patdk-wk> I defently don't want to be burning/heating at 130w's per cpu, all night long
<ogra_> yeah
<ogra_> or waste the energy it takes to keep it hot when idling
<patdk-wk> if the server has to respond in realtime to something, sure
<patdk-wk> but that normally isn't the case
<ogra_> and that would likely require even deeper changes
<ogra_> like a specially built kernel
<WormDrink> ogra_, not in gentoo ;)
<ogra_> heh, gentoo
<WormDrink> patdk-lap, ogra_ - there is marked performance drops when using ondemand
<ogra_> what are you serving ? stock data in a bank ?
<WormDrink> building a project on my laptop takes 2x as long with ondemand
<ogra_> then there is something wrong with your laptop
<WormDrink> nope
<WormDrink> you can do some tests yourself - there is something wrong with ondemand
<ogra_> anyway, up to you, just disable ondemand, but never upgrade again
<WormDrink> wow ubuntu is quality stuff
<ogra_> (since the defaults will be restored on upgrades for tha, given it is utter nonsense and extremely energy wasting (and CPU killing) to use preformance)
<patdk-wk> you could work on uninstalling, and keeping it removed and all that
<patdk-wk> but it's so much easier to just disable it in the bios
<ogra_> if your bios offers that, yeah
<patdk-wk> I haven't seen one that doesn't
<ogra_> and i doubt it would be fun uninstalling the initrscripts package or keeping it uninstalled (if you can even get rid of it without bricking)
<patdk-wk> also odd
<patdk-wk> none of my ubuntu server have any cpu scaling installed
<patdk-wk> using normal instal
<patdk-wk> but then, they are also all virtual machines
<patdk-wk> so probably not used for them
<ogra_> dpkg -l |grep initscripts
<patdk-wk> orga_: cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors
<ogra_> what about it ?
<patdk-wk> well, if it doesn't exist, oviously it can't be used :)
<ogra_> ah, yeah, but thats a kernel thing
<patdk-wk> and the kernel controls cpu scaling
<ogra_> might be that the vm kernels have no scaling
<ogra_> WormDrink, but since you know so much about governors, why dont you just add the runes needed to /etc/rc.local  to force performance
<epinky>  Hello, I'm getting an odd message [ldap] bind to localhost:389 failed: Can't contact LDAP server, but in my /etc/freeradius/modules/ldap I have another IP(not localhost) configured.
<ogra_> (its not like it is secret how to do that)
<WormDrink> ogra_ I just did update-rc.d ondemand disable
<WormDrink> seems to have worked
<ogra_> until next upgrade
<WormDrink> yes yes - next upgrade wont be gentoo ;)
<ogra_> update-rc.d isnt for admin use
<WormDrink> I mean will be gentoo
<WormDrink> ubuntu isnt for use
<ogra_> rather mv around the K links
<ogra_> WormDrink, well, for people that know what they are do ubuntu is fine, for people wanting to turn ubuntu into gentoo its probably not
<ogra_> *doing
<WormDrink> ogra_, yeah - I'm just being nasty - but I have to say ubuntu always freaks me out
<ogra_> WormDrink, i bet gentoo would freak me out the same ;)
<ogra_> i lost my urge to compile the world somewhere in the early slackware days
<RoyK> heh
<uvirtbot> New bug: #999324 in bind9 (main) "Server guide gives wrong examples for bind9 (was: DDNS dynamic file creation permission denied)" [High,Fix released] https://launchpad.net/bugs/999324
<smoser> rbasak, fyi, hardy through quantal pxelinux behave identically
<rbasak> smoser: interesting. I wish I had time to dig into it!
<rbasak> Just changing latest quantal maas-enlist, cloud-init and your ephemeral image generator now
<rbasak> changing?
<rbasak> testing
<smoser> rbasak, how'd that go?
<rbasak> smoser: still on it
<rbasak> it takes ages for the generation thing to run. probably because of qemu
<hallyn> jdstrand: actually i think this is different - the 1, function 3 has no_hotplug set an dis not being deleted.  it's 1, function 2 (which is the usb bridge) which is being unplugged, and causing the assert failure.
<rbasak> smoser: it's got through to d-i now, so the ephemeral image must be good. Thanks! Looks like it's using the latest cloud-init and maas-enlist, and the only hack is the mountall from the PPA that I built for armhf by hand
<rbasak> smoser: so the next step: can we get a precise ephemeral image with this fix?
<smoser> rbasak, well.. yeah, thats a bit more of a PITA
<smoser> as a lot of stuff has to go back.
<smoser> slangasek was handling the moutnall fix, but he's out all this week on holiday
<smoser> so i'm tempted at the moment to build quantal daily ephemeral images with that ppa as it is.
<smoser> rbasak, how do i get arm ppa build?
<smoser> if i do that, then i can build you dailies with the only non-archive thing being that ppa and the mountall.
<jdstrand> hallyn: ah, so maybe a different issue. still 'just a bug' which we should try to get fixed before release. should adjust qrt then for now
<zul> jamespage:  so i was thinking
<hallyn> jdstrand: yeah, trying to ping mstsirkin on #qemu.  hopefully will get it resolved soon.
<zul> smb:  ping
<doko> zul, Daviey: nova pulls in python-babel (MIR missing), and there are other missing
<smb> zul, hm?
<zul> smb: so we are seeing a kernel bug on precise with lvm and dd
<plars> jamespage: for the 1G space problem with ubuntu-server installs, any chance to look into it?  Collin is looking at the 128M install failure but commented that the OOMs installing with 256M+ were probably due to not having swap space (because I was manually partitioning to make everything fit)
<smb> zul, gotta bug report?
<zul> doko: like what?
<zul> smb:  yeah https://bugs.launchpad.net/cinder/+bug/1023755/
<uvirtbot> Launchpad bug 1023755 in linux "Precise kernel locks up while dd to /dev/mapper files > 1Gb (was: Unable to delete volume)" [Undecided,Confirmed]
<jgriffith> zul: Ping
<zul> hey jgriffith
<jgriffith> zul: Howdy
<doko> zul, see http://people.canonical.com/~ubuntu-archive/component-mismatches.svg
<zul> smb:  its actually jgriffith bug im just the conduit
<jgriffith> smb: zul is just lucky that way :)
<zul> doko:  ok ill fix it for the next upload
<jgriffith> zul: Who should I talk to here?
<zul> jgriffith:  smb
<zul> smb: meet jgriffith
<jgriffith> :)
<jgriffith> smb: Are you familiar at all with this issue?
<jgriffith> smb: Or would a recap be helpful?
<smb> heh
<smb> jgriffith, Well I am reading the report right now
<jgriffith> smb: K... in  a nut shell
<jgriffith> smb: Performing a dd if/dev/zero to an LVM device sometimes hangs
<jgriffith> smb: In the case of an LVM snapshot device it almost always hangs
<jgriffith> smb: Usually when this happens the entire system is locked up and I can't do anything
<jgriffith> smb: I just so happen to have one now where the system is responsive, so I thought it might be useful to debug
<smb> jgriffith, So you say you would sometimes see it on a plain lv, too, just not that often
<jgriffith> smb: Initially I thought I would *never* see it on plain LVM
<jgriffith> smb: But this morning it looks like that may have changed
<xnox> jgriffith: deleting lvm volume does not zero it out.
<jgriffith> smb: It's possible that this is slightly different, but it seems it must be related
<jgriffith> xnox: correct
<xnox> jgriffith: I use lvm volumes as hard-drives for libvirt-manager
<jgriffith> xnox: We're sending a dd command before lvmremove
<jgriffith> xnox: the dd command is what hangs
<xnox> and boy I was surprised when *fresh* volume had old partitions "resurrected"
<jgriffith> xnox: :)
<smb> jgriffith, Hm, ok. So next question is a) is this a bare metal host or a vm and b) is the vg on local disks or something like iscsitarget
<jgriffith> xnox: Thus the dd before we remove
<xnox> I fixed bugs in debian-installer now to work around that =)
<jgriffith> smb: This happens to be on a VM, I've reproduced on bare metal as well
<xnox> jgriffith: I would set oflags=direct or whatever it is, to set directio
<jgriffith> smb: It's a loopback device to a local file
<jgriffith> xnox: done
<xnox> because lvm device is not really a block device.
<xnox> hmmmm
<xnox> jgriffith: strace & file a bug report.
<smb> xnox, Not true lvm lv's are block devices. not physical ones though
<xnox> smb: ok. But I wish I new the i/o difference between lvm, md, SSD, spinny drives, scsi...
<jgriffith> smb: http://paste.openstack.org/show/21027/
<xnox> because kernel does handle it differently and mdadm had a lot of work on trim support and i/o optimisations....
<patdk-wk> heh? trim in mdadm?
<jgriffith> smb: and a portion of kern.log http://paste.openstack.org/show/21028/
<patdk-wk> or do you mean trim support for device-mapper?
<xnox> patdk-wk: i think the later but I'm not sure =) i'm just lurking on the linux-raid mailing list ;-)
<jgriffith> smb: So I tried running apport, but got honked a bit
<jgriffith> smb: Can try again if it would be helpful?
<smb> jgriffith, not sure those io error look good... later its definitely waiting for some request to complete...
<jgriffith> smb: Yeah, and I'm pretty sure it's the dd which hangs forever
<jgriffith> smb: It's interesting because usually when I'd see this the entire kernel would hang and the system was useless
<jgriffith> smb: This is the first time I've been able to do anything on the system when this happens
<jgriffith> smb: I made the mistake of killing the dd commands that were in progress...
<jgriffith> smb: They did in fact die, but lvm commands still hang
<jgriffith> smb: So it seems that whatever it is that's going on it just throws LVM into a complete tizzy
<smb> jgriffith, Ah well, so here the lvdisplay tries to read from one lv (meta-data) which hangs. Can be a result from the dd breaking the device rq
<jgriffith> smb: makes sense
<jgriffith> smb: So How the heck do I use this apport in console mode?
<jgriffith> smb: I'm at the login/register screen
<jgriffith> smb: I made the mistake of using vi commands... that was *no bueno*
<smb> Hm, there was a way to write the info to file... though that might run just into the same problem of accessing the bad device
<jgriffith> smb: Would it be helpful if I got you access to the system?
<smb> jgriffith, Partially. Though I might just try to reproduce it
<Daviey> smoser: Hey, on the next publisher run, ubuntu-cloud-keyring  should be NEW'd into precise-proposed.  Can you independently test it works ok?
<jgriffith> smb: cool... you're call, just lemme know
<smb> jgriffith, For that it would help to get a as detailed description of the setup in the bug report (if I did not miss it)
<smb> Especially how the VG is constructed
<smoser> Daviey, is there a bug ?
<smoser> that i'd post comment on ?
<Daviey> smoser: bug 1053452
<uvirtbot> Launchpad bug 1053452 in ubuntu-cloud-keyring "[SRU] NEW in precise-updates" [Undecided,Fix committed] https://launchpad.net/bugs/1053452
<jgriffith> smb: I can break things apart and document it, OR might be easier to download devstack and do it that way
<jgriffith> smb: After that it's just simply cinder create 1, cinder snapshot-create <volume-uuid>, cinder snapshot-delete
<jgriffith> smb: Up to you on what's best there
<zul> jgriffith/smb: is there a way to see if its a bad device?
<smb> jgriffith, Best to reduce the testcase to as basic things as possible. If I have to install and configure a load of things, I may get bored. ;) So I think the really interesting parts are what the device-mapper stack looks like. That loop mount on a file and make a pv of that kind of things
<jgriffith> smb: Sounds reasonable, I'll disect and update the bug
<jgriffith> smb: Is there any reason to keep this machine in it's current state hanging around?
<jgriffith> zul: I don't know... but good question
<smb> jgriffith, Don't think so. It sounds like not too hard to reproduce
<smb> zul, jgriffith Hm, wonder if cat /sys/block/<dev>/inflight would be >0 and not going down...
<zul> i can find out
<zul> smb/jgriffith: ok maybe not easily
<jgriffith> zul: :(
<zul> jgriffith: devstack is taking forever
<smb> zul, jgriffith Depending on ways to cause an unhandled NMI or sending sysrq triggers https://wiki.ubuntu.com/Kernel/CrashdumpRecipe may be helpful on gathering info. At least I would try that when reproducing tomorrow (as my today reaches its end)
<zul> smb:  ok ill see what i can do
<jgriffith> zul: smb Here's an psuedo script of what we do: http://paste.openstack.org/show/21029/
<jgriffith> zul: smb Some things need filled in with the count  and size blah blah blah
<jgriffith> zul: smb But this is the basic sequence at any rate
<jgriffith> zul: smb One thing to note, it is more readily producible IF your volume size is 2 Gig or greater
<jgriffith> zul: smb less than 2G it's a bit harder to hit
<smb> jgriffith, Sure. Looks like something to work on. Will that go into the bug report?
<jgriffith> zul: smb One thing this leaves out is the iscsi target creation but I don't think that should matter
<zul> jgriffith: can you add the script to the bug report so we can document it
<jgriffith> smb: Yes, I can add a link to the paste in the bug
<smb> jgriffith, probably better do paste it as a comment. I do not trust paste links to remain...
<smb> Hm so iscsitarget (of some kind) _is_ involved here
<jgriffith> smb: Yes, on the create, we then create an iscsi target for the lvm device
<jgriffith> smb: Suppose that could be related, but it seems I found soem bug reports on google about devmapper snapshot devs and dd kernel hangs
<smb> jgriffith, Certainly could be some factor. It sounds more plausible to loose a request that way. I would certainly try a setup backed by a local disk first. Since that gets rid of complexity if it also shows the problem
<zul> smb:  this is my /sys/block/dm-1/inflight when deleting the snapshot: http://pastebin.ubuntu.com/1217211/
<jgriffith> smb: Yeah, and the thing is the iscsi target is deleted before this dd command is sent
<smb> But if that does not and only the iscsitarget setup has it, then it may allow to get rid of device-mapper iin that
<smb> jgriffith, o_O What is then backing the volume?
<jgriffith> smb: ?
<smb> zul, Definitely a lot of inflight
<jgriffith> smb: The backing file is still present, we just no longer have it mapped ot an iscsi tgt
<jgriffith> smb: Unless I'm mistaken on the sequence...
<smb> jgriffith, If the setup is <lv>+<snapshot> --> <vg> --> <iscsitarget> then you could not remove iscsitarget and expect writes to anything of the vg to work.
<jgriffith> smb: I believe it's <vg>---> <lv> ---> <iscsitarget> ---->snapshot
<jgriffith> smb: No iscsi target is created for the snap BTW
<jgriffith> smb: So the snapshot_delete is  <dd if=/dev/zero> ---> lvremove snapshot
<smb> jgriffith, Ah ok, that makes more sense than what I was thinking. So the iscsi device is exported from the snapshot (iow top of the stack)
<jgriffith> smb: yup
<smoser> Daviey, it is still not there? (ubuntu-cloud-keyring) ?
<jgriffith> smb: errr...
<jgriffith> smb: Actually no, we don't do any iscsi target work with the snapshot at all
<jgriffith> smb: we require you do a create from snapshot to go that way
<jgriffith> smb: The snap is never exported... we would do a create from snap <lvm-snap> ---> <new lvm> ---> <export iscsi>
<jgriffith> smb: Sorry.. have to run, catch up with you later, or tomorrow if you're around
<adam_g> isn't the original LV that backs a snapshot required to exist and be ACTIVE?
<smb> jgriffith, Probably mixing up the names. But I guess what is done is to export something via iscsi that is the part one can modify and then gets discarded after usage.
<smb> jgriffith, Ok, yeah. I try to have tried looking into it by then
<Redoubt> Can I preseed selections in the "install additional software" window?
<Redoubt> I can obviously pkgsel/include whatever I want, but I would just like to preselect openssh server
<njin> hallo, is /etc/init.d/networking restart deprecated ?
<njin> if yes is right to passs sudo service networking restart ?
<njin> or is sudo servoce networking stop
<njin> sudo service networking start ?
<RoyK> njin: both should work
<njin> RoyK, thanks
<RoyK> "service" something just runs the script
<RoyK> no magick involced
<jgriffith> smb: Still around?
<escott> njin, service is preferred
<njin> escott, thanks
<pmatulis> hallyn: re lxc branch, does the validate script give errors for you?
<hallyn> pmatulis: nope
<hallyn> pmatulis: did you get that after a merge, or straight from my branch?
<hallyn> pmatulis: sha1sum gives me 37b04b97fc82659d5d1d8fa9e7d79e3a604428f5  virtualization.xml
<pmatulis> hallyn: strange.  i branched the latest trunk and merged your branch (started over fresh)
<skaet> Woot!   way to go ubuntu-server team!   5 of the 5 bugs release noted with Beta 1 have been fixed for Beta 2.   :D
<skaet> https://wiki.ubuntu.com/QuantalQuetzal/TechnicalOverview
<highvoltage> Nice.
<highvoltage> eek, beta2 is next week already!? it never ends! :p
<pmatulis> hallyn: i actually got 10 times the error i posted in my review comment (pointing to different lines)
<hallyn> pmatulis: can you pastebin the virtualazation.xml you have, or push to a tmp branch
<uvirtbot> New bug: #989452 in qemu-kvm (main) "oneiric's virt-viewer can't connect to console of precise's virtual machines" [Medium,Confirmed] https://launchpad.net/bugs/989452
<pmatulis> hallyn: https://code.launchpad.net/~petermatulis/serverguide/temporary_branch_merge_123642
<hallyn> pmatulis: ok thanks, that makes more sense - that at least is on a listitem :)  still don't see the problem, but looking...
<epinky> could anyone give a hand with RADIUSproxy?
<hallyn> pmatulis: so it's complaining that the <listitem> which immediately follows <itemizedlist> is not following itemizedlist.  Bug in the validator?
<hallyn> oh or does it need a para
<hallyn> that did it
<hallyn> pmatulis: re-pushed.  or do you prefer i push a versoin based on your temp version?
<pmatulis> hallyn: well, i don't understand why you didn't get the same errors
<hallyn> pmatulis: i did once i ran the validator by hand.  i expected 'make serverguide-html' to run it
<pmatulis> hallyn: ah, no
<LazyTown> please help!  installed apache mpm_worker module and now my server isn't parsing php,  what did I miss?
<pmatulis> hallyn: let me try again to get your stuff
<sarnold> LazyTown: what error messages do you get in your logs?
<hallyn> pmatulis: thanks
<mcb_> Using Ubuntu 10.10, I made a disk image from a server to an external driver. Reinstaled grub in the external drive (chroot used), changed the UUIDs in /etc/fstab  and in /boot/grub/grub.cfg. I more then double checked this and they are all right. I use this same method with Debian 6 and works to perfection. In Ubuntu, Grub loads OK, but it hangs just after, with no erro message, just the blinking cursor in the left upper conner of the screen. I can 
<LazyTown> sarnold: I got the server to serve php again, which is a plus, but now I get a 500 and this is the error from my log: [Thu Sep 20 20:04:08 2012] [error] [client 199.96.116.26] Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: http://mysubdomain.mycompany.com/
<sarnold> LazyTown: I wonder if that is from excessive (or broken) mod_rewrite ...
<sarnold> LazyTown: does a simple phpinfo(); page load?
<LazyTown> let me test
<pmatulis> hallyn: validated, making html...
<LazyTown> sarnold, no
<sarnold> LazyTown: how about static pages?
<LazyTown> sarnold: plus, when I browse to my home domain I get a 404: The requested URL /cgi-bin/php5/index.php was not found on this server.
<LazyTown> and yes, I can get static pages to work
<epinky> I want to proxy EAP-TTLS (PAP credentials) to some other server, what should I configure?
<epinky> I'm using freeradius
<mcb_> Using Ubuntu 10.10, I made a disk image from a server to an external driver. Reinstaled grub in the external drive (chroot used), changed the UUIDs in /etc/fstab  and in /boot/grub/grub.cfg. I more then double checked this and they are all right. I use this same method with Debian 6 and works to perfection. In Ubuntu, Grub loads OK, but it hangs just after, with no erro message, just the blinking cursor in the left upper conner of the screen. I can 
<sarnold> mcb_: you're cut off at "screen. I can"
<mcb_> sarnold: Just after the Grub screen, all that i get is the blinking cursor in the left upper corner of the screen, nothing more happens...
<sarnold> mcb_: does grub need to load USB, SCSI, or filesystem modules to find the kernel on the external drive?
<Daviey> smoser: SpamapS didn't accept the binary :), now done.  Will NOW show on next publisher run
<Daviey> SpamapS: Hope you didn't mind me accepting it.
<mcb_>  sarnold:  No. No adicional module needed. And if it was an module issue i should expect a "Module not found" erro message...
<mcb_>  sarnold: This lack of erro message, or anything is the worst part...
<sarnold> mcb_: indeed. Even lilo would print L I L O after each successful portion of loading to give you some hint what was going no...
<mcb_>  sarnold: You made me think. It does not show that GRUB is entering level2 or level 1.5. In Debian system it show a message. Does in Ubuntu grub show in each stage it is?
<sarnold> mcb_:  good question, I pay remarkably little attention when things work well. :(
<mcb_> sarnold: LOL, but does not help me.... :) I think i will make a virtual server and look in a clean install....
<mcb_> sarnold: At least i will know if GRUB in ubuntu talks some more or less....
<SpamapS> Daviey: don't mind at all no. ;)
<SpamapS> Daviey: as I said, I'm not an AA, so I wouldn't know to accept binaries ;)
<Daviey> heh
<Daviey> OK.. So.  should fortunes-ubuntu-server be kicked out of the archive.
<Daviey> It was a package i created, and not been updated since 2010
<Daviey> (kicked out for Quantal)
<SpamapS> Daviey: what does it contain? old quotes from mathiaz and dendrobates ? ;)
<Daviey> SpamapS: Helpful tips i put together.. pretty crappy
<Daviey> There is a bug that many of the URL's no longer exist
<SpamapS> Daviey: well yeah if its not helpful just drop it. Perhaps put out a call to the users who like it to keep it up to date or risk it fading into memory.
<NcA> Any reccommendations for a parallel ssh client on Ubuntu? I'm needing to run commands on 5+ boxes simultaneously
<SpamapS> NcA: heh... parallel-ssh comes to mind ;)
<NcA> I checked it out, to elaborate a bit further... I'm trying to run sudo commands, so something interactive is preferred, as I need to auth with ssh, then when commands run
<NcA> pssh just takes args and goes
<SpamapS> NcA: this sounds like a really bad idea...
<NcA> uh oh...
<SpamapS> NcA: sudo? authing ? you sure you want to do this?
<NcA> SpamapS: I fail to see the issue? If I'm connected to multiple servers via SSH, passing a password via the encrypted stream...
<SpamapS> NcA: this is sort of why configuration management was invented..
<NcA> SpamapS: We're currently working on Puppet...
<SpamapS> NcA: "tell me what you want, now what you want me to do"
<SpamapS> s/now/not/
<SpamapS> NcA: no better time than right now to roll it out :)
<NcA> SpamapS: So, on Mac, iTerm has a feature which you can initiate ssh sessions to multiple remote hosts, and run commands interactively, and simultaneuosly
<sarnold> NcA: how does it handle if the authentication fails on one of the five hosts?
<sarnold> NcA: how does it handle if one of the five hosts has a full disk and drives itself off a cliff with stupid/silly/incomprehensible errors?
<SpamapS> NcA: there are ways to do that with the terminals on Ubuntu as well...
<SpamapS> NcA: I'm suggesting that this is a great time to start using tools made for this job, rather than abusing tools not made for this job. :)
<hallyn> ahs3: hey, are you around?  i've been asked to build a libnl3 version of netcf for experimental, but i can't find libnl-3-dev and libnl-route-3-dev in exp archives...
<hallyn> do you see them?  what am i missing?
<ahs3> hallyn: hrm.  haven't looked.  libnl-3-dev or libnl3-dev libnl-dev would be what i'd search for, tho
<ahs3> whups -- not libnl-3-dev; that's an unlikely name; are you sure they've been uploaded to experimental?
<hallyn> ahs3: well, not absolutely.  they've been in ubuntu for quite some time
<hallyn> searching for libnl just gives me 1 and 2
<hallyn> cyphermox: ^ do you know?
<NcA> sarnold: SpamapS: sorry, got dragged away into firewall land
<ahs3> hallyn: nod; you may need to poke the maintainer to get a libnl3 uploaded/available
<NcA> the servers I intend to use this on are identical members of a cluster (torquebox to be specific)
<SpamapS> NcA: identical.. until you run these commands, and then one fails.. then you have 4 identical, and one special snowflake. ;)
<cyphermox> hallyn: just a second
<sarnold> SpamapS: "special snowflake" :)
<cyphermox> ah, libnl-3-dev is indeed the right name
<hallyn> hm, so maintainer would be Heiko
<sarnold> NcA: if the machines are really intended to be part of a cluster, could you just get ssh keys that allow you to log in directly as the user account that needs to be authenticated?
<sarnold> NcA: or configure sudo to allow passwordless access?
<cyphermox> hallyn: mbiebl asked me about libnl3 in exp/debian/jessie this morning
<cyphermox> it's not in experimental but 3.2.7-4 is in sid
<hallyn> waitaminute
<hallyn> d'oh
<hallyn> my ami is on squeeze+exp, not sid+exp
<hallyn> sorry!
<cyphermox> yeah
<cyphermox> alright, good that this is sorted ;)
<hallyn> ahs3: mind if i poke you in a bit (or likely tomorrow) about uploading netcf 0.2.2-1 to experimental?
<ahs3> hallyn: nope.  holler when ready
<hallyn> ahs3: thanks!  good night
<cyphermox> hallyn: oh, you're the netcf maintainer in Debian. now I understand
<hallyn> cyphermox: yeah, but it looks like i need to write a reliable user-data file for setting up my test instances :)
<hallyn> there.  that shouldn't be happening again.
<hallyn> ahs3: i need to do some testing, but http://people.canonical.com/~serge/netcf022/netcf_0.2.2-1.dsc is what i'm basing off of
<ahs3> hallyn: ack
#ubuntu-server 2012-09-21
<uvirtbot> New bug: #1053744 in samba (main) "package libsmbclient (not installed) failed to install/upgrade: a tentar sobre-escrever '/usr/share/man/man7/libsmbclient.7.gz', que tambÃ©m estÃ¡ no pacote centrifydc-samba 3.5.11-4.5.3.573" [Undecided,New] https://launchpad.net/bugs/1053744
<gerbilcabbagehai> I have my Desktop box server running. 12.04. How do I log into it via sftp from my client laptop? I'm already in via ssh, but I don't know how to use ftp
<sarnold> ftp != sftp
<gerbilcabbagehai> i know
<sarnold> which one are you interested in using? :)
<gerbilcabbagehai> sftp
<gerbilcabbagehai> on my client box i am using filezilla
<sarnold> does filezilla support sftp? I've never seen it before..
<gerbilcabbagehai> apparently
<sarnold> if it takes URLs, try something like sftp://hostname/pathname
<gerbilcabbagehai> http://filezilla-project.org/client_features.php
<gerbilcabbagehai> ok thanks ill try that
<sarnold> ah, those screenshots don't look very amenable to URL syntax
<gerbilcabbagehai> it worked
<sarnold> oh! pleasant surprise. :)
<gerbilcabbagehai> filled in host, selected sftp, supplied username and password for ssh
<gerbilcabbagehai> thanks for your help :)
<sarnold> you're welcome :)
<gerbilcabbagehai> if I want to write/overwrite when I am logged in via sftp (filezilla), the permissions are denied. What do I change on the server to continue modifying my files from afar, but keeping them safe from not-logged in users?
<sarnold> gerbilcabbagehai: what are the permissions on the file and the file's containing directory?
<gerbilcabbagehai> you want cli format or filezilla gui format?
<sarnold> I can read ls -l output far better :) but that's just me...
<gerbilcabbagehai> im new to cli so i want to learn how to do that. do I cd to the directory?
<sarnold> yes
<sarnold> it isn't strictly necessary -- but it is easier to get the listing, and to read it, if you do.
<gerbilcabbagehai> -rw-r--r--  1 root root  177 Sep 20 18:38 index.html
<gerbilcabbagehai> drwxr-xr-x  3 root root 4096 Sep 20 23:59 movies
<gerbilcabbagehai> drwxr-xr-x 58 root root 4096 Sep 21 08:48 usb
<sarnold> do you want your user account to be able to re-write this file at will?
<gerbilcabbagehai> yes for my account, no for others.
<gerbilcabbagehai> there's only one account with a strong password, however others will have access TO it, but i dont want them to change anything inadvertantly
<gerbilcabbagehai> TO it = the data.
<sarnold> gerbilcabbagehai: you will need to grant directory write access to your user account as well as file write access to that file for your user account
<sarnold> (both are required since different programs may use different mechanisms to modify the file -- some will edit that existing file, and others will put a _new_ file in place with that filename. It's a touch complicated that way...)
<sarnold> gerbilcabbagehai: is this user in a group all to itself?
<gerbilcabbagehai> Lets say my name is bob. bob is my login and username. bob is the only username on the server. I'll be the only one who changes things or overwrites things.
<gerbilcabbagehai> im not quite sure what i want to ask
<gerbilcabbagehai> for now, i only want bob to be able to modify anything
<sarnold> then that's pretty easy: chown bob:bob . index.html ; chmod 755 . ; chmod 644 index.html
<gerbilcabbagehai> what does chmod 755 mean?
<sarnold> that changes the directory's permissions to be owned by user bob, group bob, then sets the directory permissions to allow bob complete control, everyone else gets read and traverse permissions (necessary for a web server running as a different user, probably www-data)
<sarnold> then it changes the file index.html to be owned by user bob, group bob, and allows bob to read and write the file, and everyone else can read the file (also necessary for the web server to be able to serve it up to clients)
<gerbilcabbagehai> so what does having root as owner do to the file index.html?
<gerbilcabbagehai> why should bob own it?
<gerbilcabbagehai> e.g. sarah / guest can see and read bob's index, but only bob can modify?
<sarnold> if root owns the file, then bob has use 'sudo' to modify the file, which gets annoying
<gerbilcabbagehai> true :)
<sarnold> if bob owns the file, then bob can update the file without having to use 'sudo'
<gerbilcabbagehai> hence if i own that file, i login via filezilla and permissions will be allowed because I own that file, and filezilla cannot pass sudo (i think)
<sarnold> sarah will get the "other" permissions -- the last digit in the permissions: 755 and 644
<sarnold> right, filezilla won't be able to do sudo, especially because the sftp protocol doesn't make a provision for that :)
<gerbilcabbagehai> gotcha. thanks for the explaination
<gerbilcabbagehai> now to try it lol
<sarnold> hehe
<gerbilcabbagehai> new meaning to the term, "man up"
<gerbilcabbagehai> you know...many things i think are deliberate in linux
<sarnold> one hopes :)
<gerbilcabbagehai> is there a $kill bill?
<sarnold> back in the day, the 'make' command would print "make love, not war" if you typed "make love"...
<gerbilcabbagehai> AHAHAHA
<gerbilcabbagehai> how do i enable logging on the server?
<sarnold> gerbilcabbagehai: an old old joke stuffed in the tunefs manpage back in the eighties: http://unixhistory.livejournal.com/1808.html
<sarnold> gerbilcabbagehai: what operations do you want logged?
<gerbilcabbagehai> everything?
<sarnold> you don't want that :) that's way too much data...
<gerbilcabbagehai> um...let me rephrase that
<gerbilcabbagehai> any user who logs in and does something
<gerbilcabbagehai> from where and as much detail as possible about them
<gerbilcabbagehai> all interactions that my username and any other initiates
<sarnold> well, that's still pretty open...
<sarnold> gerbilcabbagehai: first, try "sudo less /var/log/auth.log" -- see if that's sufficient
<gerbilcabbagehai> am i going to regret this? lol
<sarnold> no, 'less' is a simple file viewer
<sarnold> just hit 'q' to quit
<gerbilcabbagehai> i mean am i going to regret asking for so much
<sarnold> you may also like to try the "last" command
<gerbilcabbagehai> chown bob:bob . index.html ; chmod 755 . ; chmod 644 index.html ... results in
<gerbilcabbagehai> chown: changing ownership of `.': Operation not permitted
<gerbilcabbagehai> chown: changing ownership of `index.html': Operation not permitted
<gerbilcabbagehai> what am i typing incorrectly?
<sarnold> oh bother. my fault.
<gerbilcabbagehai> ./index...?
<sarnold> gerbilcabbagehai: you'll need to run those commands via 'sudo'. If you run 'sudo -s' it'll start a root shell for you...
<sarnold> gerbilcabbagehai: I'm being summoned for dinner :) so I'm off for the night. have fun!
<gerbilcabbagehai> thanks :)
<Bluemalkin> hi - does anyone know hot to do an approx apt cache refresh in 12.04 since the approx-update has been removed ?
<gerbilcabbagehai> does root have more permissions than username? i.e. if I mistakenly make /var/www permissioned to USERNAME only, can root still access?
<linocisco> hi all, HOw can I save jpg/pdf or scanned documents in database.?
<linocisco> not as only link. Just physical image file
<linocisco> hi all
<linocisco> is there any LDAP like settopbox so that windows clients can authenticate and see their designated folder and their roaming home folders?
<cluelessperson> Does anyone know how to restrict an SFTP user into only their home directory?
<RoyK> cluelessperson: use rssh to disallow normal login and read up on chrooting
<cluelessperson> RoyK: Is there an easier way to chroot?
<cluelessperson> RoyK:  I've got rssh working
<RoyK> cluelessperson: dunno, try google
<cluelessperson> RoyK: I've spent way too much time on google without results.
<Insomniac11> Hello, I need help troubleshooting an Ubuntu 12.04 Server-amd64 installation. I keep getting the errors listed in this pastebin: http://pastebin.com/frpZkMAt I also looked in the last 20 lines of the syslog and can't make sense of it, I attatched that to the pastebin as well for all to see. The pastebin has more detailed information as well.
<ikonia> Insomniac11: it looks like you have errors that have already scrolled off the screen
<Insomniac11> Hmm, I thought they were just wordwrapped down tot he next line??
<ikonia> Insomniac11: your first line is saying "you may want to correct this problem" - so there is obviously errors above that
<Insomniac11> Well, I read the last 20 lines were pernient somewhere where someone had a similar problem, and I didn't know how to export the entire syslog into a separate file from within the terminal to an ourside source.
<Insomniac11> I'm sorry, I'm not very familiar with all of this. I will try to get you more information.
<Insomniac11> I can give you access to my VNC? Then you can see the whole log
<Insomniac11> as it is on my screen
<ikonia> no thank you
<Insomniac11> Any suggestions for forward progress?
 * Insomniac11 shrugs
<Insomniac11> Maybe someone can help in the #ubuntu channel. Thanks anyways ikonia.
<Dulcin> I just accidentally chown and chgrp everything in /var/ to my user, I've put it back to root - but is that how is used to be?
<uvirtbot> New bug: #1053892 in lxc (universe) "failed to install quantal-core-armhf_default(20120921):  some packages(mountall:amd64, upstart:amd64, iproute:amd64) have have unmet dependencies" [Undecided,New] https://launchpad.net/bugs/1053892
<uvirtbot> New bug: #1053893 in cloud-init (main) "cloud-init should be able to switch off password auth in sshd" [Undecided,New] https://launchpad.net/bugs/1053893
<lordievader> Good morning.
<jamespage> Dulcin, almost certainly not
<RoyK> cluelessperson: first hit on google http://www.cyberciti.biz/tips/howto-linux-unix-rssh-chroot-jail-setup.html
<RoyK> cluelessperson: good choice of nick, btw ;)
<cluelessperson> RoyK: So I've followed the directions, and it doesn't work
<RoyK> cluelessperson: then you're doing something wrong
<cluelessperson> RoyK: http://unixhelp.ed.ac.uk/CGI/man-cgi?sshd_config+5
<cluelessperson> according to that I can chroot and restrict sftp users without other dependencies, that I must set up chroot to be root owned but not rw by any other group.
<cluelessperson> which means chmodding the chroot directory
<cluelessperson> problem being, it's automounted by fstab
<cluelessperson> so, I need to dictate in fstab the umask= something
<cluelessperson> RoyK: do you know off the top of your head to only allow root access to either r or w ?
<cluelessperson> mode
<RoyK> cluelessperson: man setfacl
<RoyK> !acl
<cluelessperson> RoyK: Oi.  I'm getting closer.  Now I've only got a permission denied
<cluelessperson> RoyK: Okay, so now the issue is what it's not restricting the user to their home directory
<RoyK> cluelessperson: I've answered that question
<cluelessperson> do chroot?  I did though
 * RoyK gives up and finds something better to do than talking to rather clueless people
<cluelessperson> RoyK: This isn't obvious.
<cluelessperson> RoyK: First fstab has to mount it with appropriate permissions, which I have no idea what those are, supposedly only root read and write access.
<cluelessperson> second, this user is configured to use the rssh shell, denied scp access.
<cluelessperson> their home in /media/sftp/guest/
<SpamapS> jamespage: did you see that ceph 0.48.2 was released on Wednesday?
<roaksoax> Daviey: https://bugs.launchpad.net/ubuntu/+bug/1054022
<uvirtbot> Launchpad bug 1054022 in ubuntu "[FFe] [needs-packaging] openstack-resource-agents" [Undecided,New]
<doko> Daviey, zul: is the maas-provision demotion ok for quantal?
<zul> doko: no idea
<uvirtbot> New bug: #1054035 in cloud-init (main) "Adding default user fails due to lack of 'netdev' group" [Undecided,New] https://launchpad.net/bugs/1054035
<Daviey> doko: I wouldn't worry about it.  It's either going to be plainly removed, or turned into a transitional package shortly.
<doko> Daviey, ok, demoting. transitional packages can say in universe
<_val_> Hi everyone. Using LTS 12.04. After a reboot I got to (initramfs). I fixed this issue once without using a live CD or else. Now how would I set the rootpat?  I did  set root=hd0,0   returned nothign. How do I beet the preivous kernel?
<stgraber> hallyn: thoughts on https://github.com/lxc/lxc/issues/4 ?
<doko> Daviey, the netcf binary pops up on the demotion list, although the source was promoted this cycle. is the demotion correct?
<jamespage> _val_: hit escape on boot - you should get a menu of choices...
<Daviey> doko: probably not
<doko> please seed it
<hallyn> stgraber: nothing we can do about that, it's kernel enforced
<hallyn> stgraber: that's where optionalling doing chroot instaed of pivot_root would come in
<_val_> jamespage: does not help.
<hallyn> stgraber: but that won't fix certain things like /proc/maps and /proc/mounts
<jamespage> _val_, does the same thing? hmmm
<jamespage> the server iso has a rescue mode
<_val_> I've set up a tunnel for the ipmi interface otherwise I can't reach the server. Either the Esc key is not working.. and when typing 'boot' it just says. Command not found
<doko> SpamapS, jamespage: you seem to care about ceph. python-ceph is schedule for demotion. is this intended?
<jamespage> doko, no
<hallyn> stgraber: so we *could* recommend a particular ugly combination of virtual devices set up for /var/lib/lxc/ which would make MS_SHARED work, i *think* we can make it work...  fugly though
<jamespage> let me seed it
<doko> thanks
<hallyn> stgraber: but the shared setting has to be right for both the device and it's parent iirc
<hallyn> stgraber: (requirements are documented in fs/namespace.c)
<hallyn> stgraber: (biab)
<doko> Daviey, cloud-initramfs-rescuevol demotion?
<stgraber> hallyn: so I guess there's no way of setting the initial bind mount as PRIVATE so it doesn't bring the whole tree with it?
<hallyn> stgraber: not sure what you mean;  but a single mount won't do it
<hallyn> we'd probably want to make a tmpfs mount and then mount /var/lib/lxc onto there
<hallyn> stgraber: it's worth playing with.
<stgraber> hmm, yeah... ugly, so not something we should be doing by default. Maybe get the magic in a pre-mount hook that they can use on systems with systemd
<hallyn> that's an idea
<jamespage> doko, done
<Daviey> doko: Unless you are in a hurry for this, i'll process cloud related demotions on Monday.
<hallyn> or pre-start
<hallyn> i was thinking just recommending a best practice for setting up lxc at install time
<doko> Daviey, that's fine. just doing my +1 maint
<hallyn> stgraber: it would be fun to play with, but give we have our own priorities and time constraints, it seems like something we should guide one of our fine fedora friends through
<stgraber> hallyn: yeah, not worth spending time working around weird systemd "features"
<hallyn> stgraber: looking back through, current->fs->root->mnt-parent must not be MNT_SHARED - that's probably the hardest one to handle
<jamespage> SpamapS, no - I'd missed that
<jamespage> ceph 0.48.2 that is....
<doko> Daviey, the last one is python3-requests
<hallyn> stgraber: libvirt-lxc will of course have the same issue .  so really i expect it to be fixed in fedora pretty quickly
<jamespage> SpamapS, release notes and commit history in github look reasonable
<jamespage> http://ceph.com/releases/v0-48-2-argonaut-stable-update-released/
<jamespage> I'll give it a test over the weekend and upload early next week
<SpamapS> jamespage: I already started actually
<SpamapS> jamespage: I was wondering how you've been creating the packages. I cloned git, checked out the tag, and then archive/uupdate'd from that
<jamespage> SpamapS, use the watch file in the package - it does the right thing
<jamespage> uscan --rename --verbose
<jamespage> I think
<SpamapS> jamespage: it produced a really gigantic diff
<SpamapS> jamespage: all the generated files added and stuff
<jamespage> SpamapS, really - odd - thats how I did it last file
<jamespage> you are using the official ubuntu packaging branch as source right?
<jamespage> grrr - now I remember
<jamespage> bzr is crap at merging a tarball with a debian subfolder
<jamespage> it should discard it IMHO
<SpamapS> jamespage: I gave up on the bzr way rapidly
<SpamapS> jamespage: I didn't spend much time investigating.. the git tag produced an expected diff
<hallyn> plars: wow, this is messed up
<hallyn> plars: i installed a precise server.  installed openssh-server.
<hallyn> upgraded.  rebooted.  i have the console that doesn't update.
<hallyn> plars: but i log in over ssh and watch ps output,
<plars> hallyn: yeah, that's exactly what I'm seeing
<hallyn> while i type my username /pwd onto the dead console.  then say 'vi /tmp/ab'.  'login --', bash, and vi /tmp/ab show up in ps -ef output!
<jamespage> SpamapS, I don't have time todo it now - if you do update it please can you update the arch for python-ceph - I think it should be 'all'
<jamespage> otherwise I'll pickup +2 days
<hallyn> plars: so the consoles are working and getting input.
<plars> hallyn: I haven't messed with the networking enough to sort out how to get a connection to it, what's incantation for that?
<plars> hallyn: so it's not truly frozen, that's good at least
<hallyn> plars: yeah this looks like a bug in the vnc output in qemu-kvm
<hallyn> plars: not sure which incantation you mean.  i had the vm bridged to my br0, and watched dhcp server logs to get the ip address, and ssh'd to it
<hallyn> and, if i hit 'send ctrl-alt-f2' in the vnc client menu, and log back in, i get a second session :)
<hallyn> all right, i can file a bug on this.  thanks plars !
<plars> hallyn: I'd be happy to file it, I just have no idea where to put it
<SpamapS> jamespage: got it. Will do
<hallyn> plars: oh i'm just going to qemu-devel.  feel free to email yoruself if you like.
<hallyn> plars: now i'm wondernig if non-upgrade reboots will do it too
<hallyn> plars: change of locale, biab
<jamespage> SpamapS, ta
<uvirtbot> New bug: #1034837 in juju "authentication token expiry with openstack provider" [Critical,Confirmed] https://launchpad.net/bugs/1034837
<plars> hallyn: jibel just made an awesome discovery, booting with -vga std seems to make it happy
<hallyn> plars: oh the default is cirrus?  bah.
<hallyn> plars: i suppose it could even be the kernel driver in quantal
<plars> hallyn: that's what it sounds like then...
<hallyn> plars: so before oing to qemu-devel i'll file a bug in lp :)  to track our discoveries
<hallyn> plars: would you mind doing a bunch of reboots in both precise and quantal vms and seeing if either/both get the no console after a regular reboot?
<hallyn> plars: i'm also curious whether rebooting (without hard-power-off) can also fix the console
<plars> hallyn: I'm doing it on the precise one right now, I can check in a bit on quantal
<hallyn> plars: awesome, thanks.  i'll start the lp bug
<hallyn> plars: say, are you using vnc, or are you using SDL?
<hallyn> if you're using SDL then that makes it much less likely to be a qemu bug (as that's a different output system having the same bug as vnc)
<uvirtbot> New bug: #1054096 in juju "Openstack folsom compatibility" [Critical,Confirmed] https://launchpad.net/bugs/1054096
<plars> hallyn: sdl
<hallyn> plars: interesting.  thanks
<uvirtbot> New bug: #1050592 in juju "exceptions.TypeError: object of type 'NoneType' has no len() from "relation-get"" [Critical,Confirmed] https://launchpad.net/bugs/1050592
<uvirtbot> New bug: #1053669 in juju ""Relation not found" when running relation-list" [Critical,Confirmed] https://launchpad.net/bugs/1053669
<uvirtbot> New bug: #1054129 in qemu-kvm (main) "reboot with -vga cirrus can result in broken output" [Medium,New] https://launchpad.net/bugs/1054129
<Queops> Hello! https://help.ubuntu.com/12.04/serverguide/postfix.html => Configuring SASL, I can't find what it wants me to edit on /etc/dovecot/dovecot.conf
<fullstop> Hey.. I have a 12.04 server, and it appears to be trying to mount -a before starting lvm.
<fullstop> any idea how to get it to delay or change the order?
<fullstop> switch to uuid rather than path?
<xnox> fullstop: what's the actual problem why you want it not do that?
<xnox> at boot we have udev running and adding lvms.
<xnox> fullstop: you probably want to modify your /etc/lvm.conf if you don't want thousands of them =)
<fullstop> at boot, it states that the device is not ready and asks if I wish to skip it.
<hallyn> ahs3: self-tests all passed with http://people.canonical.com/~serge/netcf022/ . not sure if i should test an ubuntu version (with libvirt) before asking for the debian one to be pushed...
<xnox> fullstop: and what is the device in question and why is it not ready?
<ahs3> hallyn: couldn't hurt, y'know...
<fullstop> The device is just a logical volume.  I assumed that it was not ready because lvm2 had not been started yet.
<xnox> fullstop: please file a bug against mountall with your stab, fdisk and lvs & vgs.
<xnox> fullstop: well, actually lvm2 in that case
<hallyn> ahs3: :)
<xnox> fullstop: udev rules should find and activate all VGs rather quickly
<fullstop> I find it hard to believe that I'm the first to run into this
<fullstop> http://pastebin.com/4Sv8cKvv
<xnox> you have raid as well, so it's not just lvm.
<fullstop> No, there is no raid.
<fullstop> In fact, this setup only has one drive right now.
<xnox> why is it assembling "MD arrays" - mdadm -> RAID arrays.
<xnox> ?
<fullstop> I'm guessing that it does that on all servers
<xnox> no, it does not.
<fullstop> I may have installed dmraid to get around another boot-time bug.
<fullstop> I promise you, though, this system has just one drive.
<xnox> fullstop: please file a bug against mountall and please attach: /etc/fstab, lvs, vgs
<xnox> fullstop: something odd is going on though.
<fullstop> okay
<xnox> fullstop: ubuntu-bug mountall
<xnox> should work on the server and collect relevant info.
<xnox> and print an URL where to go in your browser to file a bug.
<fullstop> got it
<fullstop> I wish I could remember what package I installed to work around another boot-time problem.
<sarnold> fullstop: /var/log/dpkg.log has some details when packages were installed; if you can recall vaguely when you installed that package, you may be able to find the log entries about it..
<fullstop> sarnold: I looked through there already.  Nothing jumped out at me.
<uvirtbot> New bug: #1052522 in quantum "L3 plugin exists / dies when external bridge isn't up" [Critical,Fix released] https://launchpad.net/bugs/1052522
<sarnold> fullstop: drat :)
<fullstop> xnox: reported.  Here is a similar report: http://forums.debian.net/viewtopic.php?f=5&t=51146&start=0
<xnox> fullstop: bug number?
<fullstop> 1054190
<xnox> fullstop: debian is not very relevant, as we do not use init scripts for lvm.
<fullstop> noted
<xnox> fullstop: bug 1054190 <---- this way I will get a link
<uvirtbot> Launchpad bug 1054190 in mountall "mountall tries to mount lvm2 volumes before starting lvm2" [Undecided,New] https://launchpad.net/bugs/1054190
<xnox> tadah =)
<fullstop> go uvirtbot
<uvirtbot> New bug: #1054188 in qemu-kvm (main) "KVM Virtual Machines go into paused a few seconds after starting up" [Undecided,New] https://launchpad.net/bugs/1054188
<xnox> fullstop: ... and pvs
<xnox> *sorry* =)
<fullstop> We'll have to wait on that one.  The server is being rebooted and I'm remote.  Somebody has to walk up to it and press some keys.
<xnox> fullstop: or are they on the partitions of the sda?
<fullstop> I think that they are eating lunch right now.  :D
<fullstop> They are partitions on /dev/sda
<fullstop> I have something else..
<xnox> and you have to skip to boot? what happens if you wait? this is disturbing.
<fullstop> I think that it will wait forever.
<fullstop> okay, added the output of parted -l
<fullstop> be back in a bit
<zul> jamespage:  i dont see how radosgw is failing
<zul> jdstrand: so quantum
<zul> jdstrand: cisco and niciria doesnt use rootwraper apparently
<jdstrand> zul: ok. can you comment in the bug?
<zul> jdstrand: i will
<jdstrand> zul: ping me after and I'll ACK
<zul> done
<fullstop> xnox: http://pastebin.com/jggwtJ04
<fullstop> I removed mdadm and rebooted.
<fullstop> I've not mucked about with udev or anything like that, either.
<fullstop> and the lvm2 init script has this in it: X-Start-Before:    checkfs mountall
<fullstop> so I am kind of perplexed.
<uvirtbot> New bug: #1044632 in juju "Modify format 2 so that it supports raw strings" [Critical,Fix committed] https://launchpad.net/bugs/1044632
<xnox> fullstop: interesting lvm2 init script you say?
<xnox> fullstop: dpkg -S /etc/init.d/lvm2
<xnox> or fullstop: dpkg -L lvm2
<xnox> (we did have an accident of dropping clvm and reintroducing lvm2 init script, when we actually want to keep clvm and drop lvm2)
<fullstop> lvm2: /etc/init.d/lvm2
<fullstop> and the other dpkg command lists all of the files for the package.  I can paste that if need be
<xnox> fullstop: on precise?
<fullstop> yes
<fullstop> Ubuntu 12.04 LTS \n \l
<xnox> fullstop: dpkg -i lvm2
<xnox> and fullstop: dpkg -L lvm2 | grep init
<fullstop> dpkg-deb: error: `lvm2' is not a debian format archive
<fullstop> http://paste.ubuntu.com/1219059/
<xnox> fullstop: http://packages.ubuntu.com/precise-updates/amd64/lvm2/filelist
<xnox> does not have lvm2 init script.
<fullstop> This install is quite recent.
<fullstop> and we've not gone around changing things willy-nilly.
<xnox> fullstop: was it precise install or upgrade?
<fullstop> install
<fullstop> ubuntu-server
 * xnox wonders where /etc/init.d/lvm2 came from
<xnox> fullstop: what's the full lvm2 package version number?
<xnox> dpkg -i lvm2
<xnox> and
<xnox> apt-cache policy lvm2
<fullstop> http://paste.ubuntu.com/1219061/
<fullstop> the first command wants to operate on a .deb package
<xnox> fullstop: you are mixing debian & ubuntu
<xnox> fullstop: if you want .95, just add quantal and pin lvm2 from quantal. But please note this is _not_ supported.
<xnox> fullstop: and hence the boot problems you have.
<fullstop> à² _à² 
<fullstop> I will find the person who added those repos
<fullstop> sorry for wasting your time
<xnox> fullstop: it's ok =) good luck.
<skrite> hey all
<xnox> fullstop: sounds like you want puppet management (which goes about overwritting "customizations" like these with approved/managed configs)
<xnox> fullstop: or you can use landscape which does compliance management as well.
<fullstop> I'll have a talk with a few people.
<xnox> fullstop: you do want to check what other crap you got from testing, cause precise froze good ~4 months before debian did.
<fullstop> Yes, going through that now.  Thanks.
<hallyn> stgraber: pushed a single trivial fix to lp:ubuntu/precise-proposed/lxc.  NOt sure if you had other things to stage
<stgraber> hallyn: nope, nothing on my side
<hallyn> stgraber: hm, i'm loath to start an SRU for this one-liner
 * hallyn tries to find other SRU-ables
<stgraber> hallyn: oh, didn't see it was precise-proposed...
<stgraber> hallyn: we have quite a few that probably should go as sru to precise
<stgraber> hallyn: I'll have a look at what went into quantal, figure out what makes sense to push as sru
<hallyn> hm, there's a bunch at https://bugs.launchpad.net/ubuntu/precise/+source/lxc
<chris|> hallyn, would you consider #1047837 sru able?
<hallyn> chris|: switching from sysvinit to upstart - probably not.  especially since there doesn't appear to be a bug introduced by using sysvinit, right?
<hallyn> chris|: SpamapS ^ might know better
<SpamapS> chris|: It says wishlist. We only do SRU's for High Impact bugs.
<chris|> right, there's no bug, but worth a try :)
<SpamapS> chris|: and really, whats the point of migrating zabbix to upstart?
 * SpamapS heads out to see the shuttle fly-by
<chris|> SpamapS, have upstart start/stop services/task when specific containers start/stop
<chris|> ah, no, zabbix
<chris|> well, for once the respawn is kind of nice, I can delay zabbix until my networking and database setup is actually finished
<hallyn> stgraber: uh, jinkeys.  I mistyped when fixing the debian testing container creation.  that needs to be isc-dhcp-client, not server
<stgraber> oops, indeed :)
<hallyn> stgraber: guess i'll commit the fix to that to bzr for now
<arosales1> utlemming: could you add appropriate release note entry for the work items completed on the https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-cloud-images BP ?
<utlemming> arosales1: yup, will do
<arosales> utlemming: thanks
<arosales> utlemming: probably want to do the same for https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-awstools as most of the majority of the packaging work items look to be completed.
<utlemming> arsoales: ack
<arosales> utlemming: thanks
<hallyn> stgraber: precise-proposed lxc tests fine, i'll push
<stgraber> hallyn: ok
<hallyn> hm, augeas in quantal seems broken
<skrite> in virtualbox, can i run a virtual machine in the background, or like, from a screen or tmux session?
<uvirtbot> New bug: #1054306 in netcf (main) "ncftool list fails" [High,Triaged] https://launchpad.net/bugs/1054306
<rjune> I put tasksel tasksel/first multiselect standard,edubuntu-desktop in my preseed file. It installed the standard system, but not edubuntu-desktop. Is that statement only able to specify a single target to install?
<hallyn> ahs3: all right, that netcf (without the libvirt Conflicts) tests fine in quantal by itself and thorugh libvirt
<ahs3> hallyn: sweet.  what's the url for the dsc file again?
<hallyn> ahs3: http://people.canonical.com/~serge/netcf022/netcf_0.2.2-1.dsc
<ahs3> hallyn: thx.  i'll try to get that in over the weekend
<hallyn> ahs3: thanks!  ttyl
<uvirtbot> New bug: #1054329 in augeas (main) "Sync augeas 0.10.0-1 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/1054329
<ninjix> anyone here ever used the python-libvirt to upload a virStorageVol?
<robgault_> q
<blizzow> okay, so I downloaded the iso for ubuntu server.  I ran the usb-creator-kde utility, formatted a 160 GB external USB drive.  then "installed" the iso on the drive via usb-creator-kde.  When I boot off the drive, the initial process is fine, but then during the hardware detection the thing just bitches and moans that it can't find the CDROM to continue the installation.  Anyone know a way around this?  I've tried to ln -sf /dev/sdf /dev/cdrom and that d
<sarnold> blizzow: cut off at "and that d"
<blizzow> "did not work."
<sarnold> so close ;)
<sarnold> blizzow: do any other virtual terminals show any debugging information?
<blizzow> The debug console just shows it spinning at trying to detect cdroms or some similar verbiage.
<uvirtbot> New bug: #1036172 in python-tablib (universe) "[MIR] python-tablib" [High,Fix released] https://launchpad.net/bugs/1036172
#ubuntu-server 2012-09-22
<Tohuw> How can I use wget -r to retrieve all files and folders from a given location, but not have it pursue links to the parent directory? E.g., I want to download http://example.tld/foo/bar/*, but nothing above bar/. When I use wget -r, it begins at bar/ and pursues up the chain to begin downloading objects from foo/.
<chovynz> is there a command i can do to 1) search my home folder, 2)go through each filename and folder, 3)find any spaces and replace the spaces with underscores? I recently did a backup of windows files and some of them have spaces, despite every effort to enforce a no spaces policy.
<chovynz> i guess this could be a general topical support issue?
<chovynz> yeah. ill ask there instead. ignore my last messages
<sazawal> I want to route pulseaudio to jack using pulseaudio-module-jack. Please help!
<uvirtbot> New bug: #1054477 in checksecurity (main) "check-diskfree ignores fs with "media" anywhere in mount path" [Undecided,New] https://launchpad.net/bugs/1054477
<ae01> I have some question
<ae01> Somebody pls answer me.
<ae01> About ubuntu automatic installation
<ae01> Pls....
<ae01> Please...
<`Dyanna83> any admin on
<`Dyanna83> ?
<`Dyanna83> or some body else?
<mrfishjosh> whats up? not really an admin
<ironm> `Dyanna83, it is normally a good idea just to ask ...
<patdk-lap> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<`Dyanna83> some admin
<`Dyanna83> ?
<Guest38055> Hi, I am trying MaaS using ubuntu 12.04 server. Since i already have the 12.04 iso, is there a way to avoid doing " sudo maas-import-isos " while setting up MaaS.
<Guest38055> I mean that can i use the iso i have already downloaded and using to create a MaaS machine, can that iso be used in the MaaS
<RoyK> hrmf
<RoyK> is qcow2 really very slow compared to raw, preallocated images?
<iqualfragile> hi, what is this: http://sebsauvage.net/paste/?55fd498290eeb864#5IkplCMlxEkxEEKKbssQSOtabMCYsoRAE2DMTnwulR8= trying to tell me?
<patdk-lap> hmm
<patdk-lap> sounds like nfs doesn't like your tgt
<iqualfragile> yeah, thats the problem, my client mounts the share but every folder in it is owned by nobody:nogroup
<patdk-lap> ya that would be a nfs4 permissions issue
<patdk-lap> everything needs to match on the nfs client and server
<patdk-lap> the usernames and id's
<patdk-lap> also, you must use an authenicated login to mount the nfs
<iqualfragile> i do
<patdk-lap> if any of that fails, you get nobody and basically read-only
<iqualfragile> and it matches
<patdk-lap> that error message says something doesn't match/is trusted
<RoyK> iqualfragile: usually that means you don't have kerberos setup correctly
<RoyK> iqualfragile: try nfsv3
<iqualfragile> what would that change?
<patdk-lap> heh
<iqualfragile> i have just tested: i can login on my client with an remote ldap-account
<patdk-lap> EVERYTHING :)
<patdk-lap> hmm?
<iqualfragile> and i can use kadmin from the client
<patdk-lap> what does any of that have to do with kerberos on nfs4?
<RoyK> iqualfragile: mount -t nfs -o vers=3 ...
<iqualfragile> but the server runs v4
 * patdk-lap hasn't heard of a nfs4 server that doesn't also do nfs3
<lordievader> Good evening
<iqualfragile> hi
<lordievader> Het iqualfragile, how are you?
<lordievader> hey*
<iqualfragile> ok, i solved that problem, i had to regenerate  all the keytabs
<iqualfragile> im fine
<lordievader> iqualfragile: Good to hear.
<katronix> Hi all, I just had Ubuntu re-installed on my server, and now the bind directory I backed up is having issues. Are there changes I have to make for it to work?
<katronix> anyone here?
<ironm> katronix, es .. I am here
<ironm> katronix, what is your exact problem with /bin ?
<katronix> ironm Not having an issue with /bin, having an issue with bind
<katronix> its complaining about axfr.conf
<andol> katronix: You know, it would be a lot easier to help you if you told us what kind of issues you were having. Nevertheless, I'll take a shot in the dark and guess that you are having permission problems, due to the current bind user/group is having a different uid/gid than on your previous install.
<ironm> katronix, when you reinstall Linux than some default settings can get overwritten
<ironm> katronix, check the file  axfr.conf onto the new installation and the old version from backup
<andol> katronix: So, if you list the files under /etc/bind/, what users and group are they reported as beonging to?
<katronix> the afxr.conf file I have is from the previous install. some of the files are owned by root:root and others by root:bind
<andol> katronix: Also, instead of saying "complaining about foo", do provide the exact complain, without paraphrasing.
<katronix> http://pastebin.com/bAjeMc6w here is the log file excerpt
<ironm> katronix, have you compared the old and the current axfr.conf already?
<katronix> I didn't check to see if I had one previously
<ironm> katronix, you said already that you have made a backup
<katronix> yes this is the backup
<katronix> what does this file do?
<RoyK> looks like you created a zone file in the wrong place
<blendedbychris> anyone know of a good way to trigger a service restart on file change?
<blendedbychris> i was looking at incron
<katronix> RoyK, can you be a bit more specific?
<RoyK> using puppet is perhaps overkill, but it's a jolly good framework :)
<RoyK> blendedbychris: that was for you
<blendedbychris> i use puppet already but I don't think it's fast enough
<blendedbychris> for what i'm trying to do atleast
<RoyK> katronix: looks like you put the zone definition into axfr.conf
<RoyK> blendedbychris: I guess writing a wrapper using inotify could do it
<blendedbychris> this looks promisingâ¦ http://manpages.ubuntu.com/manpages/hardy/man5/incrontab.5.html
<katronix> I didn't but an old panel I was using may have, which of course not included on this version
<RoyK> blendedbychris: oh, didn't know that one :)
<katronix> ah that fixed lol, silly simple mistake
<blendedbychris> RoyK: can you think how i could restart a service as a nonroot though?
<blendedbychris> incrontab doesn't let me create a crontab to root
<RoyK> blendedbychris: you can't restart a service as nonroot, but you can use sudo to allow a user to do that
<blendedbychris> http://www.howtoforge.com/triggering-commands-on-file-or-directory-changes-with-incron << dang the internet knows everything
<katronix> once bind is working, what would be the dig command to make sure its working as expected?
<blendedbychris> RoyK: can you think of a reason why running restart with inotifyd would cause two instances of the service to run?
<blendedbychris> i have no doubt that the problem is a crapp y init.d script but it seems only inotify does it
<RoyK> I doubt they use inotifyd
<blendedbychris> well i know i had it just run service foo restart
<RoyK> inotify is easy to use on files without a separate daemon
<RoyK> question is
<RoyK> would you really want to restart a service once a file is changed?
<blendedbychris> ya. i don't have much of a choice at this point
<RoyK> maybe the sysadmin changed something on the apache config and apache died because he wasn't finished
<blendedbychris> it's not a apache type service
<blendedbychris> it's Wowzaâ¦ the only way for it to start playback from a given playlist file is to restart it
<RoyK> still, it should be up to the sysadmin to restart the service
<RoyK> ic
<RoyK> what makes wowza so cool, btw?
<blendedbychris> it's cheap and it works
<blendedbychris> compared to the other solutions
<RoyK> I'm working on a project with mediamosa and researching how to do realtime with that
<blendedbychris> we use it for simulated live streaming
<blendedbychris> and also live streaming
 * RoyK wants to build an open system for such things
<blendedbychris> i think that's happening is notify is running restart twice maybe
<blendedbychris> what's*
<RoyK> perhaps the makers of wowza should implement inotify calls
<RoyK> would make things a bit easier
<blendedbychris> this simulated live thing has a "brew your own" notion to itâ¦ it's open source
<blendedbychris> it'd be nice if they just made it read the dumb playlist file
<blendedbychris> or implimented reload
<RoyK> wowsa's open source?
<blendedbychris> parts of it
<blendedbychris> RoyK: you still around?
<RoyK> blendedbychris: mhm
<patdk-lap> royk, the new living google!
<blendedbychris> for sure
<blendedbychris> i can't for the life of me figure out why inotify is starting wowza up twice
<blendedbychris> unless it simultaneously runs the service twice
<RoyK> patdk-lap: ?
<blendedbychris> figured it out :)
<blendedbychris> inotifyd aparently has a NO_LOOP parameter that will prevent the thing from going nuts if the file is modified more than once i pressume
<blendedbychris> and the commnd hasn't finished
<zastern> is there some reason why the www-data group is always GID 33? Is it safe to change?
<guntbert_> zastern: on a running system? why would you want to do that?
<zastern> guntbert_: no, new system
<zastern> im going to have multiple apache systems serving the same content, and for various reasons, its helpful to have users/groups have the same gid on every system
<zastern> I don't mind keeping at 33, if that's safe to enforce
<guntbert_> zastern: iirc those numbers are set somewhere in a seed file for the installation - should be stable at least for a while :)
<zastern> guntbert_: welp, i have 2 apache 10.04 nodes and its 33 there, and a bunch of 12.04 and its 33 there. so it seems safe :)
<zastern> im going to have puppet always create that group with GID 33 then.
<zastern> and the user with UID 33
<guntbert_> zastern: I just looked into a debian server: its 33 there too
<zastern> guntbert_: I figured as much.
<guntbert_> zastern :)
<Guest93100> Whats happening fellow Ubuntu enthusiasts
<Auckla> Hi guys, I have a fresh install of Ubuntu Server 12.04 LTS. I setup /etc/network/interfaces with proper *Stat* ip settings, yet for some reason. I come back four hours later to see my server using a DHCP assigned address?
<Auckla> Network interface file http://pastebin.com/xX3Wqerg
<kjsdh> sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0
<kjsdh> auto eth0
<kjsdh> iface eth0 inet static
<kjsdh> address 10.0.0.100
<kjsdh> netmask 255.255.255.0
<kjsdh> gateway 10.0.0.1
<WACOMalt> Hi folks. Wondering the best free web control panel for Ubuntu server 12.04?
<WACOMalt> was looking at EHCP, but it's not compatible with 12.04
<fdge> Auckla, try commenting the "auto eth0" lines
#ubuntu-server 2012-09-23
<blast_hardcheese> Does OpenStack have a mode that doesn't involve starting up a secondary network?
<chovynz1> today i logged into my server via ssh, and found this : *** System restart required ***
<chovynz1> When I typed restart --no-wait it spits out an error, missing job. What do I need to type to restart the system?
<patdk-lap> just type restart
<blast_hardcheese> "reboot" is what you're looking for
<blast_hardcheese> not restart.
<blast_hardcheese> restart is to restart processes
<chovynz1> thank you blast_hardcheese
<blast_hardcheese> no problem
<blast_hardcheese> Anyone have any idea regarding my OpenStack question?
<blast_hardcheese> The documentation is really hard to follow unless you're doing it exactly like they have it written.
<blast_hardcheese> man pages are scattered to the four corners of the planet as well.
<chovynz1> man the shotgun huh?
<patdk-lap> heh
<patdk-lap> now I'm all messed up :)
<blast_hardcheese> some processes have decent help, others just give useless "This is a stub"
<patdk-lap> restart is the cisco command :)
<blast_hardcheese> patdk-lap: It's easy to get confused, I've found when you live with this stuff for a long enough time your fingers automatically type the right thing in the right context
<blast_hardcheese> If someone says something else that sounds right, your brain autocompletes the context
<chovynz1> "you know, normal people just have aquariums"
<blast_hardcheese> screw normal
<chovynz1> :D
<blast_hardcheese> I have a friend that collects aquarium software ;)
<blast_hardcheese> (obligatory xkcd: http://xkcd.com/1095/ )
<chovynz1> (01:36:54) blast_hardcheese: I have a friend that collects aquarium software ;) ... you mean like this? www.youtube.com/watch?v=7DXMXBnTOH0
<osX64> Link [YouTube] :: chovynz1 :: High Res - Aquarium Mineral Oil Submersion HDD Media Server PC
<blast_hardcheese> mm, no
<chovynz1> :D
<blast_hardcheese> can't wait until the next stable kernel rev
<blast_hardcheese> 3.5.4 broke my touchscreen, had to revert to 3.4.5
<chovynz1> I've just rebooted my server, what would cause the server to stop responding at the Award Software System Configurations screen?
<blast_hardcheese> chovynz1: Any messages?
<chovynz1> blast_hardcheese: no messages. the cursor is blinking at DDR SDRAM at Bank : 0 1_
<blast_hardcheese> A couple things jump to mind. Easiest would be the BIOS getting stuck.
<chovynz1> how do i unstuck it?
<blast_hardcheese> Completely remove power from the machine, hold the power button down to flush the capacitors, then plug it back in
<chovynz1> bleugh. i dont want to do that every time i reboot.
<blast_hardcheese> shouldn't have to, but definitely something to test.
<chovynz1> i can do it now, but it's not a long term solution
<blast_hardcheese> (Not 100% sure the capacitor thing actually works, might have to wait for 15 seconds or something. Pushing the button is easier though.)
<chovynz1> waited for 40
<blast_hardcheese> no dice?
<chovynz1> no dice
<blast_hardcheese> Can you get into BIOS setup?
<blast_hardcheese> (or your EFI utility, if you're EFI)
<chovynz1> yes. there now
<blast_hardcheese> Turn off "quick boot"
<blast_hardcheese> that'll run extended diagnostics
<chovynz1> how i flash my cmos and bios? they 2003.
<chovynz1> bring it to the 21st century baby
<blast_hardcheese> The general rule is leave it like it is unless you have to upgrade it
<blast_hardcheese> What did the diagnostics say?
<chovynz1> ok. leaving it like it is
<chovynz1> im not sure where to find the quick boot. having another look
<blast_hardcheese> Might not be "Quick boot" exactly
<chovynz1> or anything that resembles it
<blast_hardcheese> What kind of BIOS
<blast_hardcheese> what motherboard
<uvirtbot> New bug: #1054823 in dovecot (main) "package dovecot-core 1:2.0.19-0ubuntu2 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1054823
<chovynz1> how would i find out without the software diagnostic tools?
<blast_hardcheese> Did you build this server?
<chovynz1> sort of. off someone else's computer. they used win xp well. I wiped their HD and installed ubuntu and let it do it's thing
<blast_hardcheese> so you didn't build it, but it's not stock?
<chovynz1> correct
<chovynz1> open the case and read the mb?
<blast_hardcheese> Motherboards typically have the model number written on the board itself.
<blast_hardcheese> yeah, probly.
<chovynz1> sec.
<blast_hardcheese> How long have you had this machine?
<chovynz1> about a month
<blast_hardcheese> How many times have you rebooted it?
<chovynz1> three times. first and second time i reinstalled ubuntu.
<blast_hardcheese> oh, a good question; What was the reason you needed to restart?
<chovynz1> i've since put data on it so id prefer not to reinstall
<blast_hardcheese> Did you get any kind of "Your something or other has changed, please reboot"?
<chovynz1> same thing. after the second i thought i had it stabilised as i rebooted and it went thought successfully.
<chovynz1> *through
<blast_hardcheese> I'm from Debian, Ubuntu still feels kinda weird, all the stuff it comes with out of the box
<chovynz1> after updating then rebooting it did this again
<blast_hardcheese> "do this, do that, here's how you do this" kinda stuff
<chovynz1> lol
<blast_hardcheese> With debian, you install what you want
<blast_hardcheese> If you want that stuff, install it. If you don't, don't.
<blast_hardcheese> What about my last question?
<chovynz1> other than that message no
<blast_hardcheese> hmm.
<blast_hardcheese> Can you boot into the Ubuntu Installation media?
<blast_hardcheese> There should be a "Rescue Mode"
<chovynz1> *** System restart required *** was the only message i got
<blast_hardcheese> Hmm.
<chovynz1> I could be able to boot using a usb / cd / dvd
<chovynz1> rather not unless necessary.
<chovynz1> I'd like the system to work by itself instead of me rescuing it all the time :)
<chovynz1> sec, getting a torch for the mb
<blast_hardcheese> That's the only other thing I can think of. If you can't get your BIOS to tell you anything useful
 * chovynz1 mutters under the desk, that's often the case
<chovynz1> could the RAM be stuffed?
<blast_hardcheese> Anything could be the issue, but I try not to go around saying things are broken without proof
<chovynz1> ga-7vaxp sound like the mb?
<blast_hardcheese> If you suspect the RAM, run memtest86+, it should be on the Ubuntu install CD
<blast_hardcheese> http://ee.gigabyte.com/products/page/mb/ga-7vaxp-a/
<blast_hardcheese> Probably
<chovynz1> holy moly, nvidia gforce 6 on a ubuntu server
<chovynz1> completly unecessary
<chovynz1> with dual boot. :(
 * blast_hardcheese jokes about Ubuntu Servers being more likely to have X
<chovynz1> I think I may look at building my own in the near future, instead of relying on gifts.
<blast_hardcheese> Usually a good policy.
<chovynz1> "gift" that I worked for in exchange for some web work
<chovynz1> I dont even really know what hardware i need for a good server, i usually just bang it on
<chovynz1> see what works
<chovynz1> I know i dont need a graphics card
<chovynz1> why would this have dual bios?
<blast_hardcheese> "dual bios"?
<patdk-lap> most servers do
<blast_hardcheese> huh.
<blast_hardcheese> Never heard of it
<patdk-lap> the primary and a backup
<patdk-lap> unless he is talking about the bmc and normal bios
<blast_hardcheese> Apparently Gigabyte has a "Patented DualBIOS technology"
<chovynz1> phht
<blast_hardcheese> (tm)(r)(bs) etc
<chovynz1> I dont even
<chovynz1> ..really know what i would use this mb for. it's too underpowered for graphics, but too much and unecessary stuff for a sever
<blast_hardcheese> You could try flashing the BIOS, if you can get into the flash utility
<chovynz1> *server
<blast_hardcheese> I downloaded the BIOS update EXE, it's self-extracting
<blast_hardcheese> and opens with wine, I should say
<chovynz1> mm. Gentlemen. I shall need to depart. I thank you for your time. see you around.
<blast_hardcheese> good luck.
<CyclicFlux_> good evening fellow ubuntu-server enthusiasts
<blast_hardcheese> (and others, hopefully)
<CyclicFlux_> Upon doing a re-installation of Ubuntu system, while preserving my home directory.  I am having some prob's with reference to getting grub installed on my lvm.  I had it installed, and have a root/swawp lvm.  I was re-installing ubuntu 12.04.1, while preserving home.  However, upon the system re-installing when prompted I then had grub re-installed.  It definitely didn't work(and I am using the alternate .iso 12.04.1 amd_64, which I read can handl
<CyclicFlux_> e doing re-installation while preserving lvm, though it is not yet official for ubuntu), and I am told with grub2 you don't need a dedicated /boot partition
<CyclicFlux_> blast_hardcheese, lol!!! Thank you for finishing!
<CyclicFlux_> My question is my Ubuntu installation had no dedicated boot partition before, and I am not able to find any good resources on installing the grub2 to the root LVM drive(upon checking it appears that this is where it was before)
<blast_hardcheese> CyclicFlux_: https://wiki.archlinux.org/index.php/GRUB2#LVM
<CyclicFlux_> Everything else went very well, and everything is preserved.  My question is what is the best way to fix everything?
<blast_hardcheese> Check to see if the "insmod lvm" is in your grub config, for one
<blast_hardcheese> Oh, even better
<blast_hardcheese> http://ubuntuforums.org/showthread.php?t=1304407
<CyclicFlux_> blast_hardcheese, thanks I will
<blast_hardcheese> Someone's already asked this question on the Ubuntu forums
<blast_hardcheese> Whoops, that's not the right URL at all.
<blast_hardcheese> This looks more helpful: http://ubuntuforums.org/showthread.php?t=1778935
<blast_hardcheese> How are you booting currently, if you didn't install GRUB?
<CyclicFlux_> blast_hardcheese, I am using a live disk, because unfortunately I have only the ubuntu live alternate, and I am only able to get busybox shell, which is very limited.  When I try to boot the normal system it just stands still.
<CyclicFlux_> So I am using a bt5 live disk
<CyclicFlux_> BT5 R2 gnome 64-bit
<blast_hardcheese> AH.
<blast_hardcheese> Err, Ah.
<CyclicFlux_> blast_hardcheese, sorry for the delay my client is not configured at all.
<CyclicFlux_> blast_hardcheese, I will say though when I try to restore grub on the dvd, I get put into the grub-shell, not grub 2(grub> is what I see).  That tells me that the grub2 is not even found, so it is dropping back to grub.
<CyclicFlux_> blast_hardcheese, will I be able to mount it and fix it with this BT5 R2 Live DVD?
<blast_hardcheese> CyclicFlux_: I'm not familiar with either technologies to know if you can
<blast_hardcheese> familiar enough, rather.
<CyclicFlux_> blast_hardcheese, this is my fdisk -l output: http://pastebin.com/UaSU3rpF
<blast_hardcheese> What's sda1?
<patdk-lap> his /boot
<CyclicFlux_> blast_hardcheese, the sda1 I believe is the logical volume for my swap
<patdk-lap> only 200megs
<CyclicFlux_> I think
<CyclicFlux_> Here is the lvm output from lvdisplay: http://pastebin.com/8WAmNLMS
<blast_hardcheese> patdk-lap: Right, but he thinks he's got grub configured in LVM
<patdk-lap> heh?
<blast_hardcheese> CyclicFlux_: What makes you think /boot/ was in LVM before?
<patdk-lap> if your using grub2 also, that won't work
<CyclicFlux_> I saw it on the root partition I believe(however, I am not going to lie, I am not sure)
<CyclicFlux_> lol!!!
<patdk-lap> you need 1mb of space, not 32k space
<blast_hardcheese> CyclicFlux_: Good luck to you, going to go back to trying to configure OpenStack :)
<blast_hardcheese> Sorry I couldn't help
<CyclicFlux_> Should I make a new partition??(The ubuntu installer took care of everything, and this was done originally like 1 year ago, and I unfortunately didn't have notes when I did it, so its basically what the ubuntu installer did by default)
<CyclicFlux_> blast_hardcheese, thanks for your help anyway!!
<CyclicFlux_> patdk-lap, I am going to check it out.
<CyclicFlux_> patdk-lap, the /dev/sda1 is definitely my boot, and the dev/matterhorn-root lvm partition had a boot in it because I told the ubuntu installer to use it to install the system, and then when it said to install grub2 I believe ti defaulted to there, so the /boot on the /dev/mapper/matterhorn-root is there because of the installer using it for the default grub2 location(I am guessing)
<patdk-lap> heh?
<patdk-lap> you either have it *mounted* or not
<patdk-lap> nothing cares if what is pointed where
<patdk-lap> if it's mounted it is used, if not, it won't be
<patdk-lap> if it's mounted it will hide the lvm stuff
<patdk-lap> are you using grub1 or grub2?
<CyclicFlux_> patdk-lap, werrrrrd.  So I am going to unmount them(I am sorry I am not terribly familiar with lvm/lvm2), I just set it up for the first time on this system. And I am using grub2
<CyclicFlux_> I am thinkking by looking at everything now(via the file-explorer), the /dev/sda1 is the grub2 bootloader, and it is the 200mb partition.  So I am guessing the LVM partition does not even need to have a grub, one can just use that and then point it to the lvm, and then insert an lvm module for grub to use?
<patdk-lap> hmm?
<patdk-lap> lvm should never have *a grub*
<patdk-lap> it should have a /boot with stuff, if you want to boot via it
<patdk-lap> but if you have a partition for /boot that is pointless
<CyclicFlux_> patdk-lap, thanks for telling me this I have been scouring the web for stuff, and it is telling me lvm can have grub2, and grub 2 doesn't need its own /boot partition/etc... I think I am now getting the pieces to come together.
<patdk-lap> well, yes
<patdk-lap> but as you already have a /boot, you can do either
<patdk-lap> but it makes sense to keep what you have :)
<CyclicFlux_> patdk-lap, according to this link: https://help.ubuntu.com/community/Grub2/Troubleshooting on point 1, referencing the grub-shell
<CyclicFlux_> I am getting dropped to the grub> shell, and according to the link, its possibly due to me not have a grub.cfg
<patdk-lap> did you boot into your system?
<patdk-lap> once you do
<patdk-lap> make sure /boot is mounted
<patdk-lap> do a update-grub
<CyclicFlux_> Now that I am looking at that its a really good resource to all grub2 issues.
<patdk-lap> and a install-grub, or whatever it is, grub-setup?
<patdk-lap> but likely the issue is your boot partition
<patdk-lap> it starts at sector 63
<CyclicFlux_> I am in a live system now.  I will give it a whirl again. I tried it before I think, do I update the initramfs after?
<patdk-lap> and that isn't enough space for grub2
<patdk-lap> why initramfs?
<patdk-lap> I would use gparted to move your boot partition to start at the 1MB mark
<CyclicFlux_> because I thought that initramfs had to have the modules/etc... updated for grub2
<patdk-lap> initramfs is for linux
<CyclicFlux_> patdk-lap, I will start by doing that then
<patdk-lap> if your in grub, you haven't got anywhere near initramfs
<patdk-lap> bios -> disk -> grub -> linux -> initramfs -> init scripts
<CyclicFlux_> patdk-lap, if you could kinda walk me through this I'd be very much obliged because once I boot, if it doesn't work I will have to get back into my live disk mode.  My default ubuntu rescue doesn't work(when booting and holding shift key), the only thing that'll work is the 'previous linux versions'
<patdk-lap> hmm if previous works
<patdk-lap> then it sounds like a kernel thing
<patdk-lap> either /boot wasn't mounted when you upgraded the kernel, would be odd
<patdk-lap> so it's missing
<CyclicFlux_> patdk-lap, I just checked my output of fdisk -l, and my /dev/sda1 is currrently starts on 1
<CyclicFlux_> patdk-lap, http://pastebin.com/UaSU3rpF
<patdk-lap> yes, but you didn't check via sectors
<patdk-lap> it starts at cylinder 1 (where cylinder size = 63)
<AtomicSpark> Is it better to manually install or stick with repo version and trust it works better for little things like python packages (django, fiencms, etc)? I understand that the maintainers can't keep up with every project out there, but missing a security release of something I want to use bothers me.
<CyclicFlux_> patdk-lap, I am totally feeling like an amateur right now, lol!!! Thanks though I appreciate it!!
<patdk-lap> AtomicSpark, heh, I try to use the repo versions, but normally end up not doing it, cause it's too hard to make it work in my usecase
<AtomicSpark> And the other thing that bothers me, a lot of these "minor" packages should be install in a director and not system wide.
<patdk-lap> don't move it using fdisk, use gparted
<CyclicFlux_> AtomicSpark, I use both repos(git), and pip(pip I think is better for python/django-related stuff), for all other stuff I definitely use git
<CyclicFlux_> patdk-lap, no doubt!!
<patdk-lap> AtomicSpark, if it wasn't system wide, how would it update it?
<AtomicSpark> Does pip uninstall too? or do you just delete the folder?
<CyclicFlux_> AtomicSpark, yessir!! Its really much more up-to-date, and all-in-all fresh
<CyclicFlux_> AtomicSpark, recommended to me by several python devs
<AtomicSpark> patdk-lap: updates can break things. and not everything can be imported/modified.
<CyclicFlux_> AtomicSpark, see pip --help(but make sure its installed)
<AtomicSpark> I think django would be fine installing site wide. For you create sites/apps with it.
<CyclicFlux_> AtomicSpark, I have played/dabbled with django very little, I use php for that and then scrapy for crawling/etc... But it is something I'd like to get into messing around with because it definitely seems like it could be helpful
<AtomicSpark> It's nice, but i get to a point where it gets over my head.
<blast_hardcheese> I'm seeing stuff about site-wide python, if it hasn't been mentioned already, use virtualenv
<AtomicSpark> blast_hardcheese: I saw that before, was trying to find it again.
<blast_hardcheese> virtualenv is effectively chrooted Python environments
<blast_hardcheese> a must for system stability and general sanity.
<AtomicSpark> I've never done it before, but it makes sense.
<AtomicSpark> When projects start asking to instal prereqs, I get nervious.
<blast_hardcheese> yep.
<patdk-lap> AtomicSpark, this is why I normally drop the ubuntu packages for website stuff, and update it myself
<CyclicFlux_> patdk-lap, hey bud, I forgot for resizing in gparted is backing up necessary?
<qman__> backing up is always necessary
<CyclicFlux_> qman__, I figured it,  I am just gonna do a dd'
<AtomicSpark> patdk-lap:  Like phppgsql, which is just downloads and hides it somewhere, assuming you'll symlink it to /var/www? lol.
<CyclicFlux_> *'dd'
<qman__> resizing with gparted is ~99% safe
<qman__> that said, you should always have a backup, regardless of what you're doing
<patdk-lap> AtomicSpark, if only it hid it somewhere, it splits it up into like 6 different locations
<CyclicFlux_> qman__, I just remember there are some things/tasks that gparted should not be trusted for.
 * patdk-lap hasn't used gparted for anything other than carving up new disks
<patdk-lap> so I haven't put any trust into it at all yet
<AtomicSpark> Do you use apache or lighttpd?
<AtomicSpark> lol, I already had virtualenv bookmarked. As you can see, I've attempted this a few times.
<CyclicFlux_> AtomicSpark, I use both Apache and NGINX!!! Love'em, but haven't tried lighttpd
<blast_hardcheese> AtomicSpark: There's nothing to it, really.
<blast_hardcheese> AtomicSpark: virtualenv ~/test-virtualenv && source ~/test-virtualenv/bin/activate && pip install django
<blast_hardcheese> bam, django running inside a virtualenv.
<blast_hardcheese> The tricky bit is getting virtualenv playing nicely inside Apache, I've not tried other webservers.
<AtomicSpark> Would you keep your fastcgi stuffs (in this case python files) outside of /var/www? Keep that for static only?
<AtomicSpark> Oh, they seem to put it in /var/virtualenv/yourdirectoryhere. That works, and makes sense.
<AtomicSpark> Should I install distribute and pip from the repos?
<lordievader> Good morning.
<AtomicSpark> Morning.
<lordievader> Hey AtomicSpark, how are you?
<AtomicSpark> lordievader: Good. Trying to figure out what webserver I wish to use. I think I'm going to give up and just use Apache + WSGI.
<lordievader> AtomicSpark: I just use Apache, does the job so why change it?
<AtomicSpark> Lighttpd has a lot of FUD around it but develepment and bug fixing seems iffy, nginx is the new hotness, but I'd use apache as a backend anyways. Really just focusing on trying to get django set up.
<AtomicSpark> lordievader: Apache is pretty heavy for static files and I'm a good developer and on a VPS.
<lordievader> AtomicSpark: I see, well good luck with the decision.
<ElixirVitae> Hello!
<ElixirVitae> I just set-up my home server, but did not configure network during installation
<ElixirVitae> would it be easier to do it during installation, or right now?
<AtomicSpark> ElixirVitae: How far have you gotten? If you cannot dpkg-reconfiure it, might be a bit of a hassle.
<ElixirVitae> I installed it all, with ssh-server only
<ElixirVitae> now I want to control it using ssh, though, as I have not configured it during installation
<ElixirVitae> I am having a bit trouble configuring it now
<maddin> hello
<maddin> i have a problem ....
<fdge> let me read you mind to find out your problem
<lordievader> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<_ruben> bugger .. 4 nics with 8 queues each and 8 cpu thread (4cores+ht) .. yet most packets seem to be processed by cpu0, as it has ~15% SI, with other have <1%
<Auckla> I have this problem that stems from my father not holding me enough when I was a kid.
<RoyK> _ruben: irqbalance running?
<_ruben> RoyK: yes
<RoyK> wierd
<_ruben> each cpu does get a fair ammount of ethernet interrupts, just that cpu0 seems to be getting far more than the rest
<RoyK> _ruben: stats from /proc/interrupts ?
<_ruben> RoyK: that's what i'm looking at, yeah, and top
<RoyK> ic
<_ruben> wonder if there's some realtime top like tool for interrupts
<RoyK> itop
<_ruben> shame it doesn't show per cpu stats :/
<RoyK> mhm
<RoyK> but it's open source, so SMOP :D
<_ruben> does show fairly evenly distributed rates for each int tho
<RoyK> and each int is serviced by a core/cpu?
<_ruben> i'll probably play with setting manual affinities, so that each queue goes to only 1 cpu thread
<uvirtbot> New bug: #1055013 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 75" [Undecided,New] https://launchpad.net/bugs/1055013
<tech936> just re installed my ubuntu server what was the command again for connecting to the wifi?
<RoyK>  iwconfig?
<ElixirVitae> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<RoyK> ElixirVitae: ?
<ElixirVitae> oh, I just wandered what that trigger returned, that's all
<RoyK> :)
<ElixirVitae> What other triggers are there for ubottu?
<RoyK> try asking it
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<RoyK> ;)
<ElixirVitae> I know that one~
<tech936> ok looking for ubuntu-Server Staff to Join a team of Networkers/Programmers/ETC message me if interested
<guntbert_> !brain | ElixirVitae
<ubottu> ElixirVitae: Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi | Usage info: http://ubottu.com/devel/wiki/Plugins | Bot channels and general info: https://wiki.ubuntu.com/IRC/Bots
<ElixirVitae> Nice, grazie guntbert_!
<guntbert_> ElixirVitae: niente :-)
<gabrieluk> hello, i have a 10.04 lts box. i'm installing php-fpm to work with apache2. what is the correct way to install fast cgi? sudo apt-get install  libapache2-mod-fastcgi ?
<gabrieluk> or libapache2-mod-fcgid
<nsudo> Hi
<nsudo> Please help me installing a webserver
<RoyK> nsudo: | !ask
<RoyK> erm
<RoyK> !ask | nsudo
<ubottu> nsudo: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<guntbert_> !lamp | nsudo
<ubottu> nsudo: LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process (different in Edgy+)
<qja_jfdg> hi
<qja_jfdg> ghgfhfg
#ubuntu-server 2013-09-16
<Azendale> The keystone charms is  giving me an "install-error" in the juju gui, and "agent-state: install-error" in the juju cli. Is there a way I can look at a log or debug this to see why it failed? I'm using MaaS underneath Juju (and actually MaaS in running on top of KVM machines for testing).
<bigjools> Azendale: juju debug-hooks
<Azendale> bigjools: I just tried that, now I'm ssh'd in to the box. Is there a log somewhere of Juju's attempts to configure the machine?
<bigjools> Azendale: I'm no expert but look in /var/log/juju on the bootstrap machine
<Azendale> bigjools: ok, thanks for the advice, I'll try it
<bencc> are there 32-bit and 64-bit version of the php5 deb package?
<bencc> 'm trying "apt-get install php5:i386" but it can't find the package
<jotterbot1234> hey guys
<jotterbot1234> I keep getting this really annoying email from PHP:
<jotterbot1234> PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626/mcrypt.so' - /usr/lib/php5/20090626/mcrypt.so: cannot open shared object file: No such file or directory in Unknown on line 0
<jotterbot1234> Get heaps of emails with this same message. Has anyone come across it?
<Rallias> jotterbot1234, Do you have php5-mcrypt installed?
<jotterbot1234> yes
<jotterbot1234> Apparently it is a known issue for Debian
<jotterbot1234> Working off this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662090
<uvirtbot> Debian bug 662090 in php5 "php5: Update problem with package php5" [Normal,Fixed]
<Rallias> Are you running mod_php or php-fpm?
<jotterbot1234> mod_php i believe
<Rallias> Can i get you to do a service apache2 restart ?
<jotterbot1234> just the standard LAMP install I thought. It's amazon EC2 though so I didn't set it up
<jotterbot1234> sure, one moment
<jotterbot1234> actually
<jotterbot1234> I think I've pegged it. Wasn't installed on one of the other VMs. There are a few running behind a load balancer.
<jotterbot1234> so frustrating! I need config management like puppet or something running! nevermind
<Rallias> On an unrelated note... can someone update the /topic ? 13.10's the in-dev version, not 12.10
<Rallias> jotterbot1234, Trust me, the moment you say puppet, you'll be wanting to do everything. If you go that route, do as little as possible with it.
<jotterbot1234> Can you elaborate on what you mean? Are you saying that is a poor choice to run config management? I have been looking at a few. Especially salt stack vs puppet
<Rallias> No, I'm saying once you get a little taste of puppet, you'll want to do ALL THE THINGS IN PUPPET, which results in lost efficiency, and if you're like me, never getting the project done.
<jotterbot1234> haha i see!
<jotterbot1234> I thought it has been running long enough now that they have all templates shared so you don't have to reinvent the wheel so much
<jotterbot1234> but I will heed your warning when looking over it!
<Rallias> Yeah, for the most part, but you have to configure each service separately.
<Rallias> I was at the point where I was installing oh-my-zsh via puppet before I put it down and forgot about it.
<jotterbot1234> I just need something for some basic config/settings management. And then something like munki for software installs. I am trying to come up with a linux(specifically ubuntu) backend for OSX clients for a project
<mojtaba> Hi, I am going to make a backup server in a domain with windows servers and windows clients. Could you please tell me from where should I start? (I prefer linux backup server)
<nuf0xx> o/
<nuf0xx> nfs help here please (linux)
<nuf0xx> i have two directories listed in exports. I can only mount the one that is listed first
<nuf0xx> it seem the exportfs only exports the first entry.
<annoyingspore> where is exports?
<nuf0xx> it is located in /etc/exports
<gartral> why isn't there a 13.04 server iso?
<gartral> why isn't there a 13.04 server iso for 32-bit*?
<mardraum> gartral: "i386"
<gartral> mardraum: that option doesn't appear on the site
<gartral> and i've looked for 10 minutes
<geser> gartral: http://releases.ubuntu.com/13.04/ near the end you will find ubuntu-13.04-server-i386.iso
<raub> If I have multiple interfaces, the first one using dhcp and the others dhcp or static, what is the best way to define the default route manually?
<raub> I just do not want to have eth0 as default route
<raub> Best answer I found so far was to have reject lines in dhclient.conf
<rbasak> raub: there are many ways to do this of course. I would go with the dhclient route too, since logically you want DHCP but do not want to set the default route via DHCP. So configuring dhclient to not use the default gateway supplied by the DHCP server seems like the right place to do that.
<rbasak> raub: I'm not sure about the reject lines. I've done it in the past by writing a trivial /etc/dhcp3/dhclient-enter-hooks.d/ script that checks $interface, sets new_routers to empty and copies old_domain_name_servers to new_domain_name_servers.
<alias_bij> Can anyone help installing Ubuntu server w/ CD?
<alias_bij> Booting from CD takes to GRUB command entry screen
<alias_bij> Not the menu entry screen
<alias_bij> As such, I don't know what to type to make it start.
<ikonia> alias_bij: sounds like the cd is bad
<ikonia> alias_bij: it should take you to the boot menu
<alias_bij> ikonia: ok, thanks; I'll try another CD.
<ikonia> alias_bij: also check the image you are burning with the checksums
<ikonia> make sure it's valid
<alias_bij> ikonia: good point; i'll verify that too. thank you.
<ws2k3> hello when i'm logged in in my ubuntu system tab autocompleet does not work at all
<ws2k3> how should i fix this
<rbasak> smoser: fyi, libvirt's filesystem binding thing uses qemu's "virtfs" thing, which is some kind of network filesystem (plan 9?). So I don't think it's as bad a hack as you thnk.
<rbasak> (ie. it's properly doing things at fs layer, not block layer)
<smoser> i think its a hack
<smoser> not for sharing filesystem data. i think thats fine.
<rbasak> I can see how it might be useful for debugging. Depends on the use case that Tim wants, I think.
<smoser> i think juju insisting on looking directly (or reading from) the filesystem of the thing that its using is a hack.
<rbasak> I'm undecided. I'd like to understand the use case better.
<smoser> and my suggestion of solving that problem generally still stands.
<smoser> ie, cifs or nfsv4 would be better.
<rbasak> The nice thing about qemu's built in support is that I don't have to run or configure any additional daemon.
<rbasak> (I wasn't aware that it existed until today)
<smoser> utlemming had been using that a bit.
<smoser> it does work.
<smoser> and i think we even at some point added the plan 9 into thei cloudimage for that purpose.
<smoser> the modules.
<smoser> but for juju's purposes i think its a hack.  for debugging its fine. but even then, i really think better to set it up generically using tcp-ip.
<smoser> all the cool kids are using tcp-ip these days.
<smoser> rbasak, this is exaclty the same argument i've made at ODS many times.
<smoser> taking advantage of a hypervisor specific "host<->guest" communication layer means that all hypervisors have to implement it.
<smoser> (well, not it specifically, but some form of it).
<rbasak> Sure, I do see your point of view. I'd just prefer to reserve judgement until I understand the use case.
<rbasak> For the debugging case, I think a one-command-option request to map the fs across would be useful. I'm not sure how to do that without set up on the host any other way.
<smoser> yeah... the issue is that that one-command-option becomes precedence.
<rbasak> However, even this way it's a bit of a pain from an apparmor perspective. At least in Precise, aa-virt-helper doesn't appear to understand the filesystem "binding" definitions.
<smoser> and the next hypervisor does it the same way
<smoser> (which is exactly what is happening here)
<smoser> and hten you have to know: if i'm on lxc, then i look here, if i'm on kvm, then i look here ....
<rbasak> So I'm not sure it's worth implementing right now, at least until I understand juju's need better.
<raub> Why is the dhclient trying to connect to a bootp server?
<raub> From netstat, udp        0      0 0.0.0.0:68              0.0.0.0:*                           805/dhclient3
<jrwren> raub: dhcp is a super-subset of bootp
<raub> jrwren: Aha
<goles> Hey guys, I'm running ubuntu 10.10 on an old server, the apt repos are down and I don't have the update manager, what's are my upgrade options here?
<RoyK> goles: 10.10 isn't supported anymore
<Pici> !eolupgrades
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<goles> RoyK: I see that :), I was wondering what could I do
<RoyK> see eolupgrades above
<goles> RoyK: It's weird, I'm following the instructions but I'm failing to install the update-manager-core, etc. https://gist.github.com/Goles/06ea4f67c3c7e33b099a
<goles> RoyK: that page must be quite outdated... I mean the latest instructions are for Intrepid to Karmic
<just-a-visitor> goles: Basically the same, but here is the AU link: http://askubuntu.com/questions/91815/how-to-install-software-or-upgrade-from-old-unsupported-release
<just-a-visitor> Note that you also have to âconvertâ the security.... repos.
<ChanSavr> hi
<ChanSavr> I am looking to script install mysql
<ChanSavr> what is the best way to silently set a random password?
<ChanSavr> what would the default password be if I apt-get install -yq ?
<ChanSavr> http://stackoverflow.com/questions/7739645/install-mysql-on-ubuntu-without-password-prompt
<ChanSavr> my answer ^^
<hallyn_> stgraber: hm, lxc in saucy isn't working well for me at all...
<stgraber> hallyn_: ah? what's the problem?
<hallyn_> well (1) pstore being in container's fstab is causing it to fail - which isn't supposed to happen
<hallyn_> and (2) there seems to be a problem with lxc monitord startup
<hallyn_> (bug 1225308 was opened for that)
<uvirtbot> Launchpad bug 1225308 in lxc "Segmentation fault with "lxc-ls --fancy"" [Critical,Triaged] https://launchpad.net/bugs/1225308
<stgraber> hallyn_: hmm, let me create a new clean container here
<stgraber> hallyn_: lxc-list (alias to lxc-ls -f) sure works fine here
<hallyn_> i created a new saucy container on my precise host.  in there is where i'm having trouble
<hallyn_> hm.  i did NOT think we required 'optional' in fstab entries to make them optional.
<hallyn_> lxc-stop -k is also broken
<hallyn_> oh, that's nested cgroup stuff
 * hallyn_ shifts to a kvm instance
<hallyn_> stgraber: oh, uh.  duh.  we can't just move the lxc-monitor location like that can we?  /me does a little test
<hallyn_> that is, we can't just move the monitor to /run, breaks already-running containers.
<stgraber> hallyn_: right, I'd just mark any bug resulting from that as won't fix and asking the user to just reboot their system
<hallyn_> drat.
<stgraber> hallyn_: that'd be unacceptable for an SRU but in the dev release I don't think we should maintain migration code
<hallyn_> i guess
<hallyn_> ok i'm going to push a patch to git and saucy to add 'optional' to the pstore fstab entry
<stgraber> hallyn_: why did we need that? for kernels that don't have /sys/fs/pstore?
<hallyn_> yes
<stgraber> ok. When you cherry-pick to saucy, try to keep the same format for debian/patches. So far I've been doing simple git format-patch, renumbered the patch and dumped it into debian/patches/
<hallyn_> so i guess realistically it shouldn't hit people running the saucy package - if they do r->s upgrade they should reboot before starting a new container
<stgraber> that way the file name matches the commit title and the format makes it clear that it's a straight cherry-pick from upstream and can be dropped with the next milstone
<hallyn_> ok, makes sense
<stgraber> right. Someone updating from raring to saucy is also likely to get hit by monitor API changes anyway, so rebooting is usually a good idea :)
<hallyn_> im' worried about my precise-based containers host that hosts services (using lxc ppa)
<hallyn_> guess we'll see.  maybe i should reboot it today before i travel.
<hallyn_> got a feelign it's going to be unhappy
<stgraber> well, so long as the containers don't crash as they'd in the past when the monitor API would change, all that'll break are the tools on the host
<hallyn_> true
<stgraber> and you can fix that by doing a clean shutdown+reboot of all the containers
<hallyn_> all right, back to real work then
<jonascj> Hi all. Anyone on ubuntu-server 12.04 and using libvirt hooks? I cannot get my libvirt to execute the scripts in /etc/libvirt/hooks. This bug https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/891472 mentions something wrong with the apparmor profile. But in 12.04 libvirt 0.9.8-2ubuntu17.10 the hooks directory is mentioned in the apparmor profile.
<uvirtbot> Launchpad bug 891472 in libvirt "apparmor profile for libvirt does not allow hooks to be executed" [Low,Fix released]
<jonascj> I new to this channel, I assume uvirtbot just graps interesting links (like a bug tracker link) and quotes current status or so...
<sarnold> jonascj: yeah, the bot tries its best to be useful, but... :)
<sarnold> jonascj: check dmesg or /var/log/audit/audit.log or dmesg logs to see if there are apparmor DENIED messages for your hooks
<jonascj> sarnold: thank you for your reponse. I do not have a /var/log/audit/audit.log and "sudo grep audit /var/log/kern.log", "sudo grep hook /var/log/syslog" etc. yields nothing.
<jonascj> but I guess that means apparmor is not blocking anything
<sarnold> jonascj: DENIED might be more informative, the specific execution or access being denied might not show up with 'hook'. (I'm less sure about 'audit', it's been a while since I've run without auditd..)
<jjohansen> sarnold: DENIED shows up in auditd too. Most of the message is the same, its mostly just the preamble that is different
<jonascj> sarnold: I can just install auditd if all it does it redirect apparmor messages
<sarnold> jjohansen: I was curious if 'audit' shows up in dmesg :) hehe
<sarnold> jonascj: auditd also does a lot of PAM auditing; it does enough extra things that I'd recommend installing it when you've got some time to read the documentation. (not that the docs are great, but it does more than just redirect apparmor messages.)
<jjohansen> sarnold: so audit messages show up in dmesg if you are not running auditd. If you are running auditd they won't show up in dmesg
<jonascj> so maybe it is not app armor after all.
<jonascj> hmm, I've found out that one "predefined" script /etc/libvirt/hooks/daemon works (if I create it and for example echo to stderr). But it is as if it does not scan the hooks-directory.
<mgw> I have a daemon (nsqd) that for which i need to write an upstart script
<mgw> it takes a bunch of cli options, including some of them repeated
<mgw> it does not have a config file
<mgw> any suggestions on how to best implement my own config file that will be read by the upstart config and then utilized in executing the start command?
<zul> adam_g/roaksoax: https://code.launchpad.net/~zulcss/python-keystoneclient/mox/+merge/185915
<kyze> hi guys, is it possible to creat a raid1 of two drives after ubuntu server is installed ? of so how ? (ubuntu is running on another drive)
<patdk-wk_> anything is possible
<andol> kyze: Want that RAID1 to contain the actual OS install (the root partition, etc), or will it for a sepdata data storage filesystem? Also, is the drive Ubuntu is running from any of the two drives you want to create the RAID1 of?
<kyze> andol no ubuntu is running off its own volume, its 2 new drives that shall run in raid 1
<andol> kyze: Ahh, then there is no need to be creative. Assuming you want a software raid, just use mdadm to build a RAID1 pair of those two new drives.
<kyze> would i need to format the drives beforehand ? is there a possibility to get exisiting data directly into the raid or do they have to be clean ?
<andol> kyze: So, you already have some data on those two disks? Well, unless you are sure on what you are doing the easiest and safest is really to temporary copy that data somewhere else, create the raid set, and copy the data back.
<kyze> andol one drive has some data on it yeah, but if its not safe im going to get it on some external beforehand
<andol> The alternative would be copying all the data two one of the two drivees, creating a degraded raid1 on the other disk, create a new filsystem ontop of the degraded raid1, copy all the data from the other disk onto the degraded raid1 fs, then finally make cleanoun the data disk and join it to the now raid1.
<andol> Given that you might also want to be experementing until you get everything right, copying it to the external drive is probably a good idea.
<kyze> andol thanks for your help, im definitely going to back it up to the external then maybe fool around a bit
<adam_g> smoser, still around?
<smoser> adam_g, here.
<adam_g> smoser, regarding qemu, kvm +12.04..
<adam_g> smoser, you think we should try to add compat. to the ubuntu version or do it in cloud archive?
<smoser> adam_g, i dont know. i said that just as an idea
<adam_g> it would certainly make it easier.
<smoser> it seems like for this particular fix that it can't do much harm
<smoser> the only thing is getting the device permissions right.
<smoser> adam_g, right?
<adam_g> hallyn_, what do you think about trying to add some compatibility fallback to the qemu package  so that the kvm_* module gets modprobe'd by maintainer script if the kernel does not support auto loading it
<smoser> as if we jus tmodprobe, will udev hook everythign up correctly perm wise on precise ?
<adam_g> smoser, i *think* the previous behavior was to have the package modprobe it and udev took care of the ACLs
<smoser> i'm sure that i'm going to eat these words, but a commented line that does:
<smoser> grep "^kvm_" /proc/modules || { modprobe kvm_intel || modprobe kvm_amd64 || : } >/dev/null 2>&1
<smoser> seems like it can't do much harm
<adam_g> yz.
<adam_g> ya... i'd like hallyn_'s input though, since he's more familiar with the packages. i'm not sure where that would even go now.
<adam_g> zul,  also, looks like a new version of alembic is required for ceilometer now https://launchpadlibrarian.net/150433252/buildlog_ubuntu-precise-i386.ceilometer_1%3A2013.2%2Bgit201309161630%7Eprecise-0ubuntu1_FAILEDTOBUILD.txt.gz
<zul> adam_g:  ack
<hallyn_> I"d rather not make it uglier than it was originally.  We can just re-insert whatever was there in quantal or raring
<hallyn_> it'll "fail" in container, but we just || true it (which is why I removed it - it was getting ugly for - at the time -= zero benefit)
<hallyn_> adam_g: if it's still causing you pain, let's just re-add it.  Please open a bug against qemu.
<adam_g> hallyn_, ok
<adam_g> https://bugs.launchpad.net/cloud-archive/+bug/1218459
<uvirtbot> Launchpad bug 1218459 in qemu "qemu no longer loads kvm_* module on older kernels (12.04)" [Undecided,New]
<stgraber> hallyn_: hey, could it be that we acquire a full lock when creating a container? apparently creating a container and running lxc-list at the same time makes lxc-list wait for the create to finish, doesn't seem ideal :)
<hallyn_> stgraber: lxc_container_new() sees that create is ongoing and should return false
<hallyn_> so I should expect lxc-list to just ignore it and move along
<stgraber> I'll have to test with current upstream to confirm, the box I'm on may be on an older version
<hallyn_> now maybe lxc_contaienr_new() is misbehaving...
<hallyn_> stgraber: it doesn't hang for me actually
<hallyn_> stgraber: however, lxc-list is not doing --fancy fo rme
<hallyn_> i have to do lxc-list --fancy :)
<sona11111111> Hello, I am trying to install ubuntu with raid onto a dell 755. With USB, I have tried downloading the 32and 64 bit alternate install disks for 12.04 and I have tried two different USB sticks. (installed with lili)Under all circumstances, after booting to usb, choosing any of the options causes the computer to reset.
<sona11111111> Is lili bad for this and I should try another usb installer?
<hallyn_> adam_g: ok, thanks.
<raub> Is there anything special about calling a script using /etc/network/interface's pre-up vs calling it from command line?
<raub> Oh, NVM. The IP is not known yet.
<sarnold> sona11111111: I believe best these days is to just dd the disk images to a usb stick
<Patrickdk> sona11111111, heh, not sure, I have never had an issue with ubuntu and dell 755's (I have >30 of them)
<Patrickdk> also, try to use the usb jacks on the bad, and not the front
<Patrickdk> back
<hallyn_> adam_g: http://people.canonical.com/~serge/qemu-upstart.debdiff
<adam_g> hallyn_, sweet
<hallyn_> adam_g: will upload once i do a trivial local test that i didn't do something stupid
<hallyn_> adam_g: (if I don't, since i'll be running to dinner soon, pls shout at me tomorrow)
<adam_g> hallyn_, great. thanks a lot
<MarkusDBX> I got a 12.04 server, with a RAID 1 on SSDs, that is in need for some TRIM. I need kernel 3.8 for this. Can I run kernel 3.8 with 12.04? Or should I update to the 13.04 (non LTS)-version?
<sarnold> MarkusDBX: you can install a 3.8 kernel intended for use with 12.04 LTS, see the "Ubuntu kernel 3.8" section here, https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/UbuntuDesktop
<MarkusDBX> sarnold: Interesting. Should I expect as solid performance as with my current 3.2.0-29?
<sarnold> MarkusDBX: yes, I believe so, though note that the support length for that kernel may be shorter than the kernel you're currently on -- you may need to upgrade that kernel to a newer version when 13.04 leaves maintenance; it'll be replaced with either 13.10 or 14.04 based HWE stack when the time comes...
<MarkusDBX> I plan to upgrade to kernel 3.8, but to stay on 12.04, until 14.04 is released. Then I will probably just reinstall with that version.
<sarnold> MarkusDBX: ah, good, that should work fine, see
<sarnold> MarkusDBX: see "Version Matrix" https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable  for details, 3.8.x will EOL in august 2014, that should give you plenty of time to upgrade to 14.04 LTS when the time comes :)
<MarkusDBX> sarnold: ah great. My plan might work in that case. Thank you
#ubuntu-server 2013-09-17
<hadwick> (hadwick) Hi all,  i am running version 12.04. I recently suffered a power outage and now am having trouble booting. Right now the boot process is hanging at netbios name server. Any help? I'm not doing so well on Google. Thanks in advance.
<delinquentme> initialize a python script on a slave computer from a master computer over network /??
<hamnstar> hey folks - trying to get a ubuntu server up and running, on my simple 192.168.50.X LAN.  However, once i configure the ethernet card, I cannot ping anything nor can anything ping it... wiresharking the switch shows arp requests that go unanswered.  Mad brownie points to anyone who can tell me what is going on????
<MarkusDBX> hamnstar: have you checked ifconfig?
<MarkusDBX> ifconfig should correspond with /etc/network/interfaces
<hamnstar> yup, it does
<hamnstar> interfaces is how im setting the static ip
<hamnstar> well, 2 IPs... two  NICs, if that makes any difference
<MarkusDBX> hamnstar: you are setting the static IP on the correct NIC?
<hamnstar> yup.  I can see arp requests on the switch coming from it, so definately playing with the right one
<hamnstar> after removing 70-persistent-net.rules and rebooting, i am now seeing the arp replies... but my server is still saying Destination Unreachable when pinging
<hamnstar> very perplexing :/
<MarkusDBX> hamnstar: do you have some kind of advanced router, that might block a local ping?
<MarkusDBX> or layer 3 switch for that matter
<hamnstar> I'm afraid not... I tried this on a production "dumb switch", but i'm now testing with an old cisco catalyst in "dumb" mode
<hamnstar> just simple layer 2 stuff... i'm thinking its either a network card or drivers issue
<hamnstar> going to try with a livecd on the offending server and see what happens
<MarkusDBX> hamnstar: sounds like a good bet. LiveCD to rule out software issues.
<hamnstar> MarkusDBX: looks like it works perfectly fine in Ubuntu Desktop 12.04...but not in Ubuntu Server 12.04
<hamnstar> cant help but wonder if somehow its using a different driver....
<delinquentme> is there a way to persist a session connection that I instantiate from machine B >> machine C
<delinquentme> when I've SSHed into B from my laptop A ?
<delinquentme> specifically I want to disconnect A to take home ... and let the logging happening in C ... write out to the filesystem in B
<MarkusDBX> delinquentme: you can use screen
<MarkusDBX> delinquentme: do you know about screen?
<delinquentme> cant say I've ever used it MarkusDBX
<hamnstar> yup, screen is likely your best option.  you can also look into nohup i believe
<MarkusDBX> If you start screen on Machine B, you can have Machine B continue it's connection to machine C, regardless of what you do with Machine A
<MarkusDBX> delinquentme: ssh might not be the best tool to keep unreliable connections up. (Mobile/Wifi and so on) Then Mosh is better.
<delinquentme> yeah thats what im trying to do :D
<MarkusDBX> Can I ask about the purpose for the connection between B and C?
<delinquentme> logging so I dont have to write files onto a system which uses SD cards as it primary FS
<delinquentme> so I did ctrl + a + c
<MarkusDBX> delinquentme: use scp for that logging instead
<delinquentme> but on killing between A + B it killed the process
<MarkusDBX> delinquentme: or remote ssh commands
<MarkusDBX> b -- scp logfile --> c
<MarkusDBX> you could also consider monit, xymon or nagios for monitoring
<delinquentme> MarkusDBX, is that logfile residing on c?
<MarkusDBX> doesn't matter you can do it both ways.
<delinquentme> I dont understand.
<MarkusDBX> I believe you should send the log file as it's written with, some kind of protocol like ssh or scp.
<MarkusDBX> you could just have cron checking for new logs, if you don't need realtime logs.
<delinquentme> looks like screen did it!
<MarkusDBX> great!
<MarkusDBX> screen is very useful for lots of stuff
<delinquentme> I needed to detatch the session before killing the connection
<MarkusDBX> ah
<hyperreal> Hello.  Can someone please tell me how to enable/disable upstart jobs/services permanently, so that they don't start at boot?
<nuf0xx> hyperreal: https://help.ubuntu.com/community/UpstartHowto
<Guest9847> hello?
<nuf0xx> o/
<bkfitz> Does anyone know if there is an enable/disable for cron?  I have an entry in crontab -e that doesn't seem to be running as scheduled... and I don't see anything in my /var/log/syslog
<RoyK> bkfitz: pastebin the crontab, please
<RoyK> bkfitz: and make sure cron is actually running
<bkfitz> cron is running
<bkfitz> 0 4 * * * /home/scripts/update_postgis.sh
<bkfitz> pgrep cron -> 2036
<RoyK> try to cron it up for something in a minute, just to probe it
<bkfitz> RoyK: ok... but how do i 'probe' it if I don't see anything in the syslog
<RoyK> just change it to run in a minute
<Pici> Is there a newline at the end of your crontab?
<bkfitz> Pici, y
<bkfitz> RoyK: dumb question... how do i figure out the current time of system
<Pici> bkfitz: because if there isn't, then it won't run.
<bkfitz> date
<bkfitz> :)
<bkfitz> Pici: yeah.. checked for that
<bkfitz> just did crontab -e, edited it to run in one minute
<bkfitz> all that got spit into syslog is : (root) RELOAD (crontabs/root)
<jrwren> is /home/scripts/update_postgis.sh executable?
<bkfitz> have a feeling this has to do with tty
<jrwren> is first line of it #!/bin/sh or something executable?
<bkfitz> jrwren, good question... yes
<jrwren> its not likely tty, unless your /home/scripts/update_postgis.sh script does something with tty
<bkfitz> jrwren, no... just unzips some files, then runs some psql commands
<jrwren> there is an /etc/cron.allow file, but by default it allows all
<bkfitz> jrwren, no first line is : cd /
<jrwren> bkfitz: try setting #!/bin/bash as  first line
<HSaka> While I'm rebuilding my raid 5, can i mount it as use it as usual?
<bkfitz> jrwren, done and reset to run in 1 min
<RoyK>   
<bkfitz> jrwren, i don't see a cron.allow file in /etc only the daily/weekly/etc files
<bkfitz> ... and the main crontab file
<jrwren> bkfitz: that is fine. like I said, it defaults to all allowed
<RoyK> bkfitz: did you grep the syslog for CRON (in caps?)
<bkfitz> same thing...  all that got spit into syslog is : (root) RELOAD (crontabs/root)
<HSaka> anyone? : )
<bkfitz> RoyK: http://paste.ubuntu.com/6119887/
<RoyK> not much there, no
<bkfitz> 11:24 and 11:30 were the recent scheduled times
<bkfitz> is it possible it is actually running and my script is having some sort of trouble?
<RoyK> can you run the script manually? can you pastebin the script?
<bkfitz> yeah script runs find manually
<bkfitz> will pastebin when it finishes in a min
<RoyK> just press ctrl+z and run bg
<RoyK> to background it
<bkfitz> http://paste.ubuntu.com/6119913/
<bkfitz> RoyK: good tip on bg
<RoyK> bkfitz: can you try to add "* * * * * /bin/date" to the crontab?
<RoyK> just to see if that works
<bkfitz> RoyK, how often will that run if there is not second, minute, etc specified
<RoyK> every minute
<bkfitz> done
<bkfitz> tailing syslog
<RoyK> that should generate an email to root every minute with the output of 'date'
<bkfitz> RobbyF, looks like that did run... got this in syslog: Sep 17 11:45:01 rcgeo CRON[29838]: (root) CMD (/bin/date)
<RoyK> RoyK, even ;)
<bkfitz> sorry RobbyF :)
<bkfitz> tab
<RoyK> I knoiw...
<RoyK> know, even
<bkfitz> RoyK, so what does that mean?
<bkfitz> RoyK, that date will run but other script wont'? permissions?
<bkfitz> RoyK, I'm running all this as root right?
<RoyK> ls -l that script
<RoyK> and ls -ld the dir it's in
<bkfitz> RoyK,-rwxr-xr-x 1 root root  4348 2013-09-17 11:38 update_postgis.sh
<RoyK> should work
<bkfitz> RoyK, yeah
<bkfitz> owned by root, x +x
<bkfitz> RoyK, does it not like the .sh
<RoyK> shouldn't matter much
<RoyK> linux doesn't care about file extensions
<RoyK> only about file permissions
<patdk-wk_> but I care
<bkfitz> RoyK: something to do with either the time config in the crontab line or the .sh at the end... i removed the .sh and put in all *s and now its running every minute
<bkfitz> RoyK: it's not the .sh... something to do with the date?
<bkfitz> i just changed it to run at 12:04 EST and it didnt' run again... change it back to all *'s and it runs fine every minute?????
<smoser> adam_g, what do you think about https://bugs.launchpad.net/cloud-archive/+bug/1226674
<uvirtbot> Launchpad bug 1226674 in horizon "openstack-dashboard should suggest python3-lesscpy" [Undecided,New]
<smoser> basically, zul requested me to sync havana-staging, which would have added python3-lesscpy.
<smoser> but there is no justifcation for python3-lesscpy's existance in the cloud-archive via Recommends or Depends.
<adam_g> smoser, that should be optional, i think. next cycle we can evaluate including it as a core dependency
<smoser> well it is optional.
<adam_g> smoser, its basically a python replacement of the nodejs lessc. we've avoided the dependency on that so we dont need to support node-js, by shipping pre-compressed CSS and JS
<smoser> i dont disagree with that.
<zul> and it doesnt exist in precise afaik i know and upstream openstack-ci needs it
<smoser> i disagree with randomly uploading things to the clodu archive.
<smoser> that do not have any documented reason
<adam_g> smoser, we patch horizon to avoid doing any online compression (using node-ness, python-lesscpy, etc) so that its not a required depends. if that changes, we would need to ship python-lesscpy
<smoser> ie, to me the cloud archive contents should be a simple depends tree generated from things not available on 12.04 that are requirements of 'nova glance openstack-dashboard ...'
<smoser> or build depends.
<smoser> adam_g, right. so there is no reason for its presense in the cloud archive. but zul is requesting it to go based on openstack-ci's usage.
<adam_g> what prevents them from installing it from other sources, like they do for many of their other dependencies?
<smoser> i dont know.
<rbasak> SpamapS: any update on bug 1162139/debian 678252 please? You had marked it pending...
<uvirtbot> Launchpad bug 1162139 in mysql-5.5 "mysql-5.5 still built using GCC-4.4, should be built with the default GCC" [Unknown,Confirmed] https://launchpad.net/bugs/1162139
<uvirtbot> Debian bug 678252 in src:mysql-5.5 "mysql-5.5 depends on gcc-4.4/g++-4.4" [Normal,Open] http://bugs.debian.org/678252
<SpamapS> rbasak: we are stalled on MySQL 5.5.33 failing to build due to broken tests
<SpamapS> rbasak: the fix is in the svn repo tho
<rbasak> SpamapS: thanks. I'll try cherry-picking that then I guess.
<adam_g> smoser, https://launchpadlibrarian.net/150433028/buildlog_ubuntu-precise-i386.python-oauthlib_0.5.1-1~cloud0_MANUALDEPWAIT.txt.gz <- something else we need to consider
<zul> adam_g:  nothing is using it
<zul> for h3 at least
<adam_g> zul, oauthlib is no longer used by anything?
<zul> no oauth2 isnt in the keystone package for h3 im still going to try porting it over to oauthlib
<zul> but i dont think oauth2 will be in main this cycle
<adam_g> we're talking about python-oauthlib
<zul> crappers sorry about thtat
<adam_g> zul, smoser so yeah, python-oauthlib's new dependency on dh-python is concerning.  this probably won't be the last failure of this kind before we make it to 14.04
<zul> agreed
<adam_g> zul, what ever came of that upstream patch to make keystone's dependency resolution avoid requiring extensions dependencies?
<zul> i aint sure ill double check
<zul> adam_g: https://review.openstack.org/#/c/46797/
 * RoyK is pretty happy for a laptop with an ssd in this turbulance
<RoyK> at 30 ft now (or so)
<RoyK> tok ft
<RoyK> damn - 30,000 feet
<abradley> after mysql-server install, I'm attemping to connect to with HeidiSQL and get :http://i.imgur.com/AlZbSfo.png
<abradley> http://i.imgur.com/AlZbSfo.png
<abradley> Beyond "sudo apt-get install mysql-server" and setting the root password what must be done to get mysql-server up ?
<Ng> howdy
<Ng> is there a mechanism at the moment for forcing a textmode console all the way through the ubuntu server boot?
<Ng> "nomodeset vga=normal" on the kernel command line used to work, but seems to not work in the latest release
<free50> hello everyone. I have a question regarding MAAS and Infiniband
<free50> is it straightforward to setup a MAAS system using flexboot?
<sarnold> free50: if you don't get an answer here, you may have better success in #maas
<HSaka> I've been rebuilding my raid for hours, suddenly it stops and one of my hdds are saying sdc[4](F), what does that mean+
<free50> thanks sarnold
<bkfitz> Anyone here a cron/crontab expert... having trouble getting a script to run
<bkfitz> using crontab -e to add a job -> 00 14 11 * * /home/scripts/update_postgis >> /home/scripts/cron_logging.txt
<bkfitz> doesn't seem to run properly... but if I replace the 00 14 11 with * * * (to have it run every minute), it works fine
<bkfitz> there is an empty line at the end of my crontab -e file, cron is definitely running, i'm adding the job as root, the script runs fine when executed manually, nothing in the syslog other than "RELOAD (crontabs/root) when the job is supposed to have executed
<SpamapS> hallyn_: ping (re lxc and iscsi)
<SpamapS> hallyn_: specifically, how can I tell if a system like iscsi has had its netlink bits namespaced?
<HSaka> Is Debian better than Ubuntu server?
<HSaka> I've constant have 2 of my friends discuss about it
<RoyK> HSaka: it's the same codebase - debian is a bit more conservative on the package selection, ubuntu uses newer stuff
<RoyK> HSaka: it all depends on what you need
<adac>  someone familiar with samba server config? I have the folleing configuration: https://gist.github.com/anonymous/6600861 Problems are: I cannot access as a guest. Second problme ist that the share is not visible on the network, only when i directly access the samba share via ip adress. Any ideas?
<RoyK> adac: looks like "map to user" contains an invalid username
<RoyK> apart from that, looks ok to me
<adac> RoyK, Wondering how should this look like then?
<RoyK> it should be visible
<sarnold> adac: should 'directory mask' be 02775? I don't know if samba requires the leading 0 for octal parsing or not
<adac> sarnold, I'm also not really sure, however it works like that (when i access the server via correct username/ password)
<RoyK> adac: if you access the server, do you see the share?
<RoyK> adac: you haven't opened up for anonymouse (non-user) access, however
<adac> RoyK, if I access it with the correct username and password then yes
<adac> just as guest it doesn't wirk
<halvors> Hi!
<RoyK> AFAIK there's no way to open up for anonymous acces *and* user/pass access with samba
<RoyK> HSaka: hi
<halvors> Which port does BIND9 actually use for RNDC?
<RoyK> halvors: hi, even
<halvors> 953 TCP or UDP?
<halvors> RoyK: Hi :)
<RoyK> halvors: iirc it doesn't use IP, but a unix socket
<RoyK> by default, that is
<halvors> By default. Yes.
<halvors> But i've set it up to use ip.
<RoyK> never tried that
<RoyK> check netstat -a --inet
<RoyK> you probably need to configure some ACLs to allow access from elsewhere
<RoyK> google tells me it's using TCP, which makes sence
<RoyK> sense, even
<halvors> I know :) Have it working. Just applying iptables :)
<RoyK> not ufw?
<halvors> Yeah. Seems like that :)
<halvors> No.
<halvors> Iptables :)
<RoyK> DIY firewalling? ;)
 * RoyK mostly just uses ufw
<adac> RoyK, found it out via helo from #samba I had to uncoment the line: "valid users = guest, marcan"
<RoyK> adac: goodie
<hallyn_> SpamapS: uh, well.  netlink itself is namespaced.  which should just mean that you probably can't talk to it from a non-init network namespace
<hallyn_> i've not looked into it though
<hallyn_> oh, i see a bug was just opened for that.  heh, not an lxc bug, but I'll wait to decide what to do about it.
 * hallyn_ dropping off
<mgw> is it normal for an /etc/default file to get clobbered on package upgrade?
<SpamapS> hallyn_: thanks for the response
<hallyn_> SpamapS: np.  unfortunately it's going to be purely a kernel issue.  i've made a note to look deeper tomorrow to make sure i'm not wrong.
<SpamapS> hallyn_: thanks, thats the conclusion we've come to as well.
<SpamapS> hallyn_: I look forward t your analysis, as I trust you more than {all of us} ;)
<augustrush> My computer lost power suddenly and now it hangs on the netBios name server line. Any  help? Do I need to do a fresh install? This is version 12.04 if it matters. Thanks.
<Diegonat> hi guys,? do you know anything about devstack?? Its not clear to me if i can use it to run instances.
<pleia2> Diegonat: probably want #openstack but yes, you can run instances in it, but it's the development version of openstack so you probably don't want to for anything serious
#ubuntu-server 2013-09-18
<Diegonat> no infact im using it at home
<Diegonat> but i dont have any hipervisor listed? do you know why?
<Diegonat> i cannot run any istance
<Diegonat> pleia2
<Diegonat> any idea?
<pleia2> Diegonat: it always works fine for me, you'll really want to ask in #openstack for specific problems :)
<zul> hallyn_:  still around?
<zul> hallyn_:  im getting some weirdness http://paste.ubuntu.com/6121749/
<sarthor> How to check that, my VGA Card Memory is 256, 512, 1GB or How much?
<Guest75335> samba server on ubuntu 12.04, moving 309.9GBs to Mint desktop = 5 hours to do, over GB network, does that sound right ???
<sarnold> Guest75335: I think that works out to 17 megabytes per second; 100 mbit ought to do around 9 megabytes per second, so you're going at perhaps twice the speed of a 100 mbps network. better than nothing but not full speed of gigabit.
<sarnold> Guest75335: depending upon the protocol you're using, the source and destination drives, and makeup of files involved, that might be alright, or it might be slow...
<sarnold> for example, I'd be bloody thrilled to get those speeds off my pandaboard :) that's a slow-ass little thing. but I'd be a bit sad about that speed between two high-end i7 machines with SSD drives..
<Guest75335> ok thanks man
<dre101> hey guys
<dre101> dr-willis  i would like to map my pause key to run a shell script when it is press
<rafi878> hello
<rafi878> anyone here use windows powershell?
<subman> is there an easy way to setup an ubuntu server thin client server?   Wouldn't this be a great project for a bunch of netbooks and a high performance server?
<subman> Maybe a current how to?
<RobbyF> what do you mean a thin client server?
<RobbyF> VNC?
<subman> RobbyF,  I want my minimal netbooks to be able to boot off the server and run gui apps there.  Instead of trying to run them on the limited resource machines.
<RobbyF> I think in 13.04 + desktop editions they support remote logins under ubuntu one accounts or something along those lines. I'm not sure if server has it by default or not. Otherwise something like TightVNC might be helpful.
<subman> I thought the ltsp project (or something like that) did thin clients
<qman___> yes, the project is LTSP
<qman___> and IIRC it's an installer option on the alternate CD, rather than the server CD, since alternate has all the GUI stuff you need for it
<subman> anyone else with a good tutorial an a virtual machine server?
<jamespage> rbasak, hey
<jamespage> rbasak, are you taking care of bug 1162139
<jamespage> ?
<rbasak> jamespage: o/
<uvirtbot> Launchpad bug 1162139 in mysql-5.5 "mysql-5.5 still built using GCC-4.4, should be built with the default GCC" [Unknown,Confirmed] https://launchpad.net/bugs/1162139
<rbasak> jamespage: just doing it now actually
<jamespage> rbasak, marvellous!
<jamespage> rbasak, hows things?
<rbasak> (assuming it builds OK)
<rbasak> Good thanks
<rbasak> How's the family?
<jamespage> rbasak, doing well!
<rbasak> Excellent!
<vedic> Hey guys, not ubuntu server question but based on your experience: can you suggest tool for drawing client-server communication diagram like this: http://fresherstep.blogspot.in/2011/08/tcp-server-communication-udp-client.html
<rbasak> vedic: dot for the programmatic way. dia, xfig or libreoffice for a GUI.
<vedic> rbasak: Thank you
<vedic1> rbasak: From dia, lifeline can used for this. Thanks
<brendand> hey, i'm trying to run qemu in -nographic mode on a server. anyone know how to see what's going on while it's running?
<lerra> Hi,
<lerra> Where can i find a debug kernel for 2.6.32-42-server so I can analyse a kerneldump ?
<rbasak> lerra: take a look at https://wiki.ubuntu.com/Kernel/KernelDebuggingTricks#Using_GDB_to_find_the_location_where_your_kernel_panicked_or_oopsed.
<rbasak> lerra: also try #ubuntu-kernel
<lerra> Aah, thanks :)
<Sling> I just updated my Ubuntu 12.04 PXE boot environment to 12.04.3, by using all files in the install/netboot/ubuntu-installer/amd64 directory, yet when booting that kernel and entering the setup menu, it complains about the CD-ROM not being found..  I can't find a reference to a media location anywhere in the install/ folder, where would the old CD contents be on the PXE host?
<Sling> the PXE host is a 12.04.2 installation
<rbasak> Sling: the PXE host doesn't contain the CD contents. For PXE installation, the installer will fetch them directly from a mirror.
<Pici> Is there a good way of deleting messages deferred postfix messages older than a certain date?
<Pici> I have some regular status emails that go out, and its been broken since yesterday and once I fix it I don't want my users getting 24 status emails all for the same thing.
<rbasak> Pici: mailq and some text manipulation should be able to do that, right? IIRC, postfix does have a way to remove a message by ID, and mailq reports those IDs I think.
<rbasak> Pici: or alternatively grep the logs for message IDs?
<Pici> rbasak: I figured it would be something like that.  A point in the right direction is all I need, thanks.
<patdk-wk_> I think it's pretty simple to google
<patdk-wk_> search for someting like pfdel
<patdk-wk_> I know I based mine off ones I found on the net
<Pici> I just grepped through mailq and piped what I needed to postuser
<rbasak> That sounds reasonable
<Pici> er, postsuper*
<Guest93790> anyone can help me, I have configured a mail server two days ago was working great, now I have in the queue of many emails from yahoo mail that are coming, and I can not block out those emails, delete them but return all my emails to send
<hallyn_> zul: what is the weirdness?  (and are you still getting it)
<zul> hallyn_:  yeah im still getting it
<zul> the connection refused in the strace
<hallyn_> are the containers running?
<zul> yeah
<zul> they were
<zul> give me a sec and ill get you an updated one
<hallyn_> hm
<hallyn_> zul: this is on saucy I assume?  uptodate?
<zul> as of this morning
<hallyn_> after i run this test i'll do a fresh run and see what hapepns for me
<zul> im putting this on an instance and get you access
<hallyn_> k
<resno> my server has run out of space on "/". where can i look to drop some files quickly?
<hallyn_> /var/cache
<resno> eh, its only 36M
<hallyn_> /var/log?
<resno> i havent installed some needed updates would this help or only hurt
<rbasak> Extra old kernels that you no longer need, perhaps? Check /boot.
<hallyn_> and /lib/modules
<rbasak> (but don't remove the files directly - remove the old kernel packages)
<hallyn_> but no, don't install updates while out of disk space!
<hallyn_> that recently happened to me on two laptops, recovery was not fun :)
<resno> hallyn_: how to remove things out of /lib/modules?
<hallyn_> resno: well as rbasak said remove the kernel packages themsleves and those should remove the /lib/modules dirs you no longer need
<hallyn_> (i do rm -rf them, but that's not recommended, and i pay for it later)
<resno> heh
<resno> i dont want to pay later
<resno> a happy server is a good server
<med_> any squid or ceph experts -- http://www.sciencefriday.com/video/08/05/2011/where-s-the-octopus.html  awesome (but totally unrelated to Ubuntu Server)
<xibalba> is there a way i can, as a non root user, make it so an app such as ZNC starts up when the server boots up?
<patdk-wk_> cron :)
<xibalba> ok that makes sense, didn't think of that
<xibalba> cron to call a script to check if the app is running, if not, start it
<xibalba> any other ways?
<patdk-wk_> maybe
<patdk-wk_> or just use @reboot
<xibalba> oh dang didnt know about that parameter
<patdk-wk_> it's only in some versions of cron
<RoyK> it's in gnu cron from since like 5 years back (or 10?)
<xibalba> great i'm going to give it a try now
<patdk-wk_> thought it was just in vixie cron
<RoyK> sorry
<RoyK> I meant vixie cron
<patdk-wk_> well, looks like gnu cron (will, or does) support it, but it's not even beta yet
<xibalba> brb trying it now
<xibalba> excellent it worked
<xibalba> thoguh my resolv.conf is wiped on reboot
<RoyK> xibalba: it's generated by your settings in /etc/network/interfaces
<xibalba> why did they modify that functionality?
<xibalba> i get it for a laptop or desktop
<xibalba> but for a server, resolv.conf should be it
<xibalba> i have in my interface under 'auto eth0' dns-nameserver 192.168.1.2
<RoyK> xibalba: please pastebin the interfaces file
<patdk-wk_> xibalba, heh? read the *release notes*
<RoyK> ah
<RoyK> dns-nameservers
<RoyK> plural
<xibalba> http://pastebin.ubuntu.com/6124557/
<xibalba> ah ok
<xibalba> let me try again
<xibalba> god damn ubuntu boots fast on vmware
<xibalba> thank you royk
<RoyK> np :)
<xibalba> im still so friggin amazed at the boot time
<xibalba> centos is fast, but not this fast
<xibalba> like 2 seconds for me
<RoyK> no idea what CentOS/RHEL is doing during bootup
<patdk-wk_> systemd
<RoyK> wasn't systemd also considered for ubuntu?
<patdk-wk_> not really, it was later to the game
<patdk-wk_> and some thought went into it, but was too heavy into upstart by then
<RoyK> nested raids still don't work with upstart, though
<RoyK> no idea why
<patdk-wk_> lots of things have issues, have to tune the startup of many things
<patdk-wk_> like postfix has to start after dovecot (to use dovecot auth/lmtp)
 * RoyK considers using debian on his next server install
<patdk-wk_> what I really really wish someone would fix, is the iso images
<patdk-wk_> have you heard how much damned abuse booting an iso causes?
<patdk-wk_> think it would be simple to reorder the files using the ureadahead file, to make the iso not cause so many seeks
<patdk-wk_> and boot the iso in <60seconds, instead of 5min
<xibalba> weird i haven't used a cd iso in so long
<xibalba> im all virtual baby
<patdk-wk_> I do it to fix machines
<patdk-wk_> non virtual machines
<xibalba> i take it back,  i've only used esxi iso cds in the last year
<xibalba> until i get some autoDeploy action going
<zul> hallyn_:  fixed
<smoser> rbasak, http://pad.ubuntu.com/T9qXx9IYHK
<smoser> thoughts ?
<patdk-wk_> heh? ubuntuone account required for pastebin now?
<rbasak> Reading
<rbasak> patdk-wk_: the SSO thing. It has been like that for years. AIUI we once had a spam/troll problem.
<Pici> pad != pastebin
<patdk-wk_> hmm, I have logged in using launchpad before, but haven't hit a ubuntuone one
<rbasak> It's the same thing
<rbasak> (launchpad/ubuntuone sign on)
<rbasak> I didn't realise he'd said pastebin; thanks
<Pici> And I'm pretty sure that pastebin only requires SSO if you want to see the raw version.
<patdk-wk_> hmm, must of changed on me :)
<patdk-wk_> it's just really complaining to me, since I hadn't use the ubuntu one way to login yet
<rbasak> At least you don't have to use a second factor. I accept that a second factor is important for some cases. Requiring a second factor for access to the pad that expires daily is overkill.
<smoser> paddymahoney, pad.ubuntu.com has needed it for quite some time.
<patdk-wk_> :)
<smoser> pici is right about pastebin.
<smoser> only necessary for download of raw.
<paddymahoney> smoser:  what?
<smoser> paddymahoney, sorry. bad name complte.
<rbasak> smoser: do you know if subarch/$subarch in ephemerals will work if it's a symlink?
<paddymahoney> smoser np
<smoser> http://paste.ubuntu.com/6124889/ is my 'upget' that scrapes out the raw data from ubuntu pastebin without needing auth.
<smoser> so you can 'echo foo | pastebinit' . then elsewhere 'upget http://paste.ubuntu.com/abcdefg > out'
<smoser> rbasak, i dont know. i dont particularly care
<smoser> :)
<rbasak> smoser: then you wouldn't have to overload "subarch"
<smoser> ?
<Diegonat> hi guys? I have installed devstack on a single machine and it was working. However, I restarted the machine and now openstack is not running. What do I need to do?
<rbasak> smoser: would anything break if we shipped ephemeral images with no kernel installed inside at all?
<rbasak> (eg. generate initramfs and then purge kernel)
<SpamapS> hallyn_: any word on the iscsi question?
<xibalba> any of you guys running vmware?
<rbasak> smoser: say we did that, once for each kernel. Then ship the kernel and initrd images entirely separately via simplestreams.
<smoser> i dont want to have multiple images "assembled" on the other end.
<rbasak> They'd all be the same image then.
<smoser> i'm fine with base-image-with-no-kernel and kernel/initramfs separate. that is just an optimization of 'kernel_packs'.
<rbasak> No need for assembly. Do it dynamically, and only if there's a need for modules.
<smoser> existing uses of ephemeral.tar.gz would break though i think. if we didn't put magic in the initramfs to get the right kernel.
<smoser> well the "dynamically" is "set up a tgtd"
<rbasak> What would break?
<smoser> i suspect that something would.
<smoser> i cna't think of an explicit example.
<smoser> but i agree, if we had a big fat initramfs and that sufficiently prepped the target so that once /sbin/init ran, it all looked good
<smoser> then we'd probably be ok.
<smoser> one problem is that there is no place for that "big initramfs" to write to
<smoser> other than memory (overlafs)
<rbasak> Yeah we are relying on overlayfs not to break
<smoser> well, that would work fine.
<rbasak> I don't think we'll be short of memory in our use case though
<smoser> but my problem is that if i copy 120M of kernels to /lib/$(uname -r)
<smoser> then i just wasted 120M of memory
<smoser> that would have been not used.
<smoser> VMs are a valid use case.
<smoser> i'd really rather not require 1G memory to boot.
<smoser> i guess the initramfs could try to be smart on that even though.
<smoser> rbasak, we'd still need the "base" linux and initrd inside
<smoser> inside the tarball. not inside the filesystem.
<rbasak> For backwards compatibility? Right.
<smoser> right.
<rbasak> I'm not too worried about that. It can go away in LTS+2 or whatever.
<RoyK> smoser: I have ubuntu VMs running on 256MB - works well
<RoyK> perhaps down to 96MB
<RoyK> below that, initrd gets too large
<rbasak> The way I see this, either we ship all kernels installed in the ephemeral image filesystem, or none.
<smoser> RoyK, right. but you dont' do overlayfs to RAM in those VMs and copy all your kernel modules to the overlayfs before / is mounted
<smoser> :)
<rbasak> With none, you get your RAM use if you want to install inside overlayfs
<patdk-wk_> heh, I've been fine on 64megs
<rbasak> Unless you want to go down the path of having a separate network mounted filesystem (iSCSI/NFS/whatever) for those.
<patdk-wk_> but normally smallest I do these days is 512megs ram
<rbasak> (which you could I guess)
<smoser> rbasak, so you're kind of on board with "kernel packs" ?
<rbasak> I don't like the all option. That leads to many kernels. Although I suppose you'll generally download them all anyway, with adding HWE you might want to only download a subset in the future, and bundling them in the fs image stops you from doing that
<rbasak> Yes, I think so
<smoser> "all option" ?
<smoser> oh.
<smoser> yeah, id ont like that either. you meanh all installed inside.
<rbasak> Right
<rbasak> So none, except for backwards compatibility.
<xibalba> does ubuntu's sshd support chroot? can't find  it int he man page
<rbasak> And access to modules if required through either installing into RAM overlay, or some kind of network filesystem mount
<sarnold> xibalba: check the sshd_config manpage
<xibalba> what did i just say?
<xibalba> " can't find  it int he man page"
<sarnold> xibalba: "in the manpage" , you never said which one you read.
<RoyK> xibalba: for scp/sftp? try rssh
<xibalba> ha, i thoguht it was implied. i'll be more specific
<xibalba> in sshd_config.5.html
<RoyK> xibalba: chroot for logins or file transfers?
<rbasak> smoser: every option seems to have an issue. I can't think of a good answer.
<smoser> rbasak, so how will saucy-maas figure out the word 'highbank'
<smoser> as right now that doesn't exist anywhere. and i'm not even sure its valid...
<smoser> what should id do for arm for short term.
<rbasak> smoser: assume that maas knows what it needs
<smoser> rbasak,we could in the future set up maas to nfs share the kernel module directories also.
<sarnold> xibalba: indeed, there's an sshd(8) manpage which only mentions chroot twice; sshd_config(5) mentions chroot nine times :)
<rbasak> smoser: in quantal, detection worked via the tftp requests
<smoser> rbasak, i dont follow.
<smoser> in maas right now, the user says 'ARCHES=armhf/highbank'
<sarnold> xibalba: since it is easy for people to overlook the sshd_config manpage if they don't know it's there, I felt it important to point out the specific one..
<smoser> which tells maas that it should add a "subarch' named highbank
<smoser> but we want to remove that.
<smoser> and let it get everything in the stream (possibly filtering stuff... i surely hoep we can filter)
<rbasak> smoser: maas would default to downloading all options, or some specific list (someone else can decide that). Or perhaps a default list specified inside simplestreams.
<rbasak> smoser: the user would then customise in config somewhere
<smoser> rbasak, thats fine.
<smoser> but the simplestream the ephemeral images do not know anything about the word 'highbank'
<smoser> they know about the word 'armhf'
<rbasak> It might be an idea to sync that with available arches in maas ui's dropdowns
<smoser> in the past, maas came up with the world 'highbank' on its own.
<smoser> s/world/word/
<rbasak> I'm not sure I follow your question
<smoser> in order to not regress, somehow saucy maas has to call import-pxe-files with 'highbank
<smoser> '
<smoser> for arm.
<smoser> and at the moment in tych0's work, there is no place where it would ever know the word 'highbank'
<rbasak> To further complicate things, the saucy kernel is 'generic' for a highbank machine now
<rbasak> There are different methods for determining what a netbooting arm machine is
<smoser> but there is no different method for determining what to call 'import-pxe-files' with as 'subarch' arguemnt.
<smoser> thats what i'm after. i think.
<smoser> ie, look at https://maas.ubuntu.com/images/ephemeral/releases/streams/v1/com.ubuntu.maas:download.json
<rbasak> WHy is import-pxe-files being called with an argument?
<smoser> because you made it do that.
<smoser> because YOU poluted this !
<rbasak> A maas install should be able to support multiple arches and subarches at the same time, right?
<smoser> :)
<xibalba> thanks sarnold
<smoser> as it is right now, maas is told via configuration (default configuration) about 'subarch' values of 'generic' and 'armhf'
<xibalba> chroot for logins RoyK
<smoser> and it installs (maas-import-pxe) things for *those* values of subarch.
<smoser> and we have no place currently (see that download.json) that would describe those values.
<smoser> and we dont want to leave that to user configuration.
<rbasak> I imagined that there would be a separate stream that would tell you what arches and subarches are available.
<RoyK> xibalba: rssh won't help you there
<rbasak> That list would change as new hardware gets enabled
<smoser> i'm not talking about the future
<rbasak> It would also map detection codes
<smoser> i'm talking about now
<smoser> where should the string 'generic'
<smoser> or 'highbank' come from / go.
<rbasak> From that separate stream.
<smoser> for saucy maas we wont hae that. i don tthink.
<rbasak> Unless we can embed that data into the existing stream.
<rbasak> It could start off static.
<smoser> i dont think the data you want embeds well into that stream.
<rbasak> Note that I'm worried I'm missing your point here.
<smoser>  * saucy maas reads data from https://maas.ubuntu.com/images/ephemeral/releases/streams/v1/com.ubuntu.maas:download.json and imports ephemeral images from there.
<rbasak> If we can't implement the stream right now, we'll need to hardcode it, like it was in quantal.
<smoser> ok. i think that is what i was after
<rbasak> smoser: isn't this exactly the same problem as determining what hwe kernels are avialable?
<smoser> well, sort of. thats why we came here.
<smoser> i didn't want to design a solution for mutiple subarch that did not include hwe
<rbasak> OK
<rbasak> Sorry this conversation seemed tedious. I didn't intend it to. It's a complicated and confusing issue :-/
<smoser> rbasak, how much do i need to worry about subarch ?
<smoser> can i just (for saucy maas) call it 'generic' ?
<rbasak> smoser: that'll work for highbank, but I think there might be another subarch coming up that will not be generic.
<rbasak> s/will/may/
<smoser> how did maas use the subarch ?
<smoser> sure there will be machines that wont work with the 'generic' kernel flavor.
<smoser> but how did the user say 'boot that system with 'subarch' = highbank'
<smoser> and will we break that if we only register 'generic' kernels in saucy maas.
<rbasak> In quantal it needed to know to download the different kernel flavour from the installer pxe images
<rbasak> So I arranged to pass that identifier all the way through
<rbasak> (since at the time I expected more arm subarches that would have different identifiers)
<smoser> oh wait. where did it get that? did it get it from ports.ubuntu.com ?
<rbasak> Yes
<rbasak> for pxe-files. I guess that's gone now
<rbasak> or going
<smoser> well the 'd-i' path for downloading is to be replaced with simplstreams data giving same information.
<smoser> which i probaly need yoru help on.
<rbasak> Right, but we still need to map the different subarches all the way through
<rbasak> So I think maas still needs a field in its table of nodes with the subarch in it
<rbasak> Which can remain highbank, even if the kernel flavour is now -generic. In fact it needs to do this, so that users can boot different releases on the same node.
<rbasak> smoser: I have some time for a G+ if that would be easier?
<rbasak> (or voip or whatever)
<smoser> rbasak, let me try to write some stuff down.
<smoser> rbasak, so... i just had a thought.
<smoser> the mounting of /lib/modules over nfs is as simple as putting an entry in /etc/fstab actually
<rbasak> smoser: but the fstab entry has to be dynamic, right?
<rbasak> smoser: and arranging an NFS server on the MAAS server is another subsystem and another point of failure
<smoser> well, it doens't have to be dynamic.
<smoser> it has to be set on the system that shares the iscsi block device
<smoser> to point *somewhere*
<smoser> but that just points to one big share of lib/modules/ that has every possible version
<rbasak> smoser: yeah but the NFS server IP will change
<smoser> not necessarily.
<smoser> yeah, it would have to change. so that system needs to have it set.
<smoser> i dont know why it would be dynamic though
<kyze> hey guys, i just built my raid1 but it seems parted is now not usable any more. print list only gives me an error about the primary gpt talbe being corrupt. any tips ?
<mr_lou> Help. I'm in big trouble. Running Ubuntu JEOS as a server at work, and ran the  do-release-upgrade command today. But it had so many problems upgrading that I now have a broken install. It refuses to let me do anything.
<mr_lou> apt-get -f install stops at python2.7-minimal
<mr_lou> Typing python in the command shows that I'm running python 2.6.5
<mr_lou> So I'm thinking maybe it stops because it expects python2.7 which it can't find because it was never installed.
<mr_lou> But I can't remove anything, and I can't force install anything either.
<mr_lou> Always stops me from doing anything, because of dependencies problems.
<kyze> rollback to an older backup ?
<mr_lou> No image backup. Only database backup and php files backup. I could format an reinstall the server, and then copy back those. But that's a last resort.
<kyze> so apt-get -f install fails ?
<mr_lou> Yes
<mgw> Is it normal for a dpkg (the package uses dh_installinit) to overwrite the /etc/default file on upgrade? Looking at the man page for dh_installinit, I don't see that it wouldn'tâ¦ but at the same time, I don't recall other packages doing that.
<rbasak> mgw: it should ask you. It's a policy violation to overwrite your changes.
<kyze> mr_lou: sorry im pretty new at this so i cant really help you :(
<mr_lou> np
<mr_lou> kyze, I'm newer. ;-P
<mgw> rbasak: thanksâ¦ I must be doing something wrong in my rules
<kyze> mr_lou wanna take a bet ? :D
<mgw> rbasak: this is the relevent part of rules: https://gist.github.com/mgwilliams/2f0ef3d6e76d6760d9ec
<mgw> and I have two files â nsq.upstart and nsq.default in debian/
<Diegonat> hi guys? what would you say it is the best management tool for KVM ??
<hallyn_> SpamapS: not yet (sorry, at plumbers)  though i did talk to one person who thought that it should be at least usable with just tcp (no netlink).
<hallyn_> SpamapS: what exactly are you doing?  you're not mounting it on the host and then bind-mounting it the container I assume?
<SpamapS> hallyn_: we just want to have an lxc container mount iscsi targets.
<beebs> Hey All. I'm trying to set up a local juju server.  The documentation is a little light on the network setup prior to installing juju, mongodb and bootstrapping. Anyone have experience with this or know of a good walkthrough. I've been googleing and many step-by-steps seem old and outmoded.
<SpamapS> beebs: you probably want #juju, but anyway, the bootstrap command actually installs mongo for you.
<beebs> SpamapS: actually i'm thinking before I even get there, the host network setup. I have three NICs, and am wondering what the best practices are for setting those up, and any VLANs I should be setting up on the switch.
<HSaka> Hello, how can i delete my raid? the disc are /dev/sdc /dev/sdd /dev/sde
<HSaka> it's raid 5
<henkjan> HSaka: mdadm --stop /dev/mdX
<smoser> rbasak, still around?
<henkjan> mdadm --zero-superblock /dev/sdX wil wipe your raid signatures from teh disk
<HSaka> ty
<mgw> rbasak: http://www.mail-archive.com/busybox@busybox.net/msg10671.html
<HSaka> hmm how about if i want to add one of my disc back to raid 5, but it says one of them has no superblock?
<mgw> so it looks like dpkg -i by default overwrites conffiles
<HSaka> example /dev/sdc
<mgw> which isn't a big deal for me, since we don't use dpkg -i in production â but it sure threw me off
<Diegonat> guys whats that command similar to ls -l ?? something like "lls" . Do u know what im talking about?!
<shauno> Diegonat: 'll' is a default alias on redhat systems, which is the closest I know of (alias ll='ls -l --color=auto')
<swaT30> @zul or any other Ubuntu OpenStack folks, any plans on pushing https://review.openstack.org/#/c/32679/1/nova/network/security_group/quantum_driver.py into the Cloud Archive?
<Guest72430> Question what -t stand for or do in this command  sudo mkfs -t ext4 /dev/sdb1       ???
<sarnold> Guest72430: check the mkfs(8) manpage: mkfs [options] [-t type fs-options] device [size]
<sarnold> Guest72430: in this case it tells mkfs the type of filesystem to create
<zul> swaT30:  yes
<swaT30> @zul any ETA? I'm trying to determine if we should apply the patch ourselves in the meantime, or wait for an update
<swaT30> :)
<Guest72430> thanks
<zul> swaT30: not sure the grizzly SRU just went through and need people to test so once it goes through our qa process then it will hit the CA
<swaT30> zul: ok great, I'll apply it manually and the update should just overwrite. Thanks :)
<Diegonat> shauno, thanks
<Diegonat> :)
#ubuntu-server 2013-09-19
<hallyn_> SpamapS: is there a good reason not to have the host mount the iscsi target, and then bind-mount that into the contaienr?
<Guest39238> samba question can I use ".nogroup" as a group with users in it or should I make a new group then add users to it?
<ubuntutis> anybody know what programming languages i should use to make a chatbox
<raub> In 10.04, dovecot in ubuntu had two separate config files, /etc/dovecot/auth.d/01-dovecot-postfix.auth and /etc/dovecot/conf.d/01-dovecot-postfix.conf
<raub> But now in 12.04 it has only the conf.d directory with a ton of files in it. How do they relate?
<bombev> hello
<bombev> I am running Ubuntu Linux 12.04.1 is there some manual to show me how to configure two ISP and to switch it via ssh?
<warzauwynn> bombev: can you be more specific about your setup?  how are these ISPs connected to your ubuntu machine?  how do you intend these two networks to work together?
<lpapp> hi, is there anyone using wsgi and ubuntu here? my wsgi file does not seem to load through apache (mod-wsgi). I see the raw content rather than getting it interpreted through the wsgi protocol. This is a ubuntu 10.04 server, and almost the same vhost config file works on another Ubuntu server which is version 12.04.
<lpapp> here you can find my vhost site config file, http://paste.kde.org/~lpapp/pb2efb5f7/
<rbasak> Are you missing a WSGIScriptAlias directive?
 * rbasak hasn't read the paste
<lpapp> At least there is one there.
<lpapp> rbasak: I have this, WSGIScriptAlias / /var/www/foo/foo.wsgi
<rbasak> I don't know then. Sorry.
<lpapp> rbasak: ok, np. Hopefully someone has already done something like this or/and have a clue. :-)
<rbasak> roaksoax: have you seen bug 1227252?
<uvirtbot> Launchpad bug 1227252 in maas "Upgrade from precise to precise SRU maas unconditionally disabled system DHCP" [Undecided,New] https://launchpad.net/bugs/1227252
<lpapp> anyone having any ideas?
<jamespage> roaksoax, was there a specific reason the squid-deb-proxy-client-(udeb) packages only reside in universe?
<freakynl> Hi, the auto updates are nice et all, but is there an auto garbage cleaner as well?
<freakynl> Many boxes fall over due to the sick amount of kernel images (or more notably - initrd's) that are kept around. Just had another machine with 6GB storage that only had 2.5GB in use after first install fall over cuz it was full (it only runs powerdns, which stores a little data in mysql but that's about it)
<greppy> freakynl: there is an apt-get autoremove, which may help.
<freakynl> greppy: hmm last time I used that it didn't remove any kernels at all, now it removed some (left 5 lying around)
<freakynl> Just running: 'dpkg -l 'linux-*' | sed '/^ii/!d;/'"$(uname -r | sed "s/\(.*\)-\([^0-9]\+\)/\1/")"'/d;s/^[^ ]* [^ ]* \([^ ]*\).*/\1/;/[0-9]/!d' | xargs sudo apt-get -y purge' - reduced consumed diskspace (grew it first as dpkg obviously crashed configuring kernel w/o diskspace) from 76% to 22.6% on a 5GB (now 7) disk - removing nothing but kernels, initrd's and kernel headers... I can't believe how long they ignore this issue. Auto update shou
<roaksoax> jamespage: i didn't know s-d-p-client packages were in universe.. we werent the ones who filed a MIR for it
<roaksoax> afaikl
<jamespage> roaksoax, oh
<roaksoax> jamespage: oh nevermind I guess I did
<roaksoax> jamespage: https://bugs.launchpad.net/ubuntu/+source/squid-deb-proxy/+bug/961726
<jamespage> roaksoax, I thought so
<uvirtbot> Launchpad bug 961726 in squid-deb-proxy "[MIR] squid-deb-proxy" [High,Fix released]
<roaksoax> jamespage: so I'm guessing it's because they weren't seeded ?
<jamespage> roaksoax, probably - I just wanted to check to see if there where any other reasons why not
<roaksoax> jamespage: same has happened for maas-dns/maas-dhcp
<jamespage> roaksoax, reference is bug 1183326
<uvirtbot> Launchpad bug 1183326 in squid-deb-proxy "squid-deb-proxy-client-udeb broken in Ubuntu" [Medium,New] https://launchpad.net/bugs/1183326
<jamespage> folks are trying to use the udeb in d-i installs but it borkes
<roaksoax> jamespage: right, but d-i with internet access should still obtain the package, shouildn't it?
<roaksoax> jamespage: and yeah, I have no idea why they were left out, but judging for the MIR bug, they shouldn't have been
<roaksoax> jamespage: i guess we need to seed them
<roaksoax> jamespage: are you officially back btw?
<jamespage> roaksoax, yep
<roaksoax> cool
<zul> jamespage:  since you are here https://code.launchpad.net/~zulcss/ceilometer/deps/+merge/186553
<jamespage> zul, do those need to be applied to the binary package depends as well?
<zul> jamespage:  *sigh* yeah probably
<jamespage> zul, :-)
<zul> jamespage:  im thinking we should be explicit in the binary deps as well and not rely on pydist
<jamespage> zul, I think that makes sense
<zul> jamespage:  done
<jamespage> zul, does dh_python not do the versioned depends on the binary package automatically?
<zul> jamespage:  i dont think so
<zul> better safer than sorry though
<jamespage> zul, headache tho
<zul> jamespage:  true we need a way to automate this kind of stuff
<jamespage> zul, SQLAlchemy>=0.7.8,<0.8
<zul> jamespage:  ?
<jamespage> zul, thats in the requires of ceilometer
<jamespage> we have 0.8.2
<zul> jamespage:  yeah its patched
<jamespage> so entry points bork
<jamespage> no its not
<zul> isnt it?
<jamespage> zul, no - you dropped it
<jamespage>   * debian/patches/fix-setup-requirements.patch: Dropped no longer
<jamespage>     needed.
<zul> why the hell did i do that?
<zul> ill patch it
<jamespage> zul, no idea
<jamespage> adam_g, where are we up to with charm redux testing and stuff? I need to be reminded
<zul> jamespage:  alright review branch for that one after
<jkyle> When pxe booting an ubuntu server, is the file located at /preseed.cfg during installation the one being used?
<jamespage> zul, I like your versioning:
<jamespage> https://launchpad.net/ubuntu/saucy/+source/python-wsme/0.5b5-1ubuntu0
<zul> jamespage: thanks! :P
<jamespage> zul, you need to drink more wakeup juice in the mornings :-)
<zul> jamespage:  meh
<jamespage> zul, do you want to push the version fixup to that deps branch? I'd like to test it out and I'm blocked right now
<zul> jamespage:  sure gimme a sec
<jkyle> I'm getting the following error during install of ubuntu
<jkyle> "The following packages have unmet dependencies language-selector-common depends accountsservice"
<zul> jamespage:  done
<jkyle> 12.04.2
<miketeevee> hi guys, i'm having a fork issue, can someone help me?  10.04 LTS works, 12.04.3 with the same code forks way too much memory
<jkyle> I'm aware of the fix for these types of errors  in a running os, apt-get install -f, but how do you resolve this when the installer itself is throwing the error?
<zul> jamespage:  we have alot of extra crap in nova deps that we dont need anymore
<miketeevee> i have my findings in a gist
<miketeevee> https://gist.github.com/michael-trelinski
<miketeevee> i feel like it's a kernel flag i need to set, but i can't find it
<D`Fam> !scans
<jgornick> Hey guys, is there something out there that presents a user with a configuration screen or a status screen after an Ubuntu virtual appliance is booted? In my VM window, I would like to see a summary of system information, primarily network information.
<Rory> jgornick: Would it be acceptable to show this information in the Message of the Day that appears on a sucesfull console login?
<jgornick> Rory: Might be acceptable :)
<jgornick> Rory: Looking for something like this: https://github.com/turnkeylinux/confconsole
<Rory> jgornick: If you put shell scripts in the /etc/update-motd.d/ folder they are executed in order on each login
<rbasak> jgornick: you could replace the login on vt1 with a status screen if you like. The job runs from /etc/init/tty1.conf.
<rbasak> jgornick: (by running getty with an alternate program)
<rbasak> Be careful to make sure that the user can't interrupt it to get a root shell or something though
<plm> Hi all
<Rory> Hi plm
<plm> people I have a process running in my server but I don't know who/how it is calling. It is rsyn. I ps aux | grep -i rsync show this: # ps ax | grep -i rsync 7683 ?        Ss     8:59 rsync --server --sender -vlogDtprz . /wts/
<plm> I'm not use rsync
<plm> how I know what script are calling that?
<Rory> plm: if you run the command "ps l" and find the process, look at the PPID column to find the PID of the process which spawned it
<Rory> PPID is Parent process ID I think
<jamespage> zul, ceilometer needs seeding for main inclusion
<jamespage> zul, I pushed your branch - thanks
<jamespage> zul, its not a fault of that change by ceilometer need python-babel as well now
<jamespage> ceilometer-common fails in a clean chroot
<plm> Rory: ps l | grep -i rsync not show about rsync...
<Rory> plm: You need to do it when it's actually running, as the user that rsync is running as, or with sudo
<plm> Rory: it are running
<plm> # ps ux | grep -i rsync
<plm> root     18090 47.7  4.2  46516 43252 ?        Rs   13:08   7:19 rsync --server --sender -vlogDtprz . /CSP/
<plm> Rory:
<plm> # ps a | grep -i rsync
<plm> 19093 pts/1    S+     0:00 grep -i rsync
<Rory> OK plm so now do "ps l | grep 18090"
<plm> Rory: # ps l | grep 18090
<plm> 0     0 19148  9019  15   0   2880   796 pipe_w S+   pts/1      0:00 grep 18090
<Rory> plm: basically you need to catch the process when it's running. Find out it's PID and then use ps l to find its parent
<plm> Rory: it are running..
<plm> are always running
<Rory> plm: sudo ps l | grep 18[0]90
<Rory> The 4th column will be the parent process of PID 18090
<miketeevee> i summarized my question into a stack overflow thread, much help would be appreciated with this fork issue http://stackoverflow.com/questions/18900127/how-do-i-control-the-vmem-when-forking-having-a-same-code-same-java-issue-on-di
<plm> Rory: I think I find: other machine are doing a sync for this server...
<zul> jamespage:  argh ok
<plm> Rory: but rsync start in other machine, I not knew that in client rsync show as process too
<adam_g> jamespage, https://code.launchpad.net/~openstack-charmers
<jamespage> adam_g, right - I see we still need to push in the fast exit stuff and clearing of relations for non-leaders
<jamespage> right?
<adam_g> jamespage, yeah, what is the fast exit stuff?
<jamespage> adam_g, in contexts - when the first complete context found gets returned
<jamespage> right now the contexts in helpers iterate all relations and then check the last one
<jamespage> relations/units rather
<adam_g> oh right
<jamespage> actually relations and units
<jamespage> although two would be odd
<jamespage> (relations that is)
<adam_g> jamespage, there is a charm-helpers branch there as well, that is the sync source for all those charms
<jamespage> adam_g, right
<jamespage> adam_g, I can find some time to work throught that tomorrow PM
<jamespage> (know you are busy)
<adam_g> jamespage, cool.
<adam_g> jamespage, are you back?
<jamespage> adam_g, yes
<adam_g> w00t
<jamespage> (althought not around my time tomorrow am)
<zul> jamespage/adam_g: http://people.canonical.com/~chucks/ca/ (for bug #1227266)
<uvirtbot> Launchpad bug 1227266 in cloud-archive "The swauth and python-swauth packages not included in ubuntu cloud repository" [Undecided,New] https://launchpad.net/bugs/1227266
<jamespage> zul, ooo
<jamespage> zul, tricksy
<zul> yep
<zul> its apparently apart of the chef cookbooks
<jamespage> zul, +1
<zul> jamespage:  cool thanks
<miketeevee> where's the best place to post my ubuntu server problem to?
<miketeevee> messageboard-wise
<miketeevee> stackoverflow? ubuntuforums (hacked?)?
<rbasak> If you can phrase it as a general question that can apply to others, askubuntu is good.
<miketeevee> irc channel?
<miketeevee> ah i see
<zul> adam_g:  https://code.launchpad.net/~zulcss/nova/house-cleaning/+merge/186588
<adam_g> zul, ack. might take me a bit to get through that one
<zul> adam_g:  yeah im going through everything with a fine tooth comb today
<adam_g> zul, awesome
<raub> I know that due to resolvconf I can have dns-nameservers in /etc/networks/interfaces
<raub> But, can I also have the "options" or osmething equivalent in the same file, so it is loaded into /etc/resolv.conf?
<raub> Or should I put it in  /etc/resolvconf/resolv.conf.d/tail?
<sarnold> raub: resolvconf(8) suggests the ../tail answer is the right answer
<tonyyarusso> raub: I think you can have dns-options lines in the interfaces file too
<adam_g> zul, added one comment to that merge but looks good otherwise i think
<zul> adam_g: cool
<GarrettKajmowicz> Greetings! How can I go about resuming the boot process in 12.04 after I've been dumped to the Busybox shell and manually mounted the root filesystem? Alternatively, how can I figure out why I'm being dumped to busybox and fix the issue so my server can boot normally?
<ikonia> GarrettKajmowicz: error message on screen normally gives a clue
<GarrettKajmowicz> I'm "running" 12.04 LTS. This problem started right after I upgraded from 10.04 LTS. The old kernel image still boots correctly, but the new ones don't.
<sarnold> GarrettKajmowicz: at least in the old days, ^D would exit a rescue shell and continue booting, dunno if that's still true, but I hope it is. :)
<ikonia> it's going to busy box
<ikonia> ctrl +d won't do anything
<GarrettKajmowicz> ikonia: I don't recall a particular error message. I'm just dumped to the shell. The root filesystem isn't mounted, and manually typing "mount /dev/md0 /root -o ro" works just fine.
<ikonia> GarrettKajmowicz: so you're using a raid device
<ikonia> GarrettKajmowicz: it's possible it's not able to mount the root file system at boot time,
<GarrettKajmowicz> ikonia: Yes - RAID1.
<ikonia> check the initramfs
<GarrettKajmowicz> ikonia: How can it not be possible to mount the root fs at boot time if I've done so from the busybox shell? Isn't that what the initramfs is for?
<GarrettKajmowicz> ikonia: What would you like me to check in the initramfs?
<ikonia> GarrettKajmowicz: could be a delay in assembling the array
<ikonia> GarrettKajmowicz: or your mdadm.conf could be wrong so it tries to assemble it wrong
<ikonia> (just easy / common issues with it)
<GarrettKajmowicz> I've added rootdelay=30 to the kernel boot parameters and it boots and dumps to the shell within 5 seconds. It's 2 disks, 1 of which is a SSD.
<zul> adam_g:  https://code.launchpad.net/~zulcss/cinder/housecleaning/+merge/186612
<ikonia> GarrettKajmowicz: you're doing software mirroring on SSD's ??
<GarrettKajmowicz> ikonia: If it was wrong, why would mounting it work correctly with no additional interventions?
<ikonia> GarrettKajmowicz: they won't last long
<GarrettKajmowicz> ikonia: The math I've done said it shouldn't be a problem. In any case, that isn't the immediate concern.
<ikonia> understood
<GarrettKajmowicz> ikonia: Where can I go from here to attempt to diagnose this issue? I've been trying to address this since July.  :-(
<ikonia> since july !
<ikonia> GarrettKajmowicz: first thing is look at the grub config - check it's valid, check it's pointing at the right locations, and that the files are there and valid
<GarrettKajmowicz> ikonia: Extra data: http://askubuntu.com/questions/307509/upgrade-to-12-04lts-dumps-to-busybox-on-boot
<ikonia> GarrettKajmowicz: are you sure it's not upgraded grub and should be using grub.conf now ?
<GarrettKajmowicz> Grub seems to boot fine. It gets new kernel images as they are added.
<GarrettKajmowicz> Grub is version 0.97. I don't think grub2 started being used until a newer Ubuntu version. (I'm running 12.04 LTS).
<ikonia> so you're confident it's still reading from menu.lst not grub.conf
<ikonia> 12.04 uses grub2 by default, but that doesn't mean it's upgraded yours
<ikonia> GarrettKajmowicz: for arguments sake, break the kernel line - point it at a wrong filename see if it errors and what it errors
<GarrettKajmowicz> ikonia: I can't do that at the moment (I'm at work, server's at home). I will do so once I get home tonight, however.
<ikonia> GarrettKajmowicz: ping me when you get home, maybe interesting to work it through
<GarrettKajmowicz> ikonia: Absolutely. Will you be here on in about 3-4 hours?
<ikonia> I suspect so
<GarrettKajmowicz> ikonia: Okay - I'll come and harass you then. I'll be typing via smartphone instead of keyboard, so that'll be interesting.
<ikonia> we can work with that
<mgw> I'm trying to figure out the best way to calculate cpu usage on an lxc container
<mgw> is there something in cgroups that will give me that, or do I need to use ps and then compare cpu% against the cpushares?
<adam_g> zul,  https://code.launchpad.net/~zulcss/nova/house-cleaning/+merge/186588 <- you merged before approved?
<zul> adam_g:  yeah did the wrong alias i have locally
<zul> sorry about that wont happen again
<adam_g> zul, its okay
<adam_g> zul, im gonna push a fix to put the python-six version specification in d/control
<zul> adam_g:  ack
 * zul disapears for a while
<adam_g> zul, also.. i know i mentioned before but please get out of the habbit of pushing directly to the branches.
<adam_g> zul, https://bugs.launchpad.net/ubuntu/+source/python-cliff/+bug/1227884  no idea how that didn't FTBFS in the archive.. but trying to backport to precise is failing
<uvirtbot> Launchpad bug 1227884 in python-cliff "FTBFS, conflict in setup.py's requires and egg-info's requires.txt" [Undecided,New]
<maxped> hey guys, dumb question. Why does one computer, my ubuntu-server ver 12.04, get an unusally high ip number from my router? everything else, iphones, androids, other laptops, get 192.168.0.100-109. the ubuntu server gets *.119. when i try to set static and match setting on router reservation list i can never acess from outside the network. any input? TIA!
<RoyK> maxped: the dhcp server is doing the job ;)
<maxped> RoyK: thanks for the reply, i thought the reservation on the router was above anything else. i obviously need to learn more, but is this problem more wifi-router or ubuntu settings? so i know where to start to look. i think router.
<bjf> on a maas server what does "node added but never seen" mean?
<bjf> i'm trying to enroll a single system
<maxped> RoyK: and why so high an ip? why not just next available?
<RoyK> no idea
<maxped> RoyK: hmmm...thanks.
<jkyle> so, I've discovered the current 12.04.3 version of precise has a broken openvswitch module  out the box
<jkyle> fix is to roll back the kernel or build your own module with a current ovs version. Is there a backports that might have the current ovs versions for precise?
<jkyle> ah, thanks for the blog post Mr. Page => http://javacruft.wordpress.com/2013/08/21/openvswitch-for-ubuntu-12-04-3-lts/
<GarrettKajmowicz> ikonia_: I'm baaaack!
<bananapie> is there a way I can execute a program and see all the files it accesses or tries to access ?
<warzauwynn> bananapie: strace cmd
<bananapie> cool :D
<GarrettKajmowicz> bananapie: strace
<bananapie> YES! This is exactly what I needed. Thanks warzauwynn and GarrettKajmowicz. I see hundreds of 'no such file or directory' errors :D
<GarrettKajmowicz> ikonia_: I tried getting grub to boot non-existant kernels or initramfs and grub properly detected that the file didn't exist.
<sarnold> bananapie: skip past the usual ld stuff at the beginning, there's always hundreds or thousands of those..
<bananapie> thanks
<GarrettKajmowicz> ikonia: I managed to save dmsg output from a failed boot: pastebin.ca/2455008
<sarnold> GarrettKajmowicz: is this bit intentional? Kernel command line: root=/dev/md0 ro debug
<GarrettKajmowicz> sarnold: I added 'debug' for this run only. The other flags have been part of the boot params forever.
<sarnold> GarrettKajmowicz: aha :)
<sarnold> .. sure enough, my /proc/cmdline has an 'ro' in it too. sheesh. I need to look around more. :)
<GarrettKajmowicz> I think the idea is to mount the rootfs ro until it is confident of being able to actually boot the system  so as to avoid powering down with a dirty fs.
<GarrettKajmowicz> I'm back. Webchat + phone browset + phone multitasking = frustration
<sarnold> GarrettKajmowicz: :/ you missed nothing while you were gone though
<GarrettKajmowicz> Any other stuff you'd suggest I look at?
<shauno> it's quite normal to boot readonly and remount rw mid-boot.  I think it remounts right after it decides if fsck is to be run (because fsck on a rw partition is mindboggling)
<sarnold> hrm, /var/log/boot.log is remarkably .. short of information
<sarnold> can you poke around in your logs to find corresponding userspace messages from the failed boots?
<GarrettKajmowicz> sarnold: Can you clarify? In failed boots userspace doesn't get a chance to run, and the filesystem is never mounted rw to be able to save anything anyways.
<sarnold> GarrettKajmowicz: oh right :( It it is just that dmesg is only one part of the problem, and nothing there particularly stands out as troublesome. (the days-since-fsck isn't great but also shouldn't explain the busybox shell.)
<GarrettKajmowicz> Right. Busybox shell is repeatable. Server booted up with an older kernel and successfully ran fsck.
<GarrettKajmowicz> sarnold: What else can I do to investigate?
<GarrettKajmowicz> I'm somewhat frustrated at this point. I need to be running the new kernels to address a munor networking issue, yet there don't seem to be any diagnostics for the boot subsystem.
<gartral> how can I make a folder have group read/write perms and make that inherent to all *future* directories and files in that folder?
<gartral> /s/folder/directories
<sarnold> gartral: there is nothing you can do to force specific _permissions_ on files and subdirectories. the only things you can change are (a) set the setgid bit on the directory to force all future subdirectories and files to have the same group _ownership_ (b) set the sticky bit to prevent users from deleting files and directories they do not own.
<gartral> sarnold: that first one seems like what I want
<sarnold> gartral: you could try hacking something together with e.g. incron, but it'd be easy to write a security problem that way :)
#ubuntu-server 2013-09-20
<sarnold> gartral: the first one will go a long way if your processes all need consistent accesses but don't have a common primary group in common
<sarnold> gartral: but if one user has umask=0077, it won't help :)
<gartral> sarnold: my issue is that I have a folder /home/minecraft/plugins and I can read/write to *THAT* folder, but when I add a plugin too the server that plugin makes a new subdirectory there in which I only have read access.. meaning I have to contact the Server Owner to have her fix the perms each time I add a new plugin >.<
<gartral> we both agree that this is becoming a PiTA.
<gartral> and I'm in the minecraft group on that machine
<sarnold> gartral: how are the plugins run? does the minecraft server start them?
<gartral> sarnold: yes, on load
<sarnold> gartral: is the directory created at load time? or during an install mechnaism?
<zul> adam_g:  ill have a look
<gartral> which means that stop/starting the minecraft server process loads the plugins in /home/minecraft/plugins, most plugins as part of their initial load create a new subdir containing all of the configureation information for the plugin
<gartral> and I'm sick today, so if my spelling is a little screwy, i apologize
<gartral> dangit, i have a fix for GarretKajmowicz
<sarnold> oh?
<gartral> sarnold: yea, bootchart. it'll profile the boot proccess and let him see where the boot failed
<sarnold> gartral: it might be hard without a rw filesystem..
<gartral> sarnold: this is why my /log partitions are always on an NFS share :P
<sarnold> gartral: haha :) nice, but he's stuck even without a / ...
<gartral> sarnold: but back to my issue, any thought?
<gartral> sarnold: ohh.. ewww.. his kernel just isn't loading right, huh?
<sarnold> gartral: hrm, I'm having trouble finding his pastebin of dmesg.. here's his askubuntu question: http://askubuntu.com/questions/307509/upgrade-to-12-04lts-dumps-to-busybox-on-boot
<sarnold> gartral: I'm surprised the plugins would execute as your user, rather than a minecraft user..
<sarnold> ah, here we are, his failed boot dmesg: http://pastebin.ca/2455008
<sarnold> gartral: is there a dedicated minecraft user account? is that user acccount starting the minecraft server?
<gartral> sarnold: yes and yes
<sarnold> gartral: hrm. well, you can try the setgid thing easily enough, 'chmod g+s /path/to/directory/' -- I'm not sure why it doesn't Just Work, but I'm not familiar enough with minecraft to know what to look for.
<gartral> sarnold: it's not a minecraft specific issue, this happens with all folders in that directory no matter what made them
<sarnold> gartral: can you get an ls -ld /home /home/minecraft /home/minecraft/plugins   output? I'm curious about user/group/permissions..
<gartral> ls: cannot access /home/minecraft/plugins: No such file or directory
<gartral> drwxr-xr-x 5 root      root  4096 Sep 16 19:23 /home
<gartral> drwxr-xr-x 8 minecraft users 4096 Sep 18 15:17 /home/minecraft
<gartral> oops
<gartral> thought I had my browser focused
<sarnold> no /home/minecraft/plugins ? how odd..
<gartral> sarnold: sorry, stand by
<gartral> sarnold: http://paste.ubuntu.com/6130558/
<sarnold> gartral: looks sane enough... you might try: chmod g+s /home/minecraft/unl-testing/ /home/minecraft/unl-testing/plugins/
<sarnold> that'll set both those directories to force new directories and files created within to have 'minecraft' group ownership. it's a start. :)
<gartral> sarnold: should that be run as root or my user?
<sarnold> gartral: it could either be run as the minecraft user or as root
<gartral> sarnold: that still doesn't fix my access
<sarnold> gartral: hrm, ls -ld on the newly created directories and maybe ps auxw | grep minecraft   ... or whatever the server runs as..
<gartral> sarnold: does that chmod a+s fix already created directories?
<sarnold> gartral: no, just new directories and files
<sarnold> gartral: do you have any currently-existing 'broken' directories?
<sarnold> ls -ld on them would be helpful too..
<gartral> sarnold: yes, about 12
<gartral> sarnold: yea, they just "fixed" it by chmod 775 /home/minecraft/unl-testing
<gartral> sarnold: well, nvm then
<GarrettKajmowicz> I'm back, now with a dedicated IRC client.
<gartral> GarrettKajmowicz: so your server isn't mounting / at all?
<sarnold> GarrettKajmowicz: gartral suggested trying bootchart, there may be a mechanism it provides to discover how far through boot you get before you're hung up, and it might provide some way to get the data off the system ..
<mojtaba1> Hi, do you know how can I connect to my c$ windows partition from ubuntu cmd?
<mojtaba1> They are in the same LAN.
<mojtaba1> Hello?
<dingo311> i cannot ssh from outside my network. canyouseeme.org sees my port, port forwarding is on. i dont know what to do. help please.
<Quest> what doss attacks are still with no solution and i should be prepared for defending?
<Guest65934> roundcube sucks that all i have to say ...
<josephtacos> i started getting a red 0 in front of my prompt in byobu. some how i triggered it. any clue on what it is
<Guest65934> I see that also today 12.04 lts server not sure it went away itself tho--- hummm
<josephtacos> i think there exit codes
<sarnold> Quest: there are hosting providers with unbelievable amounts of bandwidth available, e.g. cloudflare. If you're worried about the reliability of your site even in the face of modern DDoS attacks, it'd be worth having a conversation with them before you need their help.
<Quest> hm
<foubarre> Hi everyone. I have an ubuntu server acting as a DHCP server. I changed the gateway address. Now machines randomly receive the old or new gateway. DHCP config only contains the new address (dhcp service was restarted many times just in case). Any idea of why that can happen?
<linocisco> foubarre, restarted on server? let clients PC restart
<foubarre> linocisco: restarted the server, restarted client machines too. Does that since yesterday.
<foubarre> linocisco: on the PCs, doing "ipconfig /renew" returns a mix of old and new gateway. Does the same on OSX so i excluded a local caching problem.
<elnur> Hey. I'm trying to figure out why nginx and PostgreSQL don't start on system boot. Where do I start?
<elnur> Other stuff like PHP-FPM *do* start.
<Rory> elnur: Do they start correctly without errors when you start them manually?
<Rory> elnur: If so, make a service start at startup with: sudo update-rc.d SERVICENAME defaults
<elnur> Rory, yes.
<elnur> Let me try that.
<elnur> Rory, it says: System start/stop links for /etc/init.d/nginx already exist.
<elnur> What else should I try?
<linocisco> hi
<elnur> I'm trying this:
<elnur> cat < `crontab -l` <<EOF | crontab -
<elnur> @reboot service nginx start
<elnur> @reboot service postgresql start
<elnur> EOF
<elnur> But it doesn't work.
<elnur> What I want is to append those two lines to the output of running `crontab -l` and then pipe it to `crontab -`
<elnur> How should I do that?
<sgran> elnur: don't do it that way
<elnur> How should I do it then?
<sgran> first, since you know the two lines you want to add, just do crontab -e :)
<sgran> second, fixing why they don't come up at start up is probably the saner approach
<elnur> I need to script this.
<elnur> I've spend the whole day trying to fix that already.
<sgran> ls /etc/init/*nginx* /etc/init/*postgres*
<elnur> No such files.
<sgran> ls /etc/init.d/*nginx* /etc/init.d/*postgres* /etc/rc?.d/*nginx* /etc/rc?.d/*postgres*
<elnur> # ls -l /etc/rc?.d/*nginx
<elnur> lrwxrwxrwx 1 root root 15 Sep 19 21:23 /etc/rc0.d/K20nginx -> ../init.d/nginx
<elnur> lrwxrwxrwx 1 root root 15 Sep 19 21:23 /etc/rc1.d/K20nginx -> ../init.d/nginx
<elnur> lrwxrwxrwx 1 root root 15 Sep 19 21:23 /etc/rc2.d/S20nginx -> ../init.d/nginx
<elnur> lrwxrwxrwx 1 root root 15 Sep 19 21:23 /etc/rc3.d/S20nginx -> ../init.d/nginx
<elnur> lrwxrwxrwx 1 root root 15 Sep 19 21:23 /etc/rc4.d/S20nginx -> ../init.d/nginx
<elnur> lrwxrwxrwx 1 root root 15 Sep 19 21:23 /etc/rc5.d/S20nginx -> ../init.d/nginx
<elnur> lrwxrwxrwx 1 root root 15 Sep 19 21:23 /etc/rc6.d/K20nginx -> ../init.d/nginx
<elnur> # ls -l /etc/init.d/*nginx
<elnur> -rwxr-xr-x 1 root root 2091 Dec 17  2012 /etc/init.d/nginx
<sgran> that looks fine.  Can you paste the contents of /etc/init.d/nginx at paste.ubuntu.com
<elnur> sgran, http://paste.ubuntu.com/6131972/
<elnur> The script works when I run it manually.
<elnur> Just doesn't work on boot.
<sgran> is there anything in the logs?
<elnur> Nothing in syslog about nginx and nothing in nginx's error.log.
<sgran> anything in upstart's log?
<elnur> Let me check.
<elnur> Which file?
<sgran> hmm.  I see upstart only logs jobs, rather than overall status
<sgran> disappoint
<elnur> Meanwhile:
<elnur> (crontab -l; echo "@reboot service nginx start") | crontab -
<elnur> (crontab -l; echo "@reboot service postgresql start") | crontab -
<elnur> \o/
<elnur> Of course, I'd like to fix the root issue.
<elnur> I'm just not that good with advanced linux stuff.
<sgran> do you see anything in boot.log ?
<elnur> I'm recreating the VM. Will tell you in a couple of minutes.
<elnur> Vagrant.
<elnur> BTW, can Vagrant/VirtualBox be the reason?
<sgran> I'm guessing at this point that they're failing to start because of some network or other related configuration that isn't there when they start at boot time, but are there later when you run the script by hand
<sgran> so, maybe?
<elnur> Would I be able to find this information in any log file?
<elnur> I'll check boot.log soon.
<elnur> BTW, PHP-FPM starts okay.
<elnur> It's nginx and PostgreSQL failing for some reason.
<elnur> The VM is up.
<elnur> Where's the boot.log file?
<sgran> in /var/log
<elnur> Nope.
<elnur> `locate boot.log` gives nothing.
<elnur> Any other ideas? :)
<sgran> hmm
<sgran> I see a /var/log/boot and a /var/log/boot.log on precise, here
<sgran> does vagrant give you a console log from bootup?
<elnur> Let me see.
<elnur> Hmm.
<elnur> I'm looking at `vagrant up` logs and it looks like it's adding network interfaces after the machine boot up.
<elnur> [default] Machine booted and ready!
<elnur> [default] Configuring and enabling network interfaces...
<sgran> so that'll be the problem, I'd guess
<elnur> Hm. I'll try another network configuration.
<elnur> Well, I tried different network configuration, but that didn't help.
<elnur> I also checked out PostgreSQL logs and found this:
<elnur> 2013-09-20 10:42:31 UTC LOG:  database system was shut down at 2013-09-20 10:42:30 UTC
<elnur> 2013-09-20 10:42:31 UTC LOG:  database system is ready to accept connections
<elnur> 2013-09-20 10:42:31 UTC LOG:  autovacuum launcher started
<elnur> 2013-09-20 10:42:32 UTC LOG:  incomplete startup packet
<elnur> 2013-09-20 10:49:34 UTC LOG:  received smart shutdown request
<elnur> 2013-09-20 10:49:34 UTC LOG:  autovacuum launcher shutting down
<elnur> 2013-09-20 10:49:34 UTC LOG:  shutting down
<elnur> 2013-09-20 10:49:34 UTC LOG:  database system is shut down
<elnur> Nothing interesting, I guess.
<elnur> I'll go with @reboot cron job for now.
<elnur> sgran, thanks for the attempt. :)
<sgran> no sweat :)
<sarthor> HI, I did apt-get update and then apt-get upgrade, Now when I rebooted, machine is not booting in normal way, I went through recovery mode, and then Network.. So I can use my machine, .. when machine is booting in normal way, it says..  udevd[468]: timeout: killing '/sbin/modprobe -bv pci:v00008086d000027D8sv00001028sd000001DEbc04sc03i00' [473] .. and never boot...HELP please.
<sarthor> HI, I did apt-get update and then apt-get upgrade, Now when I rebooted, machine is not booting in normal way, I went through recovery mode, and then Network.. So I can use my machine, .. when machine is booting in normal way, it says..  udevd[468]: timeout: killing '/sbin/modprobe -bv pci:v00008086d000027D8sv00001028sd000001DEbc04sc03i00' [473] .. and never boot...HELP please.
<newhite> What is a good socket monitor for Ubuntu?
<greppy> sarthor: !repeat
<sarthor> greppy: OK. can i quit?
<greppy> sorry, was trying to trigger the bot, out of practice.
<greppy> !repeat
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<sarthor> I love this channel. I got a lot of help here, You guys helped alot. Thanks a lot
<greppy> sarthor: if no one is awake that can help you, you won't get any help, sorry.
<newhite> greppy, that is very logical.  Haha :)
<Rory> sarnold: Any time
<zul> jamespage:  https://code.launchpad.net/~zulcss/cinder/housecleaning/+merge/186612
<jamespage> zul, wrap-and-sort -s required
<zul> jamespage:  fixed
<jamespage> zul, looks good, built tests OK
<zul> jamespage:  cool ill merge it
<jamespage> zul, wait
<jamespage> zul, one thing - oslo-config needs an epoch
<zul> doh
<zul> fixed
<xerxas_> utlemming: I somehow cannot find how you built the ubuntu cloud vagrant images
<xerxas_> do you provide any script, or any doc ?
<Diegonat> can i create a link file in two different devices?
<bjf> on a maas server what does "node added but never seen" mean?
<bjf> i'm trying to enroll a single system
<bjf> i'm on a saucy installed system
<bjf> if i look under "Nodes" i see the node, it's status is "Declared" (whatever that means)
<zul> jamespage:  im re-enabling the tests for glance as well
<jamespage> zul, good luck
<jamespage> please don't melt my laptop again :-)
<zul> jamespage:  ill try not to ;)
<zul> adam_g/jamespage: https://code.launchpad.net/~zulcss/glance/housecleaning/+merge/186836
<zul> adam_g: i dunno if you saw this https://code.launchpad.net/~zulcss/glance/housecleaning/+merge/186836
<adam_g> zul, i did, gonna look at it in a bit
<zul> adam_g:  cool thanks
<adam_g> zul, please merge you changes into the ubuntu-server-dev branches instead of pushing them directly
<zul> adam_g: yep
<zul> adam_g:  fixed
<adam_g> zul, its still not wrapped to 80 and there are extra newlines
<zul> adam_g:  https://code.launchpad.net/~zulcss/keystone/housecleaning/+merge/186849
<hamnstar> hey folks - getting that pesky "waiting for network configuration" message on startup (ubuntu server 12.04).... it's odd, because my configs both work (2 NICs each with a static IP, only one default gateway)... is there anything other than /etc/network/interfaces that i should look into?
<zul> adam_g:  https://code.launchpad.net/~zulcss/neutron/housecleaning/+merge/186870
<adam_g> zul, looks okay but i'm not approving it unless you promise its going to get pushed to ubuntu-server-dev as a merge and not a direct commit
<zul> adam_g:  uh?
<adam_g> .:adam_g:. zul, please merge you changes into the ubuntu-server-dev branches instead of pushing them directly
<adam_g> <zul> adam_g: yep
<zul> adam_g:  i thought i was dong that
<adam_g> zul, doesn't look like it
<zul> frig sorry
<zul> adam_g:  so you want me do bzr branch the neutron branch and then merge my branch
<adam_g> zul, ideally, yes
<adam_g> it can be automated
<th299792458> Hi guys! I'm new to linux. I would like to run ubuntu server on a machine that I would also like to use as a media center. What do you guys think is the best way to do so?
<th299792458> Ubuntu server with a gui would be somewhat weird, right? But a media center without a gui is also somewhat weird
<ikonia> th299792458: why do you need ubuntu server for this ?
<ikonia> th299792458: why not use the desktop CD for this ? it comes with a gui
<th299792458> Yes but I would also like to run ubuntu server to host a site for example
<Pici> Also, you need to define 'Media Center' many media centers have a gui.
<ikonia> th299792458: you can do that on the desktop install
<ikonia> th299792458: it has the same access to packages, such as apache web server
<qman__> the only real difference between the server and desktop editions is the set of which packages are installed; you can install any package you like on either version, so choose what suits your application best
<nikolaj_basher> is there a way I can buck an error of af php site through my apache log
<ikonia> buck ?
<arthur789> im trying to edit my hosts file to allow acess from my ddns inside my network. im not sure exactly what to put into the hosts file.
<ikonia> why are you changing your hosts file ?
<arthur789> ikonia: from reading that my router has no NAT or loopback service. i thought the next step was the hosts file.
<ikonia> why ?
<ikonia> nat has nothing to do with your host file
<gholms> utlemming: If I reconfigure cloud-init's upstart bits with "console output" and systemd bits with "journal+console" can we just let those send stdout to the console instead of trying to open it explicitly?
<gholms> utlemming: I'm trying to deal with containers that don't have /dev/console and whatnot.
<arthur789> ikonia: then i probably have my terms confused. connected to my local lan i can not use my ddns to access my machine. i can only connect from outside the network
<ikonia> arthur789: that's not controlled by host file
<arthur789> ikonia: then i am severly confused. i enabled port forwarding and have a dynamic dns set up. sitting at home, connected to my local LAN, i want to type buffet.dlinkddns.com:4040 and get what i want, not 192.168.0.107:4040. how do i do this?
<ikonia> arthur789: you need a dns service and/or you need to edit the host file on the CLIENT
<arthur789> ikonia: i have dns service. So i need to edit a file for every computer on the LAN? i have done this before and that doesnt seem right. right now im editing the hosts file on the server machine.
<ikonia> arthur789: you don't have a dns service for your internal lan
<ikonia> arthur789: editing the hostfile on the server is going to do nothin
<ikonia> nothing
<arthur789> ikonia: i will stop messing with the hosts file then.
<arthur789> ikonia: in the past, when things where set up correctly i could get to my server through the buffet.dlinkddns.com while connected to the wifi router
<arthur789> ikonia: things went bad and now im trying to re-set-up and this is being a headache
<arthur789> ikonia: this is what i have been googling, mainly 'ddns not working inside network'
<ikonia> arthur789: it's totally possible, but it's awkward to use an external dns service to resolve internal addresses
<ikonia> arthur789: as you're advertising private addresses that are probably going to be dynamically allocated from a private source (your internal router) to a public service
<arthur789> ikonia: well, i dunno what i did in the past, but i could do what i am speaking of. editing the hostfile seems familiar... even though you say it has no effect....
<arthur789> ikonia: thanks for your help, i need a reboot
<arthur789> hi all. in the past i have been able to access a single machine behind a wifi router no matter if i was away from the LAN at a friends or at home, on the LAN by using my dynamic dns. the computer went south and i am on a fresh install of server 12.04. for some reason i cannot get this going again. ikonia tried to help, but im sure i edited the /etc/hosts file in the past. either way im pretty sure i need to edit a file because my rout
<hamnstar> arthur789: you likely need to poke a hole in your routers built-in firewall.  Any previous rules might have been associated to a past (DHCP?) IP of the previous install
<arthur789> hamnstar: thanks for the response, this is a new router too. there is no firewall setup on the routers config page.
<hamnstar> arthur789, any port forwarding settings?
<hamnstar> on the router
<arthur789> hamnstar: yes, three. all can be seen on canyouseeme. all can be accessed via say cell phone on 4g. but once im home and on wifi i must use the local ip
<hamnstar> ohhh yeah routers dont like routing "out" and back "in"
<hamnstar> iirc
<hamnstar> you could use a hosts file on your LAN devices to get around that?  is that what you had going on before?
<arthur789> im pretty sure. when i came in here before asking about esiting it someone else didnt think that was correct. im not sure how to config the /etc/hosts file.
 * gholms does exactly that "out and back in" routing all the time, is now confused
<arthur789> i think the hosts file needs work, from the googling i did
<hamnstar> gholms: looks like i dont recall correctly then... i think some routers might prevent routing a LAN address to wAN and back into LAN to prevent cyclic routing??
<arthur789> gholms: i think its cause my router isnt advanced enough? missing some technology.
<hamnstar> arthur789, /etc/hosts would statically map the dynamic dns name to a LAN ip... so as soon as you're off your lan, you would lose ability to contact again
<arthur789> when i google dyndns not working inside network i get most results refering to hosts file, im just too noob to know what to put
<hamnstar> but would work in the home :P
<hamnstar> yeah from some googling it looks like some routers do not handle "out and back in" aka "loopback NAT"
<arthur789> i have connectbot on my phone. previously, i could ude the same preset no matter where i was or what network i was on. thats my end goal
<gholms> hamnstar: Could be.  What I end up with is traffic going to the public IP on the router regardless of which interface it's coming from and getting forwarded to the appropriate box.
<gholms> But maybe the router needs some sort of magic to make that work or something.
<arthur789> hamnstar: correct, and from my understanding that means the hosts file needs edit
<arthur789> gholms: got any extra magic laying around?
<gholms> arthur789: Not if you need something that'll work on linux.  :(
<hamnstar> arthur789: a more elegant solution would be to set up a dns on your local lan.... quite a bit more involved
<arthur789> hamnstar: well, i can barley handle the easy stuff. but im up for it.
<hamnstar> arthur789, using the hosts file will always resolve the name of the server to the same ip.... which is not what you want, as you need a local lan address when on your lan, and your routers publicly routable ip when off your home network
<jrwren> what? no mdns love?
<gholms> Heh
<hamnstar> I can't help you too much in setting up a DNS server... but, what you can basically do is set your primary DNS to a local dns server (managed by you) and secondary DNS to your ISP/preferred DNS server
<arthur789> wow. i cant belive i ever had it working
<hamnstar> I'm gonna guess your old router handled the "loopback NAT" stuff that some routers do not
<arthur789> well, i thought i upgraded. guess i need to get my old one back
#ubuntu-server 2013-09-21
<gholms> I'm still trying to figure out why a router would *ever* have a problem forwarding traffic bound to its public interface from either side.  :-\
<hamnstar> just to make sure i'm not leading you astray, you should google for your routers manual/etc and see if it makes any mention of loopback NAT
<arthur789> hamnstar: i have, but will go over it again
<arthur789> gholms: just to be clear,from outside through ddns it forwards fine. at home, using local ip, it forwards fine
<hamnstar> arthur789... you could just use a seperate name in your hosts file for a super easy fix
<hamnstar> /etc/hosts: 192.168.x.x server_home       for example
<jrwren> gholms: a router following IP should drop packets it receives destined to a network it knows of on the wrong interface.
<hamnstar> arthur789: then you would access it at home by connecting to 'server_home' instead of 'sever.dyndns.org' or w/e
<hamnstar> not perfect, but easy
<gholms> jrwren: A host sends traffic to IP A port X on the router, and the router forwards it to IP B port Y off some other interface.  Why would the interface it receives the traffic from matter at all?
<gholms> s/it/the router/
<jrwren> gholms: good point
<arthur789> hamnstar: im following youc thanks for the help
<jrwren> i can't remember now
<gholms> Unless the router is configured to block traffic from the "LAN" side to its public address I'm not sure why things would be breaking.  :-\
<hamnstar> gholms: im certain that would be the case, to prevent whacky cyclic situations maybe
<gholms> Could be.  I just can't think of what that might be.
 * gholms shrugs
<hamnstar> otherwise at IP level your right, it really should not care
<hamnstar> s/evel/ayer
<hamnstar> used this forum post as a sanity check that i wasnt making shit up http://forums.dlink.com/index.php?topic=37323.0 :P
<gholms> That's good to know.
<gholms> Maybe it's a limitation of its IP stack or something.
<arthur789> must be what i got. went from 4 port wbr2310 to dir632
<jrwren> i think the problem is that it is acting as both a host and a router
<jrwren> as a multihomed host it sees packet to IP A arive at interface B instead of interface A and says, WTF?!?
<gholms> I guess if it doesn't have forwarding on that might cause problems.
<arthur789> gholms: port forwarding on the router?
<gholms> On the multihomed box
<gholms> And IP forwarding, not port forwarding
<gholms> Unfortunately my knowledge of networking on linux is rather limited.  :(
<jrwren> mine is pretty extensive, I just forget a lot of details
<arthur789> im still positive i edited a file or two when i had the old router. and from what i can tell it didnt support the loopback either. dd wrt should be able to handle loopback, correct?
<jrwren> yes, it can. I think it does by default
<arthur789> super, seems my router may be able to handle ww drt
<logic5> anyone know how to regenerate a sources.list I think i screwed my up
<Patrickdk> logic5, heh? you should never edit that file, ever
<Patrickdk> that is what sources.list.d is for
<logic5> patrickdk ya seems to be so
<logic5> patrickdk i didn't think i saved :/
<logic5> t
<logic5> but i must have because its not working
<jrwren> logic5: what version?
<logic5> Ubuntu precise (12.04.3 LTS)
<logic5> dcmorton_ im not 100% sure i even altered the source.list
<logic5> ooops i ment jrwren
<logic5> addressed to wrong person
<pmatulis> on my 12.10 server i have installed virt-host^ . dnsmasq-base gets installed and dnsmasq is running.  i don't see any way to restart it other than using the binary directly.  dnsmasq package brings in /etc/init.d/dnsmasq but not the -base package
<ubuntutis> do any of you know what would be a couple of good programming languages used for a chat panel
<pmatulis> hm, maybe restarting libvirtd?
<logic5> so my repository isn't updating but at the same time i can ping google.com but yet Im remotly connected via SSH so i know i have a internet connection. Any ideas of what this might be
<Codex_> hello
<logic5> hi
<Codex_> I need to set up raid in ubuntu
<Codex_> I have two disks in raid 0 and I need to get data off them
<logic5> I don't know how I'm new to linux servers
<Codex_> ok
<jrwren> logic5: does apt-get update run without error?
<jrwren> ubuntutis: language matters not. :)
<ubuntutis> so if you were in my shoes what would you pick
<jrwren> python
<ubuntutis> why
<jrwren> because i know it, it is fast, i can use cython to make it faster, it has great lib support for nearly anything out there.
<jrwren> but I don't know your shoes, maybe if i knew your shoes better, i'd choose differently
<ubuntutis> jrwren python doesnt seem that bad for me
<ancaster> hey all. What's the best practice around having a localadmin user that's able to login when NIS goes down? just adding a local user to my box doesn't work... logins still hang for a good several minutes.
<Geeky_Vin> Hi, thr I need some help setting up a home sever in my old laptop for deploy a java web app, can anyone help me. pls.
<Guest63583> Geeky_Vin what do you need help wit ?
<Geeky_Vin> I want to know how to deploy me java application developed in my other laptop to be upladed to my server and run it.
<arthur789> just an update for anyone who was helping with my issue of connecting to a local ip, through dyndns, inside the network. I am usuing dlink router dir-632 and got what i wanted after flashing ww-drt. all is well, and thanks to everyone who chimmed in,ikonia, hamnstar, gholms, jrwren, and the others. I learned alot and headache over. Thanks.
<Geeky_Vin> @Guest63583 : I want to know how to deploy my java application developed in my other laptop to be uploaded and run in my ubuntu-server.
<logic5> thanks jrwren but i figured out it was because I didn't assign dns server when making my ip static :/
<anonee> hello, instead of wlan0 I used eth0, do I have to inverse or fix that?
<anonee> sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
<Geeky_Vin> Hi there, I would like to know how to deploy my web application my ubuntu-server from my laptop. can anyone help me, pls.
<chmurifree> hi there
<TTL112> Hi. Anyone followed this https://help.ubuntu.com/12.04/serverguide/openldap-server.html ? On "ldapadd -x -D cn=admin,dc=example,dc=com -W -f add_content.ldif" it asks me for a password, I enter the one I did entered during installation, it says ldap_bind: Invalid credentials (49)
<DNSther> HI
<ikonia> hello
<DNSther> I have a little question about ubuntu. I'm using a vps and can connect to it with my browser via IP:Port. I need to set a hostname, and I want to connect my real subdomain mail.mydomain.com to it. How to set my subdomain?
<ikonia> DNSther: you need to configure the DNS servers that are the SOA for your domain to point a subdomain at your server IP
<DNSther> ok in my domain config I'm able to set A-Record, AAAA-Record, cname. etc.
<ikonia> that set it
<ikonia> then set it
<DNSther> How to put the port in there, or must that set server-side?
<ikonia> you don't put a port in DNS
<patdk-lap> unless your doing srv
<ikonia> srv ?
<patdk-lap> you have never done srv dns entries?
<DNSther> service ressource record
<patdk-lap> but not many things use it
<ikonia> patdk-lap: never had need to
<patdk-lap> but for browsers, they don't use srv
<DNSther> ok the a-record is filled out with server ip
<DNSther> do I have to do other things server-side?
<ikonia> depends what you are connecting to
<DNSther> I'd set up a mail-server-package (Kerio Connect Trial)
<ikonia> that wasn't what I was askin
<ikonia> asking
<DNSther> *weird*
<ikonia> what's weird
<DNSther> when I put subdomain in my browser, it connects to homepage on server, what is wrong... this has own subdomain.
<ikonia> what are you trying to connect to
<Diegonat> guys? I need to have an esxi-like server with KVM. What do you suggest me? Ovirt, opennebula, eucalyptus, proxmox etcc? ?
<ikonia> Diegonat: what's wrong with using libvirt ?
<patdk-lap> the lack of statement of the problem :)
<DNSther> I'm trying to connect to mailadmin, wich uses port 4040
<ikonia> DNSther: is that a standalone application, or a service within apache
<DNSther> ikonia: it is standalone
<ikonia> DNSther: ok, so how that responds to tcp headers will be down to it'self then
<DNSther> seems it has nothing to do with apache
<DNSther> thx 4 help with that svr clue
<DNSther> found useful hints in kerio forum, now it works perfect!
<DNSther> bye
<werdna][> hi all, Iv'e several issues with dovecot & postfix
<werdna][> anyone able to assist?
<patdk-lap> not really, no idea what your *problems* are
<werdna][> Hi Patdk, well, simply, i'm not able to send mail from my domain to itself, mail is grey listed, and outgoing mail to other domains is rejected by my server saying that the recipient domain doesn't exist
<patdk-lap> that really doesn't help at all
<patdk-lap> logs would help
<werdna][> PM ok?
<patdk-lap> no
<werdna][> ok, gathering logs...
<patdk-lap> should only be like a few lines
<patdk-lap> no *gathering* needed
<werdna][> Sep 22 02:04:34 webserver postfix/smtpd[4117]: connect from xxx.xxx.xx.x[xxx.xxx.xx.x]
<werdna][> Sep 22 02:05:44 webserver postgrey[1032]: action=pass, reason=triplet found, client_name=xxx.xxx.xx.x, client_address=xxx.xxx.xx.x, sender=sales@123.com, recipient=andrew@456.com
<werdna][> Sep 22 02:05:44 webserver postfix/smtpd[4117]: NOQUEUE: reject: RCPT from xxx.xxx.xx.x[xxx.xxx.xx.x]: 450 4.1.8 <sales@123.com>: Sender address rejected: Domain not found; from=<sales@123.com> to=<andrew@456.com> proto=ESMTP helo=<[yyy.yy.y.y]>
<werdna][> Sep 22 02:05:52 webserver postfix/smtpd[4117]: disconnect from xxx.xxx.xx.x[xxx.xxx.xx.x]
<patdk-lap> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<werdna][> yeah, a few lines..
<patdk-lap> that log makes no sense
<patdk-lap> domain 456.com exists and is working fine
<patdk-lap> your dns server is foobar?
<werdna][> both domains (on the same server) are pingable from external
<patdk-lap> I'll take a wild guess
<patdk-lap> 456.com is NOT owned by you
<werdna][> thats what i thought.. performoing a 'host 123.com' resolves to the server address
<werdna][> they are not the real domains..
<patdk-lap> not real?
<werdna][> the real domains are owned by me, resolvable, and pingable
<patdk-lap> how do you expect it to work if they aren't real
<patdk-lap> oh, so you expect me to guess what those logs mean? since you hid all *relevent* infomation
<werdna][> i don't really want to paste the real domain name and ip addresses
<patdk-lap> well, without it the problem can't be solved
<patdk-lap> and you shouldn't STEAL other peoples domains for your *examples*
<patdk-lap> it's extreemly rude
<werdna][> ok, one moment then..
<patdk-lap> Sender address rejected: Domain not found is very clear
<patdk-lap> you have a dns problem
<patdk-lap> without knowing your domain, I can't help you
<patdk-lap> I don't get why people are so paranoid
<patdk-lap> it's not like your domain and ip aren't public knowledge
<patdk-lap> and posted all over the internet
<werdna][> postgrey[1032]: action=pass, reason=triplet found, client_name=182-173-240-7.guam.net, client_address=182.173.240.7, sender=sales@austglobal.com, recipient=andrew@androidsnetwork.com
<werdna][> Sep 22 02:05:44 webserver postfix/smtpd[4117]: NOQUEUE: reject: RCPT from 182-173-240-7.guam.net[182.173.240.7]: 450 4.1.8 <sales@austglobal.com>: Sender address rejected: Domain not found; from=<sales@austglobal.com> to=<andrew@androidsnetwork.com> proto=ESMTP helo=<[172.20.1.245]>
<werdna][> I'm still paranoid..
<patdk-lap> ok, the domain exists
<patdk-lap> but there is no dns for it
<patdk-lap> you need a working domain
<werdna][> oh?
<patdk-lap> you have no A AAAA or MX entries
<patdk-lap> therefor, sending email using said domain is invalid
<patdk-lap> therefor postfix rejects it
<werdna][> the MX record in the zone file reads:
<patdk-lap> it doesn't matter what is in a zone file
<patdk-lap> if no one can talk to the dns server, the CORRECT dns server, and if it's not running
<patdk-lap> you have dns issues
<patdk-lap> you need to correct your dns issues
<werdna][> All tied up in bind, or have I missed something?
<werdna][> is this more a domain registrar issue?
<patdk-lap> Name Server: NS1.GRIFFLER.CO.NZ
<patdk-lap> Name Server: NS2.GRIFFLER.CO.NZ
<patdk-lap> are those the correct servers?
<werdna][> they were changed to ns1 & ns2.androidsnetwork.com earlier today
<patdk-lap> cause neither of them work
<patdk-lap> well, it can take 24-48hours for those to change
<werdna][> Ah, I see the error of my ways....
<patdk-lap> hmm, odd though
<patdk-lap> whois normally updates within 5min though
<patdk-lap> but it's not updated there
<patdk-lap> maybe you should doublecheck it
<werdna][> I will, thanks for your help!!
<jkitchen> anyone have issues with 'rename3' network interfaces showing up with 13.04?
<jkitchen> ahh. seems like 'nameif' can be used to get rename the interface properly
<GarrettKajmowicz> Greetings! Is there somebody here who can help me debug a 12.04 LTS boot failure? I'm being dumped to the busybox shell without any idea of what the problem is.
<GarrettKajmowicz> This occurred while immediately after my upgrade from 10.04. I'm using software raid1. The device mounts manually without complaints.
<GarrettKajmowicz> The old kernel image still boots correctly. New kernels do not.
<GarrettKajmowicz> How do I go about diagnosing this issue?
<NeoNiet> tengo un problema con el virtualhost de apache
<NeoNiet> lo configuro para un dominio pero sirve a todos
<NeoNiet> i configure one virtualhost but serves all domains
<nikki452> i cannot use alsamixer or mocp without being root or giving the sudo command. i added my user to the audio group but no luck. what else to do?
#ubuntu-server 2013-09-22
<techquila> hi there... i'm struggling to remember anything I learned when i did my ccna.. years lapsed and haven't done anything in this arena for a while.. hoping someone can give me some quick advice... i have 3 ubuntu servers: (1 x linode vps, 1 x vps with another provider, and 1 x dev server at my home)  i'm trying to point a subdomain: dev.domain.com to my dev server at home.  static public ip to router and set up port forwarding on m
<techquila> np805n-11n so that ports 80 and 8069 point to the private ip of the dev server... still no worky.. anything i'm forgetting?
<techquila> the main domain points to my linode.. maybe i use the same dns on my dev server as my linode?
<techquila> ps.. i don't use irc much so i'm unaware of  a good networking channel.. if someone has a suggestion for a more appropriate channel to ask i'm all ears..
<jeroth> Question: I had a drive fail in my software Raid 5 array. The new drive starts on sector 64 and the rest of the drives are on 63, will this give me a performance hit?
<jeroth> Basically I am trying to figure out this whole partition alignment and jazz and cant seem to ha
<zexcriz> if my machines are running and are live providing services, how can i test my machines for security testing ?
<jrwren> like pentesting?
<zexcriz> jrwren, yeah
<Douug> hi all. wonder if you can please help ,e.
<Douug> i deletede nut but i re-install but the enteries in /sbin dont resinstall
<Douug> how can i get the upsd file back'
<Rory> Douug: What exactly did you do?
<bitnumus> hi, my system clock is stuck -61seconds
<bitnumus> can anyone help with this? i've tried installing NTP etc
<mardraum> ntp will eventually fix it
<mardraum> it just won't correct 61 seconds in one hit
<mardraum> if you want to force it, stop the ntp service and use ntpdate to a ntp server.
<mardraum> then start the ntp service again
<bitnumus> yes i did that
<bitnumus> but it doesnt work
<bitnumus> i've left it overnight also, still the same
<bitnumus> using  'ntpq -p' to check
<bitnumus> its not 63seconds
<bitnumus> now*
<bitnumus> +ntp4.Housing.Be 128.32.206.55    3 u   42   64  377   74.976                            offset >    -63531.       /      jitter   > 7.654
<mardraum> you did what that didn't work?
<bitnumus> forced update with ntpdate, or so i thought
<mardraum> try it again now and paste the output. use pastebin for more than one line
<bitnumus> what server would you suggest?
<bitnumus> and how can i check which one its currently using?   ntp conf doesnt change from what i can see
<mardraum> just use the server you listed above
<mardraum> by default ubuntu uses the ntp projects servers, so it will change on each startup even perhaps
<bitnumus> so what command do you suggest i use ?
<mardraum> stop the ntp service, then ntpdate <name>
<bitnumus> no change
<bitnumus> just tried this that i found online  >   /usr/sbin/ntpdate-debian
<bitnumus> but it returns this, maybe its related i dont know   >    ntpdate[8008]: step-systime: Operation not permitted
<mardraum> sudo.
<bitnumus> nope
<bitnumus> lol
<bitnumus> this might be the underlying issue then ?
<bitnumus> what user is NTP supposed to be run as ?
<bitnumus> its being run as root it seems
<bitnumus> just tried uninstalling NTP, and got this from aptitude      pB
<bitnumus> broken package?
<bitnumus> think it might be this :)   http://www.gvarisco.com/2011/05/01/openvz-tips-and-tricks-ntpdate-1/
<halvors> Hi!. Trying to install ubuntu server on an IBM eServer 346 (8840) but when i boot the installation disk, the only option that is appearing on the screen is "Rescue Mode".
<halvors> What do i do?
<halvors> My server is just setup with RAID. No old ubuntu installation to fix...
<Mosselman> hey guys. I want to quickly see if http requests are coming through to my server. I know there is a tool that allows you to listen on a port and output requests coming in, but I forgot which process.
<Mosselman> Does anyone know it?
<bekks> tail -f apache2.log ? :)
<Mosselman> bekks: no apache
<Patrickdk> tcpdump
<bekks> tail -f whateverserver.log :)
<Patrickdk> beeks read first, he said listen on a port
<Patrickdk> so if you want to answer that way, first explain how to isntall and setup a webserver
<Patrickdk> would have thought with the invention of the internet, peoples reading skills might actually go up
 * Patrickdk blames the invention of sms
<Mosselman> while true ; do nc -l 3000 <<<works ; done
<Mosselman> this serves a string on port 80
<Mosselman> port 3000
<Mosselman> I mean
<Mosselman> obviously `nc -l 80` would work too, but then you don't get feedback in the browser.
<Mosselman> Which is fine for most of this level of debuggin.
<Mosselman> debugging*
<Distortion> hi guys, I just beginning to setup an email server and I have some questions
<Distortion> I have installed postfix and am testing. Telnet localhost 25 works fine and I am able to send email, but telnet myaddress.org 25 just hangs. Any ideas?
<jrwren> many ISPs block incoming port 25. Comcast does. Who is your iSP?
<Distortion> ah
<Distortion> Well I am running this website on a virtual machine on windows azure
<acacs> Distortion: service is listening on external interface?
<jrwren> Distortion: azure blocks incoming port 25 as well.
<Distortion> ah shit
<Distortion> what is the way around this?
<jrwren> i'm wrong about azure and port25 anyway.
<Distortion> oh so it isn't blocked?
<jrwren> nope.
<Distortion> hmm
<jrwren> i'll spin up and instance and try.
<Distortion> okay sweet
<Distortion> you guys are really helpful
<Distortion> there are quite a few trolls in #postfix
<jrwren> you are using 3 of my favorite technolgies which I want to succeed and be used, ubuntu, azure, postfix :)
<jrwren> Distortion: which ubuntu version are you using?
<Distortion> jrwren: 12,04
<shodan45> jrwren: OT, but I'm curious - what's good about azure? I haven't really heard much either way on it
<Distortion> haha I get azure free since I registered a startup
<Distortion> so it is amazing
<shodan45> "registered a startup"? o_O
<shodan45> startup as in "omg I have a bajillion dollar idea, let's do this!"?
<Distortion> haha
<jrwren> shodan45: i'm just glad there is good competition for aws and xen technologies.
<Distortion> as in you send them your information (website people involved etc) and they review it and give you like 3 years of azure free
<jrwren> Distortion: BizSpark?
<Distortion> $150 a month to spend
<Distortion> yes bizspark!
<jrwren> yes, i've heard of businesses using that, then after 3 years they find out that licenses for the SQL Server and Windows Server which they used costs $50-$100k, which is a huge percent of their margins.
<shodan45> yeah, $150 tends to not go very far with MS software... no idea what they charge normally for azure
<Distortion> jrwren: I can imaging -- however I am not using any windows software, just their VM.
<shodan45> jrwren: aws & xen? I've never understood why people pay so much for aws, as for xen - I use kvm :D
<shodan45> jrwren: still, always good to know about free stuff :)
<Distortion> I am only putting up an idea so that when I apply for jobs next year I have something to show
<jrwren> shodan45: we use openstack and kvm too, and I am looking foward to openstack and lxc. Still, I appreciate teh hyperV competition
<Distortion> jrwren:  do you have any idea why I cant access port 25?
<shodan45> anyone here install a mythtv backend on an existing (headless) server install? #ubuntu-mythtv is pretty dead on the weekends :(
<jrwren> Distortion: only thing I can think of is firewall rule. azure calls them endpoints
<Distortion> not ufw, but something through their system?
<jrwren> yes
<jrwren> like ec2 security groups
<Distortion> ah i see
<Distortion> thank you
<jrwren> did it work?
<Distortion> I'm not sure
<Distortion> I don't have access to the account that hosts the VM
<Distortion> I just have sudo access to the server, not access to my friend's azure account
<Distortion> I will try it later when he is available
<LordAioria> hello all
<LordAioria> Is there any person that has installed a jasig CAS server ?
<LordAioria> I have installed jasig CAS server into a tomcat environment with a SSL
<LordAioria> i have some quesitons... i don't see any document, guide or tutorial that explains next steps... for example to create a schema to allocate all login information in mysql ....
<LordAioria> could you help me?
<Distortion> jrwren: okay opened up the ports through azureâ¦that was the fix
<Distortion> thanks
<jrwren> yw
<Distortion> No off to learn the basics of email servers
<Distortion> now*
<shodan45> Distortion: basics of email servers=let someone else do it
<Distortion> haha
<shodan45> (no, I'm not kidding... email is a huge PITA)
<Distortion> I only need really simple things so it isn't that bad
<Distortion> 1 domain
<Distortion> 3 email addresses
<shodan45> incoming or just outgoing?
<Distortion> both and I;m setting up imap so I can use gmail with it
<Distortion> but it seems okay so far
<shodan45> Distortion: good luck. I learned long ago that self hosting email just isn't worth it. :/
<Distortion> yaâ¦I may end up just coughing up some money
<Distortion> thanks for the tip though
<shodan45> or if you don't mind google, they might still host email for free (not sure... they used to)
<Distortion> oh I didnt know that actually
<Distortion> (there seems to be a bit of google hate around these parts )
<shodan45> yeah, "google apps for your domain" I think
<shodan45> I don't know if they charge now
<Distortion> it looks like it is no longer free
<Distortion> I kind of enjoy learning new things though so this is fine
<Distortion> by kind of, I mean I do enjoy learning new things
<Diegonat> guys? i have a server with eth0 192.168.1.5 and br0 10.0.0.1 . Moreover i have instances 10.0.0.x . What do i need to set on iptables to make instances rechable from outside the server??
<Distortion> jrwren: still around?
<jrwren> yes
<Distortion> alright so I am able to send and recieve emails from different accounts on my server
<jrwren> YAY
<Distortion> but I get this error when sending from an outside person though
<Distortion> http://pastebin.com/twuhqLUt
<Distortion> I think the issue is with godaddy
<Distortion> do I have to purchase something from them to set up email for my server?
<Distortion> figured it out, nevermind
#ubuntu-server 2014-09-15
<shayr> Hi. I am having a problem with postfix sasl authentication. I have domne everything accotding to docs, but when I try telnet I don't have 250-AUTH LOGIN PLAIN and 250-AUTH=LOGIN PLAIN
<pmatulis> shayr: try #postfix
<shayr> I will, thanks a lot :)
<a1fa> well, this is just shitty
<a1fa> https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1301015
<uvirtbot> Launchpad bug 1301015 in ifupdown "Networking does not restart" [Undecided,Opinion]
<a1fa> WTF
<pmatulis> a1fa: what's wrong?  use ifdown & ifup
<a1fa> pmatulis: i had to modify my scripts
<pmatulis> a1fa: ok good
<a1fa> now, sshd is also disabling forwarding by default in 14.04
<pmatulis> a1fa: a sensible default
<a1fa> the man says default is set to yes
<a1fa> service ssh reload?
<pmatulis> restart
<a1fa> its not taking it
<a1fa> forwarding is still disabled
<a1fa> fun
<pmatulis> possibly a misconfiguration or you're not testing properly?
<a1fa> ~$ sudo grep -i tcpforwarding /etc/ssh/sshd_config
<a1fa> AllowTcpForwarding yes
<a1fa> not even working after reboot
<a1fa> blah
<a1fa> its working, wtf
<a1fa> i cant forward via tunnel
<a1fa> (tun0)
<a1fa> anodther change in 14.04
<Patrickdk> what does allowtcpforwarding have to do with tun?
<T3CHKOMMIE> Hey guys, anyone ever trouble shot SMTP auth on an ubunbu mail server?
<T3CHKOMMIE> i have followed about 18 different guides, reimaged about 6 times and still cant get my imap clients to connect to the outgoung server.
<T3CHKOMMIE> maybe some debugs i can enable? mail.log and mail.err dont show my anything interesting and my imap client just keeps saying that the server isnt responding. :(
 * Patrickdk wonders what imap has to do with smtp
<Patrickdk> and why you would bother to follow any tutorials
<Patrickdk> it is guarrenteed a tutorial *won't* fix your problem
<lordievader> Good moorning.
<shayr> Good morning
<lordievader> Hey shayr, how are you?
<shayr> Good thanks, you?
<shayr> Configuring postfix atm
<lordievader> Doing good here ;)
<shayr> :)
<Aison> I would like to use ufw on my linux router
<Aison> now I looked into ufw/sysctl.conf
<Aison> for what are these options good for? net/ipv4/conf/default/accept_source_route
<Aison> these four rules are titled by # Do not accept IP source route packets (we are not a router)
<Aison> do I have to set them to 1?
<rbasak> jamespage: do you know about bug 1353423? Not sure what our tomcat plans are for Utopic.
<uvirtbot> Launchpad bug 1353423 in tomcat8 "[MIR] tomcat8 (b-d of libcommons-logging-java)" [Critical,Confirmed] https://launchpad.net/bugs/1353423
<jamespage> rbasak, hmm - I was ignoring tomcat8 for utopic
<jamespage> rbasak, I swear I fixed that once
<jamespage> rbasak, oh - I did
<rbasak> jamespage: I don't actually see it in component mismatches
<jamespage> we're carrying a delta - I just did not close the bug
<rbasak> jamespage: there's also bug 1349889 which is in component mismatches still. One for zul though maybe? Looks like Openstack pulls in python-redis.
<uvirtbot> Launchpad bug 1349889 in redis "[MIR] new build dependencies of python-redis" [Undecided,Incomplete] https://launchpad.net/bugs/1349889
<jamespage> rbasak, looking
<rbasak> (though it's not clear to me)
<jamespage> rbasak, we can drop the depends for now -   * Add python-hiredis to Recommends due to performance improvements when used
<jamespage> but we might want to review next cycle
<jamespage> rbasak, let me deal with that now
<rbasak> Thanks
<jamespage> rbasak, bumping down to suggests for now
<rbasak> I also see a new heat->python-saharaclient one. Probably for zul or coreycb?
<jamespage> rbasak, yes
<jamespage> rbasak, I think I'm going to suggest a sprint for the last bits of openstack
<jamespage> virtual
<jamespage> horizon is in a bad place right now
<therve> hallyn, Hi, around? I have a question about qemu packaging
<jamespage> therve, he won't be around for a bit - I might be able to help
<therve> I got my timezones mixed
<therve> jamespage, A new machine type has been created for https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1294823
<uvirtbot> Launchpad bug 1294823 in qemu "FFE: create a trusty machine type" [High,Fix released]
<therve> In the 2.0 package it points to the latest machine type which is something like pc2.0
<jamespage> therve, yes - this rings a bell
<therve> I was wondering the patch should be updated for qemu 2.1 to still point to that
<therve> Instead, the utopic package it's pc-2.1
<jamespage> therve, possibly - I remember it was todo with supporting migrations between Ubuntu series (i.e. trusty->utopic)
<therve> jamespage, Right, I think it's the intent
<jamespage> therve, so we may need to add a new utopic one in  - but'd I'd defer to hallyn on that - there was some complication around this
<therve> But it seems it should be changed if we want that behavior
<therve> jamespage, I wouldn't be surprised :)
<therve> Do you want me to open a bug to track it?
<jamespage> hallyn, zul: ^^ if you could respond that would be great - therve - sounds like a good idea - yes please!
<therve> jamespage, Great, thanks!
<hua_> quit
<hua_> quit
<hua_> quit
<hua_> quit
<hua_> quit
<hua_> exit
<hua_> exit
<pmatulis> morning
<hallyn> therve: i thought i'd changed that, actually.  you're right, it should point to the latest one.
<therve> hallyn, It does point to the latest one?
<therve> I opened bug #1369481 BTW
<uvirtbot> Launchpad bug 1369481 in qemu "The trusty machine type should stick to the 2.0 version" [Undecided,New] https://launchpad.net/bugs/1369481
<hallyn> oh right :)  yes, it shoul dpoin tto 2.0
<hallyn> and utopic point to 2.1
<therve> Ah right, add a new machine type
<therve> Makes sense to me!
<hallyn> thanks for opening the bug, if you wanted to write a patch to fix it please do, else i'll do it later today
<hallyn> jdstrand: hey, so a qemu bug thread made me wonder - any chance you have ext4 extents not enabled in your filesystem?  there's a (raw image, unfortunately, iiuc) bug in there...
 * hallyn biab
<jdstrand> hallyn: $ mount|grep home
<jdstrand> /dev/sda3 on /home type ext3 (rw)
<jdstrand> (I have my images in /home, not /var/lib/libvirt)
<jdstrand> hallyn: mdeslaur hypothesized that the qemu monitor is saying it is done when it actually isn't such that libvirt might proceed to the next operation prematurely
<jdstrand> we discussed a bit amongst the team and sarnold_ and I use a similar process that might trigger it whereas others on the team do not. If his hypothesis is correct, load on the host system may be a factor
<jdstrand> we've added a strategic sleep() call in uvt to see if we can avoid the problem
<hallyn> ext3!
<hallyn> i've never tried that
<hallyn> jdstrand: interesting
<jdstrand> if I were to guess, I would guess sarnold_ is using ext3 for home based on past conversations, but I am not sure
<jdstrand> my system is pretty old
<jdstrand> I think when I got it and setup the drive, I had just finished getting bitten by some annoying ext4 data loss bugs (or, at the very least, the memory was still fresh)
<hallyn> was that by any chance 2010?
<hallyn> that sent me to xfs for a few years
<jdstrand> plausible. I forget when we switched to ext4 by default
<jdstrand> I use ext4 these days, but this system still has ext3
<hallyn> jdstrand: so yes, if it is ext3 then it doesn't use ext4 extents.
<hallyn> something to keep in mind if your sleep experiment doesn't pan out
<jamespage>  bug 1361357
<uvirtbot> Launchpad bug 1361357 in cloud-archive/juno "metadata service performance regression ~8x" [Medium,Confirmed] https://launchpad.net/bugs/1361357
<sarnold_> hallyn,jdstrand: indeed, I still use ext3
<tarvid> any recommendations on a simple url monitor
<ikonia> hobbit ?
<Pici> what does a url monitor do?
<tarvid> makes sure a website responds
<tarvid> xymon looks good
<tarvid> (formerly hobbit)
<ikonia> oh hobbits changed names
<ikonia> thats interesting
<RoyK> tarvid: xymon isn't that good - use icinga/nagios instead
<tarvid> the last time I used it it was called big brother
<tarvid> RoyK, icinga is in a PPA, I have had disastrous results with PPAs on servers
<RoyK> tarvid: we use it at work, I don't like it
<tarvid> Nagios seems heavy
<tarvid> What's wrong with xymon?
<RoyK> tarvid: icinga is in the normal repos
<ikonia> sees a bit overkill
<ikonia> you could just use a script with wget/curl
<tarvid> that would be tempting
<tarvid> I would like to know if a site changed more than a threshhold
<RoyK> tarvid: it's years since icinga were in just ppas
<tarvid> My bad, I read their wiki
#ubuntu-server 2014-09-16
<hackeron> I have a strange problem where memory is leaking but not showing up in top/ps/ps_mem/slabtop/etc - any ideas at all how to figure out where it is going? < http://superuser.com/questions/793192/what-is-using-up-all-my-memory-ubuntu-14-04-lts-server/795352
<TJ-> hackeron: You're running the live555 from Trusty archive - version 2014.101.13-1 ?
<hackeron> TJ-: no, compiled the latest source myself
<TJ-> including the 2014-06-24 release then?
<TJ-> Have you run valgrind on it?
<hackeron> TJ-: No, but it's showing like 0.1% memory use in top
<Aison> can I somehow manually remove an ufw rule?
<Aison> ufw delete is not working on one of the rules...
<zubairahmed> can't you edit the ufw file manually Aison
<Aison> maybe, but what file is that?
<zubairahmed> /lib/ufw/user.rules
<zubairahmed> https://scottlinux.com/2012/08/25/how-to-manually-edit-ufw-rules-on-ubuntu-linux/
<jdstrand> Aison: what rule?
<Aison> jdstrand, I created a custom application file
<Aison> jdstrand, with ports=1812,1813
<Aison> adding this application was possible, but deleting not
<jdstrand> how are you trying to delete it?
<Aison> now I changed it to ports=1812,1813/udp
<jdstrand> how did you add it?
<jdstrand> ah
<jdstrand> if you changed the ports in the application rule file, then I can imagine it would not work
<Aison> jdstrand, I called it Radius, so I added it with ufw allow from 10.0.0.0/8 to any app radius
<Aison> jdstrand, and I tired to delete it by number: ufw delete 15
<jdstrand> Aison: if you change the application file back to not specify udp, I bet it would work
<jdstrand> Aison: can you file a bug?
<Aison> jdstrand, no, it does not work then
<jamespage> jdstrand, around? we have a whole load of refactoring (very late) todo in Horizon with regards packaging of 'assets' such as JS and CSS
<jamespage> and I wanted to get your opinion on approach - I want to avoid having a bezillion libjs-* package in main
<jamespage> well at least I think I do
<jdstrand> I'm pretty sure we do :)
<jamespage> jdstrand, OK - so thats a good start
<jamespage> jdstrand, soo....
<jamespage> horizon in previous releases just bundled up any JS and CSS stuff it needed from other projects
<jamespage> jdstrand, upstream have moved to using python-xstatic which basically provides the same asset via a pythonic interface which can be packaged up
<jdstrand> ok, so sounds equivalent
<jamespage> jdstrand, zigo has done a fine job packaging all of the required deps in Debian, and where possible, he's linked out to the associated libjs-XXX library that provides the same asset
<jdstrand> ah
<jamespage> jdstrand, most of that support is patched in and hacked into the build in packaging
<jamespage> jdstrand, so we could revert that packaging delta a drop back to using the bundled assets each xstatic package ships in its upstream tarball
<jamespage> jdstrand, it also avoids nodejs in the dependency chain
<jdstrand> jamespage: I got slightly confused. Debian moved the dependencies out to separate packages, but you are thinking of moving them back to (embedded) xstatic packages?
<jamespage> jdstrand, indeed
<jdstrand> but the xstatic packages are still separate from horizon?
<jamespage> jdstrand, well Debian uses the libjs-* package
<jamespage> jdstrand, yes - so we would end up with horizon -> python-xstatic-XXX but no further dependency on libjs-XXX
<jamespage> jdstrand, I'd also note that the debian pkgs also only use the libjs-XXX package if it already exists - I don't think thomas has done any work on new ones to support this
<jdstrand> jamespage: how many python-xstatic-XXX packages are being added?
<jamespage> jdstrand, lemme check
<jamespage> jdstrand, 15
<jamespage> coreycb, zul: ppa:openstack-ubuntu-testing/xstatic-testing
<JediMaster> hi all, I'm having problems trying to get fail2ban to start on 12.04 LTS, I've tried setting the log level to debug (4) and nothing at all gets logged, "service fail2ban restart" just says it fails
<JediMaster> any ideas how to get any more out of fail2ban other than setting logging to debug?
<JediMaster> there's nothing in syslog about it either
<rbasak> jamespage: please can you review https://launchpad.net/~racb/+archive/ubuntu/experimental/+files/bcache-tools_1.0.7-1%7Eppa3.dsc? This should be suitable for the Debian ITP I think, but an upload needs to be coordinated in that bug.
<jamespage> rbasak, yes a bit later on
<jamespage> rbasak, srpting on openstack bits right now
<rbasak> OK, thanks.
<wedgwood> Can anyone tell me whether the choice of the deadline scheduler for the Trusty AWS cloud-image was deliberate, or simply a holdover from the server default?
<rbasak> wedgwood: that might be a question for #ubuntu-kernel. I'm not sure.
<wedgwood> rbasak: Cool, I'll check there too
<rbasak> In general I think we share defaults across Ubuntu. We'd have to go out of our way to arrange defaults to be different depending on what you're deployed on.
<RoyK> wedgwood: what sort of storage?
<jamespage> rbasak, your bcache packaging looks fine to me - did you have a FFe bug for utopic to reference?
<jamespage> and what do I need todo with regards debian uploads? is the guy who did the packaging still up for maintaining it?
<rbasak> jamespage: https://bugs.launchpad.net/ubuntu/+bug/1355890. I can upload, but I wanted your review for the Debian end.
<uvirtbot> Launchpad bug 1355890 in ubuntu "[FFe] bcache-tools" [Undecided,Triaged]
<jamespage> rbasak, +1 then
<rbasak> I'd like to report on the ITP bug that you've reviewed and are prepared to upload.
<rbasak> And ask who should/wants to be in the Uploaders field.
<rbasak> I don't want them to feel trumped.
<jamespage> rbasak, I'm happy with that statement but I'd want a clear response on maintainer
<rbasak> jamespage: OK, so to confirm I think the only question left for Debian is to conclude the list of maintainers?
<rbasak> (that can include me)
<jamespage> rbasak, that sounds correct
<rbasak> OK, thanks.
<wedgwood> RoyK: Usually EBS. Sometimes ephemeral.
<RoyK> wedgwood: meaning what?
<SturmFlut> Will anybody here be at LinuxCon Europe 2014 in DÃ¼sseldorf?
<hallyn> a few of us
<coxaLT> Hello
<coxaLT> I have a question
<sarnold> welcome coxaLT, note irc works best if you just ask questions :)
<coxaLT> Just installed vnc server with GNOME on ubuntu 14.04 server, configured everything. I connect with VNC Viewer, there is terminal open but i cannot type anything in it, it
<sarnold> yay
<coxaLT> it's just black
<coxaLT> How to make Terminal working?
<coxaLT> http://imgbin.org/index.php?page=image&id=19342
<RoyK> coxaLT: hit enter
<coxaLT> Well now i see something
<coxaLT> like list .cache , .config , etc...
<coxaLT> Thanks
<coxaLT> But how to navigate in it?
<coxaLT> How to enter type mode to execute commands like apt sudo get and other
<coxaLT> would be helpful
<sarnold> coxaLT: hunh, odd. try hitting ^L periodically?
<coxaLT> maybe hit monitor and throw trash bit out of the window
<coxaLT> maybe hit monitor and throw trash bin out of the window
<coxaLT> that would help more, probably
<coxaLT> :D
<sarnold> hehe
<sarnold> if you're using a terminal any way why not just ssh?
<coxaLT> I can connect with bitwise and do anything, but i dont know how terminal is functioning?
<sarnold> maybe try xterm or urxvt or something simpler than gnome-terminal
<coxaLT> i had this thought
<coxaLT> will try
#ubuntu-server 2014-09-17
<coxaLT> How could i start xterm from ssh for vncserver
<coxaLT> Or, how could i start xterm on vncstartup?
<coxaLT> I am totaly new and need extensive care
<lkthomas> hey guys
<lkthomas> does upstart will constantly check if the running process still exists ?
<zzxc> Hey, what are the requirements for running raid 5.
<Sachiru> Query: Is ntopng paid, or free, and does it work with collectors other than nprobe?
<Alina-malina> Alice upload video to youtube, Bob lives in US and for bob that video is NOT available, Charlie lives in Pakistan and the video is available for him. So the question: How Charlie can find out if the video that Alice upload to youtube is available for Bob?
<lordievader> Good morning.
<Omicronpersei8> echo morning.
<lordievader> Hey Omicronpersei8, how are you?
<Omicronpersei8> All ok here..
<ExeciN> I installed gnome and every time ubuntu-server boots, gnome goes in a resolution of 800x600. How do I permanently change the resolution?
<lordievader> ExeciN: I suppose that question is more suited for #ubuntu.
<Sachiru> Query: What would you guys recommend as a DNS and WINS server for Ubuntu that is a) lightweight, b) intended for forwarding/caching only, and c) fast?
<psih0man> hello all! I need some help in turning power off on some PCIe device. on the Net I can't find the files they say they should exist in /sys/bus/pci. I'm running ubuntu-server 14.04 and the device I want turned off is a PCIe slot that connects an add-on SAS HBA
<jamespage> zul, I fixed up pyscss
<pmatulis> morning
<lordievader> Hey pmatulis, how are you?
<pmatulis> lordievader: very fine and you?
<lordievader> Doing good here :)
<rbasak> jamespage: can you comment on bug 1370049 please?
<uvirtbot> Launchpad bug 1370049 in mongodb "mongodb build disables scripting instead of using libmozjs" [Undecided,New] https://launchpad.net/bugs/1370049
 * rbasak can't remember the details right now.
<rbasak> jamespage: also see horizon bug 1370107
<uvirtbot> Launchpad bug 1370107 in horizon "The Juju environments settings panel is missing in Icehouse" [Undecided,New] https://launchpad.net/bugs/1370107
<jamespage> rbasak, I think upstream dropped support for spidermonkey in 2.6
<rbasak> jamespage: was there a question about security as well, for example if two clients connect to the server then they need to be isolated?
<rbasak> Or was that a v8 issue?
<jamespage> erm maybe
<rbasak> mwhudson might now maybe?
<jamespage> there is certainly a problem with out-of-memory behaviour in newer v8 versions that do support things like arm64
<jamespage> coreycb, zul: I extended coreycb's original MIR with the rest of the xstatic packages that are in archive - https://bugs.launchpad.net/ubuntu/+source/python-xstatic-jquery-ui
<zul> jamespage: cool the packages have the server team subscribed to them right?
<zul> good morning btw
<jamespage> zul, not yet
<jamespage> zul, I got fed up of using LPweb ui
<jamespage> so was going to write a script
<zul> jamespage: ackles
<coreycb> jamespage, thanks
<hydrajump> hi I'm configuring some ubuntu servers for web servers and a best practice is to create a new user to run the web app, e.g. node.js in my case.
<hydrajump> googling for the correct secure way to do this I've seen this: useradd -d / -M -U -c "nodejs user" -s /usr/sbin/nologin node
<hydrajump> or doing something like this: groupadd -r node; useradd --create-home --gid node unprivilegeduser
<pmatulis> hydrajump: what's the problem?
<hydrajump> pmatulis: just want feedback/advice on how to create that "web" user sensibly.
<hydrajump> I'm googling the options and info as well
<hydrajump> seems that useradd is low-level  and adduser is suggested way to do it
<pmatulis> hydrajump: i've never heard of best practices for the creation of a user.  adduser is a frontend to useradd.  the latter can be used for more customized setup
<Odd_Bloke> I would recommend using adduser.
<pmatulis> hydrajump: if you do this you will see useradd being invoked (grep useradd adduser.strace):
<pmatulis> $ sudo strace -f -o adduser.strace adduser john
<pmatulis> 11345 execve("/usr/sbin/useradd", ["/usr/sbin/useradd", "-d", "/home/john", "-g", "john", "-s", "/bin/bash", "-u", "1001", "john"], [/* 17 vars */]) = 0
<hydrajump> pmatulis: ok so this "useradd -d / -M -U -c "nodejs user" -s /usr/sbin/nologin node" from the man pages will create a user called node in group node who can't login, homedirectory will not be created but set to /
<pmatulis> hydrajump: i'm not here to confirm man pages
<pmatulis> hydrajump: test out your understanding.  if you have a problem then come back here and ask about it
<hydrajump> cool no worries.
<jrwren_> hydrajump: why not run nodejs as www-data?
<hydrajump> jrwren_: no idea. I don't know node. My task is to setup the servers for node or in this case I'm using docker containers. I've been googling best practices for deploying node in production and came across examples creating a new "node" user and putting the node app in /var/www/my-app.
<hydrajump> is www-data an existing user on ubuntu for this purpose?
<jrwren_> hydrajump: i don't know much about docker, but given each docker container only runs 1 process, I'd run everything as root ;)
<jrwren_> hydrajump: www-data is the web user. apache runs as it.
<jrwren_> hydrajump: the only reason you might want to isolate www-data from your web app is if you have other web resource which you want to isolate from your nodejs app. e.g. nodejs app should not be able to modify a static web page being served by apache.
<hydrajump> jrwren_: I've learnt enough docker this weekend to say that's a very bad idea and not recommended.
<jrwren_> hydrajump: i don't understand. why? is it not only 1 process? protection from when a remote vulnerability is found? Can you link me?
<hydrajump> jrwren_: a docker container running root is no different than running root on the host.
<hydrajump> jrwren_: root in docker is not a "special" case of root. best practice is to treat containers with regards to permissions and security no different than without containers.
<jrwren_> hydrajump: cgrouped root should be more limited. the container jail should make the guest root user very different from host root user. if that is not the case... *ugh*
<jrwren_> hydrajump: wow. that is pretty terrible.
<jrwren_> hydrajump: so.. its not a container.
<hydrajump> jrwren_: I'm just sharing what I've learnt and in my discussions on #docker. Best practice always have USER in your dockerfiles
<jrwren_> hydrajump: good to know. thanks for the information.
<smoser> hallyn, 'lxc-start -n foo'
<smoser> that should block until foo stops. right ?
<jdstrand> jrwren_: "container" is a bit of a misnomer if you are talking about security. when container technologies like docker and LXC are used with an LSM like apparmor or selinux (among other things), things are a lot better. you still have the kernel syscall interface and don't have a hypervisor to protect untrusted guests, so one has to consider the problem space
<jrwren_> jdstrand: I thought this was the point of the cgroups interface.
<jdstrand> cgroups limit resources, not access to files or the syscall interface
<jrwren_> jdstrand: huh, looks like i was misunderstanding.
<jdstrand> containers are great for a lot of things. they are not a wholesale replacement for VMs, etc. it depends on ones needs
<hallyn> smoser: 'lxc-start -n foo' in recent lxc will start backgronded,
<patdk-wk> nothing can help you against someone hacking the kernel
<hallyn> so you need a lxc-start -F to make it block
<hallyn> smoser: or, just 'lxc-start -n foo -d; lxc-wait -n foo -s RUNNING; lxc-wait -n foo -s STOPPED'
<smoser> :(
<smoser> that seems like a backwards incompatible change.
<jrwren_> jdstrand: i must be thinking of something else, like this: https://lwn.net/Articles/515034/
<hallyn> smoser: it is
<hallyn> stgraber: ^ smoser doesn't like the lxc-start default change to running backgrounded :)
<smoser> i think if people have scripts (like I did) built ont he expectation that 'lxc-start' runs the container until it shuts down
<smoser> then those scripts will be broken.
<hallyn> smoser: we're not going to change that in utopic for certain;  and i thought fo rawhile we were gong to just leave lxc-start -n foo run foregrounded, but i don't want anyone new to depend on it
<smoser> thats the thing about interfaces...
<hallyn> agreed.  we'd considered wiatng for the new lxc command to give that behavior.
<stgraber> well, LXC never guaranteed the command line behavior to be compatible between versions and indeed it never has been. If you need something stable, use the API :)
<stgraber> however realistically most people have been using lxc-start with -d and -d is still accepted in current git master (basically ignored)
<stgraber> and the new -F argument has been backported to LXC 1.0 so that people can use it consistantly with both old and new versions
<hallyn> lxc never guaranteed - but that won't keep a bunc hof users from getting really pissed when their infrasctructure breaks
<stgraber> sure, though the amount of people actually using lxc-start without -d is pretty minimal. From the check I did against the Ubuntu archive, we only have one such case currently.
<jdstrand> jrwren_: that article applies. that article is talking about changes to libvirt for it to be a container technology that uses an LSM (in that particular case, selinux). work is ongoing. for example, upstream docker 1.2 can use either selinux or apparmor to help secure root containers. libvirt 1.2.8 in Ubuntu will utilize apparmor when using libvirt-lxc. LXC uses apparmor for its 'root' containers, but can also use the newer 'userns' capabilit
<smoser> stgraber, that change is not sruable
<smoser> for an example.
<hydrajump> jrwren_: no worries ;)
<stgraber> smoser: indeed and we have no plan to SRU it. The behavior change will happen with LXC 1.1, the only thing we'll SRU as part of the 1.0.x series is the support for -F so that people can build software working with both the LTS and current dev release
<smoser> well, thats my $0.02. its a backwards incompatible and unexpected change to a command line interface, and one that is not terribly necessary.
<hallyn> stgraber: smoser: agreed i can't imagine scripting lxc-start without -d.  i don't know why you'd do it
<hallyn> oh, to test cloud-init maybe
<smoser> do you think we should make 'ls' background by default ?
<smoser> or 'grep'.
<smoser> how about top
<hallyn> anyway my stance remains i like the new behavior better but am queasy about changing the default
<smoser> i'll shut up now.
<hallyn> smoser: your comparisons are not reasonable :)
<smoser> they're not unreasonable.
<smoser> those programs have blocked for as long as i've ever used them.
<smoser> same as 'lxc-start' has.
<hallyn> i do fear we'll (or our users will) regret it
<stgraber> hallyn: I can agree that 1.1 isn't the best time for it, we should have done it with 1.0 really but it's still worth doing because options are really meant to be options, not something you pass every single time
<hallyn> scripts may almost alwyas use -d, but i personally almost never do
<hallyn> so it's not "something i pass every time".  in fact -F will become that
<hallyn> it's an option, exactly an option
<hallyn> as for woes with the lxc command line, we have far greater ones :)
<hallyn> i.e. "-n"
<smoser> :)
<stgraber> hmm, ok, not sure how you can stand working from a straight lxc-start but ok (I tend to be annoyed by various messages coming through /dev/console and by some of the odd console behavior) :)
<stgraber> even before we had lxc-attach working I'd pretty much exclusively stick to lxc-start -n blah -d + lxc-console
<smoser> humans can be told "change your behavior"
<smoser> its harder to tell programs that.
<hallyn> other than tmux splitting not working well, i've not had console issues since dwight reworked the sigwinch support
<smoser> well, without having people find out that their programs are broken and their $*#( no longer works.
<hallyn> smoser: still for scripting lxc-start -d + lxc-wait is much more reliable
<hallyn> maybe we should have /etc/lxc/lxc.conf have an option :)
<hallyn> "default-foreground"
<hallyn> (i say "yuck" as the one who'd probably have toimplement it)
<stgraber> if that gives us a proper parser for lxc.conf, sure ;)
<smb> hallyn, darn you. it would have been too nice if you could have told me you plan another libvirt merge when I complained about the current one again dropping my xen patches :-P
<hallyn> smb: d'oh.  we've been talking about it for weeks!
<hallyn> sorry
<hallyn> maybe intead of talking on irc we should have a m-l
<hallyn> or a ubuntu-libvirt channel at least
<hallyn> smb: does this mean you'll need to refresh patches?
<smb> Well back to the patches for me. yeah, let me see maybe those I just did for 1.2.6 still apply
<hallyn> smb: why are yo uneeding so many patches?  is upstream not taking them?
<smb> hallyn, one is about xend detection which probably we can unned in U+1 (and then rip out the old toolstack in xen completely)
<smb> The other two are about gfx device support. and yeah, one of them Jim Fehlig and I fail due to other things getting important
<hallyn> ok. fwiw.  it must have applied cleanly when zul did the initial merge :)
<smb> hallyn, no he dropped all of them when doing 1.2.6
<smb> not sure why
<hallyn> tsk tsk zul
<smb> part of reason I was whining yesterday in the server team meeting. ;)
<Kunzem1989> Hi everyone. (don't know if i can ask for help about my issue here ) I have been given a Ubuntu server 12.04 with two virtual pc running on it using virtualbox. I'm trying to log into these virtual machines which are owned by root. I think they have been setup on with console. is there a standard way of accessing them. I tried google but searching for "ubuntu server virtualbox login" and searches like that can meen alot of things.
<hallyn> smb: i was also waiting for this merge to reply about the merging with debian's apparmor
<hallyn> as of this package we're basically the same, minus a few new patches i should send.
<ikonia> Kunzem1989: the login will be set by the people who built them
<smb> hallyn, ah ok. Yeah.
<hallyn> i didn't want to break the packaging so i left our files under debian/apparmor, but they are the same as the ones shipped by upstream basically
<smb> hallyn, Oh, ok, including potential xen paths? Well I can check that when I look at what you jsut uploaded
<hallyn> so for U+1 we can drop our custom apparmor (or introduce any new delta using quilt patches, encouraging us to send them upstream too)
<hallyn> uh, i think so.  i wa slooking at the diffs of the files at any rate
<rbasak> jamespage: shall I sort this mysql-5.6 FTBFS on arm64 then, or are you doing it?
<hallyn> hm.
<smb> hallyn, I have a look and get back to you (though it might get tomorrow). Need to sort out whether and what I need in 1.2.8
<hallyn> smb: sadly the /usr/lib/xen* lines are still not in 1.2.8
<hallyn> (in examples/apparmor/urs.sbin.libvirtd)
<hallyn> once this settles we should simply send the deltas upstream
<smb> ok, so that would be what we need to submit upstream ... right
<RoyK> Kunzem1989: guess that'll be a #virtualbox question - basically, you'll do it either with bridging network configuration (which I would recommend) or with virtualbox' included port forwarding
<RoyK> Kunzem1989: also, I'd recommend KVM over virtualbox for server stuff - virtualbox has its nice things on the client side, but IMHO it's not as good as kvm for servers, and kvm comes well integrated with ubuntu
<StolenToast> huh
<StolenToast> when did my server acquire this '.5' after '12.04'?
<cfhowlett> StolenToast, you did a dist-upgrade.  check your logs.
<StolenToast> I was going to respond to him
<StolenToast> oh well
<StolenToast> I remember doing a dit-upgrade but I remember it failing due to low isk space
<sdeziel> StolenToast: base-files is the packages you upgraded
<StolenToast> what kinds of things does that include?
<sdeziel> StolenToast: https://lists.ubuntu.com/archives/ubuntu-announce/2014-August/000189.html => all I could find
<sdeziel> StolenToast: apparently nobody created the page https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/ChangeSummary/12.04.5 so it's hard to see what changed from the 12.04.4
<garbagegod> For new installations, is 14.04 recommended?
<garbagegod> Are there any big changes between 12.04 and 14.04?
<rbasak> Yes, and yes.
<rbasak> See https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes
<garbagegod> Just what I was looking for, thanks so much
<jsonperl> I'm going to refactor a game server I wrote to create a new process per "world", rather than the current persistent server we currently have
<jsonperl> My thoughts are that it would need to be new port everytime, and re-use ports as they become available
<jsonperl> Any thoughts on how you would do it?
<patdk-wk> heh?
<patdk-wk> tcp/udp ports?
<sarnold> jsonperl: the typical approach is to have a master server process that does the usual socket(), bind(), listen() dance and then in a loop accept() fork() and have the child handle the new connection..
<jsonperl> patdk-wk no udp, just tcp
<patdk-wk> sarnold, highly depends
<patdk-wk> if he is doing one port per world
<patdk-wk> and how his protocol works
<patdk-wk> if his client connects to a inventory servers, to lookup the port to connect, for the right world
<sarnold> of course, forking servers also fell out of favor a decade back as wasteful compared to e.g. libevent or libev or libuv based server designs..
<patdk-wk> or if he has a process that accepts connections, reads the world info, then forwards/handsoff to the right one
<jsonperl> patdk-wk it will handoff to the correct one IF the world is already running
<patdk-wk> but using libevent/libev is great, it requires good programming :)
<jsonperl> patdk-wk we can likely instruct the machine to have it loaded by the time the user gets there
<patdk-wk> sounds much like a php-fpm model then
<patdk-wk> one master process opens one port
<patdk-wk> then it just moves that socket to the client, once it's started
<patdk-wk> or just moves it, if it's already started
<patdk-wk> same for apache prefork mpm
<jsonperl> is putting this behind nginx or haproxy crazy for non-web traffic?
<patdk-wk> actually, that would be more, worker mpm wouldn't it?
<patdk-wk> nginx, likely, haproxy not so much
<jsonperl> so route the client based on some metadata via one external port
<jsonperl> through a reverse proxy
<jsonperl> can nginx handle LOADS of traffic?
<jsonperl> like 10-20Mb/s
<jsonperl> via many different connections
<sarnold> I suspect a decade-old machine could handle 20Mbps :)
<patdk-wk> a modern machine, should be able to easily handle 40-80gbit
<patdk-wk> a 10year old machine, around 4gbit or so
<patdk-wk> maybe 10gbit
<jsonperl> haha ok
<jsonperl> so here's my basic premise, i'd love you to shoot holes in this
<jsonperl> right now i have 8 processor cores (HT or otherwise)
<jsonperl> I have a single process that runs a game-server, it does not run accross cores
<jsonperl> i currently run a number of them (say 15 or so), some wind up using a lot of cpu, some very little
<jsonperl> and we distribute worlds / players to lessor used servers
<patdk-wk> solution is easy, just stop accepting connections, server load will go down, and you won't need to solve this problem :)
<jsonperl> i think we would be much better served allowing many servers, 1 per "world" and allow the OS to distribute amongst it's available cores
<jsonperl> since it's like... smart at that
<jsonperl> patdk-wk haha
<sarnold> patdk-wk :)
<patdk-wk> but you just said you run one process per world
<patdk-wk> and many on the same server
<jsonperl> it's one process per SERVER, but many worlds
<patdk-wk> oh
<jsonperl> and a limited number on the server, pre-loaded and running always
<jsonperl> sorry machine
<sarnold> jsonperl: how many worlds? are any of the worlds more popular than others?
<jsonperl> a limited number per machine
<jsonperl> sarnold many many worlds, thousdands
<jsonperl> and some are very popular and stay up always
<jsonperl> and some are rarely used
<patdk-wk> you need to thread your process
<jsonperl> some are large some are small
<jsonperl> patdk-wk ABSOLUTELY agree
<patdk-wk> now likely you can thread per world
<jsonperl> but that is a whole other ball of wax
<patdk-wk> if you could thread lower than that, better
<patdk-wk> well, you won't fix your problem, any other way
<patdk-wk> except if you run 1 world per server
<jsonperl> understood
<patdk-wk> and that is going be resource draining
<sarnold> dunno, more processes could do it, but I'd be leery of starting more than ~100 processes for this
<jsonperl> 1 world per server seems like a good interim solution
<patdk-wk> ya, till you get to thousands :)
<jsonperl> i suspect we won't need more than 100-200 processes per machine
<patdk-wk> that could be doable
<patdk-wk> just contextswitching will skyrocket
<jsonperl> at any one time we have at most 500 worlds running
<patdk-wk> threading will keep it down
<patdk-wk> but that really only matters with how many active worlds there are
<garbagegod> For those of you who manage different servers, how do you keep track of credentials and whatnot? In a txt file on your desktop? In a custom built webapp?
<jsonperl> so my premise is, a mutlithreaded server would be best, and runs many worlds
<jsonperl> but a better solution than fixed servers, with many worlds would be many servers with one world
<garbagegod> I was about to sit down and create a server information management app for my company and I wanted to consult you guys and see if there's an existing solution for that
<jsonperl> allowing the server to balance
<jsonperl> would you agree?
<patdk-wk> garbagegod, in a public github
<patdk-wk> jsonperl, yes
<jsonperl> patdk-wk :)
<garbagegod> patdk-wk: not a bad idea! I've been meaning to implement version control for a long time
<patdk-wk> multithreaded will work great, cause it won't be switching contexts all the time, like a one per server would be doing
<patdk-wk> garbagegod, keepass :)
<garbagegod> doesn't seem like a bad solution
<garbagegod> anything else?
<patdk-wk> keepass2? but it's a hacky windows port :)
<jsonperl> patdk-wk I understood very little when we wrote the game server years ago
<sarnold> :)
<jsonperl> and did it all with MRI ruby and custom c extensions... very pleasent to code but limited in scalability
<patdk-wk> I wouldn't expect you to switch to libev
<patdk-wk> threading is probably won't be too painful though
<patdk-wk> but to switch to libev, event based, will require a totally new design, and scratch write :)
<patdk-wk> and good understanding of state machines :)
<jsonperl> it's all heavily based on a reactor pattern currently
<jsonperl> ruby-eventmachine
<patdk-wk> ah
<sarnold> oh
<sarnold> then you're already using libev or similar behind the scenes
<jsonperl> it is libev i believe
<sarnold> neat stuff :)
<jsonperl> but multicore is a no go
<patdk-wk> ya, multicore with event is not a lot of fun
<jsonperl> i lied, eventmachine does NOT use libev
<jsonperl> it's essential a similar paradigm written for use with ruby (in C)
<sarnold> interesting, I wonder why they didn't use libev.
<patdk-wk> jsonperl, just remember to track your context switching :)
<patdk-wk> it would be very interesting to do a before and after graphs
<patdk-wk> comparing how much context switching increases your cpu usage
<jsonperl> even if it's a lot, i suspect the benefit of squeezing every inch out of each core will outweight the switching
<jsonperl> we have a LOT of spare cycles on a machine now, since basically one beastly server can max out a core
<jsonperl> patdk-wk also, how would i got about tracking the context switches?
<patdk-wk> cacti/munin/......
<patdk-wk> whatever your currently (hopefully) monitoring your servers with
<jsonperl> wrote some custom stuff
<jsonperl> pretty much just cpu/memory/process uptime
<patdk-wk> heh, install munin :)
<jsonperl> nothing seemed to be able to pull core statistics
<patdk-wk> core stats?
<jsonperl> everything was reporting cpu usage as a total
<jsonperl> like usage on core 3
<patdk-wk> that is easy to do
<jsonperl> munin is your fav?
<patdk-wk> ya
<patdk-wk> basically, you just throw in an additional monitor onto the servers
<patdk-wk> something like http://www.matija.si/system-administration/2014/04/01/a-munin-plugin-to-monitor-each-cpu-core-separately/
<jsonperl> hmm, will you look at that
<jsonperl> will do
<patdk-wk> or maybe http://munin-monitoring.org/browser/munin-contrib/plugins/system/cpu-usage-by-process
<jsonperl> every time i jump in this channel I discover weeks worth of work I HAVE to do
<jsonperl> haha
<mwhudson> rbasak: that bug title annoys me
#ubuntu-server 2014-09-18
<lordievader> Good morning.
<jamespage> coreycb, zul: bumped new versions of oslo.db and vmware into utopic for ceilometer
<kubblai> hi i have W: Failed to fetch http://gb.archive.ubuntu.com/ubuntu/dists/precise/Release.gpg  Connection failed [IP: 91.189.92.200 80] error on 12.04.5 server. I have tried rm -rf /var/lib/apt/lists/* with a clean but no luck
<kubblai> I have also tried removing the gb. from apt/sources.list
<jpds> kubblai: It says Connection failed.
<jpds> kubblai: Tried checking the connection between you and that IP?
<skataria> I need help, i have ubuntu 12.04 and openssl 1.0.1 but it's not support for TLSv 1.2 how i can i enable it with my server so i can enable with apache
<kubblai> jpds if i try with de or fr or gb it fails
<jpds> kubblai: Works for me.
<jpds> skataria: https://serverfault.com/questions/372943/ssl-tls-1-2-on-apache-with-openssl-1-0-1
<kubblai> jpds: i can wget the file but it retries 5 times with HTTP request sent, awaiting response... Read error (Connection reset by peer) in headers.
<kubblai> jpds: mtr shows no packetloss between my host and the ip 91.189.91.15
<skataria> thanks jpds let me check for that
<skataria> jpds: i don't understand that link as i checked supported version of my ssl server and it's showing Supported versions: SSLv3 TLSv1.0 TLSv1.1
<skataria> it's not showing TLSV1.2 then how can i add it
<kubblai> ah jpds there is an issue with my wireless i believe, I'm getting loads of DUP!'s when pinging that host
<jpds> skataria: Change the config as the link suggests?
<jamespage> zul, also fixed tooz - the problem was the git generated orig.tar.gz
<jamespage> switching to the actual upstream release tarball makes everything just work
<jamespage> zul, working on re-enabling the neutron test suite
<Vladimir_> I have set a script that execute a timestamp script every 10 minutes, it adds a time/date for all the files that has changed during the past 10 minutes, the problem is it adds timestamps to files that has already got its timestamp, so it just adds over and over again :/
<zul> jamespage: im going to update oslo depdenencies this morning
<coreycb> jamespage, zul: I'm looking at the python-glance-store test failures
<coreycb> jamespage, zul: looks like several of the python-xstatic syncs haven't happened yet
<jamespage> coreycb, re xstatic yes that is the case
<jamespage> zul, did you see I updated db and vmware?
<jamespage> and fixed up tooz
<jamespage> zul, we also need a MIR for oslo.serialization
<zul> jamespage: yep going to do that today
<jamespage> zul, three neutron failures - something is racey
 * jamespage digs some more
<zul> jamespage: surprised?
<jamespage> zul, no
<jamespage> they pass individually
<rrittenhouse> If I dd a drive from an ubuntu server (with one nic, eth0) why does it register as eth1 or eth2 in some cases? Is there a quick fix or script to run to have it re-detect the drives like it does on a normal install? Thanks.
<smb> hallyn, I got the patches I care about back on top of libvirt 1.2.8. Do you want to peek at things or shall I just push the upload?
<zul> jamespage: yeah i did see you did the updates as well
<jamespage> zul, awesome
<zul> jamespage: im going to update oslo.messaging
<jamespage> zul, having a distro day today - charms tomorrow
<jamespage> zul, +1
<zul> jamespage: i usually do 50/50...most days
<jamespage> zul, I didn't bump to the very latest of things
<jamespage> just to the minimum requirement
<zul> ok
<jamespage> zul, oh - we might need to bump eventlet as well - I've avoided it so far
<zul> jamespage: ok ill do that this morning
<jamespage> zul, lets check first
<jamespage> zul, zigo has a new version in experimental - the very latest oslo.vmware wanted it but the previous release was OK
<zul> jamespage: ok
<zul> jamespage: dhellman is also cutting the final oslo libraries today, mostly just version bumps though
<jamespage> zul, ack - eventlet bug - https://bugs.launchpad.net/ironic/+bug/1321787
<uvirtbot> Launchpad bug 1321787 in python-eventlet "Paramiko does not properly work with eventlet concurrency" [Undecided,Confirmed]
<jamespage> zul, awesome
<jamespage> zul, let me know if you need to pickup anything
<jamespage> zul, fyi I've been reviewing minimum requirements and updating d/controls'
<zul> jamespage: sure
<jamespage> ceilometer done and uploaded, neutron still working on tests
<zul> jamespage: i have a charm question for n-c-f later though
<zul> jamespage: im going to make sure we have the latest clients as well
<zul> jamespage: i dont know if you saw this but rather than patching out requirements.txt i been adding depdencies to pydist-overrides so that they dont get installed so we carry less packages
<zul> patches
<jamespage> zul, that does not always work depending on how things are loaded
<jamespage> stevedore can error with that
<jamespage> it parses requirements and explodes....
<zul> doh
<zul> jamespage: well it was websockify and rtlsib i think
<hallyn> smb: are they just re-writes of xen patches whcich were ther epreviously?
<hallyn> smb: if so, then just push.  if new, then i'll take a look
<smb> hallyn, no, just rewrite/adds
<smb> ok, I will push them
<hallyn> smb: thx
<zul> jamespage/coreycb: just updated python-novaclient, python-glanceclient, python-swiftclient, python-cinderclient, python-keystoneclient, python-neutronclient, if there is no major bugs between now and release these are the versions we are gonig with
<jamespage> zul, so we probably need keepalived dependency for the neutron l3 agent
 * koolhead17 looks around
<zul> in neutron or neutronclient?
<jamespage> zul, neutron - but the feature is not inb3
<jamespage> grrr
<jamespage> anyway - I'll leave that for now
<zul> jamespage: lovely
<zul> jamespage: saw this as well https://review.openstack.org/#/c/121509/
<jamespage> zul, meh - thats a bugfix - no objection to that.
<zul> jamespage: apparently you have to wait for 1.0.4
<zul> jamespage: final oslo.messaging uploaded, oslo.serialiazation MIR is (#1371163)
<jamespage> zul, awesome
<jamespage> zul, cinder/barbicanclient?
<jamespage> just revising versioned depends and noticed that one
<zul> jamespage: right
<zul> jamespage: 1371171 for barbicanclient
<jamespage> bug 1371171
<uvirtbot> Launchpad bug 1371171 in python-barbicanclient "[MIR] python-barbicanclient" [High,New] https://launchpad.net/bugs/1371171
<jamespage> zul, tidying cinder right now btw
<jamespage> versioning checking etc...
<zul> jamespage: cool just doing the final oslo namespace stuff
<zul> jamespage: olso.config, oslo.db, olso.messaging have been updated so far
<zul> jamespage,: a newer oslo.db might fix the database races in neutron tests
<jamespage> zul, might do - lets see
<zul> jamespage: yep
<jamespage> zul, I hit the button of despair a few times to get it to go through
<zul> jamespage: lol
<zul> coreycb,done
<zul> jamespage/coreycb: we should be good for oslo dependencies for juno now
<coreycb> zul, nice
<jamespage> zul, awesome
<jdstrand> hallyn: hey, what do you use to create a container for use with libvirt-lxc?
<hallyn> jdstrand: https://wiki.ubuntu.com/SergeHallyn_libvirtlxc
<hallyn> substitute utopic for oneiric :)  but still works
<jdstrand> rocking
<jdstrand> thanks
<jdstrand> hallyn: I'm not seeing that the container started under apparmor. is that enabled in 1.2.8-0ubuntu2?
<hallyn> jdstrand: should be.  did /etc/libvirt/lxc.conf get installed for you from the new package ?
<hallyn> should have security_driver = "apparmor"
<jdstrand> yes
<jdstrand> I wonder if I need to restart libvirtd
<hallyn> huh.  definately was working in my test vms.  I assume you have /etc/apparmor.d/libvirt/TEMPLATE.lcx
<jdstrand> cause I installed it, then installed lxc
<jdstrand> well, no
<jdstrand> I started a container
<hallyn> no that shouldn't need that
<jdstrand> I do
<jdstrand> wow, that is a pretty open rofile
<hallyn> ?
<jdstrand> "file,"
<jdstrand> /etc/apparmor.d/libvirt/TEMPLATE.lxc
<hallyn> hm, yeah.  that came from upstream.  might wanna tighten that down at some point
<hallyn> but still, that will at least prevent cases where containers change your root disk to ro :)
<jdstrand> that, lxc and docker.io should really have very similar profiles
<jdstrand> anyhoo
<jdstrand> virsh -c lxc:// capabilities|grep -C1 secmodel
<jdstrand>     <secmodel>
<jdstrand>       <model>none</model>
<jdstrand>       <doi>0</doi>
<jdstrand>     </secmodel>
<hallyn> yeah, and both it and docker.io have ripped parts out of the lxc one :)  then opened it up
<hallyn> serge@sl:~$ virsh -c lxc:/// capabilities | grep -C1 secmodel
<hallyn>     </topology>
<hallyn>     <secmodel>
<hallyn>       <model>apparmor</model>
<hallyn>       <doi>0</doi>
<hallyn>     </secmodel>
<hallyn>   </host>
<hallyn> you've got /etc/apparmor.d/abstractions/libvirt/libvirt-lxc ?
<hallyn> I don't know why you're getting htat.  weird.
<jdstrand> oh, libvirt doesn't have its profile loaded
<jdstrand> ok, that fixed it
<jdstrand> hallyn: ^
<jdstrand> that was almost certainly my fault
<hallyn> how could that happen?
<jdstrand> unloading it manually
<jdstrand> I was playing around with the profile
<jdstrand> I clearly made a mistake :)
<jdstrand> hallyn: oh, I bet it was qrt that unloaded it
<jdstrand> anyhoo, it is working
<hallyn> hm, that reminds me, did i ever send the patch to the m-l to allow the apparmor security driver to be missing?  Probably not...
<jdstrand> idr
<jdstrand> hallyn: fyi, I'll be uploading ubuntu4 for a small apparmor change
<hallyn> make that 5
<hallyn> jdstrand: ^
<hallyn> i've got a feeling this is gonna be touch-n-go for the next week :(
<jdstrand> hallyn: launchpad is only showing ubuntu3
<hallyn>  oh, right you are!
<hallyn> that was qemu.  nm
<jdstrand> ok, so I am free to upload ubuntu4?
<jdstrand> hallyn: ^
<hallyn> jdstrand: yes  :)  thx
<hallyn> what are you changing?
<jdstrand> add 'network netlink,' to usr.sin.libvirtd
<jdstrand> sbin*
<jdstrand> it is needed for the kernel pull request that will be hitting the kt list later today
<jdstrand> it was supposed to by in my ubuntu6 upload from before, but I missed it
<fridaynext> if i'm sending mail from domain1.com's website, but the 'from' address is from domain2.com, do I need dkim for domain2 in domain1's dns records?
<shauno> fridaynext: no; if domain1 could do that, so could randomspammer.ru.  the from address is canonical - only domain2 needs the record
<fridaynext> shauno: it's just weird, b/c I have dkim set properly for domain2.com - which is where the mail's being sent from - but the test show dkim is not working properly when sent from domain1.com's wordpress site.
<shauno> is domain1 signing anything?
<fridaynext> I have it set up in my keytable, but i'm not sending anything from that domain.
<fridaynext> like, nothing from example@domain1.com is being sent - but i do have an opendkim keytable entry for that domain
<shauno> I mean is it signing stuff on behalf of domain2
<fridaynext> It appears to not be.
<fridaynext> when i send an email to brandonchecketts test DIRECTLY from domain2, it shows the dkim sig
<fridaynext> but when i send 'from' that same email address, but via the domain2.com wordpress site's mailpoet plugin, the dkim sig does NOT show.
<fridaynext> domain1 is using google apps for email
<shauno> so that'll be where it's failing; not that it can't find the pubkey (so dns isn't an issue yet), but that there's no signature to even check
<fridaynext> shauno: how do I fix that?
<shauno> I'd assume you'll need the wordpress install to use domain2 as a mail relay (since the chances of getting google to install your dkim key is .. low)
<fridaynext> I'm using google's dkim on domain1
<fridaynext> well, there's this: https://wordpress.org/plugins/easy-wp-smtp/
<fridaynext> I think Google limits the number of emails you can send at a time, but this site is not super highly trafficked, so I'm guessing that won't be an issue
<fridaynext> only about 40 regular customers
<fridaynext> Should I remove domain1's domainkey generated on my server, since I'm now using Google's?
<shauno> I'm re-reading trying to keep track of what's sending from where  heh
<fridaynext> so friday-next.com is where email comes from
<fridaynext> i have that set up with google apps
<fridaynext> and i have added google's dkim as a TXT record for friday-next in my DNS settings
<fridaynext> before I switched to google apps, i generated my own domainkey for my postfix/dovecot server, and put that domainkey as a TXT record
<fridaynext> should I delete that home-grown domainkey from my TXT records, since I don't really need it any more?
<shauno> I'm actually not sure what the result of having two conflicting pubkeys would be
<fridaynext> it doesn't seem to be using the old one, so i'm guessing it's not a problem, but i'm pretty sure i don't need it any more
<shauno> but I think the first thing would be to figure out why the signature isn't present in the mail wp sends?
<fridaynext> well with that "Easy WP SMTP" plugin, it'll just send via smtp, which will add the dkim sig.
<shauno> ah, okay.  so without it's just sending straight from that box rather than from google's mailservers (so no key)
<fridaynext> right. but it would still be nice to know why it's not signing, for my other clients with sites on my box
<shauno> then yes, I'd assume from there you just need the right pubkey published in the domain that matches the sender's address
<roaksoax> .1/win 8
#ubuntu-server 2014-09-19
<andybalaam> Hi All, I am trying to config postfix+spamassassin to filter incoming mail.  Mail gets filtered when I send, but not when I receive.  Any ideas?
<andybalaam> I have -o content_filter=spamassassin in master.cf, and a spamassassin line that pipes through spamc
<andybalaam> In the /var/mail.log I see messages being passed on to spamassassin when I send, but just status=sent (delivered to command: procmail -a "$EXTENSION") when I send
<ph0x> I have a server I run rutorrent on I also have a screen and speakers hooked up to it, and I run vlc and I use the http interface to interact with it, is ubuntu server for me?
<sarnold> if you want to configure your networking with /etc/network/interfaces it'll be fine; if you just want dhcp to work and not think much about networking, ubuntu desktop may be  a better fit. you can make one into the other by adding and removing packages of course..
<ph0x> thats what I assumed
<ph0x> thanks
<ph0x> I just want something stripped down
<ph0x> I just wanna boot right into openbox
<ph0x> it just downloads torrents then plays them
<ph0x> I had it working in debian but i upgraded and it broke init.d
<ph0x> and i cant figre it out
<ph0x> and i figure if im gonna reinstall might as well go with th ebetter support of ubuntu
<kieppie__> hi folks
<kieppie__> I've got an issue with a samba4 server randomly throwing off windows clients. full details here: http://ubuntuforums.org/showthread.php?t=2244650
<kieppie__> I'm seeing this in the logs around those times, NT_STATUS_NO_SUCH_USER , but also suspecting it could have something to do with routing or resolution, since it tends to switch log files between log.$IP & log.$HOSTNAME around those events
<kieppie__> is anyone oble to point me to a good, solid docco for a smb.conf for a fairly liberal samba server config - i.e. allow from LAN without any auth
<kieppie__> please?
<kieppie__> I'm a run out of ideas
<sarnold> kieppie__: it's been more than a decade since I last did samba.. but something feels odd about "obey pam" and "passdb backend = tdbsam" and "passwd program /usr/bin/passwd" and "pam passwd change" ..
<sarnold> kieppie__: the tdbsam bit feels like you're trying to use local-to-samba passwords but the pam bits and /usr/bin/passwd feel like trying to use the standard unix authentication bits
<sarnold> kieppie__: and moving bad-users to guests, and allowing guests, but still using users (am I right there?) feels like you'll wind up with users unable to edit their own files if they get their passwords wrong (again, am I right? :)
<kieppie__> hi sarnold - I got this box back 3 LTS's back. I don't deal with samba very often - kind of thing I set up & leave be - so I've not messed with this box or the config over the years. it's quite possible that a few mis-configs have crept into the setup over years.
<sarnold> kieppie__: makes sense
<kieppie__> All I need is a vanilla Samba4 host, serving up data to the local LAN - no auth. it sits in an isolated/dandbox environment, so security in this context it now something to be addressed - more stability, accesibility, integrity
<kieppie__> got a good guide?
<sarnold> the last time I tried doing samba I found "no auth' to be immensely difficult thing to do :(
<sarnold> it was complicated by multiple windows versions which had completely different expectations
<sarnold> you're "lucky" in that you don't have to deal with both win95 _and_ win2k at once but unlucky in that I think things are even worse now :(
<kieppie__> think they screwed the pooch on this one....
<kieppie__> pure w7 environ here
<sarnold> I think if I were building sometihng from scratch I'd aim for one username / password that's shared by all and known to all
<kieppie__> this box is on it's way out eventually & will auth against an AD host, but until then they just need basic & reliable functionality
<sarnold> kieppie__: well, this seems a bit simplistic compared to your current config, but might be worth a look: https://help.ubuntu.com/14.04/serverguide/samba-fileserver.html
<ph0x> I get hash sum mismatch
<ph0x> when running apt-get update
<ph0x> i think the servers messing up
<ph0x> m speeds drop down to 40 kbps at some point
<lordievader> Good morning.
<slyboots_> Morning
<slyboots_> Im curious, anyone tried adding Enlightment to a standard 14.04 install?  Added a repo but. I think its missing a ton of pre-reqs or something.  cant fiure out how to start the graphical enviro
<jamespage> coreycb, zul: I've fixed up all of the angular xstatic packages that where in proposed to a) use embedded assets and b) be the correct version number
<slyboots_> Anyone any idea?
<matty1234> Is it wise to install: iptables, psad, tripwire, mod_security, and artillery on one server? or does it overlap one another?
<jamespage> beisner, coreycb bug for ceph partition table problem - https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1371526
<uvirtbot> Launchpad bug 1371526 in ceph "ceph-disk-prepare command always fails; new partition table not avaliable until reboot" [Undecided,New]
<matty1234> ?
<ikonia> matty1234: same advice as #ubuntu
<fish_> hi!
<fish_> I'm trying to upgrade from precise to trusty and ran into issues with the new interface names: my 2nd interface is sometimes called em2 but sometimes eth1
<fish_> system is a dell poweredge r710
<fish_> looks like there were several issues with biosdevname but the should be all fixed by now.
<fish_> right now my 2nd interface is called eth1 but when I run `biosdevname -i eth1` it returns em2
<fish_> maybe I should just disable that renaming
<jamespage> smb, can you give me any pointer on bug 1371526
<uvirtbot> Launchpad bug 1371526 in linux "ceph-disk-prepare command always fails; new partition table not avaliable until reboot" [Undecided,Incomplete] https://launchpad.net/bugs/1371526
<jamespage> ?
<smb> jamespage, Give me a sec to read
<jamespage> smb, ta
<smb> jamespage, It really seems like its somehow mounted and as if the unmount either fails or is not enough. Would you be able to give me access to the vm inn the just-after-boot state?
<jamespage> smb, I can
<zul> jamespage: sweet ill upload horizon this morning then
<jamespage> zul, most of the syncs are not done yet
<coreycb> jamespage, thanks!
<jamespage> coreycb, smb is looking something wonky is going on with re-using the ephemeral block storage after first boot
<jamespage> post reboot its all OK again
<coreycb> jamespage, ok, yeah that's odd
<smb> Really not sure why this happens. Odd is that according to dmesg vdb was mounted but at least /proc/partition shows vdb1/2 ... oh wait, jamespage is that the state after trying some of the ceph setup?
<jamespage> smb, I can give you a fresh on
<jamespage> e
<smb> jamespage, that would be good
<jamespage> smoser, not sure whether you might have any insight onto bug 1371526 that smb and I are looking at
<uvirtbot> Launchpad bug 1371526 in linux "ceph-disk-prepare command always fails; new partition table not avaliable until reboot" [Undecided,Incomplete] https://launchpad.net/bugs/1371526
<jamespage> smoser, the cloud-init formatted and mounted ephemeral device is being awkward on utopic
<RoyK> any idea how I can make cpu frequency monitoring work on an opteron (or xeon for that) with 12.04?
<RoyK> can't find any useful modules, and the cpufreq dir simply doesn't exist
<smb> RoyK, In theory it should just work. Might be disabled in the BIOS, though.
<RoyK> smb: well, it doesn't. these are all dell servers in production, so it really should be enabled and at the moment I can't take them down to see what's in bios
<dasjoe> RoyK: seems to work fine for me, this is a cat /proc/cpuinfo; cpufreq-info: http://paste.ubuntu.com/8379520/
<dasjoe> RoyK: Dell is known for doing some stuff with their BIOSes, like ignoring manually set speed settings
<RoyK> dasjoe: looks like that http://tech.tomgoren.com/archives/231
<RoyK> perhaps that should be rewritten to something like 'we don't know how to make powersaving systems, so we just disable that part'
<smoser> jamespage, "awkward" ?
<jamespage> smoser, unmounting the device results in the jbd2 process kicking around, so its impossible to update the partition table
<smoser> jamespage, i think unrelated to cloud-init. i'd need more information. where are you running this ?
<jamespage> smoser, serverstack
<smoser> and that would certainly seem like a kernel bug if unmounting a device does not release it.
<smoser> that should block
<jamespage> smoser, smb, so beta1 does not have this problem
<smb> jamespage, remind me where beta1 is on the time scale compared to the instance I looked at
<jamespage> smb, the image you are looking at was yesterdays daily
<smb> ok.the kernel certainly changed since then. smoser can you say whether cloud-init changed or not since then (like was it only the kernel or both)?
<slyboots_> So... am I correct in saying that vnc4server does not spport "Composit" extensions
<slyboots_> Composite even
<jamespage> smb, beta1 was on 3.16.0.10.11
<slyboots_> Im just wondering if Im just utterly wasting my time even trying to get this to work and it never will
<jamespage> smb, smoser: cloud-init was back one revision as well
<jamespage> 0.7.6~bzr992
<jamespage> smb, smoser: syncing more dailing history into ss so we can bisect this a bit
<smoser> jamespage, fwiw, i'm almost certain that cloud-init does not format /dev/vdb on serverstack
<smoser> it could ... it has the smarts to, but it would be a bug if it did. as the disk *should* come from openstack as already formated.
<jamespage> smoser, oh - I'd not realized that
<iclebyte> i need to set a static route to via a gateway on a different subnet, but I get the 'SIOCADDRT: No such process' error. I can reach the gateway via my default gateway however. Is there another way?
<jamespage> smoser, I think I'm misunderstanding --max and --keep in simplestreams sync
<jamespage> smoser, I expected --max=30 to sync in 30 dailies worth of history?
<smoser> max is the maximum number of product/versions it will keep for any product.
<smoser> ie, it only pays attention to the newest MAX versions in 14.04:amd64
<smoser> 'keep' is boolean
<smoser> whether it should keep things after they've fallen off the other end.
<jamespage> smoser, oh - so retain older data
<jamespage> smoser, that's nice
<smoser> so max=30, keep=false: keep up to 30 things, but if something disappears from the remote end dont keep it here.
<jamespage> smoser, but --max should sync down into an empty mirror 30 images for each stream right?
<smoser> max=30 keep=true: keep 30 of these things, i dont care what the other end does!
<jamespage> smoser, OK
<smoser> well, there are not 30 images to mirror.
<smoser> it can't magically create them :)
<jamespage> smoser, really?
<jamespage> oh
<smoser> we only keep probably 5 dailies.
<jamespage> smoser, OK - so by using --keep I'll ensure older dailies don't get deleted
<jamespage> locally that is
<jamespage> gotcha
<smoser> right. you'll have a uber mirror
<fish_> I'm upgrading from 12.04 to 14.04 right now and I'm stuck setting up bonding. I used this config (actually it's a template, but so imaging real values where {{ }} is: https://gist.github.com/discordianfish/b2f14bc2bf4231586062 <- is there any reason that doesn't work like that? on boot it waits but can't bring up the bonding but the individual interfaces look healthy
<ikonia> fish_: why are you setting up bonding as part of the upgrade
<ikonia> fish_: upgrade from as simple a point as possible (eg: no bonding) then configure how you want it
<fish_> ikonia: it's upgraded, now I want to setup bonding
<fish_> or rather reinstalled
<ikonia> ok, so then it has nothing to do with an upgrade
<ikonia> you just want to configure bonding on 14.04, correct ?
<smoser> jamespage, http://paste.ubuntu.com/8380029/
<smoser> just for reference
<fish_> right, I should have been more specific: I've upgraded from 12.04 to 14.04 and now my /etc/network/interfaces setting up bonding doesn't work anymore
<fish_> I used that bonding config on a different 12.04 system and it worked fine
<ikonia> what part of the process is failing
<fish_> ikonia: that would be the next question: can't find a way to restart networking to debug that. 'restart networking' doesn't touch the bonding interface
<ikonia> fish_: restart networking isn't a command
<fish_> on boot I see it trying to setup the interface and waits for 60s, then times out
<ikonia> fish_: is the bonding module loaded, that's a good start
<fish_> ikonia: sure it is /sbin/restart
<ikonia> fish_: yeah, no
<fish_> but it's super confusing to have all those ways to restart jobs
<fish_> restart <x>, service x restart, /etc/init.d/x restart, invoke-rc.d restart networking
<ikonia> fish_: service and init are the same thing, calling upstart
<fish_> ikonia: and yes the module is loaded
<ikonia> fish_: is the device created ?
<fish_> ikonia: so what is the right way to restart networking?
<ikonia> fish_: any method of interfacing with upstart is fine
<ikonia> fish_: is the device created ?
<fish_> /etc/init.d/networking restart just returns without setting anything up it seems
<fish_> ikonia: no
<ikonia> fish_: what is your bonded device called
<fish_> ikonia: int
<fish_> see the config
<ikonia> int ?
<fish_> that was working fine with 12.04, it set up a bonding interface called like that
<ikonia> fish_: you have no IP information in that config
<ikonia> fish_: what bond mode is this as you have no slaves defined ?
<fish_> ikonia: yes, it's a template. just assume ip info there
<rbasak> jpds: are you working on bug 1330504?
<uvirtbot> Launchpad bug 1330504 in strongswan "strongSwan 5.1.3" [High,Confirmed] https://launchpad.net/bugs/1330504
<fish_> ikonia: it's based on https://help.ubuntu.com/community/UbuntuBonding
<jpds> rbasak: Yep.
<rbasak> jpds: OK just checking it's not lost. Thanks.
<ikonia> fish_: and you've checked the dependencies, such as ifenslave ?
<jpds> rbasak: Part of my TODO for next week.
<fish_> ikonia: I tried several different ways to configure that. assining the interfaces not via bond-slaves on the bond section but in the section of the interfaces worked
<fish_> oh...
<fish_> looks like ifenslave is missing
<fish_> :)
<fish_> hrm, odd. my preseed file includes it
<fish_> well, lets reboot and see if it already fixed it
<fish_> (restarting networking in the current state didn't work. but well, can forgive that ;))
<fish_> ikonia: that fixed it.. shame on me for not checking that earlier
<fish_> thanks!
<fish_> but tbh, it pretty sucks that the networking scripts didn't tell me about that
<fish_> no error when restarting networking and no error on boot..
<fish_> and I need to figure out why it wasn't installed. I'm using 'd-i pkgsel/include string ... ifenslave' and that didn't install it
<jamespage> zul, coreycb: pyscss replaces lesscpy which allows us to move to online compression with a MIR
<zul> nifty
<brontosaurusrex> should apache break when upgrading to trusty?
<brontosaurusrex> and its configs
<lordievader> brontosaurusrex: If you go from 2.2 to 2.4 it might.
<brontosaurusrex> well, i have no clue what previous version was
<brontosaurusrex> now is 2.4.7
<lordievader> !info apache2 precise
<ubottu> apache2 (source: apache2): Apache HTTP Server metapackage. In component main, is optional. Version 2.2.22-1ubuntu1.7 (precise), package size 1 kB, installed size 29 kB
<lordievader> brontosaurusrex: http://httpd.apache.org/docs/2.4/upgrading.html
<brontosaurusrex> right, so there is absosmurfly no help from ubuntu-server on that uprade?
<brontosaurusrex> upgrade*
<zul> jamespage: you should be able to run a usermod in the debian postinst right? (thinking subuid stuff)
<Guest9588> hi all, is anyone able to help me debug a networking issue?
<lordievader> !ask | Guest9588
<ubottu> Guest9588: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Guest9588> I am able to resolve IP address and ping externally(google), but I can not ping or otherwise see any local machines from my ubuntu server
<lordievader> Guest9588: How have you setup your network interface?
<stinkycheesedude> Can anyone point me to resource that could help me understand how to set up DNS/Hostname on a server acting as a subdomain?  It was already set up as a development server so has a Hostname entry already.  I'd also need to set up sendmail to send through the main domain name... I'm just confused.  Usually do this on a single server...
<Guest9588> # The primary network interface
<Guest9588> auto eth0
<Guest9588> iface eth0 inet dhcp
<Guest9588> mtu 1492
<lordievader> !paste | Guest9588
<ubottu> Guest9588: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Guest9588> http://paste.ubuntu.com/8380646/
<dasjoe> Why did you manually set the MTU?
<Guest9588> I have tried with no mtu entry, and static as well
<lordievader> Guest9588: Could you pastebin the output of "ifconfig".
<Guest9588> Should i remove it now?
<Guest9588> Sure can, do you want all or just that interface?
<lordievader> Guest9588: All if possible.
<Guest9588> http://paste.ubuntu.com/8380668/
<lordievader> Guest9588: Looks good, what is the output of "ip route"?
<Guest9588> http://paste.ubuntu.com/8380680/
<RoyK> Guest9588: looks good as well. can you ping the gateway? (192.168.10.1)
<Guest9588> http://paste.ubuntu.com/8380734/
<Guest9588> That's the part that doesn't make sense to me, can ping the gateway, and i get the correct ip/dns resolution to the target box
<Guest9588> but no ping response (confirmed i do get a ping response from a windows box on the same network)
<lordievader> Guest9588: Do you run a firewall that prohibits connections to other machines on your network?
<Guest9588> ufw is currently disabled
<lordievader> Guest9588: Can those other machines see your machine?
<Guest9588> negative
<lordievader> Other machines can see other machines?
<Guest9588> http://paste.ubuntu.com/8380770/
<Guest9588> yes, other machines work as expected
<lordievader> Guest9588: How did you setup the virtual networking? I've seen implementations where the vm could not see the host and vice versa. Perhaps you have a similar problem.
<Guest9588> Are there any other firewalls besides ufw that need to get disabled?
<Guest9588> the problem box isn't the host vmserver though
<Guest9588> the problem box is "just" another physical box on the "real" network
<Guest9588> and the other real boxes can interact with the vms, and vice versa
<Guest9588> (just think its this box that has an issue :D )
<lordievader> Guest9588: Is the problem that the other physical boxes cannot contact the vm host, right?
<Guest9588> I unfortunatly don't have access to the windows box right now to double check the vmware vm network bridge setup
<Guest9588> negative
<lordievader> Guest9588: Then I fail to understand your explanation.
<Guest9588> The problem is all machines on the network can not interact with this problem box
<Guest9588> the problem box can interact with the gateway, and even resolves dns correctly
<RoyK> Guest9588: sounds like there's a firewall/filter somewhere
<Guest9588> but gets 100% packet loss when trying to "do anything"
<Guest9588> sudo iptables -L -n
<Guest9588> opps sorry :)
<Guest9588> http://paste.ubuntu.com/8380832/
<Guest9588> do i need to execute anything other than sudo ufw disable?
<elliotd123> arp must be working if you can interact with the gateway - are the arp tables populating correctly?
<Guest9588> I am not familiar with how to check, please
<RoyK> Guest9588: arp -an
<Guest9588> http://paste.ubuntu.com/8380890/
<elliotd123> check on both the problem host and the other hosts after a ping attempt to see if the arp table is updating.
<Guest9588> pinging .11 from that arp is successful from the problem box
<Guest9588> but how do i get the <incomplete>'s to update?
<elliotd123> well incomplete means that it sent an arp request and didn't get a reply
<tarpman> hi server folks. on a trusty web server, I'm seeing apache workers crashing several times an hour, apport reports being generated. stacktracetop varies but is always under zend_execute_scripts. any hints on figuring out what the requests causing it look like? nothing obvious in apache's error.log
<blkperl> tarpman: did you check /var/log/syslog or the dmesg command
<tarpman> blkperl: nothing interesting in either
<blkperl> tarpman: application logs?
<tarpman> blkperl: no app-specific logging; stderr is just going to apache's error.log, and there's nothing interesting there either outside of apache's notes about the workers segfaulting
<tarpman> blkperl: I have a couple of the coredumps open in gdb, wondering if I can dig request details out of the apache part of that... red herring?
<blkperl> theres probably a way to do that, I've never had to do it before
<RoyK> tarpman: anything in dmesg?
<tarpman> RoyK: nothing
<RoyK> tarpman: what sort of pages is it serving? php? static?
<tarpman> RoyK: a few things, mostly drupal and moodle. the stack traces all seem to refer to a couple of moodle scripts, mainly pluginfile.php
<tarpman> we have a bunch of moodle vhosts though, haven't figured out whether it's a particular one or all of them
<tarpman> moodle 2.2.10, fwiw
<smoser> jamespage, on that bug.
<smoser> you woudl think that i could reproduce the issue jsut by this:
<smoser>  sudo umount /dev/vdb; sudo mkfs.ext3 -F /dev/vdb
<smoser> right ?
<smoser> well, and now reading that bug, what i said might not be completely right.  if the /dev/vdb is an ephemeral device, then it shoudl already havea a filesystem on it.
<smoser> if its a cinder device, then on first attach it shoudl be zeros.
<smoser> cloud-init should not, i dont thikn create a filesystem on /dev/vdb just because it exists.
<smoser> you could post a cloud-init.log of that instance though to see if it did
<utlemming> smoser, jamespage: cloud-init should not create a file system on /dev/vdb unless either the datasource or the user requested it.
<smoser> right. https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1371526
<utlemming> smoser, jamespage: only the smartdc and Azure DS auto-create file systems.
<uvirtbot> Launchpad bug 1371526 in linux "ceph-disk-prepare command always fails; new partition table not avaliable until reboot" [Undecided,Incomplete]
<smoser> but it could have been going wrong there.
<smoser> the ceph-disk-prepare output there suggests that there was a GPT header on the disk.
<smoser> which there would not be on a ephemeral disk as given to it by openstack.
<smoser> as those are unpartitioned (mkfs.ext3 backing-file-for-vdb.img)
<RoyK> sergey___: bad internet connection?
<sergey___> RoyK: I have fiber channel, PC slept and woke
<RoyK> erm
<RoyK> fiberchannel for networking, not SAN?
<RoyK> fibrechannel, that is
<Jeeves_Moss> when setting up a SSL, do I specify the external IP or the internal IP (behind a NAT) in the config file?
<sergey___> RoyK: fiber channel internet connection(cable) directly to my PC
<RoyK> sergey___: probably not fibrechannel - probably just ethernet over fiber
<RoyK> sergey___: fibrechannel isn't ethernet - it's made for storage
<sergey___> Its not ethernet, I also have media converter that converts fiber to ethernet
<patdk-wk> if it's a media converter, it is DEFENTLY ethernet :)
<patdk-wk> ethernet != copper/cat(3567)/coax/...
<patdk-wk> ethernet is layer2, not layer1
<patdk-wk> Jeeves_Moss, what config file? for what purpose?
<Jeeves_Moss> patdk-wk, I have 4 sites that I would like to set up with SSL.  I have 4 global static IPs, and 4 internal IPs.  they are 1:1 NAT mapped.  So, I need to know in the SSL config file, do I specify the internal IP or the external IP
<patdk-wk> internal
<patdk-wk> that is the *binding* ip your are configuring
<patdk-wk> not an ssl thing
<Jeeves_Moss> patdk-wk, thanks.  that answers my question
<zeroNones> is there a standard average latency time for an ubuntu server serving static html files?
<zeroNones> I'm seeing 143MS seems high to me
<patdk-wk> heh?
<patdk-wk> zeroNones, define latency?
<patdk-wk> and what is a MS? million seconds?
<zeroNones> hi patdk-wk Im looking via safari and chrome tools and whats defined in there as latency in the timeline
<zeroNones> yap Milli seconds
<patdk-wk> you mean, milliseconds, NOT UPPERCASE
<zeroNones> :)
<zeroNones> correct
<sarnold> in a handful of "time wget http://localhost/debs/" requests using nginx I get 0.005 seconds as a usual response
<patdk-wk> how large is this *document*?
<sarnold> granted that's a directory listing rathre than loading static content, but it's not a huge directory.
<patdk-wk> wget hardly does any of the processing chrome does
<zeroNones> wow 0.005 thats awesome
<zeroNones> patdk-wk the doc is about 561kb
<patdk-wk> that is huge :)
<zeroNones> lol
<sarnold> patdk-wk: that's why I picked it :) he asked about the response time for serving static content. this isn't exactly static but not too bad as dynamic content goes :)
<zeroNones> big dreams
<patdk-wk> you do realize every single tcp packet takes like .130ms :)
<patdk-wk> atleast using gigabit
<patdk-wk> making a connection uses like 3 trips
<patdk-wk> sending headers, getting body, more trips
<patdk-wk> it adds up fast
<patdk-wk> and that assumes the document was CACHED in memory
<patdk-wk> normally the *best* I can get, from my house, to my servers a few hundred miles away, is 74ms
<sarnold> not bad :)
<zeroNones> thats still great
<patdk-wk> and assuming you tuned off ALL sleep/idle/cstate/pstates
<patdk-wk> and you disk doesn't idle/sleep
<zeroNones> patdk-wk can you tell me what you get from where you are?
<zeroNones> www.dikaio.com
<zeroNones> no disk is always
<zeroNones> this is on a hard refresh
<zeroNones> Im in Mexico right now
<zeroNones> the server is in SF
<patdk-wk> 185ms, it took 90ms for me to connect to the server
<patdk-wk> and 90ms to download the page
<zeroNones> the connection is what I would like to improve, is there tweaking on the server level I can do to help this?
<sarnold> real0m0.074s
<patdk-wk> yes, make your *internet* close to your users
<zeroNones> lol
<zeroNones> great
<zeroNones> thanks sarnold
<zeroNones> thanks patdk-wk
<zeroNones> you're talking load balancers :)
<patdk-wk> looks like the issue is, it's in ca :)
<patdk-wk> no
<patdk-wk> I'm talking physical location
<patdk-wk> it takes 60ms for me, on the east cost, to get to the west coast
<patdk-wk> nothing will EVER make that faster, except a wormhole
<patdk-wk> so if you move it to the east coast, it will be faster for me :)
<patdk-wk> but it will be slower for westcoast people
<zeroNones> load balancers would wouldnt they patdk-wk
<patdk-wk> no
<zeroNones> if a server is closer to you
<patdk-wk> cause I still have to GET to the loadbalancer
<patdk-wk> a CDN would be faster
<patdk-wk> cause I should go straight to the cdn, that is closest to me
<zeroNones> Im connected with a cdn but thats not the initial lookup
<zeroNones> ahh you're talking about serving the whole site via cdn
<sarnold> ip anycast may help
<zeroNones> would be nice
<patdk-wk> I dunno, that cdn is horrible slow, compared to direct to the site
<zeroNones> on it sarnold :)
<patdk-wk> well, ip anycast and/or dns geoip, all help you create a CDN :)
<patdk-wk> bad thing about anycasting, while it's great, you have to chew up 256 ip's on it
<zeroNones> you think my cdn is slow patdk-wk ?
<sarnold> patdk-wk: oh? I thought a pal of mine was pulling it off with something like 8 IPs...
<patdk-wk> yes, it's takes 400ms for me to get anything form it
<sarnold> patdk-wk: (which seemed too good to be true)
<patdk-wk> maybe using 8 ip's out of 256 :)
<sarnold> :)
<patdk-wk> you can only route a /24, so you have to *use ip* atleast 256 to do anycasting
<patdk-wk> use up :)
<patdk-wk> so hopefully you have lots of things you need to anycast, at the same locations :)
<jsonperl> Hello there! Who wants to play a game of "help jason look at strace output" => http://pastie.org/9576749
<patdk-wk> now, what he might do, is anycast his block, then forward all his *non-anycasted* ip back to one centeral location
<patdk-wk> ok, I looked
<jsonperl> that's a lot of clock_gettime
<patdk-wk> next problem
<zeroNones> had high hopes for maxcdn... feeling :(
<patdk-wk> why would one call gettime?
<zeroNones> :)
<jsonperl> that's a great question
<jsonperl> a better one is why call it 147726 times
<patdk-wk> zeroNones, well, it probably will help a lot, outside the usa
<patdk-wk> but inside, and your server is inside, heh, it's *fast enough* :)
<patdk-wk> jsonperl, no
<patdk-wk> first you need to know WHY you are calling it at all
<zeroNones> yeah no out-of-country clients to that site lol
<patdk-wk> then you can figure out WHY you don't need to call it so often :)
<jsonperl> lots and lots of timers involved... gameserver, generally driven by a "tick" every 1/8 of a second
<jsonperl> I'm guessing the timer functionality uses it internally
<patdk-wk> yes, but there are other solutions to that :)
<patdk-wk> like say, your in a loop
<jsonperl> It's eventmachine based, so we're relying on the framework internals
<patdk-wk> you get a request from a client
<patdk-wk> you process that request
<patdk-wk> you need to check the time 8 times to process it
<patdk-wk> you could have done the time check once, and reused it
<patdk-wk> or you could do it once, per loop check
<patdk-wk> instead of everytime in the code you wanted the time
<patdk-wk> you just need to find the ones that don't need 100% perfect time
<patdk-wk> or how much time is perfect enough
<patdk-wk> I would think in your case, likely, once per event, or even less
<jsonperl> a lot of things are driven based on time though
<jsonperl> like, persist the world every 1 minute (or whatever)
<patdk-wk> so?
<patdk-wk> why would you look up the time AT ALL for that
<jsonperl> I can definitely dig into how it works
<patdk-wk> everything I just said went completely over your head :)
<jsonperl> But from my end I just say "every minute, do a thing"
<jsonperl> basically yes (to over my head)
<patdk-wk> heh?
<patdk-wk> really, that is how it's coded?
<patdk-wk> what is the *actual* code for that look like?
<jsonperl> a good bit of it yes
<jsonperl> for the kinda automatic stuff
<jsonperl> i'll get you a line, hangon
<patdk-wk> normally it's sometime like, if(lasttime+60 < time()) { do thing; lasttime=time() }
<jsonperl> EM.add_periodic_timer(1.0)   { report_server_stats }
<patdk-wk> but if you change that do like, mytime=time();  if(lasttime+60<mytime) { do thing; lasttime=mytime; }
<patdk-wk> you just cut out 50% :)
<patdk-wk> so maybe it's not your code, your just using an EVIL class :)
<patdk-wk> check into why the EM class does this
<patdk-wk> fix it, or switch to something else :)
<jsonperl> ha, ok
<jsonperl> that seems awfully heavy on that call right?
<patdk-wk> from what you showed? dunno
<patdk-wk> it might be, it might be normal
<patdk-wk> it might be, that call, while high, is not using enough resources to care about :)
<jsonperl> So yea... just starting to profile this heavily
<jsonperl> rather than blindly fixing things that don't help
<patdk-wk> ya, that only shows system calls though
<patdk-wk> you need to also show internal calls
<patdk-wk> so you can see if the system calls are enough overhead vs your internal stuff
<jsonperl> right, starting high, movin low
<patdk-wk> to worry about
<jsonperl> also i've no idea what i'm doing
<jsonperl> (yet)
<jsonperl> what profiling tools would you use?
<jsonperl> was gonna head to gdb next
<openwrtnoob> Hello.
<openwrtnoob> I changed the file limits in /etc/security/limits.conf and enabled pam_limits.so in /etc/pam.d/su
<openwrtnoob> Do I need to reboot the server to enact the new open file limits for all users?
<RoyK> sergey___: firbrechannel is used to transport storage stuff
<sergey___> RoyK: https://en.wikipedia.org/wiki/Fibre_Channel and media converter like this http://www.nitek.net/images/1000icon.png
<patdk-wk> sergey, that *media* converter does not support fiberchannel, only ethernet
<patdk-wk> http://en.wikipedia.org/wiki/Gigabit_Ethernet#1000BASE-SX
<patdk-wk> or it might be 1000BASE-LX
<patdk-wk> "All converters are fully compliant with the IEEE 802.3 and 802.3u Fast Ethernet standards" != fiberchannel
<patdk-wk> http://www.nitek.net/products/fiber-media-converters/multi-mode-gigabit.html
<sergey___> Dont really get what is the difference. Its optic cable not usual ethernet cable
<Patrickdk> the difference is, ethernet is NOT a cable, it's a protocol
<Patrickdk> it doesn't matter if it is on copper, twisted pair, optical, wireless, or whatever else
<Patrickdk> it's like saying, My harddrive is ext4, it's not, that is just how your using it
<Patrickdk> it could be *formatted* however you wish
<Patrickdk> your *formatted* your fiber opticals to ethernet, not to fiberchannel protocol
<Patrickdk> if you really did have fiberchannel gear, you would know, caus it just wouldn't work :)
<ph0x> I need serious help with wpa_supplicant
<ph0x> anyone where?
<Patrickdk> likely get better help in #ubuntu
<Patrickdk> not sure exactly how many people run wireless on their servers
#ubuntu-server 2014-09-20
<halvors1> Hi!
<halvors1> I have a setup with BIND9 and DHCPD and i'm trying to update reverse dns records from dhcp.
<halvors1> But i get the following error on the DNS server: client 192.168.0.118#48065/key rndc-key: updating zone '10.IN-ADDR.ARPA/IN': update failed: not authoritative for update zone (NOTAUTH)
<halvors1> And on the dhcp server: Unable to add reverse map from 135.40.0.10.in-addr.arpa to halvors02.crew.infected.no.: not found
<halvors1> I have no idea why this doesn't work.
<sarnold> why is a client on 192.168.x.x updating a record for 10.x.x.x?
<halvors1> 192.168.0.118 is the DHCP server and 192.168.0.116 is the DNS server. They just have communication via another network.
<halvors1> And 10.x.x.x because dhcp relay :)
<sarnold> okay, so something expected :)
<halvors1> But i don't fully understand the NOAUTH.
<teward> your bind9 server isn't set as authoritative for that zone
<halvors1> Does it mean my rndc-key is bad? I've checked and it is excactly the same configuration as the forward zone.
<halvors1> teward: How do i set it authorative?
<sarnold> halvors1: this guide makes me think you can make it authoritative by adding "recursion no;
<sarnold> "
<sarnold> https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-an-authoritative-only-dns-server-on-ubuntu-14-04
<halvors1> sarnold: I don't get the: client 192.168.0.118#48065/key rndc-key: updating zone '10.IN-ADDR.ARPA/IN': update failed: not authoritative for update zone (NOTAUTH)
<halvors1> Anymore, but i still get the: Unable to add reverse map from 135.40.0.10.in-addr.arpa to halvors02.crew.infected.no.: not found
<halvors1> error
<halvors1> What confuses me the most is the not found message reported by the dhcp server.
<sarnold> halvors1: ooh, this looks useful: http://community.spiceworks.com/topic/174078-isc-dhcp-and-bind-doing-ddns
<sarnold> halvors1: looks like you need to add another zone nnn.nnn.nnn.nn.in-addr.arpa { } block to your dhcpd config
<halvors1> I have that zone in dhcpd already.
<sarnold> do you need to reload the server to know about it? (sorry, but I've gotta ask :)
<halvors1> huh? Of course i reloaded both bind and isc-dhcp-server
<halvors1> :)
<halvors1> Here is a dump of my dhcpd.conf file: http://pastebin.com/G6RKKNNr
<sarnold> halvors1: hmm, looks rndc-key is still in the paste
<halvors1> yep :P
<halvors1> But it's just a lan dns server ;)
<halvors1> hmm.
<sarnold> halvors1: sorry, I'm not spotting it :(
<halvors1> Basiclly it seems like the issue is that somehow bind is complaining about that zone doesn't exist...
<halvors1> But cannot figure out why...
<sarnold> halvors1: but the error is coming from dhcpd, right?
<halvors1> yes
<sarnold> halvors1: you could ltrace the thing, you might get lucky..
<halvors1> I've tried manually with nsupdate
<halvors1> http://pastebin.com/7M70ybeh
<halvors1> ltrace?
<sarnold> ltrace is like strace, but shows (some, but not all) function calls
<halvors1> Here is my zone from bind btw: http://pastebin.com/6YSyQwv0
<halvors1> Seems ok, right?
<sarnold> halvors1: is that leading "0." alright?
<halvors1> Is it just zone "40.0.10.in-addr.arpa" { you mean?
<halvors1> Keep in mind that this is bind configuration not dhcpd.
<sarnold> halvors1: yea, I just don't know bind all so well :)
<halvors1> hmm.
<halvors1> The zero seems to be correct.
<sarnold> okay
<halvors1> sarnold: hmm. I'm gonna need to continue looking at this tomorrow :) Thanks for help so far ;)
<sarnold> halvors1: good luck :) I'd be curious to hear what it is when you find it
<Patrickdk> :)
<Patrickdk> the last time I used bind and dynamic updates like like 10years ago
<Patrickdk> the zero is not correct :)
<Patrickdk> the 0 would be a dns record (ptr) within the zone
<Patrickdk> not the whole zone
<halvors1> hmm.
<halvors1> Are you sure?
<Patrickdk> well, I haven't used bind since like 2005
<Patrickdk> but I have been serving up zone entries since 1998
<sarnold> this looks like no zero .. http://www.zytrax.com/books/dns/ch3/
<Patrickdk> http://www.philchen.com/2007/04/04/configuring-reverse-dns
<sarnold> Patrickdk: hrm, that includes the 0 :)
<Patrickdk> no it doesn't
<sarnold> zone "0.168.192.in-addr.arpa" IN {
<sarnold> oh
<Patrickdk> 3 places
<sarnold> sigh
<Patrickdk> not 4 :)
<sarnold> me fail reading
<sarnold> that's unpossible!
<Patrickdk> :)
<Patrickdk> wait till you start learning about sub/24 ptr forwarding :)
<Patrickdk> like when an isp needs to give you reverse for a smaller than /24 block :)
<Patrickdk> or for that matter, anything not on a Class A/B/C boundry
<halvors1> :)
<halvors1> It is /24 subnets i'm gonna provide reverse dns for :)
<Patrickdk> no, the end person, doesn't matter :)
<Patrickdk> it can be *too* large, without sideeffects
<Patrickdk> it's when you have to correctly forward that info, it gets interesting
<Patrickdk> enough they wrote rfc's for it :)
<halvors1> Ah, excellent.
<halvors1> Now got it actually working over here :D
<halvors1> Thank you very much all of you :)
<halvors1> The problem was the 0.
<sarnold> Patrickdk: nice :)
<halvors1> My zone in bind now looks like: http://pastebin.com/yrvB0sRW
<halvors1> agh, have to remember that for future installations :)
<Patrickdk> hmm, I wonder if I can ban more ips now :)
<Patrickdk> http://www.inmotionhosting.com/support/news/general/wp-login-brute-force-attack
<Patrickdk> been having that *issue*
<Patrickdk> not enough to really even be noticable
<Patrickdk> but well, bruteforcing shouldn't be allowed
<halvors1> YEah :)
<sarnold> Patrickdk: heh, crazy, they don't include firewalling :/
<Patrickdk> wouldn't that block the ability for people to use wordpress then? :)
<Patrickdk> heh, makes me really happy though that I'm on debian/ubuntu
<Patrickdk> apparmor is so much useable than selinux to lock down this crap
<sarnold> Patrickdk: dropping packets from login-bruteforcers is unlikely to upset too many legitimate users :)
<Patrickdk> sarnold, tell that to my users :)
<Patrickdk> I had it dropping packets after 10 logins per minute
<sarnold> Patrickdk: oh they try to log in as admin a few hundred times without the right passwords? :) hehe
<Patrickdk> I dunno why users where hitting up the login page so often :)
<sarnold> haha
<Patrickdk> the other part that annoys me :)
<Patrickdk> is the wordpress ajax script
<Patrickdk> *NORMAL* users hit that up like 3 times a second
<Patrickdk> that totally triggers all my anti-dos protection
<sarnold> wow..
<Patrickdk> where anti-dos is set for, same url, same ip, loads same thing, >100 times in 5min
<Patrickdk> sounds reasonable? :)
<sarnold> yup :)
<punkgeek> how to install ssl on ubuntu?
<punkgeek> ListenAddress 192.168.1.2, 192.168.1.3 is it true in sshd_config ?
<funman___> hi folks
<funman___> who used those?
<funman___> http://www.soyoustart.com/us/essential-servers/
<funman___> ??
<Patrickdk> only you
<funman___> ??////??/
<funman___> oki
<funman___> Patrickdk: which one do u use?
<Patrickdk> my own?
<funman___> how?
<funman___> its cost alot to colo
<Patrickdk> place order, receive server, install software, buy datacenter, install into datacenter
<funman___> eeee
<funman___> buy datacentre?
<funman___> u mean colo space?
<Patrickdk> sure :)
<Patrickdk> well, if your small
<funman___> but I just want 1 server :P
<funman___> hehe
<Patrickdk> it's cheaper to own the datacenter
<funman___> how come?
<funman___> it cost millions
<Patrickdk> and how much would it cost to *rent* a datacenter?
<Patrickdk> atleast 4x that price
<Patrickdk> why does everyone want to get *bigger*?
<Patrickdk> cause you can save more money, when your larger
<Patrickdk> till you become management heavy
<funman___> I want to rent 1 to 2 boxes
<Patrickdk> :)
<funman___> surely cheaper to rent?
<funman___> datashag got some cheap enough
<Patrickdk> those are a strange collection of *desktop* machines
<Patrickdk> that is why those are cheap
<Patrickdk> it's just a normal desktop
<Patrickdk> most of them don't even have ecc
<Patrickdk> but it all depends on your requirements
<funman___> i want it cheap
<funman___> and big
<funman___> ::)
<Patrickdk> what is *big*?
<funman___> 32 MB ram
<funman___> so you start also offers anti ddos
<funman___> :D
<funman___> for free
<Patrickdk> there is no such thing as anti-ddos
<funman___> they claim they offer it
<Patrickdk> what they claim, and what it's called, are going be two totally different things
<funman___> means site will stay online
<funman___> how come?
<Patrickdk> how can it stay online?
<funman___> they absord extra BD
<Patrickdk> extra bandwidth?
<Patrickdk> what about your cpu? what about your server?
<Patrickdk> and what about all those ligit clients attempting to access you?
<Patrickdk> absorbing bandwidth costs != site is still usable
<Patrickdk> just means you won't get a huge bill
<Patrickdk> not that things will work
<funman___> what about All OVH servers will benefit from automatic anti-DDoS mitigation by default in the event of an attack (reactive mitigation).
<funman___>  Anti-DDoS PRO  Subscribing to professional use for your server enables access to permanent mitigation (the permanent settings) and configuration of the Firewall Network.
<funman___> but how do they perma mitigate it?
<Patrickdk> dunno :)
<Patrickdk> how do they know a ddos from just normal usage?
<Patrickdk> the first time your site goes vial, it will be considered a ddos
<Patrickdk> at the moment you DONT want it to go down
<funman___> I think thei offer tilera
<funman___> instant scale of cpus cores
<funman___> http://www.tilera.com/
<funman___> i dont know how they do it but it works
<funman___> my mate host site that is often ddosed with them
<funman___> fine
<funman___> herzner simply nulls IP
<Patrickdk> see, I do it the other way
<Patrickdk> I just have enough servers to not be ddos
<Patrickdk> and will block on a needed bases to stop abuse
<Patrickdk> but I don't want stuff to be blocked incase of a spike
<funman___> well say u got 1 box
<funman___> then its tricky
<funman___> :D
<funman___> do u also offer hosting?
<funman___> :D
<Patrickdk> not for a private server
<funman___> for what then?
<blackdev1l> hello after i uninstalled nginx from my server i can't use the port 80, i stopped the service and rebooted, what am i missing?
<funman___> hmm
<funman___> apt-get purge
<funman___> also u missing apache
<funman___> or some webserver
<funman___> to serve http on port 80
<funman___> :D
<funman___> or run ls
<funman___> ls
<funman___> or lsof -l
<funman___> something like that
<funman___> to see ports
<blackdev1l> funman___, i'm using a node.js app, if i change port it works .
<blackdev1l> something is blocking the port 80
<blackdev1l> and other than nginx i can't thing other things
<funman___> run some command to list all ips and ports
<funman___> then u know for sure
<blackdev1l> i did, nothing is runnign on 80
<Patrickdk> heh? that seems hard to figure out
<Patrickdk> why not just use, netstat -antp
<funman___> netstat -lnptu
<funman___> :D
<blackdev1l> https://gist.github.com/blackdev1l/1ce488497280fca4d0da funman___  Patrickdk
<blackdev1l> :(
<Patrickdk> you are running it as *root* right?
<blackdev1l> y
 * Patrickdk has no idea what a single letter means, you can talk right?
<funman___> w
<blackdev1l> ....it's not like you can't think what y mean while you type it on terminal uh?
<funman___> w u s?
<funman___> :D
<blackdev1l> yes btw
<Patrickdk> y? sounds like why? but could be short for yes? but then I don't even know what your thinking so who knows
<Patrickdk> and I shouldn't have to FORCE myself to deciver your encryption
<Patrickdk> that is taking free support, too far
<blackdev1l> or maybe you can be just a little less pedantic and expect more a yes to a "yes/no" question
<blackdev1l> but, whatever, thank you for the support
<Patrickdk> I expect answers, not letters
<Patrickdk> this is not a scantron test
<blackdev1l> someone has an idea about my prior question ?
<funman___> netstat -lnptu pastebin
<blackdev1l> i did funman___
<blackdev1l> https://gist.github.com/blackdev1l/1ce488497280fca4d0da funman___
<blackdev1l> i know that something is blocking the 80 port because if i change to default one it just works
<funman___> ok try reboot
<funman___> :D
<funman___> that can fix it
<blackdev1l> i already did :( i'm so lost with this problem
<Patrickdk> heh, there are only 3 possible things it could be :)
<Patrickdk> and reboot is never an answer
<funman___> it is
<funman___> hehe
<Patrickdk> if reboot is the answer, then it was a program running, and that program *failed* to restart
<Patrickdk> so really, you ahve two more issues, ontop of your issue :)
<funman___> blackdev1l: rebot and see
<funman___> :D
<blackdev1l> doesn't works
<funman___> oki
<funman___> top
<funman___> and kill all proccesses u dont know
<funman___> what they for
<funman___> :D
<blackdev1l> ahah
<blackdev1l> i think i'll give up and use apache
<blackdev1l> and do some proxypassReverse
<Patrickdk> funman, won't help
<Patrickdk> that isn't the problem, already confirmed using netstat
<Patrickdk> using apache, likely will work around the issue
<blackdev1l> yeah
<blackdev1l> :\ kinda bad though
<Patrickdk> bad?
<Patrickdk> that you don't know what to fix?
<Patrickdk> guess so
<SP33D> little question
<zeroNones> hey guys Im trying to copy files from my local computer to a remote server but I need to copy them to a root owned directory via my user. Is there a way to request sudo on transfer?
<zeroNones> I have scp www_example_com.csr ubuntu@165.000.000.200:"/etc/nginx/ssl"
<pmatulis> zeroNones: is this a one-off thing?
<pmatulis> zeroNones: if so, you can scp to a directory the ubuntu user can write to, ssh to the server, and use sudo to copy that file under /etc/nginx/ssl.  if not, the make the /etc/nginx/ssl directory writeable by user 'ubuntu', or his group
#ubuntu-server 2014-09-21
<kieppie> ?smb.conf
<lordievader> Good morning.
<^^x^^> good "morning" everyone
<Casaper> hi. I'm trying to set up kerberos, and seem to be stuck with somewhere with my krb5.conf. kadmin complains about some "missing parameters" in krb5.conf . Saydly it is quite tight-lipped about what this might be. http://pastie.org/9581688 i posted some output on there. i can get kinit on the server and the client, so i guess actually the stuff would be working. I'm glad for any
<Casaper> hint. Google this didn't really help me so far
<Casaper> using ubuntu 14.04
<Casaper> and ubuntu 14.04 based mint on the client.
<Fohlen> anyone knows what I could do about libkmod: ERROR ../libkmod/libkmod-module.c:1619 kmod_module_new_from_loaded: could not open /proc/modules: No such file or directory ?
<Fohlen> appears on my freshly installed ubuntu 14.10
<Fohlen> the server is dedicated hardware if that matters.
<RoyK> Fohlen: possibly a bug - 14.10 is still in development - why not 14.04?
<Fohlen> RoyK: i need a custom environment
<lordievader> And custom excludes 14.04?
<RoyK> Fohlen: can't hrlp you there
<Fohlen> eh
<TJ-> Fohlen: Sounds as if the init system' has mounted /proc from "/lib/init/fstab"
<Fohlen> with more recent modules :D
<TJ-> Fohlen: Why not 14.04 with a mainline kernel package from the Mainline PPA ?
<Fohlen> TJ-: i didn't knew 14.10 is buggy -.-
<TJ-> Fohlen: It's in development - breakage should be expected
<T3CHKOMMIE> Hey guys, im setting up a small home email server SMTP and IMAP. everything works fine on my LAN. but not over the internet. I am using dovecot and postfix. I have ports 25 and 143 and 993 open on my FW, and a packet capture is showing me that IMAP packets are being replied to when thunderbird kicks off looking for paramters, but I keep seeing RST, ACK from the SMTP port 25. Anyone know what i might be missing on postfix to allow SM
<T3CHKOMMIE> TP connections over the internet? I am doing TLS W/ PLAIN auth its like postfix doesnt want to accept outgoing connections from NON-LAN ips.
<Fohlen> TJ-: anything I can do about it?
<Fohlen> Can't install any more custom kernel modules *mkaay*
<Fohlen> or load them
<Fohlen> :D
#ubuntu-server 2015-09-14
<sarnold> Tangurin: sometimes they may offer a framework or product of some sort, and they'll have configured all this kind of stuff before allowing users to deploy their specific portions
<sarnold> Tangurin: sometimes they just do simple static serving and they don't actually allow their clients to run code in the web server at all
<Tangurin> sarnold: hmm ok
<Tangurin> sarnold: Well I will have to look into this someday... but not now! Now I have to sleep. in the middle of the night and work today! Thank you for your time and have a nice day! :)
<sarnold> Tangurin: woo :) have fun, sleep well
<guillaume_s> hi everyone
<guillaume_s> i search for an answer to a question in order to be able to install ubuntu-server. i have been asked to install Linux (ubuntu) on an ibm 9407-515 server. This is the first time i do it on a Server. We've realized that we couldn't create a LPAR because when we try to modify anything we are told that we don't have the feature 7966 "Note: Error 400000C4 when trying to modify partition configuration can be a result of not havi
<guillaume_s> partitioning. " The problem is that he stopped his contract with IBM so we don't know how to add this feature. Our actual firmware is SF240-238
<guillaume_s> anybody with an idea would be really nice to tell me, it's been a few days now and i feel lost
<TJ-> guillaume_s: hi again. Have you seen http://www-01.ibm.com/support/docview.wss?uid=nas8N1014228
<guillaume_s> yes
<guillaume_s> and read all redbooks
<guillaume_s> i must say we don't have any HMC
<TJ-> guillaume_s: tell the client to contact IBM. They need to purchase the feature.
<guillaume_s> ok. So that's what i thought. The feature is at 0 dollars. Do you think they'll be able to do something even if he stops his contract with them ? last question. Would it be possible to do it another way ? Like removing the current os and replace it with Ubuntu ? or would it be very hard to do ?
<TJ-> guillaume_s: He'd have to talk to IBM about the feature, I can't say. I doubt replacing i5/OS is a good idea. There's no guarantee Linuc fully supports all the system hardware.
<guillaume_s> you're right, thank you for your time, this is pretty much what i wanted to hear. Will you be here later today ?
<TJ-> guillaume_s: probably not, I've been doing some early-hours hacking :)
<guillaume_s> nice, well thank you. I hope i'll manage to install it by myself.
<mnms_> I would like to install ubuntu as my ftp server with 4TB disks. Are there any problems with disks bigger than 2TB ? I would like to make software RAID 1 using ubuntu installator. SHould I expect any problems with following configuration :) ?
<lordievader> mnms_: Not if you are using gpt. But don't use ftp, use scp, sftp or anything else. Ftp is a bad idea.
<sysrex> mnms_, I will second lordievader ftp is a really bad idea
<sysrex> and if you are planning in having large files I would go with xfs
<mnms_> guys I will use certificates to not send credintials in plain text
<maswan> yeah, nothing wrong with ftp if you use tls
<mnms_> lordievader, sysrex: Ok, I understand you mean I should use ssh protocol ?
<sysrex> yes, safer and faster
<mnms_> ok
<mnms_> thanks for that
<sysrex> no worries mate
<lordievader> maswan: Isn't ftp + tls sftp or ftps?
<maswan> lordievader: sftp is based on ssh, you could call it ftps I guess, but I've never seen that
<lordievader> https://en.wikipedia.org/wiki/FTPS
<lordievader> So it is ;)
<mnms_> So I can create GPT layout on hdd through ubuntu installer ?
<maswan> I think so, but I've never tried it. All of my large storage servers have HW raid controllers with a small OS partition, or small dedicated OS drives.
<lordievader> mnms_: I'd do it by hand if I were you.
<mnms_> maswan: I would like to ensure somehow before I will buy a disks
<lordievader> Gpt/mbr is irrelevant for a disk itself.
<lordievader> As long as it can store data it can have gpt or mbr partition tables.
<mnms_> lordievader: true, but Im buying it to have large partitions, If I will have problem creating them, It doesnt make sense to spend a money
<lordievader> mnms_: Go with gpt: https://wiki.manjaro.org/index.php?title=Some_basics_of_MBR_v/s_GPT_and_BIOS_v/s_UEFI#MBR_vs._GPT
<mnms_> Right now I put disks <= 2TB, run ubuntu-server edition, going through installer steps and everything works fine
<lordievader> Ubuntu works fine with gpt disks, just don't know if the installer can set it up. Hence the advice to do it manually.
<mnms_> I guess I need to change something in BIOS to to activate UEFI, correct ?
<rbasak> smb: did you ping me earlier? I can't find it.
<smb> rbasak, yeah on some other channel.
<smb> rbasak, Was wondering what questions there were about dpdk and whether those would stop us from uploading 2.0 as it is now
<rbasak> smb: have you seen the replies to http://dpdk.org/ml/archives/dev/2015-September/023180.html?
<smb> Most comments seemed to say we did it the same or at least a similar way
<smb> rbasak, was quickly scanning over
<rbasak> smb: upstream seem receptive, but I wanted to reply to Thomas. It sounds like the soname is well-defined now in latest upstream, but what about the sover?
<smb> Most things seemed to address 2.1
<smb> Yeah, the reply from Stephen sounded like there is one defined in the config now... but not which
<smb> rbasak, oh also it simplify things for me if you could just add me to a cc: on those emails. Then I do not have to poll some archive site to see whats going on. :)
<teward> should packages be built with the expectation of having dpkg-divert being called upon it to divert installation of a configuration file, when dpkg-divert is called from a different package?
<jge> howdy, anyone know if samba respects linux acls? I'm using the "hide unwritable/unreadable" options in a samba share but I only get permissioned-denied, I would like them to not see what they dont have access to
<jge> I've only been able to get this working by using standard perms
<sarnold> jge: would that change directory listings for a user based on which files or directories they can actually read or write?
<jge> sarnold: a directory will be hidden for them if they dont have read/write perms
<sarnold> jge: what happens if they try to create a directory or file with a hidden name?
<jge> sarnold: I get, "you must type a file name" on a win7 client
<sarnold> weird
<sarnold> well, at least it's an error that's actually handled on the client..
<jge> I should be able to get the behavior I want by using ACLs too right?
<jge> right
<sarnold> jge: it looks like samba does the entire access control checks itself http://sources.debian.net/src/samba/2:4.1.17%2Bdfsg-4/source3/smbd/open.c/?hl=69#L69
<sarnold> jge: I don't know where the lp_acl_check_permissions() function is defined -- it _might_ hide a call to access(2), but without seeing it, I think that means you've got to use samba acls and not linux acls
<jge> sarnold: hmm interesting, I thought samba used linux perms/acls, didn't know they had their own mechanism for access control
<sarnold> jge: if you find the lp_acl_check_permissions() function, that'd explain everything. :) I just don't know where else to go looking for it. you might be right..
<jge> sarnold: ok thank you, i'll dig into it more
<henkjan> whys is ssh complaining:
<henkjan> Warning: the RSA host key for 'test2.mydomain.local' differs from the key for the IP
<henkjan> address '172.16.28.194'
<henkjan> Offending key for IP in /home/henkjan/.ssh/known_hosts:110
<henkjan> Matching host key in /home/henkjan/.ssh/known_hosts:102
<henkjan> the 'offending' key is in ecdsa format
<henkjan> the matching key is rsa
<henkjan> why would ssh complain about a key in a different format?
<henkjan> both keys in known_hosts are the keys as found on the server in /etc/ssh/
<quantic> henkjan: because if one key matches and the other doesn't, it's potentially a security issue.
<quantic> henkjan: it is conceivable that a hostile mitm could be spoofing one key, but not another.
<quantic> henkjan: also, one key is matched on hostname, and the other by IP. DNS redirection is also a possibility.
<quantic> henkjan: i.e. the DNS entry for the host was changed to point to a different and possibly hostile system.
<quantic> henkjan: verify the host key fingerprint against the keys actually on the host, and if they match, clear the offenders from known_hosts
<henkjan> both keys in known_hosts are the .pub versions from the server
<henkjan> is ssh client not smart enough not to try to match aan rsa fingerprint with an ecdsa key in known_hosts?
<sarnold> henkjan: it's complaining about the different format because itmight mean the connection or server has been manipulated
<quantic> henkjan: ^
<quantic> henkjan: it's being paranoid, and rightly so, by design. clear the offending keys and let it recreate the known_hosts entries if everything's fine.
<sarnold> henkjan: it'll continue to warn you until you remove the key that's no longer being used, as a way to acknowledge that the change is intentional
<henkjan> 21:28 < quantic> henkjan: also, one key is matched on hostname, and the other by IP. DNS redirection is also a possibility.
<henkjan> i'll check on that one
<henkjan> hmm, maybe its a good idea to maintain a global known_hosts in /etc/ssh/ssh_known_hosts on this jumphost
<Slugs_> is anyone aware of an ubuntu iso that includes openstack as a software installation selection?  ââ http://i.stack.imgur.com/WGJlN.jpg
<Slugs_> i canât seem to find thids
<Slugs_> *this
<sarnold> I wouldn't be surprised if that's been removed, if it ever existed "publicly", there's just so many ways to run an openstack system, and so many pieces of software, it doesn't really make sense to have one "openstack" task.
<Slugs_> interesting
<Slugs_> that makes alot of sense
<Slugs_> thank you sarnold
<sarnold> Slugs_: take a look at this, it might be helpful http://www.ubuntu.com/download/cloud/install-ubuntu-openstack
<Slugs_> thank you
<teward> anyone else on the server team want to comment on https://lists.ubuntu.com/archives/ubuntu-server/2015-September/007106.html or https://lists.ubuntu.com/archives/ubuntu-server/2015-September/007107.html
<teward> sarnold: thanks for looking, i shoulda poked -hardened first xD
<teward> but you're here :)
<teward> (I also said in a response that they should first get it into Debian, and their security teams'll ask the same questions :P)
<sarnold> teward: well, they're likely to behappy to accept it, the more the merrier etc, but these already exist so they have to hit a certain minimum of usability.. :)
<teward> sarnold: mmm
<teward> sarnold: indeed, although even then... :P
<teward> sarnold: i don't think there's any protocol for VPN out there that's 'brand new' that passes security muster, but I may be wrong
<teward> o/ LinuxJedi
<sarnold> teward: indeed.. I liked reading the strongswan code though.
<teward> sarnold: strongswan broke my IPSec on my pfSense though
<teward> had to nuke and redo all the IPSec configs
<sarnold> teward: .. and it doesn't work in draconian networks that allow e.g. only port 80 traffic through. so it's not perfect tool for everybody..
<teward> mhm
<teward> grrrr openssl ftbfs on armhf on my rpi >.<
<LinuxJedi> hey teward
<teward> LinuxJedi: nginx mainline ppa is *delayed* because i'm innundated at work >.<
<teward> in case anyone cares
<teward> but i don't think everyone does xD
<LinuxJedi> teward: I resemble that remark :) NGINX conf next week so I'm spending every hour possible preparing
<teward> LinuxJedi: oh, that's right, give everyone my regards and my regret about not being able to attend :)
<teward> sarnold: sorry for hijacking an otherwise quiet channel XD
<LinuxJedi> will do. And sorry from me too sarnold :)
<sarnold> meh I don't care :) it's remotely on-topic anyway..
<teward> sarnold: can I get a security team opinion on a CVE though
<teward> semi-related :P
<sarnold> sure..
<teward> sarnold: http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4968.html <-- worth backporting fixes?
<teward> LinuxJedi: ^ same question, except is there backported changes for this CVE for 1.6.x (which i know is dead, yes)
<LinuxJedi> my personal opinion is since we added it as a feature (off by default) I don't think it needs a backport. The default behaviour will be the same as 1.6 I believe. Those who would configure this are probably using their own builds anyway.
<LinuxJedi> that said, it doesn't look like it is a difficult one to backport if you want to do it
<teward> hence me asking sarnold if it's worth it xD
<sarnold> teward: no, I wouldn't bother. no one's asked us for it...
<teward> ok then :)
<sarnold> teward: and anyone who really cared could use stunnel
<sarnold> teward: you're busy enough and have enough things to do that it doesn't seem worthwhile. if you were bored, maybe. but that doesn't seem to be an issue. :)
<teward> sarnold: should it be 'wontfix' or such, as in 'we don't really see this as a huge concern'
<teward> sarnold: meh, just doing my regular poking of the tracker :)
<sarnold> teward: I just checked in an update with somenotes
<teward> sarnold: ?
<sarnold> teward: http://bazaar.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master/revision/9951
<teward> ah
<teward> sarnold: ACK on that, +1 on the notes as such
<sarnold> thanks
<teward> sarnold: it's definitely patched in Wily, but meh
<RevertToType> maybe here will help... so i'm building up from server to make a kiosk everything is actually nearly perfect except--- one thing; so i have xorg installed and it's running a web browser in kiosk mode with all the correct settings, now i want users to be able to save files to their flash drive should they need to but nowhere else.  if this was windows i could gpo the save file box to only show the equivalent to /media/usb0 as the only opti
<RevertToType> please say it isn't
<sarnold> RevertToType: your first messge was cut off at "as the only opti"
<RevertToType> show the equivalent to /media/usb0 as the only option but i don't see an immediate way to do that with my current setup.... is there a way? I know that setting permissions hasn't "hidden" the other folders from the users' view so i'm kinda at a loss... is this the point i have to breakdown and consider a wm/de?
<RevertToType> also sarnold do you have a project or something i can donate to so i can show gratitude for the endless patience dealing with me?
<RevertToType> or a paypal i guess... a pint on me so to speak
<sarnold> RevertToType: if it were me, I'd modify the apparmor profile for the web browser to allow writing to /media/usb0/**, but I don't know how you pre-populate that as the save-as dialog source
<sarnold> RevertToType: hehe, thanks, but no; just pass it along :)
<RevertToType> sarnold: yeah i mean right now i have two options; leave the save dialog box open entirely or remove the ability to save... this is kinda the 3rd layer of polish on the system which would take it to "meets requirements" to "meets all the things we wanted but thought we couldn't have"
<RevertToType> oh snap... maybe i can do stuff in the gyk .config file...
<RevertToType> gtk rather
<sarnold> RevertToType: it _might_ start with the HOME directory or something similar
<RevertToType> yeah i think with a bit of tweaking i could just make it so it opens up a really small dialog box with no navigation just auto-located to the usb drive and the button "save" hehe
<RevertToType> like "select the one place you can save it...nope there's only one... save or cancel... i'll wait"
#ubuntu-server 2015-09-15
<RevertToType> this is gonna be effort as heck meh
<sarnold> RevertToType: looks like chromium has a download locations thing, check about:settings, open advanced, and set the thing..
<sarnold> RevertToType: then check where it is set in ~/.config/chromium* ...
<RevertToType> yeah the problem is while i can set that since there's like an ext. to open office docs and whatnot we thought that was super useful given our typical use... so if someone has to save it's a right click save as situation for like 90% of the types of files we'd be using... and then it's gotta go to filechooser,
<sarnold> you probably just need to pre-populate the save-as with something that they can actually write to
<RevertToType>  i set the download location to /media/usb0 which is perfect for the auto-downloads but moreso when they're using say the office extension or a ... umm thingamabob that requires a right click i'd love it to just force the filechooser to either be bypassed altogether cause it's just auto-choosing /media/usb0 or the chooser shows just that one choice
<patdk-lap> sarnold :)
<patdk-lap> good in apparmor?
<patdk-lap> I want a rule that just logs connections, just does like a warning, not block
<patdk-lap> just so I know what user/program/...
<sarnold> patdk-lap: hmm, that might be difficult. You might try to use "audit network," or "audit network tcp," in a  profile, but I'm not sure that'll work.
<sarnold> patdk-lap: you could use auditd and log accept() syscalls; that would apply to all programs, without requiring apparmor profiles
<patdk-lap> heh
<patdk-lap> I would love to limit it to apparmor, as it would limit the insane amount of logging to the specific things I care about :)
<patdk-lap> but if I have to
<patdk-lap> audit network tcp connect, seems like it will do the trick
<sarnold> patdk-lap: let me know if it works :)
<patdk-lap> besides the connect part it does
<patdk-lap> I think connect requires src/dst addresses
<patdk-lap> manual is very fuzzy
<patdk-lap> heh, connect doesn't work, says it needs v3.0
<patdk-lap> and only v2.8
<patdk-lap> and without it, I'm blowing up the kernel, logging stuff to fast
<patdk-lap> audit_printk_skb: 43755 callbacks suppressed
<sarnold> patdk-lap: ouch :)
<lampshades> Hi there, I'm trying to provision an ubuntu server with chef and capistrano for a rails site, and Im having a really hard time finding good resources for this task
<liecy> hello
<lordievader> o/
<silvervulcan> I have created my own apache ssl cert for my home server and am using the https address on port 443. I noticed that my server does DNS requests every time I access any page. When I use the regular port 80 address this doesn't happen. Is apache trying to look my home-made certificate in a public database?
<lordievader> silvervulcan: I'd checkout what the DNS packets contain.
<silvervulcan> I should have said self-signed certicate instead of home-made, that's what I meant.
<silvervulcan> lordievader, how do I do that?
<lordievader> silvervulcan: tcpdump/wireshark
<silvervulcan> lordievader, will the output be in an easy to understand format or binary/hex?
<lordievader> Wireshark will display it in an easy to understand format and in hex.
<orogor> hi
<orogor> anyone knows a good/simple tool for proviing a referential of the server inventory
<jamespage> hallyn, zul: I jumped to a conclusion for https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1495895
<ubottu> Launchpad bug 1495895 in qemu (Ubuntu) "Unable to attach rados block device to instances" [Undecided,New]
<jamespage> it may be wrong
<jamespage> but it might not be
<orogor> something that can allow to define the server as test/prod and a role like db/web ?
<sysrex> orogor, you mean puppet / chef like
<orogor> well no conf management; more like inventory
<orogor> more like icmdb or glpi
<orogor> but simpler
<orogor> i am also looking for centralised ssh key management that supports the management server being offline/disconnected
<orogor> and eventually a tool like keypass, but for multiuser
<orogor> doesnt need to be the same app for everything
<rbasak> teward: I just triaged bug 1494869 and noticed you were involved in the bug upstream. Perhaps you could help drive it? There's not enough for anything to be done in Ubuntu based on the report filed IMHO.
<ubottu> bug 1494869 in bind9 (Ubuntu) "OPENSSL_CONF confuses dig, host, nslookup" [Low,New] https://launchpad.net/bugs/1494869
<zul> jamespage: ive jumped to the same conclusion
<sudhir__>  Hi guys.. I'm facing an issue while doing a net install of ubuntu server 14.4.2.  it says "configuring pkgsel fails with error code 127", can anybody help.??  I'm using preseed file for the installation.  I face this issue in select and install softwares step. in the screen i see ,running popcorn..tasksel..  cleaning up.. and then it just gives a red screen sayin installation step failed.. !!
<sudhir__> guys any insights would be a great help.. :)
<jamespage> zul, there is a 'configuration failed' message during configuration phase of the build
<zul> jamespage: looking
<zul> jamespage: can use qemu-img create to create a file with the rbd backend just to make sure
<sudhir__> Hi guys.. I'm facing an issue while doing a net install of ubuntu server 14.4.2.  it says "configuring pkgsel fails with error code 127", can anybody help.??  I'm using preseed file for the installation.  I face this issue in select and install softwares step. in the screen i see ,running popcorn..tasksel..  cleaning up.. and then it just gives a red screen sayin installation step failed.. !!
<zul> jamespage: its definenly built with rados/rbd support though
<jpds> sudhir__: Sounds like your preseed file is broken?
<jamespage> zul, why is it not linked against that then?
<zul> im not sure
<zul> but its building with -lrados
<zul> jamespage, http://pastebin.ubuntu.com/12417537/
<zul> jamespage: erm http://pastebin.ubuntu.com/12417627/
<zul> jamespage: looks better now http://pastebin.ubuntu.com/12417636/
<kgirthofer> if I want to pipe the output of a command into another command how do I do that
<kgirthofer> i.e. if I want the output from "aws ec2 describe-instances --filter Name=tag:Name,Values=MYSERVER01 | grep "InstanceId" | awk '{print $2}' | tr -d '",'"
<kgirthofer> to be piped into "aws ec2 reboot-instances --instance-ids $serveridhere
<kgirthofer> how do it
<KlausedSource> well you save it in a variable and use the variable in the command
<KlausedSource> basically as you just did with $serveridhere
<jamespage> zul, ok so which piece of the puzzle are we missing? is this a packaging fix, or a charm fix?
<zul> jamespage: packging fix, rharper and hallyn are already working on it
<teward> rbasak: which bug?
<teward> oh
<rbasak> teward: https://launchpad.net/bugs/1494869
<ubottu> Launchpad bug 1494869 in bind9 (Ubuntu) "OPENSSL_CONF confuses dig, host, nslookup" [Low,New]
<teward> rbasak: What do you specifically need?
<rbasak> teward: I don't need anything, but it looks like this needs to go upstream?
<teward> rbasak: to where, OpenSSL?  or bind9?
<rbasak> teward: it isn't clear to me.
<teward> rbasak: nor me, the only reason I was involved was because their script failed
<teward> beyond that, they're the SSL experts
<rbasak> teward: I just thought you might care to drive it because of your upstream involvement. If you aren't so inclined, then that's no problem.
<teward> rbasak: the only thing I can think of is an Ubuntuism / OpenSSLism where openssl_conf isn't defined as an env var
<teward> rbasak: yeah i'm not particularly driven about that
<teward> since the issue appears to have autoresolved itself over time :/
<teward> my guess is because a fix was made in the script
<rbasak> teward: could be. I don't feel that the bug is reported well enough to know.
<teward> rbasak: TBH I don't think it warrants fixing, unless someone cares enough to.  I know that 15.10+ is not affected, and I"m more concerned currently with the state of 15.10+ than I am a weird bug that had a workaround applied as part of the script that Dirk was developing
<teward> i'm also more concerned about why openssl ftbfs on my rpi, but that's a different issue :)
<rbasak> Yeah that's fine. I commented on the bug just because otherwise reporters have the expectation that we're supposed to be doing something but aren't, rather than the bug not being actionable.
<teward> and i'm about 3 weeks behind on the PPA packages lol
<teward> sarnold: ping, if you're around.  If not i'll bug you later
<lochlann> I have done so many searches on google about the proper way to automount ntfs drives and have come up with so many "different" answers.  Please someone help me with the "proper" way to do this.  I want to automount ALL ntfs drives so they are RW by all users on the local machine and accross the network.
<teward> lochlann: are the NTFS drives on a file share server?
<teward> or are they actual drives/partitions
<lochlann> some are internal Sata and some are external USB ... It's for a media server
<teward> lochlann: /etc/fstab entries for each partition/device to mount it rw, anonymous FTP internal to the rest of your network.  Or use an actual media streaming solution rather than sharing partitions and files and such
<lochlann> there is 5 internal hdd and 6 external drives. I have a media streaming solution in use *Plex* and this is the Plex Server where all the drives are to be mounted.
<teward> lochlann: /etc/fstab entries then
<teward> and either Plex to share from, or ftp/sftp internal only for direct files access
<teward> (internal network that is, i.e. your LAN)
<lochlann> teaward: yes I know fstab... my issue as stated is I am finding *via google* way to many different ways of adding it to fstab. I have tried some and they are not working properly. I'm looking for the proper way to "add" it to fstab
<teward> you didn't say that lol
<teward> read the manpage perhaps, it explains NTFS mount options
<teward> This is how I mount an NTFS USB Hard disk: UUID=fwafwefwafweffwaew  /media/DIRTY_150G    ntfs-3g    defaults,locale=en_US.utf8,windows_names,umask=0000,nobootwait,uid=1000,gid=1000,user   0       0
<teward> uid=1000, gid=1000 is my user id, umask=0000 ends up giving chmod 777-like perms (read/write)
<teward> (to all)
<lochlann> what is this windows_names thing in yours? I am guessing it has something to do with windows and not needed by me? I have no windows machines in this house
<teward> lochlann: as i said it's an NTFS drive and I want cross-compatibility at times
<teward> lochlann: that's just one example
<teward> as i said, you need to read the manpages for mount options for ntfs
<teward> lochlann: we don't know your requirements.  which is why you need to read the manpages.
<lochlann> what manpage are you speaking of?    mount -h says nothing about ntfs
<teward> that's not a manpage
<teward> type `man mount`
<teward> and then read through the general fs-nonspecific section, as well as the ntfs options
<lochlann> teward: so then, from  what I just read, this should work -->   UUID=1293078mnbndf89      /media/VideoDrive01      ntfs-3g     auto,defaults     0     0
<tarpman> careful. ntfs and ntfs-3g are different things and have different options. mount(8) has ntfs options, ntfs-3g options are in ntfs-3g(8)
<tarpman> ntfs-3g has many more options than ntfs
<teward> ^ that
<lochlann> I really just want it to 1. automount in the off-chance of a system reboot. 2. be accessible via Plex for all. 3. be rw so new media can be added from other machines on the network.
<teward> lochlann: ideally if you don't know what you're doing, though, you shouldn't be messing with mounting things.
<teward> (in my opinion)
<lochlann> teward: it's not about messing with it..... I just need to do it once...
<teward> lochlann: `man ntfs-3g` may be of interest moreso
<teward> and yes it's 'messing' until you get it right
<teward> you also haven't said how data's being written to it from remote sources
<teward> FTP?  SFTP?  Windows file shares (Samba)?  etc.
<teward> that also has a factor too
<tarpman> lochlann: just curious: if you have no windows machines in your house, why are you bothering with ntfs?
<teward> tarpman: external USB media, perhaps preformatted
<teward> [2015-09-15 13:21:45] <lochlann> there is 5 internal hdd and 6 external drives. I have a media streaming solution in use *Plex* and this is the Plex Server where all the drives are to be mounted.
<teward> pretty certain preformatted
<lochlann> tarpman: from what I read, ntfs was the way to go for the size of the drives. 11 drives all 4TB each. plus the usb drives came this way when bought
<teward> if your backend is *nix, then ext4 works
<lochlann> plus there is, albeit not very often, 1 windows laptop that connects when family comes to visit.
<tarpman> the stuff you read probably assumed you need compatibility with windows or mac
<tarpman> I format all my usb drives as ext4 because I find dealing with the permissions-translation stuff (unix to ntfs and back) to be a massive pain
<lochlann> although I don't see the need for ntfs if all they are using is Plex.... but everything I read says this
<tarpman> anyway, not advice per se, was just curious about the rationale
<teward> lochlann: if they aren't connecting the drives themselves then NTFS is not a requirement
<tarpman> yeah, only the machine the usb drives are actually plugged into cares about the filesystem. over the network, it's irrelevant
<teward> if they're always connected to your media server, then filesystem matters only to the server
<teward> and ext4 is more... linux friendly, and flexible, I think
<teward> over the network it's irrelevant
<lochlann> and now I think it is too late....  all 11 drives have media on them now
<RoyK> xfs is probably better unless you want to shrink the fs
<RoyK> lochlann: how large drives? what raid level?
<lochlann> RoyK: no raid... all drives are 4TB each
<RoyK> lochlann: that's lunacy
<teward> RoyK: they're also not completely internal according to the user
<RoyK> lochlann: with 11 drives, create a raid-6 on top of them
<lochlann> ^^
<teward> RoyK: they want all 11 to automount and have the media on them available r/w to the system and to external 'file dropping' into the server probably
<RoyK> oh - lots of usb drives around?
<teward> RoyK: [2015-09-15 13:21:45] <lochlann> there is 5 internal hdd and 6 external drives. I have a media streaming solution in use *Plex* and this is the Plex Server where all the drives are to be mounted.
<lochlann> 5 internal 6 external
<RoyK> get it
 * RoyK would prefer a large raidset
<lochlann> technically there is 6 internal, but one houses Ubuntu
<teward> RoyK: wouldn't the RAIDing nuke the data on the disks already?
<sarnold> lochlann: yikes, this sounds terrifying..
<sarnold> that's a lot of singlepoints of failure..
<teward> sarnold: there you are
<sarnold> heya teward :)
<lochlann> and here I thought this would be simple.... lol....  as it is it took my wife and I almost a year to take the media off over 1,200 DVD's
<tarpman> teward: in theory that's not a problem because one has up-to-date backups...
<teward> tarpman: in theory
<tarpman> ^_^
<teward> tarpman: in practice, people making in-home media servers aren't up to theory
<RoyK> teward: just empty one drive, create a broken r5 on that drive, create lvm on top, mkfs on that, copy data, empty another, extend etc
<sarnold> pff too easy to screw that up; buy a nice new system with a dozen drives, set up a raidz3 on them, start copying, and pray to all the dieties of your choice that those usb drives last long enough to copy everything off
<lochlann> sarnold: all the drives are 1year old or less :)
<bekks> lochlann: drives can be dead on arrival, their age basically doesnt mean much.
<sarnold> lochlann: even worse, some haven't even been alive long enough to be stressed :)
<RoyK> sarnold: well, you can't extend zfs vdevs
<lochlann> trial and error I suppose. I will start with -->   UUID=1293078mnbndf89      /media/VideoDrive01      ntfs-3g     auto,defaults     0     0 and see if it works for me
<sarnold> RoyK: true :(
<tarpman> lochlann: i'd suggest 0 2 instead of 0 0
<tarpman> oh, nevermind. there's no fsck.ntfs-3g anyway...
<lochlann> wouldn't it be bad to have it utilize parallelism on 11 drives though?
<tarpman> I can't think why
<lochlann> took a while to add all those, but so far all seems good.
<RoyK> just don't use ntfs on linux
<lochlann> yea, all future drives added with be EXT4
<lochlann> we still have approx 900 DVD's to convert
<lochlann> my wife is a bloody dvd fanatic
<lochlann> thank the gods and goddesses for .mkv .....
<lochlann> lol
<jrwren> lochlann: not 11 drive, but I have 5 drives in an LVM VG of ~11TB with larget LV being 5TB, but each grows as I add disks.
<jrwren> lochlann: I'd NEVER use NTFS for any of it. It is ext4. I use some smaller LV to experiment with btrfs, but I'm overly cautious and do not trust it just yet.
<lochlann> I suspect we will be adding at least a few more drives....  only got about 7TB left of space from all 11 4TB drives... and still over 900 dvds to convert ......
<lochlann> maybe I will take the new drives as an opportunity to convert the existing ones to ext4
<jrwren> lochlann: it is probably worth adding them all to some kind of pool with parity drives so that you can suffer a disk outage. raid6 or btrfs or something.
<lochlann> jrwren: no point in me doing that honestly....  That's another 11 drives I would have to buy plus anymore that I add in the future.....  This is only a media server... Should 1 drive fail I will just reconvert the dvd's that were on that drive. much cheaper option
<jrwren> lochlann: no, you strongly misunderstand. I wrote parity on purpose.
<jrwren> lochlann: it is only cheaper if your time is free. My time is very expensive and very valuable to me.
<freezevee> I am trying to do sudo passenger-install-nginx-module while I have installed ruby 2.2 via rvm and checked with ruby -v but it keeps installing for the 1.9.3 version. What am I doing wrong ?
<jrwren> freezevee: sudo resets your path. try sudo -E
<lochlann> jrwren: that involves buying more drives does it not? If so that means buying another 11 4TB drives just for what I have now. Further, my machine only has 4 more USB ports available which would not accommodate another 11 drives
<jrwren> lochlann: no, parity means some, not all. Yes you would sacrifice some space. Its ok. I was only suggesting. We may value time differently.
<freezevee> jrwren: should I install without the sudo ? nice idea
<lochlann> jrwren: not a bad suggestion, but financially for me it is more worth the time to reconvert
<dft> any incrontab afficionados here?
<dft> having issues trying to pinpoint execution of a python script from incrontab
<dft> I can see that the inotify signal is being caught and incrond is executing my python script, but the desired result of mailing me the results is not happening.
<dft> when I run the python script from the users shell, all is well.
<sarnold> dft: how are you checking the email delivery?
<dft> sarnold: email delivery works fine when I run the script from my shell
<dft> as in it reaches my inbox
<dft> sarnold: before tracing that, I don't see the script executed in the users shell under top at all when I would normally expect it.
<dft> I tried sourcing .bashrc for the user account prior to executing the python but I get other errors using that method
<sarnold> dft: so, the script itself is doing the mailing? does it make assumptions about the PATH or other environment variables that might be set in your shell but not set in incron?
<sarnold> dft: top is probabilistic, it's easy for it to miss executions; fatrace or "execsnoop" can help there...
<sarnold> dft: see http://www.brendangregg.com/blog/2014-07-28/execsnoop-for-linux.html for more information on execsnoop; awesome blog overall, it's well worth a few days of reading :)
<dft> I'll check those out.
<dft> ty
<dft> but as far as assumptions, I think I've covered them all.
<dft> shebang points to /usr/bin/python, then just importing all my required classes
<dft> although I'll have to look into os.path.dirname(os.path.abspath(__file__)
<dft> I'm not sure if that pulls from env vars
<dft> otherwise, any other filesystem path is explicitly defined
<sarnold> can you pastebin the incrontab file?
<RevertToType> i don't have network-manager installed would this be a reason why my wifi keeps dropping or is that just a suite of tools to make things easier?
<dft> sarnold: standby
<dft> it's the last entry that's problematic atm
<dft> sarnold: https://gist.github.com/anonymous/d1a540bab1f8f5bb338d
<sarnold> dft: that . is a little funny but it shouldn't cause problems to the kernel...
<sarnold> dft: is there a newline at the end of the file? some programs require a newline at the end, and some editors don't put one there
<dft> it's never been an issue with the first 4 entries
<dft> sarnold: let's find out...
<sarnold> dft: are the modes on /home/elimg/scripts/./funcCollectDefectImages.py  set correctly?
<dft> yes
<dft> 755
<dft> I think I may have found the issue
<dft> your comment about assumptions may have sparked a notion
<dft> I have some logfile writing functions but the log file path is not fully qualified
<dft> brb
<dft> BAM
<dft> sarnold: ty
<dft> needed someone to bounce this off of
<sarnold> dft: woot :)
<dft> :facepalm: I've been chasing this all day
<dft> so future reference
<dft> don't use os.path.dirname(os.path.abspath(__file__) to getcwd
<dft> at least when calling your py from cron or incron
<dft> declare a wrkdir='<home>' and use os.chdir(wrkdir)
<sarnold> dft: funny, I would have expected that to work
<dft> sarnold: as you first stated....assumptions....
<dft> I thought so too
<dft> but as it turns out I've bounced between os.path.dirname and my 2nd in some of these scripts.
<dft> after some googling I found some references to issues with incrontab and CentOS not providing a full shell when executing the referenced script
<dft> so that's when I tried sourcing my .bashrc...however that just made matters worse.
<sarnold> yeah, things that make a shell friendly for humans often make it less friendly for programs ;) hehe
<dft> oh well, in the end I get to level up ..haha
 * dft +1
<sarnold> :)
<RevertToType> so i've narrowed down at least kind of a seeming culprit to my wireless drops (drops around 1800/30 minutes) and it's something to do with dhclient apparently... once it drops the retry isn't kicking in either so even after five minutes...  so it's like dhclient isn't renewing or even running apparently
<RevertToType> how do i fix this awfulness
<genii> RevertToType: Is the wireless adapter running on the USB bus? It may be going into power saving mode
<sarnold> genii: that's genius :)
<RevertToType> genii it's likely ... it's a netbook like half the internals are technically on the usbbus
<RevertToType> i thought i killed out all powersaving...
<RevertToType> also i don't have acpi-tools or network-manager installed at all
<RevertToType> where would i futz that one maybe i did it wrong (power saving stuff)
<genii> Apologies on lag, just getting ready to leave work here...
<genii> sarnold: I had a broadcom like that, drove me nuts
<RevertToType> np grateful for any things
<genii> RevertToType: Does it show up on hte: lsusb   ..command?
<RevertToType> umm the only named thing i recognize aside from linux foundation..... is the camera
<RevertToType> so maybe it's not on usb
<genii> RevertToType: Could you please pastebin the output of: lsusb   and: sudo lspci    and: sudo lshw -short     please
<RevertToType> oh it's on pci
<sarnold> genii: it reminds me of a usb hard drive I used to use for backups. It'd go to sleep and the mount failed and all kinds of hell would break loose and then it'd require fscking every time I wanted to use it. Horrible annoyance.
<genii> So in this case it looks like some other issue, unfortunately
<RevertToType> i mean i think the culprit has something to do with dhclient not doing what it's supposed to
<RevertToType> cause when it drops
<genii> RevertToType: Did you check on the place it's getting it's lease from to see what the default lease length is?
<RevertToType> it's still saying it's connected to the network/associated and the ip address drops out of ifconfig after a few minutes
<RevertToType> i have no access to the network settings or even the router (this is for a small library and the IT is just the county folks... if something goes wrong and it's not windows they tell us to leave)
<sarnold> RevertToType: check dmesg, auditd logs, etc.. there might be some clues hidden somewhere you may not expect
<RevertToType> and while somewhat windows/mac savvy i'm like just one step above totally clueless on linux (so enough knowledge to do damage)
<RevertToType> all i ever see is a deauthenticate reason 108; unknown everything else looks like it's getting orders from the accesspoint/router/whatever just fine
<sarnold> wpa2 vs wep or something?
<RevertToType> wpa2-personal so form wht i can tell wpa-psk ccmp
<RevertToType> hidden ssid
<RevertToType> when i finally got wireless working i had to make a systemd service to run "dhclient" at startup
<RevertToType> cause it wasn't pulling down an ip
<genii> hidden SSID can be problemmatic
<genii> Are you using a wpa_supplicant.conf file ?
 * genii ignores the phone ringing in his office and makes more coffee
<RevertToType> genii yup
<RevertToType> it's set to scan=1 so it picks up and connects just fine
<RevertToType> after 30 minutes it drops though
<RevertToType> yet running dhclient -r / dhclient or just dhclient picks it back up
<RevertToType> so i assumed the retry was just too long and the lease was just generally expiring so i waited the 300 seconds and no dice still down
<RevertToType> i had to run dhclient manually at boot every time to get an ip and be able to do normal internet things
<genii> RevertToType: Might want to see if the dhcp server accepts request for specific lease time by twiddling with the: send dhcp-lease-time 3600;    ..line in the /etc/dhcp/dhclient.conf file
<RevertToType> dhclient is a one shot... i don't have dhcpcd installed... that might be the issue?
<RevertToType> or run dhclient -w?
<RevertToType> cause i need something ongoing when the lease expires?
<RevertToType> am i just that cluelessly stupid?
<RevertToType> i am i think
<genii> You don't need dhcpd, that one is for assigning IPs to clients :)
<RevertToType> dhcpcd
<RevertToType> not dhcpd
<genii> Ah, misread. Possibly, it does try to renew automatically. But the regular dhclient should too.
<RevertToType> hrm well that was a failure of epic proportions...
<sarnold> I wonder if systemd is killing the dhclient unexpectedly?
<RevertToType> i just installed and tried it gave a whole minute of connection and then was like nope
<sarnold> you might want to do some ghetto-troubleshooting like having a while true ; do sleep 1; ps auxw >> jobs ; done   -- and when the IP drops, see if dhclient was running at the time..
<genii> ewww
<RevertToType> yeah i was really thinking some hacky thing like that ugh
<RevertToType> really didn't want to
<genii> RevertToType: I have to leave, but I'm around weekdays 9:30am-5pm EDT  ( later tonight than usual) , if it's not solved tonight we could poke at it again tomorrow
<RevertToType> ok... i'm really grateful for all of your help folks
<RevertToType> like honestly
<RevertToType> removed dhclient from the systemd services and am gonna test with dhcpcd to see how that goes just in case
<RevertToType> cause it was for sure not playing well together maybe with a bit-o-luck that was all i needed to do... i'm sure i'll be back in 30 minutes tho :V
<teward> thought dhcpd was a dhcp server/daemon, not a dhcp client
<genii> !info dhcpcd
<ubottu> dhcpcd (source: dhcpcd): DHCP client for automatically configuring IPv4 networking. In component universe, is optional. Version 1:3.2.3-11 (vivid), package size 46 kB, installed size 151 kB
<teward> ah
 * teward misread :)
<sarnold> not at all confusing is it? :)
 * genii wanders off
<teward> sarnold: heh
#ubuntu-server 2015-09-16
<rbasak> smb: http://dpdk.org/ml/archives/dev/2015-September/023183.html
<megagigawatt> Hi there, I was wondering if anyone could help me with a samba/acl issue i am having please, I have made a post on the forums here http://ubuntuforums.org/showthread.php?t=2294351 which is probably easier to understand than me trying to type it out here, thanks in advance
<funkenstrahlen> Hey, I need some help setting up unattended upgrades on my ubuntu server. I installed and configured it, but it does not get run automatically somehow...
<funkenstrahlen> I used this infopage to set it up https://help.ubuntu.com/community/AutomaticSecurityUpdates
<teward> funkenstrahlen: what makes you say it's not run?
<funkenstrahlen> teward: I checked back after 14 days. could not find any logs in /var/log/unattended-upgrades. Then I ran apt-get upgrade manually. some updates where found. so I ran unattended upgrades manually and a log was created.
<funkenstrahlen> teward: So this is evidence for me it did not run at all
<funkenstrahlen> my apt.conf.d looks like this: https://gist.github.com/funkenstrahlen/2153d78dc2a786bb9c4d
<funkenstrahlen> so periodica intervald of each day is set
<funkenstrahlen> I *think* I might now the problem, but do not know enough about how unattended upgrades work
<funkenstrahlen> I found a script in /etc/cron.daily/apt.disabled
<teward> funkenstrahlen: OS?
<funkenstrahlen> I assume that by default this apt script runs the unattended upgrades?
<teward> or rather the version
<funkenstrahlen> teward: ubuntu server 14.04 lts
<funkenstrahlen> I thought maybe the *.disabled blocks it from getting run?
<funkenstrahlen> but why is it .disabled? there is no word of that in any tutorials
<funkenstrahlen> and because it works fine when I run unattended upgrades manually, I do not think there is a config file error. Its just not getting called at all
<prudentmav> any thoughts on the use of serverpilot? If any of you use it
<funkenstrahlen> teward: still there? any idea?
<dft> prudentmav: never used it but it looks interesting.
<thebwt> funkenstrahlen: unattended upgrades doesn't just run apt-get upgrade on a cron
<prudentmav> dft I used it on a development environment and it did save a lot of time but just hesitant to use in a production environment
<thebwt> it picks specific package types
<funkenstrahlen> thebwt: yes I know. still I would like to know why my unattednded upgrades does not get run daily
<dft> prudentmav: I hear you.  If serverpilot goes away, what will take to unplug your VPS's from it and take manual control of your wp sites
<prudentmav> yeah that is the big unanswered question for me
<dft> I think I would rather
<dft> ack
<dft> typing spasm
<dft> rather use aws and bootstrapping if I was in the business of building wp sites for all sorts of clients.
<dft> I think I would rather roll my own wp/vps builder using AWS's api.
<prudentmav> I use digitalocean and just tired of sysadmin tasks... I'd rather stick to app and front end dev work
<siebjee-> Hi Guys, I'm running ubuntu server 15.10 with 4.1.0.3-generic kernel. And updated to 4.2.0-7generic. But it has not been live updated. I thought this was new in 4.0 kernel ? Any info on this ?
<jpds> siebjee-: I imagine the tooling with apt isn't yet in place
<siebjee-> jpds: is there a way to force this anyway ?
<siebjee-> I'd realy like to see this happening! *_*
<jpds> (Also, I don't think it's a good idea to run a non-LTS release on a server)
<siebjee-> Its my private server, so don't really care about LTS on there or not :)
<siebjee-> On production servers i would care about LTS
<Seveas> siebjee-: there is no such thing as live kernel updates.
<siebjee-> On arch it is possible to update the kernel without down-time
<revolve> is there any way of getting dlm-pcmk on 12.04?
<rbasak> frediz: from #ubuntu-devel:
<rbasak> 15:54 <stgraber> rbasak: I'm happy with ginger, for kimchi, you're missing a debian/copyright entry for  ui/pages/help/gen-index.py which is LGPLv2.1+ and not Apache2 as debian/copyright declares
<jpds> rbasak: https://launchpad.net/ubuntu/precise/amd64/dlm-pcmk
<rbasak> jpds: ?
<jpds> rbasak: Err, that was for revolve.
<rbasak> np
<revolve> jpds: right, I'm on trusty though
<revolve> can I get those sources?
<jpds> revolve: You said 12.04
<revolve> right
<revolve> ah 14.04 sorry
<RevertToType> so... it's definitely something related to the dhcp lease...
<RevertToType> seems client side not server side
<RevertToType> after about 30 minutes it drops.... running dhclient in terminal kicks it back in (don't even need to release the old lease...)
<RevertToType> using dhcpcd as the daemon didn't resolve it... dhclient is back on but no clue why it keeps dropping
<Slugs_> would you recommend hardware or software RAID?
<RoyK> Slugs_: I'd recommend sw raid
<RoyK> Slugs_: but it all depends the use of it
<Slugs_> yeah alot of people are recommending sw
<RoyK> Slugs_: hwraid can be fine on the boot medium, since it outrules problems with boot sectors
<tonyyarusso> I usually go for SW too, so I don't have to worry about finding a matching controller if it dies.
<RoyK> Slugs_: sw raid (or zfs if you're doing the planning well) is what I'd recommend for data
<Slugs_> RoyK: zfs not ext4?
<RoyK> !zfs
<ubottu> For information concerning ZFS and Ubuntu, see: https://wiki.ubuntu.com/ZFS
<RoyK> Slugs_: zfs is something like mdadm+lvm+checksumming
<Slugs_> wow
<RoyK> Slugs_: it's very secure, checksumming all over, but it's not very flexible
<RoyK> Slugs_: I'm using zfs in production, also on my home server, but I'm planning to go back to mdadm, for various reasons
<Slugs_> i see
<RoyK> Slugs_: if you have a machine with ECC RAM and you don't want to add new disks to the raidset, use ZFS - otherwise, I'd suggest mdadm raid
<Slugs_> well Iâm trying to simplly setup 4, 4TB drives in a RAID0 config for performance
<jelly> how do you even put "4TB drives" and "performance" into the same sentence
<RoyK> Slugs_: just don't do that
<jelly> are there 15krpm 4TB drives now?
<RoyK> Slugs_: what sort of performance? iops or sequencial?
<RoyK> jelly: no
<jrwren> no btrfs love?
<Slugs_> oh i see, the drives are too big for âperformanceâ im assuming your all saying
<RoyK> Slugs_: a single 4TB drive can do something like 200MB/s sequencially, far less with seeks, very far less
<RoyK> Slugs_: it all depends on how you look at performance
<Slugs_> im trying to write about 80 mbps
<Slugs_> constantly
<RoyK> Slugs_: 4TB drives spin at 7200rpm, meaning they may do 120iops
<patdk-wk> heh, that is a lot of iops for 7.2k rpm
<RoyK> Slugs_: a single drive can do that - a raid5 with four drives can certainly do that unless the CPU is something 10+ years old
<RoyK> patdk-wk: 'may' do - usually around 80
<Slugs_> i thoguht raid0 was better then raid5 since its only stipped
<RoyK> Slugs_: striped, not stripped
<Slugs_> sorry yes
<RoyK> Slugs_: raid5 on 3 drives has about the same speed as raid0 on 4 drives
<RoyK> Slugs_: for reads
<RoyK> Slugs_: a wee bit less for writes
<Slugs_> i need writes more then reads in this setup
<Kalimer0> my server hangs during the restart via cron . it fails to shutdown syslog-ng . any ideas?
<RoyK> Slugs_: and you'll be a sorry bastard if using raid0 with your data and a drive fucks up, and it will, beleive me on that
<RoyK> Slugs_: is the data important?
<ikonia> RoyK: come on with the language !
<Slugs_> RoyK: understood
<RoyK> Slugs_: if the data isn't important, use raid0
<RoyK> Slugs_: if you need massive writes and the data is important, use raid1+0
<patdk-wk> you mean, if uptime isn't important
<RoyK> patdk-wk: or data
<patdk-wk> why? backups cover important data, not raid
<patdk-wk> raid covers uptime
<ikonia> design to your requirements
<RoyK> patdk-wk: well, if you have a truckload of writing, backups won't be enough to get the important data if a drive is lost 23 hours after last backup in a raid0 setup
<Slugs_> so just to be clear raid 1+0 is good of data *is* important as well
<Slugs_> *if*
<Slugs_> s/of/if
<patdk-wk> that is a backup failure then, backup every 5min, I do
<RoyK> Slugs_: with 1+0 you'll get the best of both worlds, good iops and good sequencial i/o, but you'll have to get a lot of drives
<Slugs_> 4 not enough/
<Slugs_> ?
<patdk-wk> some servers I even have on continuous backup, once it's done, it starts again.
<RoyK> Slugs_: what are your requirements? what sort of backup do you use? etc?
<patdk-wk> raid6 is generally better than raid10 with limited disks
<patdk-wk> but it does have iop issues
<RoyK> Slugs_: are you on 10Gbps or just gigabit?
<patdk-wk> but better for protection
<RoyK> patdk-wk: obviously true
<Slugs_> RoyK: I donât care about backing it up, im using 1 gb (network)
<patdk-wk> raid10 has the issue if one disk breaks, you depending on the other disk to be fine, normally this is the case, and not an issue
<RoyK> Slugs_: what sort of i/o is this? are you just dumping data to this?
<Slugs_> yes im wriring multicast video to disk
<Slugs_> 80 mpbs
<RoyK> then use raid[56]
<RoyK> it's good for sequencial stuff
<RoyK> 80Mbps is rather a lot
<RoyK> use mdraid with a large chunk size and use raid-5 or better raid-6
<Slugs_> the bottleneck would be my drives?
<Slugs_> 7200 rpm
<RoyK> with a large chunk size, the drives should do 100MB/s each
<RoyK> or more
<Slugs_> and i can configure this with mdraid?
<RoyK> man mdadm ;)
<Slugs_> ok
<Slugs_> RoyK: Thank you for the advice
<RoyK> Slugs_: what is this - cctv stuff?
<Slugs_> and guidance
<Slugs_> no, NPVR
<Slugs_> network PVR
<Slugs_> for off-air channels
<Slugs_> recording live tv
<RoyK> same thing, really
<Slugs_> sure, just thought you wanted to know ;)
<RoyK> Slugs_: just use a large chunk size on that raid
<Slugs_> ok
<RoyK> Slugs_: and use at least raid-5
<Slugs_> ok
<Slugs_> Thank you again
<RoyK> Slugs_: your boss will hate you if the raid goes down and the data is lost
<Slugs_> well i already hate him, so we will be even
<RoyK> Slugs_: also, better use a lot of spindles rather than a few large ones
<Slugs_> yeah, more drives the better
<RoyK> Slugs_: the most important is the chunk size - 1MB minimum
<Slugs_> it might even make sense to add more smaller capacity drives
<Slugs_> ok
<jrwren> how many video streams are you going to record at once?
<RoyK> 4MB or 8MB may be practical
<Slugs_> im recording 40, 3.5 Mbps streams at once
<jrwren> wow! cool. good luck :)
<RoyK> Slugs_: and monitor CPU use - it will be used for parity calculation - it should be pretty fast, but at the rate you're mentioning you may need a good CPU (or four)
<sarnold> 160 Mbps? not 160MBps?
<RoyK> Slugs_: sar/sysstat may be a good friend for long time monitoring, so may munin be
<Slugs_> 4 core, Intel(R) Xeon(R) CPU E5-2609 0 @ 2.40GHz
<RoyK> sarnold: 160MBps won't work too well over gigabit ;)
<sarnold> RoyK: true :)
<RoyK> Slugs_: should do well
<RoyK> Slugs_: what is the current cpu usage over the last hour?
<Slugs_> im not recording anything...
<mtl11> Hi. I'm trying to figure out an issue with unmodified cloud images. If I download and launch a 14.04 cloud image on openstack, when I try to update the kernel or otherwise run update-grub it hangs trying to "modprobe btrfs".  Anyone have any idea why it might be doing that?
<RoyK> Slugs_: then install sysstat, enable it, install munin-node and perhaps munin if you don't have a munin installation somewhere and make nice graphs to see how it's behaving
<Slugs_> awesome thank you
<RoyK> Slugs_: there are several other monitoring systems available, but munin is easy to install, so I'd recommend it if you don't have any experience in monitoring
<Slugs_> i donât so thank you
<Slugs_> the more i learn the more i realize i donât know
<RoyK> Slugs_: touchÃ©
<RoyK> Slugs_: that's philosophy ;)
<Slugs_> RoyK: Yes ;)
<RevertToType> so still thirty minutes even after changing dhclient.conf to send dhcp-lease-time 600;
<RoyK> rbanffy_: did you restart dhclient?
<RevertToType> restarting it works but i need it to do that automatically
<RevertToType> like i shouldn't even have to do that
<sarnold> RevertToType: copy aside your dhclient systemd thingy, apt-get purge dhclient, and try out dhcpcd instead. This has just been too much hassle...
<boshhead> Hello, I'm trying to install ubuntu 15.04 server, I have also tried 15.10 server and the system gets stuck after "boot-efi.mount". I've typed up the messages I get on bootup: http://paste.ubuntu.com/12428947/
<boshhead> Both 15.04 and 15.10 hang on the same message.
<RevertToType> sarnold: i basically did that yesterday and dhcpcd didn't seem that good but i'll do a full reboot and try again :(
<sarnold> RevertToType: oh. :(
<RevertToType> "virtual packages like 'dhcp-client" can't be removed
<RevertToType> oi dpkg
<RevertToType> dpkg is saying it's not installed
<RevertToType> WUHT
<RevertToType> update/upgrade time
<sarnold> RevertToType: dpkg -l '*dhc*' may show what's really going on..
 * RevertToType nods
<sarnold> boshhead: dang that's the worst thing to google for, ever.
<boshhead> sarnold: yeah there's no relevant results on google
<boshhead> so im in despair :P
<boshhead> oh wait.. maybe this is it "It sounds like your initramfs doesn't have the needed module for vfat." - im gonna try adding vfat to /etc/modules if it doesn't exist
<boshhead> after that ill try replacing grub with elilo or refit
<RevertToType> sarnold: it lists it as unknown for desired action and not-installed
<sarnold> boshhead: mkinitramfs(8) suggests /etc/initramfs-tools/modules is the place to put modules
<boshhead> sarnold: oh right the other file is generated. thank you.
<robertj> so is debootstrap for vivid just...broken?
<boshhead> rebooting, which me luck :)
<netameta> well, i have jenkins set up, Not insde a container. now i am trying to run a job, the job should clone a repo from github, and then run a bash script. , i am not sure how to tell jenkis where to clone the repo to.
<ikonia> try #jenkins ?
<netameta> Thanks
<RevertToType> this is gonna be the death of me... grabbing a second laptop- out of our bin--- starting from scratch... maybe i just left too much of a mess
<dmsimard> jamespage: Sorry to poke you, did you guys notice any issues around python-cryptography/python-cffi on liberty packages with services like nova or keystone ?
<jelly> Slugs_: you'll eaither need to mux that back to some 1-4 streams to disk, cheap 4TB sata disks are not very likely to be able to work with 40 parallel writers
<jelly> either ^^ or get a drive array that can actually survive more random io
<jelly> if they're only writing for archival purposes and never reading, it might be doable
<jelly> (and if you want users to also watch those saved streams, you're looking at SSDs or ramdrives, two orders of magnitude more expensive solutions)
<ratrace> is Ubuntu (15.04) capable of booting from root on multi-disc btrfs? It requires special btrfs device scan support.
<ratrace> I'm talking about mounting root, not actually booting, I know /boot can't be btrfs
<netameta> How can i create a new user and assign it ssh key ?
<netameta> new user is adduser, but how can i assign it neww ssh keys
<OerHeks> netameta, login as that user, and follow the guide ? https://help.ubuntu.com/community/SSH/OpenSSH/Keys
<netameta> OerHeks, i dont think i can log in with this user
<netameta> not before i have ssh keys for it
<netameta> ec2 restrict access to only ssh keys
<netameta> unless, its possible to create a user from the main user, and then use the new user and follow that guide
<OerHeks> netameta, oh, not sure how ec2 works, they should auto make ssh keys when adding an user, logically
<netameta> yea i have 1 pair for the main user
<netameta> so i can log on their instan
<netameta> but i need another user
<netameta> Is it possible to create a user and then "mount" it ?
#ubuntu-server 2015-09-17
<RevertToType> sarnold: if you're there it seems the problem is that the realtek driver / module isn't loaded so i can't load the -d part of my wpa_supplicant command
<RevertToType> lsmod is saying it's loaded but wpa is saying nope
<sarnold> RevertToType: o_O really?
<sarnold> can you pastebin it all?
<RevertToType> which thing?
<RevertToType> lsmod or the error?
<sarnold> wpa output. lsmod output
<sarnold> might as well do em both ;)
<sarnold> (pastebinit command helps immensely here, if you haven't seen that package yet..)
<RevertToType> lsmod | grep rtl lists All of the things /lib/modules........./rtl8192se is present
<RevertToType> thank you for that tip by the way!!!
<RevertToType> i was like "how do i do that!?!
<RevertToType> it's saying "unsupported driver rtl8192se' for wlan0
<RevertToType> oh crap... is this a hardware revision thing (lenovo is the bane of all that is holy for this)
<RevertToType> no it can't be.. the damn lshw shows it as realtek
<sarnold> it is common for vendors to release something completely different under an old and well-established name..
<RevertToType> well lenovo is notorious for it
<RevertToType> i have like 3 catalog computers here that are all the same model, 3 different wireless cards
<RevertToType> ugh why is it not liking this driver.... butttt
<RevertToType> meh start over from scratch nbd now i know what's up i can do it from the start right
<Fishscene> Greetings. I have a fresh install of Ubuntu Server 15.04. I ran "sudo apt-get install mysql" and I've had trouble ever since. I finally got it to install, but now when I run "sudo mysql -u root", it throws: "ERROR 1524 (HY000): Plugin 'unix_socket' is not loaded" Several websites have mentioned adding "plugin-load-add = auth_socket.so" to /etc/mysql/my.cnf", then running "sudo mysql -u root", but it spits the same error. Any ideas?
<lkthomas> hey folks
<lkthomas> hey folks, what happen if you have two interface which on the same subnet ?
<TJ-> lkthomas: You've already had an answer to that a few hours ago in ##networking :)
<lkthomas> TJ-, yes sure :)
<Dulcin> Hi I'm about to clean install my server and copied (hopefully) all files, but can anyone double check if they think I might be missing something? I copied: all websites, a mysqldump of all databases, mysql config, apache config files
<revolve> does anyone know how to get dlm-pcmk on ubuntu trusty?
<revolve> I've got the sources but they won't build :-|
<kgirthofer> hey all - if I want to copy a file (same name) from many directories and keep the directory beneith the file into a nother dir how do I do that
<kgirthofer> i..e copy dir1/config.xml and dir2/config.xml into confits/dir1/config.xml and configs/dir2/config.xml
<kgirthofer> cp --parents dir*/config.xml configs/
<dft> kgirthofer: is that what you've been trying or what actually worked?
<kgirthofer> yep
<kgirthofer> worked
<dft> excellent
<kgirthofer> gold star
<dft> assuming all dir* is in your cwd?
<kgirthofer> ya
<dft> I was thinking of something a little more complex regardless of cwd
<dft> find ./Documents/ -type f -name "config.xml" -ls | sed -e 's/.*\/\(.*\)\/\(config.xml\)/ \1 \2/g' | while read -r d f; do echo "cp $d/$f config/$d/$f";done;
<samba35> hi
<cwillu_at_work> kgirthofer, rsync has builtin functionality to do that
<cwillu_at_work> dft, no solution that involves ls and sed is correct, ever
<cwillu_at_work> (find -ls counts as ls for our purposes here)
<Meerkat> I would like to install ubuntu server from a USB stick with preset preferences. So all I need to do is plug it in and the installation with my settings starts and completes without any interaction. Is there a simple way to do this?
<jpds> Meerkat: Yes, create a preseed file
<jpds> Meerkat: https://help.ubuntu.com/lts/installation-guide/amd64/apbs02.html
<Lihis> I'm running simple server which services are mostly used by me and couple of my friends. Server IP is dynamic. How I could make simple failover for the server? By simple I mean that I could let the users to see static "server down" page.
<jpds> Meerkat: If you're managing a fleet of servers, you're better off creating a provisioning server
<jpds> Lihis: If the server is down, how are you going to make it display any page?
<Lihis> jpds: Maybe with another server, maybe some cheap VPS?
<cwillu_at_work> Lihis, in which case, that's where you should put your services, typically
<cwillu_at_work> (perhaps having it forward some things to your other server, depending on your needs)
<Meerkat> jpds, thanks. looking into this. seems promising. =)
<Lihis> cwillu_at_work: Okay. How I could do the forward? And stop the forwarding when the server is down?
<cwillu_at_work> Lihis, depends on what you're forwarding
<cwillu_at_work> apache has builtin things for this, for instance
<jpds> Lihis: That would involve some fancy DNS/IP flipping, easier to just fix the server ;-)
<cwillu_at_work> without some sort of heartbeat system though, this usually requires one failure before apache (or whatever) notices that it's not working
<cwillu_at_work> (otherwise it could interfere with a working connection and foul things up, which is why planes with 2 engines crash more than planes with 1 engine)
<cwillu_at_work> (more things to go wrong)
<cwillu_at_work> Lihis, active error handling tends to be like this: you have to do a lot more work before the end result is actually more reliable than the do-nothing approach, let alone simple passive approaches
<Lihis> cwillu_at_work: Apache and UDP traffic. I'll stick with the do-nothing approach then.
<Lihis> jpds: As you said, probably just easier to fix the server :)
<cwillu_at_work> yeah, apache is straightforward'ish (I do something like this just to local services listening only on localhost, exposed by apache), but really only because http has lots of provisions for these sorts of things
<cwillu_at_work> and, on the other hand, a random udp protocol almost certainly does not
<cwillu_at_work> Lihis, if your protocols have some way of determining if they're up unintrusively
<cwillu_at_work> i.e., via a no-op udp message that gives a reply you can check
<cwillu_at_work> then you could add a service that polls it on some interval, and emails someone if it's brokejn
<cwillu_at_work> that's an example of the "passive" style approach I referenced, where instead of trying to actively fix something, it just makes sure someone knows that it broke
<cwillu_at_work> where a simple active approach might try to restart the service, causing hilarity if the service was actually working fine, but something else broke in the monitoring program, or the network config (potentially in a way that doesn't matter to actual users; think hardcoded ip address in the monitoring app, while users use dns to get the current address, etc)
<Lihis> cwillu_at_work: Yeah.. You have a good point. I will do some kind of passive approach. Thanks for the help!
#ubuntu-server 2015-09-18
<hplc> anyone knows if theres any premade guide to howto make a http streaming movieserver out of ubuntu-server?
<KervyN> Hi maybe someone could help me to find a good piece of software. I am looking for a caching proxy for apt and yum. It should verify signatures and work with ssl. AND it should only cache the packages, not the indexes :-) Any idea?
<lordievader> Good morning
<KervyN> Hiho
<stonerl> KervyN: I used apt-cacher
<stonerl> https://alioth.debian.org/projects/apt-cacher-ng/
<KervyN> stonerl: Problem is the missing gpg verification
<KervyN> but thanks :-)
<stonerl> you're welcome
<admin0> in /proc/irq/default_smp_affinity , i see some servers have ffff,ffffffff,ffffffff,ffffffff,ffffffff  while some have ffff,ffffffff .. which is the correct one ? all servers are same and have 32 cpus each
<Pici> 6/70
<ara> stgraber, hey!
<ara> stgraber, I am getting the errors generating locales in LXC (host trusty, container trusty)
<ara> stgraber, similar to these: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/969299
<ubottu> Launchpad bug 969299 in linux (Ubuntu) "Don't require use of mediate_deleted with LXC (was: apparmor prevents dpkg-divert and localedef from working in a container)" [Medium,Confirmed]
<ara> stgraber, but that's supposed to be fixed a long long time ago (and I can still remember, how that music...)
<ara> stgraber, no worries, fixed
<ara> stgraber, some misconfiguration of locales in my host was affecting the container
<stgraber> ara: ah, good
<ara> stgraber, it is that I have all my system in English and, therefore, I had installed language-pack-en
<ara> stgraber, but my timezone was Spain/Madrid, but I hadn't language-pack-es installed (I guess it is not needed for just the timezone)
<ara> stgraber, but lxc didn't like it
<ara> installing language-pack-es in the host and clearing the cache solved the issue
<Elion> hello, i just installed via pxe an ubuntu server 15.04, and i can't get it to boot, the first error was : diskfilter writes are not supported, i managed to avoid it by replacing 'quick_boot="1"' with 'quick_boot="0"', but now i get "can't find command load_video" how can i fix it ?
<smb> utlemming, arges, ok xe-guest-utilities (proposed) installed on p,t,v and bug updated
<arges> smb: thanks!
<Elion> Hi, how can i connect to a wireless 802.1X PEAP mschapv2 network with ubuntu 15.04 server ?
<Elion> (woops my bad, this network is not wireless !)
<Elion> but still i can't connect on this network...
<teward> Elion: have you looked at https://help.ubuntu.com/community/Network802.1xAuthentication
<teward> Elion: and is it wireless or wired?
<teward> sarnold: were there any updates to OpenSSL in the past three days?
<sarnold> teward: no, most recently was to wily openssl in the middle of july https://launchpad.net/ubuntu/+source/openssl
<teward> sarnold: no updates for Trusty by sec team, etc.?
<sarnold> teward: no, most recent for trusty was three months ago, in june
<jrwren> anyone good with cloud-init and cloudimg know why openssh wouldn't be listening? I thought it always ran by default in cloudimg. Do I have to do something to get it to start?
<sarnold> jrwren: do you need to deal with e.g. security groups in your cloud provider?
<jrwren> sarnold: I'm my cloud provider. I'm using xhyve.
<jrwren> it turns out it kinda worked.
<sarnold> aha :)
<sarnold> hooray
<sarnold> did it take forever to generate server keys or something?
<jrwren> it had to wait for cloud-init to timeout trying a couple of unwanted sources. I wonder if I can use kcmdline to tell it to skip those?
<jrwren> it was calling http://{DEFAULTROUTE}/latest/meta-data/instance-id  and http://169.254.169.254/2009-04-04/meta-data/instance-id
<sarnold> ahh I always wondered where those things were hosted
#ubuntu-server 2015-09-19
<MannyLNJ> Looking for guides on securing my home ubuntu server
<sarnold> disable password authentication to ssh, use ufw to allow only the ports you want open, use apparmor to confine the services that you do run; under no circumstance use a web "control panel" thing, those are usually garbage
<sarnold> set up unattended upgrades if you won't be logging in regularly
<MannyLNJ> sarnold, so instead of password auth for ssh use a pre-shared key? I only want to allow Point to point tunneling, for a VPN, and access to my calibre library from the outside world and inside my lan access some shared printers including a PDF printer on the Ubuntu server
<sarnold> MannyLNJ: yes, the ssh public key stuff is actually more convenient than using passwords anyway, so that'll be for the best :)
<MannyLNJ> sarnold, I forgot if I have another firewall on the system. i'm thinking if I got PPTPD working then i do so would UFW - Uncomplicated Firewall cause a conflict?
<sarnold> MannyLNJ: ufw is a friendly front end to iptables; if you're doing iptables entries yourselves for other reasons, feel free to skip ufw.
<MannyLNJ> sarnold, I prefer not to do them myself because I think a 6 year old knows more than i do about this topic
<sarnold> MannyLNJ: hehe, I know the feeling, iptables baffles me. that's why I like ufw. but if you're oging to run a vpn concentrator thingy yourself, you may need more than ufw is prepared to do for you.
<patdk-lap> heh?
<MannyLNJ> sarnold, I am just concerned about my system being compromised and used as a base to launch DDOS attacks. Or should I not be too concerned since I'm just on a home network
<patdk-lap> iptables is great
<patdk-lap> it's the whole ebtables and stuff that gets odd
<sarnold> patdk-lap: I used ipf and pf for years, the change to iptables way of thinking hurts my head
<sarnold> you're right thuogh, ebtables is Much More So :)
<MannyLNJ> I know the only truly secure system is one in a locked room with no keyboard, no network connection and encased in concrete but that would be useless ;-)
<patdk-lap> I never wrapped my head around pf
<patdk-lap> did a crapload of ipchains
<sarnold> I never did ipchains either; I did ipfwadm, that fit my head alright..
<patdk-lap> I was huge into 2.0 and 2.2 kernels
<patdk-lap> was kindof depressed when I was forced to upgrade to 2.4
<patdk-lap> and the scheduler and memory stuff was totally rewritten and my custom scheduler wouldn't work without well, months of rewrites
<sarnold> and then they threw away the scheduler and memory stuff again a few releases later, hehe
<MannyLNJ> Another question-- I need to print from my Windows system to a PDF printer on my Ubuntu system. I *think* I have it installed correctly on the Ubuntu system see http://paste.ubuntu.com/12460867/ but can't get it to show as a shared printer in the network list
<sarnold> MannyLNJ: it looks like you need to set the access controls via <location> and set "browsing on" https://wiki.archlinux.org/index.php/CUPS_printer_sharing#Manual_setup
<MannyLNJ> sarnold, reading it....
<MannyLNJ> sarnold, I followed it but must have done something wrong because it isn't being seen by the PC
<sarnold> MannyLNJ: note one of the lower infoboxes that suggests windows is picky about the specific name
<sarnold> it may not show up in a browser, you may need to type it out
<sarnold> MannyLNJ: it may help to make the name as boring as possible -- lowercase a-z, no spaces, no punctuation, etc.
<MannyLNJ> sarnold, I think the problem is my firewally actully
<sarnold> could be :)
<MannyLNJ> sarnold, Would you be willing to help me figure out where I fsked it up and fix it?
<sarnold> sorry, gotta run MannyLNJ -- look for the zeroconf or whatever it's called services...
<sarnold> and use samba only as  a last last last resort
<MannyLNJ> sarnold, k
<PrudentMav> when you set dir owner to www-data then upload/edit files as root, are they still owned by www-data or do you have to keep changing the owner?
<lordievader> Good morning.
<lo72> lsit
<lo72> list
<linocisco> hi all
<linocisco> i have only internet from USB cable of Nokia E-5
<linocisco> it is ok to use internet on ubuntu desktop but I dont know how to provide internet to ubuntu server
<mripguru> hey guys - I've got a Dell 2950 III which I just freshly installed with 12.04 LTS â I can access it via the local network, etc., etc. â but, no ping or access from the outside world (though the box can access the outside world no issue).
<mripguru> This was all working just fine on CentOS 6.
<huttan> mripguru: Does your new ubuntu have the same IP that the centos had ?
<huttan> mripguru: if all worked before, it might be as easy as changing IP, assuming that your router settings are the same too
<Ub3rN00b> I'm trying to use Vagrant for the first time and am having a little trouble. I'm using Ubuntu and Apache, and when I try going to mysite.dev I get the error m"You don't have permission to access / on this server." I set all file and directory permissions to 755. Any ideas?
<mripguru> huttan:  yes - all is the same
<mripguru> huttan:  that's the strange thing though
<mripguru> huttan:  it all works just fine on the local LAN
<qman__> mripguru: the only parts of that which are on the Ubuntu side are the IP, mask, and gateway settings, the rest is up to the router
<qman__> Firewall settings could be blocking it too, but it has no rules by default and would allow it
<qman__> If you changed hardware, the router might be unhappy about the MAC address changing
<mripguru> qman__:  MAC address didn't change though
<saldot__> trying to get ubuntu server running on my intel nuc but all i get is a black screen with a text cursor in the left corner when i boot
<sciiam> Hi !
<sciiam> Does anyone knows why postfix would keep appending full hostname when I put in configs that: myorigin = <domain.com>  ?
<sciiam> i mean appending to the email address of the sender
<sciiam> keep sending mail as user@host.domain.com
<sciiam> anyone?
#ubuntu-server 2015-09-20
<PrudentMav> is there a way to run the same command inside of all folders in a dir?  I want to clear the contents of each public folder on all domains and then install a cms in each
<PrudentMav> I have 8 domains
<Eldunar> hello guys i wanted t start journey with servers. I installed the ubuntu-server 15.04 on vbox.1st adapter is settled to NAT and 2nd to host only. the host only adapter IP is : 192.168.56.2. but ssh is listening to 0.0.0.0:22. Please help me:)
<Eldunar> ssh: connect to host 192.168.56.02 port 22: Connection refused <- output of client-shh when i tried to acces
<CrypticSquared> are you drunk?
<Eldunar> why u asked?
<CrypticSquared> the second ip is different
<Eldunar> where?
<Eldunar> oh yeah
<Eldunar> but it is still same output
<Eldunar> still connection refused
<CrypticSquared> it's a virtualbox issue not ubuntu. you might want to ask in that chan
<mripguru> Does anyone know if Ubuntu 12.04 has any issues running on a Del PE2950III - specifically related to networking. I've got a bit of a strange issue.
<mripguru> *Dell
<mripguru> (I can access the server from anywhere on the LAN just fine â but, nadda from the outside world.)
<mripguru> This all worked just fine under CentOS 6 with the exact same configs, etc.
<tarpman> mripguru: check that the gateway (default route) is set correctly
<mripguru> tarpman:  seems to be
<mripguru> (http://pastebin.com/EfJsVNC5 - my network is 174.136.47.0/24)
<mripguru> the odd thing (well, maybe not so odd) is that I can get out FROM the box to anywhere on the Internet
<mripguru> just not inbound.
<tarpman> any firewall configured? ufw, iptables, anything else?
<mripguru> there's a HW firewall in front - but, the network I'm testing from is part of the allowed range
<mripguru> (and even on the VPN behind the FW - no workie)
<mripguru> keep in mind - this EXACT same setup works flawlessly under CentOS
<tarpman> fun. I'm afraid I have to leave... hopefully someone else can help you get further.
<mripguru> tarpman:  strange though - right?
<tarpman> mripguru: frankly, I'm expecting it to be something that you'll kick yourself for not thinking of after you figure it out :P
<tarpman> goodness knows i've had enough of those...
<mripguru> tarpman:  not so sure on that â since if it was a routing/networking typo
<mripguru> I shouldn't be able to get out of the box?
<mripguru> but - not out of the realm of possibility.
<lightair> hi! Does someone know how I can install iRedMail onto ubuntu so that all web-ui is installed not with subdomain address "mx.example.com", but under root domain - "example.com"?
<jak2000> how to add a second ip to my server i try: ip addr add eth0 192.168.0.3/24 not work
<jak2000> reading... on google
<jak2000> too not work: sudo ip addr add 192.168.0.3//24 dev eth0     :(
<jak2000> anyone cna try help me? i added a secondary ip: but cant surf on internet: http://pastie.org/10433873
<jak2000> ip route tell me: default via 172.16.11.254 dev eth0
<jak2000> but i havent this ip adrees (is on my work)how to change default gw is via: 192.168.0.1   ?
<naxa> I would like to use foreign characters over ssh. I did loadkeys locally and then ssh in terminal. the new keymap is qwertz so I see it is changed because on remote also y turned to z. however accents do not work, no character is printed when I type accented keys. not sure what to do from here
<naxa> ps. locally they work :)
<naxa> ok, actually its working for some user remotely and half-working for the other. for the half-working in bash they do not show up, in vi the accented chars show up but an extra trailing space follows them.
<naxa> what am i doing wrong? :)
#ubuntu-server 2016-09-19
<nix_> https://www.youtube.com/channel/UCyJtqKcPDtdGPzTjhdUIQ-Q/live <-- livestreaming linux setup
<nix_> https://www.youtube.com/channel/UCyJtqKcPDtdGPzTjhdUIQ-Q/live <-- livestreaming linux setup
<lordievader> Good morning
<jamespage> coreycb, ddellav: picking up neutron* rc1's
<rbasak> lamont: poke for the bind9 resolvconf fix please. Should I just add a delta to Ubuntu for now?
<rbasak> powersj: is the server ISO oversize issue due to ghostscript still an issue? And if so, who is taking point on that?
<jamespage> ddellav, coreycb: ceilometer underway
<rbasak> Observation of the day: one can type "ip link" with the right hand only. Beats ifconfig :)
<jamespage> ddellav, coreycb: ceilometer uploaded
<jamespage> rbasak, does the git debian importer tool work ok with experiemtnal
<jamespage> rbasak, for the openstack packages we oftern need to work against experimental; to-date we've done that directly in debian git repos, but that's about to change as pkg-openstack in debian is moving dev workflow to openstack project...
<rbasak> jamespage: good question
<rbasak> nacc: ^
 * rbasak isn't sure
<rbasak> I'm sure we can adapt it if needed
<jamespage> coreycb, ddellav: also merged oslo.db and pymysql from debian
<coreycb> jamespage, that sounds scary
<coreycb> :)
<coreycb> jamespage, I've been hitting issues with DFS and oslo.db pymysql
<jamespage> coreycb, there where some breaks but that should now be resolved aiui
<coreycb> jamespage, hopefully.  I had to downgrade pymysql to 0.7.6 and it fixed my issues.
<jamespage> coreycb, lets hope so
<jamespage> coreycb, ok lets block pymysql for now
<jamespage> I'll request that in -proposed asap
<jamespage> it mis-aligns us with upstream
<coreycb> jamespage, might be a good idea
<coreycb> +1
<jamespage> coreycb, block and rejection requested
<jamespage> coreycb, removed from proposed
<lamont> rbasak: let me see what I can do right now
<jamespage> coreycb, ddellav: either of you two doing rc1 for barbican?
<coreycb> jamespage, nope
<jamespage> ddellav, ?
<smoser> nacc, so... silly me tried:
<smoser>  git clone git://git.launchpad.net/~usd-import-team/ubuntu/+source/walinuxagent
<smoser> usd-import --no-push -v --directory=walinuxagent walinuxagent
<smoser> that fails because walinuxagent (--directory) does not have a git or gitwd dir.
<smoser> this would seem to me to be the most useful/expected path for "update"
<smoser> is that supportable ?
<ddellav> jamespage yes i am
<jamespage> ddellav, ok I won't
<jamespage> lemme know and either coreycb or I can sponsor
<ddellav> jamespage will do
<powersj> rbasak, definitely still an issue. ISO is sitting at 812MB
<ddellav> jamespage coreycb plz review lp:~ddellav/ubuntu/+source/barbican
<jamespage> ddellav, on it
<jamespage> ddellav, merged and uploaded - thanks!
<jamespage> ddellav, do you have a list of outstanding rc's still?
<ddellav> jamespage i've just been keeping track of what you guys are reporting and i grab whatever is on the corey's script output that is not been done yet
<jamespage> ddellav, so what's left?
<ddellav> jamespage this is what i have so far: http://paste.ubuntu.com/23203081/
<ddellav> jamespage the debian sync's mostly but they have not been updated in debian yet. sahara, senlin, zaqar
<Donutloop> Has the APT tool a API ?
<Donutloop> That i can write a custom command. I want write a apt-security cve tool
<cpaelzer> jamespage: hey FYI I uploaded a new DPDK today
<jamespage> cpaelzer, aweomse - we should get ovs 2.6.0 this week as well
<cpaelzer> jamespage: it should (tm) have no binary implications, well maybe due to fixing the last remaining lintian issue
<patdk-wk> someone cloned me?
<cpaelzer> which was rpath
<cpaelzer> jamespage: so we might need a no change rebuild, but if you up ovs 2.6 anyway that would do it just as well
<jamespage> cpaelzer, ack
<cpaelzer> jamespage: symbols and all that were untouched, so it should be good - let me know if anything happens when you push latest ovs and I might be able to help
<jamespage> okies
<rbasak> powersj: https://launchpad.net/ubuntu/+source/samba
<rbasak> https://wiki.ubuntu.com/Bugs/Tags
<smoser> rbasak, i'm guessing you're about EOD
<smoser> but do you have thoughts on my usd-import questions to nacc above ?
<rbasak> smoser: seems reasonable that it should autocreate. I thought it did though.
<rbasak> Could that be a recent regression?
<smoser> rbasak, the difference is i dont have a gitwd and git dir
<smoser> i have a .git
<smoser> i wanted to point it at a "normal" git clone
<rbasak> Ah, I see.
<rbasak> That's a bit trickier I think. Your particular case seems reasonable, but we're assuming you have all the remote tracking branches have the right names and tag names etc.
<rbasak> I think?
<smoser> probably, but you'd think that i do...
<smoser> i cloned a branch that was created by  usd-import
<smoser> oh.... but i would need the branches locally too i guess.
<NOVAtechi> hello all.
<NOVAtechi> with mdadm is the metadata the new way of showing which raid level and how many devices?
<NOVAtechi> ARRAY /dev/md/0  metadata=1.2 UUID=149b996f:ec0e9fd3:056621ee:ab58ac2b name=zeus.0
<allen> I'm trying to sftp from my local macbook to the remote server
<allen> i was able to retrive files, no problem, but when uploading, it says "Entering dirname/" and then takes me back to the sftp> prompt
<allen> no indication of a succesfful upload, no status bar for each individual files. What am I diong wrong?
<nacc> smoser: yeah, it's on my roadmap to not rely on xgit
<nacc> smoser: but for now, you need an xgit-style local setup
<nacc> smoser: alternatively, use the importer itself to re-import with --no-clean, and it will setup a local directory (specified or in /tmp) with the appropriate configuration
<nacc> rbasak: jamespage: it knows about experimental, yes (well, it knows about anything published acc'g to launchpad)
<rbasak> nacc: I wonder how well it would work with Ubuntu's packaging not derived from Debian though?
<rbasak> I haven't thought it through.
<nacc> rbasak: i guess i'd need more context, i was purely asnwering the question of experimental :)
<smoser> nacc, right. just want to re-use that tree
<smoser> i dont have the original 'directory'
<smoser> do i need it? or will usd-import dtrt if ij ust run it again
<rbasak> powersj: https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1579708
<ubottu> Launchpad bug 1579708 in mysql-5.7 (Ubuntu) "mysql maintainer scripts fail if files in /etc/mysql have been deleted locally" [Undecided,Invalid]
<nacc> smoser: it will dtrt -- but let me clarify if i know what you're asking :)
<smoser> i jsut dont want it to re-do everything
<nacc> smoser: if you run `usd-import -d <dir> pkgname -o usd-import-team`, the importer should set up a remote pointing to usd-import-team's git repository for that pkg. It will check what the status of all the remote branches are (version/publish date) and then it will compare against lp's source pkg publishing history. Anything new it needs, it will `pull-{lp,debian}-source`, and import. Then it will push
<nacc> (unless --no-push) is given. Preusming usd-import-team's tree is current, all of that would be skipped, and you'd just hav ea directory with git/ gitwd/ (so suitable for xgit) that has a remote with all the appropriate references you need. You'd just need to `git checkout -b <remote branch>` to do local work
<nacc> smoser: that is the intent, at least :)
<smoser> ok.
<rbasak> Odd_Bloke: do you know about bug 1624596? Found during triaging. Not sure why ~ubuntu-server still has a subscription.
<ubottu> bug 1624596 in walinuxagent (Ubuntu) "ephemeral-disk-warning.service causes ordering cycle on multi-user.target" [Medium,Triaged] https://launchpad.net/bugs/1624596
<smoser> rbasak, i will / am looking at that.
<rbasak> $ rmadison taglibs-standard jakarta-taglibs-standard
<rbasak>  taglibs-standard         | 1.2.5-2                | yakkety/universe | source
<rbasak> hcdist yakkety-proposed apt-cache showsrc taglibs-standard
<nacc> jamespage: if you want to give me an example src package, i can do a side-import of it for you to look at
<rbasak> hcdist yakkety-proposed apt-cache showsrc taglibs-standard
<rbasak> Package-List:
<rbasak>  libtaglibs-standard-impl-java deb java optional arch=all
<rbasak>  libtaglibs-standard-jstlel-java deb java optional arch=all
<rbasak>  libtaglibs-standard-spec-java deb java optional arch=all
<rbasak> rmadison libtaglibs-standard-impl-java libtaglibs-standard-jstlel-java libtaglibs-standard-spec-java
<rbasak>  libtaglibs-standard-impl-java | 1.2.5-2 | yakkety/universe | all
<rbasak>  libtaglibs-standard-jstlel-java | 1.2.5-2 | yakkety/universe | all
<rbasak>  libtaglibs-standard-spec-java   | 1.2.5-2 | yakkety/universe | all
<rbasak> cpaelzer: ^
<nacc> rbasak: ok, hit an interesting case -- i was testing if my pygit2 conversion was good (leading to the same git trees as the old importer). Tested with at. On yakkety, dpkg-parsechangelog fails on the first debian ssphr, correctly. But in 16.04 it doesn't (so it successfully imported in the past...). I'm on yakkety now. Would you say just run in 16.04 for now? Or should I fix up at like I have for apt?
<nacc> I'm guessing that dpkg-parsechangelog has gotten stricter/more correct in 16.10
<nacc> oh, it looks like dpkg-dev moved from programs to perl modules
<smoser> nacc, whati'd i do wrong
<smoser>  http://paste.ubuntu.com/23203695/
<nacc> smoser: this would appear to be wrong: "WARNING:root:No objects found in remote git://smoser@git.launchpad.net/~usd-import-team/ubuntu/+source/walinuxagent" (not your fault). let me debug quickly if i can
<smoser> ah.
<smoser> yeah, smoser@
<smoser> no. that should be ok. the smoser@ shoudlnt mbetter
<nacc> right
<nacc> sorry, what i menat, was thats tatement is wrong
<nacc> *that statement
<nacc> as it has objects
<smoser> right.
<nacc> give me a few minutes to dig
<nacc> smoser: heh, i blame you
<nacc> smoser: ok, your git / git+ssh change
<nacc> smoser: so the problem is, git+ssh allows user@
<smoser> yep
<nacc> smoser: but git doesn't
<smoser> yeah, i was just going to suggest you stop taking changes from smoser
<nacc> heh
<nacc> i think i can fix it quickly
<smoser> nacc, http://paste.ubuntu.com/23203720/
<nacc> yeah basically
<smoser> hm..
<smoser> i still get the no objects warning though
<smoser> nah. it was dirty dir. never mind.
<nacc> well, my version works :) http://paste.ubuntu.com/23203725/
<nacc> smoser: should be fixed in git
<nacc> smoser: nice, the pickup did seem to work, too, it imported 3 new versions since last import (i assume that's right, i've not actually checked)
<smoser> nacc, horay!
<smoser> push?
<smoser> nacc, the vast majority of the 2 minutes 26 seconds for me was dist_sinfo.launchpad_versions_published_after
<nacc> smoser: i ran with --no-push
<nacc> smoser: yeah, it's a slow algorithm for correctness
<nacc> smoser: we can probably optimize it at some point, but it's a lot of launchpad interactions (as it needs to be) and then looping to get to the point in the history we need to be
<smoser> yeah.
<nacc> tbh, most of the code is naive in favor of correctness/ease of understanding :)
<smoser> sure.
<smoser> so i'm running it without --no-push now
<smoser> but to make sure i understand this...
<smoser> you could in your tree just add the remote and push
<smoser> right?
<nacc> smoser: yep, although with your change, i'd need to change git/config to use git+ssh and my username
<smoser> yeah.
<nacc> smoser: i think i adjusted the code already to change that on each run
<smoser> (add the remote)
<nacc> so you could do --no-push -d ... then immediately do the same without --no-push and it should just work
<nacc> this in the pygit2 version, though
<nacc> so will be in master hopefully soon :)
<smoser> nacc, speed is not a big deal. as the goal is this is running automated and already ran when i looked to pull
<nacc> smoser: yep, exactly
<nacc> smoser: yeah, speed is only important for the part that is currenty slow (in my experience), which is loading an existing large repo
<nacc> smoser: the pygit2 conversion fixes that, afaict
<nacc> smoser: then the cronjob should be close to bound by the number of publishes since last run
<blizzow> So I went to do a dist-upgrade on a couple of servers, and I find mysql-common is installed on there...I do an apt-get remove mysql-common and only see the following packages getting removed:
<blizzow> libdbd-mysql-perl libmysqlclient20 mysql-common
<blizzow> Is mysql-common part of the base install somehow now?
<cliluw> Is there a way to let a user have superuser privileges without letting them impersonate root?
<blizzow> Or is apt not showing me what actually depends on mysql-common?
<lunaphyte> cliluw: well, define "have superuser privileges", but generally, that's what sudo is for.
<cliluw> lunaphyte: We want to let users do "sudo" but not let them do "sudo su" or "sudo -i".
<lunaphyte> sadly, it's been bastardized by ignorant cargo cult admins to mean "run everything with sudo when you are the admin anyway"
<blizzow> cliluw: then you need to enumerate a list of commands that sudo can run.
<lunaphyte> cliluw: what does "do sudo" mean though?  running sudo by itself is not of value
<lunaphyte> your goal should never be to "let users run sudo".  instead, your goal should be to let users run specific commands, or do specific things, which can then be accomodated by way of sudo
<blizzow> In your sudo config instead of ALL:ALL, you need to have ALL:/commandsyouwanttolettheuserrun.
<sarnold> cliluw: sudo is configurable, almost too configurable; it's easy enough to give someone a specific command, but be aware that if you give them e.g. sudo edit permission then they can just use vim's ! feature to execute a shell.. most programs let people execute shells or arbitrary commands somehow, so be careful if you try to use this to lmiit what people can do
<lunaphyte> blizzow: i don't understand what you're asking.  i don't recall mysql-common being present in a base install, but either way, what difference does it make [aside from crappy bloat]?  if you need libdbd-mysql-perl, then the other two come with it.  if not, remove them.
<blizzow> lunaphyte: I removed it, I was just curious if mysql-common creeped in as bloat like lxc containers did.
<lunaphyte> i hope not, but sadly, it wouldn't be a huge surprise.
<lunaphyte> it's become pretty ridiculous the number of packages i now remove from a "minimal" install in order to make it *actually* minimal
<lunaphyte> and don't get me started on dependency nonsense :)
<blizzow> It's been brutal lately.
<blizzow> !
<cliluw> blizzow: You have a good point about using whitelisting instead of blacklisting.
<blizzow> Guess it's time to set up my own seed server and start doing installs that way again.
<blizzow> cliluw: check this out... http://askubuntu.com/questions/500679/block-a-command-from-sudo-user
<blizzow> You can blacklist su, but the article says it's pretty ineffective.
<rattking> you can run 'aptitude why package' to see what pulled the package in.. assuming you dont consider apitude bloat :)
<sarnold> apt-get purge should give a similar reason, no? :)
<lunaphyte> indeed.  using sudo in an attempt to blacklist commands is a fool's errand
<rattking> by seeing what it wants to take with it? yeah I suppose it would
<lunaphyte> rattking: yes, i consider aptitude to be bloat
<lunaphyte> i can't remember the last time i wished i hadn't purged aptitude
<blizzow> ratking: thanks!  Just what I was looking for. Ansible requires aptitude, so I'm forced to use it.
<lunaphyte> ansible requires aptitude?  blech
<lunaphyte> actually requires it?  or artificially requires it by way of absurd package dependencies?
<blizzow> lunaphyte: yep.
<blizzow> actually requires it.  also requires python-simplejson
<lunaphyte> that's rather unfortunate
<lunaphyte> i can't image it genuinely needs aptitude, and couldn't do everything needed via any number of other mechanisms
<blizzow> Unfortunately it does.  Not exactly my favorite management tool, but otterwise, I'm probably forced to use puppet or chef (super gross).
<lunaphyte> you consider chef to be less desirable than ansible?
<blizzow> yeah, I do.  At least ansible runs over ssh, doesn't have an agent running and checking in all the time, and more importantly is not written in ruby/erlang.
<lunaphyte> hmm, interesting.
<blizzow> Talk about bloat just to get a current ruby/erlang install.
<lunaphyte> although erlang isn't so bad
<lunaphyte> [in the grand scheme of things]
<lunaphyte> would you take chef over puppet?
<blizzow> Last erlang dealings I had was installing couchdb and having to install particular boost libraries to get the right version of erlang.  Don't even get me started on the hipster ruby let's build our own packaging system outside of established methods shitshow.
<lunaphyte> well yeah, ruby for sure
<sarnold> blizzow: they -all- succumb to that :(
<sarnold> blizzow: pip, gems, hell even lua has luarocks
<blizzow> I'm really not familiar enough with puppet to give it a nod over chef.
 * sarnold glares at cpan
<blizzow> sarnold: I know, and it's a total pain in the c*ck to keep my ops people from installing weird shit in new and interesting ways.
<lunaphyte> that mentality has become progressively worse with each iteration of the interpreted language of the month club.  first with perl and cpan, which was tolerable but frustrating, then on to php with pear, and after that pythong and its eggs, then ruby and its gems, and most recently lua and its rocks :(
<blizzow> oh, I see the go headache already beginning.
<sarnold> well underway :(
 * nacc wonders if rants could go to #ubuntu-offtopic :)
<lunaphyte> then you add cargo cult admins who manage systems by effectively doing things like "curl 'http://www.somedumbblog/tld/' | sudo bash", and it's a surprise as many systems actually function at all
<lunaphyte> yeah, fair enough.
<lunaphyte> this soapbox was starting to wobble anyway :)
<ThiagoCMC> hey guys, how to disable cloud-init network capabilities for deermined vNICs only?
<PryMar56> lunaphyte, how Cal Tech & Feynman'esque
<PryMar56> reminds me of the Commencement speech in May '74 by Feynman
<lunaphyte> which was that?
<PryMar56> lunaphyte, the cross compare of script languages and repo from 12:15
<PryMar56> 1 hour ago
<lunaphyte> ah
<ThiagoCMC> Apparently, Cloud Init Network capabilities is "all or nothing", I have instances with 3 interfaces and it is runnign DHCP against all of it! But I only need it to configure the first vNIC, but, how???
<k2gremlin> Anyone have a DNS blip recently using 8.8.8.8? Had some really weird dns issues for about 3-4 minutes. Cleared up when I changed to 8.8.4.4
<Fiki> k2gremlin, I generally don't like google dns anyway, far too slow compared to my local or even other public dns out there
<lunaphyte> who in their right mind would ever run a server and use a third party dns service anyway?
<k2gremlin> lunaphyte, Sorry, Just happened to be in this channel when problem came up on my Win10 PC at home.
#ubuntu-server 2016-09-20
<rbasak> nacc: interesting. I guess we should fix the release then :-/
<cpaelzer> ThiagoCMC: you can always twek things as needed via http://cloudinit.readthedocs.io/en/latest/topics/examples.html#run-commands-on-first-boot if not natively supported
<cpaelzer> ThiagoCMC: there is way more net config to come by the means of https://lists.ubuntu.com/archives/ubuntu-devel/2016-July/039464.html
<cpaelzer> ThiagoCMC: depending on what you are looking for you might look at http://cloudinit.readthedocs.io/en/latest/topics/datasources.html#no-cloud to inject e/n/i for now?
<innercode> Hi, is it possible to copy a LXC1 container to a LXC2 host or is there a way to convert the LXC1 container?
<cpaelzer> innercode: you mean lxc1 to lxc2 and not to lxd right?
<innercode> cpaelzer: That's it
<cpaelzer> innercode: that should be a straight upgrade on the host itself according to e.g. http://lxc-users.linuxcontainers.narkive.com/IsqEwMzt/upgrade-lxc1-to-lxc2-lxd
<cpaelzer> innercode: but you were thinking on moving off to a newer host right?
<cpaelzer> maybe making a clone of your current host, then do the upgrade on the clone and roll-back to the original in case things went wrong?
<innercode> cpaelzer: Yes, but I can upgrade the current host first
<cpaelzer> if you can clone you can also use it for various verifications before doing the real switch
<cpaelzer> innercode: of course you "can" upgrade the current host first, just IMHO it is always wise to have a fallback strategy
<innercode> cpaelzer: I will backup first the current host, upgrade lxc and then move it to the new host
<innercode> cpaelzer: Thanks for your help and link
<cpaelzer> innercode: that sounds reasonable, only one change at a time and a way to fall back if needed
<cpaelzer> jamespage: it seems OVS gos into final apply&clenaup mode several important fixes I was already keeping a list to backport got applied the last two days
 * cpaelzer is touching all kind of wood for a great ovs 2.6 release
<jamespage> cpaelzer, I'll look at another snapshot in advance of final release
<jamespage> ddellav, coreycb: doing designate rc1
<jamespage> coreycb, hmm
<jamespage> coreycb, ddellav: designate is done
<jamespage> coreycb, ddellav: https://review.openstack.org/#/c/372146
<jamespage> concerns me
<jamespage> ceilometer-api binary is actually broken in rc1 - it worked ok in b3
<jamespage> ddellav, coreycb: infact this is why ceilometer is stuck in proposed - its autopkgtests fail due to the broken ceilometer-api binary
<cpaelzer> jamespage: we got the first report on dpdk no more able to handle the permission/ownership fix
<cpaelzer> jamespage: I created bug 1625542 to track
<ubottu> bug 1625542 in dpdk (Ubuntu) "--vhost-owner --vhost-perm no more transferred to DPDK EAL commandline" [Undecided,Incomplete] https://launchpad.net/bugs/1625542
<cpaelzer> jamespage: but I think we wait the few days until you picked up a OVS 2.6 and then add delta as (if) needed
<cpaelzer> there still is the small but existing chance that they pick up https://www.mail-archive.com/dev@openvswitch.org/msg69706.html
<roberthl> Good morning
<roberthl> Last week I was experiencing an issue with apt-get update taking an extremely long time via the AWS eu-west-1 package mirror, especially with a few instances doing it simultaneously
<roberthl> I'm doing some tests now and can't seem to replicate the problem I was having, so I wondered if there were any known issues with the package archive last week that have now been resolved?
<coreycb> jamespage, wth, dropped ceilometer-api?
<coreycb> in RC1
<jamespage> coreycb, no its been replaced with an equivalent command that runs wsgi app standalone
<jamespage> I've picked the patch and updated the packaging
<coreycb> jamespage, ok so nothing major after all?  I'll take a look at what you did.
<jamespage> coreycb, no it was a bit of a false alarm
<jamespage> the term wsgi script is overloaded - at least three people have asked the same question about the change
<coreycb> jamespage, ok
<cpaelzer_> rbasak: interesting ... you might be able to explain me why I can assign bug tasks for Xenial on my own, but only nominate for P&T
<coreycb> jamespage, any idea what this means? E: Could not find python-mock-services*/python-mock-services_*.dsc  http://10.245.168.2:8080/job/backport_package/1481/console
<jamespage> coreycb, hmm
<jamespage> coreycb, cloud-archive-backport: Cloud Archive is already up-to-date for python-mock-services.
<jamespage> that should stop it trying to build the package?
<coreycb> jamespage, oh duh.  yeah I think it usually quits at that point.
<jamespage> bom does
<jamespage> not sure about individual backports
<jamespage> might need a tweak
<coreycb> jamespage, ok
<rbasak> cpaelzer_: packagesets ACLs are release-specific. So it may be that there are things missing from the ACL for you for older releases.
<jamespage> coreycb, we need to discuss dnsmasq in UCA
<jamespage> coreycb, we managed not tod that last week
<coreycb> jamespage, yeah
<coreycb> jamespage, it seemed like a self-contained backport on my quick glance
<jamespage> coreycb, is this for ipv6 dnsmasq support
<jamespage> ?
<coreycb> jamespage, I think all we need is dhcp_release6
<coreycb> jamespage, here's the neutron commit: https://review.openstack.org/#/c/301747/
<jamespage> coreycb, ok +1
<jamespage> lets make sure neutron gets a versioned dep as well please
<coreycb> jamespage, would you prefer to attempt an SRU of just the dhcp_release6 code to xenial?  not sure if that would be acceptable since it's not a bug.
<jamespage> coreycb, hmm
<jamespage> can mitaka use it?
<coreycb> jamespage, looks like the neutron code is just in yakkety
<coreycb> jamespage, I mean, newton
<jamespage> coreycb, add it to the UCA then
<jamespage> its a feature so is unlikely to be SRU worthy
<coreycb> jamespage, ok
<jamespage> coreycb, adding swauth for newton UCA as well
<coreycb> jamespage, +1
<coreycb> jamespage, dnsmasq backported successfully
<coreycb> jamespage, updating neutron d/control
<NorskElectric> is it possible to use ubuntu-vm-builder (or the just the underlying vm builder) via cli syntax to use a dedicated NIC? Like direct dev private macvtap?
<NorskElectric> or does that have to be done in a template at best?
<DesertedWarf> Good morning all
<DesertedWarf> (Or evening)
<DesertedWarf> Does anyone have a ballpark estimate of how long the Raspberry Pi's Ubuntu version with a server pre-configured take to complete it's first boot?
<Voyage> Hi
<DesertedWarf> Hey Voyage
<Voyage> Can anyone help with this Its a nightmare to bypass this: https://pastebin.mozilla.org/8911617
<smoser> Voyage, you dont like being propmted for a passphase ?
<smoser> what is the nightmare ?
<Voyage> smoser:  how to I login ?
<smoser> to what ?
<smoser> itis asking you for the pass phrase to your ssh key. i dont know if your ssh key is present in the user that you're trying to get to or not.
<Voyage> aws
<Voyage> smoser:  I changed computers
<Voyage> and used same ssh key
<smoser> if you have public keys in the instance you launched, then
<smoser> ssh ubuntu@that-ip-address
<RoyK> well, obviously the key is protected with a passphrase
<smoser> and sshing in as 'root@that-ip-address' will tell you to do that.
<Voyage> RoyK:  I never set it. I changed computers and used the same key. On this computer, I get a passphrase prompt that I cant bypass
<RoyK> debug1: Authentications that can continue: publickey <-- hm
<RoyK> not quite sure what you're doing here
<jgrimm> lamont, bug 1611923.  Do you need that back into xenial (and/or trusty) too?  or just enough to fix in yakkety?
<ubottu> bug 1611923 in python-django (Ubuntu) "http.request does not support ipv6-formatted ipv4 addresses" [Medium,In progress] https://launchpad.net/bugs/1611923
<lamont> jgrimm: many things are relative...
<lamont> jgrimm: we currently monkeypatch the hell out of it, so it doesn't absoltely need to be backported
<lamont> OTOH, others might like it
<jgrimm> lamont, certainly doable.  i'll put it back to xenial at least then
<lamont> jgrimm: so it's really a question of what our ipv6 support story is for xenial
<lamont> trusty is dead to me (wrt ipv6)
<lamont> too many breakages
<jgrimm> lamont, fair enough. and why i was thinking xenial at least would be nice
<lamont> yep
<jgrimm> thanks sir
<lamont> np
<ThiagoCMC> cpaelzer_, I was reading that very same doc! Thanks! The problem is that, if I disable the DHCP for a specific subnet, Cloud Init still configured the IP as static!!! But I do not want any setup for the secondarie networks. As a workaroung, I'm doing this on cloud init script: ifdown ens4 ; ifdown ens5 (while ens3 is fine, first).
<cpaelzer_> ThiagoCMC: you might ask smoser in #cloud-init for an experts advise
<ThiagoCMC> ok, thanks!
<NorskElectric> is there a ubuntu kvm or libvirt sub group?
<coreycb> frickler, dnsmasq 2.76 and neutron that depens on it are working their way back to the newton cloud archive
<coreycb> depends
<nacc> smoser: from a usability perspective, do you think it's a usability issue you hit yesterday (passing a non-xgit'd directory results in it starting from teh beginning). I can at least put that in the -h
<smoser> nacc, i do think itunawell, i guess it just depends  on who you think is going to run the importer
<smoser> if the usd-importer branch is always up to date, its not a big deal.
<smoser> if it is out of date, then i would really epxect that a normal user is probably wanting to git clone <that>
<smoser> and then 'usd-import'
<nacc> smoser: yeah, i didn't optimize for regular users running it -- mostly myself in testing and then eventually the cronjob
<nacc> smoser: yeah, but even that won't generally work even w/o xgit
<nacc> as you have to have somewhere to pull sources too
<nacc> but i'll have a think
<smoser> nacc, i guess in my mind your time is better spent making the importer branch always up to date
<smoser> then you wont have bothersome users saying "why doesnt it work like a bothersomeo user thinks it should"
<smoser> nacc,  a simple 'xgitify' would probably be sufficient too
<smoser> dear user, if you want to run the importer your self do:
<smoser>  git clone http://.../your-package
<smoser>  usd-importer xgitify your-package your-xgit-dir
<smoser>  usd-import your-xgit-dir
<smoser> where xgitify can basically just 'git clone'
<nacc> smoser: yep, that makes sense
<nacc> smoser: that's the thing, if you just use the importer (and don't clone), it does work :)
<smoser> :)
<smoser> thats a good point.
<smoser> i was just trying to be too smart
<smoser> and re-use what i had
<nacc> yep
<nacc> the other unfortunate bit i've hit is that git-clone and xgit are incompatible anyways
<rbasak> nacc, smoser: if enhancing xgit, it might be an idea to make it work with "git worktree" instead, now that it exists
<rbasak> Assuming that's possible
<nacc> rbasak: yep, that's my theory
<nacc> *thinking
<nacc> we shouldn't "need" xgit beyond convenience
<nacc> i also wonder if we could put the pull-*-source -d output in .git/junk or something
<nacc> rbasak: ubuntu/devel should point to ubuntu/<current-proposed> if it exists and if not, then ubuntu/<current>, correct?
<rbasak> As a type of cache? That could work well.
<rbasak> nacc: correct
<nacc> rbasak: yeah, something like that, i'd need to dig into it -- i was thinking also as a means to not really need xgit itself (as it feels like the primary reason is to keep pulled things out of the working tree
<rbasak> nacc: agreed
<nacc> rbasak: would then make smoser's git-clone case also 'just work', i think
<smoser> rbasak, nacc get it importing everything on cron. and i will be uber happy.  and never bother you again :)
<nacc> smoser: :) we're getting very close to that
<nacc> i think we've got a method to work around bad changelogs now, which seems to work well. I need to fix isc and then i think those are the two classes of major workarounds that we've had to recode for
<coreycb> rockstar, pylxd 2.0.5 is uploaded to xenial and I'll ask arges if he can review it.  and nova-lxd b3 is uploaded to yakkety.
<rockstar> coreycb: ta
<rbasak> jgrimm: would you like to take bug 1595096?
<ubottu> bug 1595096 in postfix (Ubuntu) "cannot create multi postfix instance by postmulti command" [High,Triaged] https://launchpad.net/bugs/1595096
<jgrimm> looking
<rbasak> Looks like a cherry-pick from Debian for an SRU is all that is needed, though I haven't confirmed.
<jgrimm> rbasak, looks like cpaelzer had done some looking at it
<Fira> Hey! Anyone around tried using conjure-up to install openstack in single-machine mode around ?
<Fira> It's uh, not quite working out here, conjure-up itself is failing in a failcascade, and the more i get bleeding edge versions the worse it is, culminating at conjure-up just apt-get install 'ing argv0 in a loop.
<sarnold> argv0? o_O
<Fira> well, i mean the conjure-up's arg
<sarnold> ah
<Fira> that would be 1 not 0
<sarnold> was all for the best though, I hadn't seen ssh-argv0 yet, heh
<Fira> my bad
<Fira> :P
<Fira> so yeah the documentation looks pretty outdated, since the docs still speak of openstack-install which doesn't seem to exist anymore
<Fira> tried going through conjure-up but it failed due to invalid LXD image names, so i tried taking the official image and naming it as requested, but it failed later on so i guess that wasn't quite it :P
<Fira> tried getting conjure-up bleeding edge, and as i said, it just runs apt-get install in a loop with whatever you give it
<Fira> which uh, is quite, err, weird
<Fira> oh :) got it to work by beating it sufficiently with removal and reinstalls :p
<sarnold> the beatings will continue until morale improves
<sarnold> (sorry, I got nothing)
<jayjo> I'm trying to figure out why a crontab element isn't firing. I have one that is definitely working with the permissions -rwxrwxr-x and one that is not working with -rwxr-xr-x .. would that be the reason why?
<jayjo> is there a way to run a task from the cron user? to see if it works?
<JanC> the user is not the only difference
<sarnold> jayjo: probably something makes an assumption about a PATH being set differently than it is. that's what it always is. :)
<jayjo> is there a way to echo some of those variables from the shell script?
<sarnold> /usr/bin/env > /tmp/environment_variables   :)
<JanC> PATH or another environment variable, trying to run some tool that expects a TTY, trying to access something with the wrong permissions, expecting a login session, etc.
<bjf> docker: Error response from daemon: rpc error: code = 2 desc = "oci runtime error: flag provided but not defined: -bundle".
<bjf> is ^ a known issue?
<bjf> this is on a fresh Xenial install
#ubuntu-server 2016-09-21
<faekjarz> Hi! (16.04) Can i us an MTU >1500 and DHCP? I mean, "mtu 9000" in /etc/network/interfaces doesn't seem to be used when the IF isn't set to static.
<sarnold> faekjarz: this suggests two approaches: http://askubuntu.com/q/350992/33812
<sarnold> faekjarz: either add a post-up command to set the mtu 'manually'
<sarnold> faekjarz: or remove a setting from the dhcp client configuration so that it won't apply the value from the server
<sarnold> faekjarz: any reason why your server is handing out wrong sizes?
<faekjarz> sarnold: it's a pfsense box, and its DHCP server (well, the UI, at least) doesn't provide configuration of MTUs â¦or i'm too blind to see it
<sarnold> faekjarz: I wonder if it just hands out 'ethernet default' unless you configure it otherwise
<sarnold> I wouldn't be surprised..
<faekjarz> ok, i _was_ too blind, and maybe a little stubborn. pfSense lets me set "Additional BOOTP/DHCP Options" (it's option 26), but not per client, only per port (i.e. LAN, WLAN, ..)
<faekjarz> i'll go with the post-up hook â¦thanks sarnold :)
<sarnold> oh -of course- option 26 :) haha
<sarnold> faekjarz: curious, wouldn't it be a feature of e.g. a port?
<faekjarz> haha :D yes, but it links to the appropriate IANA doc http://www.iana.org/assignments/bootp-dhcp-parameters/
<sarnold> handy list
<melomane> hi, i have ubuntu server 12.04 installed on a VPS server. the filesystem goes to read-only mode very frequently. what's the problem? it it a good idea to remove read only on error in fstab?
<frickler> jamespag`: coreycb: I've failed to find an ubuntu specific source for python-glance-store, do you build this type of packages directly from the debian source pkg?
<jamespag`> frickler, not always
<jamespag`> frickler, sometimes we're in sync, sometimes not
<jamespag`> frickler, having issues? I know there is an SRU held up in xenial-proposed atm
 * jamespag` reminds himself to chase that
<frickler> jamespag`: I'm asking because I need a package with https://review.openstack.org/373155 built in.
<frickler> this is the bug being worked around https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1625489
<ubottu> Launchpad bug 1625489 in ceph (Ubuntu) "image.stat() call sometimes fails" [Undecided,Confirmed]
<frickler> jamespag`: I've also tried to rebuild the ceph package with the patch upstream came up there, built it failed after 3h. also the workaround seems much less intrusive to me
<jamespag`> frickler, https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/python-glance-store/+git/python-glance-store
<jamespag`> master = newton
<jamespag`> stable/mitaka - mitaka
<jamespag`> frickler, that's an import of the latest source packages from xenial and yakkety
<frickler> jamespag`: that's exactly the place I was looking at earlier, did you just create it?
<jamespag`> frickler, I did - we generally create them on demand when we need to fork from Debian in some way
<jamespag`> frickler, pulling the source packages from ubuntu, and re-creating the git repos that way
<jamespage> ddellav, coreycb: headsup we might have to deal with a defaults switch for cinder/iscsi from tgt to lio
<jamespage> performance looks good, discussion about deprecating tgt driver on openstack-dev
<jamespage> but next cycle
<jamespage> :)
<jamespage> coreycb, ddellav: we're still broken atm - https://bugs.launchpad.net/ceilometer/+bug/1626006
<ubottu> Launchpad bug 1626006 in ceilometer (Ubuntu) "wsgi_script based ceilometer-api binary does not support the same CLI arguments as console_script version" [High,New]
<frickler> jamespage: ok, that built fine for me, thx. if you want to reuse it for your version: https://git.launchpad.net/~j-rosenboom-j/+git/python-glance-store/commit/?id=3f68dbadc2a9eebfbaf5ff1e37f128c7847dbddd
<jamespage> frickler, ta
<coreycb> jamespage, great..
<jamespage> coreycb, I pinged jd in openstack-telemetry
<jamespage> I don't have an easy fix for this
<caribou> rbasak: would you have a few minutes to help me out with the tomsfastmath MIR required to unblock clamav merge ?
<rbasak> caribou: sure
<caribou> rbasak: hold on, Need to switch desks & I'll be back
<rbasak> OK
<caribou> rbasak: ok, I'm back
<caribou> rbasak: so as  you may recall, the clamav merge is stucked on the fact that it has an Universe dependancy on libtfm (tomsfastmath)
<rbasak> Yes
<caribou> I'm trying to make sense of what's required for the MIR
<caribou> rbasak: or if it is even possible given the timeframe
<caribou> rbasak: debian switched from libtommath to libtfm which is in Universe; they used to carry an in-package copy of libstomfastmath
<rbasak> Yeah I've been digging.
<rbasak> AFAICT, they used to use libgmp before 2009-01-26, and have been using an embedded copy of libtommath since
<rbasak> Upstream, that is.
<rbasak> clamav entered main in around 2008.
<caribou> rbasak: yes until recently where 0.99.2's upstream switched to libtomsmath
<caribou> rbasak: actually no, it was in 0.98
<rbasak> switched to libtomsmath from what?
<caribou> rbasak: no sorry switched from libtommath to libtfm (tomsfastmath)
<rbasak> Anyway, I think this might be a little academic. I would do a proper MIR, but I imagine it may be fairly quick for what it is. However, in the context of clamav the library will presumably be handling unvalidated input, so the security team may want to look.
<rbasak> libtommath to libtfm (tomsfastmath)> ah, OK. They do seem to come from the same upstream, though.
<rbasak> caribou: so I'd file a MIR, explain what we've discovered above, and see if the security team feel that a review is necessary.
<rbasak> clamav has a major release exception for stable releases, so that might affect things too.
<caribou> rbasak: ok, I started on the MIR : LP: #1619239
<ubottu> Launchpad bug 1619239 in tomsfastmath (Ubuntu) "[MIR] tomsfastmath (runtime dependency of clamav)" [High,Incomplete] https://launchpad.net/bugs/1619239
<caribou> doko is talking to me about backports of the library, not sure what he means to I need to dig into this a bit deepere
<caribou> deeper
<caribou> rbasak: hmm, strange, the latest clamav source pkg still have the embedded copy of tomsfastmath
<rbasak> caribou: yeah I think the Debian package just started using the external one instead, due to the general distribution aversion to embedded dependencies.
<caribou> rbasak: the external tomsfastmath package is fairly recent, Dec 2015. My guess is that they packaged it to remove the embedded one
<caribou> rbasak: when 0.99 got in Debian (0.99 is Xenial), the tomsfastmath pkg did not exist yet
<rbasak> caribou: yeah that sounds likely
<caribou> rbasak: and both clamav 0.99 and tomsfastmath pkg  have the same importer
<jamespage> coreycb, apparently we need a newer pbr version in order for the wsgi_script thing todo the right stuff
<coreycb> jamespage, ahh. well then global-requirements should be updated
<jamespage> coreycb, upper-constraints.txt is at 1.10.0
<jamespage> pbr >= 1.6
<coreycb> jamespage, I can bump that to 1.10.0
<jamespage> coreycb, yah - just pondering the risk
<coreycb> jamespage, yeah... hate to do it so late
<jamespage> the release team will want to know why - its has alot of reverse-depends
<coreycb> jamespage, it's used everywhere in openstack
<jamespage> coreycb, yeah - less concerned about that - we can sniff a few pkgs in ppa to de-risk
<coreycb> jamespage, yeah holy reverse depends.  they're mostly all openstack at least.
<jamespage> coreycb, can I leave this with you?
<jamespage> I'm trying to wriggle though charm reviews today
<coreycb> jamespage, sure. you ok with bumping it if the release team is ok?
<jamespage> yah
<Pawni> Hi guys, anyone else experience problems with pip on 16.04.1? I upgraded from 15.10 to 16.04.1 and my python upgraded from 3.4 to 3.5.2, now every pip install gives permission errors?
<Pawni> I can still install packages if going sudo, but I feel that there probably is a better fix for this, and it's annoying because I'm trying to install them using an account that can't sudo
<setuid> What's the magical syntax to uvt-kvm to export the details of a uca image?
<setuid> Something that I can use to diff against another image, to see what configuration values may be different
<setuid> virsh dumpxml, I suppose?
<rbasak> setuid: that'll tell you how the VM is configured on your system, not about changes within the image itself. Which are you after?
<rbasak> setuid: you might be interested in the mount-image-callback command from cloud-image-utils
<setuid> Just trying to debug a client's reported issue with firefox and a missing dep on libgl1-mesa
<setuid> I can repro it, so that's good, but I'm wondering if their uca image is different in some way
<jamespage> coreycb, pbr got a +1 from pitti
<coreycb> jamespage, great, I hadn't heard back from him in #ubuntu-release.
<jamespage> coreycb, its in the bug erport
<coreycb> jamespage, ok, thanks for opening a bug
<jamespage> coreycb, i added a task to https://bugs.launchpad.net/ubuntu/+source/python-pbr/+bug/1626006
<ubottu> Launchpad bug 1626006 in ceilometer (Ubuntu) "wsgi_script based ceilometer-api binary does not support the same CLI arguments as console_script version" [High,Triaged]
<coreycb> jamespage, ddellav offered to do pbr so he's working on it as we speak
<hallyn> cpaelzer: fwiw i think we want to just keep all qemu machine types which do not predate the earliest supported TLS
<cpaelzer> hallyn: hi
<cpaelzer> hallyn: interim dev types, really
<hallyn> lol.  LTS even
<cpaelzer> well all LTS is fine
<hallyn> yes.  it's not worth saving 10loc to drop those
<cpaelzer> hehe
<hallyn> no, i'm saying keep the interims back to the earliest supported lts
<cpaelzer> yeah I got you
<cpaelzer> hallyn: stating that everything older than that is really really too old
<hallyn> it's still gonna hurt ppl at some point, but updating machine types just isn't something ppl like to do
<hallyn> yeah
<hallyn> cool - ttyl :)
<cpaelzer> hallyn: in the discussion the sugegstion was dropping all prior to latest LTS, but I see we could shift some pain further to the future
<cpaelzer> when people will hopefully agree it is late enough to finally restart/update some things
<cpaelzer> I
<cpaelzer> 'll tihnk about it in regard to the bug I'm currently fixing
<cpaelzer> hallyn: thanks for the comment
<ddellav> coreycb jamespage python-pbr ready for review: lp:~ddellav/ubuntu/+source/python-pbr
<coreycb> ddellav, looking
<coreycb> ddellav, the patch lost some code but I'll add that and push/upload.  thanks very much for doing this.
<coreycb> ddellav, jamespage: python-pbr 1.10.0 uploaded
<faekjarz> Hey there! What are possible reasons for a link (sym/hard), to /dev/dm-0, to not "survive" a reboot?
<nacc> faekjarz: where does the link live?
<faekjarz> nacc: below /dev (grub-update, for some reason, needs /dev/sda2_crypt, which is a link to /dev/mapper/sda2_crypt, which points to /dev/dm-0)
<nacc> faekjarz: /dev is not a true filesystem, but lives in memory
<nacc> faekjarz: it's technically a view into the kernel's perspective on devices
<nacc> faekjarz: so it will of course not maintain state over reboots
<faekjarz> nacc: i see :\ â¦thanks for the explanation â¦so then, i'll just re-create that link on boot: where should i put my one-liner?
<rattking> udev makes the rest of those symlinks, so thats probably the correct place.
<nacc> faekjarz: udev would be my guess, but if it's something that update-grub is expecting to exist alraedy, why doesn't it?
<faekjarz> it's a somewhat custom installation of ubuntu server 16.04 with root on zfs on luks. i.e. creating manually creating partitions and stuff and running "debootstrap xenial /mnt". I followed a guide on github
<rattking> oh my, I ran into problems installing grub of a zfs root a while back.. I bet this is what I needed :)
<faekjarz> :)
<nacc> faekjarz: yeah, i'm not sure, udev is probably what you need, but given zfs root isn't really supported here, can't help too much more :/
<faekjarz> nacc: no worries, that missing link only bites me when package updates create run grub-update. in this case i'll notice it, create the link and start over. â¦i'll look into udev, thank you & rattking
<nacc> faekjarz: gl!
<JanC> faekjarz: I assume you mean update-grub instead of grub-update?
<JanC> there might be a way to tell that or other parts of grub where to look
<faekjarz> JanC: yes, update-grub, indeed. I had grub-install in mind and thought it's similar. (right now i'm learning systemd to figure the least hackish implementation of my plan out ;)
<JanC> update-grub calls grub-mkconfig, which calls a bunch of config-generation-scripts under /etc/grub.d/ which use configuration variables in /etc/default/grub
<JanC> it might be useful to figure out why it looks for /dev/sda2_crypt instead of /dev/mapper/sda2_crypt
#ubuntu-server 2016-09-22
<djames> I'm stepping through the systemd settings on Ubuntu 16.04.1 server. I'd like to find where $TERM first gets set. I'd like to change it to xterm-256color at first login, for all TTY's.
<djames> I'm looking at /lib/systemd/system/getty@.service and see that it refers to $TERM which is already set
<djames> So I'd expect that somewhere in the chain before, $TERM gets set
<djames> or detected
<guest4146> hi
<guest4146> What do you guys recc in terms of a GUI desktop environment for Ubuntu Server? (not talking shell, but preferred GUI) Is it somethig lightweight?
<guest4146> this is just a question of curiousity
<tsimonq2> guest4146: AwesomeWM, Lubuntu, i3
<guest4146> ok... how do I get the desktop environment running after log-off. no ubuntu button to change DE AT ALL on login screen
<rypervenche> guest4146: What Display Manager did you install?
<rypervenche> guest4146: And which Desktop Manager did you go with?
<rypervenche> guest4146: Also, why the need for a GUI?
<guest4146> this is Ubuntu 16.04
<guest4146> standard
<JanC> did you install one of the -desktop packages?
<djames> I'm looking for a recommendation on how to get a nice terminal with Ubuntu server, without X. My current terminal is TERM=linux and can't send various keys, such as CTRL-F2.
<djames> I realize terminals are crazy/weird/complex/historical beasts. I read http://catern.com/posts/terminal_quirks.html
<djames> Should I expect my terminal to generate *something* for CTRL-F2? Function keys in general work.
<rypervenche> djames: What are you expecting it to do?
<rypervenche> djames: Those are usually things that happen in the Desktop Environment.
<JanC> well, it should also work in a terminal, if any application there uses it
<djames> rypervenche For example `cat -v` then <F2> gives `^[[[B`. However, <CTRL-F2> gives nothing.
<djames> I'd like to learn exactly why CTRL-F2 is not being generated.
<djames> I started answering http://askubuntu.com/questions/827947/inspect-and-adjust-non-gui-terminal-configuration but there is more I want to learn
<djames> For example, I'd like to find the code that shows where ALT-F1 gets trapped.
<djames> And I'd like to see why CTRL-F2 is not passed along.
<rypervenche> djames: Because that key combinatinion is a X thing.
<djames> rypervenche I don't understand your reply. CTRL-F2 is a keypress, nothing more, nothing less.
<djames> rypervenche You understand what `cat -v` does?
<rypervenche> djames: Yes, but in the TTY you are using a keymap, in X you are using a keyboard layout.
<djames> rypervenche still, your explanation isn't connecting the dots for me. some terminals / terminal emulations do in fact send CTRL-F2
<rypervenche> djames: Some TTYs or only terminal emulators?
<djames> I'm not sure
<rypervenche> Then unless you are sure, you are talking about apples and oranges.
<djames> I don't understand all the detailed differences, but I would like to learn
<djames> Put another way, why doesn't a CTRL-F2 keypress show up in `cat -v`?
<djames> My logic is this: if CTRL were simply ignored, the F2 part would still show up.
<rypervenche> Because you are doing it from a TTY.
<djames> rypervenche that isn't the "why" I'm looking for, sorry :)
<rypervenche> I'll see if I can find something understandable for you.
<djames> So, I'm if I'm using a TTY, why can't it handle CTRL-F2, in terms of a deeper explanation. Your response seems to be a summary of "it doesn't work because it is a TTY" but not *why* that is the case
<rypervenche> I'll see if I can find a good explanation. For me, it's just the way of things, it's always been that way.
<djames> ah, fair enough
<rypervenche> What is ctrl+F2 supposed to do for you?
<djames> rypervenche I'm not sure why you keep asking that
<djames> I want to learn about terminals, key bindings, the stack, etc
<rypervenche> Oh, so you're just doing all of the F keys as a test?
<djames> Ultimately, I want that keypress to be available to Byobu
<djames> But I find it very strange that some keypresses are ignored
<djames> And I'd like to be able to look at the underlying code and see for sure exactly what is happening... e.g. is the keypress being ignored? swallowed by some other process?
<rypervenche> I wonder if it's the TERM variable doing it.
<rypervenche> You said you're using "linux", have you tried something else?
 * djames is reading http://www.linusakesson.net/programming/tty/
<rypervenche> like xterm
<rypervenche> https://unix.stackexchange.com/questions/198711/how-can-i-pass-function-keys-to-htop-in-a-tty
<djames> that's useful, I'm looking over `infocmp -L1` now -- pertaining to /lib/terminfo/l/linux
<djames> rypervenche I don't think it is valid simply to change TERM=xterm arbitrarily. I say this because systemd autodetects TERM
<rypervenche> Yes, and TTYs are usually set to "linux" and terminals to "xterm" or to the 256color variant. You can change them all you want.
<djames> it is possible that CTRL-F2 is not considered to be (1) a valid keypress or (2) one keypress by most terminals
<rypervenche> Other things change them, such as tmux or other terminals have their own TERM variables.
<rypervenche> Yeah, that I don't know. You might try in ##linux
<JanC> there are some fb terminals that might work
<djames> So, if I do `TERM=xterm bash` it does change TERM; however `cat -v` <CTRL-F2> is no different.
<djames> I'll go back to reading the TTY vs Terminal Emulation article.
<lordievader> Good morning.
<samba35> when i download any image from internet for maas  /pxe boot where that image is store on hardisk ?
<samba35> i am trying to configure 1st maas server on ubuntu 16.04.1 with  maas version 2
<cpaelzer> roaksoax: see samba35 above ^^
<cpaelzer> samba35: in the example on https://maas.ubuntu.com/docs/sstreams-mirror.html it is /var/www/html/maas/images/ephemeral-v2/daily
<cpaelzer> samba35: would this or similar match your case?
<samba35> ok ,thanks
<samba35> strange  ,when i click on images tab on gui it show two images are there but i dont have  any thing on /var/www/html/maas
<cpaelzer> maybe the example isn't the place it downloads by default
<cpaelzer> sorry - out of experience exception
<cpaelzer> back to roaksoax ^^
<samba35> but thanks it help me to understand
<samba35> cpaelzer: thank you again
<samba35> now it seems it downlading image from link you have provided
<samba35> not sure :)
<samba35> cpaelzer: can you please tell me if i have to configure juju and maas and lxd ,then how many nic/network card i will require ?
<cpaelzer> samba35: sorry I can't - I'd check docs just as you
<samba35> ok
<samba35> no issue
<samba35> r u ubuntu  employee ?
<cpaelzer> samba35: not a heavy maas user yet, I always got mine set up by people who knew
<samba35> ok
<roaksoax> samba35: when maas first downloads it stores them in the DB
<roaksoax> and then in /var/lib/maas/boot-resources/
<samba35> ok
<samba35> and where is DB location is ?
<samba35> http://<server>/maas/images/ ??????
<samba35> sorry /var/www/html/maas/images / ????
<rbasak> cpaelzer: for bug 1625372, change the status on the top right to Public Security. Then it goes on the security team's triage queue.
<ubottu> bug 1625372 in ntp (Ubuntu) "NTP security issues on Precise and Trusty" [Undecided,New] https://launchpad.net/bugs/1625372
<samba35> when gui say it has download images but i could not see any image on actual location you mention ,in that case what mistake i must be doing ?
<cpaelzer> rbasak: thanks, never had to click that
<jamespage> coreycb, I can't see it in the queue (pbr)
<coreycb> jamespage, it's in the unapproved queue
<jamespage> coreycb, oh yes
<jamespage> ftr we could have dropped d/p/no-u-string-for-python-3.2.patch
* ChanServ changed the topic of #ubuntu-server to: Ubuntu Server discussion and support | For general (not server specific) support, try #ubuntu | IRC Guidelines: https://wiki.ubuntu.com/IrcGuidelines | https://wiki.ubuntu.com/ServerTeam/GettingInvolved | Docs and resources: https://help.ubuntu.com/16.04/serverguide/
<lucidguy> Ok, I have a handfull of servers with local storage.  What tech can I use to somehow pool them alltogether and present it back to the network as one large filesystem?
<JanC> something like ceph probably
<JanC> or export them as block devices using something like iscsi
<lucidguy> JanC: iscsi?  How would you merge all the storage in the end though?
<JanC> you could in theory use RAID or a filesystem that can use multiple block devices (in this case iscsi targets), but I don't think it's really a good idea
<lucidguy> ceph and glusterfs seem to be what I'm talking about.
<JanC> yeah, they are designed for what you want
<JanC> looks like ceph is in main while glusterfs is in universe though
<JanC> IIRC there is also a wikipedia page that compares distributed filesystems
<xplatform12> on ubuntu 16, using conjure-up openstack is there a switch to specify xenial rather than trusty?
<jgrimm> stokachu, ^^
<stokachu> jgrimm: he left :\
<jgrimm> doh
<jgrimm> sorry, just noticed
<dennism> Question:  Is this the correct channel to ask an Ubuntu 16.04 boot from iSCSI question?
<sarnold> sure
<dennism> thanks.  So  I am attempting to iSCSI boot Ubuntu 16.04 with IBFT.  If I boot with the boot option "iscsi_auto" the iSCSI NIC is not configured.  If I add all iSCSI parameters to the boot options then it boots.  Could someone point me at possible configurations that would cause the IBFT boot method to fail?
<dennism> I have verified that /run/net-<iface>.conf and /run/initramfs/open-iscsi.interface files are populated correctly
<jrwren> is there a way to have cloud-init install packages using no-install-recommends?
<jrwren> or should I use bootcmd to create an /etc/apt/apt.conf.d file with Install-Recommends "false"; ?
<unimatrixoverlod> hi all, need help with getting PHP to work after a do-distupgrade 14.04 LTS to 16.04 LTS: using aptitude all php packages are marked auto. I purged all and deleted /etc/php* to start fresh. I'm getting this error: "WARNING: Module mysqli ini file doesn't exist under /etc/php/7.0/mods-available". I'm open to any ideas on how to get the Ubuntu 16.04 LTS LAMP fixed. :)
<OerHeks> unimatrixoverlod, see the releasenotes, https://wiki.ubuntu.com/XenialXerus/ReleaseNotes#PHP_7.0 and the mysql part
<CodeMouse92> I'm trying to install https://github.com/Open365/Open365/ on Ubuntu 14.04, but I'm stuck on the "pip3" commands. I know from Python experience that you NEVER run "sudo pip" *anything*, lest you mangle your packages. Yet, if I set up a virtualenv, the "sudo ./open365 install" doesn't see its packages. I am completely lost
<sarnold> CodeMouse92: check the output of 'sudo env', make sure it looks like what you expect
<CodeMouse92> sarnold: I've never done this. I don't know what I expect
<sarnold> aha
<sarnold> I don't know enough about pip or virtualenv to say either :)
 * CodeMouse92 weeps
<unimatrixoverlod> oerheks: thank you, looking into it
<blizzow> Is anyone else experiencing serious problems with disk IO/load issues on 16.04.1?  I fresh installed 16.04.1 on a Logical volume hosted on a RAID1 (mdadm) partition, on 7200 RPM drives, and my machines are just struggling to breathe.
<unimatrixoverlod> After using Aptitude and purging all apache2 and php packages and deleting /etc/php* I get the message: "WARNING: Module mysqli ini file doesn't exist under /etc/php/7.0/mods-available".  Anyone have any ideas on how to get mods-available with the modules?
<tomreyn> you install php and the modules.
<unimatrixoverlod> tomreyn: sorry I didn't say I reinstalled apache2 and php...
<unimatrixoverlod> tomreyn: so yes they are "installed" but not working.
<tomreyn> unimatrixoverlod: you are probably lacking some packages: apt-cache search php7
<tomreyn> unimatrixoverlod: http://packages.ubuntu.com/search?suite=xenial&arch=any&searchon=contents&keywords=mysqli.ini
<tomreyn> this is for xenial, i'm not sure which release you were looking for.
 * tomreyn afk
<unimatrixoverlod> tomreyn: correct, it is for Xenial
<unimatrixoverlod> tomreyn: http://paste.ubuntu.com/23217853/
<unimatrixoverlod> tomreyn: these are the packages installed for "*php*". It looks like all the correct packages are installed for PHP7 functonality. Here is the /etc/apache2/* directory: http://paste.ubuntu.com/23217873/
<unimatrixoverlod> tomreyn: the issue appears to be when Xenial re-installs php7 ( after a aptitude purge of PHP & rm -rf /etc/php )
<unimatrixoverlod> tomreyn: here is the directory for /etc/php/: http://paste.ubuntu.com/23217884/
<unimatrixoverlod> tomreyn: apt-get install fails to populate the /etc/php/7.0/mods-available directory
<unimatrixoverlod> also running a2query -m show PHP7 is loaded but ALL <?php ?> does process as PHP: http://paste.ubuntu.com/23217903/
<unimatrixoverlod> ideas anyone?
<sarnold> have you checked the logs?
<unimatrixoverlod> yes. i can pastebin a grep of something specific?
<sarnold> I know next to nothing about apache and php; "check the logs" is just my generic debugging advice :)
<unimatrixoverlod> oh, thank you though. very wise ;)
<sarnold> it's amazing how well it works :)
<nacc> unimatrixoverlod: can you start from the top and tell me your steps?
<unimatrixoverlod> nacc: sure, let me type it up better. give me about 2min
<nacc> unimatrixoverlod: for reference, i just did: `apt-get install libapache2-mod-php php7.0-mysqli; apt-get purge libapache2-mod-php php*; rm -rf /etc/php; apt-get install libapache2-mod-php php7.0-mysqli` and /etc/php/ is fine
<nacc> that seems roughly like what you said you did
<unimatrixoverlod> After using Aptitude and purging all apache2 and php packages and deleting /etc/php* I get this message when re-installing: "WARNING: Module mysqli ini file doesn't exist under /etc/php/7.0/mods-available". The problem appears to be that mods-available is not re-populated with the modules? #dpkg -l '*php*' | grep ii (http://paste.ubuntu.com/23217853/); #dpkg -l '*apache2*' | grep ii (http://paste.ubuntu.com/23217945/);
<unimatrixoverlod> nacc: interesting, i've been working on this for a couple hours. i might have done something extra or "contaminated" :P my OS install. This morning i did a do-distupgrade from Ubuntu Server 14.04 LTS to Ubuntu Server 16.04 LTS. thank you for looking at my info! i can provide more info if needed
<sarnold> do-release-upgrade ? or apt-get dist-upgrade?
<unimatrixoverlod> do-release-upgrade
<sarnold> okay :)
<unimatrixoverlod>  /etc/php/* rwl,
<unimatrixoverlod>   /etc/php/** rwl,
<unimatrixoverlod> So there may be a "bug?": with AppArmor under 14.04 apache2 was configured for PHP being in /etc/PHP5 I believe. After upgrade to 16.04 the AppArmor apache2 configuration didn't get updates to the new PHP7 new directory: /etc/php. I had to manually add:
<nacc> unimatrixoverlod: reviewing
<unimatrixoverlod> wierd, it posted in reverse... my bad
<nacc> unimatrixoverlod: in which file is that line?
<unimatrixoverlod> nacc: /etc/apparmor.d/usr.sbin.apache2
<nacc> unimatrixoverlod: that's not controlled by php, but by 'libapache2-mod-apparmor' afaict
<nacc> unimatrixoverlod: and by default, the file has no  php-related contents
<nacc> so yoyu must have edited the above in?
<unimatrixoverlod> nacc: today I added "/etc/php/* rwl, /etc/php/** rwl,". The original install was Ubuntu Server 14.04 LTS with a LAMP configuration (AppArmor enabled). There would have to have been some AppArmor profile maybe?
<unimatrixoverlod> nacc: let me check that 'libapache2-mod-apparmor' is installed. one sec.
<nacc> unimatrixoverlod: fwiw, nothing seems to actually depend on libapache2-mod-apparmor, afaict
<nacc> unimatrixoverlod: package wise
<unimatrixoverlod> nacc: good catch! the package: 'libapache2-mod-apparmor' is not installed. fixing.
<sarnold> you might want to get things working before adding apparmor into the mix
 * nacc was going to say that next :)
 * sarnold ^5s nacc
<unimatrixoverlod> sarnold: suggestion noted :)
<nacc> mostly because it feels like you might be missing other pacakges too, if you're missing that one
<unimatrixoverlod> the do-release-upgrade did remove a lot of packages...
<nacc> unimatrixoverlod: so you're still getting an error message, right?
<nacc> can you pastebin dpkg -L php7.0-mysql
<unimatrixoverlod> nacc: dpkg -L php7.0-mysql is up at: http://paste.ubuntu.com/23218041/
<unimatrixoverlod> nacc: ok i re-executing the following to test: `apt-get install libapache2-mod-php php7.0-mysqli; apt-get purge libapache2-mod-php php*; rm -rf /etc/php; apt-get install libapache2-mod-php php7.0-mysqli`
<nacc> unimatrixoverlod: did you get messages like: http://paste.ubuntu.com/23218056/
<unimatrixoverlod> nacc: so i modified one step to grab php7 packages as well:  `apt-get purge libapache2-mod-php php* php7.0*`
<unimatrixoverlod> nacc: the result is at  http://paste.ubuntu.com/23218097/
<nacc> unimatrixoverlod: well, php7.0 is a proper subset of php*
<unimatrixoverlod> nacc: lol, yes...
<unimatrixoverlod> nacc: maybe it was more for my sake :D
<unimatrixoverlod> you can notice lines like: "WARNING: Module xsl ini file doesn't exist under /etc/php/7.0/mods-available"
<unimatrixoverlod> now to install... one sec.
<unimatrixoverlod> ok wow!
<unimatrixoverlod> nice, under "Setting up php7.0-common" it's listing updates to mods-available
<nacc> good
<nacc> unimatrixoverlod: yes, let me see if i saw that on my lxd
<nacc> unimatrixoverlod: i did not get any such errors
<nacc> i wonder if it's detecting your old php5 configuration
<unimatrixoverlod> nacc: yes, it was running php5 previously... I purged all of anything PHP and then "rm -rf /etc/php/" The
<unimatrixoverlod> nacc: the "php7.0-common" seemed to repolulate the mods-available directory
<nacc> unimatrixoverlod: ok
<unimatrixoverlod> Thank you everyone for your help. It means a lot and why I do Ubuntu :D
#ubuntu-server 2016-09-23
<unimatrixoverlod> am i allowed to post a link to my site that is now running?
<nacc> unimatrixoverlod: glad you got working
<nacc> unimatrixoverlod: not sure that's ontopic or appropriate for the support channel
<nacc> *support/discussion
<unimatrixoverlod> nacc: got it. no problem. thank you Nacc again for your help.
<nacc> unimatrixoverlod: np!
<unimatrixoverlod> couldn't have done it without you :)
<skulltip> is it possible using filezilla or some other client to upload an ascii file to one server and a binary to another server, without corruption between the two?
<skulltip> (FTP)
<php> I'm currently trying to fix someone's mail server and it's having quite a strange issue. The server is using dovecot and for some reason incoming mail is going to /var/mail/%n, instead of /home/mail/%n, after a lot of attempts at changing various things over and over to make them point to mail to the /home path
<php> Ubuntu 16.04.1 LTS
<a1fa> i have a strange issue with tcpdump not wanting to read files, or write files in certain directories.. chmod ugo+rw is set for that directory, single partition, i can dd if=/dev/random into that file, running tcpdump -Z root didnt help.. sudo, or running it as root makes no difference
<a1fa> mkdir /test; cd /test; tcpdump -w /test/whatever
<a1fa> open("whatever", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1 EACCES (Permission denied)
<a1fa> umask 022
<a1fa> setuid(0) setgid(0) too
<a1fa> writing a file to /tmp and moving it to that directory, and i get same thing permission denid
<a1fa> app armor?
<a1fa> audit: type=1400 audit(1474602137.806:48): apparmor="DENIED" operation="mknod" profile="/usr/sbin/tcpdump" name="/test/whatever" pid=20916 comm="tcpdump" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
<a1fa> not sure why i didnt run into this earlier
<echosystm> can anyone recommend a really simple monitoring system>?
<echosystm> nagios is overkill and has too many problems
<echosystm> like NPRE or whatever it's called having massive security issues
<echosystm> all i want to monitor is disk, cpu and security updates on 3 servers
<zkvvoob> Hello! Is anyone willing to help be debug a strange Apache rewrite problem that returns either Error 500 or 301?
<zkvvoob> Could anyone help me figure out this problem, please: http://stackoverflow.com/questions/39611923/apache-rewrite-adding-unnecessary-directory-get-returns-error-500 ?
<jamespage> ddellav, coreycb: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-yakkety/yakkety/amd64/p/python-pbr/20160923_035406@/log.gz
<jamespage> autopkgtest failures for pbr
<jamespage> :~(
<coreycb> jamespage, grr
<coreycb> jamespage, python-wheel is in universe
<jamespage> coreycb, I know
<jamespage> coreycb, its only in the tests afaict
<coreycb> jamespage, yeah I"m only seeing it imported in that one test file
<coreycb> jamespage, maybe just skip TestPackagingWheels()
<jamespage> coreycb, oh wait there is a --derives-from in the rules
<jamespage> the package skips unit tests - this is a main/universe re-org hangover
<jamespage> coreycb, you can add python-wheel to the autopkgtest depends - that's allowed
<coreycb> jamespage, ah, cool
<coreycb> didn't know that
<jamespage> coreycb, actually if you add it to the BD's and stop skipping the tests during the pkg build that's also good
<jamespage> coreycb, but we should minimize the cleanup now I guess
<jamespage> coreycb, the autopkgtests use the BD's so I'd add python{3}-wheel to the BD's for the package
<coreycb> jamespage, ok let me try that
<coreycb> jamespage, this is new for me, there's c code in the pbr tests
<coreycb> oh I think I just need python-all in BDs
<rbasak> cpaelzer: FYI, I figured out bug 1620955
<ubottu> bug 1617963 in heimdal (Ubuntu) "duplicate for #1620955 package libasn1-8-heimdal:amd64 1.7~git20160703+dfsg-1 failed to install/upgrade: package libasn1-8-heimdal:amd64 1.7~git20160703+dfsg-1 cannot be configured because libasn1-8-heimdal:i386 is at a different version (1.7~git20150920+dfsg-4ubuntu1)" [Undecided,Incomplete] https://launchpad.net/bugs/1617963
<cpaelzer> rbasak: was it starting to show up more often?
<cpaelzer> rbasak: did you spot that by the versions they had reported?
<cpaelzer> rbasak: or by running into the same issue
<rbasak> cpaelzer: yeah it seemed that three people hit it separately, so I looked at it a bit deeper and spotted that the versions are all from yakkety-proposed.
<cpaelzer> rbasak: you might want to tell him that he did help, that last comment appears to me that he considers your response as too-hard
<cpaelzer> last comment 2 minutes ago
<rbasak> cpaelzer: I'm working on answering this FAQ.
<rbasak> cpaelzer: with bug 1625577, I feel that it should either be marked with the "not enough info" template, or added to our backlog, but not left hanging. Otherwise if there's no activity the user doesn't have any direction on what to do.
<ubottu> bug 1625577 in php5 (Ubuntu) "package php5-mysql 5.5.9+dfsg-1ubuntu4.19 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/1625577
<cpaelzer> Well, I was punting the decision if it is not enough info or just my lack of php-wisness to nacc
<cpaelzer> which is why I have subscribed him and mentioned that in the comment
<cpaelzer> backlog is probably right
<cpaelzer> since it is not excluding my former intention
<cpaelzer> and avoids that it gets lost
<cpaelzer> thanks for letting me know
 * cpaelzer is subscribing
<coreycb> ddellav, hey can you push your upstream and pristine-tar branches for ironic stable/mitaka release?
<coreycb> ddellav, looks like most of your mitaka branches need to get rebased.
<samba35> Thanks
<coreycb> ddellav, sahara's an interesting one since we sync that from debian now, we probably should maintain ubuntu/* branches in alioth.
<samba35> i was able to boot from maas 1st server client from pxe but i have many quastion lead by 1st pxe client boot with dedicated  machine (not kvm/pxe boot )
<samba35> ok i will br right back
<ddellav> coreycb is the mitaka staleness due to it sitting around for over a week or did i miss something originally?
<ddellav> coreycb also did you figure out pbr? It definitely ran tests during my local build
<coreycb> ddellav, just staleness
<ddellav> coreycb ok, i'll rebase them all and figure out what happened with ironic
<coreycb> ddellav, still working on pbr. it doesn't run unit tests during builds for ubuntu.  the problem is autopkgtests (see debian/tests) are failing, they get run before a package can get promoted out of proposed.
<coreycb> jamespage, pbr tests are hitting something similar to this old bug https://bugs.launchpad.net/pbr/+bug/1296200
<ubottu> Launchpad bug 1296200 in PBR "Unit tests are failing in Sid" [Medium,Fix released]
<coreycb> gpg: invalid item '(setpref)' in preference string
<jerichowasahoax> How do I configure my server to send all system mail via an external SMTP server
<jerichowasahoax> The eventual goal is to get psad to send alerts through this other SMTP server, which it seems like I can do by getting /usr/bin/mail to do it
<jerichowasahoax> Google's telling me that I would need to configure a whole new postfix daemon, and I'd really rather not go through all that just to tell my box where my mail server is
<maswan> yes, that's what you should do. and it is easy, just answer a couple of debconf questions saying that it is a satelite system with a mail server that it should send everything to
<tarpman> jerichowasahoax: you can install something like ssmtp or msmtp (which just either deliver mail or fail, no queue) or nullmailer or dma (which are lighter/simpler than a full MTA but do include a queue)
<JanC> something with a queue is probably a good idea if you don't want to lose any mail...
 * tarpman generally installs nullmailer everywhere
<deadhead> hello, just installed server in a VM with LAMP, able to hit apache default splash, setting up dreamweaver SFTP connects successfully but cannot write to dir using default user account ubuntu created during install
<deadhead> do i need to create a special user / user group or modify the permissions of the folder? whats the common practice here
<RoyK> !chown
<ubottu> An explanation of what file permissions are and how they can be manipulated can be found at https://help.ubuntu.com/community/FilePermissions
<sarnold> which directory are you trying to write into? which user account owns it now? does that user account make sense? or would it make more sense to change the owner to the ubuntu user?
<deadhead> id assume there an existing group already and I need to add the default user account created during setup to that group?
<deadhead> lol, /var/www/html belongs to root, oh boy...
<deadhead> thanks for the rabbit hole
<sarnold> 'root' makes a certain amount of sense; afterall, root owns the usual web ports :)
<sarnold> but if you'd rather ubuntu own it, go for it.
<deadhead> well, id rather create a "webdev" group , add the default created user to install to that and then give that group write to /var/www/html/, is that ok or "not normal" ?
<sarnold> that sounds much better
<sarnold> deadhead: investigate 'bsdgroups' mount option (mount(8) has a short description) -- if you set the setgid bit on the directory, that will help keep files and subdirectories owned by the group, to make it easier for group members to work in the directory
<deadhead> sarnold, thanks, i was actually looking at just chgrp -R and chmod -R and be done with it but I am not a linux person and dont know if this removes the root group from the dir and would cause problems
<deadhead> ill dig before going forward
<sarnold> it would remove the root group, it's unlikely to cause problems
<deadhead> sarnold, do you know if /var/html/www is usually changed to 770 or 774 or there isnt reason to execute anything in here w 775 right?
<sarnold> deadhead: 775 is nice if the web server doesn't own the data and isn't part of the group -- that way it can get read-only access to the data via the 'world' bits
<deadhead> like a hosters web server of many clients, I see
<sarnold> principle of least authority -- I like to have as few resources modifiable by processes that interact on the network
<deadhead> so much to learn, we are strictly windows asp .net over here but jumping in the deep end for a swim, thanks for the help
<sarnold> woot, welcome aboard :)
#ubuntu-server 2016-09-24
<waffles> mdadm: Unrecognised md component device - /dev/sdb - any ideas ?
<tsimonq2> waffles: try #ubuntu if you don't get a response within a reasonable amount of time :)
<torak> hello
<torak> Does anyone know why this mlab databases cost too much? I can get a droplet from digitalocean. Its cheaper and has more storage?
<torak> setting up a db is not that hard. :S
<samba35> is any one using ubuntu maas server ? need some help
<samba35> can some one please help me to understand storage  layout on maas server ? ,which storage type i select (presently its flat )
<samba35> does it require new harddisk ? i have install maas server after installation of normal ubuntu 16.04.1 is that ok  ? or do i have to install new new maas server with maas option
<bildz> Hey guys, I'm working with MAAS 2.0 / juju 2.0 and am having an issue with "conjure-up openstack".  Is there a way to generate some debug logs so I can see where it's failing?
<zackychan> hi everybody , how can I make a start up script run after everything is initialized ? (I get conflicts because all is not loaded at startup)
<zackychan> anybody ?
<jge> zackychan: what version are you on
<bildz> how do I get past this error:   http://pastebin.com/8tEpCvWU  ?
<bildz> http://imgur.com/Ym3q16K <--- has anyone encountered this error bootstrapping autopilot?
#ubuntu-server 2016-09-25
<Space-Duck> How can I get a Ubuntu server with PHP7 to connect to a MSSQL database? Use ODBC! Yes, I know. So.... I'm using FreeTDS to facilitate an ODBC connection. The problem is that when I use PDO binded arguments a segfault happens in apache. Is there a better way?
 * RoyK doesn't use mssql
<patdk-lap> Space-Duck, what odbc driver?
<Space-Duck> freetds
<Space-Duck> unixodbc
<patdk-lap> freetds is not an odbc driver
<patdk-lap> unixodbc is also not a odbc driver
<patdk-lap> something like, Driver          = /usr/lib/x86_64-linux-gnu/odbc/libtdsodbc.so
<patdk-lap> well, guess that would be freetsd in that case
<patdk-lap> normally I use the microsoft sql driver
<maddawg2> ok well i just upgraded to 16.04 skipping over 15
<maddawg2> so coming from 14.04
<maddawg2> and now i have a small issue
<maddawg2> i want to get utserver to start on boot but it seems upstart is gone??
<maddawg2> so i am not really sure how to properly set this up now
<samba35> user  systemctl
<samba35> use
<maddawg2> yea i understand that but how lol
<maddawg2> i dont know how to create any script for utserver for that
<samba35> what u want to do
<maddawg2> i want utserver to start at startup
<maddawg2> the only instructions i have is for upstart
<maddawg2> but obviously that wont work
<samba35> systemctl enable service
<maddawg2> no clue what you mean
<maddawg2> utserver isnt a recognized service
<maddawg2> i assume i need a special config to make it work with utserver
<samba35> what is utserver
<maddawg2> utorrent
<samba35> ok
<maddawg2> samba35, this is typically the way i do it: https://joesteinkamp.com/setup-utorrent-server-on-ubuntu-server-with-start-on-boot/
<maddawg2> and that has always worked until this stupid change lol
<samba35> u can use rc.local if you know the script
<maddawg2> when you use rc.local does that only run when user logs in or will it run at startup
<maddawg2> ?
<Geom`> system wide
<Polarcraft> Anyone know why php5-fpm creates duplicate pools?
<PCdude> Anybody here using the openstack-installer for ubuntu?
<PCdude> I want to change the node that the installer uses to install its services on. How can I do that?
<huwjr> hi , can someone help urgently please
<huwjr> not strictly ubuntu related but;
<huwjr> needed to restart mysql to apply a new ulimit
<huwjr> now mysql wonât start and i just get mysql.service failed because the control process exited with error code. See "systemctl status mysql.service" and "journalctl -xe" for details.
<huwjr> get no other useful output
<huwjr> journalctl -xe just lessâes syslog and thereâs nothing there
<calprost3> hello, ubuntu hangs at boot screen on a dedicated server, anyone can help in private or something?
<calprost3> please i really need help with it
<PCdude> Hey all, I wanna read some books or tutorials besides the official docs
<PCdude> but I can't find anything, any idea?
<compdoc> books or tutorials on ubuntu server?
<PCdude> compdoc: thats a pretty important part I left out sorry haha
<PCdude> I meant ubuntu landscape
<PCdude> https://landscape.canonical.com
<ikonia> the official docs are the best info on it
<ikonia> why would you not want to read them ?
<nunchuck> getting a permissions error setting up dropbox on ubuntu server 16.04
#ubuntu-server 2017-09-18
<Bryzn007> what hot server backup do you use that is effective for server runing Zimbra? which can be easy to restore in case of catastophic hardware failure?
<{bosco}> so i have setup my apache2 server and now when i go to boscosworld.com it says i do not have permission to view this page on the server ? any help  ubuntu 17.04
<{bosco}> thank u
<Bryzn007> adjust permissions, this may help you https://serverfault.com/questions/357108/what-permissions-should-my-website-files-folders-have-on-a-linux-webserver
<{bosco}> Bryzn007 i went through that entire page and nothing
<{bosco}> no change
<cpaelzer> good morning
<lordievader> Good morning
<rbasak> cpaelzer: o/
<rbasak> cpaelzer: I fear I won't finish catching up this week :-/
<rbasak> cpaelzer: anything I should prioritise?
<cpaelzer> rbasak: hiho
<cpaelzer> rbasak: I'm working on libvirt dev bugs atm, nothing from me you could unblock
<cpaelzer> maybe some SRUs but that I'd leave to the normal SRU rotation
<rbasak> OK, thanks
<dpb1> hey rbasak, w/b
<fishcooker> how to get detail of process when i have the pid ?
<dpb1> fishcooker: ps -p 1 -f <other flags here>
<dpb1> note, ordering is important for some of the flags.  ps is an OLD command. :)
<MASM> Hello, I have a problem whit some hacker or some scripts that hacker installed in my server, but i don't know where find it, some times appear 3 files "on.php, up.php, access.php", in "/var/www/website.com/public_html/on.php" owner by "www-data" user, but what can I do with this?, i have a script run every 5 minutes to delete it, but how can I detect the bulneravility?
<MASM> files contain base64 code
<nacc> MASM: take your server offline
<nacc> MASM: you can't trust anything on it at this point, if you don't know where those files are coming from
<MASM> yes, but i can't take it down, it need to be on all day, i need
<nacc> MASM: you definitely don't *need* a corrupt, hacked server
<MASM> tips to solve this
<MASM> it is only in that folder, and after get down the server what i need to do?
<nacc> MASM: you have no idea what else is running or happeninng on your server
<nacc> MASM: it seems like, which means you don't know the extent of damage done
<mike-zal> monitoring tools are needed to anylize what is happening, but for that you need sysadmin who knows linux enough to recognize some atypical things
<mike-zal> if you have no way to resolve it, doing a copy of your stuff and reinstalling things, focusing on securing server and then restoring back of your content is the best solution. find some hosting where you can temporary move your site and clean your server MASM. worse, if the problem is placed somewhere in your site... but you will find out about it eventually if you clean your server..
<MASM> I have been going crazy, looking for what they have modified the server, but the only thing that know is that they have made me an "Mass Desfase", they are a "White hat"
<MASM> create files in that folder, and up that files php, and change the files of the domain
<RoyK> MASM: pastebin those php scripts - if you want to see what's running them, check the webserver log, it should give you you an ip address
<RoyK> MASM: also, check the timestamp on those files
<RoyK> that is, at least don't edit them before you have the timestamp
<RoyK> just ls -l /path/to/file
<MASM> thay are in base64 and are like "forms uploading files"
<MASM> -rw-r--r-- 1 www-data www-data  28 Sep 16 06:47 /var/www/mysite.com/public_html/on.php
<MASM> this is one
<RoyK> that's only two days old
<RoyK> check  the webserver logs - apache?
<RoyK> but pastebin one anyway: cat /var/www/mysite.com/public_html/on.php | pastebinit
<RoyK> which version of ubuntu is this?
<MASM> 14.04
<tomreyn> 14.04.0 or 14.04.1? or something else? lsb_release -sd should tell
<MASM> but i delete the file, well my script delete it, i have a script running every 5 minutes and if it detect that files it remove all
<tomreyn> what makes you think that ths is a "White hat" "Mass Desfase"?
<MASM>  Ubuntu 14.04.5 LTS
<MASM> the edited the index.php with their logo
<dpb1> MASM: did you unplug the server from the network?
<tomreyn> may one of the many intruders did that, and the others got root?
<MASM> and i found them in facebook, and in their biography i find my website
<tomreyn> indeed unplugging it from network is the first thiing to do
<MASM> i have jail2ban with ssh
<tomreyn> you allowed it to get compromised, now you need to deal with the downtime
<MASM> i think they can get access with root, and i change the password every week
<RoyK> well, the box has been compromised - if they have gotten root accesss, reinstall
<tomreyn> changing the root password weekly wont prevent privilege escalation
<RoyK> there's a zillion ways to make a root backdoor once you're in as root
<RoyK> MASM: btw, are the files under /var/www owned by www-data?
<RoyK> and do you have a backup?
<MASM> yes i have backups
<RoyK> very good
<lordcirth_work> Reinstall the server, salt state.apply, restore backups if needed, watch auth.log like a hawk?
<RoyK> but just take down the box and reinstall it
<MASM> i installed clamv to see if there is a malicous file
<lordcirth_work> And make sure you're up to date
<tomreyn> lordcirth_work: did s/he say s/he uses salt stack?
<lordcirth_work> whoops, wrong channel lol
<lordcirth_work> #salt is the other tab, lol
<tomreyn> :)
<MASM> i don't use it e-e
<MASM> oh!
<RoyK> lordcirth_work: if the php files and their dir(s) are owned by www-data, it's possible to change those using a seurity hole if one exists in another php file
<lordcirth_work> In future, I would strongly recommend using some sort of configuration management
<mike-zal> MASM: some articles claim that on tests, clam av showed one of the worst detection rate of both win and linux malware.
 * RoyK likes ansible
<mike-zal> there are many more efficient antivirs for linux thou
<lordcirth_work> mike-zal, any suggestions?
<MASM> and don't know another antivirus
<mike-zal> ansilble is awesome. have to learn it
<lordcirth_work> I prefer Salt.  But either is much better than nothing
<RoyK> MASM: it's probably not a virus - there aren't too many of those for linux
<RoyK> MASM: and any file can be malicious without clamav finds out - it's not *that* smart
<MASM> i use a php find base64
<mike-zal> lordcirth_work: here is the article, it's a bit dated thou: https://www.csoonline.com/article/2989137/linux/av-test-lab-tests-16-linux-antivirus-products-against-windows-and-linux-malware.html
<MASM> to see if there is more files
<lordcirth_work> Your website might now be redirecting people to viruses, though...
<mike-zal> but you have there some list of potential av software for linux lordcirth_work
<RoyK> MASM: well, at least take the machine offline
<lordcirth_work> Thanks
<MASM> RoyK ok i will
<MASM> and i going to reinstall all,
<MASM> i was thinking to use docker
<RoyK> probably a good idea, quite possibly on 16.04 to get something fresher
<lordcirth_work> Yes, if you're reinstalling you should try 16.04
<dpb1> MASM: were you keeping packages up to date, and making sure to reboot onto new kernels regularly?
<tomreyn> MASM: good choice (about taking it offline and reinstalling). once it's offline make sure you got complete and current backups, and that the backups aren't compromised either.
<RoyK> MASM: and before it's online, setup ufw to only allow what you need
<MASM> dpb1: yes i do that updates
<lordcirth_work> I prefer shorewall to ufw
<RoyK> lordcirth_work: well, I beleive ufw is easy, and the iptables rules it writes, isn't bad
<lordcirth_work> RoyK, I have never gotten ufw to behave the way I expect it to, I don't know why.  Maybe it's just me.  Last time I tried I gave up and wrote the iptables myself
<MASM> i have some security, like ufw, with only ports that i use, jail2ban, apache (mod_security and mod_evasive)
<mike-zal> MASM: interesting article: https://likegeeks.com/secure-linux-server-hardening-best-practices/
<RoyK> lordcirth_work: depends what you need, though. ufw is quite simple, but I use it for most my stuff
<mike-zal> that's aside standard security measures.
<RoyK> MASM: this php thing you're running, is it developed in-house or is it some standard package?
<MASM> the script that i find in internet to find files .php with base64?
<MASM> RoyK : https://github.com/mikestowe/Malicious-Code-Scanner/blob/master/phpMalCodeScanner.php
<MASM> example of malocious code php https://aw-snap.info/articles/php-examples.php
<MASM> well thanks to all, i will reinstall all, and get more security to the users
<RoyK> MASM: no, I meant the webapp
<MASM> oh, it is drupal 7
<RoyK> oh, drupal
 * RoyK has never liked that
<RoyK> MASM: has drupal been updated lately? it has a rather bad reputation for exploits
<MASM> RoyK: some modules are update others no
<RoyK> https://www.exploit-db.com/exploits/41564/
<tomreyn> that's a specific third party drupal module, not in core.
<RoyK> tomreyn: yes, but MASM said not all mods were updated, which may imply third-module stuff that you have to update manually
<tomreyn> right, but there are plenty of modules, and many of them have vulnerabilities in some versions. i'm just saying you made a wild guess there.
<RoyK> I did, and thus I pointed to an exploit
<RoyK> I didn't say he was using that particular module
<tomreyn> ok, i just wanted to put some context around this URL.
<RoyK> anyway - I home MASM will keep an eye on drupal for later to better avoid such things
<MASM> i think that, because only in the folder that is drupal, they can create files, with www-data, i think it means that they don't have access to some user of linux, and maybe they are using php injection or something like that
<MASM> or exploit like Royk says
<tomreyn> it'd be a good idea to run something other than mod_php, e.g. fpm, since thsoe other models allow more fine grained security restrictions. also disable some dangerous php functions unless you strictly need them.
<sdeziel> it's also good to restrict where the www-data use can write (typically only needed for some caches and upload dirs)
<nacc> sdeziel: fyi, i'm doing the import of tor and and adding it to our autoimport list
<tomreyn> php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate
<tomreyn> use those by default, and only remove what's strictly needed, only for those sitzes that need it.
<sdeziel> nacc: thanks!
<nacc> sdeziel: np, thank you!
<ahasenack> hm, I got a package which has a debian/patches/00list file instead of debian/patches/series
<ahasenack> is that from an old quilt version, or before quilt even?
<ahasenack> current quilt doesn't seem to even look for 00list
<nacc> ahasenack: depends on how it's built, is it 3.0 (quilt)?
<ahasenack> no such file there (debian/source/format)
<ahasenack> could it be dpatch?
<ahasenack> there are two patches there, and they have DPATCH in their headers
<ahasenack> @DPATCH@, even
<ahasenack> include /usr/share/dpatch/dpatch.make
<ahasenack> meh
<nacc> ahasenack: ah, then it's a 1.0
<nacc> ahasenack: or could be using dpatch
<07IAA32V7> sorry my computer die
<MASM> sorry my computer die, thanks to all
<MASM> for help me
<hehehe> hi
<hehehe> I am playing with xdotool
<hehehe> xdotool windowactivate 23076341
<hehehe> XGetWindowProperty[_NET_WM_DESKTOP] failed (code=1)
<hehehe> wheyyy
<hehehe> :)
<hehehe> i can do windows close
<hehehe> chromium
<ahasenack> can I use a dep3 header in an old dpatch patch?
<nacc> ahasenack: from dep3 itself: "For patch-systems like dpatch that require the patch to be a standalone script, the shebang line is ignored and it is possible to put those fields in comments. The line should then follow the format "# <field>". For multi-line fields, the subsequent lines should start with "#  " (hash followed by two spaces) so that they start with a space once "# " (hash followed by a
<nacc> space) has been stripped from the beginning."
<ahasenack> the lines start with "## DP:" actually
<ahasenack> I was going to add the dep3 bits prefixed with "## DP:"
<nacc> ahasenack: i think those linens are actual dpatch lines
<nacc> ahasenack: whereas the above is referring to just putting unparsed comment sin
<nacc> ahasenack: i really don't know and dpatch is deprecated :)
<ahasenack> it starts with "## All lines beginning with `## DP:' are a description of the patch."
<ahasenack> nacc: yeah, but for an sru I'm not going to change the patch system :)
<nacc> ahasenack: yeah, i agree -- i'm just saying i don't think it actually parses DP:
<nacc> ahasenack: easy enough to check
<ahasenack> said the last person going into the woods to check that noise
<nacc> well, that implies someone was there to hear it!
<nacc> otherwise, they're just a tree falling in the woods
<ahasenack> funny how that has been interpreted in the past: (not my comment, yours)
<ahasenack> ## All lines beginning with `## DP:' are a description of the patch.
<ahasenack> ## DP: This patch makes sure Makefile references -lpam
<ahasenack> ## to insure correct linking
 * ahasenack checks what patch-template does
<nacc> ahasenack: yeah, i suppose for minimzing the cognitive noise, i'd just follow the existing template
<ahasenack> it repeats DP:
<nacc> ahasenack: oh i wonder if DP: is what `dpatch cat ... ` uses
<ahasenack> "easy enough to check"
<ahasenack> :)
<ahasenack> yes
<ahasenack> debian/patches/02_libpam.patch ():
<ahasenack>   This patch makes sure Makefile references -lpam
<ahasenack> it's missing "to insure correct linking"
<ahasenack> good catch
<nacc> ahasenack: yeah the manpage says it does length stripping automatically, etc.
<nacc> ahasenack: so i think your dep3 header should not use DP:
<ahasenack> why?
<ahasenack> are you referring to the dep3 quote from before?
<ahasenack> maybe just use the dep3 description prefixed with ## DP:, so that dpatch cat shows it?
<oraqol> Hello all, having a little trouble 'conjure-up'-ing on fresh default ubuntu 16.04 and getting the following error: lxd not found please install with sudo snap install lxd && lxd init and wait for this message to disappear
<stokachu> oraqol: did you run `sudo snap install lxd`?
<oraqol> yes
<stokachu> ok i got a fix in that adds more information to the error, but you need to make sure to run `/snap/bin/lxd init && /snap/bin/lxc network create lxdbr0 ipv4.address=auto ipv4.nat=true ipv6.address=none ipv6.nat=false`
<oraqol> getting the following after running those commands: error: Unable to talk to LXD: Get http://unix.socket/1.0: dial unix /var/snap/lxd/common/lxd/unix.socket: connect: permission denied
<oraqol> but I have been messing with the installation.  I'll re-image and try that from scratch
<stokachu> oraqol: what does `ls -l /var/snap/lxd/common/lxd` show?
<stokachu> sorry `sudo ls -l /var/snap/lxd/common/lxd`
<oraqol> drwx------. 2 root root 4096 Sep 18 17:50 cache
<oraqol> drwx--x--x. 2 root root 4096 Sep 18 17:50 containers
<oraqol> drwx--x--x. 2 root root 4096 Sep 18 17:50 devices
<oraqol> drwxr-xr-x. 2 root root 4096 Sep 18 17:50 devlxd
<oraqol> drwx------. 2 root root 4096 Sep 18 17:50 disks
<oraqol> drwx------. 2 root root 4096 Sep 18 17:50 images
<oraqol> drwx------. 2 root root 4096 Sep 18 17:50 logs
<oraqol> lrwxrwxrwx. 1 root root   24 Sep 18 17:50 lxd.db -> ../../current/lxd/lxd.db
<oraqol> drwx--x--x. 2 root root 4096 Sep 18 17:50 networks
<oraqol> drwx------. 2 root root 4096 Sep 18 17:50 security
<oraqol> -rw-r--r--. 1 root root 1903 Sep 18 17:50 server.crt
<oraqol> -rw-------. 1 root root 3243 Sep 18 17:50 server.key
<oraqol> drwx--x--x. 2 root root 4096 Sep 18 17:50 shmounts
<oraqol> drwx------. 2 root root 4096 Sep 18 17:50 snapshots
<stokachu> there should be a unix.socket file in there
<oraqol> I'll reimage and try again later, then update here
<oraqol> thanks guys
<stokachu> ok im around just ping me later
<RoyK> stokachu: next time, tell him to !pastebin it :P
<stokachu> RoyK: yea sorry about that i should be more careful when i ask for those things
<{bosco}> ok so i have my apache webserver setup my ( website.com ) links to /var/www/website/public_html/index.html how do i get it to link to /home/user/website/public_html/index.html (ubuntu 17.04)
<oerheks> {bosco}, we advise againt that, but you can: https://stackoverflow.com/questions/5891802/how-do-i-change-the-root-directory-of-an-apache-server
<oerheks> change /etc/apache2/sites-available/000-default.conf to you /home/$USER/ etc
<{bosco}> oerheks: yes but cant u just use symlinks
<oerheks> {bosco}, that would be an outer solution, but why ?
<{bosco}> basicly i want the easiest and most secure way when i login to my server as a user to be able to edit the website not as root
<{bosco}> oerheks:
<Ussat> easy and most secure dont always go together
<{bosco}> yes i agree so how do i edit the file /home/user/website/public_html/index.html and have it edit mywebsite
<{bosco}> do i need to create a symlink to point there i am kinda lost allthough i have read lots of documentation
<{bosco}> Ussat:
<Ussat> wht do you mean "edit my website"?
<Ussat> why not edit your site directly ?
<nacc> Ussat: i believe they are trying to avoid being root
<{bosco}> u are correct
<Ussat> ahh
<Ussat> why is your website only editable by root ?
<Ussat> and just use sudo then
<{bosco}> : Ussat i want to change that i want to be able to have my /home/user/website1/public_html/index.html point to my website.com ? isnt that possible? if so how do i do it \?
<Ussat> I know what you want to do, a sym link would do that, but why bother ?
<Ussat> edit the site directly with sudo vi <file>
<{bosco}> becuase i dont want to use sudo everytime and i have tried symlinks but failed in attemps i dont want to have to put in my sudo password every time i just edit index.html
<Ussat> Well, other than that, no, you cant
<Ussat> you said wanted secure, sudo is secure, it asks for a password every time
<sarnold> or you could follow the advice in https://stackoverflow.com/questions/5891802/how-do-i-change-the-root-directory-of-an-apache-server as oerheks suggested
<oerheks> add your user to www-data > sudo adduser <username> www-data # https://askubuntu.com/questions/19898/whats-the-simplest-way-to-edit-and-add-files-to-var-www
<Ussat> ahh I did not see that, I donno if I would do that myself, but its a option
<{bosco}> i looiked at that documentation and it didnt work right i must be doing something wrong
<{bosco}> : sarnold
<oerheks> basicly the 1st thing i do
<Ussat> srsly, just use sudo
<{bosco}> it is possible to store website.com/index.html in /home/user/website/pubic_html/ why cant i do that ? sorry with all the different options i am lost
<oerheks> You *can* store it there, sure... for backup
<{bosco}> : oerheks how do i use that not as a backup
<oerheks> {bosco}, change /etc/apache2/sites-available/000-default.conf to that folder
<oerheks> * and restart apache
<{bosco}> when i do that it says i do not have permission to view on the server from web browser
<{bosco}> : oerheks
<oerheks> are those files and folders in the www-data group? apache wants that.
<oerheks> ( correct me if i am wrong)
<{bosco}> i have changed my .conf file to direct or look for my index.html file in my users folder
<{bosco}> but when i do that i get permssion denied by the web browser
<Ussat> I need to ask, why are you making these changes ? It sounds like youre making this harder than it needs to be
<sarnold> {bosco}: you can use namei -l /path/name/here to help find which file or directory needs its permissions or ownership changed
<{bosco}> it may be harder than doing that i agree but i am not trying to sound rude or anything at all i am great full for any advice but what is the best way to do as a described ?
<{bosco}> : sarnold
<{bosco}> i not a
#ubuntu-server 2017-09-19
<{bosco}> ok
<d_kam> Hey guys.  Package installation question.  If I have ubuntu 16's nginx package installed, can I install nginx from another PPA ( EG, PhusionPassenger ) without issue? Or do I need to uninstall the standard nginx package first?
<sarnold> you almost certainly need to uninstall the distro-provided package first unless the other packager has gone to lengths to make side-by-side install an option
<sarnold> you could use apt-get download ... to grab the binary package, ar x the thing to get data.tar.* file, and tar tf that data.tar.* file to see what filenames it uses. if it uses 'standard' names, then you have to uninstall the distro one first.
<sarnold> if everything goes into /opt/phusionphun/nginx/ or something like that then you might be fine
<d_kam> Thanks sarnold
<d_kam> Any idea when the standard nginx package is built against openssl 1.0.1, when the OS provides 1.0.2g?
<d_kam> I want HTTP/2 which now requires ALPN, which requires nginx to be built with OpenSSL 1.0.2d(?)
<sarnold> that's probably a "minimum version". 16.04 LTS ships with openssl 1.0.2g with a load of patches for security fixes, so it's probably new enough for the ALPN..
<sdeziel> d_kam: if you get back, nginx in Xenial already supports HTTP/2
<oskaress> Hey guys, when I want to add a new user to an existing group, shouldn't the command just be adduser $user $group --gecos <...> and then chpasswd on a new line to set the password?
<jamespage> o/
<lordievader> oskaress: The way I add users to  a group is `sudo usermod -a -G <groups> <user>`.
<oskaress> lordievader But I want to create the user and in the same command add it to an existing group, that is possible right?
<lordievader> oskaress: Yes, read the useradd man page: https://linux.die.net/man/8/useradd
<lordievader> -G flag.
<oskaress> Thank you
<RoyK> oskaress: try man useradd ;)
<Oskars_> Is there any way to use adduser and create a user without creaing a group with the same name?
<andol> Oskars_: adduser --ingroup ExistingGroup NewUser
<Oskars_> andol, Thank you, will try!
<rbasak> cpaelzer: re bug 1658469, I think the goal is still to enable HTTP/2 in apache2 in Xenial. It just needs figuring out the details.
<ubottu> bug 1658469 in apache2 (Ubuntu) "mod_http2 is not available under Apache 2.4.23 / Ubuntu 17.04 xenial" [Low,Triaged] https://launchpad.net/bugs/1658469
<rbasak> nacc: ^ that's right I think?
<coreycb> jamespage: i'm going to get started on newton point releases today: https://bugs.launchpad.net/cloud-archive/+bug/1718033
<ubottu> Launchpad bug 1718033 in Ubuntu Cloud Archive newton "[SRU] newton stable releases" [Medium,In progress]
<Oskars_> andol, I don't get it, when I run it, it seems to work, says Adding new user <user> (1001) with group <group>, but when I run "grep <group> /etc/group" the new created user it not in the group which it earlier said he was added to...
<Oskars_> is not* in the group
<andol> Oskars_: It wouldn't, as only secondary groups show up that way
<andol> Oskars_: Try `groups username`
<Oskars_> andol, Ah I see.. 'groups <username>' worked, now I see it. Just got to figure out why I can't FTP in with the user now haha
<andol> Oskars_: If you look in /etc/passwd you will see that the GID of the primary group is listed as the fourth value.
<jamespage> coreycb: ack I was doing likewise on ceph 10.2.9
<jamespage> and and ovs updates
<Oskars_> andol, Yeah they have the same GID so that looks correct
<coreycb> jamespage: awesome
<cpaelzer> rbasak: well I was following naccs last comment in there, but he will know and can correct my misunderstanding if it was one
<coreycb> beisner: neutron 2:8.4.0-0ubuntu5~cloud0 is ready to promote to mitaka-updates for bug 1668410
<ubottu> bug 1668410 in neutron "[SRU] Infinite loop trying to delete deleted HA router" [Medium,In progress] https://launchpad.net/bugs/1668410
<coreycb> beisner: jamespage: there are a few tempest smoke test regressions with the nova and libvirt in mitaka-proposed that i want to dig into before promoting them
<beisner> coreycb dosaboy ivoks - neutron is now in mitaka-updates re: https://bugs.launchpad.net/neutron/+bug/1668410
<ubottu> Launchpad bug 1668410 in neutron "[SRU] Infinite loop trying to delete deleted HA router" [Medium,In progress]
<beisner> thx for validation on that coreycb
<coreycb> beisner: np, ty
<ivoks> beisner: coreycb thanks!
<Pinkamena_D> on AWS machine, 16.04 server, I have uninstalled resolvconf. After updating contents of /etc/resolv.conf, it still gets overwritten on reboot, but there is no header about resolvconf doing it now, just the other lines. What else is modifying this file?
<iliv> I'm installing Ubuntu Xenial 16.04.03 using server amd64 ISO installer and I ran into a problem creating RAID-10 out of 4 physical disks I have in this server. I created my "physical raid" devices, all identical to each other, utilizing all the 4 physical drives. I specify that there will be 4 active devices and 0 spares. When the installer attempts to actually create the RAID device, it says "Not enough RAID partitions available" and strangely "You
<iliv>  have 1 RAID partitions available but your configuraiton requires 4 partitions". I checked several guides online, including official Ubuntu Wiki and I seem to be doing everything correctly but, unfortunately, this error.
<sdeziel> Pinkamena_D: it's a wild guess but maybe it could be cloud-init? I don't know if it normally interacts through resolvconf or not
<iliv> I tried creating RAID1 using just 2 disks but it failed too displaying similar error message with the only difference in number of available vs required partitions.
<jamie_1> anyone have any ideas why i cant get into my root when connected with ssh? I changed the setting in /etc/ssh/sshd_config to PermitRootLogin yes    and its still not letting me. I changed and saved and then did systemctl restart ssh.service and a full reboot
<iliv> I don't really have any ideas what could be wrong
<iliv> here's a screenshot of the error message: https://i.imgur.com/SCbK6GX.png
<sdeziel> jamie_1: check in /var/log/auth.log, it should tell you why root is being denied
<jamie_1> sdeziel: its just telling me ubuntu-server sudo: pam_unix(sudo:auth): auth could not identify password for [jamie]
<jamie_1> i know my password is correct
<sdeziel> jamie_1: that is a log entry from sudo, not sshd. Try "grep sshd /var/log/auth.log"
<jamie_1> sdeziel:  its just saying that it accepted my public key and opened a session for me
<sdeziel> jamie_1: can you share the line (you can obfuscate the IPs if you want) ?
<jamie_1> sdeziel: their all local ip's right now so it doesnt matter https://pastebin.mozilla.org/9032730
<jamie_1> thats all it says even after my attempts to use sudo
<sdeziel> jamie_1: OK, " Accepted publickey for jamie" seems to indicate that you didn't  tell SSH to log as root (try "ssh root@192.168.1.15" ?)
<jamie_1> sdeziel: one sec
<jamie_1> sdeziel: https://pastebin.mozilla.org/9032731
<jamie_1> my bad wrong section XD
<sdeziel> "Failed password for root"
<jamie_1> sdeziel: i know its bad security but for sanity checking reasons i changed the root password to the same as my standard user and its not accepting the password
<sdeziel> jamie_1: you might want to try with SSH keys, those are secure and you can't typo them ;)
<jamie_1> sdeziel: how would i add my rsa to root?
<jamie_1> im used to just accessing as user and sudoing
<jamie_1> i like to sudo and not touch the root directory
<jamie_1> would i just do a cp /home/jamie/.ssh/authorized_keys /.ssh/authorized_keys
<sdeziel> jamie_1: there are many guides explaining that but the gist of it is: as jamie, escalate to root with "sudo -i", create the  the ssh dir in root's home with "mkdir -m 0700 ~/.ssh", put your *public* key in root's authorized_keys with "vim ~/.ssh/authorized_keys"
<jamie_1> so yeah, create the directory and then move the key into there
<jamie_1> thanks a bunch
<sdeziel> jamie_1: mostly, just make sure the perms/owner are right
<hehehe> hi
<hehehe> I am playing with xclip
<hehehe> xclip -o -sel clip > webpage.txt to get clipboard data into file - however it overwrites existing data
<smoser> rbasak,
<smoser> $ uvt-kvm create sm-a1 release=xenial
<smoser> uvt-kvm: error: libvirt: internal error: qemu unexpectedly closed the monitor: 2017-09-19T14:45:45.076265Z qemu-system-x86_64: -chardev pty,id=charserial0: char device redirected to /dev/pts/22 (label charserial0)
<smoser> warning: host doesn't support requested feature: CPUID.80000001H:ECX.svm [bit 2]
<smoser> 2017-09-19T14:45:45.115161Z qemu-system-x86_64: -vnc 127.0.0.1:0: Failed to start VNC server: Failed to listen on socket: Address already in use
<smoser> did you know this ?
<hehehe> can xclip add data to a text file?
<hehehe> instead of delete add
<cpaelzer> I know smoser
<smoser> hehehe, xclip -o -sel clip >> webpage.txt
<smoser> '>>' is append
<smoser> or in vi, open the file and type
<cpaelzer> smoser: looking up the bug
<smoser> :r! xclip -o -sel clip
<cpaelzer> smoser: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1717442
<ubottu> Launchpad bug 1717442 in libvirt (Ubuntu) "VNC auto port allocation affected by daemon state" [Undecided,Incomplete]
<cpaelzer> smoser: I ended up not being able to reproduce anymore
<cpaelzer> smoser: maybe your case can help to change that
 * smoser hands cpaelzer the word diglett
<cpaelzer> smoser: I saw it on xenial, but only on one machine
<cpaelzer> the workaround is easy thou
<cpaelzer> ok heading over to diggi
<cpaelzer> which is unfortunate as diglett == horsea so it might still be system dependent
<jamie_1> sdeziel: thanks a bunch, its working now
<jamie_1> was having a hell of an time correcting postfix going back and forth between computers XD
<hehehe> smoser: does not work yet
<hehehe> with >>
<cpaelzer> rharper: can I restart your rh-x1 guest?
<smoser> hehehe, i don tknow. i dont use xclip (i use xsel for such things) . but 'some-command >> file' will most definitely write the standard output of 'some-command' to the end of 'file'
<nacc> rbasak: cpaelzer: was going to bring that up in standup today
<cpaelzer> nacc: the MIR on http2
<cpaelzer> ok right place to do so
<nacc> cpaelzer: ack, i saw it got approved
<hehehe> smoser: so xsel can take text from clipboard and do it?
<sdeziel> jamie_1: glad to hear that
<cpaelzer> smoser: you have an a1 and an x1
<cpaelzer> smoser: unfortunately once the symptom was removed it was as unreproducible as the bug I linked
<cpaelzer> hmm :-/
<cpaelzer> smoser: the bug has my thoughts so far, but for now you are unblocked
<hehehe> installing xsel
<hehehe> smoser: xsel -o -sel clip >> webpage.txt paste some garbabe
<hehehe> not a text from clipboard
<hehehe> it writes own manual to a file
<hehehe> :D
<rharper> cpaelzer: yes
<cpaelzer> thanks rharper
<nacc> hehehe: read `man xsel`, -sel isn't an option (at least in 17.10)
<hehehe> nacc: yes I read it
<hehehe> ok maybe it will work now
<hehehe> ty smoser works now
<nacc> rbasak: hrm, is insights a staic view? https://insights.ubuntu.com/2017/07/24/developing-ubuntu-using-git/ hasn't updated the top index
<rbasak> I suspect it's a static view :-/
<rbasak> We might need to push updates to them manually each time.
<nacc> rbasak: yeah, I was hoping to linnk to it from the manpage
<nacc> rbasak: should i use your actual post instead for now?
<rbasak> nacc: sure
<smoser> cpaelzer, thanks
<cpaelzer> yw
<nacc> rbasak: just realized something, our --dl-cache handling probably needs adjusting to handle GIT_DIR (rather than assuming .git) ?
<oraqol> hey all, is there a build of conjure-up that doesn't display the following error: lxd not found please install with sudo snap install lxd && lxd init and wait for this message to disappear?
<oraqol> on 16.04?
<stokachu> oraqol: yea you need to run `/snap/bin/lxd init --auto`
<stokachu> having both deb lxd and snap lxd installed with a PATH preference to use deb lxd confuses things
<stokachu> i have a build going through QA now that'll make this much clearer
<oraqol> ok cool
<oraqol> I'll try that now
<stokachu> oraqol: best to just `apt remove lxd lxd-client` if you aren't using it
<stokachu> stgraber: ^ i thought the /snap/bin prefix was added to the environments PATH for xenial server installs?
<oraqol> so its? sudo snap install conjure-up --classic; sudo snap install lxd; sudo lxd init --auto
<oraqol> then 'conjure-up' and it should work?
<stokachu> oraqol: just /snap/bin/lxd init --auto
<stokachu> oraqol: are you reimaging ?
<oraqol> the baremetal?  I did last night
<oraqol> this is a pretty clean install
<stokachu> oraqol: do you already have a lxdbr0 interface?
<oraqol> I do not, it's named br0
<oraqol> I'll rename the interface
<sdeziel> stokachu: sudo has /snap/bin last: secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
<stokachu> oraqol: that's ok you dont have to as long as br0 doesn't have ipv6 enabled
<stokachu> sdeziel: thanks, for some reason i thought it was first
<oraqol> will it auto-detect br0 and set it as the bridge?
<stokachu> oraqol: if it's a bridge device and doesn't have ipv6 enabled it'll show up in the conjure-up list after you select localhost
<oraqol> ok cool
<oraqol> lemme try it
<oraqol> brb
<stokachu> oraqol: make sure to ping me if it doesn't work
<stokachu> so we can get it fixed
<stokachu> or if you have any other issues
<lucidguy> Ok, using Mitaka, is it really necessary to setup ssh-keys between comuter nodes for resizing etc?
<oraqol> still getting the following: error: Unable to talk to LXD: Get http://unix.socket/1.0: dial unix /var/snap/lxd/common/lxd/unix.socket: connect: permission denied
<oraqol> these are my steps: sudo snap install conjure-up --classic; sudo snap install lxd; /snap/bin/lxd init --auto;
<lordcirth_work> oraqol, and which step fails?
<lordcirth_work> init, I'd guess?
<oraqol> https://pastebin.com/VXcpCY4n
<oraqol> network config ^
<oraqol> and yes, at lxd init --auto
<stokachu> oraqol: whats `ls -l /var/snap/lxd/common/lxd/unix.socket` show
<oraqol> srw-rw---- 1 root lxd 0 Sep 19 15:51 /var/snap/lxd/common/lxd/unix.socket
<stokachu> oraqol: and what's `id` show?
<oraqol> uid=1000(oraqol) gid=1000(oraqol) groups=1000(oraqol),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),113(lpadmin),128(sambashare)
<rbasak> nacc: ah, yes.
<stokachu> oraqol: you aren't in the lxd group
<oraqol> lxg group
<oraqol> yup
<stokachu> and your br0 doesn't seem to have any addresses
<stokachu> oraqol: you could create lxdbr0 with `/snap/bin/lxc network create lxdbr0 ipv4.address=auto ipv4.nat=true ipv6.address=none ipv6.nat=false`
<oraqol> I don't need the VMs to communicate with another physical network, just internal, but I want to be able to communicate with the eno1 netwok
<stokachu> ok
<oraqol> 'Expected 4 octets in 'None' after attempting to assign br0 as the network bridge in the conjure-up gui.  I imagine the wizard requires br0 to have an IP address in order to continue?
<oraqol> possible workaround, attach br0 to eno1 and apply it's ip settings to the bridge?
<stokachu> oraqol: yes to both
<stokachu> we should have a better error for that though
<stokachu> ill file a bug
<oraqol> looks like it's working!  Thanks guys!
<oraqol> hmm looks like it's stuck on 'waiting for machine' in the deploy display.  Usually doesn't take this long, and it's not utilizing any of my 12 cores
<oraqol> 'Running step: 00_deploy-done.
<kus_ubuntui686> hi, what ruby on rails applications are available on ubuntu?  I want to install something quick from apt to see if my setup is working properly
<sarnold> kus_ubuntui686: using apt-rdepends --reverse ruby-activerecord   gives me the strong impression that gitlab and redmine are the only real 'ruby on rails applications' that are packaged for ubuntu. and they look _HUGE_.
<trippeh> oh no, I can't reach the motd service from home ;)
<sarnold> trippeh: thanks :)
<trippeh> I thought this was no more, but just got it in artful: E: Dynamic MMap ran out of room. Please increase the size of APT::Cache-Start. Current value: 25165824. (man 5 apt.conf)
<trippeh> oh my. I'm leaking mem
<trippeh> ah ha my ansible fail, it was pushing a big hugepage sysctl config to this small vm
<trippeh> <- smrt
<sarnold> :)
<trippeh> (unfortunately Transparent Huge Pages keeps causing us problems, so using good oldskool pre-allocated hugepages)
<trippeh> s/good/awful/
#ubuntu-server 2017-09-20
<oraqol1> hey guys, so I finally got conjure-up to load without the lxd and lxd init bug, created br0 and plugged it into eno2, but now the installer is stuck on 'Running step: 00_deploy-done.' and all the containers are stuck on 'waiting for machine'
<stokachu> oraqol1: does /snap/bin/lxc list show containers with no ips?
<oraqol1> they do show ips
<oraqol1> on eth0
<oraqol1> all but one are in the 192.168.1.x rnage
<oraqol1> the last is on 10.232.183*
<stokachu> oraqol1: whats output of `juju status --format yaml|pastebinit`
<oraqol1> https://pastebin.com/g6TFLKJg
<oraqol1> these are my network settings: https://pastebin.com/7b01EkNK
<stokachu> oraqol1: can you do `/snap/bin/lxc list|pastebinit`
<oraqol1> here ya go: https://pastebin.com/Cd7CMXMc
<stokachu> oraqol1: you aren't running out of disk space are you?
<stokachu> oh hmm
<oraqol1> https://pastebin.com/mMWhXpvp
<oraqol1> do you just wanna, like, jump on and see for yourself?
<stokachu> sure
<oraqol1> kk
<stokachu> you can `ssh-import-id adam-stokes` for my ssh key
<brianw> Hello. Great work with LXD!
<brianw> Just setup a nce little vpn client gateway for a paid vpn service. Working great!
<cpaelzer> good morning
<sonu_nk> hi there.. i created a user apis for my ubuntu -server..  if i want to run composer with this user then what permission i required for this apis user and in which group i need to put this user
<sonu_nk> ?
<sonu_nk> apis is not in the sudoers file.  This incident will be reported.
<lordievader> Good morning
<jamespage> cpaelzer: I'm about to triage https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1718133
<ubottu> Launchpad bug 1718133 in nova (Ubuntu) "Live block migration in Pike fails due to qemu-img" [Undecided,Confirmed]
<jamespage> as a high - we had a direct report and openstack gates just reverted back from the Pike UCA as live migration tests where failing 50% of the time
<jamespage> I'll be back in about 1 hr
<jamespage> cpaelzer: might be a behavioural incompatibility between nova@pike and qemu 2.10
<jamespage> I'll dig in further in 1hr
<sonu_nk> hi there.. i created a user apis for my ubuntu -server..  if i want to run composer with this user then what permission i required for this apis user and in which group i need to put this user
<sonu_nk> <sonu_nk> ?
<sonu_nk> apis is not in the sudoers file.  This incident will be reported.
<cpaelzer> jamespage: ok
<cpaelzer> jamespage: thanks for the heads up
<cpaelzer> jamespage: we already had some issues around these logs
<cpaelzer> all migrations I usualyl do (one of each type) worked eventually
<cpaelzer> but surely this might trigger a case missed so far
<cpaelzer> look at the "fixed in rc section" https://wiki.qemu.org/Planning/2.10 that was all me :-/
<cpaelzer> too bad we seem to hit another one
<cpaelzer> jamespage: I updated the bug but need you to reproduce and provide the data we almost always need
<cpaelzer> jamespage: ping me for an interactive discussion once you have that if you want
<cpaelzer> jamespage: I think I shortened your repro quite a bit
<cpaelzer> updating the bug
<cpaelzer> jamespage: updated the bug and submitted to qemu-devel
<cpaelzer> jamespage: I'll add the link as soon as I have it
<jamespage> cpaelzer: ta - just about to bounce some instances around a test deployment
<cpaelzer> jamespage: have you ready my simplified testcase - three commands and you are there
<cpaelzer> well we might need your testcase still to find if there is more
<cpaelzer> once we have an idea how to fix it
<jamespage> cpaelzer: tl;dr - qemu-img info defaults to needing a lock and fails as a result cause the instance is running right?
<cpaelzer> yes
<jamespage> glad I grokked that
<cpaelzer> so the fix is either to make info (and other non crit actions) non conflicting or to provide no-lock option
<cpaelzer> or both
<ren0v0> Hi, ubuntu 16.04 ships with mariadb 10, but after installation there is no systemd unit ?
<pascalou> hi
<pascalou> Is there any whois cache ?
<pascalou> or w ahois proxy/cache
<cpaelzer> jamespage: --force-share
<cpaelzer> jamespage: bug is updated
<jamespage> cpaelzer: ok so my read on this is that its intended behaviour so we need to make nova understand what todo with newer qemu versions
<cpaelzer> yes
<jamespage> cpaelzer: ok so we can put in a distro-only patch to fix this short term, to be superceeded by something better in Nova when landed - thanks for your help here
<cpaelzer> I'm glad I could help
<cpaelzer> this locking has caused too much headache for me anyway
<cpaelzer> was "just another one"
<cpaelzer> on 18.04 I'm refusing to be pushed to merge so late in the cycle no matter who has shiny new HW
<cpaelzer> but the 2.11 release plan is not yet written so I can't start to plan my dates yet
<Oskars__> Can a user have 2 groups? Because when I create a new user and add it to an existing group, and check in /etc/passwd I see: <user>:x:1001:1002, where 1002 is the group I added the user to
<mason> Oskars__: Just one primary group. No cap I'm aware of on secondary group membership, other than potential issues with NFS group handling.
<Oskars__> mason, So 1001 is the primary group? And 1002 the secondary?
<mason> Oskars__: man 5 passwd
<Oskars__> mason, thank you
<mason> You want to be familiar with that content.
<mason> Groups beyond the first will generally mean the username shows up in the right place(s) in /etc/group
<Oskars__> Indeed, sorry it's getting late here and I just realised that the 1001 is the user ID...
<sdeziel> Oskars__: to get various info on a given user, "id $user" is quite handy
<Oskars__> sdeziel, thank you! Trying to figure out why I can't FTP in to the server with my new created user. The only difference is that the user no longer owns the directory, but the group he is in, this should work right? The group has r+w to the directory. My old user which can FTP in is the owner of the directory
<sdeziel> Oskars__: is it the FTP server denying connection (rejecting your username/pass) or is it a problem entering/writing into a given dir?
<mason> Been ages since I've used ftp... It's generally a good idea to use encrypted protocols nowadays. That said, seeing the logs from the login attempts would probably help nail it down.
<Oskars__> sdeziel, I get "GnuTLS error -15: An unexpected TLS packet was received.
<Oskars__> " from filezilla
<mason> That can come about from something as simple as the connection breaking.
<sdeziel> I never setup a FTP, only SFTP, much easier IMHO
<sdeziel> Oskars__: looks like you are trying FTPS ?
<Oskars__> The logs say nothing, just that the client get an OK LOGIN. I setup an vsftpd and try to FTPS in
<sdeziel> Oskars__: I'd check vsftpd's logs to see what's going on
<Oskars__> sdeziel, vsftpd's logs says nothing, the client get an OK LOGIN then it just stops, no error message or nothing in the log
<sdeziel> Oskars__: I know very little about FTP(S) so I'm afraid I can't help you with that
<mason> Likewise.
<Oskars__> No problem, thank you for the help you gave me, appreciated!
<sdeziel> np
<andybiker> Hi, I have a new ubuntu server running, but I have lost the ability to install software and updates. How can I reconfigure or test mirrors?
<whosawhatsit> so I am trying out landscape. However when I apply package profiles they dont install correctly. The "Release" folder doesn't seem to get created properly on the target machines mean apt update fails
<andybiker> I am interested to put glances on as I seem to get a hot processor reading
<sarnold> andybiker: start with sudo apt-get update && sudo apt-get -u dist-upgrade
<whosawhatsit> to get apt working cleanly again I have to "rm /etc/apt/sources.list.d/_landscape-internal-facade.list"
<sarnold> if those give you errors you've got a place to start
 * whosawhatsit is guessing nobody actually uses landscape
<andybiker> Err:x http://gb.archive.ubuntu.com/ubuntu xenial/*     -- multiple errors
<sarnold> andybiker: what errors?
<andybiker> gb.archive and security  repositories inaccessible.
<andybiker> Temporary failure resolving those sites
<sarnold> curious; can you resolve other names alright?
<andybiker> such as? I can access the server from my mint pc, so that seems okay
<sarnold> I normally pick a few servers that are highly unlikely to be broken; something like ping www.google.com ; ping www.yahoo.co.uk ; ping yandex.ru
<andybiker> Interesting... I believe google's ip address is 8.8.8.8 and that can be pinged, but www.google.com cannot!
<sarnold> andybiker: what's in /etc/resolv.conf ? does it look sane?
<sarnold> andybiker: 8.8.8.8 is just an open recursor that people are free to use; when you try to resolve www.google.com it'll resolve to something other than 8.8.8.8 :)
<andybiker> nameserver 192.168.0.1 is the only relevant line
<sarnold> can you ping that address?
<andybiker> I disd wonder about 8.8.8.8! :)
<andybiker> yes, I can ping the main router
<andybiker> 4ms
<sarnold> how about dns queries? dig www.google.com @192.168.0.1  or dig yandex.ru @192.168.0.1 ?
<andybiker> 8.8.8.8 takes 33ms
<sarnold> so, the funny thing about 8.8.8.8... it's got something like 250 MILLION users. That's people who have chosen to use Google's free recursive resolver rather than their ISP's resolvers..
<andybiker> dig timed out, no servers found
<andybiker> reached
<sarnold> and because so many people use google's services, they have probably already looked up whatever it is you're about to look up, so they can give an answer right from teh cache. That knocks another 100ms off finding addresses, compared to asking a DNS recursor that doesn't have the answer cached already
<sarnold> andybiker: okay; how about firewalls on this server or on 192.168.0.1 that might be blocking UDP 53 or TCP 53?
<andybiker> I have two routers to check, but I have not blocked them. I did set up some fixed ip addresses but that is it connecting two routers together
<andybiker> My virginmedia router is really noddy/simple and the netgear connected to it is dhcp disabled and acting as an access point/second wifi
<andybiker> my pc and server have to go through two routers
<andybiker> the second router, server and my pc have fixed ip addrsses
<andybiker> sudo lsof -i TCP| fgrep listen gives no results,as does using UDP
<andybiker> tcp        0      0 127.0.1.1:53            0.0.0.0:*               LISTEN
<andybiker> udp        0      0 127.0.1.1:53            0.0.0.0:*
<andybiker> from netstat -lntu
<sarnold> is that on the 192.168.0.1 machine?
<sarnold> note that the binding 127.0.1.1:53 means that that server can only handle requests from loopback interfaces; whatever DNS server you've got on that machine may need to be told that it should listen on 192.168.0.1 as well
<andybiker> Hang on. The netgear router default is 192.168.1.1 and the Virgin box is 192.168.0.1 and the netgear was modified to 192.168.0.5
<andybiker> Why is 127.0.1.1:53 being used?
<andybiker> You have explines
<andybiker> explained
<andybiker> sorry!
<andybiker> nameserver is 192.168.0.1, the main virgin router
<andybiker> do I need a line for 127.0.0.1?
<sarnold> no, the 127/8 range is Very Special. All those addresses wind up going to loopback
<sarnold> so a DNS server listening on 127.0.1.1:53 can be reached by 127.1.1.1 or 127.0.0.1 or whatever, no trouble
<andybiker> resolv.conf is okay with just one line. I can't ping specific websites by name. How about downloading the ubuntu packages locally to my mint machine and acting like a mirror here?
<sarnold> while you can definitely do that I think you'd be better served by actually sorting out your networking / dns to make this work properly :)
<sarnold> if you don't want to do that, you could pop the IP address for gb.archive.ubuntu.com into your /etc/hosts file and skip bouncing through your desktop
<andybiker> btw /etc/hosts has 127.0.0.1  as localhost ans 127.0.1.1 as ubuntu (server)
<sarnold> that's normal
<trippeh> hm. ubuntu is not shipping a /usr/lib/systemd/resolv.conf?
<trippeh> man systemd-resolved refers to it, but it is not showing up on my systems.
<trippeh> (unrelated to previous discussion)
<nacc> trippeh: it's mentioned as an option, not the onen used by default
<nacc> afaict
<trippeh> man says it should be there.
<trippeh> "A static file /usr/lib/systemd/resolv.conf is provided that lists the 127.0.0.53 DNS stub (see above) as only DNS server. This file may be symlinked from /etc/resolv.conf in order to connect all local clients that bypass local DNS APIs to systemd-resolved."
<nacc> trippeh: the default is sytemd-resolved maintaining /run/systemd/resolve/resolv.conf
<nacc> trippeh: read the line just above it
<nacc> trippeh: three modes are supported
<nacc> trippeh: it doesn't say that file is there by default or which of the three modes is the dfault
<trippeh> yes, seems like the file should be shipped, so you can actually use the first mode if you want to.
<sarnold> /etc/resolv.conf is Super Complicated with systemd-resolved. Sometimes it consumes the file. Sometimes it populates the file. much sadness.
<andybiker> Hi sarnold. I have just been looking at the routers and there is only one using udp/tcp on 16396
<trippeh> I just want stuff not using NSS to go through resolved, instead of to the upstreams directly.
<nacc> trippeh: you can file a bug, but my point simply was nothing in the manpage says that file should be there (to me)
<trippeh> nacc: "is provided" seems pretty clear to me :p
<sarnold> andybiker: oh? none of the routers actually have a dns recursor for you to use? :)
<trippeh> the symlink decides what actually happens anyway
<nacc> trippeh: ah, i read that differently -- as in 'is provided...' by you
<andybiker> That suprisingly is on the netgear. The virgin has no list of udp/tcp ports
<nacc> trippeh: not by the package, but your way also makes sense. I'd file a bug if it's not alrady done
<andybiker> Netgear has a dynamic dns option
<andybiker> DynDNS or noip
<nacc> trippeh: it's i /lib/systemd/resolv.conf
<sarnold> those normally mean "contact dyn or similar and get them to provide me with DNS A entries" or something similar
<nacc> trippeh: so i wonder if it's a typo in the manpage or in the way the pkg is built
<trippeh> nacc: aaah!
<sarnold> that's unrelated to having a DNS recursor
<trippeh> so a simple documentation fail
<nacc> trippeh: that's my initial read (i did an apt-file search resolv.conf | grep systemd)
<andybiker> Port forarding!
<nacc> trippeh: you can still file a bug, and xnox may be able to tell us :)
<trippeh> I guess due to redhat going all in on /usr? :)
<trippeh> while we use /
 * trippeh is just replacing his client/servers/vms local unbounds with resolved
<trippeh> which reminds me, I have some bugs to file on the unbound package as well.
<andybiker> I have set up port forwarding for the server on the Netgear router : service ftp for udp/ftp on port start 53 to end 53 on internal and external ports
<andybiker> tcp/udp
<trippeh> sarnold: I almost found it sensible after reading the man page; but might have preferred having a resolved.conf option instead.
<trippeh> have not put much thought into it of course.
<sarnold> andybiker: 53 is dns. ftp is 20 and 21
 * RoyK wonders why the systemd folks chose to put config files under /usr/lib instead of /etc
<andybiker> I have set 53 on Netgear and 20-81 0n the virgin box
<sarnold> RoyK: their vision is a completely empty /etc for a system that changes no defaults
<nacc> i sort of agree with it, /etc is for customizatio
<andybiker> sorry, 40-81
<sarnold> trippeh: that's one of the hard parts .. a lot of systemd stuff sounds good from the docs. I'll be curious to hear your conclusions ;)
<RoyK> sarnold: hm - ok - so what do you do with /usr/lib/systemd/resolv.conf? just create /etc/resolv.conf and that'll be accepted?
<nacc> it then becomes clear(er) what is the default and what is changed locally, and their can be a comon inheritance pattern
<trippeh> rl
<trippeh> l
<trippeh> oops
<sarnold> RoyK: or /etc/systemd/resolv.conf or something like that. you've got check the docs to figure out what goes where.. and as trippeh finds, it might not always be correct unless you're on fedora. heh.
<sarnold> nacc: having seen exim configs and sendmail configs i'm slightly supportive of the idea :)
<trippeh> RoyK: /{,usr/}lib/systemd/resolv.conf is always pointing to 127.0.0.53
<RoyK> some things are rather good in systemd, but then again, it turns my linux systems into something completely new, which is rather annoying, having used linux, being more or less the same, since 1994
<nacc> sarnold: yeah .. and honestly, let's say you did edit some random file a few years ago, it's always hard to remember what you did :)
<trippeh> RoyK: that is its sole purpose in life
#ubuntu-server 2017-09-21
<RoyK> probably good money for redhat etc that sells courses
<andybiker> Thanks sarnold. It has turned into a networking problem, and I need to work tomorrow. Night!
<sarnold> andybiker: good luck :)
 * trippeh doesnt mind learning new stuff ;)
<RoyK> I wonder how redhat training income has changed since rhel7 came out ;)
<andybiker> I'll try and report back soon
<RoyK> trippeh: it's not that - I'm learning new things most days, but systemd just turns things upside down
<trippeh> resolved is not that different from running a local unbound tho.
<trippeh> or dnsmasq
<RoyK> that's not what I said
<sarnold> except unbound was written by dns masters and resolved was smacked together by .. not dns masters.
<RoyK> it was more of the general idea behind systemd, which I can't really grasp
<RoyK> I mean - if you really want to create a new OS on a Linux kernel, go on, but current systemd reminds me somehow of upstart - you start with an idea, implement it half-way, then it's all half-way, and the old stuff works, mostly, and then it's all a mess, basically
<mason> ineffableness
<trippeh> sarnold: I fricking love unbound, but the integration in both Debian/Ubuntu and RH for use as a local caching resolver was not great and had so many quirks
<sarnold> trippeh: aww :(
<mason> unbound has quirks
<trippeh> it especially gets hairy with DNSSEC
<trippeh> local in this context is localhost, btw
<trippeh> as a local network resolver it is super ;)
<trippeh> (except for currently beeing totally borked in sid and artful, but thats a different matter)
<mason> Hm, I just did something unspeakably ugly to work around an issue - I point to 127.0.0.1 in resolv.conf so I talk to unbound, but then NFS comes along and tries to mount a share before unbound is launched. So, now, my /etc/network/interfaces has an "up service unbound start" line. =cough=
<trippeh> :O
<mason> sysvinit, I would tweak the number in front of unbound so it preceded the NFS mount, but it's somewhat unclear how to cleanly do such a thing in the brave new world.
<trippeh> I would probably just use systemd drop-ins to get the dependency order right
<mason> I'll have to look that concept up.
<mason> Thank you.
<sarnold> https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Wants= or https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Before= or both
<mason> sarnold: Oh, I'd hoped it was something that wouldn't involve editing the system-supplied unit files...
<sarnold> mason: that's where the 'drop ins' comes in, example 2 https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Examples
<trippeh> thats why you use drop-ins :)
<mason> sarnold: Is there such a thing, where I can have a config that shadows or extends another?
<mason> ah, kk, looking
<sarnold> I wonder if systemctl can generate these things
<trippeh> systemctl edit name.service is the easy way
<trippeh> it creates the drop-in for you
<sarnold> good start
<mason> That *is* trippeh.
<trippeh> otherwise create a /etc/systemd/system/name.service.d directory and drop override files ending in .conf in there
<sarnold> there's some add-wants command..
<mason> I'll be honest with you, changing a symlink name seems cleaner for re-ordering, but I'll give it a try. :)
<trippeh> dependencies are a bit of a pain in the beginning, and this really is ought to work out of the box :)
<sarnold> and to think we got the benefits of opensuse, fedora, -and- some debian users doing these things first
<mason> Hm, this references /usr/lib/systemd/system.
<mason> Let me just look at the systemd config file to see where the system stores unit files.
 * mason slaps his leg and laughs.
<sarnold> systemd.unit(5) lists many of the locations
<trippeh> RH/Fedora uses /usr/lib/systemd ;)
<mason> hm, and yet, no unbound.service there... dpkg to the rescue
<trippeh> build/packaging really should fix those paths up in the docs
<trippeh> to match ubuntus use of /lib/systemd
<mason> Ah, unbound provides /etc/init.d/unbound.
<mason> So, with that in mind, I'm guessing drop-ins aren't an option for adjusting boot ordering.
<mason> This gets more funny as time passes.
<trippeh> it worked last I tried with a sysv init script
<mason> trippeh: Ah, there's an implicit conversion? Autoboxing of sorts?
<trippeh> the "systemd sysv generator" creates a temporary .service, so you can still override things like deps
<sarnold> you could always steal http://sources.debian.net/src/unbound/1.6.4-1/debian/unbound.service/
<mason> Mm.
<mason> I'm still in the "exploring with wonder" phase.
<trippeh> mason: if you want to look at how it actually works, systemctl cat unbound.service
<mason> Oh, interesting.
<mason> Is there a way to get an idea of service ordering on boot?
<mason> I don't see a systemd-analyze any-old-chain
<trippeh> hm. systemd-analyze plot maybe?
<trippeh> redirect it to something.svg and open it
<mason> yee
<sarnold> how about systemctl list-dependencies ?
<mason> ah, that seems a little less ... That's better. Both are interesting.
<trippeh> https://tomt.net/temp/plot.svg aw my boots have slowed down :(
<mason> Hm, that makes it seem like unbound ought to be loading before nfs-client either way
<mason> Ah, the svg shows unbound.service at 31s and nfs-client at 26 here.
<trippeh> note that unbound might have started but not yet ready; this is also something that is solved by a native systemd-service over sysv
<mason> alright
<mason> the idea of pulling in the service file from Debian has merit
<trippeh> (daemons can notify systemd when they have actually finished initialization)
<mason> Do they have to be systemd-aware or does it have some sort of monitoring capacity?
<trippeh> for that specific function they need to be aware
<mason> hm
<trippeh> (Type=notify services)
<mason> Interesting.
<sarnold> and the debian packaging for that version does include an .ac file that knows how to check if systemd libs are available and do the notification
<mason> trippeh, sarnold: thank you for the array of clues. I'll be using this chat log as reference for the next several months at the least.
<mason> hrm, interesting...
<trippeh> hm. you may get away with After=nss-lookup.target for the nfs-client service
<trippeh> at work we drop in a After=unbound.service for the services needing dns at boot, but thats not very generic
<mason> Hrm, I'm seeing nfs-client.target - don't I want Before=nfs-client.target ?
<mason> And can the drop-in have Before=nfs-client.target bare, or do I need a section header to do with it? [Unit] I'm guessing...?
<mason> so go with it* trippeh
<crazynig> ANOTHER NIGGER ACTING CRAZY!!
<crazynig> https://www.youtube.com/watch?v=ySSdeYpoWBU
<crazynig> realnigzlqctosqu.onion or realnigzlqctosqu.onion/6667
<crazynig> sbeattie yokel_ piremi Oatmeal oraqol1 notdani meminemy_ JanC tinwood dpb1 s0_iggie PityDaFool dpawlik rtjure yokel skylite smb oerheks Tarius mtl ratliff mikal jjohansen1 mhcerri|mobile Toris alinefm Emmanuel_Chanel theGoat Guest431 jdstrand scottjl Spydar007 Dasoren[m] Syam[m] keithzg[m]
<mason> banhammer?
<crazynig> lordievader Jtremback[m] Deliant Dynamiic jeremy_carroll rmk thedac robertj trevor_s Arroyo1010 dlloyd Dmitrii-Sh profall jamespage powersj niemeyer mwhahaha paulmey fhd fidothe jemurray thejoecarroll andol r ujjain- ddellav noxs_ vtapia greenywd am0nrahx pjdc masber le_pig justizin cydizen c
<crazynig> oreycb yosafbridge tafa2 edwinksl db` pitastrudl Seveas jerrcs funabashi lynxman mmm ivyyyyy alai manjo elky israfel kriskropd lordcirth_work cncr04s edwardly edenist_ ubottu berglh bigjazzsound_ maco_ zeestrat G ejnahc_ OliPicard stokachu thebwt AMZ_ dannf gimmic trippeh a1berto niedbalski
<crazynig> tonyyarusso lamont micahg ShaRose ZipSplat compuguy pleia2 freyes zikeji inteus Bartuk jgornick sforshee sobukus njalk Ad1Tech lionel petevg dino82 vamiry monokrome bleepy moonlight Foritus Pwnna iggi semiosis TheEternalAbyss Guest18666 gnuoy diddledan stickystyle devil ren0v0 Bilge markus_e92
<crazynig> Chrisfu Kehet Guest35907 mundus zerick diytto iliv dlloyd_ blackboxsw glebihan_ dcmorton Pici Thumpxr soahccc beardface ulkesh X-Rob bladernr dosaboy aluria drkokandy AndyWojo unreal thib T-Co techmagus Kaelten bruce549 cyphermox ackk Jalen blake_r heistheDude sc` admcleod joelio yoink Jare_
<crazynig> sewaddle odc beisner rsalveti guntbert sarnold henkjan lifeless homegrown rizonz disposable Arkaniad kirkland supercool marcoslater Alesk13 Tzunamii xit warpx markthomas teward StathisA akaWolf hiboma fginther macskay devster31 ejat frickler ubuntulog Tribaal IdleOne Adri2000 zul basilAB vaishali
<crazynig> dasjoe Screedo Raboo cryptodan_mobile PaulePanter antonw Stern rypervenche codex MeltedLux madLyfe jerichowasahoax axisys Valfor ikonia bradm zzxc ptx0 tnarg Walex maswan LarsErikP ducasse ajmitch bhuddah med_ ddstreet Jeepbeats ndroftheline caliculk mthaddon Gnubie_ Nebraskka SpamapS protodan
<crazynig> LaserAllan jaredrhine dragan-s marcoceppi freeflying Beret iberezovskiy smoser mwhudson eldritch nymony dweaver rvba octanium aisrael xMopxShell Hink ivoks binia Noskcaj Jikan kklimonda fyxim seyeongkim joedborg nOgAnOo jajah icey soren karstensrage cargonza arosales freakyy apw codedmart stgraber
<mason> trippeh: Any reason why Before= would be bad for this?
<trippeh> hm. I need to check how nfs is set up before saying anything definite
<trippeh> :p
<mason> What about the [Unit] in the drop-in? Is that required? More I think about it, seems like it probably is, but none of this makes intuitive sense, so I'm happier appealing to authority. :P
<trippeh> I tend to add deps to the services needing dns, not to the service you need to run first
<mason> hrm
<mason> That's reasonable too.
<trippeh> yes, [Unit] would be required
<trippeh> now, where is nfs actually mounted, hm
<mason> Alright, I've used systemctl edit nfs-client.target, and it seemed happy letting me make an override file, wherein I specied After=unbound.service below [Unit].
<trippeh> probably not this one haha: ExecStart=/bin/true
<trippeh> not sure that would work with targets, hmz
<mason> trippeh: You realize that the next step is to make true systemd-aware so it can signal start-up completion.
<mason> But it only offers a target for nfs-client :P
<mason> Man, this stuff is all so much easier than renaming those sysvinit symlinks. :P
<trippeh> heheh
<trippeh> when it works, it is great!
<mason> "I made my bootup five seconds faster at the low-low price of bleeding out both ears."
<mason> We'll see if this works.
<mason> I'll reboot before bed. I've got rescue media handy should the system be unhappy.
<trippeh> Before=nfs-client.target on unbound.service may work better in this case perhaps .. i'm still searching for the actual nfs mounting service
<mason> heh
<mason> I can do both! It should be safe, if the resolver isn't completely bad.
<RoyK> perhaps a +r would help a bit from these spammers
<RoyK> it usually does
<RoyK> and most irc users know how to register in nickserv, or they'll learn it rather quickly
<trippeh> I see have some reading to do on WantedBy
<trippeh> I see I have even
<mason> heh
<trippeh> so resolved this seems to just work :P
<trippeh> (systemd-resolved that is)
<trippeh> darn, work in a few hours
<sarnold> it's almost time for me to quit.. you should have quit ages ago :)
<trippeh> this is just one more example where unbound as localhost resolver is not that awesomely integrated in deb/ubuntu ;)
<sarnold> hehe
<trippeh> I wonder if .mount units can depend on services
<trippeh> instead of using fstab for nfs mounting I mean ;)
<trippeh> fstab beeing sort-of legacy and all
<trippeh> ok docs still say fstab is "preferred"
<trippeh> "in general"
<trippeh> :p
<sarnold> way simpler
<trippeh> seems you can add systemd dependencies in fstab too
<trippeh> man systemd.mount for the deets
<trippeh> mason: ^ !
<trippeh> x-systemd.requires=unbound.service or something ;)
<trippeh> as file system option
<mason> interesting!
<mason> thank you, will try that
<trippeh> I have not tried this myself, so beware
<mason> It's systemd. I default to "beware"
<lordievader> Good morning
<albech> anyone in here familiar with google cloud platform? I have installed a vm and trying to build a vpn server on it. I have enabled ip forwarding on the kernel, but notice that on the GCP console it says that IP forwarding is off. Something tells me that it may be required to enable on VM level. Anyone experienced this?
<randymarsh9> hey guys
<randymarsh9> which row is my actual free ram?
<randymarsh9> https://i.imgur.com/nDBY0IZ.png
<randymarsh9> i thought this means i have 121 MB free but apparently i have 671? is that right?
<sdeziel> randymarsh9: 671 MB
<sdeziel> randymarsh9: the second line can be confusing with the "-/+" but it means that the first column (used) is without considering buffers and caches
<sdeziel> and the second column (free) is when you consider buffers and caches
<randymarsh9> sdeziel: shouldn't i consider the buffers and caches though?
<randymarsh9> aren't those using up ram?
<sdeziel> randymarsh9: they use RAM only to speed things up, it's not required to have them in RAM so if an app needs more memory, the buffers/caches will be shrinked
<randymarsh9> sdeziel: okay cool thx
<sdeziel> np
<randymarsh9> i noticed i have /usr/bin/python3 taking up 80MB of ram
<randymarsh9> can i delete that? i don't remember how it got there
<randymarsh9> hey guys
<randymarsh9> how do i set which mirrors my server uses?
<randymarsh9> when doing apt-get update, etc.
<nacc> randymarsh9: you edit sources.list (presumig you are on a server)
<randymarsh9> nacc: thx
<nacc> randymarsh9: yw
<randymarsh9> settnig a passphrase on my private key means anybody who tries to use it has to enter that password, correct?
<randymarsh9> when authenticating with it?
<sdeziel> randymarsh9: in general, yes
<lordcirth_work> randymarsh9, that encrypts the key file locally, yes
<sdeziel> but if you are using an agent, once you unlock your key, it's loaded into the agent and then those with access to the agent can make use of the key. This is generally just you but you should consider those with root on your machine to also have access to the agent
<lordcirth_work> root on your machine owns the machine, fact of life
<sdeziel> true :)
<sdeziel> and in that context, agent or not, once the key is decrypted, it goes into memory where root can probably grab it
<lordcirth_work> Yup.  Not to mention the much simpler approach of swapping /usr/bin/ssh with a binary that dumps the key to /tmp/
<Epx998> is there some bug with hostname -f returning localhost? ubuntu 14
<sarnold> Epx998: does /etc/hosts look sane?
<Capprentice> Hi! How do I create a persistent Dummy network interface?
<sarnold> Capprentice: probably it will be re-created on boot if you add it to /etc/network/interfaces
<Capprentice> The networkManager is enabled and I can not remove it. How do I enable the interfaces in /etc
<Epx998> think i found the problem
<TJ-> Capprentice: you mean using the 'dummy' kernel module?
<Capprentice> yes
<Epx998> yeah so hosts file is has localhost in the 127.0.0.1 entry
<TJ-> Capprentice: and you want NetworkManager to create it at boot time?
<Capprentice> Tj, Yes.
<TJ-> Capprentice: you'll need to modify these instructions somewhat, but here's an exampe: https://jamielinux.com/docs/libvirt-networking-handbook/appendix/dummy-interface-on-rhel.html
<sdeziel> Capprentice: if you don't actually need to have it created by NM, you can simply put another iface (like iface dummy0) entry in /etc/network/interfaces. NM ignore interfaces in that file.
<Capprentice> sdeziel: I want the interface to get created at boot. If networkmanager can do that, then where do I put the config? What will I need to add under Network Manager?
<sdeziel> Capprentice: I don't know the NM way but that *should* work: https://paste.ubuntu.com/25588002/
<Capprentice> The way RHEL does, will it be identical TJ?
<Seveas> Capprentice: modprobe dummy; nmcli con add type generic ifname dummy0 con-name dummy0 ipv4.address 172.16.1.2/24 ipv4.method manual
<Capprentice> Hmm! Thanks.
<Seveas> might need a few more arguments to the nmcli command depending on your needs
<wk-home> why does ubuntu put libararies in /usr/lib/x86_64-linux-gnu/ instead of /usr/lib ?
<nacc> wk-home: becuase you have both 32 and 64-bit libraries on the same system?
<TJ-> wk-home: it's part of the Debian/Ubuntu multi-arch specification
<wk-home> new in 16.04.3 ?
<wk-home> having major compilation errors because of.. paths lol
<nacc> wk-home: i think it's been that way for a while
<wk-home> weird, never ever had this issue before
<TJ-> The spec started in 2004, most if it was in place by 2011 then the library separation started. I think multi-arch became mainstream with 14.04
<nacc> TJ-: taht sounds right
<TJ-> wk-home: there are a few holdouts where i386 and amd64 packages won't co-install. I dealt with one, -libunwind1 - last week
<TJ-> sorry, libunwind8
<wk-home> is there anyt PATH magic going on here? ive deployed multiple testing VMs locally with the same base iso and never had compilation issues with paths (not finding libs)
<TJ-> wk-home: no. what is the specific error?
<nacc> wk-home: you haven't actually told us an error
<TJ-> wk-home: is it a libtool rpath issue?
<wk-home> well, it looks for libraries under /usr/lib/ that's not there anymore
<nacc> wk-home: we don't konw what 'it' is
<nacc> wk-home: use a pastebin
<wk-home> libtbb, openssl etc
<YankDownUnder> Thinking of migrating upwards from the 4.4+ kernel series..."just because"...the box is merely a file server with custom compiled "netatalk" for AFP/Bonjour...any input/suggestions/donuts?
<tomreyn> suggestion: don't do stuff "just because"
<YankDownUnder> tomreyn, It's here at home...not a client's production box...just re-arranging the home/lab network a bit...was wondering...and gathering data...more fun that doing laundry and folding clothes, you know...(the cat will take care of that stuff)
<TJ-> YankDownUnder: I generally have all my systems using the Ubuntu kernel team's mainline kernel builds. You might want to stick to the stable mainline releases (I try the RC's too)
<tomreyn> TJ-: how do you validate their authenticity?
<sdeziel> YankDownUnder: you can try the linux-generic-hwe-16.04-edge package, it ships with semi-current kernel
<sdeziel> 4.11.0-14 ATM
<TJ-> tomreyn: how do you mean? they're Ubuntu builds, signed by the Ubuntu signing key
<YankDownUnder> I suppose this all boils down to "wasting time". I'm sitting around at home recovering from radiation and toxic sludge pumped into my veins...therefore, I am "looking for things to do". I've rebuilt several machines, ripped apart an iMac and an MBP, sorted all my comics and books...therefore, I was eye'ing up this file server that very happily chugs away with no problems...hmm...and in reality, RARELY would I even venture
<YankDownUnder> down this road - never in 20+ years would I - however, the levels of boredom are exceedingly high...
<tomreyn> TJ-: oh right i missed the CHECKSUMS.gpg file
<TJ-> YankDownUnder: might be time for a RasPi or Arduino or similar :)
<tomreyn> TJ-: do you know of a script to install the latest kernel image which actually verifies those checksums?
<TJ-> tomreyn: my own :)
<tomreyn> care to open source it? ;)
<TJ-> tomreyn: I think I have it up on my server somewhere, let me see if I can find it
<tomreyn> i know ukuu, which is...not good software, and there are a couple other 'mainline download' script, but none i know of does gpg verifications
<tomreyn> *scriptS
<tomreyn> and there is no https either, sadly
<tomreyn> thanks for looking for it
<tomreyn> TJ-: any luck finding it?
<urthmover> I am having trouble booting a different (older) kernel in grub using GRUB_DEFAULT.  When I set GRUB_DEFAULT=0>2, update-grub, and reboot the server continue to boot into kernel 3.16 instead of 0>2 which is submenu kernel 3.13.  Deos anyone have any suggestions on troubleshooting this?
<TJ-> tomreyn: sorry, I was off doing other things. I've just uploaded it. https://iam.tj/projects/ubuntu/wget_kernel_mainline.sh
<tomreyn> TJ-: thank you, also for the license choice you made. :) this should save me some time.
<TJ-> tomreyn: you're welcome. All my stuff is GPLv3
<TJ-> tomreyn: if you find any bugs or need features let me know. It satisfies my needs but if others are using it I can guess there'll be a wishlist
<tomreyn> i'm not sure, yet, but if i interpret the source correctly it will compare sha1 checksums while it could compare sha256sum's
<TJ-> tomreyn: speed choice
<TJ-> tomreyn: plus easier to scan the CHECKSUMS file since it just needs to 'break' after the sha1 section
<tomreyn> sha1 needs to die though ;)
<tomreyn> maybe this can return a bit of the favor, though you may already have something similar yourself: https://github.com/tomreyn/scripts
<sarnold> tomreyn: I love the installer :D
<tomreyn> sarnold: ;)
<tomreyn> just trying to break bad habits
<TJ-> tomreyn: I've added the option "-sha256" just for you
<tomreyn> TJ-: :) thanks. are you aware of wosign's state?
<tomreyn> (i noticed you use an ssl certificate they certified)
<TJ-> tomreyn: sure, but I can't be bothered to switch the domain to lets encrypt right now because I'm replacing the server completely
<tomreyn> excuse accepted ;-P
<TJ-> It's had so many upgrades (since 6.04) that I've lost track of what's what so it's getting a clean containerised install based on 16.04
<TJ-> some tools still report it as 10.04 :)
<tomreyn> sounds like a good time to reinstall ;)
<TJ-> yeah, done the debootstrap install of 16.04 but slowly moving over the configs from all te services and domains it hosts, and containerising as needed
<TJ-> thank the gremlins for LVM. I've been doing a dist-upgrade on a RasPi and 3 times it ran out of space on mountpoints and lvextend (and free extents in the VG) saved the day
<TJ-> tomreyn: your foreign_packages could also be achieved with apt-cache I think. Something like "apt-cache madison $( apt-cache pkgnames) | grep -v http "
<tomreyn> TJ-: hmm, good hint, thanks. i've been looking for an alternative which gets rid of the apt-show-versions dependency for a while.
<tomreyn> i'll give this a try the other day.
<TJ-> tomreyn: I (had to) write a script last year to reconstruct the /var/lib/dpkg/status file on a system that had suffered corruption so after spending a long time writing code to scan the packages in /var/cache/apt/archives and the lists in /var/lib/apt/lists I discovered "apt-cache dumpavail" to which I only needed to add the "Status: install ok installed" lines for each package!
<tomreyn> hehe, i also tend to run into commands i had never expected to exist. usually some months after i needed tzhem.
 * TJ- knows the feeling. I must be the only one that reads man-pages preemptively :)
<TJ-> I'm about to deploy 'maas' here since I noticed it supports my Sentry CDUs for power control. Was going to write my own control front-end for it... another case of almost reinventing the wheel
<sarnold> btw namei -l is the tool that I was happy to find before writing my own version :)
<TJ-> yeah, I often use readlink -m and cousins for a similar thing
<tomreyn> nice find, too.
<sarnold> hah, nice :)
<TJ-> I have so many tools like this that I have a networked /usr/local/ volume that is copied to all my systems. It also contains any changes I make to system-packages and their files, so on a fresh install I have a script that walks the /usr/local/etc/ and /usr/local/var/ trees inserting symlinks into /usr/local/... and applying dpkg-divert's
#ubuntu-server 2017-09-22
<geigerCounter> Hello. How do I upgarde 14.04 LTS to 16.04 LTS
<sarnold> geigerCounter: do-release-upgrade
<geigerCounter> sarnold: Command not found.
<sarnold> geigerCounter: hrm, that's funny. it's in ubuntu-release-upgrader-core
<geigerCounter> Huh.
<geigerCounter> I didn't have that installed.
<geigerCounter> Also, how can I back up my logs, content, and configs easily to another location?
<sarnold> there's no easy way to do that. rsync -avz is my favourite way, and if you start with /var/log/ /home/ and /etc/ you'll have a decent start; but it's so easy to have important configs scribbled everywhere
<geigerCounter> Mmm.
<geigerCounter> What is rsync?
<sarnold> rsync is a binary-differencing kind of tool that can drastically reduce bandwidth when trying to keep a directory tree synchronized between two machines over time
<geigerCounter> Hmmm
<sarnold> scp -r would re-transmit files even if the other side already has them
<sarnold> rsync can transmit just the changes
<geigerCounter> Mhm
<geigerCounter> That said, I can't really afford to keep anything locally. Don't have the storage media for it.
<geigerCounter> I dunno, unless I keep it on one of my external harddrives.
<geigerCounter> That could work.
<geigerCounter> Hmm. I shouldn't need to touch my keymaps, should I, sarnold?
<sarnold> geigerCounter: I'm not sure, I've always been content with the us 104 key or whatever that is selected at install
<geigerCounter> Hmm.
<geigerCounter> Yeah.
<geigerCounter> Sorry about being a bit noobish, but this is my first time ever doing this process for an ubuntu server.
<geigerCounter> Should I leave the line blank for "Interfaces on which the DHCPv6 client sends requests:" ?
<sarnold> geigerCounter: probably; if you're asking the question anyway then it's likely it's not really important. yet. ipv6 will get more important in the future, and how you get your ipv6 config will matter more and more .. but right now most people don't have it and don't need it
<geigerCounter> Well alright then.
<sarnold> funny enough I just started a do-release-upgrade on a 12.04 TLS machine about an hour or two ago.. I haven't done this in ages.
<sarnold> "TLS". It must be about dinner time :)
<geigerCounter> sarnold: Do I need to have a weekly run of fstrim?
<dpb1> if you have an SSD, you should.
<geigerCounter> dpb1: Oh hmm... I'll have to slap that script back in to the cron.weekly
<cpaelzer> jamespage: I hope you don't mind but I added OVS 2.8 to the release note as I needed to refer to it from dpdk
<cpaelzer> jamespage: but if you want to add more to it there please feel free
<lordievader> Good morning
<dpawlik> coreycb: Hello
<dpawlik> Please let me know when you are on irc :)
<dpawlik> Is someone else from cloud archive team?
<Oskars_> Shouldn't I get into my home directory when I FTPS in with my user?
<lordievader> Depends on the configuration.
<dpawlik> coreycb: hi
<coreycb> dpawlik: hi, did you have a question?
<dpawlik> coreycb: Hello, yes I have small question for you :)
<coreycb> dpawlik: ask away :)
<dpawlik> coreycb: let me copy few URLs for you
<dpawlik> coreycb: Is possible to generate new packages in Cloud archive for Pike and Ocata for oslo.middleware with patch https://review.openstack.org/#/q/Ic8b7f9698d7b3440005b17d249b1c8f0f66dae8a ?
<dpawlik> coreycb: one URL is enough :) I was thinking that more ulrs will be pasted :)
<coreycb> dpawlik: yes that shouldn't be a problem
<coreycb> dpawlik: i'll work on it in a few
<dpawlik> coreycb: thanks a lot
<coreycb> jamespage: beisner: can you promote these newton SRU packages to newton-proposed please for bug 1718033?
<ubottu> bug 1718033 in Ubuntu Cloud Archive newton "[SRU] newton stable releases" [Medium,In progress] https://launchpad.net/bugs/1718033
<coreycb> jamespage: beisner: can you also promote python-oslo.middleware to pike-proposed please?
<coreycb> dpawlik: ^ i've also updated the bug for SRU purposes. if you can help with any testing that would be great.
<dpawlik> coreycb: sure
<dpawlik> coreycb:  I try to install the package on Ocata infra (I don't have yet Pike but maybe the package will work :P )
<coreycb> dpawlik: ok it'll have to land in artful/pike first before the sru team will accept the zesty/ocata upload
<dpawlik> ack
<danpawlik_> @coreycb i forget to logout on irc. I must go home earlier so if it is not a problem i will check package today or on monday. Ok?
<M3mphiZ> is it possible to tell 'logrotate' to put all the *.gz files into a subdirectory like /var/log/gz ?
<oerheks> M3mphiZ, maybe 'postrotate' is what you want, to mv those .gz into /var/log/gz ? >> https://support.rackspace.com/how-to/understanding-logrotate-utility/
<M3mphiZ> oerheks: is logrotate not gonna complain that those files are not there anymore? or are those files left alone anyway once they are compressed?
<oerheks> M3mphiZ, yes, there is no hook to them, AFAIK.. correct me if i am wrong, guys
<oerheks> active is .log, 1st backup is uncompressed .log.1 ...
<sdeziel> M3mphiZ: logrotate won't complain if log.2.gz isn't there. After all, on a fresh machine it's never there
<M3mphiZ> how does it keep track of the x.gz number? not by checking all existing gz's but an internal counter of some sort? i mean if i move blah.1.gz out of the way, will it not create it next time instead of using blah.2.gz?
<sdeziel> M3mphiZ: yes, it will use the next "free slot"
<M3mphiZ> hmm.. well then i wont be able to simply move the gzs away the second time i try..
<M3mphiZ> as their names will conflict..
<sdeziel> M3mphiZ: it's not directly what you asked for but I have a logrotate snippet that takes my aggregated logs and archive them per year/month while compressing them, might interest you
<sdeziel> M3mphiZ: https://paste.ubuntu.com/25593805/
<M3mphiZ> sdeziel: thats looks interesting, may i ask how long u been using the script?
<sdeziel> M3mphiZ: and the associated rsyslog snippet: https://paste.ubuntu.com/25593822/
<sdeziel> M3mphiZ: I've been using similar variations of that script since 2014/05
<M3mphiZ> sdeziel: awesome thanks!, i gtg now but ill test it later, i might come back at you if thats ok?
<sdeziel> M3mphiZ: sure thing
<Epx998> Does the debian-installer support xfs for the / partition?
<sarnold> "seems likely"
<sarnold> xfs has been around forever anyway :)
<pizzadelivery> hello
<pizzadelivery> two xxxl pepperoni
<pizzadelivery> who ordered it :)
<sarnold> pizza!? for me?? I'm a lucky lucky little boy!
<pizzadelivery> did not you made a NY promise to eat no pizza or was it other guy? :D
<sarnold> definitely other guy
<pizzadelivery> i guess since no one else is around its for you
<pizzadelivery> :)
<pizzadelivery> strange no one made pizza os
<pizzadelivery> pizza linux distro
<sarnold> slices, boxes, deliveries, toppings...
<sarnold> you're right, the metaphors to work with
<pizzadelivery> what did you made today?
<pizzadelivery> for dinner
<pizzadelivery> i made some stew
<pizzadelivery> nearly ready
<Epx998> yeah never used xfs but its going
<Epx998> tho i got an error unpackaging the kernel, maybe /boot was too small
<Epx998> recipes can be a bit tricky if you dont mess with them a lot
<RoyK> Epx998: I use xfs for large filesystems whenever I don't use zfs
#ubuntu-server 2017-09-23
<mason> I still default to ext4 where I don't use ZFS.
<pankaj> msg NickServ identify pankaj_ toshiba
<ogra_> happy password changing ...
<oerheks> change your password, please .. this channel is logged
<oerheks> -- /msg nickserv set password YOURNEWPASSWORD  # and do this in the server tab
<pankaj> oerheks:
<pankaj> oerheks: OK. My mistake
<oerheks> np. glad you didn't part after that, so we could warn you
<pankaj> hello
<oerheks> hello toshiba .. ehh pankaj
<pankaj> oerheks: hello
#ubuntu-server 2017-09-24
<trippeh> ah cool, unbound tells systemd it is stopping when getting a reload through systemctl
<trippeh> borkborkbork
<trippeh> then systemd gets mad at it
<gunix> is luks encryption on a striped lv a bad ideea? i mean, when using striping and encryption together is the overhead so big that you should rather use linear, or is striping still worth it?
<mike-zal> I use virtualmin. in firewall section I have "activate on start-yes", however, when I check ufw status in terminal, it says "inactive". can someone explain why is that? thanks
<andol> mike-zal: My *guess* would by that virtualmin isn't usingufw at all, but rather iptables directly.
<andol> mike-zal: iptables -L -v
<mike-zal> andol: thanks, that's what I thought but wasn't sure. however I don't get fully the iptables/ufw relationship. is firewall working even if ufw isn't? what if I enable ufw? would it take over iptables then?
<mike-zal> iptables -L -v shows the same as virtualmin
<RoyK> mike-zal: ufw is just an iptables wrapper
<RoyK> albeit a good one in my opinion
<soahccc> Can one explain the concept of "MaxSessions" of sshd to me? I try to debug an application that softlocks when the remote terminates a connection due to "error: no more sessions". I set it to 5 now and the app reliably dies now everytime, yet I can open 20 SSH tabs in my terminal
<JanC> soahccc: it's explained in the manual what that parameter does
<JanC> but basically it comes down to multiplexing sessions over one connection vs. opening multiple connections
<JanC> ssh probably does the latter if necessary
<soahccc> JanC: but if I create multiple tabs locally and create ssh connection in each I get "new session" and later "session closed" for each in auth.log with different local ports... is it still multiplexing my connection magically?
<JanC> sounds like ssh is not multiplexing the sessions in your case
<JanC> and I suppose your application doesn't try to open multiple connections
<soahccc> JanC: well the application has the same in auth.log but for some reason it get's restricted by "no more sessions" while I can still create new sessions via my terminal and ssh binary
<JanC> also, try to figure out from the server logs if it has more info about why your application dies
<JanC> yes, it's probably creating new connections for every session
<soahccc> any my terminal isn't? I mean it's even saying in auth.log but somehow it doesn't get restricted with maxsessions
<JanC> when you use ssh in the terminal
<JanC> MaxSessions limits the sessions per connection, not the number of connections
<soahccc> oh, well that explains it I guess :D thanks I totally misunderstood it
<soahccc> then I don't understand why my application dies, it creates new connections for every sftp download... *shrug*
<JanC> does it support the right ciphers etc.
<JanC> recent versions of sshd dropped several that are unsafe
<JanC> or maybe it tries to use a feature that is disabled in your sshd
<JanC> like, is sftp implemented?  :)
<JanC> enabled
<soahccc> JanC: it works essentially but if I download too many files at once it breaks and on the remote auth.log I see that it terminated the request
<JanC> soahccc: maybe it tries to multiplex multiple downloads?
<JanC> maybe it should do them in series instead of parallel  :)
<soahccc> JanC: yeah it does a few in parallel but not all at once, I'm basically just trying to recover from this error in my application. but I guess I'm still struggling with some internals of the SSH library
<Machine_Ex98> hello some help guys
<tomreyn> !ask | Machine_Ex98
<ubottu> Machine_Ex98: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Machine_Ex98> i wanna make mysql connect remotely
<tomreyn> to what?
<Machine_Ex98> to ip external
<Machine_Ex98> so i can login with MysqlWorkbench or from any other website
<tomreyn> let me guess: you want to make some mysql client talk to a separately hosted mysql database server?
<Machine_Ex98> i'm already installed appserv phpmyadmin i wanna make my ip connect remotly
<Machine_Ex98> not localhost
<Machine_Ex98> external ip
<tomreyn> this "appserv"? https://www.appserv.org/en/
<Machine_Ex98> yes
<tomreyn> do you run the mysql server yourself?
<Machine_Ex98> yes
<Machine_Ex98> i installed all fine
<Machine_Ex98> i modified the files on etc/mysql
<Machine_Ex98> mysqld.cnf
<tomreyn> so you have a windows system running this "appserv" software compilation which includes a mysql server, but you do not want to use this server. you also run and manage another mysql server on some remote host, which the windows system can technically reach (but not connect to the mysql server, yet).
<tomreyn> is this correct?
<Machine_Ex98> bind-address		= 127.0.0.1
<Machine_Ex98> i modified with my ip
<Machine_Ex98> then restart mysql
<Machine_Ex98> so now i got this msg
<Machine_Ex98> ERROR 1130: Host '188.11.x.x' is not allowed to connect to this MySQL server
<tomreyn> which operating system and version does your mysql server run on?
<Machine_Ex98> sorry i was idle
<Machine_Ex98> tomreyn :  Ubuntu 16.10
<tomreyn> Machine_Ex98: that's end of life and thus unsupported here.
<tomreyn> https://wiki.ubuntu.com/Releases
<tomreyn> !eol
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<Machine_Ex98> okey by the way i can get support here or not ?
<tomreyn> this channel is for support with supported (non end of life, just real ubuntu, not derivatives, not debian) ubuntu server installations.
<tomreyn> (refer to the channle topic)
<hehehe> :)
<Machine_Ex98> tomreyn fixed
<Machine_Ex98> by %
<Machine_Ex98> good luck
#ubuntu-server 2018-09-17
<ahasenack> cpaelzer: I'm looking at the pcre3->pcre2 bug, apache2 specifically
<ahasenack> cpaelzer: pcre2 has multiple libraries: 8bit, 16bit, 32bit, posix
<ahasenack> cpaelzer: know anything about that/
<ahasenack> ?
<cpaelzer_> ahasenack: on experience on pcre
<evit> Is Ubuntu vulnerable to https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2018-101/
<RoyK> omg - another php bug
<RoyK> evit: it's vulnerable, yes, but I don't know if the bug is fixed yet
<evit> RoyK, You have something dripping off of you
<evit> evit, sarcasm =P
<evit> Ahh, I see
<evit> RoyK, You are right PHP isn't my fav either
<RoyK> evit: I asked on #debian if anyone knew there - a lot of ubuntu fixes comes to debian first
<tomreyn> evit: find out their CVE IDs, then you can look them up on https://people.canonical.com/~ubuntu-security/cve/
<RoyK> but where the fsck is the CVE?
<evit> Where FSCK indeed
<tomreyn> any responsible software developer would request one and list it on their bug tracker. e.g. https://bugs.php.net/bug.php?id=76778
<tomreyn> "CVE-ID: 	None"
<tomreyn> that is, if securit yimplication is assumed
<tomreyn> https://bugs.php.net/bug.php?id=76582 got one.
<tomreyn> i suspect the php folks dont consider memory leaks to have security impact.
<sdeziel> Ubuntu syncs PHP from upstream
<sdeziel> I'll open a bug for it
<evit> sdeziel, Thanks =)
<sdeziel> evit: LP: #1792987
<ubottu> Launchpad bug 1792987 in php7.2 (Ubuntu) "[MRE] Please update to latest upstream release 7.0.32 / 7.2.10" [Undecided,New] https://launchpad.net/bugs/1792987
<adac> Hi there! How can I clear up the /var/cache/davfs2?
<adac> It gets pretty huge and takes a lot of disk space
<tomreyn> adac: this path doesn't seem to be managed by any (official) ubuntu package in any of the supported releases.
<adac> tomreyn, actually I'm using autofs in combination with the davfs2 package
<adac> and I'm on 16.04 LTS
<tomreyn> adac: sorry, i dont know then. this software doesn't look like it's in a great state, though, judging by the bug tracker.
<adac> tomreyn, ok I see. Yes I will probably simply replace that and mount the directry simply via fstab or so
<adac> or mount it only when I do a backup
<tomreyn> it seems to lack proper garbage collection, looses data when transfers are interrupted, transfers are slow.
<sdeziel> evit: and the same for php5 LP: #1792991
<ubottu> Launchpad bug 1792991 in php5 (Ubuntu) "Please apply security fixes from PHP 5.5.36 to 5.5.38" [Undecided,New] https://launchpad.net/bugs/1792991
<DammitJim> how do I hold back dist-upgrades for a series of packages?
<genii> !pinning
<ubottu> pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<DammitJim> thanks genii
<DammitJim> is it normal to have to do pinning?
<genii> No
<DammitJim> I'm having an issue where rabbitmq-server requires erlang
<DammitJim> well, erlang's suggested upgrade through apt-get dist-upgrade is saying to go to version 21
<DammitJim> well, the version of rabbitmq suggested is not compatible with erlang 21
<DammitJim> and needs to stay with erlang 20
<teward> DammitJim: do you have additional repositories enabled?
<genii> Pinning is useful if for instance a normal particular package from regular repositories is doing something odd like pulling in a different dependency from an unexpected place like a PPA
<teward> because erlang 20 is the only version in Ubuntu (and PPAs are... headaches)
<DammitJim> oh yeah, thanks for pointing that out... I just noticed that there is a source for dl.bintray.com for erlang
<DammitJim> oh man!
<genii> If a dependency is stated like =(exactversion) it will usually use the specific one it really wants but some also have like >=(some minimum version)
<DammitJim> genii, thank you for giving me the keyword... I just searched for pinning and that turned out a bunch of results on how to deal with this for rabbit and erlang users
<DammitJim> but what a pain! I'm sure you guys are more used to this
<JanC> PPAs are fine if they are maintained by people who know what they do  :)
<JanC> like, not put random libraries in it that clash with existing libraries
<DammitJim> ok, I think I'm about to break the internet
<DammitJim> how about if I want to change the source where the packages come from
<nacc> DammitJim: what do you mean?
<nacc> DammitJim: you add repositories, and use pinning to change their priorities
<DammitJim> it seems that rabbit is now suggesting to go from deb https://packages.erlang-solution.com/ubuntu xenial contrib to deb http://dl.bintray.com/rabbitmq/debian bionic erlang-20.x
<DammitJim> this is so confusing! what a pain! why can't the developers just work with the version of rabbit and erlang that ubuntu provides from repos!!!
<nacc> DammitJim: 'rabbit is no suggesting'?
<nacc> *now...
<DammitJim> yeah, the documentation has changed
<nacc> DammitJim: 1) those are for two different releases
<nacc> DammitJim: that's a question for the developers, not for us :)
<DammitJim> I know nacc...  just complaining
<DammitJim>  /join #complains
<nacc> DammitJim: :)
<linuxperia> Hi. I have php version "PHP 7.2.7-0ubuntu0.18.04.2" and phpinfo prints out this info here "Configuration File (php.ini) Path /etc/php/7.0/apache2 Loaded Configuration File /etc/php/7.0/apache2/php.ini" My Question is how i can change the settings in apache on my ubuntu server so it start uses the newest installed version 7.2 instead of this strange version here 7.0! I tryed this here but it did not work. "update-alternatives --set php
<linuxperia> /usr/bin/php7.2" Thanks in advance for any helpfull tips to resolve this ubuntu apache problem.
<nacc> linuxperia: what version of ubuntu are you on?
<linuxperia> nacc: 18.04.2
<nacc> linuxperia: given that doesn't exist yet, please clarify
<linuxperia> well php has this version when i do php -v  "PHP 7.2.7-0ubuntu0.18.04.2"
<linuxperia> so 18.04.02
<jelly> linuxperia: try "lsb_release -r" instead
<jelly> or lsb_release -a
<nacc> linuxperia: that's a substring in a package version
<nacc> linuxperia: not related, necessarily, to your ubuntu version
<linuxperia> jelly: nacc: lsb_release -a No LSB modules are available. Distributor ID:	Ubuntu Description:	Ubuntu 18.04.1 LTS Release:	18.04 Codename:	bionic
<linuxperia> i need apache to work with my newest installed php7.2 version instead of 7.0
<nacc> linuxperia: `apt-cache policy libapache2-mod-php` in a pastebin
<jelly> then figure out which php ABI apache uses, that php.ini path suggests mod_php
<jelly> and then make sure versions of php-cli and mod_php match, because as you can see they can be completely separate
 * jelly thought everyone switched to php-fpm 
<linuxperia> nacc: http://paste.ubuntu.com/p/WFr73RwnmP/
<nacc> linuxperia: ok, `apt-cache policy libapache2-mod-php7.0 libapache2-mod-php7.2` ?
<linuxperia> nacc: http://paste.ubuntu.com/p/CBZWtXWwpS/
<nacc> linuxperia: how did you upgrade from 16.04 to 18.04?
<linuxperia> nacc: think it was dist-realease upgrade but it stoped after some time so i had to do then apt-get upgrade to finish it
<nacc> linuxperia: ... right, that's what borked things then
<nacc> (afaict)
<nacc> linuxperia: is it possible that libapache2-mod-php7.0 is autoremovable? `sudo apt-get autoremove` ?
<linuxperia> yes had some problems with the upgrade that is true
<linuxperia> okey will try
<linuxperia> yes i can autoremove it! should i ?
<linuxperia> i guess is good will try it out thanks a lot for debugging the problem
<linuxperia> lets see
<nacc> linuxperia: yes, so your release upgrade didn't finish
<nacc> linuxperia: you are still have packges from 16.04 intalled, such as that one
<nacc> once you clean it up, i imagine things will fix themselves
<linuxperia> yes the autoremove went without problems. this is the ouput: Module php7.0 disabled.
<linuxperia> apache2_invoke prerm: Disable module php7.0
<linuxperia>  apache still works. will test now phpinfo and see if apache works with the newest version.
<linuxperia> nacc: Woowww Yuppiee you solved the Problem! Big Compliments to you Man! you helped me a lot after the upgrade strugle. Thank you very much! If you are from canonical then i will keep going my ubuntu server on the Google Cloud and support like the last years canonical the same way.
<linuxperia> I am saved. All problems with the ubuntu server disapeared. Thanks a lot i feel very happy now :-)
<nacc> linuxperia: glad to hear
<linuxperia> nacc: i just remembered why the upgrade of my ubuntu server 16.04 got dirsupted. For some weired and bad reason the main database package mariadb 10.2 is not available for 18.04. Neither for Debain nor for ubuntu exist the stable release mariadb 10.2 for 18.04 however for 16.04 it existed and i did used it. Becouse tthe ubuntu database package is dis-functional my upgrade of the server crashed. Everyone that has ubuntu server running with
<linuxperia> mysql/mariadb database 10.2 will endup with a crashed ubuntu server system. see here more info of mariadb package build failure. I could without any problem compile and install amriadb 10.2 from sources on ubuntu. Not sure why ubuntu and debian have such big problems getting mysql databse 10.2 packaged. https://launchpad.net/~mysql-ubuntu/+archive/ubuntu/mariadb-10.2/+packages
<linuxperia> nacc: this is something the canonical people need look into it if they dont want lose customers because the most vital part of the ubuntu server aka the stable release of the database is broken and crashes any system when upgraded from 16.04 to 18.04 not only on ubuntu but also on debian. i already thinked to switch over to RedHat in the hope to avoid such a stupidity again. when i do build mariadb 10.2 from github on ubuntu however it gets
<linuxperia> compiled and installed without any problems. so it is a packaging problem and not a source problem.
<nacc> linuxperia: reading
<nacc> linuxperia: mariadb-server 10.2 was never in ubuntu
<nacc> linuxperia: afaict, 16.04, 18.04 all have 10.1
<nacc> linuxperia: so, presumably, you were running some non-ubuntu mariadb on 16.04.
<nacc> !info mariadb-server xenial
<ubottu> mariadb-server (source: mariadb-10.0): MariaDB database server (metapackage depending on the latest version). In component universe, is optional. Version 10.0.36-0ubuntu0.16.04.1 (xenial), package size 12 kB, installed size 61 kB
<nacc> !info mariadb-server bionic
<ubottu> mariadb-server (source: mariadb-10.1): MariaDB database server (metapackage depending on the latest version). In component universe, is optional. Version 1:10.1.34-0ubuntu0.18.04.1 (bionic), package size 12 kB, installed size 64 kB
<nacc> linuxperia: I don't work for Canonical.
<nacc> linuxperia: and presumably you're not paying Canonical either, so I'm not sure why you think they are losing you as a customer?
<nacc> linuxperia: if you are you should pursue your official support contract, if you want
<nacc> linuxperia: you also chose to use a PPA (not a great thing) for something entitled "MariaDB 10.2 Testing" which implies it is not stable.
<nacc> A PPA that hadn't received *any* updates in ... 2 years?
<nacc> linuxperia: final point, mariadb-server in Ubuntu is in universe, which means it is community supported.
<linuxperia> nacc: i use ubuntu server on the google cloud and by this pay canonical for the providing of the certified ubuntu server images => https://blog.ubuntu.com/2014/11/03/certified-ubuntu-images-available-on-google-cloud-platform i did not use any testing ppa i used the mariadb official ppa to get 10.2 running on ubuntu. Okey thanks a lot for the Information. I find it very strange that we have already the stable release of mariadb 10.3 but
<linuxperia> debian and ubuntu are on 10.2 max. this is a little lame for ubuntu/debian as database is a vital part of a server. Okey thanks for the clarifications and help again. wish you a great time. Best regards.
<RoyK> linuxperia: mariadb is available in all the recent versions from https://downloads.mariadb.org/ - distros like debian and ubuntu lag behind, which is normal, because they want to know that things work before they push a new version
<RoyK> linuxperia: just grab the packages from https://downloads.mariadb.org/ and stop complaining
<nacc> !latest | linuxperia
<ubottu> linuxperia: Packages in Ubuntu may not be the latest. Ubuntu aims for stability, so "latest" may not be a good idea. Post-release updates are only considered if they are fixes for security vulnerabilities, high impact bug fixes, or unintrusive bug fixes with substantial benefit. See also !backports, !sru, and !ppa.
<RoyK> see "!sns" in #debian as well ;)
<nacc> linuxperia: also ... "mariadb official ppa"?
<nacc> linuxperia: if by that you mean what RoyK is referring to, then that's your own issue to figure out. Not an Ubuntu problem.
 * RoyK thinks linuxperia should run debian sid to experience the true joy of living on the bleeding edge for a while
<nacc> heh
<nacc> linuxperia: i think you really need to step back and think about what you are running, and what is reasonable expectations. Have a nice day.
#ubuntu-server 2018-09-18
<keithzg[m]> Well shucks, I rebooted an 18.04 server after applying the latest updates, and now it's falling flat on its face; can't even quite figure out what's failing since login attempts hang.
<keithzg[m]> Okay, a login attempt I made in-person *finally* succeeded after several minutes of waiting. I only get VT1; ctrl+alt+F# just shows a blinking cursor for anything else. Trying to run `top` (trying to quicjly see if it's just something somehow hogging the CPU) just sits there forever, as does `systemctl --failed`. Interrupting with ctrl-c works fine. I suppose I should just try and let 'em run and see if they
<keithzg[m]> eventually return something...
<docmur> Hey guys, I had an LVM array that crashed, which consisted of three drives.  One of the drives is dead but it's volume was across all three of the drives.  Is there a way to get the data from that one volume, to the extend it's possible, back?  I know the 3TB of files that were on the dead drive are gone, and some of the other files for sure, but could the good files on the other two be recovered?
<keithzg[m]> Well shucks, `systemctl --failed` itself failed, with "Failed to list units: Connection timed out".
<mason> heh
<keithzg[m]> Aha, but with sudo it succeeded, and the problem units are accounts-daemon, mariadb, and networkd-dispatcher. Hrmm.
<keithzg[m]> Manually starting accounts-daemon seemed to work, as did manually starting mariadb, which is good 'cause this is indeed our company database server so it'd be kindof . . . awkward if people came into work tomorrow and it was down :P
<CarlenWhite> For some reason I feel like I stumbled across something that'd let you relay software packages from one server so several servers didn't have to go out into the net to fetch one package.
<CarlenWhite> Of course could be imagining.
<qman__> there are essentially two options for that, a caching proxy, or setting up your own mirror
<CarlenWhite> Then a caching proxy is what I was thinking of. It'd be overkill to host a mirror for internal purpose.
<qman__> setting up your own mirror is more involved and hard to justify unless you have a lot of machines using it
<qman__> for the proxy, you also have two options, set it up as a transparent proxy that "just works", or set up a normal proxy and configure your apt clients to point at it
<qman__> the trouble with a transparent proxy is making sure it doesn't interfere with anything else; the trouble with a regular one is doing the configuration on all your clients
<CarlenWhite> I might end up doing it the regular method. Plus if I really need to configure it for many clients I'd write a script help remove some of the repetitiveness.
<CarlenWhite> Plus this is for my own home net. Was doing a release upgrade on a few computers and figured it'd make sense to fetch all the packages from the local home server and have them all download it from one 15Mbit DSL connection
<CarlenWhite> [...]local home server instead have them all[...]
<roaksoax> g/win 14
<TJ-> Can anyone confirm that 18.04 with strongswan/xl2tpd L2TP/IPsec (direct or via network-manager-l2tp{,-gnome}) will connect to Cisco IOS (870) - got Windows and OSX clients that'll connect but Ubuntu is failing. IKEv1 proposal is accepted but then there's just resent messages and the connection fails. Using aes128-sha1-modp2048/aes128-sha1
<CarlenWhite> Oof
<CarlenWhite> I really put something sideways in my server
<CarlenWhite> It's running now but it isn't running well
<CarlenWhite> Woo. Everything's fixed. And that was on botched do-release-upgrade on my part.
<CarlenWhite> Basic gist, grub got botched and had to manually instruct how to boot. Boot partition damaged. Learn latest kernel got corrupted. fsck. Boot again. apt install --reinstall the damaged kernel. System works without intervention now.
<elox_> Hello, I'm trying to install python3-pip on my fresh and nice bionic but it mysteriously fails.... whats happening?
<tomreyn> elox_: we could make some wild guesses, or you could show some output.
<elox_> https://paste.ubuntu.com/p/hNJtWqm4Wg/
<elox_> tomreyn: ofc, apprechiate it
<elox_> I've battled this for some time.
<tomreyn> this is bug 1783129
<ubottu> bug 1783129 in subiquity "Only "main" component enabled after install" [High,Confirmed] https://launchpad.net/bugs/1783129
<tomreyn> !info python3-pip
<ubottu> python3-pip (source: python-pip): Python package installer. In component universe, is optional. Version 9.0.1-2.3~ubuntu1 (bionic), package size 111 kB, installed size 585 kB
<elox_> I must be doing something VERY wrong since I use the official image but it just seems borked.
<tomreyn> "component universe"
<tomreyn> oh it Is borked.
<tomreyn> thus the bug report
<elox_> It seems that if I use this image http://cdimage.ubuntu.com/ubuntu-server/bionic/daily/current/ it mysteriously works!
<tomreyn> it's not mysteriously, if you look at the bug report i posted
<elox_> Oh, I'll try look that bug.
<elox_> Thank you alot!
<tomreyn> welcome
#ubuntu-server 2018-09-19
<NickZ> I'm getting a strange error on ubuntu bionic server install; it's attempting to run zpool and failing because it's not installed
<NickZ> https://pastebin.com/CpiyUrMy
<NickZ> anyone else run into this?
<NickZ> relevant line starts at 162
<X-Rob> NickZ: at a guess, you have an existing zfs pool there and curtin doesn't know how to handle it. Disconnect the drives?
<NickZ> nope, these are completely clean drives
<NickZ> manually partitioning the drives prior to install seems to resolve the issue
<^Squirrel^> hi, can I get help for ubuntu gere?
<hateball> !ask | ^Squirrel^
<ubottu> ^Squirrel^: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<^Squirrel^> I have a folder /proc/4838/cwd that is 9.4G, process 4838 identified as Samba - I think it is killing my server - is it normal that it should be so big, and if not, how to I get it back to normal size?
<^Squirrel^> my server being the server on which that ubuntu runs, of course
<lordievader> Good morning
<^Squirrel^> alternative question: I have a partition for /, one for /home and one for /var. I would like to find the larger files for the / partition, a way that doesn't scan the other (mounted) partitions even if linked to it - is there a way to do that?
<^Squirrel^> morning lordievader
<keithzg[m]> Hah, just ran the 16.04 -> 18.04 upgrade on a server with molly-guard installed, and molly-guard cancelled the automatic reboot afterwards
<lordievader> ^Squirrel^: `du -x` skips directories on different file systems, as per the man page.
<^Squirrel^> thanks
<^Squirrel^> so "du -x /" is what I should run?
<^Squirrel^> ok that works, still doesn't tell me what is filling my 10G of /root folder
<^Squirrel^> folder/partition
<mdeslaur> rbasak: are you planning on working on that mysql merge?
<mdeslaur> rbasak: or is lars doing it?
<rbasak> mdeslaur: we're taking care of it. Lars has a branch up for review. I'm hoping to get to it today, but I'm not sure.
<mdeslaur> rbasak: ok, cool, thanks!
<^Squirrel^> lordievader, is there a way to check what size the folders are (the sum of the files in that folder and subfolders) on a server (no GUI)
<rbasak> ^Squirrel^: du. See the du manpage for details of -s and -c.
<rbasak> Or you can use baobab on a desktop machine connecting over ssh.
<sarnold> ^Squirrel^: du -shx /*  may be useful
<^Squirrel^> thank, will try. Root space free is 0  I can't install anything new
<^Squirrel^> I have ssh access too yes
<lordievader> du is installed by default.
<^Squirrel^> rsalveti, sarnold, I use these thanks
<^Squirrel^> lordievader, yes, of course
<^Squirrel^> this is weird
<^Squirrel^> df reports that my root partition is 0, but sudo du xhc reports 3.6G is used. / is a 10G partition
<^Squirrel^> I am using LVM, can it be the reason?
<lordievader> Might simply be removed files in use.  df sees those, du doesn't.
<^Squirrel^> so what does "removed files in use" mean?
<^Squirrel^> I have rebooted the server, this partition is still full
<^Squirrel^> that's 5G worth of dark matter
<jelly> ^Squirrel^: no, lvm is not the reason.  Look for unlinked files still in use by opened processes.
<sarnold> a reboot is a good way to fix that though :/
<^Squirrel^> I rebooted already, twice, to no avail
<^Squirrel^> jelly, how do I do this?
<sarnold> lsof or fuser are the usual tools
<jelly> you might have files hiding under a mountpoint below this one
<jelly> lsof -n +L1
<sarnold> jelly: ooh +1
<jelly> but if you rebooted that would have cleared the processes
<^Squirrel^> no output of this lsof
<^Squirrel^> lsof -n +L1
<jelly> how many mountpoints do you have other than / ?
<jelly> with real filesystems or bind mounts
<jelly> (also, doing anything with /* is bad form, avoid)
<^Squirrel^> expcluding tmpfs and udev, 16
<jelly> umount everything else under / and retry du -x /
<sarnold> jelly: how else would you get a list of all top-level files and directories?
<jelly> siwtch
<^Squirrel^> in reality, about 8 I explicitly mounted
<jelly> sarnold: ls -ld, not du
<jelly> or echo
<^Squirrel^> including /var
<^Squirrel^> and /home
<sarnold> jelly: ls and echo do not summarize the sizes of all files linked in all directories underneath those top-level directories
<jelly> sarnold: what use are sizes of files in /proc
<sarnold> jelly: good point.
<^Squirrel^> ok jelly, this might be getting somewhere - umounted -a then I get a total which corresponds more to df outuput
<jelly> (procfs is slow, in might take half an hour just traversing that on a busy system)
<jelly> du can very well traverse directories on its own, no need to help it with *
<jelly> ^Squirrel^: look at directory contents previously hidden under other mountpoints
<sarnold> ^Squirrel^: btw, once you've got some space to install new packages, ncdu may be to your liking :)
<^Squirrel^> I tried to install ncdu, can't :P
<^Squirrel^> but once I find the problem here, I will
<^Squirrel^> I need to create a root user now - I can't unmount /home otherwise
<sylario> I have a problem, I have a 16.04 server that lose all network connectivity from time to time. I can see the DHCP addresses in ip a, but I cannot ping it and it cannot ping anything
<jelly> sure you can, just get your CWD ass out of /home
<sylario> Network come back with sudo systemctl restart networking
<jelly> (but having root is always nice, for other reasons)
<^Squirrel^> lol I could just CWD out indeed
<jelly> or as they call it in sh, "cd"
<jelly> lsof -n|grep /home
<^Squirrel^> but I can't umount home, cause I'm still logged into a user using /home...
<^Squirrel^> ok /home umounted...
<^Squirrel^> jelly, du -x / still reports some of the umounted folders...
<^Squirrel^> yup. that's it :)
<^Squirrel^> I knwo the problem now
<^Squirrel^> Yay!
<^Squirrel^> thanks guys!
<^Squirrel^> Solved!
<^Squirrel^> thanks jelly especially :)
<sylario> What can I do to investigate losing connectivity after a reboot?
<sylario> The system has the correct IPs, but there is no connectivity at all without rebooting networking
<sylario> from syslog and apache, I can see the machine rebooted around the time of the problem
<tomreyn> sylario: maybe the dhcp server wasn't working by the time your system booted up again?
<tomreyn> oh you saiid it got the correct ips, sorry
<sylario> It's some kind of xen hosting I think
<tomreyn> so does resolving not work then, or are remote (and what about local) targets not reachable if addressed via ip address either?
<tomreyn> * lacal targets, such as you gateway
<sylario> I have access via an emergency console, I cannot ping google or the french taxes office from the problematic server, I cannot ping any of the server's IPs
<sylario> sudo systemctl restart networking solve everything
<tomreyn> the servers' LAN or WAN IPs?
<tomreyn> and where from
<sylario> It has only public IPs, not addresses in private ranges
<tomreyn> ok so i'm wondering whether while this problem occurs, you could, from the server, ping 1.1.1.1 or 8.8.8.8 or the servers' gateway (as listed by ip route | grep ^default)
<sylario> I try to ping it from public IPs from two different ISP, and I connect on it with an emergency console provided by the hosting company
<sylario> I did not try that
<tomreyn> in case you wont be able to ping the gateway when it happens again, talk to your hosting company.
<tomreyn> in the meantime review /var/log/syslog to get a better idea of why the network didn't come up fully after the reboot.
<sylario> tomreyn: thx for your help, i'll try that as soon as I can test on the server.
<sylario> It will go in the next ticket
<vimes> hello! I just rented an Ubuntu VPS but I see some weird traffic spikes, I wondered if any one had some recomendations for some good traffic montioring tool, preferably that saves traffic so I can see when traffic spiked and what caused it, a web gui would be nice but terminal works too. preferably open source
<sarnold> vimes: perhaps ntopng is the tool you want
<vimes> thanks! I'll check it out sarnold
<rbasak> vimes: iftop for realtime viewing. Not sure about looking later though. It would make sense for it to have a pcap replay feature but I don't see that.
<tobias-urdin> jamespage: heads up on possible upgrade path bug for keystone, dont know how to add ubuntu tracking
<tobias-urdin> https://bugs.launchpad.net/keystone/+bug/1793347
<ubottu> Launchpad bug 1793347 in OpenStack Identity (keystone) "keystone upgrade fails q->r oslo.log requirement to low" [Undecided,New]
<tobias-urdin> coreycb: ^
<bin_bash> are auto-upgrades enabled by default? I have a vm that was provisioned and it was, and I'm trying to determine if this is a provisioning problem or a distro problem.
<leftyfb> bin_bash: I don't know for sure, but you can easily find out by spending the 1 minute it takes to do the server install from usb onto a device
<bin_bash> sure if i had a device to install it on
<bin_bash> but i dont so i'm asking here
<tobias-urdin> jamespage: coreycb and another possible one https://bugs.launchpad.net/nova/+bug/1793353
<ubottu> Launchpad bug 1793353 in OpenStack Compute (nova) "broken upgrade path q->r requirement for oslo.db" [Undecided,New]
<pragmaticenigma> bin_bash: Virtual Box is a decent way to test things with temporarily
<nacc> based upon a bionic lxd, it seems like some sources are enabled. That is the cloud image, though, not necessarily the same as the base server install
<pragmaticenigma> I thought server enabled root and -security by default... I just can't find the documentation on it.
<bin_bash> pragmaticenigma: sure if that was a viable option, but it's not unfortunately.
<bin_bash> nacc: that's pretty terrible...
<pragmaticenigma> bin_bash: what do you mean by terrible?
<bin_bash> pragmaticenigma: if i install a package of a specific version on a freshly provisioned VM, and then come back the next day, the package shouldn't have been upgraded.
<bin_bash> but that's exactly what happened.
<pragmaticenigma> bin_bash: If it is truly the default of -security having been enabled, then the version didn't change, a patch was applied to mitigate a security vulnerability. What package was auto-updated on you?
<bin_bash> nodejs
<bin_bash> APT::Periodic::Update-Package-Lists "1";
<bin_bash> APT::Periodic::Unattended-Upgrade "1";
<bin_bash> this was the content of /etc/apt/apt.conf.d/20auto-upgrades
<pragmaticenigma> bin_bash: what about the 50* one?
<bin_bash> do you want the whole thing in a paste?
<bin_bash> it's actually mostly commented out
<bin_bash> pragmaticenigma: https://0bin.net/paste/rLMnSMn5X4TrAjtu#8GTWJhVLB7ukZuOZw8G5nCySn5G7pdsV6ZcAGrf+I1Z
<pragmaticenigma> bin_bash: If what I've found so far is true, only the first two are not commented out... the rest are... specifically -security isn't commented out
<pragmaticenigma> bin_bash: the link says there is no paste there
<bin_bash> then someone else must have clicked it
<bin_bash> is there a bot that crawls links and opens them?
<pragmaticenigma> anyone in this room could have clicked that before I got the chance to
<bin_bash> Unattended-Upgrade::Allowed-Origins {
<bin_bash>         "${distro_id}:${distro_codename}";
<bin_bash>         "${distro_id}:${distro_codename}-security";
<bin_bash> "${distro_id}ESM:${distro_codename}"
<bin_bash> thats the only uncommented part
<pragmaticenigma> including the bots... with the spam attack on freenode
<bin_bash> oh and this
<bin_bash> Unattended-Upgrade::DevRelease "false";
<bin_bash> i mean it was mere seconds between pasting and you trying to click, so it must have been something automatic. never had that problem in another channel, most bots just fetch metadata
<pragmaticenigma> okay, from what you have posted so far then... your instance is setup to only auto update security patches.
<bin_bash> hm
<bin_bash> even this though?
<bin_bash> "${distro_id}:${distro_codename}";
<bin_bash> that doesn't have -security
<pragmaticenigma> that is your "root" store... the items in there do not change until a point release occurs, suchas 18.04.1 to 18.04.2
<bin_bash> plus if i specifically install a version (which I did), that should add some kind of flag, right?
<pragmaticenigma> bin_bash: no... those are defined in another file, explicately by the person doing the sysadmin
<bin_bash> =/
<pragmaticenigma> I wish I could find release notes to verify the enabled by default for you. Short of installing (which I can't do at my present location) I can't find anything online to verify other than a bug that 16.04 ignored a users selection of no unattended updates
<bin_bash> yeah thats what i was looking for as well
<bin_bash> but didn't find it
<bin_bash> thank you for looking though
<pragmaticenigma> bin_bash: the closest that I can find is Ubuntu Desktop Gnome/unity have installed the package by default, and in Debian, the default configuration is to enable the main or root and the "-security" by default
<bin_bash> hm interesting
<pragmaticenigma> bin_bash: I know that Ubuntu Desktop asks during installation, and by default has "Install security updates without confirmation" preselected
<bin_bash> this is jsut a weird one-off package. gotta have node6 for this dumb  thing -.-
<pragmaticenigma> bin_bash: I was partitially expecting you to mention something about GhostScript, as there were some significant security vulnerabilities patched in the last 24 hours
<bin_bash> ahh
<bin_bash> well i had a helluva time installing node6 at all. every other time ive done it on 16.04 i just added the source list and then apt install and it was fine
<bin_bash> this time i had to specify the version
<pragmaticenigma> I wish I were more familiar with it... I know 18.04 some foundational pieces where significantly changes (netplan, etc) that have made some rather hard support questions
<pragmaticenigma> bin_bash: Found it! The default config file for the unattended-upgrades package has main and -security enabled by default in 50unattended-upgrades
<bin_bash> it seems like something that should be documented
<bin_bash> oooo
<bin_bash> where did you find that
<pragmaticenigma> https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.5
<bin_bash> thank you!
<pragmaticenigma> rather: https://launchpad.net/ubuntu/+source/unattended-upgrades
<bin_bash> perfect
<bin_bash> i read that as "unintended upgrades"
<bin_bash> hahaha which is more fitting -.-
<pragmaticenigma> yeah... I go back and forth on whether I want to enable it... sometimes I get really tired of the prompts on Desktop... at the same time, I run MythTV and don't want it to decide to apply updates in the middle of a recording and trigger the daemon to restart
<pragmaticenigma> I typically install all instances from the mini.iso release. In part because I can still install to 32 bit machines with it, and it's the same dialog prompts no matter what the final version I'm intending to install
<pragmaticenigma> and depending how far into the release we are, I don't have to spend an extra hour or two installing updates after installing the release
<pragmaticenigma> bin_bash: from this, I would assume the author of your vm included/installed the unattended upgrades package. Assuming they either clicked through accepting the default selections or installed the package after the fact, I don't think it was the vm's authors intent to misconfigure. As much as trying to follow the defaults offered by the original installation
<pragmaticenigma> bin_bash: it really should be better documented. it's even harder for server as most the documentation highlights the desktop installations more than server. I would assume Canonical would rather people installing server sign up for a support plan
<bin_bash> it's just so frustrating. i dont think anything should automatically update on a server, that's just asking for problems.
<pragmaticenigma> bin_bash: Agree'd to a degree... the problem is the number of systems that get abandoned or aren't maintainted regularly that really could benefit such that they don't fall vicitm to someone's bot net
<pragmaticenigma> at minimum at least the security holes are plugged. If the unattended update broke your nodeJs application, that is really strange. unless it's the tenuous behavior of node6 (?) and ubuntu 18.04 you experienced?=
<bin_bash> well the thing is that im installing it from nodesource
<bin_bash> this is the official way of doing it according to nodejs
<bin_bash> https://nodejs.org/en/download/package-manager/
<bin_bash> unfortunately something must have changed in 18.04
<bin_bash> because previously i just added the source, apt install, done
<bin_bash> this time even after adding the source it STILL installed the one from the main repo
<bin_bash> i had to do apt install nodejs=6.14.1-1nodesource1
<bin_bash> this time, it's weird
<pragmaticenigma> not too wiered... beneath the instructions for installing to Debian/Ubuntu... it mentions it only supports 16.04 and 14.04
<pragmaticenigma> so I think that might be the root of your issue
<bin_bash> ooh i didnt even see that
<bin_bash> still though i dont think 18.04 was LTS when this was published
<pragmaticenigma> probably not, and there are a lot of under the hood changes with 18.04 that they might be trying to hammer out
<bin_bash> yea
<bin_bash> bleh
<bin_bash> effed up to call it LTS when theyre still fixing things
<bin_bash> absurd
<pragmaticenigma> bin_bash: depends on your perspecitve... If you take NodeJS out of the equation, 18.04 by itself is very stable (i'm currently running it) ... since nodejs team have to react to the change (they can't exactly see into what Canonical is planning for ubuntu) it takes a while before they get their dependencies and scripts polished and ready. There were some significant changes in 18.04 starting with the netowrk
<pragmaticenigma> management, and even the daemon managment
<bin_bash> im not just talking about nodejs though
<bin_bash> in general a server shouldn't do upgrades without intervention by default
<bin_bash> think about php for example. there are many platforms that only work on php 7.0 or php 7.1 but not both. if php were security-upgraded to 7.1, that could cause a huge problem
<nacc> bin_bash: release don't upgrade major versions
<nacc> generally
<nacc> bin_bash: "LTS" has nothing to do with "bug-free"
<bin_bash> but thats exactly what happened with nodejs lol so i can't really expect it to not happen with other packjages
<nacc> bin_bash: you weren't using an ubuntu version
<nacc> bin_bash: so go complain to node, not here.
<bin_bash> what?
<bin_bash> the problem was with the core ubuntu repo.
<nacc> bin_bash: you were using some external repository, right?
<bin_bash> i was TRYING to
<bin_bash> but it kept overriding it
<nacc> bin_bash: what is 'it'?
<bin_bash> apt/synaptic
<nacc> bin_bash: i think maybe you just don't understand how packages work...
<bin_bash> i think maybe you're not understanding what i'm saying
<nacc> bin_bash: are you complaining that 18.04 has 8.10.0 while you wanted 6.14.1 ?
<bin_bash> If I were to install weechat on debian from the weechat repos
<nacc> full stop.
<nacc> weechat repos?
<nacc> debian?
<bin_bash> apt wouldnt then override that for the core repos
<bin_bash> it's called an example
<nacc> if the weechat version in debian was greater than from weechat then yes it would.
<nacc> bin_bash: i am fairly sure you just didn't check versions of packages via `apt-cache policy`, didn't bother to pin, and are complaining about that.
<bin_bash> no, i'm complaining that the system made an internal, automatic decision to upgrade a package from another repository
<nacc> bin_bash: what 'other' repository?
<nacc> bin_bash: apt-cache policy nodejs, please
<bin_bash> and for the record, i /DID/ check apt-cache policy
<nacc> (if nodejs is the package you are worried about)
<bin_bash> jesus fuck. i literally said I installed the package from nodesource. overnight, ubuntu upgraded that package from the extra repository
<nacc> because the version in ubuntu is greater
<nacc> you are choosing to run some third party repositroy
<bin_bash> except it shouldn't do that bny default
<nacc> and didn't bother to configure your apt sources appropriately to pin it
<nacc> that's your opinion.
<_KaszpiR_> bin_bash apt-pin
<bin_bash> _KaszpiR_: thats not a command. apt-cache search doesn't even return anything
<_KaszpiR_> https://jaqque.sbih.org/kplug/apt-pinning.html
<bin_bash> regardless, if i install a package from one repo, it shouldn't be overriden by a package from another repo
<bin_bash> ive literally never encountered that on any distro
<_KaszpiR_> not really
<_KaszpiR_> welcome to debian :/
<bin_bash> ive been using debian for years
<bin_bash> and this is the first time running into this
<bin_bash> Â¯\_(ã)_/Â¯
<_KaszpiR_> heh, lucky you, then
<_KaszpiR_> got that many times
<bin_bash> maybe because usually the other repo has newer versions rather than older
<bin_bash> i'm used to running outdated packages on arch because nothing is automated, everything is deliberate
<pragmaticenigma> bin_bash: The repos are just storage containers... the repos themselves don't set a hierarchy. the packages themselves do with their naming convention since they sort alphanumerically. Debian happens to come earlier in the alphabet than Ubuntu... therefor an Ubuntu package is going to get precendence since it occurs later in the alphabet
<pragmaticenigma> assuming the package name is of 6nodejs-ubuntu-18.04 versus 6nodejs-debian-9
<bin_bash> pragmaticenigma: tbh mostly my upset is regarding a package being changed in any way without my deliberate action, and having this set as a default parameter and also not well-documented is porblematic
<pragmaticenigma> I assure you it's documented somewhere... but the joy of linux is... where?
<bin_bash> i didnt say totally undocumented, i just said not well-documented. :P
<pragmaticenigma> I have the same premise
<nacc> appears to have changed in ubuntu with https://git.launchpad.net/ubuntu/+source/unattended-upgrades/commit/?id=558990e4
<nacc> not 100% on that
<nacc> it used to be -security only, though, and then the release pocket was added
<pragmaticenigma> nacc: that jives with what I found in the package from launchpad
<nacc> in this case, it wouldn't matter, though, actually
<nacc> a newer version is in ubuntu, period
<nacc> and the -security case has been that way for quite some time
<nacc> maybe unattended-upgrades became installed by default, dunno
<pragmaticenigma> nacc: I remember seeing it somewhere that server began installing it by default, but I just can't find a release note or documentation on it
<grandy> hello, probably a dumb question: how to I get cloud-init to write the netplan file ?
<grandy> i edited the clout-init file but not sure what command makes it generate the outputs
<nacc> grandy: cloud-init runs once at boot
<grandy> nacc: hmm, my ubuntu server install has a comment in the netplan that it was generated by cloud-init. I modified the cloud-init file in question and rebooted, but it did not update the netplan file.  Just trying to add another network interface
<nacc> grandy: which file did you edit?
<grandy> nacc: /etc/cloud/cloud.cfg.d/50-curtin-networking.cfg
<nacc> smoser: rharper --^ ? i don't know, tbh; does it need to be in the initrd instead?
<grandy> nacc: i added the enx... interface, eno1 was already configured: https://pastebin.com/m6vyvDeJ
<smoser> grandy: that will only be written once per instance.
<smoser> so if the instance-id has not changed, changes to that will not get updated to the system.
 * smoser has to go afk.
<grandy> smoser: ahh, ok, so it's mainly for the intial config of the machine... where would i add a new network interface?
<nacc> grandy: what do you mean 'add a new network interface'? You mean just the configuration for it, right?
<grandy> smoser: yeah just to tell it to bring it up and use dhcp
<nacc> grandy: i think you just want to put that in your netplan config file, no?
<grandy> smoser: there is a configuration in /etc/netplan that is generated by cloud init, but it warns that it might be regenerated.
<nacc> grandy: i mean, you can add another file in /etc/netplan, aiui
<grandy> nacc: ahh ok, this is the contents of /etc/netplan/50-cloud-init...
<grandy> https://www.irccloud.com/pastebin/RxCAvqeg/
<nacc> grandy: right, so leave that one alone (i think)
<nacc> grandy: and add nother (see `man netplan`)
<grandy> nacc: ahh ok, so  then where would I change the config for eno1 ? a new file also?  Just wondering in case i have to do that later.
<grandy> nacc: it must be that cloud-init is meant for ephemeral instances, in which case it seems to make sense.
<nacc> grandy: see the manpage, you can override settings with appropriately named files
<nacc> grandy: cloud-init initializes an instance based upon cloud-provided data (among other things)
<grandy> nacc: ok will do, yeah ok, this is starting to make sense now, just installed ubuntu server and it's been a few years since I have configured my own server so was not really up to speed on cloud-init ... thanks much for the help
<nacc> grandy: sure, their docs are good toohttps://cloudinit.readthedocs.io/en/latest/topics/examples.html
<grandy> nacc: yeah i was reading over them a bit when I thought it was meant for ongoing config updates and was thinking wow this looks like a great approach to config.
<grandy> nacc: it worked. thanks again
<nacc> grandy: cool, np!
#ubuntu-server 2018-09-20
<NickZ> can someone please point me to where i can get ACPI throttling working on ubuntu server before the fans on this thing drive me mad
<lordievader> Good morning
<tobias-urdin> coreycb: another upgrade issue but is probably only rdo packages, gnocchi 4.3 requires pyparsing >= 2.2.0 if you want to verify for ubuntu :)
<dpawlik> coreycb: hi, quick question: cloud archive team will provide nova-conductor package with start scripts that will configure nova superconductor and also service for cell conductor or it can not be done using package?
<coreycb> dpawlik: you can just use nova-conductor
<coreycb> tobias-urdin: i think we're good, bionic has python-pyparsing 2.2.0 as well
<dpawlik> ok, but when you create few other cells, other conductors need to "read" another config
<coreycb> dpawlik: there's shouldn't be any difference in nova-conductor's per cell afaik. each cell has it's own database.
<dpawlik> coreycb: as I see superconductor should read /etc/nova/nova.conf file and cell should e.g./etc/nova/nova_cell1.conf
<dpawlik> so init scripts should take new config
<coreycb> dpawlik: i'm guessing that is something that's done in devstack for all in one testing of cells?
<dpawlik> coreycb: devstack is configuring infra using super conductor
<dpawlik> so  by default they are using multiple cells configuration
<dpawlik> its a really good example how e.g. conductor services should work
<coreycb> dpawlik: but i think the only reason you'd need to rename nova.conf per cell is if you are installing all of your cells on the same machine which seems like something that wouldn't be that useful
<dpawlik> https://docs.openstack.org/nova/latest/user/cellsv2-layout.html#multiple-cells
<dpawlik> coreycb: so you can install on controller cell1 conductor and also cell2, its just a service using different configuration.
<dpawlik> coreycb: so you propose to not install cell0 controller and cell1 controler on the same host?
<coreycb> dpawlik: correct, i'm not sure why you'd use cells on the same machine
<coreycb> dpawlik: since the whole point of them is to be able to scale
<coreycb> multiple cells on the same machine, that is
<dpawlik> coreycb: I did not look on cells from such way
<dpawlik> coreycb: now I need to replan deployment of my dev zone ;(
<rbasak> nacc: opinion on https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/355449 please? AFAICT, this is a reasonable thing to do. Though I'm not sure why git ubuntu tag requires the tree to be clean in the first place, but we can address that separately later.
<rbasak> (in case there's some deep complex reason for it that needs a more complex cleanup)
<nacc> rbasak: looking
<nacc> rbasak: pygit2 won't let you create a tag if the tree is dirty, iirc.
<nacc> rbasak: we're not using pygit2's tag api, but i think at some point we were?
<rbasak> I see, thanks
<nacc> rbasak: that's my short recollection, at least
<nacc> rbasak: i also recall pygit2's repo.status() returning non-zero even when `git status` doesn't (even with --ignored and other flags)
<nacc> i never debugged that further at the time, as this was a reasonable workaround
<havenstance> just love when you do-dist-upgrade and it changes your custom settings lol
<havenstance> I had to remember how to configure lubuntu to auto login....
<havenstance> wrong chan sry ya'll
<nacc> havenstance: if that was something controlled by a system config file, it would have prompted you about it, unless you have it configured not to
<havenstance> nacc, nah files were moved, just a simple lightdm --show-config told me where the new one was
<havenstance> all is well
<nacc> havenstance: ah ok
#ubuntu-server 2018-09-21
<mason> jelly: The magic is evidently in setupcon(1).
<mason> (ctrl:nocaps)
<lordievader> Good morning
<Furai> How to disable ubuntu server MOTD? I don't want to know how to set up custom Kiosk.
<rbasak> Furai: edit /etc/default/motd-news
<Furai> rbasak, thank you, I will.
<Furai> Yay, it worked. :) Thanks again.
<rbasak> cpaelzer: https://wiki.ubuntu.com/Bugs/Tags
<NightMonkey> Hi, all. Is there a process by which I can test an LTS Linux kernel package before it is released to an LTS version? Is there some "testing" repo or such that I can use, or are they released directly to stable?
<NightMonkey> Or "testing" PPA?
<nacc> !crosspost | NightMonkey
<ubottu> NightMonkey: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<NightMonkey> Ah, sorry about that.
<TheGoodUser> hi all
<TheGoodUser> I setup the mainboard with fake raid and I want to install ubuntu server on two hd with fake raid1
<TheGoodUser> do I have to install ubuntu as I do with a only one hard disk?
<nacc> TheGoodUser: you mean mobo raid?
<nacc> TheGoodUser: i would recommend not using mobo raid and using swraid instead
<TheGoodUser> yes
<TheGoodUser> it's intel v370
<TheGoodUser> it's just for raid1
<genii> If your hardware raid is true and only shows 1 drive to operating systems you just install as if it was one driveetter way is probably to not use hardware raid and just use the ubuntu-server install process to make one
<genii> sorry, my touchpad is flaky
<nacc> TheGoodUser: i would recommend using the server raid from the installer then, as genii suggests
<nacc> TheGoodUser: fakeraid really isn't worth your time, performance wise (IMO)
<TheGoodUser> sorry what does it mean performance wise?
<TheGoodUser> is that slower than software raid1?
<nacc> TheGoodUser: it can be, i believe
<genii> The overhead is so small there's not usually any difference if it's in hardware or in software
<TheGoodUser> on the mobo bios thre's a setting about sata
<TheGoodUser> it says ahci or "Intel Rst powered by optane"
<TheGoodUser> which one should I use?
<nacc> TheGoodUser: you should do some research into the options (specifcally what optane is for)
<TheGoodUser> I have just two choices Raid (fakeraid) or ahci
<TheGoodUser> fakeraid= intel RST
<compdoc> TheGoodUser,  ahci
<compdoc> do you use an ssd?
<compdoc> an intel  optane
<TheGoodUser> no there are tho sata eide
<TheGoodUser> compdoc,
#ubuntu-server 2018-09-22
<jforman> hi all. i'm using ubuntu minimal cloud images on libvirt to run kubernetes. i'd like to use kube-router for routing information but it requires ipset in the kernel (at least as a module). by default it's not provided. is there a guide for having a custom kernel in the ubuntu minimal cloud images, or another way to satisfy this requirement? thanks
<rfm> jforman,  https://kernel-team.pages.debian.net/kernel-handbook/ch-common-tasks.html#s-common-official has instructions for building a custom kernel and turning it into a .deb to install in ubuntu.
<rfm> jforman, there's also module-assistant which I used once long ago to build and package just a module;  I don't know if these instructions still work: https://wiki.debian.org/ModuleAssistant
<trippeh_> err what: systemd-networkd[7596]: Could not load configuration files: File exists
<trippeh_> oh. duplicate vlan name.
<trippeh_> error reporting could be improved :P
<mason> trippeh_: Come on now. They're focussing on making the network work first. Defining networking from the ground up is serious business.
#ubuntu-server 2018-09-23
<jforman> rfm: thanks
<Xase> Can someone elucidate this error for me? Sep 22 22:18:02 miyagi systemd-resolved[801]: Server returned error NXDOMAIN, mitigating potential DNS violation DVE-2018-0001, retrying transaction with reduced feature level UDP.
<Xase> Is it referring to my server?
<Xase> Or one listed in the resolv?
<Xase> Like my configured DNS servers.
<Xase> Google searching is about as vague as the error itself, and yes I realize it is ACTUALLY pretty specific, but it still leaves much to be desired.
<Xase> "DNS Violation DVE-2018-000"
<jelly> https://github.com/dns-violations/dns-violations/blob/master/2018/DVE-2018-0001.md
<wk-work> hey there having some errors trying to upgrade from 14.04.5 to 16.04 : https://pastebin.com/raw/69iBLhn5
<wk-work> not sure what to do, that path doesnt seem to exist on the repo
<blackroot> I'm trying to set up lxd on a fresh 18.04 LTS install. Setting it up as a workstation, no cluster stuff. The official ubuntu post about this setup refers to snap install of lxd. following that guide i need to install conjure-up through snap aswell. That results in juju error, so conjure-up won't run. I then install juju through snap aswell, and get conjure-up running. however i get this error during
<blackroot> bootstrap on localhost, log says something about unable to ssh a certain ip address (while others get similar error, but about not resolving address to download image)
<blackroot> The ip address in the log it tries to ssh to, is an ip address that's not assigned to anything on my network, which makes me wonder, have anyone else had this problem?
<blackroot> The server is a dell 1u rack with 16gb ram, 2x xeon cpu, 2x nic
