#ubuntu-server 2005-12-19
<maswan> fabbione: btw, http://www.clusterfs.com/pr/2005-11-16.html <- perhaps an update to UbuntuClusters would be in order? (lustre GPL public releases not lagging anymore)
<fabbione> maswan: isn't the same we discussed not too long ago?
<maswan> fabbione: oh, might be. I just browsed through the wiki just now
<fabbione> indeed it is
<fabbione> 2.6.10 afaict from 1.4.6beta
<maswan> Also: https://wiki.ubuntu.com/ServerCandy  links to https://wiki.ubuntu.com/UbuntuCluster without the trailing s in UbuntuClusters
<fabbione> ok
<fabbione> typo fixed..
<maswan> Thanks
<fabbione> maswan: if you can get a kernel patch for .15 we can try it
<fabbione> as it is their patch system really sucks
* maswan nods
<fabbione> anyway i need to go afk for a while
<maswan> Well, in a while, not very soon though.
<maswan> Ok
<fabbione> bbl
<maswan> We're currently in the middle of upgrading woody->breezy :)
<spike> hi there
<spike> I just noticed that the advertised installation mode, server-expert isnt actually available
<spike> am I missing somthing?
<jammcq> hello server team
<beezly> I've just been reading the wiki/ServerCandy page - great stuff in there - particularly /etc under RCS and Xen
<beezly> does anyone know anything about things happening with 3rd party app vendors? I'm particularly interested in Oracle support under Ubuntu
<leonel> can Squirrelmail  be included on  main ?
<gustavor> what kind of changes should I do to in sources.list to get server edition?
<gustavor> i'm using breezy
<Nafallo> gustavor: none. it's the same archive with the same applications.
#ubuntu-server 2005-12-20
<troy> gustavor: literally, the only difference is which apps are on the install disk -- once it's installed, it's a normal ubuntu system
<uid> hello
<uid> anyone here?
<troy> I'm here
* troy wonders if uid is still here :P
<Kuyaedz> can someone point me to some docs/wiki on using a ubuntu-server as the central machine for a windows home LAN?
* troy thinks Kuyaedz could have used an instant server
<Nafallo> troy: agreed
<Nafallo> but then, that depends what the central server should have done :-P
<troy> probably file and print, I'm assuming
<Nafallo> could aswell have been routing involved aswell :-)
<Nafallo> hmm
<Nafallo> scratch one "aswell" ;-)
<troy> :)
<troy> I hate doing routing on multi-nic machines - maybe it's better in modern kernels, but it used to stink
* troy just uses dedicated hardware now
<Nafallo> I do that. 2 nics :-).
<shtylman> can anyone here give any advice on how to set up a homeserver...I have ubuntu on the server already and am looking to buy two more harddrives and put them in raid 1
<shtylman> then question is what should I do with the hd that I have in the server right now?
<shtylman> can I just run the server from that hd and create symbolic links to the raid storage drives
<shtylman> would that be a viable alternative
<nictuku> hi. Official support of DB2 was a great step. any other big RDBMS support coming? =] 
<fabbione> hi everybody
<ajmitch> hi fabbione
<fabbione> hmm lot LP requests..
<fabbione> will process them this evening or tomorrow
<fabbione> i am out for a talk all day
<polvi> hey, i heard rumors that ubuntu was working on a rhn equivent product... anyone heard of this?
<fabbione> polvi: i think you heard wrong
<polvi> equivalent*
<polvi> fabbione: ah ok
<polvi> thats too bad - there really is no good host management app
<fabbione> polvi: hold on.. by RHN i understood the pay service they offer for security
<fabbione> and upgrades
<fabbione> if you mean just the "applet" to do upgrades
<fabbione> there is already
<polvi> yeah, upgrades and security... but they also do stuff like deploying configs
<polvi> and a place to add information about the hosts
<fabbione> we have all of that already
<fabbione> info on the host is hwdb.ubuntu.com
<fabbione> updates and security is there
<fabbione> if you need to clone machines there is the equivalent of their kickstart for Ubuntu
<polvi> hmm, like, a place where I can look at my entire infrastructure from the web, see which ones are not updated -- what updates are needed -- deploy updates if need be
<fabbione> not at that level.. no
<fabbione> it's a good suggestion but not just -server related
<fabbione> that's more global ubuntu
<polvi> hmm
<fabbione> you should consider posting the idea to ubuntu-devel mailing list
<polvi> i would imagine this as an app someone would install within their infrastructure
<fabbione> write down these ideas on the wiki
<polvi> which?
<fabbione> and add them as specs in launchpad
<fabbione> wiki.ubuntu.com
<fabbione> create a brand new spec
<fabbione> post the link to ubuntu-devel
<polvi> ok
<fabbione> and seek for consensum
<fabbione> that's the best way to get involved and push your ideas
<polvi> consensum, should I use that word :P
<polvi> ?
<fabbione> it might work, it might not
<fabbione> sure, if you want
<polvi> heh
<polvi> thanks for the pointer
<polvi> fabbione: do you work for ubuntu?
<fabbione> no problem
<fabbione> yes
<polvi> how many -server folks are there?
<fabbione> me and another guy
<polvi> sweet
<fabbione> plus other random people that do other bits
<fabbione> like the kernel and so on
<polvi> do you physically work together? or is it all remote?
<fabbione> all remote
<polvi> cool
<polvi> i think this -server stuff is great
<polvi> i really hope it is all successful
<polvi> by register a new spec, does that mean create a new project?
<fabbione> no
<fabbione> it means creating a new spec :)
<polvi> ah, finally found the line!
<polvi> had to go ubuntu -> spec
<polvi> any particular place in the wiki?
<fabbione> polvi: not really.. just give it a sensible name :)
<polvi> wiki.u.c/Blah ?
<fabbione> yeah
<ajmitch> and you can probably use SpecTemplate when creating the page
<polvi> you guys are good
<polvi> like a tag team
<polvi> :D
<polvi> ok, i will do this once i get back to the hotel
<polvi> thanks for holding my hand finding the pages
<polvi> :P
<fabbione> no problem :)
<fabbione> you are welcome
<polvi> fabbione: still there?
<fabbione> yes
<polvi> i would like a little feedback before i ship this off to ubuntu-devel: https://launchpad.net/distros/ubuntu/+spec/serverland
<polvi> (if you have time)
<fabbione> i don't now.. i will look at them tomorrow
<polvi> ok
<fabbione> i am flying out to another city in 20 minutes or so
<polvi> no problem
<fabbione> you can still ask feedback on -devel
<fabbione> don't be afraid of that
<polvi> ah ok
* polvi tough'ns up
<fabbione> remember that you might not be the only one with these requests
<fabbione> and asking more people for review will improve the use cases and details on the implementation
<fabbione> you might have missed a detail or a corner case and so on
<polvi> yeah
<polvi> i hope so
<fabbione> when we write specs, it's always a bunch of people that discuss and write
<fabbione> never one alone..
<fabbione> also-- you might want to start CC ubuntu-server mailing list
<fabbione> since we have one :)
<polvi> start CC?
<polvi> CC it when I send the email to -devel?
<fabbione> CC = CarbonCopy :)
<fabbione> yeps
<fabbione> it will drag attention to the new mailing list
<polvi> yeah, i know CC, just thought you meant subscribe to it or something
<fabbione> and we will move there afterall since the spec is -server related
<fabbione> well you need to be subscribed to post
<fabbione> or wait for me to approve the message
<polvi> fine fine
<polvi> i will subscribe
<polvi> :D
<fabbione> both ways work for me :)
<fabbione> it will just take longer
<polvi> ok, subscribed to both
<polvi> lets see how this goes...
<fabbione> ok.. i am taking off
<fabbione> later
<polvi> bye, have a safe flight
<fabbione> thanks, but i will have to rely on $cheapcompany pilots :)
<polvi> heh
<fabbione> my flight licence is expired :/
<polvi> bust
<polvi> sounds like you need to get away from the computer more :)
<fabbione> i have a wife out of this room.. it doesn't help .. really
<fabbione> ;)
* fabbione &
<Pygi> hi hi
<Pygi> hehe, vijest je stavljena
<Pygi> ah, we got a new member?
<ajmitch> hm?
<ajmitch> ah, I was added
<Pygi> new member in ubuntu server, team :)
<Pygi> welcome to the team :)
<ajmitch> probably because they know me :)
<Pygi> hehe
<Pygi> there are a lot people on the waiting list :P
<ajmitch> yes, but I went to some of the server BOFs at UBZ
<Pygi> hehe, I didn't say nothing because you were accepted into team ;) I am glad you are ;)
<Pygi> just saying a lot of people wanna join us ;)
<ajmitch> which is good
<Pygi> yup
<Pygi> now all we need to do is make the ubuntu server the best server platform ever ;)
<Zambba>  I've installed the minimal install of Ubuntu. Now I've heard about the Ubuntu Server which has "server-orientated kernel".
<Zambba> How can I install that kernel-image to my home server and what benefit do I get if i do so?
<spike> Zambba: I dont see any benefit atm
<spike> Zambba: the real benefits will come once dapper (the next ubuntu version) is out
<spike> Zambba: see the specs on the link in topic
<gentoome> I'm tryin to inst buntu on an old laptop but I only got 32mb ram
<Nafallo> good luck, since it needs at least 64MB for the server :-P.
<Nafallo> 128MB for the desktop.
<gentoome> oh
<Nafallo> atleast my official cd-covers says so :-)
<gentoome> theres no boot parameter i can use?
<Nafallo> server, needs 64MB
<gentoome> damn
<gentoome> i need a small OS that uses gnome
<gentoome> any suggestions?
<Nafallo> well, since server needs 64, and the diffrence between server and desktop is gnome, I'm lead to belive there is a reason you need atleast 128MB named gnome :-P.
<Nafallo> you might want to try xubuntu with XFCE4. and the correct channel for those questions are probably #ubuntu :-).
<gentoome> ok thanks
<Nafallo> np
<Pygi> please tell me what kernel is ;)
<Pygi> or what is Linux?
<Pygi> thank you ;)
<Pygi> hehe ;)
<Nafallo> ?
<Pygi> hehe, why the question mark?
<Nafallo> cause I don't understand what you mean ;-)
<Pygi> ah, I asked you to explain me what is "Kernel" and what is "Linux" ;)
<gentoome> ouch
<Nafallo> maybe you should try #ubuntu with that question?
<Nafallo> :-)
<gentoome> lol ouch again
<gentoome> google might help more
<Pygi> hehe, I was just joking ;)
<gentoome> oh ok
<gentoome> scary
<Pygi> hehe ;)
<Nafallo> I know :-)
<Pygi> Nafallo: I know you know :P
<Nafallo> ah, I think we got a loop on our hands :-P
<Pygi> heh
<Pygi> what kind of loop? ;)
<Nafallo> ehm, a knew-loop? :-)
<Pygi> heh
<Pygi> will do :)
<Pygi> welcome henrique
<Zambba> spike: OK thanks
<spike> btw, what about the current devel version?
<spike> devel link in topic doest work
<spike> http://cdimages.ubuntu.com/releases/ correctly serves dapper alpha2, tho
<ajmitch> morning
<ajmitch> spike: try cdimage rather than cdimages
* ..[topic/#ubuntu-server:ajmitch] : ubuntu-server discussions and support | for general support see #ubuntu | Ubuntu Server (stable) at http://releases.ubuntu.com/ubuntu-server/5.10/ | Ubuntu Server (Devel) at http://cdimage.ubuntu.com/ubuntu-server/daily/current/ | Ubuntu Server dapper specs: https://launchpad.net/people/ubuntu-server/+specs | Ubuntu Server forums at http://ubuntuforums.org/forumdisplay.php?f=45 | ubuntu-server@lists.u.c is up and running
<spike> ahahah
<spike> too lame :)
<spike> tnx
<spike> I didnt really notice it, and I also got dapper flight-2 ...
<spike> bah
<Pygi> hello ajmitch
<fabbione> hi guys
<fabbione> ajmitch: topic diff?
<Pygi> hi fabbione
<fabbione> shawarma: i managed to get the beer on board.. thanks :)
<ajmitch> fabbione: cdimages->cdimage
<fabbione> oh right
<fabbione> thanks
<Pygi> hehe etcp ;)
<shtylman> would it be safe to use dapper drake flight 2 as a server os
<shtylman> for the house?
<shtylman> temporarily
<shtylman> or should I stick with 5.10
<Pygi> for house?
<Pygi> yup
<Pygi> but not for any system-critical jobs
<shtylman> yea..I just want to set up a raided server at my house
<shtylman> for like some backups
<shtylman> and test base for websites
<Pygi> heh, important backups?
<fabbione> hmm no
<fabbione> i wouldn't do that
<fabbione> dapper is truely unstable
<shtylman> i c
<shtylman> well thats solves it
<shtylman> ill stick to 5.10
<Pygi> he,look, fabbione awakened ;)
<fabbione> i am not awake :)
<Pygi> really? O, sorry then, I am halucinating ;
<Pygi> ;)
<fabbione> Pygi: it's 9pm here :)
<Pygi> fabbione: same here :)
<shawarma> fabbione: Excellent!
#ubuntu-server 2005-12-21
<aeon17x> Shouldn't Ubuntu Server be called "Servbuntu"? :)
<Pygi> hehe, why is that? ;)
<aeon17x> Well, for rhyming. When we had KDE, it was called Kubuntu. Edubuntu came next with education apps. Soon we will have Xubuntu, based on XFCE. So it would seem appropriate that the server edition would be called Servbuntu.
<aeon17x> (Not Serbuntu)
<Pygi> heh ;)
<Pygi> not everything has to rhyme ;)
<Pygi> welcome valandil
<Valandil> hi Pygi :-)
<Pygi> hi hi
<Valandil> Good news: Boss gave OK, we're testting right now new universe-Mirror for germany / europe
<Valandil> :-))
<Pygi> hehe, good ;)
<Valandil> and we're on testing new nfs- and samba-server fr our university on ubuntu
<Valandil> but regular, not instant ;-)
<Pygi> hehe
<Pygi> instant as it seems, won't even exist
<Valandil> You mean, the project dies? or it's not released yet?
<Valandil> sorry, my english :-(
<Pygi> well, as you already know I am not workin' on it (I quited the project), and I didn't saw matt isn't workin' on it
<Valandil> OK, I see
<Valandil> in middle of february my exsams are ready, then I'll have Time, to take some partly workt...
<Valandil> -t
<Pygi> ;)
<Pygi> wb nafallo
<Nafallo> thanks
<fabbione> hey guys
<fabbione> got the first offline md5 checker full run today :)
<Nafallo> fabbione: yay!
<spike> hi there
<Nafallo> morning spike
<maswan> polvi: I didn't know you were an ubuntian
<fabbione> yay.. less false positives on symlinks :)
<fabbione> this code is so ridicolously simple that i wonder how i managed to write it
<MasterTsunami> :)
<beezly> :) to you too
<MasterTsunami> and a merry :) to you all
<beezly> i'm :) because i finally got 100% usage on our HPC cluster
<MasterTsunami> congrats
<beezly> why thankya
<beezly> little things... :)
<MasterTsunami> did i mention ubuntu owns?
<erchache> hi
<erchache> what is difference between normal iso with server option and ubuntu-server iso?
<erchache> nobody here? :-S
<troy> moin moin
<Valandil> moin troy :-)
<spike> moin guys
#ubuntu-server 2005-12-22
<Pygi> welcome mastertsunami
<MasterTsunami> hi
<Pygi> hi hi
<Unfun> I just want to say that i've deployed 40 ubuntu servers today
<Unfun> And thanks for kicking ass
<troy> Unfun: cool :)
<Pygi> hehe, ubuntulog is back ;)
<Pygi> !server
<Pygi> heh, this one just logs :P
* #ubuntu-server  [freenode-info]  If you're at a conference, please contact freenode staff to make sure we've made special allowance for many users coming into our network from a single internet address ( http://freenode.net/faq.shtml#gettinghelp ). Private messages from unregistered users are currently blocked, except to network staff, services and participating registered users ( http://freenode.net/faq.shtml#privmsg )... Thanks!
<Pygi> wb nafallo
<Nafallo> thanks
<Pygi> welcome troy
#ubuntu-server 2005-12-23
<Valandil> hi Pygi :-)
<Pygi> hi hi valandil
<Pygi> what's up?
<Unfun> I rolled out 40 ubuntu servers on friday.
<Unfun> Running in production.
<Pygi> hehe, good ;)
<Unfun> Replacing debian sarge
<Pygi> heh, good
<maswan> Unfun: We did 100 last week. :)
<Pygi> maswan: good ;)
<Pygi> great job in promoting ubuntu server ;)
<Pygi> just wait 'till dapper ;)
<Pygi> ubuntu server will rock the world ;)
<Pygi> hehe
<maswan> Well, I'm already running dapper on a workstation
<maswan> It's pretty buggy though
<Pygi> heh, I know :/
<Pygi> I will get better
<Pygi> and the server edition won't be like the one in current version
<Pygi> it will have much modifications
<Pygi> but I can't tell you all, it wouldn't be a suprise then, wouldn't it? ;D
<Valandil> Hi all :)
<Valandil> sorry, had to carry around baby ;)
<Pygi> hehe,np
<Valandil> sometimes I hate user-interfaces
<Valandil> this crappy 'nice looking of program-output' :-(
<Pygi> heh
<Valandil> Pygi: You know a clean clearsreen in c?
<Valandil> +c
<Valandil> I used  printf("\033[2J")
<Valandil> but it just 'scrolls up' the console
<Pygi> heh
<Valandil> I never needed something like this before :(
<Valandil> bah - be it as it may, I leave this liek that
<Pygi> heh
* troy yawns
<troy> the ubuntu brown doesn't look half bad in KDE :P
* troy pokes around pointlessly at some UI stuff - bored of server programming for the night
<Unfun> anyone know what cards raidutil supports for actual controller maintenance?
<Pygi> hi hi
<dim> hiall
<Unfun> hi
<dim> is there any info anywhere about how the specific server distro is different than normal breezy installed with the server option?
<Unfun> i don't think it is different
<Unfun> but i could be wrong
<dim> hmm
<spike> dim: 5.10 won't be any different, differences will come with dapper (devel only atm)
<Unfun> whats the eta on dapper?
<Unfun> dapper-server that is
<spike> depends on what u expect to see in it I guess. ie, I doubt grsec will be included, or things like that
<spike> and to me, that won't be really finished untill all that stuff gets in
<spike> but afaik april 2006 is the scheduled date for a stable release, not sure what will be in
<Pygi> hehe, there will be a *lot* of differences in dapper server
<dim> so ubuntu is basically forking its server and desktop distros right now?
<Pygi> not actually, it will still be a same project, just with *differences*
<Pygi> matt, welcome ;)
<Pygi> welcome zenrox
<neuralis> Pygi: a lot of differences? like what? different kernel configuration, different set of default packages on the cd, and a metapackage.
<neuralis> unless there's something else that i don't know about, that's certainly not a lot of differences.
<Pygi> neuralis: see the "*" ?? And I ceartinly ain't gonna argue with you *once* again
<neuralis> Pygi: yes, the asterisks make it seem like it's an even bigger 'lot' of differences.
<neuralis> Pygi: every time i ask about a claim you make, you see it as arguing, but don't answer my question. that's not productive communication.
<neuralis> for all practical purposes, other than the different kernel configuration, ubuntu server is much like kubuntu or xubuntu: just a different set of installed packages.
<Pygi> ...
<neuralis> precisely.
<Pygi> k
<Pygi> welcome fabian
#ubuntu-server 2005-12-24
<Crackez> so, does anyone else have a Compaq Proliant PL1500?
<Crackez> i'm having no end of problems with it and ubuntu
<Crackez> it's a dual P3 Xeon,
<Crackez> 1GB RAM, Compaq Smart Array RAID controller
<Crackez> the network interface won't come up on boot
<Crackez> it's a TI ThunderLan integrated on the motherboard
<Crackez> the tlan driver loads, but the interface isn't brought up
<Crackez> btw, I just installed 5.10, so it's pretty fresh
<Crackez> would anyone have any ideas about the network interface not coming up?
<Unfun> does it show in ifconfig
<Crackez> ifconfig -a
<Unfun> yea
<Unfun> does it show up as an interface
<Crackez> yeah
<Crackez> it shows up
<nictuku> what mii-tool says about it
<Crackez> it is not up however
<Unfun> and if you do ifconfig eth0 some.ip.addy up
<Unfun> does it indeed come up?
<Crackez> i just did this: ifconfig eth0 up && dhclient eth0
<Crackez> it works after that
<Crackez> it just doesn't come up at boot
<nictuku> :P
<Unfun> what does /etc/network/interfaces contain
<Crackez> hold on, let me install sshd so i can copy/paste the info
<Crackez> crap
<Crackez> dpkg seems confused
<Crackez> i wonder, when I did the install, i used LVM, and it complained that I would have to reboot in order for the devmapper to notice the changes
<Crackez> so I did, but it didn't quite reboot, it hung
<Crackez> and i'm not sure if I reformatted after the reboot
<Unfun> maybe you're still in rc2
<Unfun> not fully booted
<Crackez> it finished the install
<Crackez> and this is ubuntu-server, so it shouldn't drop me into gdm right?
<Crackez> maybe i should just reinstall
<Unfun> right
<Unfun> no gdm
<Unfun> unless you install it
<Crackez> yeah, you know, the more i think about it, i don't think i reformatted / after the reboot
<Crackez> after it complained...
<Unfun> arent smart array raid controllers hardware raid
<Unfun> why are you doing LVM
<Crackez> snapshotting
<Crackez> unless it's now safe to backup a live fs...
<Unfun> you're snapping to another disk?
<Crackez> no, same disk
<Crackez> i left 500MB of free space
<Unfun> why not let the raid controller just do raid-1
<Crackez> cause i have 6 disks
<Unfun> ahh
<Crackez> and they are only 9gb/disk
<Crackez> i have a DAC960 in my other box running kubuntu, it's only got 3 18gb scsi disks, raid0
<Crackez> man is it fast
<Crackez> regarding the SmartArray, it says it's still initializing the array
<Unfun> raid-1?
<Unfun> or 5
<Crackez> raid4
<Unfun> it wont be instant
<Crackez> yeah, i know
<Crackez> i wouldn't think it would interfere with the installer
<Unfun> no it shouldnt
<Unfun> just wont be speedy
<Crackez> i mean, i've installed CentOS on this machine before while it was still initializing, and it just took a while...
<Crackez> i just started a reinstall
<Crackez> and the installer activated the network right the first time
<Unfun> awh yea
<Unfun> this is where you do a little dance
<Unfun> and chant "ubuntu"
<Crackez> i cant chant
<Unfun> stomp your feet then
* Crackez stomps
<Unfun> there we go
<Crackez> formatting /boot
<Crackez> that was fast
<Crackez> formatting /, it zipped right up to 79%, and slowed down
<Unfun> still doing /?
<Crackez> i wonder if thats a good indication of how far along the parity initialization is
<Crackez> well, it formated /boot, then I had to do the lvm config
<Crackez> now / just finished
<Crackez> now it's installing the base system
<Crackez> so, this ought to take a little while
<Crackez> i wish ubuntu could autodetect smp-ness
<Crackez> and isntall the most appropriate kernel
<nictuku> that's a must for servers.
<Crackez> also, i've had an issue wit 2 raid controllers
<Crackez> i have to add the module to the initrd manually before the first boot
<Crackez> it's a bummer when it doesn't find the root fs
<Crackez> i guess thats not just a server related thing though,
<Crackez> i noticed it first with kubuntu
<Valandil> f*ankuschel*
<Valandil> hupps
<Valandil> wrong frame :-((
<Unfun> Crackez, yea i had that problem with my install
<Unfun> Installed a non SMP kernel on a dual opteron i had.
<Crackez> well, i can't even get the machine to boot at all now
<Unfun> awesome
<Crackez> it hangs somewhere in the boot
<Crackez> either that or I get to the login screen and my keyboard doesn't respond
<Crackez> i wonder if it could be the crappy onboard video, when it crashes, i usualy get a few odd chars scattered around the screen
<Pygi> welcome
<FlannelKing> What's the suggested method of dealing with ftp users and web servers, have them upload as www-data? or what? (I'm having problems getting mod_perl to work)
<FlannelKing> thanks Pygi
<infinity> FlannelKing : www-data shouldn't own any files (except temporary junk create on the fly by CGI scripts) unless you want a world of pain.
<Unfun> i want a world of pain
<Pygi> Unfun: that's not a polite answer, you know...
<fabbione> morning
<Pygi> mornin'
<FlannelKing> alright, that's why Im asking.  so, what would I set up?
<FlannelKing> Heck, which ftp server would be easiest for this?
<Pygi> Apache? ;)
<FlannelKing> ftp server, apache, eh?
<Pygi> heh, sorry, wrong one ;)
<FlannelKing> hehe
<Pygi> lol xD
<Pygi> I am still sleepy, 6:17 AM ;)
<FlannelKing> no problem
<Pygi> been awake all night ;)
<Pygi> VSFTPD
<Pygi> mislim da je ovo server, iako nisam trenutno u nista siguran ;)
<FlannelKing> yeah, Ive got that.
<FlannelKing> hmm
<FlannelKing> I imagine that's another language.
<Pygi> lol, sorry :/
<Pygi> I think it's a server software, altought currently I am not sure in anythin'
<FlannelKing> gotcha.  but yeah, vsFTPD is what I have currently.  Just wondering about some of the config stuff and making it work with mod_perl,
<FlannelKing> dont know if its my ftp or my perl config that's the problem
<Pygi> mod_perl? it's used for apache if I am not mistaken
<Pygi> and perl cgi scripts will work even without mod_perl
<FlannelKing> no, I know that.  I'm trying to get it to work with apache
<FlannelKing> added the AddHandler to my perl.conf, but now I get a 403:Forbidden when trying to access it
<FlannelKing> I chmod'd it +x, before that.... hmm, let me undo it
<FlannelKing> nope, still 403
<Pygi> heh :/
<Pygi> what apache and what mod_perl are you using?
<Pygi> version?
<FlannelKing> umm, 2.0, and... whatever's in ubuntus repos
<FlannelKing> or, 2.x (whatver is apache2 in ubuntu)
<Pygi>   Apache 2.0 doesn't work with mod_perl 1.0.
<Pygi>   Apache 1.0 doesn't work with mod_perl 2.0.
<FlannelKing> no, Ive got them right
<FlannelKing> libapache2-modperl2
<Pygi> installed with apt-get?
<FlannelKing> and apache2
<FlannelKing> aye
<FlannelKing> it came with apache2, I think.
<FlannelKing> since, I don't remember flagging it by hand
<Pygi> try reading this I guess if you feel upto it
<Pygi> http://perl.apache.org/docs/1.0/guide/install.html
<Valandil> OK, n8 guys :)
<Valandil> &quit
<FlannelKing> anyone alive currently?
<fabbione> yup
<FlannelKing> woohoo
<FlannelKing> Im having a mod_perl/apache problem
<fabbione> but i am not sure i can provide any sensible answer before i finish my coffee
<FlannelKing> heh
<FlannelKing> sensible isn't required ;)
<fabbione> is that apache2+mod_perl2?
<FlannelKing> yeah
<fabbione> hm ok
<FlannelKing> 2.0.54 (apache) and 2.0.1 m_p
<fabbione> mind to explain the problem or do you want me to dig in the scroll back?
<FlannelKing> and, I added the conf and the load file to modules to mods-enabled
<FlannelKing> well, they were already added, upon apt-getting mod_perl
<FlannelKing> but, it wasnt working (just displaying the file as text)
<fabbione> yes i know.. just tell me about the problem :)
<FlannelKing> so, I added the AddHandler to the .conf file
<FlannelKing> but, now I get a 503 error when I go to it
<FlannelKing> I dont know if its a perl/apache problem, or a ftp/permissions/ownership whatever problem
<FlannelKing> since, Im not too certain Im doing that correctly either
<fabbione> hmmmm
<fabbione> why don't you try one thing at a time?
<fabbione> like creating a hello world perl thingy
<fabbione> with 777
<FlannelKing> well, it's uploaded fine, Im just not sure what the owner should be
<fabbione> and www-data:www-data
<fabbione> just to test
<FlannelKing> see, I asked if it should be www-data:www-data earlier
<fabbione> and start from there to see when/where it fails
<fabbione> no it must not be www-data
<FlannelKing> (if my ftp should upload everything as www-data) and someone said that was a bad thing to do
<fabbione> but to start debugging with hello world is ok
<fabbione> that someone is one of the apache2 maintainer and he is right
<fabbione> start as i say :)
<fabbione> and slowly restric permissions
<fabbione> so you will see where/when it starts to fail
<fabbione> again
<fabbione> don't use the full code
<fabbione> just "hello world"
<fabbione> that's safe enough for debugging
<FlannelKing> yeah, still a 503
<FlannelKing> erm
<FlannelKing> 403
<FlannelKing> heh
<fabbione> did you setup the vhost properly?
<FlannelKing> I dont know?
<FlannelKing> its jsut plain /var/www
<FlannelKing> And I can access other files there
<fabbione> it doesn't matter.. cgi and stuff need to go in specific places..
<fabbione> i really suggest you to read the documentation
<FlannelKing> I did, and did what it said.
<fabbione> this is basic apache setup
<FlannelKing> http://httpd.apache.org/docs/2.0/howto/cgi.html
<FlannelKing> that right there.  did the addhandler thing, so I could do it in any directory.
<fabbione> check /var/log/apache2/errors.log
<fabbione> it will tell you what you are doing wrong
<FlannelKing> it says Options ExecCGI is off, but I've explicitly set it on... at least, I think I have.
<fabbione> turn it on
<FlannelKing> as far as I know, It is.
<FlannelKing> <Directory /var/www>
<FlannelKing> Options +ExecCGI
<FlannelKing> then close directory
<FlannelKing> right?
<fabbione> Options ExecCGI
<fabbione> why +?
<FlannelKing> no +?
<FlannelKing> because thats what the apache doc said
<fabbione> there are examples config files in /etc/apache2/
<fabbione> look at them
<FlannelKing> ExecCGI isn't in that file at all, and I know what apache conf files look like
<infinity> If you're using AddHandler, you're not using mod_perl.  The two are very different.
<FlannelKing> then how would I use mod_perl?
<FlannelKing> alright guys, I'm trying to get mod_perl2 on Apache2 working... and, I think I have it (I think), except that my perl file prompts for download, instead of running.  What am I doing wrong?
<Pygi> welcome matt
<mgalvin> hey mario
<Pygi> hey matt ;)
<Pygi> welcome Unfun
<Unfun> Hi Pygi
<Pygi> Hi hi
<Unfun> Anyone roll out ubuntu-server in production?
<Pygi> yes, why not?
<Unfun> Me too.
<Unfun> I used to have to compile custom kernels to get my raid controllers to work in debian but Ubuntu worked right out of the install iso
<Pygi> welcome lamont
<Valandil> hi all :)
<Unfun> helloo
<Valandil> I don't like modular kernels
<Pygi> hehe, why not? ;)
<Valandil> i always compile new kernel for my servers. Also for ubuntu
<maswan> Unfun: well, ubuntu-server as project or ubuntu on servers? we have one 100-node cluster on ubuntu already.
<Unfun> ubuntu-server
<Unfun> which i guess is the same as ubuntu at the moment 5.10
<Valandil> Pygi: security-reasons :)
<Valandil> and performance
<Pygi> valandil: true
<Valandil> Pygi: I do not need stuff like evms od hal on a server with static hardware
<Pygi> yup, I know
<Valandil> ;)
<Unfun> stock ubuntu kernel installed as server seems pretty light compared to other distros
<Valandil> yes, I remember, we talked on this topic before ;)
<Pygi> Unfun: from daper on, the server will have kernel configured differently then desktop...
<Unfun> Good
<Valandil> Pygi: raidstuff?
<Unfun> speaking of raidstuff, does anything know what cards raidutils package is compatible with for doing actual raid management.
<Valandil> Unfun: at least adaptec ;)
<Unfun> root@cvs:~# raidutil -L physical
<Unfun> Engine connect failed: COMPATIBILITY number
<Unfun> I have a Adaptec card
<Valandil> Unfun: no, sadly not all adaptec
<Unfun> Any way to make it work?
<Unfun> 2230S
<Valandil> there are some "soft-raid"-Controllers
<Valandil> could be, this is such a soft-raid
<Valandil> same shit as "soft-modem"
<Unfun> define soft-raid
<Valandil> the raid-functionality needs driver-support
<Valandil> it's not completely included in controller-bios
<Valandil> You can set up raid-levels and all in controller-bios, but without the driver, system only recognizes single disks
<Unfun> It's quite unfortunate i need to take the box down to bios level to do disk management.
<Valandil> I'm not shure, if Your card is one of this
<Valandil> Me I tried 4 weeks
<Unfun> In the past i've used Dell utilities to do management on the older adaptec cards, but the newer ones arent supported with dellmgr, aka afacli.
<Valandil> then, I combined the arrays in bios, and took aic79xx driver plus software-raid
<Valandil> so I can manage my raid in runtime, or I can restore a blown up disk also in bios
<infinity> The 2230 is not soft RAID.
<Unfun> infinity, do you use this card?
<Valandil> infinity: OK, thanks :)
<infinity> No, but I know adapted products.
<Unfun> You know of any tools that will let me manage the card under a 2.6 kernel?
<infinity> (hint: anything selling for that price isn't software-assisted RAID)
<Unfun> This box is like $5k
<Unfun> Card i think is like $250USD
<Unfun> somewhere in there
<Valandil> infinity: I don't know the price ;) I just looked: the crap was 39320A
<Valandil> yes, it has been round about 300 Euro
<infinity> Unfun : I'm not sure, TBH, if there are free tools to manage it.  You may be stuck using adaptec's tools, which may also mean using their kernel modules. :/
<Unfun> thats what i was afraid of
<Valandil> good luck ;(
<Unfun> i def don't want to use their modules
<infinity> Oh, wait, no.  That one uses the free driver anyway.
<infinity> Adaptec doesn't do closed binaries for aacraid, they contribute to the GPL driver in the kernel.
<Valandil> cool
<Unfun> So i'm still probably stuck using their modules if i want to manage this thing
<Valandil> OK guys, got to leave... cu
<Pygi> bye
<infinity> Don't need to use their kernel sources, just their tools...
<Unfun> let me check out their tools...
<infinity> Their tools SHOULD work with the Ubuntu kernels.  In theory.
<infinity> But, yeah, the "raidutils" stuff only works with the i2o controllers, which this one isn't.
<Unfun> ya
<Unfun> i was looking on the i20 site
<Unfun> didnt see this card
<infinity> http://www.adaptec.com/worldwide/support/driverdetail.jsp?sess=no&language=English+US&cat=/Product/ASR-2230S&filekey=asm-linux_v2.12(922).rpm
<Unfun> let me alien that
<infinity> It's an RPM, but a clever user should be able to alien it.
<infinity> Should work for anything in the aacraid series.
<infinity> And SHOULD work with our aacraid driver, no need to use adaptec's driver.
<Unfun> im going to try it
<Unfun> alien is converting now
<Unfun> what link did you grab that from
<Unfun> this is amd-64
<infinity> That'll be an i386 binary, but it should work fine with ia32-libs installed.
<infinity> I don't see an amd64 binary listed anywhere on their site.
<Unfun> infinity, thanks for the guidance.
<Unfun> i appreciate it
<infinity> Oh, wait.
<infinity> http://www.adaptec.com/worldwide/support/driverdetail.jsp?sess=no&language=English+US&cat=/Product/ASR-2230S&filekey=asm-linux_x86_64_v2.12.tgz
<infinity> It's a bit older, though.
<Unfun> if its just a management app i dont mind
<infinity> Worth a try.
<infinity> I'd give both a shot.
<infinity> And let me know if both work, or just one, or whatever.
<Unfun> ok im giving it a try
<infinity> I may look into whether or not we can provide download/installer packages in multiverse for crap like this, so...
* infinity is heading off to bed.
<infinity> Just ping in channel, or mail me (adconrad@ubuntu.com) to let me know if either (or both) seem to work.
<Unfun> ok
<Unfun> i will do that infinity
<Unfun> crap i need to register to download that
<Unfun> and i don't know my serial #
<infinity> Let me grab the files with my AdaptecConnect login. 'Sec.
<Unfun> awesome, thanks
<infinity> For future reference, I don't think you actually need to register a product, you can skip that step, and your account will still work to download anything, IIRC.
<Unfun> yep
<Unfun> that works
<Unfun> http://download.adaptec.com/raid/storage_manager/asm-linux_x86_64_v2.12.tgz
<Unfun> that is a direct link
<infinity> In that case, I'll let you grab them yourself. :)
<infinity> My DSL upstream is crap.
<Unfun> ill grab it off the 100mb link at the data center :)
<Pygi> welcome ian
<ian_brasil> hi
<Pygi> welcome matt
<Pygi> fabbione:ping 
<Pygi> someone took my name in Ubuntu Server Team ^^
<Unfun> Mipe?
<Pygi> Mario Meyer ;)
<Pygi> dang :P He took my name ;)
<Unfun> how do you join the ubuntu server team
<Pygi> well, you can and you can't
<Pygi> you must apply, but you need to speak with members/admin so you can get in
<Unfun> how can i find information as to what the team needs
<Pygi> well, you ask fabbione once he's here
<Pygi> I am a member, but I rather wouldn't go into too much detail ;)
<Unfun> alrighty!
#ubuntu-server 2005-12-25
<fabbione> Pygi: ping?
<Pygi> fabbione:pong 
<Unfun> fabbione, would it be possible to get some information on joining the Ubuntu Server Team?
<fabbione> Unfun: in a few minutes?
<Unfun> Sure!
<fabbione> thanks :)
<fabbione> Unfun: i should have send out an email to the mailing list (will do tomorrow) or somebody is welcome to just copy paste what i write :)
<fabbione> and send it to the mailing list
<fabbione> basically we consider people part of team, all the guys that have a direct interest in the project and want to contribute to it
<fabbione> contribution can be done in several ways
<fabbione> including pre-testing of new images and so on
<fabbione> i don't really put a barrier on what is considered contribution
<fabbione> the real minimum i want to see to accept membership is at least your wiki page with info on what you plan to do with this project
<fabbione> that i don't consider an unberable amount of work to do to be part of the team :)
<fabbione> Unfun: is it a bit more clear now?
<Unfun> very clear
<fabbione> Pygi: want to take care to copy/paste and send to the mailing list? or perhaps add it as FAQ somewhere?
<Unfun> I work with a good amount of servers and i'm interesting in doing testing for the project.
<fabbione> Unfun: you could do that too :)
<fabbione> Unfun: that's great :)
<Unfun> I have around 120 linux servers in production and looking to add maybe 60 more this year
<fabbione> test is something that's very very very important
<Pygi> fabbione: hm, just a moment pls
<fabbione> Pygi: sure
<Unfun> i want to switch from debian to ubuntu completely
<Unfun> so far i put 2 boxes on 5.10 in prod
<fabbione> Unfun: i do have 5 servers running
<fabbione> on different loads..
<Pygi> fabbione: k, I'll send it to the ubuntu-devel. Btw. any signs of getting ubuntu-server thingy?
<fabbione> Pygi: what about looking at topic? ;)
<Unfun> I can also contribute bandwidth/mirroring if needed
<Pygi> fabbione: oh ;) where do I subscribe to that list? ;)
<fabbione> Unfun: that'd be great too, but we don't need specific server infrastructure. if you can offer a mirror, i suggest you contact our admins directly
<Unfun> k
<fabbione> Pygi: http://lists.ubuntu.com/
<fabbione> something we should make clear is that the -server "edition"
<fabbione> is just the same plain software that's available to all ubuntu installations
<fabbione> with the difference that on the ubuntu cd you install a desktop by default
<fabbione> with the -server CD you have apache2 or whatever server software
<Pygi> yup, ofcourse
<fabbione> the rest such as base installer will be the same
<fabbione> also
<fabbione> on our Cd we will ship a -server kernel
<fabbione> that will be the biggest and probably only difference from the standard cd
<fabbione> s/standard/desktop
<fabbione> Pygi: we should also add this to a FAQ on the wiki
<fabbione> and point people there :)
<Pygi> k, that might be a good idea
<Unfun> is that wiki public yet?
<fabbione> Unfun: wiki.ubuntu.com
<fabbione> it has always been :)
<fabbione> we hide nothing
<fabbione> because we don't need too
<Unfun> oh i thought maybe a server edition had its own
<fabbione> nah
<fabbione> no point for it
<fabbione> perhaps we want to be sensible and use a subsir
<fabbione> like wiki.ubuntu.com/server/
<fabbione> or whatever wiki likes the best
<fabbione> but getting yet another wiki is only object of confusion imho
<Pygi> fabbione: lists.ubuntu.com doesn't list a ubuntu-server list or I am getting blind ;)
<fabbione> if at a certain point the load will be too much, we can ask to move
<Unfun> he said ubuntu-dev
<fabbione> Unfun: no no.. ubuntu-server
<Unfun> hmm
<Unfun> didnt see that as an option either
<fabbione> hmm
<fabbione> that's true, but it's there
<fabbione> just use the standard mailman thingy
<Pygi> ok, a link where I can subscribe?
<Unfun> i sub'd to ubuntu-devel
<fabbione> http://lists.ubuntu.com/mailman/listinfo/ubuntu-server/
<Pygi> fabbione:k, I found it
<Pygi> thanks
<Unfun> thanks
<Pygi> once I subscribe, I'll copy paste the things you said
<fabbione> sure
<fabbione> perhas do it in 2 mails
<fabbione> one for the membership
<fabbione> and one to start up the FAQ after you create a page on the wiki
<fabbione> so you can copy paste on the wiki and send the link out for people to edit/etc.
<Pygi> k, when should I open a wiki?
<fabbione> even now if you want
<fabbione> i am sort of heading to sleep :)
<Pygi> heh, me too ;)
<fabbione> or tomorrow will be fine
<Pygi> remember, the same time ;)
<fabbione> right
<Pygi> 00:31 ;)
<fabbione> i can't exactly remember TZ for everybody
<fabbione> and i need to wake up in 5:30
<Pygi> k, good night
<fabbione> night
<Unfun> https://launchpad.net/people/antirock
<Pygi> hehe, good, but I would suggest you do a thing like that on wiki
<Pygi> your personal wiki page
<fabbione> Unfun: could you please also ask membership to the team? so i will get a nice mail that will remind me to look at it?
<fabbione> Unfun: you do that directly on the ubuntu-server page
<fabbione> thanks guys
<Unfun> that is my personal wiki
<fabbione> i am off to bed
<fabbione> Pygi: LP has wiki "inside"
* fabbione &
<Pygi> fabbione: ah, yes
<fabbione> me need sleep lot
<fabbione> now
<Pygi> :)
<Pygi> go sleep lot
<fabbione> :)
<Pygi> now :)
<Pygi> welcome etcp ;)
<Pygi> night everyone
<Unfun> night
<fabbione> morning
<troy> indeed
<troy> but I'm about to sleep - early day tomorrow
<Pygi> welcome MarioMeyer
<Pygi> welcome Mario and Spike
<spike> hi there
<MarioMeyer_> heya Mario
<MarioMeyer_> :P
<Pygi> Mario: heh, yes, I already complained because you took my name ;)
<MarioMeyer_> haha
<MarioMeyer_> :)
<Pygi> welcome tepsipakki
<Pygi> MarioMeyer_: still here?
<MarioMeyer_> yes
<Pygi> I forgated to welcome you to the team ;)
<Pygi> So welcome ;)
<MarioMeyer_> thanx
<Pygi> hehe ;)
<Pygi> welcome lbm
<lbm> Pygi :)
* Pygi is a "welcome bot" ;)
<lbm> always nice with a warm welcome :)
<tepsipakki> true ;)
<Pygi> hehe
<beezly> hmm
<Pygi> welcome beezly once again ;)
<beezly> :) hooray
<beezly> hi Pygi
<Pygi> welcome unfun
<Pygi> wb unfun
<Unfun> thank you Pygi
<Unfun> It is good to be back!
<Pygi> heh, you got like 5 in's and out's ;)
<Unfun> lots of rebooting going on here today :)
<Pygi> ah ;)
<Pygi> welcome lamont
<Pygi> bye all
<Pygi> wb Mario
<Pygi> welcome spike
<spike> 'lo Pygi
<Pygi> wb unfun
<Pygi> welcome nictuku
<nictuku> thank you
<nictuku> after dapper, when will another "blessed" server be released?
<nictuku> every year?
<Pygi> Don't know for sure, but it should be every 6 months, same as regular ubuntu/edubuntu/kubuntu
<nictuku> Hmm. that doesn't make sense, I think. Blessed releases will have 5 years support. I believe they won't be shipped so often.
<Pygi> Maybe, as I said....I am not sure ;)
<Pygi> fabbione: ping
<nictuku> :-)
<Pygi> just a moment nictuku, I am sure fabbione knows
<nictuku> also, I'd like to help with a certain feature being developed, the network wide update
<Pygi> you can offer your help to fabbione once he's around ;)
<nictuku> I'm making a python library for multi-plataform system information data, and maybe it could be useful for that tool.
<nictuku> ok :)
<Pygi> welcome spike
<nictuku> one of the features planned for the NetworkWideUpdates tool is to "provide a way to easily see the status of the machines". I believe showing general machine information could be useful.
<Unfun> Is NetworkWideUpdates released yet?
<Pygi> welcome mipe
<infinity> No.  It's a spec that mvo and I intend to work on "some day", but it's currently not high priority.
<Unfun> Sounds like cfenginey
<infinity> Not really.
<infinity> It's not meant for config files.
<infinity> Just for package management.
<infinity> Large-scale, though.
<Pygi> welcome ealden
<nictuku> infinity, I read there is a a draft code ready. is that so?
<Unfun> infinity, i ran into library hell with getting Adaptec manager going on 5.10
<ealden> hi Pygi
<infinity> The draft code was for an old spec draft we did, and it's pretty much obsolete by the ideas/design in the newer spec.
<infinity> Unfun : Ouch.  How hellish?
<infinity> Unfun : Something that couldn't be solved with "ldd /path/to/binary -> find packages containing those libraries"?
<Unfun> Just wants different version of libstdc++
<infinity> Unfun : We have several in the archive. :)
<infinity> Unfun : Easy enough.
<infinity> Probably wanted libstdc++5
<Unfun> let me check again
<Unfun> 1s
* infinity wishes people wouldn't write system tools in C++
* infinity diverts attention away from the fact that apt is C++
<Pygi> and you like C better? ;)
<Unfun> dpkg-shlibdeps: warning: could not find path for libstdc++-libc6.1-1.so.2
<Unfun> dpkg-shlibdeps: warning: could not find path for libstdc++-libc6.1-1.so.2
<Unfun> dpkg-shlibdeps: warning: could not find any packages for  (libstdc++-libc6.1-1.so.2)
<infinity> As a general rule, yes.
<Pygi> infinity: heh, agreed ;)
<infinity> Unfun : Woo.  Ancient.
<Pygi> altought some people really like to POINT OUT how C++ is much more superior ;)
<Unfun> infinity, i know
<nictuku> infinity, I'd be glad if I could volunteer for making a working version based on those specs (xmlrpc, pull/push, cli interface)
<infinity> Unfun : libstdc++2.10-glibc2.2
<Pygi> but they neither know C or C++ ;)
<Unfun> thats in archives?
<infinity> Err, not on amd64 it's not.
<Unfun> Darn
<infinity> Wait.  That was the amd64 binary, or the i386 binary?
<Unfun> that one was amd64
<Unfun> let me try i386
<infinity> Dear god.  That must have been built on an ancient SuSE system.
<infinity> How SuSE even got gcc-2.95 to compile (and WHY), I have no idea.
<spike> can anybody help e with lvm?
<spike> basically I got this box A where I had somelvmgroup and somelvmvolumes
<spike> well, lemme just put it easier: how can I enable and work on lvm from knoppix?
<spike> if I boot knoppix on this lvm partitioned box, and run lvmdiskscan, it sees the lvm partition (hda5)
<infinity> nictuku : Meet mvo, the apt maintainer, and the other addle-brained whackjob (other thaqn me) behind that crazy spec.
<infinity> mvo : nictuku is the guy who just accidentally volunteered to implement our halfassed spec. :)
<spike> bleh, gtg, later
* mvo mubbles about apt-co-maintainer
<infinity> nictuku : Also, it's apparently mvo's bedtime, but he's too polite to ever say "no" to anyone, so if we could discuss this sometime tomorrow, that'd be cool.
<infinity> mvo : Produce recent apt work by mdz and culus, and I'll agree.  (people uploading your code changes don't count)
<Unfun> infinity, same libraries for the i386 version
<mvo> nictuku: hello! happy to hear that you are interessted in working on this spec!
<nictuku> infinity, sure :-)
<nictuku> mvo, great. Any problem if I'd like to code it in python?
<nictuku> we could discuss the details tomorrow then
<mvo> nictuku: not at all, python is the prefered language for us
<mvo> nictuku: what is your timezone? I'm around all day (my TZ is utc+1)
<mvo> nictuku: talk to me any time your want (I'm around in #ubuntu-desktop, #ubuntu-devel). we should try to get infinity too, but that should be easy because he never sleeps
<infinity> Unfun : Exactly the same, or slightly different filename?
<infinity> mvo : Thpt.
<mvo> infinity: SCR
<troy> g'day
<Pygi> welcome troy ;)
<Unfun> infinity, libstdc++-libc6.1-1.so.2
<Unfun> infinity, thats for i386
<Pygi> troy: and it's like .... midnight ;)
<nictuku> mine is currently utc-2
* mvo goes to bed now
<Pygi> night mvo
<nictuku> mvo, night and thank you
<infinity> Unfun : Neat.  That's pretty much an impossibility.  Go, Adaptec, go.
<Unfun> Awesome.
<mvo> night everyone
<infinity> Unfun : (there is no libc6.1 on i386...)
<Unfun> Are LSI cards easier to manage?
#ubuntu-server 2006-12-18
<GhostRidr> Hello?
<GhostRidr> I hate to bother the devs, but I've tried the other channels and searches online.
<GhostRidr> I am trying to find a guide to configuring serial consoles on 6.10, since there isn't a etc/inittab anymore, I'm a little lost
#ubuntu-server 2006-12-19
<levander> Somebody can tell me what ubuntu-edgy-updates.git is?
<dashnu> how do i check the version of a pkg I have installed?
* dashnu generally lives & dies by portage
<\sh> dpkg -l <package name>
<\sh> #ubuntu-users question ;)
<dashnu> thx & srry
<kupesoft> I'm having trouble finding documentation detailing the installation of a fax server for Ubuntu,
<kupesoft> Should I just use HylaFAX with the Debian-style instructions?
<xmasmaze> heya
<xmasmaze> does ubuntu-server support i586?
<fabbione> yes
<xmasmaze> good :)
<xmasmaze> now let me find an pxe bootable installer
<xmasmaze> what python version does 6.06LTS ship?
* spike pokes xmasmaze in the eye with an ubuntu cd
<xmasmaze> hey spike 
<xmasmaze> duder
<xmasmaze> hmm ubuntu server doesn't boot on my i586
<xmasmaze> the kernel segfaults on booting
<levander> I was told that apitutde can tell you what packages were installed as dependencies for a given package you installed awhile back. Anyone know how to do this?
#ubuntu-server 2006-12-20
<MistaED> hey, is this place appropriate for questions on ubuntu server? i wanted to ask if webmin is the best easy to use frontend for it, it's for a friend who wants an easy to use server
<MistaED> like he wouldn't be savvy with just a ssh terminal and a text editor ;)
<drokmed> hola
#ubuntu-server 2006-12-21
<Wyglif> i have a situation in witch i need to set up a linux server with samba support ... i use gentoo for a long time and now using ubuntu ... i like beacuse of it simplicity ... i read the site about ubuntu server ... but the main reason i'm writing this is that there is no info about setting up a file server on the site
<Wyglif> i know how to configure it
<Wyglif> and all that stuff
<Wyglif> but it this distro good way to solve my problem
* Catshrimp appreciates the ease with which the base system is installed and set up
<Pyretic> kinda quiet in here
<mralphabet> it generally is
#ubuntu-server 2006-12-22
* Starting logfile irclogs/ubuntu-server.log
* #ubuntu-server  [freenode-info]  channel trolls and no channel staff around to help? please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
<Catshrimp> Hm, anyone about with a couple spare minutes?  I've been trying to figure this problem out for a couple weeks now.
<Catshrimp> I'm trying to get fluxbox installed on the system (which works), but the fglrx drivers don't seem to take effect upon install
<Catshrimp> the fglrx driver works just fine with a full installation.  But that's pointless and a waste of diskspace and resources.
<Lunar_Lamp> I want to install ubuntu server on a machine with no floppy or cdrom drive. I can however netboot.
<Lunar_Lamp> How would I go about this?
<Lunar_Lamp> Ok, I found a guide here:
<Lunar_Lamp> https://help.ubuntu.com/community/Installation/QuickNetboot
<Lunar_Lamp> When it says to edit options regarding dnsmasq it doesn't say in which file to do this...
<Lunar_Lamp> /etc/dnsmasq.conf appears to be a different format
<mralphabet> Lunar_Lamp: there was just an article about pxe and installing ubuntu with something that could netboot
<mralphabet> let me find that
<Lunar_Lamp> oo:-)
<Lunar_Lamp> Thanks
<mralphabet> http://www.howtoforge.com/ubuntu_pxe_install_server
<mralphabet> that installs a PXE server on another ubuntu linux box
<mralphabet> using that, you can install ubuntu (or other distro's) via dhcp
<mralphabet> basic concept applies to other OS's
<Lunar_Lamp> Hmm, my router is a dhcp server.
<Lunar_Lamp> Hopefully that won't cause problems...
<Lunar_Lamp> However, I'm getting this problem:
<Lunar_Lamp> option domain-name-servers 145.253.2.75, 193.174.32.18;
<Lunar_Lamp> default-lease-time 86400;
<Lunar_Lamp> max-lease-time 604800;
<Lunar_Lamp> authoritative;
<Lunar_Lamp> subnet 192.168.0.0 netmask 255.255.255.0 {
<Lunar_Lamp>         range 192.168.0.10 192.168.0.49;
<Lunar_Lamp>         filename "pxelinux.0";
<Lunar_Lamp>         option subnet-mask 255.255.255.0;
<Lunar_Lamp>         option broadcast-address 192.168.0.255;
<Lunar_Lamp>         option routers 192.168.0.1;
<Lunar_Lamp> }
<Lunar_Lamp> Er, sorry, I didn;t mean to paste that.
<mralphabet> you will probably need to disable the router dhcp
<Lunar_Lamp> # /etc/init.d/dhcp3-server restart
<Lunar_Lamp> dhcpd self-test failed. Please fix the config file.
<Lunar_Lamp> The error was: 
<Lunar_Lamp> (it doesn't give me any error though)
<mralphabet> look in /var/log/messages
<Jassossovinik> Hmm
<Away_Lamp> I'm still having problems with my dhcpd.conf
<Away_Lamp> :-/
<mralphabet> google ubuntu dhcp error
<Away_Lamp> AHA
<Lunar_Lamp> subnet 192.168.2.1 netmask 255.255.255.0 
<Lunar_Lamp>                                        ^
<Lunar_Lamp> Configuration file errors encountered -- exiting
<Lunar_Lamp> I found that :-)
<Lunar_Lamp> What's wrong with that netmask?!
<mralphabet> no {?
<Lunar_Lamp> subnet 192.168.2.1 netmask 255.255.255.0 {
<Lunar_Lamp> That's the line in the file
<mralphabet> okay . .. and . . .
<mralphabet> that means that subnet runs from 192.168.2.1 to 192.168.2.255
<Lunar_Lamp> Is that wrong then?
<mralphabet> no
<mralphabet> pastebin your config file
<Lunar_Lamp> http://www.pastebin.it/index.php?id=2590
<mralphabet> range 192.168.2.10 192.168.0.49
<Lunar_Lamp> Hmm, I've been googling, and I think I need to tell it to not look at "eth0" but to look at "eth1" instead.  However, the file I was told to do that in does not exist - possibly due to difference in setup to whatever distro that was on?
<Lunar_Lamp> Still gives the error after changing that 
<mralphabet> it's difficult for a dhcp server to have a -2 class c
<mralphabet> should be range 192.168.2.10 192.168.2.49
<Lunar_Lamp> Yeah, I just edited that and the erorr still occurs identically.
<mralphabet> error in config?
<Lunar_Lamp> Where is the config file?
<mralphabet> the error, what does the error say? same "Configuration file errors encountered -- exiting"
<mralphabet> ?
<Lunar_Lamp> /etc/dhcp3/dhcpd.conf line 8: subnet 192.168.2.1 netmask 255.255.255.0: bad subnet number/mask combination.
<Lunar_Lamp> subnet 192.168.2.1 netmask 255.255.255.0 
<Lunar_Lamp>                                        ^
<Lunar_Lamp> Configuration file errors encountered -- exiting
<mralphabet> vi /etc/dhcp3/dhcpd.conf
<Lunar_Lamp> Yeah, ok, I thought you meant a different config file.
<Lunar_Lamp> I feel like I should be telling my machine to check on eth1 not eth0 though - but don't know where.
<mralphabet> and you are using "/etc/init.d/dhcp3-server restart"?
<Lunar_Lamp> No, when I did that I got an "error is:" and no info.
<Lunar_Lamp> I got the error message by doing /usr/sbin/dhcpd3
<mralphabet> hrm
<Lunar_Lamp> # /etc/init.d/dhcp3-server restart
<Lunar_Lamp> dhcpd self-test failed. Please fix the config file.
<Lunar_Lamp> The error was: 
<mralphabet> I see it
<mralphabet> subnet 192.168.2.1 netmask 255.255.255.0
<mralphabet> needs to be 
<mralphabet> 192.168.2.0
<Lunar_Lamp> ok
<Lunar_Lamp> thanks
<Lunar_Lamp> new error now though
<Lunar_Lamp> /etc/dhcp3/dhcpd.conf line 10: semicolon expected.
<Lunar_Lamp>         filename 
<Lunar_Lamp>         ^
<Lunar_Lamp> Configuration file errors encountered -- exiting
<mralphabet> pastebin your current config
<Lunar_Lamp> http://www.pastebin.it/index.php?id=2591
<mralphabet> you don't have a ; on your range statement
<Lunar_Lamp> YAY!
<Lunar_Lamp> Thanks!
<Lunar_Lamp> :-)
<gpd> fresh install of ubuntu-server with lamp option.  Installed phpmyadmin but php not active by default?
<lionel> gpd: I do not think that lamp option install phpmyadmin by default
<lionel> are you sure ?
<gpd> no - I installed phpmyadmin after installation -- but when going to localhost/phpmyadmin I got a 'save as' dialog.  I subsequently installed libapache2-mod-php5 and now it behaves as expected
<Burgwork> if installing a package fails to make it work, it is a bug
<gpd> i was a little disappointed - esp since in the old days a simple apt-get install phpmyadmin would be enought to give you a lamp server :|
#ubuntu-server 2006-12-23
<gpd> i seem to have broken mysql -- Access denied for user 'debian-sys-maint'@'localhost
<gpd> can't even remove it with dpkg
<gpd> anyone around to assist?
<gpd> tried changing the pw in mysql user table for debian-sys-maint to the same as in /etc/mysql/debian.cnf 
<gpd> but doesn't seem to help
<gpd> ok - dpkg --purged managed after i killed mysqld
<amachu> hi
<amachu> anyone tried Oracle 9i on Ubuntu
<amachu> we at our office planning to deploy
<amachu> need your help
<okaratas> is Ubuntu supporting VLAN; is there any documentation for that; is there anything to do in kernel for this?
<linnuxxy> how to install ZipArchive   for php5 in dapper?
<linnuxxy> how to install ZipArchive   for php5 in dapper?
#ubuntu-server 2007-12-17
<owh> Is there any reason that the ubuntu-jeos-builder script installs stuff like alsa or is that just because it's in main?
<Centaur5> I'm trying to setup chillispot and freeradius and it appears that everything should be working but when I try to login it says login failed.  syslog says that the radius request times out.  When running radtest on the radius server it does accept my credentials.  Do I have to open mysql to accept connections from other hosts?
<mralphabet> Centaur5: is the radius request from a different machine?
<mralphabet> Centaur5: if so, then probably
<Centaur5> mralphabet: Well the wireless client connects to chillispot on the radius server which is forwarded to a hotspotlogin script.  I'm probably wrong but I just assumed chillispot controls everything else that goes on and would seem to be coming from localhost to the other daemons.
<kraut> moin
<_ruben> mornin
<_ruben> hmm .. having a problem with ubuntu server gutsy under vmware:
<_ruben> * Loading hardware drivers...
<_ruben> error receiving uevent message: No buffer space available
<bluefoxicy> anyone know about the new encrypted lvm in gutsy
<bluefoxicy> particularly how to change the password
<soren> bluefoxicy: I guess you have to add a new key and remove the old one.
<soren> bluefoxicy: cryptsetup(8) is your friend.
<bluefoxicy> soren: fixed in hardy right?  ;)
<bluefoxicy> GUI tools etc???
<soren> bluefoxicy: No.
<bluefoxicy> bah, I can dream :P
<soren> bluefoxicy: You can't fix something that's not broken.
<bluefoxicy> missing useful feature == broken
<soren> That's hardly useful.
<bluefoxicy> just lower priority than crashers and holes
<soren> In that case all software is broken. Perpetually so.
<soren> Which renders any efforts towards the opposite useless.
<bluefoxicy> no
<soren> Yes.
<soren> How's that for an argument.
<soren> ?
<bluefoxicy> have you ever noticed some software is abandonware and unmaintained?
<soren> Yes.
<soren> Point being?
<bluefoxicy> and that software eventually gets replaced by something else actively maintained?
<soren> Yes....
<soren> go on.
<bluefoxicy> The assessment that all software is perpetually broken is correct
<bluefoxicy> But the fact is
<bluefoxicy> you can make the software less broken now, but it becomes more broken when someone else looks at it and goes "it should do XXXX" and 10% of the user base nods its heads
<soren> So bugs don't exist until they're observed?
<bluefoxicy> so, effectively, untouched software simply decays, as it becomes less and less suited to peoples' needs
<bluefoxicy> YES :D
<soren> That's not very useful either.
<bluefoxicy> it doesn't have to be useful, it's just the truth
<soren> We have too different views of what constitutes truth for this conversation to have any point in continuing.
<dantalizing> lol
<bluefoxicy> it's an observed fact then ;p
<soren> We have too different views of what constitutes facts for this conversation to have any point in continuing.
<bluefoxicy> pornview was great until a year or two after it stopped getting maintained for example
<dantalizing> so, does windows 3.1, for instance, have more bugs now than in 1993 because its missing features?
<soren> dantalizing: Depends... Noone's using it, so noone's observing said lack of features.
<bluefoxicy> dantalizing:  could you use windows 3.1 on a daily basis to get your work done effectively in 1993 without much trouble besides random hangs?
<soren> bluefoxicy: Is that a rhetorical question? Is this?
<bluefoxicy> well
<kronus_> Hi, I'm having a problem with my server's routing table, I think
<bluefoxicy> point, back when 3.1 came out it landed on a bunch of business desktops.  The had e-mail and word and image processing apps and databases and proprietary applications and all kinds of specialized things
<dantalizing> ok, windows 98... i know some of the freegeek chapters are installing windows98 because they have old PCs.. .does windows98 have more bugs now than in 1999?
<soren> kronus_: What's the problem?
<MenZa> I'd hope not :p
<kronus_> the problem is that `man route` is not clear on what the routing table actually does
<bluefoxicy> TODAY, if you go to an insurance company or to a dentist office or anything else and drop 3.1 in, it won't authenticate to the domain, won't run their proprietary apps, and won't run much else
<kronus_> and I'm having trouble accessing one subnet of my college network from another (wireless -> wired)
<soren> kronus_: Well... It doesn't do much. It's a table :) The kernel does something based on its contents, though :)
<kronus_> and... I know the problem is an extra route somewhere, because it's been fixed before that way
<kronus_> but apparently only temporarily
<kronus_> soren - what does the kernel do with it?
<soren> routes
<soren> Clever, huh?  :)
<kronus_> ok, back to basics :P what is a route?
<bluefoxicy> a routing table basically says "I have 2 interfaces.  Stuff going here goes out this one"
<soren> It takes packets' destination IP, looks it up in the table and sends it to whereever the routing table says it should go.
<kronus_> ok, I have 5 routes in my table
<kronus_> and only 2 interfaces
<soren> That's fine.
<soren> Put the output of "route -n" on pastebin.
<soren> ...along with a simple explanation of your network and then tell us the specific problem, you're seeing.
<soren> !pastebin
<ubotu> pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)
<kronus_> that's exactly what I'm doing
<soren> Cool
<CarstenQ> Hi o/, I've just installed Ubuntu server 7.10 (Gutsy) with the OpenSSH server (4.6p1), but when trying to ssh from or to my Mac OS X 10.4.11 (ssh 4.5p1) the user or password isn't recognized (keeps asking for password), though it returns no errors. Anyone care to guess the problem?
<soren> CarstenQ: Wrong password?
<dantalizing> +1
<soren> It's not meant to give you any errors.
<soren> That would give an attacker too much informatino.
<bluefoxicy> CarstenQ:  as a guess, MacOSX is stupid.  Next question.
<CarstenQ> yeah, guessed that, so i made an extreme simple username + pw
<soren> CarstenQ: Look in /var/log/auth.log
<CarstenQ> haha, noticed that
<bluefoxicy> soren:  indeed.  I've seen such systems, they were easier to break into (found default users, looked up default passwords ;)
<soren> CarstenQ: It's likely to give you info on why your login was rejected.
<CarstenQ> looking for it now
<dantalizing> do you have any DenyUsers or DenyGroups in your sshd_config?
<CarstenQ> erm, I can't find that log in /var/log or /private/var/log, 'nother Mac thing?
<soren> Er... Forget the mac.
<CarstenQ> not that I know of (didn't change anything from fresh install)
<soren> ...or ask someone else about it.
<soren> Look on the Ubuntu box.
<CarstenQ> nope, no denied users or groups
<CarstenQ> well, thanks for the help anyway :)
<soren> CarstenQ: We can help you with the failing to login on Ubuntu.
<soren> CarstenQ: The other way? Not so much.
<PecisDarbs> How to properly enable site to work with mod_perl?
<PecisDarbs> in Apache
<PecisDarbs> Google is full of suggestions, but nothing concrete
<CarstenQ> yeah, shame I don't have an ubuntu box any more to test it with
<soren> CarstenQ: Eh?
<soren> CarstenQ: 16:21:42 < ~CarstenQ> Hi o/, I've just installed Ubuntu server 7.10 (Gutsy) with the OpenSSH server (4.6p1),
<CarstenQ> you mean I should try to ssh from the server to itself? is that possible?
 * CarstenQ starts trying
<soren> CarstenQ: From your mac to ubuntu.
<soren> CarstenQ: Or from the server to the server is fine, too.
<dantalizing> CarstenQ i think the point is you need to check the /var/log/auth.log on the ubuntu machine that you cannot ssh to, not your mac
<CarstenQ> ah, ok, misunderstood that
<soren> PecisDarbs: Noone is is likely to give you more exact and concrete info than google... It's pointless. People have spent a lot of time writing the stuff you found from google, and now you want us to write all the same stuff again.
<kronus_> soren - http://rafb.net/p/OoALbZ20.html
<soren> kronus_: That's not the output of "route -n"
<kronus_> >__> yeah, that's route -v
<kronus_> force of habit, one sec
<kronus_> http://rafb.net/p/us9ZgB76.html
<soren> kronus_: The computer is on both networks.
<CarstenQ> soren: found the log, will type in pastebox
<kronus_> only the wireless link is active (eth1)
<soren> kronus_: No.
<kronus_> ..oh
<kronus_> well, only the wireless link is SUPPOSED to be active
<kronus_> which routes should I try to get rid of?
<soren> kronus_: You should disable the wired network altogether.
<soren> kronus_: ifdown eth0 (if eth0 is the wired)
<kronus_> ifdown eth0?
<kronus_> ok, trying
<soren> if eth0 is the wired network.
<kronus_> it is
<kronus_> and... it works
<kronus_> thanks
<soren> Yay.
<soren> You might want to remove "auto eth0" from /etc/network/interfaces
<CarstenQ> Hmm, my roommate just came in with his ubuntu laptop and has no problems to ssh to the server...
<rodpod> whats the difference between auto eth0 and the allow-hotplug eth0
<kronus_> soren  - this server is an old laptop I have, and sometimes I have it on the wired net
<kronus_> wouldn't removing 'auto eth0' then stop any automatic network switching?
<soren> rodpod: It's in the interfaces(5) man page.
<soren> kronus_: It clearly was causing you more trouble than it was fixing?
<kronus_> ok, what the hell
<rodpod> damn, i got man page'd
<kronus_> there's a new route
<rodpod> lol
<kronus_> and it doesn't work again :/
<CarstenQ> soren: /var/log/auth.log shows nothing when I try to log in, though when in verbose mode ssh says: http://paste.ubuntu-nl.org/48547/
<soren> CarstenQ: Ah.. It's your client that's doing it wrong.
<soren> CarstenQ: Keyboard-interactive is disabled by default.
<soren> CarstenQ: In favour of password.
<CarstenQ> soren: Ah ok... so I guess it's fixable and the answer is in the man page ;)
<kronus_> soren - something automatically added a route for eth0 just now, even though eth0 is down
<soren> kronus_: Then eth0 is not down.
<soren> kronus_: ...anymore.
<kronus_> ifdown: interface eth0 not configured
<kronus_> bringing it up and back down removed the extra route
<soren> You probably have a dhclient running..
<soren> That keeps configuring it.
<MatBoy> does someone know a good opensource bootcd that can image HD's to a networkshare ?
<maswan> the default ubuntu one should have netcat available, it can do that kind of thing
<maswan> (just a bit tricky)
<MatBoy> ok
<MatBoy> thanks
<maswan> something like "nc server 2318 < /dev/hda" and on the server "nc -l -p 2318 > client.hda.imgage"
<maswan> except with the right syntax etc, that's from mostly memory. :)
<rodpod> that sounds pretty cool, never thought of using nc to image
<adelie> Hello. I want to setup an LTSP server, but don't want it to be the DHCP. Is it possible to setup a thin clients boot loader to get the image some way other than the traditional 'network boot'?
<adelie> err... LDAP.. sorry
<compbrain> adelie: For what did you mean LDAP?
<RCOMALTA> hello there
<RCOMALTA> i am david
<RCOMALTA> can some help please
<dantalizing> rcomalta: possibly, fire away
<limbeaux> i am following the nagios quick start, but it was written for desktop 6.10  server 7 doesn't have the file libgd2-dev, anyone know what its equivalent might be?
<ivoks> quick start for nagios on all ubuntu version would be:
<ivoks> sudo apt-get install nagios-text
<limbeaux> thanks!!
<RCOMALTA> i am new in ubuntu server
<RCOMALTA> ubuntu server is gui ???
<ivoks> no
<ivoks> no gui
<RCOMALTA> can i do it gui ???
<ivoks> do what?
<RCOMALTA> ivoks hi my name david nice to meet you
<RCOMALTA> ubuntu when we do on box can we dawn load gui for it
<ivoks> yes
<ivoks> ubuntu-server is just a part of ubuntu
<ivoks> you can install kubuntu ubuntu or xubutnu desktop on top of it
<RCOMALTA> a rely
<RCOMALTA> that nice
<RCOMALTA> sory i am ask i am rely new in linux i be 10 years working witn 2003 sever but know we like to do some box with linux we chouse ubuntu
<RCOMALTA> sory for many qutions
<RCOMALTA> to make a web server and mail sever there is gui for it
<ivoks> no
<RCOMALTA> can be in futer time gui for mail sever and web server
<ivoks> there are plans to create web based interface for 8.04
<RCOMALTA> i see
<ivoks> installation of web server is easy
<ivoks> just choose LAMP stack during installation and that's it
<ivoks> you get mysql+php+apache environment
<RCOMALTA> yes ok but for mail server smtp and pop 3 is problem
<ivoks> what's the problem?
<RCOMALTA> i have here 5 computer runs vista ok
<RCOMALTA> mail smpt pop 3
<RCOMALTA> can be conect with as mail server ubutu
<ivoks> ok
<ivoks> then also choose mail server during installation
<RCOMALTA> i see
<RCOMALTA> pop 3 smtp
<ivoks> and imap
<ivoks> and pop3s and imaps
<RCOMALTA> ohhh i see
<RCOMALTA> smtp no
<ivoks> yes, both smtp and smtps
<RCOMALTA> ok
<RCOMALTA> nice
<RCOMALTA> i will dawnlodit
<ivoks> once you set it up, you just have to create users...
<RCOMALTA> ok
<adelie> compbrain:still there?
<adelie> compbrain: I figured out what I want to do... just not sure how to do it exactly, but want to setup a boot via http using gpxe.
<adelie> Oh, and i meant LTSP, not LDAP
<adelie> I am not sure if I am lost or not (isn't that the worst?). Can "pxe.0" be any bootable image?
<RCOMALTA> ivoks still there
<RCOMALTA> adeli
<RCOMALTA> are you fix up server my ask
<RCOMALTA> can i do ubutu server on my desctop computer to see how it works
<RCOMALTA> any one here
<dantalizing> so, i'm upgrading a server with raid5 from dapper to feisty ... going through the verification process for md .... what do i do if my UIDs do not match between what mkconf tells me and what is in mdadm.conf ?
<dantalizing> mdrun starts the raid just fine with the existing mdadm.conf
<RCOMALTA> dantalizing  you there
<dantalizing> yes, but i have to leave...
#ubuntu-server 2007-12-18
<Flare183> Any body know how to fix this: http://paste.uni.cc/17831
<postg> could someone help me look at the error: http://paste.uni.cc/17831
<Flare183> I have already ask
<Flare183> ed
<postg> I try to upgrade from 7.04 - > 7.10
<postg> thank you
<postg> so sad
<pschulz02> Wahahaha!!!!!
<fujin_> wawawwawawawa
 * fujin_ blows up pschulz02
<pschulz02> Wait foe it..
<kgoetz> root@newmoon:~# ldapaddgroup --help
<kgoetz> Successfully added group --help to LDAP
<kgoetz> WTF!
<pschulz02> for it. Kamping_Kaiser is about to post something
<pschulz02> posted
<kgoetz> honestly. wth.
 * kgoetz files bug
<fujin_> man ldapaddgroup
<fujin_> That's hardly worth filing a bug.
<fujin_> what the hell even provides ldapaddgroup?
<fujin_> that's not in ldap-utils
<kgoetz> how is it not?
<kgoetz> ldapscripts
<pschulz02> What's the bet that 'ldapdeletegroup' accespts the --help flag?
<kgoetz> hehe
<kgoetz> root@newmoon:~# ldapdeletegroup --help
<kgoetz> Successfully deleted group cn=--help,<etc> from LDAP
<fujin_> NAME
<fujin_> ldapaddgroup - adds a POSIX group entry to LDAP.
<fujin_> SYNOPSIS
<fujin_> ldapaddgroup <groupname> [gid]
<fujin_> OPTIONS
<fujin_> <groupname>
<fujin_> The name of the group to add.
<fujin_> learn2manpage
<fujin_> That's no bug.
<fujin_> That's you being an idiot.
<kgoetz> why?
<fujin_> you didn't read the manpage?
<kgoetz> and why is it not a bug? in your clearly (not so) humble opinion?
<fujin_> the expected behaviour is for ldapaddgroup to try and add --help as a group
<kgoetz> no, i go for --help before i go for man
<fujin_> There's the idiocy.
<kgoetz> *why*
<fujin_> you're doing it wrong?
<fujin_> manpage clearly states that there isn't a --help
 * kgoetz gives up.
<fujin_> thank fuck for that
<kgoetz> !tell fujin_ about coc
<fujin_> !tell kgoetz i don't give a fuck
<fujin_> oh snap
<fujin_> !tell kgoetz about man
<kgoetz> your in ubuntu chanel here, not debian...
<kgoetz> *an ubuntu
<fujin_> regardless of where I am, I believe 'rtfm' explains what I was trying to achieve.
<somerville32> fujin_, That isn't acceptable here.
<fujin_> cool
<fujin_> what are you going to do about it?
<somerville32> If you can't abide by the Ubuntu Code of Conduct and the Ubuntu IRC Channel guidelines, I think it would be best if you left.
<somerville32> We don't call people idiots
<fujin_> I do
<fujin_> and I don't intend on leaving
<fujin_> see, I wast just educatin
<somerville32> infinity, ping
<infinity> Ow.
<antdedyet> Is setfcaps in Ubuntu?
<somerville32> Is it a package?
<antdedyet> somerville32: No. It's part of the linux kernel capabilities framework. I am testing different methods of privisioning a tap device for use with kvm. setfcaps is  not in libcap-bin or any other package that I can find.
 * antdedyet submitted the question to launchpad's answers section
<fujin> You must have the Reductive build library in your RUBYLIB.
<fujin> ergh
<antdedyet> 'lo dendrobates
<dendrobates> antdedyet: hi
 * antdedyet is searching for setfcaps in Ubuntu
<antdedyet> Nothing I've found so far in Ubuntu is both properly creating & provisioning a user owned tap device that can be used with kvm.
<antdedyet> s/creating \& provisioning/creates \& provisions/
<dendrobates> antdedyet: hmm, I don't use tap with kvm, but I'll look into it.
<antdedyet> dendrobates: a basic test to run, which fails shortly (before the qemu/kvm window pops up) for me and at least for someone on the community docs is this: 'kvm -net nic -net tap -hda foobar.img -boot c'
<antdedyet> replace whatever's proper after the tap ...
<antdedyet> I have tunctl also that I found with uml-utilities, but kvm won't use the device I've setup with it, using 'sudo tunctl -b -u myuser'
<antdedyet> I tracked it down to being that the tuntap kernel driver had NET_CAP_ADMIN capability required since sometime around 2.6.17
<antdedyet> 'setfcaps' is to add the capability for any user to on the system to use tun/tap devices to some degree.
<antdedyet> But I never found setfcaps and that's where my testing stopped about 5 minutes ago.
<dendrobates> I use tap for vpn's without needing setfcaps.
<dendrobates> it is probably something else.
<antdedyet> dendrobates: There is also the ownership and mode of /dev/net/tun  ... In the beginning, I changed it's mode from 0660 to 0666.
<dendrobates> antdedyet: are you using gutsy?
<antdedyet> dendrobates: hardy daily ... :)
<antdedyet> dendrobates: and of course, on the only machine my processor has the kvm extensions
<nealmcb> antdedyet: I'm very glad to hear your thoughts and experiences - exactly what errors are you getting?  I've run into tap/kvm problems also but attributed them to never actually bringing my network down and making my regular eth0 into a bridged device or something like that, so the tap could work with it
<nealmcb> my testing is on gutsy
<nealmcb> e.g. "can't add tap0 to bridge eth2: Operation not supported" - which i think was because at the time my main network device (eth2) was not bridgeable
<nealmcb> using directions like this:  http://compsoc.dur.ac.uk/~djw/qemu.html
<dendrobates> soren just updated kvm, there may be a regression.
<antdedyet> nealmcb: I have a multiple scenarios that I have been through. Testing one at a time, with the outcome of none of them working, I started by setting up a bridging interface slaved to either of my outgoing ethernet connections, one is cabled, the other wifi (which I use most of the time and really wanted to use - FUD aside). Also an evdo ppp interface at times.
<antdedyet> nealmcb: basic error was this:
<antdedyet> warning: could not open /dev/net/tun: no virtual network emulation
<antdedyet> Could not initialize device 'tap'
<antdedyet> nealmcb: I followed those directions too, but started with this page: https://wiki.ubuntu.com/kvm then moved on to for networking input: https://help.ubuntu.com/community/KVM
<antdedyet> dendrobates: running an update now
<dendrobates> it was a couple days ago, so you are probably using the newest one, but it has not been tested yet.
<antdedyet> dendrobates: ah yes, I got that one I believe: 55
<antdedyet> soren asked me to let him in on what I came across since I have amd hardware
<antdedyet> although, I don't think this is cpu specific.
<dendrobates> he uploaded 56, maybe it has hit the repo's yet.
<antdedyet> dendrobates: ahh, ok. I use mirrors.kernel.org ... let me change my repo.
<nealmcb> antdedyet: have you tried gutsy?
<antdedyet> nealmcb: I don't have a gutsy box with kvm cpu extensions. I could test qemu with a bit of setup, but I haven't done that yet.
<nealmcb> right - I forgot that
<nealmcb> but qemu would be an interesting test
<antdedyet> I don't see 56 on mirrors.anl.gov either.
 * antdedyet nods
<antdedyet> hmm: http://packages.ubuntu.com/hardy/misc/kvm-source
<antdedyet> Is there somewhere I'm not looking at to find the 56 package?
 * antdedyet doesn't see it in deb sid either ... 
 * antdedyet shrugs
 * antdedyet stretches ... I can't wait to install Ubuntu on more client machines. :)
<antdedyet> None of which are desktop machines, all servers.
<antdedyet> nealmcb: same error for qemu on gutsy:
<antdedyet> warning: could not open /dev/net/tun: no virtual network emulation
<antdedyet> Could not initialize device 'tap'
<antdedyet> ah: http://kvm.qumranet.com/kvmwiki/ChangeLog
<antdedyet> dendrobates tells no lies!
<antdedyet>         -net tap,vlan=0,ifname=tap0 \
<antdedyet> after 'sudo tunctl -b -u myuser' # when no other tun/tap devices are built/present
<antdedyet> gives this on kvm init:
<antdedyet> SIOCSIFADDR: Permission denied
<antdedyet> SIOCSIFFLAGS: Permission denied
<antdedyet> SIOCSIFFLAGS: Permission denied
<antdedyet> can't add tap0 to bridge br0: Operation not permitted
<antdedyet> After manually populating tap0 with a static address and pointing the dhcp server's listen statement to it, my kvm session gets an IP that is reachable on the host, even with perm denied errors.
<nealmcb> antdedyet: interesting!
<nealmcb> jdstrand: congrats on becoming an motu!
<kraut> moin
<owh> nealmcb: Thanks for pointing me at the ubuntu-jeos-builder script. I'm not yet down to 90 seconds, but I'm at 180, which is a whole lot better than 15 minutes for a copy/paste/fixup or 45 minutes for a bare .ISO install. Now all I need to do is combine the options from the various versions so I can specify the hostname, directory, ip address and not have an opt drive, but so far, so good.
<soren> antdedyet: I apparantly never got round to uploading kvm 56.. I'll do that today.
<antdedyet> soren: nice!
<_ruben> any vmware gurus around? .. my ubuntu guest is spamming my sles host with "host clock rate change request" messages .. i've added "clock=pit" to the ubuntu guest's grub but it doesnt seem to make a diff
<antdedyet> however, I didn't see anything in the upstream changelog that would lessen the bootstrap aches.
<soren> antdedyet: This was about tap devices, was it?
 * antdedyet will be happy to test it nevertheless
<antdedyet> soren: Yes, it was about tap devices.
<soren> antdedyet: Uploading kvm 56.
<antdedyet> soren: Spectacular.
<antdedyet> I've _really_ got to get more clients on Ubuntu so I can develop more with it. It may get difficult to justify why testing out new servers settings takes awhile if they find out I'm running them all inside a Ubuntu virtual machine. :)
<soren> :)
<sergevn> Is it possible to configure your ubuntu server to use the smtp server of your ISP to send mail?
<sergevn> If so, is there any good tutorial for this? Searched the web, but cant find a clear and simple tutorial.
<avatar_> installing een mta eg exim4 wil ask you a few questions about how to configure the mailserver
<avatar_> one of the options is, smtp with smarthost, where smarthost is the smtp-server of your  provider
<sergevn> avatar_: Thx, that cleared up a little bit, can i paste some dutch output of the setup wizard?
<sergevn> Im a bit confused what to fill in
<avatar_> sergevn: lets switch to #ubuntu-nl, i'm dutch too :)
<RCOMALTA> any one have ubutu as mail server ?
<avatar_> RCOMALTA: we use ubuntu in our mailsetup
<soren> RCOMALTA: Sure.
<avatar_> 6x mx, 4x filter (virus) 6x spamd, 3x maildrop, 4x smtp
<avatar_> all running exim
<avatar_> configuration from ldap
<RCOMALTA> avatar is smtp and pop 3 mail setup
<avatar_> RCOMALTA: we are running mail voor a few thousand domains, so we use quite a bit of servers. Running mail for a single lowtraffic domain can happily run smtp/pop/imap on one singel server
<RCOMALTA> avatar, your mail servers are all with ubuutu
<RCOMALTA> i will do it
<RCOMALTA> and the end computers are windows xp or vista
<RCOMALTA> avatar the end users are with windows xp and vista
<jdstrand> nealmcb: thanks!  :)
<sommer> ScottK: morning, time for a question?
<sommer> ScottK: I was wondering about https://wiki.ubuntu.com/MOTU/Clamav
<nealmcb> wonderful news - they've finally figured out that our voting equipment is deeply flawed - http://www.bradblog.com/?p=5451
<nealmcb> so I'll miss the server team meeting - I'll be be down at the hearing today
<sommer> nealmcb: heh... I was just reading an article on ArsTechnica about the Ohio voting machines
<nealmcb> I've been pointing this stuff out for 4 years now....  finally getting more traction....
<sommer> is it too late to change before 08 elections?
<sommer> wow actually they're talking about the same machines used in ohio
<sommer> nealmcb: good luck with that... seems like a big mess to me
<zul> is there a meeting going on now?
<soren> It's in an hour, I think.
<soren> Meeting in #ubuntu-server.
<soren> Meeting in #ubuntu-meeting, I mean.
<_ruben> heh
<soren> !mta
<ubotu> A Mail Transfer Agent (MTA) is the server software that sends and queues mail. The default MTA (and !MDA) on Ubuntu is !postfix ("exim" is also officially supported). See also !MailServer and !MUA
<soren> Fantastic. I upload kvm 56, and 6 hours later, kvm 57 is released.
<rodpod> who makes the best USB keyboard/mouse kvm's, w/ dvi?
<ivoks> sorry for the meeting :/
 * ScottK is curious if anyone has comments on the message I just sent to the Ubuntu Server ML.
<sommer> ScottK: I'm for it... instructions have been added to the Mail Filtering seciton :-)
<ScottK> sommer: Great.  To answer your clamav question, I haven't had much time for it recently.
<ScottK> sommer: Now for the fun part is we are about to get libclamav3 in the version that was just released yesterday so we need to worry that library transition first.
<sommer> cool, I was looking at packaging again and remembered the backport project
<ScottK> OK.  We still need to do it, but we need to fix Hardy first.
<sommer> sure
<sommer> I also realized that I didn't understand exactly what a "backport" is
<sommer> I actually backported the new api to the existing source instead of backporting the new package... doh
<sommer> it was fun though... so I can't complain too much
<ScottK> sommer: If you can figure the other way around to backport a clamav with the old API, that would solve the whole Dapper problem right away.
<sommer> ScottK: heh... I really don't know that much C :/
<ScottK> We can just patch the current clamav to use the old API, upload that to dapper-backports and declare victory.
<ScottK> Well if you figured it out one way, you ought to be able to do the reverse, right???
<sommer> mmmMMMM... that really doesn't sound too hard
<sommer> there's documentation for the other way though :)
<sommer> I'll do some digging and see where it takes me
<ScottK> sommer: Cool.  That's solve a huge problem in Dapper.
<sommer> ScottK: another question regarding python-policyd-spf.  The order of execution is postfix filters a message through dkim-milter and python-spf then sends it to Amavisd?
<sommer> or amavisd scans it first then postfix pipes it through any other "outside" filters?
<ScottK> sommer: It's a function of how you set up your system.
<sommer> okay, I docuemnted it the first way
<sommer> trying to explain how all the peices fit together
<ScottK> Generally avamisd-new will run after queue.
<ScottK> Running before queue filters can be tricky.
<sommer> that's what I was thinking after reading the postfix book and amavisd docs
<ScottK> Policy servers will run before queue as will milters (although milters are more complex).
<sommer> cool that's the one part of documenting the postfix+amavisd+spamassassin+clamav+spf+dkim I wasn't quite sure of
<sommer> thanks... if there are any issues with the mail filtering section you find just let me know
<ScottK> sommer: Sure.  I guarantee you will have to keep harassing me to look at it.
<leonel> ScottK:  for dapper clamav  as you say to backport the clamav api ..
<leonel> ScottK:  can this be to replace  clamav's   libclamav   with    ubuntu  backported api libclamav ??
<ScottK> I'd put it a little differently.
<ScottK> I'd take the current libclamav and patch it to use the old API and backport that.
<leonel> this way there won't be   dependency problems ?
<ScottK> Exactly.
<leonel> current  you mean   dapper's .88  or  new  .92 ?
<Centaur5> I'm stumped here, my thin clients that have been working for a month just stopped letting me login since Sunday.  The only thing that changed is that I finished setting up a chillispot/freeradius server.
<Centaur5> I've already tried running the ltsp-update-sshkeys and I do see the client connecting in syslog and I don't see any error messages when login is attempted.
<ScottK> leonel: It'd be to make the current (still 0.91.2) libclamav look like the 0.8x one to the rest of the packages in the system.
<leonel> ScottK:  Ok i got it ...
<ScottK> leonel: Just checking to see did you get /msg I just sent you?
<leonel> yes
<ScottK> leonel: 0.92~dfsg-0build1 uploaded.  Now we wait for the archive admins.
<leonel> ScottK: great !
<leonel> ScottK: the next is do a merge to hardy then backport to gutsy   right ?
<ScottK> Actually it looks like a sync.  I think Debian has all our needed changes now.
<ScottK> Because of the soname change we've got the same problems backporting to Gutsy and Feisty that we've already had with Dapper/Edgy.
 * leonel goes to read  the diff  in  merge and sync ...
<fujin_> what's the preferred way to 'git' on Ubuntu?
<fujin_> cogito?
<zul> git-core package
<owh> I need to create a gui interface for some server configuration stuff and I was wondering what the ubuntu preferred tools were.
<owh> I've been looking at gtkdialog, but the included examples don't all work and the manual is pretty skinny.
#ubuntu-server 2007-12-19
<owh> Figured out why the examples don't all work, /bin/sh is symlinked to dash which doesn't support the bash extension 'source'. That helps :)
<nealmcb> owh: the gui direction for hardy and beyond is ebox - web-based
<owh> Yikes
<owh> I suppose it allows for remote admin.
<owh> Hmm, it means that I'm going to have to rethink my setup though.
<owh> Thanks nealmcb.
<nealmcb> and avoids the huge security, support and bloat issues with x11 etc
<owh> Fair enough.
<dantalizing> is btmp/lastb disabled somehow on server?
<owh> At this point I've been working along different lines, that is, hardware is so powerful these days, running an idle GUI isn't really an issue.
<nealmcb> owh: I assume you've seen gadmintools etc?
<owh> Yeah, I liked the notion of the dhcp admin tool, right until I actually had to use it. Then I nearly threw up.
<owh> Talk about an abomination in user interface interaction :(
<nealmcb> owh: also, no need to constrain servers to be hot desktop-capable machines....
<nealmcb> I haven't tried it - just noticed it
<owh> Yeah, that's fair enough, though low end servers while required and useful are the least of my problems :)
<nealmcb> most servers in the world are tiny boxes after all - like routers that already do web-based admin
<owh> I was trying to cobble together a GUI for the ubuntu-jeos-build script for a system administrator.
<owh> Yeah, don't you just love the web-based admin tools :)
<nealmcb> so jump in and connect with the upstream ebox folks - we could use the help!
<owh> I'll give it a look :)
<owh> 'm assuming you're one of those?
<nealmcb> :)
<nealmcb> nope
<nealmcb> have enough on my plate as it is!
<owh> ROTFL, don't we all?
<nealmcb> we == server team
<nealmcb> yeah - but it is great to share the burden with others who have similar goals :-)
<owh> Sure is, now if only I had enough hours in the day to achieve all that I wanted to, wouldn't that be grand :)
<owh> ebox is looking pretty nice I must confess.
<owh> Not sure if I really want to install it onto each jeos vm though. It seems I may have no choice.
<ScottK> nealmcb: I hope you meant that reply to go to the list ...
<nealmcb> ScottK: oops - yup - thanks
<stiv2k> hey
<stiv2k> does anyone know of a good guide / howto for setting up an OpenVPN server?  I have NO experience with VPN whatsoever....
<stiv2k> i basically just want to be able to access my music shares on my server from anywhere in the world and someone told me OpenVPN can do that....
<antdedyet> soren: missed kvm 56 and got kvm 57, had to manually move /usr/src/modules/kvm out of the way before that package extracted properly though
<antdedyet> about to test more ...
<antdedyet> soren: er, before that package extracted properly = before m-a would build the new source, possibly --force would have helped here.
 * nealmcb finishes reading the meeting transcript from this morning
<nealmcb> looks good.  sorry to miss you all
 * lamont struggles to understand why gutsy/ia64 doesn't configure raid-root devices
<lamont> other than the fact that the initramfs hooks all got ripped out
<lamont> which seems to point at udev not getting events for stuff or some such
<lamont> hrm... maybe having raid modules in the initramfs would help
<rodpod> why is the path for update-grub changing
<rodpod> whats the point..
<stiv2k> anyone here???
<nealmcb> !ask
<ubotu> Don't ask to ask a question. Just ask your question :)
<nealmcb> stiv2k: ^
<stiv2k> ah yes
<stiv2k> nealmcb: i'm well aware of that rule... though i've always contested that there's no use in asking a question when nobody's around to answer it ;)
<stiv2k> nealmcb: do you have any experience / knowledge of OpenVPN ?
<stiv2k> oh yes
<stiv2k> nealmcb: also, if you'll scroll up, you'll notice that I actually did ask my question earlier, instead of asking to ask :)
<nealmcb> stiv2k: the problem is, without context, there isn't any basis for people to offer to help.  I now see your query above, but forgot that you were the one that asked it.  and I don't have an answer.   bother.
<stiv2k> nealmcb: hehe how about this one (although unrelated to this channel), have you ever seen or used a Mac Book Pro ?
<nealmcb> nope
<stiv2k> my cousin has one and its sitting here on the coffee table
<stiv2k> i'm quite confused because I can't seem to find a CD drive on the thing
<stiv2k> furthermore it doesn't seem to hav _any_ ventilation / cooling fans
<stiv2k> is that unusual for a notebook or what?
<nealmcb> this isn't a good channel to find laptop insights....
<stiv2k> yeah it just popped into my head
<stiv2k> does freenode have some sort of #mac channel or something
<nealmcb> Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || Guide on asking questions that get answered: http://www.catb.org/~esr/faqs/smart-questions.html
<nealmcb> really - they'll help you get great answers :-)
<stiv2k> right.
<stiv2k> maybe after i have a cigarette...
 * stiv2k is fiending
<kraut> moin
<Ahmuck> hi, why does ubuntu jeos need reiserfs programs?
<Ahmuck> or ppp?
<`6og> because
<_ruben> hmm .. the limited (debian) docs shipped with openswan-modules-source package contains not-working desciptions on how to build a klips kernel module :(
<_ruben> guess i'll try the alternative road: recompile kernel with klips support, would involve nat-t support as 'free' bonus
<_ruben> grr .. that aint working either .. time for lunch
<antdedyet> _ruben: is it something you could use openvpn for instead?
 * antdedyet hasn't use S/WAN since FreeS/WAN 
<_ruben> antdedyet: we use openvpn for roadwarriors and openswan for site-to-site currently (on suse)
<_ruben> i havent used make-kpkg in years so i have no idea what might be causing this: http://pastebin.ca/823456
<antdedyet> _ruben: you might try running make-kpkg with --config menuconfig and then saving the config on exit without changing any config options, but that's purely a guess as I've never had problems running make-kpkg that way instead of with the default config target (--config oldconfig is implied according to the man page)
<_ruben> antdedyet: same thing :(
<_ruben> now it does work .. i think .. odd
<antdedyet> _ruben: ah. :)
<_ruben> compiling kernel under vmware .. see you next week :p
<_ruben> just curious .. why is there a linux-patch-openswan package to build your own klips-enabled kernel, but no precompiled klips-enabled kernel?
<_ruben> bah .. kernel build bailed out with an error
<Bounce> hi all
<Bounce> does someone know something about nic bonding ?
<_ruben> a little
<Bounce> Hi Ruben
<_ruben> dont have much experience with it, yet, but do have a few boxes use it
<_ruben> not on ubuntu (yet), though
<Bounce> do you use ubuntu gutsy with it ?
<Bounce> which OS do you use ?
<_ruben> what is your actual problem/question? it might not be ubuntu specific
<_ruben> windows and suse
<Bounce> ok
<Bounce> my win2k3 server it works fine
<Bounce> but i've got also 1x openfiler san
<Bounce> and a ubuntu vmware server
<Bounce> running on gutsy amd64
<Bounce> both are HP proliants with 2 nics
<Bounce> the problems i found a link for arrgeration
<Bounce> https://wiki.ubuntu.com/LinkAggregation
<Bounce> but I cannot the modutils
<Bounce> the link/document says that I have to modifie the document /etc/modutils/actions
<Bounce> but it doesn't exists in gutsy server AMD64
<Bounce> I've tried to install the modutils, but I cannot install it.
<_ruben> lets check on x86 (playing with 2 vmware instances of it now)
<Bounce> it's driving me insain
<Bounce> :-(
<_ruben> not present here either
<KyleS-work> I have a question regarding Ubuntu server...is it any good?
<_ruben> KyleS-work: is what any good?
<KyleS-work> Ubuntu Server
<KyleS-work> I was thinking about installing it, but I wasn't sure how well it performed
<_ruben> Bounce: im guessing you tried skipping that step?
<_ruben> KyleS-work: i doubt you'd find any negative answers here .. im only experimenting with it yet (planning on migrating from suse to ubuntu), and im rather fond of it so far
<KyleS-work> ah
<Bounce> I use it here in production
<KyleS-work> I use Ubuntu Desktop, and Debian server right now on my older computer
<KyleS-work> but I'm getting a new server in the mail soon
<Bounce> my vmware servers are ubuntu server amd64
<KyleS-work> And I was thinking of migrating to Ubuntu as it's more updated
<Bounce> I had no choice
<KyleS-work> Why's that?
<Bounce> I wanted VMware infrastructure
<Bounce> but for now it's to expensice
<Bounce> so I build it on ubuntu (with amd64 support)(
<KyleS-work> ah
<Bounce> :-P
<Bounce> works very good
<KyleS-work> I'll try it then :P
<Bounce> got 7 production machines on one vmware server
<Bounce> :-P
<KyleS-work> I was debating between Gentoo, Cent OS and Ubuntu Server
<Bounce> true
<Bounce> me to
<Bounce> openfiler is based on Cent OS
<Bounce> I use it as my test san
<Bounce> my only problem is to speed up
<Bounce> I have to go for now
<Bounce> my wife (and my sons) are waiting
<Bounce> see u tonight
<Bounce> bye
<dantalizing> if anyone is awake, i have a raid question
<dantalizing> i uploaded a dapper server to feisty, and went through the raid verification process
<dantalizing> but mkconf gives me different UIDs from what is in my /etc/mdadm/mdadm.conf
<dantalizing> mdrun works fine with my existing UIDs
<_ruben> i always mdadm to work with my raid confings
<_ruben> +use
<dantalizing> the verification process suggests using mkconf to verify existing settings, but doesnt suggest what to do if they differ :(
<_ruben> never used those commands, so cant really help out here
<dantalizing> this is a data partition, so not that big of a deal, but just wondering if i should not trust mkconf, or if its possible mdrun is working _in spite_ of my existing settings
<_ruben> is there a way to recreate /etc/mdadm/mdadm.conf? if so i'd just make backup of that file, and recreate it
<_ruben> maybe even run a diff on those to see if there might be any obvious discrepencies
<dantalizing> well my current mdadm.conf is hand made, so doesnt have all the comments...but the big thing is the disk UIDs are different
<dantalizing> i can make a backup and try
<dantalizing> but mainly wondering why mkconf is telling me something different from what is currently working
<_ruben> different as in completely different, or just in a diff order?
<dantalizing> differnt uids
<_ruben> odd
<dantalizing> generated by mkconf: ARRAY /dev/md0 level=raid10 num-devices=4 UUID=5d418565:6b3cb3b3:459da527:187157b7
<dantalizing> exisiting in my mdadm.conf: ARRAY /dev/.static/dev/md0 level=raid10 num-devices=4 UUID=5d418565:6b3cb3b3:7559ceb6:c7f89e22
<_ruben> 2 are identical .. 2 differ .. very odd
<dantalizing> never noticed the .static until i just pasted it
<_ruben> the only thing i can think of (and i know its rather far-fetched) is that there's some hashing algo involved which changed slightly
<_ruben> or smth in the drivers
<_ruben> either way, its a strange problem
<rgl> hi
<rgl> for some reason my server rebooted itself, and now the raid1 software is in this weird state: md3 : inactive sda7[0](S)  you guys known how to fix this?
<rgl> it should have two partitions, sda7 and sdb7, but for some reason only one is in there :/
<martin___> Hi. Does anyone know a 3rd part yrepository offering a threaded version of apache with php5 or more precisely, offering a php5 version that does not depend on the prefork mpm?
<pisi> I'm about to compile php by hand but I'd like to apt-get install instead.
<ScottK> leonel: Debian just released a security update for Etch that may help you finding patches for Feisty/Gutsy.
<leonel> ScottK:  according to  the changelogs  we are up to date  with  feisty and gutsy
<leonel> ScottK2:   according to  the changelogs  we are up to date  with  feisty and gutsy
<ScottK2> leonel: You looked at http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch8.dsc
<ScottK2> It may be we are up to date, but I want to make sure...
<leonel> http://packages.debian.org/search?keywords=clamav&searchon=names&suite=stable&section=all  <-- just this  no  etch8
<ScottK2> Etch8 was just release.  Get that package and check there.
<ScottK2> dget http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch8.dsc should do it.
<leonel> wow  dget ... nice ..
<Ahmuck> hi.  it appeared that ubuntu-server jeos found my nic and configured dhcp, however upon reboot, not eth* is listed
<Ahmuck> what should i do?
<ivoks> check /etc/udev/rules.d/70-persistent-net.rules
<Ahmuck> drivers ?*
<Ahmuck> is that the problem?
<Ahmuck> iirc, it started the nic with pc card services
<ivoks> did you check the file i told you?
<ivoks> it should have mac address followed by the name of interface
<ivoks> something like this:
<ivoks> SUBSYSTEM=="net", DRIVERS=="?*", ATTRS{address}=="00:0e:7b:4d:54:e6", NAME="eth0"
<Ahmuck> yes, it says that exactly with the exception of the address
<leonel> ScottK: CVE-2007-6336  and  CVE-2007-6335   need patch for gutsy ..  patching ..    after  I'll chek  feisty
<ubotu> ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6336)
<ubotu> ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6335)
<ivoks> Ahmuck: is the mac address correct?
<Ahmuck> could it be because of the "virtual kernel" jeos uses?
<Ahmuck> let me check
<Ahmuck> 00:50:04:d7:22:df
<ScottK> leonel: Great.
<ivoks> i never used jeos
<Ahmuck> 3c905x
<Ahmuck> hrm
<Ahmuck> k, NAME= should be NAME== ?
<Ahmuck> looking at yours, mine is identical with the exception of the mac address
<CarlFK> where is the u-server version of http://us.archive.ubuntu.com/ubuntu/dists/hardy/main/installer-i386/current/images/netboot/
<CarlFK> I am trying to find where I can wget the installer kernel/initrd
<Bounce> hi all
<somerville32> Hi
<Bounce> all ubuntu admins are here ?
<somerville32> Bounce, What do you mean by Ubuntu Admins? :)
<Bounce> I having a little problem with networkbonding
<Bounce> I hope someone could help me
<Bounce> I am an win admin
<macd> Bounce, just ask your question, someone who knows will answer.
<Bounce> and I started with ubuntu in my production environment, everything works fine online the nic bonding
<Bjor1> Hey guys, Im using the Ubuntu-desktop version. And I installed Oracle 11g using the http://www.dizwell.com/prod/node/929 guide. However I have no clue how to start it. Could anyone help me with that?
<ikonia> Bjor1: Oracle is not supported on ubuntu by either Oracle or Ubuntu
<somerville32> Bjor1, One second.
<Bjor1> ikonia, well obv people got it running so why cant I ask other USERS.
<ikonia> who has it running ?
<Bjor1> http://www.supinfo-projects.com/en/2006/oracle_on_ubuntu/ this guy for example
<ikonia> http://ubuntuforums.org/showthread.php?t=622087
<ikonia> it's not supported
<ikonia> there are some issues
<Bjor1> really weird sinds debian is supported :o
<Bjor1> *since
<ikonia> where does it say debian is supported ?
<ikonia> I know there is a package in a debian repo
<somerville32> Bjor1, By the sounds of the tutorial you followed, Oracle should have started after installation
<ikonia> there are some incompatabilities between ubuntu and oracle 10 and 11
<ikonia> more so with some of the "G"  functionalities
<somerville32> Bjor1, Is there any reason you want to use Oracle anyhow?
<Bjor1> somerville32, yes I need it badly for my education "software engineering", and I can run all my tools needed on Linux but oracle db software isn't working.
<somerville32> Bjor1, You need Oracle for a course? You might want to consider using it on a support platform then so you don't get inconsistencies that might affect your mark or something? ;]
<Bjor1> haha
<ikonia> surly not what I said in the first place
<somerville32> Bjor1, However, the tutorial says you should just be able to use good ol' SQL*Plus after installation
<somerville32> Bjor1, Have you tried that?
<Bjor1> not yet
<Bjor1> but im in contact, with the writer of the guide
<Bjor1> otherwise iÄºl install a v.small extra linux distro or use windows.
<Bjor1> Need to use it for crapsis, to finish a other project anyway
<Bjor1> crapsis = acces ;)
<somerville32> :)
#ubuntu-server 2007-12-20
<owh> Yesterday nealmcb told me that ubuntu-server was looking at ebox to do central management, but there is an approved blueprint using NetDirector here: https://blueprints.launchpad.net/ubuntu/+spec/enterprise-system-config-management, are we talking about solving two different things, or are there competing views?
<pschulz01> Is it possible to have multiple 'up' commands in the /etc/network/interfaces file for an interface?
<pschulz01> (eg. for setting up multiple static routes.)
<owh> What are you trying to achieve?
<owh> pschulz01: An interface is either up or down, making it up multiple times doesn't make sense, so what are you trying to do?
<pschulz01> Bring up multiple routes.
<pschulz01> eg. run multiple scripts/commands when the interface starts
<owh> On the same physical interface?
<owh> Running multiple scripts isn't the same as bringing up multiple routes.
<pschulz01> owh: Otherwise.. is there somewhere else that static routes are put?
<pschulz01> I'm just going to create a script //etc/network/add-static-routes
<pschulz01> and put the commands in there and call that with 'up'..
<owh> If you put that script in /etc/network/if-up.d/ it will be called.
<owh> Example here: http://www.pcbuyersguide.co.za/showthread.php?t=6927
<owh> I'm assuming you understand that you can also alias an interface?
<pschulz01> owh: Yes.. as in eth0:0 ?
<owh> Yup.
<pschulz01> owh: Yes.. making very good use of that. Manchine IP on eth0, services on eth0:0 etc.
<owh> Cool.
<owh> pschulz01: That gave me an idea over here for something I'm doing, thanks!
<pschulz01> owh: Just have to add some routes as we have a crazy openvpn setup to the box, which distributes some network routes which we need to add 'exceptions' for.
<owh> Lovely :|
<nealmcb> owh: the status of that netdirector spec is "drafting", not approved.  it was accepted as a discussion item for UDS, but I haven't heard much more since then
<owh> Yeah, and since saying that I've been looking around and it seemed to all stop at the beginning of 2006. I've now downloaded the ebox-user-guide and I've found the section called eBox control centre, so I'm feeling a little more confident.
<nealmcb> owh: what seemed to stop?  netdirector seemed active last month
<owh> Hmm, the downloads I've found are all from 2006, am I looking in the wrong spot?
<nealmcb> owh: note that IIRC ebox is undergoing some pretty significant changes based on the UDS conversations
<nealmcb> owh: as I recall one of the upstream netdirector guys was at UDS, so while I haven't looked at it I was assuming it was active
<owh> Hmm, netdirector 3.1.2 was February 2007
<nealmcb> it is also newly relicenced I think
<owh> No actual packages as such though.
<owh> My largest concern with eBox was that I couldn't manage multiple servers, but that seems to have been addressed, I'm sure I'll find snakes in the grass somewhere :(
<owh> OMG, the "how to make this work" section is pretty fun :(
<Ahmuck> why would lspci list my nic, but ifconfig does not show it
<kgoetz> its not configured
<frankenchrist> from a minimal install which package to install what used to be ubuntu-lamp ?
<Burgundavia> frankenchrist: you need tasksel
<frankenchrist> I am using debootstrap
<Burgundavia> the lamp option is not a package, but rather uses tasksel
<frankenchrist> Hmm
<frankenchrist> Is there a preseed file then on the server cd which would hold the tasksel list?
<teddy233> dhcp classes ... anyone know how to configure them?
<kgoetz> do you have a specific question? (no, is the answer to yours)
<teddy233> i wont start explaining if no one in here has a clue about dhcp config
 * kgoetz wanders off
<teddy233> 96 vlans each wit a diff ip ... want all to use 1 dhcp server
<teddy233> get proper ip range based on the switch/router that it came from
<teddy233> any idea?
<kgoetz> i suggest splitting into multiple config files for a start. just for ease of maintaincance
<kgoetz> *sp
<teddy233> just more stuff to manage
<teddy233> 1 file is find
<teddy233> i can add comments then search for a comment to find location
<kgoetz> just checking one of my works configs, but it seemms to be stripped of comments :/
<teddy233> the documentation is so poor
<kgoetz> mmm. the documentation is almost just the example in the config file
<teddy233> when u see something like this if substring (option vendor-class-identifier, 0, 4)
<teddy233> what does the 0 and 4 mean ?
<kgoetz> i'd guess two different types of sun gear
<teddy233> bah, i'm going to bed
<teddy233> pm me if u find anything
<teddy233> i'll read in the morning
<nealmcb> soren ^ tasksel and debootstrap question
<kgoetz> anyone else here logging more then simply error.log and access.log to /var/log/apache2/ ? i'm wondering if your logs get rotated or not
<kgoetz> can someone tell me how to get postfix/* to stop loggin into syslog? if that data is differnt to whats in mail.*, can i put it in a special postfix log? there so much postfix going through syslog i can't see whats going on :/
<kgoetz> my syslog foo is weak :(
<soren> nealmcb: Er... where?
<kraut> moin
<zul> morning
<soren> We've had this discussion before...
<zul> yes thats why im allowing you to win this time
<soren> Oh? Ok.
<soren> "No, it's not!"
<zul> you're right...you win! you get a fish..
<zul> or the mystery box
<soren> I've seen that one. I'll go with the fish.
<zul> dang
<soren> "NOTHING! ABSOLUTELY NOTHING! STUPID!"
 * soren chuckles
<zul> yeah I love that movie
 * soren too
 * soren goes to lunch
 * _ruben just finished lunch
<_ruben> hmm .. you'd expect a kernel compile to bring the cpu load up to 100% .. but it doesnt, odd
<lamont> kgoetz: in /etc/syslog.conf, change the line to read: *.*;mail,auth,authpriv.none          -/var/log/syslog
<oly-> anyone know a good place to get cheap rack servers, ie without os for running linux ?
<soren> oly-: Speak German?
<oly-> nope
<soren> oly-: Pity..
<oly-> in uk :)
<soren> WEll, I'm in Denmark and I speak (some) German.
<oly-> so preferably someone who ships there :p
<soren> Oh, you want to host the servers yourself?
<soren> I thought you wanted colocation or something.
<oly-> yeah want to purchase them, currently have a linux server but its running on a desktop fujitsu
<oly-> we have a server rack, so if i can find one thats not to pricy i can replace the desktop machine
<oly-> just thought someone here might have some recomendations :p
<xt> oly-: HP Proliant ! :)
<oly-> thxs for suggestion, looking at them, although the dell ones look good for the price
<xt> dell ones are good too
<zul> dell is also expension
<zul> expensive even
<oly-> the dell ones seem to start at Â£300 which is not to bad most places seem to start around the Â£500 mark
<oly-> depends what ya need, dont need anything to fancy at the moment
<nealmcb> soren: frankenchrist was asking about installing the lamp stack via debootstrap, which made me think of the same question for ubuntu-jeos.  how would we suggest that people install a task in ubuntu-jeos-builder?  he also asked "Is there a preseed file then on the server cd which would hold the tasksel list?"
<Shadowhand> hello
<Shadowhand> in order to make my life easier for my (windows-desktop-enabled) boss, is there a web-based gui i can install on top of ubuntu server?
<Shadowhand> particularly for managing Samba
<sommer> Shadowhand: here's a link to instructions on installing a GUI: http://ubuntuforums.org/archive/index.php/t-186298.html
<Shadowhand> i don't want X11
<Shadowhand> i want a web portal
<kir> Could anybody shed the light on who is the maintainer of vzctl and vzquota packages in Ubuntu? Any package have a maintainer, right?
<sommer> Shadowhand: ah... woops didn't read your question close enough
<sommer> Shadowhand: SWAT is a good web based Samba config tool
<sommer> see http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/SWAT.html
<Shadowhand> thanks sommer, i'll check it out
<sommer> np, if you need a web based tool for other services eBox is going to be integrated into Hardy.
<Shadowhand> samba is really the only problem at the moment
<Shadowhand> my boss wants to be able to manage the users, since he handles the desktop integration stuff
<Shadowhand> and i don't want to crash course him in using the *nix CLI
<dexem> then ebox is cool for that :)
<sommer> Shadowhand: SWAT should work fine for you then I'd think.  the Ubuntu package name is swat, should painless to install
<Shadowhand> yah, i already got installed
<Shadowhand> just looking at the docs now
<Shadowhand> hmm
<Shadowhand> how do i actually access the page?
<Shadowhand> ip.xx.xx.xx:901 ?
<sommer> Shadowhand: I think so... I really haven't used SWAT much myself :)
<nealmcb> sommer: good info - thanks!
<sommer> nealmcb: np
<Shadowhand> oh nm
<Shadowhand> sommer: sudo update-inetd --enable 'swat'
<Ahmuck> is there a reason why the install would detect dhcp using the nic during installation but there is no nic upon reboot listed.  it is listed in lspci, but not in ifconfig
<Shadowhand> that was the missing step
<Shadowhand> :)
<sommer> party!
<Shadowhand> Ahmuck: auto eth0 \ iface eth0 inet dhcp
<Shadowhand> that "\" is a newline
<Shadowhand> verify that's in /etc/network/interfaces
<Ahmuck> i assume that auto is a command?
<Shadowhand> it's all lines
<Shadowhand> both lines belong in /etc/network/interfaces
<Ahmuck> ah, ok, let me check
<Shadowhand> you should already have: auto lo \ iface lo inet loopback
<Shadowhand> sommer: ok, here's a problem
<Shadowhand> in order to configure smb with swat, i have to log in as root
<Ahmuck> ya, it's there #Primary network interface
<Ahmuck> so now what?
<sommer> oh he bailed... sigh
<Shadowhand> hello again
<Shadowhand> it looks like i can't add users with swat
<Ahmuck> ubuntu jeos would be perfect for low end systems if everything worked
<Shadowhand> whoa
<Shadowhand> ebox requires gnome?
<Shadowhand> why?!
<Shadowhand> yack, and pgsql
<sommer> Shadowhand: eBox may not be what you're looking for then.  Also, it's really not very integrated, but should be for Hardy
<Shadowhand> but why does a web-based tool require Gnome libs?
<Shadowhand> that's just moronic, thb
<sommer> never heard of Gnome web 2.0?  :-)
<sommer> not sure about the dependency thing
<sommer> just kidding about the gnome web 2.0... fyi, heh
<Shadowhand> gconf2 gconf2-common
<Shadowhand> libgnome2-gconf-perl libhtml-mason-perl
<Shadowhand> just to list a few
<Shadowhand> perl, gnome, and pgsql
<Shadowhand> 3 things i don't want my administration to be dependent on :P
<sommer> I think it may be an icon thing, but I could be wrong, pgsql isn't gnome though is it?
<Shadowhand> pgsql isn't gnome
<sommer> you could always whip up a cgi, php, python, script to manage passwd users :)
<sommer> then use swat to manage the Samba aspect
<sommer> I admit that doesn't sound very "clean" though
<pteague_work> anybody know which kernel ubuntu-server 7.04 attempts to install on a virtual machine?
<sommer> pteague_work: same as a regular machine
<Shadowhand> blah
<Shadowhand> well, my problem appears to be that the unix user accounts don't exist
<Shadowhand> anyone know how i can run samba with a totally separate password file?
<Shadowhand> i don't want my samba users to have unix accounts
<pteague_work> 2.6 kernel?
<Shadowhand> pteague_work: 2.6.22-14-server
<Shadowhand> is the kernel i got when i installed
<Shadowhand> (that was yesterday)
<Ahmuck> well, i've managed to make my system non-bootable now
<sommer> Shadowhand: this might help you: http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html
<pteague_work> k, it's failing when it's trying to select & install software & i'm not quite sure why :(
<Ahmuck> pteague_work: hi there
<pteague_work> os: linux 2.6 kernel, base memory: 512mb, video memory: 8mb...  8gb primary for / & 1gb secondary for swap
<pteague_work> heya Ahmuck
<Ahmuck> pteague_work: use ubuntu jeos
<Ahmuck> it's written for vm
<Ahmuck> i'm trying to use it on a regular machine because of it's small footprint, but may have to give it up
<Ahmuck> or switch out the kernel for a virtual kernel
<Ahmuck> linux-image-2.6.22-14-virutal
<Ahmuck> pteague_work: r u using jeos?
<pteague_work> just googled it... i think i'll grab it
<Shadowhand> hooray for samba.org being 503'd
<Shadowhand> !
<pteague_work> Ahmuck> suggested ram for jeos? will be running apache, mysql, php at the least
<CarlFK> pteague_work: I did all that on a 32mb box back in the 486 days :)
<Shadowhand> blah
<Shadowhand> is aptitude the only way to search for packages?
<Shadowhand> no apt-get search?
<CarlFK> apt-cache search
<Shadowhand> fscking awesome
<Shadowhand> thanks
<pteague_work> yeah... i guess part of it is looking at this beast of crappy code...  i'm not even thinking of optimizing code at this point... all i want to do is normalize & standardize... this is some of the worst spaghetti code i've seen
 * Shadowhand *hates* aptitude
<pteague_work> 1 directory has over 10k php files in it... that doesn't include any images, txt, etc files... just the php files
<Shadowhand> lovely
<pteague_work> & about 99% of those are 1 liners... they basically set a variable or 2 & then include another file
<pteague_work> 1 of the other directories in backup had over 20k php files... currently under public_html it's a bit more manageable at 10k again
<Ahmuck> pteague_work: i have jeos running on a vm with 64mb ram
<Ahmuck> now, i don't know about apache, etc.  i installed xserver-xorg and e17 on top of it
<Ahmuck> i can only get this to run in a vm
<Ahmuck> :-(.  can't get it to run a a real machine
<sommer> Ahmuck: I thing you're always going to be disappointed trying to run JeOS on real hardware.
<sommer> Ahmuck: the goal of JeOS is to only include the necessary drivers for a VM
<sommer> so if your hardware doesn't match those of the vm... it's bad news
<sommer> the server edition is quite light weight and has a plethora of drivers... I'd suggest using that
<CarlFK> oh!
<CarlFK> I thought jeOS was for hosting VMs
<CarlFK> no need to splian... now i get it
<Ahmuck> ah, that is my problem then
<Ahmuck> it works except, the nic does not work
<Ahmuck> so i would need to load a driver for the nic
<sommer> CarlFK: according to this https://help.ubuntu.com/community/JeOS
<sommer> it needs VMWare, Qemu, etc to run.
<Ahmuck> is this because ubuntu server does not have support for vm and that is why ubuntu server would always give me an error - this os is to old for this machine?
<CarlFK> I think I read it as  "only contains the base elements needed to run a virtualized environment."
<sommer> Ahmuck: correct, and possibly the video, sound, etc
<CarlFK> um, os is to old ?
<Ahmuck> yes, i could never get ubuntu server to boot up after installation on a vm.  something to do with some processor thingy.  let me search
<sommer> Ahmuck: you're probably getting that because the Server Edition is optimized for i686 while the desktop has i586 and i686
<Ahmuck> but ubuntu jeos did it just fine.  i was using virtual box
<pteague_work> should i be setting the hard drive in the vm to be static or expandable?  afaik my real disk is ext3
<CarlFK> u-s should run in any VM, jeos will just be better
<Ahmuck> pteague_work: i use expandable
<pteague_work> hmm...  my jeos download passed the md5sum, but checking the iso image when booting the vm off the iso image comes back as integrity test failed
<Ahmuck> ah, now i remember, it has something to do with PAE, and ubuntu server refused to boot after installation on virtual box
<Ahmuck> "PANIC: CPU too old for this kernel."
<Ahmuck> http://www.virtualbox.org/ticket/212
<Ahmuck> iirc it was not limited to virtual box, but there were some others as well
<CarlFK> installing yesterday's hardy u-s, (on real box) no disk detected?
<pteague_work> hmm... jeos - your network is probably not using the DHCP protocol.  Alternatively, the DHCP server may be slow or some network hardware is not working properly... ?
<emo_ninja> hi, anyone know of an apache 1.3 repo for gutsy?
<pteague_work> argh, don't tell me apache 1.3 isn't in gutsy ?
<emo_ninja> that is correct
<emo_ninja> phased out for apache 2
<Ahmuck> should be in backports ?
<pteague_work> dang... then i need your question answered as well =)
<emo_ninja> which is fine, but there are still certain mod perl things that I'm not comfortable moving to 2
<emo_ninja> I don't believe it is Ahmuck
<pteague_work> that means i need to go check & see if php4 & mysql4 are in there as well
<emo_ninja> http://packages.ubuntu.com/gutsy-backports/web/
<pteague_work> crap...
 * pteague_work kills vm installs...
<emo_ninja> hrm.. I just find it so odd that no one else seems to want apache 1.3
<emo_ninja> ah well, from source it is
<pteague_work> i don't really want apache 1.3, but i'm trying to build a test server that duplicates the current server... so if i screw something up i'll know before it goes 'live'
<pteague_work> hmm...  feisty has mysql-server-4.1, but it says it's a transitional package... i'm guessing that means it installs mysql-server-5... ?
<pteague_work> hah, i may have to go install debian..
<zul> muhahahaha
<zul> chuck@homer:~$ uname -a
<zul> Linux homer 2.6.24-rc4-xen #4 SMP Thu Dec 20 10:28:20 EST 2007 i686 GNU/Linux
<pteague_work> gotta love it.... "the password isn't letting me get into the email account"... um, that account doesn't actually have a mailbox on the server, it's forwarded to a gmail account...
<Ahmuck> pteague_work: why not build on apache2.  then convert over?
<CarlFK> " that duplicates the current server"
<CarlFK> upgrade teh current server!
<Ahmuck> yes, but let's assume that heh can run everything he has on apache2.  wouldn't it be best to "move up"
<pteague_work> we're putting together a virtual server for all the new stuff... unfortunately i need to make some changes on the current server & the current server is running apache 1.3.37, php 4.4.4, & mysql 4.1.22
 * Ahmuck fires up vbox to see
<CarlFK> if 1.3 is working fine, best not to mess with it
<pteague_work> i need to make changes to the .htaccess file on the current server... i don't want to make modifications to the .htaccess on the live production server & discover it doesn't work...  that's why i'm trying to put a test environment together that matches the current production server...  the new servers we're working on will be apache2 & will have both php4 & php5 on them
<Ahmuck> pteague_work: it should work the same on the vm with apache2 as it does on 1.3
<Ahmuck> .htacess that is
<CarlFK> 'should' :)
<pteague_work> i understand that the utilization of .htaccess is the same, but i don't know if apache1.3 will exhibit the same behavior with the particular things i'm wanting to put into the .htaccess file including several php_value directives
<Ahmuck> there really isn't much to an .httaccess file
<Ahmuck> ah
<Ahmuck> so apache 1.3 has been taken from the fiesty repositories?
<CarlFK> Ahmuck: guessing it is still in 6.06 lts
<Ahmuck> couldn't one change the repositories or add the repositories to the apt file?
<Ahmuck> and then get it
<pteague_work> Ahmuck> i think apache 1.3 is in feisty, but not the php4 for apache1.3 i think
<Ahmuck> i think i would just keep looking at old repositories, and then restrict your repository to that
<Ahmuck> so, does anybody know how much lighter jeos is over server edition?  i'm looking for something very lightweight.  4g hard drive, 450mhz proc, and 64mb ram
<CarlFK> Ahmuck: no nic?
<Ahmuck> CarlFK: ?
<CarlFK> i am guesing that is a likely problem trying to use jeos on real HW
<Ahmuck> ah, yes.  no drivers loaded
<Ahmuck> so as a result it does not load 3c905x drivers
<Ahmuck> :-(
<CarlFK> server will run fine on 64mb
<Ahmuck> which mean i would have to manually install them
<CarlFK> server + apache + mysql...
 * Ahmuck is trying to do server/xserver-xorg/e17
<CarlFK> X?
<pteague_work> maybe i'm doing something wrong with the network setup... how should i be setting up the network under vmware?
<nealmcb> !jeos
<ubotu> JeOS (pronounced "Juice") is Just enough Operating System.  It is an efficient variant of the Ubuntu Server operating system, configured specifically for virtual appliances. See http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos for more information.
<nealmcb> https://help.ubuntu.com/community/JeOS
<nealmcb> pteague_work: that last one is a tutorial
<Ahmuck> CarlFK: yes, i need a small footprint
<Ahmuck> CarlFK: so i can cram OO.o, scribus, gramps on oit
<nealmcb> but it would seem like a real pain to try to get the jeos iso booting on physical hardware - it is designed for use in a vm
<CarlFK> http://xubuntu.com
<Ahmuck> nealmcb: yes, i've decided to try ubuntu server.  i could not get it to install initially because my bios was to old
<Ahmuck> so i updated my bios and then tried ubuntu jeos, but i would have liked jeos to install.  just enough os to run
<CarlFK> Ahmuck: once you get it running, you will have u-server
<Ahmuck> i've used xubuntu, but in testing, e17 or elbunut works better then xubuntu
<Ahmuck> and having used it, i like e17
<Ahmuck> a u-server?
<CarlFK> u=ubuntu
<Ahmuck> ah, so what is the difference in ubuntu server and ubunter jeos?  i was under the impression that ubuntu server had a larger footprint once installed
 * Ahmuck should do two vm installs and compare disk size
<CarlFK> Ahmuck: it does.  but you are going to add to jeus and end up with a similar
<CarlFK> Ahmuck: have you installed -server and whatever you need on the 64mb box?
<Ahmuck> working on that now
<Ahmuck> i bought the boxes for 1.00  i initially thought i would use ltsp server in conjuction with kubuntu.  however the ltsp server setup is not as polished or i was not finding the right programs so i opted for an easier way out.  unfortunately i've been researching the jeos driver thingy for two days and have fallen back to ubuntu server agian
<CarlFK> fortunately
<CarlFK> jeus is not the os you are looking for.,.
<Ahmuck> ?
<CarlFK> probably worth looking into spending a few more $ to get 128m in them
<Ahmuck> na, they would work great on ltsp server
<CarlFK> well then do that...
<Ahmuck> but i blew the psu in the box i was going to use for the ltsp server
<nealmcb> Ahmuck: the larger footprint in u-s is there to deal with the driver issues you need to deal with for real hardware.  you can always remove the stuff you don't want after install, or build your own kernel if you are so inclined for maximum speed.
<pteague_work> dang... i'm not sure the 8gb for the vm is going to be enough...
<CarlFK> pteague_work: what kinda system you trying to run?
<pteague_work> the public_html directory on the current system is about 7.8g
<CarlFK> oh.. I thought you meant ram
<CarlFK> create another 'disk'
<pteague_work> granted, some of that is extra crap, like roundcube for webmail & such so i can probably cut it down, but that still doesn't account for the mysql db...
<CarlFK> what VM are you using?
<pteague_work> the free vmware server
<Ahmuck> there is ubuntu server, and on the alternate, ubuntu command line system, ubuntu oem ... are the installations on the alternate smaller?
<CarlFK> pteague_work: iv been using qemu, but I think the syntax is similar: qemu -hda a.img -hdb b.img
<CarlFK> them mount hdb1 under /home
<CarlFK> Ahmuck: smaller or not, you should try them
<pteague_work> is there a small install for edgy?
<CarlFK> yes.  u-server
<zul> whats the launchpad url for jeos again?
<macd> https://launchpad.net/ubuntu-jeos/
<Ahmuck> ok, i have a question.  i just installed ubuntu-server on that machine, and lspci, it shows the ethernet card, but ifconfig does not show eth0
<macd> I
<Ahmuck> so i am right back where i started
<CarlFK> Ahmuck: what card?
<macd> I'd like to see something similar to jeos, but for the VM base, like xenutils+kernel+binutils
<CarlFK> macd: is base host or guest ?
<Ahmuck> 3c905B [cyclone] rev30
<macd> host
<macd> Ahmuck, you use something like 'tree /dev/sys' to see what devices are what
<Ahmuck> maybee it's a bad nic
<pteague_work> suggestions for a fast mirror in north america?
<macd> Ahmuck, its very possible its eth1 or 2, but if its a single nic, it _should_ be eth0
<macd> Ahmuck, also, does 'lsmod' show the 3c905 module?
<macd> pteague_work, the osuosl mirror typically gets me over 1000K
<CarlFK> macd: whats wrong with u-server ?
<macd> CarlFK, I think its basic footprint is still a bit bloated
<Ahmuck> yes, ok i am going to ask a really dumb question.  do i need a cable plugged in for eth0 to show up?  i thought i only need the card in the machine
<Ahmuck> the module is there, yes
<macd> CarlFK, I usually just debootstrap a base using ubuntu, and its ~120mb with no bloat ;)
<macd> Ahmuck, no, but the card won't :come up" either
<Ahmuck> macd: debootstrap a base?
<CarlFK> macd: that dosn't mean there is anything wrong with anything else
<macd> CarlFK, not at all, I never said anything was wrong, I just see the need for another option
<CarlFK> you and Ahmuck should work on it :)
 * macd adds it to the list of things that won't get done ;)
<macd> I've done it privately, but as far as community goes there so much red tape in the community
<macd> just getting the rails stack spec visible was a chore and a half
<pteague_work> hmm... osuosl doesn't have edgy, has dapper & feisty :(
<Ahmuck> brb
<macd> pteague_work, its a mirror, it should have it _all_
<pteague_work> 6.06, 6.06.1, 7.04, 7.10
<pteague_work> dapper, edubuntu, feisty, gutsy, kubuntu... then again i don't think edgy was a long term
<macd> nor are 704 and 710
<pteague_work> yeah, 6.06 is LTS to 2011, 6.10 isn't
<pteague_work> guess i pull dapper & see if i can upgrade to edgy...  probably wouldn't matter much & would probably be better to stay with dapper anyways...
 * macd agrees with using dapper in critical places
<Ahmuck> ping
<pteague_work> not really 'critical'... setting up a test server as close to production as i can (using ubuntu/debian instead of centos) so i can test some changes to the .htaccess file... have to have apache1.3 & php4
<pteague_work> hopefully by end of month we'll be rid of the current servers & on the new virtual servers... hopefully we can go with apache2 & php4 with those
<avatar_> stil php4?
<pteague_work> i can't get this code to work under php5 & i'm surprised it's even working on php4
<pteague_work> $session[username] ...
<CarlFK> Ahmuck: I just put a 3c905 in a u-server box, and ... it didn't work?!
<CarlFK> Ahmuck: but.. I do see something with ifconfig -a (eth2, but I think it is an isa nic.  taking that out now)
<pteague_work> avatar_> heh, it looks like php3 tutorials slapped together
<macd> pteague_work, keep in mind dapper doesnt have apache2 in the repos for it
<CarlFK> er.  it was an isa sound/modem ... so the only nic got assigned eth2.  I thought this was a clien install, but it may be left over from some nutty wifi router I was trying to build
<pteague_work> yeah... for the new stuff i think we're going to use quickbooks enterprise to deal with inventory & build off of there with php5... i'm hoping quickbooks will use mysql or postgresql
<macd> pteague_work, it uses odbc, so your good there
<macd> at least the newer version that is based on .net2
<pteague_work> .net2 ?  i was looking at the linux server version
<macd> ohh, I didnt even know there was one, I just assumed you were running it on windows-server and wanted to use a linux db box for a backend
<pteague_work> i'm not sure what version tho...
<pteague_work> this is first pdf (converted to html) that i've seen on google for it - http://72.14.205.104/search?q=cache:sEXocjJV6cIJ:http-download.intuit.com/http.intuit/CMO/qbes/resources/pdfs/LinuxInstallGuide.pdf+quickbooks+enterprise+database&hl=en&ct=clnk&cd=7&gl=us
<pteague_work> upgrading from linux database server manager release 7.0... so guessing it's 8.0 ?
<macd> yeah I was just on their site
<macd> http://quickbooksenterprise.intuit.com/features/new_version.jhtml
<macd> They show a linux db backend, but a windows client
<pteague_work> yeah, that's fine... all the workstations in the warehouse currently have vista (ugh)...
<pteague_work> recommended ram - as much as possible
<pteague_work> only tested on open suse enterprise server 10.2 & fedora 6...
<pteague_work> hmm... looks like we may have to have this as a local machine & have it connect remotely to the webserver/database
<pteague_work> anybody have any ideas as to why a barcode in a pdf wouldn't be printing along with the rest of the pdf?  we've been having issues with the USPS click-n-ship pdfs
<Ahmuck> found my problem - bad nic
<Ahmuck> changed the nic, and now i have eth0
<nealmcb> Ahmuck: cool!
<CarlFK> pteague_work: i mess with barcodes and pdfs - is it something you could give me?
<CarlFK> not sure I have any advice, but im curious
<CarlFK> anyone have todays http://cdimage.ubuntu.com/ubuntu-server/daily/current/hardy-server-i386.iso
<CarlFK> I am wondering if the installer uses the same kernel as the alt cd
<pteague_work> CarlFK> hmm... not sure
<pteague_work> CarlFK> sure, /msg me your email address
<pteague_work> or hmm...  at 153.4 kb i guess it's small enough to try to send via irc if you want?
<CarlFK> dcc hardly works for me, but give it a shot
<CarlFK> "receiving... 0%...."
<pteague_work> yep, sent via email then
<CarlFK> groovy.
<sommer> here's a pickle I changed the hostname on my machine reboot and forgot to change /etc/hosts
<sommer> now sudo says  unable to resolve host
<sommer> is there a way to edit /etc/hosts without using a recovery cd?
<sommer> meh nm... just needed to repeat the command 3 times before it worked
<Ahmuck> hi again, up and running on that low end system
<Ahmuck> macd: u said you were boot straping?
<CarlFK> Ahmuck: you looking for automated install?
<Ahmuck> well, not really if i had instructions.  i could not help but see that he was doing a low mb install
<Ahmuck> so i was hoping that with some work in a vm i could get the install down really small
<CarlFK> what good would the VM do?
<nealmcb> sommer: that's the second time i've heard of a sudo / hosts issue - is this some nasty pam interaction or what??  scary!
<Ahmuck> CarlFK: a vm would allow me to do multiple aptitude install/remove until i found the right configuration for a very small install
<Ahmuck> macd: i would be interested in knowing how you did you bootstrap of ubuntu-server, and/or docs on the web you found.  i would like to try this
<osmosis> where can I download feisty server 386 iso ?
 * Ahmuck thinks there needs to be a ubuntu-base
<kgoetz> lamont: thank you. i assume the '-' in front of the log name means 'dont put this in here'?
 * Ahmuck needs to find a wya to strip down ubuntu, then xserver-xorg install
<kgoetz> Ahmuck: has ubuntu-base disapeared?
<kgoetz> and to strip it down, i recomend debfoster
<kgoetz> lamont: sweet. thats got it. thanks :)
<sommer> nealmcb: I think it may have something to do with the !fqdn option in /etc/sudoers... I could very well be wrong though
<Ahmuck> i think there was a server type of install that allowed you to "choose" what type of server.  i remember using that install, but i can't seem to locate it now
<lamont> kgoetz: the - in front of the log name says don't sync the log to disk every write.
<lamont> see 'man syslog.conf'
<kgoetz> just seeing it atm
<kgoetz> ask i understand it, i have to createa a local* facility logging to a file, then point bind to use that instead of <its default>
#ubuntu-server 2007-12-21
<Ahmuck> what version of server do i need for a "list of server types" such as ltsp, dns, dhcp, etc. to install?
<somerville32> Ahmuck, say again? :S
<Ahmuck> somewhere i booted a ubuntu-server disc, and at some point was presented with a menu to install and it had dhcp, dns, etc. on the menu
 * somerville32 nods.
<Ahmuck> i've been combing my ubuntu-server, alternate, etc. to find that menu
<Ahmuck> but i can't find it on any install, i must be missing a step
<mralphabet> Ahmuck: you are looking for task select
<Ahmuck> mralphabet: nope, i'm looking for a install menu for which type of server to install, dhcp, dns, ltsp, etc.
<Ahmuck> as dedicated servers
<mralphabet> Ahmuck: see my previous comment
<mralphabet> Ahmuck: sudo tasksel list
<Ahmuck> hrm, guess i'm lost
<mralphabet> Ahmuck: sudo tasksel install mail-server
<mralphabet> etc
<Ahmuck> when my current vm install is complete, i'll boot another and look again
<Ahmuck> ah, once the server is installed?
<mralphabet> that "usually" pops up during the actual install from a server install disk
<Ahmuck> or command line install
<mralphabet> but you can force the issue from command line once you have the base server installed
<Ahmuck> ah, i'll bet i saw it on JeOS install.  i'll have to check.  iirc, ubuntu server won't run under vbox because of some PAE thingy
<mralphabet> also, 7.04 only has a couple tasks, 7.10 has several more
<Ahmuck> ya, that's what i'm after, that's why i noticed it.  7.10 had lots.  so your saying this should pop up on it's own?
<mralphabet> that is quite possible, the jeos installer has even more options I believe
<mralphabet> on the standard server install cd, it should, i believe
<mralphabet> I haven't actually gone through a 7.10 install ;(
<Ahmuck> ya, hrm, i'm not getting it for some reason
<mralphabet> it did on 7.06 when i did that install
<mralphabet> but as I said, once you get something running, just do 'sudo tasksel list' and you can choose options from there
<nealmcb> I don't remember tasksel being part of a jeos install, but it is part of a server install
<mralphabet> nealmcb: ahh, sorry for my misunderstanding ;(
<nealmcb> but I forget when it comes or if it depends on something else
<Ahmuck> nealmcb: really, for some reason it is not starting for me and i dont' understand why
<Ahmuck> ah, i think i know.  rather than reboot, esc, then a tasklist is presented
<Ahmuck> hrm, i'll see in about 10 min
<Ahmuck> ah, nm, there is is
<Ahmuck> at the end
<Ahmuck> ubuntu ume, or mobile and embeded is a small footprint?
<Ahmuck> linux-ubuntu-modules.x.x.xx.-server is a server module?
<Ahmuck> in ubuntu-server if i select lvm the first time, and then have to do a re-install (testing) and attempt to do lvm the second time i get an error.  this bug is repeatable.  it forces me to select "entire disk" rather than "entire disk with LVM" on the second round
<Ahmuck> tasksel is not part of JeOS install
<Ahmuck> if i backup my aptoncd, i can set it as a priority for downloads for apt?
<mralphabet> Ahmuck: I believe so, you can edit the sources.list
<Ahmuck> k, i think i've tried that before, but i'll try again
<Ahmuck> i usually just create an iso and mount it in the vbox
<Ahmuck> bleh, aptoncd works if you can restore aptoncd ... searching for another method
<Ahmuck> ah, apt-cdrom add
<Ahmuck> k, what do you do if you want to setup 10 servers the same?  keep downloading from ubuntu servers using aptitude?
<mralphabet> preseeding
<macd> Ahmuck, I just know howto bootstrap a system, but Im sure google would turn up a doc or two, think livecd+gparted+debootstrap
<macd> Ahmuck, or I could throw something together, it might be a good thing for the wiki anywho
<macd> but that might take a few days
<Ahmuck> what is a bootstrap, just bare debain?
<macd> pretty much, kernel+binutils
<macd> I use it to make a virtual machine host, then also build guests off the same method
<macd> then you can have a base template for all your vm's
<macd> thats prolly further than you need
<macd> oops
<macd> Ahmuck, not sure if you said anything elsae
<Ahmuck> well, i was thinking about bootstraping some old pcs if i thought it would make a difference, however after fighting with xserver-xorg install and trying to install just the video driver and input driver i needed, i don't think it's going to work without a lot of work.  i was looking for an install that would reduce the number of processes going on and free memory
<macd> its an option to only get a base system
<macd> I'd like to see something similar as a tasksel on install
 * macd makes a note on that
<Ahmuck> something similark, oh, right, a base install.  i think jeos was an attempt at that.  i hope they pursue it further
<Ahmuck> actually, i just semi-abort the server install, and so it does not install a particular server
<steelwolf> Hi i have only 2 files listed on http://203.116.63.66/dl/ but when i did ls -l there's other 2 tar files but its not showing up.is it permission problem?i have it all chmod 777
<Ahmuck> the files are .something?
<Ahmuck> ls -al
<Ahmuck> or ls -a
<kraut> moin
<steelwolf> no
<steelwolf> without .something
<Ahmuck> where is the domain name set for ubuntu server?  hostname is set in /etc/hostname, but domainname is set in ?
<Kamping_Kaiser> ahmuck needs more patience
 * kraut slaps ICU with a sun fire v240
<ICU> pah
 * ICU slaps kraut with a SunFire 3800.
<kraut> i bet, after i hurt you with a v240, you got down to the ground :P
<ICU> you can't even lift it :P
<pete1> hi all
<pete2> hello
<pete2> can someone help with m1005 MFP printer/scanner/copier. i cant get scanner to work. printer works flawlesly but xsane refuses to detect scanner, any help on this ?
<dantalizing> can someone tell me what the issue is with supporting webmin?
<leonel> !webmin
<ubotu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system
<dantalizing> generic... webmin has downloadable debs which they claim they test ... i only saw 1 bug related to webmin ...that was for bacula
<genii> Hello, If I have 2 identical drives with identical uuid and contents if I use the uuid for grub and fstab will it write to both?
<genii> (both drives)
 * genii sips a coffee
<genii> Maybe I'll experiment on a couple usb sticks
<soren> genii: No.
<soren> genii: If you have two drives with identical uuid, you're bound to get unexpected results.
<genii> soren: So it's a first-found wins thing
<genii> eg sda =uuid match so sda gets used?
<soren> I'd actually rather guess last-found wins.
<genii> Hmm
<soren> Given a UUID we won't iterate through block devices looking for it.
<soren> When a block device appears, its uuid is detected and a symlink is created in /dev/disk/by-uuid
<genii> ah by udev, yes
<soren> Right.
<soren> ...but seriously...
<soren> Two block devices with the same uuid => trouble.
<genii> soren: The idea occurred to me because once by accident I put 2 identical hd both set as master on the old ribbons (without cs twist in them) and the computer wrote to both
<soren> erk..
#ubuntu-server 2007-12-22
<Elazar> Trying to compile PHP 5.2.5 from source on Server Feisty. Anyone know why ./compile doesn't seem to pick up on the stock installs of re2c, bison, or flex?
<Elazar> Got build-essential installed. Also tried bison-1.35, but it didn't pick that up either even though it's noted to be supported version in the error it displays.
<szalexliu> somebody have free time can help for me ?
<szalexliu> FastTrak 376/378 is a soft raid or a hard raid control
<szalexliu> and how can I install the server system in my computer with FastTrak 376/378 RAID 0
<szalexliu> somebody can help for me ?
<Elazar> #
<nealmcb> Elazar: 42
<Ahmuck> hi.  what is the mail server?  sendmail?
<mralphabet> !mail
<ubotu> mail is another medium to communicate. Ubuntu mailinglists can be found at http://lists.ubuntu.com
<mralphabet> !mailserver
<ubotu> Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/7.10/server/C/email-services.html
<nealmcb> !mta
<ubotu> A Mail Transfer Agent (MTA) is the server software that sends and queues mail. The default MTA (and !MDA) on Ubuntu is !postfix ("exim" is also officially supported). See also !MailServer and !MUA
<Eeyore-Jr> ping
<Ahmuck> hi.  i set up ubuntu-server, then tasksel, and mail, no configuration.  i want to change that configuration to internet(smtp), is there a way to force re-configuration of the mail server portion?
<nealmcb> Ahmuck: dpkg-reconfigure postfix  IIRC
<Ahmuck> nealmcb: thx
#ubuntu-server 2007-12-23
<Ahmuck>   in ubuntu server, i want to set the domain name.  that would not be set in hostname would it?
<nealmcb> Ahmuck: that has always been a bit confusing.  it may get picked up from /etc/hosts based on IP
<nealmcb> but different apps probably handle it differently.  is this for mail? apache?
<Ahmuck> system wide, one apache, one mail, dns, etc.
<nealmcb> Ahmuck: well no guarantees that they all take it from /etc/hosts but I think that is a good place to start
<Ahmuck> k, thx, i'll look at it
<nealmcb> the way mine was set up after install was with this line for fqdn - note it is not 127.0.0.1...:    127.0.1.1     mine.example.org mine
<nealmcb> and also this   127.0.0.1      localhost
<Ahmuck> u know i am using a version of *buntu as my desktop, but the hosts file has nothing about the domain in it.  something like "hostname.domainame"
<peanutb> does anyone have knowlage of getting a dhcp server up to serv thin clients
<Kamping_Kaiser> peanutb, any standards compatible server should work
<Ahmuck> on the ubuntu-JeOS server, upon using tasksel, after the "server type" such as LAMP, etc. is installed, it never returns to a prompt, and requires a reboot.  i assume that i am not the only one experiencing this
<peanutb> Ahmuck: im trying an install right now. Ill tell you if i run into the same problem
<peanutb> hmm
<peanutb> i just get an aptitude failed
<Ahmuck> peanutb: just run tasksel.  sudo tasksel
<peanutb> exactly what i am doing
<Ahmuck> on the server side, ubuntu, it runs through everything, but never dumps to a prompt on my older machines
<peanutb> "tasksel: aptitude failed (100)
<peanutb> '
<Ahmuck> in a vm?
<peanutb> no
<peanutb> its a regualr machine
<peanutb> running edubuntu but a regular machine
<Ahmuck> ah, you have ubuntu-JeOS on a regular machine?
<peanutb> no
<peanutb> ohh JeOS
<Ahmuck> ah, ok
<Ahmuck> yep
<Ahmuck> i coulld only get JeOS to install into virtual box because ubuntu-server has a default PAE enabled kernel, and virtual box does not yet support  PAE
<peanutb> i have used tasksel on regular server installs in vmware
<peanutb> and it seemed to work
<Ahmuck> in fact, i am guessing this is part what prompted ubuntu to do the JeOS version
<peanutb> i think it was more, we dont need a million display drivers etcv
<peanutb> and want a smaller image
<Ahmuck> well, it works, but when the install process is done, it just sat there, never dumped back to the prompt, and required a reset on the machine.  i had the same problem with ubuntu-server on my older machines as well yesterday
<Ahmuck> so i have a blue screen, red progress bar at 100% that just sits there
<peanutb> yeah
<peanutb> tasksel seems quite buggy to me
<Ahmuck> actually, i had the same issue upon reboot of ubuntu-server, never dropping to a prompt, just sitting there after the last task.  only drops to a prompt if i hit a key on the keyboard
<Ahmuck> not sure why
<Ahmuck> i'm guessing it's the machines problem.
<Ahmuck> but i did this on five machines of the same config
<Ahmuck> i do have a question however, why do they advise not changing root?  it would seem to me if someone could connect to your *buntu box and you had not changed root, with the default user they could change root password and you would be screwed
<Ahmuck> the only reason i can think of not changing it is because of apt and configuration issues that are defualt which *buntu has set up to use the root (ubuntu defalt) to setup and configure
<peanutb> root is disabled
<peanutb> there is no password
<peanutb> they suggest not changing it because its simply better to have that extra layer of security of what is that username
<Ahmuck> yes, but u can set a password on it using su -i
<Ahmuck> disabled?
<Ahmuck> so essentially it's not really disabled if you can get to it by su -i correct?
<peanutb> su -i?
<peanutb> its login is disabled
<Ahmuck> ya, try it.  drops you to root after you enter your sudo password
<peanutb> you can still sudo su to it
<peanutb> yes. thats the point
<peanutb> you can have root access
<Ahmuck> seems like a great opportunity to create a back door user
<peanutb> at install?
<peanutb> you have to have sudo rights to be able to set a root password
<Ahmuck> yes, it would not take much to set up a distro with a user who had sudo rights and then a notifier when it was installed somewhere
<peanutb> you should MD5 the iso or image of whatever you are installing
<peanutb> and make sure its from a trusted source
<peanutb> sure its possable to have a back door
<peanutb> but who says you wont just add a user on a regular debian system that has shadow access
<peanutb> Ahmuck: https://help.ubuntu.com/community/RootSudo?highlight=%28sudo%29 has much better reasons
<Ahmuck> what is the min ubuntu-server will run?  i am using 64 on my hard machines and 256 on my vm
<Ahmuck> nm, i found it
<Ahmuck> peanutb: installing ubuntu-server with 64mb ram tasksel won't come up, and requires me to run it after installation
<Ahmuck> which i would have expected
<Ahmuck> er, which i expected to happen on a low mem mode
#ubuntu-server 2008-12-15
<fbc> Is there a way to give apache more cpu time???
<fbc> My server is overloaded load averade 157.0 but CPU utilization is at 7.6%..
<fbc> obviously there must be a bottleneck somewhere...
<fbc> anyone?
<zoopster> well...no expert on that subject, but cpu util% is not very useful when comparing with load
<zoopster> but yes...load is high so you need to determine what is causing the load
<zoopster> you can up the priority, but not sure that is what you want
<fbc> zoopster, my webpage is not responding.. and my cpu utilization is high.. I got 2 gigs of ram and a quad processor.. i don't understand how I'm overloaded.
<zoopster> and apache is taking up resources or why do you suspect apache - just because the page isn't loading?
<fbc> zoopster, because I look at TOP and I got like 150 apache threads open.
<zoopster> ah
<fbc> See if you can bring up my site. http://mexicoetal.com/ and it was all wokring just fine until I stumbled one of my pages on stumbleupon and loads of traffic starte flowwing it.
<zoopster> so it is working hard - in that case I would lower that to something the machine can handle instead of increasing the priority
<zoopster> still trying to load
<fbc> yeah, but lower what??
<jmarsden> fbc: The value of the MaxClients directive, perhaps?
<fbc> zoopster, I lowered my KeepAliveTimeout to 2  and did an /etc/init.d/apache2 reload so that It would take effect but it's still locked up...
<fbc> jmarsden, thanks I will try that.. will that require a restart or just a reload?
<jmarsden> Restart I think, but it has been a while since I did that in an "emergency, too many requests" type of situation!
<jmarsden> I think a restart, but not sure.
<fbc> ok it just came up... whew...
<jmarsden> Yes, it seems somewhat more responsive now...
<fbc> I lowered the maxclients to 100
<uvirtbot> New bug: #308063 in samba (main) "package samba 2:3.2.3-1ubuntu3.3 failed to install/upgrade: package samba is not ready for configuration" [Undecided,New] https://launchpad.net/bugs/308063
<zoopster> cool...was going to throw that out... - came right up for me fbc
<fbc> zoopster, jmarsden , I guess I'm gonna layoff the stumbleupon until I figure out how to properly load balance and test my server
<fbc> zoopster, jmarsden , i went from having 16kb of memory free to 1 gig and a half again.
<zoopster> snag some tools for testing it - not sure what may work well - jmarsden may know
<fbc> zoopster, thanks a bunch.
<jmarsden> fbc: ab is the canonical test tool for web server load, but what really works depends on how dynamic your site is, etc...
<fbc> jmarsden, I can't enable the cache in joomla because it makes my virtuemart go bananas, and product links being to fail etc,etc,etc...
<jmarsden> You should talk to the Joomla and/or virtuemart people about that specific issue.  I'm used Jommla before but am not any sort of expert on it.
<zoopster> fbc: good luck
<jmarsden> Maybe ask in #joomla ?
<fbc> jmarsden, yeah, I've contributed code and small bug fixes. By no means do I actually consider myself a programmer. :-)
<fbc> thanks everyone
<jmarsden> No problem.
<fbc> jmarsden, sorry to bug ya, but just out of curiosity, If my maxservers is set to 100 what will my 101th client see? network timeout?
<fbc> site not found?
<jmarsden> No, the server will just queue the request until it has finished dealing with the 1st client...
<jmarsden> There *is* a max queue length but I don't think you need to play with that.
<jmarsden> Lowering MaxClient basically says "don't try and respond to too many people at the same time".
<fbc> jmarsden, ahh that makes sense.
 * fbc is showered by enlightenment and a beam of light appears over his head.
 * jmarsden wishes he was there to see this amazing light show :)
<fbc> goodnight all.
<Gargoyle> morning sleepyheads.
<yann2> nijaba > configuration management tools? :)
<yann2> puppet coming in main? \o/ :P
<kraut> moin
<Scix> how can I see or start logging what debmirror does?
<Scix> I dropt out, anyone who answered my qestion while I was gone?
<_ruben> add --verbose
<Scix> does it log to file then?
<_ruben> stdout
<nnull> whats the difference between ubuntu-server and say plain debian ?
<Nafallo> support times to start with
<nnull> ah
<Nafallo> also quite different ways of handling the distros.
<axyjo> hi all, i have an ubuntu server installation that i want to convert to a production server (point it to a domain). i've got the dns side of it done, but what do i need to do on the machine? when i installed it, i specified a local hostname
<axyjo> the main thing that i'm actually interested in is how to properly configure mail on the server. will the actual domain and the hostnames conflict? how do i ensure that i don't get treated as spam?
<Faust-C> i thought that the ebox issue had been resolved for 8.10
<Mal3ko> hmm does init.d script starts automcatally when system starts?
<Faust-C> Mal3ko, what?
<Mal3ko> scripts in /etc/init.d/
<Faust-C> if the script (service) is enabled then yes it should
<Mal3ko> how to know if it's enabled?
<Gargoyle> Mal3ko: There is an rc-update script, or update-rc for checking and changing
<Mal3ko> my real problem now is..im trying to edit the "auto start" command that pure-ftpd uses in my server..but im confuse and how no idea how i could do that..
<Mal3ko> have no idea*
<Mal3ko> is the command stored in its init.d script?
<Gargoyle> Mal3ko: What do you mean edit the auto start?
<Mal3ko> services i mean..
<Mal3ko> its command parameter
<Faust-C> Mal3ko, /etc/init.d/<service start>
<Faust-C> man update-rc.d
<Mal3ko> does anyone have sample config for pure-ftpd?
<Faust-C> Mal3ko, https://help.ubuntu.com/8.10/serverguide/C/index.html
<Mal3ko> thanks but i couldnt find anything on pureftpd in that page..
<Faust-C> hmm seems folks are using vsftpd
<_ruben> its config setting *might* reside in /etc/default/pure-ftpd .. which in turn gets sourced by /etc/init.d/pure-ftpd
<Faust-C> Mal3ko, i would just google for a howto
<Faust-C> and imo i would READ and not use someone elses considering what works for others may not work for you
<_ruben> oh right, debian/ubuntu have their own wrapper around pure-ftpd, of which the config resides under /etc/pure-ftpd/conf
<_ruben> see: man pure-ftpd-wrapper
<Mal3ko> what's the relation with pure-ftpd-wrapper with pureftpd init.d script?
<Mal3ko> wouldn't it be much easier if they make pureftpd looks for config file in its config folder when starting up..if no config is present then use default setting..rather than confusing newbies with unnecessary wrapper and whatnot
<axyjo> hi all, i've got a mailman installation at a third level subdomain (lists.x.y.com) but all of the urls for mailman seem to point towards the principal domain (y.com). how do I fix that?
<frippz> I'm looking at purchasing a PowerEdge 2950 III to run 8.04. any experiences regarding this? just want to make sure I don't get a RAID controller that won't be supported
<Zelut> so, about this screen talk..
<frippz> ah, nevermind. finally managed to find some info in the forums :)
<genii> frippz: I think that one uses PERC . The older 2450 and 2550 I have here work well
<Oliber> very similar discussion in #centos over the past few mins, 3ware and LSI cards are the flavour of choice
<kirkland> kees: jdstrand: is the last comment at the bottom of this page true?  http://dev.mysql.com/doc/refman/5.0/en/password-security.html
<frippz> genii: true, but there's also the SAS 6/iR
<frippz> I might've been reading old material but someone in the forums experienced problems with SAS 6/iR (that was with 6.06 LTS though)
<frippz> Oliber: I'm guessing LSI == PERC in this case?
<Oliber> i don't know tbh, i thought PERCs were Adaptec cards
<Oliber> never done dell though
<jdstrand> kirkland: while /proc/<pid>/environ seems safe enough, I'd have to agree that it seems risky
<kirkland> jdstrand: superm1 is trying to find a secure way to pass mysql the password
<jdstrand> kirkland: how did he obtain the password to begin with?
<kirkland> jdstrand: debconf question
<kirkland> jdstrand: is this in a .config and .postinst
<jdstrand> kirkland: is that a question to me?
<kirkland> jdstrand: sorry, thats a statement
<kirkland> s/^is//
<jdstrand> kirkland: I'm confused-- what is superm1 trying to do exactly?
<kirkland> jdstrand: in mythtv postinst
<kirkland> jdstrand: it needs to do a bunch of stuff in mysql
<kirkland> jdstrand: he prompts for the mysql password in debconf
<kirkland> jdstrand: i added a snippet of code to check if the entered password was correct, and a loop to prompt again if not
<kirkland> jdstrand: http://bazaar.launchpad.net/~ubuntu-mythtv/mythtv/mythtv-fixes/revision/148
<kirkland> jdstrand: the concern is about:
<kirkland> echo "show databases;" | mysql --host="$HOST" --user="$USER" --password="$PASSWORD"
<kirkland> leaking the password to the command line
<jdstrand> kirkland: I wonder if you can put your sql into a text file and do something like:
<jdstrand> /usr/bin/mysql --defaults-file=/etc/mysql/debian.cnf -e "\. ${tmpfile}"
<jdstrand> kirkland: that's pretty ugly though
<Faust-C> hey guys how do ya'll manage multiple ubuntu servers?
<yann2> puppet :)
<Faust-C> yann2, but puppet is for systems that are 'alike' right?
<yann2> define alike
<Faust-C> are very similar
<yann2> not really no
<Faust-C> like same services and setups
<yann2> is clever software :)
<Faust-C> oic i was reading a article and it compared them all, cssh, cfengine, puppet even rsync
<yann2> cssh and rsync, compared to puppet? :)
<Faust-C> yeah
<Faust-C> not compared but use cases
<Faust-C> it said puppet was aimed at systems w/ similar setups
<Faust-C> but cfengine looks very difficult to setup initially
<yann2> dont know cfengine
<Faust-C> i wish there was a node/hub approach
<Faust-C> where you have nodes that are managed thru a central webui or desktop app
<Faust-C> like VirtualCenter
<Faust-C> but more flexable and refined
<Faust-C> brb
<frippz> wow, dell really needs to get its shit together when it comes to their web site
<Fenix|work> Greetings... I need a hand with chroot failing.
<frippz> it has taken me 2 hrs to put together a system
<Fenix|work> using chroot from kubuntu 8.1 livecd to chroot to my ubuntu 8.04 disk... I get the error :: chroot: cannot run command `/bin/bash': Permission denied
<kees> kirkland: yeah, it is.  I always forget about that.
<genii> Fenix|work: You're using the partition desgnation which has / and not another like /home or /boot ?
<Fenix|work> genii, yes... I think it's a dynamic/linked directory issue ... for instance /pu/lib64 points to /lib which are the wrong libraries
<Fenix|work> * dynamic library / linked directory issue
<genii> Fenix|work: Did you do bind-mounts of the livecd /proc /dev and /sys into the old / mountpoint as well?
<Fenix|work> I *knew* I was forgetting something
<Fenix|work> that was common setup practice with gentoo
<Fenix|work> genii, ok... dev, dev/pts, dev/shm, /proc, /sys and /tmp are bound
<genii> Fenix|work: Still getting permission denied or so?
<Fenix|work> yes... /pu/lib64 is linked to /lib
<Fenix|work> wrong libraries
<genii> Fenix|work: I'm not sure how to fix that one
<Fenix|work> I think a static version of bash would be helpful
<genii> Hmm. You might be able to specify busybox as shell
<Fenix|work> how?
<genii> Fenix|work: Something like:    chroot /mnt/oldroot /usr/lib/initramfs-tools/bin/busybox
<genii> Apologies on lag, my connection got flakey
<Fenix|work> genii, failed
<genii> Fenix|work: You had separate /usr partition ?
<Fenix|work> genii, nope
<genii> OK
<genii> Fenix|work: I'm out of immediate ideas
<chmac> rdiff-backup --exclude /home/me/.mozilla/**/Cache /home/me /blah/backup is not working as I expected
<chmac> /home/me/.mozilla/me/Cache is being backed up, I'd thought it would not be
<Fenix|work> genii, there appears to be a package called bash-static in universe
<Fenix|work> just uncommented out universe from sources.list and am updating
<chmac> The format works for rsync, rdiff-backup uses similar options types
<genii> Fenix|work: I don't think you could just transplant it in however.
<genii> The dpkg db etc will get weirded
<Fenix|work> we shall see... should work... the kernel is the same, and the libraries are built into the source
<Fenix|work> bash-static works
<Fenix|work> it's just a binary
<Fenix|work> but once in, everything else is borked
<genii> Fenix|work: May be time for a reinstall
<LeeQ> Is there a way to run a cron job ONLY if there was a dirty shutdown?
<Fenix|work> genii, I got in :)
<Fenix|work> is there a package for ubuntu-server like there is ubuntu-minimal and ubuntu-standard?
<genii> Fenix|work: Good. Lots of hoop-jumping, I imagine
<Fenix|work> Oooh yeah... messed up library permissions
<genii> Fenix|work: No, it's done by tasksel and no meta-package
<Fenix|work> so how can I re-install without deleting anything?
<genii> Fenix|work: Run tasksel and select LAMP
<Fenix|work> my problem is my jr. admin b0rked all the permissions... did a chmod -R 664 *
 * genii thinks about jails
<henkjan> Fenix|work: 664 means no execute bit
<henkjan> thats hard to start chmod again now
<genii> henkjan: Hence explaining his earlier "permission denied"  on the default shell binary when trying to chroot in
<Fenix|work> henkjan, hence all my problems :)
<Fenix|work> bash: /usr/bin/man: Permission denied
<Fenix|work> sheesh
<henkjan> ah, reading backlog right now :)
<genii> Fenix|work: You should probably +x /bin /usr/bin  /sbin and /usr/sbin
<Fenix|work> genii, the problem is I did... /usr/bin/man is linked to /usr/lib/man-db :)
<Fenix|work> unfortunately tasksel install doesn't 'do' anything
<Fenix|work> I guess because it's already installed
<genii> Fenix|work: I suspect if you try to install overtop without formatting the old setup, it will just obey the umask/perms and not write anything anywhere
<Fenix|work> that appears to be the case
<Fenix|work> genii, I guess I'm going to have to settle for apt-get --reinstall install adduser alien apache2 apache2-mpm-prefork apache2-utils apache2.2-common apparmor apparmor-utils apt apt-utils aptitude at base-files base-passwd bash bash-completion belocs-locales-bin bind9-host binutils bsdmainutils bsdutils build-essential busybox-initramfs bzip2 command-not-found command-not-found-data console-setup console-terminus console-tools coreutils
<Fenix|work> cpio cpp cpp-4.2 cron cvs dash debconf debconf-i18n debhelper debian-archive-keyring debianutils defoma dhcp3-client dhcp3-common diff dmidecode dnsutils dosfstools dpkg dpkg-dev e2fslibs e2fsprogs ed eject emacs22 emacs22-bin-common emacs22-common emacsen-common ethtool expect fdutils file findutils fontconfig fontconfig-config friendly-recovery ftp fuse-utils g++ g++-4.2 gcc gcc-3.3-base gcc-4.2 gcc-4.2-base gettext gettext-base gnup
<Fenix|work> g gpgv graphviz grep groff-base grub gsfonts gzip hdparm hostname html2text id-utils ifupdown info initramfs-tools initscripts inputattach installation-report intltool-debian iproute iptables iputils-arping iputils-ping iputils-tracepath klibc-utils klogd laptop-detect less libacl1 libapache2-mod-perl2 libapache2-mod-php5 libappconfig-perl libapr1 libaprutil1 libasound2 libatk1.0-0 libatm1 libattr1 libbeecrypt6 libbind9-30 libbit-vecto
<Fenix|work> r-perl libblkid1 libbz2-1.0 libc6 libc6-dev libcairo2 libcap1 libcarp-clan-perl libchart-perl libck-connector0 libclass-accessor-perl libcomerr2 libcompfaceg1 libcompress-raw-zlib-perl libcompress-zlib-perl libconsole libconvert-asn1-perl libconvert-binhex-perl libcroco3 libcrypt-ssleay-perl libcupsys2 libcurl3-gnutls libcwidget3 libdate-calc-perl libdatrie0 libdb4.6 libdbd-mysql-perl libdbi-perl libdbus-1-3 libdevel-symdump-perl libde
<Fenix|work> vmapper1.02.1 libdjvulibre15 libdns32 libedit2 libelfg0 libemail-abstract-perl libemail-address-perl libemail-date-perl libemail-messageid-perl libemail-mime-contenttype-perl libemail-mime-encodings-perl libemail-mime-modifier-perl libemail-mime-perl libemail-send-perl libemail-simple-perl .
<Fenix|work> oooh, sorry
<genii> AAAAAAAAAAAAAAAAAAAAAA
<Fenix|work> accidental paste
<Fenix|work> got the list from using dpkg -l
<genii> You can use the dselect get-selections bit to grab a list of what you have now, offload it somewhere then use it to set-selections
<Fenix|work> dpkg -l | grep "^ii" | awk '{ printf "%s ", $2 }'
<genii> !clone
<ubottu> To replicate your packages selection on another machine (or restore it if re-installing), you can type Â« aptitude --disable-columns --display-format '%p' search '?installed!?automatic' > ~/my-packages Â», move the file "my-packages" to the other machine, and there type Â« sudo xargs aptitude --schedule-only install < my-packages ; sudo aptitude install Â» - See also !automate
<genii> Something like what the bot describes....
<Fenix|work> !automate
<ubottu> Ways to automate installation of Ubuntu on multiple machines are described at https://help.ubuntu.com/8.04/installation-guide/i386/automatic-install.html - See also !cloning
<Fenix|work> genii, what's the difference with how I'm doing it?
<genii> Interesting, I think they changed the !clone factoid recently
<Fenix|work> besides it's a two-step
<Fenix|work> haha... aptitude: unrecognized option `--disable-columns'
<genii> Fenix|work: However you grab a list of your installed packages doesn't really matter. When you use the get-selections/set-selections method it will auto try to install them next time you use the packaging system
<Fenix|work> genii, well as it stands, my system is b0rked and won't boot... so this may help out
<Fenix|work> genii... since I got b0rked perms... should I be considering adding ubuntu-standard to the list?
<Fenix|work> or starting with ubuntu-standard then the rest... ?
<genii> Fenix|work: ubuntu-minimal   then do the tasksel/LAMP is my recommendation
<genii> Fenix|work: Unless for some reason you are running a gui on it
<Fenix|work> no gui
<Fenix|work> meta packages are useless and don't work... typing them out by hand
<genii> Fenix|work: I don't know why you are bothering with installing overtop, as I said earlier probaby total reinstall is needed.
<Pici> I'd personally backup any data and reinstall.
<genii> Pici: Exactly
<Fenix|work> well... I will... but I'm also lucky I'm not at 8.1 yet
<Fenix|work> I've been asked to try and fix this
<Fenix|work> while I'm waiting for hardware
<ScottK-laptop> Anyone here who can test some spamassassin updates?
 * Faust-C mumbles to himself
<ScottK-laptop> About testing spamassassin updates?
<Faust-C> no about everything
<Faust-C> i have too much to do
<Fenix|work> genii, hehe, another little problem
<Faust-C> and not enough exp to do it all
<ScottK-laptop> Ah.  Well so do I.  That's why I'm looking for testers ...
<Fenix|work> update-initramfs PANIC Circular Dependency
<Faust-C> i want to use "request-tracker", "horde", "zabbix" and so forth
<luke_> Faust-C, where the Hell have you been?
<Faust-C> ScottK-laptop, what/how do you want to test
<Faust-C> luke_, busy as sh**
<genii> Fenix|work: Which would be ?
<Fenix|work> nice thing is it doesn't say
<Faust-C> luke_, i have so much to do i needed to try to 'focus'
<Fenix|work> runs when it trys to update initramfs
<ScottK-laptop> Faust-C: It's just a question of installing a package from *-proposed and verifying that the RBL fixes described in https://bugs.launchpad.net/ubuntu/+source/spamassassin/+bug/278075 are there and working.
<uvirtbot> Launchpad bug 278075 in spamassassin "DSBL is gone and needs to be removed from SpamAssassin" [Medium,Fix committed]
<ScottK-laptop> Faust-C: What Ubuntu release(s) do you run?
<Faust-C> atm 8.10
<Faust-C> in production
<ScottK-laptop> Faust-C: Then you're probably getting the incorrect dsbl.org scores on your system.
<ScottK-laptop> It'd be good if you could install from intrepid-proposed and see if that fixes it.
<Faust-C> heh the real issue is myself
<Fenix|work> genii, ok... how do I reinstall without formatting? :)
<Fenix|work> I've had enough
<ScottK-laptop> Fenix|work: Why do you want to re-install?
<genii> Fenix|work: I'd pull off whatever is imortant data or such, and do clean
<genii> ScottK: His junior admin chod -R 644  everything
<Fenix|work> thanks genii
<genii> *chmod
<ScottK-laptop> Yes.  That's best.
<ScottK-laptop> That and don't give said individual the password after the reinstall.
<Faust-C> boot live cd and chroot
<Faust-C> and then change perms
<genii> Faust-C: Already went thru that. Because his fs is not +x on the binaries it chinks out
<Fenix|work> Faust-C, would work normally but EVERYTHING is fubared
<Faust-C> oic...
<Fenix|work> I can actually boot the OS
<Fenix|work> but the moment dpkg --configure -a runs ... update-initramfs says PANIC Circular Dependancy
<Faust-C> ah hell web-brower asks to save or open php file, what do i have to change in apache to make it work
<Fenix|work> and I have a funky raid too
<Fenix|work> :)
<Fenix|work> genii, ScottK-laptop ... dumb question ... most everything else is on another drive... what should I backup on the OS?
<Fenix|work> home directories are empty
<Fenix|work> I guess just conf files in etc?
<ScottK-laptop> Depending on what you are using, there may be stuff in /var you want too.
<Fenix|work> this is a CVS/LAMP box
<Fenix|work> /var/www is remapped to the other disk
<ScottK-laptop> Probably just /etc then, but no guarantees.
<Fenix|work> any way to export passwd/shadow so I can import them again on the new box?
<Fenix|work> there's a lot of user accounts
<genii> You should be able to reuse it
<Fenix|work> oh and what about mysql databases?
<genii> Those are normally in the /var hierarchy
<Fenix|work> I have backups... but they're several hours old
<Fenix|work> ScottK-laptop, genii ... /etc /home /opt /var should be good enough no?
<ScottK-laptop> I'd think.
<genii> Fenix|work: Well, that should at least grab your db, user dirs, conf files and whatever optional things then
<Fenix|work> well... I needed to upgrade 8.04.1 to 8.1 anyway :D ... might as well do it this way hehe
<rgreening> jdstrand: hey, just wondering if ufw does any locking to ensure only one instance is modding the conf files. I'm going to start implementing the code using your API (assuming I can get it to load as a module).
<Fenix|work> while I'm installing things from scratch... is there any utility that tracks /etc conf file changes?
<ScottK-laptop> etckeeper
<genii> Fenix|work: I think you may have difficulties reinstating those dirs however. Because the perms on the stuff you copy will be the messy 644
<Fenix|work> genii, I'm not planning a copy... for conf files I'm gonna open them and paste them in the good ones... for the database files, I'll verify the permissions one by one.
<genii> Fenix|work: Sounds like a plan. Tedious but neccesary. You should enlist the admin who messed them up to help on their own time....
<Fenix|work> genii, I'm still mad at him... and I don't trust him
<Fenix|work> I've already had him put back on probation for 6 months
<ScottK-laptop> "Here's your task for tonight.  No, you aren't getting paid.  Don't leave until it's done.  If you get tired the coffee pot is over there."
<genii> ScottK-laptop: Thats how I had to make things right when I was learning and messed something up :)
<ScottK-laptop> Seems fair to me.
<jdstrand> rgreening: hi! there is no locking, no. I use mkstemp() and then copy the files into place
<rgreening> ok
 * genii makes another pot of coffee
<Fenix|work> procmail standard ubuntu fair?
<ScottK-laptop> Yes.
<ScottK-laptop> I think we're switching to using Dovecot for lda in Jaunty, but for Intrepid, yes.
<Fenix|work> k
<chmac> Is it possible to run a command and provide an environment variable only for that execution? Like this "BLAH=something /path/to/command"
<ScottK-laptop> Yes
<Fenix|work> How are the virtual host tools like in Intrepid?
<qhartman> I'm trying to use wondershaper to limit BW, and it's not working. The traffic dips for a second, then returns right back to it's previous level and stays there. Anyone else seen this?
<chmac> ScottK-laptop: thanks :)
<Fenix|work> Ok!  So I now have a fresh virgin Intrepid system... now I'm installing etckeeper
<Fenix|work> ScottK-laptop, any suggestions on configuring etckeeper?
<chmac> Any reason why I shouldn't run duplicity with the --full flag every time? I don't need to keep versioned data on my remote system, but I want it encrypted.
<chmac> s/it/the remote data/ :)
<Fenix|work> ScottK-laptop, looks like dovecot is default in Intrepid
<Fenix|work> how do I configure dovecot to NOT use local mbox?
<Fenix|work> I want everything forwarded to a smarthost... when tasksel ran I said satellite
<ScottK-laptop> Fenix|work: Do that in Postfix, not in Dovecot.
<Fenix|work> *sighs* ok
<hads> heh
<Fenix|work> ScottK-laptop, how do I manage recovering my passwd and group files?
<Fenix|work> it isn't as easy as replacing the old ones, is it?
<ScottK> The group file should be easy enough as it's just a flat text file.
<ScottK> The main trick is making sure the users get the same UID.
<ScottK> I think if you have the same UID, then you can reuse the passwd file, but I've never tried it.
<luke_> soren, You're younger than I thought
<soren> luke_: That's funny, because I'm older than I usually think I am. :)
<luke_> heh
<luke_> You know so much, I would have put you in the late 20s at youngest
<soren> luke_: I'm 27. :)
<luke_> oh damn
<luke_> haha
<lukehasnoname> Is Fedora Directory Server better than OpenLDAP?
<jmedina> lukehasnoname: you know HP changed their entire enterprise directory server, from a restrictred/closed source software to OpenLDAP?
<jmedina> they changed everything this year
<jmedina> every mail, every customer login, etc, etc
#ubuntu-server 2008-12-16
<zoopster> jmedina: I thought hp changed it to novell's edirectory...they changed all of their IDM stuff to Novell's IDM
<jmedina> zoopster: nop, they tried to change fist in 2004, but they couldnt because openldap didn fit the requirements
<jmedina> zoopster: and with help o symas they migrated to openldap in 2008
<jmedina> thereis a presentation about it
<jjesse> hrmm for some reason my membership in ubuntu-server lapsed :(
<Fishscene> Hello everyone, I have what I hope to be a simple question. I have just installed Ubuntu server via cdrom. After install, I am unable to see the contents of any cdrom I place in the drive.
<Deeps> have you remembered to mount the cd?
<Fishscene> How do I mount the cd?
<Deeps> by default, mount /cdrom
<Fishscene> oy.
<Deeps> you'll also need to umount /cdrom before it'll allow you to eject the disc
<Fishscene> I've tried all kinds of ways to mount the cdrom
<Deeps> cd /media/
<Deeps> ls
<Fishscene> mount /dev/cdrom /media/cdrom, etc..
<Deeps> mount /media/cdrom should do the job too
<Fishscene> It didn't
<Fishscene> But the command you gave me worked.
<Fishscene> Thanks :)
<Deeps> np
 * genii puts on a pot of coffee
<uvirtbot> New bug: #308434 in nagios3 (main) "Please merge nagios3_3.0.6-1ubuntu1 from debian unstable" [Undecided,Confirmed] https://launchpad.net/bugs/308434
<lukehasnoname> Is there a server meeting tomorrow or Wednesday?
<lukehasnoname> *tuesday or wednesday
<Koon> I think we have one today
<MTecknology> Which version(s) of Ubuntu Server Edition do you use?
<MTecknology> 8.10 isn't listed
<MTecknology> err.... this one is out of date, isn't it
<Oliber> 8.04.1 LTS
<Oliber> is what i use for production
<_ruben> 8.10 out of date? its 2.5 months old :p
<_ruben> err 1.5month even
<MTecknology> ....
<MTecknology> 9.04 isn't on there either
<_ruben> april 2009 is in the future
<_ruben> its in development at the moment
<_ruben> and where's "on there" ?
<MTecknology> survey.ubuntu.com
<_ruben> ah
<_ruben> contact the survey maintainers, i guess there's an email address or bugtracker link listed somewhere
<_ruben> copy/pasting questions from a survey into an irc channel is quite confusing btw
<MTecknology> sorry
<xp_prg> hi all, a little bit of a newbie, how can I configure security updates please?
<Sookie> hi
<Sookie> I have a problem that I can't figure out how to sort out. I managed to get the VPN PPT connection to work in Intrepid at home. However at the office it does'nt connect. Starting in XP or using another computer in the same office network (XP) it is possible to connect, however when I start my computer in Linux it doesn't. The only diference between home and the office is that at the office we have a VPN PPTP server with the PP
<Sookie> TP protocol ports forwarded to it; However if this is the reason, why the others computers or mine in XP can connect? Can you help me please?
<Oliber> do you know which firewall product they're using at work?
<Sookie> Oliber, I am actually the network administrator, and I have total access to the router, which is using now DW-RT software
<Sookie> Oliber, the computers are all connected directly to the network (router), no proxy or firewall in the middle
<Oliber> is the router NATting?
<Sookie> yes it is
<Sookie> in fact, it is forwarding 1723 port to the VPN server which is actually installed ina Ubuntu Server computer
<Oliber> becuase most of the time, you can have lots of PPTP going in one direction
<Sookie> butm whay is this happenign only in Ubuntu?
<Oliber> and none in the opposite direction, at the same time
<Sookie> I mean, when I start up my laptop in XP no problem, however if I startup in Ubuntu I get no connection in VPN, and when I start up my laptop in Ubuntu AT home, I get connected
<Sookie> ?
<Sookie> So the routing should not be a problem, right?
<Oliber> if it's on the same subnet/ip then yeah, thats a bit odd :s
<Sookie> Yes,the router is doing DHCP, so whichever is the SO a startup with, I get automatically the IP. In fact now I am writing you this in UBuntu connected to the router, but no VPN is possible
<Sookie> However if I restart now this same computer in XP, I can get connected to the VPN, and if I move this computer to home, I can connect to the VPN using UbuntuÂ¿?
<Sookie> How can I track this problem? I really need the VPN to work
<Sookie> I thought that since I was port forwarding 1723 to the Ubuntu Server, somehow it is not good for another UBuntu computer in the same networkÂ¿?
<Sookie> is that possible?
<Sookie> Oliber, it works now
<Sookie> Oliber, I didn't do anything, just the new updates icon started to blink at the bottom and I donwloaded the propossed 35 packages, I restarted and here we go, the VPN gets connected now Â¿?Â¿Â¿?
<Sookie> This is the time to say : "What the hell..??"
<Koon> Sookie: you were using network-manager on the Ubuntu client ?
 * Koon reads backlog
<Koon> ah ok, port redirection to a server...
<Koon> hm, strange :)
<Deeps> Sookie: sounds like there was a bug that was fixed in your updates?
<perlmonkey> hi guys, I think I accidently screwed my server during an upgrade from shell.. I'm trying to remove exim4 and replace with postfix, but getting a whole load of dependency issues related to exim4-daemon-light after exim4 is removed
<perlmonkey> any suggestions? am I looking at a complete reinstall of OS?
<Sookie> Koon, Yes I am using Network manager
<Sookie> Deeps, yes it sounds, but in that case Why was it working at home???
<perlmonkey> http://pastebin.com/m4466936b
<Sookie> In fact, there is a big entry in launchpad about networkmanager-pptp!!! but all related to make te VPN to work, however I already managed this..my problem was that was only wokring at home's nework
<Sookie> and now after the updates it magicaally started to work!
<perlmonkey>  sudo apt-get remove exim4-base: The following packages have unmet dependencies.  exim4-daemon-light: Depends: exim4-base (>= 4.69) but it is not going to be installed
<perlmonkey> sudo apt-get remove exim4-daemon-light:  exim4-base: dependency problems, but removing anyway as you request:  exim4-daemon-light depends on exim4-base (>= 4.69).
<perlmonkey> dpkg: error processing exim4-base (--remove):  subprocess post-removal script returned error exit status 3 Errors were encountered while processing:
<perlmonkey>  exim4-daemon-light  exim4-base
<perlmonkey> reinstall OS?
<soren> perlmonkey: sudo apt-get remove postfix+ exim4-base exim4 exim4-daemon-light
<Sookie> Well, now it is not working, I ewally don't understand how can be this such UNESTABLE
<perlmonkey> soren thanks will give it a try
<perlmonkey> soren: http://pastebin.com/m7422739
<Deeps> Sookie: which version are you using?
<Sookie> Intrepid 32 bits
<Sookie> Well now it doesn't conenct
<Sookie> I cant understand anything
<perlmonkey> soren: looks like a botched upgrade, package version inconsistency?
<Sookie> Deeps, network-manager-pptp version 0.7.xx
<Sookie> Deeps, the last one, I always download the latest updates for Ubuntu
<soren> perlmonkey: sudo rm /etc/init.d/exim4* ; sudo apt-get remove postfix+ exim4-base exim4 exim4-daemon-light
<Sookie> My colleague by my side just tried to conenct to the VPN and it woekd out (he is usig XP). Both are under the same network, the same rights
<Sookie> And I just connected 10 minutes ago, and now I cant
<perlmonkey> soren: thanks
<soren> perlmonkey: No problem :)
<perlmonkey> soren: phew you're a hero! all back to normal =)
<Sookie> Any ideas folks?
<perlmonkey> soren: how did you figure that out? isnt that weird apt wouldnt uninstall exim4?
<soren> perlmonkey: Not really. There's probably something that depended on an mta.
<soren> perlmonkey: Putting postfix+ on the line at the same time made sure that dependency was never broken.
<perlmonkey> oh
<perlmonkey> ahh i see
<soren> I suppose it's even possible that just installing postfix would have done the trick (since postfix conflicts with exim4 (or exim4-base or whatever)).
<perlmonkey> soren: im much obliged anyway, I thought I would be looking at a day wasted here on a server reinstall
<soren> perlmonkey: A reinstall is virtually never the right (nor easiest answer).
<perlmonkey> true
<Sookie> I am going to restart just to check something
<Sookie> Hi again, nothing
<Sookie> I can't make it to work again
<Sookie> I am really lost on this
<Sookie> Do you have any idea about what can I check in order to get the reason for such unestable behaivour?
<soren> Sookie: What's the problem?
<Sookie> soren, I can't make the VPN connection to work in my office when I start up in Ubuntu, however it works when I am in XP, and it works when I am at home in Ubuntu as well.
<soren> How does it fail?
<Sookie> VPN Failed Connection
<Sookie> that's all
<soren> Where do you see this?
<Sookie> the funny thing is that it connected once just 20 min ago
<Sookie> in the Netowork Manager applet
<soren> Look in syslog, then.
<Sookie> In syslog just: Modem hung up
<Sookie> let's se
<Sookie> I copy it into pastebin
<soren> Modem!?
<Sookie> http://pastebin.com/m5de5722d, that's a tail command fo syslog
<Sookie> http://pastebin.com/m2bef3388, that's a complete one
<Sookie> any clue?
<Sookie> Everything looks to be ok, doesn't it?
<Sookie> I think the problem is: LCP: timeout sending Config-Requests
<Sookie> until that everything is going ok
<kraut> moin
<Sookie> soren, any idea? thanks
<soren> Sookie: What do you see on the server?
<Sookie> I am not in the server, I am in my laptop
<Sookie> but we have a server too
<soren> What are you connecting to?
<Sookie> I am trying to connect to a remote VPN server in other office of our group
<Sookie> however in our local network we have another UBuntu server that is a VPN server to the people in the remote office too
<Sookie> when I try to connect to the remote VPN network using my Ubuntu installation, it doesn't work
<Sookie> If I try the same starting in XP from the same computer it works
<Sookie> If I try the same at home starting in Ubuntu it works
<Sookie> My colleagues here are using XP and they are in the same network as me but they can connect to the remote VPN
<Sookie> So I think it is not a router problem, otherwise in XP it shouldn't work
<Sookie> also I think it is not my Ubuntu installation, since at home it works
<Sookie> I think that somehow my UBuntu isntallation in my laptop doesn't like that at the same network we have a Ubuntu VPN server..
<Sookie> is that possible?
<Sookie> soren, have you checked my syslog file
<soren> Yeah. I can't see what the problem is.
<Sookie> the LCP timeout right?
<Sookie> Have you seen the LCP timeout?
<Sookie> and afterwards just "modem hungup"?
<Sookie> the funny thing is 1 hour before, I installed the last updates Ubuntu was warning me about, and then I restarted, and tried to conect and surprise! It worked, However I disconnecte and since then I couldnt make it to work again
<Sookie> Â¿?
<soren> Sorry, I don't know what could cause this.
<Sookie> OK, I have to restart then in XP..I need to work and it is obvious that Ubuntu is not giving me the chance, thanks anyway
<Sookie> We have a Ubuntu Server which in the router the por 1723 is being forwarded to; Here is my question, if I have another computer in the same nerwork that is trying to connect a remote VPN network, will be there any problem?
<Sookie> Please
<Sookie> maybe this is the problem
<Oliber> 1723 and GRE should be forwarded, which often causes problems on NATting devices
<Oliber> if 1723 and GRE are forwarded to an internal address, internal clients cannot connect to external PPTP servers
<Sookie> So why in XP they can?
<Sookie> That would exmplain why I cant connect to remote VPN networks, since the por 1723 is already forwarded to another IP (in this case the Ubuntu server)
<Sookie> But Why the XP clients can connect?
<Sookie> And my second question is; How can we have a VPN server (forward ports 1723 to it), and at the same time be able to connect to remote VPN connections?
<Sookie> Could be possible to put the VPN Ubuntu server under DMZ, and delete the 1723 port forwarding so the internal clients can connnect to remote VPN connections?
<Sookie> Thanks for your responses in advance
<Sookie> That doesn't seem to be the problem, since I disabled the port forwarding to the server in the router, and the results are still the same
<Sookie> any ideas?
<Sookie> Nothing
<Sookie> I disabled the VPN server in our network
<Sookie> I disabled the port forwarding to the server
<Sookie> All the XP computers can log into the remote VPN network, but the Ubuntu one
<Sookie> wll, I give up
<Sookie> this is really a crap
<Sookie> More than 1 week wasted in making a VPN to work!
<Sookie> I even put the computer directly in DMZ, and the same results
<Sookie> I don't understand anything
<kinley> hi there, whats THE choise for crypt mysql partitions in debian/ubuntu like system ?
<kinley> whats THE choise for crypt mysql partitions in debian/ubuntu like system ?
<Fenix|work> Good morning!
<Fenix|work> Would someone do me a favour please?  Could someone tell me the permissions and ownership of the files and folders in /var/lib/mysql please?
<Deeps> owned by msql
<Deeps> unsurprisingly
<Deeps> mysql*
<Fenix|work> Deeps, it isn't surprising... except for /var/lib/mysql/mysql which is mysql:root
<Fenix|work> which makes me wonder if all database folders need to be owned this way
<soren> Not here..
<soren> drwxr-xr-x 2 mysql mysql     4096 2007-11-17 23:17 mysql
<Deeps> group ownership isn't something that matters too much in this instance
<Deeps> mysqld runs as mysql user, if the files are owned by mysql user, there's no problem
<Fenix|work> http://rafb.net/p/ykTtWk30.html
<Fenix|work> those are the permissions I see
<Fenix|work> this is with a fresh 8.10 install
<Deeps> as i say, as long as they're read/writable by the mysql user somehow, either through user or group ownership, and they are owned by mysql user as seen there, you're not likely to encounter any problems. if you're concerned chown -R mysql:mysql /var/lib/mysql
<Fenix|work> and the perms are generally 664?
<Fenix|work> err 669>
<Fenix|work> jebzuz
<Fenix|work> 660
<Deeps> aye
<Deeps> 755 on /var/lib/mysql/mysql, 700 on db folders
<Fenix|work> ok... perfect
<Fenix|work> one other question... this is the first I'm using mysql with 8.10 ... does it now say "* Checking for corrupt, not cleanly closed and upgrade needing tables." when mysql starts up?
<Deeps> yep
<Fenix|work> ok... just making sure I didn't have problems :)
<Deeps> or something along those lines
<Deeps> standard onload cleanup
<Fenix|work> this is 'newish' right?  I never recalled seeing that in 8.04
<Deeps> it's in 8.04
<Fenix|work> maybe I never stopped and started the service manually then
<miguel> hello
<miguel> someone up ?
<Fenix|work> Anyone have a second to help with apache vhosts?
<genii> Fenix|work: You might want to also ask in channel #apache
<Fenix|work> genii, yeah I might... but they're generally very hostile to those not using their version :)
<Fenix|work> It's a simple vhost/permissions issue
 * genii sips
<Fenix|work> when trying to access my vhost abc.domain.com I get 403 Forbidden, but accessing server.domain.com/abc I get the page
<Fenix|work> I'm also getting "NameVirtualHost *:80 has no VirtualHosts" when apache starts up
<genii> Hmm
<Fenix|work> the vhost I enabled reads <VirtualHost *>
<Deeps> perms on rootdir of the vhost
<Deeps> will probably explain the 403
<Deeps> and/or lack of auto index page generator module
<Fenix|work> abc.domain.com is located in /var/www/abc
<Deeps> (if you dont have a real index page in there already)
<Fenix|work> abc.domain.com is a CNAME to server.domain.com
<Fenix|work> the default vhost points to /var/www
<Fenix|work> (apache default vhost)
<Fenix|work> abc.domain.com dies with 403 ... server.domain.com/abc works
<Deeps> check the error log
<Deeps> either that or you've fluffed your vhost file
<Fenix|work> I keep forgetting the stupid errorlog
<Fenix|work> .htaccess pcfc_openfile: unable to check htaccess file
<Fenix|work> what are the default permissions for files and folders for apache, 644/755 ?
<Fenix|work> and they're all owned by www-data:www-data?
<Deeps> yea
<Deeps> apache runs as user www-data
<Fenix|work> .htaccess is 644 as well I suppose?
<Deeps> as long as it's readable by the www-data user
<Deeps> thats largely all that matters
<Fenix|work> Oh, I've also disabled my vhost ... and am getting the message from /etc/init.d/apache2 :: [warn] NameVirtualHost *:80 has no VirtualHosts
<Fenix|work> this is just default settings now
<Deeps> yep, you need a vhost defined as <VirtualHost *:80> somewhere i think to make that be quiet
<Fenix|work> ok
<Fenix|work> ooh
<Fenix|work>  [error] VirtualHost *:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
<Fenix|work> harsh
<Fenix|work> :)
<Fenix|work> I think it's because of ports.conf ... there it defines NameVirtualHost *:80
<Fenix|work> but sites-available/default defines NameVirtualHost *
<Deeps> ah
<Faust-C> use a IP
<Fenix|work> I just commented out the NameVirtualHost *:80 ... it's redundant
<Fenix|work> you can't have named SSL VHosts anyway
<Deeps> you can
<yann2> yes you can Fenix|work
 * yann2 uses named ssl vhosts :)
<Fenix|work> # SSL name based virtual hosts are not yet supported, therefore no NameVirtualHost statement here
<Deeps> it's not exactly valid, but you can do it
<Fenix|work> right in ports.conf
<Deeps> not supported != not possible
<yann2> mmh. well it does work I tell you :)
<Fenix|work> you're right Deeps :)
<yann2> well I'm a happy man then :)
<incidence> Hye, I've installed postfix+dovecot and they work perfectly. But now I've installed razor,pyzor,amavis and spamassassin.
<incidence> But amavis won't check if the email is spam, it only scans it for viruses
<incidence> ow ok it worked, but it quarantined the spam, how do I only mark it for spam?
<tewmten> quick question: is there any way to invoke the dialog configuration script to configure the network (the one used in the installer..) in an already installed system? for easy reconfiguring of the network settings..
<tewmten> or if someone could point me to a source of information on how the actual installer works, would also help..
<tewmten> thanks
<jmedina> incidence: put your spam policy to PASS
<genii> tewmten: I think you might want netcfg  from the base-installer
<tewmten> yeah I've been seeing that mentioned on some places, but I can't really figure out where to get it.. I think I must be doing something wrong :P
<tewmten> like if I do apt-cache search on base-installer or netcfg it finds nothing. maybe I need to add an extra source in my sources.list_
<incidence> jmedina, Can't find out which file I should edit
<jmedina> incidence: look for $final_spam_destiny
<jmedina> in /etc/amavis/conf.d/
<jmedina> the policy is D_PASS
<jmedina> and $sa_spam_subject_tag to set the "subject mark"
<zul> server team meeting in 4 minutes on #ubuntu-meeting
<incidence> ah ok thanks, now it delivered the spam message, but did not mark it as spam ($sa_spam_subject_tag is = '***SPAM*** ')
<genii> tewmten: I think all the base-installer and netcfg etc is in the package debian-installer
<jmedina> incidence: how are your your sa_tag_level_dftl, sa_tag2, sa_kill and sa_dsn
<jmedina> that options set the defaults for message tagging
<incidence> $sa_tag_level_deflt = 2.0, sa_tag2_level_deflt = 6.31 and sa_dsn_cutoff_level = 10
<Fenix|work> How do I go about merging my old passwd file with my new one?
<jmedina> diff? patch?
<Fenix|work> what about the shadow file?
<Fenix|work> I mean, the hashes will still work?
<jmedina> the hashes are in /etc/shadow
<jmedina> just coppy the user lines from /etc/passwd and /etc/shadow
<jmedina> and the corresponding /etc/group and probably /etc/gshadow
<jmedina> in debian the fist UID is 1000
<Fenix|work> ok
<jmedina> something like this will get you a list
<jmedina> awk -F: '$3 > 999' /etc/passwd
<jmedina> the same applies to shadow
<Fenix|work> yeah... got it :)
<jmedina> of course this wont list system users added after the installation
<Fenix|work> that's fine... I just need regular users
<Fenix|work> everything else has been done
<jmedina> good
<genii> Hopefully you have old /etc/group as well
<simplexio> dmesg gives me : [1407259.665276] console-kit-dae[3300]: segfault at 168 ip 00007f2bbf304e09 sp 0000000041f78090 error 4 in libglib-2.0.so.0.1800.2[7f2bbf2d8000+c3000] well several time, but it dosent affect anything that i use
<dinsdale07> Hello -  my proftp server performs Identlookups although I have "IdentLookups off" in /etc/proftpd/proftpd.conf. Does anyone know why or how to troubleshoot this?
<Faust-C> dinsdale07: have you restarted the service one you made modification
<dinsdale07> yes, reload and restart. The line has been in the file for ages but I think it never worked.
<dinsdale07> Faust-C, I found out by starting proftpd in debug mode and it shows me performing ident lookup / ident lookup returned 'UNKNOWN'
<Phil__> I have lost my connection to the internet from my ubuntu server, LAN connections seem fine. Any ideas on how to troubleshoot? TIA
<Deeps> route -n
<Deeps> do you have a default route defined
<Phil__> I'm not sure - I haven't come across that term before - is it the same as default gateway?
<simplexio> soo. anyone ideas why console-kit-daemon segfaults libglib?
<Deeps> yep
<kirkland> sommer: ping
<sommer> kirkland: yo
<kirkland> sommer: hey, i was wondering if you could help with a server guide update
<sommer> kirkland: sure
<kirkland> sommer: see Bug 290885
<uvirtbot> Launchpad bug 290885 in initramfs-tools "SRU: Backport of Boot Degraded RAID functionality from Intrepid to Hardy" [Wishlist,Fix released] https://launchpad.net/bugs/290885
<Phil__> well, in my interfaces config file its pointing at the same gateway it always did, and the one that's working for the rest of the pcs on the LAN
<kirkland> sommer: we need to update the server guide RAID section
<Deeps> Phil__: if you run `route -n`, you should see something like 0.0.0.0         10.1.0.1    0.0.0.0         UG    0      0        0 eth0
<kirkland> sommer: note that booting degraded RAID is now possible with Hardy, if you upgrade your grub, initramfs-tools, and mdadm packages
<Deeps> where 10.1.0.1 would be your gateway
<kirkland> sommer: AND THEN grub-install to your RAID device providing /boot
<kirkland> sommer: the latter part must be done manually
<kirkland> sommer: which is the main thing i'd like to get in the Server Guide
<sommer> kirkland: ah mmmmmm, that may be a little harder since the raid section wasn't included in the hardy guide
<kirkland> sommer: alternatively, if you'd think we'd handle this better in the wiki, that's fine by me too
<Phil__> yeah, oh, okay, tbh - I'm not sure if the output to route -n is correct or not - shall I stick it in a pastebin?
<kirkland> sommer: oh, okay
<Phil__> thanks for the help btw
<kirkland> sommer: is there somewhere else it might land?
<dinsdale07> Phil__, or maybe traceroute internet-address to see where it stops. Maybe it's also a dns problem?
<Deeps> Phil__: please
<sommer> kirkland: we could add the instructions in a hardy subsection for the jaunty guide
<jmedina> good to know there is support for degraded raid in hardy
<jmedina> id like to test it
<jmedina> would be greate to have that info in the official server guide
<sommer> kirkland: that would allow put the instructions on the site at least
<Phil__> Deeps: http://pastebin.ca/1286927
<Deeps> Phil__: is 192.168.1.254 your default gateway? can you ping it from the server?
<sommer> kirkland: we can also look into an SRU for the hardy guide, but it will need to be re-translated so I'm not sure how much "support" the idea will get
<sommer> kirkland: but since hardy is lts...
<kirkland> sommer: okay, how about this ....
<Phil__> yes it is and sometimes it works, like about 10 minutes ago, and othertimes, like just now, I'm getting 'destination host unreachable'
<Deeps> Phil__: do other machines on your lan get that same problem?
<kirkland> sommer: i think we should create https://help.ubuntu.com/community/DegradedRAID
<Phil__> nope, never as far as I'm aware
<Phil__> I tried a fresh NIC as well to see if it was the hardware
<Deeps> Phil__: could be a dodgy nic in the server, dodgy cable linking from the server to the switch, dodgy switchport, dodgy wireless if you're using that, try changing those bits around, as it doens't sound like a software problem
<sommer> kirkland: sounds good to me, is it possible to put a link to the page in the updated package readme or somewhere users's will find it
<Deeps> Phil__: also check for IP conflicts - is anyone else on the lan using the same IP as your server?
<Phil__> no, its the only static IP and its well out of the dhcp range
<sommer> kirkland: I was thinking about non-irc users and users not following the raid bug
<kirkland> sommer: that might be possible
<kirkland> sommer: i could ask about putting it in the grub postinst
<Phil__> could it be anything to do with my / directory being completely full?
<kirkland> sommer: detect if you're upgrading from an old version of grub that doesn't support boot degraded
<Deeps> Phil__: possible but highly unlikely
<kirkland> sommer: if so, refer the user to read the documentation at http://.......
<kirkland> sommer: could you get the framework of a page up at DegradedRAID ?
<Phil__> okay, fair enough... I'll swap some bits around and see if I get any joy
<kirkland> sommer: i'll fill in the details....
<sommer> kirkland: sounds like it would work to me
<sommer> kirkland: sure, I can work on that this week
<kirkland> sommer: i'll work through the sru process to get such a link up
<kirkland> sommer: cool, ping me when you get it
<sommer> kirkland: are the updates already released?
<kirkland> sommer: yes, last week
<sommer> kirkland: okay, I'll try to work on that this evening as well
<kirkland> sommer: nice, thanks.
<sommer> kirkland: this has started me thinking about future bug fixes that might also require documentation updates
<sommer> kirkland: I wonder if we should work out some type of better system for doc updates
<kirkland> sommer: yeah, i think so
<kirkland> sommer: well, i think it could use some improvement
 * sommer probably just need to learn more about the translation process
<sommer> kirkland: I'll ask the doc team and see if there are more ideas on the subject
<kirkland> sommer: well, i saw the response to your suggestion of splitting it out of the other docs
<sommer> kirkland: ya, couldn't hurt try :-)
<mgagne> does anyone here have experience running ubuntu 8.04 as a Xen domU (paravirtualized)?
<jmedina> mgagne: I do have some 8.04.1 xen servers both dom0 and domu hardy
<mgagne> jmedina: I was reading about Ubuntu dropping support for dom0, I am looking at possibilities for running some 8.04 servers as domU's but am not sure what distro I should consider for dom0.
<jmedina> mgagne: I dont think will be dropped in hardy
<mgagne> jmedina: is the setup and configuration somewhat reasonable for hardy as a dom0?
<jmedina> mgagne: I use xen-tools for that
<jmedina> using debootstrapper
<mgagne> jmedina: ok, is your long term plan to stick with 8.04 in the future as well?
<jmedina> mgagne: for servers yeap
<jmedina> even my desktop, well all the office desktops, except laptops they are now with intrepid (kubuntu)
<dinsdale07> Faust-C, have solved my earlier problem with the IdentLookups. They need to be in a <global> Identlookups off </global> directive, now it works
<nealmcb> kirkland: thanks for the blazingly fast work on screen-profiles!  I got it from your ppa, screen-profiles - default profile - on hardy:  and see in bold at the bottom:  apt-check: error: no such option: --human-readable!
<kirkland> nealmcb: oh bummer
<kirkland> nealmcb: let me take that out
<kirkland> nealmcb: that's only available on hardy
<kirkland> nealmcb: fixed uploaded to my ppa
<ryan8403_work> hi i'm wanting to use vmbuilder to create a paravirtual image for xen, do i need to change the line in the config file referring to hvm? if so what to?
<jojo1224> hi
<nealmcb> kirkland: it is built and installable now - looks good now.  thanks!
<kirkland> nealmcb: np
<lukehasnoname> Has anyone taken a look at "Pro Ubuntu Server Administration" by Sander van Vugt?
<jjesse> it is on my amazon wish list
<lukehasnoname> His first books was kind of ok, the second books looks like he went a little more in depth (these both being the "beginner" books)
<leonel> http://www.ubuntu.com/products/whatisubuntu/serveredition/features/ec2   <-- GREAT !!!!  good to see ubuntu server spreading everywhere
<Faust-C> dinsdale07: sweet
<Faust-C> lukehasnoname: i havent found a really "enterprise" grade book for ubuntu
<Faust-C> like none detail using advanced auth methods,
<^efil4ejkeoD> Hi, im trying to set up a server with ubuntu linux. However I have never ever touched a linux PC before.
<^efil4ejkeoD> What I would like to accomplish is a server who backes up every other computer connected to the network. And can reinstall them when they are crashed
<^efil4ejkeoD> Ive searched the internet, but all help files are still not very clear. :( Can anyone plz say which programms i need?
<Faust-C> ^efil4ejkeoD: i suggest you get some books if you're really wanting to learn
<uvirtbot> Faust-C: Error: "efil4ejkeoD:" is not a valid command.
<^efil4ejkeoD> i think i need samba for getting networks up. I know have my server visible in my network. I can create files and maps but not in every map..
<frojnd> Hello there
<^efil4ejkeoD> True, i looked for: beginning ubuntu server LTS on bol.com
<frojnd> I need an asisstance here.
<^efil4ejkeoD> So anyone who wants to start with ubuntu needs to learn books first? :P
<Faust-C> well read a book
<frojnd> My disks are falling...all of the sudden I start getting those messages: Buffer I/O error on device sda3, logical drive xyxy Aborting journal on device sda3, on device sda2,... Write error on swap-device
<frojnd> Is there a way to fix my disks ?
<frojnd> I did unplug the cable and start server again...
<frojnd> This was also the only option at that time to restart comptuer
<frojnd> I'm assuming my disks will crashed eventually... s Is there a way to prevent or to slow down this process ?
<^efil4ejkeoD> how old are your disks ? aint there a way to read there SMART statistics?
<^efil4ejkeoD> their*
<frojnd> ^efil4ejkeoD: about 4 years they both SATA
<uvirtbot> frojnd: Error: "efil4ejkeoD:" is not a valid command.
<frojnd> huh?
<^efil4ejkeoD> my name starts with an ^ ;)
<frojnd> as a command :)
<^efil4ejkeoD> ye
<^efil4ejkeoD> but do you know how to read SMART statistics out of hdd?
<frojnd> ^efil4ejkeoD: no idea
<uvirtbot> frojnd: Error: "efil4ejkeoD:" is not a valid command.
<^efil4ejkeoD> Im not really of any assitence with linux here. I've never touched it before, but im advised: "read a book" when i asked asked my question
<^efil4ejkeoD> anyway.. drives have SMART statistics which tells you the status of your harddrive
<^efil4ejkeoD> in windows you can easily read them by using programms like speedfan
<^efil4ejkeoD> or sometimes you are able to read them in the bios
<^efil4ejkeoD> it tells you exactly how many pieces of the harddrive are broken and when its time to change the drive
<^efil4ejkeoD> If the SMART tells you to change, i'm not sure if there is any methode to slow down the proces other than turn of your machine....
<frojnd> *efil4ejkeoD: I'm sure linux can do that and even more to slow down the process just don't know
<^efil4ejkeoD> ah, first try to read them out
<^efil4ejkeoD> google for smart hdd or smthing :)
<^efil4ejkeoD> Can you help me out maybe. I want to have a programm that backes up all other machines in my network, and can reinstall them when  a computer is crashed. Is that possible? It's actually just windows home server but then in ubuntu server.
<frojnd> I'm afraid I cant.
<frojnd> Haven't really used server for backuping my data, though apperantly I should :S
<^efil4ejkeoD> what are you using it for then? file server?
<maltepalte> i have mysql installed on a ubuntu machine, with a lot of power - quad xeon cpu:s, and a large raid volume with 15k rpm disks.  however, when benchmarking with a simple script that creates a database in mysql, and then creates 1000 tables inside the db, i get extremely poor performance; 5 tables created per second.  compare that with my laptop, that gets about 150 tables per Asecond
<frojnd> I'm using it for somesort of media center. I have installed on it ampache for listening my favourite music from one location, for torrents to DL some fancy music abroad since I can't buy all the cds, for testing php pages, for mysql database, for storing my DVDs, and ofcourse for programming :P
<frojnd> And now I'm a little scared since I don't have dual or backup disks..
<^efil4ejkeoD> You might be able to clone them in time maybe?
<frojnd> I can use them, as we sepak, but not so sure....
<^efil4ejkeoD> If you want to keep the data, you should clone them or get an image of them as fast as possible. But that is only useful if the problem really are the disks themselves
<frojnd> what else could it be ?
<^efil4ejkeoD> I have no clue. I've never used linux before.. and im not a programmer :). I do know, however, that when a disk pefrmance is poor you shuuld check for the SMART status. That will tell you what is wrong with your disk, mostly.
<frojnd> *efil4ejkeoD: if the sorage is 500gb how big would be the image ?
<frojnd> or the clone.. haven't really done this before
<^efil4ejkeoD> i think the same size if the disk is full
<frojnd> huh
<^efil4ejkeoD> an image is actually a clone, but then stored on a existing hard drive. A clone is really a clone of the harddisk itself. So you can make a clone with an image.
<^efil4ejkeoD> do you follow that one? :P
<frojnd> heh, I'm working in my head :D
<^efil4ejkeoD> ^^
<uvirtbot> ^efil4ejkeoD: Error: "^" is not a valid command.
<^efil4ejkeoD> when you copy a DVD to your harddrive, you can make an image from the DVD. This image is 1 file which consist of all the files on the DVD
<^efil4ejkeoD> this file is as large as the DVD itself.
<^efil4ejkeoD> so the image is a clone of the dvd. But you haven't got 2 DVD's. So when you put the image from the DVD on a new DVD, then you have cloned your dvd.
<^efil4ejkeoD> but thats not really the point here :)
<^efil4ejkeoD> you want to know how to clone a 500 GB harddisk
<frojnd> ^efil4ejkeoD: aha
<uvirtbot> frojnd: Error: "efil4ejkeoD:" is not a valid command.
<^efil4ejkeoD> and for that question i do not have an answer :(
<sommer> kirkland: https://help.ubuntu.com/community/DegradedRAID created, and I've linked to the intrepid config options... I think that's what you were looking for?
<^efil4ejkeoD> I only know windows alternatives
<frojnd> ^efil4ejkeoD: ofcourse they will say to buy a new disk :D
<uvirtbot> frojnd: Error: "efil4ejkeoD:" is not a valid command.
<^efil4ejkeoD> you have to buy new disks :P But you want all your data from the old one, on the new one
<frojnd> The only problem is that I can get the lowest WD external 1TB for 100EUR
<^efil4ejkeoD> you don't need an external hard drive for cloning
<frojnd> ^efil4ejkeoD: I know but they are the chepeaset storage alternative :D
<uvirtbot> frojnd: Error: "efil4ejkeoD:" is not a valid command.
<^efil4ejkeoD> internal?
<frojnd> ^efil4ejkeoD: I have SATA and not SATA2 which costs less than SATA <-those two are "internal"
<uvirtbot> frojnd: Error: "efil4ejkeoD:" is not a valid command.
<^efil4ejkeoD> where are you from btw?
<frojnd> slovenia
<^efil4ejkeoD> ah k. Im from holland
<^efil4ejkeoD> hmm.. I think i can't help you any further then :(
<^efil4ejkeoD> i don't know much about computers
<frojnd> ^efil4ejkeoD: no worries someone will :)
<uvirtbot> frojnd: Error: "efil4ejkeoD:" is not a valid command.
<^efil4ejkeoD> hehe :)
<Faust-C> how much space would you guys recommend for 70+ users high volume traffic
<hads> HOw long is a piece of string.
<jjesse> 6
<genii> Faust-C: For what, their home dirs?
<jmalis> hi! how to skip disk checking on starup (fschk)? Thank You!
<genii> "ESC" ?
<genii> And of course there's the ever-dangerous and not to be recommended replacement of  0 1        with  0 0        in fstab
<Faust-C> genii: no for email period
<genii> Faust-C: I'd think 4-8Gb would suffice. A lot depends on if they are leaving much mail also on there, like imap
<Faust-C> well atm its pop3 and alot of the mail is old or internal spam
<Deeps> how long is a peice of string?
<jmarsden|work> Faust-C: Can you du -sh /var/mail/ (or equivalent) to see how much space their POP3 mail takes up now, then use (for example) 2x that as rough a starting point for their email disk space needs?
<Faust-C> jmarsden|work: sadly atm the email server is a XP machine (done before i got here)
<Faust-C> and i cant afford to screw up considering that email is necessary to function
<jmarsden|work> Faust-C: You could (a) still find out how much space the mail is taking up (Look at mailboxes in Exchange if that is what they use, or use one of many disk spacetools for Windows if the mail is in flat files)  (b) consider setting upo new mailserver with LVM so you can change partition sizes later if necessary?
<genii> Or enforce quotas on /var/mail or so
<Faust-C> jmarsden|work: no exchange, mdaemon
<Faust-C> im rebuilding network
<Faust-C> genii: and yes that is a must this go round
<Faust-C> do you have to install the pop3d part for dovecot?
<jmarsden|work> Faust-C: Only if you want to offer POP3 service to email users.. if all will use IMAP I don't think you *need* to instyall dovecot-pop3d.
<Faust-C> kk
<Faust-C> just trying to go word for word by docs
<Faust-C> btw which would be the prefered choice, mbox or maildir
<jmedina> maildir
<Faust-C> i thought so
<gohell> DIE
<Faust-C> hmm i so need more info
#ubuntu-server 2008-12-17
<nealmcb> re: the ec2 root password/sudo issue - is there a way to not have a password for the ubuntu user, and use the ssh credentials during a sudo to authenticate as root?
<nealmcb> or kerberos, or something?
 * nealmcb hates being logged out and presented with an auto-generated password to manage
<erichammond> nealmcb: Please send your EC2 beta feedback to the mailing list so there is a record of it: ec2-beta@lists.ubuntu.com
<nealmcb> erichammond yeah - probably not enough people around now to chat here...
<erichammond> nealmcb: FWIW, I'm not a fan of the current strategy, but it is difficult to be both secure and easy in the EC2 environment especially if you're trying to do things the Ubuntu way.
<erichammond> Note that it is (currently) possible to simply ignore the ubuntu user and ssh back in as root :)
<erichammond> You could also pass in a startup user-data script which modified sudoers to allow sudo without a password (but don't tell the security guys I said so).
 * nealmcb puts on his security hat and looks around with upturned eyes
<nealmcb> :)
<nealmcb> I think I was just asked for a mysql password no fewer than three times on install - a bit rude....
<nealmcb> (I refused to set one each time)
<nealmcb> aha - sudo via ssh-agent implemented for openbsd: http://www.usenix.org/event/lisa08/tech/full_papers/burnside/burnside_html/index.html
<nealmcb> that's what we need for ec2
<antdedyet> deploying a ubuntu server with kvm. :)
<antdedyet> I haven't quite convinced the client of using ubuntu in the guests for some clients who are used to Other Distros(tm), but the host is hardy.
<antdedyet> pretty plesant experience so far. cheers on kvm gui management tooks shaping up since last winter.
<antdedyet> s/tooks/tools
<Lokin> Can someone help me?
<Lokin> I can't seem to ssh to my server
<Lokin> and my website isn't up....
<ropetin> Lokin: do you have local access to the box?
<Lokin> ya
<Lokin> just grabbed a moniter
<Lokin> Crap. Ok never mind, How do I make my IP static?
<Lokin> ropetin ?
<antdedyet> Lokin: did you provide deem the IP static?
<jmarsden> Lokin: http://doc.ubuntu.com/ubuntu/serverguide/C/network-configuration.html
<Lokin> When I set up the DNS server I set the old ip but It changed...
<jmarsden> Lokin: Do you mean the IP of the Ubuntu server, or your public IP as provided by your ISP?  You may need to use a dynamic DNS client if you want a server on a connection that has a dynamically assigned IP from your provider.
<Lokin> curl whatismyip.org, That is my ISP ip right? and then 192.168.0.7 would be the server IP?
<jmarsden> Probably.  So if the answer you are seeing from whatismyip.org is changing, you have an Internet connection from your ISP with a dynamic Ip address... so you need to use a dynamic DNS type solution.
<jmarsden> See http://www.no-ip.org for example.
<Lokin> jmarsden: I can't use this because my server is command line. Right?
<jmarsden> Are you sure??  I think their linux client doesn't need a GUI... checking...
<jmarsden> The clietn is at http://www.no-ip.com/client/linux/noip-duc-linux.tar.gz and does not seem to need a GUI to me...
<Lokin> How do I restart apache and ssh again?
<jmarsden> sudo service apache2 restart && sudo service ssh restart
<Lokin> jmarsden: apache2: Could not reliably determine the server's fully qualified domain name, 127.0.1.1 for ServerName
<Lokin> Take it thats the dynamic IP messing things up?
<jmarsden> Lokin: That's you changing the internal (LAN) IP of the server, probably.
<jmarsden> Edit /etc/hosts to sort that out.
<Lokin> erg
<jmarsden> It will probably "work" OK despite the warning, actually.
<Lokin> Doesn't work at all out side of lynx localhost
<jmarsden> OK, then edit /etc/hosts and put the actual static local IP of the server in there with the FQDN and hostname of the server and restart apache
<Lokin> The static being an IP of the thing I would sign up for?
<Lokin> At the moment I didn't think I had a static IP.
<jmarsden> No... hmm, I think you need some basic info on IP and NAT and how the Internet works??  Your server has a local and hopefully static IP address on your LAN.  I pointed you to the page of the Ubuntu Server Guide which describes that earlier...
<jmarsden> I said: Lokin: http://doc.ubuntu.com/ubuntu/serverguide/C/network-configuration.html
<Lokin> K i'll...
<Lokin> ya read that
<jmarsden> did you do what that says to get a static IP for your server??
<Lokin> I need to get better in Unix....
<Lokin> One sec I'm working on it
<Lokin> does the Static IP matter? and it has to be local right 192.168.x.x?
<jmarsden> It has to be on your LAN.  It has to be unique within your LAN.
<jmarsden> Other that that you get to pick what number you want; if it was 192.168.0.7 dynamically, you can use that...
<Lokin> ok
<Lokin> so thats set
<Lokin> iface eth1 inet static
<jmarsden> OK, so edit /etc/hosts to match that and then restart apache
<Lokin> k
<Lokin> 192.168.0.107           UbuntuServer
<jmarsden> OK, now does apache restart cleanly?
<Lokin> same error but instead of 127.0.11 it now uses 192.168.0.107.....
<Lokin> What is the fully qualified domain name??
<jmarsden>  servername.mydomain.com  (or whatever it really is!)
<jmarsden> You write UbuntuServer in /etc/hosts, is that your hostname?
<Lokin> I mean I log into to alex@UbuntuServer
<Lokin> so yes
<jmarsden> OK, so the FQDN is UbuntuServer.yourdomain.com (if your domain name is yourdomain.com)
<Lokin> UbuntuServer.truehelix.com
<Lokin> Where should the DNS be pointing to from the Domain registrar?
<jmarsden> OK.  So now as long as your router has port 80 open from the outside redirected to 192.168.0.107, you should be set.
<jmarsden> Lokin: ?  I don't understand your question.  DNS host record for ubuntuserver.truehelix.com should point to whatever whatismyip.com says your public IP is.
<jmarsden> But since you can't edit it every time it changs, you can use no-ip.org, sign up, and automatically update the DNS.
<Lokin> I set the DNS record from ixwebhosting
<jmarsden> OK.  You can do that.  As long as you chaneg ti every time your ISP changes your public IP :)
<Lokin> :/ OK well how do I install somthing on a webpage via command line?
<Lokin> because no-ip needs a download(of course) and I only have command line on my server
<ropetin> Lokin: wget is your friend
<ropetin> man wget
<Lokin> :)
<Lokin> thanks
<ropetin> NP!
<Lokin> lol
<Lokin> OK now on to ssh :(
<Lokin> I can't connect anymore
<Lokin> even via the new ip
<Lokin> used to be able just not anymore
<ropetin> if you ssh from the local box can you access?
<Lokin> no...
<Lokin> but wait
<Lokin> the eth1 address is 192.168.0.107
<Lokin> whereas the port fowarding is .1.107
<Lokin> that may be a problem....
<jmarsden> Yes, it would be.
<ropetin> You can remove the word may from that
<Lokin> indeeed, that be a problem.
<Lokin> Better?
<jmarsden> More accurate, less gramatically correct ;)
<ropetin> :P
<Lokin> lol
<Lokin> Sorry, needed a scon
<Lokin> var hungry
<Lokin> Damn this is really starting to piss me off
<jmarsden> Then it might be good to stop, do something else, and come back to it later?
<Lokin> I would but I need to sleep soon. School in the morning.
<jmarsden> Your call.  You could leave it for 24 hours... I doubt your web server is earning you $millions/hour or anything? :)
<Lokin> lol
<Lokin> This is true
<Lokin> http://thar.us/view/1440
<jmarsden> Have you edited the Ip addresses so the ones in your server agree with the router regarding your subnet?
<Lokin> but I want ssh working at least
<Lokin> I do a fair bit on it at school
<Lokin> I'm just wondering where else I would have to change then to 192.168.1.107
<Lokin> btw, Don't browse thar
<Lokin> its Var dangerous.
<jmarsden> edit /etc/network/interfaces and /etc/hosts
<Lokin> ya got those
<Lokin> Is that for ssh also?
<jmarsden> Yes.  Now restart networking, ssh and apache
<Lokin> networking?
<Lokin> ok
<jmarsden> (or just reboot the server)
<Lokin> k
<Lokin> all restarted
<Lokin> ssh alex@76.204.30.102
<Lokin> and nothin
<Lokin> ya just timed out
<jmarsden> Are you sure that is your current public IP?
<Lokin> Ya...
<Lokin> I started iptables with the startup prints
<Lokin> how do I disable them?
<jmarsden> Turn that back off
<jmarsden> Did you use ufw or something else ?
<Lokin> service iptables stop?
<Lokin> halt?
<jmarsden> Sure.
<jmarsden> stop
<Lokin> k
<Lokin> iptables is unrecognized...
<jmarsden> How did you start up your firewall on the server?
<jmarsden> What did you do?
<Lokin> Never had...
<jmarsden> How did you start up iptables?
<Lokin> Well... I may have trying to ste up ip fowarding
<Lokin> start*
<jmarsden> What command(s) did you type to start iptables/ip forwarding?
<Lokin> Not a clue.
<jmarsden> Sigh... you did something on your server but you have no clue what you did??
<Lokin> Can't I just kill iptables
<jmarsden> It is a kernel module not a service...
<Lokin> damnit
<jmarsden> what does service ufw status    say
<Lokin> Well It's vary likely when setting it up I just copy pasted shit off the interwebzzz...
<jmarsden> Well stop doing that.  Read and learn and take notes, you are now a server admin!
<Lokin> *Firewall is not running
<Lokin> blurgg
<jmarsden> OK.  Try     iptables -L  (and pastebin the output somewhere so I can look at it)
<Lokin> I once again need to point out It's command line...
<jmarsden> There are command line pastebin scripts...
<jmarsden> But never mind... I don't have time for that right now...
<Lokin> Chain INPUT (Policy ACCEPT) \n target      prot opt spurce              destination
<Lokin> 3 of them but the other 2 instead of INPUT there is FOWARD and OUTPUT
<jmarsden> Sounds like youy have no actual rules, so that's unlikely to be the issue.
<Lokin> k
<jmarsden> CAn you ssh to 192.168.1.107 from anotehr PC on your local LAN?
<Lokin> mac but I'll try
<Lokin> doesn't look like it
<Lokin> just timing out...
<jmarsden> OK, what does      netstat -ntl | grep :22     output (should be just 2 lines)
<Lokin> ... k one sec
<Lokin> tcp      0            0 0.0.0.0:22          0.0.0.0:*            Listen
<Lokin> and
<Lokin> tcp6           0           0  :::22                  :::*                Listen
<jmarsden> That's all good.
<jmarsden> ?
<Lokin> ergg comp died
<Lokin> my bad
<jmarsden> Welcome back... OK.  What does   ifconfig eth1 | grep addr: | head -1   say?
<jmarsden> BTW why are you using eth1... what is on eth0?
<Lokin> not sure
<Lokin> Just said use eth1
<Lokin> on that link you sent one sec
<jmarsden> OK... we'd better check... you only have one wired network interface on the server, right?
<Lokin> ya
<Lokin> it's old
<Lokin> no wireless either
<jmarsden> OK.  So does    ifconfig | grep ^eth    output just one line about eth1 ?  Or a line about eth0 ?
<Lokin> one about eth0
<jmarsden> Then that is the name of your interface.  So edit your config to to use that, not eth1
<Lokin> eth0        Link encap:Ethernet     HWaddr  00:40:ca...
<Lokin> k
<jmarsden> Most likely just edit /etc/network/interfaces
<Lokin> k
<jmarsden> Now do service networking restart     and then   see what ifconfig |grep ^eth  says
<Lokin> Hrmmmm duplicate files
<Lokin> there is now 2 things declaring eth0
<Lokin> auto eth0
<Lokin> and then iface
<Lokin> one sec I'm gogin to comment out the old one
<Lokin> k that worked... and ssh....
<Lokin> damn
<Lokin> still not going
<Lokin> Time out
<jmarsden> OK.  So now ifconfig eth0 | grep addr:    outputs a line containing   192.168.1.107 ?
<Lokin> no...
<Lokin> first line is inet addr:192.168.1.100
<Lokin> Bcast is 192.168.1.255
<Lokin> and mask is default
<Lokin> 255.255.255.0
<jmarsden> Then your server is at .100 not .107, so you misconfigured something somewhere!
 * Lokin screams
<Lokin> !!!
<Lokin> ok well should I just change the port fowarding to .1.100
<Lokin> for tonight at least
<jmarsden> OK, sure...
<Lokin> will you be on tomorow?
<Lokin> jmarsden: ssh guest@76.204.30.102
<jmarsden> Possibly... depends on real life stuff...  OK...
<Lokin> lol
<Lokin> go for it
<Lokin> yay
<Lokin> so far everyone has guessed the pass successfully.
<jmarsden> You logged out of the server?
<jmarsden> OK, well, it works... go to sleep :-)
<Lokin> am now I'm goign to bed
<Lokin> but just for if your on tomorow you can help me without me copying stuff over
<miguel1234> hi
<Lokin> HELLO!
 * Lokin wanders off to sleep
<miguel1234> hello someone who can help me with a problem with my mail server?
<jmarsden> miguel1234: Ask the question and find out ;)
<miguel1234> thanks jmarsden :)
<jmarsden> There's a bot command about that...
<jmarsden> !ask | miguel1234
<ubottu> miguel1234: Please don't ask to ask a question, simply ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<miguel1234> now I have a server with postfix + + sasl2 dovecot postfixadmin + + clamsmtp + spamassasin
<miguel1234> sucede q	
<miguel1234> apparently the smtpd-auth does not work
<jmarsden> OK.  Did it work when you first installed postfix?  Are you using postfix virtual domains, or...?
<miguel1234> jmarsden, I telnet localhost to 25 and shows me the following
<miguel1234> jmarsden, http://pastebin.com/m2cbfee
<miguel1234> jmarsden, 	
<miguel1234> No I look at the 250-AUTH PLAIN LOGIN
<miguel1234> 	
<miguel1234> apparently I do not support
<jmarsden> I think you need to tell postfix to support that... what is your backend user database going to be?
<miguel1234> jmarsden,  my config postfix http://pastebin.com/m50f30bb5
<jmarsden> So... that's not the Ubuntu default... where did this config come from, and how do you know it works?
<miguel1234> jmarsden, 	
<miguel1234> If you already defined in my smtpd.conf here http://pastebin.com/m6b0b12da
<miguel1234> jmarsden, here http://doc.ubuntu-es.org/Postfix/configuraci%C3%B3n_de_un_servidor_incluyendo_Postfixadmin,_Mysql,_Spamassassin_y_ClamAv
<jmarsden> I can't easily debug a fully tweaked postfix config... you just plucked it off the Internet?  Do you understand it?
<miguel1234> mmm
<jmarsden> If you follow a guide like that and it fails, you can either get help from the person who wrote that guide, or understand every little detail of what they did...
<miguel1234> I can receive emails but my problem is that I can not send them to other destinations such as external servers because the SMTP authentication does not work for me
<jmarsden> OK.  The whole way the guide does auth is not one I am familiar with; it would take me too long to debug this... it can probably be made to work... but not by me in any reasonable amount of time.
<jmarsden> Do you know someone else who has used this guide and got it fully working?  Maybe they can help you?
<miguel1234> no
<kinnaz> hello server admins, i was wondering the latest php for ubuntu is 5.2.4 but that seems to be affected by several buffer overflow exploits, does that suhosini patch protect from them or i should compile php from src to get them fixed ?
<kinnaz> ( compile from src to get 5.2.5
<snek> anybody have experience with setting up a 2 system cluster with a few VPS's on each machine?
<snek> curious about how to setup the mysql databases... either we could use a mysql db on each VPS or is it better to have mysql on the main installation instead of each VPS and sharding it to the other machine?
<kinnaz> you could do mysql replication
<kinnaz> mysql "cluster"
<snek> yeah i am aware of that, i plan on replicating between the VPS's as well
<kinnaz> ah misread your question
<kinnaz> a little
<snek> IF each VPS has mysql on it
<kinnaz> if you have ip for every vps then why not
<kinnaz> have diffrent mysqls
<kinnaz> thou running one should be better performance wise i think
<snek> dunno, looking at the performance i am not sure what would be better.. that's the problem a bit
<kinnaz> thou no real exp talking here, just logic
<snek> although i guess having seperate mysql servers on each vps would be a bit more secure in terms of availability & taking care of system load
<kinnaz> yeah
<kinnaz> in that terms indeed
<kinnaz> but i think having alot of mysqls servers wont hurt you much
<kinnaz> because the mysql proccess itself doesnot take up much
<kinnaz> the load makes it resource hungry
<kinnaz> but if you have alot of mysql servers
<kinnaz> it's harder/impossible
<kinnaz> to replicate them all
<snek> hmm ok, will have to look into that before i suggest the new setup
<kinnaz> thou i dont know how many mysql servers you would be running
<kinnaz> but if you like 10
<kinnaz> it will be kind of pain in the ass
<kinnaz> to manage them all
<snek> hmm i think it would be about 4 or 5 vps's.. mirrored to a 2nd machine
<snek> btw, is Xen supported by Hardy? or is another package recommended?
<snek> need to be able to give each vps each own amount of ram & cpu cycles
<kinnaz> snek you need xen kernel for hardy i think
<kinnaz> otherwise it would be running okey
<stefg> Hi, i'm planning on setting up a file server in a virtual machine. The question i'm facing is wether to use a simple file or a raw partition for the samba shares. One one hand i#d like to keep it simple and have a simple file (which can easily be backed up by the hosting OS), OTOH i fear the performance hit. Experiences? Opinions?
<stefg> ... btw... kvm/qemu
<snek> you can use a single file to store all shares? i wasn't even aware of that..
<snek> personally i setup a raid5 fileserver for a company which gets backed up each night using rsync to an offsite server.. about 700GB of video files & photoshop files.. works fine!
<snek> works with an Areca 8 port sata raid controller, pumps out about 400MB/s now :)
<stefg> I plan on simply adding a 300 GB file/partition to the virtual machine as second disk and mount it to serve... pretty straightforward. for rsync/rbackup it would be less hassle to simply use a file which contains all the samba shares, but surfing the net i find opinions that i/o performance is crap for simple file storage. i mean we're talking 30 users here... does it even matter ?
<snek> can't say i have much experience with that, but i know that reading from a single file costs you about 10 - 20% performance.. if that's still acceptable (lets say a hdd does 75MB/s in an ideal situation, then you'd do about 55 - 60MB/s but an 100mbit line can only handle 12MB/s) then i wouldn't worry too much about it)
<snek> your lan connection will most likely be the bottleneck, not the way you setup the share
<frippz> stefg: have you looked at this article? http://www.howtoforge.com/virtualization-with-kvm-on-ubuntu-8.10-p4
<stefg> frippz: not yet :-) thx for the link
<frippz> stefg: have a look a this one as well. might be interesting regarding backing up LVM Partitions. http://www.howtoforge.com/linux_lvm_snapshots
<frippz> I will be doing something similar in january when our new rack server arrives at work, so I've been studying these articles thoroughly :)
<stefg> frippz: interesting read, although lvm snapshots are nothing i could use, and actaully i'd try to avoid the extra complexity of lvm... space requiremants are foreseeable, and i'm a fan of the KISS philosophy
<frippz> stefg:
<frippz> stefg: not familiar with that philosophy
 * frippz hits up Google :)
<stefg> Keep It Simple Stupid ... don't use fancy things for their own sake
<frippz> stefg: heh, it just hit me :)
<frippz> well, that article mentions about I/O problems as well, so there might be something to it
<stefg> but snek is probably right... even if 5 users from 5 different 100MB segments access the server they'll not hit more than 50-60 MB/s i/o bandwith... the raid-10 can easily handle that, even if i loose 10-20% i/o performance by having a filesystem on a filesystem
<UyCaRumBa> hola
<UyCaRumBa> alguien que hable espaÃ±ol ?
<UyCaRumBa> hi
<UyCaRumBa> because it shows ubuntu 8.10 non 250 AUTH LOGIN ?
<kraut> moin
<fevel> an I use iptables instead of ufw?
<Deeps> sure
<Deeps> ufw is just a frontend for iptables anyway
<fevel> ok
<Faust-C> i have a failed lvm volume that im trying to repair but when i run a lvm cmd i get a error about I/O
<soren> "failed lvm volume"?
<Faust-C> hmm how do i explain
<Faust-C> the hdd was in another system but atm im using it as a external hdd to get the data off
<Faust-C> but i cant due to the damn thing complaining about I/O
<Faust-C> brb
<frippz> I'm trying to find out how much space BIND is taking up (zone files etc.). is there any other place than /etc/bind that I should look at?
<lamont> frippz: /var/cache/bind
<lamont> and potentially /var/lib/bind
<frippz> lamont: thanks. another 12K there :)
<lamont> frippz: the most accurate answer is "see /etc/bind/named.conf et al, and what directories get referenced therein"
<frippz> I'm guessing all the essential stuff resides in /etc (will be relocating BIND to another machine next year)
<Mal3ko> how do i check if server is having a problem to cope with high cpu demanding process?
<soren> Mal3ko: You look outside your office to see if there's a queue of users who are annoyed with your servers. If there isn't, you're fine.
 * soren is not kidding
<Mal3ko> lol
<soren> There's no single metric to check.
<Mal3ko> maybe like hard disk load?
<soren> If people are happy with the service you're providing, you're fine. That's the only single, useful metric that always applies.
<kinnaz_> hello server admins, i was wondering the latest php for ubuntu is 5.2.4 but that seems to be affected by several buffer overflow exploits, does that suhosini patch protect from them or i should compile php from src to get them fixed ?
<Deeps> which version of ubuntu are you using?
<Deeps> cuz heh, i see 5.2.3 in gutsy and 5.2.6 in intrepid, so i'm not sure where you're getting 5.2.4 from
<genii> Deeps: I think 5.2.4 may be in -backports
<Deeps> i forgot to look at hardy, heh
<Deeps> you've still not mentioned which version you're using though
<Deeps> generally, you'd wanna check the changelog or buglist of the package you're concerned about
<Deeps> search for it on packages.ubuntu.com
<Deeps> e.g., this is the changelog for php5 in hardy: http://changelogs.ubuntu.com/changelogs/pool/main/p/php5/php5_5.2.4-2ubuntu5.3/changelog
<mgagne> howdy
<mgagne> is there anyone here who has experience running Xen 3.3 backport in 8.04.1
<mgagne> My networking is borked but I can see a peth0 device with a proper IP addres
<mgagne> address*
<LordDicranius> simplexio: so, it's working now. I was using an live Ubuntu environment for the workstation. I just installed it to the hard drive and it worked right away haha
<amon> hi guys, i have an apparmor questions
<amon> *question
<amon> its not server specific but the ubuntu homepage sent me here
<amon> how can i open links sent to me in skype in firefox, i tried to allow skype access to /usr/bin/xdg-open, but now it wants to access firefox.sh
<mib_zp4tvgxc> can anyone help me or point me in the right direction ---> i moved my svn server laptop from college to home. when i try to update or commit, the svn is trying to access the college ip address, is there a way to switch it to point to my home address? --thanks
<Deeps> mib_zp4tvgxc: svn switch --relocate
<mib_zp4tvgxc> does it take params
<mib_zp4tvgxc> or anything
<Deeps> mib_zp4tvgxc: svn switch --relocate old-addr new-addr
<mib_zp4tvgxc> thanks alot
<mib_zp4tvgxc> on server box right
<Deeps> on your svn client
<mib_zp4tvgxc> ooh ok, thanks
<mgagne> anyone here have experience with xen 3.3 and hardy?
<mgagne> i have a networking question
<_jmedina> mgagne: which one?
<mgagne>  _jmedina hardy 8.04.1 with xen 3.3 backport
<_jmedina> I mean the networking question
<mgagne> well i got the system to boot with the xen kernel, now i have 2 interfaces in ifconfig, lo and peth0
<mgagne> i added eth0 back to interfaces and it gets an ip as well as peth0
<mgagne> but i cant ping google.com etc from dom0
<mgagne> it does work when i run "ip link set peth0 down"
<mgagne> but than peth0 grabs an ip again shortly after
<mgagne> probably because xend is doing something with it?
<_jmedina> using bridge networking?
<mgagne> i believe so
<mgagne> i changed very little about the xen configuration when i installed it
<_jmedina> peth0 is the real interface, eth0 is a virtual interface attached to the bridge port
<_jmedina> run
<_jmedina> brctl show
<mgagne> ok it lists eth8 with an id, stp not enabled, and interfaces are peth0
<mgagne> eth0*
<_jmedina> mgagne: could you paste bin it?
<mgagne> _jmedina: sure
<mgagne> jmedina: http://pastebin.com/de79dcbf
<mgagne> jmedina: I had to type it out because the system with Xen is not able to get on the network reliably
<mgagne> but its character for character what im seeing
<mgagne> jmedina: if you need anything else paste binned I can use my usb stick though
<jmedina> mgagne: ok, then show your xend-config.sxp
<jmedina> egrep -v '^#|^$' /etc/xen/xend-config.xsp
<jmedina> your /etc/network/interfaces
<jmedina> the output of ethtool eth0 and ethtool peth0
<mgagne> ok will do, give me a min
<mgagne> jmedina: here it is  http://pastebin.com/m27136fd9
<mgagne> jmedina: when i ping google.com it resolves an ip but i get Destination Host Unreachable
<jmedina> mgagne: I forgot about ifconfig -a and route -n
<Nafallo> DNS and routing is different things :-)
<Nafallo> fwiw
<jmedina> mgagne: can you ping your default gw?
<mgagne> jmedina: ok ill paste bin those, lemme check
<slofgren> mgagne: sounds like lack of a default gw being assigned
<mgagne> i believe i can ping the gateway
<mgagne> lemme get the command output
<mgagne> jmedina: http://pastebin.com/m7f722890
<jmedina> mgagne: you have two default gateways
<jmedina> eth0 and peth0 are in the same segment
<jmedina> did you configure peth0 with a IP addr?
<jmedina> #
<jmedina> 0.0.0.0         192.168.2.100   0.0.0.0         UG    0      0        0 peth0
<jmedina> #
<jmedina> 0.0.0.0         192.168.2.100   0.0.0.0         UG    100    0        0 eth0
<mgagne> nope, I didn't try to manually configure anything but eth0 in interfaces, I was hoping I could get away with dhcp
<jmedina> mgagne: try to remove the IP from peth0
<mgagne> jmedina: I am guessing I can't just use ip link set peth0 down right?
<jmedina> mgagne: nop, that will disable the interface
<jmedina> it is with ip del addr
<mgagne> jmedina: just give it the interface than?
<mgagne> jmedina: ip addr del peth0 says it needs the inet prefix, where do I get that value
<jmedina> mgagne: did you try: ip address del 192.168.2.47/24 dev peth0
<mgagne> yeah
<mgagne> jmedina: I can ping google now
<jmedina> good
<jmedina> now you need to resove why peth0 gets that address
<mgagne> jmedina: is peth0 half-configured? should it not be pulling its own ip?
<jmedina> I dont know if you used dhclient peth0 or something
<mgagne> hmmm, the only networking items I might have changed were in the configs I posted
<mgagne> this was a fresh install as of about 5 hours ago
<mgagne> jmedina: thanks for the help so far, I spent quite a while on Google prior to this with no success :)
<mgagne> jmedina: so basically I need to figure out why peth0 is getting an address, and then permanently prevent it?
<jmedina> mgagne: I have not used 3.3 only 3.2 not sure if the network-bridge script configs you interfaces automagically
<mgagne> ahh
<mgagne> is it worth trying to disable it?
<mgagne> jmedina: have you dealt with the libc warning you get with Xen in Ubuntu?
<mgagne> -> http://wiki.xensource.com/xenwiki/DebianTlsLibcDiversion
<mgagne> jmedina: just curious
<jmedina> mgagne: that doesnt affect ubuntu
<jmedina> it is for debian/etch
<jmedina> hardy already has a xen-friendly libc
<mgagne> ok, even though i get the warning
<mgagne> sorry I meant that as a question
<Faust-C> hmmm
<toehio> hello
<toehio> I just installed ubuntu server 8.1 and was wondering how I should set-up my users.
<toehio> I currently have a user as my own name, 'toehio'.
<toehio> Should I make seperate users for webservers, voip and games?
<r00tintheb0x> Anyone using bacula that has email messages working?
<Oliber> i've got a minor headache with NFS & Heartbeat, when the NFS server is running on the active node (2 node cluster with drbd/etc) only the primary IP address on the machine has all of the RPC services listed, the virtual IP gets portmapper and status
<Oliber> do i need to use another NIC and use IPAddr over IPAddr2?
<axisys> how to convert a desktop to a server?
<axisys> I dont any of the desktop craps
<axisys> i dont want to re-install with a server cd now
<Oliber> "apt-get remove" the packages you don't want
<axisys> Oliber: is there a bundle pkg that can remove all desktop stuff?
<Oliber> i don't know, if you remove X11 it'll probably want to take most of the GUI apps with it
<Oliber> i havn't done it personally
<refnumzx> I have a bit of a complex question.  I would like to virtualize a couple of samba boxes using the built in KVM tools in ubuntu 8.10.  I am going to buy an external storage box with 4 disks inside each 500 GB and connected with an E-SATA connection. If I want to mount different partitions on the same disk to different virtual machines, will these cause problems?
<jmedina> refnumzx: nop, that is a normal situation
<jmedina> just make sure you dont use the same partition on more than 2 guests
<Faust-C> finally i got something accomplised
<antdedyet> and there was much rejoicing. ;)
<Faust-C> lol
<Faust-C> got gallery2 working (just need to figure out how to play movies thru it), nagios working, and soon RT
<jmedina> RT?
<Faust-C> request-tracker
<Faust-C> hmm im assuming that pkg 'net-snmp' will get me Net::SNMP
<Faust-C> trying to get everything i need to centreon
<_45h_> hi. my ubuntu+xen everytime crashes into kernel panic with hard filesystem errors. its bug or easter egg?
<_45h_> i cant find any error messages in logs about it
<_45h_> after 1-2 days of work FS crashes fully
<_45h_> Superblock is corrupt and cannot be repaired
<_45h_> since both primary and secondary copies are corrupt.
<_45h_> its fsck log after first day of work
<jmedina> _45h_: I have about 5 xen servers running hardy without problemas, each host with about 10 guests
<jmedina> _45h_: you can recover the super block, I doubt you only have 2 copies of the superblock
<jmedina> but that could be a hardware problem
<_45h_> raid1 fully functional
<_45h_> and tested many times
<jmedina> hardy? intrepid?
<_45h_> tryed both. now i have debian 4.0 + jfs
<jmedina> probably jfs i the problem
<jmedina> :D
<_45h_> first time it was ext3
<jmedina> never had such problems
<_45h_> jfs works fine
<jmedina> and I have been working with xen since dapper
<_45h_> show me your manual
<jmedina> my manual?
<_45h_> documentation
<_45h_> man
<_45h_> howto :)
<jmedina> I dont have manual, only apt-get install ubuntu-xen-server xen-tools
<jmedina> guest runing on image files, partitions, lvm
<jmedina> all the machines created with xen-tools
<_45h_> are you using image files or partitions?
<_45h_> for guest systems
<jmedina> image files, partitions and LVM
<_45h_> hm
<jmedina> only ext3
<_45h_> ext3 sucks. first crash after 14 hours of work
<_45h_> jfs work more 24 hours )
<jmedina> _45h_: that is a serious problem
<jmedina> _45h_: did you try fat32?
<jmedina> just kidding
<_45h_> haha )
<jmedina> _45h_: so have you tried with another hardware?
<_45h_> fat12 ))))))
<_45h_> and partition for each file )
<jmedina> fat12 longs 12 hours
<jmedina> :D
<_45h_> hardware works fine
<_45h_> before i used this serv about 1 year
<_45h_> best hardware that i have
<hads> So "it used to work fine"
<jmedina> hardware fails
<jmedina> _45h_: and what about with a normal kernel? not the xen
<_45h_> hardware errors with empty logs?
<_45h_> em...
<_45h_> not tested
<_45h_> jmedina, are you using generic kernel? or xen?
<uvirtbot> New bug: #309160 in openssh (main) "openssh public key auth broken if one has many keys but only in X11" [Undecided,New] https://launchpad.net/bugs/309160
<jmedina> xen
<_45h_> i found this bug on ubuntuforums
<jmedina> ?
<_45h_> some peoples reporting this problem
<_45h_> kernel panic
<jmedina> which bug?
<_45h_> kernel crash )
<jmedina> is it a registred bug?
<_45h_> only some forum messages
<_45h_> 2.6.18-xen is too old? )
<jmedina> yeap
<jmedina> even dapper has 2.6.19
<jmedina> hardy
<jmedina> # uname -r
<jmedina> 2.6.24-21-xen
<_45h_> anyway 810 also died as this debian
<ScottK> No, Dapper is 2.6.15
<jmedina> true
<jmedina> :D
<jmedina> this is gutsy
<jmedina> running dapper as guest
<jmedina> ohh, it is feisty
#ubuntu-server 2008-12-18
<nemoego> Any ideas why bind9 on hardy returns SERVFAIL with the default configuration + forwarders?
<jmedina> nemoego: here works out of the box
<jmedina> nemoego: run: rndc querylog
<jmedina> and watch your logs
<jmedina> nemoego: can you reach the forwarders?
<jmedina> try dig @ip.forwarder google.com
<nemoego> jmedina: dig @forwader works fine, querylog shows query but nothing else
<jmedina> nemoego: try a trace
<jmedina> dig +trace google.com
<nemoego> jmedina: dig +trace works for both forwarders and local server in the same way (root->gtld->nsx.google.com->ip)
<luis__> el chat ubuntu server en espaÃ±ol, existe?
<jmedina> luis__: no tengo idea, pero no creo
<jmarsden|work> luis__: No se.   Pienso que no.  #ubuntu-es existe
<luis__> aca puedo hacer consultas en espaÃ±ol?
<jmarsden|work> Mi espanol no es sufficiente para consultar en espanol :-)
<jmedina> luis__: yo podria ayudarte, pero ahorita solo tengo unos minutos
<jmedina> luis__: de donde eres?
<luis__> de argentina
<luis__> y tu?
<jmedina> mexico
<nemoego> jmedina: could it have something to do with recursion?  when i dig +norecurse i don't get back an IP, but I do get an authority response with the root servers listed and a status of NOERROR
<luis__> jmedina mi idea es instalar un server ubuntu para ir reemplazando los windors
<luis__> server
<luis__> pero ahora solo aprender
<luis__> jmedina instalaste servidores ya?
<jmedina> luis__: la mayoria de la documentaion esta en ingles, esta la guia oficial "ubuntu server guide" podrias empezar por ahi, y claro pues instalando y probando
<jmedina> luis__: si, varios a eso me dedico y a dar cursos
<jmedina> me tengo que ir
<Deeps> #ubuntu-es btw
<luis__> ok gracias
<DarkOverlord> Anyone here running 8.10 on esx 3x/3.5 ?
<DarkOverlord> im trying to sort out some strange (what i believe to be apache2) performance issues.
<DarkOverlord> basic install of ubuntu 8.10 as a vm (512MB / 12GB disk Single Proc assigned) - ran all updates on the system (php5 & apache2) have been installed..   the server seems very responsive ... but webpages served up are very slow ie: zero connections to the box other than mine and a page takes upwards of 10sec's to load... (a simple forum page)
<DarkOverlord> are there any hacks that need to be done on a ubuntu system thats running on a esx 3.5 box?
<jmarsden|work> DarkOverlord: I'm no esx expert... but you might want to test browsing from the VM itself (use lynx or w3m if you have to!) and see if the page loads are still slow... if they are fast on the inside, it would point to a networking issue rather than straight performance.  Also you could try running top within the VM during that 10 secs and see what is taking CPU time, if anything?
<DarkOverlord> no GUI on the box, can i load a webpage via a SSH session - im assuming it will just load the text?
<jmarsden|work> Sure. lynx and w3m are text mode (console) web browsers you can sudo apt-get install.
<DarkOverlord> looks like it spawed two threads...
<DarkOverlord> each one maxxed out around 1.7
<DarkOverlord> let me try the lynx browser.
<DarkOverlord> im assuming by default the nic port speeds are setup as auto.
<jmarsden|work> Me too, but you can install ethtool to check that on the inside of the VM.
<DarkOverlord> so, it seemed that the sample "IT WORKS" just plain html page loaded fine
<DarkOverlord> but when it came to the php page
<DarkOverlord> it still took a while
<DarkOverlord> even while using the lynx browser
<DarkOverlord> lynx is the shit... lol.
<Deeps> i'd recommend elinks
<Deeps> assuming your terminal is capable, it even lets you use your mouse and click on links and the like
<DarkOverlord> neat... i dont plan on using browsers all that much on these systems though...
<DarkOverlord> ill look it up on my dev box though - thanks.
<DarkOverlord> im just using Putty to connect to the box.
<DarkOverlord> anything better for your basic network stats other than "nload"
<DarkOverlord> thats what im using now...
<Deeps> 'basic network stats'?
<DarkOverlord> traffic load etc.
<Deeps> never used nload, no idea what it does
<DarkOverlord> just displays /in/out traffic
<Deeps> iptraf may interest you then
<DarkOverlord>     Avg: 2.30 kBit/s
<DarkOverlord>                                                        Min: 0.92 kBit/s
<DarkOverlord>                                                        Max: 12.00 kBit/s
<DarkOverlord>                                                        Ttl: 2.67 MByte
<DarkOverlord> Outgoing:
<DarkOverlord> is..
<DarkOverlord> sorry.
<DarkOverlord> let me checkout iptraf
<DarkOverlord> verycool.
<Deeps> for basic in/out i use bwm-ng
<juac> hello
<DarkOverlord> yo.
<DarkOverlord> http://66.60.246.203/hosted/theanthills/
<DarkOverlord> is the test page...
<DarkOverlord> just a forum .. well a copy
<DarkOverlord> takes like 6-10 seconds to load
<DarkOverlord> id reallllly like to get all my sites moved over from a windows iis6 box over to these ubuntu servers ive setup
<juac> i have a question with openssh, is it possible to configure it for passwd authentication on one interface, and keys/whatever on another?
<jmarsden|work> juac: Yes.  You can run two copies of it with two different config files.
<juac> ah, ok. i was wondering if it was possible with 1 copy
<jmarsden|work> I don't think so.
<Xperiment62> just installed a fresh copy of 8.10 server
<Xperiment62> can someone please instruct me on how to set up the ftp
<LoveGuru> you wanna setup ftp server?
<Xperiment62> yes
<LoveGuru> What do u want?
<Xperiment62> i installed LAMP and openssh
<LoveGuru> proftpd or vsftpd.
<Xperiment62> either
<Xperiment62> i want to be able to ftp to the apache files
<Xperiment62> preferably with a passworded login
<hads> SFTP win
<LoveGuru> Xperiment62: http://www.vsftpdrocks.org/ or http://vsftpd.beasts.org/
<LoveGuru> its vsftpd
<LoveGuru> Xperiment62: ProFTPD mini-HOWTO - Configuring ProFTPD @ http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-ConfigFile.html | HOWTO : Create a FTP server with user ac @ http://ubuntuforums.org/showthread.php?t=79588 | ProFTPD mini-HOWTO Index @ http://www.proftpd.org/docs/howto/index.html | HOWTO: Install proFTPd Administrator @ http://tebl.homelinux.com/files/project_13/source/proftpd_admin_current/misc/howto_install/install.h
<Xperiment62> umm what order do i look at those in?
<LoveGuru> its all different url.. just check what u exactly need. :)
<Xperiment62> the "Create a FTP server with user ac" looks as though it might cover what i need
<Xperiment62> hrmm
<Xperiment62> is there a server in synaptic that is designed for use with apache?
<hads> huh?
<axisys> how to make default editor vim system-wide?
<ajmitch> have a look at update-alternatives
<jmarsden> axisys: Or do    echo 'EDITOR=/usr/bin/vim ; export EDITOR' >>/etc/profile.d/make-vim-default-editor.sh
<jmarsden> and    chmod 755 /etc/profile.d/make-vim-default-editor.sh
<axisys> jmarsden: too much hack.. let me try ajmitch's suggestion and run update-alternatives first..
<jtaji> update-alternatives --config editor
<axisys> jtaji, ajmitch cool worked perfect.. thnx
<Kevin_> Hi everyone.. Looking for some advice. I installed Apache, PHP, MySQL, and Wordpress on my Ubuntu box in hopes of running my WP site off of it. The WP site is taking ~10 seconds to load & the memory usage on the machine is constantly at 80%. The CPU usage peaks to around 85% when someone views the site. The machine has a Pentium 4 processor with 512Mb RAM. Any suggestions?
<ball> Quadruple the RAM
<Kevin_> ball: Is Wordpress really that much of a resource hog?
<ball> Hey, I didn't even know I was /in/ #ubuntu-server!
<ball> Kevin_: I don't know it, but that's a reasonable baseline for a Web app.
<ball> ...for a Web server.
<Kevin_> Alright, how about the Pentium 4. Do you think I can stick with that or will I have to upgrade to a far more powerful machine?
<Kevin_> Of course, that was intended for ball. :)
<jmarsden> For a single wordpress blog?  A P4 will be fine once it has enough RAM so it can breathe... but I'm not ball ;)
<ScottK> Hard to know for sure, but likely you'll be RAM or IO bound and the CPU won't be the major driver.  No way to know except to try it though.
<ScottK> jmarsden: Did you see my note about sepol
<Kevin_> IO bound - meaning what?
<ball> I'm inclined to agree with jmarsden and ScottK
<ScottK> Or whichever selinux package it was ...
<jmarsden> ScottK: I saw that it depended on some other fix... did that all get worked through the system?
<ball> My gut feeling is that you're hitting swap
<ScottK> Kevin_: Disk IO to read/write stuff.
<ball> you may be able to type something at the command line to see that.
<Kevin_> Sorry, I'm sort of new at this stuff.
<ScottK> jmarsden: It needs testing from intrepid-proposed now.
<ball> ...there are probably Apache tweaks too.
<axisys> hwo about lamp on p4 with 512M mem ? is that not enough?
<ball> axisys: that was the original question
<Kevin_> Any specific suggestions on how to tackle this problem (besides the RAM, I'm gonna do that)?
<axisys> or should I replace apache with lighttpd?
<jmarsden> Ah, OK.  I'll check it out later tonight.
<ScottK> Great.
<ball> axisys: depends what you're doing
<ScottK> jmarsden: Just comment in the bug if it works or not.
<axisys> ball: minus WP
<jmarsden> Kevin_: use a smaller/simpler web app for your blog?
<ball> Write your own ;-)
<Kevin_> jmarsden: This is a pretty big website. It needs WP
<Kevin_> I'm using it as a CMS
<jmarsden> Then it needs a pretty sane amount of RAM ;)
 * ball grins
<Kevin_> Haha, fair enough.:)
<Kevin_> I'll upgrade it and get back to you guys. Thanks for all the help, the support community here is unbelievable
<ball> Kevin_: you may want to ask the Apache people about tuning
<ball> I'm guessing you want one instance permanently resident, with appropriate plug-ins
<ball> ...also find out whether it *needs* Apache
<Kevin_> I'm pretty sure it does.
<ball> What is wordpress written in anyway?
<Kevin_> PHP?
<jmarsden> Kevin_: For general PC hardware advice for Linux, see: http://tldp.org/HOWTO/Unix-Hardware-Buyer-HOWTO/ (which I contributed to... shameless plug)
<Deeps> 10 seconds to load up a (largely empty) WP blog?
<Deeps> thats shocking
 * ball nods
<ball> smells like swap to me
<Kevin_> It hits the Index.php file (and a few PHP files it calls) and just is at a stand still
<Deeps> with 512mb ram?
<Kevin_> swap.. meaning what?
<ball> I dislike php
<Kevin_> Yes 512
<Deeps> are you running much else on there?
<Kevin_> Firewall, FTP, Apache, MySQL, PHP
<ball> Kevin_: swap is when your computer runs out of RAM and has to use disk instead.
<Kevin_> How would I be able to tell if it has moved on to that ?
<ball> I don't recommend ftp
<Deeps> refresh the page a few times
<Kevin_> System resource viewer?
<Deeps> if it takes just as long each time, it's not swapping
<Kevin_> I believe that to be the case. It seems pretty consistently slow
<ball> Deeps: do you suppose it's launching Apache every time?
<ball> (every time someone connects)?
<Deeps> ball: if he's using a fairly old browser that doesn't support http/1.1, possibly
<Deeps> otherwise highly unlikely
<jtaji> Kevin_: you can check swap usage with free
<Kevin_> I'm using Safari 3 and Firefox 3 to access the site
<ball> Deeps: Mosaic! :-)
<Deeps> ++ apache keeps childprocs spawned ready to go as + when needed
<Deeps> Kevin_: try it now. refresh the page 10 times in a row, letting it load fully each time first
<ball> Deeps: that sounds sensible
<Kevin_> Deeps, I'm really sorry but I have the computer at work. I'll have to try these steps tomorrow
<ball> Are apache modules child processes, or threads?
<ball> (is Linux multithreaded?)
<Deeps> procs i believe
<Kevin_> So, I'm going to install a PHP Accelerator (as WP is pretty much all PHP) and up the RAM. I think those will be my first steps.
<ball> Okay.  How does Apache talk to its child processes?
<ball> What is a "PHP Accelerator"?
<Kevin_> It optimizes and caches PHP so it doesn't have to be executed every single time
<Deeps> no idea, i'm not an apache (or C) developer. i suspect it does it does it the same way most apps do when forking child procs
<ball> Kevin_: pity you can't just use a compiled language :-(
<Deeps> and php accelerators (if i'm right) will take the interpretted code and compile it, hehe
<Deeps> to make it more efficient
<Kevin_> Yeah, I really love Wordpress, though. (besides the performance) :)
<Kevin_> I have another site on an Intel Xeon w/ 2Gb of RAM and it flies
<jmarsden> ball: http://httpd.apache.org/docs/2.0/mod/worker.html  for info on the apache process model (well, one of them)
<ball> jmarsden: useful info, thanks.
<ball> Kevin_: I've been tinkering with a Xeon box lately.  Can't justify one for use at home though.
<Kevin_> I really need to launch this site soon and I can spend some cash if necessary. Would I be wise to simply purchase a powerful server if I intend to grow this site?
<Deeps> yes
<ball> Kevin_: yes, buy something with expandability
 * ball tinkers
<Kevin_> What about an Apple XServe (I ask because I'm a Mac person)
<Deeps> ugh
<ball> IBM x3650 will take up to 48 Gbytes of RAM
<ball> ...up to eight 2.5" hard disks
<ball> outgrow that bugger and you're doing alright.
 * Nafallo is not a fan of IBM servers
<Kevin_> Haha, ok. I'm going to have to think about this. Thanks again for all your help, I'll see you later
<ball> I wouldn't mind an x3250: 8 Gbytes RAM, four 2.5" hot-swap drives
<ball> Nafallo: why's that?
<ScottK> Kevin_: Spend some money on RAM and see what that does for you before you make a major investment.
<Nafallo> ball: HP is far better in my opinion :-)
<Deeps> ilo ftw
<jmarsden> Kevin_: ScottK is right -- $100 for 2Gb RAM is worth doing first.
<Nafallo> the IBMs have some weirdness going on with power.
<Deeps> 0407.57 -!- Kevin_ [n=Kevin@c-71-60-105-245.hsd1.pa.comcast.net] has quit []
<Deeps> type faster? ;)
<ball> Nafallo: power consumption, or POWER processor?
<ball> Nafallo: I recently deployed an HP ML110
<Nafallo> ball: not turning on when power comes back.
<ball> ...was amazed how quiet that was
<ball> Nafallo: usually that's a CMOS setting
<Nafallo> ball: I wish
<ball> Did you ask IBM?
<Nafallo> ask IBM why they didn't include the settings I need in the BIOS? :-)
<Nafallo> no. haven't done that.
<ball> ...ask IBM wtf your server doesn't boot when power returns
<ball> ...though I'm sure they'll wonder why it's not on a UPS
<ScottK> Even UPS run down eventually.
<Nafallo> ehrm. we need to be able to remotely reboot the machines. we do so via PDUs :-)
 * ball nods
<Nafallo> so don't really care what they think ;-)
<ball> ScottK: your UPS should be able to tell the server when the battery's running low, so that it can perform an orderly shutdown
<ball> then the server should be able to tell the UPS when it's done that, so that the UPS can switch off its load
<ScottK> ball: Separate issue from startup when the power comes back.
<ball> ScottK: yes, that's a fair point.
<Nafallo> HP included screws for new harddrives on the actual caddy to place it in (already empty in the server)
<Nafallo> they include all tools needed (when you actually do, it's seldom) on the actual servers somewhere as well.
<Nafallo> feels like they put actual thought into things when they do them :-)
<Nafallo> not looking back... :-)
<ball> Nafallo: I've been impressed with HP's tech support too.
<Nafallo> there RMA department still haven't said no to me :-)
<Nafallo> their even
<Nafallo> so yea. I have a favorite brand ;-)
<Nafallo> ehrm. vendor, whatever the correct word is.
<ball> That reminds me, I should piece together that Compaq box
<blackorga> hi all.....
<blackorga> anyone got experince in installing xen on hardy?
 * ball can't afford a machine capable of running Xen
<blackorga> i am using an average pc to run xen...:)
<blackorga> but only for the sake of learning....:)
<blackorga> i have one problem....when i run "xm create /etc/xen/ubuntu.lan"
<blackorga> this error appeared...."Error: (38, 'Function not implemented')"
<blackorga> anyone ever faced this kinda problem?
<ssd7>  /quit
<spiekey> Hello!
<spiekey> is there a way to change the reboot key combination from ctlaltdel to ctrl+alt+r ?
<spiekey> the stupid windows admins keep pressing that kombination on my kvm switch all the time!
<henkjan> spiekey: edit /etc/event.d/control-alt-delete
<hads> Hah I can see that being annoying
<spiekey> hehe, thanks!
<spiekey> henkjan: do you maybe know the setting for debian4, too?
<hads> /etc/inittab
<spiekey> well yes...but in both cases...i would like to change it to ctrl-alt-r and not disable it completly
<jmarsden> spiekey: See http://en.wikipedia.org/wiki/Magic_SysRq_key for something sort of close to what you are attempting?
<jmarsden> I don't think you can make some random  key combo of your choice reboot the Linux box...
<hads> Or type reboot
<Xperiment62> i came in asking about ftp earlier, i now have it set up.. i just need it to automatically change the ownership of the files
<Xperiment62> so that i dont keep getting 403's
<LoveGuru> Xperiment62: Which FtP server are ya using? proftpd? or vsftpd ?
<Xperiment62> i am using vsftpd
<LoveGuru> Join #Vsftpd they will help ya better with that.
<Xperiment62> thanks LoveGuru
<LoveGuru> Xperiment62: might be forum will be helpfull check website first. which i gave it to ya
<kris_> someone here that knows abouot mysql server setup ?
<kinnaz_> apt-get install mysql-server :P?
<kris_> that part is over :p  but its more complicated than that ...  what i need is to make a odbc connection from a windows machine in my lan , to my mysql server.  So I have it installed, I reconfigured the /etc/mysql/my.cnf file wit the servers fix ip ... I do not have a firewall set up.  When i do a portscan to my sever it does not show the mysql port ...
<kris_> the deamon is running and localy it responds correctly
<\sh> kris_: and a mysql -u <user> -p -h <host ip> does work from outside?
<hads> And you restarted it
<kris_> yep
<kris_> restarted first the service
<kris_> afterwords I also restarted the complete machine
<hads> Nothing like overkill :)
<hads> bind-address 0.0.0.0
<kris_> :p  yeah , but I was getting sick of it so i just rebooted the machine out of frustration (dam, i'm busted)
<hads> bind-address = 0.0.0.0
<kris_> bind adres at this time is my servers ip
<kris_> so i should trye wit 0.0.0.0 ?
<hads> Shouldn't make a difference
<hads> netstat should tell you how it's listening
<kris_> netstat sais it is listening ...
<kris_> what is strange is that for my httpd, ftpd, or sshd I can find the ports open and listening
<kris_> and i can detect them with my portscanner.
<pilgrim> Hello everybody. Can someone help me on an instalation issue? I would like to install Ubuntu Server on a machine that previously had Windows on it, but the thing is I don't want to lose the files that are currently on the hard drive (other than the Windows files). Thanks
<kris_> using a telnet session from my ubuntu machine to the server on port 3306 i do get a connection
<Phil__> hello, I have lost connection to the internet, still have limited LAN connection - any ideas?
<kris_> Pilgrim :  when you install sever you get a menu for the partitioning ...  it wil propose you to shrink your windows partitions to make room for your ubuntu partitions.
<kris_> also it will install a bootloader so that you can choose between the server and windows when you boot the machine ...
<pilgrim> Thanks Kris. I was thinking about that to, but I was hoping there could be another option. :)
<kris_> hmmm  If you have a second disk you could dedicate a disk to ubuntu and one to windows ...  but you will still need a bootloader in your master boot record. ..
<Deeps> pilgrim: wubi installer from windows is another option
<kris_> why do you need the ubuntu server ?  You could use vmware server to create a virtual machine under your windows ...  advantage, no data can be lost.
<kris_> and vmware server is free ...
<hads> ...of cost
<Deeps> pilgrim: installs ubuntu into a single file on your windows partition, and boots it from there too. it's stored as "just another file" on your filesystem, no risk at all too.
<kris_> even the vmware esxi is free now ... but i thik that would be a little advanced and it will erase everything so you would have to reinstall ...
<pilgrim> personal page webhosting and mai server. that was the last machine I had that was running on Windows and want to loose it permanently (windows that is)
<pilgrim> and I always like a clean install better then a VMWare Solution
<pilgrim> I think the best option is partition the hard drive, install linux, transfer all the files from the windows partition to the linux partition and then delete the windows partition and allocate the free space to the linux one, then edit GRUB
<kris_> how big is the hd ?
<pilgrim> 120 Gb, and I have about 55Gb free
<kris_> you could make an iso file from your current file system using an ubuntu live cd for instance,  afterwords you can mount the iso file under a directory, ...
<pilgrim> that could be an idea also
<kris_> yeah but it would imply that you need cleanup the hd, and only copy the files that you would like to keep ..  Iso does not use compression so you would end up with an very large file
<Phil__> Can't access the internet, LAN seems okay - any takers?
<ivoks> route and dns
<\sh> kris_: I wonder if nmap checks for ports > 1024 automatically...
<kris_> think I found it ...
<ropetin> ] \sh yup
<\sh> ropetin: does it?
<kris_> typo in config file and i am up and running now
<ropetin> For me it does (it finds VNC servers as standard, 5900)
<ropetin> I don't /think/ I've changed anything :)
<\sh> ropetin: ok.. I wasn't sure about that...we do have accesslists between our vlans and normally we don't run any mysql server on public reachable ips...
<kraut> moin
<Coff3> Hi ppl, is trying to get kerberos working here..   but to auto get a ticket on login aint realy working for me.
<axisys> how do I disable this `Dec 18 07:50:06 sys-ubuntu -- MARK --' ? I am getting every 20 mins
<axisys> in my log file
<ivoks> you don't want to disable that
<axisys> ivoks: who sends it? my fw?
<ivoks> that way you know everything is ok with your system
<ivoks> no, syslog it self
<axisys> ivoks: ok
<ivoks> it doesn't have any entries, so it puts a 'MARK' in it, so you know everything is ok, and syslog is working
<axisys> ivoks: gotcha
<Koon> there is a way of making them less frequent though.
<Koon> SYSLOGD="-m 60" in /etc/default/syslogd to make them hourly, for example.
<axisys> Koon: cool.. let me do that .. thnx
<ivoks> what kind of a server doesn't have a single entry in syslog for 20 minutes? :)
<axisys> how do I know I am using raid controller instead of disk ?
<Koon> ivoks: the fanless brick I use for deb mirroring and other strange uses
<axisys> it says /dev/sdb
<Koon> ivoks: it avoids waking the disk up too often
<ivoks> Koon: not even update-motd? :)
<ivoks> axisys: lshw
<Koon> ivoks: you're right, I've to check out that one :)
<ivoks> you should pipe that trough less
 * ivoks patched tar to support selinux, xattrs and acl
<ivoks> will try pushing that into debian first...
<axisys> ivoks: http://pastebin.com/f7b92a07b
<ivoks> axisys: you should read that your self
<axisys> ivoks: yep reading
<ivoks> i see you have two fujitsu disks
<ivoks> and one logic disk
<axisys> ivoks: yes.. it is a sun x4100
<axisys> from lshw it looks like i am using lsi raid controller /dev/sdb
<ivoks> and one more disk
<ivoks> on USB?
<ivoks> and two cdroms
<axisys> ivoks: one cdrom and might be more than usbs
<axisys> df -h shows /dev/sdb1 as /
<axisys> so I guess i am good
<ivoks> and what's /dev/sda?
<axisys> i did setup a raid1 .. just want to make sure i am taking advatnage of that
<axisys> ivoks: usb
<zul> does anyone have any problems for apache 2.2.11 for jaunty?
<pilgrim> I know this is a sacrilege to ask this, but is there a way to install graphical interface on Ubuntu Server?
<pilgrim> :D
<ivoks> pilgrim: you'll get banned
<ivoks> we'll set up a kind of ubuntu server shell for jaunty
<pilgrim> sorry, didn't mean to break any rules. I'm just new to this and I kinda don't get along to well with the command line
<pilgrim> again sorry
<ivoks> that should help with some stuff
<ivoks> but no, no X, never
<ivoks> zul: nope :)
<Pici> pilgrim: You can install a desktop environment for ubuntu-server, but most server applications don't have a gui frontend for administration.
<Coff3> Pici,  apt-get install ubuntu-desktop i think
<Coff3> sorry
<ScottK> pilgrim: You can sudo apt-get install ubuntu-desktop, kubuntu-desktop, xubuntu-desktop, etc. as Pici says, but any questions about it are OT for this channel.
<Pici> pilgrim: You can ask for support in #ubuntu for that :)
<pilgrim> ok guys, thanks a lot. appreciate it, and sorry for the off-topic once more
<ivoks> :)
<kinnaz_> http://pics.nase-bohren.de/nerd.jpg
<uvirtbot> New bug: #309339 in krb5 (main) "kadmind will not listen on IPv6 ports" [Undecided,New] https://launchpad.net/bugs/309339
<Faust-C> heh i manage to have a gallery2 server running w/ all my users hitting it w/ only 512M of ram
<SalsaDoom> Morning fellas!
<kinnaz_> Faust-C the swap usage must be nasty
<SalsaDoom> Anyway familiar with virt-manager? I'm having a problem here .. I'm connecting to a remote server via the ssh tunnel -- and when I open a console window i get a tcpip error, vnc connection refused or disconnected.
<Faust-C> kinnaz_: havent had any error reports yet
<geekboxjockey> hello
<geekboxjockey> does anyone here have experience using virt-manager or similar to work with xen remotely?
<kinnaz_> Faust-C i personaly think every webserver should have atleast 1gb memory, prefferebly 2gb
<Faust-C> kinnaz_: i just wanted to test this out, its a VM so i can make changes easily
<SalsaDoom> geekboxjockey, lol, I'm fighting with an issue like that myself here ;) only its virt-manager /w kvm.
<geekboxjockey> I am trying to set up remote management and am not sure of what I need to enable and configure, by default it looks like I can't connect
<geekboxjockey> SalsaDoom, yeah its great, I like the command line stuff, but I am curious to know if I can expose the system to various users through a GUI, since not all of us are console people :P
<SalsaDoom> geekboxjockey, On the surface, it looks fairly simple. I'm having problems opening the console remotely, but otherwise it seems functional. Do you already have the server setup?
<SalsaDoom> ie, you just need to setup a remote management box?
<Faust-C> ssh ftw
 * SalsaDoom seconds this.
<SalsaDoom> I think that ssh is the single greatest tool ever written ;P
<Faust-C> thats one of the main issues ppl have w/ vanilla xen is management tools
<Coff3> running remote grafic i am using NX .
<Faust-C> SalsaDoom: agreed
<geekboxjockey> SalsaDoom: yeah it's up and healthy, I just don't know which service to enable or if i need to add certain permissions for users
<geekboxjockey> command line is great IMHO, but I'm a developer, and I need to sell this to IT people
<ScottK> !ebox | geekboxjockey
<ubottu> geekboxjockey: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<SalsaDoom> geekboxjockey, Well, you need to enable a root account I believe. Then just have ubuntu-virt-mgmt installed on the client machine... usual user permissions apply I believe
<Faust-C> eBox ... not to fond of it
<SalsaDoom> er, I should be more clear. Root account should be accessible on the -server-.
 * SalsaDoom is assuming your talking about virt-manager, since you said gui ;)
<geekboxjockey> Ideally it would be nice to just use a simple lightweight client, yeah like virt-manager or convirt etc
<geekboxjockey> basically I just need to know what service to enable in the .sxp config for Xen, and what, if anything, to do to create users
<SalsaDoom> hmmm, I'm only vaguely familiar with kvm, not at all with Xen ;\
<rickross> anyone know how to set software raid to use the noop scheduler?
<SalsaDoom> hmm, well, anyone ever used virt-manager to open a vm console over an ssh tunnel?
<SalsaDoom> I'm obviously missing something, I get a connection refused ;\
<SalsaDoom> Oh humm. I wonder if my non-standard ssh port might be causing an issue, now that I think about it.
<ball> hello dinsdale07
<dinsdale07> hi ball
<SalsaDoom> aha, yeah, ok, the problem was caused by the non-standard ssh port.
<SalsaDoom> :)
<Faust-C> isnt there a way to block a user from using dhcp using thier mac address
<freaky_t> how can I make a apache2 SSL certificate?
<jmedina> freaky_t: a self-signed certificate?
<freaky_t> for apache2
<freaky_t> yea
<freaky_t> that apache2-make-ssl-cert script doesnt exist anymore
<jmedina> freaky_t: do it by hand
<freaky_t> how
<jmedina> with openssl
<leonel> openssl req -new -x509 -nodes -out server.crt -keyout server.key
<freaky_t> where do i specify for how long the certificate is valid?
<ScottK> leonel: Debian did an update to clamav for etch that dealt with the jpeg issue.
<ball> Anyone here used Ubuntu in a cluster situation?
<ScottK> leonel: Maybe you could have a look at their patch and we could backfit the patch to re-enable modules at the same time ...
<ScottK> ball: I'm pretty sure ivoks (not here right now) has.
<jpds> freaky_t: https://help.ubuntu.com/community/forum/server/apache2/SSL
<freaky_t> jpds that doesnt help
<leonel> freaky_t:  add  -days 356 ...
<jpds> freaky_t: https://help.ubuntu.com/8.04/serverguide/C/certificates-and-security.html maybe?
<leonel> scottK I'll check that  ..
<ScottK> leonel: Great.
<jmarsden|work> leonel: man x509 also works :)
<leonel> jmarsden|work:  and  google ...
<ball> ScottK: thanks.
<Fenix|work> Greetings... quick question.
<ball> hello Fenix
<Fenix|work> the permission of -rwsrwxr-x ... what is the octal value?
<ball> what's the s?
<ball> 775 if it's rwxrwxr-x
<Nafallo> stick
<Nafallo> sticky
<ball> 7 = 111 = rwx,   5 = 101 = r-x
<ball> Oh, dunno about the sticky bit.
<jmedina> 2775
<jmedina> not, it is 4775
<Fenix|work> jmedina, ok... so 1775 is for rwxrwxr-s, 2775 is rwxrwsr-x and 4775 is rwsrwxr-x ... sound about right?
<jmedina> it is SUID
<ball> Ah, the suid bit?
<jmedina> 4xxx SUID, 2xxx GUID 1xxxx Sticky bit
 * ball writes that down
<Fenix|work> jmedina, I'm trying to use find -perm to list all files with SUID bit on and it's listing all files... using find ./ -type f -perm 4775
<Fenix|work> ahh... it's my version of find... doesn't support perm
<Fenix|work> how does one use find to exclude a particular directory... for instance, I want to find everything in / but exclude /dev from the results
<greenfly> Fenix|work: find / ! -name '/dev'       ?
<jmarsden|work> Fenix|work: If you want to just stay within the / filesystem, you will probably want -xdev as well?
<jmedina> Fenix|work: try find / -type f -perm -4000
<greenfly> jmedina: but that would potentially exclude other file systems Fenix|work might want
<Fenix|work> I basically want to find all files with the SUID bit set
<Fenix|work> regardless of the other portion of the files permissions
<greenfly> ohhhhh
<greenfly> sorry, didn't read the scrollback
<Fenix|work> darn... 4000 and u=s don't work
<Fenix|work> yet 4775 shows a whack of files
<slangasek> hi, I notice there hasn't been any testing feedback yet for server images on http://iso.qa.ubuntu.com/qatracker/build/all - is anyone looking at these for alpha-2?
<Jeeves_> Anyone here using teredo ?
<Jeeves_> (miredo on Ubuntu)
 * antdedyet groans
<spowers> i don't know if this is a dumb idea, but is the jockey driver config tool likely to have a cli frontend made for it ever?
<spowers> i'm comfortable compiling my own drivers, but i'm also lazy
<antdedyet> spowers: check out the module-assistant command
<spowers> thanks, will try it
<LoveGuru> Hello,  have a quick question regarding ssh, when i login to my box through ssh i wan't when i put my login after that it shows my rules before processeding further after put my id and before the password it shows my rules, how can i do that?
<spowers> LoveGuru: see the sshd_config option "Banner"
<LoveGuru> spowers: thanks, and after passwd use /etc/motd.tail right?
<LoveGuru> thats for to motd.
<spowers> LoveGuru: the sshd banner is sent to the remote user before authentication is allowed, says the manpage for sshd_config
<LoveGuru> spowers: alright
<spowers> and motd.tail is sent afterwards, correct
<LoveGuru> okie thankx :)
<LoveGuru> spowers: Thankyou so much to point me in correct direction.
<LoveGuru> spowers: i want user jail like.. if i create any user the user got permission like they can't cd .. to any other directory.. well stright i wan't that if i create user they can't move or check any other dir or user ?
<spowers> that's a combination of having good filesystem permissions and perhaps you also want to use rbash (man rbash) for their shell
<spowers> a real chroot jail environment would require a lot of setup
<LoveGuru> spowers: any guide for chroot jail ? never done it before.
<spowers> also you should read up on selinux mandatory access controls
<LoveGuru> um selinux.
<spowers> there's no one way to do it, as far as i know, because chroot is such a rudimentary tool that it can be used in so many different ways as to make explanation difficult
<LoveGuru> Well basically i never done it before.. so i don't know where should i take my start
<spowers> basically it takes a process and makes it so that process can't access directories outside of the specified one.. and it goes for all subprocesses too, which means each chroot environment would need to include a little system
<spowers> they're really only good for hackish development or other very specific uses
<LoveGuru> spowers: well im trying to run small server.
<LoveGuru> i don't want my users can see each of users files
<ScottK> You can do that with apparmor too and it's probably easier to get started with.
<LoveGuru> or anything else in my box
<spowers> ScottK: is apparmor easier than selinux? i'm not familiar with either of them
<LoveGuru> alright thankx guys..
<LoveGuru> ScottK: ur guide always work for me :)
<LoveGuru> thankx spowers n ScottK
<weboide> Hi there, I'm on ssh to my 8.04 server, I "su john" it asks for the password, but when i start typing it, it says authentication error.
<Jeeves_> weboide: You should try to enter the correct password :)
<weboide> Jeeves_: I didn't even hit enter
<Jeeves_> weboide: Ah :)
<weboide> i start typing (for example): p...
<weboide> and then it says authentication error
<weboide> See for yourself, it shows: asswordsu: Authentication failure
<weboide> it stops after the first letter
<weboide> Jeeves_: Hmm I think I found it, that debsign that made my terminal crash...
<Tailsfan> Hi There, I'm trying to install 8.10 on my Old NetVista Tower but everytime it gets to the hard disk scanning phase, it just flickers and goes in an endless loop
<Tailsfan> what do I do to fix thid
<Tailsfan> this*
<Mal3ko> what is "search isp.com" in resolv.conf for?
<Mal3ko> anyone still up?
<Mal3ko> does ubuntu server sync time automatically?
<Mal3ko> default ubuntu server install
<Nafallo> once on boot
<hads> openntpd is a simple way to do it.
<Nafallo> ntp is even simpler, and supported :-)
<Nafallo> ntpd even
<Nafallo> but I think the package is ntp?
<infinity> The package is "ntp", yes.
<Nafallo> when I installed it it was ntp-simple ;-)
<infinity> No idea why anyone would go and compile a random ntp daemon, even if it does have the coolness of OpenBSD behind it.
<Nafallo> then things started replacing that with simply ntp ;-)
<Mal3ko> ntp vs ntpd? what's the diff
<Mal3ko> ntp vs openntpd*
<infinity> The part where OpenNTPd hasn't seen a portable release in over 2 years isn't comforting either.
<hads> You find ntpd simpler than openntpd?
<infinity> Mal3ko: The difference is implementation.  The difference from a user standpoint is that one is packaged, maintained, and up-to-date, and one only works on OpenBSD unless you want an ancient codebase.
#ubuntu-server 2008-12-19
<hads> And openntpd is packaged by the way.
<infinity> hads: Yes, and it's the ancient version from 2 years ago.
<hads> Sure
<infinity> hads: That doesn't qualify as "maintained" to me.
<hads> Yes, but you included packaged in your list :)
<infinity> hads: Given that the upstream codebase has seen COUNTLESS releases in those years.  (it's not like it's "finished" or anything)
<hads> I'm not arguing that it's a better solution, it is simple though.
<infinity> Fine, I take back the "packaged" thing, the pedantry wins.  Still, it's unmaintained and unsupported upstream, both bad things for a network service, IMO.
<hads> Fine, I'll be quiet now.
<Mal3ko> does NTP take care of time syncro. automatically? or we need to sync the time manually with the command?
<infinity> Mal3ko: ntp daemons (like ntp, or openntpd) do it automagically, yes.
<jmedina> Mal3ko: using the ntpd daemon, yes
<Mal3ko> ntp package is included with ntpd?
<infinity> Mal3ko: Both will refuse (for good reason) to skew the clock TOO far, which is why you usually have something like ntpdate (installed by default) running on boot to make sure the clock is "close enough", then the ntp daemon takes over and keeps it perfectly in sync.
<jmedina> ntpdate is for on demand sync, and should not be running ntpd when you use ntpdate, what is why ntpdate runs at boot time, after network is up, and before ntpd is launched
<LoveGuru> ScottK: apparmor is gui or cli? its looklike GUI interface. i don't have X server so still i can configure it?
<jmedina> LoveGuru: you configure it as any other unix program, using text files
<jmedina> gui and cli are extras
<LoveGuru> jmedina: is there any tutorial would be great ? howto*
<jmedina> LoveGuru: google for "ubunt apparmor"
<jmedina> "ubuntu apparmor"
<LoveGuru> alright
<LoveGuru> well i did.. nothing found :)
<LoveGuru> thats why i asked.
<LoveGuru> well oikie let me check again
<jmedina> and of course the novell/suse documentation
<jmedina> nothing found?
<jmedina> the two fist matches are from ubuntu
<jmedina> unless you are using another language
<LoveGuru> ahh well i m looking like Ubuntu*Server*apparmor
<LoveGuru> :S
<jmedina> too long
<LoveGuru> ya
<Mal3ko> are there particular network tweaks i could do to optimize server connecttion?
<helfire> anyone played with aws?
<jmedina> maltepalte: connection to what?
<jmedina> that was for mal3ko, but he left
<luis__> hola nesecito un manual de instalacion en espaÃ±ol de ubuntuserver 8.10
<Deeps> http://doc.ubuntu-es.org/Documentaci%C3%B3n
<Deeps> www.ubuntu-es.org
<Deeps> #ubuntu-es
<luis__> gracias Deeps
<Deeps> d nada
<Mal3ko> are there particular network tweaks i could do to optimize server connecttion?
<Deeps> in what way?
<Mal3ko> latency maybe
<Mal3ko> im hosting game servers here
<Deeps> latency? get a better line
<Deeps> in-game ping time? get a better server (faster cpu, more ram, faster disks, better gpu in some cases too bizarrely)
<Deeps> otherwise most optimizations will be in the gameserver's configuration
<hads> Weird
<Deeps> i forget which game it was, maybe moh:aa that required a top end gfx card on the server
<Deeps> or one of the CoD games
<Deeps> was weird
<Deeps> i know all the source games have loads of networking tweaks that are done in the server.cfg
<Deeps> (source games being valve engine based)
 * hads knows nothing about games
<Mal3ko> server's connection should not be a problem since it's on 100mbps line.
<jmedina> you can increase using bonding
<jmedina> put 2 network cards and aggregate the bandwith
<Deeps> latency and linespeed aren't directly connected
<jmedina> or more, like 4 cards you get 400mbps
<jmedina> :D
<hads> It would also depend what else is on that 100mb line.
<Deeps> i have a server on 10mbit i can ping at 2ms, and a server on 100mbit that i ping at 80ms
<Deeps> the 10mbit server's in the same building, the 100mbit server's in another country
<Mal3ko> Deeps: how do i check if hard disk having problem to cope with those game servers?
<Deeps> iostat
<Mal3ko> then look for what details..
<Deeps> watch the output on there while your gameserver's being utilised
<hads> iotop is kind of neat too
<Deeps> if there's much iowait
<Mal3ko> thanks..
<jmedina> or you can use simple top
<jmedina> look for the "wa"
<jmedina> the details using iostat, I dont know about iotop
<Mal3ko> it's currently 0.1%wa
<Mal3ko> so which value means it's not doing good?
<Mal3ko> >1.00?
<jmedina> :O, iotop looks good
<lukehasnoname> Are meeting minutes up for the 12/16 meeting?
<luis__> jmedina estoy instalando un server para aprender me pide que paquetes quiero instalar cual me aconcejas
<luis__> soy nuevo
<luis__> EN ESTO
<luis__> en esto
<luis__> jmedina puede ser esto solo OpenSSH server?
<Deeps> luis__: ingles aqui, espaniol en #ubuntu-es
<luis__> ok
<axisys> how do I install ubuntu using a ftp server?
<Mal3ko> Deeps
<Mal3ko> "If you have a high percentage of CPU time idle while itâs waiting on disk I/O, thatâs a good indicator that you have an I/O bottleneck"
<Mal3ko> what does that means?
<Mal3ko> http://72.14.235.132/search?q=cache:vVkt8GBfJqAJ:www.linux-mag.com/id/2001+iostat&hl=en&ct=clnk&cd=20&gl=my&client=firefox-a
<hads> Umm, pretty much what it says.
<Mal3ko> yeh but i dont understand "..while itâs waiting on disk I/O"
<Mal3ko> could you give some examples of bad iostats reading?
<hads> I'm not overly familiar with iostat myself so not off the top of my head no.
<Mal3ko> hmm
<ball> Is Ubuntu Server a sensible choice for compute nodes in a cluster?
<Deeps> Mal3ko: not to be rude, but the output of iostat is largely self explanitory. only tip necessary is it's best run as `iostat 1`; the rest is covered more concisely in `man iostat`
<axisys> i just installed lamp.. how to do I switch apache to https?
<axisys> is there a apt-get way to do it.. or do I have to do it old style
<axisys> use openssl to create a cert and then point to the cert.. change port to 443.. all those details
<axisys> how do I get /lib/cpp ? I am failing to make an app
<axisys> is it part of some build essential?
<axisys> i search for build in apt-cache.. too many hits
<axisys> build-essential !! found it
<miguel1234> alguien que hable espaÃ±ol?
<ScottK> Try #ubuntu-es
<axisys> i am just using stunnel -> apache2 .. easier that way I think
<miguel1234> helpme all spammmmmmmmmmm
<miguel1234> X_X
<tjaalton> soren: mind if I upload a new multipath-tools to fix bugs 306723 and 307032?
<uvirtbot> Launchpad bug 306723 in multipath-tools "udev breaks compatibility with multipath" [Medium,Confirmed] https://launchpad.net/bugs/306723
<uvirtbot> Launchpad bug 307032 in multipath-tools "multipath fails to gather device information" [Undecided,New] https://launchpad.net/bugs/307032
<qwyeth> Hello all; I'm running Ubuntu server 8.10 and I have some remote users.  I would like to force them to change password on login.  I have done this using chage -d 0 <user>, and it works when logging in locally, however when ssh'ing in to the user with expired password, it announces that the password must be changed immediately, but then drops the connection.  I have extensively googled the problem and read man pages for chage, sshd, 
<qwyeth> ?
<uvirtbot> New bug: #309632 in logwatch (universe) "Unrecognised lines in dpkg output" [Undecided,New] https://launchpad.net/bugs/309632
<AlexC_> g'morning Earthlings
<AlexC_> got a DNS issue with a domain, the MX records are not changing (from what I can see) and was wondering if someone could help poke it to find out what the issue is. The domain name is 'nandemofoto.com' and the MX records should be 'smtp.secureserver.net' and 'mailstore1.secureserver.net'
<AlexC_> they were changed a few days ago, yet no change. I'm having to do this through Plesk (not my choice) and can't get at the bind files manually
<ScottK> AlexC_: How is the related to Ubuntu Server (I'm not clear on that)?
<AlexC_> ScottK, I've normally come in here for general server help, no one has ever had any issues
<ScottK> OK.  If there's an Ubuntu server in there somewhere, I'm sure it's fine.
<AlexC_> yes, it's running on it =)
<ScottK> In this particular case, I suspect you need to bitch at 1and1 to get it fixed.
<Psi-Jack> Here's a curious question. Is NetworkManager, even wise, to use on a server box, even if it's just a testbed development server running X11?
<sommer> Psi-Jack: wouldn't think you'd have any issues
 * Psi-Jack nods.
<Psi-Jack> I wouldn't either, but curiously, NetworkManager doesn't seem to "reload" or at least restart servers when networks come offline and go online.
<Psi-Jack> Which would be.. Kinda useful. ;)
<bshak1> I have my server set up with Apache and www.dyndns.com.  My site works internally as well as on external networks.  However, when I use www or http in front of the site name, it won't load.  What is wrong and how do I fix it?
<thefish> bshak1: you probably need to add a "www" host record (or A record) for it
<ScottK> Or even a cname.
<thefish> or a cname even better :)
<sysdoc> Hey guys, does anyone know if there is a package that is similar to cpanel on sourceforge or elsewhere, that plays well with ubuntu?
<Deeps> !ebox | sysdoc
<ubottu> sysdoc: ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<jmedina> sysdoc: gplhost
<Deeps> that maybe?
<jmedina> I like gpl host for web hosting, it manages partners y domain accounts, with 3 privileges level,
<jmedina> it has not all the features as cpanel, but it works
<Deeps> sounds good
<Deeps> and open sauce! can add features if necessary
<jmedina> and gplhost works good with debian, dont remember if they releases a repository for ubuntu, but should workd
<jmedina> Deeps: yeap and xen compatible
<jmedina> XD
<jmedina> in fact the software is called DTC
<Deeps> ah safe, they're using it in production too
<Deeps> threw me at first when i hit gplhost.com
<jmedina> I already use it in produccion for customer hosting
<sysdoc> Deeps, thanks
<sysdoc> jmedina, thanks
<sysdoc> Appreciate the input guys..
<Deeps> jmedina: i meant that they (The devs) are, means it's gonna be better supported as they too have real clients with real needs
<nemoego> When setting up bind9, authoritative zones work as expected, but the server is not recursing with default . zone settings.  Dig returns status: SERVFAIL  Any Ideas?
<uvirtbot> New bug: #309816 in dovecot (main) "Include logrotate configuration" [Undecided,New] https://launchpad.net/bugs/309816
<jmedina> nemoego: bind 9 doesnt need the "." zone anymore, it is hard coded
<nemoego> jmedina: k, i'll try that
<nemoego> jmedina: still getting servfail
<jmedina> nemoego: are you the same from yesterday?
<nemoego> yep, it's me.  I got authoritative zones working, still having trouble with recursion
<jmedina> nemoego: did you modified something in named.conf.options?
<nemoego> i added addresses for forwarders
<jmedina> nemoego: do you have apparmor enabled?
<nemoego> is it enabled by default?
<jmedina> nemoego: dont remember
<nemoego> stopped apparmor, sno change
<nemoego> *no
<jmedina> did you restart bind9?
<nemoego> yeha
<jmedina> can you pastebin your configs?
<jmedina> without comments
<jmedina> what about named-checkconf?
<nemoego> is named-checkconf supposed to give me some useful output?
<nemoego> http://pastebin.com/m42f14d92
<nemoego> jmedina: installation of package resolvconf fixed problem, thanks for the help
<tonyyarusso> I'm looking for a way to store my address book and task list on a central server, such that Evolution will be in sync all the time on multiple machines.  Is LDAP the appropriate solution for this?
<uvirtbot> New bug: #304907 in mysql-dfsg-5.0 (main) "File conflict between mysql-client-5.0 and mysql-server-5.0" [Undecided,Confirmed] https://launchpad.net/bugs/304907
#ubuntu-server 2008-12-20
<m1r> evening
<petafile> I've got a fakeraid issue.  When I'm installing (I''m using the desktop alternate CD, but they told me to ask here)  but when I got to resize the existing ntfs partition on the volumne, it says the device doesn't have a valid ntfs.  Any thoughts?  Vista exists already, and I want to dual boot
<ScottK> petafile: What release are you installing?
<petafile> 8.10
<petafile> I put up a post on ubuntuforums, so It would prbably be good to answer it there to help anyone else with the same issue
<ball> hello XFCEntral
<XFCEntral> hello ball!
 * genii sips
<lwizardl> hi
<lwizardl> I need some help with setting a hostname it always ends up with servername.gateway.2wire.net and fails loading in a browser
<ball> lwizardl: do you own an fqdm?
<lwizardl> ?
<lwizardl> full domain name?
<XFCEntral> fully qualified domain name
<lwizardl> yes but not going to be use on this server
<lwizardl> I'm trying to setup a test script server only
<lwizardl> so only viewable on network (intranet)
<ball> lwizardl: what kind of machines are you trying to connect to that server?
<lwizardl> just ubuntu with a web browser, and a sftp
<ball> Oh okay.
<ball> I'd just stick your server, with its IP address in each host's /etc/hosts file then.
<XFCEntral> cat /etc/hostname    what does that output?
<lwizardl> I plan to have the server as a lamp,
<lwizardl> it displays the servername.gateway.2wire.net
<XFCEntral> change that to your desired hostname, then /etc/init.d/hostname.sh start
<genii> Looks like your upstream appends it's own domain
<lwizardl> can the hostname be like name@192.168.1.X
<XFCEntral> im sorry, let me clarify--change your hostname, then issue "/etc/. . ." as a command
<lwizardl> ?
<XFCEntral> 'name' being the servers name or a user name?
<lwizardl> servername
<XFCEntral> youd like to visit name@192.168.1.X in a browser in that format?
<XFCEntral> on one of the other machines
<XFCEntral> in /etc/hostname you can simply put in the name without the IP
<XFCEntral> example: "ubuntu-server"
<ball> XFCEntral: would that resort to DNS then?
<XFCEntral> i would prefer to put that in /etc/hosts on the remote machine in question, along with the static IP
<lwizardl> XFCEntral: thats what i was trying to do before. type http://servername/ in firefox
<ball> oh, hostname.
<lwizardl> but i always got an error
<ball> ...I was thinking of /etc/hosts
<ball> lwizardl: yeah, that works for me.
<XFCEntral> ball: yeah, i was talking about the file where you declare your hostname in Debian systems
<lwizardl> i'm going to ssh into the box and see whats up
<XFCEntral> "...hostname"
<XFCEntral> lwizardl: on the laptop i use to connect to my machines, i simply name them all in /etc/hosts with their corresponding static IPs. then my browser and SSH understands them by name, for example
<lwizardl> ok seems apache2 is failing to load now
<genii> probably needs the change in ports.conf to reflect
<genii> or alias definitions, etc
<ball> I second XFCEntral's suggestion
<XFCEntral> ball: thanks, seems to work for me since ive only got a handful of machines to worry about and its only for testing, like in lwizardl's case
 * ball nods
<ball> Same here, with my small LAN
<lwizardl> ok but when i get to the that spot i type in the servername i want i'll use "WS1" for this example
<lwizardl> when i get to a spot in the configure it auto has WS1.gateway.2wire.net in the box
<lwizardl> i'm following this http://www.howtoforge.com/perfect-server-ubuntu-8.10
<ball> lwizardl: configure?  Just use a text editor
<lwizardl> on that link i just posted page 2 top is where i set it as WS1
<ball> Today must be national "not listening day" or something.  I've got threads going on in three channels where the person just plain isn't listening to what they're told.
<XFCEntral> hehe
<XFCEntral> lwizardl: you mean you specified your hostname as "WS1" at install?
<lwizardl> yes
<XFCEntral> well, really if you want to access it at the name "ws1" from a different computer, try editing the file /etc/hosts in the OTHER computer, so it will recognize your server by its new name
<lwizardl> and then during the rest of the install it seems to auto become WS1.gateway.2wire.net by itself
<dnyy> 'elo
<XFCEntral> that may be a different way to refer to it, but the hostname for the machine is in there--WS1
<lwizardl> i'm going to try and reinstall the ubuntu server os and when it gets back to that spot i'll post the info here
<XFCEntral> really what youd like to have happen is for a remote machine to connect to WS1 using the name WS1, correct?
<ball> http://ws1/
<ball> (works for me).
<lwizardl> ball: yeah thats fine for me
<XFCEntral> ball: yes, that. thanks haha
<dnyy> I want to install ubuntu server on my laptop, but the ethernet is messed up.  could i install the os, transfer the b43-fwcutter.deb file to it from a usb stick, then install and my wireless works?  or is there more to it than that?
<lwizardl> so i'm starting the install again now so I'll be about 20 mins roughly before i start posting stuff
<ball> why are you reinstalling?!
<lwizardl> its and older compaq ipaq 550mhz 256mb ram 8gb hdd terminal
<XFCEntral> lwizardl: what changes are you trying to wipe out by reinstalling all together?
<ball> I'm running Xubuntu on a 550 MHz Pentium III with 512 Mbytes RAM
<lwizardl> XFCEntral: trying to figure out where it starts to get the 2wire.net thing
<XFCEntral> is that your ISP?
<lwizardl> yeah
<jmarsden> lwizardl: Most likely it gets it from a DHCP request to the ISP.
<lwizardl> AT&T U-Verse with a 2wire modem/router
<XFCEntral> i see. and you would like your hostname on that machine to _not_ have 2wire.net in it?
<lwizardl> yes
<jmarsden> So DHCP is coming from the router... can you get into the router and configure its DHCP server?
<lwizardl> somethings yeah i think so
<lwizardl> but a few things are blocked
<XFCEntral> lwizardl: have you tried changing it in the file "/etc/hostname" ? if you change the text contained in that file, it will reflect the new hostname of your machine
<lwizardl> ok the hostname i set was "WS1" nothing else and nows its installing the base system @ 6%
<ball> I want to set up a separate LAN for experimentation with Ubuntu server, but that'll have to wait until after Christmas
<ball> ...hopefully I'll get some 1m patch cables.
<XFCEntral> ball: ive got LAN to my ubuntu server and a switch after it, and ive connected to that a couple edubuntu thin clients. its pretty cool
<lwizardl> ball: well i'm learning PHP and MySQL so i want a server i can learn on without some script kiddie terrorizing my server from SQL injections becuase of my learning code
<jmarsden> lwizardl: Two options; (a) configure the LAN connection as static this time, to avoid the hostname info coming from the router; (b) edit the router DHCP configs to give out the name/domain you want.
<lwizardl> jmarsden ok well i hope to post the stuff as i go and get this working
<ball> XFCEntral: I'll probably add another NIC to the Ubuntu Server box
<lwizardl> i have done this before as a online server using my real domain name but i don't want this machine accessable outside the network
<lwizardl> bbiaf
<ball> (one for connection to the general LAN (and via that the Internet), one for connection to client hardware.
<XFCEntral> ball: its fun stuff! and you have a nice, isolated client-server setup
<XFCEntral> thats my christmas break project
<jmarsden> lwizardl: Unless you have explicitly deliberately opened ports in the router, it won't be accessible from the outside.  No matter what you name it.
<ball> I see enough php at work
<ball> ...and I've discovered that I don't like weakly-typed languages.
<ball> ...or my employer.
<XFCEntral> ball: haha. and perl ftw ;)
<jmarsden> ball: So you now write all web apps in Algol68?
<ball> I wish!
<ball> I like Algol
<ball> ...and Pascal
<ball> I should probably learn Oberon
<ball> ...especially now the semester's over.
<jmarsden> Free Algol69 compiler...  http://www.xs4all.nl/~jmvdveer/algol.html    have fun :)
<jmarsden> *Algol68
 * ball nods
<ball> I have one
 * jmarsden thinks... my Algol68 class was in... 1982, I think!
<ball> I miss being able to run Oberon as a client OS
<tonyyarusso> I'm looking for a way to store my address book and task list on a central server, such that Evolution will be in sync all the time on multiple machines.  Is LDAP the appropriate solution for this?
<XFCEntral> LDAP should take care of the contact list
<ball> Oh yeah, I need to find some Palm software for Linux too.
<tonyyarusso> XFCEntral: Is it totally overkill for a single user though?
<XFCEntral> ball: the website for access has some new developer resources. looking for an emulator?
<tonyyarusso> It looks like the tasks can be saved too, through a webcal:// address, which I don't entirely understand, but is promising.
<XFCEntral> tonyyarusso: i would lean towards yes, but if you have multiple machines and really want to share the same address book, you sure could give it a go. might be a nice exercise, the way id see it
<ball> XFCEntral: just something I can type notes and perhaps calendar events into and then sync that against the physical PDA
<XFCEntral> ball: i have gnome-pilot to handle sync and configuration, and it works well with Evolution
<tonyyarusso> XFCEntral: That's a fair point.  I am looking to do system administration for a living, so LDAP would be a good thing to know.
<XFCEntral> for both my T|X and Centro, but i only sync the Centro now
<ball> I won't know what Evolution is.
<XFCEntral> tonyyarusso: you and i are like-minded then :)
<jmarsden> ball: You could try running Native Oberon in a VM?  networking would probably need hacking, but the rest might even work?
<tonyyarusso> XFCEntral: Do you know offhand of any web client type things that I could set up for accessing it away from home too?
<XFCEntral> ball: its the big PIM for email, contacts, tasks, memos that comes with GNOME installations of Ubuntu, and Fedora. its a Novell app. you might find its a lot like the Palm OS PIM desktop software
<ball> jmarsden: I don't have a machine powerful enough for virtual machines.
<TimReichhart> hi guys could anybody help me set up SSL certs for my domains
<jmarsden> OK... well, try Native Oberon ... natively on a spare older PC...?
<TimReichhart> i got 2 domains i need SSL on
<TimReichhart> both are using vitural hosting
<ball> jmarsden: that's an option.
<ball> I used to have a Native Oberon partition, but that fell by the wayside.
<XFCEntral> tonyyarusso: if you want to access that central server, you will probably need to first assign it a static private address "192.168.1... etc" and then configure your router to forward port 22 to that machines address. if you, from a remote location, ssh to your home's internet-facing IP it should forward to the machine. using SSH you can do all your maintenance. am i right everyone? dont want to give out false info
<tonyyarusso> I suppose egroupware would work.  Again, overkill, but hey.
<jmarsden> TimReichhart: There are many web pages describing that.  One is at http://www.tc.umn.edu/~brams006/selfsign.html
<tonyyarusso> XFCEntral: The LDAP server will run on a VPS in a remote datacenter, with both a static IP and a domain name.  (Linode-hosted)
<TimReichhart> but my question is how would I do it for 2 different domains with virtual hosting?
<tonyyarusso> XFCEntral: I'm basically just looking for a nice way to look up an e-mail address in a web browser in addition to Evo's access.
<XFCEntral> tonyyarusso: im sorry, i misunderstood what you asked before :( heh
<jmarsden> TimReichhart: You need 2IPs , or you can run SSL for one of them on a non-standard port.
<TimReichhart> ok how would i do that jmarsden?
<XFCEntral> tonyyarusso: so you'd like a web client to browse the LDAP list?
<jmarsden> Do which?  You ask your provider for a second public Ip on the sever you are using...!
<TimReichhart> bc the domain names are working just right because I am using OScommerce on both of my sites
<TimReichhart> I cant do that I would have to get a second line ran and its going to cost me $$$ for second line
<tonyyarusso> XFCEntral: Correct.  It looks like egroupware would actually be the way to go, from what I can see in apt-cache.
<TimReichhart> I got FTTH
<jmarsden> No, you can have multiple IP addresses on on connection ;)
<TimReichhart> not with my ISP told me
<XFCEntral> tonyyarusso: theres also phpLDAPadmin, but if egroupware fits the bill, by all means
<jmarsden> It's a business FIOS setup or similar, right?
<TimReichhart> no I dont have FIOS
<TimReichhart> its FTTH
<ball> nice
<TimReichhart> with one line coming from outside box coming into my apt
<tonyyarusso> I've been meaning to ask about that too jmarsden - whenever I activate more than one NIC on my machine it seems to start being unreliable connection-wise.  I know I could set them up as bonded, with on IP over multiple interfaces, but I thought they'd be smart enough to work as is.
<jmarsden> One fiver can carry many many many IP addresses, your provider is misbehaving.
<TimReichhart> and plus im behind a router
<jmarsden> tonyyarusso: Multiple NICs on the same subnet?  Bad idea.  Multipel NICs, each on a separate subnet, works fine.
<jmarsden> TimReichhart: Yes, the router can route multiple IPs too, if it is a decent router... that is what routers do, they route.
<lwizardl> ok server finished installing
<TimReichhart> well im getting ready to install smoothwall
<tonyyarusso> jmarsden: ah, I see.  Yeah, the long-term goal was to use them for practicing routing stuff, but for the moment I thought I'd use it just for faster transfers.
<TimReichhart> for my router
<TimReichhart> but as of right now i am using a linksys wired router
<lwizardl> i didn't select anything from the installer menu i'm going to do that all my terminal
<jmarsden> TimReichhart: But If you really want to use a non-standard port, you can just hack on the apache config for one of the virthosts and adda a Listen 444 directove or whatever so your httpd listens on another port
<TimReichhart> can you please show me how to do that jmarsden
<jmarsden> It's your server, you need to know enough about it not to just copy commadns I throw at you into a config file... have you ever lokekd at and edited an Apache config file before?
<TimReichhart> no i have not
<TimReichhart> i just know how to do virtual hosting and installing and updating the server
<jmarsden> So how did you create the virtual hosts?  You had to add VirtualHost directives toyour apache config, right?
<TimReichhart> i used webmin to do the virtual setup
<jmarsden> OK.  You will need to read /etc/apache2/apache2.conf and related files under there...
<jmarsden> Documentation is under http://httpd.apache.org/docs/2.2/ and also in the apache2-doc Ubuntu package .
<jmarsden> Webmin is a ncie timesaver, but no substitute for understanding what is happening underneath.
<TimReichhart> true
<TimReichhart> so I would have to add it to the ports then correct
<TimReichhart> from what I was reading from apache confg
<TimReichhart> i already got the ports listed as 443,444
<TimReichhart> could i do this https://secure.domain1.com:444 or not
<jmarsden> Once you haev read the docs and the config files a bit, you'll see that you can use a Listen 444 directive to start listening on that port.
<TimReichhart> or can i just have to https://secure.domain.com then it will listen on 444
<jmarsden> Then you can edit the virtual host stuff for one of your virtual hosts (probably under /etc/apache2/sites-enabled/ on Ubuntu) to use 444 rather than 443.
<jmarsden> No, https://example.com  would go to 443, you need to use https://example.com:444 to go there.
<jmarsden> Sorry, that's what you said...
<TimReichhart> there is probley no way to hide that https://domain.com:444
<lwizardl>  /clear
<jmarsden> Well... get a second static IP and use port 443 :-)
<TimReichhart> ok
<TimReichhart> thanks for your help
<lwizardl> ok doing the updates on the machine after enabling the new sources and then i'm going to install the ssh and openssh-server and then its time to start back on the server configure
<jmarsden> TimReichhart: No problem.
<ball> Hmm... that's a difference between this desktop and the one on the console: the console has the "update" button
<lwizardl> ok question
<ball> fire away
<lwizardl> when setting a static ip in the interfaces file whats the network one for?
<lwizardl> the example i have is 192.168.0.0
 * ball raises an eyebrow
<ball> in what context?
<ball> oh, interfaces file
<lwizardl>         address 192.168.0.100
<lwizardl>         netmask 255.255.255.0
<lwizardl>         network 192.168.0.0
<lwizardl>         broadcast 192.168.0.255
<lwizardl>         gateway 192.168.0.1
<ball> let me check
<XFCEntral> ball: he's setting his eth0 interface configuration
<lwizardl> XFCEntral: yes
<ball> that's a bit strange
<XFCEntral> lwizardl: whats your IP range? 192.168.1.X?
<lwizardl> thats what the guide has for his example
<lwizardl> XFCEntral: yes
<XFCEntral> i believe you will use 192.168.1.0 then
<lwizardl> 192.168.1.2-255 iirc
<XFCEntral> ball: would that be right in his case?
<ball> Sounds reasonable, with a netmask of 255.255.255.0
<lwizardl> yeah thats what i have
<XFCEntral> ball: mhm
<lwizardl> and my gateway set but just wasn't sure on the network
<XFCEntral> lwizardl: 192.168.1.1
<ball> most likely.
<XFCEntral> yes
<ball> Well, it's my bed time, but I want to stay up and talk about networking
<XFCEntral> ball: dont blame ya
<ball> Oh, there's ##net too btw.
<ball> fork's stopped coughing... I need to just check that she's still breathing.
<lwizardl> ok seems that works i can ping my real colo server from this box so network is working with new settings
<XFCEntral> lwizardl: thats good news
<lwizardl> ok in my hosts file it gae it the 2wire.net thing again
<ball> That reminds me, I need to tell my router about cumine's MAC address
<lwizardl> so i can just remove that and leave my servername?
<XFCEntral> lwizardl: you can replace that with the name you would like instead
<lwizardl> ok because currently i have this
<lwizardl> 192.168.1.180     WS1.gateway.2wire.net     WS1
<XFCEntral> that looks alright to me
<lwizardl> so I would make it 192.168.1.180     WS1     WS1
<lwizardl> ?
<XFCEntral> similar to the example on howtoforge
<lwizardl> right but that guide lists server1.example.com which this server won't have a true domainname
<XFCEntral> my server's hosts file looks like that
<XFCEntral> ubuntu-server.mylitestream.com        ubuntu-server
<lwizardl> so would WS1.localhost work?
<ball> No
<ball> that's just silly.
<XFCEntral> you could say localhost, if youre on that machine
<XFCEntral> but not both
<lwizardl> ok because I want to access it from any machine on the network from like http://WS1/
<XFCEntral> lwizardl: let me ask you this, where would you like to type this name, in order to access the server. whats the issue?
<XFCEntral> oh okay
<XFCEntral> well in order to do so, on your REMOTE machine not WS1, you could add 192.168.1.180     WS1             to the /etc/hosts file on that machine
<ball> Didn't I suggest that an hour ago?
<XFCEntral> the issue is not so much the /etc/hosts file of the WS1 machine, but the others
<XFCEntral> ball:yes... trying. haha
<lwizardl> i plan to have this mainly for testing if my php scripts work without worrying about sql injectors while i'm learning PHP and MySQL
<lwizardl> ok
 * ball nods
<XFCEntral> lwizardl: yes, but if you would like to access that server from another computer, you must change its hosts file too
<lwizardl> so then i can leave the server as WS1.gateway.2wire.net
<ball> I use php against DB2
<ball> Would prefer to learn a new language and perhaps ProgresSql
<XFCEntral> lwizardl: your /etc/hosts file is OK on WS1. nothing wrong. you will need to add the IP and name you want, in OTHER /etc/hosts files. this way, they can know what you mean when you direct your browser to http://ws1/
<TimReichhart> ok jmarsden from what this guy was telling me on StartSSL you can do multiple ssl's on 1 ip: http://forum.startcom.org/viewtopic.php?f=15&t=1534&sid=46ad87363a9ab93c018020c2650c319d
<lwizardl> XFCEntral: ok so any machine i want to see that server i need to add the setting to their hostfile
<XFCEntral> lwizardl: if you wish to use the name http://ws1/ instead of typing out http://192.168.1.180
<jmarsden> TimReichhart: Looks like they are building some weird certificate that has both hostnames in it... which sounds liek it might work, but I have no idea how to create such certificates using openssl on Ubuntu.
<lwizardl> ok the static ip is also ok
<XFCEntral> lwizardl: yes, your static IP setup seems to work perfectly
<TimReichhart> then it looks like I am going to have hire this person to it for me
<ball> Can't focus... going to bed
<jmarsden> TimReichhart:  You could.  This approach may also be hard to scale.. how do you add a 3rd virtual host, for example... and a 4th... etc.
<XFCEntral> ball: take care
<ball> You too.
<TimReichhart> but jmarsden how would that work?
<jmarsden> TimReichhart: I don't know.  The answer I gave you is the one I learned when I aksed your questions a few years ago, and I use multiple non-standard ports myself on servers I admin.  The way they scribe is new to me, so I can't really say how it works.
<TimReichhart> k
<lwizardl> how do i clear my rsa keys file
<jmarsden> lwizardl: edit it with a text editor and delete the lines you don't want, usually.
<lwizardl> ok where the file at?
<jmarsden> Which file are you talking about?  I was thinking of ~/.ssh/known_hosts
<jmarsden> Butyou also have RSA host keys, or could have, on a server, under /etc/ssh/
<lwizardl> thanks
<jmarsden> No problem.
<XFCEntral> lwizardl: should be /etc/ssh/ssh_host_rsa_key
<XFCEntral> sound right to you, jmarsden?
<jmarsden> XFCEntral: That is an RSA key file, one key.  He asked for am rsa *keys* file, plural...
<jmarsden> So it could be that one or it could be ~/ssh/known_hosts
<lwizardl> yeah its was the known hosts
 * jmarsden is glad he spotted that trailing 's' ;)
<XFCEntral> jmarsden: sorry about that...
<jmarsden> No worries.
<TimReichhart> so jmarsden if i do that non standard port would I get any errors or not
<jmarsden> You shouldn't see any errors, if you configure everything right, and if the customer is willing to use https://example.com:444 type URLs.
<TimReichhart> that is my main thought right now
<TimReichhart> well I know when you setup the OScommerce it ask for the https address
<jmarsden> I do it that way and have for some time.  No known errors caused by the multiple port approach.
<TimReichhart> bc i was thinking about doing this https://secure.cbcperformance.net:444
<jmarsden> You might have to tweak any web apps you use... again, this comes back to knowing what is going on underneath and not relying on nice pretty GUIs to do your setup and configuration for you :)
<TimReichhart> can i make a subdomain secure?
<jmarsden> Yes, just like another other FQDN.
<jmarsden> You could secure a site called https://a.b.c.d.e.f.g.sily.example.net if you wanted to have sub-sub-sub... domains :)
<TimReichhart> see right now I got the wildcard or I should say *
<TimReichhart> all my virtual host is set up as vitrual host *
<TimReichhart> i mean like this <VirtualHost *:80>
<jmarsden> RIght.  So for one you now need <VirtualHost *:443>  and for the other you need <VirtualHost *:444>
<TimReichhart> alright
<TimReichhart> would I put that information in the same area as my config for port 80
<jmarsden> Probably not, on Ubuntu, it beraks up the httpd config stuff into multiple files.
<TimReichhart> so i cant have it into my jbodyconnection.com.conf setup then
<jmarsden> The per-virtualhost stuff seems to go under /etc/apache2/sites-enabled/ and the per-server gloabl stuff is /etc/apache2/apache2.conf I think.
<jmarsden> You put a config line saying    "Port 80"  into a virtuahost?
<jmarsden> That would be odd, to me at least.
<TimReichhart> here is how i got my virtual host setup <VirtualHost *:80>
<TimReichhart> ServerName jbodyconnection.com
<TimReichhart> DocumentRoot /var/www/jbodyconnection/cart/catalog
<TimReichhart> </VirtualHost>  under /etc/apache2/sites-available/jbodyconnection.com.conf
<jmarsden> You can put the SSL vhost stuff in the same file as another related non-SSL vhost, sure
<jmarsden> Sure, you can add another whole chunk of <VirtualHost *:444> ... stuff ... </VirtualHost? in that file.
<TimReichhart> ok just making sure
<jmarsden> I need to go to bed... but I think you're on your way... have fun :)
<TimReichhart> thanks jmarsden
<jmarsden> No problem.
<TimReichhart> anybody know how to setup the vpn server on ubuntu
<selinuxium> hi there everyone. I has installed LAMP on my laptop to test, i can see apache running as www-data via  ps -aef|grep apache. I wouldlike to add my user to the ww-data group but I cannot see it in the Users and Groups GUI... Is this normal?
<Nafallo> yes. you are not supposed to add users to that group.
<selinuxium> hi Nafallo,  what would be the right way of editting files in the www folder??
<Nafallo> I added a group for that, chgrp -R on the folders needed and chmod -R g+w and added my users to that group.
<Nafallo> not sure if it's correct, but that's how I did it.
<Kamping_Kaiser> super user typically. users can use their public_html if they want easy to edit sites
<selinuxium> ok, i think I get it.. previously I believe I added myself to the www-data group...
 * delcoyote hi
<uvirtbot> New bug: #309945 in open-iscsi (main) "[jaunty, intrepid] Hard system freeze using open-iscsi" [Undecided,New] https://launchpad.net/bugs/309945
<uvirtbot> New bug: #309992 in dhcp3 (main) "Japanese manual-pages placed in wrong package" [Undecided,New] https://launchpad.net/bugs/309992
<axisys> how do I get ipmitool to work? I get this http://pastebin.com/f5aea744d
<uvirtbot> New bug: #310019 in mysql-dfsg-5.0 (main) "package mysql-server None [modified: /var/lib/dpkg/info/mysql-server.list] failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/310019
<selinuxium> hi all   o/
<zxq> o/
<selinuxium> question about mod_rewrite... I have installed LAMP and enabled mod_rewrite but i have a virtual host doc root as /home/user/Desktop/www/site and the site cannot see that mod_rewrite is available, even though a phpinfo() shows it available from the site root...  Any ideas?
<zxq> wish i could help you out with that... bit of a newbie here. Wish you luck though.
<ClaesBas> I found the problem! vmbuilder don't handle building partions mounted above other! for ex. /var and /var/log as separate partions .....
<ClaesBas> Ooops wrong channel.... (I've got to go to bed now....)
<zxq> lol
#ubuntu-server 2008-12-21
<philsf> if I update the lvm2 package, do I need to reboot (I'm using LVM volumes)?
<jshock> anyone alive in here?
<jshock> i'm looking for help with a maildir problem ubuntu server 8.10
<pixelmonkey> I would like to switch an old server running Debian over to Ubuntu Server.  I think this is a somewhat significant migration, as it will involve configurations for e-mail, web, DNS, databases, etc., and obviously the versions of all this software will be different.  I was thinking about testing by setting up a local installation of Ubuntu Server under a VM and piecemeal migrating configuration from my Debian server until I get somethi
<pixelmonkey> ng that matches and that I can use as a 'drop-in' replacement.  Has anyone ever done something like this?  Any tips?
<fir3horn> I'm trying to set up awstats. I've gotten it all set up, but when I go to access it in my browser, it just has me download the file. I've got perl installed, so I'm at a loss.
<fir3horn> What could be the cause of that issue?
<ball> What URL are you using to access it?
<fir3horn> I'm using the domain name. I've got it set up so if I go to /awstats/awstats.pl, it should bring it up.
<ball> Have you told your httpd to interpret perl?
<ball> (is there a Perl plug-in module for it?
<ball> )
<fir3horn> I'm unsure. I don't believe I have.
<ball> Well, there you go then.
<fir3horn> Thank you!
<ball> Poor thing's not psychic
<fir3horn> lol.
<yaris123456789> hey guys i have created my own nameserver on my VPS using cpanel. i want to link www.mycooldomain.com to my new VPS server. what to do ?
<ball> talk to your domain name provider
<yaris123456789> well i have added the nameservers with registrar, still www.mycooldomain.com is pointing to the old server not the new VPS
<ball> Where do your DNS records live?
<yaris123456789> i dont know what does that mean
<ball> yaris123456789: if you want to run your own name server, you need to find that out.
<ball> ...or pay someone to look after it for you.  Perhaps both.
<yaris123456789> i would pay
<yaris123456789> right now
<yaris123456789> if someone could move all of the stuff from my old server to the new
<ball> okay, that's the quick way to do it then.
<ball> Talk to the people who sold you your domain name.  They may be able to host your DNS records
<ball> ...you probably won't need a name server on your VPS account.
<yaris123456789> than which nameserver shall i sue
<yaris123456789> uae
<yaris123456789> use
<yaris123456789> my host did not provide any nameservers
<yaris123456789> it said i had to use my own
<ball> You'll have to find another company to pay then... perhaps your ISP
<yaris123456789> wait i dont think u get what i mean
<yaris123456789> i have created a few nameservers, say ns1.mine.net, where mine.net is the domain name i own.
<yaris123456789> now i want to link, www.somethingcool.com to my vps box, what to do ?
<ball> yaris123456789: see above.
<fbc> I try to renice -19 apache2 but when I run top it still shows a nice of 0.  how do I do it right?
<Kevin_> Hi. Is anyone familiar with Apache mod_rewrite and permalinks in Wordpress??
<Kevin_> Anyone??
<ScottK> !weekend
<ubottu> It's a weekend.  Often on weekends, the paid developers, and a lot of the community, may not be around to answer your question.  Please be patient, wait longer than you normally would, or try again during the working week.
<Tim__Reichhart> can somebody tell me why I am getting the SSL :(Error code: sec_error_expired_issuer_certificate)
<hads> Without some context probably not. Sounds like an expired certificate.
<Tim__Reichhart> so how do I get it redued?
<hads> Not a lot of idea what you're talking about. If you want to renew a certificate you need to talk to an issuer.
<Tim__Reichhart> its on my server
<Tim__Reichhart> and I was the one who setup the SSL
<robinj> I'm  a noob at Cron and I've got a question. what is wrong with this line ->  http://dpaste.com/101198/ ?
<jtaji> robinj: you are missing a field in the beginning, when do you want this to run?
<robinj> every 15 minute or so
<robinj> jtaji: sorry for answering so late, didn't see it until now
<robinj> jtaji: what field am I missing?
<jtaji> it's min hour dayofmonth month dayofweek
<jtaji> for every 15 minutes you can use */15 * * * *
<jtaji> */15 = 0,15,30,45
<jtaji> for the the minute field anyway
<robinj> jtaji: aha! what did this mean 1 * * * *?
<jtaji> every minute
<jtaji> err
<robinj> aha
<hads> 1 past every hour
<jtaji> 1 minute after the hour, every hour, every day
<robinj> aha, I see
<robinj> problem is that it don't run at all
<robinj> so that field I was missing in the beginning was the */ ?
<jtaji> you were missing one of the time fields
<jtaji> there are 5
<robinj> aha :)
<robinj> thank you!
<jtaji> * * * * * is valid for every minute
<jtaji> no prob
<robinj> this has been bugigng me for far too long :)
<robinj> *bugging
<j0nr> hello1
<j0nr> hello all again...
<j0nr> can anyone help me. I have a fresh install of 8.04 (maybe 8.10) server edition and it does not automatically connect to the network
<j0nr> i have to go in and run sudo dhclient for it to work.
<j0nr> this is a pain obviously as i want it to be a headless setup, but it also doesnt run 24hrs so i need to be able to just turn it on... then log in
<uvirtbot> New bug: #310230 in samba (main) "samba usershares rights problem" [Undecided,New] https://launchpad.net/bugs/310230
<j0nr> sorted! had to edit interfaces
<sommer> zul: I've uploaded a working version of ebox and libebox to my ppa, can you take a look when you get a chance?
<sommer> zul: https://launchpad.net/~asommer/+archive
<sommer> zul: thanks :)
<zicada> ive got an issue with disk IO. The box only has a single disk (home fileserver). Problem is, when i play a video from it over samba, it will lag if the box does any heavy IO like file copy or unrar and such.
<zicada> ive tried both the deadline and cfq schedualers
<zicada> it also hosts some web apps that will lag horribly when local IO stuff like filecopy etc is high
<zicada> anyone have any good tips on how to perhaps ionice or renice permanently ?
<zicada> or any other sort of tuning that would sort this out
<zicada> i really dont need unrar and cp/mv etc to be as fast as possible. Much nicer for apache and smb to run at higher pri
<zicada> i mean, i can ionice -c3 -p$$ the shell i use to cp / unrar etc
<zicada> but something more permanent would be nice (no pun intended :D )
<Nafallo> ehrm...
<uvirtbot> New bug: #310303 in dovecot (main) "Please merge dovecot" [Wishlist,In progress] https://launchpad.net/bugs/310303
<Nafallo> does ufw clear the firewall in the packaging scripts on intrepid?
<Nafallo> (not nat)
<Nafallo> ARGH postrm
<uvirtbot> New bug: #309978 in samba (main) "package update-manager 1:0.93.34 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1) (dup-of: 293539)" [Undecided,Triaged] https://launchpad.net/bugs/309978
 * Nafallo ponders giving up with ufw for this router :-P
<Nafallo> ufw can't play with FORWARD, right?
#ubuntu-server 2009-12-14
<lamont> ScottK: hey - got an example build for bug 495564?
<uvirtbot> Launchpad bug 495564 in launchpad-buildd "Depwait package fails build instead of returning to depwait if build-deps are uninstallable" [Undecided,Confirmed] https://launchpad.net/bugs/495564
<lamont> that you haven't already retried, that is....]
<ScottK> Not sure.  Let me check.
<ScottK> lamont: Maybe https://launchpad.net/ubuntu/+source/kdeutils/4:4.3.80-0ubuntu1/+build/1382988
<lamont> that looks like the output we've never managed to parse, since it's missing stuff we kinda need
<ScottK> lamont: If you can improve the instrumentation to get more data, we've got another KDE upload next week.  That should produce the conditions for this.
<lamont> ScottK: the issue is that "but it is not installable" doesn't tell us _why_, or what the corrective action should be.
<ScottK> lamont: In these conditions packages used to reliably stay in depwait once they got there to begin with.  IDK what has changed recently.
<lamont> ScottK: yeah - what I need to see is what the log looks like in a build with that condition on jaunty, vs on karmic
<lamont> rather, karmic vs lucid
<lamont> hrm... hardy vs lucid, actually
<LyonJT> If i do chmod 777 {folderName} and i want all the files to have the same permissions what do i put?
<Ziber> LyonJT: -r
<Ziber> or /*
<Ziber> either: chmod -R 777 foldername/
<Ziber> or chmod 777 foldername/*
<twb> Note that you probably don't want files to be executable.
<twb> chmod -R a+rwX will make all three octets readable, writable and *maybe* executable.
<twb> The uppercase X means that executability is only applied if at least one execute bit is already set.
<twb> For example, directories and scripts will go from 755 to 777, but files will go from 644 to 666.
<LyonJT> cheers Ziber
<twb> Also note that 777 is rarely what you want -- study the meaning of the "sticky" bit for directories, and cf. the permissions on /tmp.
<ChrisRut> how secure are user's passwords on Ubuntu-Server? For example is it possible for root to see (in plaintext) the passwd of users on the system?
<qman`> no
<qman`> passwords are hashed in either md5-crypt or sha256
<ChrisRut> isn't md5 cracked (or crackable)?
<qman`> sha256 support was added and made default in jaunty
<ChrisRut> is there a way to force sha256 on Ubuntu Server 8.04 (hardy)?
<qman`> md5 is not cracked, but it is possible to brute force the hashes through rainbow tables
<qman`> no
<ChrisRut> right, thats what I meant
<qman`> it is not supported in hardy
<qman`> however
<qman`> md5 is still reasonably secure, and the hashes are only readable by root
<qman`> so you would have to have a significant compromise first
<qman`> before anyone got a shot at your shadow file
<qman`> and then they would have to brute force it with a reasonably large cluster for a few months
<qman`> providing your passwords are good
<qman`> if you have weak passwords, nothing can help you
<qman`> if you're concerned about weak passwords, I suggest you brute force it yourself with john the ripper
<ChrisRut> k, thanks for the info qman`
<twb> qman`: I thought LDAP used SHA1
<twb> At least, when using exop
<qman`> twb, I don't know about ldap, but the shadow file uses md5
<twb> qman`: I was poking re. sha256
<twb> ChrisRut: usually a rubber hose is a faster means of getting the passwords.
<twb> ChrisRut: and of course with physical access they can do whatever they want
<ChrisRut> rubberhose?
<qman`> oh, it's actually sha512, my mistake
<twb> ChrisRut: http://en.wikipedia.org/wiki/Rubber_hose_cryptanalysis
<qman`> # The "sha512" option enables salted SHA512 passwords.  Without this option,
<qman`> # the default is Unix crypt.  Prior releases used the option "md5".
<qman`> in /etc/pam.d/common-password
<ChrisRut> qman`: but that's still only for Jaunty and up right?
<qman`> ChrisRut, yes
<ChrisRut> :(
<ChrisRut> I can't wait for 8.10 (LTS), so that I can start using that.
<ChrisRut> err 10.4
<qman`> yeah, a lot of great new stuff has come out since 8.04
<qman`> definitely looking forward to lucid
<ChrisRut> my VPS host only provides LTS images, so 8.10 and up aren't available
<twb> !dist-upgrade
<ubottu> A dist-upgrade will install new dependencies for packages already installed and may remove packages if they are no longer needed. Please see !upgrade for the proper release upgrade methods.
<twb> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/getubuntu/upgrading
<ChrisRut> no, can't upgrade... using Virtualmin
<ChrisRut> Virtualmin doesn't play nice with non-LTS ubuntu
<twb> ChrisRut: sorry, I'm abusing the channel to talk to ubottu
<ChrisRut> ohh,you weren't talking to me?
<twb> ChrisRut: correct
<ChrisRut> ohh my bad
<ChrisRut> well, thx for the help qman I appreciate it.
<qman`> no problem
<Rezagrats> Is there no torrent for server 9.01 amd64 ?
<Rezagrats> 9.10*
<twb> Rezagrats: why not just do a minimal install, then use apt-bittorrent?
<Rezagrats> Twb, i was asking if there was a torrent for amd64 9.10 server edition... 'cause 30KB/s is lame.
<twb> Rezagrats: you only need to download 15MB to do the base install
<Rezagrats> For the server ?
<twb> For anything.
<Rezagrats> Link...
<twb> Hm, I suppose you'd probably need another 100MB or so over pure HTTP before you could use apt-bittorrent -- I don't think it's supported within d-i.
<twb> !mini.iso
<ubottu> The Minimal CD image is very small in size, and it downloads most packages from the Internet during installation, allowing you to select only those you want (the installer is like the one on the !Alternate CD). See https://help.ubuntu.com/community/Installation/MinimalCD
<twb> Wow, that even has normal links.  I usually just dig it out of dist/main/installer-$arch
<Rezagrats> When does 8.04's support end?
<twb> Rezagrats: different packages have different support lengths.
<Rezagrats> Right, but iirc, 8.04 was the extended support.
<twb> http://bazaar.launchpad.net/%7Enijaba/ubuntu-maintenance-check/trunk/ will tell you about individual packages.
<twb> 8.04(Hardy Heron)-Maint.til:Ubuntu->2011-04,Server->2013-04,Kubuntu->2009-10
<twb> Dunno if that extends to packages in universe.
<twb> It appears that universe doesn't get support
<twb> At least according to u-m-c
<jmarsden> twb: That's what I thought, only main is really really officially supported.
<twb> jmarsden: yeah, some cowboy tried to tell me different a while back
<uvirtbot> New bug: #496389 in dovecot (main) "package dovecot-common 1:1.1.11-0ubuntu11 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/496389
<thewrath> can someone verify that this is right and what directory taht ssl sites need to be put in? http://pastebin.com/m18516607
<qman`> thewrath, ssl sites can be placed wherever you want them
<qman`> I don't see anything wrong with that configuration off-hand, provided that the files and directories you've specified exist and there isn't an apparmor profile in the way
<thewrath> k
<thewrath> yea i have it setup that only certain directoresi are ssl
<LizardK|ng> is there anything like DVDecrypt for Ubuntu?
<thewrath> qman`: it just gives me the indexing
<qman`> I don't know what that is, but if you're looking to decrypt DVDs, libdvdread is what you want
<thewrath> even though in /var/www-ssl/html i have a index.php and /var/www-ssl i have a index.php
<qman`> thewrath, is php installed and working otherwise?
<thewrath> yes
<thewrath> it does not even list any files
<qman`> so an index.php works on another site configuration?
<qman`> because I just tested it, and it doesn't require any special permissions
<thewrath> got it working
<thewrath>  how do i set up for phpmyadmin to only work in https and not http
<fbdystang> Hi all! I have samba working on a windows network. I have some questions about samba's print server. Where can the printer be connected? A windows computer over USB, linux server, network? How can I install the printer drivers into the server (maybe CUPS)? Thanks in advance ;)
<micahg> Is there an easy way to make logcheck not report on cron entries like it used to not do?
<twb> micahg: install locheck-database?
<twb> Set your monitoring level appropriately (e.g. workstation vs. server)?
<twb> Write appropriate whitelisting entries?
<uvirtbot> New bug: #495213 in mysql-dfsg-5.1 "Server install with LAMP asks three times for MySQL password" [Undecided,New] https://launchpad.net/bugs/495213
<micahg> thanks twb, seems like I might have to edit the rules a little...
<fbdystang> How do I install an HP printer on my ubuntu server from command line? thanks
<twb> fbdystang: sensible-browser https://127.0.0.1:631/
<fbdystang> what is that? it says the connection is untrusted?
<AtomicSpark> fbdystang: it's CUPS.
<AtomicSpark> you do not have a ssl cert insatlled, so it's marked untrusted.
<AtomicSpark> view the cert, and allow it :)
<fbdystang> I already have cups installed, but it is command line, not gnome, how do I install from command line?
<AtomicSpark> fbdystang: that's cups web interface.
<AtomicSpark> You can also go to http://localhost:631/
<fbdystang> gotcha
<AtomicSpark> hidden cups magic <3
<fbdystang> NICE, that's local?
<AtomicSpark> Yes.
<AtomicSpark> To enable other computers to access the "print server" you need to edit the cups config file and allow other IP addresses.
<fbdystang> Dude, thats awesome your the man.
<fbdystang> yea, I tried that but to no avail
<AtomicSpark> If you change it, you need to reload the cups configuration.
<fbdystang> do you mean restart cups?
<AtomicSpark> sudo /etc/init.d/cups reload
<AtomicSpark> if that doesn't work, use restart instead.
<AtomicSpark> reload reloads the configs without breaking connections. tis good on production servers.
<AtomicSpark> but i'm not sure if everything supports it. most docs just tell you to restart.
<fbdystang> OH, this is just a little old pc that I loaded ubuntu server on to play around with
<AtomicSpark> if you're on a newer version of ubuntu, you can 'sudo service cups reload' instead. which is handy.
<fbdystang> not a production server
<fbdystang> yea, its 9.10
<AtomicSpark> but i belive hardy didn't have that. maybe intrepid added it.
<AtomicSpark> i actually can only get hardy installed on my proliant, which is why i'm in here. waiting for failure, so i can bug people ;)
<fbdystang> haha, nice
<AtomicSpark> right now it's being silly and not showing me the keyboard shortcut to get into the array menu because it's low on battery.
<AtomicSpark> C-m mayhaps.
<fbdystang> OK, so it is asking for a username and password, what is it?
<tele9> do you really have to give your correct name and address to an registrar as long as you pay? I understand that you don't technically own a domain if it's not your correct name, however, you could write to the registrar that your name/address changed at a later point in time and give them your real name, if it is really necessary. what do you think?
<fbdystang> AtomicSpark: you there?
<AtomicSpark> fbdystang: sort of
<AtomicSpark> tele9: depends. i'm pretty sure in the us, that would be fraud.
<AtomicSpark> tele9: a lot of domain registrars have some sort of... privacy option.
<AtomicSpark> tele9: i like nearlyfreespeech.net
<AtomicSpark> but it's a pain to pay. no automation.
<tele9> AtomicSpark: I'd be also pleased with a service that takes my real name, but doesn't publish it in a whois database. I just want to have something that prevents every idiot on this planet from seeing my private address in a WHOIS. only authorities should be able to see it, no one else.
<fbdystang> AtomicSpark: when you get a sec, i am trying to figure out how to log in with a password to CUPS. thanks
<AtomicSpark> tele9: yes, nearlyfreespeech has something like that. it costs a penny a day. i'm sure other places have a service like it.
<AtomicSpark> tele9: they basically use their info for the whois and any mail you get, they shred.
<tele9> AtomicSpark: but I don't own the domain then anymore, do I? according to ICAN, the name in the WHOIS database owns the domain.
<AtomicSpark> tele9: you really never own it.
<AtomicSpark> tele9: late on one payment, and you're screwed :(
<twb> tele9: trying to "hide" your email address from the internet is futile
<AtomicSpark> fbdystang: looks like it prompts you using html auth when you try to click a button on this page http://localhost:631/admin
<tele9> AtomicSpark: talking about experience?
<tele9> twb: not so worried about my email...
<twb> tele9: oh, you mean your postal address?
<AtomicSpark> tele9: Yes. They charged me $30 to "save" my domain.
<tele9> twb: yes.
<twb> Meh.
<AtomicSpark> tele9: i believe you can customize the whois for nearlyfreespeech. i forget.
<twb> You mean that people actually post shit to your apartment because you happen to have it in WHOIS?
<AtomicSpark> tele9: like you can just have their address, but keep your name.
<fbdystang> AtomicSpark: exactly, is there a standard root password for the thing?
<AtomicSpark> fbdystang: my administrator account works for it.
<AtomicSpark> fbdystang: so maybe anyone with sudo access?
<AtomicSpark> fbdystang: we dont root on ubuntu :P
<AtomicSpark> hold on, my server keeps rebooting and it's annoying.
<fbdystang> AtomicSpark: I know, like everything else with ubuntu though, ....ok, I tried with sudo and it didn't work :(
<AtomicSpark> fbdystang: tried what with sudo?
<AtomicSpark> fbdystang: just enter in *your* username and password when it prompts you.
<AtomicSpark> haha! i tried to boot off a blank cd :\
<fbdystang> AtomicSpark: yea that's what I meant, it didn't work
<fbdystang> NICE
<AtomicSpark> you sidetracked me and i never got around to burning ubuntu server.
<fbdystang> haha sorry
<AtomicSpark> or... it failed to burn. interesting.
<fbdystang> what burner you running?
<tele9> twb: yup, or do even more. identity theft, etc...
<AtomicSpark> ...
<AtomicSpark> welp, my desktop asploded. bbl.
<fbdystang> ouch
<twb> tele9: if you can afford a domain name, you can probably afford a few more dollars for a PO box
<twb> Or just abuse your office address or something :-)
<tele9> twb: are PO boxes allowed? I don't think so... but a whois guard sounds good to me.
<twb> tele9: dunno
<twb> I stick to dyndns names because I don't give a shit about my TLD suffix
<twb> That and I am poor
<twb> $1/mo would mean doing twice as much work
<tele9> lol
<fbdystang> I have an old HP printer connected to a windows computer which is on the network in samba. Can this printer be connected to the network and printed on by others?
<fbdystang> I mean can it be seen by CUPS and my ubuntu server?
<AtomicSpark> Yes
<fbdystang> REally? how?
<fbdystang> I am in the cups webpage admin now
<AtomicSpark> I'm not sure.
<fbdystang> do I have to log into the web page from that specific windows computer?
<AtomicSpark> No.
<AtomicSpark> Do you have an option under "other network printers" for Windows Printer via SAMBA?
<AtomicSpark> If not, then samba support isn't installed by default on a server and I haven't done that before. Probably just a simple samba-client thing.
<fbdystang> yea, "Windows Printer via SAMBA"
<AtomicSpark> Wonderful.
<fbdystang> I have samba installed, btw did you get your desktop working correctly?
<AtomicSpark> So you should be able to use that to add your shared printer on your windows machine.
<AtomicSpark> Then other computers can technically use your linux server to print.
<tele9> now that I have found a good registrar, what are good name server hosting companies?
<AtomicSpark> Here are the docs https://help.ubuntu.com/9.10/serverguide/C/cups.html
<AtomicSpark> tele9: i use my registrar. do you have a website? what kind of host? if it's dedicated or vps, you could set your own dns up ;)
<tele9> AtomicSpark: setting your own dns up on your vps or dedicated is usually not a good idea. I'd like to keep registrar, name server and web hosting separate.
<fbdystang> Right, I have read that. I just am not sure how CUPS will see it because the printer is only attached to windows through a usb, not shared
<AtomicSpark> well linode also provides dns. seprate from your vpn.
<fbdystang> yet the doc says it will
<AtomicSpark> fbdystang: get on your windows machine and share the printer! :)
<AtomicSpark> fbdystang: just like you'd share a file or folder.
<AtomicSpark> right click, shareing and security, etc.
<fbdystang> OK, never done that but I will try
 * AtomicSpark downloads karmic iso
<AtomicSpark> oh, by the way, where would I file a "bug" about the server info section of ubuntu.com? who maintains it?
<AtomicSpark> not having a link to the torrent or other files is :\
<fbdystang> I could have sworn I got it from a link a couple of days ago
<AtomicSpark> There is a link on the "desktop" pages.
<AtomicSpark> compare: http://www.ubuntu.com/GetUbuntu/download http://www.ubuntu.com/getubuntu/download-server
<AtomicSpark> under alternative download options of the first link, you can go to torrents, which list the server.
<AtomicSpark> at least they had the sense to push 64bit on the server <3
<fbdystang> I noticed that :)
<AtomicSpark> 08r2 is 64bit only. :3
<fbdystang> both pages give same options
<fbdystang> I am not seeing what you are talking about
<AtomicSpark> First link has "Other download options" section and links?
<AtomicSpark> under the version choices.
<AtomicSpark> second link just goes on about cloud computings. :P
<twb> "Little Johnny just loves to compute his cloud!  It sure it swell!"
<fbdystang> AtomicSpark: No, right below the download location is "alternativ download options" which you click on and get the options
<fbdystang> there you can switch between 64 32 and 8.04LTS and 9.10
<qman`> yes, but there is no link to the torrents
<qman`> that is what he's getting at
<fbdystang> ok agreed
<AtomicSpark> fbdystang:)
<AtomicSpark> Happy tomorrow!
<qman`> I recall having some trouble finding what I wanted this time around, too
<qman`> ended up finding a mirror and browsing the files manually
<qman`> I realize they're trying to simplify the page for new users, but that's no excuse for removing important links altogether IMO
<AtomicSpark> Anyways, hopefully the karmic server installs and I wont have to grumble about grub failures. :)
<fbdystang> why not just download direct?
<fbdystang> it has grub2 now :)
<AtomicSpark> Torrents are good mmk.
<qman`> this time of year, no reason not to download direct
<qman`> but around launch time, torrents are the only way you'll ever get it
<AtomicSpark> Well, I like saving ubuntu money :)
<fbdystang> :)
<twb> IMO better to download from your local university or ISP mirror
<AtomicSpark> Yeah.
<AtomicSpark> My ISP doesnt do that.
<AtomicSpark> And neither does my college.
<twb> Replace them
<AtomicSpark> This is the US, we have monopolies
<twb> Replace your nation-state
<twb> Your constitution even guarantees you the right to do so
<qman`> our constitution guarantees a lot of things
<qman`> but right now we have some socialists running the place and ignoring it
<qman`> give it time
<fbdystang> there has to be a university around that does
<AtomicSpark> Also, there will be an option soon, i believe it's like "do you want to activate the scusi array" (at least it did in intrepix). I have a real array controller and it's setup to manage it. Do I say yes or no? What does this do exactly?
<AtomicSpark> Debian installer isn't very... explaining.
<AtomicSpark> s/scusi/scsi
<fbdystang> How do I connect CUPS to a shared windows printer?
<twb> qman`: it's quaint how you consider socialism to be a BAD thing.
<AtomicSpark> Did something change in Karmic? I have my RSA public key in authorized_keys on my server and when loging in, it still prompts for my password and not passphrase. I even recreated my key and used seahorse's wizard. :\
<twb> AtomicSpark: ask /var/log/auth.log on the server
<twb> AtomicSpark: probably you have incorrect permissions on a relevant file or directory
<AtomicSpark> ssh -vv claims my key is failing. not sure why. permissions are intact. debugging in -ot
<twb> AtomicSpark: do what I told you
<twb> AtomicSpark: the ssh client CANNOT tell you what is wrong
<AtomicSpark> Dec 14 01:41:16 proliant sshd[2317]: Error attempting to add filename encryption key to user session keyring; rc = [1]
<twb> I don't know what that means.
<AtomicSpark> Me either.
<AtomicSpark> :P
<twb> Maybe your authorized_keys file contains gibberish?
<twb> Increase sshd's debugging and restart it
<AtomicSpark> One would hope not, i used a fresh .ssh/ dir and seahorse. :\
<AtomicSpark> Nevermind, #361984
<AtomicSpark> https://bugs.launchpad.net/ubuntu/+bug/361984
<uvirtbot> Launchpad bug 361984 in ubuntu "Can't login via ssh with public key because of encryptfs" [Undecided,New]
<AtomicSpark> There's a bot for that. Cute.
<AtomicSpark> Well that bug fails, but obvious reason is obvious.
<AtomicSpark> My home directory is encrypted, it cant read .ssh if it's not there.
<AtomicSpark> So I'll have to put my key into the /etc version.
<AtomicSpark> Well that wont work either. Nevermind.
<pltn> hello! have anybody any advices what to read about configuring samba4 on ubuntu 9.10 as a domain controller
<twb> Samba 4 hasn't been released by the Samba developers.
<pltn> but "sudo apt-get install samba4" works
<twb> There appear to be alpha builds in Intrepid onwards, but you'd be made to deploy alpha software in a production environment.
<pltn> hm...
<qman`> twb, since this isn't #politics, I won't really get into it, but I hold freedom and individual rights above all else, and socialism flies in the face of that
<jiboumans> good monring
<qman`> a good morning indeed, going quite nicely here :)
<jiboumans> ttx++ # fixer of bugs
<persia> Would this be a good forum to ask questions about etckeeper default config?
<jiboumans> persia: if we have the answer, we'll happily give it to you. so go ahead and ask
<persia> heh.
<persia> So, I use lvm on most of my systems, and end up creating and destroying volumes fairly regularly (snapshots).
<persia> etckeeper tries to keep track of all of this, which strikes me as noise, but I'm not sure everyone would perceive it that way.
<persia> So I wondered about the feasibility of dropping inclusion of /etc/lvm/backup/* or if someone had a good usecase to keep it.
<persia> (but I'm somewhat uncertain if this is really a server thing, or more general)
<jiboumans> persia: i'm not sure about best practice in this case. a quick google shows this: http://groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/82dcdcac33766359
<persia> There's also inherently transient stuff like /etc/resolv.conf.  The trick is making sure the default ignore list is correct.  I'm sure everyone has pet stuff they add as an admin, but I'm less confident when it comes to making a change that affects everyone.
<persia> Alternately, one could make the argument that some of that stuff doesn't belong there at all :)
<Belgarath> anybody know what is the status on xen support in karmic kernels ?
<persia> A couple weeks ago I heard it didn't work, but that is unverified hearsay.
<Belgarath> persia: it is verified
<Belgarath> :P
<Belgarath> there is no xen support compiled in the -virtual kernel
<Belgarath> and you cannot use older host kernels anymore
<Belgarath> due to some changes in mountall
<Belgarath> which require newer kernel to be present
<persia> Belgarath: I believe the issue was that not enough developers were working on Xen.  If you use it, and you'd be up for making sure it works, I'm sure that it could come back for lucid.
<Belgarath> persia: ok, I am following the bug in the launchpad
<Belgarath> what more \I can do ?
<persia> Not being someone who understands the Xen stack, I'm not sure precisely.
<persia> But submitting patches that would make it work, etc. tends to be a good place to start.
<persia> Perhaps someone more familiar with Xen can comment on how you can help in more detail.
<twb> triaging bug reports is also a good way to get started
<persia> Indeed.
<Daviey> IMO Xen needs some serious QA.
<Daviey> Currently it recieves little, if any
<Daviey> Espeically as most issues get raised post-release.
<Daviey> such as not having a usable kernel :)
<Daviey> kernel oops generating locale in chroot.
<Belgarath> Daviey: to be honest I wouldn't even notice this
<Belgarath> but karmic require newer kernel than my host have\
<Belgarath> and I wanted to use the gest kernel rahter than host to boot it up
<Belgarath> aybe that is why this things do not get attention
<PC_Nerd101> Hi,  I'm looking to have a number of server installations on a private network -  all running identical installations including packages etc.  Is there anyway to setup a mirror that only downloads and updates those packages which are requested through it from the LAN...ie-  it doesnt store all 220 og GB, just teh few packages that it is requested of?
<jiboumans> PC_Nerd101: this forum thread has some great pointers: http://ubuntuforums.org/showthread.php?t=123640
<jiboumans> basically, 'yes you can' and that thread shows 3 or so ways that might be useful to you
<dru> hey people....this is a rtfm question: a 0700 filepermission is viewable by the user or is there something im missing here
<jpds> dru: It is.
<dru> im still trying to make samba users folders inaccessable to other users. accouring to the man samba inherits the filepermissions used by the system. meaning that a file with a 0700 permission shouldnt be viewable to other users. I mus be missing something
<soren> dru: "viewable" is slightly ambiguous.
<soren> dru: Other users can /see/ the file. They just can't open it and see its contents.
<PC_Nerd101> jiboumans: Thanks - I'll look into it :)
<dru> can I use "." to make files invisible?
<dru> k scratch that
<zul> mornnig
<jiboumans> morning zul
<zul> hey jiboumans
<jiboumans> zul: i think we got the needed feeedback on server-lucid-improve-testcases
<jiboumans> probably time for a 2nd pass
<zul> jiboumans: sure ill take a look at it today
<jiboumans> thanks zul
<zul> jiboumans: just trying to wake up ;)
<jiboumans> zul.insert( coffee )
<zul> jiboumans: dude I was surrounded by coffee fields when I grew up...hate the stuff
<jiboumans> zul: ok, jumping face first in the snow may have the same effect, if you prefer
<zul> jiboumans: meh...im indifferent to it
<jiboumans> zul: let us know how the landscape code drop comes along as well please
<zul> jiboumans: will do
<zul> what do people think about putting php 5.3 in universe?
<sommer> +1
<soren> zul: Would that leave another version of php in main?
<zul> soren: yeah the 5.2.11
<soren> zul: There's a separate source package for php 5.3?
<zul> soren: i believe so I thought I would throw the idea against the wall and see what people would say
<soren> zul: I don't understand the proposition, then. What's so bad about php 5.3 that we prefer 5.2 over it?
<soren> fwiw, I don't see this other source package. What's it called?
<zul> soren: its still in debian experimental and its not well maintained by debian yet
<zul> oh wait it isnt a seperate source package
<zul> nm :)
<smoser> good morning all.
<smoser> soren, zul ttx, could one of you
<Cromulent> afternoon
<smoser> a.) accept nomination for karmic for bug 494185
<uvirtbot> Launchpad bug 494185 in ec2-init "ec2-init selects us-east-1 mirror when running in us-west-1 region" [Medium,In progress] https://launchpad.net/bugs/494185
<smoser> b.) sponsor it for lucid
<zul> smoser: i can do it
<zul> but it will cost you your first born
<zul> just kidding
<smoser> zul, thanks. the lucid isn't all that important, as I expect to be working on ec2-init heavlily this week, but please accept the karmic proposal
<smoser> zul, and be careful what you wish for on the first born thing
<smoser> i would have thought you'd have learned in the past 2 years that that isn't that smart of a request.
<zul> smoser: i would have placed an advert on ebay ;)
<smoser> ah.
<zul> smoser: so you want that debdiff in its entirety?
<smoser> yeah, are you questioning the 'include' ?
<smoser>    simple-patchsys.mk ?
<zul> no the debian/changelog
<smoser> i added that because as it is right now there is no patch system for ec2-init in karmic.
<zul> its still for karmic
<smoser> and i wanted the hardy to be easily based off the karmic
<zul> but im uploading that for lucid
<smoser> karmic == lucid right now.
<smoser> so lucid isn't htat important, but sure.
<zul> gotcha
<zul> done
<ttx_> smoser: how would the karmic SRU affect the cloud images ?
<ttx> smoser: it would get caught in a future image respin ?
<zul> smoser: also why did you add simple-patchsys.mk?
<smoser> ttx, yes, karmic sru affect cloud images. it would get caught in future respin by design
<ttx> smoser: ok
<smoser> zul, i said why i added the patchsys.mk above, but here again... i did it because right now the hardy deb is based on the karmic and the karmic has no patchsys at all
<smoser> so, in the hardy , i have some patches that "hardy-ify" the karmic deb, and they're done via simple-patchsys.
<zul> smoser: ttx and I just wanted to clear that up
<smoser> you can see that diff at https://launchpad.net/~ubuntu-on-ec2/+archive/ppa/+packages
<zul> gotca
<smoser> the goal was that a diff of hardy and karmic debs would show only the hardy changes
<smoser> and thosw woudl be in pathches as patchsys
<smoser> ttx, zul what do i need to do next to get it into karmic?
<zul> smoser: file an SRU request
<zul> lemme pull that up for you
<zul> https://wiki.ubuntu.com/StableReleaseUpdates
<smoser> ok
<uvirtbot> New bug: #493761 in php5 (main) "php5: build from source: Patch suhosin.patch does not remove cleanly after running configure-* rules" [Wishlist,Confirmed] https://launchpad.net/bugs/493761
<uvirtbot> New bug: #495424 in samba (main) "Ran automatic updates. Left system for a while, on return it had tried to reboot & hung, had to recover" [Low,Confirmed] https://launchpad.net/bugs/495424
<uvirtbot> New bug: #496157 in php5 (main) "Update to PHP 5.3.x in Lucid" [Wishlist,Confirmed] https://launchpad.net/bugs/496157
<uvirtbot> New bug: #495904 in ntp (main) "package ntp 1:4.2.4p6+dfsg-1ubuntu5.1 failed to install/upgrade:  subprocess installed post-installation script returned error exit status 127" [Low,Incomplete] https://launchpad.net/bugs/495904
<uvirtbot> New bug: #495481 in dhcp3 (main) "package dhcp3-server 3.1.2-1ubuntu7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Low,Confirmed] https://launchpad.net/bugs/495481
<uvirtbot> New bug: #440685 in tomcat6 (main) "Make it clearer that JAVA_OPTS is about JSVC options" [Wishlist,Fix released] https://launchpad.net/bugs/440685
<uvirtbot> New bug: #494783 in dbconfig-common (main) "package bacula-director-mysql 2.4.4-1ubuntu9 failed to install/upgrade: le sous-processus script post-installation install? a retourn? une erreur de sortie d'?tat 1" [Low,Confirmed] https://launchpad.net/bugs/494783
<freakynl> hi, can i run php 5.1.x on ubuntu 8.0.4? (is it in repository)? we upgraded a webserver and 3 sites don't run on php 5.2.x. i need to temporarily create an additional server with a php 5.1.x version
<soren> freakynl: The only currently supported version of Ubuntu that shipped with php 5.1.x is dapper.
<freakynl> soren: thx :) dapper is 7.04 i presume then so -server has security updates until april?
<freakynl> oe 6.06 lts then
<ScottK> freakynl: Server LTS support is 5 years, so until June 2011
<freakynl> that should be plenty of time to have them update their old typo3 install... it's giving me serious headaches. restored it in the same way about 15 times and only worked twice (the front-end that is the back-end is always broken can't save new content)
<Doonz> hey guys im trying to download VMware server 2.0 for ubuntu server. DOes anyone know of the direct download link for the file?
<freakynl> i find it extremely hmm 'surprising' the same backup only works some times. once i had it running and with no changes it just stopped a day later :/
<freakynl> Doonz: afaik it's behind a wrapper that checks session id
<Doonz> yeah how can i download it using elinks or wget
<freakynl> Doonz: no session id == no download. i tried to download it with wget a couple of times
<Doonz> fuck sakes
<freakynl> Doonz: don't know how handy you are...
<freakynl> Doonz: i got it working once. it wget you can pass a cookies file. i exported it from my browser and copied it over to the server then used it
<freakynl> if they added ip check in the mean time it won't work tho'
<Doonz> Ill just bitch at their sales deparment
<freakynl> Doonz: i don't think you'll make much of an impression as a free user :)
<Doonz> Naw it was for proof of concept
<Doonz> we were looking at 3million datacenter
<freakynl> Doonz: esxi is nicer :)
<Doonz> yeah but i need to keep it simple
<Doonz> i still need the ok from management who only understand buzz words
<freakynl> oh throw in some: power savings, consolidation, ha, vmotion (nice for hardware maintenance) they should be shaking hehe
<Doonz> pretty much
<freakynl> ScottK: thx :)
<MatBoy> damn sudo sucks for scp
<smoser> MatBoy, why?
<smoser> (scp in general sucks for lots of things)
<MatBoy> smoser: I need ssh keys to copy files :S
<cjwatson> so use scp -i
<MatBoy> you just can't scp a config file with sudo
<MatBoy> scp is nice
<MatBoy> keys it nicer
<MatBoy> also with scripting
<smoser> what are you trying to do ?
<MatBoy> just SCP-ing some files, that is possible in different ways but I need to use some script for it in the future so keys are nicer than
<smoser> kirkland, what options do you give to the installer to do an install in console mode ? i remember you talking about driving that "blind" with cjwatson at uds
<cjwatson> MatBoy: you can supply a specific key to scp using the -i option
<raked> hello......
<smoser> MatBoy, so 'sudo scp user@host:/path/to/file .' ? and that is not respecting keys of current user or root?
<cjwatson> MatBoy: this should be enough to cope with scp's default search algorithm not finding your keys because its home directory is different
<MatBoy> smoser: your way does not has the good rights
<MatBoy> on the target
<cjwatson> is the problem keys, or file permissions?
<cjwatson> you're not being very clear I'm afraid
<kirkland> smoser: well, you have to add "fb=0" on the kernel boot line
<smoser> MatBoy, could you give the command that you're running and whats not working ?
<smoser> kirkland, thanks. thats what i needed.
<kirkland> smoser: this might help if you want that by default:
<MatBoy> cjwatson: the permissions for sure but I need to copy files anyway in the future without any password that I want to have in my scripts :) so keys are better
<kirkland> smoser: sed -i "s/initrd.gz quiet --/initrd.gz fb=0 -- /" foo.iso
<cjwatson> kirkland: technically, isn't that fb=false?
<kirkland> cjwatson: i managed to get it working with fb=0
<cjwatson> kirkland: undefined behaviour :)
<cjwatson> MatBoy: I've given you a solution to your keys problem, I believe
<kirkland> cjwatson: heh, well, i wanted that sed line to replace an exact number of characters
<kirkland> cjwatson: and fb=false overruns the buffer :-)
<kirkland> cjwatson: but it seems to work
<cjwatson> ok, just don't be surprised if it breaks in the future ...
<kirkland> cjwatson: sed'ing the ISO, though, is undefined/unsupported behavior too
<cjwatson> yes, but (amazingly) perhaps less so
<kirkland> cjwatson: point me to the code, and I'll make sure that fb=0|fb=false works
<cjwatson> kirkland: I'd prefer you didn't. any value other than 'true' and 'false' is firmly out of spec for debconf booleans
<kirkland> cjwatson: okay
<cjwatson> it happens that currently the test is '= true', but in the future it's just as entitled to be '!= false' if that happens to be more convenient for somebody's code
<kirkland> cjwatson: could we revisit a better mechanism for optionally turning the fb off in the server installer?
<cjwatson> at some point when I am doing nothing else, maybe ;)
<cjwatson> you have something which works for now
<kirkland> smoser: okay, see cjwatson's comments, that should be fb=false, rather than fb=0
<TeTeT> is there a limit on the number of instances per cluster in UEC? Or is it infinite?
<TeTeT> kirkland: ^ any idea?
<kirkland> TeTeT: it's a configurable setting, function of how many cores per Node
<kirkland> TeTeT: by default, it's 1 instance per core per node
<kirkland> TeTeT: so if you have 10 nodes, each with 8 CPUs, it's 80 instances
<kirkland> TeTeT: (sort of)
<kirkland> TeTeT: you can change MAX_CORES in the /etc/eucalyptus/eucalyptus.conf on the CC
<kirkland> TeTeT: *however* ...
<TeTeT> kirkland: argh, wrong question, I wanted to ask about nodes per cluster, sorry
<kirkland> TeTeT: oh
<kirkland> TeTeT: there's technically no limit, however, you need to consider your IP address space
<kirkland> TeTeT: if you're doing regular /24 subnets, you can't do more than 255 VM instances per cluster (CC)
<kirkland> TeTeT: and the number of instance is a function of your CPUs (see above)
<kirkland> TeTeT: i recommend keeping it to <255 instances per cluster
<kirkland> TeTeT: so take 255 / #_of_cpus => that should give you the number of recommended nodes
<Daviey> kirkland: What happens if MAX_CORES=0 ?
<kirkland> TeTeT: if you want more than that, you need to reconfigure your IP networking to handle a bigger subnet
<lau> hello what is the purpose of the mail group in /etc/group ?
<kirkland> Daviey: dunno ... I suspect that your cluster then serves no instances :-)
<Daviey> kirkland: awesome :)
<rickspencer3> smoser, thanks for the desktop in the cloud work!!
<rickspencer3> I'll check it out as soon as I get a chance
<smoser> good deal
<TopKatz> hello -  I using a hardware raid card.  I'm wondering how I'm suposed to handle a kernel/eader upgrade with the cards drivers.  Right now I reboot the system after update, and have to reinstall the drivers, using make install.  I feel Im doing this wrong, as the raid has to come up with no drivers first.  Can I jsut do the make install before reboot, but after header update.  Should the make install build against the new header
<TopKatz> before reboot?
<TeTeT> kirkland: thanks
<kirkland> TeTeT: np
<TeTeT> kirkland: is the cc issuing the wake up for powersave or the clc?
<kirkland> TeTeT: CC
<kirkland> TeTeT: each CC can have a different scheduling policy, actually
<kirkland> TeTeT: ROUNDROBIN | GREEDY | POWERSAVE
<TeTeT> kirkland: ok
<kirkland> TeTeT: we played with this quite a bit last week; worked pretty well
<TeTeT> kirkland: great to read :)
<TeTeT> kirkland: would love to know how to separate the cc and clc. but i guess it will be much easier with 10.04
<kirkland> TeTeT: hard to do in retrospect
<kirkland> TeTeT: pretty straightforward from scratch
<kirkland> TeTeT: you just install ubuntu servers
<kirkland> TeTeT: and then add the eucalyptus packages
<kirkland> TeTeT: https://help.ubuntu.com/community/UEC/PackageInstall
<TeTeT> kirkland: I've done that in the past, but the clc refused to start then, I think I filed a bug on this, but it got converted to a question
<cjwatson> converted to a question> argh bug triagers
<cjwatson> TeTeT: should indeed be easier in lucid since we're actively trying to support this, which we weren't previously
<TeTeT> cjwatson: that's what I thought. But I guess it's too early for Lucid to test this?
 * kirkland wishes launchpad answers/questions would go away
<cjwatson> TeTeT: it's not quite all in place yet, but it's definitely worth a try; a good chunk of relevant code landed just after alpha 1 and is in daily builds
<cjwatson> assuming you have a scratch cloud, anyway
<TeTeT> cjwatson: I have space on the disk, so I create a separate install
<TeTeT> cjwatson: I'll probably start testing tomorrow if stuff is already in place
<cjwatson> in particular the foundations-lucid-uec-installer-enhancement spec is (allegedly) implemented
<cjwatson> some autoregistration stuff will be in tomorrow's build
<MatBoy> I still have the issue when I do a scp -i that I don't have permissions on the remote files
<smoser> soren, i think we've talked about this before, or at least how we could re-use a image with a different kernel... ec2-register now takes '--kernel' and '--ramdisk' it previously did not.
<smoser> interestingly (to me at least) it also includes "--root-device-name ROOTDEVICENAME"... which might be a way to influence kernel command line
<smoser> ie: --root-device-name "/dev/sda1 console=/dev/null other-option-here"
<sub> so you want to use string injection as a 'feature'?
<smoser> sub, yes.
<smoser> at least it could be.
<smoser> we've stuggled with 2 objectives in the past
<smoser> a.) have images that run on UEC and EC2
<smoser> b.) be able to determine which we're running on
<smoser> if i can pass a kernel command line parameter via the above, then i could register all our images with "ec2" paramter and use that to indicate where they're coming from
<sub> IMHO that sounds like a bad idea, to rely on a "bug" to introduce functionality
<smoser> errr where they're booting
<sub> what happens if that gets patched?
<smoser> you're probably correct. although its not really a bug.
<sub> string injection is absolutely a bug
<MatBoy> I just think I need to set a passwordfor the root account, that will solve everything
<cjwatson> MatBoy: the authentication method in use has absolutely no effect on file permissions
<cjwatson> MatBoy: have you tried scp's -p option
<cjwatson> ?
<cjwatson>      -p      Preserves modification times, access times, and modes from the
<cjwatson>              original file.
<cjwatson> MatBoy: or you could use sftp if you want more flexible control.
<smoser> sub, i agree that its probably a bug / un-realized feature in some cases. but if the point is to specify the root device to the kernel, then using it as 'root=/ec2/sda1' would basically have to be allowed.  It wouldn't make good sense from the hypervisor platform to dictate what devices can be named in the guest.
<sub> no, that part is fine, i was more concerned about trying to add other options afterwards
<sub> maybe i misread?
<sub> which is entirely possible
<smoser> well, yes, i did imply that was probably possible.
<smoser> but theres no real way to differenciate in a hypervisor between "yes thats a valid root device" and "they're trying to inject stuff"
<smoser> as you can't know what the guest is going to name things
<smoser> maybe "/dev/sda1 ec2" is actually what my guest names the first scsi partition when running on ec2
<sub> what if they wrap the arg you're providing in quotes?
<smoser> mostly hypothetical here. anyway.
<smoser> i can easily enough ignore the quotes in the guest
<smoser> and afaik the kernel command line parsers basically dont use quotes
<sub> well
<smoser> in fact wrapping them in quotes would probably break current behavior
<sub> my only real concern is what happens if Amazon drops support for that? unbootable VMs?
<smoser> ie: root="/dev/sda1"
<smoser> would probably fail in many cases
<smoser> well you "register" an image that is mostly permenant. so if they dropped support for reading the data that was registered to the image, they'd be breaking existing customers.
<smoser> and changing the platform's behavior for existing images, which in general would be a bad idea.
<smoser> you definitely raise valid concerns though
<sub> yeah, i guess it would be bad to 'de-register' certain info
<bep> I did a fresh minimal server install and installed xorg and when I try to launch a session I get "X: user not authorized to run the X server, aborting.". Is there a group I need to be added to or something?
<uvirtbot> New bug: #428552 in samba (main) "samba service denies connection after reboot" [Undecided,Invalid] https://launchpad.net/bugs/428552
<TopKatz>  after you update a systems headers, if I rebuild a driver, and make install it, before I have rebooted the system.  Will the driver be built agains the new headers?
<resno> does using squid for proxy and site caching make an noticeable difference in speed?
<resno> for users on a netowkr?
<arj> yes
<arj> but you should benchmark to find out how it affects your network
<arj> because it might be slower or faster
<zul> kees: ping when you are around
<resno> arj: would it be enough to be worth the hassle?
<smoser> kirkland, have you done an install of lucid into kvm ?
<smoser> i just got through one using '-hda' and grub is hanging (used alpha1 iso)
<uvirtbot> New bug: #496661 in qemu-kvm (main) "Kaspersky AV does not install under qemu-kvm windows installation" [Undecided,New] https://launchpad.net/bugs/496661
<kees> zul: late pong, was this about the stuff in privmsg?
<zul> kees: yep
<smoser> kirkland, ping
<obscure> Hey, I have 2 drives in my Ubuntu server, one is only seen in df-h, how can I format the other to be seen in the list as well?
<arj> partition it
<arj> mkfs
<arj> mounbt
<arj> mount*
<arj> add to /etc/fstab
<kirkland> smoser: yo
<smoser> have you successfully booted lucid with -console in kvm ?
<smoser> i can't seem to get parameters in grub that dont switch to 640x480 mode
<kirkland> smoser: I did with the Nov 27 ISO
<kirkland> smoser: i'll try today's
<smoser> even after install, it just wants to switch. kvm cmdline is: kvm -drive if=virtio,boot=on,file=lucid-server-20091214.img -console.
<smoser> kernel command line that i'm trying now is:
<smoser> BOOT_IMAGE=//vmlinuz-2.6.32-7-server root=/dev/mapper/ubuntu-root ro quiet fb=false nomodeset
<obscure> thank arj
<obscure> thanks*
<vomjom> so i'm using the ubuntu karmic image on ec2, but it doesn't seem to have ext4 support
<vomjom> is there a simple way to get it?
<obscure> arj: partition it with cfdisk?
<arj> if there are no partitions yeah
<arj> cfdisk is fine
<smoser> vomjom, you're correct that there is no ext4 support (bug 428692)
<uvirtbot> Launchpad bug 428692 in linux-ec2 "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Triaged] https://launchpad.net/bugs/428692
<smoser> there isn't a lot that can be done at the moment. you could boot with a lucid kernel
<vomjom> smoser, ok, thanks
<smoser> (run-instances --kernel xxx)
<smoser> but that may or may not have issues with the registered ramdisk for the image
<smoser> vomjom, it should be possible to build ext4 support as a module and load it, but that might be more than you're wanting
<smoser> lucid kernels do have ext4 support
<smoser> and we may service that bug in karmic
<aquarius> I've tried to upgrade my Ubuntu server from jaunty to karmic, and it says "After your package information was updated the essential package 'ubuntu-minimal' can not be found anymore.". There are bugs about this, which suggest that I should try "do-release-upgrade --proposed", but that hasn't helped
<aquarius> what should I try next?
<uvirtbot> New bug: #496686 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.1 failed to install/upgrade: subprocesso instalado o programa post-installation retornou erro do status de saÃ­da 1" [Undecided,Incomplete] https://launchpad.net/bugs/496686
<soren> smoser: I don't understand how that even makes sense. Did they extend the RegisterImage api call to accept kernel and ramdisk images.
<smoser> yes
<smoser> and 'root'
<smoser> i know , its wierd. but its there in the documentation
<smoser> http://docs.amazonwebservices.com/AWSEC2/latest/CommandLineReference/ApiReference-cmd-RegisterImage.html
<photon> which is the most secure ubuntu server version 8.04.2 LTS or one of the newer versions?
<unit3> photon: that's like asking "which movie is the best". It depends on what you're trying to accomplish. Generally the security issues are more stable, known, and well defined in the LTS release, so that's probably what you're after.
<unit3> and note that hardy is up to a .3 minor release now, I believe, not .2.
<photon> ok
<ScottK> photon: There has been a lot of work done on hardening since Hardy was released, so from a security perspective along, 9.10 is the best.
<unit3> ScottK: there's also a lot of new issues in new packages that haven't been as fully tested. it's a tradeoff. 9.10 certainly isn't as bug-free as 8.04.x, and bugs can often be translated into security problems.
<jdstrand> unit3: ScottK was speaking to proactive security features, such as compiler, libc and kernel hardeing, along with more apparmor profiles
<ScottK> unit3: Certainly a possibility, OTOH a lot of bugs have been fixed since Hardy's release.
<unit3> jdstrand: yep, I'm just saying that while that has taken place, there's also the opportunity for new problems that haven't been as widely documented and dealt with as in the LTS release.
<jdstrand> 9.10 is much better in terms of proactive features, and 10.04 LTS will be better still
<ScottK> Also as jdstrand says.  Those changes also help mitigate risk of unknown bugs.
<unit3> for instance, on at least two of my servers, apparmor prints that it's respecting the apparmor.d/ignore and apparmor.d/complain directories, but it's lies, and you have to do a full apparmor restart manually once the system is booted to get those to take effect.
<unit3> which leads to unpredictable results in a layer that's supposed to be securing you.
<unit3> unpredictable = bad for security, IMO. ;)
<jdstrand> unit3: I suggest files bugs on that
<unit3> Will do, just haven't had much time lately. Now might be good though, since I'm thinking about it.
<jdstrand> I've certainly not seen it
<jdstrand> please do, that is definitely something we would want to address
<unit3> Yeah, I'd assume so. I'm not seeing it everywhere, so I'm assuming it must be a config conflict with something else happen at boot time.
<unit3> but it's consistent on this system, and so it is a good example of "new proactive features vs well tested" for security, I think. :)
<unit3> ok, narrowing my testing for the report, it looks like it loads "ignore" rules as "complain" on default instead of full ignore. That's less serious, but still annoying, since it fills my logs with cruft.
<unit3> 496770
<kees> interesting. i'll try to reproduce that.
<unit3> Please do. I suspect it's some weird config on this server, since it has been upgraded constantly since 7.something.
<unit3> but I can't imagine what it'd be, since apparmor's pretty self contained.
#ubuntu-server 2009-12-15
<thorsten11> hello all
<unit3> hey
<ewook> yo.
<photon> Yo.
<pmatulis> oi
<darthanubis> 2.6.31-16-generic-pae I don't know why this kernel got installed, but I'd like the plain ole linux-image-server kernel to be used
<darthanubis> I installed the server pacakge but it does not seem to have installed that jernel?
<darthanubis> could someone point out my error please?
<MTecknology> darthanubis: pastebin apt-get search linux-image
<darthanubis> k
<darthanubis> you mean apt-cache?
<MTecknology> use aptitude
<darthanubis> http://pastebin.com/d6dab1f42
<darthanubis> I don't even see the kernel in the cache?
<MTecknology> 21:13 < MTecknology> use aptitude
<darthanubis> I see the meta-package but not the lernel
<darthanubis> the results are the same of course
<MTecknology> my patience is gone - too much going ont
<darthanubis> http://pastebin.com/d62dd978b
<MTecknology> they are not the same
<darthanubis> they are
<MTecknology> yup - patience gone
<darthanubis> thanks
<darthanubis> your first reply was incorrect to start
<darthanubis> anyone aboard know what they are talking about with a better attitude?
<ScottK> darthanubis: There is no i386 server kernel in 9.10
<darthanubis> thank you
<ScottK> It's either generic or generc-pae
<darthanubis> very much
<ScottK> MTecknology: If you don't have the patience to be helpful, it's better to say nothing (yes, I know this is hard).
<MTecknology> ScottK: Sorry... I've been really busy and I just wanted offer quick help. I just got ticked when I was greated with "......."
<Doonz> hey guys i need some help
<Doonz> any vmware experts in here?
<darthanubis> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<ScottK> Doonz: Your odds are a lot better during the US or European business day.
<TrickFinlay2> whats the issue Doonz?
<Doonz> well
<Doonz> i followed a guide to install
<Doonz> it seem to work
<Doonz> then when i went to connect to the web admin app nothing happened
<Doonz> im just trying to figure out how-to remove everything
<Doonz> but im brand new to linux
<MTecknology> Doonz: what version did you install?
<Doonz> VMware-server-2.0.2-203138.x86_64.tar.gz
<MTecknology> and on what version of Ubuntu?
<Doonz> 9.10 64bit
<MTecknology> I think the only officially supported version of Ubuntu is the last LTS
<MTecknology> did you install from command line so you can still give us the output?
<Doonz> here let me pastebin
<Doonz> http://pastebin.com/m16daa2e
<MTecknology> can you pastebin ls -l rm /lib/modules/2.6.31-16-server/misc/ ?
<Doonz> http://pastebin.com/m38295471
<MTecknology> Doonz: Do 'sudo -s' to becoem root
<MTecknology> rm /lib/modules/2.6.31-16-server/misc/vm*
<MTecknology> /usr/bin/vmware-config.pl
<MTecknology> Doonz: don't try running extra commands though
<ChrisRut> Where can I find ab2 in apt-get? I already did apt-cache search, and couldn't find anything?
<Doonz> MTecknology: it tells me to run as super user
<MTecknology> Doonz: did you do 'sudo -s' ?
<Doonz> ok will do
<MTecknology> ChrisRut: what is ab2?
<ChrisRut> http://httpd.apache.org/docs/2.0/programs/ab.html
<ChrisRut> apache benchmarking tool
<Doonz> http://pastebin.com/m661b0b25
<MTecknology> ChrisRut: I believe it's apache2-utils
<ChrisRut> nope... already got that one
<MTecknology> Doonz: did you run the rm command?
<ChrisRut> err, maybe I need to find it
<MTecknology> ChrisRut: can you pastebin 'ls -l /etc/apache2/mods-available/' ?
<ChrisRut> http://pastebin.com/m532d6299
<ChrisRut> I don't think it's a mod however... it should be it's own tool
<ChrisRut> sample use would be ab2 -c1 -n500 http://google.com/index.php
<Doonz> MTecknology:  i copy and pasted your command
<ChrisRut> Which would hit http://google.com/index.php 500 times
<ChrisRut> but it's used for benchmarking webservers, I want to use it on my own server
<ChrisRut> got it
<MTecknology> Doonz: do this...    rm -r /lib/modules/2.6.31-16-server/misc/   then   /usr/bin/vmware-config.pl
<ChrisRut> it's 'ab' not 'ab2'
<ChrisRut> sorry
<MTecknology> ChrisRut: did you find it after installing the -utils package?
<ChrisRut> no, I just relized it's ab, not ab2, sorry for the mixup, thanks for your help MTecknology
<ChrisRut> but to answer your question, yup it is inthe apache2-util
<MTecknology> ChrisRut: no - sorry I couldn't help you better
<MTecknology> no problem*
<ChrisRut> have a good one :-)
<Doonz> MTecknology: http://pastebin.com/m73b35d75
<MTecknology> Doonz: Yes
<MTecknology> Doonz: just follow the step by step instructions now. pastebin the output
<Doonz> ok
<Doonz> http://pastebin.com/m18daf56f
<MTecknology> Doonz: we need to kill those remaining processes
<Doonz> o.O
<MTecknology> Doonz: top -b | grep -v vmware
<MTecknology> Ctrl+C afterit runs once
<Doonz> ok done
<MTecknology> pastebin
<Doonz> ok
<MTecknology> and link..
<MTecknology> Doonz: and the link
<Doonz> bah i cant seem to copy the output
<Doonz> ive got 6 or so processes that i see with vmware in them
<MTecknology> you see the number...
<MTecknology> do kill PID
<MTecknology> where PID is the number
<MTecknology> after that...
<MTecknology> run the top command again and if anything still shows up use kill -9 PID
<Doonz> dont see anything else now
<MTecknology> run that script again now
<Doonz> ok
<Doonz> GAH
<Doonz> it still says theres crap running
<MTecknology> kill the services again...
<MTecknology> run the uninstall script
<MTecknology> Doonz: then find / -name *vmware*
<MTecknology> Doonz: then    find / -name *vmware*
<MTecknology> delete anything you don't need
<MTecknology> rm -r
<MTecknology> Then reboot; try to vmware install again
<Doonz> wow found a whole bunch more processes
<MTecknology> and good luck
<MTecknology> oh
<Doonz> used htop to kill them
<Doonz> now ill try rerunning that script
<MTecknology> good luck
<Doonz> ok its going now
<MTecknology> :D
<Doonz> lets see what happens
<MTecknology> gotta love it when there's massive issues
<Doonz> hehe
<Doonz> YAY thanx MTecknology
<MTecknology> Doonz: vmware is a pain... Xen is usually a better choice if your system can handle it. but for small implementations vmware works decent enough
<MTecknology> Doonz: for my system I use virtualboce. NP - glad it's working for you.
<Doonz> i just wanted it so i can load up ubuntu server on it and learn without hosing my main server
<MTecknology> virtualbox would probably have been easier :P
<MTecknology> I should have asked that to start
<maxagaz> hi
<maxagaz> how to do scp many files at the same time, like: scp [foo, bar, *.mp3] user@host:~ ?
<maxagaz> what is the correct syntax ?
<MTecknology> maxagaz: scp {foo,bar,*mp3}
<MTecknology> iirs - that will work if you're using bash
<maxagaz> MTecknology, thanks!
<MTecknology> np - hope I
<MTecknology> 'm right
<maxagaz> MTecknology, what about: scp foo bar *.mp3 user@host:~  ?
<darthanubis> maxagaz,  or you could shell in with gftp
<benc1> I want to use a cron job to send updates to another server with http every 1 minutes
<benc1> if the other server is not reachable or slow, is it possible that another job will start before the old one ends?
<benc1> do I need to lock the file the job reading the data need to be send?
<MTecknology> benc1: a timeout would be a better solution
<MTecknology> benc1: but ya, it's possible to launch it multiple times
<benc1> MTecknology: how do I make sure the file size won't increase all the time?
<benc1> MTecknology: can a job running every minute can hurt the server performance or is it negligible?
<ScottK> Depends on the job.
<ScottK> The act of cron triggering something won't have a significant impact.
<benc1> my cron will read data from a text file and send it using http (python?)
<MTecknology> benc1: what kind of data are you trying ot send?
<benc1> MTecknology: I run a social network that needs to sync friendships and profile changes with another server
<MTecknology> benc1: It sounds like you might be better off trying to use something like sshfs
<MTecknology> !sshfs
<ubottu> https://help.ubuntu.com/community/SSHFS
<MTecknology> benc1: then the data just shows up over there
<MTecknology> benc1: you could look into also using SQL synchornization across two servers
<benc1> looks interesting but I don't think it is usefull in my case
<MTecknology> just ideas..
<benc1> I'm actually providing a service to social networks
<MTecknology> oh
<benc1> so I want to keep it easy as possible
<benc1> http is great because the user doesn't have to open his server for me
<benc1> and we can always use ssl if we want security
<benc1> I don't expect large amounts of data but I don't want the social network to crawl if there is a problem with my server (the service)
<MTecknology> BLISS ->  /ignore -channels #freenode *
<MTecknology> :)
<MTecknology> benc1: If there's timestamps in the file... I'd say send it whole each time and let them deal with any overlap
<MTecknology> benc1: then like you said; just send it; if it fails you try again in 1min
<benc1> ok, thanks
<qman__> benc1, if timeouts become an issue, change it to every two or three minutes instead
<benc1> maybe instead of a cron job, the remote server can send an http request to the social network server
<benc1> the social network can keep the data in a db
<uvirtbot> New bug: #496840 in samba (main) "Failure to set permissions on Samba share via CIFS" [Undecided,New] https://launchpad.net/bugs/496840
<XiXaQ> can someone point me to a beginners guide to UEC and creation of guest instances? Or maybe I should say images, I mean the configuration of images from which instances are created.
<XiXaQ> how does it differ from cloning a base image using libvirt, for instance?
<falstaff|w> Hello, does anyone have an idea why libvirt always creates dnsmasq processes even when i want to configure routed networks? Is it a bug? Route doesnt work proper then...
<uvirtbot> New bug: #274298 in bridge-utils (main) "br0: Dropping NETIF_F_UFO since no NETIF_F_HW_CSUM feature." [Undecided,Fix released] https://launchpad.net/bugs/274298
<a_ok> Is it safe to remove all dead symlinks?
<lau> hello, how do I know if a server is kvm able ?
<lau> I used dmidecode and checked FLAGS VME (Virtual mode extension) on my proc
<lau> is there ayny way to determine if the server can be virtualized ?
<lau> I used dmidecode and checked FLAGS VME (Virtual mode extension) on my proc but not sure what to conclude
<_ruben> lau: trying to load the appropriate kvm module should give enough indication
<jiboumans> lau: the kvm homepage has a faq on this: http://www.linux-kvm.org/page/FAQ#How_can_I_tell_if_I_have_Intel_VT_or_AMD-V.3F
<_ruben> then again .. "being able to run kvm" and "can be virtualized" are totally different things, the first refers to be being host, the 2nd refers to be being migrated to a guest
<a_ok> Is it safe to remove all dead symlinks in Ubuntu?
<jiboumans> a_ok: that's tough to say without knowing the underlying software. it *should* be, but hard to guarantee. where are the symlinks coming from?
<uvirtbot> New bug: #496922 in net-snmp (main) "Ubuntu snmpd package doesn't include all net-snmpd modules" [Undecided,New] https://launchpad.net/bugs/496922
<a_ok> I know symlinks are sometimes made in advance or misused for some other purpose than intended
<a_ok> jiboumans: I just searched for all the symlinks on the system, I can however make a list of symlinks that i find suspicous
<jiboumans> a_ok: if you're not sure where they are coming from or you haven't made them yourself, i'd be very hesitant to delete things
<a_ok> files like /usr/share/locale/??/LC_TIME/coreutils.mo
<jiboumans> a_ok: they are likely part of a package. do 'dpks -S' on one of those files
<a_ok> jiboumans: that is really annoying I wanted to automate the process. I know all dead symlinks that we make can be delleted
<jiboumans> a_ok: you may want to limit it to certain paths then; /usr/local/ is meant for non-managed things usually
<a_ok> yeah this was in /usr/share/locale
<a_ok> udev makes by far the largest amount of dead links
<a_ok> jiboumans: generally I hate dead symlinks and want to get rid of them but if they mess up my system that is worse of course. We customized this server a great deal most crap is comming from Ubuntu's default setup though
<soren> People who come into support channels and call the subject matter "crap" or whatever never cease to amaze me.
<soren> a_ok: *Noone* in here is obligated to help you. If you want help, it's a good idea to be tactful. Calling something people have spent (and are spending) a /lot/ of time working on "crap" is not going to get you very far.
<qman__> I can't forsee broken symlinks serving any purpose, but that's just my personal perspective
<qman__> I wouldn't mess with them a production server
<a_ok> soren: I did not mean it like that at all, crap in the sence of litter as in dead symlinks unneaded files you know crap
<qman__> I'd build a fresh install to play with
<soren> a_ok: regardless.
<a_ok> soren: I have high respect and regards towards ubuntu and her packages please dont get me wrong
<qman__> *I wouldn't mess with them _ON_ a production server
<qman__> brain no worky
<a_ok> qman__: I know wine uses symlinks that only make sence to wine but are broken to linux
<a_ok> qman__: I have found out that the udev stuff is not needed and crap from a previous version (pre 104)
<a_ok> the coreutils.mo I don't know
<jiboumans> a_ok: what did dpkg -S say?
<a_ok> jiboumans: its from coreutils
<a_ok> coreutils: /usr/share/locale/af/LC_TIME/coreutils.mo
<jiboumans> so throwing it away will cause the package to be incomplete
<a_ok> jiboumans: ah i see
<jiboumans> a_ok: it seems to me that you have 2 sets of symlinks (regardless if they're useful or not): those added by packages and those added by some running code/users/etc
<jiboumans> dpkg -S should at least least let you distinguish that. if they're symlink from ubuntu packages that look unneeded, a low prio bug report may be in order against them
<a_ok> jiboumans: all right will do that thanks again I think I can work something out now
<jiboumans> a_ok: no problem at all. good luck
<a_ok> soren: is crap a bad word to use in general btw? I use it a lot (as you can see from my sentence I also called our own stuff crap)
<lau> jiboumans: thx, great link, I egrep '^flags.*(vmx|svm)' /proc/cpuinfo
<lau> but got no returns does this mean the hardware is not VT able ?
<jiboumans> lau: that's what the FAQ seems to suggest; you can't run kvm on it to serve as a host
<lau> jiboumans: i am trying to check the cpu manufacturer but ? Intel(R) Pentium(R) D CPU 3.00GHz
<jiboumans> lau: looks like you have an intel cpu ;)
<soren> a_ok: I personally don't enjoy seeing it used to refer to something I spend a lot of time working on.
<lau> http://www.intel.com/support/motherboards/server/sb/CS-021288.htm
<a_ok> soren: yeah I don't like that either unless what I produced is utter crap (well still might not like it but will see the point)
<soren> lau: There's probably 50 different kinds of "Intel(R) Pentium(R) D CPU 3.00GHz".
<zul> morning
<a_ok> lau: yes it mains that your cpu is not VT able unless something in the bios is turned off
<a_ok> means*
<a_ok> lau: if you are onling running guests and you want performance id suggest you take a look at openvz
<jiboumans> morning zul
<a_ok> erm i ment only there
<zul> hey jiboumans
<lau> hi a_ok thx, I would like to test kvm on that specific server (I already use linux-vservers)
<lau> I am trying to identify the spec page of my CPU at intel website but can't
<soren> lau: Can you put the full /proc/cpuinfo on pastebin?
<a_ok> lau: well unless there is a specific option in your bios to enable intel-VT the kvm-module won't load
<lau> http://processorfinder.intel.com/details.aspx?sSpec=SL88S ?
<a_ok> lau: you can run the the modified qemu though it will run much slower though at it lacks hardware acceleration
<a_ok> lau: I think that one does not have VT
<lau> http://pastebin.com/m1f53a496
<soren> I can't believe they left out the type identifier from the CPUID string.
 * soren wonders what they're smoking over at Intel's.
<a_ok2> soren: bet its crap...
<soren> I bet you're right.
<a_ok2> lau: again I don't see any vmx in there so nojoy
<lau> soren: may you please copy/paste the CPUID string you are referencing please ?
<smoser> hello all.
<jiboumans> morning smoser
<soren> smoser: o/
<jiboumans> zul: please let us know what the result of the autofs investigation is in the blueprint :)
<zul> jiboumans: good point
<jiboumans> zul: if you need feedback from mathias on server-lucid-improve-testcases, perhaps putting a feedback request in the blueprint is the easiest way to get his attention
<zul> jiboumans: ok will do
<nealmcb> hasn't looked like a good day for freenode....
<Doonz> hey guys is it possible to roll beck my server from 9.10 to 9.04?
<nealmcb> Doonz: I don't think there is an automated process for that.  What's not working for you?
<Italian_Plumber1> doonz: the short answer is "no". :(
<nealmcb> jiboumans: Howdy and welcome!
<Doonz> vmware :(
<TeTeT> kirkland: you know if live instance migration will eventually become available in UEC?
<kirkland> TeTeT: it is not a target for 10.04
<kirkland> TeTeT: though the building blocks (kvm, libvirt) should work by then
<jiboumans> nealmcb: thanks for the warm welcome :)
<TeTeT> kirkland: thanks, other question: how to make the cluster controller HA? any recommendations?
<nealmcb> jiboumans: glad to have you on board.  What time zones do you frequent?
<jiboumans> nealmcb: i tend to hop on airplanes, but mostly CET
<kirkland> TeTeT: I don't about that one, at this point
<nealmcb> jiboumans: still in the PoznaÅ Area?
<TeTeT> kirkland: I get this asked in about every class, how critical the CLC and CC are and how to make them redundant, so it might be to late for 10.04, but should be considered sometime in the future
<kirkland> TeTeT: yeah, please file a Wishlist bug on that
<kirkland> TeTeT: the Eucalyptus guys might have some suggestions
<TeTeT> kirkland: ok, thanks
<TeTeT> kirkland: a bug or rather a question?
<TeTeT> kirkland: filed as bug 497087, can be converted to a question if need be
<uvirtbot> Launchpad bug 497087 in eucalyptus "Redundancy for cloud and cluster controller" [Wishlist,New] https://launchpad.net/bugs/497087
<SJr|nx> I install Ubuntu Server on an Intel Xeon Based Mac, directly, and the system doesn't boot. I looked around and it turns out I need reFit installed, but it's a Mac OS X image, and I wiped Mac OS X
<jiboumans> damn all these netsplits
<zul> gah
<marks256> how would i go about making my own DDNS server? Something similar to Dyndns
<Doonz> http://pastebin.com/d4d1758b0 <-- anyone know what that error is when i try to make libtorrent-0.12.2
<ruben23> hi, how do set some application to automatically
<ruben23> start
<ruben23> on reboot of ubuntu server
<ruben23> anyone have idea...?
<ruben23> hi
<msantos> ruben23, create a script to start your application in /etc/init.d or add it's path to /etc/rc.local (make sure it runs in the background)
<Italian_Plumber1> anybody here run SugarCRM?
<Italian_Plumber1> I have an installation of SugarCRM that's very slow.  Granted it's on an older box (Pentium III 450 / 256MB RAM), but the box is otherwise quite capable in most server type applications.
<Italian_Plumber1> wondering if there's any tweaking I can do to get it to move a little faster.
<Italian_Plumber1> pages take 8-10 seconds to load.
<Italian_Plumber1> the installation's going to used by only one person, so it's not going to see a lot of load.
<X-M4-X> hello anyone here
<uvirtbot> New bug: #497149 in lirc (universe) "Packages using DKMS should make use of /usr/lib/dkms/common.postinst" [Undecided,Fix released] https://launchpad.net/bugs/497149
<X-M4-X> well i need to know why im getting temporary errors with us.archive.com when i type apt-get install update or anything with that command
<bogeyd6> Italian_Plumber have you solved the sugarcrm slownedd?
<Italian_Plumber> no I just came back I had to log off... did someone say something?
<bogeyd6> i was thinking when i got back on and checked the scroll about the server specs and ram you mentioned
<bogeyd6> you need to check a top in the cli while accessing the pages and see if your CPU is hitting 100%
<Italian_Plumber> oh yes it sure is
<bogeyd6> using mysql or flat files?
<X-M4-X> so is there anyone here having "Temporary failure"'s with security.ubuntu.com and us.archive.ubuntu.com
<Italian_Plumber> mysql...
<Italian_Plumber> actually it seems to be a little better now -- maybe 50% when a page is loading
<bogeyd6> its only temporary
<bogeyd6> Italian_Plumber what does the out of "free" show?
<Mike_lifeguard> I'm trying to get my router to send logs to syslog on my server - how can I get those lines into their own file (ie log router stuff to /var/log/router.log)?
<Italian_Plumber> http://pastebin.com/m768083e
<Mike_lifeguard> huh, it seems nothing is being logged anyways, so maybe that should be fixed first :\
<bogeyd6> well you arent going into SWAP so that is a good sign
<bogeyd6> Mike_lifeguard using syslog-ng ?
<Italian_Plumber> yeah well this box isn't doing anything else.
<Mike_lifeguard> bogeyd6: rsyslogd
<Doonz> Hey is anyone using the new vmware server 2.02 on 9.10?
<bogeyd6> the only thing i can say is cpu is everything in a php/mysql/apache thing you got going there, so check out http://www.sugarcrm.com/wiki/index.php?title=Performance_Tweaks_for_Large_Systems and pray they work for small systems that might as well be large systems
<Italian_Plumber> doonz: I stuck with 1.07 ...
<bogeyd6> Mike_lifeguard i only know how to use syslog-ng
<Doonz> man i have nothing but greif
<Italian_Plumber> Thing is, I have a custom-written PHP/mysql/apache application that I develop on there... and it's just fine.
<Italian_Plumber> I'll check that page, though, thans
<Doonz> i just wanted to have it installed so i could mess qround on different linux distros so i wasnt constantly redoing my main server
<Doonz> but now i dont know howto remove vmware server cleanly
<Doonz> so now im going to have to reformat im guessing
<bogeyd6> doonz using the vmware .deb package?
<Doonz> there isnt one
<bogeyd6> Doonz vmware-uninstall.pl
<bogeyd6> i forgetted
<bogeyd6> sudo vmware-uninstall.pl
<Doonz> man i cant even get it to stop
<Doonz> this is awesome
<Doonz> ffs
<bogeyd6> wait wait
<bogeyd6> stop panicking
<Doonz> day 5
<bogeyd6> just run /etc/init.d/vmware stop
<bogeyd6> it will complain about machines running
<bogeyd6> rite?
<Doonz> past the point of panicking now just pissed off
<Doonz> bogeyd6: yes
<X-M4-X> Guess ill just work on the mail server.
<bogeyd6> ok then
<Doonz> let me pastebin
<bogeyd6> so login to the interface and kill the machines hard
<bogeyd6> *press stop power button several times until machine stops*
<Doonz> bogeyd6: cant log into the web thingy
<Doonz> i used to could
<Doonz> now it doesnt work
<Doonz> :(
<Doonz> http://pastebin.com/daca4a35
<bogeyd6> update-rc.d -f vmware remove
<bogeyd6> restart machine
<bogeyd6> then run the uninstall
<Doonz> ok
<bogeyd6> i keep forgetted sudo!!
<Doonz> let me reboot
<Doonz> back
<Doonz> what was the uninstall command?
<bogeyd6> sudo vmware-uninstall.pl
<Doonz> k that seems to have worked
<bogeyd6> yay
<bogeyd6> now more bawwing about having to reformat!
<Doonz> any recommendations for a virtual machine server?
<bogeyd6> vmware server 2 :P
<Doonz> *sigh*
<bogeyd6> it really is the best
<bogeyd6> what was your specific issue?
<Doonz> the web management tool would screw up
<Doonz> and i couldnt do anything
<bogeyd6> i would have tried to fix it before i ditched it
<Doonz> im getting awesome at installing it
<Doonz> you want to help me sort the problem out?
<bogeyd6> !xen
<ubottu> XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<bogeyd6> thats the supported one
<uvirtbot> New bug: #492891 in mailman (main) "poff" [Undecided,New] https://launchpad.net/bugs/492891
<Mike_lifeguard> Is there a mailing list for server stuff? (as opposed to ubuntu-users)
<bogeyd6> Mike_lifeguard http://lmgtfy.com/?q=ubuntu+server+mailing+list
<Doonz> uh the guide for xen wasnt written for my distro
<Doonz> id rather use vmware
<Doonz> bogeyd6: can you try to help me fix whats broken?
<bogeyd6> which server version are you using, first?
<Doonz> 9.10 64bit
<bogeyd6> argh
<bogeyd6> no wonder you are having issues
<bogeyd6> !lts
<ubottu> LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server. The current LTS version of Ubuntu is !Hardy (Hardy Heron 8.04).  The next LTS release is scheduled to be !Lucid (Lucid Lynx 10.04)
<Doonz> :(
<bogeyd6> !hardy @ doonz
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<bogeyd6> !hardy | doonz
<ubottu> doonz: Ubuntu 8.04-LTS (Hardy Heron) was the eighth release of Ubuntu. Downloading: http://releases.ubuntu.com/8.04 - See !lts for more details.
<Doonz> so i shoulda installed 8.04
<bogeyd6> yes
<Doonz> so now i should reformat
<bogeyd6> no
<X-M4-X> i want to uninstall mysql anyone know the code?
<bogeyd6> did you put /home/ on a separate partition?
<bogeyd6> X-M4-X apt-get remove mysql
<X-M4-X> Thank you
<Mike_lifeguard> sudo apt-get remove mysql-server
<bogeyd6> Doonz did you put /home/ on its own partition?
<Doonz> bogeyd6: no. my home directory resides on the main partition
<bogeyd6> !#$!@
<Doonz> i have a raid card with 2xs raid 5 arrays that are binded to directories within my home directory
<bogeyd6> ok well rule #1 is always set away your /home/ and your /var partitions so if you need to change or reinstall you dont lose that stuff
<Doonz> i could lose home and not cry
<Doonz> same with var
<Doonz> but i have no monitor or keyboard hooked up to this server so installing was a pita
<bogeyd6> well if you are comfortable with all that you need to go to LTS for the server
<Doonz> bogeyd6: is there a way to do it through my current shell?
<bogeyd6> dunno, but i do recall suse has a VNC setup so I would assume ubuntu does to
<Doonz> dont have a gui installed on this thing
<uvirtbot> New bug: #497171 in ec2-api-tools (multiverse) "update ec2-api-tools to api version 2009-11-30 (1.3-46266)" [Medium,Confirmed] https://launchpad.net/bugs/497171
<bogeyd6> Doonz i dont know how to downgrade from the cli
<uvirtbot> New bug: #439366 in euca2ools "euca-describe-images does not show kernel and ramdisk for an image" [Medium,Confirmed] https://launchpad.net/bugs/439366
<uvirtbot> New bug: #494822 in mysql-dfsg-5.0 (universe) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/494822
<smoser> good night all
<X-M4-X> ok this mysql is pissing me off
<Doonz> is there a way to downgrade through the cli from 9.10 to 8.04?
<ScottK> Doonz: No.
<Doonz> really
<ScottK> Or rather not one that's not way harder than reinstalling.
<Doonz> there one Im a idiot patch availible?
<X-M4-X> lol i wish there was for mysql, i configured and configured yet it just wont work
<bogeyd6> X-M4-X what exactly is the problem
<bogeyd6> Doonz you could try the XEN route
<bogeyd6> !xen | Doonz
<ubottu> Doonz: XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<Doonz> yeah maybe i should just reinstall and get onto a lts supported system
<Doonz> :/
<X-M4-X> Alright i have installed mysql-server and configured(i think) the root password.  installed phpmyadmin , i have everything configured i type mysql into the terminal and get "Error: access denied for root@localhost using password = 'NO'
<soren> bogeyd6: What's difference is that going to make?
<bogeyd6> !qemu | doonz
<ubottu> doonz: qemu is an emulator you can use to run another operating system - see https://help.ubuntu.com/community/WindowsXPUnderQemuHowTo
<soren> X-M4-X: Sure. You're not using a password.
<soren> X-M4-X: "mysql -u root -p"
<bogeyd6> X-M4-X you need to set the -p option
<ScottK> Doonz: Or wait 4 months and upgrade to one.
<Doonz> hm
<bogeyd6> soren i was helping him fix his vmware server 2 problem, and the only way he is gonna get it working right is to switch to LTS and install it. So he is looking for a downgrade option, which there isnt, or another vm server
<X-M4-X> When i do the -p option and enter the password it gives me error just no is yes, even when i hit enter it says error again
<soren> X-M4-X: Wrong password, then.
<X-M4-X> where the heck is the config file with the password than because ive tried every password i have ever used
<X-M4-X> i bet i have not even set one that would be funny
<bogeyd6> X-M4-X did you ever run mysql_secure_installation
<X-M4-X> ok i think we hit some light here
<X-M4-X> i run - errors all up and down
<bogeyd6> X-M4-X you are too all over the map, slow the sh*t down and go step by step with us
<X-M4-X> ok i ran it got errors untill i finally got the root password from my xampp installation (old one)
<Skaag> Is there a graphical tool for managing KVM Instances?
<bogeyd6> virt-manager
<X-M4-X> ok ill be right back going to take my meds so im not all over the place
<Skaag> thanks
<SockPants> hi all
<bogeyd6> hi
<SockPants> is there a utility/command to get an overview of system specs?
<bogeyd6> sudo lshw
<X-M4-X> Woah!
<bogeyd6> lshw can be pretty b a
<SockPants> bogeyd6: nice, thanks
<X-M4-X> My problem was i forgot the password i set last month
<uvirtbot> New bug: #496676 in libvirt (main) "libvirtd does not call qemu-kvm with "-enable-kvm" flag for hardware virtualization" [Undecided,New] https://launchpad.net/bugs/496676
<kirkland> kees: i need to add /usr/sbin/ietadm (iscsi target) to /etc/eucalyptus/wrappers.conf ... do I need any sort of "approval" from you to do so?
<kees> kirkland: nah.  just follow conventions and try to make sure it's limited in scope.
<kirkland> kees: okay
<kees> i.e. it's not possible to make ietadm overwrite random files, etc.
<kirkland> kees: k
<X-M4-X> what command gets remote files NOT stored as a package?
<Doonz> Hey how can i just download the *.iso file from ubuntu
<Doonz> need to do it through wget
<jcastro> http://releases.ubuntu.com/9.10/ubuntu-9.10-server-amd64.iso
<jcastro> of whatever?
<jcastro> Doonz: ^^
<Doonz> ok
<Doonz> nope dunt work
<Doonz> got it
<Doonz> http://releases.ubuntu.com/hardy/ubuntu-8.04.3-server-amd64.iso
<ding__> any word on FCoE support?
<X-M4-X> anyone know of a good free hosting control panel - so i can finish this crap
<poningru> cpanel?
<X-M4-X> i said free
<arctic_import> Okay all I'm having a heck of a time getting any of my Ubuntu 9.10 server to use LDAP for nss.  Is it broken?  Can someone point me to a doc.  All my other non-ubuntu machines work fine.
<resno> whats the best way to backup a server? raid, etc?
<alex88> resno: raid and also external and offline backup
<resno> this will be a house server. is raid the most cost effective method?
<sub> RAID is more about fault tolerance and less about backup/disaster recovery
<alex88> yeah, but it protects from hard disk failure, not virus etc
<sub> it's a good thing to have, however
<sub> for a home server? i wouldn't get a fancy RAID card or anything but software RAID, maybe
<sub> hard drives are relatively low-cost these days
<alex88> yes, a simple raid that now can be done by almost all motherboards will be fine
<resno> This is sorta weird question. The internet connection is in an island type place, can server connect wirelessly?
<alex88> sure...why not?
<alex88> you have to make it connecting or as ap?
#ubuntu-server 2009-12-16
<resno> never tried making something connect that way before.
<resno> my terminal knowledge is murky on that
<alex88> wep or wpa?
<resno> wpa
<alex88> static or dhcp address?
<alex88> resno: http://pastebin.com/m4dec0024
<resno> wow, thanks!
<alex88> np...=)
<resno> didnt expect that
<alex88> uh..forgot to translate: Mettere un IP coerente con la vostra rete -> Insert an ip fitting your needs..=)
<resno> what language is that?
<alex88> italian
<arctic_import> is libnss-ldap broken in 9.10?  I've installed and configured, when I run a getent passwd I don't see the machine even attempting to make an ldap connection to get the information.  What could I be doing wrong?
<alex88> lol..i don't think they distribute unstable or broken packages, btw never used ldap or 9.10...
<alex88> (9.10 cause of my fucking vps hosting company...) -.-
<alex88> btw, going to bed...1:13 am here...cya tomorrow guys..
<arctic_import> well I'm telling you it doesn't work.  All my other Linux machines have no problems, yet the Ubuntu 9.10 machines can't do jack.
<alex88[sleep]> arctic_import: i've said i don't think..=) not it's impossible...good luck so..
<pting> i've got a bunch of servers load balancing a website... is there a tool to consolidate log files from these various machines into one file/location? i was planning on rsyncing the files to an nfs share
<sub> pting: rsyslog and various other remote syslogging packages
<sub> there's also splunk
<pting> sub, thx, i'll check them out
<pting> when running rsync as a daemon, does it sync up the files realtime?
<X-M4-X> anyone have experience in net2ftp & ehcp?
<pting> nvm... i'll just stick with non-daemon rsync cronjobs
<uvirtbot> New bug: #497087 in eucalyptus "Redundancy for cloud and cluster controller" [Wishlist,Confirmed] https://launchpad.net/bugs/497087
<ChrisRut> Is BIND necessary if your domain registrar provides Full DNS control? Can't I just create A records on my Registrar and point them to the correct IP and call it aday?
<ScottK> ChrisRut: Yes.
<ChrisRut> ScottK: thanks
<ChrisRut> BTW, how much resources does BIND use?
 * ChrisRut woundering if this will help save some load on my VPS (webserver)
<fbdystang> Hey how can I find network manager for pptp after install? It is not in menus?
<ScottK> ChrisRut: It depends a lot on the query load.  DNS tends to be more I/O bound than CPU bound.
<ChrisRut> fbdystang: try installing network-manager-pptp
<ChrisRut> fbdystang: sudo apt-get install network-manager-pptp
<fbdystang> ChrisRut: I did, but now i can't find the program to execute it
<ChrisRut> ScottK: k, Thanks... Also what else does BIND do?  Will I need to setup my MX records in my registrar aswell?
<ScottK> ChrisRut: Yes.  Any DNS records you publish.  You'll also need to make sure your registrar points to their DNS servers as authoritative for your domain
<ChrisRut> fbdystang: https://wiki.ubuntu.com/VPN
<ChrisRut> ScottK: hmm, beginning to think this might be more trouble then it's worth.
<ScottK> That's generally my view about bind.
<ChrisRut> fbdystang: have you looked in network-manager for this?  I am not sure, I've never used pptp
<ChrisRut> ScottK: your view being? BIND=good or bad
<ScottK> bind is good, but complicated.
<ScottK> Generally, I suggest leaving running DNS to DNS experts.
<twb> Hear, hear
<ScottK> Your registrar may or may not qualify
<ChrisRut> GoDaddy
<fbdystang> ChrisRut: It says that network manager is in the system tray, However i cannot find it. What does it look like? all my icons are accounted for
<twb> There are two kinds of DNS, too -- publishing your domains' records, and caching everyone else's records.
<twb> For the latter, dnsmasq is super nice.
<ChrisRut> fbdystang: System>Preferances>Network Connections
<ChrisRut> twb: but strictly for a webserver (ubuntu-server) why would I need to cache everyone elses?
<ChrisRut> no outbound connections really
<fbdystang> ChrisRut: ok I found it, I see a vpn tab, but nothing on pptp
<cjwatson> webserver logging can actually do quite a lot of reverse dns lookups
<cjwatson> so sometimes caching of that is required
<cjwatson> or useful anyway
<twb> ChrisRut: right; the latter only applies when you run a local network.
<cjwatson> really high-performance web serving generally turns off reverse dns lookups in the logs, but that's a bit annoying for normal production use
<twb> ChrisRut: sorry, I wasn't paying much attention.
<ChrisRut> fbdystang: try this:
<ChrisRut> http://bit.ly/5RRFXU
<ChrisRut> cjwatson: didn't think of that... true, thx
<twb> cjwatson: if you're only caching for one host, nscd or whatever should handle it
<cjwatson> sure, I didn't specify a caching *method* :)
<cjwatson> ChrisRut just asked why caching would be useful
<twb> OK
<fbdystang> ChrisRut: thanks, however i have already tried that one, to no avail :( I would think there would be a simple pptp gui to connect
<ChrisRut> fbdystang: did you make sure to install 'network-manager-vpnc network-manager-openvpn
<ChrisRut> I could be wrong, but i believe those packages add the ability to use VPN (therefore are required to use PPTP)
<fbdystang> Yea, thats what I would think too. But they are both installed
<fbdystang> is there a command line way to connect?
<ChrisRut> fbdystang: how bout this one: http://bit.ly/6tvTkC
<fbdystang> hmm, thats new lemme check
<ChrisRut> fbdystang: also give this a shot if that one doesn't work out: http://bit.ly/7rWItY
<fbdystang> OK, my network manager now has an icon in panel. I have created the vpn, but don't know how to connect it. it says last used is "never" wish there was a connect button!
<fbdystang> ChrisRut: will that second one work in karmic?
<ChrisRut> 1sec..
<ChrisRut> did you sudo /etc/init.d/networking restart
<ChrisRut> after you setup the vpn
<ChrisRut> go into terminal and issue 'sudo /etc/init.d/networking restart'
<ChrisRut> It's probably going to kick you off irc thou
<fbdystang> I did sudo service network-manager restart, which it said is a more prefered one
<ChrisRut> ok
<fbdystang> didn't kick me off though
<ChrisRut> fbdystang: can you click on the network manager applet (top right) and then select your vpn connection that you just setup
<fbdystang> yes
<ChrisRut> did that work?
<fbdystang> but i don't know how to connect it
<fbdystang> double clicking just brings up th edit window, which is where i set up the vpn
<fbdystang> How does it work in yours? does it just automatically connect or do you manually hit connect somewhere?
<ChrisRut> not using vpn
<ChrisRut> so I couldn't tell ya
<ChrisRut> sorry, but I am stumped
<fbdystang> hmm
<fbdystang> in the second one it says to add my self to group 'dip' how do i do that on command line?
<cjwatson> sudo adduser $USER dip
<fbdystang> k thanks
<kirkland> cjwatson: i'm getting a lintian error on eucalyptus-sc.templates: E: eucalyptus-sc: no-debconf-config
<kirkland> cjwatson: can you confirm that this is okay?
<kirkland> http://lintian.debian.org/tags/no-debconf-config.html
<kirkland> cjwatson: says that it's sometimes okay, sometimes an error
<cjwatson> kirkland: it's fine, there's no db_input
<kirkland> cjwatson: k, thanks; i'll add an override
<fbdystang> How do I know if the vpn connection worked?
<ChrisRut> fbdystang: try pinging one of the boxes on your VPN
<ChrisRut> gotta run, thanks for the help cjwatson, twb & ScottK
<aquarius> I have a jaunty server; "sudo do-release-upgrade" says "After your package information was updated the essential package 'ubuntu-minimal' can not be found anymore." There are LP bugs about this, but they suggest it's been fixed. What can I do to diagnose?
<Jeeves_> Mogge
<_ruben> Mornin' Jeeves_
<jiboumans> morning folks
<_ruben> bleh .. snort's an odd beast when you start playing with it
<Jeeves_> :)
<dpreacher> Has any configured "dead peer detection" for their IPSec VPN on ubuntu server? I need to know if it is possible with racoon or do I have to use another package
<_ruben> never used racoon (well, i did for a very brief period and hated it) .. openswan does have support for dpd
<dpreacher> _ruben when a package like openswan has dpd support, on being able to detect the dead peer is it possible to switchover to a secondary remote peer? What other corrective action can be taken. Thank you for your reply
<_ruben> dpreacher: most common actions are "try to bring up tunnel again" and "put things on hold till its available again" .. openswan doesnt have high availability (switchover) builtin
<dpreacher> _ruben, can openswan call any other program to do switchover externally...like run a command
<_ruben> dpreacher: there's updown scripts, but im not sure if those get called during dpd as well
<_ruben> gotta go .. meeting
<dpreacher> seeya
<dpreacher> thanks
<benedikt> are there any cases where "uptime" will report 2 users when there is only one logged in?
<JanC> 2 different users or 2x the same user?
<JanC> (use 'users' to check that)
<benedikt> http://pastebin.com/m1e3868f8
<benedikt> http://pastebin.com/m30c28257 <- updated with 'users'
<JanC> well, looks like only one user was logged in the second time
<JanC> anyway, "2 users" can mean "2x the same user"
<JanC> e.g. on my desktop I currently 3x my user logged in, and every terminal you start (e.g. in screen) adds another login
<benedikt> JanC: no. the user "benedikt" is logged in once.
<zul_> morning
<jiboumans> kirkland, alive and kicking already?
<kirkland> jiboumans: about to go for a run
<jiboumans> kirkland: ok, catch you after
<kirkland> jiboumans: trying to make it back in time for the meeting
<jiboumans> morning zul
<adac> Since an upgrade to karmic, ssh login to my server is quite slow. Any ideas?
<zul_> mathiaz: so what do I need for the scribe stuff?
<ttx> kirkland: also it was supposed to require woodstox, but apparently doesn't need it... I guess that change hasn't landed yet in their code.
<jiboumans> all hail netsplits
<benedikt> adac: does the login go as fast as usual (/etc/motd shows up etc, etc) but bash takes a second to load?
<adac> benedikt, the moment I enter the ssh password in the console it takes up to 10 seconds until the "remote" bash appears
<benedikt> 'uptime' is showing one user too many on my system ( http://pastebin.com/m30c28257 ) . What can cause this?
<adac> benedikt, On jaunty it was there immediately
<benedikt> adac: and th motd
<benedikt> ?
<adac> benedikt, what is that?
<benedikt> adac: cat /etc/motd
<adac> oh I see. Yes it takes 10 seconds until motd appears on login
<benedikt> ah. then its not the same that started to happen to me.
<_ruben> slow logins often tend to be dns related
<benedikt> also, my issue about one login too many is resolved. i didnt realize that screen of course took up a tty and is in /var/run/utmp .
<mathiaz> zul: https://wiki.ubuntu.com/ServerTeam/KnowledgeBase
<mathiaz> zul: outlines what to do as a scribe -basically write up the minutes
<zul> mathiaz: k thanks
<smoser> in mail to mathiaz i suggested yaml as markup language, but python-yaml not in main. so thats a big strike against that.
<mathiaz> smoser: well - we may have to move to main anyway
<mathiaz> smoser: yaml is getting more and more popular
<mathiaz> smoser: I had a look at it this morning
<smoser> oh? in that case i'd consider, but the niceness of the built into python is nice. (ie, python-configobj)
<zul> python-config is already in main as well
<ScottK> smoser: python-yaml will probably come into Main due to a spec of mine.  Also I'm the Debian maintainer for it, so I think it'll be easy to get into Main
<smoser> i really dont like the shortcoming of "some things can't be represented as keys" in python-configobj
<smoser> http://www.voidspace.org.uk/python/configobj.html#the-config-file-format
<smoser> There is no way of safely quoting values that contain both types of triple quotes.
<smoser> but maybe thats just worrying too much
<mathiaz> smoser: I think we should just try one
<mathiaz> smoser: once we have more experience we can add more syntaxes if needed
<smoser> agreed.
<smoser> did my mail to you make sense mathiaz ?
<mathiaz> smoser: yes
<mathiaz> smoser: I'll start by providing sample user-data script
<mathiaz> smoser: to see how things would work with the syntax (which ever syntax we choose)
<cr3> kirkland: hey dude, someone on the condor-users mailing list is asking about running condor on a eucalyptus cloud. thought you might like to know
<mathiaz> smoser: once we have the syntax and samples, we'll have tests as well and can then start implementing it
<smoser> mathiaz, thats fine.
<kirkland> cr3: cool
<oru_work> anyone familiar with vsftpd? Wed Dec 16 09:51:27 2009 [pid 9660] [jpipublic] FAIL LOGIN: Client "75.127.142.196"
<oru_work> same error on both the client and server log side
<smoser> soren, ping. could you sponsor bug 494185 to karmic-proposed?
<uvirtbot> Launchpad bug 494185 in ec2-init "ec2-init selects us-east-1 mirror when running in us-west-1 region" [High,In progress] https://launchpad.net/bugs/494185
<zul> smoser: i think its eod for soren as well
<zul> so I could do that if you want
<smoser> well, then, do you want to do it? i was just hoping to spread the wealth
<zul> sure
<zul> dont you mean spread the pain ;)
<zul> smoser: i have upload the ec2-init SRU i had to modify the debian changelog for it to be proper for an SRU
<smoser> what did you have to change?
<smoser> zul,
<zul> i attached to the debdiff to the bug
<`jpg> Hey guys, is it possible to install 9.10 on a machine without internet access?
<smoser> zul, so sru you're not supposed to increase ubuntu portion of the package version, but rather add '.X'?
<smoser> ie, you did: 0ubuntu7.1 rather than 0ubuntu8
<mathiaz> smoser: https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update%20the%20packaging
<mathiaz> smoser: ^^ has a table with expected version number for security updates
<mathiaz> smoser: SRU follow the same rules
<smoser> thanks mathiaz.
<zul> smoser,: sorrect
<zul> mathiaz: about the smart SRU it was done but it got rejected because there was no lp bug number in the changelog. I just re-uploaded it with the correct lp bug number
<mathiaz> zul: ok - can you keep an eye on it?
<zul> mathiaz: will do
<psyferre> hey folks.  I'm porting a lot of code from windows to ubuntu and have a decent amount of unc paths being used for file access.  In looking through the samba docs it looks like I'm going to have to create a mount point on my system for every other machine on the network i need to access... is that correct?  Or is there some way I can just hit the shares via unc path name?
<pea_brain> hi all, I am new to ubuntu UEC. I am trying to get elasticfox to manage the cluster. I am not able to add my cluster as a region in UEC. when i try accessing the URL "http://my_cluster_ip:8773/services/Eucalyptus" directly, it shows "Failure: 500 Internal Server Error". i tried elasticfox on both firefox 3.5 and then on 3.0, but to no avail. can anyone please help..
<pea_brain> hi all, I am new to ubuntu UEC. I am trying to get elasticfox to manage the cluster. I am not able to add my cluster as a region in _elasticfox_. when i try accessing the URL "http://my_cluster_ip:8773/services/Eucalyptus" directly, it shows "Failure: 500 Internal Server Error". i tried elasticfox on both firefox 3.5 and then on 3.0, but to no avail. can anyone please help..
<hiatus> Is ubuntu server a decent server or should I go with something more along the lines of centos
<pea_brain> hiatus: ubuntu server ( LTS ) has 5 yrs support and centos has 7 yrs. besides, ubuntu has a lot of packages pacakged for it ( like 28000) while centos has about 3500 . just a couple of ideas from my side.
<pea_brain> Linux is Linux, whichever way you may wanna use it.
<hiatus> hmmm, thanks pea, good points
<pea_brain> hiatus: one thing to note though, not all the packages i mentioned as supported on ubuntu have the same support commitments from the developers.
<hiatus> how do you mean?
<pea_brain> there is a section called "main", which is fully supported. Others like "universe" and "multiverse" are not supported with the same level of commitment. http://www.ubuntu.com/community/ubuntustory/components
<TeTeT_> kirkland: is there any WSDL specification for Eucalyptus?
<kirkland> TeTeT_: i don't think i know enough about WSDL to answer that question
<TeTeT_> kirkland: who could know about that, ttx maybe?
<kirkland> TeTeT_: yeah
<kirkland> TeTeT_: or ask in #eucalyptus
<kirkland> TeTeT_: between network splits
<TeTeT_> kirkland: I haven't thought of #eucalyptus :)
<mathiaz> smoser: hi
<smoser> hey
<mathiaz> smoser: can I use the UEC images directly with kvm/libvirt?
<smoser> sort of.
<smoser> its a goal to answer 'yes, and heres how'
<mathiaz> smoser: ok - but we're not there yet
<smoser> you can do it, but ec2 init is dependent upon the metadata service
<smoser> so you either have to
<smoser> a.) give a fake metadata service
<smoser> b.) disable ec2-init
<smoser> c.) wait 30+ minutes for ec2-init to time out
<smoser> https://wiki.ubuntu.com/UEC/Images/Testing is mostly still relevant i think
<smoser> the piece of info missing there is that you can append to the kernel 'ec2init=0' and that will disable ec2-init
<uvirtbot> New bug: #497495 in eucalyptus "euca-delete-bundle does not correctly parse dir path in some cases" [Low,Fix committed] https://launchpad.net/bugs/497495
<orudie_> can someone recommend an intranet solution ?
<unit3> errr... you'll have to be a *lot* more specific than that. ;)
<mm888> hi - trying to setup a LAMP server using Ubuntu server ... anybody had any problems using Ubuntu 9.1 server in fusion
<mm888> the server seems to be for AMD 64 bit
<unit3> you mean 9.10 right?
<unit3> and there should be a 32-bit server ISO download.
<unit3> 64 bit is the default, because generally there aren't any 32-bit only servers anymore. ;)
<mm888> yes 9.10
<mm888> trying to find 32bit
<mm888> just trying to test something at home u c
<mm888> was searching on the web site and came across this channel - so thought I'll ask
<mm888> but all the links takes me back to the 64bit d/l .... ummmm
<unit3> let me find you a link.
<mm888> thanks :-)
<unit3> http://www.ubuntu.com/getubuntu/download-server
<unit3> you see under the download button, it says "Alternative download options"?
<unit3> Click that, then you can select the 32 bit version.
<mm888> oh thanks - so stupid ... should of saw that
<unit3> no prob. :)
<unit3> also, if you go to one of the mirror sites directly, there'll be bittorrent download links as well, if that's faster for you.
<mm888> torrent no good for me as my ISP throttles those type of traffic
<mm888> but thanks for the suggestion
<unit3> yeah, some ISPs BT is way faster, some it's better to just use the local mirror. the options are there, anyway.
<mm888> :-)
<smoser> kirkland, have you found a way to get -curses to work with lucid ?
<Jeeves_> Has anyone arranged for ZFS in Linux allready? :)
<Jeeves_> (not using fuse)
<dunix> sorry to tell you, it won't happen until linux changes it's license, gpl gets reworded or new version, or zfs's license changes
<dunix> and none of those will be happening any time soon
<angeloalfa76>  c'Ã¨ qualche italiano collegato?
<kirkland> smoser: unfortunately not yet
<Anonymous2> yea ubuntu server room
<Anonymous2> my favorite of all
<epinky> :)
<Anonymous2> :)
<Anonymous2> i got 8.04 server running atm
<Anonymous2> epinky: you run server
<Anonymous2> anyone else her
<Anonymous2> here**
<khelvan> My headless server keeps shutting down - what can I do to figure out why it is shutting down on its own?
<Anonymous2> bad memory
<Anonymous2> is a possiblity
<Anonymous2> for me it is cause 1000+ memtest errors
<Anonymous2> but it runs just when i restart from time to time it doesn't start up again until i unplug it and plug it back in
<dunix> khelvan have you looked through the logs?
<Anonymous2> that's one way to find out
<Anonymous2> didn't think bout the logs
<khelvan> dunix - I am not familiar with where to find logs or what to look for. I am brand new to this.
<dunix> overheating is another common reason
<Anonymous2> and bad mem
<Anonymous2> you come a across bad address and bam down
<dunix> /var/log/messages is a good place to start
<dunix> or /var/log/syslog
<Anonymous2> well i shall revise that
<Anonymous2> bad addresses and sometimes bam
<khelvan> Here is the /var/log/messages - I don't see anything except a random restart, which I have no idea why it did: http://pastebin.com/m3f44bf33
<Anonymous2> do you have it setup to automatically restart
<Anonymous2> generally people set it to do this to avoid errors
<Anonymous2> much like with cisco routers
<khelvan> Here is the syslog, with another random restart - http://pastebin.com/d37f72e41
<khelvan> No, I never set it to do that, it has been running fine for a month, and now all of a sudden it is randomly restarting (and randomly shutting down, as in power off).
<Anonymous2> did you do a memtest
<Anonymous2> just to make sure
<Anonymous2> can never be to careful
<khelvan> I have not, no, how do I do that with a headless server?
<Anonymous2> well if you can restart the machine with a monitor attached you can press escape key when it says please wait 3 seconds at the grub boot loader menu
<Anonymous2> then boot to memtest
<Anonymous2> my server restarts from time to time but thats cause my mem is finished
<dunix> khelvan, is this hardware built to be a server?
<dunix> ie: a dell or hp server etc, or is it a desktop you are using as a server?
<khelvan> dunix - It is desktop components I put together to be a server.
<dunix> you may want to check your bios to see if there is any temp settings, usually with a problem like this, it's a heat issue
<dunix> and some bios' have settings for temp, even the desktop ones
<dunix> or you may just want to monitor the internal temp of your MoBo/Proc, if it allows for that
<khelvan> dunix - Are there any temperature monitors I can install and watch via ssh?
<dunix> lm-sensors
<dunix> but may or may not work, depending on your motherboard
<khelvan> Ok, it is already installed - how can I monitor it via SSH?
<dunix> Google+lm-sensors website would tell you if your stuff is supported
<Anonymous2> i was talking monitor like a crt or lcd
<Anonymous2> but ssh <SERVER IP>
<khelvan> Anonymous2 - I know, it isn't practicle for me to have a physical monitor on the machine at the moment. I am installing/monitoring/checking the logs via ssh at the moment.
<khelvan> (practical)
<Anonymous2> you can't monitor the memtest
<Anonymous2> you can with a computer monitor like lcd screen and keyboard
<Anonymous2> it's hard for me to explain
<khelvan> I realize that, it will have to be a bit before I can run that. I understand, I have run memtest before, which is why I asked how I can do it with a headless server.
<khelvan> The short answer is that I can't.
<dunix> khelvan, if everything is working properly i believe you can type 'sensors'
<khelvan> It needs a head.
<khelvan> dunix - Thanks, I got this output:  k8temp-pci-00c3 Adapter: PCI adapter Core0 Temp:  +33.0Â°C
<khelvan> Is there a way for me to tell if it was a system-initiated clean shutdown, or if it crashed due to heat/memory? I have some critical data on a RAID array, how can I insure that the file system is not going to be corrupted?
<dunix> well thats not anything to worry about, is there any way/reason this would spike? like for example a dog sitting behind it blocking the intake (which is what my dog does)
<dunix> if was a system, it would have said in the logs
<qman__> you can check on the RAID with /proc/mdstat
<qman__> it'll automatically rebuild if something is wrong
<qman__> as for how dangerous it is, that depends on what filesystem you use
<qman__> ext3 is generally fine with sudden failures
<qman__> might lose some data from writes occurring during the failure
<qman__> but otherwise, I've never lost anything else on ext3
<qman__> XFS is the opposite, I've had several catastrophic failures in crashes
<khelvan> dunix - No pets, the PC is sitting on a stone floor in about 69-70 F heat
<khelvan> Or temp, I should say
<khelvan> qman__, it is ext3
<dunix> then i'd say temp is ruled out
<khelvan> qman__, how do I check with /proc/mdstat?
<qman__> cat /proc/mdstat
<qman__> that's only if you're using mdadm/linux soft raid
<qman__> if you've got a hardware raid or a fakeraid that won't tell you anything
<khelvan> Err, I am using the RAID that I automatically set up during server install at the prompts, which I believe is linux soft raid
<qman__> yeah
<qman__> that's mdadm
<khelvan> qman__, output: md0 : active raid1 sdc1[0] sdd1[1]      488383936 blocks [2/2] [UU]
<qman__> that means it's fine and online
<qman__> it'll say rebuilding if it is, and it'll show one of the disks failing if it is
<khelvan> I guess I better get that backup solution up and running soon just to be sure.
<JanC> backups are always a good idea  âº
<qman__> this is what my file server looks like
<qman__> md0 : active raid6 sdh1[7](S) sda1[0] sdg1[6] sdf1[5] sde1[4] sdd1[3] sdc1[2] sdb1[1]      4883799680 blocks level 6, 64k chunk, algorithm 2 [7/7] [UUUUUUU]
<khelvan> JanC - Yeah, I agree, it has just been low priority for me with all sorts of other problems going on at the moment with other stuff.
<khelvan> qman__, What does the (S) refer to?
<qman__> spare
<qman__> previously, I had just raid 5
<qman__> and lost two disks within an hour
<qman__> suffered total data loss
<qman__> so, this time, raid 6 with a spare
<JanC> 2 disks from the same series?
<qman__> same model, bought at the same time
<qman__> ran for about two years
<JanC> it's quite common that they break around the same time then
<khelvan> Wow, aren't the odds of that astronomically high?
<qman__> then died, an hour apart
<JanC> qman__: I once heard somebody tell they lost 3 disks within 5 hours that way  ;)
<JanC> was an ISP's mailserver...
<qman__> ouch
<dunix> lol
<khelvan> So the moral of the story is buy two different types of disks?
<qman__> luckily my data wasn't that valuable
<qman__> the moral is, keep backups
<qman__> all disks die eventually
<dunix> what qman said.
<JanC> well, the problem with different disks is that they have different timings
<qman__> yeah, the array will perform better if you use the same disks
<sub> and different geometries as well, yeah?
<JanC> AFAIK "geometries" are all virtual these days
<qman__> this time around I've got it set up to email me on my phone if it detects a SMART error, so that shouldn't happen again
<dunix> unless of course you have a support contract, then you have to use identical drives
<JanC> qman__: that doesn't always work
<JanC> SMART can't predict all errors
<qman__> yeah
<qman__> mdadm is also set to email me on failure
<qman__> but SMART should pick it up first
<qman__> and raid 6 with the spare should buy me more time than an hour
<JanC> I had one disk where SMART gave no warning until the disk was dead
<JanC> disk was 1 month old...
<qman__> there's always a chance for total loss, but I'm trying to improve the odds
<qman__> the 4GB Quantum Fireball I'm using as a system drive out lasted the first array
<qman__> if/when that one finally dies I'm switching to flash
<qman__> but all signs point to that thing lasting longer than me
#ubuntu-server 2009-12-17
<uvirtbot> New bug: #497559 in php5 (main) "php5-curl not flushing files to disk correctly until script exits" [Undecided,New] https://launchpad.net/bugs/497559
<uvirtbot> New bug: #497560 in bacula (main) "package bacula-director-mysql 2.4.4-1ubuntu9 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/497560
<uvirtbot> New bug: #414885 in qemu-kvm "KVM crashes when -vga is set to vmware." [Medium,Confirmed] https://launchpad.net/bugs/414885
<sjefen6> I have been trying to install ubuntu-server i386 on an old Pentium 4 dell desktop, but during the installation the instalation stops and I am left with a blue screen, with a gray line without any text. Is there anything im doing wrong?
<ewook> no. but 1, your cd / cd-reader / cable / or other falty hardware might create the scenario
<sjefen6> xp installed flawlessly some hours ago. no memory-defects, and im testing the install media atm
<ewook> xp does not always die upon install, it can show the problems later on resulting in bluescreens or simply falty behaviour.
<sjefen6> the cd-rom is valid
<ewook> do a memcheck
<sjefen6> does that rule out the media and reader?
<sjefen6> no memory-defects
<ewook> it rules out the cd at least.
<sjefen6> ran memcheck some hours ago
<ewook> what release are you trying?
<sjefen6> ubuntu-9.10-server-i386
<ewook> do you have a spare cd to try the LTS also?
<sjefen6> I can try...
<ewook> not needed, but.. what dell model was it?
<ewook> rather, the LTS is not needed if you don't wanna.
<sjefen6> optiplex
<sjefen6> GX260
<sjefen6> torrent of downloards should be more easy accessable
<ewook> there seems to be a few threads regarding GX260 and installation issues with 9.10, a rather few seems to mention issues with multiple kinds of hardware, weird.
<ewook> you could go 9.04 if you wish to, LTS isn't the hottest cookie around right now :)
<sjefen6> agree
<sjefen6> but where can i find torrents? http is dead slow for me...
<ewook> oh. there should be an alternative download selectable at the site.
<ewook> hrr, not of 9.04 that I can find tho.
<ewook> just click once on the download now, and then select alternative, and then more options pops up
<ewook> my my. Haven't downloaded releases for a while, I'm quite lost as well :)
<xperia> hello to all ! i have a question about some strange connection on my ubuntu webserver.
<xperia> i have in my logs this connection here
<sjefen6> the stupis redirects masks the adress to the mirrors, so im unable to browse the mirror for torrents
<xperia> http://paste-bin.com/view/40ce54e0
<ewook> sjefen6: http://www.ubuntu.com/getubuntu/downloadmirrors#bt
<xperia> can somebody tell me if my ubuntu server was used for a dos attack ?
<xperia> in the logs i have nearly all 7 to 8 min a connection established to a ssl port
<xperia> and that for nearly a whole day
<xperia> is this normal ?
<ewook> xperia: that might be something more for the more apache-oriented folks, but it looks like you're proxying connections to mee.
<bogeyd6_> xperia these are just http connects
<bogeyd6_> assuming you arent running a proxy it might just them scanning you
<xperia> no i dont run a proxy
<ewook> true as bogeyd said. then it's just a great deal of connect-attempts. how's the other traffic? any other noticeable impact on the machine?
<xperia> at the moment i see just only this redirects allways. i had this allready one time and i think people from apache told me
<xperia> that this is related to my php page
<xperia> if a php page has some code for redirection this logic could be used also for request redirecting
<ewook> yes.
<xperia> need maybe to fix my php page a litlle. will look now what the php people can told me ad maybe give me a solution
<xperia> okay thanks for the help !
<ewook> good luck.
<sjefen6> looks like it is something wrong with performing the hdd operations
<sjefen6> (9.10 in expert mode)
<ewook> any errorcodes?
<sjefen6> no
<sjefen6> are there any debug mode i can turn on?
<sjefen6> oh
<ewook> flip around the tty's
<sjefen6> looks like im gone tru 9.04 first
<sjefen6> too late
<sjefen6> humpf, 9.01 installed but does not boot correctly
<sjefen6> corrupted memory?
<ewook> sniffs like your disk isn't that well
<sjefen6> lets try another disk then...
<sjefen6> can same brand and model have the same issue? trying with 9.10 first
<ewook> as in optiplex model? or what model are you referring to?
<sjefen6> hdd
<sjefen6> im using 10 gb fsc drives
<sjefen6> fujitsu limited
<ewook> well, they could be in the same state if old. or, perhaps a cable issue.
<sjefen6> 9.10 locked again
<sjefen6> changing cable
<ewook> my oh my. ubu 5.10 isos still in my 'closet'.
<sjefen6> new cable, same error
<ewook> interesting.
<ewook> or, perhaps just frustrating
<sjefen6> looks like this box aint going to run ubuntu-server?
<ewook> same error, with 9.10 that is?
<sjefen6> 9.10 yes
<ewook> hrm. did you try it with the 8.04.3 or the 9.04?
<sjefen6> i tried once with 9.04, first hdd and first cable
<ewook> and the result was that it installed. but didn't boot correctly?
<sjefen6> yes
<sjefen6> thew boot resulted in an console that looked like tty4
<sjefen6> (tty4 when using 9.10)
<sjefen6> and i think it flashed manny lines with memory corrupted
<sjefen6> oh
<sjefen6> looks solved
<sjefen6> no
<sjefen6> false alarm
<sjefen6> starting to look like the factory memory was at foult
<sjefen6> hanged at "Validating initscripts" tty4:"debootstrap:Killed"
<lwizardl> hi
<lwizardl> from a networking of servers aspect what routers are the better ones to get that are able to be found anywhere ?
<twb> lwizardl: are you asking for hardware recommendations?
<lwizardl> yeah
<twb> The best kind of router is one that you can install a flexible FOSS distro on, such as Ubuntu or OpenWRT or OpenBSD
<twb> For a SOHO, I have had success with OpenWRT on the Asus WL-500g Premium.
<lwizardl> ok because i've mostly used Linksys routers and 90% of the ones i have owned either got flashed by me with either dd-wrt or openwrt
<twb> (Most low-end routers will run Linux internally anyway, but it'll be locked down and crippled.)
<twb> If you're comfortable with (say) OpenWRT, then I'd grab the OpenWRT HCL and pick a well-supported unit from that lit.
<twb> *list
<lwizardl> this is the first time i've been working with openwrt but i have used dd-wrt for like the last 3 years or so. and before that i was forced to keep the linksys fw on the devices because they wasn't owned by me
<lwizardl> they was isp owned
<twb> The plural form is "were", not "was".
<twb> e.g. "he was confused; they were confused"
<lwizardl> yeah but you understood what i was saying :)
<lwizardl> so basically continue doing what I have been doing using any router that supports a better fw like using openwrt
<lwizardl> should be fine
<twb> OpenWRT is a distro, not a "fw"
<twb> Oh, perhaps that meant "firmware", which I guess makes sense.
<lwizardl> yeah firmware
<ruben23> hi what is the permission of this on octet------>drwxrwsrwx  3 root root 4096 2009-11-13 00:45 vicidia
<twb> ruben23: run stat(1) on it
<twb> IIRC it's setgid.
<twb> "info coreutils" should cover unix permissions
<thewrath> i use this to enable a site in ubuntu a2ensite
<thewrath> how do i disable it
<twb> I don't know what a2ensite is.
<thewrath> that is to enable a site
<thewrath> *enable a site config
<twb> Presumably within apache2.
<thewrath> yes
<thewrath> got it
<netdur> hi, I have php script (not web page) that parse few large log files (around million of lines), I have four desktop available, I wonder how can I make ubuntu server distribute computing between those desktops...
<netdur> (desktop hardwares but ubuntu server)
<netdur> runs*
<maxagaz> hi
<maxagaz> how to copy /my/path/myfiles to /opt/my/path/myfiles, creating sub-paths if they don't exist in /opt ?
<khelvan> dunix, Anonymous2, if you guys are still around - it appears that my girlfriend was kicking the server, and that was shutting it down the hard way. I'm not 100% sure on that being the cause, but there seem to be no other issues at the moment (I still have yet to give it a monitor and run memtest though).
<khelvan> Can anyone tell me why my 10/100/1000M card in my Ubuntu Server sometimes negotiates 100M, sometimes 1000M, with the same 10/100/1000M Netgear switch, and nothing changing other than a reboot? Is there a way to force it to 1000M, and does doing so have any disadvantages?
<twb> khelvan: do you have ssh on the switch?
<khelvan> twb - No, I don't think so. It's a mindless Netgear GS608NA.
<twb> About the only thing I know of to use is ethtool / mii-tool
<twb> But I think that just reports the current behaviour
<qman__> maxagaz, cp -r
<ageNT_666> Ã¢Ã±Ã¥Ã¬ Ã¯Ã°Ã¨Ã¢Ã¥Ã², Ã¤Ã Ã©Ã²Ã¥ Ã²Ã®Ã«ÃªÃ®Ã¢Ã³Ã¾ Ã±Ã±Ã»Ã«ÃªÃ³ Ã¯Ã® Ã¯Ã®Ã«Ã­Ã®Ã© Ã³Ã±Ã²Ã Ã­Ã®Ã¢ÃªÃ¥ abills
<jiboumans> morning
<jumbers> My host provides me 2 IPs to my dedicated server and there is 1 NIC installed on the box. How would I be able to set up my network interfaces to take advantage of the second IP?
<AlexC_> jumbers, using 'ip' command. Something like: ip addr add x.x.x.x/x brd x.x.x.x dev eth0 label eth0:1
<AlexC_> brd being broadcast
<AlexC_> jumbers, you can also add this to your /etc/network/interfaces line, just add a new line but prefix it with 'up '
<FireCrotch> jumbers: http://www.cyberciti.biz/tips/ubuntu-linux-creating-ethernet-alias-for-eth0-network-device.html
<FireCrotch> that link explains the procedure quite well :)
<jumbers> Aha, that's what I was looking for, a permanent setup
<AlexC_> no, don't use that
<AlexC_> (in ref to FireCrotch link)
<FireCrotch> AlexC_: And why exactly do you object to my link?
<FireCrotch> it's the proper way to set up an interface alias
<AlexC_> FireCrotch, it uses the older methods of doing it by setting up aliases. You should do it with the newer 'ip' suit of commands
<AlexC_> all your managment should be through 'ip', not 'ifconfig'
<AlexC_> ifconfig is old and doesn't provide you with everything
<FireCrotch> Meh, it's just a different way of accomplishing exactly the same thing
<AlexC_> different and old with less flexibility
<FireCrotch> different and stable and perfectly fine
<jumbers> So adding a virtual interface is evil? I don't see how/why
<AlexC_> jumbers, no no, using 'ifconfig' to do it. Using IP is ideally recommended
<AlexC_> s/IP/ip
<jumbers> I planned to use the second part of that page; Adding the interface to /etc/network/interfaces
<AlexC_> which does the same
<AlexC_> use the 1 line I gave, added to /etc/network/interfaces
<TeTeT> cjwatson: just installing lucid UEC. I installed the front end first with clc,walrus,cc and sc. Then the node. The node told me that it cannot find walrus.
<AlexC_> for example, underneath 'gateway ....' add 'up ip addr add x.x.x.x/x brd x.x.x.x dev eth0 label eth0:1'
<AlexC_> and also another duplicate line, but replace 'up' with 'down', and that will be removed when that interface goes down to
<TeTeT> cjwatson: I checked ps aux | grep avahi on the frontend and the avahi line for walrus looks different from the others. It says avahi-publish -s 192.168.1.120 instead of avahi-publish -s TestCloud
<AlexC_> jumbers, just far easier to manage
<maxagaz> how to copy a file to a destination and create the destination if it doesn't exist ?
<lau> hello am trying to monitor lighttpd 1.4.19 with munin 1.2.5-2 on hardy
<lau> do you know if http://www.linuxweblog.com/blogs/sandip/20090902/munin-stats-apache-and-lighttpd is still accurate ?
<jussi01> can someone tell me the standard way to add someone to svn access?
<cjwatson> TeTeT: I'm on holiday, please file a bug
<TeTeT> cjwatson: ok, enjoy your vacation
<uvirtbot> New bug: #497716 in eucalyptus (main) "Lucid: walrus not automatically discovered" [Undecided,New] https://launchpad.net/bugs/497716
<uvirtbot> New bug: #496932 in keepalived (main) "Keepalived haven't LVS support" [Medium,Confirmed] https://launchpad.net/bugs/496932
<X-Sleepy-X> Is it possible to display the servers temperature on a web site with apache2?
<uvirtbot> New bug: #497732 in backuppc (main) "Tar exited with error 512 () status" [Undecided,New] https://launchpad.net/bugs/497732
<uvirtbot> New bug: #497763 in apache2 (main) "Hang during installation" [Undecided,New] https://launchpad.net/bugs/497763
<kwork> i have two dns servers, i would like to test if master/slave servers all have correct records, can anyone recomend tool for what ?
<Sam-I-Am> dig
<kwork> its n+1 domains
<Sam-I-Am> script + dig
<kwork> so there is no tool out there for that ?
<Sam-I-Am> dig will do an axfr from your dns servers if you permit it
<Sam-I-Am> you could easily compare the axfr from one server to the other
<kwork> i was just hope-ing there is something better then dig + diff
<jiboumans> kirkland, ttx, how/when is this list triaged? https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus
<kirkland> jiboumans: i just sort of do it when i get a chance
<kirkland> jiboumans: though it should be done as part of our daily triage work
<ttx> jiboumans: I wanted to have 1.6.2 and confront that list to it, but if it's delayed we should have a look at it sooner
<kirkland> jiboumans: i'll triage the 3 undecideds right now, if you like
<Sam-I-Am> kwork: most other things probably do roughly dig + diff heh
<ttx> kirkland: I'm trying the proxool patch from Chris rigth now
<ttx> unless you're at it already
<Sam-I-Am> time to wander off to work
<kirkland> ttx: no sir, please do
<kwork> Sam-I-Am,  as of i m lazy as hell, i was hope-ing someone will point me towrads something that will do dig+diff
<kwork> towards
<kirkland> ttx: i just got up, about to make some coffee
<kirkland> ttx: we have eucalyptus-nc upstart scripts ;-)
<ttx> kirkland: I saw that, thx
<kirkland> ttx: it worked well for me
<kirkland> ttx: i had keybuk and slangasek review it too
<kirkland> ttx: there's one thing we couldn't agree upon, though
<kirkland> ttx: in my initial implementation, i had it start on started eucalyptus
<kirkland> ttx: thus, on the node, you could just do "sudo start eucalyptus"
<kirkland> ttx: and it would "figure out" that you have only a node controller, and it would start that
<kirkland> ttx: however, it took kind of a hack in the upstart conf to make that work
<kirkland> ttx: and i was frowned upon
<kirkland> :-)
<ttx> ok
<ttx> I'm ok with it starting with eucalyptus-nc
<kirkland> ttx: cool, fair enough
<ttx> since it's always on separate machines
<ttx> kirkland: patched proxool in my PPA, test coming up
<kirkland> ttx: cool
<kirkland> ttx: i'm trying to package qemu-kvm-0.12, which is in RC state
<kirkland> ttx: upstream asked for some feedback before they GA
<smoser> good morning all.
<smoser> kirkland, does it let me use -curses  with lucid :)
<ttx> kirkland: in case you missed my last message before the split, looks like it's starting up now
<kirkland> smoser: is that a question?  if so, no, not in my experience so far :-(
<ttx> kirkland: the cglib2.1 trick is still needed though
<kirkland> smoser: please talk to cjwatson about that
<smoser> yeah, sort of a qustion, but it should have ended with "if it does i'll use it" :)
<kirkland> ttx: i didn't see your message
<smoser> i will. cjwatson , ping
<kirkland> smoser: yes, i very heavily depended on that in Karmic
<kirkland> smoser: my testing is much more difficult in Lucid because of it
<smoser> in mail i sent you last night it shows at least how to get a console up on ttyS0
<smoser> which is a big help if you cant get a "real console"
<X-Sleepy-X> If I want to execute a command every minute how would I achieve that with cron?
<X-Sleepy-X> The command I want to execute is: acpi -Bt 2>&1 | tee temp.txt
<kirkland> smoser: ah, i see that now
<kirkland> smoser: you sent it to my gmail :-)
<smoser> where do you want things sent?
<kirkland> smoser: work related?  kirkland@canonical
<smoser> kirkland, so, i just booted a karmic image, and dont see any gettys on f1 or f2
<kirkland> smoser: rsyncing ....
<Daviey> kirkland / smoser: It is documented on the wiki.
<kirkland> Daviey: whereabouts?
<Daviey> https://help.ubuntu.com/community/SerialConsoleHowto
<Daviey> kirkland: before you showed me kvm curses, i was using a serial console as a fall back to ssh.
<smoser> Daviey, thats what i came up with.. the upstart method.
<smoser> although i didn't do 'vt102' arg to sgetty, which might have been helpful.
<kirkland> smoser: okay, i can get to gettys on f*
<kirkland> smoser: at least launched from a kvm SDL window
<kirkland> smoser: alt-f2, alt-f3, etc.
<smoser> yeah, i see them if i run in sdl window
<kirkland> smoser: drop the ctrl
<smoser> but not in curses
<kirkland> smoser: ah, right, yeah, i've never gotten that working
<smoser> this is karmic kvm booting karmic image (uec image, but thats not too important at this point)
<kirkland> smoser: i don't think the key stroke is being captured/passed properly
<smoser> hmm..
<smoser> kirkland, well, in curses mode i get to the kvm console with 'alt-2'
<smoser> then 'sendkey alt-f2'
<smoser> how do i get to kvm console window in SDL ?
<uvirtbot> New bug: #497781 in openssh (main) "sshd stop on two SIGHUP" [Undecided,New] https://launchpad.net/bugs/497781
<kirkland> smoser: alt-1
<smoser> kirkland, so if i omit '-curses', (ie, i get sdl)
<kirkland> smoser: right
<smoser> Using karmic host, karmic guest.
<smoser> then i can go to kvm console (with 'ctrl-alt-f2') and type 'sendkey alt-f1'
<smoser> oops
<smoser> above 'sendkey alt-f2'
<smoser> then hit 'ctrl-alt-f1' and i can see a login prompt on , with 'tty2' label
<smoser> if i do the same with '-curses' i can't see a login prompt
<smoser> in karmic guest it doesn't tell me a graphic mode (like it does with lucid guest), but there is no login
<smoser> same process (using sendkey from the console) but console keymaps are 'alt-fx' rather than 'ctrl-alt-fX'
<smoser> does that all make sense?
<smoser> i swear i've seen all this work at some point
<kirkland> smoser: what's the end goal?
<kirkland> smoser: to get a tty login on tty2?
<smoser> be able to login at console via -curses
<ttx> kirkland: so it looks like it should work with the proxool fix. I can upload that fix when I get Chris's explanation on potential regressions with it
<uvirtbot> New bug: #497790 in squid (main) "squid should provide an apparmor profile" [Undecided,New] https://launchpad.net/bugs/497790
<acalvo> hi
<acalvo> why sometimes, depending on which server I ping, I get a response from servername.local and sometimes from the ip? (usually form servername.local is faster than the IP)
<zul> jdstrand: https://launchpad.net/bugs/497790 <-- seen that one?
<uvirtbot> Launchpad bug 497790 in squid "squid should provide an apparmor profile" [Undecided,New]
<jdstrand> zul: I did 2 minutes ago, yes ;)
<zul> pretty interesting ;)
<ttx> kirkland: i'm not exactly sure yet of the best way to handle the cglib situation
<ttx> kirkland: we can get rid of the new package and keep the old one, or tweak the new one so that it doesn't interfere with the old one
<jdstrand> zul: https://wiki.ubuntu.com/SecurityTeam/Roadmap#AppArmor%20Confinement
<jdstrand> zul: I added the bug reference to there
<jdstrand> zul: I don't think the security team will be able to manage adding that to the squid package in enforcing mode (but you are welcome to). We could add it to apparmor-profiles though
<zul> i think it would be nice to have though
<zul> but it would be totally up to you guys
<jdstrand> zul: it would-- it has been on our roadmap. we just don't have the resources this cycle to turn it on by default
<zul> jdstrand: ok sounds good
<jdstrand> zul: if you aren't interested in putting it into enforcing mode yourself, then I'll add it to apparmor-profiles
<jdstrand> (or don't have time, or however that should be phrased to be non-offensive ;)
<jdstrand> zul: ^
<zul> jdstrand: i think it would be a good idea because it would also take care of the request to have squid chroot
<jdstrand> I aboslutely agree-- we just don't have the resources this cycle
<jdstrand> zul: well, *I* don't. I suppose it is possible kees or mdeslaur might want to take it on, but I think they have their plates full too
<zul> jdstrand: heh ok ill bug them about it after christmas
<kirkland> smoser: from an installed system, or from an installer ISO?
<kirkland> smoser: that "just works" with my installed systems
<kirkland> ttx: good to hear that the proxool fix gets us moving
<kirkland> ttx: tweaking the new one seems the best way forward
<ttx> kirkland: not so sure about that
<kirkland> ttx: for the big picture
<kirkland> ttx: hmm
<ttx> I think having proxool 0.8.3 in eucalyptus-commons-ext starts to make sense
<ttx> since lots of packages now expect libcglib-java to have replaces libcglib2.1-java
<kirkland> ttx: heh :-)
<ttx> (that's the situation in debian)
<ttx> i'll write up a summary so that we can discuss it in the call
<kirkland> ttx: sounds good
<jiboumans> ttx++ # on the ball
<jiboumans> ttx, kirkland: make sure to add the point to the agenda for transparency
<ttx> sent -- hopefully it will make the options clearer
<rputnins> hello!
<rputnins> does anyone has installed 8.04 server on software raid5?
<rputnins> I know that officialy it's not possible but I think there must a way
<rputnins> after installation and reboot I get grub rescue console
<zul> smoser: ping
<ruben23> hi is there i way that when i login using ssh to my ubuntu-server i dont have to input password, which i used oftenly..
<rputnins> any ideas about the raid5?
<bogeyd6> rputnins there is a way
<rputnins> good! how?
<bogeyd6> https://help.ubuntu.com/community/Installation/SoftwareRAID
<bogeyd6> ruben23 if you set up keys for ssh you dont need a password
<bogeyd6> !fakeraid | rputnins
<ubottu> rputnins: Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<rputnins> bogeyd6 - I have tried this manual, the is nothing about raid5! Only that it will not work for / partition
<rputnins> ubottu: thanks, I havent tried the fakeraid yet, I will give it a try
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<smoser> zul, here
<LinuxCommunity> im here
<bogeyd6> here
<zul> smoser: for ec2 are you still suppose to be getting a message to use tasksel when you first login? (this is for lucid)
<smoser> i had not made a decision that you should not, i've never looked at that stuff.
<rputnins> ubottu: the fakeraid install is for desktop only, am I wright? How to install server on software raid5?
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<smoser> zul, does it not show that any more ?
<zul> smoser: no but I might logged in to early
<zul> smoser: it doesnt
<smoser> i dont have a personal big interest in that showing up (especially since its broken, it says 'use tasksel' but doesn't say 'run apt-get update first')
<LinuxCommunity> sudo apt-get dist-upgrade    and sudo apt-get update
<zul> smoser: ok i was just checking to see if its a regression
<zul> smoser: it doesnt matter to me either way though ;)
<smoser> it probably is a regression. i suppose if you dont mind please follow a bug
<smoser> its easiest to run 'ubuntu-bug ec2init' on the instance
<zul> okies
<smoser> or if not easiest, preferred.
<rputnins> ubuntu 8.04 boot from software raid5 possible? Opinions!
<LinuxCommunity> rputnins: it should be possible, i run 8.04 server
<rputnins> do you have / partition on raid 5?
<msantos> rputnins, i boot 8.04 off of a software raid1
<LinuxCommunity> rputnins: no i don't but you should be able to run raid 5
<rputnins> msantos: thanks, on raid1 I have seen dozens of tutorials, I need raid5
<rputnins> LinuxCommunity: yeah, I know I should but how? :)
<LinuxCommunity> rputnins: let me see if i can get you a good tutorial
<rputnins> LinuxCommunity: installation was fine after the reboot I get: GRUB loading.
<rputnins> erro: biosdisk read error
<rputnins> erro: file not found
<rputnins> grub rescue>
<LinuxCommunity> ehh
<LinuxCommunity> yea that's not good
<msantos> rputnins, are you using LVM or just staight raid?
<LinuxCommunity> rputnins: you might want to read this   https://bugs.launchpad.net/ubuntu/+source/linux/+bug/220493   not sure how relavent it is
<uvirtbot> Launchpad bug 220493 in linux "[Hardy][Regression] dmraid45 target missing in latest kernel" [Medium,Fix released]
<rputnins> msantos: I am using just raid, I thought about lvm, you think I should try?
<zul> smoser: done
<msantos> it's trickier with LVM :)
<smoser> danke
<LinuxCommunity> this one to http://nerdonaplane.blogspot.com/2008/04/ubuntu-upgrade-hardy-harron-804-lts.html
<msantos> what you can try is partitioning your disks into a /boot (straight raid1 or whatever) and the rest as a big raid 5
<TeTeT> how do I increase the number of loop back mounts on Karmic? the loop module seems to be built in now
<msantos> if your /boot is on raid 1, just be sure to install grub on all the disk or it's fun after an hd dies ;) (not that I had this happen to me <cough>)
<rputnins> LinuxCommunity: msantos: OK, I am running the server install right now
<msantos> rputnins, have to go, good luck on your install
<LinuxCommunity> rputnins: i don't run raid. i still got my server running off old IDE. i would like maybe scsi or sata 3 but for what im doing theres no profit
<rputnins> msantos: I see why I havent used LVM - I dont have it in manual partition part
<LinuxCommunity> LVM isn't always the best way to go. most times it's just use whole disk
<mathiaz> ttx: hey
<mathiaz> ttx: doing some uec testing
<mathiaz> ttx: it seems that the cluster name is not asked at the same debconf priority during the cc and the sc package installation
<mathiaz> ttx: would that cause a problem when doing an SC only install?
<ttx> mathiaz: istr it had a sane default
<ttx> mathiaz: haven't tested that yet
<mathiaz> ttx: I think it will fail on a single SC installation
<mathiaz> ttx: cluster-name is only asked for in eucalyptus-cc.config
<mathiaz> ttx: eucalyptus-sc.postinst just db_get it
<ttx> mathiaz: you sound on the right track :)
<jiboumans> guys, pitti just mailed out an update for the workitem tracker; bugs are now counted as work items. so time to do another quick pass at your blueprints and make sure duplicate items are removed
<rputnins> no luck with that raid
<rputnins> :(
<jiboumans> cya tomorrow guys
<rputnins> hello folks! any ideas on howto setup ubuntu 8.04 server on softrware raid 5?
<rputnins> to be able boot from raid5?
<Doonz>  Hey guys i never installed a webserver on my box but when i goto http://server it tell me that the webserver is working
<Doonz> how can i see what web server may have been accidently installed?
<jpds> Doonz: Check: sudo netstat -ltnp
<Doonz> it doenst show anything
<Doonz> so who wants to give me a cookie..... it was using some chached page on my browser :/
<jpds> Doonz: The site should of given your a cookie.
<Doonz> im a noobie
<Doonz> sorry for bothering
<jpds> Doonz: no problem, remember, the stupid quesitons are only the unasked ones!
<Doonz> thanx ... back to my virtual machine
<xperia> hello to all. i have a question about phpmyadmin. for some reason the password and the username that i use in mysql dont work in phpmyadmin. i cant pass the login screen in phpmyadmin. does anybody know what the problem could be ?
<zul> jiboumans: server-landscape-client-refresh is basically done fyi
<kirkland> smoser: image names changed?
<kirkland> http://uec-images.ubuntu.com/karmic/current//karmic-server-amd64.tar.gz
<kirkland> smoser: that was karmic-uec-amd64 yesterday ....
<smoser> not yesterday
<smoser> but recently
<kirkland> smoser: k, recently :-)
<smoser> it was to accomodate '-desktop'
<kirkland> smoser: i updated https://help.ubuntu.com/community/UEC/BundlingImages
<kirkland> smoser: i'm not sure where else that string is
<smoser> yeah. i dont know. i wondered about it when i did it.
<kirkland> smoser: it's not a big deal
<kirkland> smoser: but we'll have some docs to update
<smoser> yeah, i'm not certain if the new name is good, though, or if it should include 'uec' in it.
<kirkland> smoser: hmm, if the seeds that are generating those images are basically identical (or a superset) of what you get with a default server or desktop image, leave the name as is
<kirkland> smoser: if the seed is somehow different
<kirkland> smoser: specifically, if it's a subset of what in the desktop/server default install, then I think adding a uec appendage would be nice
<smoser> it is somewhat different. it has ec2init for example.
<uvirtbot> New bug: #497894 in bacula (main) "Support Application Indicators" [Undecided,New] https://launchpad.net/bugs/497894
<M1TE5H> can anybody help to configure startx
<genii> M1TE5H: This is probably the wrong channel to ask about X, since Ubuntu Server doesn't have it
<M1TE5H> ok thanks 4 reply can give me any other channel list
<ScottK> M1TE5H: #ubuntu
<kirkland> jiboumans: mdz: \o/  eucalyptus running from packages
<kirkland> jiboumans: mdz: specifically, i was able to a) install from lucid cd, b) upgrade using PPA packages, c) add iscsi to the system (hack for now), d) bundle and run an image
<RoyK> http://www.robweir.com/blog/2009/12/relevancy-of-odf-10.html
<mdz> kirkland, great news
<mdz> kirkland, ready to upload to lucid?
<kirkland> mdz: i think so ... though users will need to either install iscsitarget on their CLC (for now)
<kirkland> mdz: or we need to wait for the code drop from Eucalyptus that disables the iscsi paths
<mdz> kirkland, is that not trivial to fix?
<kirkland> mdz: i'll look at their code and see
<mathiaz> kirkland: which ssh public key uec component is supposed to go where?
<mathiaz> kirkland: IIUC the CC public key needs to be on the NCs?
<kirkland> mathiaz: correct
<mathiaz> kirkland: what else is needed?
<kirkland> mathiaz: CC issues commands to NCs
<kirkland> mathiaz: I think CC also talks to its SC
<kirkland> mathiaz: and i think CLC talks to Walrus and CCs
<kirkland> mathiaz: nurmi is online and active in #eucalyptus, you might ask him there
<mathiaz> kirkland: the home directory of the eucalyptus user is /var/lib/eucalyptus?
<kirkland> mathiaz: ack
<nuclearshare> hello
<nuclearshare> is anyone here?
<ttx> kirkland: how is it going ?
<kirkland> ttx: testing is good
<ttx> cool
<kirkland> ttx: i'm trying to figure out what of yours needs to be uploaded
<kirkland> ttx: i'll upload eucalyptus
<kirkland> ttx: as i have another change or two necessary
<kirkland> ttx: could you upload the rest?
<kirkland> ttx: common, cglib, proxool, whatever?
<uvirtbot> New bug: #497953 in openssh (main) "package openssh-server 1:5.1p1-5ubuntu1 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/497953
<kirkland> ttx: i have a fix for the iscsi thing, to turn it off
<ttx> kirkland: proxool was uploaded
<kirkland> ttx: and common?
<ttx> kirkland: you don't need the eucalyptus-commons-ext in my PPA, but you need one 0.5.0
<ttx> is it still stuck in DEPWAIT ?
<ttx> I'd thought that component-mismatches would not be blocking
<ttx> maybe it's just a matter of retrying the build of the one already uploaded
<kirkland> ttx: okay, i'll handle that
<ttx> or we might need some shortcut
<ttx> the mir is filed, if we need to fast-track it in some way
<ttx> but i'm just not sure that's why it's blocked :)
<ttx> kirkland: cool, looks like we might end up releasing 1.6.2 before you go for holidays, after all
<kirkland> ttx: i'm trying to do so
<kirkland> ttx: kees any chance you can help us fast track a simple MIR?
<kirkland> kees: it's blocking eucalyptus 1.6.2
<kirkland> kees: which is urgently needed in Lucid
<kirkland> ttx: can you paste the MIR url?
<ttx> sure
<ttx> bug 497390
<uvirtbot> Launchpad bug 497390 in libproxool-java "MIR for libproxool-java (and avalon-framework)" [Wishlist,Confirmed] https://launchpad.net/bugs/497390
<ttx> might also need bug 497455 (runtime dep)
<uvirtbot> Launchpad bug 497455 in libwoodstox-java "MIR for libwoodstox-java" [Wishlist,Confirmed] https://launchpad.net/bugs/497455
<kirkland> ttx: let's elevate the priority from Wishlist to High
<ttx> kirkland: be my guest
<kirkland> ttx: done
<ttx> kees: would a pending MIR on a new build-dep result in a DEPWAIT for the package ?
<ttx> kirkland: did you try to restart the build ?
<kirkland> ttx: not yet
<ttx> I can do that.
<kirkland> ttx: i just did
<ttx> ok
<kirkland> ttx: ordered 3 more vostros
<ttx> heh
<ttx> kirkland: stuck in depwait again, so I guess universe build-deps are blockers :)
<kirkland> ttx: yeah, i suspect
<ttx> hmmmm
<ttx> kirkland: you know what, I'm not 100% sure that proxool is needed for the build
<ttx> I'm trying to see who added it
<kirkland> ttx: interesting, okay
<ttx> arh
<ttx> nah, I'm confusing things
<ttx> it's not a b-d of euca, but a b-d of euca-commons-ext
<kirkland> right
<ttx> and the b-d was added by chris, 99.9% sure needed to compile hibernate-proxool
<ttx> so no easy way out
<ttx> :)
<kirkland> okay, so we need 3 MIRs approved
<kirkland> ttx: before eucalyptus 1.6.2 can be built for Lucid, then, right?
<ttx> the woodstox one might not be blocking
<ttx> let me check if its a b-d
<ttx> no it's not
<ttx> And I wonder if that part of their codechanges even landed
<ttx> so it's proxool that's needed. and avalon-framework is a b-d of prxool
<sirenita> hi.. i have a problem with an instalation of two instances of oracle database in the same server
<sirenita> somebody can herlp me
<uvirtbot> New bug: #482515 in mysql-dfsg-5.1 (main) "package mythtv-common 0.22.0+fixes22594-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/482515
<sjefen6> getting message "the attempt to mount a file system with type ext4 in LVM VG Unknown...., LV root at / failed" during the installation of ubuntu server 9.10 on a dell optiplex gx260. What is wrong?
<owh> If I use channel bonding to combine three Ethernet interfaces, using adaptive transmit load balancing (mode 5), is there a way that I can force all ssh traffic to one specific slave?
<sub> no. why would you want to? what would the behavior be if that specific slave interface is down?
<ruben23> hi guys, is it possible to ssh without always making input of passwd
<owh> sub: I want to because I have 3 WAN interfaces, one of which has unlimited traffic which I need to use for backups. I do not want to use the other 2 interfaces which have higher throughput, but limited traffic.
<owh> I don't particularly care if it dies if the interface is down.
<sub> Ethernet bonding != IP load balancing
<owh> sub: That's interesting, since that's not what I've been reading. Specifically the documentation tells me that mode 5 is "Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave 
<owh> Unless of course I cannot read, which is a possibility :)
<sub> do each of your 3 WAN interfaces reside on different subnets?
<sub> ie: have different IPs?
<owh> They are three completely separate connections from different ISPs. There is a modem between me and the link for each of the links. Each modem has a separate WAN IP address and normally a workstation would connect to the modem and get a LAN address from the on-board DHCP server.
<owh> Think of it as combining three DSL connections. It's not that, but the analogy holds.
<sub> no, it doesn't, because each packet out is likely to have different IPs
<sub> thanks to NAT
<owh> That is correct, but under mode 5, I understand that a connection is routed through a specific slave once it has been established.
<owh> Hmm, perhaps I should be looking at mode 2.
<sub> dest mac address will always be your gateway's mac in that case. i don't know if it will continue to route anything through the same interface on mode 5 because it specifically says it's based on load and also interface bonding is a different layer than mode 5, but admittedly this isn't something i'm 100% familiar with
<owh> Let me ask the question in a different way. I have 3 WAN links, two high speed, with limited data, one lower speed with unlimited data. I need to route all ssh traffic across the unlimited data link and want to provide the best throughput for LAN clients who use the server as their gateway. How do I accomplish this?
<sub> i've done etherchannel and LACP, but always at the ethernet layer and never had to worry about NAT/routing issues
<owh> LACP assumes that the other end can deal with what's coming in, almost like having a multi-link ppp support at both ends. That is not the case here. The links are completely separate, think of them as three domestic ADSL connections.
<owh> I am not particularly interested in one user having all available bandwidth, just the best experience for all users.
<sub> i realize that, I was explaining my background with bonding
<owh> Cool.
<owh> Just making sure I'm on the same page too :)
<sub> in fact, i wrote this: http://subversity.net/link-aggregation-on-a-redhat-centos-server-an :|
<sub> well
<sub> because of NAT and routing, you likely want something to do your load balancing at the IP layer
<sub> for forcing the SSh traffic over a certain interface you could probably use iptables, I'm not familair with the rules enough, I just know that you can forward it out a specific interface
<sub> as for load balancing the remaining two links, i'm not really sure
<owh> Just to make sure that I'm making myself clear, if one user is downloading a big file, I don't want or need them to have their download spread over three links - in fact I cannot see how that would ever work unless I setup a VPS in the cloud, make a VPN to that and use its pipe to get the data - not really what I had in mind.
<owh> sub: Yes, that article is not what I'm looking for. (For that I have a gigabit port on the server -- more than enough for 20 users in this environment :)
<sub> I know it's not what you're looking for, once again
<owh> Basically we have a crappy link, it's slow but unlimited. We're locked into another two years of contract and need to increase bandwidth.
<sub> Yeah, I get that, and my answer was:
<sub> as for load balancing the remaining two links, i'm not really sure
<sub> for forcing the SSh traffic over a certain interface you could probably use iptables, I'm not familair with the rules enough, I just know that you can forward it out a specific interface
<owh> So, then it appears that you're saying that bonding isn't the right hammer for this nail.
<owh> (As in, when all you have is a hammer, every problem looks like a nail.)
<sub> correct
<owh> Back to the drawing board.
<sub> bonding is generally used when you need more throughput to the LAN, or redundancy to the LAN
<sub> look into FORWARD rules for iptables
<sub> should be easy enough to forward tcp/22 traffic over a specific links, I can't answer for the load balancing though
<owh> Bear with me for a moment if you will. You can tell me to bugger off if you've lost interest :)
<owh> The three WAN links have different WAN addresses. Internally they can be configured to have the same LAN IP addresses. If I bond the interfaces and for a moment ignore ssh, would mode 2 not work? I understand that it keeps the same client/server pair on the same slave unless it fails. Or am I missing something?
<sub> how are you planning on giving them the same LAN IP address?
<jiboumans> kirkland++ ttx++ nice job on eucalyptus
<kirkland> jiboumans: we're almost there
<kirkland> jiboumans: gotta get the MIRs approved
<kirkland> jiboumans: kees is helping us with that
<owh> The three modems can be configured to give the same address via DHCP. Alternatively, if the bond defines the IP address, then I can configure each modem to see that as a valid LAN address.
<jiboumans> kirkland: anything contentious there?
<kirkland> jiboumans: just the urgency/late-breaking nature of all-things Eucalyptus
<jiboumans> kirkland: of course =/
<jiboumans> better in alpha2 than beta1 though :)
<sub> having three modems that give out the same IP address is not the same as giving each modem the same IP address, not that it matters because that would just be an IP conflict and would result in a broken network
<owh> But the modems are not connected to the LAN, they are only connected to my ethernet sockets.
<sub> i guess i don't really understand your question
<sub> they're in bridging mode?
<owh> No
<sub> do the modems have internal IP addresses?
<owh> Yes
<sub> can you make a diagram of what you are describing? i'm not really sure where you're going with this
<owh> (Remember, there is a forth interface that connects to the LAN.)
<sub> also, have you looked into something like pfSense?
<sub> oh
<sub> so you're saying the modems are connected directly to your gateway
<sub> ok
<jiboumans> zul++ # for doing the landscape code drop
<sub> i don't think you're going to get where you want by using bonding
<jiboumans> i'm very happy looking at this chart: http://piware.de/workitems/server/lucid-alpha2/report.html
<owh> sub yup. Still need a picture?
<sub> no, i think i've got it now
<sub> i still say look into iptables
<owh> I will. Thank you for your comments.
<sub> i've had the best luck with that sort of thing using pfsense, check out http://doc.pfsense.org/index.php/Multi_WAN_/_Load_Balancing and see if it can't get you where you need to go
<sub> #pfsense on this network as well
<owh> sub: This would mean that I'd have to introduce another piece of hardware to run pfsense on, unless I misunderstand.
<owh> In case anyone cares, what I appear to be looking for is called multiwan, thanks to sub for pointing me at pfsense, which lead me down the trail.
#ubuntu-server 2009-12-18
<uvirtbot> New bug: #498022 in php5 (main) "Need package for php5 without suhosin patch" [Undecided,New] https://launchpad.net/bugs/498022
 * sbeattie raises an eyebrow at that bug.
<^robertj> hey all, I need to find a home for my webapp with django and gstreamer deps. I've used Linode in the past, but was wondering if there were any other low-cost virtualization vendors people had had ogood experiences with?
<rbd_> hey guys. I have a few VMware servers ....looking into the ubuntu enterprise cloud product and it looks interesting. Is there a straightforward migration path to move my virtualized systems off of VMware and onto a UEC instance?
<jtaji> ^robertj: I use Linode... I'd say go back to them
<uvirtbot> jtaji: Error: "robertj:" is not a valid command.
 * ^robertj smacks the bot
<^robertj> slicehost seems to have fairly good reviews as well
<jtaji> ^robertj: http://journal.uggedal.com/vps-performance-comparison
<uvirtbot> jtaji: Error: "robertj:" is not a valid command.
<jtaji> meh, I used them too
<^robertj> its also really annoying because VPS bundles together virtualization + jailing
<jtaji> Linode is much better
<Shamoun> hey all
<Shamoun> i am interested in running ubuntu server in a vm on a windows box running xp pro. the system is only 3 ghz and 1 gig of ram, the server won't see many users, most likely less than 2 at any given time. what kind of resource usage can i expect?
<jtaji> Shamoun: well you have to choose how much ram to give the vm, and the rest is left to windows
<Shamoun> jtaji, yea i was wondering more about cpu usage
<jtaji> depends what the users are running
<Shamoun> i gotcha
<jtaji> not terribly much cpu overhead to it
<Shamoun> thanks
<nat2610> if I do a ldd foo.so, I see there is a dependency on /usr/lib/bar.so let say I take those 2 files and put them in to ~/baz/ is there a "definitive" way (so not using $LD_LIBRARY_PATH) to have foo.bar depending on ~/baz/bar.so
<sub> whoever "borrowed" my article and put it on your blogspot (thuannvn) the least you could do is put a LINK back to the original
<slestak> trying to find definitive list of what is included in tasksel Basic Ubuntu Server
<slestak> i have looked at the /usr/share/tasksel/*desc file and that doesnt clear it up
<jtaji> slestak: you can browse task contents in aptitude
<slestak> looking at #269040, looks like i is installed anyway
<lwizard1> hey I was wondering what type of rack mountable server cases would allow for full size standard pci cards ?
<lwizard1> would that be a 2U or 3U ?
<fallous_> 2U generally does PCI cards in a horizontal position
<fallous_> not sure about 3U, but 4U is standard vertical position
<lwizard1> ok so 2U would use the riser cards and the 3U would allow them to be inserted normally vertical?
<lwizard1> ok
<fallous_> no idea if 3U would
<fallous_> 4U does
<fallous_> I've never had to muck with 3U
<lwizard1> and do the riser cards usually allow for 1 or 2 cards ?
<fallous_> depends on the riser, but usually 2
<lwizard1> reason why I need to have 2 PCI cards for a CCTV setup
<lwizard1> fallous_, thanks for the information
<fallous_> np
<thermal_> hi I'm trying to test out ubuntu cloud server in virtual box, I've got it installed and I can access other servers on my network, but I'm having trouble bringing up the admin console, this is the cluster box not a node
<thermal_> any ideas?
<TeTeT> thermal_: you don't need the admin web UI for getting the credentials, you can use euca_conf --get-credentials <zip file> to get started
<TeTeT> thermal_: how to get to the admin web UI depends a bit on the network setup of your virtual box environment. I'm not an expert there, but I guess if all fails you can simply install ubuntu-desktop on the front-end server and browse locally from there
<TeTeT> thermal_: need to dash now, but will be back in 4-5 hours
<thermal_> I'm just trying to access the admin console right now, having some issues actually talking to the virtual box instance, its assigning a 10.0.x address right now
<KurtKraut> Uia, Twitter.com tomou deface: http://www.techcrunch.com/2009/12/17/twitter-reportedly-hacked-by-iranian-cyber-army/
<thermal_> how long do the euca-describe commands normally take? I tried euca-describe-availability-zones and euca-describe-instances but both just hang
<kees> soren: http://smcv.pseudorandom.co.uk/2009/12/gfcombinefs/
<jiboumans> morning
<thanks> Is it possible to "mount" multiple drives into a single folder? Currently i have 4(5 if you count the os) drives configured as /storage/1-4/, 500gb in /storage/1/ 500gb on storage/2/ ect, i want to know if i can make /storage/4/movie/ display the contents of storage/4/movie/ as well as storage/1/movie/ as a single directory. This is so i can browse it in samba and view the files it contains without needing subdirectorys/folders.
<jiboumans> thanks, afaik, not without trickery
<thanks> alright
<thanks> thank you :), wasn't sure if there would be an easy way, i figured there would not be and thats why most people just mount diffrent drives to diffrent subfolders
<uvirtbot> New bug: #498129 in dovecot (main) "Dovecot ignores maildirsize file (quota)" [Undecided,New] https://launchpad.net/bugs/498129
<jgjones> Hello
<jgjones> I'm having issues trying to get a bridged network working with a KVM guest, would someone be able to help?
<jiboumans> jgjones: there's a few people quite familiar with kvm on the channel, perhaps if you ask your question, they'll be able to help
<jgjones> OK...
<jgjones> The trouble is how to write my question but I'll try
<jgjones> I have a server with OVH
<jgjones> and I have a block of RIPE IP's which I want to assign to my virtual guests - this is where I'm having problems
<jgjones> At present it would seems that I have a NAT'ed network for my guests instead of them using bridged network - I have configured the domain.xml to say bridge etc but I can't see to get my guests to work with their assigned IP - how can I resolve it?
<jiboumans> jgjones: relevant log entries and a pastebin of your config would probably be a good first input
<jgjones> Look like I'll have to come back at a later time, just got called out but I'll try and put as much into pastebin in preparption for next time I'm back in here
<nucking> hey everyone, i'm having a bit of a problem with my little ubuntu-server
<nucking> i'm trying to use it as my server, and i was able to connect it with the internet on one nic and with my home network on the other
<nucking> erm, i'm trying to use it as my router
<nucking> :P
<nucking> my first problem is that i have to sudo /etc/init.d/networking reset each time i want it to connect to the internet
<nucking> it does not automatically do that, and i also need to unplug my modem for it to work
<nucking> does anybody have a clue what might be causing that?
<acalvo> hi all
<nucking> the external interface fetches the configuration from the dhcp of my isp automatically btw
<nucking> hi acalvo
<acalvo> I'm trying to set up a dns server, and most of the things are working ok. However, if I run host <ip> it does not resolve to the name of the host
<acalvo> however, host <hostname> works
<arj> use dig
<arj> to begin with
<nucking> could it be that installing a dhcp server on my machine interferes with the dhcp of my isp? which leads to my server no longer connecting properly to the "outer" dhcp?
<acalvo> nucking: does not seems reasonable
<nuckable> i know :P
<nuckable> it's just weird, cause when i first set up the external interface everything worked fine
<nuckable> but from the moment i installed dhcp and tried acting as dhcp for my internal network it started going bogus
<nuckable> but i'm not really sure if thats because of my internal dhcp server
<acalvo> try to disable it
<acalvo> and do some digs, pings, and hosts
<acalvo> to see if you can reach the internal lan and the external
<acalvo> put a static ip in some host in your local lan
<acalvo> and then start working with your dhcp
<acalvo> AFAIK, a dhcp server only works under the same lan domain
<nuckable> well i was able to set up both internal and external network
<acalvo> because it works at the network layer 2
<nuckable> the problem is that the machine does not fetch the information of the external dhcp on boot
<nuckable> and i have to reboot my modem each time i wanna connect it to the internet
<nuckable> i have to manually restart the modem and restart the networking...
<acalvo> what's your network topology?
<nuckable> well right now im connected directly to the modem
<nuckable> but i'd like to have my little server act as router (connected directly to the modem)
<nuckish> bbl
<sgronblo> tried setting up apache to accept ssl connections but im getting a "Error code: ssl_error_rx_record_too_long"
<arj> that usually means you try to talk https to a port that only speaks http
<sgronblo> is there a way to find out which part is incorrectly configured
<sgronblo> i copied default-ssl and a2ensited it and changed only the key and cert locations and added an alias directive to it
<sgronblo> i remember being on a page with a long list of troubleshooting advice the other day but i cant remember where it was
<uvirtbot> New bug: #498174 in eucalyptus (main) "Maximum number of 8 loopback devices low for SC" [Wishlist,New] https://launchpad.net/bugs/498174
<sgronblo> another weird thing, if i access http://localhost i get the itworks page but not if i go through http://127.0.0.1 even though localhost is defined as 127.0.0.1 in /etc/hosts
<sgronblo> shouldnt virtualhost *:80 apply to both requests?
<zul> morning
<sommer> yo
<sgronblo> well it seemed that my <virtualhost test> was messing things up when i didnt explicitly specify port 80 for it
<sgronblo> i thought since i specified 80 for namedvirtualhost it would have been implied for the virtualhost directives with a name as parameter
<jgjones> hello, back now.
<jgjones> I'm having issues trying to get a bridged network working with a KVM guest, would someone be able to help?
<jgjones> First of all I'll put up my pastebins: - http://pastebin.com/md91181d - /etc/network/interfaces for my host server
<jgjones> http://pastebin.com/m15a75da2 - default.xml (for the virtual network)
<jgjones> http://pastebin.com/m1b7a9ca7 - domain.xml (for the KVM guest - which is running Karmic server) and the host is also Karmic 64 bit server
<jgjones> I have a block of RIPE IP's that I need to assign to KVM guests, but I seem unable to do this and can't figure out where I'm going wrong.
<jiboumans> kikrland: around?
<jiboumans> kirkland also
<jgjones> jiboumans, maybe not - this shown up in #ubuntu-virt recently: * kirkland has quit (Read error: 110 (Connection timed out))
<jiboumans> kirkland` exists though :)
<ttx> jiboumans: he is technically in vacation now
<zul> geez...slackers
<zul> ttx/jiboumans: People might find this script useful http://people.canonical.com/~chucks/server_version.py it compares what we have in the archvie and compare it to debian testing
<zul> jiboumans: you might not like it because its not done in perl ;)
<Stormyy> Hey
<Stormyy> Anyone know how to save a Ubuntu EC2 instance?
<sub> just make a quick rewrite rule or symlink server_version.pl to server_version.py and he'll never know
<Stormyy> I've started a new instance and got it setup how I like it I ust need to know how to save it.
<Italian_Plumber1> how do I upgrade directly from hardy to lucid?
<zoopster> Stormyy: you just need to rebundle it...plenty of tutorials out there on the steps
<Stormyy> Can I not save it all on a volume?
<Stormyy> So I start an instance based on the volume?
<zoopster> you could snapshot it, sure
<Stormyy> Ok how do I do that?
<Stormyy> Basically I want to be able to terminate the instance and start it back up
<Stormyy> at a later date
<Stormyy> and get everything from when I ended it
<erichammond> Stormyy: Here's one tutorial on rebundling EC2 instances (mine): http://alestic.com/2009/06/ec2-ami-bundle
<erichammond> Stormyy: An alternative recently introduced by Amazon is EBS boot AMIs which keep your root disk on an EBS volume.  You can stop and restart your instance without paying to have it running all the time.
<Stormyy> yeh do you have a AMI code for a EBS one?
<mdz> kirkland`: eucalyptus 1.6.2~ should hit the archive today, see #-meeting
<ttx> kees: many thanks for the fast processing
<ttx> man, I hate those so-called testsuites
<kees> ttx: you're welcome.  thanks for getting those suites running.  :P
<ttx> kees :P
<uvirtbot> New bug: #491963 in genshi (universe) "MIR for genshi." [Undecided,Fix released] https://launchpad.net/bugs/491963
<uvirtbot> New bug: #492560 in beautifulsoup (universe) "MIR for beautifulsoup" [Undecided,Fix released] https://launchpad.net/bugs/492560
<uvirtbot> New bug: #498246 in mysql-dfsg-5.0 (universe) "no cargo" [Undecided,New] https://launchpad.net/bugs/498246
<uvirtbot> New bug: #498251 in libvirt (main) "libvirtd fails to run user defined emulator permission denied" [Undecided,New] https://launchpad.net/bugs/498251
<pmatulis> kirkland`: so ltsp + iscsi ain't working out so well
<pmatulis> kirkland`: + ecryptfs i should add
<erichammond> Stormyy (gone): Neither smoser nor I have gotten around to publishing EBS boot AMIs for Ubuntu just yet.  I don't know who's going to get to it first :)
<erichammond> bug 492048 is my request for official ones
<uvirtbot> Launchpad bug 492048 in ubuntu "Create "EBS boot" AMIs for Amazon EC2" [Undecided,New] https://launchpad.net/bugs/492048
 * erichammond heads off to the office to debug VOIP over dual-WAN router problems in a new network installation.
<Sorell> does anyone have any information on setting up a nameserver?
<Italian_Plumber1> heh... I was just going to ask a quesiton about DNS
<Sorell> :)
<sub> Mostly depends on if you're looking for a recursive DNS server (also known as a resolving, forwarding, or caching server) or an authoratative nameserver (to host your domain.com, for example)
<Sorell> I want to host my web site
<sub> OK
<Sorell> I was told by the group that registered the domain that I need a nameserver
<sub> Then the software you most likely want to look into is called 'bind', sometimes referred to as 'named'
<sub> Maybe even djbdns
<sub> The learning curve on DNS is kind of steep IMHO, if you can get away with it I'd look into hosted DNS
<sub> Some registrars offer that as a free service
<sub> Otherwise you can check out the Ubuntu server guide for the version fo Ubuntu you are running, for example https://help.ubuntu.com/8.10/serverguide/C/dns-configuration.html
<ScottK> Sorell: Running a DNS server is not a trivial thing to take on.  My recommendation is let a DNS expert do that.  If your registrar doesn't provide DNS services, there are plenty of people that do.
<Sorell> I'm really doing this whole thing to learn so I don't mind a steep curve ( got all Christmas break :) )
<sub> heh, +1 agree
<sub> I'd stick with the ubuntu server guide for the initial setup, but also read into how DNS works as a whole, paying careful attention to things like absolute names and the start of authority and serial
<sub> but do realize that if your DNS host goes down so does access to any services being hosted under that domain (your website, for example)
<Sorell> sub: yes I understand that
<sub> OK
<sub> Then I have given all the advice I can give you until you have more specific questions :-)
<Sorell> thankyou for your help so far I'm starting to read about bind right now and will be looking at the setup guide soon. If there is anything else you believe I should know I always apperciate advice
<nucking> hey there, i was able to fix my problem from earlier where my isps dhcp would not be fetched on boot, had to assign static values for the interface
<nucking> but now im struggling with routing the internet connection from eth0 to the eth1 interface
<nucking> which place should/could i check to see why it doesn't work?#
<Italian_Plumber1> recursive vs. authoritative ... which is the more complicated?  authoritative, i assume
<sub> yes
<Italian_Plumber1> because I run a DNS server at home and at work.... neither are "public"... both exist so taht I can use DNS names to resolve to local IPs... making accessing boxes inside my LAN easier.
<Italian_Plumber1> all other requests they send to our ISP DNS servers.
<sub> so you are running both on the same instance of bind
<sub> both authoratative and recursive
<Italian_Plumber1> yes, but authoritative only for the "local" addresses.
<Italian_Plumber1> is that bad?
<sub> no, that's a pretty common setup
<nucking> http://www.gametrailers.com/video/review-final-fantasy/60121
<nucking> whoops
<nucking> lol
<Italian_Plumber1> we have corp.domain.com as our "local" addresses.  So anyone requesting name.corp.domain.com from inside our network will resolve to a local IP.
<Italian_Plumber1> This is my setup: /http://pastebin.com/maa2a273
<Italian_Plumber1> http://pastebin.com/maa2a273
<ruben23> hi how do i chnage the resolution of my screen on ubuntu-server
<Italian_Plumber1> text-only?
<Italian_Plumber1> I did that once... but I don't remember how
<Italian_Plumber1> http://ubuntuforums.org/showthread.php?t=352663
<Storm3yy> Hey
<Storm3yy> Anyone know where I can find a EBS Ubuntu image for EC2?
<x-m4-x> Hello im back................
<Storm3yy> HEy
<Storm3yy> Is anyone using the EBS on EC2?
<uvirtbot> New bug: #497440 in backuppc (main) "apache2 configuration stanza not installed" [Medium,Confirmed] https://launchpad.net/bugs/497440
<teddymills> what is with the UUIDs that Ubuntu boots from? Does this not cause problems?
<ScottK> No, this solves problems.
<ScottK> It's the only way to make sure the BIOS doesn't re-arrange devices underneath the OS after a reboot.
<x-m4-x> My new installation wont resolve anything
<Storm3yy> Anyone know how to make my account into an admin account?
<guntbert> !root | Storm3yy
<ubottu> Storm3yy: Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo
<guntbert> Storm3yy: if you *really* *need* a root shell you can get it with sudo -s (but I almost never need it)
<Storm3yy> ok
<Storm3yy> I have a app running and I want to close putty
<Storm3yy> but will it exit?
<Storm3yy> I want it to stay open
<guntbert> Storm3yy: no, it will close if you didn't invoke it with nohup or under screen
<Storm3yy> How do I do that?
<Storm3yy> guntbert - you there?
<teddymills> Sudo is the root password the matrix wants you to believe in. Do not let the matrix fool you Neo. Root password is one you need when the sudo fails.
<Storm3yy> No
<Storm3yy> How doI keep stuff running when I close the window?
<pting> what's the best way to store a lot of log website files... i'm about to setup individual directories like so /var/log/nginx/mysite.com/ ... can anyone else suggest a better approach?
<guntbert> Storm3yy: I'm back - you can either run your command  with nohup <command> & - or you install screen (and read man screen afterwards) - I prefer screen
<Storm3yy> Can you help me setup?
<guntbert> Storm3yy: you have to install screen
<Storm3yy> ok iI think screens installed
<Storm3yy> when I type 'screen'
<Storm3yy> it gives me an into
<guntbert> Storm3yy: good (please do read man screen), I can give you only a short one : after the intro start some app (top...) , then type <ctrl>AD to "detach" screen from the terminal, then close the ssh session
<guntbert> Storm3yy: now reopen a ssh session and type screen -r     -   voila
<Storm3yy> I'm pressing ctrl+ad
<Storm3yy> but it dosnt work
<guntbert> Storm3yy: how does it not work?
<Storm3yy> Nothing is comming up
<Storm3yy> when I press ctrl and A
<guntbert> Storm3yy: of course not, thats the key combo for screen to know it should intercept the next key, so please press ctrl+a, then release both and press d
<Storm3yy> hmm now the process closed
<Storm3yy> ok
<Storm3yy> Ok no it never
<guntbert> Storm3yy: now proceed as I said before
<Storm3yy> ok how do i load it back up?
<guntbert> Storm3yy: please read back ^^^^^^
<Storm3yy> yeh you didnt say how to restore the window
<guntbert> Storm3yy: now reopen a ssh session and type screen -r
<Storm3yy> hmm
<Storm3yy> yay done :D
<Storm3yy> ty
<guntbert> Storm3yy: all well?
<Storm3yy> Yep tnx
<guntbert> Storm3yy: nice :-)
<pting> i don't suppose logrotate config files support /var/logs/mylogs/**/*.log {...} ?
<pting> for recursing into directories
<dragon> how do I ensure that a service always runs at system startup?
<dragon> For example, I have this karmic server with apache. I never turned the service off or anything, but I have to run it manually after every reboot.
<dragon> I have another karmic server for reference, which functions as expected.
<dragon> There's no /etc/init/apache.conf on either box.
<dragon> it's apparently a bug - ping me and i'll provide the necessary details
<intel352> hey all, i just upgraded my rackspace-cloud Ubuntu 9.04 server to 9.10, but i'm getting a mountall error at boot
<intel352> i don't appear to have a menu.lst (suggested in a bugfix thread)
<intel352> should menu.lst exist, or is something else being done on the cloud?
<dragon> intel352: menu.lst was a part of the old grub system. The new grub2 bootloader doesn't need that.
<dragon> I'd think grub has nothing to do with grub
<intel352> grub has nothing to do with grub?
<dragon> I'd think mountall has nothing to do with grub
<intel352> getting this error if i run mountall --debug
<intel352> mountall:/proc:Â unableÂ toÂ mount:Â DeviceÂ orÂ resourceÂ busy
<dragon> intel352: "This is a temporary tool until init(8) itself gains the necessary flexibility to perform this processing;  you should not rely on its behaviour."
<dragon> from `man mountall`
<intel352> i'm not necessarily trying to rely on it
<dragon> I believe it wouldn't help running it from a terminal manually. What's the error that you get at boot time?
<intel352> just trying to get my server to boot up
<intel352> the proc error that you saw, same error
<intel352> also says proc/self/mountinfo doesn't exist
<dragon> intel352: I see some output when I run `cat /proc/self/mountinfo` from a terminal. Could you try it out?
<intel352> no such file or directory
<dragon> intel352: what problems is this error causing?
<intel352> causes booting to fail, unable to mount root filesystem, tosses me into an emergency shell
<dragon> intel352: damn. Try `mount -a`
<intel352> http://ubuntuforums.org/showthread.php?p=8156697 << looks like similar error here (
<intel352> k, trying
<dragon> intel352: do you see the sreadahead error as well?
<intel352> I just restarted to see, 1s
<dragon> It's a chain of errors in that case. It'd help to attack the first error first.
<intel352> init:Â ureadaheadÂ mainÂ processÂ (2167)Â terminatedÂ withÂ statusÂ 5
<dragon> Apparently it's the grub thing not pointing to the correct kernel
<dragon> So yes, a grub problem.
<intel352> if there is no grub cnf in /boot, i assume that's a problem? :-)
<intel352> dunno how that would have disappeared either, assuming it was there to begin with
<dragon> intel352: It does see at least one linux kernel, that's why you're getting this far.
<intel352> uname shows i'm running 2.6.24-24-xen, same as prior to upgrade. /boot/ lists 2.6.31-16-generic
<dragon> I believe you can't get to /boot/
<dragon> since you are unable to mount the filesystem
<dragon> intel352: ^
<intel352> I'm able to read and access /boot
<intel352> and files on the filesystem
<intel352> unless that's what the emergency shell is able to load?
<intel352> i'm researching xen, looks like it boots up differently anyhow
<intel352> explains why i have no grub conf
<dragon> intel352: could you pastebin `df`
<intel352> http://ubuntu.pastebin.com/d230c97fc
<intel352> :-\  http://ubuntuforums.org/showthread.php?t=1354154
<dragon> intel352: please consider using prefix for catching attention
<dragon> intel352: so /dev/sda1 is mounted normally - you should be able to reconfigure grub in /boot/ somehow
<intel352> per that thread though, I need a xen specific kernel
<intel352> which I don't have
<mike3> I have a messed up kernel and grub setup. I need to reinstall a kernel and the grub config
<mike3> can somebody please please help me
<intel352> and emergency shell doesn't appear to provide net (or may be manual)
<dragon> mike3: how far is your machine booting?
<mike3> Won't get past grub
<mike3> i'm currently in teh rescue section of the live cd
<mike3> not sure what to do
<dragon> intel352: do you see multiple kernel entries in grub menu?
<dragon> mike3: how did you mess it up?
<mike3> i had a problem updating via apt-get install linux-server .. Dpkg --configure woouldn't work. So i moved everything in my /boot except /boot/grub and redid the update portion and well now i cant boot
<mike3> i tried to copy all my contents back from /boot but i'm getting an error 13
<mike3> so i'm confused now
<mike3> so basically, if i can install a kernel from scratch in the rescue cd that should do it
<mike3> i'm assuming it will fix my grub as well
<dragon> mike3: I think you might be better off reinstalling the whole thing. Did you have data there? and settings?
<mike3> i have a ton of information
<mike3> i can't loose this.
<mike3> I just need to install a kernel
<mike3> how can i do this
<mike3> ?
<dragon> mike3: if you're unable
<dragon> ... to boot, I don't know if it'll get far enough.
<intel352> dragon: I'm not seeing a grub menu. this is a remote cloud-hosted server, java console doesn't show the menu
<mike3> dragon, I'm in the resuce cd
<X-Sleepy-X> mike3: You could save the information by booting up a live cd on the server
<X-Sleepy-X> nm
<mike3> X-Sleepy-X, i don't want to reinstall everything.. Why should i have to do that
<mike3> There should be a way of installing a kernel from apt-get no????
<dragon> intel352: see if this helps. https://help.ubuntu.com/community/Grub2
<dragon> intel352: there's a section to reconfigure it. If that doesn't help at all, there's another one to revert to legacy grub.
<dragon> mike3: not if you cannot boot to the OS at all.
<intel352> dragon: thx
<mike3> dragon, you can in gentoo
<intel352> mike3: gentoo is a different beast :-)
<mike3> how can I remove a package and all it's dependencies
<mike3> and configuration scripts
<mike3> everything
<dragon> mike3: I'm not sure why you were installing linux-server in first place. You should have went for ubuntu-server package instead.
<dragon> mike3: dpkg --purge <package>
<intel352> dragon: I'm in luck, rackspacecloud has a Rescue Mode for the server, I'm enabling that now
<dragon> intel352: cool, good luck
<mike3> urgh...
<uvirtbot> New bug: #498358 in php5 (main) "bogus "curl_setopt(): CURLPROTO_FILE cannot be activated when in safe_mode or an open_basedir is set" errors" [Undecided,New] https://launchpad.net/bugs/498358
<dragon> Is there a way to set the order in which services are invoked at startup? My apache tries to start before tomcat and hence dies.
<mike3> forget this.
<mike3> i'll reinstall ubuntu
<mike3> do I have to format the drive?
<mike3> ???
<mike3> can i just do an upgrade with the disk?
<dragon> mike3: you should backup your data elsewhere before reinstalling ubuntu.
<mike3> can i upgrade?
<mike3> with the newest versio from disk
<mike3> this way it corrects things but also leaves everything installed intact
<mike3> ?
<dragon> mike3: it doesn't work that way.
<mike3> why
<dragon> mike3: your system needs to be in a running condition when you upgrade. You cannot have a car accident, remove the starter mechanism and then ask the mechanic to upgrade the engine so it starts running again.
<masshuu> i want to do somthing simular to the towel.blinkenlights.nl, were i assume the connection is run to an application instead of a login prompt then a bash window, ive partally gotten there so when i log into a certian user, it goes straight to the app, but i was looking to un somthing like a second sshd on another port and have all incoming connections ruin the app
#ubuntu-server 2009-12-19
<arj> force command
<arj> or maybe you have that part already
<masshuu> i just modified /etc/passwd to run a bash file instead of /bin/bash for that user
<masshuu> though its not like i absoutly need it, im just playing around with an idea, ill probably drop the idea if i can't get this done
<dragon> masshuu: why do you want to ruin the app by incoming connections?
<dragon> Is there a way to set the order in which services are started by upstart? My apache tries to start before tomcat and hence dies.
<masshuu> im playing around with the idea of a fake OS(im not gona go into the details cause last time i did i was met with alot of 'wtf' 'theres cygwin, etc, and no one ever answerd my question at the time, though i solved it my self)
<masshuu> and i would love the ability to "SSH" into this fake os
<dragon> masshuu: aren't you doing it through windows?
<masshuu> ?
<masshuu> brb real quick
<masshuu> main qiestion is, im sure that when a connection is accepted by sshd, its got to run a script or somthing for the login prompt and then the info stuff like
<masshuu> Ubuntu comes with ABSOLUTELY NO WARRANTY bla bla bla
<masshuu> To access official Ubuntu documentation, bla bla bla
<masshuu> though thats the motd file
<masshuu> would i need to modify the sshd source directly? to make my custom server?
<masshuu> also dragon, check the /etc/rc*.d/
<masshuu> or there should be a script to let you change it
<dragon> masshuu: it used to be that way until upstart was implemented
<ruben23> hi i sload avarge 11.59  normal status for an particular application.r, im running on a dual core processor Xeon..with 4GB Ram..
<dragon> ruben23: sudo top
<ruben23> yes im using htop
<dragon> ruben23: something unusual there?
<ruben23> and i can see my average running 11.59 is that a desirable value for my server load..?
<ruben23> or my server are putting its power on it to run an application na having that value..
<masshuu> ill probably just write a telnet server and use that
<ruben23> dragon: any comment
<dragon> ruben23: anything over 1 is not desirable for load average.
<ruben23> dragon: what option should i have for it..?
<ruben23> actually im running 64bit ubuntu server.
<dragon> ruben23: in top, sort by processor usage and see what process is using the most.
<ruben23> yews i already identified it...it an IP telephony..application..
<ruben23> should i upgrade the hardwares.
<dragon> ruben23: if everything is configured properly, then yes.
<dragon> ruben23: how much processor do you have?
<ruben23> whats the command to see the specs of my processor..?
<sub> cat /proc/cpuinfo
<ruben23> dragon: Intel(R) Xeon(R) CPU Dual Core    3040  @ 1.86GHz
<ruben23> thnaks --->sub:
<ruben23> hi i ahve setup an LVM on my ubuntu server setup, then why it says on reboot that---> volume have mounted 25 times.. need to scan..
<MTecknology> I think I setup remote logging correctly but I don't know where the logs wind up..
<magicrobotmonkey> Hi, i just set up a ubuntu server instance on amazon's ec2, but it can't find any of the LAMP packages I want to install, how do i fint them?
<magicrobotmonkey> der, had to update, nm
<Nwallins> does the minimal cd support wifi for package downloads?
<Nwallins> it appears not: http://brainstorm.ubuntu.com/idea/13283/
<jmarsden> MTecknology: I'm confused by: "I think I setup remote logging correctly but I don't know where the logs wind up.."  Surely, if you set it up correctly, then they "end up" on the central logging server which you configured the other machines to send their log entries to, by definition.  So, if you don't know where the log entries end up, what evidence leads you to think that you set it up correctly?
<MTecknology> jmarsden: I don't know where they're stored on the logging server
<jmarsden> MTecknology: You configured it... so they are stored where you configure it to store them... under /var/log is common... ?
<MTecknology> jmarsden: I was under the impression there was a default place for the logs to end up at
<jmarsden> Read /etc/syslog.conf .  I don't think there is a *.* entry in there active by default in Ubuntu.  But since you already configured both the remote host(s) and the central log server... you must already know what you set up in there... right?
<jmarsden> There is a    *.*;auth,authpriv.none          -/var/log/syslog     entry on my system here, so /var/log/syslog is one place to start looking :)
<jmarsden> MTecknology: Same line is in /etc/rsyslog.d/50-default/.conf on a Karmic server, so... definitely try /var/log/syslog for (non-auth) log entries.
<MTecknology> jmarsden: I read a blog saying I need to edit /etc/sysconfig/rsyslog but the file doesn't exist
<jmarsden> MTecknology: Quit reading blogs, start reading man pages :)
<MTecknology> jmarsden: the man pages didn't prove very helpful
<jmarsden> I think that location is a RedHat-oriented one, BTW.
<MTecknology> you know what the alternative is?
<jmarsden> MTecknology: What are you trying to find out by reading {blogs,man oages} ?
<MTecknology> and ya - in my drunken state i missed that
<jmarsden> /etc/rsyslog.conf and /etc/rsyslog.d/*   # in Karmic...
<MTecknology> oh
<MTecknology> interesting... - it also mentions editing /etc/rsyslog.conf
<jmarsden> BTW, a quick    locate rsyslog     would have revealed this to you :)
<MTecknology> hm?
<MTecknology> that file isn't the equiv
<jmarsden> Equiv of what?
<jmarsden> What are yo actually trying to configure?
<MTecknology> remote logging for 3 servers
<jmarsden> Right.  So you configured the 3 remote servers to send some/all of their log events to the central server, right?  and you verified that they really do send such log info to that server, perhaps using jnettop or tcpdump or whatever network tool you prefer, right?
<jmarsden> So all that is left is to see what the log server does with those incoming log entries...
<jmarsden> am I correct?
<MTecknology> nope
<MTecknology> thanks
<MTecknology> I'll try jnettop
<MTecknology> I'm doing this right now :P -> grep 'SYSLOGD_OPTIONS' /* -d recurse
<MTecknology> I need to change that; then I'll use jnettop to verify data xfer
<jmarsden> MTecknology: Why?  You are (I think) running rsyslog not syslogd
<MTecknology> ya
<jmarsden> :)
<MTecknology> I need to change a value there on each host though
<MTecknology> I need -r and -t on the server and -h -t on the clients
<jmarsden> I think you may be confused... rsyslogd does not seem to have those options, according to its man page...
<jmarsden> What makes you think you need them?  or did I read the wrong man page...?
<MTecknology> jmarsden: -t is for tcp
<jmarsden> man rsyslogd and look for a -t option in it...
<jmarsden> I doubt you will find one.
<MTecknology> it also doesn't show -r (remote)
<jmarsden> Good, now you're reading a source of information that is likely to be accurate :)
<MTecknology> hu?
<MTecknology> I know -t and -r are options......
<jmarsden> How do you know this?  You read the rsyslogd source code?
<MTecknology> I'm considering it
<jmarsden> How do you currently "know" this?  What leads you to believe this?
<MTecknology> every single page i read online says rsyslog has these options
<jmarsden> As I said earlier: <jmarsden> MTecknology: Quit reading blogs, start reading man pages :)
<jmarsden> rsyslog has very probably changed...
<MTecknology> there were online man pages i read with this
<jmarsden> That matched the exact version of rsyslog on your machines?
<MTecknology> I just want remote logging
<jmarsden> So quit arguing with me and use the man page info to configure remote logging, instead of wasting time with blogs etc... :)
<qman__> the local man page is going to be the most accurate source of information for the locally installed version
<MTecknology> hm... http://manpages.ubuntu.com/manpages/hardy/man8/rsyslogd.8.html
<jmarsden> That's rsyslog 1.19.12-1, Karmic has 4.2.0 ... note the large version number change...
<MTecknology> :P
<jmarsden> Which version are you actually running?
<MTecknology> that's just a quick search
<MTecknology> karmic
<jmarsden> Then use Karmic documentation :)
<qman__> then that information is totally irrelevant
<MTecknology> I'm looking at this now - http://manpages.ubuntu.com/manpages/karmic/man8/rsyslogd.8.html
<MTecknology> hurray - I'm lost
<MTecknology> jnettop
<jmarsden> Read the sentence "For details and configuration examples" maybe?  Then follow the link to more docs ...
<MTecknology> emplar.kalliki.com <-> li107-143.members.linode.com
<MTecknology> That's my CRM server
<MTecknology> data is coming into the system
<jmarsden> OK.  Are you sending it as UDP syslog, TCP syslog, or RELP ?
<MTecknology> TMP
<jmarsden> TMP?  What's that?
<MTecknology> TCP*
<jmarsden> Ah :)
<MTecknology>  192.168.1.7                                                           514    TCP  192.168.1.5                                                         53414       0b     74b      74b
<MTecknology> it's coming in .... that's a good thing
<MTecknology> I have $AllowedSender TCP, 127.0.0.1, xxx.xxx.xxxx, ..
<MTecknology> it should be winding up in /var/log/MACHINE/*
<jmarsden> MTecknology: You configured expression based filters to do that, before you read the docs?  That would be impressive, if it worked.
<MTecknology> jmarsden: such as this - $template DynAuth, "/var/log/%HOSTNAME%/secure.log"
<jmarsden> MTecknology: Maybe try filtering just by old fashioned selectors first and see if the msgs then get logged mixed in with the local log entries?  Then if that works, start exploring the expression-based stuff?
<jmarsden> Ah... I need to go pick up some kids and drive them home... back fairly soon, I hope...
<MTecknology> i just smashed my finger ;"(
<MTecknology> :'(*
<MTecknology> OW!
<MTecknology> jmarsden: so just leave these lines?   $ModLoad imudp.so   $TCPServerRun 514   AllowedSender TCP, 127.0.0.1, 192.168.1.0/24, xxxx   ?
<MTecknology> jmarsden: with just that it doesn't seem to do anything wither
<MTecknology> jmarsden: actually 0 having it all filter into the same logs might be best
<MTecknology> I'm still royally freakin' lost right now :(
<MTecknology> jmarsden: I think I have everything getting to the remote server the way I want it to - it's just not being stored
<Doonz> Hey guys i have a ubuntu 8.04 server. Was wondering if you could point me to the most correct how-to for installing vmware server onto the box Thanx
<MTecknology> twb: make me not go insane
<twb> MTecknology: that's beyond my power
<MTecknology> twb: help me with logging then?
<twb> MTecknology: how so?
<MTecknology> twb: I'm trying to have rsyslog log to a remote system over TCP - is seems to be arriving at the loggin server just fine; on the server I have these lines   $ModLoad imtcp.so  $TCPServerRun 514  $InputTCPServerRun 514  AllowedSender TCP, 127.0.0.1, 192.168.1.0/24, xxxx
<MTecknology> hrm - I missed "$" at the start of the last line but I doubt that did it
<twb> MTecknology: did you look at the local log output after restarting rsyslog?
<kees> MTecknology: does the remote rsyslog actually bind to port 514 tcp to listen?
<twb> Did you start rsyslog by hand with full debugging and "don't detach from tty" options?
<MTecknology> twb: no
<twb> MTecknology: do so
<MTecknology> kees: hmm... netstat -a doesn't show it
<MTecknology> twb: I'm trying to run in debug
<MTecknology> paste.ubuntu.com uses openid now?
<MTecknology> neat
<MTecknology> kees: twb: I found an error but no errors now; still no bind to 514 and here's the debug output - http://paste.ubuntu.com/343845/
<MTecknology> ..... this is irritating me
<MTecknology> twb: hm... local logs - Dec 19 05:31:42 insto kernel: [118952.786346] [UFW BLOCK] IN=eth0 OUT= MAC=fe:fd:48:0e:bb:c0:00:d0:d3:9f:81:36:08:00 SRC=61.176.216.25 DST=72.14.187.192 LEN=40 TOS=0x00 PREC=0x00 TTL=105 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
<twb> MTecknology: I've helped all I can.
<MTecknology> that's the issue... where's the port?
<MTecknology> i forgot tcp is 3-way
<MTecknology> dpt must = dest port
<MTecknology> uh-oh - no idea what to do now...
<MTecknology> maybe I need to use UDP instead
<MTecknology> GAH!!!!!!
<MTecknology> This should be so simple
<MTecknology> YES!
<MTecknology> YES!
<MTecknology> now I need to figure out ufw rules
<MTecknology> and now I think my servers are finally setup.... just need to cofnigure backups; the logging system mailing; and a few other smaller things
<MTecknology> HURRAY!
<MTecknology> now logcheck won't let me send out any email
<MTecknology> I jsut disabled ufw so that's not doing it
<MTecknology> sudo -u logcheck logcheck -o givs me expected output so it must just be with smtp now
<MTecknology> helps if I install to the right server though
<Aiya> Is that possible to make shell using ubuntu?
<acovrig> This is a sad question - what exactly is the cloud thing?
<fahadsadah> Lol.
<fahadsadah> acovrig: Basically, the internet is the cloud
<fahadsadah> </oversimplification>
<acovrig> so you make your own internet hub?
<sektorNBA> hi
<sektorNBA> anyone skilled with squid_ldap_group ?
<Liberty> I have 2 ubuntu systems Desktop and server Cups is running on server. Dsktop prints through server.but I want to add my windows system. to cups, Drivers installed but windows can't connect
<Liberty> Howdo I geet my server to a widows request
<MTecknology> twb: what's that runlevel editor you like so much?
<Storm3yy> Hey, can somone help me install LAMP?
<MTecknology> Storm3yy: sudo tasksel
<MTecknology> Storm3yy: pick LAMP Server and press Enter; done
<Liberty> I have 2 ubuntu systems Desktop and server Cups is running on server. Dsktop prints through server.but I want to add my windows system. to cups, Drivers installed but windows can't connect
<Liberty> how can i print from my windows system
<MTecknology> !repeat
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. You can search https://help.ubuntu.com or http://ubuntuforums.org while you wait.
<Liberty> Sorry i saw some new people join the channel I am on forums too but there there is lots of noise on cups search
<Storm3yy> MTecknology - How do I select it? I've scrolled down and hti enter
<Storm3yy> but it dosnt select it it just goes back
<ScottK> Storm3yy: Hit the space bar
<Storm3yy> Nice ty
<Storm3yy> Will LAMP start automatically each time I turn it server on etc?
<ScottK> Yes.
<Storm3yy> Nice ty :D
<Diamant> hallo
<Storm3yy> Does LAMP come with a control panel?
<Storm3yy> a web one?
<MTecknology> ScottK: You know of any easy way to manage default cron tasks aside from ls, mv, rm, and vim?
<Diamant> ohh install 9.10 after 9.04 my sabmba dony work nobody cant connect and open my folders on server
<MTecknology> Storm3yy: no
<Storm3yy> Ok
<Storm3yy> Anyone used phpmyadmin before?
<MTecknology> Storm3yy: LAMP = Linux Apache MySQL PHP; It installs the most common parts that the servers use including modules to interact with each other
<MTecknology> Storm3yy: many people use it but learning things via cli can teach you a lot more
<Storm3yy> I've just installed phpmyadmin to manage the databases
<Storm3yy> How do I get it accessable via the web?
<Storm3yy> Yeh I'm working on that.
<Storm3yy> I done sudo apt-get install phpmyadmin to install it
<Storm3yy> Solved it
<Storm3yy> =]
<twb> MTecknology: rcconf
<Liberty> how do I enable cups to accept print jobs from my vista puter
<Storm3yy> Hmm
<Storm3yy> How do I make my ubuntu user an admin
<Storm3yy> I cant use sftp permision denied
<ewook> Storm3yy: you can use it, but you don't have permission for the files in question I guess. try sftp something from your home folder.
<Storm3yy> yeh it works
<Storm3yy> but I need to edit files in the etc folders etc
<jtaji> !sudo | Storm3yy
<ubottu> Storm3yy: sudo is a command to run programs with superuser privileges ("root"). Look at https://help.ubuntu.com/community/RootSudo for more information. For graphical applications see !gksu (Gnome, XFCE), or !kdesudo (KDE)
<ewook> Storm3yy: you could enable the root-account, or change the permissions on the files in question, or add your user to the apropriate group owning the files, depending on group rights to the file.
<ewook> jtaji: over sftp is the question.
<jtaji> yep sorry
<Storm3yy> How do I see what group to use?
<Storm3yy> I basically want to add my account to the admin group
<ewook> acctually, it's usually more sane to enable the root-account and connect with that if you wanna have full permissions to everything - not recommended if your server is public.
<Storm3yy> Ok
<Storm3yy> Well my servers public
<Storm3yy> How do I just add this account?
<ewook> I think most of your question could be answered here - https://help.ubuntu.com/community/RootSudo
<ewook> it convers the pro's and con's and explains it a bit.
<ewook> so, yes, jtaji was right on from the start :)
<ewook> sorry jtaji :)
<Storm3yy> how do i make a admin group then?
<Storm3yy> or edit a user
<Storm3yy> it dosnt say there
<jtaji> no prob, I was just reading thinking something doesn't make sense ;)
<ewook> Storm3yy: there's a follow-link on that page going to http://ubuntuforums.org/showthread.php?t=716201, covering some things I think you need to consider with just adding your user to the root-group.
<ewook> Storm3yy: and here's a link to how to control and manage groups/users https://help.ubuntu.com/8.10/serverguide/C/user-management.html
<ewook> or a 'never' version if you like https://help.ubuntu.com/9.10/serverguide/C/user-management.html :)
<ewook> newer..
<ewook> hah.
<ewook> Storm3yy: I want to help, but I'm not sure I can avoid doing what I do right now, enabling a useraccount that was is kind of risky - sudo exists for a reason :)
<ewook> was = way. god, I can't spell today.
<Storm3yy> You dont want to help me
<Storm3yy> otherwise you would of told me
<Storm3yy> I dont really care anyway I'll just pay for support.
<ewook> Then I'm sorry I couldn't assist you, even with the appropriate links.
<jtaji> Storm3yy: you need to add your user to the admin group, but didn't you say you already used sudo?
<jtaji> I mean you need admin access to give admin access
<Storm3yy> Yeh I've used sudo
<Storm3yy> but the thing is to sftp the files I  dont have permision
<Storm3yy> The servers a public server on a lan
<Storm3yy> It's not connected to the internet well it wont be once its setup
<jtaji> you need sudo/root account on the destination machine
<Storm3yy> Yeh
<Storm3yy> thats what i'm trying to setup
<jtaji> do you currently have sudo access on that machine?
<jtaji> at all?
<Storm3yy> On the linux box I'm on
<Storm3yy> setting up yes
<jtaji> no, the destination
<Storm3yy> whats that?
<Storm3yy> the computer shhing in?
<jtaji> that's the client
<Storm3yy> Basically I have the linux server
<Storm3yy> and my PC
<Storm3yy> and I'm trying to get a full admin prems on the linux server
<jtaji> what runs on your pc?
<Storm3yy> IRC, Windows 7 etc
<Storm3yy> putty winscp
<jtaji> so basically you want to use winscp to access files on the server for which you need admin privs
<Storm3yy> Yep
<jtaji> and you have a router/firewall?
<Storm3yy> Yep
<jtaji> the best way is probably to just enable the root account, by loggin in to the server and doing 'sudo passwd'
<jtaji> you'll also need to edit /etc/sshd/sshd_config, and change PermitRootLogin to yes
<jtaji> don't forward the ssh port in on your router (at least not directly) and you should be safe
<jtaji> also 'sudo service ssh restart' after you edit the config
<Storm3yy> Ok
<jtaji> and only login in with root from winscp when you absolutely need to, use regular user for other purposes
<jtaji> and make sure you use a good text editor that doesn't change unix line endings
 * jtaji much prefers ssh and sudo vi
<Storm3yy> Ok
<Storm3yy> Now
<Storm3yy> I need to run OpenSim.Grid.UserServer.exe
<Storm3yy> OpenSim.Grid.GridServer.exe
<Storm3yy> OpenSim.Grid.AssetServer.exe
<Storm3yy> OpenSim.Grid.InventoryServer.exe
<Storm3yy> OpenSim.Grid.MessagingServer.exe
<Storm3yy> Those
<Storm3yy> and keep them running
<Storm3yy> How do I do that?
<Storm3yy> Screen?
<jtaji> probably not the best choice for a service, but the .exe endings make me suspect that they're even linux programs
<jtaji> but I have no idea about what that is
<Storm3yy> ok
<Storm3yy> they work
<Storm3yy> but I can only run one at a time then press ctrl and c
<Storm3yy> to end it
<Storm3yy> to run the other
<Storm3yy> I need to run 1 minimize it
<Storm3yy> and run the 2nd and so on
<jtaji> you should read their docs on how they are designed to be run
<Storm3yy> They dont have any
<jtaji> one option would be calling them from /etc/rc.local
<Storm3yy> well they are out dated
<jtaji> another would be setting up with init/upstart/whatever...
<jtaji> probably just rc.local is good, it will run them at the end of the boot process, and they will stay running in the background
<jtaji> !boot
<ubottu> Boot options: https://help.ubuntu.com/community/BootOptions - To add/remove startup services, you can use the package 'bum', or update-rc.d - To add your own startup scripts, use /etc/rc.local - See also !grub and !dualboot - Making a boot floppy: https://help.ubuntu.com/community/GrubHowto/BootFloppy - Also see https://help.ubuntu.com/community/SmartBootManagerHowto
<jtaji> that wasn't too helpful
<Storm3yy> ok
<Storm3yy> and another thing where is a www dir for LAMP?
<jtaji> eh, I think the default for apache is /var/www, I usually work out of /srv/http/, personally
<Storm3yy> Oh I see /var/www yeh
<jtaji> on a one partition system it doesn't really matter I guess
<Storm3yy> Er can I make that in the home/user/www?
<jtaji> well, you can serve out of different places, even if the main site is /var/ww
<jtaji> there's a way to make all users able to automatically have their own www like you mentioned
<jtaji> study up on apache ;)
<Storm3yy> I want the default to be /home/user/www
<jtaji> Storm3yy: http://heriman.wordpress.com/2008/08/05/enabling-apache-user-home-public_html-directory-in-ubuntu/
<Storm3yy> God sake
<Storm3yy> I still not figgured how to my my user a super user
<Storm3yy> or get the root acc working
<Storm3yy> its not letting me on
<jtaji> so your user can not use sudo?
<jtaji> or you can not even login?
<Storm3yy> my user 'ubuntu' can use sudo and login
<Storm3yy> and I've done sudo passwd
<Storm3yy> then the password twice
<Storm3yy> and not I can tlogin to the root user
<Storm3yy> and in the sshd config thing it said rootuser login enabled
<guntbert> !root | Storm3yy but I told you that several times already
<ubottu> Storm3yy but I told you that several times already: Do not try to guess the root password, that is impossible. Instead, realise the truth... there is no root password. Then you will see that it is 'sudo' that grants you access and not the root password. Look at https://help.ubuntu.com/community/RootSudo
<guntbert> !noroot | Storm3yy
<ubottu> Storm3yy: We do not support having a root password set. See !root and !wfm for more information.
<Storm3yy> Oh can somone just tell me how to make this user admin
<jtaji> guntbert: what is your solution to his problem?
<Storm3yy> and have permision to all files on the server
<Storm3yy> I dont care about security its not on the internet
<jtaji> guntbert: because I honestly couldn't think of a better way
<guntbert> jtaji: use sudo, what else?
<Storm3yy> It wont work
<jtaji> he want to edit files using WinSCP
<Storm3yy> on sftp
<Storm3yy> So what should I do?
<jtaji> I knew somebody would jump in without understanding the problem, and I almost gave a disclaimer at the beginning
<jtaji> using Linux 10+ years and I enforce the no root policy as much as the next guy
<jtaji> Storm3yy: did you restart the ssh service?
<Storm3yy> no but it was already set as yes
<Storm3yy> Can you not tell me how to put this user in a group
<jtaji> what is "this" user
<guntbert> jtaji: point taken - I shut up :-)
<Storm3yy> the user I'm on
<Storm3yy> the one that cant access the files
<Storm3yy> but i'd like it too
<jtaji> Storm3yy: well if you want to edit files with winscp like you do, you need to use root
<jtaji> we would much prefer you to just ssh in, and use sudo with a command line text editor
<jtaji> and keep root disabled
<Storm3yy> I'm not sure how to use that
<jtaji> it would be 'sudo adduser thisuser admin'
<Storm3yy> plus i have a ton of files to upload
<jtaji> to let thisuser use sudo
<jtaji> and 'sudo password -l' to re-lock root account
<Storm3yy> it says I'm already part of the admin group
<Storm3yy> but I still cant access the files :S
<jtaji> Storm3yy: yes, because you can't "sudo" with winscp
<Storm3yy> ok so I'm added to the group
<Storm3yy> now what do I do?
<jtaji> I feel like we're going in circles ;)
<jtaji> we were enabling root to login to winscp
<Storm3yy> Ok
<jtaji> did logging in with winscp with user root, and password you just set, not work?
<Storm3yy> Right start again
<Storm3yy> no
<Storm3yy> Access denied
<jtaji> and you are sure PermitRootLogin was yes? because the default is no
<Storm3yy> Yep
<Storm3yy> That said yes
<jtaji> you changed it already?
<Storm3yy> It was set as yes
<Storm3yy> When I looked at the file
<jtaji> someone had to change it, sometime after you installed ubuntu
<Storm3yy> oh I might have done it
<Storm3yy> yesterday
<Storm3yy> yeh I think I did
<jtaji> so try restarting ssh like I mentioned
<Storm3yy> ok how do I do that?
<jtaji> sudo service ssh restart
<Storm3yy> ok sec then
<Storm3yy> ok
<Storm3yy> done
<Storm3yy> let me see
<Storm3yy> Authentication log (see session log for details):
<Storm3yy> Using username "root".
<Storm3yy> Authentication failed.
<jtaji> Storm3yy: let's see the end of your /var/log/auth.log
<jtaji> !pastebin | Storm3yy
<ubottu> Storm3yy: For posting multi-line texts into the channel, please use http://ubuntu.pastebin.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from  command line | Make sure you give us the URL for your paste - see also the channel topic
<Storm3yy> this is crazy
<Storm3yy> why cant u use groups
<Storm3yy> never seen so much rubbish in my life
<jtaji> Storm3yy: you can, if you are willing to use the command line
<jtaji> or you can stay calm and continue debugging this problem
<Storm3yy> i'm using the commandline
<Storm3yy> I have no GUI
<jtaji> I mean to edit files, and copy files to system locations
<Storm3yy> Yes
<Storm3yy> If you can be kind enough to tell me how to do it
<Storm3yy> All  I've been wanting for the last few hours is to make this user have full server permisions
<Storm3yy> without the use of sudo
<jtaji> you can't do that
<Storm3yy> ok
<Storm3yy> tell me what to do
<Storm3yy> I want the root account
<Storm3yy> what should I do to do this
<jtaji> I did, and we were trying to get it working
<Storm3yy> tell me what to type please
<Storm3yy> I'm lost so far
<jtaji> Storm3yy: let's see the end of your /var/log/auth.log
<jtaji> on your server
<Storm3yy> Its got my IPs
<Storm3yy> let me see
<jtaji> don't worry, your IP is 213.106.41.208
<jtaji> :P
<Storm3yy> no server ips afaik
<jtaji> but there are no IPs in that file
<Storm3yy> ok
<jtaji> Storm3yy: and then paste it into pastebin, link ubottu gave you above ^
<jtaji> only need the last 20 or so lines
<Storm3yy> I pmed u the url
<Storm3yy> http://pastebin.ca/NOHjJeBv
<Storm3yy> pass 1
<Storm3yy> jtaji - did you get it?
<jtaji> I don't know what's going on
<jtaji> also I guess I misunderstood and thought you were doing this over a private LAN
<Storm3yy> god sake
<Storm3yy> ubuntu is shit
<Storm3yy> why didnt I choose somthing else
<jtaji> any Linux distro would be the same
<twb> Yea, verily, AHS and ASS.
<Storm3yy> No
<Storm3yy> Lots of distros have the root account enabled
<Storm3yy> rofl
<Storm3yy> all I want to do is have a fucking root account
<Storm3yy> no shit
<jtaji> !ops | Storm3yy
<ubottu> Storm3yy: Help! Channel emergency! soren, lamont, mathiaz or tom
<Storm3yy> Eh
<Storm3yy> Whats that?
<twb> Storm3yy: the root account is only "disabled" in that it has no password.  If you had performed an "expert" (i.e. priority=low) install, you would have been asked whether you wanted to have an "active" root account.
<Storm3yy> I used an amazon EC2 EBS to try this out on
<jtaji> !language | Storm3yy
<ubottu> Storm3yy: Please watch your language and topic to help keep this channel family friendly.
<jtaji> sorry maybe that was more appropriate
<uvirtbot> New bug: #494497 in openssh (main) "ssh-copy-id fails with certain args" [Wishlist,Invalid] https://launchpad.net/bugs/494497
<twb> Storm3yy: assuming you're still using traditional flat file auth, you can use "sudo passwd" to activate the root account.
<Storm3yy> thats not letting me login to it tho
<veebull> Storm3yy, have you tried 'sudo su -l' to drop you into a root login session for the duration
<Storm3yy> that wont work with winscp
<twb> Storm3yy: your current user has no sudo privileges?
<twb> Storm3yy: you can check with "sudo -l"
<Storm3yy> passwd: password updated successfully
<Storm3yy> Matching Defaults entries for ubuntu on this host:
<Storm3yy>     env_reset
<Storm3yy> User ubuntu may run the following commands on this host:
<Storm3yy>     (ALL) ALL
<Storm3yy>     (ALL) NOPASSWD: ALL
<twb> Storm3yy: you should now be able to log in as root with the password you just set.
<Storm3yy> Ok
<twb> Storm3yy: note that some applications, such as ssh, might be configured to specifically disallow root logins
<jtaji> we changed sshd_config already
<jtaji> and restarted ssh
<twb> jtaji: OK
<Storm3yy> argh putty is saying Disconnected: no suppored auth methods available
<twb> Of course, two-factor authentication (i.e. ssh keys) would be more secure than enabling password auth
<Storm3yy> ok so whats wrong?
<jtaji> Dec 19 17:01:05 ubuntu sshd[9913]: Accepted publickey for root from 213.106.41.208 port 52399 ssh2
<twb> And it seems a bit silly to enable login for TWO accounts (i.e. root and the user with full sudo privileges), though I concede it's possible to shoot yourself in the foot with /etc/sudoers.
<jtaji> looks like it did use a key?
<twb> jtaji: buggered if I know.
<Storm3yy> it didnt now
<Storm3yy> god you dont understand
<Storm3yy> I want ACCESS to ALL files on this server
<twb> Storm3yy: I've lost patience with you.  Good luck.  Plonk.
<Storm3yy> I CAN NOT access the files outside of the home dir
<Storm3yy> on my user acc
<Storm3yy> since they belong to root
<Storm3yy> so i want to know why I cant connect to the root account now
<Storm3yy> Ok so what should I do?
<veebull> I may have missed it in the above... but have you checked the config file for ssh?
<veebull> A very common setting is 'PermitRootLogin No' (or something to that effect)
<veebull> because most system admins acknowledge that logging in directly as root, even over ssh, is a bad idea
<twb> veebull: the Right Thing is to teach Storm3yy how to use sudo to escalate privileges as necessay.
<twb> *necessary
<Storm3yy> It says yes
<Storm3yy> Ok so what should I do
<veebull> twb, agreed.  But he seems to not be able to figure that part out <shrug>
<Storm3yy> Basically I want to edit the files using this user account
<Storm3yy> using winscp
<Storm3yy> when I try to edit files outside my home directory it says permision denied
<Storm3yy> thats becuase everything is 'owned' by root
<Storm3yy> So if it was your server what would you do to fix this?
<twb> Storm3yy: winscp isn't an editor.  sudoedit(1) is the appropriate way to edit files in e.g. /etc.
<veebull> because while you are logged in as that user, you don't have the privileges to access other peoples files - thats what *nix file permissions are all about
<Storm3yy> I also want to upload files
<jtaji> Storm3yy: we log in over ssh with our user accounts, then use sudo
<twb> Storm3yy: if you're trying to do web shite, ~/public_html is probably the Right Thing
<Storm3yy> is that directory too
<Storm3yy> no, I need to edit, upload files in the /etc folders etc
<veebull> you might be able to add your user to the 'admin' or 'wheel' group (I forget what ubuntu uses) and thereby be able to gain some flexibility
<jtaji> Storm3yy: you could use winscp to copy the files to your user home directory, then log in and 'sudo cp' them to their desination
<Storm3yy> why cant I just use the root account?
<Storm3yy> or set the permision to those other folders to my account?
<veebull> sorry, I only use WinSCP very rarely so I'm not so hot with it.
<twb> veebull: unfortunately, there's no stock RBAC
<jtaji> Storm3yy: never change system file permissions, period
<twb> veebull: the first user created has full sudo, that's it
<jtaji> unless you know what you are doing
<Storm3yy> argh
<veebull> twb, ah.  Did not know that, thanks.
<Storm3yy> im nackerd then
<Storm3yy> the server is useless?
<jtaji> Storm3yy: spend a couple of days, and learn linux command line usage
<Storm3yy> Unless I want to keep copying stuff which will make my life hell
<Storm3yy> How do I setup root?
<jtaji> you seem to be somewhat proficient acutally, which is confusing me
<twb> jtaji: possibly via cargo cult training
<Storm3yy> what a load of rubbish :S
<veebull> Storm3yy, help us understand what you're trying to do.  What files do you need to upload to /etc?  Why not simply open them in PuTTY (after sudoing to root privileges)?
<veebull> and do your editing that way?
<frojnd> Hello there...
<frojnd> Till recently I had static IP for server
<frojnd> but since I don't need to have it anyomre
<frojnd> I'd like to make it dhcp
<frojnd> I went to /etc/network/interfaces
<frojnd> and type in auto lo
<frojnd> iface lo inet loopback
<frojnd> auto eth1
<frojnd> iface eth1 inet dhcp
<Storm3yy> veebull - basically Ineed to upload files to the /etc folder
<Storm3yy> for apache and software im running
<frojnd> saved it and after that I run a command /etc/init.d/networking restart
<Storm3yy> and editing them
<Storm3yy> since they are ran by root
<frojnd> but I got somethging interesting
<Storm3yy> I can tdo it on my account
<Storm3yy> i get permision denied
<twb> veebull: I think Storm3yy wants to edit files using a local GUI editor instead of using e.g. vi (via sudoedit).
<frojnd> something about broadcast adress...
<jtaji> frojnd: comment out #iface eth1 inet dhcp
<frojnd> jtaji: it is
<twb> frojnd: that file looks fine to me
<jtaji> frojnd: yeah sorry, ignore me
<Storm3yy> twb - correct
<frojnd> when I had static I configured also adresses
<Storm3yy> and upload files
<veebull> Storm3yy, could you edit the files in a local editor, then cut-n-paste them in a PuTTY window?
<twb> He could use a GUI editor that understands transparent remote file access using both ssh and then sudo -- Emacs is such an editor.
<frojnd> I get there is already a pid file /var/rin/dhclient.eth1.pid with pid 134519072
<frojnd> and I get repitedly
<twb> frojnd: is network-manager (NetworkManager) installed and/or running?
<veebull> twb, I don't generally wish emacs on people ;)
<Storm3yy> veebull - No
<frojnd> DCPDISCOVER on eth1 to 255.255.255.255 port 67 interval [1-9[1-9]
<Storm3yy> I want to upload them
<frojnd> twb: er... no
<twb> frojnd: good
<frojnd> I only edit some files that I can't remember now
<twb> frojnd: next time, install etckeeper.  It'll help you remember
<frojnd> maybe hosts also beside /etc/network/interfaces
<jtaji> Storm3yy: it's the same thing really, just start with an empty file in putty
<veebull> Then you have a problem.  You don't have the permissions (you are a regular user), and the system will not let you login remotely as the root user for security reasons (as you've found)
<jtaji> and paste in the whole contents
<frojnd> ok but now can someone please help me connect to the internet the server?
<Storm3yy> I cant
<frojnd> from then on I'm good
<Storm3yy> I cant make new files in any folder outside my HOME DIRECTORY
<Storm3yy> PERMISION denied
<Storm3yy> caps sorry
<veebull> do you not understand file permissions?
<veebull> *nix style?
<jtaji> Storm3yy: you can with sudo
<veebull> Storm3yy, here, I searched the WinSCP site for you:
<frojnd> ok so noone knows
<frojnd> that's sad :<
<Storm3yy> I cant use sudo with winscp
<veebull> http://winscp.net/eng/docs/faq_su
<Storm3yy> for goodness sake
<veebull> yes you can, read the faq
<veebull> 'Use sudo on login'
<twb> veebull: ha
<Storm3yy> Ok
<Storm3yy> let me see
<twb> frojnd: what you're doing SHOULD work.  Use mii-tool or ethtool to ensure that the cable is connected
<Storm3yy> sorry im stressed been working on this for 3 days
<twb> frojnd: otherwise, check that your DHCP server is serving DHCP
<frojnd> twb: erm i'm pretty sure it is :>
<frojnd> 2 computeres happily on right now
<veebull> Storm3yy, any luck?
<Storm3yy> no cant seem to find ou thow to issue the sudo cmd
<Storm3yy> with winscp
<frojnd> I'm desperate here
<frojnd> can someone please help me connect to the internet
<frojnd> I hae 8.04
<veebull> Storm3yy, Did you go and read the link I sent you?
<frojnd> how can I force server that it will get Ips via dhcp?
<frojnd> anyone please?
<veebull> Specifically the part where it talks about specify a specific command as a custom shell
<veebull> and then tells you how to go do that
<frojnd> ok..
<Storm3yy> yeh
<frojnd> I give up
<frojnd> how can I configure server that it would have static IP?
<veebull> And it still doesn't work when you specify 'sudo -s' as the login shell?
<Storm3yy> i dont see how to do that
<Storm3yy> it dosnt say
<veebull> If you go to http://winscp.net/eng/docs/faq_su, go to the section titled 'Use sudo on Login'
<veebull> about 10-12 lines down it starts 'With SCP protocol, you can specify following commands as custom shell on the SCP/Shell tab...'
<veebull> click on the green text 'SCP/Shell tab'... it's a link to the page for *that*
<veebull> specifically http://winscp.net/eng/docs/ui_login_scp#shell
<Storm3yy> It dosnt tell me where to put the command tho
<Storm3yy> ok fixed
<Storm3yy> how do i setup lamp to point to /home/user/www
<veebull> I was starting to think maybe you *shouldn't* be allowed access to /etc at all! ;) (just kidding)
<Storm3yy> instead of var/www/
<Storm3yy> Sorry i thought it was a box I typed it in
<Storm3yy> it was a drop down menu lol
<diplo> frojnd, http://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/
<veebull> I'm less experienced w/ Apache config...
<veebull> is there a reason /var/www won't work, or http://<hostname>/~username?
<Storm3yy> it does but I'd prefer to keep everything in my home directory like that
<veebull> perhaps a link from a folder in your home dir to /var/www/whatever?
<Storm3yy> Done it I think
<frojnd> diplo: I tried
<frojnd> how can Icheck ifconfig /all in linux?
<frojnd> ifconfig /all is for windows
<guntbert> frojnd: ip ad
<frojnd> I don't understand
<frojnd> in /etc/resolv.conf I add 192.168.1.1 my router's IP
<frojnd> and I still can't ping router :S
<diplo> frojnd, ifconfig on it's own will display the results from all your adaptors
<Liberty76> My server hosts a printer. The printer will print from my desktop, but when I try to print from my vista machine it won't print. I think I need to tell my server about the Vista machine.. How?
<diplo> Do you get nothing ?
<diplo> Resolv.conf is for DNS
<uvirtbot> New bug: #498578 in samba (main) "While installing wine the needed smb-client package could not be installed. " [Undecided,New] https://launchpad.net/bugs/498578
<diplo> You can check a paticular NIC by doing ifconfig eth0 or eth1 etc
<frojnd> that's just insane
<frojnd> I'll reinstall server
<diplo> Wat results do you get when you do ifconfig
<diplo> ?
<frojnd> and installe nex time etckeeper
<frojnd> I just  get one ifconfig
<frojnd> I mean eth1
<frojnd> and lo
<diplo> and eth1 have any ip's against it ?
<frojnd> well yes
<frojnd> wwhen Trying to static I p yes
<diplo>  inet addr:192.168.1.24  Bcast:192.168.1.255  Mask:255.255.255.0
<frojnd> but I only need dhcp
<diplo> Well that's all you should need from that page
<diplo> auto eth0
<diplo> iface eth0 inet dhcp
<diplo> change the 0 to 1 obviously
<frojnd> just 2 lines?
<diplo> Yup
<diplo> Should *just* work
<diplo> ifdown eth1 ; ifup eth1 after
<frojnd> what about /etc/resolv
<frojnd> there is 192.168.1.1 <- my router's ip
<diplo> resolv is for dns
<frojnd> do I need that?
<diplo> if it's already in the resolv and it's correct for your router that's fine
<frojnd> diplo: :(
<diplo> not worked ?
<frojnd> I keepg getting DHCPDISCOVER on eth1 to 255.255.255.2555 port 67 interval ...
<frojnd>  no unforunatelly no
<diplo> defo got dhcp running on the router ?
<frojnd> diplo: I just tested with live puppy cd
<frojnd> and I just clicked dhcp for eth1
<frojnd> and I was on the internet
<frojnd> so I'm pretty sure
<frojnd> maybe some other files are doing a mess
<frojnd> also
<diplo> Can't think of anything else that should affect it
<frojnd> I get there is already a pid file /var/run/dhclient.eth1.pid with pid 134519072
<frojnd> surprisingly I get this always after restarting network
<frojnd> and now I need to download again ubuntu 8.94
<frojnd> 8.04 just because I screwed something up :s
<sub> that's an abnormal pid
<frojnd> it's big yeah _D
<frojnd> ah
<diplo> Could try /etc/init.d/networking restart ?
<frojnd> where can I get ubuntu 8.04 LTS 64bit?
<frojnd> diplo: I did the same error
<diplo> Never had to do that before but i suppose worth a go
<frojnd> as with ifdown...
<diplo> Hmm
<frojnd> I need to reinstall server in order to increase /
<diplo> Got two NIC's in the machine ?
<frojnd> and to isntall 64bit
<frojnd> diplo: yes one is dead
<frojnd> diplo: it isn't even shown in ifconfig
<frojnd> the dead one is also integrated... it suffered too much of electricity :P
<frojnd> so where can I get ubuntu 64bit
<frojnd> 8.04
<jtaji> frojnd: ubuntu.com
<jtaji> they have made it difficult to find
<frojnd> jtaji: i know
<frojnd> that's why I'm asking
<jtaji> oh not so much, just click alternate download options
<frojnd> and that's not sarcastic :>
<jtaji> http://www.ubuntu.com/getubuntu/download-server
<frojnd> jtaji: thanx :>
<jtaji> no prob
<diplo> http://cdimages.ubuntu.com/ubuntu-server/hardy/daily/current/
<diplo> Not sure if that's the right link
<frojnd> hm
<frojnd> but..
<frojnd> how can I DL it with wget?
<frojnd> I prefer wget and screen
<frojnd> I really do
<jtaji> ^^ diplo just linked
<uvirtbot> jtaji: Error: "^" is not a valid command.
<frojnd> thanx jtaji
<ghostlines> my filesystem has erros and i sometimes I can't mount it, and when i do mount it i can't write to it
<ghostlines> i did a fsck check to automatically repait it and that didn't work
<ghostlines> now fsck says i should run fsck manually, my question is what i can do manually?
<ghostlines> all I suppose i can do is hit y everytime it asks me if it should repair a block
<diplo> Can automate the -y
<ghostlines> isn't that what the -a switch does
<ghostlines> yeah used that switch too
<ghostlines> but to no avail
<diplo> -p ?
<ghostlines> hmm let me check that one out
<diplo> That's automic repair ( No Questions )
<diplo> automatic*
<ghostlines> the -a switch does automatic repairs according the manpage
<ghostlines> i don't see -p but do see -P in the manpages don't understand what that's exactly for though
<ghostlines> ahh my bad man
<frojnd> is tere a way to DL this from slovenian server?
<frojnd> arnes?
<frojnd> the speed from this server jtaji gave is kinda slow
<ghostlines> I think i gotta use the -p switch with e2fsck not fsck
<frojnd> jtaji: the link you gave me... can you privide me the one with arnes server?
<jtaji> frojnd: http://www.ubuntu.com/getubuntu/downloadmirrors
<frojnd> jtaji: thanx!!
<frojnd> aaah what a speed == relief :D
<MTecknology> twb: thanks
<MTecknology> I'm close... "ufw enable" remote logging server only logs local logs; "ufw disable" remote logging server logs everything
<ruben23> hi , how do i set an application to run on reboot automatically..?
<ruben23> like tomcat
<MTecknology> ruben23: you mean run a command that starts it on reboot or a service?
<MTecknology> idk how tomcat works..
<MTecknology> for something like supybot; I add this line in "crontab -e"  "sudo -u mtbot supybot mtbot.conf --daemon"
<ruben23> MTecknology:yeah as a service
<MTecknology> ruben23: for a service; aptitude install rcconf; use that - it's much much nicer than the default tools
<MTecknology> ... I LOVE ufw; this is everything for iptables I ever wanted
<ruben23> MTecknology: how about adding script just to run the application on reboot..
<MTecknology> ruben23: I'd add an entry in cron
<frojnd> ok
<frojnd> HOw can I check if my downloaded file is ok?
<jmarsden> ruben23: @reboot /path/to/script/that/runs/application
<MTecknology> instead of the "* * * * *" part use "@reboot" Then every reboot/startup it'lll be ...........
<MTecknology> there's that
<guntbert> !md5sum | frojnd
<ubottu> frojnd: To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<MTecknology> jmarsden: type slower
<jmarsden> :)
<MTecknology> I need to figure out why logcheck is mailing out every hour....
<MTecknology> it's pretty much mailing on 2 * * * *
<frojnd> damn it :S
<frojnd> How come has failed .S
<frojnd> :S
<frojnd> I didn't get any errors while wget
<frojnd> :s
<MTecknology> frojnd: watch the language
<frojnd> MTecknology: my bad
<MTecknology> frojnd: it happens sometimes... in most cases I install without checking
<MTecknology> frojnd: can you use firefox to download instead of wget?
<frojnd> ha
<frojnd> maybe isn't the whet
<frojnd> I dl'ed 8.04.3
<frojnd> and on the has site there is only 8.04
<frojnd> server
<frojnd> does this make any sense?
<frojnd> pardon :(
<MTecknology> !ltd
<MTecknology> !lts
<ubottu> LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server. The current LTS version of Ubuntu is !Hardy (Hardy Heron 8.04).  The next LTS release is scheduled to be !Lucid (Lucid Lynx 10.04)
<frojnd> MTecknology: I can use chromium yes
<frojnd> but what would change this
<frojnd> in wget I have -c option
<frojnd> also -bandwith option
<frojnd> and so on
<MTecknology> I think firefox has a few tools built-in to prevent bad downloads
<MTecknology> http://cdimage.ubuntu.com/hardy/daily/current/MD5SUMS
<frojnd> that's for alternate
<MTecknology> I thought cdimage.u.c had more than just alternate :S
<MTecknology> there
<MTecknology> http://releases.ubuntu.com/hardy/MD5SUMS
<frojnd> that's weird
<frojnd> I have the same sum
<MTecknology> then be happy :)
<frojnd> why would checking the test report that either CD-ROM or some data is corrupted?
<frojnd> maybe I've burn't wrong
<MTecknology> probably
<frojnd> I'll try with 10x  and not with 4x speed
<MTecknology> My issue is usually burning and not downloading
<frojnd> yeah
<frojnd> cds sux
<frojnd> there is always something worng
<Liberty76> why LTS? Isn't karmic newer and better and still have as much support life left
<MTecknology> Liberty76: for some people running with LTS is a better option
<Liberty76> LTS for server though is 5 years though I suppose
<ScottK> Liberty76: Yes. For server, Hardy has longer support left
<Liberty76> hmm but why is LTS better?
<ScottK> Fewer upgrade cycles.
<ScottK> For some that won't matter
<MTecknology> Personally; I like the 6mo releases; if I had >30 servers to manage I'd probably use LTS
<Liberty76> I built new server on karmic... Will likely upgrade in April but don't expect to ever again
<MTecknology> GAH! I can't figure out why logcheck is mailing out hourly.....
<MTecknology> !ntp
<ubottu> Information about using and setting your computer's clock on Ubuntu can be found at https://help.ubuntu.com/community/UbuntuTime - See https://help.ubuntu.com/9.04/serverguide/C/NTP.html for information on usage of the Network Time Protocol (NTP)
<frojnd> is there a way to install lxde from ubuntu server 8.04 ?
<frojnd> apt-cache search won't find it
<mcdermmn> is there a easy way to get the number of block groups in a partion without mounting it?
<MTecknology> frojnd: It's recommended to use cli instead of gui to manage your server
<MTecknology> !lxde
<MTecknology> !info lxde
<ubottu> lxde (source: lxde-common): Meta-package for the Lightweight X11 Desktop Environment. In component universe, is optional. Version 0.4.2-1ubuntu3 (karmic), package size 4 kB, installed size 36 kB
<MTecknology> frojnd: You need to enable universe repos for it
<MTecknology> mcdermmn: doesn't fdisk show you that?
<frojnd> MTecknology: it's not  for managing the server :D
<frojnd> MTecknology: it's for my sis...
<frojnd> MTecknology: all the background is done by me and ssh
<frojnd> I upgraded with 1gb ram
<MTecknology> !enter
<ubottu> Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<frojnd> so this shouldn't be a problem
<frojnd> MTecknology: to be hones I don0t even know how to manage a server with x :D
<mcdermmn> MTecknology it shows blocks, i dont think it does block groups
<MTecknology> mcdermmn: oh, beyond that I have noe idea - sorry
<frojnd> MTecknology: universe are enabled... that's odd
<MTecknology> frojnd: apt-get update; apt-get install lxde
<frojnd> MTecknology: there is no package named lxde
<frojnd> MTecknology: and I did update and upgrade frist thing after installation
<MTecknology> what version of ubuntu?
<frojnd> 8.04.3
<frojnd> LTS
<MTecknology> !info lxde hardy
<ubottu> Package lxde does not exist in hardy
<MTecknology> !info lxde intrepid
<ubottu> lxde (source: lxde-common): Meta-package for the Lightweight X11 Desktop Environment. In component universe, is optional. Version 0.3.2.1+svn20080509-2 (intrepid), package size 2 kB, installed size 32 kB
<MTecknology> Need to be on at least 8.10 for it
<frojnd> MTecknology: yeah.. but those versions have like 6months of support
<MTecknology> then you need to pick something different
<frojnd> I installed 8.4 so I don't have to dist-upgrade every half a year
<frojnd> hm
<frojnd> :(
<MTecknology> 8.04*
<frojnd> fluxbox
<frojnd> yeah I don't have time for another installation
<MTecknology> aptitude install ubuntu-desktop
<frojnd> that would install gnome?
<MTecknology> ya
<MTecknology> and all tools
<MTecknology> why didn't you start with that if it's for a desktop
<MTecknology> also - desktop support is #ubuntu
<frojnd> MTecknology: it ain't
<frojnd> X would be just an extension for my sis
<MTecknology> I need to go
<frojnd> She only needs a browser epiphany file browser nad mplayer
<frojnd> MTecknology: have fun
<frojnd> whatever your gonna do :)
<MTecknology> that's a desktop system...
<MTecknology> xdm+openbox
<frojnd> MTecknology: no
<frojnd> MTecknology: 90%of time server will do other work
<uvirtbot> New bug: #498614 in openssh (main) "SSH in and out of host produces bad packet length on fresh build" [Undecided,New] https://launchpad.net/bugs/498614
<MTecknology> :S - I can't figure out why I can't change how often logcheck sens out email
<MTecknology> It's default 1x/hr but I want less often
<MTecknology> I have a cron to run @daily; I need to figure out how to disable the hourly
<MTecknology> !logcheck
<MTecknology> GOT IT!
<MTecknology> /etc/cron.d/logcheck
<KismetGFX> was wondering if anyone has insight on this issue, seems a lot of people are experiencing it. hitachi drives reporting false positive / bad sectors when fsck has no problems https://bugs.launchpad.net/ubuntu/+source/libatasmart/+bug/438136
<uvirtbot> Launchpad bug 438136 in libatasmart "palimpsest bad sectors false positive" [Unknown,Confirmed]
<mike3> Anyone experiencing CPU soft lockups?
<mike3> is the latest dist-upgrade fix a lot of bugs?
<uvirtbot> New bug: #498641 in postfix (main) "package postfix (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/498641
<mike3> well i managed with the latest dist-upgrade
<mike3> I'm running ubuntu in a XEN guest and it's locking up my other systems... I noticed from the Xen host that I was getting cpu soft locks that seem to be coming from Ubuntu... So I'm hoping this upgrade fixes the issue. I've even reinstalled Ubuntu with the newest 9.10 and it still didn't fix the issue.
#ubuntu-server 2009-12-20
<UnixDawg> anyone awake I have a small issue going on on 8.3lts
<UnixDawg> I added a sigg sata II card
<UnixDawg> it sees the card and loads a driver but its not seing the drives
<UnixDawg> this sound slike a incompatable driver correct
<UnixDawg> 00:0b.0 SATA controller: Initio Corporation INI-1623 PCI SATA-II Controller (rev 02)
<UnixDawg> is the card
<UnixDawg> http://pastebin.ca/1720995
<UnixDawg> thats dmesg ?
<Ryan> My init.d scripts haven't been run at boot for the last 4 days. Any ideas what I should check to help debug?
<MTecknology> If you ever want to try openbox - this is excellent - http://urukrama.wordpress.com/openbox-guide/
<jmarsden> Ryan: Look at the scripts in /etc/init/* and especially /etc/init/rc.conf
<UnixDawg> anyone willing to help me fix this sata card issue ?
<UnixDawg> http://pastebin.ca/1720995
<UnixDawg> 00:0b.0 SATA controller: Initio Corporation INI-1623 PCI SATA-II Controller (rev 02)
<Ryan> jmarsden: rc.conf hasn't been modified for months, but it was working 4 days ago
<jmarsden> UnixDawg: Repeating questions in under 10 minutes is not good form.  If no-one answers that's because no-one has answers for you.  Try again maybe every 4 hours, not every 10 minutes...
<jmarsden> Ryan: Sounds like you would want to debug upstart itself... I've not had to do that, but it's the general direction I would take in your situation.
<Ryan> jmarsden: cat /var/log/syslog | grep upstart returns nothing, same with /var/log/messages
<Ryan> jmarsden: I'm not sure how else to debug it
<jmarsden> Ryan: man init and consider checking whether other upstart tasks (stuff in the /etc/init/*.conf files) are being run OK...
<UnixDawg> ok night chek tomorrow
<Ryan> jmarsden: The runlevel command tells me it's unknown
<Ryan> jmarsden: Looks like the problem started after I installed the 2.6.31-17 kernel
<jmarsden> Ryan: OK, well, can you boot from the previous kernel and see if things then work as they used to?
<Ryan> jmarsden: I think I might be experiencing this bug: https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/497299
<jmarsden> I'm running 2.6.31-17 here (Karmic Desktop, not Server, though) with no issues like that.
<uvirtbot> Launchpad bug 497299 in upstart "upstart not starting init-scripts (event net-device-up IFACE=lo missing)" [Undecided,New]
<Ryan> Mine's desktop too
<jmarsden> Ryan: Then... you're in the wrong IRC channel... :)
<Ryan> I asked in #ubuntu but no one answered
<jmarsden> Yes, looks like the same issue.  No solution in the bug info yet though.  You should probably add something to the bug saying you are experiencing it too, and subscribe to it, in case someone posts a fix there.
<Ryan> Done
<jmarsden> If you do a telinit 2 does everything "burst into life" ?
<Ryan> Yep
<MTecknology> !info openbox
<ubottu> openbox (source: openbox): standards compliant, fast, light-weight, extensible window manager. In component universe, is optional. Version 3.4.7.2-4 (karmic), package size 279 kB, installed size 1464 kB
<MTecknology> !ubuntu+1
<ubottu> Ubuntu 9.10 (Karmic Koala) is the current release of Ubuntu. Download: http://releases.ubuntu.com/9.10/ - Release Info: http://www.ubuntu.com/getubuntu/releasenotes/910
<MTecknology> !info openbox lucid
<ubottu> openbox (source: openbox): standards compliant, fast, light-weight, extensible window manager. In component universe, is optional. Version 3.4.7.2-5 (lucid), package size 266 kB, installed size 1432 kB
<MTecknology> I need to change that
<jmarsden> Ryan: OK, so the issue is that somehow your kernel is not triggering the event setting runlevel 2.  You might be able to force that by adding a 2 to the kernel parameter list in grub, as a workaround?
<MTecknology> khelvan: we will be
<MTecknology> khelvan: wrong window - sorry
<Ryan> jmarsden: Done, going for reboot now
<Ryan> Back in a tick
<jmarsden> OK.
<Ryan1> jmarsden: Nope, they're not running
<jmarsden> Ryan1: OK, well, it was worth a try.  If you boot from the earlier kernel is all working fine?
<Ryan1> ok, I'll try that
<khelvan> MTecknology - You have roused me from my slumber.  :)
<MTecknology> khelvan: hi
<Ryan> jmarsden: Not running in 2.6.31-16 either
<Ryan> So it mustn't be kernel related
<jmarsden> Ryan: That sounds logical... there *was* an update to upstart itself...
<Ryan> Yeah
<jmarsden> You could try going back to the earlier one and seeing whether that fixes things for you.
<Ryan> I'm running upstart 0.6.3-11, which I think is the same one in the bug report
<khelvan> MTecknology, did you mean to send something to me?
<MTecknology> no
<MTecknology> just wrong window
<jmarsden> Ryan: Right.  The one in Karmic itself (not karmic-updates) is 0.6.3-10 so going back to that might help?
<Ryan> Already installing 0.6.3-10 ;)
<jmarsden> :)
<Ryan> Rebooting again
<uvirtbot> New bug: #391882 in kdenetwork "Make Samba easy to disable and enable in KDE" [Undecided,New] https://launchpad.net/bugs/391882
<Ryan> jmarsden: All good now
<jmarsden> Good.  Updating that bug to say so would be good, so others know the workaround.
<Ryan> jmarsden: Should I change the status to confirmed, or is that for a developer to do?
<ScottK> No, if you can confirm the bug, then make a comment to that effect and mark it so.
<jmarsden> Ryan: You can ; you duplicated the issue, so it can be confirmed (by you).
<Ryan> Well I'm going to go
<Ryan> Thanks for your help
<osmosis> is there a FAQ on ways to protect myself from brute force SSH attacks?
<jtaji> osmosis: fail2ban or denyhosts takes care of that pretty well
<twb> -m recent is a static iptables mechanism to prevent brute-force attacks.
<twb> IMO, it's more robust than a daemon that reads logfiles and adds stuff into ipset or tcpwrappers.
<Donk3> Could someone fix this page: https://help.ubuntu.com/community/ServerSideIncludes It should read "AddOutputFilter INCLUDE .shtml" not "AddOutputFilter INCLUDES .shtml"
<ScottK> Donk3: It's a wiki.  Anyone can fix it.
<RoyK> well, here I am giving Windows a chance once more. seems windows 7 has some "unmovable" files, incidentially placed in the middle of the drive so shrinking the drive size won't work, since no defrag program can move these files. wtf would be the point of fixing a file's disk position in a filesystem in 2009? Perhaps I should give Windows another ten years before trying again........
<RoyK> (btw I _can_ shrink the partition size to 120gigs, but not to 30, because the placement of these files)
<Donk3> only if you create a login first :)
 * RoyK wants to throw small darts at Bill Gates and his gang
<Donk3> "I'm RoyK and I'm Windows 7 forever" ;)
 * RoyK hits Donk3 on the head with a spade
<twb> RoyK: are you examining this NTFS partition using Linux?
<RoyK> twb: no, I'm doing this on fucking windoze. I'm just blarting out in here
<twb> RoyK: what, you're trying to resize a filesystem while it's in use?
<RoyK> twb: no problem with that, if it weren't for the files that i'm unable to move
<frojnd> Hm... I think I know why I can't run startx from server
<frojnd> hm
<frojnd> I don't know why but
<frojnd> when trying to install ubuntu-desktop connection was losed and something went wrong
<frojnd> now if I do apt-get update I get at the end dpkg was iterrupted, you must manually run 'dpkg --configure -a' to correct the problem
<frojnd> if I do run this command computer hangs at the poing when trying to configure network manager....
<frojnd> I tried to remove ubuntu-desktop but I also get this command dpkg --configure a
<frojnd> so now I'm stuck?
<frojnd> I though I can fix this with apt-get fix something?
<frojnd> :S
<RoyK> frojnd: perhaps try to apt-get remove --purge ubuntu-desktop
<RoyK> btw, if you need a desktop computer, why install ubuntu-server?
<RoyK> the only real difference between server and desktop is the kernel, and the difference there is tiny
<dragon_> i would like to remove apache from my desktop, since I have a LAMP setup on a separate machine.  What is the best way to do it?
<frojnd> RoyK: I know it's less secure but..
<frojnd> my bro's computer died
<frojnd> and now my sis deosn't have any X
<frojnd> RoyK: I'll only use openbox + mplayer + firefox + epiphany + light music player + alight file browser + maybe kwrite in X
<RoyK> less secure?
<dragon_> apache removed, problem solved
<ghostlines> for some strange reason my ntfs parition turned into an extended partition and now I can't read it, is it possible to change fs to ntfs and recover my files?
<ghostlines> well Extended isn't a filesystem  but that's what fdisk is telling me http://pastebin.com/mdb5f47c
<UnixDawg> morning guys
<UnixDawg> I have a issue Ineed help with
<UnixDawg> I added a sata  card to a server and ubuntu-server sees the card loads the driver
<UnixDawg> 00:0b.0 SATA controller: Initio Corporation INI-1623 PCI SATA-II Controller (rev 02)
<UnixDawg> but when I attache drives and boot up and it still see the b=card but the drives fail
<UnixDawg> http://pastebin.com/m2ac659bf
<UnixDawg> this is dmesg
<UnixDawg> to me its seems a driver issue as if we bootup with pclinux and it finds the card the drives work fine
<UnixDawg> any thoughts ?
<twb> UnixDawg: is that 8.04 or 9.10?
<UnixDawg> 8.04
<UnixDawg> 8.04 LTS 32bit
<jtaji> UnixDawg: which is getting a bit old, I'd wonder if it's supported with 9.10
<UnixDawg> ok how would I do a dist upgrade safely ?
<UnixDawg> I was tols 9.10 had threading issues
<UnixDawg> thats why we used 8.04
<jtaji> not to mention that you'd have to upgrade 8.04 > 8.10 > 9.04 > 9.10, not a desirable prospect
<jtaji> or wait to go straight to 10.04
<UnixDawg> ok there is a 9.10
<UnixDawg> ok I dont see a 10.04 iso
<ScottK> 10.04 isn't released yet
<jtaji> it won't be out until March 2010
<jtaji> April
<UnixDawg> 9.10 ?
<UnixDawg> or is it not out
<jtaji> UnixDawg: year.month
<jtaji> it's out ;)
<ScottK> Released in September of this year
<UnixDawg> I dont see it on the server download page
<UnixDawg> yes I do I am blind
<UnixDawg> lol
<jtaji> UnixDawg: I might grab the 9.10 livecd, run that to see if your hardware is supported
<UnixDawg> well we dont have alot on this box yet
<UnixDawg> ok
<jtaji> ah
<jtaji> I'm guessing the pclinuxos you tried is a newer version
<UnixDawg> yes
<UnixDawg> the latest ver
<jtaji> if it worked there it is probably likely it works in latest ubuntu
<UnixDawg> like it alot its very clean
<UnixDawg> ok
<UnixDawg> I have a 2nd drive I can install on with out loosing anything
<UnixDawg> so I am safe
<UnixDawg> thanks for the input
<jtaji> good luck
<UnixDawg> I will test and report back
<UnixDawg> chous
<tsoiland> Is it possible to run a cloud with just the controller? will it function as a node?
<eagles0513875> hey guys i got a question for ya is xen still supported in karmic as the documentation doesnt mention how to setup xen in karmic
<eagles0513875> !xen
<ubottu> XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<eagles0513875> !info xen
<ubottu> Package xen does not exist in karmic
<eagles0513875> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<ChrisRut> Is there a way to automate the install of mysql-server so that you don't get prompted to enter a root pass?  When you "apt-get install mysql-server" it prompts for a MySQL root password, is there anyway to automatically set the root pass as part of the install command?
<pipedream> debconf-set-selections
<ChrisRut> pipedream: will that stop from being prompted?
<pipedream> yes
<pipedream> try #ubuntu-server on freenode too
<ChrisRut> great thanks
<pipedream> but
<pipedream> on a configured box
<pipedream> debconf-get-selections package > pkg.seed
<pipedream> on a new box, while installing, before install pkg, debconf-set-selections < pkg.seed
<pipedream> try it somewhere for exact syntax
<pipedream> you have to install some of those commands first
<pipedream> don't remember all the details now
<pipedream> err
<pipedream> I guess this is ubuntu-server :-P
<pipedream> I thought it was ubuntu-za
<pipedream> I've used it for other packages, not mysql-server
<ChrisRut> np, Thanks for the help pipedream :)
<pipedream> not sure whether the password string you see will be encrypted, for instance
<ChrisRut> i'll give'er a shot and report back... how can I check if it needs to be encrypted or not?
<qman__> ChrisRut, I'm guessing if it's encrypted, debconf-get-selections will show a hash, and if it isn't, it'll show the password you used
<slestak> anyone got a Sil based pci sata card in a machine with 9.10 server?
<bogeyd6> !vmware
<ubottu> VMWare is not available in the Ubuntu repositories. Consider using !QEmu or !VirtualBox as alternatives. Instructions for installing VMWare manually are at https://help.ubuntu.com/community/VMware
<X-M4-X> ks
<X-M4-X> whats an irc server package i can install to ubuntu server?
<Ziber> I imagine most of the ircd's are ubuntu-compatible.
 * Ziber uses unrealircd, personally
<X-M4-X> that tells me i have no c compiler in the system
<slestak> X-M4-X: did you install build-essential
<Ziber> or gcc?
<X-M4-X> I did not
<X-M4-X> Now i have - dang i love linux-10 second installs
<dragon_> i have installed a LAMP server and while typing a server name in firefox addressbar(on client machine), I'm getting 404 error. Look at error.log tells that /htdocs can't be found. Strange thing is that I don't need it or have ever entered such a path. I'm little lost here, can anyone help me with that, plz?
<dragon_> what I am typing is http://guardian-s01 (this is the name of my server)
<bogeyd6> dragon_,  do you have an index.html in /var/www/
<dragon_> bogeyd6: yes, i do
<bogeyd6> dragon_,  default apache2 install is /var/www
<bogeyd6> dragon_,  what if you http://ipaddress
<dragon_> bogeyd6: I know, this is why this error is so stupid. IP is 192.168.1.3
<bogeyd6> dragon_,  same error message?
<dragon_> bogeyd6: yes, in firefox. must check in error.log
<dragon_> bogeyd6: [Sun Dec 20 21:03:06 2009] [error] [client 192.168.1.4] File does not exist: /htdocs
<RoyK> dragon_: looks like config error
<dragon_> RoyK: i know, but where to look? httpd.conf is completely empty
<guntbert> dragon_: do a find / -name "httpd.conf"
<uvirtbot> New bug: #498859 in ntp (main) "package ntpdate 1:4.2.4p6+dfsg-1ubuntu5.1 failed to install/upgrade: pacote ntpdate jÃ¡ estÃ¡ instalado e configurado" [Undecided,New] https://launchpad.net/bugs/498859
<RoyK> dragon_: apache.conf
<RoyK> dragon_: that is - apache2.conf
<RoyK> dragon_: look in /etc/apache2/ and /etc/apache2/sites-enabled
<RoyK> ubuntu/debian uses a rather neat apache config tree
<guntbert> RoyK: of course - thx for the reminder :)
<dragon_> RoyK: httpd.conf is an empty file
<RoyK> lol http://www.bbc.co.uk/radio1/chart/singles/
<RoyK> dragon_: yes, it is
<RoyK> dragon_: see the others I mentioned
<dragon_> RoyK: there is nothing in /etc/apache2/sites-enabled
<RoyK> dragon_: there should be a symlink, 000default -> ../sites-available/default
<dragon_> RoyK: and in /etc/apache2/sites-available is default and default-ssl which I didn't touch
<RoyK> there aren't any symlinks in sites-enabled?
<RoyK> if not, cd /etc/apache2/sites-enabled
<RoyK> ln -s ../sites-available/default 000default
<jtaji> dragon_: you can use 'sudo a2ensite default' to make that link
<jtaji> does the same thing though
<jtaji> well, except that the link should be 000-default
<RoyK> oh - didn't know that :)
<RoyK> jtaji: it really doesn't make much change
<jtaji> a2ensite, a2dissite, a2enmod, a2dismod
<jtaji> handy stuff
<RoyK> jtaji: ln, handy command
<jtaji> oh yeah, that true
<jtaji> everything is just read from that directory in order
<RoyK> well, if you just make the symlinks, you see what happens
<jtaji> RoyK: indeed it is ;)
<RoyK> does a2* reload apache as well?
<jtaji> other cool thing is bash-completion magic works for the a2ensite et. al.
<jtaji> no it doesn't, but it tells you to
<dragon_> RoyK: no
<RoyK> well, create it or do as jtaji said
<dragon_> RoyK: the a2ensite default solved the problem, now works everything just like I wanted it, thank you very much!
<RoyK> then make a new entry in sites-available and enable that one
<dragon_> jtaji: thank you!
<RoyK> a2ensite makes a symlink and sends a hangup to apache
<RoyK> (so that you understand how things work)
<jtaji> huh, does the hangup cause the config to be reloaded?
<RoyK> yeah :)
<RoyK> most daemons trap SIGHUP and reload the config
<jtaji> interesting
<jtaji> it still tells you: Run '/etc/init.d/apache2 reload' to activate new configuration!
<jtaji> I imagine the code hasn't been touched in a while
<RoyK> apache2ctl graceful
<jtaji> hmm
<jtaji> is what a2ensite does not graceful?
<dragon_> jtaji: i did init.d before I tested if a2ensite did the work unfortunately, so I can't tell anything if you must or must not to do it after sending the command
<jtaji> no worries, I can test if I'm curious ;)
<jtaji> because apparently apache2ctl graceful sends a SIGUSR1 instead
<RoyK> jtaji: afaik graceful is SIGHUP and I gues a2ensite does just that
<RoyK> oh
<RoyK> ok
<jtaji> that's what it says in man apache2ctl anyway
<RoyK> thought that was sighup
<jtaji> Gracefully  restarts the Apache daemon by sending it a SIGUSR1.
<RoyK> ok
<RoyK> sighup might be a little tougher, then
<jtaji> yeah it says apache2ctl restart sends a SIGHUP
<RoyK> graceful doesn't stop active connections
<RoyK> ok
<RoyK> nice to know
<RoyK> thanks
<jtaji> seems like a2ensite should be graceful or give you the option
<jtaji> thank you, good info
<RoyK> :)
<RoyK> irc ftw
<jtaji> I think you've stumbled across a potential bug
<guntbert> jtaji: I want to apology for stepping on your toes the other day (the issue with Storm3yy wanting to be root)
<jtaji> guntbert: no problem at all... I figure that's how we handle #ubuntu but should be a little more lenient in here
<jtaji> guntbert: but honestly after the fact I regretted the advice.. and it turned out he was doing it over the public internet
<guntbert> jtaji: I see - I was a bit angry too - because he consistently refused to say what his *real* goal was (aside from being able to scp as root)
<jtaji> there actually turned out to be a way to use sudo with winscp
<guntbert> jtaji: I followed the conversation and learned :-)
<jtaji> it was right on winscp website
<jtaji> so now there really is no more excuse ;)
<jtaji> it is pretty rare to actually need root
<jtaji> and those people will know how to do it already
<guntbert> jtaji: :)
<henriquev> so I'm setting up a web server for just one website (actually it is going to have three virtual hosts: one of the web interface, another for the API and another one for a internal shortlinking redirection). I see Apache uses /var/www as default (I'm familiar with Apache, but just not too much btw)
<henriquev> should I use it or how do you guys think it is better to do?
<jtaji> I've been using /srv/http/
<henriquev> change the user from root for the /var/www to anything else, create an user and put everything in a directory there, etc...
<jtaji> it's kind of the newish place to put that stuff, according to FHS
<jtaji> but it really doesn't matter
<henriquev> okay
<jtaji> well, I usually make /srv/http/domain.com directories
<henriquev> and what about the user, what do you use?
<jtaji> and the domain.com directory will be owned by a user
<jtaji> but not /srv/http
<henriquev> okay
<jtaji> now, I'm the only user ;)
<jtaji> so just my main user
<jtaji> it needs to be readable by www-data
<jtaji> so you can make it world readable, or if that's not appropriate, owned by group www-data and group readable
<jtaji> if any directory needs to be written to by apache, you can make it group writable by www-data
<henriquev> ok
<Stormeh> Hey - Has anyone used Amazon EC2 EBS Unbuntu before?
<dragon_> exit
<X-M4-X> I need help with the IRC server it doesnt work!
<X-M4-X> anyone here3
<RoyK>  
<RoyK> X-M4-X: which irc server? what are you trying to do?
<X-M4-X> I have everything set up and configured  but i need to copy unrealircd.conf to  /Unreal3.2
<RoyK> eeerm - what sort of software is this? what are you trying to do?
<X-M4-X> its an irc server package called Unrealircd    i just need to know how to copy that file
<RoyK> seems that doesn't come with ubuntu
<RoyK> if that's the case, then this is the wrong channel for   you....
<RoyK> there are a few irc servers in the ubuntu repository
<RoyK> ops
<RoyK> X-M4-X: did you find out about your probs?
<RoyK> X-M4-X: https://help.ubuntu.com/community/IrcServer
<X-M4-X> I need to copy the configuration from /Unreal3.2/doc to /Unreal3.2 and i have no clue how to do that
<diplo> X-M4-X, use the command cp to copy
<diplo> so cp /Unreal/config.conf /Unreal3.2/
<Jeeves_> how can I install Ampache on a v-hosted system so it's only available to ONE domain?
<billybigrigger> does ampache allow relaying?
<billybigrigger> ie, relay from my home pc, to a remote server and broadcast from it?
<ChrisRut> is there a way to diff two directories but have it show the difference in permissions & owners?
<rootlinuxusr> have a xubuntu 8.04.3 LTS base with apache, and mysql installed, have run tasksel install lamp-server, yet still apache keeps wanting me to download php files instead of parsing, where is my error?
<jmarsden> rootlinuxusr: Is this affecting all .php files, or only index.php?    For example, if you do    echo -e "<?php\nphpinfo();\n?>" |sudo tee /var/www/html/phpinfo.php     # and then browse to http://localhost/phpinfo.php    what happens?
<rootlinuxusr> firefox tries to download asdf.php(what I named it.
<rootlinuxusr> )*
<jmarsden> rootlinuxusr: Don't modify things you are asked to try, just cut and paste from here, it generally saves time and avoids typos...
<rootlinuxusr> still tries to download it.
<jmarsden> OK... try     sudo a2enmod php5   # and then restart Apache.
<rootlinuxusr> Module php5 installed; run /etc/init.d/apache2 force-reload to enable.
<jmarsden> Good.  DO what it says to reload apache
<rootlinuxusr> yup, still tries to download.
<jmarsden> That's... odd.  OK, let me see if I can duplicate the issue on a fresh (virtual machine) install of 8.04.3 .   Will take a few minutes to set up...
<rootlinuxusr> no problem. really need this fixed, trying to install phpmyadmin
<jmarsden> rootlinuxusr: I've solved this kind of issue for someone else before (maybe for two people), here in this channel... but I don't remember what the fix is or was...
<JanC> I think you need to enable PHP for each virtual host
<JanC> for each virtual host that needs it
<jmarsden> JanC: a2enmod does that apache-wide, doesn't it?  What do you mean specifically by "enable PHP" ?
<JanC> a2enmod makes sure that module gets loaded, but you need to tell apache to use that module for *.php files
<jmarsden> JanC: Be specific... AddHandler?  What are you suggesting?
<jmarsden> You may be right..., btw...
<JanC> yeah, that
<jmarsden> phpmyadmin.conf already does an AddType for it...
<JanC> the exact config for such things might differ foir each virtualhost, so can't be done automaticly
#ubuntu-server 2010-12-20
<Bizzeh> hey, im considering setting up a ubuntu server that all traffic within my business routes through. what would be the best way to disable certain sites for certain ip ranges, or computer names?
<qman__> AtomicDryad, you need to make a few changes in upstart to get console messages
<qman__> unfortunately there's no simple switch, you have to modify the plymouth scripts
<AtomicDryad> Hm, in hardy desktop I had to mangle plymouth files in initramfs-tools or such
<AtomicDryad> yeah
<qman__> in hardy it's easy
<qman__> just remove quiet splash from the boot line
<qman__> but from karmic on, that doesn't work
<AtomicDryad> It's a pita, I was hoping someone created a .deb fix
<AtomicDryad> I meant lucid
<AtomicDryad> the 10.4 LTS one
<qman__> you need to modify /etc/init/plymouth.conf and /etc/init/plymouth-splash.conf
<qman__> in both, you need to comment this line
<qman__> exec /bin/plymouth show-splash
<AtomicDryad> Really, if the stupid thing would tail -f boot.log it would be fine (not counting the issues with things getting there in the first place )
<AtomicDryad> Yeah
<AtomicDryad> took out attach-to-console
<AtomicDryad> or whatnot. it's been awhile
<AtomicDryad> Are they planning to return to sanity in 11.x...or 12 or 13.. ?
<qman__> unfortunately, not that I'm aware
<AtomicDryad> They're turning their distro into a joke as far as using it for Serious Business on the Internet(tm)
<AtomicDryad> =[
<Richk> hi
<Richk> Is it possible to run ASP.NET website on ubuntu-server?
<Richk> are there anyone can answer to my question?
<Datz> Richk: it is pretty slow here sometimes
<Datz> Richk: http://forum.siteground.com/showthread.php?7007-Is-it-possible-to-run-ASP-under-LINUX
<Datz> look at the last post
<Richk> Datz: looking...
<Richk> Datz: I could not find relevant info, but thanks. I know you can write and run ASP.NET code as a developer, but is it possible to run a website created in asp.net and c# on ubuntu server?
<Richk> it is possible on suse linux
<Richk> but too expensive
<Richk> so my question is can I do the same as this:  http://www.novell.com/products/mono/ on ubuntu server?
<Datz> If you can run it on linux, you can run it on ubuntu server if my logic is working
<Richk> Datz: Unfortunately it will work only on Suse Enterprise
<Datz> Richk: might do some research. It looks like it is possible
<Richk> Datz: thanks
<axisys> can someone tell me specs of this card? http://pastebin.com/gXmQapen
<axisys> (learning)
<axisys> sorry I hit /quit by mistake..
<axisys> still like to find out the spec of this card http://pastebin.com/gXmQapen
<twb> axisys: define "spec"
<axisys> twb: bus speed/ io speed/ cache size
<twb> axisys: ask the vendor
<axisys> twb: ok.. so lspci did not have that info
<axisys> ?
<twb> axisys: call Adaptec and ask them.
<qman__> lspci only gets the information the device reports to it
<qman__> the information you seek is not reported by the hardware
<qman__> find the manual or call adaptec
<axisys> twb, qman__ : ok
<axisys> so any info in lspci can tell me what card I should search for in adaptec site?
<qman__> unlikely
<qman__> at least not with a simple search
<qman__> lspci gives information about the chipset, while vendors use product model numbers
<qman__> unless someone has already made that relation online you're going to have trouble finding out what model it is that way
<twb> axisys: all you have is "Adaptec AAC-RAID (rev 09)"
<axisys> this is the card
<axisys> http://www.sun.com/storage/storage_networking/hba/raid/raid_internal.pdf
<AtomicDryad> ...unsurprisingly, upgrading to 10.x in a virt broke something. And the moronic splash boot crap clears away helpful messages that are apparently too confusing or something ><
<uvirtbot> New bug: #692424 in whois (main) "Please merge  whois 5.0.10 (main) from debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/692424
<twb> AtomicDryad: tell me about it :-/
<twb> AtomicDryad: what virtualization technology?
<AtomicDryad> They intentionally put in a clear screen command. WTF
<AtomicDryad> And not only that, but plymouth fails to log boot msgs even after fixing the original issue
<AtomicDryad> colinux
<AtomicDryad> Apparently openvz and xen etc have issues too
<twb> Yeesh, I've never even heard of that one
<AtomicDryad> It's like usermode but on windows
<twb> Oh, it's some windows thing
<AtomicDryad> Yeah, faster than cygwin and less of a pig than vbox/vmware/qemu
<AtomicDryad> It's been a long time since 10.4 came out...and noone has come up with a demoronizer for it?
<twb> Most of my stuff runs headless
<AtomicDryad> Yeah, this usually does
<twb> I assume you've already removed "quiet splash" from the bootloader in your domU -- assuming your domU even steps throught a bootloader?
<AtomicDryad> Bootloader? Screw that shit, on 10.x it's probably just as fracked as init has become
<twb> So: you are not running a bootloader?
<AtomicDryad> But yeah it's an executable kernel, so no bootloader is needed
<twb> You're directly the kernel and ramdisk to colinux to boot?
<AtomicDryad> The kernel+modules are not provided by ubuntu
<twb> So colinux is directly invoking /sbin/init ?
<AtomicDryad> There's a small initrd
<twb> If you aren't running stock Ubuntu kernel and initrd, there isn't much I can do about them
<twb> The splash code lives, at least in part, in the stock ramdisk.  I don't know what will happen if you remove that part
<AtomicDryad> Eh, the point of failure was past that
<AtomicDryad> Orly? Hm. Odd.
<twb> Yeah, IIRC it even copies libgtk2 in there :-/
<AtomicDryad> ..........
<AtomicDryad> You're not serious
<twb> I am
<AtomicDryad> wtf
<AtomicDryad> Okay. It's offensive enough on a desktop distro for grandma
<AtomicDryad> But...if they're stuffing megabytes of useless crap into initrd...
<AtomicDryad> On a server distro..
<AtomicDryad> oy
<twb> ssh omega zcat /initrd.img | cpio -t | grep gtk
<twb> I can't see it... might only happen when the fancy-pants plymouth theme is installed
<AtomicDryad> [root@vm]/boot# zcat initrd.img-2.6.32-26-generic |cpio -t|grep -i gtk
<AtomicDryad> 36441 blocks
<AtomicDryad> yeh
<twb> Nope, I can't see it even in a fully desktop 10.04, so  Idunno
<twb> Guess I was just misreading /usr/share/initramfs-tools/**plymouth
<AtomicDryad> busybox+klibc on the default one
<twb> Oops, I was looking at an 8.04 desktop
<AtomicDryad> :-O
<AtomicDryad> Has anyone even made a guisplash that shows scrolling messages? I know fedora had it. Or something.
<twb> You can hit ESC and it'll echo the entire dmesg output to the screen, IRIC
<AtomicDryad> They should use that space for a mini rescue distro
<AtomicDryad> with networking/sshd. >.>
<twb> AtomicDryad: you have networking in an Ubuntu ramdisk.
<twb> Actually, I tell a lie -- ubuntu's busybox is cut-down compared to debian's...
<twb> Debian's busybox even has an httpd
<AtomicDryad> ....and a getty spawning on failures...
<AtomicDryad> So does the one on my phone :P
<twb> Er, no.
<twb> It has a *shell* that spawns on failure (or when booting with "break").
<AtomicDryad> What, ubuntu?
<twb> Both ubuntu and debian do.
<AtomicDryad> Huh. I didn't get a shell. Just clearscreen+hi I'm plymouth, BLEEEAARGHH (segv)
<twb> AtomicDryad: you already admitted you were using a non-standard ramdisk
<twb> You may have to chvt to tty1, or wherever you've placed /dev/console.  IIRC there's a known bug in 10.04 where plymouth doesn't do that automatically when appropriate
<AtomicDryad> Yeah, but getty/shell on failure needn't be just in initrd
<AtomicDryad> :P
<twb> AtomicDryad: there's also one that's post-initrd, but that's done by upstart, and I don't trust it.
<AtomicDryad> Considering it's a virt that wouldn't be an option.
<twb> In /etc/init/mountall-shell.conf, and a few other places
<AtomicDryad> Upstart is hella(tm) fast. Impressive but so far the entirety of the new boot/init/eyecandy process seems rather untrustworthy, yeah
<AtomicDryad> (I've also tried it on a real system. No failure, but offensive nonetheless)
<AtomicDryad> Hm, what's /bin/sh supposed to be on 10.4? bash or dash?
<twb> IMO it is not significantly faster than startparized Squeeze
<twb> In all active versions of Ubuntu it should be dash, IIRC
<twb> certainly in 10.04 it should be dash
<AtomicDryad> kk, just making sure
<AtomicDryad> sh.distrib was pointing to bash
<twb> dash probably dpkg-divert's it
<twb> hysterical raisins
<twb> IMO bash should depend on dash, not the other way around
<AtomicDryad> It is that way
<twb> You're right.
<twb> bash is still Essential: yes, though
<twb> That means packages are allowed to implicitly Pre-Depends on it.
<AtomicDryad> consolekit looks utterly useless, but let me guess...removal = armageddon?
<AtomicDryad> Well, there's some things that may need bash's functionality
<AtomicDryad> like cygwin apt
<AtomicDryad> >.>
<AtomicDryad> Dunno of anything on an actual linux system though
<twb> AtomicDryad: did you install ubuntu-minimal, or a full desktop?
<twb> Because if you want a desktop, this is the wrong channel.  And if you don't, consolekit shouldn't have been installed...
<AtomicDryad> I upgraded from a server 9.04 ext3 img :P
<twb> consolekit is only pulled in by GUI stuff, so obviously you screwed up somewhere
<AtomicDryad> ...FFFFFFFFUUUUUUUUUUUUU
<twb> It certainly isn't installed on my 10.04 systems created by installing from a 10.04 debian-installer ramdisk
<AtomicDryad> Yeah. forgot to '-m server'  9.10->10.4
<AtomicDryad> That should be default though...?
<twb> I don't know, man. dru is for schmucks
<AtomicDryad> dru?
<twb> do-release-upgrade
<AtomicDryad> Eh, it worked for the most part. Not that familiar with ubuntu, but it's repos are a great temptation
<ScottK> twb: It's the upgrade method that we test the most and is the most supported.  Please don't tell new people not to use it.
<twb> Sorry.
<twb> I was bitching because I've never once seen it work
<ScottK> OK.  I've never once seen it fail.
<ScottK> Updating sources.list, apt-get update, apt-get dist-upgrade should also work, but they put special case code to work around problems in d-r-u so it's best for most people to use it.
<AtomicDryad> No issues here, save for one caused by the way I'm running things, and the installation of halfassery
<AtomicDryad> Is anyone aware of a fuse/unionfs-ish overlay that provides symlinks on filesystems that don't support it?
<AtomicDryad> Like umsdos did for fat
<twb> AtomicDryad: you could just write one
<AtomicDryad> Yeah I've been considering that
<twb> Such a fuse filesystem is pretty trivial -- have a look at rofs, for example
<twb> The HFS+ drivers do such a thing internally for *hard* links
<AtomicDryad> Could probably even translate win32 *.lnk files
<twb> AtomicDryad: note that NTFS supports symlinks natively, so .lnk files are really legacy.
<AtomicDryad> I don't think cofs (mounts a path from hostos) provides any clue in regards to those
<twb> Humph, colinux doesn't simply translate syscalls?
<twb> That's essentially what OpenVZ/LXC do
<AtomicDryad> junctions aren't symlinks afaik
<AtomicDryad> they're symlink-ish? Not sure.
<twb> I don't pretend to understand; I don't really deal with Windows.
<twb> Presumably the POSIX.1 against which NT4 was certified predated symlinks in POSIX.1
<AtomicDryad> http://en.wikipedia.org/wiki/NTFS_reparse_point
<twb> I wonder how cross-volume hard links work... presumably reference-counting is not feasible...
<eagles0513875|2> hey everyone
<twb> Please explain how I'm supposed to non-interactively reconfigure ldap-auth-client's debconf entries: http://paste.debian.net/102809/
 * twb grovels through the flipping postinst by hand :-/
<twb> GRRR
<twb> If I cheat and just invoke "/var/lib/dpkg/info/ldap-auth-config.postinst configure" directly, it works
<rigved> hi everyone
<rigved> i get this error when i start my ubuntu server in virtualbox - SMBus address uninitialised: Upgrade BIOS or use force_addr=0xaddr
<rigved> is there some thing wrong here?
<rigved> can anyone help me with my problem? ^^
<N2Deep> rigved: I think you can ignore that, unless it stops your virtual machine from booting.
<N2Deep> I have seen it before, did not affect me.
<rigved> N2Deep: i think that only the first time i booted that i couldn't continue. otherwise every other time it booted fine. i was asking because it shows up every time. thanx for your help
<serard> hello
<serard> does someone can help me with bugzilla and charset encoding ?
<pmatulis> !ask | serard
<ubottu> serard: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<serard> :)
<altergol> Hi, I'm trying to create a virtual machine on a newly installed (lucid) host but I get the following error: "W: Failure trying to run: chroot /tmp/tmpqXQAmV mount -t proc proc /proc" ... the full vm creation command is here: http://ubuntu.pastebin.com/KEYW772M
<altergol> Googling the error seems to indicate something is wrong in debootstrap but this is as far as I can go to debug the problem
<altergol> Any help with this?
<LoganPhyve> good morning, all
<LoganPhyve> looking for some help: Have Zimbra Mail running on Ubuntu server 8.04.4 LTS, in a VMware 3.5 ESX box. Using VMware standalone coverter to try and migrate it to a much more powerful machine. Every time I try, the transfer completes but I have no network connection. ifconfig only shows the loopback connection. any idea how to add te VM virtual network adapter back to the OS?
<remix_tj> LoganPhyve: very easy
<remix_tj> if you do ifconfig -a
<LoganPhyve> it does show the adapter doing that
<remix_tj> you can see the new interface
<LoganPhyve> i can see it ( I have it disconnected in ESXi since the old machine in the ESX box is still running) so it's not connected to my network at the moment...
<LoganPhyve> so what would I do (after enabling the connection in ESXi) to get it to connect to the network?
<LoganPhyve> i think i answered my own q, it shows as eth0 and /etc/netwok/interfaces shows eth0...
<remix_tj> LoganPhyve: take a look to /etc/udev/rules.d/70-persistent-net.rules
<remix_tj> there is a row with the old mac address
<remix_tj> and another with the new mac
<remix_tj> remove both
<LoganPhyve> alright
<remix_tj> at the boot the eth0 will be configured to the correct adapter
<LoganPhyve> sounds great, thank you very much remix_tj
<LoganPhyve> unfortulatly I'll have to wait until next weekend or midnight this week to try it, since I can't take our mail server offline at the moment
<LoganPhyve> but thanks again for the tut
<remix_tj> LoganPhyve: i migrated about 30 linux box from an ESX server to another, i'm so skilled about it :-D
<LoganPhyve> heh, I guess so!
<LoganPhyve> i'm replacing a lot of the older stuff, but this is one machine i'm not messing with at the moment
<LoganPhyve> the last guy that worked here had no clue what he was doing and set things up extremely poorly
<LoganPhyve> he's got our mail server running on an ancient dual-chip server, but it has 1 vCPU, 2gb of ram, and 250gbs of flat disk
<LoganPhyve> I'm moving it over to a 4 vCPU setup, 3gb of ram (all I have at my current disposal) and 1 Tb of Raid5 storage
<LoganPhyve> a much needed performance boost.
<altergol> Anyone to give me advice on my problem with vmbuilder ? (see complete command line here http://ubuntu.pastebin.com/KEYW772M) I get the following error: "W: Failure trying to run: chroot /tmp/tmpqXQAmV mount -t proc proc /proc"  ... ?
<pmatulis> altergol: how is your disk space?
<altergol> disk space is fine: 1,3 free on the host
<altergol> the host is a newly installed lucid
<pmatulis> altergol: have you used this exact creation method in the past?
<altergol> yes, on my desktop machine it works fine
<altergol> but not on this server
<hallyn> altergol: nothing else in the logs?  No -EPERM or -EACCESS or -EINVAL or anything?
<altergol> I also tried to update vmbuild using the daily build ppa because I've seen that the version in lucid is outdated ... no luck
<altergol> nothing in the logs, I just checked ...
<hallyn> /var/log/apparmor/*.log?
<hallyn> well, shouldn't be
<hallyn> altergol: so what happens if you try that command by hand?
<altergol> same result if I try it by hand
<hallyn> and 'strace !!' ?
<altergol> strace !! -> http://ubuntu.pastebin.com/23h2U3Kk
<pmatulis> altergol: using sudo?
<altergol> no, this is launched after a "sudo su"
<altergol> hallyn: /var/log/apparmor/ is empty
<ttx> Daviey: ping
<altergol> pmatulis: thanks a lot for your help ... I guess I'll have to resort to virt-install
<Daviey> ttx, hey
<Ferhat> hi, what's the latest ubuntu server version that supports mysql4?
<jdstrand> altergol: fyi, apparmor denials are in dmseg and kern.log (/var/log/audit/audit.log if it is installed)
<ttx> Daviey: about the task forces spec, was wondering if you needed more from me at this point
<ttx> jdstrand: o/
<Ferhat> I'm trying to get mysql 4 running on ubuntu server for some old software
<Daviey> ttx, No, sorry - i plan to get things moving this week.
<jdstrand> hi ttx! how are you?
<ttx> Daviey: ok, no hurry :)
<hallyn> altergol: uh, please try 'strace -f chroot /tmp/tmpqXQAmV mount -t proc proc /proc
<Daviey> ttx, Although - with xmas on our back, it might not get much traction until next year. :/
<ttx> jdstrand: Very well, thank you. Stil busy learning new projects and codebases
<ttx> Daviey: np, was just making sure I didn't miss a request from you to unblock you
<Daviey> jdstrand, I think what he mean't to say - "I'm living the dream".
<Daviey> ttx, invent the 25th hour in a day? :)
<hallyn> jdstrand: oh, thanks.  how come theyr'e not copied into /var/log/apparmor/err?
<altergol> hallyn: http://ubuntu.pastebin.com/aCELv2Ke
<jdstrand> Daviey: I thought we were living the dream?
<hallyn> altergol: thanks.  and what does /proc/self/status show?
<hallyn> altergol: permission is denied, so question is why
<jdstrand> hallyn: I'm not sure what /var/log/apparmor is-- possibly something for yast
<hallyn> jdstrand: eep! :)
<jdstrand> hallyn: the messages come through the kernel's audit facility. we could rsyslog it over I suppose...
<Daviey> jdstrand, Your dream must be better than mine :P
 * jdstrand likes his dream
<hallyn> jdstrand: i'm missing austin, lemme tell you.  Showed up in chicago to find heater is broken with 10 degree lows :)
<altergol> hallyn: am I supposed to "run" /proc/self/status ?
<hallyn> altergol: cat /proc/self/status
<jdstrand> hallyn: yikes!
<hallyn> altergol: and maybe 'quota' for good measure
<jdstrand> hallyn: I sure don't miss western NY myself :)
<hallyn> we should get some more pretty snow tonight, at least
<altergol> hallyn: cat /proc/selft/status => http://ubuntu.pastebin.com/NwKL7rWu
<jdstrand> that sounds nice
<jdstrand> we have some light rain here, atm
<hallyn> that sounds nice :)
<jdstrand> :)
<altergol> hallyn: quota returns with no output (installed via apt-get install quota)
<hallyn> altergol: can you please file a bug?  I'll try to reproduce on a stock 10.04.1 lucid machine
<altergol> hallyn: sure, thanks for you help
<hallyn> mp
<pmatulis> altergol: what else is this server doing besides acting as kvm host?
<pmatulis> altergol: other customizations?  services?
<altergol> pmatulis: absolutely nothing yet, the server is brand new
<highvoltage> anyone here who doesn't use htop?
<hallyn> highvoltage: uh, wha?  i rarely do...  fwiw
<hggdh> Daviey: you took vector offline on Hudson?
<hggdh> and good morning :-)
<Daviey> hggdh, no, seems i need to manually reload it daily :/
<Daviey> hggdh, god afternoon btw :)
<Daviey> good*
<hggdh> Daviey: thanks
<marcriera> hi, does anyone know how to launch startup scripts on ubuntu like GPO scripts are launched on windows?
<Daviey> hggdh, I had to hack the timeout to be 3 hours, as all tests were failing
<hggdh> Daviey: I wonder if we should set the timeout per machine, as opposed to a generic
<Daviey> hggdh, Might make sense, but seems they are all failing anyway
<hggdh> Daviey: even more, it is a collection of quite different hardware (mine, for example, is a iCore7, yours is a i386, etc), with different clock speeds
<Daviey> ah yes
<crazed> hm, does 10.04.1 server edition not load virtio drivers for blk/net?
<crazed> i can only seem to get virtio_balloon
<i0nic> how can I make csf firewall run at start, is the best way to do this with runlevels? /etc/rc files?
<c0nv1ct> i0nic, that is the proper way to run services, yes
<i0nic> anyone using csf firewall?
<LowValueTarget> whats the best method to log each command someone runs while logged in via ssh
<LowValueTarget> something i can send off to another box via a remote logging facility
<c0nv1ct> LowValueTarget, http://www.techsutram.com/2009/12/bash-shell-logging-technique.html
<c0nv1ct> LowValueTarget, that work?
<eagles0513875> hey RoyK you around bud?
<raubvogel> Does anyone know why the ubuntu packages have dovecot 1.X while 2.X has been out?
<eagles0513875> raubvogel: give me a sec to ssh into my server
<eagles0513875> 2.x i think raubvogel
<eagles0513875> raubvogel: you on lucid
<eagles0513875> lucid has 1.2.9
<raubvogel> Would you know its package name,  eagles0513875? What I saw was 1.2.9 (http://packages.ubuntu.com/lucid-updates/dovecot-common) all the way to 1.2.15 (http://packages.ubuntu.com/natty/dovecot-common)
<raubvogel> And, yes i am using lucid since this is a server
<pmatulis> raubvogel: um, v2.0.8 was release Dec 3.  what do you expect?
<hggdh> raubvogel: debian has 1.2.15 (as Natty). We will most certainly sync/merge when it is available from Debian
<raubvogel> Ok, I can take that; it is the same that, say, gentoo offers.
<pmatulis> yes, the 2 series first appeared in August
<hggdh> raubvogel: you can also use rmadison to find what versions are available for a package on Ubuntu and/or Debian
<eagles0513875> raubvogel: on ubuntu its split into dovecot-imapd or dovecot-pop3d
<eagles0513875> depeds what you want to use imap or pop 3
<eagles0513875> i pulled the dovecot-imapd and set it up with postfix
<eagles0513875> hggdh: can do apt-cache search dovecot-imapd as well or pop3d
<eagles0513875> and that will work
<raubvogel> Makes sense. I too installed dovecot-imapd since I have no desire to use pop3
<raubvogel> Right now just converting some old configs to new
<eagles0513875> raubvogel: then in the dovecot config you can have it use only imap and imaps  or just imaps
<eagles0513875> !dovecot
<ubottu> IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol
<eagles0513875> !mailserver
<ubottu> Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/10.04/serverguide/C/email-services.html
<eagles0513875> raubvogel: if you need to reference the wiki google search dovecot ubuntu wiki
<eagles0513875> raubvogel: have you worked with dovecot-antispam package?
<jordandev> hello everyBody
<SpamapS> hello jordandev
<jordandev> any expert for PXE deplyment of Ubuntu in  cluster?
<jordandev> hello SpamapS :-), thanks
<SpamapS> jordandev: kirkland is particularly well versed in that, but I believe he's on vacation so may not be very responsive.
<SpamapS> jordandev: still, why don't you just ask your question, maybe we can help?
<jordandev> i tried this
<jordandev> https://help.ubuntu.com/community/AutomatedNodeDeployment
<jordandev> on the node boot he can get the IP@
<jordandev> so the DHCP is OK
<jordandev> but he faild on trying to load the pxelinux.cfg/default
<jordandev> simple question
<jordandev> any idea about the best/clear tutorial/HowTo ?
<jordandev> :-)
<altergol> hallyn: I found the solution to my problem, not related to vmbuilder ... the problem was that grsecurity patches were preventing vmbuilder from mounting /proc ... with a kernel on the host without grsecurity all is fine
<hallyn> altergol: i see
<SpamapS> jordandev: can you be more specific when you say that it failed on trying to load pxelinux.cfg/default ?
<jordandev> TFTP prefix: Trying to load : pxelinux.cfg/defalut
<jordandev> Boot Failed: press a key to retray
<jordandev> ...
<JordiGH> I need to backport a newer zabbix to hardy. What would you recommend? I tried using the hardy source package with uscan (package didn't build), I tried looking in hardy-backports (newer version isn't there), I'm considering attempting using Debian's lenny-backports.
<jordandev> @SpamapS: thats the problem, i dont have more message
<jordandev> thats all what i get
<jordandev> :(
<jordandev> is this https://help.ubuntu.com/community/AutomatedNodeDeployment the best HowTo ?
<JordiGH> Okay, I guess this might help me: https://launchpad.net/~mario-sitz/+ppa-packages
<SpamapS> jordandev: it looks ok, though that makeHeadNode script is pretty giant to be pasted.
<jordandev> :)
<JordiGH> Hm, wtf. He says he uploaded it to hardy backports, but apt-cache policy disagrees that such a version of zabbix exists. I wonder if I'm misusing backports?
<SpamapS> JordiGH: was it new to backports? Might have to clear an archive admin.
<JordiGH> SpamapS: Yeah, it's not here: http://packages.ubuntu.com/hardy-backports/net/
<JordiGH> But it is here: http://packages.ubuntu.com/hardy/net/zabbix-agent
<JordiGH> So you suggest I nudge an admin?
<LowValueTarget> c0nv1ct: that url es no work
<LowValueTarget> cached copy worked though
<LowValueTarget> thanks
<c0nv1ct> weird, works for me
<LowValueTarget> c0nv1ct: http://bit.ly/hiDnaP
<SpamapS> JordiGH: dunno.. it may just take a while to hit the archives. I'm not entirely sure of how backports works
<JordiGH> Hm, I guess I can use his ppa directly.
<jordandev> any feedback regarding that http://fai-project.org/ ?
<SpamapS> jordandev: we just recently evaluated it, and it is somewhat complicated
<SpamapS> jordandev: we're working on getting cobbler to deploy ubuntu in natty actually
<jordandev> cool
<jordandev> and where are you on that now?
<jordandev> success?
<SpamapS> jordandev: not quite there yet, but getting close :)
<jordandev> perfect
<jordandev> any link so i be notified if you have any news? ;-)
<SpamapS> jordandev: by the end of natty alpha 2 we expect to have it deploying ubuntu and fedora from ubuntu and from fedora
<SpamapS> jordandev: we'll send an email to the ubuntu-server mailing list for sure
<jordandev> perfect
<SpamapS> jordandev: should go into universe soon.. when that happens, we'll be calling on people to test and report bugs
<JordiGH> Excellent, habemus Zabbix.
<JordiGH> And I got the package source if I need to compile it differently.
<JordiGH> \o/
<jordandev> @SpamapS: i git it a try (Cobbler)http://terrarum.net/administration/cobbler.html  http://terrarum.net/administration/deploying-ubuntu-with-cobbler.html
<jordandev> but unfortunately without succees
<JordiGH> Oh, hahah, Zabbix links with OpenSSL, GPL violation, lololol.
<JordiGH> Oh, great, the zabbix packaging is broken. :-/
<JordiGH> For hardy at any rate, doesn't package some javascript libraries.
<jordandev> SpamapS: small question: can you deploy Ubuntu using Cobbler (Cobbler installer on CentOS or Fedora)?
<jordandev> (Cobbler installed from CentOS or Fedora)?
<SpamapS> jordandev: I believe it works for some, but we haven't been able to make it.
<jordandev> :((
<jordandev> in this link he sais he was able to do it http://terrarum.net/administration/deploying-ubuntu-with-cobbler.html
<SpamapS> jordandev: yeah, its just not ready yet. Soon. :)
<jordandev> i see
<Daviey> JordiGH, I'm using zabbix on lucid and it works for me.
<JordiGH> Daviey: Yeah, I'm on Hardy.
<jordandev> thank you SpamapS
<jordandev> so your advice is to wait Cobbler to be compatible with ubuntu
<JordiGH> Daviey: It's just an old package. I decided to try someone's ppa backport, and the backport is broken. Very mildly, though, just missing prototype and scriptaculous.
<JordiGH> I bet I can get away with just grabbing those two debs.
 * JordiGH can't imagine how javascript libraries could have complicated binary dependencies.
<Daviey> JordiGH, okay
<jordandev> SpamapS: is it?
<Daviey> jordandev, RE, PXE - what tftp server are you using?
<SpamapS> jordandev: well, no, the howto you originally followed should work fine.
<jordandev> SpamapS: tftpd-hpa
<SpamapS> jordandev: Daviey asked. ;)
<jordandev> ah i see :-)
<Daviey> jordandev, Have you tried using tftp from tftp-hpa to do a get?
<jordandev> i will give it a try
<Daviey> jordandev, ie, $ tftp $IP_ADDRESS -c get pxelinux.0
<Daviey> (IIRC it does overwrite local files without warning!)
<SpamapS> wom 20
<SpamapS> dooh
<jordandev> Daviey: nothing work now :(
<jordandev> i used that https://help.ubuntu.com/community/AutomatedNodeDeployment
<jordandev> so after removing tftpd-hpa
<jordandev> and installing tftp
<jordandev> it doesnt work
<jordandev> thats it
<cjwatson> hggdh,Daviey,et-al: dpkg 1.15.8.7ubuntu1 uploaded, should hopefully be faster for you guys
<hggdh> cjwatson: fantastic, thank you!
<Daviey> cjwatson, \o/
<Daviey> cjwatson, I'll consider that an xmas present :)
<bluethundr> for some reason even tho pssh is installed it refuses to function
<bluethundr> http://pastebin.ca/2024735
<bluethundr> anyone have any insight into how to solve this issue?
<pmatulis> bluethundr: i guess the pssh command is not in the PATH (of the root user)
<pmatulis> bluethundr: do 'which pssh; echo $PATH'
<RoyK> wtf is pssh?
<bluethundr> parallel ssh
<pmatulis> !info pssh
<ubottu> pssh (source: pssh): Parallel versions of SSH-based tools. In component universe, is optional. Version 2.1.1-1 (maverick), package size 27 kB, installed size 196 kB
<bluethundr> a way to issue commands to a group of machines at one time via ssh
<RoyK> ah
<bluethundr> which don't know diddly about pssh
<bluethundr> and locate does not show anything outside my user directory tho my system claimed it was successfully installed via aptitude
<i0nic> everytime I try to generate a gpg key on my server it says it needs more data
<pmatulis> bluethundr: ah sorry, i think which bases itself on the PATH
<i0nic> what can I do in the background to get enough data going?
<bluethundr> that's ok :)
<pmatulis> bluethundr: so just use sudo instead
<bluethundr> sudo is hosed at the moment, I'll get around to fixing that later (it's an ldap thing)
<bluethundr> at the moment I'm su'd into root
<pmatulis> bluethundr: so do '/usr/bin/pssh'
<bluethundr> pmatulis, it was actually named /usr/bin/parallel-ssh
<bluethundr> which is a bit wordy for my tastes
<bluethundr> so I just ln -s to /usr/bin/pssh and it seems ok now
<bluethundr> thanks for your help
<pmatulis> bluethundr: ok, keep on truckin'
<bluethundr> pmatulis, right on, you too
<Ralchev> Guys, do you have any idea how to disable ipv6?
<pmatulis> Ralchev: some sysctl option
<SpamapS> Ralchev: is there something broken about having it on?
<Ralchev> SpamapS, it seems that I cant connect to my db while trying to execute a .sh file, someone said it may be because of ipv6
<Ralchev> its like http://paste.ubuntu.com/546067/
<SpamapS> Ralchev: ah, I don't see how that suggests ipv6 is at fault.. but I'll take your word for it. :-P
<Ralchev> SpamapS, dunno rly
<axisys> what is the correct syntax to add this into fstab?
<axisys> /dev/md10 on /opt/splunk type ext4 (rw)
<axisys> do I need to use UUID instead of /dev/md10 ? how do I get that ?
<remix_tj> axisys: blkid /dev/md10
<axisys> /dev/md10: UUID="9b3de848-b6e7-4c6b-9659-89875da35403" TYPE="ext4"
<axisys> cool!
<axisys> so I use blkid instead ?
<axisys> remix_tj: ^
<remix_tj> yes
<remix_tj> the UUID is better
<axisys> this entry looks kosher in fstab ?
<axisys> UUID="9b3de848-b6e7-4c6b-9659-89875da35403"     /opt/splunk     ext4    defaults        0       0
<remix_tj> axisys: maybe :-)
<axisys> remix_tj: thanks
<LowValueTarget> So say user1 SSHs into server1 then SSHs into server2 from server1. Is it possible to record commands to server1 that user1 executes int the server1 => server2 SSH session?
<remix_tj> LowValueTarget: no, the commands sent to server2 from server1 are registered only con server2
<LowValueTarget> remix_tj: ok, what about using server1 as an SSH proxy of sorts then and having user 1 connect from serverA to server2 /through/ server1
<LowValueTarget> im jsut trying to create some sort of audit trail without having some program or agent installed on every target computer
<remix_tj> uhm, i think you should use ssh a proxy but i don't know how
#ubuntu-server 2010-12-21
<SpamapS> LowValueTarget: to answer your earlier question, you can in fact use an ssh bouncer as a key logger.
<SpamapS> LowValueTarget: however, it would probably require modifying openssh, unless they've added the "spy on users" option recently.
<LowValueTarget> found this.... http://www.balabit.com/network-security/scb
<LowValueTarget> that may be what we need
<LowValueTarget> this is for PCI ....
<SpamapS> LowValueTarget: My last PCI work was years ago.. but then, it just required access logging.. you didn't have to keep a log of every session.
<kees> LowValueTarget: you can also use netcat to avoid the key logging. in /etc/.ssh/config:
<kees> Host *%*
<kees>     ProxyCommand ssh $(echo %h | cut -d% -f1) nc -q0 $(echo %h | cut -d% -f2) %p
<kees> then you can ssh server2%server1
<SpamapS> Right, unless you have the cooperation of sshd itself, its not going to catch everything.
<LowValueTarget> SpamapS: And it goes on.... http://bit.ly/hFY90p
<twb> Oh wow
<twb> kees: btw, current ssh versions don't need nc on the far end, ssh -W
<twb> I had to use -d%% to make it work with 5.5p1
<twb> Doesn't work so well if you try to use @'s in there
<twb> Oh, and of course you can use pattern substitution
<twb> ARGH, ssh adds "exec" to the string
<twb> Not exactly an improvement:   ProxyCommand sh -c 'h="%h"; exec ssh "${h%%,*}" -W "${h#*,}":%p'
<twb> ProxyCommand >/dev/stdout; h="%h"; exec ssh "${h%%,*}" -W "${h#*,}":%p
<uvirtbot> New bug: #682831 in plymouth (main) "lost console output early in boot" [Medium,Fix released] https://launchpad.net/bugs/682831
<MTecknology> Grrr... I with there was a channel for PlanetPlanet. The software is amazing but just a little help would be great.
<AkakuMatt> Anyone in here use ODBC Connection to connect to their Mysql server??
<AkakuMatt> Im using Ubuntu 10.10 Server trying to get an access frontend to dump to mysql backend
<twb> AkakuMatt: why don't you just use mysql(1) ?
<twb> I have unencrypted ldap working (ldap://127.0.0.1).  I've told slapd to use ldaps:///, too, but when I try to ldapsearch -xHldaps://127.0.0.1, I get "ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)"
<twb> This is not useful for debugging.  How do I get more debugging output from ldapsearch about the SSL failure?
<twb> OK, -d3 yields TLS: peer cert untrusted or revoked (0x42)
<uvirtbot> New bug: #692838 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1ubuntu0.1 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/692838
<EspadaV8_W> hello, i'm trying to find the correct way to set the console res in ubuntu server 10.04
<EspadaV8_W> but i don't seem to be able to find anything relevant
<EspadaV8_W> am i just being blind or is there something out there?
<dragoon123> Hi, I am having problems setting my fan speed atm I have tried echoing different values to both the PWM and acpi fan files but the fan is still stuck @ 100%
<dragoon123> Is there a way to manually set the values myself (control fanspeed)?
<twb> EspadaV8_W: if the framebuffer driver you're using is compiled in, pass video=foofb:1024x768-16, where foofb is the driver
<twb> EspadaV8_W: if it isn't compiled in, "foofb 1024x768-16" in /etc/modules *I think*(
<twb> EspadaV8_W: you can also change the *font size* by issuing "dpkg-reconfigure console-setup"
<EspadaV8_W> how do i find out what driver it is? (i'm installing inside vmware fusion, without the vmware drivers installed atm)
<twb> I don't provide support for vmware, but I would guess vesafb or vga16fb
<EspadaV8_W> fbcon?
<twb> fbcon is the in-kernel terminal emulator that's built on top of the framebuffer.
<EspadaV8_W> ah, i have vga16fb in lsmod
<EspadaV8_W> ah, ok, thanks
<EspadaV8_W> i'll try doing that
<EspadaV8_W> GRUB_CMDLINE_LINUX_DEFAULT="video=vga16fb:1024x768-16"
<EspadaV8_W> does that look ok?
<twb> I don't know
<twb> If lsmod lists it, then there's no point telling the KERNEL to load it, because it's not compiled in
<twb> I guess you have to fight all the plymouth-related voodoo that's in ubuntu ramdisk and init nowadays
<EspadaV8_W> it is in lsmod, so i passed what you mentioned in that GRUB2 line
<EspadaV8_W> i've got around having a low res by ssh-ing from my host, but it's annoying
<EspadaV8_W> the docs for Ubuntu seem to be very lacking
<dragoon123> I am trying to set a value in /sys/class/hwmon/hwmon1/device/pwm1 , to lower my fan speed but when I save the file i get a E667: sync error in vim
<twb> dragoon123: uh, don't use an editor to manipulate /sys and /proc
<dragoon123> twb: How do I go about adjusting the speed manually?
<twb> echo datum >/sys/foo/bar/baz
<twb> printf, if you want to be anal
<dragoon123> Hmm, the value does not change after I run the command
<dragoon123> still stuck @ 255 pwm
<dragoon123> any ideas?
<Makere> sudo?
<RoyK>  08:49:11 up 12 days, 21:53,  2 users,  load average: 55.18, 29.65, 12.68
<SpamapS> RoyK: call me when it gets to 400.. ;)
<RoyK> hehe
<RoyK> SpamapS: old c2d machine running 5 VMs with only a mirror of drives ... i/o sucks quite hard on that one compared to what it should have been
<SpamapS> Best load average story I ever had was when a woody box running on an old AMD 5x86-133 w/ 512MB of RAM and a single crappy disk hit 400+ because of a spam flood. The most awesome part was, I let it churn.. and 36 hours later.. it returned to a load under 1.00
<RoyK> decent memory load, I guess, then
<RoyK> linux usually can't (or at least couldn't back then) handle very rough memory loads
<SpamapS> It was swapping like crazy
<SpamapS> this was before spamd
<SpamapS> spamassassin was just forking once for every mail
<SpamapS> so there were hundreds of spamassassin's running, swapping in and out
<RoyK> then it's a wonder it didn't crash :P
<SpamapS> I actually think crashing would be preferrable to being tied up for 36 hours
<RoyK> 'cept such a crash would make the server hang :P
<RoyK> so no cigar
<SpamapS> Which is why I tend to suggest people have remote power control. :)
<SpamapS> think about it
<SpamapS> 36 hours of non usability
<SpamapS> that is never acceptible
<twb> aaaaaaaargh
<twb> Debian bug #549168 affects lucid
<uvirtbot> Debian bug 549168 in rsyslog "high memory usage when using TLS netstream driver" [Important,Fixed] http://bugs.debian.org/549168
<twb> (At least, the version predates the fix (which is in natty); I'm about to test it
<sgo11> hi, new to ubuntu. with ubuntu-server 10.10, why the file /etc/apt/apt.conf.d/10periodic does not exist? by reading the ubuntu-server serverguide, I supposed to edit this file. this serverguide doesn't ask users to create the file, instead, it uses the word 'edit'. thanks.
<gobbe> sgo11: it means that automatic updates are not enabled
<gobbe> sgo11: https://help.ubuntu.com/10.10/serverguide/C/automatic-updates.html
<sgo11> gobbe, thanks. then how to enable it? I followed the serverguide. install unattended-upgrades and then /etc/init.d/unattended-upgrades restart even if the serverguide doesn't ask me to start the service.
<gobbe> sgo11: read my link
<gobbe> sgo11: about in halfway, there's line starting with "To enable automatic updates"
<sgo11> gobbe, it writes "To enable automatic updates, edit /etc/apt/apt.conf.d/10periodic". but I don't have that file. that was my question.
<gobbe> yes, then you create it
<sgo11> I am wondering if I supposed to create the file by myself or the file should be created by the system.
<gobbe> and add lines that are listed there
<gobbe> no, you need to create it with editing :)
<sgo11> gobbe, it writes "To enable automatic updates, edit /etc/apt/apt.conf.d/10periodic". but I don't have that file. that was my question.
<sgo11> gobbe, sorry. something wrong with my xchat.
<gobbe> :)
<gobbe> so just open the file in editor, if you want you can cerate empty file before that ofcourse with touch
<sgo11> gobbe, ok. thanks. that is the answer to my question. some guy should modify the serverguide, use the word 'create' instead of 'edit'. :) sure. I can create a new file. thanks for the help.
<nei354> hi, im spanish, i need help on webmin and virtualhost, 3 domains, but only open 1...
<sgo11> gobbe, btw, how can I check if unattended-upgrade service is running or not? I tried /etc/init.d/unattended-upgrades status. it doesn't support the option status.
<gobbe> sgo11: well, you can edit the file even when it's not there, so basicly documentation is ok ;)
<gobbe> sgo11: just restart it if you are not sure, it's jsut a python script
<sgo11> gobbe, oh. it's a python script... let me read it. I am wondering who is reading the file 10periodic.
<MTecknology> where's jdub.. :(
<MTecknology> I need that rascal
<MTecknology> Anyone else in here know anything about PlanetPlanet? I'm not figuring out why the div's aren't closing correctly - http://cache.gyazo.com/e01b784fff1158c42d93aadbf39fbd8f.png - my template: http://dpaste.com/288955/
<mauser> Hello, I have an HP server with 4 xeons and 26 gigs of memory. I want to run virtualization server on it and I am not sure what kind of RAID scenario and FS to use. It is gonna be a general purpose virtualizations server. I guess I need a FS that can be expanded later, what can you recommend?
<ivoks> grmph
<ivoks> alias vim='sudo apt-get install vim ; vim'
<ivoks> mauser: don't use FS at all
<ivoks> mauser: use LVM and give your VMs logical volume
<kim0> Hey guys, what's the best way to get kvm-0.13 on maverick ?!
<mauser> ivoks, LVM does stripe only, right? do I need to use some sort of underlying redundancy tehnique, like RAID1?
<ivoks> mauser: i wasn't talking about storage configuration, but VM configuration
<ivoks> mauser: as for storage, you know what you have, now many disks you have and what raid would fit you best
<uvirtbot> New bug: #692940 in mysql-dfsg-5.1 (main) "package libmysqlclient16 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libmysqlclient.so.16.0.0', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/692940
<jits> hi .. we have a ubuntu server machine which has dhcp running on it.. we want to ssh into one of the systems gettings its dhcp from outside the network .. .how can we do this ?
<joschi> jits: just run sshd on that machine and connect with a ssh client to it (e. g. using its hostname or its IP address). ssh and dhcp really do not have much in common...
<timo> jits: do you mean that your server machine acts as a dhcp server? or that it get its own IP address via DHCP and you need to find out what its external IP is?
<jits> timo: server machine acts as dhcp server..
<Patrickdk> he wants to ssh into basically a desktop machine behind the server machine
<Patrickdk> so he needs to read the dhcp logs, or use nmap or something
<jits> Patrickdk: yeah .. thats
<jits> Patrickdk: i need to allow incoming ssh connection on the network gateway .. to all systems.. how do i do that ?
<jits> Patrickdk: assuming that i know the target ip ..
<twister004> hii guys.. is it possible to mount a network drive on a ubuntu server over the WAN?
<twister004> please let me know
<jits_> how do i allow ssh from outside thru my network gateway ?
<xampart> jits_: securely? http://ubuntuforums.org/showthread.php?t=831372 worked for me
<twister004> guys... anyway I can do this?
<twister004> Im trying to mount it as nfs, cifs.. but it doesn't work
<twister004> it says " wrong fs type, bad option, ......."
<patdk-wk> first, what is a network drive? :)
<twister004> i mean.. a drive connected and which has an IP on the subnet
<patdk-wk> sftp? ftp? smb? nfs?
<twister004> it's an NTFS drive
<patdk-wk> you can't access ntfs over a network
<twister004> I have mounted it on local subnet machines as nfs
<patdk-wk> well, use a vpn
<twister004> hi guys.. after making a change to the crontab... do i need to restart the cron service?
<pmatulis> twister004: no
<twister004> ok thanks pmatulis!!!
<patdk-wk> no, as long as you used crontab to make the change :)
<twister004> guys... what if I put a script under /etc/cron.d... do I have to restart the service...
<twister004> im asking coz this is not working ... i have not restarted the service yet
<ivoks> check syslog
<ivoks> you probably have made a mistake
<patdk-wk> oh, using the /etc/cron.* you don't have to touch cron at all :)
<twister004> i have put in a script under /etc/cron.d/
<twister004> How can i be sure if cron is checking for files under /etc/cron.d/?
<patdk-wk> I wouldn't bother with that so much
<patdk-wk>  Iwould bother checking your cron logfile
<twister004> why so?
<patdk-wk> to see what it says
<ivoks> you can see by noticing a line RELOAD in syslog :)
<twister004> patdk-wk... where is this log??
<patdk-wk> depends on your syslog program
<patdk-wk> normally /var/log/cron
<twister004> there's no such file on my system
<patdk-wk> looks to be logged in /var/log/syslog I guess, by default
<twister004> guys.. i get  Error: bad username;
<patdk-wk> well, fix it :)
<twister004> what could it be?
<patdk-wk> *bad username*
<patdk-wk> pretty self explanitory there
<twister004> the permissions are right... Im just pinging an IP in the script
<patdk-wk> I bet you attempted to make a normal crontab file, instead of a cron.d type file
<patdk-wk> so you screwed it up
<patdk-wk> and forgot to put the username in it
<twister004> ??
<twister004> why can't ai create a normal script there?.. like in crontab?... please let me know... im new to this
<pmatulis> twister004: pastebin your cron file for more assistance
<pmatulis> twister004: (like pastebin.ca)
<twister004> ok... http://pastebin.com/5RUkiqpJ... here it is
<c0nv1ct> twister004, like patdk-wk said, you forgot the username
<twister004> where do i put the username?
<c0nv1ct> it is the field before the command
<c0nv1ct> you should have other files in cron.d/ to use as a reference
<Pici> I personally prefer putting stuff into my user's crontab, easier to manage that way.
<twister004> yes
<twister004> im refering to them.. after the time parameters, I see "root"?
<c0nv1ct> Pici, that does make more sense in this case
<c0nv1ct> twister004, yep, those are run as root
<c0nv1ct> twister004, so why arent you using `crontab -e` like normal?
<twister004> i thought of segregating
<twister004> crontab works fine
<c0nv1ct> but that is segregated...
<twister004> i think I should go with crontab..
<twister004> I'll take your advice!
<twister004> thanks guys!!!
<uvirtbot> New bug: #693002 in bind9 (main) "apparmor rights bug with bind9 and resovconf" [Undecided,New] https://launchpad.net/bugs/693002
<pmatulis> twister004: no offense, but next time -> http://tinyurl.com/25x9ave
<patdk-wk> that reminds me, I need to reinstall rsync onto my phone
<jits> hi .. i have a set of dhcp servers in range 10.1.0.x, and they dish out ips in 10.1.xx.yy range.. i want to ssh from one server's dhcp range to another server's dhcp range.. how do i do that ?
<jits> i am able to ssh from the servers to each other's ip ranges, but not able to connect from dhcp ranges of each other ..
<uvirtbot> New bug: #693020 in qemu-kvm (main) "Closing KVM window requires clicking the X twice" [Undecided,New] https://launchpad.net/bugs/693020
<i0nic> has anyone sucessfully got duplicity working?
<rigved> i0nic: ask your question (about whatever problem that you are having) and if someone knows the answer they'll reply.
<pmatulis> is it possible to ensure a network-required upstart job (upon shutdown) will always have the network resources available?
<ttx> Daviey: no meeting today ?
<Daviey> ttx, i assumed there was going to be tbh
<Daviey> anyone else here for the server meeting?
<genii-around> pmatulis: Might want to enquire in #upstart channel
<pmatulis> genii-around: thanks for the tip
<cap_00> anyone know where i put the slaves configuration for a bond when i'm setting up bridged networking?
<cap_00> i set the bond to manual but do i leave the slaves there?
<patdk-wk> cap_00 same place you would always put them?
<cap_00> i guess just didn't want to screw it up
<cap_00> the example i'm following takes the eth0 and changes it to br0
<cap_00> i have eth0 and eth1 in bond0 which i want to change to br0
<cap_00> so are my bridge ports bond0? or eth0 and eth1?
<patdk-wk> I dunno what you mean by *changes it*
<patdk-wk> think of it as containers
<patdk-wk> you don't change anything :)
<patdk-wk> bond0 contains eth0 and eth1
<cap_00> hmmm ok
<patdk-wk> bond1 contains eth2 and eth3
<patdk-wk> br0 contains bond0 and bond1
<cap_00> so br0 will contain bond0?
<cap_00> ok
<patdk-wk> atleast, if that is how you want it :)
<cap_00> yes
<patdk-wk> if you want to bridge the bond of eth0 and eth1, yes
<patdk-wk> after you contain an interface, you shouldn't use it directly
<cap_00> so i should comment out auto bond0?
<patdk-wk> no, you need it, in order to bridge it
<patdk-wk> can't bridge bond0, if bond0 doesn't exist
<genii-around> You might want to put a pre-up directive for br0 that checks bond0 is up
<cap_00> oh ok good, i was just noticing that i had to comment out auto eth0 and eth1, but those are hardware devices which i guess will always exist
<twister004> hii guys.. can I mount the same location(nfs mount) on many ubuntu servers?
<cap_00> pre-up?
<cap_00> in /etc/network/interfaces?
<patdk-wk> twister004, as many as you have ip's
<twister004> patdk-wk... it doesn't work!!
<patdk-wk> lies :)
<twister004> when I try mounting the same folder as an nfs mount on the 2nd machine, it hangs
<patdk-wk> I have nfs mount connected to >130 servers :)
<patdk-wk> that isn't an issue with mounting on multible machines
<patdk-wk> but probably that machine isn't setup correctly
<patdk-wk> I would be willing to bet, if you turned off the first one, that works, and tried the second one, it would still hang
<cap_00> i have iface bond0 inet manual, should i add mtu 1454 to the end of that line?
<patdk-wk> why would you use a small mtu on that?
<patdk-wk> bond doesn't have any overhead
<cap_00> i have no idea, i just found  that on google for a pre up on eth0
<patdk-wk> must be someone bond'ing ipsec or something
<twister004> patdk-wk.. when I umount it from the 1st, I can mount it on the second!!
<cap_00> i'm guessing here, is it just as simple as pre-up ifconfig $IFACE ?
<cap_00> before the auto br0?
<patdk-wk> twister004, you have nat between them or something?
<twister004> nop...
<twister004> now it worked!!
<twister004> thanks!
<RoyK> perlverts of the world: Unite!
<andres_> hi every body
<andres_> i have a lexmark x1290 printer
<andres_> i try to print, but it does not do nathing
<andres_> i instaled the ppd file
<andres_> but nathing
<andres_> what can i do?
<RoyK> andres_: eh... trying to print from a server or a desktop?
<andres_> from a desktop
<RoyK> wrong channel, then :P
<andres_> crap
<hggdh> apw: updated bug 690190
<uvirtbot> Launchpad bug 690190 in linux "HP Mini 10, i915, ftrace faulted on writing [<ffffffffa000014c>] video_output_register+0x1c/0x12c [output]" [Undecided,Fix released] https://launchpad.net/bugs/690190
<hggdh> apw: sorry, bug 684304
<uvirtbot> Launchpad bug 684304 in linux "cciss module does not identify resources" [High,Confirmed] https://launchpad.net/bugs/684304
<apw> hggdh, ok so other than the ftrace trace it booted ok ... so the next upstream update will fix that machine then, good
<apw> hggdh, you are only getting the ftrace trace cause i am delivering 'old' kernels deliberatly to reduce the delta for testing
<apw> hggdh, thanks
<hggdh> apw: ah, OK. And with the hpsa module included in the d-i, we then should be good to go on a new ISO :-)
<apw> hggdh, i think so yep
<apw> hggdh, what is the deadline on the work there
<hggdh> apw: this is a blocker for the UEC -- we cannot test any right now
<hggdh> apw: so right now we are pretty much two milestones delayed
<hggdh> (alpha1 and alpha2)
<apw> hggdh, and will you be doing more testing before xmas?  as basically whatever i upload takes a day and then you wait for the next iso, so you'd not have it before the 23td i guess even if i start now
<Ralchev> how to stop application which is running in the background? XD newbie question
<hggdh> apw: I will at least load the machines -- if we find an issue, better sooner than later. So yes, I am expecting to work some next week
<apw> Ralchev, if you mean from a foo & in a shell you can kill %N where N is the number it gave you when you started it
<apw> hggdh, ok, i am expecting -rc7 shortly and would prefer to upload after that, but if its urgent i can do one before
<Ralchev> apw, I haven't seen any number when I started it
<apw> Ralchev, otherwise i would suggest #ubuntu as a good place for further questions not about server-y things
<apw> Ralchev, jobs lists the ones you are running from 'this shell' and ps -ef will show you everything
<wizardslovak> hello people
<hggdh> apw: if shortly means we have the new ISO during next week, no probs, we can wait
<wizardslovak> will ubuntu-server play nice with phenom 2 x4 920?
<apw> hggdh, i'll have a look and make sure we have something in as soon as it makes sense
<apw> cirtiainy before xmas so you have it in the gap
<hggdh> apw: cool, thank you
<apw> hggdh, if it occurs earlier i will let you know, i may do something today and damn the cost
<hggdh> :-)
<hggdh> pin me whenever, apw. Thank you very much, and sorry for the extra work
<apw> hggdh, you arround for a bit if i make one last test kernel on the current base, may as well make sure it works before i push it
<hggdh> s/pin/&g/
<hggdh> apw: yes, I will be here, not even midday now (US Texas)
<Ralchev> apw, PID is the number you're talking about?
<apw> Ralchev, the number apw@dm$ sleep 10 &
<apw> [1] 7851
<apw> apw@dm$ jobs
<apw> [1]+  Running                 sleep 10 &
<apw> Ralchev, so the number i meant was the [1], that would be referred to as %1
 * genii-around ponders fg and ^C
<apw> the PID in ps would be used without a %
<Ralchev> apw, thank you, rly good explanation
<axisys> http://pastebin.com/3sFVcbHE  I got stuck here after linux image upgrade followed by reboot
<axisys> any idea how to fix it?
<axisys> main issue
<axisys> ALERT! /dev/disk/by-uuid/08febc85-9ce2-40ac-a354-e006f709a586 does not exist. Dropping to a shell!
<axisys> right now I am in busybox initramfs
<bogeyd6_> What is a faster way of deleting 75k+ files that doesnt involve formatting the file system?
<bogeyd6_> rm -rf is very slow and has been running for 2 hours and not even 10-15% of the way through
<pittstains> I'm running Lucid on a Dell PowerEdge 2650 and I'm having hard time getting USB drives recognized... any suggestions?
<patdk-wk> bogeyd6, dd if=/dev/zero of=/dev/sda bs=1M count=100
<patdk-wk> but then you will have to make a new fs on that anyways
<patdk-wk> only other thing you can really do is mount it ext2 mode, do it, then remount it back like normal
<vraa> after running "sudo apt-get update && sudo apt-get upgrade" how do i know if i have to restart or not
<patdk-wk> I always took it as, apt-get upgrade, no restart, apt-get dist-upgrade = restart
<jussi> hrm, is there a way to just add rights for a user to install and remove packages, but nothing else from sudo?
<pittstains> jussi: try sudo visudo.  you may want to man visudo first
<pittstains> the syntax escapes me at the moment
<pittstains> HOWEVER, i'm pretty sure that if your user is smart enough they can become root by installing packages
<jussi> pittstains: hrm
<pittstains> so don't do it if you don't trust them!
<jussi> pittstains: yeah, I ve a server which I give out a few shells on, and I rather not give full access, but I dont want to install packages for them all the time.
<axisys> under(initramfs) ls /dev/md* does not show md0 (swap) or md1(root) device
<genii-around> axisys: Ah, i think I see now your problem. The raid device has not yet an UUID to mount because initramfs was not updated with raid module built in
<axisys> genii-around: so what do I do?
<axisys> i cannot catch that grub menu.. too fast
<axisys> timeout 0
<axisys> hot esc couple times
<axisys> hit*
<axisys> then i could switch to the previous kernel
<genii-around> axisys: Is the md1 root device a raid1 or some other raid?
<axisys> raid1
<axisys> md1 is raid1, md0 is raid1 (swap) and md10 data (raid10)
<axisys> 2 disks for the md1 and md0 and the other 6 disks for data raid10
<axisys> (initramfs) ls /dev/md*
<axisys> /dev/md10
<genii-around> axisys: Unfortunately to rebuild initramfs usually requires you to be already booted, etc. But you may be able to edit temporarily one of the boot raid1 to mount it''s own UUID, boot to that, then edit the i/etc/initramfs-tools/modules file for raid1 and then update-initramfs after
<genii-around> axisys: Then it will either boot next time off the disk you already altered the UUID to be itself, or in best case the proper raid1
<bluethundr> is there a fast, efficient way to screen shot using the command line in ubuntu?
<axisys> (initramfs) ls /dev/disk/by-uuid
<axisys> 9b3de848-b6e7-4c6b-9659-89875da35403
<axisys> how do I find out which disk's uuid is that ?
<axisys> that is the only uuid i see
<axisys> found it
<axisys> that is md10
<axisys> (initramfs) ls -al /dev/disk/by-uuid/9b3de848-b6e7-4c6b-9659-89875da35403
<axisys> lrwxrwxrwx    1 0        0              10 /dev/disk/by-uuid/9b3de848-b6e7-4c6b-9659-89875da35403 -> ../../md10
<axisys> so how do I create the uuid for sda1 ?
<axisys> genii-around: ^
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<genii-around> axisys: does: blkid                       work under your initram-fs ?
<genii-around> *busybox* rather
<axisys> initramfs) blkid /dev/sda1
<axisys> /dev/sda1: UUID="ad5e933e-d6bf-0df0-dac9-edcf54bcf06d" TYPE="linux_raid_member"
<axisys> genii-around: looks like it did
<axisys> but the TYPE is not ext4
<axisys> should I be able to boot from it ?
<genii-around> axisys: If you specify fs type explicitly in the old /etc/fstab, doesn't matter the partition type
<axisys> genii-around: so how do I boot from this disk while at busybox
<axisys> ?
<RoyK> bluethundr: http://bisqwit.iki.fi/source/snapscreenshot.html
<genii-around> axisys: busybox has some builtin commands. I think ed is one of them. So you can use ed (editor) directly on the old fstab file, put in the new UUID (or possibly uncomment it, if still there) , save, then reboot
<axisys> genii-around: how to I access /etc/fstab ?
<axisys> ed: not found
<axisys> i were able to mount /dev/sda2 to /a
<axisys> cd /a/etc
<genii-around> axisys: mount /dev/sda1 (or whatever subcomponent drive of the old md1) /mnt
<axisys> ed fstab did not work
 * SpamapS watches his MySQL 5.5 packages build with gleeee
<axisys> cat /a/etc/fstab and I see the fstab
<axisys> it has sed .. that will be tough to replace UUID
<RoyK> sed -i ?
<genii-around> axisys: Alternately, you can try chroot into /a
<genii-around> axisys: (where you should be able to run the system binaries there, like your favourite editor)
<RoyK> probably a better idea, granted
<SpamapS> wow.. 5.5 builds a lot faster than 5.1
<SpamapS> already into tests
<axisys> chroot /a is taking a while to get my prompt back
<axisys> wow.. still waiting for the chroot /a to complete.. can't get out of it.. look like need to reboot
<RoyK> SpamapS: considered trying postgresql?
<Ferhat> anyone in the mood for helping me with an nfs problem?
<Ferhat> :)
<Ferhat> I'm able to mount an nfs filesystem after booting
<Ferhat> but not via /etc/fstab for some reason
<Ferhat> :\
<axisys> genii-around: i were able to change the root device to sda2's uuid and still getting device not found error
<axisys> genii-around: http://pastebin.com/BDcMQpDq
<axisys> ALERT! /dev/disk/by-uuid/08febc85-9ce2-40ac-a354-e006f709a586 does not exist. Dropping to a shell!
<RoyK> hi all. I want to build this semi-secure setup of mine. I have a server at an ISP running Lucid, and I have a various number of computers around. I want to connect these to this server using (insertname)VPN and then let the traffic go unencrypted from the server. Which VPN solution would you recommend? It is important that this is supported for guests on win/mac/lin
<axisys> i don't even have that UUID in my fstab
<axisys> genii-around: ^
<RoyK> axisys: replace the UUD with the device name - that works :)
<RoyK> oh
<axisys> that worked.. i am back in the OS now
<axisys> eehaa!!
<pittstains> ok, so I think I narrowed down the cause of my server not recognizing USB devices... lsmod shows that i'm missing the usbhid, hid, and usb_storage kernel modules
<axisys> RoyK, genii-around : thank you both.. i still have lot of thinks need to be fixed..
<pittstains> how do i add these in such a way that they are loaded at each boot?
<axisys> first thing is the grub menu..
<patdk-wk> pittstains, it should load them, when you plug in a usb keyboard/mount/drive
<patdk-wk> via udev
<patdk-wk> you can always dump them into /etc/modules though
<pittstains> patdk-wk: it doesn't seem to be doing so...
<pittstains> should i edit my grub menu and add them in there?  is that preferable to dumping stuff in /etc/modules
 * patdk-wk wonders what grub menu has to do with kernel modules
<patdk-wk> you mean add them into initrd? that is if you need them, in order to boot your computer
<patdk-wk> still nothing to do with grub
<pittstains> yes, i think that's what i meant
<patdk-wk> your server won't boot without usbhid and usbstorage?
<pittstains> yes it will; i didn't know that initrd was for stuff required in order to boot
<pittstains> i thought it was for stuff you want loaded when you boot
<patdk-wk> it's for stuff you need, mainly, to load your root drive ( / )
<patdk-wk> like raid drivers, iscsi drivers, ...
<axisys> any idea why /etc/fstab is empty now ?
<axisys> is there a way to regenarate it ?
<patdk-wk> just restore it from your backup
 * RoyK waits for the "what backup?"
<patdk-wk> hehe, I have learned due to other admins, basically keep /etc in some kind of revision tracking system
 * RoyK is moving all he can over to zfs
<pittstains> arg, so I did:
<pittstains> $ sudo modprobe hid
<pittstains> $ sudo modprobe usbhid
<pittstains> $ sudo modprobe usb_storage
<pittstains> $ lsusb
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<pittstains> and all i get is a bunch of these: Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
<patdk-wk> you have any usb things plugged in?
<pittstains> different bus IDs of course, just didn't want RoyK to yell at me again!
<pittstains> yes i have a Maxtor external drive
<pittstains> which automounts on my Linux laptop
<pittstains> but doesn't show up at all on my server
<patdk-wk> you have a dual power cord plugged into it?
<patdk-wk> most likely the server isn't giving it a good 1amp of power
<pittstains> good thinking
<pittstains> i'll try that
<patdk-wk> I wish they would make a usb hub, that give 1a or even 2a per port :(
<pittstains> patdk-wk: still no love
<pittstains> what's the best place to look for useful debugging?  dmesg?
<patdk-wk> yep
<pittstains> also, I am dumb; device has its own power supply :-)
<patdk-wk> ah
<axisys> i have huge issue .. md10 raid10 looks broken http://pastebin.com/ZjTuk2wj .. i am suppose to have a 6 disk raid10 .. i see four disks with md10 and a new raid md_d10 inactive with one of the two missing disks .. not sure where md_d10 came from .. i dont see sdc1
<takamarou> Hi all.  I'm trying to set up some error catching pages on my apache server.  I've got it working for 404 errors, but I can't seem to make 500 errors work.  I completely copy and pasted the code from the ErrorDocument 404 line to the 500 line, but it still doesn't work.  Ideas?
<axisys> in dmesg I see a message about sdc1 ..
<axisys> md: export_rdev(sdc1)
<genii-around> axisys: Apologies on lag, I am at work and it got busy. chroot managed but your fstab there was empty? That is very odd.
<axisys> chroot did not work.. i used sed
<axisys> but fstab is empty.. but i got a backup fstab.. not a problem..
<axisys> big problem is md10 (raid10) data disk seems broken bad
<axisys> http://pastebin.com/dhx7BZhi this dmesg says raid10: not enough operational mirrors for md10
 * RoyK hums zfszfszfszfszfszfszfszfszfszfszfszfszfszfszfs
<SpamapS> RoyK: I've used postgresql for a number of things
<SpamapS> RoyK: mysql and postgres have their strengths and weaknesses. Like sledge hammers and claw hammers.. neither is perfect for every job
<pittstains> patdk-wk: here are the last few lines from dmesg
<pittstains> i'm not really sure how to read this, or what the numbers in brackets mean
<pittstains> http://paste.ubuntu.com/546380/
<RoyK> SpamapS: imho postgresql overgoes mysql in most ways, perhaps except for a miniature setup of wordpress or something
<patdk-wk> pittstains, that doesn't show any usb things at all
<patdk-wk> so no debug messages to help
<patdk-wk> but something with youe firewire is going nuts, you sure you didn't use firewire to connect that drive?
<apw> hggdh, ok the last test kernel is up
<hggdh> apw: uectst4?
<apw> hggdh, indeed
<hggdh> apw: downloading it now, thanks
<SpamapS> RoyK: the replication story on postgres is awful
<SpamapS> RoyK: for ad hoc queries, its by far the best though
<SpamapS> RoyK: also, at about 1000 concurrent clients postgres starts to have context switching problems that mysql sidesteps with threading. That is a rare case though.
<pittstains> patdk-wk: i tried firewire with another drive last week and failed
<SpamapS> RoyK: and your dismissal of mysql as "just for little sites" may suggest that you haven't tried it on a big site yet. ;)
<SpamapS> RoyK: I've never seen postgres fail to deliver on everything it promises. Mysql just promises more, and occasionally fails. ;)
<zul> occasionally?
<hggdh> apw: boots without a hitch. I am uploading dmesg and lspci -vvvnn now
<apw> hggdh, thanks
<axisys> i got stuck back in the same place
<axisys> my fstab looks just same
<axisys> http://pastebin.com/vr87FDr2
<axisys> but I still get ALERT! /dev/disk/by-uuid/08febc85-9ce2-40ac-a354-e006f709a586 does not exist. Dropping to a shell!
<axisys> (initramfs) cat /proc/cmdline
<axisys> BOOT_IMAGE=/boot/vmlinuz-2.6.32-27-generic root=UUID=08febc85-9ce2-40ac-a354-e006f709a586 ro console=ttyS0,9600n8
<axisys> so how do I change this root ?
<axisys> why is it trying to pick /dev/md1's UUID when fstab says /dev/sda2
<SpamapS> axisys: did you update-initramfs?
<axisys> no
<axisys> SpamapS: ^
<axisys> SpamapS: after making the change to fstab ?
<axisys> SpamapS: all i did is upgraded linux kernel from 2.6.32-26-generic to 2.6.32-27-generic .. and that broke it
<axisys> so it could not find the md1 .. so I picked one of the mirror disk sda2 and were able to boot once..
<axisys> to make sure fstab works i tried to reboot again and now it does not want to boot again
<axisys> from busybox ls /dev/md* shows only the data disk md10 .. not md1 (root) or md0 (swap)
<osmosis> how do I view the new changelog before installing an update?
<soren> osmosis: apt-listchanges does some of that
<hggdh> mathiaz: can you add jibel as a dev on the ubuntu-server-iso-tests?
<axisys> i see initrd.img and initrd.img.old
<axisys> should I swap them? will that fix my issue ?
<axisys> same thing with vmlinuz
<axisys> on /dev/sda2 root device
<axisys> hmm busybox does not have unlink.. oh well
<mathiaz> hggdh: I made you an administrator of https://launchpad.net/~ubuntu-server-iso-testing-dev
<hggdh> mathiaz: oooohhhh
<hggdh> mathiaz: thank you
<mathiaz> hggdh: you're welcome!
<RoyK> how can I rename a VM?
<RoyK> doesn't look like it's possible from virt-manager
<SpamapS> zul: tests still running..  UGH
<SpamapS> Completed: Failed 1/1633 tests, 99.94% were successful.
<SpamapS> damn
<SpamapS> Spent 7586.540 of 10284 seconds executing testcases
 * SpamapS thinks 3 nines is all mysql is used for anyway
<mathiaz> kees: hi!
<mathiaz> kees: what's the default shadow encrypting scheme in lucid?
<mathiaz> kees: sha* something?
<lenios> it's $6, so sha*
<lenios> sha512
<mathiaz> lenios: yop - thanks!
<patdk-wk> shadow encrypting scheme, that is a new one
<patdk-wk> default password hash :)
<patdk-wk> sha512 with 8byte salt :)
<patdk-wk> I have one thing that won't do 16byte salts, I should check to see if it does now, and upgrade all the hashs again
<kieppie> hi guys. I'm having difficulty with file locks & I'm not entirely sure how to debug the issue.
<kieppie> I have a number of users working with files remotely on an Ubuntu server over samba.  occasionally there's a "glitch" on the network (bit like a brown-out, but I'm unsure how to investigate), and the users with open files get locked out & they are unable to commit their changes, writes or saves to the open files, as the server reports that the file is locked open by another user, but in fact it's their interrupted session.
<kieppie> What's wrong, what is the right way to address this & where should I look for more information. Also, how can I ascertain the case of the glitches?
#ubuntu-server 2010-12-22
<markus27> Hi.  I'm running apache2 web server on ubuntu.  I'd like to ring a bell or flash a light or do some other action in the physical world every time a certain page is visited.  I'm sure this has been done before. Are there any existing devices that support this?
<tsrk> markus27: you could install the "beep" package, and run beep every time the page is visisted
<markus27> tsrk:  Thanks.  Might be a quick first step in that direction
<rdw200169> markus27: yeah, you just gotta figure out the link between /var/log/apache2/access.log and the beep, and whatnot
<rdw200169> markus27: there's also this: http://llg.cubic.org/led/
<kieppie> hi guys. is anyone familiar with link aggregation or bonding?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<kieppie> twb: k. I'm trying to make the best of a server w 2 NIC's & has a pretty hefty net load. basically a NAS. I'm looking for good, current guides on setting it up & what mode to use
<Slyboots_> HEy; Perhaps someone can throw me a boe here; had to update Samaba to fix a bug (Compiled it outside the repo)
<Slyboots_> but now I dodnt have a init.d script or that "service" thing that ubuntu likes to use
<Slyboots_> So.. not sure how to start/stop at boot and whatnot
<markus27> tsrk:  I'm not seeing a beep package in the list of mods - http://en.wikipedia.org/wiki/List_of_Apache_modules  Which one were you referring to?
<tsrk> markus27: it's an ubuntu package
<tsrk> markus27: you can call "beep" from the command line to make the computer beep, but you could also call it from PHP or somewhere else
<markus27> Got it.
<Slyboots_> Anyone any idea?
<twb> kieppie: last time I looked, trunk like that was pretty trivial, as long as the other end of the trunk runs compatible gear (linux, cisco or sun).
<kieppie> [
<kieppie> twb: I'm not too sure re infrastructure @ this point, but it's a 1000 Mb/s connection (& 1 spare) serving about a dozen XP & W7 hosts doing some pretty intense I/O to SMB shared (CAD & Animation)
<twb> OK, trunking only matters at the two endpoints of the trunked connection
<kieppie> so I'm trying, at the moment, to figure out the best mode to use
<twb> e.g. between your NAS host and the switch or router it's plugged into
<twb> If your two gigE lines go from the NAS into a dumb switch, you can't have trunking
<kieppie> I think it would be best to assume that scenario. are you referring only to the trunking, or to link aggregation too?
<twb> (Unless you trunk further upstream, which is almost certainly useless, unless your inter-switch fabric is at least 2gbps)
<twb> trunking = bonding = aggregation
<twb> they all mean "combining multiple (link-layer) links into a single logical (link-layer) link"
<kieppie> ok. thanks.
<kieppie> I'm reading though some of the ubuntu docs, and they seem to indicate that there are modes that do not require anything special
<kieppie> https://help.ubuntu.com/community/LinkAggregation#Bonding%20Modes
<kieppie> " IEEE 802.3ad Standard Dynamic Link Aggregation (not required if using adaptive load balancing or active/backup). "
<kieppie> so I'm trying to do the best with the kit I have on hand
<twb> Ah, that rings a bell
<twb> I admit I'm more familiar with the other way (802.1q) -- multiple logical links over a single physical link
<kieppie> I'm not familiar with that. do you mean running multiple IP's over a single NIC?
<kieppie> it looks like mode=6 (balance-alb) is the safest fall-back option if I'm unsure re kit
<twb> Well, the specific example I have is a one-NIC server providing DHCP for several discrete networks
<twb> It was a SFF host, so I couldn't put more NICs in it
<Slyboots_> Hmm..
<Slyboots_> This is driving me nuts
<Slyboots_> Trying to find a deb file or a rep that I can install a newer version of Samba
<twb> Slyboots_: why?
<twb> And what version do you want?
<Slyboots_> Because Windows 7 is crapping out on me and breaks Smbclient
<Slyboots_> Need.. 3.5.6
<Slyboots_> Something to do with Windows sign-in asssist or some crap breaks Samba; which is fixed in 3.5.6
<Slyboots_> OIt exists in Natty Narwall.. but how to I install that on top of my M. Meercat
<Slyboots_> .. I think Im on meercat..
<Slyboots_> aye; 10.10
<twb> http://paste.debian.net/102963/
<Slyboots_> ... What?
<Slyboots_> Im not sure what that link is.. supposed to mean
<twb> It means the version you want is available in Ubuntu
<twb> It just isn't available in maverick
<Slyboots_> Yea.. But its in Narwall; but how do I install that into a Mavrick system wihtout you know.; breaking
<twb> very very carefully
<Slyboots_> :P
<Slyboots_> This is why I hate linux sometimes :P
<twb> Actually what you have to do is find or create a "bbackport"  For a simple package, creating a backport is mostly just recompiling the source package (apt-get --build source foo).  Likely samba is going to be too complicated for that.
<twb> Slyboots_: if it wasn't linux, you'd be fucked, because all you'd be able to do is call up the vendor ask beg them to create backwards-compatible version.  At least here you have the option of employing someone to do so.
<twb> e.g. if you wanted to run the latest IE on a really old version of Windows, the ONLY people that can make that happen is microsoft, so they have a monopoly on doing it
<Slyboots_> Its not really the same thing
<Slyboots_> i want the *next* revison :P
<Slyboots_> I can build aind instlal samba from source but it falls to bits as I dont have any init.d or "service" scripts
<Slyboots_> Headache :P
<Slyboots_> no idea what to do baout this tbh
<Slyboots_> sod it' will stick with the default version and think of a way around this..
<twb> For something as hairy as samba, that would certainly be my recommendation
<twb> (Well, I'm *assuming* Samba is hairy.)
<carljm> Hi all. Is there any way I can the Ubuntu exim4-config package to regenerate all the split config files in /etc/exim4/conf.d/ as they would be on a fresh install?
<carljm> dpkg-reconfigure doesn't do it, reinstalling doesn't do it...
<twb> I guess you could purge and reinstall it
<carljm> tried that
<twb> You *purged* first?
<carljm> just get a conf.d with several empty dirs
<twb> Purged *all* the exim4 packages?
<carljm> hmm, i may have just purged exim4-config
<carljm> i'll try purging all of them.
<carljm> thanks
<twb> I don't know much about exim4, but that's what I'd try
<twb> Or just create a new chroot (e.g. debootstrap) and install exim4 in there, then copy the config files out
<Psi-Jack> Okay, so I have some sudden strange problems with ocfs2 under pacemaker. I have 2 nodes trying to use ocfs2, and it was working fine up until suddenly earlier today. Right now, 1 node can take the ocfs2 mount, and the second one fails. When I try to mount manually cause it does seem to load o2cb on the second node. Anyway, the error I get trying to mount:
<Psi-Jack> mount.ocfs2: Configuration error discovered while trying to join the group
<Psi-Jack> They're both using 10.04.1 with pacemaker and ocfs2 stuff from the clustering PPA.
<Psi-Jack> Also the mount that pacemaker's trying to do, stays actively in the process list.
<Psi-Jack>  1582 ?        D      0:00 /sbin/mount.ocfs2 /dev/vdc1 /home -o rw,acl
<Psi-Jack>  2022 ?        D      0:00 blockdev --flushbufs /dev/vdc1
<Psi-Jack> That too. Both D status.
<twb> D means waiting for I/O
<twb> Or just generally stuck in kernel-space
<Psi-Jack> Right, uninteruptable sleep, I know that. ;)
<twb> Sorry, I'm used to #ubuntu-* querents being duuuuumb
<Psi-Jack> But that happens right after it tries to mount the ocfs2 mount after loading o2cb. ;)
<Psi-Jack> Yeaaaah.. Understood.
<Psi-Jack> That's why I'm here, not there. This is a server as well, so. ;)
<twb> This is an #ubuntu-* channel, dude
<twb> But whatever; I don't know OCFS2 so I can only triage.
<twb> So I notice the Ubuntu Server Guide only describes NFSv3 for networking /home.
<twb> That is SUPER sucky, because NFSv3 basically trusts anyone on the network anyone NET_RAW capabilities (i.e. everyone).
<Psi-Jack> heh
<twb> Hmm, on further reading it appears to be exporting both NFSv3 and (unauthenticated) NFSv4.
<twb> At the client's choice
<Psi-Jack> Yeah, and NFS sucks.
<Psi-Jack> v3 and v4, especially for failover support.
<twb> Psi-Jack: what do you suggest, CIFS or AFS?
<twb> I am.... unimpressed by pam_mount
<Psi-Jack> My /dev/vdc device is a multipath'd iSCSI device provided as a kvm virtio drive to the server.
<twb> (Recall that this is for mounting users' $HOME.)
<Psi-Jack> twb: Out of those? Maybe AFS.
<twb> I'm open to other suggestions, I just haven't seen anything even THAT production-ready
<twb> *seen anything else
<Psi-Jack> But my /home is an ocfs2 shared iSCSI device. :p
<Psi-Jack> twb: Well, really depends on what you need, and the overal goals. You can't just "choose" randomly what you want and hope it works for the best.
<twb> I have a heterogeneous mix of mostly linux workstations, laptops and servers in a single-site LAN running over 100baseT on a good day.  I need users to be able to login (solved with LDAP/SSL) and I need them to be able to access both their home directory and a shared data directory, both stored on a central server.  The access should be subject to at least POSIX DACs, MACs (e.g. apparmor) are optional.  Advisory lock
<twb> ing is sufficient.  Circumventing the DAC should be difficult, preferably non-trivial.  Site policy prevents me from dictating what software the users run, e.g. I cannot prevent users having root on their own machines.
<twb> Whatever solution I deploy MUST work on 2.6.32, SHOULD work as far back as 2.6.18 (pref. 2.6.8), and if it works on legacy FC3 and SunOS, that's a mild bonus.
<Psi-Jack> Hmmmm
<Psi-Jack> NFSv3 then.
<twb> My chief objection to NFSv3 is that if you have root on any client box, you have full access to the NFS fileshare
<Psi-Jack> use rootsquash.
<twb> root squash does not fix it.
<twb> viz: su - fred, now you can edit all fred's file
<twb> *files
<Psi-Jack> Hmmm.. I see your problem. And there's not much you /can/ actually do about it.
<Psi-Jack> besides policy changes.
<twb> I think nfsv4+kerberos would fix it...
<Psi-Jack> Or isolated mounts.
<Psi-Jack> In other words, only mount their home directory, period.
<twb> Psi-Jack: that's how cifs+pam_mount works
<Psi-Jack> Yeah, but CIFS != POSIX.
<Psi-Jack> You can do the same approach with NFS, automounting their home directory by NFS.
<twb> THat doesn't stop root on a client running mount whenever they want
<Psi-Jack> Course, they could still su to the other user and it'd happen the same way, but you can restrict what systems can mount by NFS export rules.
<Psi-Jack> In other words, isolate the mounts by workstation IPs.
<twb> Hum, that's reasonable
<Psi-Jack> Yeah, that would only become a problem IF they need to be able to login from any system, and if that were the case, then you /need/ a policy to prevent full use of root access.
<twb> Talking to the other sysadmins here, I think I have a viable mix of policy change and locking down the NFSv3 server (per IP) and the root on the clients
<Psi-Jack> Yeah. if it's company equipment, locking down root is essential, especially if you want to comply with any kind of security policies, like PCI, SOX, etc.
<twb> It's probably a bit different for my organization, which is an ad-hoc bag of rent-a-sysadmins
<twb> So they're even worse than the engineering staff, who want root access so they can compile random shit into /usr/local :-)
<Doonz> engineers should not have access to anything
<Psi-Jack> heh, exactly.
<twb> I know
<Doonz> pen and paper ONLY!
<twb> And an HP-48 of course
<Doonz> even then make sure the pen isn't sharp
<xampart> to what permissions i set my /var/www -directory (og = www-data) if i want another user to be able to create/remove directories/files under it?
<xampart> should i add the user to group www-data also
<blaenk> anyone here running nginx? I'd like to install it cause it's lighter than apache and supports phusion passenger, but I'm wondering how straightforward it would be to use PHP and Rails with it?
<joschi> blaenk: you'll need to invest a little more time into its initial configuration. other than that, it's just a web server
<blaenk> joschi: cool thanks, appreciated
<twb> Has anybody successfully gotten slapo-ppolicy working in a cn=config-style openldap slapd?
<twb> I *had* it working in 8.04, but this new-fangled crap is... not obvious.
<BlackDex> Hello there..
<BlackDex> i just did an upgrade of the packages
<BlackDex> and now i get the following message
<BlackDex> dpkg: error processing grub-pc (--configure):
<BlackDex> subprocess installed post-installation script returned error exit status 1
<BlackDex> Errors were encountered while processing:
<BlackDex> grub-pc
<BlackDex> E: Sub-process /usr/bin/dpkg returned an error code (1)
<BlackDex> How can i fix this?
<twb> dpkg --configure -a
<twb> But the problem is further up than what you pasted
<twb> It's probably something like grub-pc running os-prober, which tries and fails to read /dev/cdrom.
<BlackDex> that is all i get now when i type "apt-get upgrade"
<BlackDex> except for the message that 1 is not fully installed
<BlackDex> sudo dpkg --configure -a
<BlackDex> Setting up grub-pc (1.98-1ubuntu9) ...
<BlackDex> dpkg: error processing grub-pc (--configure):
<BlackDex>  subprocess installed post-installation script returned error exit status 1
<BlackDex> Errors were encountered while processing:
<BlackDex>  grub-pc
<BlackDex> the same again
<twb> !pastebin > BlackDex
<ubottu> BlackDex, please see my private message
<BlackDex> The output of dpkg --configure -a > http://paste.ubuntu.com/546539/
<BlackDex> sorry btw
<yann2> hello - for KVM, what brings the best io performance for disks - qcow, or raw? would my disks maybe be faster if I converted my qcow disks into raw?
<twb> It depends on your write profile
<yann2> write profile?
<twb> copy-on-write is a more expensive operation, but I think it'd pay of for non-sequential writes.
<twb> yann2: like are you writing to /var/log or to a postgres database
<yann2> I get very bad perfs with qcow2 when the disk needs to grow, which is the only way vmbuilder can create them, which is a bit unfortunate
<twb> Uh, qcow2 size is decided up-front.  Unless by "growing" you're referring to population of what is effectively a sparse file.
<twb> If you're doing raw to a *file*, that literally is a sparse file.
<yann2> by growing I mean when a 50GB qcow2 file takes only a couple of GB in the beginning (the space effectively used) on the host
<yann2> and yeah I was talking about raw to a file, instead of a qcow2 file
<twb> yann2: well, they're both growing in the same way
<twb> compare ls -hl foo.raw with du -h foo.raw
<yann2> am using qcow2 right now
<twb> My personal preference would be to assign raw LVs to VMs, rather than files
<yann2> from what I remember you can create qcow2 images that grow, or with space preallocated (man qemu-img)
<twb> Or entire disks and leverage intel VT-d, but I can't justify that expense
<yann2> you mean, use LVM more?
<twb> yann2: having the virtual disk as a file on another filesystem means you're paying the filesystem layer cost TWICE
<yann2> I wonder if converting my qcow2 to raw and then back to qcow2 would be beneficial, as it'd allow preallocating
<twb> If you just say kvm -hda /dev/mapper/foo-bar, then you aren't
<yann2> LVM has a cost too
<twb> Granted
<yann2> I think I'll try converting to raw and back to qcow2 so that the qcow files dont grow anymore... I believe its the growing thats killing my perfs
<twb> I believe you're silly, but whatever
<yann2> really?
<yann2> once I noticed that the qcow2 file was growing by slices of 2-3MB
<yann2> and that my speed was good while copying a few MB, then suddenly dropping to something ridiculously low
<yann2> and that just copying a GB file over and over and over, and then removing it (thus increasing the qcow2 file) was significantly improving write speed
<yann2> but that was with an older version of kvm
<dewey_> could someone help me with a upstart & path problem?
<dewey_> I have a upstat script that's trying to start a ruby daemon, but the ruby file can't require some dependencies
<masACC> Hm. Anyone have a feeling for when we can expect postgres 9 turning up? :)
<twb> dewey_: fix the $PATH in your script/end script stanza?
<dewey_> twb: doing that, but it probably has to do with rvm
<dewey_> + I could do it wrong of course
<twb> I guess that's the ruby interpreter?
<dewey_> yes, it's an easy way to swtich between ruby versions
<dewey_> twb: http://pastie.org/1397451
<twb> "export HOME=/home/sysadmin".... nnnngh
<dewey_> just to make sure...
<twb> [[ is a bashism.  It is not valid in sh (which is what upstart uses... I hope.)
<dewey_> ok
<twb> But congrats, that's the ugliest upstart job I've ever seen
<dewey_> newb as you can see, but trying :)
<dewey_> haha
<dewey_> well, because it isn't working
<twb> "start on startup" is also very likely wrong; it should at least wait until you have a root filesystem
<yann2> twb, can't blame the author, upstart documentation non existent as far as I remember
<twb> To be honest you're probably safer sticking this shit in /etc/rc.local, which runs at the very end of the boot process
<twb> yann2: granted, but I'm busy ranting about slapd right now so I don't want to get started on upstart... :P
<dewey_> well ok, will google again
<yann2> sysadvent published a nice article on upstart a couple of days ago, I promised myself to take time to read it http://sysadvent.blogspot.com/2010/12/day-19-upstart.html
<twb> I get the impression that upstart's driving forces have moved to Google and/or switched to developing systemd, so I don't intend to invest any more time in it than I have to
<yann2> oh? :( too bad, seemed promising
<twb> yann2: go look at the systemd salespitch
<qman__> IMO systemd is a FAR better approach
<qman__> I would be very happy to see it replace upstart in ubuntu
<twb> IMO *insserv* is a better approach than upstart
<qman__> I can't disagree there
<twb> Hell, I even prefer minit/cinit.  At least they don't mix two discrete DSLs in a single file like a flipping PHP user
<qman__> upstart is faster than sysv, but it's just a pile of headaches and work
<twb> qman__: is it faster than startparized sysvinit?  Because I doubt it's that much faster.
<qman__> either way, it's not faster enough to justify the mess
<twb> I mean, my laptop is sid and it boots in under five seconds, compared to the one second or so for my (empty) lucid servers.
<twb> But the *BIOS* on the enterprise servers I deal with (which probably includes linux in the ILOM) takes like two minutes, so I don't care about an extra four seconds...
<qman__> I like the idea of systemd because it's basically eliminating startup scripts
<qman__> not completely, but it's a lot less involved and a lot more automated
<twb> qman__: that's like saying computers will eliminate paper in the office
<yann2> twb, what brand? on many of them you can disable some checks, which is sometimes useful
<twb> I don't have one in front of me now, but I've had dells, HPs and IBMs do it recently
<qman__> yeah
<qman__> especially anything with several RAID controllers
<qman__> I don't think I HAVE a BIOS that loads in under 5 seconds
<qman__> except for my laptop, startup time is just not important to me
<qman__> I would much rather have it work
<qman__> of course, compared to windows, even 8.04 was fast
<yann2> hum. using virtio with raw devices under kvm... fail :(
<twb> qman__: OpenFirmware!
<qman__> before I finally nuked it for good, my windows install was taking in excess of five minutes to boot, it was pathetic
<qman__> never had any linux take that long
<qman__> I think an extra five seconds or so is pretty insignificant
<twb> I wouldn't know about that.  Last Windows I ran was NT5.0
<qman__> you didn't miss anything
<twb> Well, I missed out in hard links
<qman__> I've hard linked on win2k before
<qman__> php.ini workaround
<Slyboots_> Hmm..
<Slyboots_> Anyone any idea on a pratical solution to running steam on a headerless ubuntu server?
<qman__> steam as in Valve's Steam?
<Slyboots_> Not intrested in ctually playing games; just using the download manager of the client
<Slyboots_> mmm
<qman__> probably not going to happen without X
<qman__> if it's server data you could use hl2ds/srcds
<Slyboots_> Nah; want to run a copy on the server to make it simpler to backup games and download the huge ones overnight
<Slyboots_> Prefer NOT to use X though; since its a waste of disk-space
<qman__> well, for steam to work, you need wine
<qman__> and steam doesn't have a command line interface either
<qman__> it's going to need an X display
<Slyboots_> heh; so Im crap out of luck
<twb> Xvfb
<Slyboots_> Could install X with a reall light WM I suppose I just use VNC
<twb> Or Xvncserver4, if you need to connect to it
<twb> Or, of course, just run X over the network
<twb> Nor do you need a WM to use X, just start clients with the appropriate -geometry option.  Default behaviour is focus-follows-mouse.
<Slyboots_> Mmm
<twb> qman__: does steam even have a native Linux client, or does one just use wine and hope for the best?
<Slyboots_> Wine only
<twb> I wish the gaming industry would get a clue...
<qman__> steam does not have a native linux client
<qman__> but srcds/hl2ds do
<qman__> there might be a way to get those to download regular game data
<qman__> or there might be a separate tool you can use
<qman__> I'd look into that before attempting to rig up an X just for steam
<twb> srcds?
<qman__> the dedicated server
<qman__> it downloads the data the same way steam does, and runs on headless linux natively
<twb> Is it FOSS?
<qman__> not sure, I don't think so
<qman__> it is free to use, but I think you can only get binaries
<twb> I hear you can't even play single-player games without putting the windows box on the network
<twb> (And allowing it egress connections to steam's server.)
<qman__> yeah, it has to phone home at least once before the game will play
<qman__> once it has, you can go in offline mode
<twb> Once per game, or (say) once per game per day?
<qman__> once per game, ever
<twb> OK, that's not as bad as I was lead to believe
<qman__> the only time it has ever really been a problem was at the launch of half-life 2, and their servers couldn't keep up
<qman__> they learned quick after that one
<Slyboots_> Aye; Steam is not to shoddy
<yann2> qman__, starcraft 2's release wasnt too great either :)
<qman__> YankDownUnder, yes, but that's blizzard, they go down after most of their patches, a game launch it's fully expected
<uvirtbot> New bug: #693338 in tomcat6 (main) "package tomcat6 6.0.20-2ubuntu2.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/693338
<Slyboots_> Hm..
<Slyboots_> Dont they make a decent rsync client for windows?
<twb> Slyboots_: cwrsync
<twb> It's just the relevant bits of cygwin (libcygwhatever, rsync and ssh)
 * RoyK just uses basic cygwin/rsync with windoze
<Slyboots_> Mm..
<Slyboots_> Right that doesnt actually seem to give me the rsync program :P
<RoyK> what?
<RoyK> cygwin comes with rsync
<twb> cygwin provides a package picker thingy
<twb> You might need to run that and say "gimme rsync"
<RoyK> cygwin's setup.exe
<Slyboots_> Using cysync
<Slyboots_> Just keeps saying "rsync.exe not found"
<twb> Slyboots_: maybe take it to ##windows
<Slyboots_> aye
<RoyK> Slyboots_: just install cygwin with rsync and ssh - that works
<dewey_> does someone know why upstart gives the following error: [21595]: Error: Could not execute su
<dewey_> it's running as root
<twb> Presumably because it can't execute su
<dewey_> I've changed it to /bin/su and now it's working
<dewey_> sweet
<dewey_> is there  a way to find a pid file?
<joschi> dewey_: `find`
<joschi> dewey_: PID files are really not standardized in any way
<dewey_> yeah but the name is not clear
<joschi> dewey_: and basically really only contain the PID of the process in question
<dewey_> but i need it for monit to monitor
<dewey_> can't find it anywhere :p
<joschi> dewey_: does the process create one?
<dewey_> yes
<twb> I think Debian policy and start-stop-daemon(8) encourage people to put them in /var/run/
<joschi> dewey_: so you know it's there
<RoyK> dewey_: lsof -p pid-of-whatever-process-having-the-pid-file-open
<joschi> RoyK: the PID file usually only written on startup of the daemon and then closed
<dewey_> RoyK: thanks, that worked out
<joschi> hm, is there any use in keeping the PID file open?
<RoyK> not really :P
<uvirtbot> New bug: #693369 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.8 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/693369
<uvirtbot> New bug: #693372 in nagios3 (main) "Error starting nagios3" [Undecided,New] https://launchpad.net/bugs/693372
<BlackDex> Hello..
<BlackDex> i have a problem with upgrading
<BlackDex> here is the error: http://paste.ubuntu.com/546539/
<BlackDex> how can i fix this?
<riktking> hi i need some help with apache, can only get one page to show, no sub pages from an external pc
<rigved> BlackDex: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/692163 and https://bugs.launchpad.net/bugs/693059
<uvirtbot> Launchpad bug 692163 in grub2 "package grub-pc 1.98-1ubuntu9 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New]
<BlackDex> rigved: Thx.. i almost got afraid i did something wrong :)
<hallyn> zul: don't suppose you had any plans of doing a new samba-daily upload anytime soon?  :)
<emre> hi can anybody help me with ubuntu server networking settings (two nics)
<pmatulis> !ask | emre
<ubottu> emre: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<emre> I have installed ubuntu server in a vmware machine
<emre> I have two nics (hostonly and bridged)
<emre> eth0:192.168.123.12 (static)
<emre> eth1:192.168.234.40 (dhcp)
<emre> I can ping everything in lan wihtout issue. I cannot ping outside lan.
<emre> My resolv.conf file shows correct dns server
<emre> If I disable eth0 than I can ping outside of lan
<emre> how can I make this two eths work together
<patdk-wk> did you define a gateway for eth0?
<emre> yes
<patdk-wk> well, there is your issue
<emre> it is 192.168.123.1
<RoyK> emre: pastebin /etc/network/interfaces
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<pmatulis> emre: you made 2 gateways
<emre> if remove gateway for eth0 than I cannot ping my host 192.168.123.1 which is the host that is running vmware
<pmatulis> emre: you made 2 default gateways.  you should create a static route for contacting the host
<RoyK> there is no such thing as a gateway for a nice
<RoyK> there are routers for networks, default gateway is for network 0.0.0.0/0
<emre> so should I disable eth0 gateway?
<patdk-wk> hmm, if you have 192.168.123.12 on eth0
<patdk-wk> and you can't access 192.168.123.1
<patdk-wk> I wonder what your netmask is
<uvirtbot> New bug: #693189 in mysql-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12 failed to install/upgrade: Pakket is in een ernstige inconsistente status - u moet het opnieuw  installeren alvorens het te verwijderen." [Undecided,New] https://launchpad.net/bugs/693189
<RoyK> emre: pastebin /etc/network/interfaces
<patdk-wk> assuming your probably using /24, it should just work, no gateways needed
<emre> than how can I ping 192.168.123.1 is host's ip adres and 192.168.123.12 is guest. I have a netmask 255.255.255.0
<hallyn> zul: do you know if anyone ever bothered to look at https://bugzilla.samba.org/show_bug.cgi?id=6724 ?
<uvirtbot> bugzilla.samba.org bug 6724 in File services "smbd panic action with yield_connection name=0x0" [Normal,New]
<emre> I am on a different network to chat with. I cannot reach vmware now so I cannot get interfaces file contents to paste here.
<emre> I will gather that or ask for irc access from within company
<emre> thanks
<uvirtbot> New bug: #693422 in php5 (main) "can't install php5-cli" [Undecided,New] https://launchpad.net/bugs/693422
<axisys> ok i am still struggling with this box.. at one point i were able to get to previous linux kernel from grub and then I got fsck status 4 .. I need to run fsck on disk /dev/md1 .. so I booted from live CD and picked Rescue mode.. but I do not see fsck in there.. any idea how can I fsck now ?
<bdmurray_> bug 581941 might be the same as bug 690401
<uvirtbot> Launchpad bug 581941 in nfs-utils "statd does not start automatically when needed nor can be forced to start on boot" [Medium,Triaged] https://launchpad.net/bugs/581941
<uvirtbot> Launchpad bug 690401 in nfs-utils "statd startup races with / becoming writable" [High,Confirmed] https://launchpad.net/bugs/690401
<axisys> ok i booted from live CD .. but I do not see the /dev/md1 .. can anyone help?
<bdmurray> SpamapS: ^
<axisys> i need to fsck /dev/md1 from live cd since it is in fsck status 4
<SpamapS> axisys: cat /proc/mdstat .. nothing?
<axisys> rebooting it.. will check again as soon as comes back up
<SpamapS> bdmurray: looking.. I think you're right.
<axisys> SpamapS: nothing
<axisys> SpamapS: there is no mdadm installed on live cd
<SpamapS> axisys: you don't actually need mdadm if the kernel sees your partitions as raid autodetect.
<axisys> SpamapS: fdisk -l shows all those sd?1 are linux raid autodetect
<axisys> but no md device
<SpamapS> axisys: weird
<SpamapS> axisys: well install mdadm and ask it to scan
<axisys> mdadm --scan ?
<axisys> mdadm --assemble --scan gave me something
<axisys> now I see the md devices..
<baggar11> axisys: just hopped in, did you already have a raid array on your drives?
<axisys> md1 (root) and md10 (data)
<axisys> baggar11: yes
<baggar11> axisys: will probably need to tell mdadm to assemble your array with --assemble and list the devices
<axisys> baggar11: yep
<axisys> baggar11: thanks
<baggar11> axisys: then mdadm --detail --scan >> /etc/mdadm/mdadm.conf
<axisys> baggar11: i am on live cd
<axisys> i guess i need to mount the md1 and then put it there
<baggar11> axisys: are you just trying to mount then?
<axisys> baggar11: fsck went fine.. now I can mount md1 fine.. so I will just update the mdadm.conf and reboot
<axisys> i also modified the /a/etc/default/grub .. so I can see the grub menu .. hidden timeout was `0' .. changed it to `5' .. so I can pick a kernel of my choice.. how do I upgrade the grub now that root is mounted on /a ?
<axisys> do I chroot and then run upgrade-grub ?
<baggar11> axisys: you could also just hold down the shift key when you want to pick another kernel
<baggar11> on boot...
<axisys> baggar11: that did not work.. tried so many times.. I guess just for this time i modify the grub.cfg instead
<Velmont> Question; I just can't understand why my new, totally idle server has a load of 1.21  1.16  1.09. It's not doing anything. Nothing is using CPU in htop! I have software mirroring RAID though, but that shouldn't use that much power.
<SpamapS> bdmurray: agreed, that bug does seem to be the same statd issue
<baggar11> axisys: did you use the left shift? and hold it down right after the bios leaves the screen?
<bdmurray> SpamapS: okay, shall I mark one as a duplicate of the other?
<SpamapS> bdmurray: seems like there is a lot more information in bug 581941 ... I assume the merge proposal from bug 690401 will be moved to it upon marking it as a duplicate?
<uvirtbot> Launchpad bug 581941 in nfs-utils "statd does not start automatically when needed nor can be forced to start on boot" [Medium,Triaged] https://launchpad.net/bugs/581941
<uvirtbot> Launchpad bug 690401 in nfs-utils "statd startup races with / becoming writable" [High,Confirmed] https://launchpad.net/bugs/690401
<bdmurray> SpamapS: I would not put money on it
<SpamapS> bdmurray: well I can reassociate it manually.. I'll mark the duplicate tho
<bdmurray> SpamapS: okay thanks
<axisys> any idea why my system is stuck here now?
<axisys> http://pastebin.com/iLjzm5J5
<axisys> it rebooted fine with md1 until there
<baggar11> axisys: can you pastebin your /proc/mdstat ?
<axisys> baggar11: i have not got a prompt yet
<axisys> see my last pastebin.. i got stuck
<baggar11> axisys: is md1 your root partition?
<axisys> baggar11: yes
<Velmont> OK. "top" is clearly better than "htop". It showed me the sinners:  md0_resync and md0_raid1.   However, in a fresh install of Ubuntu Server, why do they use 10% CPU?  I installed RAID right in the installer, so there should be no use resyncing. Anyone have an idea`
<baggar11> Velmont: which level of raid?
<axisys> i am guessing it is doing the fsck of /dev/md10 (raid10) .. 200GB .. might be why it is stuck there..
<axisys> baggar11: ^
<axisys> baggar11: i will go grab a bit real quick and that should probably enough time for that fsck to complete
<Velmont> baggar11: RAID1, mirror.
<axisys> s/bit/bite/
<baggar11> Velmont: cat /proc/mdstat and it will tell you if it's rebuilding or not
<baggar11> axisys: ok
<baggar11> Velmont: or you can mdadm --detail /dev/md0
<gobbe> it takes while to build raid, even that you jsut installed it
<Velmont> baggar11: Thank you. It seems to be, yes... But why? Do the Ubuntu install first only use the first disk? And then the real machine has to sync afterwards?   [==============>......]  resync = 74.6% (728215360/975585216) finish=48.1min speed=85665K/sec
<gobbe> yes
<gobbe> that's how software-raid works
<gobbe> in fact, even empty disk takes while to sync
<gobbe> so you can either do the raid and wait until sync is ready, or just install and wait afterwards
<RoyK> linux software raid is block-based, so it doesn't matter how much data is stored there, it'll take the same amount of type to sync up the mirror even if the filesystems on it have data or not
<baggar11> Velmont: the install process starts the syncing process, when you reboot, it finishes it
<gobbe> RoyK: yes, that's what i tried to say also :)
<RoyK> baggar11: the install process makes the md devs, the kernel starts the sync, then, after reboot, the kernel continues to sync. the installer knows nothing about the syncing
<Velmont> baggar11: Hmmm. But the drives are both totally clean. I guess it should take only the fraction of a second to "sync" it.
<baggar11> RoyK: I think you know what I meant ;)
<RoyK> Velmont: read what I just wrote - it's block based - it doesn't see data
<gobbe> Velmont: no it doesn't
<Velmont> RoyK: OK. :-)
<gobbe> it needs to copy every block
<RoyK> Velmont: as opposed to zfs, where an empty zpool takes about zero time to 'rebuild' whereas a fuller one takes longer
<Velmont> gobbe: RoyK: Sorry I didn't read the parts without hilight. :-) Did now. Very nice.
<gobbe> Velmont: that's ok :) just hold on, it will take while
<Velmont> Good to know my new, nice server isn't having over 1 in load by just idling as I first thought. :P
<axisys> i am back.. still at this line
<axisys> fsck from util-linux-ng 2.17.2
<axisys> /dev/md1: clean, 59312/2523136 files, 479698/10078960 blocks
<axisys> i am guessing it will take a while for the raid10 to finish ?
<axisys> the data device /dev/md10 that is
<baggar11> axisys: do you have activity on your drive lights?
<gobbe> axisys: fsck might take forever with bigger disks
<axisys> does not look like it..
<axisys> baggar11: ^
<baggar11> axisys: what's the scenerio here? is this is fresh raid install, did you add raid to an existing system?
<axisys> gobbe: raid10 of 6 disk 73GB disks
<RoyK> I'm quite glad I don't need to fsck this one
<RoyK> pbpool/tmp             97T   60K   97T   1% /pbpool/tmp
<gobbe> axisys: so you are trying to fsck that?
<axisys> RoyK: zpool scrub is slow too.. you may have to run that sometime ;_0
<RoyK> axisys: it'll probably take a while to scrub that, yes...
<axisys> gobbe: i think the system is trying to fsck that before booting
<axisys> before giving me the OS prompt
<gobbe> axisys: are the numbers growing or does it look like it's stalled?
<RoyK> axisys: but currently we only have a couple of terabytes on it :P
<axisys> baggar11: i have data in /dev/md10
<axisys> but latest kernel broke md..
<axisys> finally i got back to it using the old kernel
<baggar11> axisys: hmm, is this 10.10 or 10.04?
<axisys> baggar11: 10.04
<baggar11> axisys: I'm running 10.04 with raid1 and raid5 volumes, updated to new kernel with no issues
<axisys> i have few servers went through this.. no issue.. except this x4150
<baggar11> axisys: does the system run on the old kernel fine still?
<axisys> baggar11: yes.. md1 is recognized fine.. except md10 probably holding it up
<axisys> will comment it in fstab through live cd and reboot again
<baggar11> axisys: yeah, I would try re-adding the mirroring portion
<pedahzur> Any rumors on when the bug-fix packages will be out for Postgresql?  New versions were released recently. Not seeing them yet on 10.04
<axisys> on livecd .. mdadm --assemble --scan brings up md1 (root) and md10(data) but not md0 (swap) .. any idea why ?
<axisys> md0 is raid1 of sda1 and sdb1 .. i see those
<axisys> cat /proc/mdstat shows only md1 and md10 and both are active
<baggar11> axisys: assemble your md0(swap) and mkswap on it again
<baggar11> axisys: what does your mdadm.conf look like?
<wizardslovak> hello people
<axisys> baggar11: so mdadm --assemble /dev/md0, like that ?
<wizardslovak> i got corsair memory 2g in pc , will anything happen if i add 2gb of kingston, same specs
<baggar11> axisys: you may need to use --force if that doesn't do it
<Ool> <wizardslovak> try and mem test with a livecd or something, you will see
<wizardslovak> nah think is i didnt order kingston yet
<wizardslovak> i am just curious
<axisys> ok.. after commenting the /dev/md10 .. i got my OS prompt back .. also my md0 is there now
<axisys> baggar11: here is the how the /proc/mdstat looks like now
<axisys> http://pastebin.com/ZheX6UwU
<axisys> md10 was commented out in fstab
<axisys> so how do I make md10 active ?
<axisys> mdadm --assemble --scan says
<axisys> mdadm: /dev/md10 has been started with 5 drives (out of 6).
<baggar11> axisys: I think /dev/sdc is doing something funky, you may need to remove that from md10 and re-add it
<baggar11> axisys: looks like it's trying to be apart of md_d10(?)
<RoyK> axisys: one dead drive, then?
<baggar11> RoyK: it's probably not a dead drive since it's show up on md_d10
<RoyK> axisys: I don't understand that output - looks to me md10 is an inactive stripe
<RoyK> s/$/ /set/
<baggar11> axisys: try mdadm --stop /dev/md_d10 and then mdadm --manage /dev/md10 --add /dev/sdc1
<axisys> baggar11: did exactly as you suggested
<axisys> baggar11: http://pastebin.com/49bH6TjR
<axisys> baggar11: i guess that looks better now
<axisys> baggar11: can I mount it while it is rebuilding ?
<axisys> baggar11: thank you so much for your help
<baggar11> axisys: cool, I've had that happen before, for some reason the superblock probably got toast on that drive
<baggar11> axisys: yes, you can mount while it's rebuilding
<baggar11> axisys: read/writes will just be slower
<axisys> baggar11: ok.. i will wait .. estimated time 10 mins..
<axisys> baggar11: so sdc1 is fixed for now ?
<baggar11> axisys: hopefully
<baggar11> axisys: you might just check your mdamd.conf with what mdadm --detail --scan produces after the rebuild
<axisys> baggar11: does this look kosher?
<axisys> baggar11: http://pastebin.com/7gv5xKqR
<baggar11> axisys: the /dev/md10 will probably remove the "spares=1" once it's done rebuilding, make sure those lines are in your mdadm.conf for reboot
<axisys> just the ARRAY lines .. correct?
<axisys> which timeout makes sure the grub menu stays there for 5 secs .. if i had that instead of `0' i could have switch my kernel and call it a day.. instead of trying to fix it for 2 days
<axisys> here is my current default grub
<axisys> http://pastebin.com/ABUHtW4V
<baggar11> axisys: yeah, array lines
<axisys> i also like the boot process show up on both tty0 and ttyS0
<axisys> with grub it was easy.. i just put it in kernel line.. how do I do it with grub2?
<axisys> in other words.. in grub my menu.lst looks like something like this
<axisys> http://pastebin.com/W2bUctfn
<axisys> how do I achieve similar setup with grub2 ?
<baggar11> axisys: don't know
<axisys> baggar11: no prob.. asking in the mailing list
<axisys> baggar11: http://pastebin.com/dHkBLvQi
<axisys> baggar11: mdstat looks complete
<axisys> wonder what those unknown formats are all about
<baggar11> axisys: remove the first "0" in 00.90
<baggar11> axisys: you won't get those unknown messages anymore
<axisys> heh
<baggar11> axisys: time to reboot and find out if that worked... :)
<hggdh> hallyn: want to discuss bug 691590?
<uvirtbot> Launchpad bug 691590 in libvirt "libvirt should not take ownership of ISO images" [Undecided,New] https://launchpad.net/bugs/691590
<ssureshot> anyone know if they have built 389-ds for ubuntu 10+ yet?
<hallyn> hggdh: i'm just trying to tell whether it is blocking you, or whether you are objectint go libvirt's security scheme.  (IF the latter, then we probably need to take it up with them, not with jdstrand)
<hggdh> hallyn: I can bypass (and will) by running a hack to chown the files back to the correct user under cron, or something like
<hggdh> hallyn: but I think this will end up upstream...
<RoyK> I wonder if btrfs will stabilise one day...
<hallyn> hggdh: why doesn't setting libvirt user to root work?
<hallyn> hggdh: i thought you commented that it left the files as is?
<hallyn> hggdh: <shrug> maybe we can just add an extra cmdline switch to stop that happening.  Send it to libvirt list and get their comment.
<hggdh> hallyn: they get chown-ed to root, my correction was re. the permissions
<hggdh> hallyn: will do
<axisys> baggar11: looks like all data in md10 is fine
<axisys> baggar11: yep.. time to reboot it
<hallyn> hggdh: you're going to write the patch?
<hallyn> hggdh: (else I'll do it, just may not get to it this week)
<hggdh> hallyn: no, sorry, never worked with the libvirt source, and I am not sure I want to start with a changethis area
<hggdh> hallyn: what I will do is search the libvirt ML for any comments re. that -- this is a major change, and most certainly somebody has commented on it
<hallyn> hggdh: ok
<baggar11> axisys: cool, let me know how it goes
<ssureshot> question on ppa.launchapd.net ... are these fine to use for production use?
<axisys> baggar11: this is how my fstab looks like now
<axisys> baggar11: http://pastebin.com/vmBkvTSC
<axisys> may be I should put the UUID
<baggar11> axisys: shouldn't matter, but it's probably neater to follow the same method for representing the devices
<axisys> baggar11: it got stuck again at here
<axisys> /dev/md1: clean, 59318/2523136 files, 479816/10078960 blocks
<axisys> i guess i need to comment the md10 again fron live cd
<axisys> may be i need add a switch in fstab ?
<baggar11> axisys: maybe change 0 0 to 0 1, that's what I have on my server
<axisys> ok
<baggar11> axisys: ah, remove the quotes around the UUID
<baggar11> axisys: I also don't have those
<baggar11> axisys: not sure if that matters though
<axisys> ok
<baggar11> axisys: both of my raid volumes 1&5 are using errors=remount-ro
<baggar11> axisys: I see your md10 is using defaults,
<axisys> yep
<hggdh> hallyn: https://bugzilla.redhat.com/show_bug.cgi?id=568935
<uvirtbot> bugzilla.redhat.com bug 568935 in libvirt "RFE: Skip labelling: Ability to skip disk re-labelling step on a per file basis" [Medium,New]
<hallyn> hggdh: heh, so I can post a patch there
<axisys> i added the errors and 0 1 .. still stuck
<axisys> baggar11: ^
<baggar11> axisys: do you get to a login?
<sparc> Hmm, I see amd64 arch for Lucid LTS
<sparc> but not an x86_64
<sparc> will it have intel extensions compiled in there?
<axisys> baggar11: no.. it hangs at that line
<axisys> /dev/md1: clean, 59318/2523136 files, 479816/10078960 blocks
<baggar11> axisys: the only other thing I can think of is zeroing the superblock on that pesky sdc1 drive
<baggar11> sparc: amd64 is the 64bit version and will work on amd and intel systems
<axisys> mdadm --zero-superblock /dev/sdc1 ?
<baggar11> axisys: might need to preface with --misc
<baggar11> axisys: mdadm --misc --zero-superblock /dev/sdc1
<baggar11> axisys: make sure it's not apart of a raid volume though
<axisys> this time it is sdd[1](S) md_d10
<axisys> hehe .. russian roullete
<baggar11> axisys: nice
<axisys> i am guessing it is not fstab.. for some reason md10 is not stable and because it is inactive .. it does not mount
<axisys> one final reboot.. with md10 commented..
<axisys> crossing my finger
<baggar11> axisys: pretty weird, I'm sure once you get through all the drives, it'll be fine
<axisys> baggar11: you mean run the zero block for each drive ?
<baggar11> axisys: if that's what it takes, but not all at once...
<baggar11> axisys: if it keeps coming up with a different drive on reboots
<axisys> baggar11: yep.. as long as the drive is outside the array first..
<axisys> rebooted fine w/ md10 detached
<baggar11> axisys: check your /proc/mdstat, that will probably tell you if a drive is out of line
<baggar11> check for those underscored md_** devices
<axisys> this time it is for sdh
<baggar11> axisys: pretty weird, but keep at it
<axisys> is there a better raid software than md ? just curious .. cant change for this server
<axisys> what is recommended or popular one this days for ubuntu ?
<pedahzur> axisys: That's about it. No other software RAID for Linux that I know of.
<baggar11> axisys: I've been lovin mdadm, much better than the raidtools approach
<baggar11> no sure that there is anything else though
<gobbe> axisys: you mean better in performance?
<gobbe> software-raid is in fact in same cases better performancing than hardware-versions
<axisys> gobbe: well yes that first.. and may be more stable
<gobbe> why md is not stable?
<axisys> gobbe: well i am having issue mounting a raid10 .. baggar11 is helping me with that
<RoyK> gobbe: md is stable
<RoyK> it's been stable for years
<axisys> i can mount manually but if i have it in fstab it does not mount
<gobbe> RoyK: i know
<axisys> is there something like `dm' that can be used instead of `md' ?
<RoyK> axisys: are the md modules in /etc/modules? that might help...
<gobbe> RoyK: i'v been using it several years
<RoyK> axisys: lvm, yes
<RoyK> axisys: but not for raid[456]
<axisys> RoyK: i have loop, lp and rtc in /etc/modules
<RoyK> axisys: mount the md volumes and pastebin lsmod
<RoyK> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<axisys> RoyK: http://pastebin.com/wkB7Gczw
<RoyK> axisys: probably overkill, but try to add these to /etc/modules http://pastebin.com/r7QDEAXL
<RoyK> axisys: pastebin /etc/fstab too
<axisys> RoyK: added.. let me uncommend the /dev/md10 is see if it gets stuck again
<axisys> RoyK: http://paste.ubuntu.com/546712/
<RoyK> k
<RoyK> axisys: also, passno should be 2 for the last fs
<RoyK> not 1
<axisys> RoyK: oops .. too late.. may be on next reboot
<axisys> RoyK: whats the diff between pass 1 and pass 2 (learning)
<RoyK> man fstab :P
<axisys> or man mount i guess
<axisys> fstab did not say much
<RoyK> axisys: on lucid, it does...
<axisys> i got stuck at same place ..
<axisys> /dev/md1: clean, 59319/2523136 files, 479989/10078960 blocks
<axisys> nothing after that..
<axisys> is there a way to fix the fstab without the live cd ?
<gobbe> boot it with single user
<RoyK> gobbe: not sure if that helps on ubuntu
<gobbe> axisys: you could also run fsck manually
<gobbe> axisys: after you get system up and running
<RoyK> the problem is probably fsck order
<RoyK> set that to 2
<RoyK> not 1
<gobbe> or you could even take it up with 0
<axisys> RoyK: ok.. but w/o live cd ?
<RoyK> try single
<axisys> gobbe: 0 did not help
<axisys> it was 0 originally.. then changed it to 1 .. next would be 2
<RoyK> gobbe: 0?? that's shutdown
<gobbe> axisys: but anyway you need to run fsck on your filesystem, that has nothing to do with actual raid (or atleast i dont see any reason)
<jdstrand> hallyn: hey, you around today?
<RoyK> run level 1 == single
<gobbe> RoyK: not there :D
<gobbe> RoyK: fstab
<RoyK> ah
<gobbe> single or just 1
<axisys> it gets stuck at same line with rescue mode
<axisys> /dev/md1: clean, 59319/2523136 files, 479989/10078960 blocks
<gobbe> single user, not rescue
<axisys> gobbe: i thought rescue runs in single user mode.. hmm
<RoyK> gobbe: same thing
<RoyK> axisys: boot on a cd
<axisys> RoyK: ok
<gobbe> uh
<gobbe> yea, same thing. my bad
<gobbe> axisys: you can also trigger ext4 to not run fsck on every now and then with tune2fs
<axisys> gobbe: ok
<hallyn> jdstrand: yeah, i'm around, but i have no kvm-capable laptops handy.
<hallyn> jdstrand: actually, heading out now for some xmas shopping.  bbl
<axisys> RoyK: changed pass to 2 .. rebooting ..
 * axisys crossing my finger
<axisys> RoyK: i am glad the server is under my cube and a monitor/kbd plugged into it.. i wonder how would i boot from live cd when the server is at remote location.. i only have remote console access thru cisco console server
<axisys> btw .. back to same stuck screen ..
<axisys> /dev/md1: clean, 59319/2523136 files, 479989/10078960 blocks
<axisys> i guess boot from cd and comment the md10 again
<axisys> wish i went with lvm .. hmm
<axisys> wonder if i can still do it and save the data
<RoyK> axisys: mount it, connect an usb drive, copy
<axisys> RoyK: alright
<RoyK> axisys: what sort of data do you have on this one?
<axisys> RoyK: splunk
<RoyK> ?
<RoyK> raid10 for log data?
<axisys> RoyK: mainly compressed files that is used by splunk (splunk.com)
<axisys> for search real time indexed data
<axisys> kind a like database
<axisys> once i turn off splunk app .. this md10 is quite
 * RoyK thinks of zfs
<axisys> no transactions
<axisys> zfs fs is slow if i put splunk on local zone
<RoyK> hm.. it is?
<axisys> that is why moving to ubuntu.. splunk guys can help with linux more
<RoyK> why don't you just run splunk on some system with native zfs?
<RoyK> I mean, not in a zone
<axisys> RoyK: yes, if you need to index about 50GB data per day .. constant data coming in from 100s of servers
<RoyK> then why run it in a zone?
<axisys> RoyK: i am.. one of the splunk server.. and it is working lot better.. not sure why local zone behaving like this.. it is the same release of sol 10
<RoyK> you don't want to run that sort of machine in a zone
<axisys> RoyK: i guess not..
<RoyK> axisys: give openindiana or s11ex a try
<axisys> RoyK: so system is back up with md10 commented .. oh well
<RoyK> install on a single drive or mirror
<RoyK> use zfs for the rest of the stuff, striped mirrors
<RoyK> how many drives? 4? 6?
<axisys> RoyK: i am running sol11ex .. i have been on opensolaris snv_141 for a while.. now snv_151 i think w/ sol11
<axisys> RoyK: 6 on raid10
<RoyK> k
 * RoyK uses openindiana
<axisys> RoyK: i was.. but sol11ex is higher snv .. so i swithced
<axisys> RoyK: waiting for the 7410 to power up soon
<axisys> RoyK: then NFS that as my splunk storage to test .. hehe
<RoyK> http://pastebin.com/2XDHTNnX
<axisys> http://paste.ubuntu.com/546726/ <-- keep doing the same thing.. this time sdh
<axisys> RoyK: yep.. pretty familiar with that.. I have been using sol10 since day 1
<axisys> i even have the opensolaris T shirt
<axisys> free :-)
<axisys> anyways .. any other suggestion with md10 ?
<RoyK> axisys: I'd go back to zfs and not try to run splunk in a zone
<RoyK> axisys: for such a setup, I'd use something dedicated, meaning _not_ a zone
<adac> how to install sun (oracle) java?
<adac> in which repository is it contained?
<adac> oh it seeems to be in the partner repo
<RoyK> http://gizmodo.com/5715650/googles-cr+48-laptop-totally-revolutionizes-safety-instructions
<adac> can enable this without casing problems on ubuntu server?
<guntbert> !java
<ubottu> To install a Java runtime on Ubuntu, see https://help.ubuntu.com/community/Java. For the Sun Java products and browser plugin, search for the sun-java6- packages in the !partner repository on Lucid (which must be enabled), or !multiverse repository on older releases.
<adac> !partner
<ubottu> Canonical's partner repositories provide packages a location for software vendors to publish applications. The repo itself can be added by running this in a !terminal: Â« sudo add-apt-repository "deb http://archive.canonical.com/ $(lsb_release -sc) partner" Â»
<RoyK> nite
<guntbert> g'night
<adac> guntbert, night
<guntbert> :)
<adac> ahh
<adac> hehe
<blaenk> hey does anyone know of a guide or advice on how to manage web server users
<blaenk> in other words, I currently have nginx and it's running as user nginx
<blaenk> I believe php-fpm is running as user www-data
<blaenk> I'm just wondering how to organize all of this, like, where to place my websites (/var/www/site.com ?), the permissions on that folder, etc.
<Tm0> Hey i am new to this sorta, i have a Ubuntu server running, and i need to reenter a proccess i disowned. How do i do it. Or is there a better way i can disown a proccess so i can reenter it?
<Tm0> Hey i am new to this sorta, i have a Ubuntu server running, and i need to reenter a proccess i disowned. How do i do it. Or is there a better way i can disown a proccess so i can reenter it?
<examancer> maybe its because *I'm* new too, but I have no idea what you mean by disowning a "process"
<examancer> i know how to change the owner of a file and change it back
<examancer> heh
<Tm0> proccess.sh &disown
<examancer> oh. i just use screen. haven't tried that
<Tm0> Well its for a server, i can't have putty open forever
<JanC> Tm0: that's why most people use screen (on Ubuntu often through byobu)
<examancer> yes, if you use 'screen <command>' or just type 'screen' and then execute whatever commands you want you can "detach" a screen using CTRL+A+D (default) and then reattach it using screen -r <screen number>
<JanC> Tm0: screen is sort of like a terminal server for command shells
<examancer> so you can detach, close putty, then open another session (on maybe another computer) and reattach the screen to see the output of that screen session
<JanC> so you can ssh in and connect to screen when you need, disconnect when you want, things keep running on the server
<examancer> the commands running in the screen session will of course continue running even when its not attached to anything
<Tm0> I'm running Minecraft, what i want to do is enter the proccess it gives me so i can do stuff on that program's CLI, but i need to disconnect Putty from it.
<examancer> screen "should" handle that just fine Tm0
<Tm0> Great
<examancer> disown may handle it fine as well... just not as familiar with that. looks similar to using nohup. not a bad solution, but i still prefer screen
<JanC> Tm0: read up on screen & byobu and experiment with it, once you're used to it, you'll start to use it on all your systems  ;)
<examancer> sweet! i suck at server administration, but i may have actually helped someone (even if they didn't get the answer they wanted)
<examancer> :-P
<Patrickdk> I dunno what &disown does, but if you use normal &, generally you can use fg to bring it back
<Tm0> Well i have FG and screen now. I'll see what works. Just a matter of time now
<examancer> disown appears to work similar to nohup in that it attaches the processes being run ot the parent process (init)
<examancer> i don't know if you can even bring it back to the fg
<Tm0> Nor do i. Its not my server, i'm just the server guy. Apparently running a home server means that
<JanC> âº
<examancer> i have a theory that most administrators really have no idea what they are doing and just fumble around until things work
<examancer> ... but i'm a developer, so maybe i'm supposed to think that
<examancer> :-P
<blaenk> hey, hwere in a daemon/server does one configure what to run it as. for example, I installed nginx and it's running as user nginx, this is fine, but I'd like to change another daemon's (php-fpm)'s user
<Tm0> The only think i develop is HTML/CSS, (Markup at least xD) So i usually know what i'm doing, though procress wise its who knows.
<blaenk> I figured it would be in the init.d script but doesn't seem like it
<JanC> blaenk: it depends
<blaenk> typically?
<blaenk> cause I checked the conf/ini files and there's no mention of it, is it seriously hard-coded so I would have to recompile with the configure parameters?
<JanC> some daemons do it themselves, and then there is often a setting in the daemon's configuration file somewhere
<blaenk> cause I installed php-fpm through apt, and it automatically used www-data, I know that if you compile it yourself you can set the configure opts
<blaenk> ok, what do you mean by do it themselves though?
<JanC> blaenk: daemons that change user themselves, there are also some that you can run as another user yourself with su/sudo of course...
<blaenk> ohhh I see what you mean, so it /would/ be hard-coded at compile time in the case of those former daemons
<blaenk> I guess I'll just compile php-fpm myself, might be easier, is there a way you recommend of doing this?
<JanC> it could be hard-coded at compile time or it could be in a configuration file...
<blaenk> I can do dpkg -l  |grep php to see what packages I installed (i have a rough idea) and then just remove with sudo apt-get remove --purge package right?
<blaenk> JanC: I've checked the configuration files but I didn't fidn anything, I'll keep looking
<JanC> blaenk: also read the docs  ;)
<blaenk> oh, I did
<blaenk> man php-fpm
<JanC> there might be a separate doc for the config files
<blaenk> JanC: can you comment on my package uninstall method above though?
#ubuntu-server 2010-12-23
<blaenk> JanC: I found it ! I think, pool.d/www.conf
<blaenk> yeeee
<blaenk> but I'm still thikning about compiling it myself, to run the newer packages
<blaenk> so if you could comment on the package removal method I'm thinking about I would appreciate it
<JanC> eh, looking at what php5-fpm is, you can probably configure the user in nginx
<JanC> in the FastCGI config/script or such?
<JanC> or whatever you use to connect
<blaenk> oh nah
<blaenk> php-fpm runs as separate processes
<blaenk> or are you saying I should just make them run as the same nginx user?
<blaenk> nginx runs as user nginx
<Ken> Hello. Not specifically a server question. I'm connecting to a server for what it's worth. I've networked my laptop and server via Firewire for large file transfers and connection speed is not exceeding that of my wired connection (about 4mb/s). Any suggestions as to what might be going wrong or how to improve? I wouldn't mind it being a bit faster.
<axisys> how do I redirect the session to console ttyS0 when booting from live cd ?
<F3RR1S> where is a good place to get a multi-use server?
<F3RR1S> I am planning to have no more than 50 connections
<F3RR1S> I am basically wanting to serve media (streaming video), mp3, file, and a website
<Ken> F3RR1S: I'm not that knowledgeable on servers but you could consider buying a barebones system them building to your spec.
<F3RR1S> That will probably be the way I go
<F3RR1S> but I would rather get one out of the box without an os...
<G> F3RR1S: not advertising for any one company, but you might like the Supermicro servers
<F3RR1S> thanks G,
<G> F3RR1S: which is kinda what I think Ken was hinting at
<F3RR1S> I appreciate it.... this will be the first server I will purchase and probably the last for quite some time
<G> F3RR1S: I'm pretty sure in America there are a lot of non-big brand servers out there
<G> F3RR1S: but SuperMicro is the one that I keep hearing people talking about
<F3RR1S> Yeah... that can be a problem... I have seen standard desktop pc's being sold as a "server"
<F3RR1S> which is complete bs.
<F3RR1S> yeah... I am definitely going to check them out
<Ken> F3RR1S: Hey, don't diss it. I have a server set up from a six year old PC. Admittedly it has one connection. Er.. me.
<G> F3RR1S: nah the Supermicro ones from what I've seen a proper rackmount etc w/ proper server hardware
<G> F3RR1S: but also consider, that there are a lot of tower servers as well, especially for SMB markets
<F3RR1S> Ken, but you are not selling it either... btw I have an old POS that I have setup as a server several times...
<Ken> F3RR1S: That's a very good point.
<G> my 'server' keeps crashing it, so I'm turning my current desktop into my 'server' and my laptop into my 'desktop' :)
<F3RR1S> i think it is great to reuse some of the old crappy computers for servers... my doesn't cut it anymore
<patdk-lap> supermicro and tyan are the two largest non-name brand server makers
<Ken> I've considered using an old laptop as a personal server. It'd be very, very nice at taking up very little space. Lack of HD is an issue though
<G> patdk-lap: ahhh Tyan, knew I was missing one
<patdk-lap> or should I say, the largest two, build it yourself, server part suppliers
<F3RR1S> G, I am looking for a tower server as I have no rack mount and I really do not want to spend a ton of cash... they seem to be a little cheaper than 1u or 2u
<Ken> Also, since there are people here. Anyone know much about FireWire network transfer speeds?
<F3RR1S> thanks patdk-lap I will check out tyan as well
<G> patdk-lap: I was pretty sure Supermicro was more just add storage though than Tyan?
<patdk-lap> well, tyan mainly just makes motherboards
<G> yeah, but Supermicro does the chasis and all that as well right?
<patdk-lap> supermicro used to, and still do, make complete systems
 * G only ever sees the Tyan MBs in NZ
<patdk-lap> but I think intel and some of the other chip makers are into their market
<patdk-lap> cause supermicro used to make nice northbridge, now it's really just intel
<hikeonpast> Hi all -- I've been testing using 10.04LTS without issue so far, but have increasingly heard about issues with task switching under high load, with fingers pointed at the 100Hz timer interrupt.
<F3RR1S> has the linux / xeon issues been resolved or does xeon not run linux as well as M$
<G> F3RR1S: depends which Xeons really
<patdk-lap> I never new xeon had an issue, run linux on only xeons for a long time
<hikeonpast> Under what use cases would this represent an issue / has anyone had problems maintaining a high rate of task switching?
<patdk-lap> hikeonpast, well, a 100hz timer interrupt, means 100 task switchs per second, basically
<patdk-lap> unless programs issue sleep or other thing to give up cpu time
<G> F3RR1S: the only potential Xeon issues that could crop up, would be if Intel comes out w/ a new series of Xeons that needed extra kernel support
<G> F3RR1S: i.e. older distros had to be updated when the Nehalem's came out
<hikeonpast> Assuming that is 100 switches per core, why set it so low by default?  Does the increased efficiency warrant that in a modern server?
<patdk-lap> I am pretty sure server doesn't use 100hz timer, checking
<hikeonpast> I understand the inverse relationship between task switching overhead and task latency.
<patdk-lap> hell, desktop uses 250hz
<hikeonpast> patdk-lap:  https://help.ubuntu.com/community/Server/TechSpecs/1004LTS
<patdk-lap> hmm, -server is 100hz, heh
<G> bit silly isn't it?
<patdk-lap> dunno, doesn't bother me really
<patdk-lap> I generally only run event based programs
 * G goes back to deciding on the next machine name
<patdk-lap> not threaded/forked to hell programs
<Ken> You know, I never even though about coming up with a nifty name for my server. I just called it "k-server" "K" being the initial of my forename.
<hikeonpast> ah.  Event-driven would probably be clean in that case.  I have to run a mix of thread pool and event-driven.
<patdk-lap> heh, you will love mine :)
<Ken> Do share.
<G> Ken: all my machine names are after NZ Native birds
<Ken> Oh, that's nice.
<patdk-lap> firewall01, firewall02, web01, web02, web03, web04, ...
<G> Ken: with one exception, my Mac
<Ken> patdk-lap: Haha. That's descriptive at least.
<patdk-lap> for servers I do care about, and have long life spans (my personal servers)
<Ken> What is your Mac called, G?
<patdk-lap> I generally name them japanese
<patdk-lap> G2 :)
<patdk-lap> little-G :)
<Ken> That's kinda.. y'know, cute.
<G> Ken: I think the DNS Name is nigel-imac and nigel-imac-wlan
<G> :P
 * Ken rubs his head with confusion.
<Ken> I really need to learn a lot more about computers. Firewire is achieving a transfer rate of about 5MB/s. Ethernet over Cat5 is pushing 10.
<G> heh, finally putting my home network on Gigabit was an eyeopener
<twb> I can only manage 16MB/s on gigE
<twb> The 7200 RAID1 might be the bottleneck there, though
<Ken> I'm pretty much a servernoob right now anyway. 10.04 for server, 10.10 for Desktop. The server is an old PC and it's just about learning more than anything. Yes, i'll freely admit it's my new hobby. I've managed SSH, Apache, FTP etc etc. Just the basic stuff.
<patdk-lap> hmm, isn't firewire 400mbit or 800mbit, full duplex?
<Ken> I'm going to eventually look into software RAID and VPN in time. I don't use Windows (often) so I ignore Samba.
<G> twb: not bad, doing a test atm, 55-76MB/sec
<Ken> patdk-lap: I thought so.
<G> on a 3.27GB file
<Ken> Oh, very nice.
<patdk-lap> heh, I have been on gigabit so long, I'm annoyed
<patdk-lap> I'm ready for 10 or 40gbit
<Ken> You make me sick with your fast connections, knowledge and cute server names, G.
<twb> Capacity 400â3200 Mbit/s (50â400 MB/s)
<Ken> Pfft, just you rub it in too patdk-lap.
<G> Ken: you haven't heard how fast my ADSL connection is yet
<Ken> Nor do I want to, G.
<G> 2Mbit/s on a good day....
<twb> "nigel-imac-wlan" isn't a cute  name
<G> :P
<patdk-lap> 256kbit?
<twb> It's a direct violation of RFC952
<Ken> I'm in the countryside. I'm on 512kb
<twb> Sorry, RFC1178
 * patdk-lap wonders if rfc1178 is older than G
<twb> (952 defines hostnames for ARPANET.)
<twb> patdk-lap: August 1990
<G> nope, I'm older than it
<Ken> Even i'm older than that.
<twb> Wow, that was 20 years ago
<G> twb: it's just a case of I can't be bothered giving it a proper name yet
<twb> G: you should do that at install time :-/
<Ken> G: Can we name it for you? Maybe hold a vote?
<twb> Crappy Apple crap
<Ken> Haha.
<G> twb: actually Apple is smart, dynamically grabs the machine name from DNS
<twb> Ken: here's my hostnaming scheme:
<twb> egrep -x '[A-Z][a-z]{3}' /usr/share/dict/words | fmt -w $COLUMNS # hostnames are four-letter proper nouns - RFC1178
<G> like a lot of Linux OS'es did before Network Manager :)
<twb> G: d-i still does that
<Ken> twb: I'm going to pretend i understand how to read more than three or four bits of that rexp.
<Ken> regexp* too.
<twb> Ken: man 7 regex
<Ken> twb: it's 2am. I think it's a bit late for me to learn anything new tonight.
<G> and as a last resort it names it: <firstname>s-mac where the name it grabs is whoever it's registered to
<G> which is nice
<Ken> twb: and boy do I have a lot to learn.
<G> my naming list is the first two columns of: http://www.nzbirds.com/birds/gallery.html
<twb> Ken: regex(7) is not new
<twb> Ken: it probably IS older than you
<Ken> twb: I meant new to me :D
<twb> G: I'm not sure "Ngutuparore" would be a good one
<G> twb: no, even I have standards
<twb> We have legacy hosts like "worcestershire" and "barbecue" that nobody can spell.
<G> for instance, I'm never going to name a machine 'titi' for obvious reasons
<twb> I don't see why
<twb> titi, tata, toto -- obvious Italian names
<G> twb: I'd be a bit weird if someone overheard "Oh yeah, just connect to titi and do your stuff" :)
<twb> I guess
<G> actually I lied, it's the first 2 columns and the 4th column
<twb> As opposed to "si, connecto a titi e se irarlo" or whatever.
<G> I'd use 'weka' but I swear I've already used and retired that
<Ken> Okay, thanks for the conversation and lessons. I think it's time to sleep. Good night
<wubba> What is the purpose of cloud software for ubuntu - isn't it just using Amazon already?
<twb> wubba: private clouds
<wubba> twb - are you able to basically start your own private cloud service then?
<twb> Yes.
<wubba> Interesting.
<twb> i.e. you replace amazon in this scenario -- either for internal use within your company, or onselling to your customers
<wubba> That is what we are looking to do - replace amazon.
<twb> There are probably other reasons, but that's the obvious one to me
<wubba> Though we are writing a front end to connect to Amazon cloud for windows.  Is there a programming guide to connect to the private cloud (ie. writing of windows software to attach to the ubuntu cloud)
<pmatulis> wubba: you may want to visit #ubuntu-cloud
<wubba> oh - didn't know that - thank you
<axisys> reposting my question for anyone just joined.. i like to create a custom live cd iso that I can use to boot a server into console=ttyS0 .. most of my servers at remote location so no access to console tty0
<axisys> so need help suggestion with that
<axisys> would be nice if ubuntu offered a live cd iso that allow you to boot into ttyS0 console
<twb> axisys: how many routers do you have with CD drives?
<axisys> twb: for servers..
<twb> Personally I just use netinst
<axisys> twb: sometimes i need to fix the fstab or system wont boot.. how would I do it with netinst ?
<axisys> twb: with fsck status 4 - need a live cd to boot into
<twb> axisys: you turn the live CD into a netboot live image
<twb> That's basically how my prisonpc.com product works
<twb> Or you boot the netinst d-i image with rescue/enable=true
<axisys> twb: how do you turn a live cd into a netboot image.. that is what I am looking for then..
<axisys> twb: ^
<twb> axisys: the easiest way is to use Debian Squeeze and to generate an image from scratch using live-build
<twb> The hard way is to bugger about extracting the ubuntu live CD iso and passing undocumented options to casper
<axisys> twb: there is no ubuntu image available ?
<axisys> twb: hehe
<twb> Ubuntu images are available, ubuntu code to BUILD images is not (or at least, it only works if you are launchpad)
<axisys> twb: so once i install debian squeez (will install as VM) just run live-build with the modification in my grub ?
<twb> uh, grub?
<axisys> twb: i need to append console=ttyS0
<twb> If you're netbooting, you're using pxelinux, not grub.
<axisys> twb: oh ok.. so I need to make change in the pxelinux so the live cd boot into console ttyS0
<twb> Yes.
<axisys> is debian 5.07 is squeeze ?
<twb> No.
<twb> Or just tell the image to run gettys on both tty[1-6] and ttyS0
<twb> Squeeze will be Debian 6.0; currently it is "testing".
<twb> You can generate debian 5.0 (etch) images using live-build, but they aren't as nice.
<axisys> twb: not sure how to do that.. do you happend to have any steps .. unless you dont mine me bugging you :-)
<twb> In THEORY you can run live-build on ubuntu and tell it to generate ubuntu images, but that is not as well supported
<axisys> twb: i will get the testing release.. dvd or cd ?
<twb> axisys: sed -i /etc/inittab -e s/tty2/ttyS0/p
<twb> axisys: or if upstart, sed s/tty2/ttyS0/ /etc/init/tty2.conf >/etc/init/ttyS0.conf
<axisys> debian squeez has upstart ? i will i will find out
<twb> axisys: well, install testing using netboot, not optical media
<twb> axisys: re upstart I meant if you make an ubuntu image
<twb> axisys: debian has upstart but it basically doesn't work
<axisys> twb: yep.. i prefer that.. cant offer a cd to remote site as often
<axisys> twb: i will stick with debian as my live netboot image
<twb> http://paste.debian.net/103053/ contains URLs to netboot install media, and some other notes
<axisys> twb: would be nice if i could follow complete steps
<twb> axisys: I'm not your mum; there's a limit to how much I'm gonna hold your hand.
<axisys> twb: you have been very helpful.. thank you for the link
<tubnub> Perhaps someone can help: I'm running an ubuntu install with 1 wired nic to the cable modem, 1 wired nic sharing internet to a wired network, and now I have a wireless.  can I also share the internet to a wireless network?
<blaenk> hey is there a way to set a directory such that any file created in it is automatically owned by the same group?
<twb> tubnub: yes, but you'll probably need hostapd
<tubnub> twb: hostpad?
<twb> The thing that turns a radio device into a wifi AP
<tubnub> right.
<tubnub> Is that likely to interfere with my wired setup, twb?
<twb> I don't see why it would
<tubnub> k
<tubnub> Any specific area I might Google for further? Or should installing hostapd be just about sufficient?
<twb> I can't remember
<twb> You probably need to give it symmetric crypto or the location of your RADIUS server if you want to lock it down
<Error404NotFound> I am researching on what would be best tool(nagios, zabbix, cacti, etc) to create a central monitoring server in cloud to watch 10+ nodes for Apache, tomcat, CPU, RAM, Load, Disk, Users, and any other stuff. I have previously used nagios but nrpe wasn't a good experience specially when clients had outdated versions.
<Error404NotFound> any/all ideas are welcome...
<twb> nagios and cacti do different jobs.
<twb> The former monitors availability, the latter performance.
<xixor> I dont' have ubuntu server installed yet, but is there a place on the website I can search the packages to see what version of the packages is used?
<xixor> packages.ubuntu.com I suppose?
<gobbe> yea
<xixor> 10.10 would be the server version to install at this point, right?
<xixor> Im currently running debian lenny, but I think it would be good to switch to ubuntu, it seems that the packages are more recent
<twb> xixor: no, LTS
<twb> The packages are more recent than lenny because lenny is contemporary with hardy.
<twb> If you want something that's as new/buggy as lucid, look at squeeze, which is close to release.
<xixor> yeah, I also think that debian is getting close to releasing a new stable version
<ScottK> They are.
<twb> You don't need to "think" it; it's a fact
<ScottK> It's got ~the same versions of packages as Ubuntu Lucid.
<Error404NotFound> twb, just read your message... ya... cacti is more sort of graphing like MRTG. Looking into nagios vs zabbix vs zenoss
<xixor> so does ubuntu use debian packages directly then?  How does that work?
<twb> xixor: it uses some Debian *SOURCE* packages, but it recompiles them
<xixor> oh, I see
<twb> Most packages in Ubuntu's main tree (which is very small) have been buggerized around with
<xixor> yeah
<twb> Stuff in universe tends to be straight from Debian
<xixor> so universe is "free" software, but isn't supported?
<twb> Canonical doesn't support anything in universe AFAIK
<twb> I wrote a little cron job to report on what is and isn't supported
<twb> http://paste.debian.net/103055/
<xixor> cool stuff
<ScottK> It is supported or not (it varies widely) by the community.
<ScottK> it == Universe.
<ScottK> So Universe != unsupported, just that you need to look into it.
<xixor> ah
<xixor> but multiverse == unsupported?
<twb> xixor: multiverse is to restricted what universe is to main
<gobbe> multiverse contains software that is not free
<xixor> ah, sorry, yes, my bad, multiverse is non-free
<gobbe> and universe contains software supported by community but not by official support
<xixor> what does supported by community vs. official support imply?
<gobbe> xixor: well. if you buy advantage from canonical it's official support
<The_Tick> is that worth much?
<xixor> so canonical is the commercial side to Ubuntu?
<gobbe> canonical is sponsoring ubuntu
<xixor> hm.. cool
<xixor> 350 staff it says.. that is quite a bit actually
<The_Tick> free ubuntu is a good marketting campaign
<The_Tick> well, at least it helps
<xixor> yeah, I bet
<gobbe> to be succesfull in commercial environments you need to provide professional support also
<gobbe> that's what canonical does
<xixor> yes
<gobbe> it's like redhat
<gobbe> they have free linux but they sell support
<The_Tick> gobbe: indeed
<gobbe> The_Tick: the best support is 1200e/year/server if i remmeber correctly
<The_Tick> euros?
<The_Tick> I'm sure they have custom support contracts too
<twb> I also *strongly* suspect that main gets more attention from the ubuntu security team than universe
<The_Tick> if they don't they're stupid
<gobbe> twb: that's correct
<twb> Which is the real reason I use that script I pasted
<gobbe> The_Tick: i dont know about that, i have several customers using ubuntu + advantage
<The_Tick> gobbe: where I work we give someone like you a partner status
<The_Tick> :)
<xixor> so, what do you get with that support contract?
<The_Tick> and you get treated differently
<gobbe> The_Tick: where do you work :-)
<The_Tick> at a windows shop
<gobbe> xixor: you get email and phone support, for example
<xixor> does it involve things like apache/php/mysql setup and maintenance at all?
<gobbe> xixor: like in all enterprise os's
<The_Tick> but if you sell product to your own customers and support them, then it's assumed you do the base level troubleshooting
<The_Tick> etc etc
<gobbe> The_Tick: yea
<gobbe> The_Tick: that's what i basicly do, i try to help them at first, if not possobile i'll escalate case to canonical
<gobbe> The_Tick: works perfectly, and i'v been doing that also with redhat for years
<The_Tick> ya
<The_Tick> anyhow, back to hanging this new fan
<gobbe> yea, i'll back my laptop and head to car, need to drive 250km to my parents for christmas and it's damm cold there
<The_Tick> is it the 23rd there?
<gobbe> yea
<The_Tick> ya, get your ass moving
<gobbe> well, it's just morning
<The_Tick> that's not a short hop :)
<gobbe> =)
<The_Tick> hold on
<gobbe> no it's not, and it's something like -21 degrees celcius outside
<The_Tick> http://i.imgur.com/7RtjZ.jpg
<The_Tick> that's in norway
<gobbe> well, i'm in finalnd
<gobbe> finland
<gobbe> and we have more snow here atm
<gobbe> :D
<gobbe> something like ~50cm
<The_Tick> I'm in the states myself
<gobbe> need to sell car and byu a reindeer
<The_Tick> and wearing shorts outside still
<The_Tick> and sandals
<The_Tick> anyhow, fan hanging continues
<The_Tick> have a good trip, drive safe
<gobbe> thanx
<gobbe> see you, i'll leave now
<blaenk> anyone have experience with setting up file permissions on a wordpress installation?
<uvirtbot> New bug: #693745 in ntp (main) "wront time report for turkey" [Undecided,New] https://launchpad.net/bugs/693745
<Frenk> Hey I have a problem with my Ubuntu-Server I never seen before: When I try to start clamav it says: ERROR: LOCAL: Socket file /var/run/clamav/clamav.sock could not be bound: Permission denied
<Frenk> The file does not even exist
<_ruben> does /var/run/clamav/ exist?
<_ruben> if so, its permissions are probably busted
<Frenk> yes the folder exists and there is a file freshclam something
<Frenk> mh okay _ruben do you know what permissions it should have if im using amavids?
<_ruben> the user as which clamd is configured to run should have write access there, i dont run any ubuntu boxes with clamav currently, so can't check
<Frenk> LocalSocket /var/run/clamav/clamav.sock FixStaleSocket true User postfix
<Frenk> so the user is postfix =) but now a dumb question - how to fix  those permissions for postfix?
<Frenk> with chown
<Frenk> ?
<veovis_muaddib> Okay, I have vsftp set up to allow local users to log in through ftp.  I have my main user, and that account can log in with their username and password.  However, I made another account called public, changed the password, and restarted vsftpd, but public cannot login
<veovis_muaddib> FileZilla fails with a 530 Login incorrect, followed by Critical error and Could not connect to server
<Frenk> _ruben the folder clamav has following permissions: drwxrwxr-x 2 postfix    postfix      60 2010-12-23 12:35 clamav
<RoyK> hm... this core2duo is said to be 2,13MHz, but max cpu speed as reported by  /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq is 800MHz, and starting a couple of processes doing while (1) {}, cpu is never clocked over 800
<RoyK> any idea?
<RoyK> running 2.6.32-26-server on lucid
<Koheleth> remote?
<RoyK> remote what?
<RoyK> I'm logged into ssh on the box, yes
<Koheleth> maybe your service is lying
<RoyK> the box is 150km from here
<RoyK> both /proc/cpuinfo _and_ /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_cur_freq ?
<Koheleth> mine actually double what I paid for, nice engineers
<RoyK> /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq is also 800
<RoyK> but cpuinfo says model name	: Intel(R) Core(TM)2 CPU          6420  @ 2.13GHz
<Koheleth> take it up with your provider maybe?
<RoyK> not funny
<RoyK> it's my bloody server
<Koheleth> really though, lot of jokers out there
 * RoyK doesn't laugh much of Koheleth's attemts to joke
<Koheleth> not joking, they try it on at times
<Koheleth> if the output is that I would wonder a bit
<Koheleth> will try mine
<RoyK> anyone that knows why this PoS server only seems to want to run on 800MHz? it's linux 2.6.32, and /proc/cpuinfo says (correctly) that it's a 2.13MHz core2duo, but running at 800MHz under full load, and then, /sys/devices/system/cpu/cpu0/cpufreq/* tells me it can be cloced to either 600 or 800MHz....
<qman__> I don't know enough about how it works to be certain, but is there a way to manually override it?
<RoyK> seems not with cpuinfo_max_freq=800
<RoyK> cpuinfo_max_freq=800000 - it should be 2130000
<twb> 23:52 <RoyK> hm... this core2duo is said to be 2,13MHz, but max cpu speed as reported by  /sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq is 800MHz, and starting a couple of processes doing while (1) {}, cpu is never clocked over 800
<twb> RoyK: what cpufreq driver?
<RoyK> how do I check?
<qman__> RoyK, perhaps scaling_driver in the same directory?
<RoyK> acpi-cpufreq
<patdk-lap> powertop will also show it
<RoyK> all the same - doesn't seem to want to clock anything higher than 800
<Koheleth> you have to take that up with your servive provider support@etc...
<Koheleth> sevice
<Koheleth> service even
<RoyK> Koheleth: what are you talking about?
<Koheleth> the guy is not getting his full service
<RoyK> which guy?
<Koheleth> bet its not software
<Koheleth> the guy with the cpu prob
<RoyK> that's me
<Koheleth> :)
<RoyK> please, Koheleth, what are you smoking/drinking?
<Koheleth> drinking, single malt
<RoyK> it must be rather good, given your answers in here
<Koheleth> oops
<Koheleth> keep thinking I in off topic
<RoyK> answering people to call fucking service in a  technical channel is directly rude
<Koheleth> no one has answered anyway
<RoyK> and yes, sir, it's a software problem in the linux kernel
<Koheleth> lol
<RoyK> probably related to ACPI somehow
<Koheleth> my ubuntu server runs perfect, thank you Bunt and just donated
<Koheleth> just a webserver mind
<RoyK> good for you
<Koheleth> totally free till 2013 :)
<Koheleth> perfect web/mail server
<Koheleth> Bunt rocks
<RoyK> Koheleth: next time someone asks about something about which you have no idea, please remain silent instead of barging out idiocity
<Koheleth> great support as well
<Koheleth> RoyK: sry keep thinking I am in off topic
<Frenk> Me again: I have a problem with clamav => http://pastebin.com/qS8G7LTy Here are extracts from config |  the file itself does not exist.
<Koheleth> try #aptitude purge clamav    ... thats a bit in tongue in cheek.  ;)
<Koheleth> Frenk:  what exactly do you want from this program?
<Frenk> Koheleth: Postfix -> Amavis = Spam and Viruscheck
<Koheleth> Whats it going to do?  Save you from non virtually virus in Linux
<Koheleth> Kick it to touch
<Frenk> For endusers who also use windows?
<twb> Koheleth: plonk
<twb> Frenk: presumably it's normal for clamav to run as postfix?
<Frenk> twb: yes it is. It worked for weeks but all of a suddon - stopped
<twb> Frenk: apparmor?
<twb> Does the setuid from 0 to postfix happen in the init script or in clamav itself?
<twb> the init script is ridiculously long :-/
<Frenk> clamd -c /etc/clamav/clamd.conf -> ERROR: initgroups() failed.
<twb> Ugh, the init script actually PARSES the config file
<twb> And it's using su instead of start-stop-daemon.  FFS
<twb> (su being the answer to my question.)
<twb>   if [ -z "$RUN_SUPERVISED" ] ; then [...] su "$User" -p -s /bin/sh -c ". /lib/lsb/init-functions && start_daemon -p $THEPIDFILE $DAEMON"
<Frenk> twb: running as root
<twb> Frenk: no it isn't
<Frenk> root@mail /tmp # clamd -c /etc/clamav/clamd.conf ERROR: initgroups() failed.
<twb> the init script parses the .conf, gets $User=postfix, and runs su postfix ...
<Frenk> so i need to change to what?
<Frenk> $User=root?
<twb> Why do you want to run it as root?
<twb> Also, what's in "ls -lds /var/run/clamav/" ?
<Frenk> twb: I want to fix the issue but have no idea how. The output is: 0 drwxrwxr-x 2 postfix postfix 60 2010-12-23 14:45 /var/run/clamav/
<twb> su postfix -p -s /bin/sh -c ". /lib/lsb/init-functions && start_daemon -p /var/run/clamav/clamd.pid /usr/sbin/clamd"
<Frenk> it shows one >
<twb> Sorry, I can't be bothered helping more
<dschuett> ok, so i am trying to set up my very first openvpn connection: I followed this guide http://library.linode.com/networking/openvpn/ubuntu-10.04-lucid but it kills my LOCAL network instantly... any ideas?
<dschuett> it kills my network before i even add the ipt rules to my existing firewall script.
<RoyK> any idea where to start digging when scaling_available_frequencies only shows 600/800MHz, and the cpu is a core2duo 6420 2,13MHz?
<SpamapS> dschuett: does it actually kill the local network, or does it just replace your default route?
<dschuett> SpamapS: i'm not quite sure... I have my own box running as a router/firewall with iptables. As soon as i start openvpn I can't  reach the internet anymore
<RoyK> hrmf. seems automatic cpu frequency adjustment is fscked on this box. it sticks to 800MHz. any idea how I can disable it all?
<RoyK> anyone got a nice howto on grub2 and serial consoles?
<RoyK> seems 'https://help.ubuntu.com/community/Grub2#Booting from a serial console' shows it
<RoyK> but then, does this disable the usual console?
<qman__> RoyK, I haven't done it in lucid, but in hardy, it was handled with a script for each TTY
<qman__> if you wanted to eliminate the local consoles you'd have to disable all the scripts
<disposable> the current lucid kernel source package is version linux-source-2.6.32_2.6.32-27.... where would i get linux-source-2.6.32_2.6.32-25.... ? (vserver patch doesn't work well with the newer one)
<RoyK> qman__: that's the tty, I thought more about the console
<veovis_muaddib> Okay, I have vsftp set up to allow local users to log in through ftp.  I have my main user, and that account can log in with their username and password.  However, I made another account called public, changed the password, and restarted vsftpd, but public cannot login
<pmatulis> veovis_muaddib: check logs
<RoyK> anyone here that might know how I can make this PoS kernel understand it's running on CPUs capable of 2,1GHz?
<RoyK> veovis_muaddib: also, check user public's shell - if it's /bin/false or doesn't exist, vsftpd won't allow login
<veovis_muaddib> RoyK: Oh.  I set it to /bin/false because it wasn't supposed to log in at all.  What could I do instead?
<veovis_muaddib> Do I have to leave it on /bin/bash or equivalent?
<RoyK> veovis_muaddib: first hit on google http://ubuntuforums.org/showthread.php?t=292057
<veovis_muaddib> RoyK: Thanks
<qman__> veovis_muaddib, you can also use /usr/sbin/nologin
<qman__> at least, that works for sftp
<veovis_muaddib> qman__: Thanks, I'll try that out as well
<geekbri> i you have 1 ubuntu server with 1 public interface, can it have multiple ip addresses?
<KurtKraut> geekbri, yes.
<geekbri> KurtKraut: how exactly does that work? You can just use ifconfig to give an interface multiple ips?
<KurtKraut> geekbri, each IP address will be handled by eth0:0, eth0:1, eth0:2 and so on.
<geekbri> KurtKraut: ahhh ok, now it makes sense to me... thank you so much
<KurtKraut> geekbri, I've never did this manually but I can state this is pretty comon thing to do.
<KurtKraut> geekbri, I suggest you to seek for a tutorial or howto.
<geekbri> KurtKraut: i plan to i was just a bit confused but you cleared it up for me!
<pmatulis> geekbri: yes, search for 'ethernet alias'
<geekbri> thank you
<Unguided> Hi all. Anyone have time for a few questions for a newb pleaase.
<pmatulis> !ask | Unguided
<ubottu> Unguided: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Unguided> Ok. Sorry. Again I am a newb. Im looking to run ubuntu server to replace an existing M$ windows home server in my home. Does ubuntu server have a GUI for it or can i load one.
<baggar11> Unguided: gui for what?
<Unguided> I dont know command line. I thought using a GUI like gnome would make it easier for me to configure the server
<qman__> Unguided, it will not
<qman__> you CAN install one, but it will not make the process of configuring your server any simpler
<qman__> as all the configuration will still be done via command line and text editor
<baggar11> Unguided: what functions do you want to control from the gui?
<Unguided> I would like to configure dhcp samba etc from a "desktop." i thought that would be easier
<baggar11> Unguided: you may try a targeted distro, like zentyal that has a web-gui for configuration
<Unguided> Ok. What i am looking for is a windows home server replacement based on ubuntu with ease of configuration. I am an average home user and have never used linux other than livecd/dvd
<qman__> Unguided, configuring those is not very difficult, it's a simple matter of copying and pasting some commands and configurations from tutorials
<baggar11> Unguided: zentyal is ubuntu based
<qman__> however, what I'm assuming you're after is a point and click interface, and ubuntu does not have one for those
<baggar11> Unguided: or like qman__ said, google is your oyster for help on configuring ubuntu-server
<qman__> it is not inherently more or less difficult
<qman__> just different
<Unguided> Ok. Any other suggestions besides zentyal i can look at?
<baggar11> Unguided: not sure about ubuntu based, but lots of others that provide web-gui configuration
<Unguided> Zentyal looks very interesting.
<baggar11> Unguided: untangle, redwall, amahi, ipfire
<qman__> untangle is a good gateway/firewall system, but it's not a good general purpose server
<qman__> I haven't used any of the others
<Unguided> qman: im looking for general purpose server
<baggar11> Unguided: you may give amahi a looksee, if you're coming from whs
<Unguided> whs is nice but it is gonna keep costing me money down the road not to mention the mess they are in with version 2. I think it may be time to jump ship while the getting is good. im just looking at what options are out ther.
<serard> hello
<serard> I have registered my .42 TLD domain, and I want it to be served by my computer; using bind, how can I do that ?
<patdk-wk> no idea, didn't think .42 was a valid tld
<serard> it is now :) http://42registry.org
<patdk-wk> doesn't work for me
<serard> it's not an offical TLD in the ICANN sense, but it works (adding the geeknode name servers to your /etc/resolv.conf)
<patdk-wk> oh, it's not a real tld, no wonder, it doesn't exist :)
<serard> it is a real one, but not an official one, imo :)
<patdk-wk> real == I can access it without any configuration changes :)
<patdk-wk> real == my customers can access it :)
<serard> imo you are confusing real and official :p
<patdk-wk> real == hotspots that intercept and redirect dns requests, can access it :)
<serard> the fact is that having modifyed my resolv.conf, I can request .42 tld websites, so it is "real", it works. It is unofficial because it is not supported by mainstream name servers, as it is fairly young (released last sunday if I get it right)
<patdk-wk> it takes years normally to get a tld accepted
<serard> and it is not official in the ICANN sense, as .42 doesnt pay fees to ICANN
<patdk-wk> but anyways, just read up on any website on how to add that domain to your dns server
<patdk-wk> there are hundreds of thousands of howto's on google
<serard> yeah I've found one on french ubuntu community doc on bind9 but I don't feel like it is showing me how to do what I want
<serard> I'll reread it :)
<joebob777as7> trying to access my old encrypted home directory followed a couple guides online but I keep getting my current home directory's files. need some help plz
<joebob777as7> when i click on the link to my old files I get: The application launcher "Access-Your-Private-Data.desktop" has not been marked as trusted. If you do not know the source of this file, launching it may be unsafe
<joebob777as7> nothing i've found online seems to work
<joebob777as7> this is the guide I followed: http://www.kaijanmaki.net/2009/10/26/recovering-files-from-ecryptfs-encrypted-home/ and I only get the files for my current home directory not the one in /media
<i0nic> is dh_make available on ubuntu server?
<i0nic> if so what package is this under?
<binBASH> dh-make
<Smaug> hey all, i have rkhunter, and is says that "Warning: The command '/bin/which' has been replaced by a script: /bin/which: POSIX shell script text executable" for which, groups, ldd, and adduser.   should i be worried?
<lenios> is it the first time you launch it?
<mdeslaur> Smaug: those are all scripts on my system, so I would guess not, no
<Smaug> lenios: i launched it during the summer (last time i checked in on my server), don't remember what it said then
<Smaug> mdeslaur: i mean those are all standard scripts, but they've been modified perhaps?
<lenios> did you upgrade packages since last summer?
<Smaug> not sure, don't think so.  i have upgraded packages though
<Smaug> was going to upgrade some packages after running rkhunter....
<Smaug> could that cuase it?
<Smaug> *have caused it?
<Smaug> more importantly - how do I determine if this is an issue
<Smaug> is there a way to compare adduser with what it should be
<Smaug> while i'm waiting for someone to answer this question, someone tell me is it a problem to apt-get update now?
<lenios> you should run rkhunter before running upgrade
<lenios> check it's ok, and then upgrade packages
<lenios> update is just updating packages list
<lenios> apt-get upgrade is the one modifying files
<Smaug> right i meant update and upgrade, i run them one after the other so one connotes the other to me
<Smaug> anyway, how do i check its okay?  how do I check that those scrpts are not compromising me?
<Smaug> or are evidence of compromise etc
<lenios> you have signatures of the files, and you're not sure you changed them or not
<lenios> you can try to check updated packages, and see if an upgrade impacted the files giving a warning
<lenios> but thing is, something changed those files, either someone or apt-get upgrade
<lenios> and you don't really know
<Smaug> so.....what do you reccomend I do?
<lenios> i'd recommend you get clean files
<lenios> and run rkhunter after that
<Smaug> that sounds good.  where do i get clean files?
<Smaug> I'm sorry to be such a pain lenios, i really appreciate the help
<lenios> the most clean would be to reinstall system, the least would be to apt-get install --reinstall debianutils libc-bin adduser coreutils
<lenios> maybe force
<lenios> checking you're getting it from a good source
<Smaug> reinstall the system?  won't that mess up any websites i have going on?
<Smaug> will i have to resetup everthing?
<Smaug> i suppose i will try the ap-get install --reinstall debianutils libc-bin adduser coreutils option
<Smaug> before i do, is there any chance it would affect any sort of websites i have hosted on apache?
<lenios> as much as last time you upgraded those packages
<lenios> do you run apt-get commands as sudo?
<lenios> you can check in /var/log/apt/ for logs of last upgrades
<lenios> maybe you can see what happened in the last few months
<SilverWolf> Hi. I'm having trouble getting snmptrapd to accept authCommuunity in the /etc/snmp/snmptrapd.conf file. When snmptrapd start it says Unknown Token: authCommunity. Does anyone know what may cause it?
<Smaug> lenios: yes, will do
<SilverWolf> It is NET-SNMP 5.4.3 there is installed
<yann2> hello! What is a good value for swappiness for an ubuntu server?
<pmatulis> yann2: it depends what it's being used for
<yann2> yeah? cause my vms often use swap when there is still quite a lot of ram available
<yann2> pmatulis, do you know any documentation that discusses this topic in depth?
<Smaug> lenios: i ran the apt-get install --reinstall debianutils libc-bin adduser coreutils, and it gave me an error "E: Couldn't find package libc-bin"
<lenios> Smaug, dpkg -S ldd
<pmatulis> yann2: kvm?
<Smaug> i ran that, got as output: dpkg-dev: /usr/bin/dpkg-checkbuilddeps  and libc6: /usr/bin/ldd
<Smaug> and some locations of some gzipped stuff
<Smaug> what should i do with this information?
<yann2> pmatulis, yes, but speaking of the guests
<pmatulis> yann2: right, but the hypervisor is involved
<yann2> didnt know that, I thought the choice of putting something to swap on a guest was 100% guest specific
<pmatulis> yann2: swap is tricky with virtualization
<yann2> tell me more :)
<yann2> pmatulis, any litterature I could read, or should I just accept it as it is?
<lenios> Smaug, aptitude install --reinstall libc6
<lenios> err, apt-get*
#ubuntu-server 2010-12-24
<pmatulis> yann2: i would ask on the kvm mailing list
<Zeu5> hi there i need help. for some reason, my phpthumb is working on my ubuntu machine but not on the ubuntu server. i have installed both imagemagick in both machines but everything is fine. after much googling there may be a problem with the imagemagick library though i can find it in php_info. please advise.
<lenios> Zeu5, are both phpinfo returning the same result for imagemagick? what about aptitude search imagemagick?
<Zeu5> lenios, i have never used aptitude search. how do i do that?
<Zeu5> lenios, okie i see that imagemagick has a p in the  server but an i in devt machine
<Zeu5> what does p and i stand for?
<Zeu5> lenios?
<lenios> p is package not installer, i is installed
<lenios> not installed*
<Zeu5> oh i see
<Zeu5> i tried sudo apt-get install php5-imagemagick but it keeps saying tat its the latest version what shd i do?
<Zeu5> this is the php_info of my server if it helps http://thecopyninja.com/info.php
<Zeu5> oops .. never mind i just realised i did something wrong... sorry
<Zeu5> let me try something first...
<lenios> apt-get install imagemagick
<Zeu5> lenios, okie imagemagick is installed but i am still having errors with phpthumb
<Zeu5> i get the i
<Zeu5> hi lenios, i mistook php5-imagemagick for imagemagick, so now i have both in server, i still cannot get it work. please advise
<Smaug> lenios: i did what you said earlier and rkhunter still gives me errors on those ones.  does that mean I should not be worried?
<Error404NotFound> anyone here used pandora fms?
<twb> !anybody
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<Error404NotFound> :)
<Error404NotFound> twb, what do you think would be best qualified for http://pastebin.com/GU1kpaGG ? i have found nagios and pandoraFMS both suitable though later seems more complex to setup, so far.
<Doonz> hey does anyone know howto stream something over ssh to vlc
<Smaug> lenios are you asleep?
<n_i_x> rigved: im here :)
<rigved> n_i_x: ok. did you make any special hard disk setup during install?
<n_i_x> rigved: no.. told it to use all space it was one of the standard choices
<n_i_x> the tasksel tasks I installed were Ubuntu Basic Server and LAMP that's all
<rigved> n_i_x: ok. when you boot, just after you see the motherboard's splash screen, press "Shift". that will bring up the grub menu
<n_i_x> rigved: yea I tried that.. it never displays the grub menu
<n_i_x> I'll try again.. do I need to hold shift or repeatedly press it?
<rigved> n_i_x: hold shift
<rigved> n_i_x: it has to be done immediately
<rigved> n_i_x: only like in a span of 2-3 seconds
<n_i_x> nothing
<rigved> n_i_x: try again. this time repeatedly press  the "Shift" key. if this doesn't work, then there is some problem with grub
<n_i_x> this case has 4 hot-swap hard drive bays.. lemme try removing those disks and rebooting.. ya never know
<rigved> n_i_x: ok
<n_i_x> i removed those disks from the bios boot selection
<n_i_x> so it's not booting off them
<n_i_x> that didn't help.. it's doing the same thing
<n_i_x> so the ubuntu server cd can't be used to repair grub can it?
<n_i_x> or will I need an ubuntu desktop live cd or somethign
<rigved> n_i_x: one moment. researching
<rigved> n_i_x: when you get the blinking cursor, press Crtl+Alt+F2
<n_i_x> that does nothing
<rigved> n_i_x: if that doesn't work, try F3, F4, F5
<n_i_x> tried them all :)
<rigved> n_i_x: ok. i think you need the LiveCd to fix grub
<rigved> n_i_x: but wait. let me check if something is possible
<n_i_x> k
<rigved> n_i_x: http://www.linuxquestions.org/questions/linux-server-73/after-installation-of-ubuntu-10-4-server-edition-screen-shuts-off-809546/
<rigved> n_i_x: similar problem to yours
<n_i_x> rigved: ahh.. so it doesn't support the built in video card?
<rigved> n_i_x: maybe
<rigved> n_i_x: re-install using the nomedeset option
<n_i_x> rigved: thats what I was going to try now :)
<rigved> n_i_x: but wait. let me make sure that there is nothing that you can do
<n_i_x> sure
<rigved> n_i_x: that is your last option
<rigved> n_i_x: there is a grub repair disk - http://beginlinux.com/server_training/server-managment-topics/1069-supergrub
<rigved> n_i_x: not sure if ti works, never tried it or heard of it
<rigved> n_i_x: you can try the grub repair disk but i think that it will not work because your video card is not supported (most probably). so best option is to install in the nomodeset option
<n_i_x> ok i'll try that
<rigved> n_i_x: if using the second option, then when you insert the ubuntu server disk, after the language Selection and before selecting Install ubuntu server, press F6 and select nomodeset. then select Install Ubuntu Server
<rigved> n_i_x: ok. whatever works for you
<n_i_x> reinstall would be easier actually.. I don't have a cdrom in this box and only have 1 flash drive which already has 10.04 server on it.. reformatting it for rescatux might be more of a pain :)
<rigved> n_i_x: ok. but make sure you do as i said about the nomodeset option. all the best!
<n_i_x> rigved: I think I found the problem... grub gets installed to /dev/sda in the ubuntu installer.. the boot drive is /dev/sdd.. side note.. not sure why the disk connected to sata1 gets detected as /dev/sdd
<gobbe> grub should be installed to disk start you are using to boot up your computer
<gobbe> that's why it's in most of the cases /dev/sda
<n_i_x> sure.. I get that.. but.. I don't get why the first disk in the system which is connected to sata1 (there is no sata0) is detected in ubuntu as /dev/sdd
<gobbe> how many disks you have?
<n_i_x> 5 + the usb disk I boot the installer from
<n_i_x> I have to pull the disks before installing ubuntu so grub installs itself properly
<gobbe> yea
<n_i_x> after pulling the disks the installer sees the disk as sda
<n_i_x> so I'm pretty sure the install will work properly now
<n_i_x> as grub will get installed where it should
<n_i_x> rigved: pulling the drives and reinstalling worked.. it was a grub issue!
<rigved> n_i_x: good to hear. did you also try the nomodeset option? or did it work without that?
<n_i_x> rigved: it didn't need it.. I actually couldn't find the spot to add that in the installer... I hit f6 after every screen and nothing
<rigved> n_i_x: ok. but the good thing is that it's working now!
<rigved> n_i_x: now you cannot the other disks and it will work fine
<n_i_x> rigved: indeed... had I had a cd-rom drive I would have tried to reinstall grub.. I was confused by the blinking cursor tho... thought there was a chance it was kernel related
<n_i_x> rigved: one step ahead of you.. already on to mdadm config :0
<rigved> n_i_x: :)
<n_i_x> I have to get a new cdrom drive.. I didn't realize this mobo had no pata ports... and I don't have a slim sata cd-rom anywhere
<rigved> n_i_x: but if you are going to be running any critical applications on this server, then better not to have a CD-ROM. that way you can be sure that your system cannot be physically compromised (security plus point)
<rigved> n_i_x: and you can always lock the usb ports so that they cannot be used without the admin password
<n_i_x> rigved: it's a home NAS :)
<n_i_x> rigved: it's replacing my huge dell server
<n_i_x> with a nice mini-itx 4-bay hot swap case.. getting a nice power boost from the core i3 vs the old p4 and saving some electricity at the same time
<rigved> n_i_x: cool :)
<n_i_x> rigved: yea.. the old server is running jaunty... i was on irc at 3am last week and let someone convince me to buy a WHS NAS.. huge mistake
<rigved> n_i_x: didn't you get it verified from someone?
<rigved> n_i_x: like your PC guy?
<n_i_x> pc guy? I am the pc guy.. so I ended up buyng the thing because 1) it was only $300 and 2) I figured having TVersity again on the network would be nice
<n_i_x> I did next to no research tho.. the price was so cheap
<n_i_x> amazon prime didn't help either
<n_i_x> but WHS doesn't do raid
<n_i_x> it has this weird data duplication service that duplicates data on another physical disk
<n_i_x> but the service doesn't run at scheduled intervals.. it's pretty random and sometimes runs when the server needs to perform other tasks.. like streaming media
<n_i_x> at that point, the server stops performing it's streaming task and focuses on data duplocation
<n_i_x> I was getting really crappy IO performance out of it
<n_i_x> it wasn't able to saturate the gig ethernet
<PeterNL> Hi, I'm trying to install ubuntu server in a VM from a custom netinstall image, but it fails: http://peter-server.homelinux.net/di1.png and http://peter-server.homelinux.net/di2.png
<rigved> n_i_x: wow. that's really something
<RoyK> PeterNL: if it's a custom image, well.....
<PeterNL> Is this a know problem in any other ubuntu server installer?
<n_i_x> rigved: yea.. it also uses an atom processor which isn't known for it's blazingly fast performance :)
<rigved> PeterNL: it's unable to download the required packages.
<PeterNL> is nl.archive.ubuntu.com down or something?
<rigved> PeterNL: which version is this?
<PeterNL> 10.04.1
<RoyK> just use a normal install image
<PeterNL> RoyK: not gonna happen. This is for http://peter-server.homelinux.net/osmbuntu/
<PeterNL> brb...
<n_i_x> night everyone.. thanks for the help!
<PeterNL> back. Should I try with another mirror?
<rigved> PeterNL: yes. try that
<PeterNL> ok
<RoyK> PeterNL: what exactly is that?
<PeterNL> OSMbuntu? It's an ubutnu server netinstaller with an script to download/compile/install software you'd usually find on a OSM tileserver, and import osm data, end more...
<RoyK> why not just write a metapackage?
<PeterNL> Because this is way cooler :) Users can setup their username, password and bbox before they run the installer
<PeterNL> And the image is only 12mb
<RoyK> I didn't find an image on that page, though
<PeterNL> http://peter-server.homelinux.net/osmbuntu/?create
<RoyK> what's the username+pass needed? and why is bbox filled with 'left*13.8|top*44.9|right*13.9|bottom*44.8' ?
<PeterNL> bbox is bounding box. In degrees.
<PeterNL> And the user/pass is whatever you like it to be
<PeterNL> But be warned, booting this this will kill all datra on your first harddrive :) Please run this on a VM (to make screenshots)
<PeterNL> But I g2g, i'll see what happens to your vm later
<RoyK> PeterNL: lemme try...
<RoyK> PeterNL: installed without problems here
<PeterNL> sure? What mirror did you choose?
<PeterNL> I'm trying with de now. nl is the one that failed.
<rigved> PeterNL: try pinging the nl server separately
<rigved> PeterNL: it may be down
 * PeterNL tries
<PeterNL> Not down. But maybe it *was* down...
<PeterNL> Any logs of that?
<rigved> PeterNL: ok. not sure. google it if you find any. mostly only admins can check logs.
<PeterNL> Well, there are :) http://ubuntuarchive.bit.nl/ The graph doesn't show any downtime...
<rigved> PeterNL: official ubuntu server stats are available online (whether they are down or not)
<Jeeves_> PeterNL: I don't think the server was down
<Jeeves_> But I can ask it for you
<Jeeves_> The server does support IPv6, maybe that's broken in your network?
<PeterNL> Jeeves_: afaics it was up for the last 24h.
<PeterNL> And I'm still using IPv4
<Jeeves_> PeterNL: Yes, but maybe your network thinks it has IPv6 somewhere
<Jeeves_> Apple Airports are know to break stuff
<PeterNL> The image gets an IP addres from dhcp, and I only have an DHCPv4 server here. Everything here gets an IP from the same DHCP server
<PeterNL> And there is no Apple hardware around here :)
<Jeeves_> PeterNL: Just letting you know :)
<PeterNL> Linksys router with DD-WRT ftw :)
<Jeeves_> There haven't been any issues with nl.archive
<PeterNL> de fails for mee too. http://peter-server.homelinux.net/di3.png
<RoyK> well, works for me (tm)
<PeterNL> Well, not for me (tm)...
 * RoyK blames the designer
<PeterNL> Who is that?
 * PeterNL looks in a mirror
<PeterNL> Ah, that's him!
<PeterNL> RoyK: what VM software do you use?
<RoyK> PeterNL: vbox4
<PeterNL> same as I have. Makes it extra weird :)
<RoyK> PeterNL: can try with kvm as well if you want to
<PeterNL> Nah, it works for you in vbox4, and it doesn't for me.
<PeterNL> What NIC have you set in your VM?
<RoyK> intel pro/1000 MT (nat(
<RoyK> s/.$/)/
<PeterNL> I have it set as bridge. Will try nat.
<RoyK> "desktop" adapter
<MACscr> i just upgraded my server from hardy to lucid and now it wont boot. Its a xen pvm, so i am at least able to get console access, but here are the errors: http://pastebin.ca/2028081
<MACscr> any tips would be sincerely appreciated
<RoyK> how do I specifically turn _on_ the old-fashioned grub menu?
<RoyK> I don't get it why everything needs to be so bloody obscured these days
<bogeyd_> Can anyone help with http://paste.ubuntu.com/547210/ ?
<pmatulis> bogeyd_: how did these files end â on your machine?
<bogeyd_> pmatulis probably broken files from an iscsi server that crashed
<bogeyd_> rm locks up and doesnt exit when you try to del so the zoneminder janitor never deletes the files and the iscsi runs out of space (650gb)
<pmatulis> bogeyd_: so what is your goal at this point?
<bogeyd_> to just remove that directory 18685 and move about my life
<bogeyd_> no interest in recovering it
<MACscr> ok, i have a xen guest running ubuntu 10.04, how can i find out what partitioning setup its using when i mount its image locally in the dom0?
<MACscr> i cant get it to boot, so just trying to figure out what the hell is going on. Worked fine before i upgraded it from 8.04
<bogeyd_> pmatulis i was thinking of booting to single user mode and running fsck
<pmatulis> bogeyd_: yes, good idea.  but can you not move some files off of it(if the volume is full?
<bogeyd_> pmatulis volume is no longer full, i just hand  deleted everything else and was left with this directory.
<pmatulis> bogeyd_: ok
<pmatulis> bogeyd_: so fsck is a good choice
<bogeyd_> pmatulis ty
<bogeyd_> pmatulis will single user mode mount the iscsi target?
<pmatulis> bogeyd_: why single user mode?  just log in to the volume.  this provides you with an unmounted block device
<bogeyd_> pmatulis unfortunately i dont understand how to log into the volume
<pmatulis> bogeyd_: ok then do whatever you normally do and then unmount it
<bogeyd_> pmatulis umount -f   gives me /var/cameras is device busy
<pmatulis> bogeyd_: pastebin output to 'mount' command?
<bogeyd_> pmatulis http://paste.ubuntu.com/547216/
<pmatulis> bogeyd_: i said the 'mount' command
<bogeyd_> oh
<bogeyd_> pmatulis http://paste.ubuntu.com/547217/
<bogeyd_> pmatulis it was the zoneminder janitor, i have the volume unmountednow
<bogeyd_> pmatulis and the fsck command gives me /dev/sdb1: clean, 48/39321600 files, 1290131/157286382 blocks
<bogeyd_> pmatulis after remounting the volume and trying to the files I am confronted with the original problem
<pmatulis> bogeyd_: strange.  i wonder if it's iscsi related then
<pmatulis> bogeyd_: if the volume is emptied besides these files why not just format it?
<bogeyd_> pmatulis provide the command and I shall reformat
<bogeyd_> I need ext3 file system
<bogeyd_> pmatulis i assume "mkfs.ext3 /dev/sdb1"
<pmatulis> bogeyd_: unmount first
<bogeyd_> k
<RoyK> bogeyd_: either umount or remount -o ro
<bogeyd_> k, looks like reformat is working nicely
<bogeyd_> pmatulis no doubt iscsi related, it is assumed at this point that is how it got corrupted. one tends to think that 8.04 LTS prob had 99.9999% of bugs worked out by now
<bogeyd_> RoyK ty for your input
<bogeyd_> i never seen the rm command just stop working with no errors and sit at 99% cpu
<bogeyd_> royk and pmatulis reformatting the file system worked
<uvirtbot> New bug: #694114 in autofs5 (main) "umountfs init job crashes with SIGSEGV when autofs is in use" [Undecided,New] https://launchpad.net/bugs/694114
<yann2> hello! Not sure if this is the right place to ask - I am looking at a way to compile a source package statically (a shell, to be precise). any hint?
<yann2> google is failing me
<cloakable> yann2: what shell?
<yann2> any shell, it's the method that I want, not the end result :)
<yann2> hoping it is not massively complicated :(
<cloakable> http://www.google.com/search?client=ubuntu&channel=ks&q=compile%20bash%20statically
<yann2> finally found, for people with interest, just add  --with-ldflags=-static to the ./configure line :)
<ne7work> hello all, someone who host hlds under ubuntu server 10.10 32-bit here?
<opengeard> is anyone familiar with multistrap?  I need to build bootable system (dd) images without actually deploying.
<uvirtbot> New bug: #694160 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subproces installed post-installation script gaf een foutwaarde 75 terug" [Undecided,New] https://launchpad.net/bugs/694160
<n_i_x|ZzZzZz> why does mdadm install postfix? I mean, I know it needs sendmail or whatever, but why is it installing postfix to get that? If I remove postfix, will mdadm break or will it just not be able to email alerts
<cn1209> What is the correct channel to ask how to setup apache2 on ubuntu server. I just need help on the perl side. I see the source of the script and that's it.
<tsrk> cn1209: I'd suggest installing libapache2-mod-perl2
<cn1209> tsrk: I ran atp-get install libapache2-mod-perl2. Now in my Directory block of my site I added the options ExecCGI and Handler cgi-script and cgi pl
<cn1209> tsrk: I'm getting this: You don't have permission to access /index.cgi on this server.
<tsrk> cn1209: does the script have world-executable permissions?
<cn1209> tsrk: I have the user www-data full access
<tsrk> cn1209: ok, check your apache error log (/var/log/apache2/error.log) and see what it says
<cn1209> tsrk:
<cn1209> tsrk: Weird. Running tail and I see no such file or directory. Before that I see cannot open 'tec/httpd/logs/error_log
<tsrk> cn1209: do you have it configured to use a different error log?
<cn1209> tsrk: No. I have it set to ErrorLog /var/log/apache2/error.log
<tsrk> cn1209: ok, is the "no such file or directory" referring to index.cgi or that other error log?
<cn1209> tsrk: I think it's looking for a file error_log. I'll check. Sec
<cn1209> tsrk: okay. Looks like the direct /httpd/logs and the file error_log is none existent. Just made it.
<cn1209> tsrk: okay. Now I get Premature end of script headers
<tsrk> cn1209: http://htmlfixit.com/cgi-tutes/tutorial_Common_Web_dev_error_messages_and_what_they_mean.php#premature
<cn1209> tsrk: okay. I'm using #!/usr/local/bin/perl I'll check if that's correct for my config
<cn1209> tsrk: Thanks
<cn1209> tsrk: It was the shebang
<cn1209> tsrk: How can I can the install or copy it to /usr/bin/perl to /usr/bin/lib/perl
<cn1209> tsrk: The previous developer has hundreds of scripts using usr/bin/lib
<tsrk> cn1209: create a symlink with "ln -s /usr/bin/perl /usr/bin/lib/perl"
<cn1209> tsrk: Awesome. You are awesome!
<cn1209> Thanks!
<tsrk> cn1209: nah, i've just been using linux too long =P
<cn1209> tsrk: LOL. That's good. I work with Windows Server mostly. Programming. Yeah... I Know.
<tsrk> cn1209: ah I see. I know nothing about windows server (not that I hate windows but I can't justify the cost)
<cn1209> tsrk: That's true. That's why I personally use Ubuntu for personal use. Cost. Running under VMWARE Esxi. AGAIN Cost. :)
<tsrk> cn1209: i like esxi except for the lack of software raid, which is why i use kvm on ubuntu instead
<cn1209> tsrk: Yup. That is true
#ubuntu-server 2010-12-25
<Smaug> hey lenios
<wizardslovak> hello people
<wizardslovak> i cant mount partitiong :(
<wizardslovak> in gparted its there but i cant mount it
<Psi-Jack> hmm
<EvilPhoenix> Psi-Jack:  didnt expect to see you here.  sup
<Psi-Jack> I'm almost always here. heh
<Psi-Jack> I'm just having some serious issues with iet.
<Psi-Jack> Pissing me off to no end. LOL
<Psi-Jack> Beginning to seriously think tgt is a better way to go.
<Psi-Jack> I'm having craploads of issues trying to use iet for an iSCSI Target. I have two opensuse servers running as NAS, DRBD'ing raid10 arrays between them and running clvm on them, exporting logical volumes as iSCSI blockio targets, using a VIP for the actual portal address.. Now, when open-iscsi does a discovery on it, whatever nas server has the VIP, the iscsi initiator gets both the NAS's private
<Psi-Jack> IP and the VIP, so it logs into both. This is causing serious issues for me.
<SamuelPeterson> Hi all, I installed ubuntu server 10.04 LTS and when it rebooted, nothing was being sent to the monitor. I restarted the PC and the video card send out images to show the bios posting, I saw some text from ubuntu booting up, then my monitor turned off... Anyone know what this is caused by?
<EvilPhoenix> question.  is there an easy way to do an automatic copy of a folder to another location repeatedly every 6 hours?
<rigved> EvilPhoenix: i think you can use rsync for that
<EvilPhoenix> rigved:  in what, a cron job or smth?
<rigved> EvilPhoenix: i am pretty sure that rsync has a method to do backup at regular intervals. i think it uses cron.
<rigved> EvilPhoenix: man rsync. there are examples at the end of the manual.
<EvilPhoenix> lemme confirm something: rsync --recursive /path/dirA /path/dirB  will copy dirA to dirB and overwrite everything in dirB with the data in dirA?
<EvilPhoenix> welcome back
<EvilPhoenix> wrong button?
<cn1209> hello. Is there a way to copy all perl modules from one Ubuntu Server installation to another?
<cn1209> Or at least create some kind of package to have and install from the source server to the destination server?
<nutrapi> Could anyone help me understand why when installing and using the linux-image-server kernel, that uname still reports 'generic-pae' ? I understand this is normal, but why?
<nutrapi> From what I remember, it used to report '-server' or '-virtual' appropriately, but then again, it's been a while.
<nutrapi> Found my answer - 'generic-pae' is for all 32bit installs now
<nutrapi> http://ubuntuforums.org/archive/index.php/t-1431485.html
<lenios> hi Smaug
<veovis_muaddib> I customized my PS1 by copying one I liked and tweaking it, and now when I use ssh, typing too many characters makes the line wrap to itself, so commands overwrite the prompt and become hard to read.  I assume I made a syntax error or something, because I copied and pasted.
<veovis_muaddib> PS1='${debian_chroot:+($debian_chroot)}\[\033[00;37m\]{\e[01;34m\t\e[00;37m} | \e[00;31mEndor\e[01;32m\[\033[00m\] | \[\033[01;34m\]\W\[\033[00m\] \e[01;37m\$ '
<veovis_muaddib> It looks exactly as I'd like it to, but something must be screwed up...
<qman__> veovis_muaddib, there is something wrong with it, I just tried it
<veovis_muaddib> qman__: Yeah.  I just can't read it well enough to figure out what the problem is
<RoyK> hi all. just got this cheap met station that connects to a pc with usb - any idea how to intercept usb traffic to try to reverse engineer that one to try to grab the data from a linux box?
<qman__> veovis_muaddib, it's not 100%, but it's mostly fixed
<qman__> PS1='${debian_chroot:+($debian_chroot)}\[\e[00;37m\]{\[\e[01;34m\]\t\[\e[00;37m}\] | \[\e[00;31m\]Endor\[\e[00m\] | \[\e[01;34m\]\W\[\e[00m\] \[\e[01;37m\]\$ '
<qman__> the problem is that you didn't encase all the escaped sequences in \[ \] blocks
<veovis_muaddib> qman__: Ah, okay.  Thanks!
<qman__> that one still backspaces too far by one character
<qman__> couldn't find the culprit
<veovis_muaddib> I'll keep looking then
<veovis_muaddib> At least I know what I'm looking for now
<qman__> ah, found it
<qman__> PS1='${debian_chroot:+($debian_chroot)}\[\e[00;37m\]{\[\e[01;34m\]\t\[\e[00;37m\]} | \[\e[00;31m\]Endor\[\e[00m\] | \[\e[01;34m\]\W\[\e[00m\] \[\e[01;37m\]\$ '
<qman__> veovis_muaddib, ^
<veovis_muaddib> Ah, next to the time?  Yeah, the {} hid it well
<veovis_muaddib> Thank you very much!
<PeterNL> diff PS1a PS1b anyone?
<veovis_muaddib> Yeah, that fixed all the problems!
<veovis_muaddib> PeterNL: I don't have a copy of the original working one, I figured since it looked right, it was okay
<PeterNL> :)
<veovis_muaddib> Yeah, confirmed with OpenSSH and PuTTY, this fixed it qman__
<random_ubuntuer> hi, anyone active here atm? Would like some help with an installation issue...
<PeterNL> I'm here
<random_ubuntuer> great
<random_ubuntuer> I'm trying to install ubuntu 10.10 server on an old IBM
<random_ubuntuer> I can't use CD or USB so I used my laptop as a pxe server
<PeterNL> Ooh, getting complex. I don't think I can help
<random_ubuntuer> and dhcp and tftp all work correcty, I get the first installation menu on the server box
<random_ubuntuer> and the problem is that from then on it is frozen
<random_ubuntuer> the problem might not be related to the fact that I'm booting from net, just mentioned it just in case
<random_ubuntuer> I think it might have something to do with graphics or the installation files
<random_ubuntuer> I can't select the options from the menu, the keyboard doesn't do anything
<random_ubuntuer> can't use ctrl+alt+del nor ctrl+alt+backspace or anything
<random_ubuntuer> and the menu screen is wrapping from the bottom
<PeterNL> ctrl-alt-f[1-6]?
<random_ubuntuer> nothing
<random_ubuntuer> the computer basically crashes
<PeterNL> Can this be an hardware problem someway?
<random_ubuntuer> Can be, but I don't think it is
<random_ubuntuer> there's a working slackware install on the box, although I haven't used it for some time
<PeterNL> Wel, I really don't know...
<PeterNL> Try booting slackware, and see how well it works
<random_ubuntuer> As far as I remember, I wrecked the slack enough, so it doesn't boot fully
<PeterNL> ...hmmm, well nothing I can do from here :)
<random_ubuntuer> Well, I'm here for troubleshooting...
<random_ubuntuer> I'll try to get the slack to boot, but I'd still like some more recommendations
<random_ubuntuer> hmm, the slack actually stops booting at "checking 'hlt' instruction..." so it might be hardware
<random_ubuntuer> I'll check it some more
<qman__> you could try the "nomodeset" boot option
<qman__> the new KMS is problematic for some graphics chips
<random_ubuntuer> I did get the slack to boot now with "no-hlt" boot command
<random_ubuntuer> I'll check the hardware to make sure, it's still okay
<random_ubuntuer> can i insert boot arguments in ubuntu install before the menu jumps up?
<random_ubuntuer> wow, the ext2 on the disks is crap, even after fsck
<random_ubuntuer> about time, to reinstall : P
<random_ubuntuer> I think that the installation would work if I could pass "no-hlt" to the boot process
<random_ubuntuer> Okay, I'll play around a bit
<random_ubuntuer> disconnect...
<random_ubuntuer> back
<random_ubuntuer> Yeah, there doesn't seem to be a way to insert boot arguments before the menu jumps up
<random_ubuntuer> and by then, the computer has crashed
<random_ubuntuer> I searched around the boot files but I didn't see a boot loader there either
<random_ubuntuer> does the installation use grub?
<uvirtbot> New bug: #694286 in dovecot (main) "package dovecot-common 1:1.2.9-1ubuntu6.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1 (dup-of: 657392)" [Undecided,New] https://launchpad.net/bugs/694286
<lenios> random_ubuntuer, you got the grub menu on boot?
<random_ubuntuer> no, immediatly after it connects the dhcp and tftp, it goes to the menu and crashes
<lenios> i don't know what menu you're talking about
<lenios> oh, you mean install boot
<random_ubuntuer> yeah
<qman__> random_ubuntuer, the menu is just a fancified isolinux
<qman__> you give boot options in the menu itself
<qman__> if it's not making it that far, your hardware is probably failing
<random_ubuntuer> syslinux, you mean?
<random_ubuntuer> that's the thing, it boots slackware which is installed currently
<random_ubuntuer> I had to use the "no-hlt" boot argument however for it to work
<random_ubuntuer> I thought I had to add the argument to the installation boot process
<random_ubuntuer> but then realised that it doesn't boot an image until after syslinux menu
<Smaug> lenios, so I reinstalled clean versions of the files as you said, and rkhunter threw the same warnings.  does this mean I should not be worried?
<iceflatline> Happy ($local_holiday) everyone!
<archer> need help with squid on its dual mode, normal + rproxy. someone please?
<Smaug> iceflatline: haha ty you too!
<lenios> Smaug, the files are different that the ones you had the last time you checked with rkhunter
<lenios> i guess you should take those files as clean, and now run future checks with those ones
<lenios> against*
<Smaug> lenios: ok ty
<lenios> Smaug, just remember to check before and after each upgrade
<lenios> rkhunter is not bulletproof anyway
<uvirtbot> New bug: #694342 in autofs5 (main) "FTBFS in Natty" [Undecided,New] https://launchpad.net/bugs/694342
<gccster> guys can anybody help me solve a problem with postfix server (can send but cant recieve emails..)?
<guntbert> gccster: did you see the links in !postfix ?
<gccster> !postfix
<ubottu> postfix is the default !MTA and !MDA on Ubuntu. For help, read https://help.ubuntu.com/community/Postfix and https://help.ubuntu.com/community/PostfixBasicSetupHowto - See also !MailServer
<gccster> guntbert my problem is that i cant find a way to check whats happening cant any logs
<gccster> so i cant get started
<guntbert> gccster: read those links and have a look at https://help.ubuntu.com/10.04/serverguide/C/postfix.html too ...
<gccster> guntbert ive got a virtual domains setup
<gccster> its all working except not recieving from outside world
<guntbert> gccster: I myself didn't try that setup, so please read up (for the time being...)
<gccster> i think ill try to setup all from the begining
<gccster> well i just solved it
<gccster> damn
<gccster> guntbert thx for your time anyway
<guntbert> gccster: you're welcome :-) have fun
<binBASH> hi what package do I need to install to get the hint in which package a missing command is?
<Nafallo> !info command-not-found
<ubottu> command-not-found (source: command-not-found): Suggest installation of packages in interactive bash sessions. In component main, is standard. Version 0.2.40ubuntu15 (maverick), package size 12 kB, installed size 128 kB
<Nafallo> ^-- binBASH
<uvirtbot> Nafallo: Error: "--" is not a valid command.
<binBASH> much thanks Nafallo
<binBASH> works
<archer>  the fact is i am trying this solution, but find no such script withing ubuntu http://www.linuxquestions.org/questions/linux-software-2/use-etc-init-d-squid-to-start-both-instances-789835/
<archer> where is the /etc/init.d/xxxxx files in maverick now?
<lenios> in /etc/init.d/
<archer> /etc/init.d/squid ---- no such fine in maverick
<lenios> archer, dpkg -L squid
<archer> nice. i have to read a while
<archer> but could you tell me the launcher's file name.. just squid?
<lenios> paste the result of dpkg -L squid
<lenios> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<archer> i will be ...ticked
<RoAkSoAx> lenios: /etc/init/squid? Squid should be using upstart instead of the legacy init scripts in Maverick
<RoAkSoAx> archer: ^^
<archer> haha
<archer> i am with a server in a vm
<archer> that is to say i cannot copy and paste
<archer> i thought it is /etc/init/squid.conf
<RoAkSoAx> archer: indeed, always forget anbout the .conf xD
<archer> it appears like kinda readable script
<lenios> archer, good
<archer> thank you both
<archer> btw.. is that possible to make squid 2.7 to work as both r-proxy and normal proxy ?
<archer> it seems too different from 2.2 .. and as long as cache_peer is there, they don't forward normal proxy request
<lenios> i'm not a squid expert
<RoyK> archer: it is, but why?
<RoyK> archer: for a reverse proxy, I'd recommend varnish
<archer> since what ... don;t know habit?
<archer> RoyK: would you help me to find a conf example for varnish, in roles of both rproxy and normal one?
<archer> i don't need cache actually
<archer> i just make use of such to enhance security infrastructure
<archer> it is a httpd router for me only. but i think i am just used to squid, which is actually ... no longer the one i like
<archer> i cannot find varnish examples or ez start manual at the moment ... although it is even tougher for me to read squid launch script
<RoyK> archer: squid is good for caching - varnish for reverse cache
<RoyK> archer: you can combine the two, though  http://blog.tedd.no/index.php/2010/07/30/setting-up-debian-with-varnish-as-internet-proxy/
<archer> but i need no such a function. for security concern cache need managing ..... another nightmare
<archer> RoyK:  i cannot understand the necessary in the link
<RoyK> brb
<archer> there is no wiki,guide config examples....
#ubuntu-server 2010-12-26
<Drama> Hey, I have a Ubuntu-Server and I have a question regarding security-updated. I just successfully tried to exploit my Apache. There is information about a vulnerabilitie on USN but my server doesnt suggest to update anything! (Although I have security.ubuntu in my sourcelist)
<Drama> Why Ubuntu dont suggest security-updates?
<lenios> what's your apache version?
<RoyK> Drama: is this a new exploit?
<Drama> RoyK: No.http://www.ubuntu.com/usn/usn-1021-1
<chrisjuric> does anyone know how to configure a base password for root on slapd (openldap?) i wasnt promted to choose on upon installation of apt-get install slapd
<chrisjuric> thaks
<patdk-lap> didn't realize openldap had a base password
<chris-im> well it should ask u for a root one for it. im just trying to login with phpldapadmin
<lenios> Drama, what's your installed apache version?
<chris-im> is there away i can set one up after the fact?
<Drama> lenios: 2.2.14
<lenios> full version
<qman__> dpkg -l | grep apache2
<Drama> now I updated using a deb to 2.2.14-5ubuntu8.4
<lenios> ubuntu8.4 should be on repositories
<Drama> when i run apt-get upgrade i saw   linux-headers-generic linux-headers-server linux-image-server 0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
<lenios> what does "apt-cache policy apache2-common | grep -v Candidate" returns
<lenios> after an apt-get update
<qman__> my servers are running ubuntu8.4
<Drama> lenios: sure
<patdk-lap> I see ubuntu8.4 in apt here
<patdk-lap> and I have default installed sources
<qman__> same
<Drama> lenios: apache2-common:   Installed: (none)   Version table:
<lenios> apache2 then
<Drama> *** 2.2.14-5ubuntu8.4 0         500 http://security.ubuntu.com/ubuntu/ lucid-security/main Packages
<lenios> then you'll get it from repositories
<patdk-lap> I show it in security and in updates
<Drama> mh strange oO
<patdk-lap> you didn't forget an apt-get update did you? :)
<Drama> patdk-lap: mh nope ... but its almost 4 am maybe i rly did -.-
<Drama> ill get some sleep thx!
<uvirtbot> New bug: #694398 in cyrus-sasl2 (main) "FTBFS in Natty" [Undecided,New] https://launchpad.net/bugs/694398
<Morocco> Night here..
<AnAnt> Hello, how can I disable an LDAP account without deleting it ?
<AnAnt> I am using OpenLDAP
<joschi> AnAnt: assign an invalid password, e. g. just '!' instead of a password hash
<AnAnt> joschi: ok, but I think the problem of this method is that if the user had already put his SSH key on some machine, he will still be able to login to that machine without password
<joschi> AnAnt: not with a non-interactive shell like /bin/false or /sbin/nologin
<AnAnt> joschi: so I shuld change the shell too
<joschi> AnAnt: if you have users, which use another authentication mechanism than passwords, yes
<joschi> AnAnt: generally it also depends on what kind of users you're talking about
<joschi> AnAnt: system users, users for specific services with their own login mechanism, etc.
<AnAnt> joschi: ok, I used ldapmodifyuser to change the pasword to !, but it is still a hash
<joschi> AnAnt: yeah, because you entered '!' as password which is being hashed by ldapmodifyuser
<AnAnt> so, what should I do ?
<AnAnt> joschi: ^
<joschi> AnAnt: use ! instead of a hashed password. or just try to assign another shell. maybe that's sufficient for your needs
<AnAnt> joschi: I mean, how do I use ! instead of hashed password ? ldapmodifyuser seems to hash '!' when I enter it
<joschi> AnAnt: change the value with ldapmodify
<AnAnt> ok
<AnAnt> joschi: same result with ldapmodify
<AnAnt> joschi: ah, removing userPassword field from the user works ! Thanks !
<cyclobs> hey guys, having trouble installing ubuntu server 10.10 tried USB and cd with same result. keeps coming up with a base install error. might need more info then that for yous. lol
<cyclobs> using 64bit
<chrisjuric> anyone active?
<Patrickdk> never
<chrisjuric> anyone know the best protocol to network wtth OSX snowleopard machnes... samba, ldap, afp?
<clusty> chrisjuric: to exchange files ?
<chrisjuric> ya basically as a NAS... set up shared drives
<chrisjuric> ... but with authentications etc.
<clusty> chrisjuric: i am using both AFP and SAMBA
<cyclobs> 10.04.1 failed too :S
<clusty> prefer AFP since autoumount does not throw an annoying window when losing connectivity
<chrisjuric> any guides or links how to set up that up... are u using AFP for osx computers and SAMBA for windows? pointing to the same shares??....
<cyclobs> why wont server 64bit install :S
<chrisjuric> ya how do you use disable that error message.
<chrisjuric> soo annoying
<clusty> chrisjuric: linux shares all it can share. mac os can mount whatever it wants (usually AFP cause i also added an entry for bonjour to advertise services properly)
<clusty> lemme look for it
<chrisjuric> i got this guide. but looking for more cause its usually tricky..
<chrisjuric> http://www.kremalicious.com/2008/06/ubuntu-as-mac-file-server-and-time-machine-volume/
<clusty> chrisjuric: you need to give up if you find that tricky. linux might not be your thing
<clusty> but it became easier
<clusty> no need to recompile AFP
<clusty> anymore
<clusty> and no need to tweak share options either, just shares
<clusty> chrisjuric: start sweating and if you run into trouble ask, and somebody will help
<chrisjuric> lol dont worrie i wont give up over this lol... its just new to me...
<chrisjuric> thanks.
<clusty> chrisjuric: i'll stick around for some 30min more so you can ask. starting with installing afp (sudo apt-get install netatalk)
<chrisjuric> im away from the serv just fishing for info... its almost 5am here i gatta hit the hay... im just learning netowrking/server admin (ubuntu) as a side project sorta. im a web developer thats looking to take up better business organization practises basically.
<chrisjuric> want to get a little centralized network going for storing git repo's , staging sites, backups etc
<chrisjuric> just toying as of now. no production deadline to install a huge company wide network or anything huge.
<cemc> if I want TRIM support on Lucid, which kernel is recommended from here?: http://kernel.ubuntu.com/~kernel-ppa/mainline/ ? I need 2.6.33+
<aegis> Hi all...  Does anyone know of a sever base ebay auction sniper for ubuntu that utilizes a web interface?
<Slyboots_> Hi; and a Merry Christmas to everyone ;)
<Slyboots_> Hm.. Im currently using vnc4server for my VNC needs; but an application I use needs XRender support.. but Im somewhat confused on how to actually enable it
<Slyboots_> Id ont have an Xorg configuration file (its a headerless server with just X11-core installed (with Fluxbox)
<Slyboots_> Anyone? :D
<uvirtbot> New bug: #694493 in postfix (main) "postfix default installation yields errors with encrypted user directories" [Undecided,New] https://launchpad.net/bugs/694493
<uvirtbot> New bug: #669371 in openssh (main) "Getting MAC corruption every first time I use ssh in some way" [Undecided,New] https://launchpad.net/bugs/669371
<uvirtbot> New bug: #694518 in cyrus-sasl2 (main) "saslauthd can't be started after installation" [Undecided,New] https://launchpad.net/bugs/694518
<Karti> Hi all, is it better to give  server a fixed IP rather than lock it down to a fixed ip address from within a dhcp server ? Cheers
<gobbe> fixed is better, if you dhcp server is down atleast your server has ip
<Karti> gobbe, Good comment thanks
<gobbe> Karti: but it's more like a safe case, of course it's much easier to change whole subnet when using dhcp but i would go with fixed ip's on servers
<Karti> gobbe, Happy with that. I have stated along that line now so the dhcp going down is a good point
<Enzoplex> Hello everyone. I have a minor issue and not sure how it started. Whenever I restart my home server, my /etc/resolv.conf is "erased". Here is the output of my /etc/resolv.conf:
<Enzoplex> # Generated by NetworkManager
<Enzoplex> Just that one line
<gobbe> disable networkmanager
<gobbe> Enzoplex: did you use server installation for that?
<Enzoplex> Yes
<gobbe> you could either remove whole package
<gobbe> or just sudo update-rc.d NetworkManager remove
<Enzoplex> Thanks gobbe. Let me reboot and see how that comes along. BRB.
<Karti> Enzoplex, is the resolv.conf not recreated each time the network is restarted? I was under the impression that you could add the details to /etc/network/interfaces (however I am just learning :) )
<gobbe> Karti: if you have static networking resolv.conf should not be recreated every boot
<gobbe> in every boot
<gobbe> that's just feature of networkmanager
<Karti> gobbe, so if I delete resolv.conf from a server that has iface eth0 inet static then it doesnt matter that its there?
<gobbe> what is there?
<gobbe> if you delete it, you cannot access anything with names
<Karti> sorry.....if I delete the resolv.conf will it matter that it doesnot exist?
<gobbe> well. if it's not there you cannot access anything with names
<gobbe> because DNS-servers are configured in resolv.conf
<gobbe> :-)
<Karti> gobbe, sorry to be a pain.....but as I am still learning this, I have added these details to my /netwok/interfaces
<Karti> dns-nameservers 192.168.220.2
<Karti> but in my resolv.cong I have nameservers 192.168.220.2
<gobbe> aah, ok
<gobbe> you can use that also
<Karti> I thought this would stop the resolv.conf changing ech time
<gobbe> that's one possible way
<Karti> or at least not have an effect
<Karti> I was just looking for the most effective as there are a number of ways to do it in Google :)
<gobbe> Karti: yes. that's one way to do it, and maybe even better :-)
<gobbe> Karti: but i'm old school and using just plain resolv.conf :-D
<Karti> lol What I might have got it right!!
<Karti> Admittedly its all VM but what better way to learn :)
<tonyyarusso> Does anyone know if there is a plan for when Ubuntu will make Python 3 the default?  (Or is it already in Natty?)
<Karti> gobbe, Many thanks for the help earlier :)
<Enzoplex> gobbe: I rebooted a few times, and I have removed 'network-manager-kde' along with running the update-rc.d command.
<Enzoplex> Still using the blank /etc/resolv.conf
<Enzoplex> How do I reconfigure my network so that a new config is taken?
<Enzoplex> Something is telling it to remove it all.
<gobbe> Enzoplex: you need to change it also
<gobbe> Enzoplex: add there your nameservers
<gobbe> Enzoplex: nameserver x.y.z.y
<gobbe> Enzoplex: or add line dns-nameserver x.y.z.y to /etc/network/interfaces
<Nafallo> gobbe: that that options in /e/n/i actually do anything without the package resolvconf installed?
<gobbe> hmmh
<Enzoplex> I'm on my server now, I have a working /etc/resolv.conf.GOOD that I cp after every reboot.
<Enzoplex> I just added the nameservers to the /etc/network/interfaces file.
<Delerium_> Hi, I just got a brand new system and I'm trying to install Ubuntu Server 10.10.  Problem is: Ubuntu don't see my HD, while Windows 7 does.  It's a SATA 6GB.  Does Ubuntu server support Sata 6gb ?
<qman__> Delerium_, it's not really a matter of supporting SATA 3, it's a matter if your disk controller is supported by the linux kernel version in ubuntu 10.10
<qman__> step one is finding out what controller it is
<qman__> step two is looking up whether it has linux support at all, and if it does, when it was added to the kernel
<Delerium_> qman__: K, the onctroller is a "Marvel"
<qman__> you'll have to find an exact model number
<qman__> e.g. Silicon Image Sil3114
<patdk-lap> lspci :)
<qman__> most manufacturers still make their hardware for windows, not for linux
<qman__> so when you buy a machine to run linux, you need to make sure it's compatible before you buy
<qman__> compatibility is pretty good, but the bleeding edge, brand new stuff is still risky
<Delerium_> I should have think of that before, you are right
<qman__> it may just be that support exists but wasn't added until a newer kernel version
<qman__> in which case you can probably work around it by netbooting the installer with the updated kernel
<qman__> but you may have to wait a while before drivers exist, too
<davros-> ? is it possiable to install or does server come with the ubantu GUI?
<qman__> davros-, ubuntu server does not have a GUI installed, you can add one later if you really want to, but it's not recommended
<Delerium_> qman: Thanks, I will reboot to get the right model, and come back soon
<davros-> ok thx
<davros-> thats fine i guess i have desktop for the gui then :)
<qman__> you can install it, and it will work fine, but it adds significant overhead and increases your attack surface, and doesn't add any real benefit to administering a server
<davros-> ahh ok....
<qman__> servers should be configured to the bare minimum, do what you need and that's it
<qman__> it keeps your performance high and risk of compromise low
<davros-> ya cuz y would you really need a gui on a server lol
<davros-> cool i'm gonna set up an apache and hosting server soon
<davros-> file hosting
<Delerium_> Ok, so controller is a Marvell 88se91xx
<qman__> a quick google shows that at least some chips in that family have linux drivers
<Delerium_> That's what I saw, I'm still googling around ;) Anyways, It's a box I setup for testing purpose, server, new os, and I'm in vacation for the whole week, so no rush at all
<Delerium_> just playing around with new tech ;)
<qman__> from what I
<qman__> I've seen, marvell is pretty good when it comes to linux support, so I'd expect it to work out of the box when 11.04 releases
<qman__> it might work if you netboot/USB boot a newer kernel
<monotoko> hi guys, can anyone help me set up nameservers?
<Delerium_> qman: Thanks, I'll try this wit a more recent kernel
<Monotoko> I have 2 dedicated IP addresses and a dedicated server....but I'm not sure how to configure the IP's as nameservers so domains can hit my server
<Delerium_> qman: got it to work!
<Delerium_> qman: in the BIOS, set the Marvell Controle to AHCI instead of IDE
<qman__> ah
<qman__> you want AHCI anyway
<qman__> IDE mode is just a compatibility trick for older systems like XP
<Delerium_> That's what I just read... damn... I haven't been playing with PC for more than 4 years... Kind of lost a bit
<patdk-lap> hehe :)
<patdk-lap> ya, not using ahci is like 4years old :)
<patdk-lap> monotoko, I have no idea what you want :)
<patdk-lap> you have a server, and it has 2 ip's
<patdk-lap> now you want to be able to use dns on that server? or you want other people to access your server to look up stuff?
<Monotoko> say someone has a domain
<Monotoko> I want them to be able to point to my nameservers
<Monotoko> and those to point the domain to my server
<patdk-lap> ok, so you just need to run a dns server on your ip
<patdk-lap> and have people set the ns to your name, in their glue records at their domain registar
<patdk-lap> normally you would name it something easy for them to remember, like, ns1.example.com
<Delerium_> Another little question, not ubuntu related, but you know the answer: I dual boot with Ubunber Server + Windows 7. I have 500gigs in free space that I want to use to share VM for both OS, is that possible?
<Delerium_> like using FAT32, so both OS can see the VM ?
<Monotoko> its possible using virtualbox
<Monotoko> as it is a cross-platform system
<Delerium_> That's what I tought, thank Monotoko
<Monotoko> Delerium_,  :) make sure you get the PUEL version and not the OSE on the Linux side
<Monotoko> you will need to download the debs from the website
<Delerium_> Mono: Thanks ;)  I'll give it a try
<yann2> hi! has anyone tried using the "tmt" package lately? it seems quite broken to me, but it might be my parameters
<yann2> tct sorry
<ziesemer> How can I validate that a X509 private key belongs to a given public certificate?  Thinking I should be able to use certtool, but only get "Error in DER parsing errors".  Otherwise, is there another channel I should be asking in?
#ubuntu-server 2011-12-19
<looseparts> bump?
<EvilResistance> looseparts:  you need *tons* of patience here, fwiw
<looseparts> thank you. like... many hours. I can do that : )
<pythonirc101> how do i make /var/run writable by group www-data?
<twb> pythonirc101: you don't; what is the broader goal?
<twb> Guessing, the answer is probably start-stop-daemon(8) or even init(5)
<pythonirc101> twb: Here is my problem
<pythonirc101> I'm using uwsgi that creates ".sock" files in /var/run -- and it gives me a warning that i'm running it as root
<pythonirc101> so i thought i'd run it as a webuser
<pythonirc101> when i do, i get permission denied
<twb> Usually daemons create a pidfile and then change UID
<twb> Or you don't bother creating a pidfile, just let upstart take care of it for you
<pythonirc101> I guess i'm stuck with uwsgi -- at least for now
<twb> pythonirc101: is that a daemon or what?
<pythonirc101> you can run it in both modes
<pythonirc101> trying to figure it out
<yaboo> other than using ufw for firewall, if I was to use iptables, where would the config file reside so that it is loaded during boot please?
<twb> rulesets are not loaded at boot by default
<twb> You probably want either ufw or iptables-persistent, or do it by hand.
<twb> Note that rulesets can and should be loaded BEFORE the network interfaces exist; all you need is $local-filesystems.
<sp4z> anybody know why logwatch is not emailing me apache information? i have the http.conf in the logfiles folder and it errors correctly if i put a break in the http.conf but i just dont get anything via email? there is information in the logs..
<twb> logwatch or logcheck?
<yaboo> twb ok, so I guess its ufw then
<sp4z> logwatch
<twb> sp4z: sorry I don't do logwatch
<sp4z> also, i AM getting logwatch emails just missing the apache2 log file information
<twb> You might need to enable the apache module within logwatch?
<sp4z> yep i had. i had the wrong date range though >x|
<sp4z> thanks anyhow twb
<sp4z> all fixed
<pythonirc101> how do i find out which package installed uwsgi?
<pythonirc101> which is in /usr/local/bin/uwsgi
<pythonirc101> dlocate?
<twb> pythonirc101: packages are not allowed to install in /usr/lcoal
<twb> Therefore you have installed it by hand which is Bad Juju
<looseparts> Hello - I'm moving my servers from their own static IP addresses to an ISP where I'll be connecting via DHCP - I have installed ddclient, but do not know how to adjust my apache2 httpd.conf
<twb> Why would you need to adjust your httpd.conf ?
<twb> Do you listen on 1.2.3.4:80 instead of just *:80 ?
<looseparts> my httpd.conf lists my static IP addresses that are my static ones and they're going to change
<looseparts> here's my current httpd.conf (ten years old)...
<looseparts> Here's my httpd.conf:
<looseparts> = = = =
<looseparts> NameVirtualHost 69.9.xxx.xxx
<looseparts> ServerName 69.9.xxx.xxx
<looseparts> <VirtualHost 69.9.xxx.xxx>
<looseparts> ServerName something.com
<looseparts> DocumentRoot /www/html
<looseparts> </VirtualHost>
<twb> STOP
<twb> Pastebin
<looseparts> sorry.. I don't know how to use pastebin.
<twb> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<looseparts> http://paste.ubuntu.com/774985/
<twb> Are the xxx's all the same?
<twb> It would be easier to help if you didn't elide useful information
<twb> Anyway, you would normally just have <VirtualHost *>
<looseparts> i don't want to publicize my ip addresses
<twb> Don't be such a big girl
<twb> If your security relies on keeping your IP address secret, you are fucked.
<twb> Sorry that should be <VirtualHost *:80>
<looseparts> might be without knowledge rather than cowardly
<looseparts> can you point me to an example of an httpd.conf that will work w/ dynamic IP ?
<twb> NameVirtualHost *:80 \n Listen 80 \n <VirtualHost *:80> \n ... </VirtualHost>
<looseparts> does \n mean new line ?
<twb> yes because I'm too lazy to pastebin
<twb> You might also want to try #httpd
<looseparts> k thank you
<looseparts> I must say that I found pastebin to not require much effort.
<yaboo> whats the best way to turn my 10.04 server for a internet gateway, has two nics, one to a adsl unit
<yaboo> currently have my own script that is applied during boot time, can I use ufw to automate this
<whalesalad> hey guys! I just updated to precise pangolin, now two of my VPS' are sitting at a GRUB screen and I am at a total loss
<whalesalad> during the update it asked me if I wanted to install the upgraded grub and I said no
<twb> whalesalad: did you maybe upgrade from grub1 to 2 without installing the new MBR ?
<whalesalad> twb: that is possible. it said something on the lines of "if you're not using a boot loader or using a headless machine blah blah" say NO
<whalesalad> so I didâ¦ since these don't have displays they're just in a closet somewhere
<twb> You know 12.04 hasn't been released yet, right?
<whalesalad> did not know that
<twb> You're not supposed to use it unless you're capable of fixing these kinds of issues
<twb> Unfortunately I'm stll on 10.04 LTS and I'm not familiar with your specific issue, and I usually "fix" grub issues by throwing it out and installing extlinux, but that is not something newbies should be doing.
<whalesalad> fantastic
<twb> You probably want to start by booting a live CD, chrooting into the system on disk and issuing a grub-insatll and update-grub
<whalesalad> unfortunately these are in a different continent
<whalesalad> I have a grub terminal
<twb> I'm a pretty big anti-grub bigot because when I try things like that it often goes tits-up, ilke e.g. I boot from a rescue USB key and grub decides to install itself on top of the key instead of the HDD :-/
<twb> whalesalad: so you have some kind of LOM?
<whalesalad> i'm not familiar with that word, LOM
<twb> lights-out management
<twb> As in you can see grub despite not being physically present
<whalesalad> basically i've got a client in sweden who gave me some vmware credentials and told me to get two servers setup
<twb> LOM is about the same as KVM over IP.
<whalesalad> yes, exactly, I have a vmware console open where I can do that
<twb> OK, so these are virtual machines
<twb> In that case you can just tell vmware to boot from CD and give it a live CD as an ISO
<whalesalad> twb: thanks for your help, fortunately there are some guys at the datacenter who are either gonna just wipe these and install 11.10, or try and fix this issue
<pythonirc101> I've a daemon that i can run using -- > "/usr/bin/uwsgi --emperor /etc/uwsgi --pidfile /var/uwsgi/uwsgi.pid --daemon /var/log/uwsgi.log" -- how do i run it at startup on ubuntu server?
<eprasad> rc.local ?
<pythonirc101> eprasad: vs /etc/init.d? -- which one and why?
<eprasad> /etc/rc.local coz this scripts executes after all other init scripts.
<eprasad> whatever you put in this file gets executed on reboot.
<pythonirc101> thanks
<eprasad> np pythonirc101
<twb> Sigh, 12GB single-folder maildir
<twb> pythonirc101: write an /etc/init/uwsgi.conf containing these lines: "start on runlevel [2345]" "stop on runlevel [^2345]" "respawn" and "exec uwsgi --emperor /etc/uwsgi --daemon /var/log/uwsgi.log".  Note: no --pidfile.  You may also need either "expect fork" or to tell uwsgi not to do an extra fork.
<twb> Sorry, "expect fork" or "expect daemon" -- depends on whether it zero-, single- or double-forks.  Often you can simply tell it not to with an option like --foreground or (sometimes) --debug
<whalesalad> pythonirc101: i'd roll with supervisord
<whalesalad> its python based and i use it for managing uwsgi processes
<pythonirc101> twb: am talking to the author of uwsgi -- brb :)
<pythonirc101> how do i find out who installed /usr/local/bin/ubuntu -- without installing dlocate?
<twb> dpkg -S
<twb> But it won't be any .deb because that would violate policy, so either it is an EXTREMELY poor .deb, or it was installed by hand.
<pythonirc101> twb: dpkg: /usr/local/bin/uwsgi not found.
<pythonirc101> means someone else installed it?
<twb> (dlocate is just a cached version of dpkg -S)
<twb> pythonirc101: precisely
<twb> pythonirc101: someone with superuser privileges and no brain
<pythonirc101> its called python pip i think
<twb> You mean the cheeseshop thing?
<twb> A la cpan/cabal/pear/&c ?
<pythonirc101> twb: k I think i can write a /etc/init/uwsgi.conf
<pythonirc101> what do i do after that -- how do i deploy it?
<pythonirc101> twb: something like this -- http://projects.unbit.it/uwsgi/browser/contrib/upstart/uwsgi.conf ?
<whalesalad> pythonirc101: honestly take a look at supervisord
<whalesalad> quick google search reveals this which is similar to my setup: http://lurkingideas.net/deploying-django-projects/
<whalesalad> i gotta run though
<twb> pythonirc101: uh, "deploy" it by putting the init script there and doing "start uwsgi" or so
<twb> init script looks OK to me at a glance
<pythonirc101> twb: thanks -- but my executable line looks like: exec $BINPATH --manage-script-name  --emperor "/home/cg/www/*.xml" --pidfile /tmp/uwsgi.pid --daemon /var/log/uwsgi.log
<pythonirc101> so i remove the "--pidfile..." and "--daemon ..."  as well?
<twb> Depends on uwsgi, which I'm not familiar with
<pythonirc101> lemme try with both in...see what happens?
<twb> Basically you rely on upstart to track the PID and you want to make sure the app doesn't change its own PID, either by forking during startup, or by e.g. completely restarting itself on HUP
<twb> The latter is uncommon; nsd3 is an offender :-/
<pythonirc101> k, so i dont have to track it then ?
<pythonirc101> hence no --pidfile
<twb> Right
<twb> Unless something else needs to, which is unlikely
<pythonirc101> k, trying
<twb> upstart makes adding new daemons easy provided the daemons behave the way upstart wants
<pythonirc101> looks like its working...does it automatically start at reboots?
<pythonirc101> nah didnt work
<pythonirc101> oops
<pythonirc101> that broke my machine? upstart?
<twb> You might want to remove "respawn" while debugging
<pythonirc101> rebooted, can cant ssh to it!
<twb> it surprises me that you managed to trash it that badly with that one change
<twb> upstart is pid 1, it's in charge of everything, so it's certainly POSSIBLE
<twb> Sorry about that, maybe I should've made that clearer
<pythonirc101> so what really happened?
<twb> I don't know
<twb> upstart is a stone cold bitch to debug
<pythonirc101> i dont have access to the physical machine...! :(
<twb> I guess at this point you need to call the local NOC monkey and get him to go look at the scren
<twb> *screen
<twb> Maybe try to get him to turn off the uswgi job
<pythonirc101> its a virtual machine...lemme see if i can see its output
<pythonirc101> nope
<pythonirc101> twb: so someone has to login in single user mode and remove /etc/init/uwsgi.conf and reboot?
<Zanzacar> I am confused and dont know where to look. If I do ls -lh I get an iso to be 695M but the gui properties say 726M? whats going on?
<Zanzacar> actually it is 729, it appears as if when it converts from bytes to megabytes it is just dividing by 1000 instead of 1012 but why?
<pythonirc101> twb: will that work by any chance?
<twb> pythonirc101: well, it depends why it went tits-up
<twb> pythonirc101: but booting into single or break, or a live CD, is most likely to work
<pythonirc101> twb: after that if we remove that file, should work, right?
<twb> pythonirc101: well, it depends why it went tits-up
<pythonirc101> i didnt change anything else
<pythonirc101> i am hoping it was that
<pythonirc101> twb: i'm in
<pythonirc101> not sure what happened, i rebooted again, removed uwsgi.conf
<twb> Dunno, sorry
<pythonirc101> cool
<pythonirc101> i'm back up
<twb> That shouldn't take out sshd
<twb> If you were messing with plymouth or mountall jobs, THAT could easily take out sshd, but shouldn't be runlevel [2345]
<pythonirc101> i've no clue what happened...maybe it was just waiting for something too long
<pythonirc101> i dont see why i should not just stick that daemon in rc.local?
<twb> Because upstart is better and just as easy?
<twb> With upstart it'll restart if it dies, and allow easy manual restarting and reloading
<twb> rc.local's a filthy hack
<pythonirc101> twb: Is there a way to replicate a machine thats online with ssh access locally?
<twb> Define "replicate"
<pythonirc101> i guess i cant -- since the hardware is different there...and i've no clue what virtual machine i'm running on...
<pythonirc101> i wud like it to behave as close to the machine online as possible :)
<Zanzacar> Does anyone know why in the terminal I get 695M with ls -lh on a file, but in nautilus I get 729M?
<pnorman> Zanzacar: that difference works out to a factor of (1024/1000)^2, could it be that?
<twb> Zanzacar: du, du --apparent-size ?
<twb> Yeah could also be what pnorman says
<twb> ls -hl, ls -hl --si
<Zeroe> Can anyone direct me to a good documentation on securing ubuntu server edition for commercial use in eCommerce. I probably won't be hosting it in the end, but I would like to know the ins and out in order to administer it better when it is hosted at a service
<Vivek> How do I provide a user name and password for automated servers I bring up via orchestra ?
<Vivek> I have the server up and running but no login credentials.
<koolhead11> hi all
<eprasad> Hello koolhead11
<koolhead11> eprasad: hi
<eprasad> Vivek, what's the orchestra?
<eprasad> Yup koolhead11 tell me
<Vivek> eprasad: I did not get  you. What do you mean by 'what is the orchestra?' ?
<eprasad> In last reply you mentioned that you bring up server via orchestra. I just want to know what is the orchestra here ?
<koolhead11> !orchestra
<Vivek> eprasad: Ubuntu Orchestra.
<Vivek> eprasad: https://launchpad.net/orchestra
<drt24> Vivek: so I think that tere is no password for login - it is done via ssh keys
<Vivek> ok.
<eprasad> Oh! ubuntu release codename :
<drt24> eprasad: no.
<Vivek> If I install 100 server do I need to set ssh keys for all th100 servers ?
<Vivek> I don't think that is practical.
<drt24> Vivek: the ssh key specified on the the control sever should get propagated to the servers that get created
<drt24> automatically
<eprasad> Oh, Got it, similar to kickstart in fedora
<Vivek> Can you kindly point me to any docs ?
<Vivek> eprasad: Orchesta is a cloud management software.
<drt24> Vivek: http://cloud.ubuntu.com/2011/10/getting-started-with-ubuntu-orchestra-servers-in-concert/ http://cloud.ubuntu.com/2011/09/oneiric-server-deploy-server-fleets-p1/
<drt24> though I found that there were some issues not covered in those guides which took me a little while to work round.
<drt24> still at a developer preview level of stability and documentation on the basis of my one attempt to use it with juju
<Vivek> drt24: I have followed those docs.
<Vivek> drt24: Point me to ssh key authetication section please.
<drt24> sorry, I don't know where to find that.
<Vivek> drt24: ok.
<Vivek> But you just said that authentication was via ssh  keys, right ?
<drt24> I think that it is - that is how I understand it to work, using passwords would be wrong.
<alex__> hello everyone! how to make writing permissions in samba? i need it for different autentificated users.. how to add users, and manage permissions?
<Vivek> drt24: No it is not, just figured out. The default user name is ububtu and password is ubuntu.
<Vivek> drt24: I had to check the pre-seed file for it.
<Vivek> alex__: Please ask in #samba
<alex__> cheers mate!
<drt24> Vivek: but you can't use that over ssh right?
<Vivek> You can do that.
<drt24>  /o\
<Vivek> You can ssh into that newly deployed machine from the server as it has an I.P address range on the second ethernet card the same as the newly deployed machine.
<Vivek> Not from the external world yes.
<drt24> I still really dislike that.
<drt24> one app on one node gets compromised and suddenly all your machines are compromised.
<samba35> i have installed virtualbox on ubuntu and want to configure vde networking  after getting vde console i am not able run any command
<Techdude101> Strange problem, I have 2 ubuntu machines, 1st has a samba share and when I mount it on the 2nd machine it changes the uid of the folder
<zul> good morning
<a_ok> I need an updated version of tar (1.23) on a Hardy machine. What would be the best way to achive this?
<xranby> a_ok: try apt-get source tar  and rebuild the package using dpkg-buildpackage
<xranby> also you need apt-get build-dep tar
<a_ok> apt-get source tar gets mee 1.19 sources
<drt24> a_ok: generally what I try is seeing if a later version of ubuntu has the package in the correct version and is still compatible with the dependencies in the version of ubuntu I am using.
<a_ok> xranby, it seems that the only dependency that is different from the mavarick package is libc. could I use those sources?
<xranby> yes
<xranby> a_ok: hold your thumbs if it compiles then it most likely runs as well
<xranby> a_ok: if it break then you get to keep the parts
<a_ok> xranby, I can't figure out how dpkg-buildpackage works
<a_ok> xranby, ah never mind need dpkg-source first ;)
<goddard> my server keeps booting my out of my ssh session after i login I get "Connection to 1.1.1.1 closed."
<uksysadmin> goddard, ssh -vvv 1.1.1.1 to see if that helps
<uksysadmin> tail -f /var/log/{messages,syslog,secure} on the server
<uksysadmin> (if you have alternative access to said server to tail the logs)
<a_ok> xranby: I think everything ran succefull but now what?
<xranby> cd ..
<xranby> a_ok: you should have a .deb file built
<xranby> a_ok: dpkg -i tar*.deb
<a_ok> Ah lol now I see it ../tar_1.23....
<xranby> a_ok: install it and then you should be using tar 1.23 on your hardy system
<goddard> uksysadmin: gave me exit status 53
<xranby> he did?
<a_ok> Thanks xranby seems to work
<xranby> a_ok: excellent! you have just done a backport of tar to hardy
<xranby> goddard: sorry.. i thought something went wrong with a_ok deb install
<goddard> xranby: no worries
<yakster> hello allâ¦.
<yakster> have an issue, perhaps one can help
<yakster> what happened if I go to sudo a command, it says I must use "setuid root" - Install super, but I cannot sudo apt-getâ¦. make sense?
<yakster> anyone?
<drt24> yakster: what is the command you are using?
<yakster> sudo apt-get â¦.. but I can't sudo, says I need to setuid, can't set kid cause I don't have super installed, I can't sudo apt-getâ¦. stuck in a loopâ¦
<drt24> what is the exact error message you get when you do sudo apt-get install <package>
<drt24> where <package> is the package you are trying to install
<yakster> "sudo apt-get install â¦. " package is not of the matter, I can't sudo ANYTHINGâ¦. says I must "setuid root"
<drt24> what is the exact error message
<xranby> yakster: do you have a root password set on this machine? if so then you can run su and login
<yakster> ok, so you can't login as root, you have to login as a user then su?
<uksysadmin> goddard, any other info? like - user not in allowed groups, or your key isn't accepted.. maybe disk full on your server?
<drt24> your really really should not need to login as root
<drt24> yakster: what is the exact error message you are getting?
<xranby> yakster: it sounds to me like the sudo command have the wrong premissions set on your system so if thats the case ... check if you can access the package manager
<xranby> and try remove and then reinstall sudo
<yakster> sudo: must be setuid root
<samba35> is there any gui program to start /install guest
<drt24> so what does stat `which sudo` give you?
<yakster> stat: cannot stat 'sudo' : No file or directory
<drt24> so what does "which sudo" give you?
<yakster> "/ usr /bin/sudo"
<yakster> "/usr/bin/sudo"
<drt24> and stat /usr/bin/sudo gives?
<yakster> stat: cannot stat 'sudo' : No such file or directory
<drt24> so stat /usr/bin/sudo fails with No such file or directory but /usr/bin/sudo gives must be setuid root?
<drt24> odd.
<yakster> yes
<yakster> wtf well I have a wife looking at me anxiously, sparently I spend to much time on this damn thingâ¦.
<yakster> I can't become root in aptitude, says it exited
<drt24> so I suspect that xranby is right and that somehow your installation of sudo has got broken and needs to be reinstalled but doing that is harder without having sudo
<yakster> yeah, ok thanks that is what I thought
<yakster> thxâ¦ bye
<a_ok> xranby: I tried to crosscompile for a am64 machine, this seemed to work (eg. it build fine) but when I try to start tar it says no such file /bin/tar and apt seems to need it
<a_ok> it just packed it as amd64 but it contains i386 files
<samba35> how to add time in grub /how to change default boot time of grub ?
<uvirtbot> New bug: #906382 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/906382
<rbasak> zul, could you review/upload https://code.launchpad.net/~racb/ubuntu/precise/ipxe/905099/+merge/86207 for me please?
<zul> rbasak: sure gimme a few
<rbasak> thanks!
<zul> rbasak: done
<rbasak> thanks zul!
<xranby> a_ok: for best result, take the up to date source and built it on the hardy machine directly
<xranby> a_ok: take the source from the i386 machine and copy it into the x86_64 hardy machine and then perform the build on the hardy machine
<zul> rbasak: no probs
<uvirtbot> New bug: #906410 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/906410
<Dl145> Hi, I've tried a couple of installations of Ubuntu Server 10.04 LTS AMD64 on my HP ProLiant Dl145 Server. im installing from a usb key.. The problem was, whenever I installed ubuntu, post installation when I booted up, there only was a blinking cursor.. Culdnt get to terminal or open Grub..
<Dl145> Now I'm installing for the fourth time, and I've noticed that the drive (36 GB) on which i want to install ubuntu on, is called SDB and the USB key is called SDA..
<lolufail> hi!
<lolufail> what is more wise: new server on 12.04 daily build, or 11.10, and then upgrade to LTS as soon as it's available?
<hallyn> lolufail: depends on what you are doing.  If there are customers accessing it, best to go with 10.04 or 11.10, not 12.04 yet!  12.04 is  under heavy development right now.
<adam_g_> if anyone wants to help with this massive nova SRU verification, keeping track of whats been verified @ http://etherpad.ubuntu.com/nova-sru-verification-dec-2011
<raubvogel> Will ubuntu 11.04 or above warn me of an expiring kerberos password? If so, how can I configure when it will warn me about impending doom?
<patdk-wk> raubvogel, ask pam?
<raubvogel> patdk-wk: trying to. I would think pam_krb5 would know, but it is not telling me.
<uvirtbot> New bug: #906500 in lxc (main) "lxc-create fails with errors that it is unable to access archive.ubuntu.com" [Undecided,New] https://launchpad.net/bugs/906500
<raubvogel> nfs question: does the -N 2 option in rpc.mountd mean not to offer NFSv2?
<twb> OK, I have a local apt repo made by hand with apt-ftparchive.  I have a bunch of hosts pointing at it.  ONE of those hosts doesn't trust the repo, and I can't see why.  They all have the repo's keys in listed apt-key.
<twb> What else can I check?
#ubuntu-server 2011-12-20
<twb> Sigh.  So if you have a 1GB server and unattended upgrades, and ubuntu kernels weigh even more than Debian ones (128MB each), you use up a quarter of your disk in a month :-/
<uvirtbot> New bug: #906654 in nova (main) "nova should depend on openstackx and load appropriate osapi_extensions by default" [Undecided,New] https://launchpad.net/bugs/906654
<zul> adam_g: you are evil
<zul> adam_g: while you are still here can you have a look at http://paste.ubuntu.com/775687/
<adam_g> zul: one sec
<adam_g> zul: its been so long since ive messed with that  stuff. isn't the userspace daemon required by the initiator utliities?
<zul> no
<zul> i dont think so
<adam_g> ah, i remember now.. iscsid is only used to establish preconfigured sessions
<adam_g> zul: that diff looks good as long as its been tested.  im curious to know if the tgt off-by-one error you guys were looking at was caused by a split brain between nova and iscsiadm?
<zul> adam_g: yeah basically iscsadm wanting one thing while tgtadm wanting another
<zul> but yeah that patch has been tested
<adam_g> zul: has it been tested after removing iscsid? what i meant was, iscsid restablishing a connection, bumping the lun index before nova had chance
<zul> adam_g: ill test tomorrow first thing its getting late here
<adam_g> cool
<kaushal> Hi
<kaushal> is there a way to know list of modules loaded or enabled in apache2 using CLI
<kaushal> I can see it in /etc/apache2/mods-enabled/
<kaushal> Server version: Apache/2.2.14 (Ubuntu)
<kaushal> on 10.04 LTS
<shauno> kaushal: that's essentially it.  or "apache2ctl -M"
<kaushal> shauno: thanks
<kaushal> shauno: what is static vs shared module ?
<shauno> I believe static are built-in at compile-time, shared are loadable modules you'll find in mods-available / mods-enabled
<kaushal> oh ok
<kaushal> Thanks shauno
<uvirtbot> New bug: #906735 in puppet (main) "package installation should create /var/log/puppet" [Undecided,New] https://launchpad.net/bugs/906735
<osmosis> anyone know how to troubleshoot a failing domain resolution?
<osmosis> $ host btcnearme.com
<osmosis> Host btcnearme.com not found: 1(FORMERR)
<koolhead11> hi all
<philipballew> where would i look in my logs to see if someone was messing with my server? or trying to gain access to it
<drt24> philipballew: /var/log/auth.log, in general many automated bots will be trying to gain access
<drt24> fail2ban will ban them after a few trys if you have that installed.
<philipballew> alright, im looking now. Yeah. I might wanna change ssh from 22 sometime
<drt24> philipballew: changing the port won't really add much security, disabling password based ssh and using key based instead and using fail2ban will provide much better security than changing the prot
<philipballew> alright. I need to just set up rsa keys again.
<philipballew> that isnt hard at all
<drt24> indeed
<philipballew> Thank you for the help
<angelete2> hi
<angelete2> i'm trying to install server 10.04 from a usb stick
<angelete2> but it breaks because "can't mount cd drive"
<angelete2> what can i do?
<drt24> angelete2: is this breaking in the BIOS or later? if in the bios is the boot order set to boot from USB before CD?
<angelete2> BIOS boot order is only from USB
<angelete2> it has no cd drive
<angelete2> installation begins, but it tries to mount cd, so it fails
<uksysadmin> angelete2, I've experience in the past that some USB sticks simply aren't bootable
<angelete2> i've installed on same server with same usbs stick ubuntu 11.04
<angelete2> but i need to downgrade it
<ikonia> angelete2: down grade what ?
<angelete2> ubuntu server
<philipballew> angelete2, try installing from a cd
<uvirtbot> New bug: #906878 in tftp-hpa (main) "package tftpd-hpa 5.0-21ubuntu2 failed to install/upgrade: subprocess installed post-removal script returned error exit status 127" [Undecided,New] https://launchpad.net/bugs/906878
<zul> good morning
<alex88> hi guys, i'm trying to use ovh failover ip, actually putting ip in browser i see the sites on the server, i need to route that ip to a vm, how can i do that?
<alex88> should i add before an interface alias?
<zul> hallyn: around?
<hallyn> zul: yup
<hallyn> (but not for long)
<zul> hallyn: is it cool to use lxc-attach with libvirt if you want to attach a block device to a lxc container
<hallyn> zul: I haven't looked at the blockdev support in libvirt-lxc at all
<hallyn> zul: but i shoudl think so
<zul> im thinking about getting euca-attach-volume to work
<dkn> can i decrypt an lvm in a script? i want to put a drive in, have the UUID trigger a script that will load the vg, load the lvm, decrypt the lvm, mount, and start a program
<zul> hallyn: the attach device stuff is non-existant in libvirt-lxc
<hallyn> well you could always use qemu-nbd and copy the device nodes for it into the container
<hallyn> (and add a cgroup whitelist entry)
<zul> hallyn: ooh....thats a good idea
<hallyn> for persistent libvirt vms that'd be harder, but for one-time euca-attach...
<zul> hallyn: yeah
<zul> thanks!
<hallyn> np, cool, can't wait to see it now :)
<SpamapS> dkn: you could probably do that with udev rules
<dkn> ya?
<hallyn> decrypt the lvm in what way?
<hallyn> is it dmcrypted?
<dkn> i don't recall the exact method, i actually cheat and use the GUI disk utility and just press "unlock volume" since it remembers the passphrase, then the device shows up in /dev/mapper/HERE
<dkn> basically, right now i 1.vgimport -a 2.lvchange -a y /dev/mapper/HERE 3.unlock 4. mount /dev/mapper/udisks-luks-uuid-yada /mnt/HERE
<dkn> once i'm done with the drive ~1hr i do the reverse to take it out and put in the next one, i'd just like to have some scripts to do it, idealy they'd run when i pop the drive in
<hallyn> like SpamapS said, you can do that from a udev script.  Take a look under /lib/udev/rules.d and /etc/udev/rules.d for examples
<dkn> :) thanks
<PedroGomes> Hi, semi-noob here. I' seeing a lot info about Ubuntu thin clients booting trough PXE, but what I aiming for is to boot a Ubuntu server image from a remote pre configured image in a way similar to a preseed installation.
<PedroGomes> any way to do this
<TeTeT> PedroGomes: works via pxe as well, think help.ubuntu.com contains some pages on it
<PedroGomes> TeTeT: can have, for example, a installed and configured image that as software X, Y and Z and you can boot it ate the same time on machine 1,2,3 and 4 ?
<PedroGomes> *can I have
<SpamapS> PedroGomes: there's a suite of tools in Ubuntu 11.04 and 11.10 called "Ubuntu Orchestra" that help setting up netboot automated installations
<SpamapS> PedroGomes: It centers a lot around 'cobbler', which has power control and pxe/dhcp configuration built in.
<PedroGomes> SpamapS: already have foreman doing thatâ¦
<PedroGomes> SpamapS: looking for a direct network boot, not a installation
<PedroGomes> btw, can someone find the link to download the tftp config files for Ubuntu, my google skills are not helping me....
<Tribaal> Hi folks, I have a litle question regarding vmbuilder - is this the right place to ask?
<SpamapS> PedroGomes: OH
<SpamapS> PedroGomes: you may want to look at LTSP
<SpamapS> PedroGomes: https://help.ubuntu.com/community/UbuntuLTSP
<PedroGomes> SpamapS: mhh thanks, but isn't LTSP for thin clients only?, making every client depend on a single server. I'm looking for something where I can download the installed image from the server and boot it like it was a installed natively.
<smoser> anyone want to do a quick merge proposal?
<smoser> https://code.launchpad.net/~smoser/ubuntu/precise/rsyslog/lp905419/+merge/86429
<PedroGomes> SpamapS: truth is that I feel like chasing a ghost, I remember seeing a similar systems years ago "Rembo", but the license feesâ¦
<SpamapS> PedroGomes: that sounds a lot like how cloud computing works
<SpamapS> smoser: I'll take a look
<PedroGomes> SpamapS: yep I have a OpenStack installation also, but I was looking for a bare metal solution
<SpamapS> smoser: +1'd
<Vagisil> anyone here ever built an SFTP server on 10.10?  I'm rather new to ubuntu server and need some documentation
<SpamapS> PedroGomes: openstack is looking at integrating cobbler as a bare metal option
<SpamapS> PedroGomes: though its more for things like ARM that have no good virtualization support
<PedroGomes> SpamapS: guided install and puppet was enough for me, but people are pressing me to find a way to deploy installed images
<PedroGomes> SpamapS: truth is, that systems existed, I just cant find something actual or open source
<SpamapS> PedroGomes: whats so bad about sticking kvm between the metal and the installed image?
<smoser> PedroGomes, sorry to jump in, but there is clonezilla and partition image that are (for lack of a better term) "ghost clones"
<PedroGomes> SpamapS: some people want the system to deploy images where they can test Xen appliances and such
<PedroGomes> SpamapS: its a cluster for distributed system experiments, some people want Vms other want bare metalâ¦.
<smoser> there is nothing in cobbler that will do "p2p". those solutions may be a faster than cobbler preseed installs, but cobbler could do what you want.
<smoser> ie, you could create preseed files for each of your "images", then when you install that fully automated preseed the end result is the same.
<PedroGomes> smoser: I have that, not trough cobbler but foreman, but I have people that want moreâ¦ thanks anyway
<SpamapS> PedroGomes: so a pre-seeded install takes, what, 10 minutes at worst? I bet a pre-installed image laying down on disk will take 5.
<SpamapS> PedroGomes: for test iteration, the openstack QA guys did something clever with LVM snapshots and kexec() that is pretty cool... you might want to talk to them.
<jhobbs_> preinstalled image you can multicast serve though ;)
<PedroGomes> SpamapS: the question is not time, its the personal configuration that you can achieve easily with personal images,
<PedroGomes> SpamapS: ok I will ask there
<PedroGomes> jhobbs: ah?
<SpamapS> PedroGomes: um, you can get that "personal" configuration easily with an install too.
<SpamapS> PedroGomes: you may not have noticed, but cloud-init works with local seed data now. :)
<SpamapS> PedroGomes: or you're saying they want golden-image support.
<SpamapS> PedroGomes: another option is system-imager/sisuite
<SpamapS> PedroGomes: though I don't know how  well maintained that is.
<PedroGomes> SpamapS: som	ething like that
<PedroGomes> SpamapS: another thing to check then
<Daviey> zul: thanks for driving the meeting, that was perfect.
<zul> Daviey: no worries
<SpamapS> PedroGomes: I've used sisuite in the past, and it was really quite good actually.
<SpamapS> We had a meeting? cripes.
 * SpamapS wonders if its worth requesting it be moved back 1 hour for DST :-P
<Daviey> SpamapS: yeah, it's that weekly thing we do; whilst you slack off. :)
<SpamapS> Daviey: I cherish every minute of slack off time you all provide me, thx. :)
<Daviey> heh
<Daviey> SpamapS: I wouldn't object to bumping it forward 1hr, during DST.
<zul> that creates a conflict for me
<Daviey> zul: conflict you say?  I think we need to turn the conflict into a death match with SpamapS.
<zul> obviously i would win
<Daviey> winner gets the time of their choice.
<Daviey> loser gets to rest.
<Daviey> adam_g: How are the charms looking for openstack?
<SpamapS> I'm fine with it being at 0800 PDT .. I just never seem to be at my keyboard at that time, so I miss the pop-up reminder and then get distracted otherwise. :p
<adam_g> Daviey: keystones working great, still cracking on horizon
<mainerror> bug 893926
<uvirtbot> Launchpad bug 893926 in eucalyptus "Contains traces of UEC" [High,Triaged] https://launchpad.net/bugs/893926
<mainerror> Is here someone that can answer my question in the bug comment?
<adam_g> Daviey: FYI bug #905286 is currently making things a bit awkward to get installed via orchestra without manually work
<uvirtbot> Launchpad bug 905286 in juju "orchestra: dict has no attribute read" [Critical,New] https://launchpad.net/bugs/905286
<Daviey> mainerror: hey
<Daviey> adam_g: Good to hear, have you dicussed the issue with the juju team?
<Daviey> ah, it's a cobbler bug?
<adam_g> Daviey: yes
<mainerror> Hello Daviey.
<SpamapS> mainerror: basically the packages are "branded" as "Ubuntu Enterprise Cloud" or "UEC" .. and they should just be called "Eucalyptus" now.
<Daviey> mainerror: replied
<mainerror> Awesome, thanks.
<mainerror> That should be an easy fix.
<Daviey> mainerror: Something you fancy driving?
<koolhead17> hoi all
<mainerror> Daviey: I'm sorry?
<Daviey> mainerror: If it's something you want to work on.. There is a uec branding patch which can be dropped (should remove the css)... and there are other goodies in debian/* which can be dropped.  If you want any pointers, please feel free to ask!
<mainerror> Well I have already fetched what is in the repository and greped for "UEC" and "Ubuntu Enterprise Cloud" so find out which files I should look at but if you have more accurate information for me it would be great. :)
<Daviey> SpamapS: have you seen 905286?
<Daviey> mainerror: Have you used quilt before?
<Daviey> mainerror: If you have used quilt and bzr before, if you wanted to propose a branch with a first scratch - we can walk through what is left to go?
<mainerror> I have used bzr before, although not to fix a bug- I have not heard of quilt yet.
<Daviey> mainerror: Maybe this is of help, http://developer.ubuntu.com/packaging/html/patches-to-packages.html
<Daviey> mainerror: quilt and bzr make for really messy changesets, but ho hum. :)
<Daviey> mainerror: If you do, /something/ - we'll work through it to get it sorted :)
<mainerror> Right. I'll read through that and start fixing the files up then I'll get back to you. :)
<mainerror> Should I mark the bug as "In Progress" and assign it to me?
<Daviey> mainerror: sounds great :)
<Daviey> mainerror: in debian/* there are some files which refer to avahi, they can also go. :)
<mainerror> Daviey: There are source files that contain "uec" in their name, like "uec_component_listener.c" for example. Do we want to change the file names too?
<SpamapS> Daviey: yeah I thought fwereade_ was workign on it
<fwereade_> SpamapS, Daviey: I've only had a chance to give it a short look I'm afraid, I've been trying to get the groundwork for the machine constraints feature down
<SpamapS> I suspect a trivial workaround might be in order. :P
<fwereade_> SpamapS, Daviey: and I don't really know anything yet: *something* in between CobblerClient and cobbler itself is doing something different with xmlrpc
<fwereade_> SpamapS, I think it might be a little trickier... if the format we get nested dicts in has changed, it seems reasonable to suspect that the send format has changed too
<fwereade_> SpamapS, which then means we need to be able to characterise the critical difference between environments it shows up in and ones it didn't
<fwereade_> SpamapS, I can imagine a dirty workaround, but I'm not sure I could get one merged :/
<elb0w> how do I update repos from shell?
<elb0w> nvm apt-get update did it
<mainerror> Daviey: There is quite a lot of avahi stuff going on in debian/*
<mustafa> I am having a problem with a PHP project which connects to mysql database, the site gives me error that the database is down. While it worked flawlessly on windows machine running xamp. Any ideas?
<mainerror> Is the database down?
<mustafa> However normal PHP files, which  doesn't use mysql databases work fine.
<mustafa> mysql-server is running. And I created the database through phpmyadmin. When I tried using mysql-admin -h host_ip I got an error that mysql couldn't read hostname.
<EvilResistance> mustafa:  where is the mysql-server instance?  on a windows machine or a linux machine?
<EvilResistance> ...
<EvilResistance> i know your current issue
<mustafa> Linux, Ubuntu.
<EvilResistance> <mustafa> EvilResistance: No, it was already setup. I did change the bind-address to localhost. I'll check the skip-networking now.
<EvilResistance> if its only binding to localhost it'll only accept connections from itself
<mustafa> On the windows machine it was already setup. But I'm trying now to configure it on my Ubuntu machine.
<EvilResistance> mustafa:  you need to make sure skip-networking is commented out or removed in the conf file
<mainerror> Uh? Did I miss that line somehow?
<EvilResistance> mainerror:  he's violating the guidelines...
<EvilResistance> getting help in #Ubuntu and here
<EvilResistance> i'm moving my support for him to here ;P
<mainerror> Oh!
<mustafa> EvilResistance: there is a comment "Instead of skip-networking the default is now to listen only on localhost"
<EvilResistance> then tell it to not listen on localhost
<EvilResistance> rather listen on your IP
<EvilResistance> whatever your system's IP might be
<mustafa> EvilResistance: no uncommented #skip-networking
<EvilResistance> mustafa:  read my last 3 messages
<mustafa> EvilResistance: which is 127.0.0.1 right?
 * EvilResistance facedesks
<EvilResistance> mustafa:  no
<EvilResistance> mustafa:  127.0.0.1 is the *localhost*
<EvilResistance> if you're on a router, it'd be something like 192.168.1.1 or something
<EvilResistance> or if its directly internet facing, the public IP (which you should know if its internet facing)
<mustafa> EvilResistance: Ah 192.168.1.20
<EvilResistance> use that for now then
<EvilResistance> note that you might run into some occasional breakage if you eventually want this to be useable on the internet
<mustafa> EvilResistance: OK, I have changed the bind-address. Then restarted mysql and apache and still the error is there.
<mustafa> I installed the apache2, php5, mysql-cleint then mysql-server and finally the phpmyadmin. All using apt-get. I'll really appreciate your help, I have a discussion tomorrow at college on this project using my laptop.
<mustafa> EvilResistance: Are you still there?
<EvilResistance> nope, kinda busy atm
<EvilResistance> dealing with some abuse@ emails for my group
<mustafa> Take your time, I'll be waitting :)
<drt24> mustafa: so if you try to access mysql from the command line on the box which php is running on, can you?
<mustafa> drt24: How can I know?
<drt24> run the "mysql" command with the relevant options and see if it works, if not change things until it does, then the configuration specified by the opitions to mysql should also work from php using the relevant php function
<mustafa> drt24: I am little bit lost. The server is running, but when I use mysql-admin -h host_ip I get that error "Could not connect to host '192.168.1.20'.
<mustafa> MySQL Error Nr. 1130
<mustafa> And that the host isn't allowed to connect to mysql-server
<drt24> so firewalls or similar?
<mustafa> Not that I know of, I'm running Ubuntu 11.10 Desktop edition.
<drt24> or the mysql-server is not listening correctly?
<drt24> sorry, going to sleep now.
<mustafa> OK, if you could wait little more 5 min. I'll appreciate it I a project discussion tomorrow at college and I have been searching and asking for 6 hours now with no luck.
<mustafa> If not I'll understand..
<alex_joni> mustafa: so you have 2 pc's?
<alex_joni> or is everything on one pc?
<mustafa> alex_joni: One PC. I tried it earlier today on a friends PC. Just moved the site files to the apropriate folder and imported the database from phpmyadmin
<mustafa> alex_joni: I am using a custom path for enabled sites if that helps.
<koolhead17> in /etc/mysqlmy.cnf  bind-address            = 0.0.0.0 would have solved it
<koolhead17>  
<TheEvilPhoenix> true, but that would have bound it to * basically, no?
<koolhead17> well as far as i understand this enables the server accept connection from any external host
<wmp> hello
<wmp> i use ubuntu server 10.04 and i have route configured on ip command, how to save this and restore on boot?
<wmp> i havent in 10.04 ip route save/restore
#ubuntu-server 2011-12-21
<hansin> Does anyone know anything about the blink cursor when you log into the console? I know I can disable it, but thought it would make sense by now to have it disabled by default. I thought the blinking cursor cause the CPU to wake up from sleep states, so a power drain. Maybe I am off on that.
<twb> I doubt the blinking cursor consumes significant resources.
<twb> Screen blanking should trip by default after 10 minutes of inactivity.
<samba35> how to configure tap0 device
<samba35> i am able to configure tap device but how do i save/store prenatally
<twb> Before birth?
<hansin> twb: okay, thanks. I guess I was hoping there was a functional reason to have it disabled by default like RHEL. It is a water torture sort of thing for me. Absolutely hate blink cursors.
<twb> man setterm, IIRC
<twb> Hmm, maybe not.  I'm not sure where that's configured
<twb> setterm -cursor off hides it altoghether
<hansin> That is okay, I have a command written down that disables it. I am not on a linux box right now, so cannot remember, but basically you echo a 0 or 1 to some file.
<twb> Oh, probably something in /proc then
<hansin> yeah, that sounds right.
<hansin> or /sys
<twister004> hi guys... how can I setup a reverse VPN server on ubuntu server such that the server initiates the connection, that way, a NAT is not needed on the router....
<twb> IPv6 ?
<twister004> twb... no.. IPv4
<twister004> twb: I've heard of some reverse VPN servers, where the server initiates the connection, all the client has to do is just connect... and no NAT is requried
<twb> If the problem is "I have a NAT" the solution is "migrate to IPv6"
<twister004> twb: is there no other way?.. like reverse SSH tunnel... or any software?
<twb> There may be other ways; those ways are Wrong
<twister004> twb: why's that?
<twister004> twb: can I use openvpn over proxy?
<yaboo> trying to install a binary driver, how can I manually add a driver.
<uvirtbot> New bug: #907161 in bind9 (main) "BIND9 server lockup" [Undecided,New] https://launchpad.net/bugs/907161
<twister004> Can someone please tell me how I can have a VPN server behind a NAT gateway and use it without setting up NAT on the gateway?
<yaboo> trying to modprobe some drivers, know the drivers are in the /lib/modules/kernel/dir, but keeps stating cannot find the drivers, do I have to register the drivers
<twb> You cannot simply drop .ko files in a dir and expect them to work
<twb> However I don't support binary drivers, so you're on your own.
<yaboo> twb I compiled the drivers myself, can see the drivers .ko files on the lib/modules dir, but cannot modprobe them
<twb> yaboo: suggest you read up on DKMS
<yaboo> ok dkms, also there the ltmodem drivers from the repo, and cannot be found
<ChmEarl> the network config file /etc/network/interfaces: is there a way to syntax check this without restarting interfaces or the whole network?
<twb> yaboo: is this for a dialup modem?
<yaboo> twb yes
<twb> yaboo: throw it out and buy one that has a serial port
<twb> yaboo: it is NOT worth the hassle
<yaboo> twb very hard to find in Australia now
<yaboo> twb yes know not worht the hassle, want to use it for faxing
<twb> dealextreme or something might have one, I dunno
<twb> Second ddg hit is newegg.com claiming to still be selling US Robo modems
<twb> http://www.newegg.com/Product/Product.aspx?Item=N82E16825104135
<yaboo> thanks twb
<twb> I think that's actually more or less what I'm using only my one was bought in like 1978
<uvirtbot> New bug: #907197 in nova (main) "ip address can't be injected into the instance when using lxc " [Undecided,New] https://launchpad.net/bugs/907197
<koolhead11> hi all
<uvirtbot> New bug: #907206 in keystone (universe) "SPACES missed in /usr/share/man/man8/keystone.8.gz" [Undecided,New] https://launchpad.net/bugs/907206
<uvirtbot> New bug: #907227 in krb5 (main) "krb5 (libkrb5-3) 1.10+dfsg~alpha1-6 breaks on samba <= 2:3.6.1-2 making upgrades and installs broken" [Critical,Triaged] https://launchpad.net/bugs/907227
<uvirtbot> New bug: #907250 in samba (main) "Please merge Debian into Precise - libkrb5-3: Breaks: libsmbclient (<= 2:3.6.1-2)" [Undecided,New] https://launchpad.net/bugs/907250
<caribou> Morning, trivial launchpad question
<caribou> If I want to propose a fix to vm-builder, smoser suggested that I create a branch & propose it for a merge
<caribou> which bzr push URL should I use to upload the vm-builder branch I want to propose ?
<caribou> I know how to do it for a project I'm a member of, but this is not the case for vm-builder
<xranby> caribou: I think you can push it to your private bzr repository at launchpad and then the branch can be pulled in by a sponsor of the vm-builder team
<caribou> xranby: ah ok, that would explain why, unlike with my projects, I was unable to "propose for merge" in LP
<micahg> caribou: http://developer.ubuntu.com/packaging/html/fixing-a-bug.html
<micahg> towards the end it explains what to do with the branches
<caribou> micahg: thanks, that's what I  was looking for
<uvirtbot> New bug: #907152 in nova (main) "Error: unable to connect to '/var/run/libvirt/libvirt-sock', libvirtd may need to be started: No such file or directory" [Undecided,New] https://launchpad.net/bugs/907152
<smoser> caribou, you should be able to push to lp:~caribou/vm-builder/your-branch-name
<caribou> smoser: I did that but then, I was not able to propose a merge
<caribou> so I followed micahg's advice & it worked
<caribou> smoser: so you should see the branch available for review now
<caribou> smoser: I pushed it to /ubuntu/precise/vm-builder
<jonludlam> zul: are you around?
<zul> jonludlam: about to start my holidays
<jonludlam> me too :-)
<jonludlam> was just wondering about the xen packages
<zul> what about them?
<jonludlam> I believe qemu-dm wants to load its keymaps from /usr/share/qemu/keymaps
<jonludlam> but the qemu dir seems to be /usr/share/qemu-linaro these days
<jonludlam> or at least, that's where the keymaps are found
<zul> jonludlam: yeah ill probably look at it over christmas but im just about to run out the door
<jonludlam> ok
<jonludlam> 1 quick thing more then
<zul> sure
<jonludlam> will you be pulling 4.1.2-2?
<jonludlam> it's got some new ocaml libs packaged up with it
<zul> jonludlam: yes
<jonludlam> excellent, good news. thanks!
<jonludlam> have a good holiday :-)
<smoser> caribou, fyi, the branch i proposed pushing to is the *upstream* branch, versus the ubuntu branch.
<smoser> either is fine for this.
<caribou> smoser: ah, ok, I see the difference
<koolhead11> smoser: http://uec-images.ubuntu.com/oneiric/  is from where i will get the cloud images
<smoser> http://cloud-images.ubuntu.com would be preferred (only different in name)
<smoser> remember that daily builds get zero testing
<smoser> and that you can (and should) use the machine formated information at http://cloud-images.ubuntu.com/query
<koolhead11> cool
<koolhead11> smoser: i dont see this url anywer on cloud.ubuntu.com, am i missing sumthing
<smoser> where did you see uec-images link?
<koolhead11> smoser:  today from google. :D
<koolhead11> hello Daviey
<smoser> adam_g, awake?
<smoser> adam_g, when you get in, is https://code.launchpad.net/~gandelman-a/ubuntu/precise/cobbler-enlist/avahi/+merge/85646 still relevant ?
<smoser> (there are merge conflicts)
<Lcawte> Hi, was there any power related changes added for 11.04, because my server seems to stop just before post ends when I use 11.04, and it worked fine in 10.10
<Lcawte> hmm, what does Ubuntu use to manage power? Because for some reason I don't have power nap, and I can't find what is used to manage power etc, because my computer doesnt boot 11.04 or 11.10 but does 10.10 fine
<edgy> hallyn: hi
<Lcawte> Anyone have any idea what I can do to fix this?
<smoser> mmm_, around ?
<SpamapS> Lcawte: not sure what is broken
<SpamapS> Lcawte: if your machine is turning *off* at boot.. that seems like a kernel bug.
<aljosa> anybody knows what is the last version of ubuntu that works with ibm db2 (partner ppa) w/ only apt-get install and no other system wide modifications?
<smoser> anyone know have idas as to why i cnanot recreate bug 854866 on debian ?
<uvirtbot> Launchpad bug 854866 in ganglia "some ganglia packages won't install because of useradd" [High,Fix committed] https://launchpad.net/bugs/854866
<smoser> SpamapS, ^
<SpamapS> smoser: good question, reading
<SpamapS> smoser: maybe the useradd or groupadd fails quietly in Debian where ours does not?
<smoser> that was my only thought too, but looking at the "Remainging changes" in a shadow source package doesn't mention anything like that.
<SpamapS> yeah I don't think we'd want to break all those user/group adds
<rbasak> hey zul, I can look at bug 899427 and bug 905527 unless you've already got plans?
<uvirtbot> Launchpad bug 899427 in horizon "not lintian clean" [Medium,Confirmed] https://launchpad.net/bugs/899427
<uvirtbot> Launchpad bug 905527 in horizon "Apache should be restarted after installing horizon." [Low,Triaged] https://launchpad.net/bugs/905527
<zul> rbasak: plans is called holiday
<zul> :)
<rbasak> :-)
<rbasak> I've still got two days left!
<zul> im not here :)
<smoser> A poor excuse for picking a man's pocket every twenty-fifth of December!
 * rbasak will do the horizon bugs in zul's absense then :)
<rbasak> erm...right after I learn to spel
<Lcawte> SpamapS: no, it just hangs
<SpamapS> rbasak: its ovarreitied
<SpamapS> Lcawte: if you remove 'quiet' from the commandline args, you might get some clue as to what it is hanging on
<SpamapS> Lcawte: when the grub menu shows up, you can edit the arguments
<Lcawte> SpamapS: it doesn't go to grub
<Lcawte> it finishes all the stuff in post and then hangs just before where it would go to grub
<SpamapS> Lcawte: thats pretty seriously broken then.
<SpamapS> Lcawte: you may want to boot from a live CD/USB key and use that to re-install grub.
<Lcawte> It doesn't seem to be grub though, I can put the disk in another machine and it'll work fine
<SpamapS> Lcawte: http://odzangba.wordpress.com/2011/05/14/455/
<SpamapS> Lcawte: thats beyond my skills then. :-/
<SpamapS> Lcawte: its entirely possible, though, that there is some weird compatibility/geometry problem.
<smoser> SpamapS, just fyi, i found out why i couldn't reproduce on debian. i was using olderl package version in debian and http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620505 caused this regression
<uvirtbot> Debian bug 620505 in gmetad "gmetad: fails to purge - command (deluser|adduser) in postrm not found" [Important,Fixed]
<SpamapS> smoser: I'm not sure I understand, but I trust that you do, so I won't pay it any more mind. :)
<smoser> ubuntu has newer version than i was trying to reproduce with on debian stable.
<smoser> the newer version (debian testing) recreates the bug.
<adam_g> smoser: gah, i think there have been merges since that proposal. deleted, ill rebase and resubmit since it looks like we'll be using the C version utility of that after all
<SpamapS> smoser: I read "olderl" as "oldperl" .. now I see it was just a typo. haha.
<smoser> oldperl does suck
<pmatulis> is anybody here successfully using kerberos with apache?
<smoser> SpamapS, you have thoughts on my question in -devel ?
<smoser> mmm_, its regarding your branch for ganglia at https://code.launchpad.net/~mark-mims/ubuntu/precise/ganglia/useradd
<SpamapS> smoser: you mean m_3
<smoser> ah. dagum 3 ms
<SpamapS> m_3: ^^ smoser has been calling you mmm_ ;)
<smoser> m_3,
<smoser> i've been calling him other things too, but that was the nicest of the bunch
<smoser> (joking)
<uvirtbot> New bug: #900972 in lxc "lxc instance console output spewed to stdout" [Undecided,New] https://launchpad.net/bugs/900972
<iToast> how do i remove LAMP
<iToast> and reinstall it
<ikonia> why ?
<ikonia> what have you done ?
<jmarsden> sudo tasksel remove lamp-server   # if you installed it using sudo tasksel install lamp-server
<ikonia> he doesn't need to remove it
<jmarsden> <iToast> how do i remove LAMP    was the question being asked... I thought...
<smoser> hallyn, around ?
<smoser> i tihnk kvm user-net is worse than it used to be.
<smoser> of course i have no data to back that up
<ikonia> jmarsden: correct, but after reading what's been posted in other channels, he doesn't have to reinstall
<smoser> other than libvirt is there any way that people use kvm and get non "usernet" networking ?
<smoser> i'm used to something like this, but its networking is painful right now: time kvm -drive file=orchestra.disk,if=virtio,boot=on -cdrom custom.iso    -net nic -net user,hostfwd=tcp::2222-:22 -m 1024    -nographic -serial file:serial-console.log
<jmarsden> smoser: See http://www.linux-kvm.org/page/Networking for some ideas on bridging using -net nic,macaddr=$macaddress -net tap    for example...
<smoser> yeah... i just dont like the "i have to be root" stuff.... the user-net was so noice.
<smoser> actually... it seems like: model=virtio
<smoser> made a significant difference.
<smoser> where significant == maybe 50x or better
<jmarsden> That's... pretty significant :)
<mzaza> I can't find ;extension=mysql.so
<smoser> yeah. now i'm getting ~ 10MB/s on a 100Mb/s network.
<mzaza> Should I just add it anywhere, in the /etc/php5/apache2/php.ini file ?
<mzaza> I have been having a problem for 2 days in configuring my local webserver, isn't this a help channel or what?
<RoyK> mzaza: just installing php5-mysql should do that automatically
<mzaza> RoyK: It's already installed :-S
<RoyK> mzaza: then it should work - what does phpinfo() have to say?
<mzaza> RoyK: Lots of things but I guess, it's enabled.
<RoyK> mzaza: if it lists mysql as enabled, it is
<mzaza> RoyK: I just created a database and imported it's tables from phpmyadmin, and then created a symbolic link for the website in /var/www but I get an error "The site database appears to be down" !
<RoyK> have you configured the webapp correctly?
<RoyK> it usually needs a username, password, dbname, and perhaps dbhost and dbport
<mzaza> RoyK: I tried it on a friends windows laptop running easyphp and it worked perfectly.
<mzaza> rackisland.com/zaza.zip this is the site and it's sql if you would like to give a look at it's config.php
<RoyK> is mysql running? can you connect to the database manually? can you connect from a php test script?
<mzaza> Haven't tried that. Can you point me to a test script example?
<RoyK> php.net
<RoyK> there's tons of test code there
<mzaza> OK, I'll check it now.
<mzaza> RoyK: Successfully connected :-/ and showed tables in the database.
<RoyK> then it works... all you have to do is configure that webapp correctly :Ã¾
<smoser> RoAkSoAx, are you around ?
<mzaza> RoyK: What's strange is that the same webapp worked perfectly on my friends windows machine, and it worked with another friend. If you have some time to spare could you check the config file yourself =) ?
<mzaza> RoyK: What's even strange is that it works well on a server running linux + cpanel!
<RoyK> no, sorry
<mzaza> ok, thanks :)
<mzaza> RoyK: Just one more thing why it works here rackisland.com/zaza%20(2)/ which is a linux server and it doesn't run on mine?! It has to be something with my configuration or something I'm missing.
<RoyK> mzaza: sorry, I just don't know
<mzaza> np :) ty
<EvilResistance> anyone know why an ext4 partition would become unstable and unclean, thereby requiring an fsck from an external disk to fix the system?
<SpamapS> EvilResistance: there are a number of reasons
<EvilResistance> what're the most common ones
<SpamapS> EvilResistance: disk errors, reboot during heavy write activity.. a kernel bug... "bit rot"
<SpamapS> EvilResistance: powering off with disk drives' write cache enabled is another one
<EvilResistance> power failure during a shutdown procedure (i.e. incomplete shutdown)?
<SpamapS> Possibly
<SpamapS> journalling helps with these, but sometimes its just a mess
<EvilResistance> mmm
<EvilResistance> well i've had to boot into either an external system or a livecd in order to run fsck just to fix the partition twice in the past 3 weeks
<EvilResistance> signs of system failure perhaps?
<SpamapS> EvilResistance: are you letting the fsck finish?
<EvilResistance> mhm
<SpamapS> EvilResistance: definitely inspect your logs for errors. thats abnormal.
<EvilResistance> SpamapS:  I just received the UPS i ordered a few days ago, once its all charged up, is there a way to get ubuntu server to check the power remaining in said UPS (Uninterruptible Power Supply, aka battery backup), and auto-shutdown when the power gets to a certain level?  I'm pretty certain at this point the power failures caused by some storms are causing this issue.
<SpamapS> EvilResistance: yeah there are daemons that will talk to the UPS's and shutdown gracefully
<SpamapS> I haven't set such a thing up in a long time, but apcupsd was a good one "back in the day"
<guntbert> !apcupsd | EvilResistance
<guntbert> EvilResistance: see https://help.ubuntu.com/community/apcupsd
<RoAkSoAx> smoser: here
<smoser> RoAkSoAx, bug 905854
<uvirtbot> Launchpad bug 905854 in unity-2d "memory leak in unity-2d-panel" [High,In progress] https://launchpad.net/bugs/905854
<smoser> fix uploaded.
<smoser> hm..
<smoser> funy
<smoser> how about 907525
<smoser> does that make more sense ?
<smoser> bug 907525
<uvirtbot> Launchpad bug 907525 in cobbler "python-cobbler fails install without python-support" [Undecided,Fix released] https://launchpad.net/bugs/907525
<EvilResistance> guntbert:  thanks
<smoser> but, RoAkSoAx if you want to fix that memory leak in unity-2d that'd be great too
<RoAkSoAx> smoser: right, should not depend on python-support as it uses dh_python2
<RoAkSoAx> smoser: and the postinst should probably be taken care automatically
<RoAkSoAx> by dh_python2
<smoser> shoot. yeah, should have taken it all the way out
<smoser> i did not
<smoser> just ripped otu that section. but the whole thing is not needed now.
<RoAkSoAx> yeah
<aarcane> so I'm working on planning a deployment of virtualization around my site.  I've run into a snafu.  I'm wanting to devote two systems to virtualization, which are intended to bounce virtual machines back and forth between them as needed.
<aarcane> But I've got two types of systems I want to run.  Stateless and Stateful.  I want to run the Stateless machines as cloud instances in UEC, and the stateful machines in libvirt.
<aarcane> I can't find any good documentation on how (if at all) the two will interact
<aarcane> also, I will need to ensure that the stateful machines' images are synced in realtime, and can't find good documentation for that either.
<smoser> RoAkSoAx, so should i remove that file entirely and push an UNRELEASED to lp:precise/cobbler ?
<aarcane> any ubuntu/UEC/libvirt specific help would be much appreciated
<RoAkSoAx> smoser: you can go ahead and upload it cause otherwise it might get lost on lp:precise/cobbler
<smoser> yeah.. that sucks. i dont thin its worth an upload though
<smoser> well... if it gets lost, then maybe sometime i'll remember it
<smoser> i just pushed there.
<RoAkSoAx> smoser: ok ;)
<adam_g> smoser: hmph i *just* hit the same bug building something against python-nova and python-glance
<adam_g> smoser: why would that be popping up across packages at the same time? i dont think those two have had any changes wrt that stuff in a while
<smoser> you're doing this in EC2?
<smoser> python-support left the images i think. previously one or 2 packages actually listed it as a dependency so lots of others got by without it
<smoser> but now the images dont' have that by default
<smoser> adam_g, to work around, just install python-support first
<adam_g> smoser: im actually running during packages builds in chroot
<smoser> well the source of the problem is the same.
<smoser> they needed it, but didn't declare it and previously just got it
<adam_g> right
<adam_g> smoser: so, python-support as a build depends should probably just be removed along with the *.postinst?
<smoser> well what was failing ?
<smoser> the build actually failed ?
<smoser> i'd ask in #ubuntu-devel
<adam_g> smoser: the postinst on both, during install. haven't rebuild without
<smoser> a.) because people there know more than me (doku)
<smoser> b.) because i have to run
<adam_g> cya
<m_3> smoser: hey... do I need to do something else with the ganglia/useradd branch?
<uvirtbot> New bug: #907543 in nova (main) "python-glance fails to install during postinst: update-python-modules: not found" [Undecided,New] https://launchpad.net/bugs/907543
<twb> So you know how ubuntu debconf uses magenta instead of blue?
<twb> Apparently during 12.04 mini.iso, if you mistype the root password the second time, it goes back to blue when you re-answer the password question
<twb> Also apparently precise (unlike lucid) isn't guessing the domain and NTP server from the DHCP response options, although that could be some exciting new heisenbug here...
#ubuntu-server 2011-12-22
<uvirtbot> New bug: #907518 in keystone "swift proxy cannot start when configured to use keystone" [Undecided,Triaged] https://launchpad.net/bugs/907518
<smoser> m_3, do the SRU stuff.  ie, write justification and everything
<smoser> and if you wanted, you could foward a debdiff to the debian bug that is there.
<m_3> smoser: cool, thanks!
 * m_3 looking up "SRUs for dummies"
<smoser> m_3, ping me when you have justifcation done and I can do the upload to oneiric-proposed if there is no oneelse around.
<smoser> i'm gonna mostly be out till budapest though so you might want to look for someone else.
<smoser> good work on getting that fixed though
<m_3> thanks, yeah it's been a ghost-town around here
<m_3> I've got a ppa with it fixed for oneiric, so there's no particular hurry
<m_3> have a great break man... see you in budapest
<smoser> well, the archive is 100% broken for that package, so that is pretty bad.
 * SpamapS will +1 it right into oneiric-proposed :)
<PerfM> woooooooooooo
<PerfM> I love ubuntu!
<Zanzacar> Just curious if anyone could answer this for me. I can sftp into my server through the terminal and through filezilla. Through the terminal I transfer at 11mbps through filezilla I transfer at 8-9mbps.
<Zanzacar> does anyone know why that would be?
<qman__> probably a math error in one program or the other
<Zanzacar> so one isnt actually slower then the other then?
<qman__> not likely, they could also be negotiating different encryption sets, or filezilla could be measuring actual file throughput while the other program is measuring total connection throughput
<qman__> lots of reasons those numbers can be different
<Zanzacar> gotcha sounds good.
<qman__> the only real way to measure would be to download the same large file and time it
<PerfM> I do
<PerfM> Zanzacar, glad we could help ^_^
<Zanzacar> I am going to test it out and see if there is any differences
<qman__> also, IIRC, filezilla displays the average over the whole connection
<qman__> the other program may be measuring the current rate instead
<Zanzacar> it is just sftp over the terminal
<PerfM> pangolin, HI!
<PerfM> pangolin, sorry for the ping!
<m_3> smoser SpamapS: I think I have everything for an SRU on bug #854866
<uvirtbot> Launchpad bug 854866 in ganglia "some ganglia packages won't install because of useradd" [High,Confirmed] https://launchpad.net/bugs/854866
 * m_3 sure hope that all works :)
<smoser> m_3,  just copy your comment to a section in the description
<smoser> other than that, loooks good.
<m_3> smoser: smoser ok, did that
<twb> Zanzacar: most likely case is one is measuring megabytes (1000) and one is measuring mibibytes (1024)
<twb> Zanzacar: it could also be scp vs. sftp -- the former has slightly less overhead.
<smoser> m_3, ok. i just uploaded to oneiric-proposed.
<smoser> then, it needs an SRU admin (SpamapS or pitti) to approve it into -proposed
<smoser> the one change from the oneiric is (as you stated) the version number.
<smoser> 3.1.7-2ubuntu0.1 is what i used, which is < anything in precise
<smoser> following the chart at https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update%20the%20packaging
<m_3> smoser: ok, thanks
<smoser> :q
<axisys> http://pastebin.com/RMpM2bdA <-- x2270 m2 sees only one disk.. any idea what I can do short from rebooting the server
<axisys> tons of error like this http://pastebin.com/319gGafB for sdb
<uvirtbot> New bug: #907620 in openldap (main) "package slapd 2.4.21-0ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/907620
<axisys> during boot I saw both disks
<axisys> http://pastebin.com/25STEpin <-- from /var/log/dmesg
<axisys> but now only one
<axisys> they both are internal disk
<axisys> i wonder if my co-worker broke sdb while attaching it to raid1
<axisys> (parted) p
<axisys> Error: /dev/sdb: unrecognised disk label
<axisys> smartctl --all /dev/sdb -T permissive says
<axisys> SMART Health Status: OK
<axisys> rebooted the system
<axisys> now I can see sdb
<twister004> hi guys... how can I automate reverse ssh on my ubuntu server?... I need to connect to this box using reverse ssh.... can I use a script at bootup?.. I tried this but it doesn't work
<uvirtbot> New bug: #907686 in squid3 (main) "CVE-2010-0308: DoS (assertion failure) via a crafted DNS packet that only contains header in lucid series" [Undecided,In progress] https://launchpad.net/bugs/907686
<uvirtbot> New bug: #907687 in squid3 (main) "CVE-2010-0639: DoS (NULL pointer dereference and daemon crash) via     crafted packets to the HTCP port" [Undecided,In progress] https://launchpad.net/bugs/907687
<Jeeves_> twister004: You can create some ssh keys
<Jeeves_> and create an upstart script for it
<twister004> Jeeves_: ahem... how do I do that :D
<Jeeves_> twister004: ssh-keygen -t rsa on the box behind nat
<Jeeves_> Don't enter a passphrase
<Jeeves_> vi /etc/init/rssh.conf
<twister004> Jeeves_... I did that... I want to know how I can automate this tunnel... how it can be auto-established upon reboot
<Jeeves_> exec ssh -i $homedir/.ssh/id_rsa
<twister004> ??
<Jeeves_> Create an upstart job
<Jeeves_> That will run ssh
<Jeeves_>  /etc/init/udev.conf can be used as basic script
<twister004> Jeeves_.. how do I create an upstart Job?.. I created a .sh file with 'autossh' running... and edited crontab.... @reboot /usr/local/bin/script.sh
<uvirtbot> New bug: #907690 in squid3 (main) "CVE-2011-3205: DoS (memory corruption and daemon restart) or remote Gopher servers." [Undecided,In progress] https://launchpad.net/bugs/907690
<Jeeves_> replace exec udevd --daemon with 'ssh -i $path_to_id_rsa $remoteuser@$remotebox'
<Jeeves_> remove the 'expect fork' file
<Jeeves_> s/file/line
<twister004> Jeeves_.. could you start from the beginning... I lost you somtime back
<Jeeves_> cp /etc/init/udev.conf /etc/init/rssh.conf
<Jeeves_> vi /etc/init/rssh.conf
<Jeeves_> replace exec udevd --daemon with 'ssh -i $path_to_id_rsa $remoteuser@$remotebox'
<Jeeves_> remove the 'expect fork' line
<Jeeves_> That should work, I think
<twister004> Jeeves_... /etc/init/rssh.conf doesnt exist
<Jeeves_> Indeed
<Jeeves_> If you didn't do 'cp /etc/init/udev.conf /etc/init/rssh.conf', it won't exist
<twister004> Jeeves_... $path_to_id_rsa should be the path to authorized_keys file correct?
<Jeeves_> No
<Jeeves_> id_rsa
<twister004> Jeeves_... isn't id_rsa the local key?
<Jeeves_> Yes
<Jeeves_> And the ssh client on the local machine must use that specific keys
<Jeeves_> the authorized_keys on $remotebox should have the line in id_rsa.pub in it
<twister004> Jeeves_... I lost you there... what about passwordless ssh?
<Jeeves_> That's what the keys are for
<Jeeves_> You create a ssh key
<Jeeves_> you end up with two files
<twister004> yes
<Jeeves_> id_rsa and id_rsa.pub
<Jeeves_> the .pub file is the public key
<Jeeves_> You copy/paste the contents into authorized_keys on any remote box you want
<twister004> yes
<twister004> yes
<Jeeves_> id_rsa will be used by the local client to connect to the remote server
<Jeeves_> if the remote server can verify the local key with the public key
<Jeeves_> You are granted access
<twister004> Jeeves_.. but then what should be edited in the id_rsa.pub file?
<twister004> Jeeves_... in the rssh.conf file... is the following command correct?.. 'ssh -i /root/.ssh/ root@remote_hostname''
<Jeeves_> Nothing should be edited in the .pub file
<Jeeves_> I never said that :)
<Jeeves_> -i should be /root/.ssh/id_rsa
<twister004> ohk... so.. then... after the reboot of the source, the tunnel will be established... and how to I connect to to the source from the destination?
<Jeeves_> http://www.howtoforge.com/reverse-ssh-tunneling
<twister004> Jeeves_... I followed that same link and did it manually... I dont know how to automate the process
<Jeeves_> twister004: You could think about combining my comments with the link you read
<twister004> Jeeves_.. so instead of the command u specified, I just enter the command from the link?
<Jeeves_> Combine the two, yes
<twister004> Here goes nothing... commencing reboot :)
<Jeeves_> You don't need to reboot
<twister004> ?
<Jeeves_> You can also type 'start rssh'
<twister004> Jeeves_... I want to test it during bootup
<twister004> coz the machine is going to be moved behind a firewall, and we wont have access to it
<twister004> it doesn't work... and when I do a 'start rssh'... it gives me the following error - 'start: Unknown job: rssh'
<twister004> Jeeves_.. any inputs?
<Jeeves_> Oh
<Jeeves_> Ehm
<twister004> did I do something wrong?
<Jeeves_> No, something needs to be refreshed
<Jeeves_> initctl reload-configuration
<twister004> wat's tjat?
<Jeeves_> That tells upstart that there is a new file, iirc
<twister004> it didnt work
<twister004> still the same
<Jeeves_> the file is called /etc/init/rssh.conf, right?
<twister004> yes
<Jeeves_> Works for me
<twister004> huh/
<Jeeves_> If I copy /etc/init/udev.conf to /etc/init/rssh.conf
<twister004> ?
<Jeeves_> I can run 'start rssh' without any issues
<twister004> I did that
<twister004> let me do it again
<twister004> it didnt work
<Jeeves_> can you pastebin the command 'cat /etc/init/rssh.conf' ?
<twister004> Jeeves_.. here you go : http://pastebin.com/hnxNAKYK
<Jeeves_> http://pastebin.com/C8yJMNBE
<Jeeves_> That might work better
<Jeeves_> http://pastebin.com/diff.php?i=C8yJMNBE
<Wolfsherz> hello, when i created a ssh-key on my laptop, and copied the public part to the servers ~/.ssh directory the login via key works. will i be able to put my private key to my other machine or do i need to create a new key to connect with it?
<Jeeves_> Wolfsherz: Private key can be transferred
<Wolfsherz> Jeeves_: ok, but the public key has the computers user@hostname in it. is that a problem when connecting with the private key from another host?
<Jeeves_> no
<Jeeves_> That's just a comment
<andol> Wolfsherz: You can copy your private key to the other machine, but really it is better/safer solution to create a new private key on the other machine.
<Wolfsherz> andol: why is it safer do to so?
<Wolfsherz> Jeeves_: thank you
<twister004> Jeeves_.. ok.. the 'start rssh' worked... thanks!... but how do I connect back from the other side?
<Jeeves_> twister004: You said you read that page on howtoforge :)
<andol> Wolfsherz: In case you lose on of the computers, you can more easily revoke that public key.
<andol> s/on/one/
<twister004> Jeeves_... I did... and I tried 'ssh localhost -19999'... it refuses the connection
<Jeeves_> twister004: I'd try -p 19999
<Wolfsherz> andol: i have to paste that other pubkey to authorized_keys too then, right?
<Jeeves_> And check if the ssh connection is really up
<twister004> Jeeves_.. oops I typed it correctly... it doesn't work
<andol> Wolfsherz: Yes
<twister004> Jeeves_... using ps?
<Jeeves_> twister004: And where is autossh located?
<Wolfsherz> andol: and to revoke a public key i just remove that key from authorized_keys, or is there another way?
<andol> Wolfsherz: exactly
<Wolfsherz> andol: great, thank you
<twister004> Jeeves_... I installed autossh
<Jeeves_> Ah, ok.
<twister004> it's under /usr/bin
<Jeeves_> No clue what that is
<Jeeves_> replace 'autossh' with '/usr/bin/ssh'
<twister004> Jeeves_.. ok
<twister004> Jeeves_... 'ps -ef | grep ssh' shows the process
<Jeeves_> ok
<twister004> Jeeves_... so, for some reason, the ssh is not working?.. even though the process is running in the background
<Jeeves_> twister004: I can't see that from here, can I?
<Jeeves_> Check if the proces you see still is the same
<twister004> Jeeves_.. ill send u the output
<Jeeves_> Check if the command is actually working by executing it yourselve
<twister004> Jeeves_... it worked!!
<twister004> you're awesome!!!!
<twister004> Jeeves_.. will it autorun at bootup?
<Jeeves_> it should, probably
<Jeeves_> You might need to change 'start on'
<twister004> Jeeves_.. what's that :(
<twister004> Jeeves_.. actually, it stopped workin again... please see the pastebin contents... it's the output of 'ps -ef | grep ssh' 'http://pastebin.com/a6zDRFgt'
<twister004> Jeeves_ it works now... sorry!
<twister004> Jeeves_... however, it doesn't run at bootup.... please advise how I need to modify 'start on'
<Jeeves_> set 'start on' to 'networking', I think
<twister004> Jeeves_.. how do I do that... is that a command?
<Jeeves_> grmbl
<Jeeves_> Read the file /etc/init/rssh.conf
<twister004> Jeeves_... sorry!... I changed it, but it still doesnt work on bootup
<koolhead11> hi all
<Jeeves_> twister004: No clue then
<l456> Is 12.04 going to ship with ruby 1.9.1 ??
<l456> Rails needs 1.9.2 and the latest stable is 1.9.3, it will be a major pain if it ships with 1.9.1 which few (if any) Ruby devs use...
<pmatulis> 1.9.3.0
<uvirtbot> New bug: #907816 in apache2 (main) "libapache2-mod-php5 forgets timezone definition after some time" [Undecided,New] https://launchpad.net/bugs/907816
<pmatulis> quiet here today
 * genii-around makes more coffee
<enrichedd> idk y but i got booted and banned from the ubuntu channel...
<Pici> enrichedd: Please use #ubuntu-ops if you'd like to get that resolevd.
<enrichedd> ty
<uvirtbot> New bug: #907828 in openvpn (main) "tun-based VPNs using the "subnet" topology are wrongly sending ICMP redirects" [Undecided,New] https://launchpad.net/bugs/907828
<rbasak> robbiew: I've been poking the debian experimental version of openmpi today. It FTBFS on armel. I'm just trying a rebuild of 1.4.x to check its not my environment
<rbasak> (but also it failed on Debian)
<rbasak> https://buildd.debian.org/status/package.php?p=openmpi&suite=experimental
<robbiew> rbasak: cool...well if it's crap, then this will be an easy blueprint :)
<robbiew> we have some time, given the package is in universe
<rbasak> robbiew: hopefully won't be too hard to fix :)
<smoser> RoAkSoAx, pushed cobbler update with that fix from yesterday and 2 more to cobbler-ubuntu-import
<PedroGomes> Hi, I have two Ubuntu server installations with the same sudoers file, being that one as a root login and the other not.
<PedroGomes> Now I have a user X, and in the sudoers I have "X ALL = NOPASSWD: /usr/sbin/puppetca" on both machines.
<PedroGomes> If I run the command puppetca with user X without sudo or pass on one of the machines it works, on the other I need sudo. What is the difference?
<genii-around> "being that one has a root login"
<PedroGomes> genii-around: thats the difference? in the machine with a root login I have to use always the sudo command ?
<genii-around> PedroGomes: The other way around, likely.
<genii-around> If you're logged on as root, any command you issue automatically has the elevated rights that the sudo command is supposed to be used for.
<PedroGomes> genii-around: thanks, but I already found my error after an half a dayâ¦
<PedroGomes> I forget to add the user to the group that owns most of the folders affected by the command
<smoser> hallyn, did you read the bug ?
<smoser> i described how i triggered it.
<hallyn> smoser: you said "i ran an instance".
<smoser> inside devstack
<smoser> did you try that ?
<smoser> with that image?
<smoser> /var/lib/tftpboot/pxelinux.cfg/01-00-16-3e-3e-aa-03
<smoser> RoAkSoAx, ^ how do i make cobbler udpate that file
<hallyn> I don't know what devstack is.  Is it a wrapper around euca-build-iamge?
<Daviey> smoser: change a setting in cobbler, like "netboot enabled"
<Daviey> hallyn: devstack is the current fav' flavour for setting up a development openstack cloud
<hallyn> if you're gonna use your little codewords than don't get snarky when i ask for detailed reproduction steps
<Daviey> with all the different componets
<smoser> hallyn, only because i like you, i'll give you alink
<hallyn> yay!
<smoser> http://lmgtfy.com/?q=devstack
<smoser> Daviey, i want it to fix all of that garbage
<hallyn> i'll get to that next year then
<smoser> hallyn, and i'll give you a user-data scrript for Canonistack. just a minute.
<adam_g> smoser: i think 'cobbler sync' will regenerate those tftp files as well as dnsmasq, dhcp, etc
<smoser> thats what i wanted
<smoser> gracias adam_g
<hallyn> be back tomorrow for a sponsors gig.  out.
<uvirtbot> New bug: #907873 in samba (main) "smbd crashed with SIGABRT in close_file()" [Undecided,New] https://launchpad.net/bugs/907873
<gondoi> anyone know where I can find more information on this, like when it will be "removed":
<gondoi> http://www.omgubuntu.co.uk/2011/12/java-to-be-removed-from-ubuntu-uninstalled-from-user-machines/
<mdeslaur> gondoi: the browser plugin has already been disabled. We haven't decided yet when the other packages will be removed from the archive.
<mdeslaur> gondoi: is there anything else you would like to know?
<gondoi> mdeslaur: okay, well i was thinking more in the terms of a server that is running apps with it
<gondoi> i.e. tomcat and such
<mdeslaur> gondoi: I'd suggest trying to migrate to either openjdk or to oracle's java sometime in january
<gondoi> i work at a hosting provider and I am trying to figure out the impact for our customers
<gondoi> okay
<gondoi> thank you mdeslaur
<mdeslaur> gondoi: you're welcome
<uvirtbot> New bug: #907905 in php5 (main) "php5-cli scripts not running in background, stays stopped." [Undecided,New] https://launchpad.net/bugs/907905
<Wolfsherz> hello, i have got a serious problem after fiddling with ssh-keys on my server. i can not connect anymore with the error: ssh_exchange_identification: Connection closed by remote host
<Wolfsherz> i already booted the server in rescue mode to delete the authorized_keys in my home-directory. i also removed the private and public key on my machine at home.
<smoser> ok server people, RoAkSoAx adam_g SpamapS .
<smoser> i'm almost EOY
<smoser> but i just pushed to lp:~orchestra/orchestra/odev
<smoser> its largely a work in progress, but i'm sure that each of you, if wanted could get it going
 * kirkland waves at smoser 
<smoser> (cobbler-devenv -> odev)
<smoser> hola crypto people
<EvilResistance> Wolfsherz:  can you do ssh -vv (that's two v's)?  that'll tell you why its being closed at the remote host.
<Wolfsherz> EvilResistance: I dont think that is possible as i can not connect to that server anymore. I can only boot a rescue-system
<Wolfsherz> i get a lot of these: http://paste.ubuntu.com/779112/
<Wolfsherz> in /var/log/auth.log
<Wolfsherz> this is my /etc/ssh/sshd_config http://paste.ubuntu.com/779121/
<yakster> can someone please help me with some syntax
<yakster> I can't get stab to mount my NAS hdd, I can do it manual, but not fstab
<yakster> sudo mount -t cifs //192.168.1.129/GoFlex\ Home\ Public/ /media/GoFlex -o username=matthew,password=4546413,iocharset=utf8,file_mode=0777,dir_mode=0777
<yakster> that works fine
<yakster> /192.168.1.129/GoFlex\ Home\ Public/ /media/GoFlex cifs username=matthew,password=4546413,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0
<yakster> and that cases /home to not mountâ¦.
<yakster> ???
<erichammond> yakster: What errors are you getting on the attempt to mount the cifs with /etc/fstab ?
<yakster> error line 13â¦ line 13 is the //192 line
<yakster> line 13 is stab is bad
<sixstringsg|afk> Is it possible on a dedicated server that I do not have physical access to to increase the size of the / partition?
<uvirtbot> New bug: #907945 in nova "Enabling keystone caching  results in type errors in middleware" [Undecided,New] https://launchpad.net/bugs/907945
<ikonia> sixstringsg|afk: if it's not under lvm control, no
<sixstringsg|afk> Can I symlink it to part of another partition to increase it?
<sixstringsg|afk> It's 10Gb right now, I don't know how big it should be honestly.
<ikonia> no
<sixstringsg|afk> Or if I can clean some stuff out.
<yakster> can someone help me out with some stab syntax?
<ikonia> sixstringsg: you can symlink dir's - but you still can't change it's size
<yakster> fstab syntax
<ikonia> sixstringsg: you certainly can clean stuff out
<yakster> /192.168.1.129/GoFlex\ Home\ Public/ /media/GoFlex cifs username=matthew,password=4546413,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0
<sixstringsg> ikonia, suggestions on what to clean?
<ikonia> sixstringsg: depends on your machine and what you're not using
<ikonia> sixstringsg: what other seperate mount points you have too
<sixstringsg> All I have are / /home and swap.
<ikonia> sixstringsg: ok, so look at creating new partitions for things like var, mount that on a new partition and reboot, same for /tmp
<ikonia> sixstringsg: look at what you are using software wise, open the package manager and clear down things you don't need/want
<ikonia> just apply a logical common sense approach
<sixstringsg> Ok, thanks.
<uvirtbot> New bug: #907952 in munin (main) "Unnecessary log message when listing local services" [Undecided,New] https://launchpad.net/bugs/907952
<yakster> does anyone know why a bad line in stab will cause /home to not mount?
<ikonia> yakster: if the lines are wrong, they can't be used
<ikonia> it's that simple,
#ubuntu-server 2011-12-23
<yakster> heres the line //192.168.1.129/GoFlex\ Home\ Public/ /media/GoFlex cifs username=matthew,password=4546413,iocharset=utf8,file_mode=0777,dir_mode=0777 0 0  whats wrong with it
<Smaug> hey all
<Smaug> i am on ubuntu 8.04
<Smaug> it has OpenSSH 4.7
<Smaug> i want to use a newer version of OpenSSH.         how bad/okay an idea would it be to use a package intended for a later version?
<ikonia> very bad
<Smaug> ikonia: ok
<Smaug> how difficult is it to upgrade a server?
<Smaug> the wiki makes it seem easy, a single command.  surely there are things that can go wrong that i must be aware of?
<ikonia> things can go wrong, like if you have external software sources enabled, or software outside the package manager, however the guides covers it well
<ikonia> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<ikonia> time to go
<Smaug> i have to go, thanks for your help ikonia.  one more thing.   if i choose to upgrade, what process can I use to compile a list for myself of items to check to make sure that everything is running properly after an upgrade?
<Guest77618> can some one remote desktop me and help me do this? https://help.ubuntu.com/community/PXEInstallMultiDistro
<Smaug> if i choose to upgrade ubuntu, what thought process can I use to compile a list for myself of items to check to make sure that everything is running properly after an upgrade?
<qman__> not sure what you're asking, either your software works or it doesn't
<qman__> you would know best what needs to work
<dork> Smaug: make a tarball of your /etc dir and maybe an output of dpkg -l &> installedpackages.txt
<dork> or something
<dork> though like qman said
<dork> you typically know when stuff is broken
<dork> the tarball of /etc and the package output is just to help mitigate downtime
<qman__> yeah, backups are always a good idea
<qman__> but my point is, it's your server, you should know what services you need running on it, check those
<qman__> not much else to it
<Smaug> qman__: yeah okay
<Smaug> dork: qman__: thanks for the input
<dork> np
<twb> dork: if it's etckeeper just git clone the /etc repo to somewhere else :P
<twb> dpkg --get-selections for the package list
<dork> ah cool
<Smaug> qman__: i know what's running, but how do I know if I really know what's running? /paranoia, my server is 3 yrs old, btw
<qman__> well, if you don't know it's running, and you don't notice if it stops running, you must not need it that much
<dork> Smaug: check your processes, check services that are set to auto start at default level
<qman__> and in some cases it'd be better if it did stop running, one less attack vector
<Smaug> dork: thanks, will do.   qman__: a good point
<patdk-lap> heh, easy solution
<patdk-lap> turn it off
<patdk-lap> of no one bitchs after a week, scrap :)
<patdk-lap> really too soon though
<patdk-lap> if it's an accounting system, it could go a few months without them knowing it's gone
<patdk-lap> my accounting people are the worst
<dork> it'll be that one user who still uses their 5gb samba share for storing their 128k limewire mp3s
<patdk-lap> I still have to keep the 3 times legacy systems functioning, for when they need to access that old old old data
<dork> had to do that with ISPBilling for a few years but put a stop to it by just not dealing with it
<dork> that was a nightmare migration heh
<patdk-lap> dunno about you
<patdk-lap> but we have to keep records going back x years, for contracts, and goverment crap :(
<dork> what industry
<dork> ISP/Telco?
<patdk-lap> goverment contractor
<dork> ah
<patdk-lap> neither
<dork> yeah that didn't exist until recently in ISP land
<dork> now you have to retain dhcp records for certain retention lengths
<dork> that's new as of this year
<patdk-lap> what country?
<dork> US
<dork> which is a huge pain in the ass, and absolutely useless to anyone except the government
<patdk-lap> oh, that law only covers isp's
<dork> yep
<patdk-lap> probably why I do't know much about it :)
<dork> you're better off
<dork> best experience one could ask for in IT but at management level it can take years off your life
<patdk-lap> oh, that is the childporn crap law
<qman__> to top it off, it doesn't even do them any good, because an IP is not a person
<patdk-lap> qman, so far :(
<qman__> any lawyer worth his salt will shoot that down as evidence
<patdk-lap> and any of our elected crap will make it a law somehow
<dork> qman__: if your dhcp gets served up to the CPE equipment and not the customers router, it's easy to ID once they subpeana (sp) you
<dork> even if it is bount to a customers router/whatever they terminate with it's not that hard
<dork> macs don't change that often
<dork> it's just a bitch harvesting that much dhcp data for that long
<dork> so much nonsense for no reward for the carrier
<patdk-lap> heh, that law only and specifically says to hold dhcp only info?
<patdk-lap> how odd
<dork> no there's more to it, and specific criteria
<dork> i've been out of the ISP industry for 5 whole months now :P went into software dev
<dork> that shit was getting enacted as soon as i was leaving
<dork> yeah
<dork> the protect our children act
<patdk-lap> hmm
<patdk-lap> it's strictly to isp bandwidth providers
<patdk-lap> so guess webhosting and email is in the clear
<patdk-lap> I remember them attempting to require ftp logs for years
<patdk-lap> for the same purpose
<dork> we've never had to do that
<dork> s/we've/they
<patdk-lap> no, it didn't become law
<dork> oh attempting
<dork> sorry
<patdk-lap> I was worried, cause I was already doing 500gigs of ftp logs a day, compressed
<patdk-lap> new logging method is nice, but also inaccurate, can compress them much much better
<dork> yeah we just outputted syslog to remote traps for analyses and log-rolling
<dork> for all services
<dork> s/rolling/rotating/
<patdk-lap> hmm, logs are 350gigs now a day, without any compression
<patdk-lap> I should try turning the dup detection back on, but it's hightly cpu intensive
<patdk-lap> maybe I should adjust the dup detection to after the fact, so it can just run once a day to dedup
<pythonirc1011> we are looking to build a reliable email system with backup (at least as reliable as gmail). We want to run ubuntu-server. Any recommendations for hardware?
<dork> i like dell personally
<dork> or are you asking for hardware insight for your specific use
<pythonirc1011> dork: I'm more interested in building the whole system? I want at least 3-way reliability, with 3 systems as fall back...one after the other...and mirroring
<dork> what do you mean 3 way reliability
<dork> like 5 9's of availability?
<pythonirc1011> something like that
<pythonirc1011> at least as good as what google's gmail system has
<pythonirc1011> preferably better
<dork> i like dell poweredge, specifically the R410's with xeon 5600 gulftowns
<pythonirc1011> probably they run some form of linux on their email system
<dork> haha
<pythonirc1011> lets say i buy 3 of those...put them in 3 different locations...then how do i configure them so that one is a fallback compared to the other...and all 3 have up2date emails for all the users
<dork> go google drbd/heartbeat/ldirectord/pacemaker
<dork> might want to learn how to run LAMP stacks before you approach that though
<dork> not assuming you don't already but it sounded like you might need to start a few steps earlier
<pythonirc1011> dork: have you built an ha ever?
<pythonirc1011> thanks for the pointers
<qman__> FYI, google uses commodity hardware
<qman__> their redundancy is done in software
<twb> patdk-lap: are you still using FTP?  If so, *why*?
 * twb is an anti-FTP bigot
<qman__> the only reason I ever used FTP is that I was unaware that better things existed
<twb> pythonirc1011: HA is a huge PITA
<twb> pythonirc1011: unless you're a national- or multinational-size company I advise you not to bother
<pythonirc1011> twb: can i get a 2TB HA hard drive online to backup my emails for cheap?
<twb> pythonirc1011: I don' know; I don't approve of offshoring data storage
<twb> pythonirc1011: I suppose that's what amazon S2 is
<pythonirc1011> twb: then what choice do i have ? I have moving anything online...but i cant build a HA email system...
<twb> If you want DR for existing emails I advise you to buy half a dozen 2TB disks in external USB drives, and use them as rotatin backups, such that at least one is always offsite
 * ball uses FTP at work every day.
<qman__> many of the outfits I do work for use Windows SBS and the pop3 connector, they only get mail every 15 minutes
<pythonirc1011> twb: We need something automated...manual wont do
<twb> pythonirc1011: if you're on a stock business ADSL plan, your internet connection will go down more often than a normal, non-HA linux mailserver
<qman__> yeah, you don't need high availability to satisfy the needs of the 99%
<qman__> you just need an automated backup system
<pythonirc1011> twb: I'm on 100GBit network. this is for a college.
<qman__> which is not that hard to set up, get a couple boxes in different places on the net, and rsync
<twb> If you absolutely must have automated backups, then I recommend using rsnapshot to push incremental backups to a remoet host
<pythonirc1011> I want something where i have 3 machines...if one fails, i get an email--replace the machine...the other 2 are still working...
<twb> pythonirc1011: college as in where the students sleep, college as in the one university campus, or college as in one entire university (multiple campuses)?
<dork> HA is pretty simple
<dork> btw
<twb> How many users are we talking?
<pythonirc1011> just one building -- where internet is fast
<dork> not sure what twb's experience is but my HA stuff is flawless
<pythonirc1011> connectivity is not an issue..and our speeds are awesome.
<twb> dork: I've been having exciting fun with corosync and drbd lately, it's nontrivial
<pythonirc1011> 600 users
<pythonirc1011> dork: what did you use to build ha?
<qman__> that's way beyond the scope of anything there was at my college, we had 10MB mailboxes on a single sun server
<qman__> not even worth using, I just had it forwarded
<dork> pythonirc1011: heartbeat and ldirector for load balancing routing and balancing DBS and JBOSS app servers
<dork> ldirectord
<pythonirc1011> qman__: Exactly what we have now. Want to change
<twb> dork: I'm probably smaller time than you
<twb> dork: usually I am ~20 seats, a couple ~100
<dork> twb: we're a 15 man shop and i'm the only sys engineer, software company though so very small footprint for me to manage
<twb> Maybe you just are more tolerant of fugly bloated flaky code then ;-)
<pythonirc1011> I'm not sure we should actually try ha -- if it misfires...we have too many people complaining... :)
<twb> Yeah IME if you try to do HA you are more likely to make it worse than better unless you have some practice and are lucky
<dork> twb: i inherited it, i will say that i would rather throw up a few monster xen dom0's and rely on their availability options than have to deal with software clustering
<dork> but for routing it's sort of neutral
<pythonirc1011> so, is there an easy way to build a reliable email system
<twb> You can probably scale up to 600 users on a single grunty mailserver box with simple RAID1 (or 5, if you insist) array of 2TB disks
<qman__> yeah
<qman__> a standard mail server is very robust
<pythonirc1011> twb: its not one machine thats the problem -- its just that we want robust
<pythonirc1011> realible
<twb> As soon as you have >1 box you need to deal with giving them a consistent backend and so you have a SAN plus two/three mailservers plus two load balancing servers in front of them
<pythonirc1011> and at least 3 systems parallely running for fallback
<qman__> just get good hardware and good backups, you can be back up from catastrophic failure in a few minutes
<twb> The other thing we do which kinda sorta works is to have a second machine sitting there ready to go, with its disks synced from the active server nightly
<twb> So in theory if the main host goes tits up even an idiot NOC monkey can just go power it down, move the cables to the backup and reboot the backup off its HDD instead of the "i'm a backup" usb key
<pythonirc1011> all of this sounds like manual labor... I want something completely automated...which lets me sleep at night, when 2 machines die...and the power is down...
<twb> pythonirc1011: I can't give you that
<qman__> IME, not worth the effort setting it up in the first place
<dork> pythonirc1011: if you want automated hire a sys admin
<pythonirc1011> will exchange be better for this requirement? What do medium size companies use?
<twb> That's like asking for to have sex with a unicorn, or for secure single sign-on
<qman__> ten minutes of doing work when the stuff blows up is cheaper than weeks of developing and testing an automated system
<twb> pythonirc1011: large companies use exchange or domino IME and they are both a fucking pain
<twb> qman__: hear, hear
<dork> pythonirc1011: you either need a sys admin or you need an exchange box and a cheap consultant for emergencies imo
<qman__> exchange is enough of a nightmare on its own
<qman__> I'm with twb on the backup server regularly rsynced ready to go
<twb> I get the impression that apart from being plain stupid in some of its behaviour, exchange is one of Microsoft's more reliable products
<qman__> swap cables and reboot
<qman__> I've spent way too much time fixing broken exchange servers to agree with that
<twb> pythonirc1011: if you like i can even sell you the failover machine as a solution :-)
<twb> qman__: I'm only comparing it to other MS crap, not e.g. postfix
<dork> i've never ran an exchange box, but i've known a lot of stupid people who have
<qman__> though to be fair, I haven't done it on an enterprise level, where there's actually a dedicated box
<dork> s/people/consultants/
<pythonirc1011> so after 30 years - email is still an unsolved problem :)
<dork> pythonirc1011: not for IT people
<twb> I haven't had to deal with exchang, tho, only postfix/dovecot (good) and byari, scalix, sogo, zimbra (all fugly evil crap)
<qman__> but the absurd licensing costs, plus the tens of thousands in hardware is just too much for any customer I've worked with
<twb> pythonirc1011: the PROBLEM is users' sense of entitlement
<dork> courier-imap and exim are decent too
<twb> pythonirc1011: they should be GRATEFUL that their mail usually arrives the same day it was sent
<dork> but yeah dovecot/postfix
<pythonirc1011> twb: entitlement?
<twb> dork: I'm not a fan of either but I concede exim has a non-negligible user base ;-)
<qman__> exchange 2010 is supposed to run on a dedicated server with three raids, 11GB of RAM just for exchange, plus 100MB RAM per mailbox
<twb> What I hate is seeing boxes set up as postfix/dovecot using cyrus' sasl because it was calld "sasl-bin" :-//
<dork> wow
<pythonirc1011> twb: With a 100GBit internet switch in the building, they better be grateful if the email arrives in a second...not a day? :)
<twb> qman__: wow
<pythonirc1011> qman__: wow! 100MB RAM / mailbox! wth?
<qman__> those numbers straight from microsoft
<pythonirc1011> I guess they are hoping -- all exchange users -- please pay $5/year to MS :)
<qman__> it actually costs more than that
<twb> pythonirc1011: no they are thinking "we have a captive market of MAPI users"
<dork> i'm surprised they're not taking the google apps approach yet
<twb> Because all the FOSS-flavoured mail systems have proprietary MAPI plugins
<dork> or maybe they are? dunno
<twb> dork: OWA
<qman__> the only cost effective way to run exchange is with small business server where it's all included, and runs on one box
<dork> ahh
<twb> dork: it was actually pretty impressive when I saw it in 2003, looked exactly like outlook
<qman__> but even then it's a mess
<twb> qman__: does SBS have per-seat CALs?
<qman__> yes
<twb> They don't say something like "first five seats are free with the SBS" ?
<dork> oh it's old eh
<qman__> yeah, I think they include 10 these days
<twb> OK
<pythonirc1011> thanks for illuminating me with the pain of email systems :)
<qman__> but yeah, the whole reason anyone uses it at all is outlook
<qman__> and calendars
<ball> qman__: Ten seats would probably cover us. Not going to invest in Windows Server though.
<qman__> otherwise postfix / dovecot / roundcube would do the job
<dork> alpine!
<qman__> we still have some customers running nitix
<qman__> and by how well it works I'm surprised they're not still around
<qman__> must have priced themselves way out of proportion
<twb> ball: the cost of licensing isn't the licenses, it's enforcement
<twb> ball: like if you have 100 seats and 3 visio licenses and you shuffle the license to a different desk every few months, that hassle is where the cost is
<twb> Not that, say, Skilled Engineering did that...
<twb> qman__: I rolld out prayer instead of roundcube/squirrel (because I boycott PHP), and so far the users have been OK with it, for all it's simple
<twb> qman__: the main thing is to set it to "cambridge" theme instead of "default", so it looks like it's from 2001 instead of 1996
<qman__> heh
<dork> never heard of prayer but it's the most annoying thing i've searched for in a while
<twb> Oh and there's some weird problem with attachments when using ldap-backed apache reverse-proxy
<twb> dork: apt-cache show prayer | grep Homepad
<twb> dork: apt-cache show prayer | grep Homepage
<phosphene> haha, ditto dork
<dork> lol
<phosphene> I think I just signed myself up for 10 prayer-a-day emails
<dork> haha
<twb> Kids these days...
<ball> I find myself wondering whether Ubuntu Server would do the job. Admin costs might be steep though.
<twb> ball: if you're going to babysit a box you need to understand it
<twb> ball: that applies to all OSs
<twb> ball: either learn, deploy something else, or hire a babysitter
<qman__> windows always requires more work, it's just cheaper to hire people who know it
<twb> Right
<qman__> you can trust me on that one, I'm an MCSA
<qman__> and I manage more exchange/AD environments than I know what to do with
<dork> slacker
<twb> A clueful sysadmin is expense, for either, but a clueful unix sysadmin can babysit 10 times the boxes a clueful windows sysadmin can
<twb> It's just that a clueless MCSA is dirt cheap, highly available and can get it right just enough you won't sack him
<qman__> yeah
<qman__> a windows server is nearly a full time job
<twb> I babysit some prisons
<dork> Braindump
<qman__> a well set unixy server barely requires yearly maintenance
<dork> or whatever the site is called
<twb> They used to run Windows on prisoner desktops
<qman__> example above, the customers running nitix
<dork> where people go in to memorize microsoft test questions
<twb> They had a *full time* guy whose whole job was to take apart a prisoner desktop, search for contraband, then reflash it with windows
<qman__> never have to do anything for them
<twb> He only managed about 1.75 machines per day
<qman__> windows servers though, I'm constantly on them fixing things
<twb> qman__: yeah that's why I get called in to unfuck unix systems that are running FC3 or etch or whatever
<twb> qman__: because they were deployed 10 years ago and worked ever since
<ball> qman__: I have two jobs. For one I help babysit hundreds of Windows servers. For the other we have one little BSD box.
<ball> The smaller site is a non-profit.
<twb> ball: you use puppet or something for them?
<qman__> the last time I had to do anything for a nitix using customer, they had saved like 30GB of junk on their desktop, so their computer was taking forever to log on
<qman__> trying to sync 30GB over 10/100
<twb> and pst files are pathological to rsync, and you can't tell outlook not to make any
<ball> twb: What is "puppet"?
<twb> configuration management
<ball> Never heard of it.
<twb> Have you heard of cfengine
<ball> twb: No.
<twb> Wow
<twb> You babysit 100s of windows boxen and you haven't heard of configuration management.  You poor bastard.
<qman__> I only handle a few dozen, and they're all for different customers, in different environments
<qman__> so such a system is impractical
<qman__> but yeah, most of my job is fixing SBS when it breaks itself
<qman__> pop3 connectors backing up, SQL databases growing enormous and choking
<ball> twb: The admins use something to push out updates to the servers but I don't remember what it's called.  Not something I mess with.
<qman__> WSUS, what a mess that is when it breaks
<ball> I think it's a third-party thing.
<ball> Might begin with S.
<twb> qman__: that rings a bell
<qman__> I spent the better part of a week trying to fix (read: remove and reinstall) WSUS on a customer's server
<qman__> it's just cryptic error after cryptic error
<twb> Just stealth-deploy lucid
<qman__> I got it working, but the reporting still doesn't work
<qman__> and, straight from microsoft, only way to fix that is format and reinstall
<ball> So I'd like to find a Linux that can serve up some file space (to a few Windows desktops) and perhaps support LTSP for a thin-client trial.
<twb> quotmstr over on #emacs works for MS in their nomadic "find broken crap and fix it" team
<twb> He has some awesome rants as he's wading through the code
<ball> ...if it can host email too, that's a win but if not then I may just pay Google US$ 50/user/year
<qman__> LTSP is not so easy
<qman__> but the rest of that is
<qman__> samba, postfix
<twb> Like instead of syslog everything emits binary log data that can only be turned into text by the app that generated the data
<qman__> LTSP is one of those things best left on a box by itself solely for that purpose
<qman__> because it's big and complicated
<twb> Last time I looked at LTSP is was turnkey
<twb> Provided you let it take control of the network, that is
<qman__> it is
<qman__> but only in its own context
<twb> Like if you have your own DHCP server already then you need to deal with that
<qman__> making that box do more things or changing it to suit your needs is not so easy
<qman__> doable, just takes some effort
<twb> eh; I rolled my own solution before LTSP existed, back when knoppix was the only live CD
<twb> And I've been working on that ever since, so LTSP looks straightforwad to me :-)
<twb> My stuff has way more rice, tho
<qman__> still going to recommend you do it with two servers though
<qman__> one for LTSP, one for the mail and file shares
<qman__> just keeps things simpler, and helps performance wise
<ball> twb: I'd let it control the network that the terminals live on.
<ball> ...but not the one that's connected to the Internet
<twb> Fair enough
<twb> LTSP5+ you can just tell it to boot off network and run locally, as opposed to netbooting an XDMCP client
<twb> In that case you don't need a beefy ltsp server, it's basically just a NAS
<qman__> nice
<qman__> I haven't used it that new
<twb> That's how we do it in prisons (only not LTSP)
<twb> The nearest windows equivalent requires you to have disk for each desktop stored on the SMB server
<twb> So for example if you have a 2GB rootfs image you would need 2GB Ã no desktops on the server
<qman__> we've got one customer that uses microsoft terminal services
<qman__> five users
<twb> TS is thin client, that's different
<qman__> and it works pretty well except for the licensing mess
<twb> I meant the boot-and-forget approach
<qman__> they can't install their version of office because that's not licensed for it
<qman__> yeah
<twb> We have a TS server here just to run bloody quickbooks
<twb> stupid ato
<twb> The amount of hassle I had getting vmware server 1.x VMs for TS2k3, XP and 98 ports over to a modern system...
<qman__> quickbooks is another racket, they want you to upgrade every year for software that really doesn't improve at all
<qman__> my dad still uses quickbooks 99, because it does everything that's needed
<twb> That's because the lawyer mill changes the laws every year
<qman__> runs in windows 7 64-bit, too
<twb> I would LIKE to use thingo instead, the gtk on, but apparently that "won't work with the ATO"
<ball> What software could I use to manage Samba and Postfix?
<twb> ball: vi
 * ball chuckles
<qman__> yeah, I don't know what you mean by manage
<qman__> configure and forget
<ball> qman__: Well I configured our existing Samba instance with some help and because it's been "hands off" for years I wasn't able to replicate the configuration on another server when I tried.
<ball> ...I have a book on Samba but it's about three inches thick and probably quite out of date.
<qman__>  copy and paste smb.conf
<twb> yeah exactly
<twb> smb.conf isn't exactly rocket science
<qman__> only time it gets even a little bit complicated is with authentication
<twb> fucking machine accounts
<qman__> but that's more on your LDAP/NT server
<ball> It may have just been down to the underlying OS then.
<twb> As if I'm giving smbldaptools rootbindpw to ldap
<ball> I could try again with a Linux box.
<twb> haha, you were running samba on QNX?
<ball> NetBSD
<qman__> well, there's your problem
<twb> heh
<qman__> netBSD isn't meant to be used by people
 * ball nods
<twb> qman__: come on, just because you live in your mom's basement and strain soup through your beard doesn't mean you aren't a person
<ball> It used to be pretty solid.
<qman__> not that there's anything wrong with it in terms of performing a service
<twb> BSD can FOAD, I'm not prefixing everything with /usr/gnu/bin to get useful userland tools
<qman__> it's just so far down the minimalism line, it's nearly impossible to use
<qman__> you have to be the type who knows the system like the back of your hand to do anything with it
<ball> I've lived in NetBSD for so many years that I'm fairly comfortable with it.
<ball> ...but I don't have the time or energy to learn Samba and Postfix to the same extent.
<twb> postfix is way easier than samba
<twb> postfix you would have to bite of your own hands to have trouble with
<ball> ...and I honestly think NetBSD is why Samba didn't work last time I tried it.
<ball> brb
<twb> I'm bored, just not quite bored enough to work on this stupid fw
<twb> too hot to cycle home
<qman__> yeah, postfix is pretty simple even without a nice preconfigured package
<qman__> I've set it up on freeBSD and sun from source before
<ball> I set up a mail server experimentally once... just the once.
<ball> It worked.
<twb> Except it was an open relay
<ball> twb: No, it wasn't.
<ball> Well, I should probably sleep on it and phone the boss in the morning if he's around.
<Tm_T> morning
<uvirtbot> New bug: #908038 in postfix (main) "package postfix 2.7.0-1ubuntu0.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/908038
<zastaph> if I want to install ubuntu for kvm, should I install 10.04 LTS as Normal or minimal system (for virtual machine) ?
<uvirtbot> New bug: #908112 in ipmitool (universe) "#110992 still happens (modules are not loaded)" [Undecided,New] https://launchpad.net/bugs/908112
<_ruben> zastaph: depends on your goal(s)
<zastaph> to virtualize 3 ubuntu servers on a hp microserver
<_ruben> the vm part doesn't really matter here
<uvirtbot> New bug: #908114 in samba (main) "upgrading from 11.04 to 11.10" [Undecided,New] https://launchpad.net/bugs/908114
<zastaph> what matters
<overrider> So strange - i want to setup pptpd, and have remotetip 192.168.30.1-100 as a line in my pptpd.conf. Trouble is, when i connect to that pptpd server, it gives me an ip of 192.168.1.1 instead of 30.1 . Any clues?
<uvirtbot> New bug: #908154 in php5 (main) "PHP session garbage collection measured in minutes instead of seconds" [Undecided,New] https://launchpad.net/bugs/908154
<gondoi> anyone here have experience with creating a repo for their own custom packages?
<gondoi> aka not wanting to mirror, create a new unique repo
<adam_g> gondoi: yeah, use reprepro
<gondoi> not apt-ftparchive?
<adam_g> gondoi: i think reprepro uses apt-ftparchive to update the repository.
<adam_g> theres a number of good howtos on reprepro out there. i was working on a juju charm that deploys reprepo + buildd to the cloud for a personal, private PPA + builder. maybe ill get it working over the holiday
<gondoi> adam_g: i'll dig into that then
<gondoi> thanks
<sweb> is there any solution for bind file creator ?
<StevenR> sweb: what do you want to do? Write named.conf file?
<sweb> StevenR: yeah i'm newbie on bind and dns. any standrad script can help me. is there any one /
<sweb> ?
<StevenR> sweb: I would just start with the basics and there's some good examples online. It's pretty well documented
<sweb> StevenR: where ? on ubuntu wiki ?
<StevenR> possibly. google knows more. I'm afraid I don't have any examples
<dork> sweb: you should really be creating them by hand so you understand the structure of a zone and config file, bind comes with tools that allows you to check the sanity of you config and zone files so you can start out with a skeleton, make your records, run named-checkzone domain.tld zone.file and it'll tell you if it's syntaxually 'good' or not
<dork> 'newbies' shouldn't be running name servers
<sweb> dork:ty, i want to starnt learning
<sweb> start*
<dork> cool
<dork> it's pretty easy
<sweb>  dork, syntax of db file is so different
<dork> just focus on basic named.conf and a basic zone file, start with one domain, learn how serials and ttl's work, start with basic records like A and C-NAMEs
<dork> sweb: the records are pretty simple, the metadata, the other stuff is a little more complicated but there's plenty of well written documentation
<sweb> dork: i see somthing about security. it's interest bind have a security sides
<dork> yes of course
<dork> DNS is easily exploitable because of newbies running dns servers with bad configurations
<sweb> dork: it better to use public domain name service like opendns ? for security ?
<dork> if you are unwilling to learn bind and dns then yes, you and everyone else will benefit from it
<sweb> i'm expert on PHP and Zend Framework. I'm nerd but time is a major problem :(
<dork> if you can read the horse dung that is called PHP you can read and interpret a zone file
<dork> :P
<xubuntu> hey
<zastaph> where is authorized_keys stored when installing openSSH during the software selection screen during ubuntu install? if I manually install openSSH after then its in ~/.ssh
<xubuntu> no idea i wish i could help
<xubuntu> are you good with ssh?
<xubuntu> i need some help
<RoyK> zastaph: there isn't an authorized_keys file by default
<xubuntu> has to be created?
<RoyK> zastaph: create it under $HOME/.ssh
<zastaph> ok, but where should I put it? I put it in my ownmade ~/.ssh like i usually do but putty wont connect
<RoyK> zastaph: you may want to chmod -R go-rwx $HOME/.ssh
<xubuntu> you could just re install ssh now
<RoyK> xubuntu: ??
 * RoyK installs win95 on xubuntu's machine
<xubuntu> lol
<xubuntu> thanks?
<zastaph> RoyK, that rings a bell.. i think I saved the solution for that ;)
<xubuntu> but i want windows ME
 * RoyK slaps xubuntu around
<xubuntu> sudo apt-get purge ssh and then re install it sudo apt-get install ssh idk if that helps you at all
<RoyK> xubuntu: stop it
<xubuntu> what am i doing?
<RoyK> xubuntu: reinstalling stuff isn't a good idea unless you're a true windoze idiot and beleives restarting your car may fix the engine
<xubuntu> ooh haha i guess i'm a noob lol i'm sorry thanks for the heads up
<zastaph> ah yes here is the solution http://www.openssh.org/faq.html#3.14
<RoyK> you don't just reinstall a package - you fix the problem. in quite a few cases, reinstalling the package won't help at all
<xubuntu> makes sense
<RoyK> zastaph: in the faq ;)
<xubuntu> RoyK i have a question about tunneling and SSH
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<xubuntu> !ask how do i tunnel port 563 with putty it doesn't seem to work when i set source port to 563 still seems to use port 563 from my local machine not my ssh server thanks for any help
<ubottu> xubuntu: I am only a bot, please don't think I'm intelligent :)
<EvilResistance> xubuntu:  dont use !ask to ask the question
<RoyK> xubuntu: that seems to be a putty question to me, and last I checked, putty doesn't run on linux :P
<EvilResistance> RoyK:  actually...
<EvilResistance> it does... :P
<EvilResistance> but its designed to run from Windows
 * RoyK was waiting for that
<RoyK> EvilResistance: STILL! most people DON'T use putty on linux
<xubuntu> true!
<EvilResistance> RoyK:  not disputing that ;P
<RoyK> for good reason....
<xubuntu> lol
<xubuntu> i can see why now
<xubuntu> anyone know i could tunnel that port 563 to my ssh server?
<RoyK> what do you meant tunnel to your ssh server?
<EvilResistance> define "tunnel that port" to your ssh  server
<EvilResistance> you mean have 563 direct itself to your SSH server as an SSH listening port?
<EvilResistance> if so, are you on a NAT?
<EvilResistance> ;P
 * RoyK wonders if xubuntu knows at all
<xubuntu> yes i think that's what i mean i'm a newb and no NAT
<xubuntu> well I guess I do have a NAT
<xubuntu> sorry
<EvilResistance> xubuntu:  are you behind a router on a home network or something?
<EvilResistance> RoyK:  that's how you find out ^
<xubuntu> yes I am on a home router but I am only trying to do it from comp to comp on my home network just to test it out
<RoyK> EvilResistance: sometimes I'm not really in the mood of digging that deep to try to find out what people are asking for, before even trying to answer their questions
<EvilResistance> :P
<EvilResistance> xubuntu:  you'd need to modify the sshd_config file
<EvilResistance> and add a listener on port 563
<EvilResistance> RoyK:  'tis a habit i picked up as a server technician ;P
<xubuntu> i wouldn't add the listener via putty?
<EvilResistance> xubuntu:  you'll need to open /etc/ssh/sshd_config via sudo on the ssh server machine, and either change 'listen 22' to 'listen 563', or add a listen line after 'listen 22' saying 'listen 563'
<EvilResistance> no, PuTTY is just the client, not the server
<EvilResistance> you have to tell the SSH server to listen on the given port
<EvilResistance> if you want to forward 563 to port 22 within that box, it can be done, but its not something i recommend
<EvilResistance> esp. if its only within your internal network
<xubuntu> ahh i see i'm not trying to change 22 to 563 i'm trying to have my usenet on the comp i'm on now use the proxy of my ssh via port 563 if that makes any sense?
<RoyK> EvilResistance: I know the habit, but I have found the off switch
<EvilResistance> xubuntu:  now i dont follow you
<EvilResistance> perhaps RoyK will
<RoyK> xubuntu: I don't think it makes much sense, no :P
<RoyK> xubuntu: please explain exactly what you're trying to do
<xubuntu> ok this is hard to explain since i'm a newb i have sabnzbd+ installed on my computer i want to be able to have it used my ssh server as a proxy via ssl port 563
<SpamapS> xubuntu: what is sabnzbd+ ?
<xubuntu> usenet program
<SpamapS> xubuntu: so you want to tunnel NNTP via SSH so that it looks like you are connecting via the remote server's address?
<xubuntu> exactly!
<xubuntu> i knew there was a better way to explain it then what i was saying, thanks
<xubuntu> is it even possible?
<RoyK> so something like ssh -L 10563:nntphost:536 localhost
<xubuntu> 10563?
<kschap> Is there a distro that'll run on a 32-bit computer?
<RoyK> that'll make ssh listen to 10563/tcp and connect to nntphost port 536
<RoyK> kschap: yeah, things like ubuntu runs on 32bit machines too ;)
<kschap> Server RoyK?
<RoyK> xubuntu: just avoiding port 536 since it's <1024 and ports <1024 are reserved for root
<RoyK> kschap: yes
<EvilResistance> kschap:  you can download 32bit server if you want
<EvilResistance> i think it exists....
<EvilResistance> *checks*
<kschap> Really?
<RoyK> it certainly does
<kschap> Did not know that.
 * RoyK has several 32bit servers around
<EvilResistance> yep its available
<kschap> It's on the main Ubuntu website?
<EvilResistance> kschap:  yes
<EvilResistance> kschap:
<EvilResistance> http://www.ubuntu.com/download/server/download
<EvilResistance> whoops forgot that link ;P
<kschap> Cool thanks!
<xubuntu> oooh maybe that is why it is not working i can't use 563 since it's reserved for root thanks! i'll try that
<EvilResistance> kschap:  just choose "32-bit" when you choose the architecture
<kschap> OK
<kschap> Thanks!
 * RoyK just setup a pandaboard with ubuntu :D
<xubuntu> and what does nntphost do?
<RoyK> xubuntu: that's your nntp server
 * pmatulis got a pandaboard but neglected to get a power supply for it
<RoyK> pmatulis: any 5V thing will do
<RoyK> or most
<xubuntu> RoyK thank you
<pmatulis> RoyK: yeah, i don't like taking chances with voltage, ordered a proper p/s
<RoyK> xubuntu: man ssh and read about the flags -n -f and -N...
<RoyK> pmatulis: 5V is 5V :Ã¾
<RoyK> xubuntu: I've added -o ExitOnForwardFailure yes -o ServerAliveInterval 5 -o ServerAliveCountMax 3 to my tunnels
<RoyK> pmatulis: normal pandaboad or ES?
<xubuntu> thanks again! will definitely try it out
<RoyK> pmatulis: btw, most of those SD cards are SLOOOOOW
<Kumar> Hi every one
<Kumar> i need some help
<RoyK> running off a sandisk 32GB card here that's supposed to give me 20MB/s, but can't get >10MB/s, which is rather on the low side....
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Kumar> I am had installed Ubuntu Server 11.10. I wanted to know if there is a way to install the GUI
<RoyK> kschap: apt-get install ubuntu-desktop
<kschap> What's that?
<RoyK> erj
<RoyK> erm...
<RoyK> Kumar: apt-get install ubuntu-desktop
<RoyK> kschap: never mind :P
<Kumar> Thank q so much
<kschap> Oh OK.
<Kumar> :-)
<xubuntu> RoyK is nntphost:563 a command for ssh?
<_Neytiri_> I am having a issue with my system, my old install of 10.4 crashed on me and when i reinstalled i  my raid array didnt come back online, i copied the fstab file and rebooted and still no luck, all my drives came back but my raided drives, it was a software raid consisting of 2 phisical 2 tb disks, 3 drives created off of them 1 4gb driv (raid 0) and 2 998 gig drives (raid 1).  Under the
<_Neytiri_> Disk utility (yes i installed a gui) i try to start the raid and get the error: not enough componunts to start the raid array
<wmp> hello, how to disable this logs: TCP: Peer 62.20.205.29:55814/51753 unexpectedly shrunk window 429997799:429999424 (repaired)
<yann2> hello! I know there has been quite an issue with sun's java lately - but I'm getting it as proposed for removal on my ubuntu 10.10 servers? Is that normal?
<arrrghhh> hello.  has anyone setup a PXE provisioning server before?  it seems this is possible, i'd like to be able to send linux and windows images over the network.
<arrrghhh> i've done linux images over PXE before, but i'm struggling sending windows images.  i found a few guides, but i quickly get lost.  anyone done this before?
<EvilResistance> arrrghhh:  ##windows might be more useful for your windows needs
<EvilResistance> or ##windows-server
<arrrghhh> EvilResistance, well the problem is i want the provisioning server to be linux...
<EvilResistance> ah
<EvilResistance> nevermind then :P
<arrrghhh> i already have a linux server, so this *should* be simple.
<arrrghhh> https://help.ubuntu.com/community/PXEInstallMultiDistro
<arrrghhh> that seems freakin awesome
<arrrghhh> i just don't know how to fit win7 or even xp into that...
<Lcawte> Hi, I've finally got into my server install, but I have to go through another disks grub... I have to go into commadn line and set the configfile to the server disk, any reason why its not working from the server disk?
<Lcawte> And how I can fix it?
<arrrghhh> so GRUB is on the wrong hdd...?
<arrrghhh> is that the problem?
<Lcawte> no... I have a copy on both hard drives (with different config files), but only one of them will load after post, disk a (a desktop) requires me to go into command line and reset configfile to get into disk b's grub. Disk b doesn't let me into its own grub when I boot up...
<arrrghhh> why not just set your BIOS to boot from disk b instead of disk a?
<Lcawte> I do, but it won't let me boot into disk b's grub even when I do that
<arrrghhh> i'm confused...
<arrrghhh> disk b is where server is installed
<Lcawte> yes
<arrrghhh> but disk b's grub is completely not functional?
<Lcawte> I can not boot into the grub on disk b, unless I have disk a set in bios at the bootable device and I boot through its command line
<arrrghhh> so grub works on disk b, assuming you don't boot from disk b
<arrrghhh> that makes no sense
<arrrghhh> have you tried re-installing grub on disk b?
<arrrghhh> you'll have to do it from a live environment, or when booted into disk a.
<Lcawte> hmm, ok, I'll try that
<Lcawte> "/usr/sbin/grub-setup: warn: Sector 32 is already in use by FlexNet; avoiding it. This software may cause boot or other problems in future. Please ask its author not to store data in the boot track."
<Lcawte> Hmm, what the?
<arrrghhh> never heard of that before
<arrrghhh> FlexNet...?
<Lcawte> Yeah, me neither
<arrrghhh> http://askubuntu.com/questions/31289/dual-booting-on-separate-hard-drives
<Lcawte> Yeah, I just found that... so, I read something about if grub wasn't there, it'd boot to the partition makrked as "boot" partition
<zastaph> is the CAP_NET_ADMIN capability still required to do KVM in Ubuntu lucid? https://help.ubuntu.com/community/KVM/Networking
#ubuntu-server 2011-12-24
<Lcawte> oohhh mmyy... god.... this guide is absolutly amazing, fixed my problem so easily!
<Lcawte> http://ubuntuforums.org/showthread.php?t=1661254
<Lcawte> arrrghhh: cheers for your help :D
<xubuntu925> any way of waking a sleeping computer via ssh? or some sort of remote way?
<dork> 'wake'
<dork> define wake
<xubuntu925> come back on from sleeping
<dork> obviously
<xubuntu925> i guess wake on lan might do it
<dork> you meen suspension
<dork> yeah
<xubuntu925> but that doesn't work with WIFI RIght?
<dork> i'd do wake on lan
<dork> uhm
<dork> no
<dork> it's bios level so no
<xubuntu925> thanks again!
<dork> it needs to feel the powah
<dork> np
<xubuntu925> makes sense
<xubuntu925> and great spelling :P
<dork> :P
<arrrghhh> ok, that's exactly what i want.  but i can't seem to find directions that apply to win7...
<arrrghhh> https://help.ubuntu.com/community/PXEInstallMultiDistro <--- is freakin clutch
<arrrghhh> at the bottom it says you can boot windows, and you should look here http://oss.netfarm.it/guides/ris-linux.php
<arrrghhh> which seems to cover win2k, 2k3 and xp... :(
<arrrghhh> maybe i'll try to modify it to work with 7
<arrrghhh> if anyone has attempted such things, i'm all ears :D
<arrrghhh> er... eyes?
<uvirtbot> New bug: #908303 in samba (main) "smbd: vfs_shadow_copy2 module fails without "wide links = yes"" [Undecided,New] https://launchpad.net/bugs/908303
<Lcawte> Hi, I got my server working after fixing FluxNet stuff, then I unplugged the monitor and when I rebooted it, it won't load into a grub on any of my disks, what happened?
<Lcawte> oh, wait, no, I acidently unplugged the disk while the machine was still on to put it back together (screw the drives back into the bays in the case) and now it won't boot into grub
<rurufufuss> any recommendations for an ircd for ubuntu?
<pmatulis> Lcawte|Away: re-install grub i guess
<arrrghhh> Rurufufuss, I like znc
<attilio> ciao
<attilio> hello
<attilio> list
<jmt> hello
<RoyK>  
<jmt> hello one file server  as  a smbldap client
<jmt> hello  any  one using file server as a  smbldap client
<jmt> no one saying hello..
<orated> I've noip2 installed for DDNS wherein while configuring it, it asks whether I want to disable NAT to detect external IP of this computer.. How enabling/disabling it can affect noip2?
<orated> Or how does disabling NAT affects in general?
<jmt> iptables -F -t nat
<jmt> i think  you are using iptables.
<jmt> right?
<jmt> orated...ru thr?
<orated> yes
<orated> one moment
<jmt> no probs..
<orated> jmt:  iptables -F -t nat gives FATAL error
<jmt> which os ur using?
<orated> Ubuntu 11.10
<jmt> it should work
<orated> -F -t flushes nat table?
<jmt> yea
<orated> How does that help?
<orated> Could you explain me how disabling NAT helps in general ..
<orated> It says - Error inserting ip_tables (/lib/modules/3.0.0-14-generic/kernel/net/ipv4/netfilter/ip_tables.ko)
<jmt> hello orated
<RoyK> jmt: he left
<RoyK> jmt: and btw, -F will only flush the rules of a chain in memory, it won't affect anything after a reboot
<airtonix> jmt: so how does disabling NAT assist a ddclient determine the WAN address of your internet connection :>
<arrrghhh> hey all.  anyone setup a pxe imaging server capable of provisioning win as well as lin machine?
<arrrghhh> s*
<arrrghhh> the linux provisioning part seems simple.  i've done it before, just never setup a menu to control it - i think i can get that part handled.
<Resistance> anyone here able to assist me in configuring apcupsd on my server?
<arrrghhh> i've got that running on my server, what do you need
<Resistance> the wiki page just sits on a "Transferring data from wiki.u.c" page
<Resistance> arrrghhh:  the info about configuring it
<arrrghhh> oh...
<Resistance> the wiki page just never loads (probly a net issue on my end)
<arrrghhh> i can peek at my config file
<arrrghhh> let me see
<Resistance> ah there it is
<Resistance> *kicks the evil gateway box*
<Resistance> stupid flow control
<arrrghhh> http://www.apcupsd.org/manual/manual.html
<arrrghhh> i was going to say, loads fine for me :P
<Resistance> :P
<Resistance> i put a GUI on a server installation here at my home net, and everything's hooked up to an apc Back-UPS RS-700 USP so...
<Resistance> i figure, "Rather than dealing with potential explosion of the ext4 journal on unsafe power loss, why not hook up the UPS and use it to determine when to power down :P
<arrrghhh> yup
<arrrghhh> i have the same setup, minus the GUI
<arrrghhh> not sure what model UPS either, but it works great
<Resistance> yeah, i put on the GUI very recently ;P
<arrrghhh> i have it connected via USB
<arrrghhh> and it shuts down the server properly every time.
<Resistance> yeah same here, a USB cable
<Resistance> normally power outages here are very brief...
<arrrghhh> ditto
<Resistance> so the UPS isnt taxed very long
<Resistance> but when a severe power outage occurs...
<Resistance> well...
<Resistance> :P:
<arrrghhh> had i think 2 this year that the UPS actually had to shut the server down
<Resistance> :P *
<arrrghhh> it's fun being online with no power tho.
<Resistance> yeah well i never bothered to configure apcupsd ;P
<Resistance> heh
<Resistance> that is true
<Resistance> i have a similar setup :P
<arrrghhh> nice
<Resistance> cept the server box is actually the gateway to the internet... :P
<arrrghhh> ah, i just have a router that's also on the UPS.
<Resistance> (I basically sent all the Verizon fios router traffic to the gateway box
<Resistance> and let it handle things ;P
<arrrghhh> i think i get like 20 minutes with the cable modem, router and server.  if i power down the server that doubles to 40.
<Resistance> anyways back to config
<arrrghhh> np
<arrrghhh> enjoy
<Resistance> without the server, there is up to 70 minutes of power available :P
<Resistance> with the server, 35ish
<arrrghhh> ugh.  i can't believe i'm still stuck on this step.  do you know where dhcp3-server logs to?
<Resistance> arrrghhh:  unfortunately, no... but if you could give me a quick peek at said config file, i'm missing tons of "examples" and "documentation" that the wiki page should be in the conf file :/
<arrrghhh> oh my apcupsd config file?
<arrrghhh> it's pretty default IIRC
<arrrghhh> Resistance, http://pastebin.com/UmNLRGmL
<Resistance> thanks
<arrrghhh> np
<arrrghhh> how the...
<arrrghhh> brb
<Resistance> huh interesting...
<Resistance> when i installed it didnt give me sample data :/
<Resistance> but now its configured and seems to be working :P
<arrrghhh> cool
<arrrghhh> i solved my problem too
<arrrghhh> oy..
<Resistance> arrrghhh:  i changed some arguments on my end, but now its configured, and apcaccess is showing all the info too :P
<Resistance> i did up the query rate though...
<Resistance> namely because i dont want it checking every minute ;P
<Resistance> (every 30 seconds works xD)
<arrrghhh> nice
<arrrghhh> ugh, now dns isn't working :(
<arrrghhh> there we go.  this is going to take a while if i get hung up on every step like this lol
<arrrghhh> anyone setup a PXE server to install windows and linux?
<arrrghhh> seems XP might be easier to tackle at first, but i'd like to setup the pxe server to be able to install anything really.
<patdk-lap> linux is easy
<patdk-lap> doing windows seems to require 3rd party software, and I never bothered
<patdk-lap> but for and debian/ubuntu just use the netboot files, it's all there
<arrrghhh> patdk-lap, yea, i think i can do the lin part easily
<arrrghhh> i have in the past
<arrrghhh> patdk-lap, and it doesn't "require" said third-party software... but it seems to make the whole process a lot easier.
<arrrghhh> not that the process is easy in the first place
<arrrghhh> i'm trying to wade my way thru this guide
<arrrghhh> http://www.ultimatedeployment.org/win7pxelinux1.html
<raubvogel> Isn't there a way to say some accounts can ssh into a machine but only run one specific command?
<raubvogel> I think that is doable using key pairs, but how about in ldap?
<Lcawte> Hmmm, so I had my server all fixed yesterday, and was putting it back together (hdds were hanging out of their case) when some cables came out, then when I plugged it back in and did the case up, I couldn't boot into any grub installs
<Lcawte> Grub is there, and they all launch on other machines, I've even tried grub-install on both drives with no problems
<Lcawte> Shift shows GRUB loading then nothing else, whats going on?
<Lcawte> Nobody?
<Sporty> type /server -m irc.anabolnet.org we are searching for irc operators and helpers to make the network bigger.
<Resistance> um...
<Resistance> someone want to explain why i consider that spam?
<virusuy> howdy and merry xmas everyone !
#ubuntu-server 2011-12-25
<arrrghhh> probably the worst time to ask for help, but does anyone have experience troubleshooting TFTP issues?
<twb> Yes; what is your real question.
<twb> Hint: use curl -v as your client
<arrrghhh> sorry i didn't ask a real question
<arrrghhh> curl -v...
<arrrghhh> i'm using tftpd-hpa
<arrrghhh> and it refuses to start
<arrrghhh> i could only find an entry in /var/log/daemon.log
<twb> Does it say why?
<arrrghhh> said "init: tftpd-hpa main process terminated with status 2
<twb> OK so it's an upstart job
<twb> upstart throws away stderr so you can't see why it died
<arrrghhh> but if i try to start it again, it is convinced it's running
<arrrghhh> i can't figure out how to start it manually either...
<arrrghhh> i would assume there's a way to start it manually
<twb> Sure, read /etc/init/tftp-hpa.conf
<twb> Also pastebin it so I don't have to look it up
<arrrghhh> that conf file?
<twb> btw IME it is MUCH easier to roll out dnsmasq than dhcpd+bind+tftpd
<twb> arrrghhh: yes, pastebin /etc/init/tftpd-hpa.conf or whatever it's called
<arrrghhh> yea, it seems dnsmasq would be easier
<arrrghhh> perhaps i should go with it
<arrrghhh> i don't really care, i just need dhcp + tftp
<twb> Then definitely dnsmasq is easier
<arrrghhh> ok i'll start over with that
<arrrghhh> lol i think i figured out the problem.  oh well, if dnsmasq makes my life easier i'll go with it.
<twb> http://paste.debian.net/150122/ is my dnsmasq.conf; the tftp options are near the middle
<twb> Mine is pretty riced-up, you can skip most of it
<twb> The CNAMEs are in there instead of /etc/hosts because they're for servers with dynamic IPs
<arrrghhh> twb, so any tips on why dhcp isn't working now....?
<arrrghhh> not even sure what to troubleshoot, since it's all in one package
<arrrghhh> twb, sorry if i missed your response, networking issues lol
<twb> arrrghhh: is dnsmasq running?  Did you tell dnsmasq to serve DHCP?
<arrrghhh> yes and yes
<twb> IIRC the default config file only serves DNS
<arrrghhh> dhcp-range=192.168.0.200,192.168.0.250,255.255.255.0,12h
<arrrghhh> in dnsmasq.conf
<twb> OK run dhclient -v and see what reponse you get, if any
<arrrghhh> and ps -A |grep dns shows it running
<arrrghhh> ok
<twb> As ss or netstat if bootps is bound by dnsmasq
<twb> Read the logs
<twb> You know, all the usual debugging things
<arrrghhh> well i've never troubleshot dnsmasq before
<twb> Those are standard things to debug any network service
<arrrghhh> dhclient -v has some output, but didn't really show anything helpful
<arrrghhh> sorry, still learning how to debug network services.
<arrrghhh> is 53 dhcp?
<arrrghhh> i can't remember.  i know udp 69 is tftp, which it is listening on
<arrrghhh> also, what logs.  i don't see a log for dnsmasq
<arrrghhh> daemon.log has this
<arrrghhh> "Dec 24 21:42:25 nas dnsmasq-dhcp[7114]: DHCP, IP range 192.168.0.200 -- 192.168.0.250, lease time 12h"
<arrrghhh> so it looks like it's running a dhcp server  wth.
<twb> getent services bootps
<twb> You might need to tell dnsmasq to syslog
<arrrghhh> bootps                67/tcp
<arrrghhh> is what that getent cmd returned
<twb> Right, so that's the DHCP server port (except it's UDP, I think)
<arrrghhh> tftp is udp
<arrrghhh> i think dhcp is tcp
<twb> BOOTP was an earlier standard that became DHCP
<arrrghhh> either way, it appears to be running
<twb> So what still isn't working?
<arrrghhh> i even allowed bootps in ufw
<arrrghhh> although it should allow any local traffic...
<twb> Uh bootps & bootpc
<arrrghhh> ok...
<twb> It's an old stupid design
<twb> Might be worth you going readig how DHCP works in wikipedia :P
<twb> That's something I always do when rolling out a new protocol
<arrrghhh> well i get the basics of dhcp
<arrrghhh> but i shouldn't have to allow this crap in ufw
<arrrghhh> it should already allow it thru another rule
<arrrghhh> and adding both bootpc and bootps (67&68) didn't fix it
<arrrghhh> i still can't get a dhcp ip
<twb> How are you testing that?
<arrrghhh> dhclient -v eth0 on the client pc
<arrrghhh> used to work fine with dhcp3-server
<twb> ok
<twb> pastebin your ruleset, pastebin output of sudo netstat -nlp
<twb> Er, not ruleset, dnsmasq.conf
<twb> Although pastbinning "iptables-save -c" would also be a good idea
<arrrghhh> urg
<arrrghhh> this sucks not having dhcp.
<arrrghhh> i defined resolv.conf
<twb> So turn dhcp3 back on again for half an hour :P
<arrrghhh> perhaps there's something else i'm missing
<arrrghhh> hehe
<arrrghhh> i already purged it
<arrrghhh> i'll just turn it back on my router
<twb> Also if you don't know, this is how you raise a manual link:
<twb> ip link set eth0 up; ip address add eth0 brd + 192.168.0.2/24; echo nameserver 192.168.0.1 > /etc/resolv.conf
<arrrghhh> blech
<arrrghhh> why is nothing easy
<twb> Because god hates you
<arrrghhh> that ip address add command failed.
<twb> s/eth0/dev eth0/ ?
<twb> It was from memory
<arrrghhh> i don't see what that command is for
<twb> If you don't know ip(8) syntax yet you should learn that too
<arrrghhh> i figured bring up the interface with ifconfig eth0 <ip>
<arrrghhh> then resolv.conf
<twb> arrrghhh: it gives you a static IP
<arrrghhh> add nameservers
<twb> ifconfig is for losers
<arrrghhh> what's wrong with ifconfig?
<arrrghhh> ...
<arrrghhh> well your command didn't work, so perhaps you need to go back and re-read it.
<twb> Main problem is ifconfig doesn't realize an iface can have >1 address
<arrrghhh> hrm
<twb> That's what that alias bullshit is -- a kludge
<twb> arrrghhh: yeah you probably need "dev eth0" not "eth0"
<arrrghhh> hrm ok
<twb> Unfortunately the manpage isn't very helpful for newbies.
<arrrghhh> this is just odd tho
<arrrghhh> i can ping the gateway
<arrrghhh> i can ping the server running dhcp
<arrrghhh> but i can't ping the interwebs
<arrrghhh> or 8.8.8
<arrrghhh> .8*
<arrrghhh> connect: Network is unreachable
<arrrghhh> lol, this was supposed to be the easy part of this task.
<twb> Ah, mea culpa
<twb> ip a add also adds a route to the local network, but not to 0/0
<twb> ip route add 0/0 via 192.168.0.1
<arrrghhh> zomg
<arrrghhh> i don't think i've failed this hard in a while.
<arrrghhh> ugh... damn chromebook.  you limit me.
<arrrghhh> oh there we go.
<twb> You need to reflash it with ubuntu oneiric arm
<twb> That's what I am on right now :-)
<twb> 1kg netbook with 15hr battery life ftw
<arrrghhh> wow that was fun
<arrrghhh> and that sounds crazy
<arrrghhh> 15hrs
<arrrghhh> ok here's the dnsmasq.conf
<arrrghhh> http://pastebin.com/Fr4sWJDD
<arrrghhh> http://pastebin.com/YTdGuBQn
<arrrghhh> netstat -nlp
<arrrghhh> http://pastebin.com/hBiNUhV3
<arrrghhh> iptables-save -c
<arrrghhh> yea, just disabled UFW and dhcp client still fails.
<arrrghhh> lsof shows 67 and 69 in use by dnsmasq
<arrrghhh> but nothing on 68
<twb> That all looks OK to me
<twb> tcpdump on the server, see what you can see
<twb> (Learn how to use tcpdump too ;-)
<arrrghhh> sounds like wireshark?
<twb> wireshark is the heavyweight cousin
<arrrghhh> nice.  ok, i know how that stuff works... again on a basic level :P
<arrrghhh> any tips on what to filter on...?
<arrrghhh> i usually filter by ip... doesn't seem like that'll work so well here lol
<arrrghhh> i guess i could filter on port/protocol huh
<twb> port 67 or port 68
<twb> Part of the reason I use tcpdump instead of tshark is I can never remember the tshark filter syntax ;-)
<twb> Also obviously more useful data doing this on the server first
<arrrghhh> hrm
<arrrghhh> what was the last thing you read from me?  i don't think it all got thru
<arrrghhh> twb: ?
<arrrghhh> perhaps you didn't get any of my messages, i was on a crippled machine, heh
<twb> Hmm?
<twb> 16:35 <arrrghhh> i guess i could filter on port/protocol huh
<arrrghhh> damn, i said a lot more than that...
<arrrghhh> oh well, the jist of it was tcpdump showed that the server was receiving the request
<twb> *gist
<twb> So on the client side, you see a DHCPREQUEST and then a DHCPOFFER ?
<qman__> arrrghhh, FYI, my DHCP exception is 67:68 udp
<arrrghhh> 22:38:12.846558 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:13:72:27:68:83 (oui Unknown), length 300
<twb> It's a four-stage handshake, I forget the order
<arrrghhh> i was running tcpdump on the server
<arrrghhh> the client just keeps requesting
<arrrghhh> and it times out
<qman__> $CMD -A INPUT -i eth1 -p udp  --sport 67:68 --dport 67:68 -j ACCEPT
<arrrghhh> never gets a DHCPOFFER
<arrrghhh> qman__: why do you think the traffic is being blocked?
<qman__> it's a UDP broadcast
<twb> Goddam it, who uses DNSSD
<twb> This stupid printer won't talk to me, and the other users are talking to it via dnssd, which I am not going to install
<twb> Bloody autodiscovery "easy to use" my arse, the printer already has an IP and listens on 631 but won't respond anything useful there...
<arrrghhh> qman__: even with ufw disabled?
<qman__> I don't know much about UFW
<qman__> but if you sudo iptables -L and it's all ACCEPT with no rules, you're good
<twb> arrrghhh: is there a firewall on the client?
<arrrghhh> hrm ok
<arrrghhh> twb: uhmm dhcp3-server worked on the client just fine
<arrrghhh> but i don't think there is, no
<arrrghhh> it's kubuntu 11.04
<arrrghhh> ufw is not enabled
<twb> IIRC dhclient you can say test don't actually apply, find that option and run it on the server, that will bypass any network issues
<twb> -n I think
<twb> dhclient -n -v eth0
<arrrghhh> k
<zastaph> Does anyone know if the CAP_NET_ADMIN section @ https://help.ubuntu.com/community/KVM/Networking is still relevant, or the bug has been fixed?
<jmt> hello
<jmt> which is the best dell server for installing ubuntu 10.04 LTS
<MerryResistance> jmt:  depends on whether you're getting a hardware RAID array or not
<MerryResistance> jmt:  i've got a Dell Poweredge 2500 series server, but Ubuntu/Debian don't include the drivers for the RAID card yet (mines got SCSI drives)
<jmt> Actuall my idea is to build a complete ubuntu 10.04 server infrastructure including ldap+samba,proxy,file server...
<MerryResistance> well any server will work if you have the linux drivers for it
<MerryResistance> s hardware
<jmt> oho..
<MerryResistance> *kicks his keyboard*
<jmt> dell R710 is enough?
<MerryResistance> ooh, field goal... :P
<MerryResistance> gimme a sec i'm hitting lag
<MerryResistance> i'm not sure, because i'm not sure whether Ubuntu has the drivers for the RAID controller card(s)
<jmt> ubuntusupporting server list showing Dell R710
<MerryResistance> link to said list?
<jmt> one minute..
<jmt> iw ill give
<MerryResistance> if its not on the ubuntu site i'm going to rant about how random lists shouldnt be trusted :P
<jmt> http://www.ubuntu.com/certification/make/Dell/servers
<Nafallo> the problem with that would be that it might be tested with every possible configuration ever...
<MerryResistance> yeah what Nafallo said
<Nafallo> unless it has a very very precise model number attached.
<MerryResistance> jmt:  that's in general.  you should be OK, but i cant guarantee it'll work 100% efficiently/effectively
<Nafallo> obviously, if the raid controller is on-board, that would make my point moot ;-)
<Nafallo> but we might be talking about more cards than raid-controllers here.
<jmt> if i go through normal dell pc,i am sure,it will 100% work
<jmt> Nafallo: i need only 4 disk.that means built in raid controller card is enough..
<jmt> hello..
<uvirtbot> New bug: #908583 in apache2 (main) "Apache cache serving partial content 206 responses to requests for the full content" [Undecided,New] https://launchpad.net/bugs/908583
<xperia2> hi to all. short question. does a debian package allready exist for the new SPDY Protocol ? I would like it to test it how it works but dont want to destroy my webserver.
<iToast> How come partitioning raid 1 on 2 160gb USB -> SATA Hdds is soo slow?
<StevenR> iToast: what does mdadm show? is it syncing? What sort of usb port? what sort of hard disks?
<iToast> Just 5400rpm disks
<iToast> ..
<StevenR> so... what about the other 3 questions?
<iToast> Ugm
<iToast> I just used the ubuntu partitioner to do it.
<iToast> So I'm not exactly sure.
<patdk-lap> hmm?
<patdk-lap> partitioning is quick, should only take a few milliseconds
<patdk-lap> now if your talking about resync of raid, that could take awhile
<patdk-lap> with max speed of usb2, your talking about 3hours min
<qman__> iToast, USB is slow, I'd expect said formatting to take around an hour
<qman__> maybe more
<patdk-lap> 3 hours, on usb2 with two disks of that size
<uvirtbot> New bug: #908605 in mod-wsgi (main) "mod_wsgi fails to log python errors" [Undecided,New] https://launchpad.net/bugs/908605
<raubvogel> Which one is the right way to define a subinterface; eth0:1 or eth0.1?
<giovani> raubvogel: ':' is for subinterface, '.' is for VLAN
<giovani> at least, that's my understanding
<raubvogel> giovani: thanks! So I take if I am doing the subinterface thingie I do not need the vlan package, right?
<giovani> raubvogel: "vlan package"? I'm confused
<giovani> use a colon
<raubvogel> giovani: vlan - user mode programs to enable VLANs on your ethernet devices
<giovani> raubvogel: no, of course you don't need that
<raubvogel> That is the package I was talking about
<raubvogel> Which leads to me being confused about the use of a column
<giovani> what?
<raubvogel> It sure takes a while to reboot (eth0 dhcp, eth0:1 static). I wonder if the bind server is confused
<giovani> why would you have a static and dynamic address on the same interface?
<raubvogel> giovani: honestly? Testing things out to see if it is even feasible
<giovani> if -what- is feasible?  why would you want to do that?
<raubvogel> giovani: I was wondering if bind would get indeed confused since it is seeing two devices in the same network with the same mac
<giovani> what does your DNS server have to do with this?
<raubvogel> Ok, so I am not the only one who have noticed this issue: https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/876829
<uvirtbot> Launchpad bug 876829 in ifupdown "Oneiric's ifupdown breaks ip aliases" [Unknown,Fix released]
<raubvogel> giovani: BTW, I apologize for confusing you with my questions; it seems I was looking at the wrong problem
<Znow> Hi, im working with ruby on rails on my ubuntu server, what script file could I make to run when I want to run certain commands?
<Znow> like a bat file on windows
<qman__> I think you are looking for shell scripts
<qman__> even if you aren't, it's something anyone who uses linux should learn
<Resistance> what qman__ said
#ubuntu-server 2012-12-17
<anepanal1ptos> omg ipv6 is so hard
<joe_Vitel> Hello. I'm trying to set up a test MAAS/Juju/openstack environment. I've got every node running, and according to juju status they are all setup corrently as far as I can tell. The big issue is that I cannot log into the Openstack Dashboard using admin and the admin-password provided in the keystone config file when deploying keystone. Any ideas?
<waspinator> how would I auto start an openvpn client? I can connect using sudo openvpn client.ovpn but not with service openvpn start
<Broodoobob> I have a question about software raid on server 12.04
<Broodoobob> I have ext4 with journaling on top of raid1 using mdadm
<Broodoobob> when the array re-syncs, the ext4 journaler hangs for LONG periods of time and locks up the kernel
<Broodoobob> has anyone else experienced this? any ideas? it's a serious problem.
<Broodoobob> I'm seeing bug reports on the issue from 2010, but it seems like the devs could never track it down
<uvirtbot> New bug: #1091114 in checksecurity (main) "fuse mount cause problem to find -xdev" [Undecided,New] https://launchpad.net/bugs/1091114
<uvirtbot> New bug: #1089711 in nova (main) "nova.conf unreadable is hard to diagnose" [Undecided,New] https://launchpad.net/bugs/1089711
<jstephan> hey, guys short question, how can i see the reason for an security update via console?
<xnox> TheLordOfTime: yes.
<rbasak> jstephan: you could do something like "apt-get changelog <package>/precise-security"
<jstephan> ah, okay, thx
<yaboo> hi all, got a issue with mdadm, taken the disks from one server installed them in another server, but they will not reassemble.
<yaboo> how can I reassemble them
<xnox> the homehost will not match, so you either assemble them by hand, override their hostname to match, or make it ignore homehost setting.
<Jever> hi.
<Jever> just tried to install php5-mysqlnd this would remove phpmyadmin
<Jever> as far as i read this is considered to be a bug
<Jever> because phpmyadmin depends on php5-mysql
<rbasak> phpmyadmin depends on: php5-mysql | php5-mysqli | php5-mysqlnd
<rbasak> So it should accept any one of those
<rbasak> Jever: ^^
<Jever> i'l
<Jever> i'll try
<Jever> doesn't work
<Jever> if i install php5-mysqlnd it removes phpmyadmin and php5-mysql
<Jever> if i try to install phpmyadmin afterwards it will remove php5-mysqlnd again and install php5-mysql
<rbasak> Try requesting both at once. Hopefully it'll tell you why it can't fulfill thta
<rbasak> Ah
<rbasak> Looks like php5-mysqlnd was added as an option after precise. It's present in raring.
<Jever> nope can't install both
<Jever> so what does that mean for me
<rbasak> Assuming that the packages will work together, it sounds like an acceptable bug as you described. I'm not sure if a dependency change would be acceptable for a stable release update though.
<Jever> https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/1012670
<uvirtbot> Launchpad bug 1012670 in phpmyadmin "Dependency on php5-mysqli" [Undecided,Confirmed]
<rbasak> So a bug would be marked as fix released as it's fixed in the current development version, and somebody would have to ack it for an update to 12.04 if it is acceptable (I'm not sure if it is)
<Jever> this was 6 months ago
<patdk-wk> are we sure phpmyadmin works with mysqlnd?
<Jever> okay but is there a quick fix for me to install it anyway?
<rbasak> In the meantime, you could override the dependency, or use a more recent release
<Jever> i would like to override it to test if it works for me
<rbasak> patdk-wk: I'm not sure, so this is all assuming that it is. However the latest php5 package in raring seems to allow it.
<rbasak> Looks like it works in 12.10.
<Jever> can't update though. any way to ignore dependencies without using dpkg manually?
<rbasak> I think you have to use dpkg manually
<Jever> which means that i won't get updates?
<rbasak> Easiest hack would be to install both using apt-get, then you'll have the right package in /var/cache/apt/archives to install with an override using dpkg
<rbasak> Things will break if you use updates
<Jever> hmpf. i'll stay with php5-mysql
<Jever> thanks for your help
<rbasak> You could rebuild phpmyadmin in a PPA if you're feeling adventurous
<rbasak> Sorry I can't give you a better option! Thanks for bringing it up and finding the bug. I've updated the bug.
<Jever> no problem. just wanted to test it and found out that it doesn't work yet
<patdk-wk> rbasak, same issue for php-mdb2-driver-mysql
<patdk-wk> guess a bunch of packages need to be updated
<rbasak> Yes. Or the different drivers should all provide a virtual package and consumers like phpmyadmin could just depend on that
<patdk-wk> hell, I would likely opt to maky php5-mysql a meta package that installs php5-mysqlnd by default
<rbasak> How many are there?
<patdk-wk> 3
<patdk-wk> mysql mysqli mysqlnd, though mysql and mysqlnd are *compatable*
<patdk-wk> currently atleast
<rbasak> php-mdb2-driver-mysql doesn't seem to conflict with anything though, so phpmyadmin can be installed with it
<rbasak> I don't know whether it would use it or not
<patdk-wk> hmm?
<rbasak> You said same issue with php-mdb2-driver-mysql?
<patdk-wk> yes
<patdk-wk> it depends on php5-mysql
<rbasak> Oh, I see.
<patdk-wk> install php5-mysqlnd wipes it :)
<patdk-wk> oh, it's universe
<rbasak> So is phpmyadmin
<patdk-wk> guess I can just use pear instead for that
<rbasak> The rdepends list for php5-mysql is quite large
<uvirtbot> New bug: #1000175 in openssh (main) "Unable to copy id to a server that is listening on non-default port (dup-of: 518883)" [Wishlist,Confirmed] https://launchpad.net/bugs/1000175
<rbasak> smoser: ahem. Oops. Fixed. I did wonder why the cloud-init maintainers team was going to review it!
<rbasak> smoser: btw, I couldn't figure out what was going on with the packaging, so I left it. debian/control exists in both trunk and the packaging branch for example, and are different.
<smoser> rbasak, its just an upstream that has its own debian/
<rnbrady> hi folks
<rnbrady> any maas peeps around?
<rnbrady> â¦tumbleweed......
<smoser> rbasak, did you know that cloud-init probalby as of precise will output the full fingerprint to the console ?
<smoser> er... the full key
<smoser> so you dont have to do the fingerprint and ssh-keygen check.
 * rbasak looks
<rbasak> smoser: I see. That's useful!
<pmatulis> rnbrady: maybe try the #maas channel
<rbasak> smoser: still need to support the old method though, do you think? Or forget about it if precise supports it?
<smoser> i think it'd be nice to support the old method.
<rnbrady> pmatulis: ah yes, thanks!
<smoser> magically fall back to it if only that form is found.
<rbasak> OK. I'll have to rethink the CLI a bit though
<rbasak> I guess I need to make it grep-fingerprint and grep-public-key, import-fingerprint and import-public-key, and fix will dtrt.
<smoser> that is https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/893400
<uvirtbot> Launchpad bug 893400 in cloud-init "cloud-init: Output public ssh host key (for known_hosts)" [Low,Fix released]
<smoser> just for reference
<rbasak> Thanks!
<savr> I've installed MAAS. I only have one server (acting as master) now that I wish to install openstack. In about two weeks I'm adding another node. Am I suppose to add my master server as a node to maas?
<savr> I've installed MAAS. I only have one server (acting as master) now that I wish to install openstack. In about two weeks I'm adding another node. Am I suppose to add my master server as a node to maas?
<RoyK> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<smoser> savr, you can askin #maas, fwiw.
<fij0> hello
<smoser> savr, the maas server is not a node in maas. is that what you were asking ?
<RoyK> hi all. my brother has a RAID-5 on three 2TB drives and want to add another three drives to make it a 6-drive RAID-6. Anyone here that knows if this can this be done in a single operation, or will he have to add a single drive at a time? also, he's currently on Lucid, kernel 2.6.32 and IIRC that doesn't support migrating to RAID-6, is this right? I guess an upgrade to Ubuntu Precise shouldn't be too hard...
<savr> smoser: currently maas is telling me I have 0 nodes
<smoser> right.
<smoser> you have 0 nodes.
<savr> am I suppose to add the master as a node?
<smoser> you really ahve to add other nodes.
<smoser> the maas master is not a node in itself.
<smoser> (if it was, and it could manage, that would then force itself to re-install itself)
<savr> I shouldn't really be using maas then?
<smoser> maas allows you to treat a group of hardware as provisionable like a cloud (which juju uses to install openstack). juju install of openstack is several nodes (glance, compute, swift...)
<smoser> so with just 1 node, maas is not terribly useful.
<savr> I don't really know why I installed maas. I'm following the guide to use juju to install openstack
<smoser> savr, for a single "all in one openstack", the best solution that i'm familiar with is devstack.
<savr> the reason why I'm installing openstack is because I intend to have a few servers and want the ease of being able to move services around
<smoser> but that wont allow ubut that will not give you any real path to grow
<savr> for some reason I think it is a billion times easier to do all this manually
<savr> as that is what I'm use to and all these new tools seem a lot more complicated than editing a few config files
<rbasak> Perhaps one needs to suffer the pain of doing all this manually before one accepts the usefulness of having automated tools for all of it :)
<savr> rbasak: I've done all this manually many times
<rbasak> For a single server, it's probably not worth it
<savr> I know how to do it manually
<rbasak> What you have is a server, not a cloud!
<savr> I'm going to have 4 servers and maybe 5 services running inbetween them all
<savr> I want them to failover and load balance
<savr> to set this up manually is like 1 hour work for me
<rbasak> Sounds like that's your best bet then
<savr> to understand maas juju openstack cloud foundry etc is much more difficult
<savr> ok then
<savr> time to nuke this maas install
<savr> does juju make any sense for me?
<savr> or cloud foundry or open stack?
<pmatulis> savr: if you intend to have a smallish static environment, i don't think so
<smoser> i would say that if you're comfortable managing virtual systems in some other way, 4 servers and 5 services is a small number and you will incur significant overhead in openstack. but having a system like openstack in place will help you to grow.
<savr> thanks!
<savr> should I be using vps?
<rbasak> If you can do everything you want in one hour's admin time, then I don't think there's any other solution that makes sense for you. But when you find yourself trying to do something that will take many hours or days of admin time, or you find yourself writing tools for these tasks, or you need to study services in detail to learn how to use them, then come back and take a look at juju :)
<smoser> juju would be useful to you as it would enable you to provision codify your installation of your services.
<smoser> but juju needs a provider, and there is only the "local provider" which uses lxc that would really help you.
<savr> juju is a massive learning curve for me right now
<savr> I tried using the local provider
<savr> full of issues
<jcastro_> the local provider is for like your laptop, you wouldn't run it on your servers
<savr> so does it make sense to virtualize
<savr> one of the services is wordpress
<savr> another is virtual desktop
<savr> then some in house web software we use
<savr> etc
<Daviey> jamespage: Sigh, powerpc & armhf are so slow
 * TheLordOfTime was whining about powerpc last week when it took 3 days for a package sync to actually reach raring and get out of raring-proposed.
<TheLordOfTime> powerpc's... not fun.
<savr> rbasak: smoser: would you virtualize in this instance?
<smoser> i'd probably lean towards virtualization and some configuration management solution
<rbasak> If you can reinstall it all in an hour then I don't think it matters what you do. Just reinstall when you want to move something.
<savr> I'm with a great provider so reinstalls are super ease. normally takes 5 minutes. Installed with ssh keys and can auto run post install bash script.
<savr> smoser: like what software?
 * maswan is using ganeti to handle a bunch of service VMs on a few hosts
<smoser> puppet and chef are configuration management system.s
<Daviey> CVE-2012-5642 is awesome.
<uvirtbot> Daviey: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5642)
<uvirtbot> New bug: #1080841 in cloud-init "should reload configuration if an upstart job is added" [Medium,Fix committed] https://launchpad.net/bugs/1080841
<maco> mysql keeps disappearing on my 12.04 ubuntu server. i see no record of either an oomkill or a segfault in /var/log/syslog  any ideas what else to look for to see why it keeps disappearing?
<sarnold> maco: is there anything in the mysql logs?
<maco> sarnold: /var/log/mysql.err is blank and /var/log/mysql/ is empty and /var/log/mysql.log is a 0byte file
<sarnold> maco: very curious. )
<sarnold> maco: does df show you have adequate storage space available?
<maco> sarnold: bout 15gb free
<maco> zless /var/log/mysql.log.1.gz says it's a binary file, 20bytes
<maco> nothing legible in there
<maco> as a stopgap i modified the /etc/init/mysql.conf to retry 10 times instead of only 2, over the course of 90 seconds instead of 10, which has slowed down the rate at which i suddenly discover my sites are offline, but...
<sarnold> is it too-open? MySQL seems to be a walking pile of CVE generators, maybe someone is having fun with you..
<TheLordOfTime> last i checked, PHP's more evil than that, sarnold.
<sarnold> TheLordOfTime: no argument there, php is also a giant pile.
<maco> and wordpress even more so ;) all of which are on my server, but i have htaccess-locked the wp admin pages for safety there
<TheLordOfTime> don't get me started on other stuff in Universe...
<maco> dont think universe has wp updates fast enough
<maco> all of the mysql.log.[0-9].gz's are 20bytes
<sarnold> I think 20 bytes is the usual size of zero-byte-files that gzip compresses...
<maco> ah
<maco> as to "too-open" the my.cnf is set to only listen on localhost (that's the default) so outsiders shouldnt be talking to the process
<maco> hah im amused that in addition to TheLordOfTime there's also TheDrums
<TheLordOfTime> i think that was spawned by my taking this nick :p
<savr> thanks all!
<maco> oooh wait it is oom. shouldve done a case-insensitive grep
<maco> hrmph. time to tune apache so it stops eating half the ram
 * TheLordOfTime blurts out "NGINX RULZ" then facedesks hard for being biased.
<oVeRMiND> hello world!
<savr> hi proxmox or ganeti? or makes no difference/
<savr> think I'm going with proxmox as it can be installed by the datacentre
<tgm4883> savr, KVM?
<savr> yep
<tgm4883> I've not looked at ganeti for a few months, but it didn't make sense for us here
<tgm4883> I ran proxmox 2.1/2.2 for awhile on a test cluster, but it kept forgetting what my machines were named
<savr> tgm4883: what are you using?
<tgm4883> savr, KVM
<tgm4883> well, kvm with libvirt I suppose
<savr> no management software?
<tgm4883> on our production cluster we run ESX
<tgm4883> savr, nope, we just run these 4 servers when we need to setup some test stuff
<tgm4883> nothing that we are super worried about
<tgm4883> MaaS and Ubuntu Cloud don't make sense for us either it seems
<m4rku5> I have a question relating to kerberized nfs: how would I enable a service (say apache) to access a kerberized nfs mount (e.g. a users home/public_html)? is there a "standard" solution to this problem?
<uvirtbot> New bug: #811417 in apache2 (main) "Apache httpd local DOS when serving pipes due to TOCTOU" [Low,Incomplete] https://launchpad.net/bugs/811417
<mikeey> Good evening. We just got hit by some weird attack/exploit/something which brought our machine to it's knees. Somehow, it managed to hold up and I got this screenshot before it went down: http://puu.sh/1C3Sb/e7bb806225aedbd720508e27d1261d6d
<mikeey> Does anyone have any idea what this is?
<mikeey> It's also spamming the syslog with out of memory, too many open files
<mikeey> etc
<RoyK> it doesn't need to be a DoS - it can just be I/O hanging
<RoyK> but the load is pretty high :P
<mikeey> it happens on two machines
<mikeey> at the exact same time
<mikeey> (couple seconds in between)
<RoyK> sounds like a ddos
<mikeey> yeah, but it's not a BW related one
<mikeey> the network traffic is normal
<mikeey> as far as we know anyway
<RoyK> tried to sniff it with tshark/tcpdump?
<mikeey> it goes down, so we're unable to
<mikeey> I was going to attempt using a kvm to login, but it just crashed when i tried :/
<RoyK> 10-20k load is pretty amazingly ugly :(
<RoyK> mikeey: try enabling netconsole - you might get some output from that that may be drowned because of memory shortcomings
<uvirtbot> New bug: #1091430 in qemu-kvm (main) "9p fails with readonly+non-root due to O_NOATIME" [Undecided,New] https://launchpad.net/bugs/1091430
<Daviey> Sounds awesome, http://bugs.debian.org/696195
#ubuntu-server 2012-12-18
<storrgie_> I've got two ubuntu servers talking via cifs but i'm having an issue where some services that I have running are not having the right permissions when trying to write back to the cifs share
<escott> storrgie_, CIFS is not a POSIX filesystem
<escott> storrgie_, you should be using NFS
<storrgie_> escott, you're right... is there a way to force permissions to work over samba though? probably in version 4
<storrgie_> escott, I am not running kerberos... is nfs just plain scary to run if you dont have an auth service?
<escott> storrgie_, maybe http://www.samba.org/samba/CIFS_POSIX_extensions.html
<storrgie_> escott, If you're good with networking you might be able to help me. the systems I'm talking about are actually a host and VM
<storrgie_> so maybe i can define a virtual interface for them to talk through that will be protected
<escott> storrgie_, install the guest additions
<storrgie_> im using kvm
<escott> storrgie_, http://dustymabe.com/2012/09/11/share-a-folder-between-kvm-host-and-guest/
<sarnold> escott: wow. I had no idea such a thing was doable. neat. thanks. :)
<storrgie_> yeah its the 9p thing
<storrgie_> im scared to do that
<storrgie_> but i probably should be doing it
<storrgie_> im struggling because i want to use CIFS though
<storrgie_> so i only have one service to share info with
<escott> storrgie_, i would certainly NOT do this with CIFS
<escott> storrgie_, NFS or plan9 seem to be the better options for kvm. kinda sad they dont have a direct paravirt setup
<storrgie_> escott, I'm not sure how to lock down NFS though
<escott> storrgie_, lock down meaning?
<sarnold> storrgie_: you could have your /etc/exports file restrict the export to only the one guest IP..
<storrgie_> with nfs dont you just say any ip can come in
<storrgie_> well any one
<storrgie_> so here is the setup
<storrgie_> its a KVM host that im trying to get to
<storrgie_> could I just define a bridge interface and add that to my VMs to use
<storrgie_> so its a private network between them
<sarnold> yes
<sarnold> though if you want your vms to talk to each other, you'll probably have some more work to do :)
<storrgie_> they already have one bridge interface to get to the network
<storrgie_> sarnold, do you know the convention for doing this though
<storrgie_> my first bridge is tied to a physical interface
<storrgie_> this bridge would be virtual
<sarnold> storrgie_: sadly, no; I just know enough to know it's possible to create a new bridge between the host and one specific guest that the other guests can't get to
<sarnold> storrgie_: I _think_ the virsh net-* family of functions is the starting point..
<storrgie_> nah i dont want to use virsh
<storrgie_> I wnt to define a bridge in interfaces
<sarnold> storrgie_: ah, not using libvirt for the kvms then, okay... brctl is probably the place to start :)
<storrgie_> yeah, im looking at virsh though also
<storrgie_> hrmm
<storrgie_> sarnold, do you know much about creating bridges?
<storrgie_> I would like to define it in a file
<storrgie_> rather than run brctl
<storrgie_> there is a page here that describes that I want... I think http://www.linux-kvm.org/page/Networking
<storrgie_> I just dont know how to convert that to an addition to my /etc/networking/interfaces file
<sarnold> storrgie_: sadly, no, this is one of my weakest areas.
<storrgie_> pewp
<storrgie_> well here ill post once more and see if anyone bites:
<storrgie_> I'm trying to define a private bridge for my KVM vms to talk to my host. I want to define it in my /etc/networking/interfaces file. I found this document here: http://www.linux-kvm.org/page/Networking that I think talks about what I want to do but I don't understand the brctl commands enough to decompose those into additions to my /etc/networking/interfaces config file
<Amacidia> Hi everyone
<Amacidia> How would one go about routing bittorent traffic through an openvpn connection but keep http, dns ect through my isps connection?
<Amacidia> Would this be done by changing some routing on my ubuntu server?
<escott> Amacidia, routing is at the ip level, you want a port specific rule. you could do that with iptables
<sw0rdfish> hi
<makysdj> holas
<chovynz> anyone know how to activate the UI on mediatomb using a headless ubuntu server?
<chovynz> I'm having trouble finding appropriate documentation
<chovynz> im logging into the server via ssh
<pleia2> chovynz: isn't it just a web interface?
<pleia2> runs on port 49152 by default
<chovynz> I guess. this is the web message i get "MediaTomb UI is disabled. Check your configuration." , I guess my question is more to do with mediatomb than US, but
<chovynz> most of the documentation i can find on mediatomb talks about doing things via ui
<pleia2> chovynz: probably need to edit your /etc/mediatomb/config.xml
<pleia2>     <ui enabled="yes" show-tooltips="yes">
<pleia2> ^^ mine has that
<uvirtbot> pleia2: Error: "^" is not a valid command.
<chovynz> oh ok. thanks
<pleia2> sure, it's not the easiest thing to configure (particularly when it comes to codecs and things) but there are a lot of example config.xml files out there to get tips from
<chovynz> *cough*ex-windows-user-here-who-still-hasn't-got-it-completly-out-of-his-system-of-getting-things-done-for-him*cough*
<pleia2> :)
<chovynz> thanks pleia2, i didn't think of that
<pleia2> sure, good luck
<chovynz> uh, another silly question... could the reason the ui is disabled, is that i haven't yet hooked it up to a database?
<pleia2> could be
<pleia2> it's been a long time since I configured mine, I don't really remember the steps involved
<chovynz> ahaha.. me too
<pleia2> I'm using sqlite though
<uvirtbot> New bug: #1091523 in qemu-kvm (main) "Testing Raring in KVM displays visual artifacts (affects installer world map, login screen, wallpaper)" [Undecided,Confirmed] https://launchpad.net/bugs/1091523
<Deep6> guys is there anyway to call vmbuilder and output the results onto an nfs share?
<Deep6> i've done -d and it never seems to complete..
<Deep6> (yes I have r/w)
<Deep6> wow not everyone at once...
<sw0rdfish> can i set 2 listening ports for sshd?
<hath001> Hi , Apache in my server doesn't load index.php automatically ! I tried DirectoryIndex index.php index.html index.htm  but that was helpless
<hath001> can u help me please ?
<mvp> do you have php installed
<hath001> yes , it is work when i write index.php
<hath001> ex : www.ex.com dosen't work but www.ex.com/index.php it fine
<mvp> perhaps you can't override DirectoryIndex with a local .htaccess
<hath001> i tried to do that in httpd.conf AND sites-available/default
<Syria> I want from my server to execute a command on it's start, Could you please let me how to this?
<Syria> *let me know
<hath001> Syria http://www.cyberciti.biz/tips/linux-how-to-run-a-command-when-boots-up.html
<Syria> hath001:  Thank you I will read it.
<Syria> hath001:  The script  name.sh should contain the commands I want them to be executed at the startup only?
<Syria> hath001:  Sorry I see it now.
<oracle_> I have a server that I also want to use as a desktop sometimes, but I don't want _everything_ that comes with ubuntu-desktop meta package.  Is there a way of installing ubuntu-desktop where you can pick and choose the components?
<TheLordOfTime> oracle_, pick and choose the individual packages you want to install?  if you install the metapackage it'll install everything, if you hand-pick what you want from the list of what the metapackage installs, you'll get the customized list of stuff.
<TheLordOfTime> i don't remember how extensive the list of stuff is though
<oracle_> Are some packages reverse-dependant on ubuntu-desktop?  So that even if I install OOo separately, it will drag in ubuntu-desktop as a dependency?
<oracle_> sorry, OOo is now LibreOffice i suppose.
<Daviey> jamespage: tracking https://lists.launchpad.net/openstack/msg19520.html ?
<Daviey> mornin' btw
<feisar> morning chaps, any recommendations for the best way to set a 'one time reboot' for a server. E.g. Security updates applied automatically, system needs a reboot and I want to set it to happen 00:00 tonight?
<balboah> feisar: the shutdown command can take a timestamp for when to do it
<feisar> balboah: ah, that sounds good, I could write a little script that asked for the time and then issued the command
<balboah> feisar: sure. You can also use the "at" program do run a certain script one time at a certain time
<feisar> would I have to issue the command from a Screen session (or similar) or would the command still execute if I closed the terminal?
<balboah> it will be scheduled and executed even if you close your terminal
<jamespage> Daviey, morning
<jamespage> I had seen that yes
<jamespage> nothing new tho
<jamespage> we are using most of that stuff
<feisar> balboah: thanks : )
<jamespage> Daviey, did you do the NEW ack's for the latest ceph packages in raring?
<Daviey> jamespage: no, when i signed off they were not al built
<Daviey> jamespage: but it is done now
<Daviey> jamespage: and it's now in the release pocket
<jamespage> Daviey, it is - but a few bits and pieces have crept into main
<jamespage> I'd like them pushed back to universe
<Daviey> jamespage: hmm, it's not showing as a candidate for demotion.
<Daviey> http://people.canonical.com/~ubuntu-archive/component-mismatches.txt
<jamespage> Daviey, I don't think it will
<jamespage> Daviey: ceph-fuse, libcephfs-jni and libcephfs-jni-dbg should be pushed to universe
<Daviey> jamespage: then something is keeping it in main :)
<Daviey> hmm
<jamespage> Daviey, I don't think so - nothing rdepends on ceph-fuse or libcephfs-jni
<Daviey> hmm
<Daviey> jamespage: You indeed seem to be correct, as usual.
<Daviey> jamespage: lets see if anything demands it back, http://pb.daviey.com/iMRD/
<jamespage> Daviey, ceph-fuse also has a -dbg - that will demand it back
<chmac> `less *.log` then :n and :p to move back and forth through the files. Can I improve that down to a single keystroke for next / previous file?
<chmac> With more maybe? Or some other tool?
<chmac> I guess I could use vim and map a keystroke to next/prev file, but I'm looking for something that'll work out of the box, on almost any platform... :-)
<uvirtbot> New bug: #1091577 in samba (main) "unable to ping hosts by windows hostname" [Undecided,New] https://launchpad.net/bugs/1091577
<Daviey> jamespage: done
<jamespage> Daviey, muchly
<jamespage> ta
<jamespage> sorry - that came out in the wrong order
<Daviey> jamespage: problem no ;)
<uvirtbot> New bug: #1025244 in qemu-kvm "qcow2 image increasing disk size above the virtual limit" [High,Triaged] https://launchpad.net/bugs/1025244
<uvirtbot> New bug: #1091602 in bind9 "Please add resolvconf hook script to generate dynamic forwarders list" [Undecided,New] https://launchpad.net/bugs/1091602
<uvirtbot> New bug: #1091624 in net-snmp (main) "package snmpd 5.4.3~dfsg-2.5ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Undecided,New] https://launchpad.net/bugs/1091624
<koolhead17> zul: around
<yolanda> having this problem running ceilometer on devstack: http://paste.ubuntu.com/1447493/
<yolanda> any idea?
<samba35> i am trying to configure iscsi server on ubuntu as a target (as a server )(please correct me if i am wrong )with esxi server
<RoyK> samba35: should work
<samba35> but when i run tgt-admin -s it print noting
<samba35> do you have any idea what configration changes i have to make
<RoyK> to be honest, I've never setup iscsi target on linux - I have this test box, though - lemme see :)
<samba35> ok
<samba35> no problem ,but please correct me
<RoyK> well, tgt-admin -s should show what's setup
<samba35> initiator  is know as a client and target is know as a server right
<RoyK> yes
<samba35> thanks
<samba35> is there any gui for iscsi i ubunut ?
<RoyK> probably not
<samba35> ok
<RoyK> are you following a howto? this one looks decent http://askubuntu.com/questions/63621/iscsi-trgt-missing-because-cant-build-kernel-module
<samba35> now i will
<rcaskey> hey all, my /boot filled up and i've got 800 megs free and am getting dpkg: error processing /var/cache/apt/archives/linux-headers-3.2.0-35-generic_3.2.0-35.55_amd64.deb (--unpack):
<rcaskey>  unable to create `/usr/src/linux-headers-3.2.0-35-generic/include/config/acpi/cmpc.h.dpkg-new' (while processing `./usr/src/linux-headers-3.2.0-35-generic/include/config/acpi/cmpc.h'): No space left on device any ideas?
<rcaskey> i used dpkg to purge some stuff and now boot is at 50% and / shows its 80% with 800 megs free and it is still getting that no space left on device error
<rcaskey> and i created a 100 meg file there just fine with dd
<Cookiemonster_> hi there somebody here experienced with webmin?
<samba35> when i try to add service   "chkconfig anyservice on" i am getting   /sbin/insserv: No such file or directory
<jpds> samba35: chkconfig isn't used on Ubuntu.
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<samba35> then how do i start service at startup
<jpds> samba35: Which service?
<RoyK> samba35: it's usually started by upstart on startup if it's installed. which service is this?
<samba35> say vsftpd tgt or any
<RoyK> samba35: well, not 'any' :)
<samba35> when i run chkconfig --list it show services
<RoyK> samba35: don't use chkconfig
<jpds> samba35: Ubuntu uses upstart/init.d.
<RoyK> to start tgt, run 'start tgt'
<RoyK> tgt is in upstart
<samba35> ok
<RoyK> so is vsftpd
<samba35> ok
<samba35> thanks
<RoyK> did you manage to make tgt work?
<samba35> no
 * RoyK has been out for a while
<RoyK> will try
<samba35> ok
<RoyK> samba35: http://www.cyberciti.biz/tips/howto-setup-linux-iscsi-target-sanwith-tgt.html
<RoyK> samba35: the other I posted was for another iscsi target implementation - an older one I think
 * RoyK didn't know there were two
<samba35> ok let me try
<samba35> thanks
<samba35> i think i fail to understand "iqn"
<RoyK> that's just the iscsi initiator name prefix
<RoyK> iSCSI Qualified Name
<samba35> but how to use full name
<samba35> do i have to use host or domain ?
<RoyK> it's usually something like this iqn.1993-08.org.debian:01:a44148977e36 - meaning iqn.YYYY-MM.tld.domain:something
<RoyK> it should be autogenerated when you install open-iscsi
<samba35> how do i generate it ?
<RoyK> apt-get install open-iscsi open-iscsi-utils
<RoyK> that's for the initiator, though
<RoyK> no need for an initiator name on the target side
<samba35> ok
<RoyK> what OS does the initiator run?
<RoyK> or 'on what what OS does the initiator run?'
 * RoyK just created a 200GB iscsi volume and attached to it from localhost :)
<samba35> i am trying windows xp and vmware esxi
<RoyK> ok, both should work
<samba35> i have to use server iqn at client  ?
<RoyK> each client has its own iqn
<RoyK> on the server, you can authorize a given iqn for a given target, you can authorize an ip address, or setup authentication
<RoyK> s/server/target/
<samba35> confued :)
<RoyK> well, it'll sink in :)
<RoyK> took me some time to get used to how iscsi works
<RoyK> that is
<RoyK> all targets have an iqn, all clients have one as well
<RoyK> s/clients/initiators
<RoyK> that is, all endpoints in an iscsi setup, has an iqn
<samba35> RoyK, do you use vmware esxi
<RoyK> at work, yes, on iscsi
<RoyK> I guess it should autogenerate its iqn as well
<RoyK> for testing, just allow all clients: tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL
<samba35> esxi has a target or client ? for version of esxi
<smoser> utlemming, thought i'd point you to 'mount-callback-umount', which mounts a disk or partition image in anything qemu-nbd supports and hten calls a command and unmounts.
<smoser> its at https://code.launchpad.net/~smoser/+junk/backdoor-image
<smoser> i'm using it for things like this: http://paste.ubuntu.com/1447788/
<RoyK> esxi has an initiator (that is, the client). esxi shouldn't need a target (since it doesn't serve storage)
<smoser> which mounts an image, installs a package or 2 and then publishes it.
<smoser> unfortunately, grub and kernel cause issues with a simple 'mount-callback-umount chroot MOUNTPOINT sh -c "apt-get update && apt-get dist-upgrade"'
<samba35> ok
<RoyK> a 'target' is a 'server' meaning it serves storage, an 'initiator' is the one using the storage. this is the same as the old SCSI controller is a 'target' where the OS (or drivers) are 'initiators'
<samba35> ok
<samba35> i am trying ubuntu as a target to esxi
<RoyK> if you want to do some testing first, apt-get install open-iscsi open-iscsi-utils and use that to check if you can see the target
<samba35> yes i have installed this packages
<samba35> need to fix iqn
<RoyK> such as http://paste.ubuntu.com/1447815/
<RoyK> samba35: what does /etc/iscsi/initiatorname.iscsi say?
<samba35> InitiatorName=iqn.1993-08.org.debian:01:51e9ab41fb7e
<RoyK> looks like a valid IQN to me
<samba35> what is my iqn then
<RoyK> that's the initiator name
<RoyK> the targets will have an iqn each
<samba35> ok
<RoyK> as in my example above
<RoyK> my iscsi test target is named iqn.2012-12.net.karlsbakk:iscsitest
<samba35> send pm
<RoyK> pm answered
<samba35> thanks
<samba35> did you genrate this iqn ?
<RoyK> basically, use tgt to setup a target, that is, with a number and name, after that, assign a partition or lvm logical volume, any device or file, really, to that target, and set ACLs on that
<samba35> this is in your /etc/iscsi/initinatoname.iscsi ?
<RoyK> that iqn was generated in my head, "iqn.YYYY-MM.net.karlsbakk:targetname
<RoyK> no, the initiator and target are different endpoints and must therefore have different iqns. I use the one (like yours) autogenerated
<samba35> how do i detect my iqn for target
<RoyK> have you connected with iscsiadm -m discovery -t st -p localhost ?
<samba35> no
<RoyK> first, you need to do discovery
<RoyK> then you can login to a target
<samba35> ok
<RoyK> so, pastebin tgt-admin -s first
<samba35> its blank
<RoyK> then you need to setup a target
<RoyK> as described on http://www.cyberciti.biz/tips/howto-setup-linux-iscsi-target-sanwith-tgt.html
<RoyK> please read that through first
<samba35> ok
<smoser> utlemming, uploading new ec2-api-tools to raring
<RoyK> samba35: any more luck?
<samba35> moveing forward slowly
<samba35> the proble is my ubuntu is on vmware and behind a firewall
<samba35> they both are on vm and 4 gb ram and 3 guest
<utlemming> smoser: ack. I wonder if caribou wants to drive SRU's for that :)
<smoser> its not worth sru imo.
<RoyK> samba35: erm - you're using a VM to serve storage to esxi?
<utlemming> smoser: yeah, I know.... :( . But worth a PPA build
<smoser> sru's are a pain in the ass, and slittle things like this that are easily got from a ppa only slwo up the queue for important things.
<samba35> for testing 200 mb only
<RoyK> ok
<RoyK> should work for testing, I guess...
<caribou> utlemming: ???
<caribou> utlemming: is that a xmas gift ? ;-)
<utlemming> caribou: I'm a giving sort of guy :)
<caribou> utlemming: I'd say let's wait until someone asks for it
<utlemming> caribou: just giving you a hard time...you seem to do all the SRU's lately that I watch
<caribou> well, this is kind of my dayjob (at least the one I'm aiming for)
<caribou> utlemming: got another one coming on lvm2
<samba35> do i need to worry about my nic whether it support iscsi or not ?
<samba35> trying to add iscsi with esxi now there is no movement from esxi server is busy
<samba35> (mouse busy sign )
<RoyK> iscsi runs over tcp
<RoyK> so any nic will do
<samba35> ok
<smoser> utlemming, just tested that snapshot copy works.
<smoser> it returns immediately
<samba35> is there any way to test from ubuntu
<smoser> then you have to wait until it gets completed before you can register.
<RoyK> samba35: for testing, that is - for a good setup with large amounts of storage, you'd want checksumming on the NIC
<RoyK> samba35: yes, see above - iscsiadm etc
<utlemming> smoser: that's what I suspected....but this would substaintly cut down on the time to register
<smoser> maybe.
<smoser> probably
<utlemming> smoser: when the current fire ends, I'll dig into using migrate-image and migrate-snap
<smoser> but our wget and populate is pretty fast.
<utlemming> smoser: I wonder about ap-southeast-{1,2} transit
<smoser> utlemming, i'd suggest wrapping it in a "snapshot-and-register"
<smoser> that does what we actually *want*
<samba35> ok
<smoser> which can then be replaced with their "Amazon Machine Image (AMI) Copy" that they've suggested is coming.
<smoser> utlemming, also, if you wrap it, make it correctly copy description (by default).
<smoser> as they do not do that right now
<RoyK> samba35: http://paste.ubuntu.com/1447945/
<RoyK> samba35: I first created a 200GB lv, named /dev/raid/iscsitest
<patdk-wk> vmware normally even performs better using software iscsi vs using an iscsi nic
<patdk-wk> reasons being, you can't loadbalance iscsi over multible hardware iscsi nics
<RoyK> vmware's multipath implementation is rather good after what I hear
<patdk-wk> it just got a huge tuneup in 5.1 :)
<RoyK> we're updating all hosts to 5.1 these days
<RoyK> larger clusters
<patdk-wk> I've just finished basically
<RoyK> and virtual datacenter one day, I guess
<RoyK> patdk-wk: have you looked at the virtual datacenter stuff in vmware?
 * RoyK is obviously aware of this being rather [offtopic]
<adam_g> jamespage: hey james, how would a merge like this work, if its just a bare packaging branch being merge into the ubuntu branchd /w no upstream source included and no remote tarball for the version
<adam_g> https://code.launchpad.net/~openstack-ubuntu-testing/nova/precise-essex-proposed/+merge/140225
<jamespage> adam_g, badly infortunately
<RoyK> samba35: did you take a look at that post?
<jamespage> adam_g, I worked with yolanda on getting that working better earlier today
<uvirtbot> New bug: #1091763 in lxc (universe) "lxc-start-ephemeral freezes (dup-of: 1021471)" [Undecided,New] https://launchpad.net/bugs/1091763
<RoyK> it'd be rather nice if someone came up with a vCenter like interface to KVM...
<jamespage> adam_g: she raised new MP's based on the distro branches by importing the source packages
<adam_g> jamespage: ohh. what did you come up with? i've been manually generating tarballs
<jamespage> adam_g, https://code.launchpad.net/~yolanda.robla/+activereviews
<jamespage> adam_g, well - its still manual to create the tarball; but by doing a 'bzr import-dsc' into a full packaging branch you end up with something that can be proposed for merge
<samba35> server is busy still i think i have to reboot
<samba35> sorry
<jamespage> adam_g, and a sponsor can grab a test as it contains the orig.tar.gz
<samba35> the reasom i am not rebooting is i am download ing  some stuff
<ikonia> RoyK: there is the libvirt gui being ported to a win32 frontend and someone is trying to port it to ipad at the moment
<ikonia> RoyK: it's not a bad starting place for a "v center style front end"
<adam_g> jamespage: i see
<RoyK> ikonia: it'd be nice if virt-manager was a bit better - but then - I'm not a coder, so please don't blame me ;)
<ikonia> RoyK: I like it, it's a great starting place
<ikonia> if it gets ported better to windows and tools such as ios/android it will have a sound place to expand
<jamespage> adam_g, reviewing swift_redux branches now
<RoyK> ikonia: I use it regularly myself - no problem - it's just that once I started working with vmware, I god a bit surprised how much better it was
<adam_g> jamespage: cool.
<ikonia> RoyK: yeah, the vmware tools are a big step up, but then, so is the development budget / time etc
<RoyK> ikonia: I'm aware of that ;)
<ikonia> for small busines or even certain enterprise application it ticks the boxes just fine
<ikonia> RoyK: Redhat's virtualization platform has really expended on it too
<RoyK> these edu licenses we get cost about $2k per node - no idea how much that costs for non-edu organizations
<ikonia> so if RedHat feed their updates in to, so other distros such as ubuntu can benifit that would make a big jmp
<ikonia> RoyK: 5K-ish
<RoyK> *if* redhat chooses to share that code
<ikonia> (functionality/tin dependent)
<RoyK> 5k per node is rather a lot for a 10-node cluster
<ikonia> RoyK: sorry, that's not right, it's not per node in hte cluster
<ikonia> it's per vcenter
<ikonia> the individual nodes are much less
<RoyK> erm - that's just the admin tool
<ikonia> (or whatver Vcenter is calling itself this week)
<RoyK> or node
<RoyK> I think it's still vcenter
<ikonia> wht's the word for the "enterprise estate"
<ikonia> it's not "estate"
<ikonia> I can't fire up the gui to look now
<ikonia> "farm" but not "farm"
<RoyK> for 10 nodes, a single vcenter installation works well
<ikonia> that's not what I meant, I didn't actually mean the vcenter interface
<ikonia> the "estate" but I can't think of the word
<RoyK> what interface is that? the gui?
 * RoyK is somewhat annoyed with Dell Equallogic storage
<ikonia> yes, it's a gui, but it's basically you pay $X per "estate" for all the functionality like vmotion, etc, and then %Y per node in that estate
<ikonia> but "estate" isn't the word,
<RoyK> but what does it mean?
<ikonia> it used to be the vcenter "suite"
<ikonia> it's the funcionality that allows for vmotion migration, on the fly storage changes, etc
<ikonia> that's why I was refering to it as vcenter, I didn't mean the actual gui but the enterprrise tools it provided ontop of the virtualization
<ikonia> it's basicaly bolt on enterprise functions to vsphere.
<ikonia> but I can't think of the word it's called
<RoyK> sure, but how many of those would you need? with 10 nodes?
<ikonia> 1
<ikonia> you buy one and then the individual nodes are licensed as vsphere/whatever nodes
 * RoyK flags #ubuntu-offtopic for vmware talk
<jamespage> adam_g, OK - so how do I get the ring to rebalance and actually start ?
<adam_g> jamespage: initially? you need a number of zones >= the number of minimum replicas configured (3 by default)
<adam_g> jamespage: i can extend the README if its unclear
<jamespage> adam_g, no - I'm being a bit dumb
<jamespage> who reads a README anyway
<jamespage> :-)
<adam_g> jamespage: in the case of 3 minimum replicas: if configured to do manual zone assignemnt, you'd need 3 swift-storage service units each configured as their own zone. with auto, you'd need 1 storage unit with 3 machine units
<jamespage> adam_g, I have three but they are all in the same swift-storage service and I'm using manual
<adam_g> jamespage: you have 3 what? 1 swift-storage service with 3 machine units?
<jamespage> adam_g, yes
<adam_g> in that case you only have 1 storage zone. you need to add two more swift-storage service units, configured as zone: 2 + zone: 3
<adam_g> jamespage: if you dont want to follow the charm.log, you can run 'swift-ring-builder /etc/swift/account.builder' to where nodes are being assigned
<jamespage> adam_g, OK - think I have it right now
<jamespage> adam_g, the interfaces need better typing
<adam_g> jamespage: yeah, i was gonna wait for a review to get feedback on that. i was trying to come up with better interfaces but was having a hard time. partly because i dont fully grok juju interfaces
<adam_g> jamespage: i'd ideally like to have relations to storage nodes fire 'swift-proxy-relation-*' hooks and hooks to openstack services fire 'object-store-relation-*'.  in this case swift-proxy provides two things. i'm not certain how to do that without running into ambiguity.
<jamespage> adam_g, w00t! just uploaded an image to glance backed by swift!
<jamespage> adam_g, the type is the important bit
<adam_g> jamespage: neat. :) everything is handled by glance and services' existing keystone credentials so that nova-compute needs nothing special to fetch the image
<jamespage> adam_g, yeah - don't quite have enough capacity to run compute as well :-)
<jamespage> but I've uploaded using glance and can see using nova
<jamespage> adam_g, re the essex openstack sru updates
<jamespage> the branches all look good and I check the bugs have tasks raised etc....
<jamespage> what does the process look like now? I held off uploading until I spoke with you
<adam_g> jamespage: i try to track everything in a meta-bug like this bug #1085255. yolanda started one last week but it might the desc might need updating. then upload and hope they all get accepted into -proposed before 2014 :)
<uvirtbot> Launchpad bug 1085255 in cinder "Meta bug for tracking Openstack 2012.2.1 Stable Update" [Undecided,Fix committed] https://launchpad.net/bugs/1085255
<jamespage> yolanda, can you make sure the meta-bug is up-to-date and then I will upload
<SpamapS> adam_g: since you have a provisional MRE, they should get accepted rather rapidly
<jamespage> ta
<adam_g> SpamapS: 1 for 6 for the stuff i put in queue on 11/30. anything you can do to help? :)
<SpamapS> adam_g: IIRC you were going to upload something new?
<adam_g> jamespage: after its uploaded to precise-proposed, theres a jenkins deploy test that will install everything from $distro-proposed to do some final smoke testing, in the past i've added those test logs as verification to the metabug
<adam_g> SpamapS: yeah, there was a nova security update sometime last week, i uploaded a new rebased nova
<SpamapS> adam_g: ok, lets make sure that gets done first. I'll look at it tomorrow.
<adam_g> SpamapS: its done. nova 2012.2.1+stable-20121212-a99a802e-0ubuntu1 is in queue, the previous rejected
<jamespage> adam_g, proposed metadata.yaml for swift-storage - http://paste.ubuntu.com/1448120/
<jamespage> adam_g, and for swift-proxy - http://paste.ubuntu.com/1448125/
<jamespage> ATM its possible to relate the glance charm directly to swift-storage which makes no sense
<jamespage> by typing the interfaces 'swift' and 'swift-proxy' it makes it clear what can be plugged together
<adam_g> jamespage: cool. let me give that a shot and update those branches.
<jamespage> adam_g, you will need to update the glance charm to use swift-proxy typed interface as well
<adam_g> k
<jamespage> adam_g, in my proposed versions I also changed the name of the hook to swift-storage on both ends
<jamespage> adam_g, if you want to give it another round of changes I'll pickup first thing tomorrow
<jamespage> adam_g, but it generally worked well once I actually RTFM'ed
<jamespage> lol
<jamespage> adam_g, do you have a deployer configuration for this? might save me some time!
<adam_g> jamespage: :) ill get the metadata updated today
<adam_g> jamespage: http://paste.ubuntu.com/1448130/
<yolanda> jamespage, sorry, i was out for a bit
<yolanda> are you there?
<yolanda> jamespage, adam_g https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1089488
<uvirtbot> Launchpad bug 1089488 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Confirmed]
<adam_g> yolanda: cool! looks good
<yolanda> i removed glance
<kantlivelong> hey all.. im getting file to large from nfs
<kantlivelong> how can i fix this?
<sarnold> kantlivelong: what version of nfs? nfsv2 can only access 2 gigs, nfsv3, v4, can access signifncantly larger files: http://nfs.sourceforge.net/
<adam_g> jamespage: updated interfaces/hook names for the swift-storage/swift-proxy/glance stuff. should be sane now.
<kantlivelong> sarnold: im asuming v4. im on ubuntu 12.04 so i would imagine v2 wouldnt be used
<kantlivelong> any easy way to tell?
<sarnold> kantlivelong: hrm, I no longer know that :(
<daniear> just installed fail2ban, could someone please try to ssh in to see if it works
<Jeeves_> daniear: Sure, where
<smoser> daniear, ooh i want to try too!
<daniear> im ircing from my ip
<daniear> 22
<daniear> should be 3 attempts
<RoyK> daniear: better use denyhosts - it's distributed
<RoyK> daniear: btw, seems to work ;)
<daniear> distributed? what do u mean
<storrgie> I'm having permissions problems using nfs, I have a server that is running a daemon as www-data that is having troulbe writing to my nfs mount.
#ubuntu-server 2012-12-19
<storrgie> I see nobody and nogroup, I want to see if I can get the permissions matched between machines
<sarnold> storrgie: check the id numbers..
<uvirtbot> New bug: #1091939 in nova (main) "nova-network applies too liberal a SNAT rule" [High,New] https://launchpad.net/bugs/1091939
<axisys> what is the recommended route to automate install and configure a server? preseed and puppet ? writing a preseed with raid1 + lvm is not fun
<axisys> writing a preseed to setup raid1 + lvm is no fun*
<oracle> I installed ubuntu 12.10 server on an SSD last night.  It's a Corsair Force GT that's 4k aligned, but when install finished, fdisk reports it as 512/512 for both logical and physical.  anyone one which partitioner tool is used in the installer?
<oracle> anyone know i mean
<oracle> Does the partitioner create the first partition on a 4k aligned sector anyway even if the drive is lying about it's sector size?
<oracle> I dont have ssh to my server at the moment so can't check this
<Rar9> hello IÂ´ve just installed an ISO  Ubuntu 12.04  with plesk for the webadmin .  now i want to transfere some files via sftp but the install sftp user doesnÂ´t have the right permissions.  what do I need to change?
<Jeeves_> Probably the permissions on the directory you're trying to write to
<Rar9> Jeeves_ as said itÂ´s a clean first time install  my user "webuser" also always need to sudo su is ther a way to change this as well?
<Jeeves_> Rar9: No. webuser != root, so you always need to su for root-actions
<Rar9> Jeeves_ and there is no way to make it permament?
<jpds> Rar9: sudo -i is the correct command to get a root login.
<Jeeves_> Rar9: Login as root :)
<Rar9> Jeeves_ so what do i need to do for  the "webuser" so he has full sftp rights (Winscp) for the file transfere?
<Jeeves_> Rar9: You need to look into the permissionstructure of Linux
<Jeeves_> And understand how that works and how you should use it
<Rar9> Jeeves_ any hint.... or do I need to setup a root login user?
<Jeeves_> Rar9: I gave you a hint, but you choose not to like it.
<Rar9> Yes linux is still too new for a win user :-(
<Jeeves_> You should check the permissions of the directory you're trying to write to
<Jeeves_> Who owns it, who can read it, who can write to it.
<Rar9> Jeeves_ yes but should the fest install "webuser" (superuser) have full access to all files?
<Rar9> first installed user
<Jeeves_> No
<Jeeves_> Only root has access to all iles
<Jeeves_> +f
<Rar9> i the user I created has only sudo rights
<Jeeves_> Indeed
<Jeeves_> Any user in group admin or sudo (they changed that somewhere on the way) can sudo
<Rar9> I can see the  "root" user via lastlog
<Rar9> do i need to deine a PW for root then?
<Rar9> define
<Rar9> sudo passwd root did the job :-)
<Rar9> steep learing curve
<oracle> I installed ubuntu 12.10 server on an SSD last night.  It's a Corsair Force GT that's 4k aligned, but when install finished, fdisk reports it as 512/512 for both logical and physical.  anyone know which partitioner tool is used in the installer? Does the partitioner create the first partition on a 4k aligned sector anyway even if the drive is lying about it's sector size?
<hexy> Hey people, question. I want to backup all my server settings and content and be able to restore it with ease after new installation, how would I go about that? Maybe even to make a full image of the drive? O
<finite9> anyone know if 12.10 installer can handle 4k aligned disks?
<RoyK> it can
<RoyK> it doesn't care
<ikonia> most installers shoudn't see a problem
<finite9> RoyK: fdisk still shows 512 bytes as physical and logical
<finite9> does it matter as long as the partitions are on 4k multiples?
<RoyK> finite9: it usually does, since that's what the disk reports
<RoyK> finite9: no, as long as partitions are aligned, it doesn't matter.
<finite9> RoyK: I've got other raid (non-ssd) disks that report 4096 bytes correctly in fdisk
<RoyK> finite9: what is the drive model?
<finite9> thanks. will have to verify what sectors my partitions are on when I get home
<finite9> RoyK: it's a Corsair Force GT 120GB SSD
<finite9> RoyK: tha others are Seagate raid compatible non-ssd's
<RoyK> all drives are "raid compatible" ;)
<RoyK> well, perhaps not WD non-raid drives, since they enter a panic mode of "deep recovery" if they hit a bad sector, but most other drives can be reconfigured not to do such nonsense
<finite9> hmm...sure?  doesn't it "depend"?  I got 2 WD "RE3" disks.  They've got different firmware than the other greeen/black editions so they don't freak out when mirrored... which has happened to me with other disks that weren't specced as raid specific
<RoyK> WD has a TLER (time-limited error recovery) mode for their "enterprise" drives, to avoid that nonsense
<RoyK> but then, most drives work well in RAID configurations
<finite9> i have 2 WD RE3's mirrored and got a pair of Seagate disks in a raid-0 array, and im pretty sure the datasheet mentioned something about them being specced for raid use as well?
<RoyK> it's only this TLER thing
<finite9> maybe my previous bad experience was due to using 2 MyBooks (usb2) as a raid-1 :)  it failed daily and had to rebuild the array which took hours.
<RoyK> some (at least WDs) desktop drives are locked to a mode doing "deep recovery", trying to read a single sector for up to 1 minute, if a sector fails
<RoyK> IMHO that's nonsense
<finite9> does the spinning down of the discs not affect raid arrays?  I thought that was one of the advantages of getting "raid specific" versions of disks, so that the disk could handle the spin down (or just doesn't spin down when in raid array), or am i mistaken?
<RoyK> that's tunable
<RoyK> see hdparm(8)
<finite9> tunable to spin down or not?  with smart?  yes, but if you _want_ the disks to spin down, but _not_ get degraded in the array?
<RoyK> I don't think there should be a difference there. not smart/smartctl, hdparm
<RoyK> smartctl is for querying the disk for health info and more, not controlling it
<finite9> ok.  didnt realise that
<finite9> thought you could control it as well
<RoyK> don't think there's much control available from smartctl apart from starting tests etc
 * RoyK RTFM
<finite9> yeah I think it's time to re-read it :)  been a few years since last time.
<RoyK> nope - you'll have to use hdparm
<soren> finite9: You can configure a drive in a raid array to be "write-mostly". This way, it'll only be used when you're writing things, not when reading. This allows it to spin down (assuming nothing is being written) while still being an active part of the array.
<soren> Of course this only works for RAID 1.
<RoyK> finite9: also, keep in mind that spinning drive a disk may cause its temperature to vary more than leaving it spinning 24x7, and drives are most happy in stable environments
<uvirtbot> New bug: #1092076 in vsftpd (main) "Please merge vsftpd 3.0.2-1 (main) from debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/1092076
<uvirtbot> New bug: #1092108 in nova (main) "resume_state_on_host_boot fails on instances in error state" [Undecided,New] https://launchpad.net/bugs/1092108
<uvirtbot> New bug: #1092110 in nova (main) "Please consider enabling --start_guests_on_host_boot=true by default" [Undecided,New] https://launchpad.net/bugs/1092110
<uvirtbot> New bug: #1092120 in cobbler (universe) "Cobbler PXE menu template mislabelled as MAAS" [Undecided,New] https://launchpad.net/bugs/1092120
<uvirtbot> New bug: #898840 in orchestra (universe) "'default' preseed should be enlister" [Medium,Fix released] https://launchpad.net/bugs/898840
<uvirtbot> New bug: #1092126 in nova (main) "Instances can get into a 'highlander' state - no obvious way to kill them" [Undecided,New] https://launchpad.net/bugs/1092126
<thejoecarroll> hi. i need help with setting up syslog for a chroot jail. i've used jailkit and followed the instructions here: http://olivier.sessink.nl/jailkit/howtos_sftp_scp_only.html but the -a option for syslogd that is suggests using to add an extra socket seems to have been removed between hardy and lucid/precise: http://manpages.ubuntu.com/manpages/hardy/man8/rsyslogd.8.html vs http://manpages.ubuntu.com/manpages/precise/man8/rsyslogd.8.html
<uvirtbot> New bug: #1092137 in ceph (main) "radosgw crashes when uploading files using swift" [Undecided,New] https://launchpad.net/bugs/1092137
<thejoecarroll> i'm also having trouble getting sftp to work with the chrooted user although scp works as intended
<thejoecarroll> so, q1: how can i get rsyslogd to listen to what's logged by jailed processes to /var/chroot/dev/log (created by jk_socketd; see http://olivier.sessink.nl/jailkit/jk_socketd.8.html), as well as the normal systemwide logging?
<thejoecarroll> ok, i figured out the answer to q1: $AddUnixListenSocket /var/chroot/dev/log
<thejoecarroll> in /etc/rsyslog.conf anywher after $ModLoad imuxsock
<jcastro_> hey Daviey
<jcastro_> http://blog.awe.sm/2012/12/18/aws-the-good-the-bad-and-the-ugly/
<jcastro_> mentions how we suck at EBS failures, we should check it out.
<jcastro_> smoser: utlemming ^^^
<roaksoax> zul: can you think of an upstart job that source /etc/default/packagename?
<jpds> roaksoax: gmetad sources a .conf file in /etc/.
<roaksoax> jpds: cool thanks., the only thing is that it is not an upstart job :)
<jpds> roaksoax: It is.
<jpds> roaksoax: I upstartified it in raring.
<roaksoax> jpds: ah!! i was looking at quantal :)
<roaksoax> jpds: thanks for the tip
<ed8> hi, which version of Ubuntu server should I install on a new server ?
<RoyK> ed8: I'd use the latest LTS, 12.04
<ed8> should I go for a LTS or the support scheme doesn't apply to server release
<RoyK> LTS is for all releases
<ed8> RoyK: is there a 12.10 for server ? (just to know)
<RoyK> there is
<ed8> what are the pros/cons of choosing a Ubuntu Server instead of a Debian ?
<RoyK> I guess just choose whatever you like
<roaksoax> q/win 14
<roaksoax> err
<paco1> hello masters!
<paco1> i have a problem with my bind server: i have a master and a slave bind server. i put on my config file on master server "allow-transfer {;};" and "notify yes;" (for normal & reverse zones) but the zones don't transfer quickly, the process takes many times to do the transfer....or only one is transfered
<flagg0204> has anyone used apparmor to build an RBAC system for their ubuntu server
<flagg0204> having a hard time finding articles on the subject
 * RoyK hasn't tried
<RoyK> flagg0204: what do you need it for?
<hallyn> all:  i plan on uploading new qemu packages from ppa:serge-hallyn/crossc on jan 2.  If you want to test, especially with arm or ppc host/target, I highly recommend following through on those urges :)
<ed8> I need some advice about the support for a Ubuntu server. How is the 'standard' support helpful in Windows Network ?
<Pici> ed8: I'm afraid I don't understand your question.
<TheLordOfTime> nor I...
<TheLordOfTime> ed8, can you elaborate on what you're trying to ask?
<smoser> utlemming, around ?
<utlemming> yup
<ed8> I don't understand the 'Windows integration' option of th 'Standard' support describe here : http://www.ubuntu.com/business/server/services
<ed8> how is it helpful  ?
<utlemming> smoser: here
<Pici> ed8: I'm afraid we can't really answer questions about Canonical's support packages. You would be better off using the Contact Canonical link on that page.
<smoser> so for the image description data... i am thinking that in the data (example: http://paste.ubuntu.com/1450295/)
<Pici> Most of the people here do not work for Canonical, we're just volunteer users providing support.
<smoser> there needs to be some globally unique name that references *this* set of items.
<smoser> iqn (http://en.wikipedia.org/wiki/ISCSI) seems not un-reasonable to me
<ed8> well as it's the #ubuntu-server channel I was expecting some people to know about this
<ed8> Pici: or is it the same channel as #ubuntu ?
<smoser> http://paste.ubuntu.com/1450303/ (with iqn in it)/
<smoser> i'm kind of looking ofr other ideas on what "unique identifier" we could use.
<Pici> ed8: Both #ubuntu and #ubuntu-server provide community support.  We do not work for or represent Canonical.
<TheLordOfTime> ed8, what you're asking for is about Canonical's paid support.  we don't work for Canonical, we're just community support, as Pici said.
<TheLordOfTime> your best bet is to use the Contact Canonical link
<TheLordOfTime> and ask them.
<smoser> i also considered something just like "authoritative-url: http://cloud-images.ubuntu.com/data/images/releases/precise/server/i386
<jcastro_> yeah use the link, I work for Canonical and I don't know the answer to your question either. :p
<TheLordOfTime> jcastro_, heh
<utlemming> smoser: so you want something that says "this data is unique and came from X"?
<ed8> TheLordOfTime: don't you use paid support ?
<TheLordOfTime> ed8, nope.
<TheLordOfTime> no need, not for my servers anyways.
<ed8> ok
<smoser> well 2 things
<TheLordOfTime> a couple of organizations i've worked with went for paid support, but...\
<ed8> Do you have any suggestion on the partitions to create for a ubuntu server ?
<smoser> a.) i need some unique identifier that names "this set of items". that way, to know if I've "seen" an item_group before I just have to have its 'serial' and 'unique-identifier'
<flagg0204> RoyK: I'd like a user to be able to login an use certain commands without having to provide sudo access.
<smoser> b.) if I have a local mirror from http://mirror-1.com and I switch my sync client to http://mirror-2.com , Ideally the tool then doesn't have to completely mirror everything again.
<smoser> ie, it would "know" somehow that the new upstream mirrors were identical
<RoyK> flagg0204: can't you just use sudo and allow those certain commands there?
<flagg0204> RoyK: I could, but that would involve creating sudo entries for every user as our LDAP has no concept of groups. That doesnt scale
<utlemming> smoser: thinking....
<RoyK> flagg0204: then why don't you use groups? I'm confused...
<smoser> "authoritative-url" gives the additional benefit of providing a "where is the upstream mirror of all this stuff"
<smoser> but then has the negative affect of implying that there *is* one (and that you'd know it when you produced the data).
<RoyK> flagg0204: I didn't think there was an LDAP server on the planet not supporting groups
<flagg0204> RoyK: ldap does support groups. the way ours is implemented does not use groups. and I dont admin the ldap server. so i cant change it.
<RoyK> flagg0204: you can probably create local groups with ldap users - should work
<utlemming> smoser: I think that the IQN idea has a lot of merrit. but I am wondering about doing it java like
<utlemming> smoser: i.e. com.ubuntu.cloud-images.precise.<SET>
<smoser> re-using iqn gives a clearly defined naming convention.
<utlemming> smoser: right, and you do have the benefit of a RFC
<smoser> unless there is another, such well defined definition, i'd just use it.
<smoser> i do think that "authoritative-url"  makes sense too though. as a "can contain".
<utlemming> smoser: yeah, this all makes sense to me
<uvirtbot> New bug: #1092209 in python-novaclient (main) "bash completion file is incorrectly installed (and missing)" [Undecided,Confirmed] https://launchpad.net/bugs/1092209
<RoyK> flagg0204: anyway - the useful change would be to have the admin add an ldap group or two. what sort of commands do you need to allow for your users?
<jamespage> roaksoax, quantum-netns-cleanup could be adapted to do what we want
<jamespage> ATM it will cleanup dhcp and l3 router ports and namespaces
<jamespage> that needs to be a cli option
<roaksoax> jamespage: right, so the RA can simply call that and do its thing then
<jdstrand> flagg0204: I'll refer you to http://wiki.apparmor.net/index.php/Documentation
<jdstrand> flagg0204: in particular 'Integrating AppArmor with PAM for login-based policies' (which should be current) and 'Using AppArmor for Role Based Access Control (RBAC)' (which may be out of date)
<RoyK> jdstrand: erm - does this mean apparmor can replace sudo for certain tasks?
<sarnold> RoyK: apparmor doesn't raise privileges; however, if you've got a setuid program, apparmor can restrict what that program can do (vaguely similar to sudo's commands+arguments...)
<RoyK> ok
<sarnold> RoyK: I think they're complementary tools, but you could certainly describe a sudo use that apparmor could do..
<RoyK> thanks - gotta look more into apparmor - so far, it's only been background noise
<sarnold> woo :)
<uvirtbot> New bug: #1092020 in vlan (main) "init: network-interface (vlan3) pre-start process (1683) terminated with status 1" [Undecided,Incomplete] https://launchpad.net/bugs/1092020
<uvirtbot> New bug: #1092243 in bind9 (main) "/etc/init.d/bind9: 92: [: pid:: unexpected operator" [Undecided,New] https://launchpad.net/bugs/1092243
<echosystm> hi guys
<echosystm> im trying to reverse tunnel into a ubuntu server and i cant get it to work
<echosystm> a connection is created but whenever i try to telnet over it, i get a refused connection
<echosystm> unlike when the connection isnt there, telnet doesnt run at all
<RoyK> echosystm: ssh tunnel?
<echosystm> yes
<brendan_> hey all... so some of our servers are getting bonded and i am also slowly incorporating puppet into the infrastructure.. and the boss is installing the pt-cache search ifenslave-2.6 package, my question is.. if i include that package as part of the core_packages all of our servers receive and do not get setup for a bonded connection, would/will that package create havoc?
<brendan_> if installed, but not used?
<echosystm> exit
<echosystm> ugh
<echosystm> the worst
<uvirtbot> New bug: #1092327 in ceph (main) "[radosgw] swift gateway creates object with bad permissions unless 'rgw swift use keystone = true' is specified " [Undecided,New] https://launchpad.net/bugs/1092327
#ubuntu-server 2012-12-20
<riz0n> Hello. I have an Ubuntu 12.04.1 server running, and I am getting cron emails daily /etc/cron.daily/spamassassin: http: GET http://sa-update.dnswl.org/1423347.tar.gz request failed: 500 Can't connect to sa-update.dnswl.org:80 (Bad hostname): Can't connect to sa-update.dnswl.org:80 (Bad hostname) LWP::Protocol::http::Socket: Bad hostname 'sa-update.dnswl.org' at /usr/share/perl5/LWP/Prot
<riz0n> ocol/http.pm line 51.  What has happened, and what do I need to change to fix this? Thanks.
<TheLordOfTime> sa-update.dnswl.org:80 (Bad hostname)  <--- is that a valid hostname?
<riz0n> I would hope so, its part of Spam Assassin.
<TheLordOfTime> i think your system's not resolving its hostname right
<sarnold> can you ping it? or connect with wget, w3m, lynx, curl, etc?
<TheLordOfTime> from your server, that is.
 * TheLordOfTime confirmed its up from his system here
<sarnold> me, I get NXDOMAIN. So. :)
<riz0n> Yes I can ping it from the server.
<riz0n> Trying to do wget now
<ablyss> accidentally installed the debian package "javascript-common".  If your javascripts stop working all of a sudden, more than likely you installed this horrible, vile, inate idea of crap too.
<riz0n> I was able to wget http://sa-update.dnswl.org/1423347.tar.gz from the server as well.
<sarnold> try sticking the wget command you just used into a file in cron.hourly or something -- at the next hour, (darn, just missed the lsat one), you'll be able to see if running via cron influences the ability to do name lookups
<riz0n> I'll give it a shot.
<TaylorJohnson> Hi guys. I'm having trouble with oubount HTTP connections (apt-get/wget/etc) with my IPTABLES configuration. This is my configuration file: http://pastebin.com/LYwp5YHf Is there anything obvious that sticks out as being incorrect? DNS resolves perfectly fine and inbound originated HTTP works fine too.
<lickalott> all, my server has been randomly going "offline".  3x in the last two days.  I've checked the syslog but didn't see anything that jumped out at me.   I rebooted it this morning and it was fine, at about 4:00 i was unable to reach it (across the network).  When I hit a button on the keyboard nothing happens (the monitor shows an empty black screen.  I hit the reset button on the case and
<lickalott> it acts like it's going to reboot but nothing happens.  The only way it comes back is if I cold boot it.
<lickalott> Where else would I look to find out whats happening?
<thejoecarroll> hi! could someone please help me with figuring out why chroot-jailed scp works but sftp doesn't after following these instructions: http://olivier.sessink.nl/jailkit/howtos_sftp_scp_only.html
<vezq> TaylorJohnson: looked okay to me, personally I don't usually filter OUTPUT much as it causes easily weird problems
<vezq> lickalott: sounds like a hardware issue, can you test with some LiveCD?
<qman__> thejoecarroll, that method is outdated as of openssh 4.8p1
<qman__> it now has a MUCH easier built-in chroot function
<qman__> http://www.debian-administration.org/articles/590
<thejoecarroll> thanks for that link, qman__
<thejoecarroll> i'll give that a go
<ariel> i wanna know how to setup a server and configure it
<RoyK> ariel: it all starts with a CD and a machine, or perhaps setup a VM ... it's not learned in an hour, or a week, or a year, but little by little, you'll understand more and more...
<ariel> i know the learning curb is at a slow pace a just wanted to get to know the little details
<ariel> i*
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<ariel> i wanna know if its good to install ubuntu server via vm or full install
<RoyK> ariel: that obviously depends what you need
<ariel> i have a computer with a 200gb hard drive is this enough
<RoyK> ariel: yes, you need far less for a base install
<RoyK> ~1-2GB should do
<tboat> hey all, im running a 12.04 server and the recent kernel update broke samba
<tboat> ive tried uninstalling with --purge then reinstalling
<tboat> it gives this error: /var/lib/dpkg/info/samba4.postinst: 14: /var/lib/dpkg/info/samba4.postinst: /usr/share/samba/setoption.pl: Permission denied
<tboat> dpkg: error processing samba4 (--configure):
<tboat>  subprocess installed post-installation script returned error exit status 126
<tboat> Errors were encountered while processing:
<tboat>  samba4
<tboat> E: Sub-process /usr/bin/dpkg returned an error code (1)
<tboat> anyone around>
<tboat> crickets
<tboat> so 371 people all just lurking?
<freesbie> offcourse :)
<tboat> well that is so very helpful
<freesbie> sorry, might be that the .pl file is missing the execute bit for the package scripts to run properly
<tboat> Need help with 12.04 server, samba is broken. http://paste.ubuntu.com/1452244/
<tboat> so is that something i can find, or is it broken in the repo?
<freesbie> havent touched samba on ubuntu, but that looks like a basic error
<tboat> well...what i dont get is all i did was update kernel and packages, samba wasnt even listed, now it is broken
<freesbie> start by checking if /usr/share/samba/setoption.pl is executable and run the apt-get purge again
<tboat> so apparently perl isnt installed?
<tboat> maybe my server got hit, because i didnt remove perl, and i dont see why updates would have removed it
<ewook> tboat: what do you get by running 'perl -v'
<Pici> bug 988509 seems to be related
<uvirtbot> Launchpad bug 988509 in samba4 "setoption.pl is not executable" [High,Fix released] https://launchpad.net/bugs/988509
<ewook> Pici: nice catch.
<tboat> @ewook perl version 5 r 14
<ewook> tboat: there ya go. perl is intact.
<tboat> yes thank you, i found similar bug pages but none pertaining to the .pl file
<ewook> tboat: try looking at the launchpad bug, perhaps there's a easy fix like chmod +x on the setoption.pl
<tboat> hmm it appears the samba4 package is broken in the ubuntu repo, so i guess i have to build samba3 from source?
<ewook> tboat: samba4, isn't that still experimental?
<ewook> !samba4
<Pici> tboat: the 'samba' package is samba3.
<ewook> there we go.
<Pici> ewook: #ubuntu-server and #ubuntu have the same factoids, no need to ask ubottu in both channels.
<ewook> Pici: Doh..
<ewook> thanks ;)
<samba35> RoyK: hi
<tboat> @ewook @Pici samba4 is experimental, but anytime I try to do "apt-get install samba" it says i need to do "samba4"
<tboat> hmm but after removing samba4, it seems to have gone back to samba3 now
<tboat> ok so just installed samba3, however when i do "samba -v" it says samba is not installed
<tboat> but proccess smdb and nmdb are running
<tboat> still cant access my server locally with samba, anyone else have broken samba?
<patdk-lap> nope
<uvirtbot> New bug: #1092548 in tomcat7 (main) "dependency to tomcat-native is too weak (no version for libtcnative-1 specified)" [Undecided,New] https://launchpad.net/bugs/1092548
<RoyK> samba35: hi
<samba35> sorry i could not come back to you on iscsi
<RoyK> well, did you manage to make it work?
<samba35> no it was issuse with vmware
<samba35> do you have idea on dhcp/dns
<samba35> I have configure ubuntu as a dhcp client from dhcp server (dhcp server from another utm box ) but i want to configure FQDN on ubuntu
<RoyK> iirc that's set by the dhcp client
<RoyK> but not sure
<samba35> ok
<tboat> can someone explained why this bug is "resolved" when I still get that error? https://bugs.launchpad.net/ubuntu/+source/samba4/+bug/988509
<uvirtbot> Launchpad bug 988509 in samba4 "setoption.pl is not executable" [High,Fix released]
<uvirtbot> New bug: #1092585 in euca2ools (main) "euca-run-instances incorrect man page option for --instance-count" [Low,Triaged] https://launchpad.net/bugs/1092585
<tboat> anyone have a fix for this: https://bugs.launchpad.net/ubuntu/+source/samba4/+bug/988509
<uvirtbot> Launchpad bug 988509 in samba4 "setoption.pl is not executable" [High,Fix released]
<tboat> 384 lurkers, someone has to know something
<uvirtbot> New bug: #1092595 in cobbler (universe) "logrotate not packaged" [Undecided,New] https://launchpad.net/bugs/1092595
<uvirtbot> New bug: #1092598 in cobbler (universe) "cobbler-register not packaged" [Undecided,New] https://launchpad.net/bugs/1092598
<tboat> so i guess no one here knows nothing about samba and samba4?
<RoyK> tboat: what do you want to know?
<tboat> @RoyK im on ubuntu server 12.04, samba broke after latest kernel update.  "samba" in terminal returns: "samba is not installed, use apt-get install samba4 to get it", but samba4 is what broke in the first place (https://bugs.launchpad.net/ubuntu/+source/samba4/+bug/988509).  when i do "apt-get install samba", it says samba is already installed.  I can not view my server on Windows share
<uvirtbot> Launchpad bug 988509 in samba4 "setoption.pl is not executable" [High,Fix released]
<RoyK> tboat: erm
<RoyK> well, shoot
<xixek> join #bmw
<tboat> im on ubuntu server 12.04, samba broke after latest kernel update.  "samba" in terminal returns: "samba is not installed, use apt-get install samba4 to get it", but samba4 is what broke in the first place (https://bugs.launchpad.net/ubuntu/+source/samba4/+bug/988509).  when i do "apt-get install samba", it says samba is already installed.  I can not view my server on Windows share
<uvirtbot> Launchpad bug 988509 in samba4 "setoption.pl is not executable" [High,Fix released]
<sarnold> tboat: perhaps you meant "smbclient" ?
<tboat> sarnold: smbclient would be client side not server side no?
<sarnold> tboat: ah, I misread "can not view my server on Windows share" as "cannot view windows shares". Sorry. :)
<tboat> no worries, yeah this server is just a media share server, but its one function, be shared on my LAN, isnt working haha.  and no one seems to be able to help me
<claude2_> anyone here good with qos?
<rcaskey> claude2_, #networking may be better
<claude2_> thanks
<hallyn> stgraber: I'm changing the qemu-kvm upstart job (which is only there to load and configure the kernel modules) to not run in a container at all.  You presumably have no objection to that?
<stgraber> hallyn: sounds good
<zul> hallyn: ill get libvirt 1.0.1 packaged after i get back
<hallyn> zul: ok
<LuizAngioletti> I've just installed and configured an apt-cacher. My client machines are all collecting their updates from my server.
<LuizAngioletti> When I run 'apt-get upgrade' on my server, apt downloads all the packages again, although they are already available from the cacher.
<LuizAngioletti> Is it healthy to set the 01proxy file under /etc/apt/apt.conf.d/ on the server?
<LuizAngioletti> pointing to himself?
<sarnold> LuizAngioletti: I've done that on my worksation and fleet of VMs I run on the laptop...
<LuizAngioletti> sarnold: I thought it could go into a loop. Who is my cacher? Me. Who has the most up-to-date files? Me. Who should I ask for more up-to-date files? Me.
<sarnold> LuizAngioletti: hehe :)
<LuizAngioletti> sarnold: I doesn't then?
<sarnold> I think mine even caches the stuff I serve out of /var/www/debs/ for testing .. it's not ideal :) but it doesn't seem to cause any problems.
<LuizAngioletti> sarnold: I keep an eye on it, just in case. =)
<sarnold> :)
<LuizAngioletti> damn, my english is horrible today. =P My fingers are dumb, I apologize for taht.
<LuizAngioletti> =P
<LuizAngioletti> Thank you for your help.
<sarnold> LuizAngioletti: it's IRC :) mistakes and non-native are expected. :)
<uvirtbot> New bug: #1092675 in apache2 (main) "Conflict installing "LAMP" apache2/mysql/php5 with aptitude" [Undecided,New] https://launchpad.net/bugs/1092675
<uvirtbot> New bug: #1092691 in bind9 (main) "A way to disable AAAA lookups in the resolver (again)" [Undecided,New] https://launchpad.net/bugs/1092691
<zurich> hi: i have a 3 disk raid 5 software array. today we had some serious power issues and one of the disks failed. nowthe array won't come up (not even as degraded). I have tried mdadm -A and --autodetect but still won't come up... any suggestions?
#ubuntu-server 2012-12-21
<ikonia> zurich: you can't run raid 5 on 2 disks
<jiboumans> hey smoser, are you around per chance? It looks like I'm running into this bug https://bugs.launchpad.net/ubuntu/+source/ec2-ami-tools/+bug/672986, although I have the updated package installed. (lucid, 1.3-45758-0ubuntu1)
<uvirtbot> Launchpad bug 672986 in euca2ools "euca-bundle-vol/ec2-bundle-vol should copy filesystem uuid" [High,Fix released]
<ikonia> zurich: you need to replace the failed disk to start the array for a rebuild
<jiboumans> smoser, specifically: $ sudo blkid /mnt/tmp/ami-x86_64/image /dev/sda1
<jiboumans>  /mnt/tmp/ami-x86_64/image: UUID="b47c47d0-214f-49b1-8e03-140d6f67a43e" SEC_TYPE="ext2" TYPE="ext3"
<jiboumans>  /dev/sda1: LABEL="cloudimg-rootfs" UUID="74aad503-152c-47e8-8f1d-cd7254872276" TYPE="ext3"
<jiboumans> smoser: it looks like the fix was in the .1 package, which I missed. according to the bug, it should have made it into multiverse, but didn't.. there's a newer backports version available though that i'll try next
<jiboumans> it's asciibetically lower though: 1.3.49953-0ubuntu1~lucid1 vs *** 1.3-45758-0ubuntu1
<smoser> jiboumans, you're saying the uuid isn't getting copied ? where does your ec2-ami-tools come from?
<smoser> (apt-cache policy)
<jiboumans> smoser: https://gist.github.com/f750112981dd64bbb78b
<smoser> i would think that you should see the -updates version (1.3-45758-0ubuntu1.1 )
<smoser> which pro bably has a fix in it.
<jiboumans> indeed, the 1.1 has the fix, the 1 doesn't
<smoser> but the multi-verse package is higher upstream version but no fix for that.
<smoser> my suggestion would be either
<jiboumans> smoser: i have lucid/updates in my sources.list, so i'm confused too
<smoser>  * ditch -backports
<smoser>  * use https://launchpad.net/~awstools-dev/+archive/awstools
<jiboumans> smoser: you mean the natty backport doesn't have a fix? i'm confused.
<smoser> natty backport?
<smoser> the -backports does not have the fix.
<smoser> https://launchpad.net/ubuntu/+source/ec2-ami-tools
<smoser> look at the dates on the lucid packages and you'll see.
<smoser> if you ditch -backports, purge the thing, get the -updates version, you should get a good version.
<jiboumans> smoser: it looks like i don't have lucid-updates/multiverse, and that's the problem of not finding the update
<smoser> that *would* be still less than the -backports version
<smoser> so you will need to get rid of it from backports
<smoser> (sorry for that)
<jiboumans> smoser: got it. although note the 1.3. vs 1.3- in the version, which is why i think the 'older' version got selected
<quantalrabbit> trying to debuild php5-5.3.10 for precise and failed pretty far along the build process.  getting the following error: "debian/setup-mysql.sh: 44: debian/setup-mysql.sh: USER: parameter not set" then build exits with status 2.  Any help greatly appreciated.
<TheLordOfTime> uh...
<TheLordOfTime> what's wrong with 5.3.10-1ubuntu3.4?
<TheLordOfTime> !info php5 precise
<ubottu> php5 (source: php5): server-side, HTML-embedded scripting language (metapackage). In component main, is optional. Version 5.3.10-1ubuntu3.4 (precise), package size 1 kB, installed size 21 kB
<TheLordOfTime> quantalrabbit, ^
<xnox> quantalrabbit: exact command line parameters & output would be appreciated in a pastebin.
<TheLordOfTime> also, what's wrong with the version in precise right now...?
<sarnold> (and how did you fix the "binary file contents changed" error?)
<quantalrabbit> TheLordOfTime: There's a regression from 5.3.8 whereby output from workers does not get logged to php-fpm.log even when catch_workers_output is set.  https://bugs.php.net/bug.php?id=61045
<TheLordOfTime> quantalrabbit, do they have an upstream patch?
<TheLordOfTime> quantalrabbit, better question: does a bug for that issue exist in ubuntu?
<quantalrabbit> TheLordOfTime: I think it is fixed in the latest version of PHP 5.3.15+
<TheLordOfTime> (if so, i'll see if I can't SRU that patch in)
<TheLordOfTime> ... wait did i just volunteer to take yet ANOTHER SRU under my wing...
<quantalrabbit> TheLordOfTime: sorry, I don't if a but for that issue exists.  i'll try google and see if i can find out.
<TheLordOfTime> ... crap...
<quantalrabbit> TheLordOfTime: you're a good man.
<TheLordOfTime> quantalrabbit, if one doesn't exist, file one and link it here.
<TheLordOfTime> quantalrabbit, just another random tiresome job for me to add to the pile
 * TheLordOfTime points at the stack of 20 triage-related things he is currently working with behind the scenes.
<TheLordOfTime> ... and i'm about fed up with php5 right now, since this patch keeps FTBFS (not the one you're referencing)
<quantalrabbit> TheLordOfTime: i probably don't know php5 in any depth close to you but seems like you're the caretaker.  thank you for your work!
<TheLordOfTime> under no circumstances call me the caretaker of php5
<TheLordOfTime> i'm just a member of the server team, and i'm not the only one who works on php5.
<TheLordOfTime> call me caretaker of nginx if you want, nginx's support team LOVES that i know what i'm doing with it...
<quantalrabbit> ok, pardon my mistake
<TheLordOfTime> i personally hate php5...
<TheLordOfTime> but i will SRU it if i must...
 * TheLordOfTime glares evilly at the php5 source code.
<TheLordOfTime> (this is the daily "glare at php5 for being evil" part of my day)
<quantalrabbit> haha.  i hate php5 too.  and the god-awful drupal code i've inherited.
<TheLordOfTime> actually that's a good question, is the server team autosubscribed to all  php5 bugs?
<quantalrabbit> TheLordOfTime: Looks like someone already reported this: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/999969  Should I create another one?
<uvirtbot> Launchpad bug 999969 in php5 "PHP5 doesn't send errors or warnings to fastcgi clients" [Undecided,Confirmed]
<TheLordOfTime> nah, i'll subscribe to this.
<quantalrabbit> TheLordOfTime: thanks!
<TheLordOfTime> just mark that it affects you and subscribe, i'll work on it probably tomorrow
<quantalrabbit> TheLordOfTime: marked affectation.
<quantalrabbit> TheLordOfTime: apologize if this a rude question... i'm guessing that a stable release update is a long process.  what are the chances that php5 for precise will be updated in the near future (2 months)?
<sarnold> quantalrabbit: with the SRUs I've seen done so far, it seems to depend strongly upon how much testing is done by those affected by the bug...
<sarnold> quantalrabbit: if you haven't seen this yet, give it a quick read: https://wiki.ubuntu.com/StableReleaseUpdates
<sarnold> quantalrabbit: I've seen some get deleted, and the work thrown away, if no one gets around to testing it within 105 days... and I've seen some go through in ~week.
<quantalrabbit> sarnold: thanks for the insight
<koolhead17> YAY we are still alive!!
<oracle> installed server 12.10 last night and chose ecryptfs for home directory, but now, when i try to ssh into the box with private key, i get access denied (public key) and i must restart sshd before I can login remotely.  Im guessing that it's because my authorized_keys file is not readable by sshd due to ecryptfs?  when i log in to restart ssh im obviously opening the encryption. anyway around this?
<SpamapS> oracle: I believe you can have auth keys in the dir underneath the ecryptfs mount
<oracle> yes, just read that on ubuntuforums, but it's been working a few times before I restarted the box
<oracle> im now baffled as to why it was working at all directly after installation
<oracle> after install, I continued configuring it remotely, using priv/pub key and it was all working, then i configured nfs and restarted the box, and no longer get in unless im actually logged in at the console
<TheLordOfTime> SpamapS, ping
<TheLordOfTime> if you're around :P
<Hilarie> Got a question, I am running ubuntu server 12.10, running off of a USB stick, with a 2tb external HDD connected via USB2.0, I about an hour ago, transferred a massive amount of data, around 200gb, at what I am guessing was a bit faster then the HDDs speed because it slowed down after a bit, now the free -m is still showing, around 700mb in the buffer (not cache)
<Hilarie> I am worried that if I have a power outage, I will lose, a random part of that data, why would that much be staying in the buffer?
<xnox> Hilarie: did you run $ sync
<xnox> ?
<Hilarie> just type in sync?
<xnox> Hilarie: yes. any user/root.
<Hilarie> did it, right when I asked, buffer amount didn't change :/
<xnox> Hilarie: sure. that's fine, it is ok to keep that stuff in buffers as well as on disk.
<xnox> Hilarie: http://manpages.ubuntu.com/manpages/precise/en/man1/sync.1.html
<xnox> Hilarie: sync guarantees that it is on disk. If you want to recover ram you can do this:
<uvirtbot`> New bug: #999969 in php5 "PHP5 doesn't send errors or warnings to fastcgi clients (dup-of: 1014044)" [Undecided,Confirmed] https://launchpad.net/bugs/999969
<xnox> sync && echo 3 | sudo tee /proc/sys/vm/drop_caches
<Hilarie> Oh, I thought if it was buffer, it didn't exist on disk yet, and if was cache it was on disk, but stored in ram
<Hilarie> Isn't the kernal alot smarter then I am, and will drop it if needed?
<TheLordOfTime> everyone: yeah, ignore uvirtbot` regarding 999969, its whining about what i did.  apparently when i was sruing the fix for 1014044 nobody mentioned 999969, so it missed being marked as "fixed".  just showed upt oday :P
 * TheLordOfTime yawns and removes bug 999969 from the list of triage things he has to look at
<uvirtbot`> Launchpad bug 999969 in php5 "PHP5 doesn't send errors or warnings to fastcgi clients (dup-of: 1014044)" [Undecided,Confirmed] https://launchpad.net/bugs/999969
<uvirtbot`> Launchpad bug 1014044 in php5 "PHP5-FPM not reporting errors to web servers (fastcgi clients, such as nginx)" [Medium,Fix released] https://launchpad.net/bugs/1014044
<TheLordOfTime> silence noob bot!
<Hilarie> hehe
<TheLordOfTime> Hilarie, sorry to intrude on your questions, wanted to make sure other server team members were aware of what I did :P0-
<TheLordOfTime> :P *
<Hilarie> Not a problem
<Hilarie> I just read a buffer doesn't exist on disk yet
<Hilarie> still freakin me out a bit
<xnox> Hilarie: yes, kernel is smart - it does recover ram as of when it needs to.
<xnox> Hilarie: well drop caches with command I pasted, it is safe to run.
<Hilarie> well then it did zero it out
<Hilarie> Thank you xnox
<Hilarie> Can I bother you for one more question? how can I start XBMC via SSH?
<Hilarie> to the monitor attached to the server
<xnox> Hilarie: i don't have any monitors on my servers. Maybe ask on #ubuntu-mythtv ?
<Hilarie> I will give them a shot, sorry, i thought it might be server specific
<SpamapS> TheLordOfTime: pong, wassup?
<rsd> Hello
<rsd> I am having a trouble making saned listen to the tcp4 port, it listens only on the tcp6 one
<rsd> 12.04 (ubuntu)
<rsd> then I found out that If listen to a port tcp4 or tcp6, the same port cannot be opened on the other ipvX protocol
<rsd> is this right?
<rsd> for example:
<rsd> netcat -6 -l 656
<rsd> and then (another terminal): netcat -4 -l 656
<rsd> the second will fail
<rsd> even if I change the order
<rsd> can someone enlight me :)
<TheLordOfTime> SpamapS, erroneous ping, i forgot to say nevermind.
<TheLordOfTime> SpamapS, was going to ask you to sponsor a debdiff, but hten i noticed the bug in question was already fixed by an SRU that i had already had approved/processed
<TheLordOfTime> :P
<SpamapS> ah
<TheLordOfTime> SpamapS, remember the SRU for bug 1014044 / bug 1006738 ?  999969 was an earlier bug than 1014044, but it was never caught.  Apparently, the SRU for 1014044 fixed 999969, if it hadn't been the same upstream patch, i'd've asked you to poke a debidff through sponsoring ;)
<uvirtbot`> Launchpad bug 1014044 in php5 "PHP5-FPM not reporting errors to web servers (fastcgi clients, such as nginx)" [Medium,Fix released] https://launchpad.net/bugs/1014044
<uvirtbot`> Launchpad bug 1006738 in php5 "php5-fpm segfaults with error 4 in libc-2.15.so" [High,Fix released] https://launchpad.net/bugs/1006738
<TheLordOfTime> btu since that's all resolved, i apologize for bugging you.
<SpamapS> TheLordOfTime: So they're the same bug?
<SpamapS> two symptoms, one bug?
<TheLordOfTime> SpamapS, 1014044 and 999969 are the same bug exactly
<TheLordOfTime> different summary lines but same bug.
<TheLordOfTime> and same upstream fix.
<TheLordOfTime> s/fix/bug/
<TheLordOfTime> except 999969 was never on the list of bugs for that SRU
<SpamapS> TheLordOfTime: well I think its appropriate then to mark 999969 as a dupe of 1014044 since 1014044 got the most attention
<TheLordOfTime> already done
<TheLordOfTime> <uvirtbot`> [12/21/12 10:11:53] New bug: #999969 in php5 "PHP5 doesn't send errors or warnings to fastcgi clients (dup-of: 1014044)" [Undecided,Confirmed] https://launchpad.net/bugs/999969
<uvirtbot`> Launchpad bug 999969 in php5 "PHP5 doesn't send errors or warnings to fastcgi clients (dup-of: 1014044)" [Undecided,Confirmed]
<uvirtbot`> Launchpad bug 1014044 in php5 "PHP5-FPM not reporting errors to web servers (fastcgi clients, such as nginx)" [Medium,Fix released]
<SpamapS> oh good :)
<TheLordOfTime> you stupid bot
 * TheLordOfTime slaps uvirtbot`
 * SpamapS notes that in the Matrix mini movies the people who treated the robots badly were the first to have their heads popped like watermelons
<TheLordOfTime> heh.
<sw0rdfish> i need a good vps provider with vps' in either .se or .nl
<RoyK> why those particular countries?
<RoyK> .se spies on you big time, .nl may as well
<sw0rdfish> oh damn
<sw0rdfish> RoyK... remember me? haha
<sw0rdfish> long time no sees man
<RoyK> indeed
<sw0rdfish> .se vps providers spy on you?
<sw0rdfish> I meant any provider but has vps' in .se or .nl
<RoyK> according to .se law, all foregn traffic can be spied upon
<sw0rdfish> wtf
<sw0rdfish> really?
<sw0rdfish> holy shit
<RoyK> ys
<RoyK> yes
<sw0rdfish> so i guess i'll have to take .nl
<RoyK> possibly better
<RoyK> still eu rules, though
<sw0rdfish> then wtf?
<Amacidia> Hey everyone
<sw0rdfish> else is tere?
<sw0rdfish> there*
<Amacidia> I'm running 12.10 and I was hoping to take a couple extra 1TB seagates and setup RAID 1 with software. Most of the guides I find talk about fresh installs, but I just want these drives on the side to store data. Can anyone point me to a guide that would assist me in doing this?
<Amacidia> Thanks in advance
<RoyK> Amacidia: just setup raid-5 or so, it'll be safe enough
<Amacidia> RoyK, So just install the drives and reload the os, setup raid 5 during the install?
<sarnold> why "reload the os"?
<RoyK> Amacidia: use a separate drive for the root, or a mirror, and use the rest for raid-5 or -6
<RoyK> it's quite stable
<guntbert_> sw0rdfish: are you looking for premium service - or just for something cheap with great support?
<sw0rdfish> cheap
<sw0rdfish> openvz probably cuz xen is costlier
<guntbert_> sw0rdfish: have a look at evixo.com - starts with 4â¬ - support is just great
 * guntbert_ is just a satisfied customer of them
<sw0rdfish> i have a 5usd UFO1
<JanC> sw0rdfish: The Netherlands do more wiretaps than the FBI...  :p
<sw0rdfish> JanC, ma brotha from anotha motha!
<sw0rdfish> damn, I see you are in every channel :D
<JanC> seriously, why do you care?
<sw0rdfish> why do I care about what JanC ?
<JanC> about what country the VPS is in?
<sw0rdfish> well
<sw0rdfish> ping times is a bit too long with my UFO1
<JanC> what's UFO1 ?
<sw0rdfish> heh
<sw0rdfish> an alienvps JanC
<sw0rdfish> http://alienvps.com/vps-hosting/
<sw0rdfish> :P
<sw0rdfish> its in new york
<sw0rdfish> haha I chose that over las vegas which would've been even farther from me
<JanC> okay, so you want a VPS in Europe?
<sw0rdfish> I might take guntbert_'s recommendation its 4 euros and based in germany
<sw0rdfish> yeah
<JanC> there are several hosting providers in Germany & France offering cheap VPS...
<JanC> e.g. http://www.hetzner.de/  http://www.1und1.de/  http://www.ovh.com/fr/vps/  etc. (and those aren't the cheapest even, I think)
<sw0rdfish> nice
<sw0rdfish> i know ovh :)
<sw0rdfish> omg I might take ovh
<sw0rdfish> I didn' think they had cheap vps' they are pretty expensive big server provider
<sw0rdfish> dude 14gbp per month isn't cheap... compared to those 4eur or 5usd ones :P
<sw0rdfish> hey guys, is an ssh tunnel better than vpn?
<sarnold> "better" requires some kind of criteria to judge against :)
<sw0rdfish> heh
<sw0rdfish> yeah
<sarnold> ssh tunnels are definitely simple, nice for one-off uses...
<SinZ> ssh tunnels are amazing, generally slow though
<HelpMeUbuntu> Wow documentation and wiki pages are out of date..
<HelpMeUbuntu> So brand new 12.04 LTS install
<HelpMeUbuntu> Setting up maas--
<HelpMeUbuntu> maas-cli says command not found
<HelpMeUbuntu> mass-import-pxe says command not ofound..
<HelpMeUbuntu> the documentation for setting MAAS up refres to wiki pages that don't exist anymore.
<HelpMeUbuntu> And I could really use some help
<adam_g> HelpMeUbuntu: you might want to check here, i think this is more up to date: https://maas.ubuntu.com/
<HelpMeUbuntu> When my node I'm adding via MAAS boots from PXE it goes and starts but then kernel panic's and dies
<HelpMeUbuntu> I did.
<HelpMeUbuntu> It talks alot about maas-cli
<HelpMeUbuntu> But I sure can't find it..
<HelpMeUbuntu> and neither can Ubuntu 12.04..
<guntbert> adam_g: they definitely borked part of the docs
<HelpMeUbuntu> maas-cli = command not found
<sarnold> can your machines boot 12.04 normally? (perhaps the kernel panic is unrelated to maas?)
<sarnold> I know the maas group wanted their docs overhauled recently, I'm not sure how far along that process is yet...
<HelpMeUbuntu> Yeah
<HelpMeUbuntu> If I load Ubuntu manually that works.
<HelpMeUbuntu> Same thing with I try to boot from Media and do a MAAS install and it just shuts off the system
<sarnold> no kididng, it's PXE specific?
<sarnold> HelpMeUbuntu: you may have better luck in #maas ..
<HelpMeUbuntu> Yep
<adam_g> HelpMeUbuntu: oh right, i think you might need a newer version of MAAS than what was shipped in 12.04. trying to find a PPA with a backport
<HelpMeUbuntu> is it just maas or ubuntu-maas?
<sarnold> >30 in #maas, >2 in #ubuntu-maas, I think I know where I'd go first.. :)
<adam_g> #maas
<adam_g> HelpMeUbuntu: not sure where to get a backport and everyone is probably offline for the holiday already. you might want to consider running 12.10 on the maas provisioning server itself (you can still install 12.04 to the provisioned nodes). MAAS saw some bug changes between 12.04 and 12.10
<HelpMeUbuntu> I'm going to try 12.10 for now
<uvirtbot`> New bug: #1093013 in lm-sensors (main) "sensors-detect doesn't find fans on HP ProBook 6560b" [Undecided,New] https://launchpad.net/bugs/1093013
<Delemas> Can anyone point me to a software raid 1 install guide for Ubuntu 12.04 or 12.10? All the ones I can find are obsolete.
<Delemas> Of course that's when I find it in the serverguide....
<sarnold> Delemas: mdadm manpage?
<Delemas> Oh that isn't the problem... I did a 12.10 install on what I expected was a working config with four raid devices for boot swap root and home but grub2 got all confused, then I read the 12.10 installer doesn't work with software raid....
#ubuntu-server 2012-12-22
<sarnold> oh....
<Delemas> Seems 12.04 it will work with an alternative installer.
<Deep6> anyone here run honeyd?
<SaberUK> hey, i'm using unattended-upgrades with automatic rebooting enabled, is there any way to tell it not to reboot if a named process is running?
<irqq> what am I missing in the following syntax : sudo for i in {a..c}; do echo $i; done ?
<shauno> irqq: I don't believe you can sudo a bash builtin (for).  you'd want to sudo bash -c "the command"
<shauno> (or move sudo inside the loop, for expression; do sudo action; done)
<irqq> shauno: I see, thanks. I other words, the $cmd in the `sudo $cmd` should be an executable found in $PATH ?
<shauno> right.  it has to be a process that sudo can fork
<irqq> thank you
<sw0rdfish> hmmmmmmmmm
 * RoyK hmmms @sw0rdfish
<sw0rdfish> heh
<RoyK> http://munin.karlsbakk.net/munin/karlsbakk.net/smilla.karlsbakk.net/index.html <-- interesting... the WD2001FASS drives show, over time, to be 30% faster than the Hitachi HDS723020BLA642 drivess (sde,sdh)
<sw0rdfish> hmmmm
#ubuntu-server 2012-12-23
<amarcolino> anyone care to explain or post a link that explain how to get ubuntu sharing files with windows 7, I have setup samba to share my backup folder found in /mnt/backup/windows/backup and it still doesn't show in windows.
<dgbaley27> Hey, is the linux-image-virtual package supposed to have the kvm kernel module? If not, where can I get it?
<uvirtbot`> New bug: #1093223 in samba (main) "Panic or segfault in Samba" [Undecided,New] https://launchpad.net/bugs/1093223
<No_one_at_all> Hi! I'm helping someone with a server which will be used for (1) wikis and (2) smtp + imap. What would you folks recommend for HIDS + NIDS? We're looking for something that's light(ish) on resources, easy(ish) to configure, and works with ipv6.
<No_one_at_all> We're currently considering some combination of IPtables and OSSEC, or perhaps shorewall and <some script we found somewhere>
<hikenboot> can anyone explain to me why when I add a tcp/ip sub interface to a newtwork card the system takes 10 mintues to boot getting beyound the networking?
<hikenboot> s/beyound/beyond
<SpamapS> hikenboot: what do you mean "sub interface" ?
<hikenboot> eth 0:1
<hikenboot> I am getting lots of messages in dmesg that say apparmor="STATUS" is that normal
<SpamapS> hikenboot: thats usually normal yes
<SpamapS> hikenboot: perhaps eth0:1 is not coming up properly on boot. The system will delay runlevel 2 for 2 minutes waiting for all interfaces to come up (or error)
<hikenboot> interesting enough i also found this messgae ADDRCONF (NETDEV_UP): eth0: link is not ready...dont get this when the sub interface isnt attached
<hikenboot> it says somthing about IPv6
<hikenboot> should i some how try and remove IP6
<SpamapS> hikenboot: no
<hikenboot> why not SpamapS I dont think my provider gives me an IP v6 interface
<MACscr> hmm, is the virtual kernel compatible with 10.04 LTS?
<MACscr> it seems like i was able to install it, but using apt-get install linux-virtual, but my grub wasnt updated automatically like it normally would be
<MACscr> nor do i see the image in /boot
<SpamapS> MACscr: IIRC, the virtual kernel is just stripped down to only have things that make sense.
<MACscr> SpamapS: i know. I would like to run it. Not sure why its not fully installing though
<MACscr> SpamapS: check it out: http://pastie.org/5570174
<hikenboot_> how do i disable routing between two network cards on the same subnet in the same server? I want to be able to map 1 to 1 with nat each of these two ip's for web servers
<hikenboot_> both web server instances are on the same ubuntu box
<lvmer> Looking to setup RAID 10 on 8x 3TB HDDs for a samba share. Samba is config'd and working, all 8 HDDs are in jbod mode and visible sd[b-i].
#ubuntu-server 2013-12-16
<Shirakawasuna> Hi all! I'm looking to deploy ubuntu to 10-20 servers  - most for building a small cluster, one for running a website. I'm running into an issue of not knowing which option to choose for making this a somewhat automated process (installation + management of the software). Any opinions on using MAAS vs. cobbler vs. FAI vs. anything else?
<jkitchen> Shirakawasuna: I use foreman and puppuet to manage about 30 physical servers and 70 VMs
<Shirakawasuna> jkitchen: cool
<Shirakawasuna> jkitchen: Would you recommend reading anything outside of the official docs for those tools?
<Shirakawasuna> I'm very new to administrating more than one or two computers
<jkitchen> I'd recommend reading all sorts of things
<jkitchen> you might also want to evaluate other config management tools like chef, cfengine, etc
<jkitchen> depending on your needs / preferences
<jkitchen> they're all a bit different
<jkitchen> foreman/puppet is just what I use
<Shirakawasuna> jkitchen: cool, I'll look into chef and cfengine as well
<Shirakawasuna> thanks!
<jkitchen> Shirakawasuna: you're welcome, good luck!
<jkitchen> you might also want to hit up some local devops meetups
<njbair> I'm trying to install the Event MPM for Apache, but apparently I've got some incompatible modules installed. Any way to tell what those are?
<jkitchen> njbair: logs?
<jkitchen> apachectl -t
<jkitchen> etc
<njbair> jkitchen: well apparently it has to do with APT, not Apache itself
<jkitchen> oh, apt is saying incompatible modules?
<njbair> apache will let you use buggy modules, but APT won't
<njbair> well no
<njbair> it's just silently falling back to the prefork MPM
<njbair> even though I've installed apache2-mpm-event
<njbair> wait
<njbair> it's not APT
<njbair> it was the a2enmod and a2dismod scripts
<njbair> I was working off of a crappy doc
<jkitchen> ok
<jkitchen> I'm not really sure how ubuntu's apache selects an mpm to be honest :D
<jkitchen> looks like it sets a /usr/sbin/apache2 symlink
<njbair> the blog I was reading made it look like all you had to do was install the correct MPM package
<jkitchen> in theory, yes.
<njbair> well you also have to a2dismod mpm_prefork, then a2enmod mpm_event
<jkitchen> ah ok
<njbair> those scripts have conflict resolution
<njbair> they look for enabled modules that are flagged as unstable with the mpm in question
<CryptoKing> can someone give us a hand with ubuntu server, i tried to set up static ip but something went wrong how do i get my dhcp working again
<lickalott> CryptoKing paste the content of /etc/network/interfaces (pastebin)
<CryptoKing> can not ssh in
<CryptoKing> i will paste bin what i changed to make it static, i think i know where i went wrong
<CryptoKing> http://pastebin.com/KuSqCqBC
<CryptoKing> so i think  eth0 should of been eth1 on this machine
<lickalott> I'm guessing that you didn't backup the original interfaces file?
<lickalott> where is the server located?
<lickalott> CryptoKing ^
<CryptoKing> thats why its blank :(
<CryptoKing> na i didnt
<CryptoKing> any hope with out doing a fresh install ?
<lickalott> do you have physical access to the machine?
<CryptoKing> yeah
<lickalott> i can send you the content of a "fresh" interface file
<CryptoKing> thanks you would save me alot of time
<lickalott> I actually had the same issue.  Ended up just setting it in my router as "preferred" and it dished out the same IP all the time
<lickalott> http://paste.ubuntu.com/6581969/
<CryptoKing> yeah, i got the static working with my order machine
<CryptoKing> and with out thinking just copied the same into new vi
<lickalott> always, always, ALWAYS make a backup before you mess with system files.  i learned the hard way....(rebuild)
<CryptoKing> on new rig
<lickalott> ahhh
<lickalott> been there
<CryptoKing> i didnt even think about looking at device name
<CryptoKing> i just assumed with was eth0
<lickalott> anyone still here?  Still looking for a good image/backup option.  i've tried FSarchiver but can't get it to install.  CLonezilla is a pita beacuse I don't want to have to reboot everytime I want an image. (plus no one knows how to successfully get it installed on a system) and dd is just too much.  i don't want the ENTIRE content of the drive, just whats used.
<KLVTZ> I'm having trouble creating a virtual host on my Ubuntu 13.10 OS. I have created added the proper line to my hosts file. I have added the corect conf file to sites-available folder and symbolically to the sites-enabled folder. I have added the proper scipt in them and have restarted. I can use the virtual host as an address but it redirects back to my localhost. The url keeps the proper virtual host but it renders the /var/www/index.p
<KLVTZ> I can provide any documentation or scripts necessary
<cfhowlett> KLVTZ, it sometimes (well, frequently ...) happens that this channel is quiet.  If no response is a reasonable amount of time, please return to #ubuntu and post your query
<KLVTZ> Thank you, but I was formally told that #ubuntu was not proper
<KLVTZ> they asked what the point of ubuntu-server is if no one bothers going to it
<KLVTZ> i understood that I upsetted the person :/
<KLVTZ> But thank you for the fast reply.
<mmazing> so KLVTZ - don't mind that bullshit from the other channel, even in the MOTD it says that server versions are supported in #ubuntu
<mmazing> people in linux help channels (many times) were born with too many sticks in their ass
<mmazing> so by the way, could you go to pastebin, or another site that you can paste text into and give us the conf file in sites-available for the vhost you are trying to set up?
<KLVTZ> Thanks man! I will do that right now
<KLVTZ> And I do know they are a bit touchy but I don't want to upset anyone xD
<KLVTZ> @mmazing here it is http://pastebin.com/9AK2YyDG
<mmazing> try changing to <VirtualHost *:80> instead of what you have
<TJ-> KLVTZ: What do you get from "sudo apache2ctl -t -D DUMP_VHOSTS"
<KLVTZ> I'm going to do mmazing recommendation and then ill do yours TJ -just give me one minute -thank you
<mmazing> and .. just in case you aren't doing this, are you "service apache2 restart" after editing conf files in sites-available/sites-enabled ?
<KLVTZ> @TJ- this is interesting: http://pastebin.com/6B32PmCM
<KLVTZ> i just use the rest and now its say laravel.dev is not found
<KLVTZ> restart*
<mmazing> take out the "ServerAlias" line
<mmazing> and restart again
<TJ-> KLVTZ: <VirtualHost *:80> should do the trick, as mmazing said
<KLVTZ> @mmazing, I removed the ServerAlias and restarted. It renders my /var/www folder and not my /var/www/laravel etc etc folder
<TJ-> KLVTZ: ServerAlias won't affect this; that is just an alternate name for the vhost. Remove the "NameVirtualHost" option, the re-run the config check
<mmazing> TJ-: i was thinking that the "laravel.dev is not found" was causing apache to not start, i guess it was a warning
<TJ-> mmazing: My next question to KLVTZ is show us the output of "cat /etc/hosts"
<TJ-> mmazing: KLVTZ The default host is getting the requests for 127.0.0.1 which you'd expect... because the VHOST is incorrect
<KLVTZ> So you want a cat of of my hosts?
<KLVTZ> Here is my new 001-laravel.dev.conf file
<KLVTZ> http://pastebin.com/zsNZM2g5
<TJ-> KLVTZ: just to be sure that basic name resolution is configured... also "cat /etc/nsswitch.conf"
<KLVTZ> @TJ- @mmazing here is a cat of my /etc/hosts  http://pastebin.com/9Lc4E8kq
<KLVTZ> @TJ- here is a cat of my nsswitch.conf http://pastebin.com/E9SENWLH
<KLVTZ> If the VHOST is incorrect, how should i change the basic name resolution. Or specifically where?
<TJ-> KLVTZ: firstly, as you only have "laravel.dev" in /etc/hosts, you should match that in the apache vhost config file "ServerName laravel.dev" - there is no "www."
<KLVTZ> THAT DID IT!
<KLVTZ> Rain is falling from the heavans
<KLVTZ> children are exploding against walls and glitter is zooming through the air
<KLVTZ> people will ask who that amazing being is
<KLVTZ> an it's TJ!
<KLVTZ> but i will also take mmazing!
<KLVTZ> damn it was that simple
<KLVTZ> xD
<cfhowlett> !cookie|TJ-,
<ubottu> TJ-,: Wow! You're such a great helper, you deserve a cookie!
<cfhowlett> !beer
<KLVTZ> TJ I would personally buy you a beer
<KLVTZ> if i could
<KLVTZ> xD
<KLVTZ> Thank you so much!
 * TJ- sips the coffee
<mmazing> heh it was mostly TJ- :)
<mmazing> i'm very tired
<TJ-> mmazing: me too... woke up early (3am) and now regretting it
<KLVTZ> Where you guys at?
<mmazing> i've had a looooong day of family xmas and have had about the last hour of my day to deal with my computer
<KLVTZ> I'm in Cal
<KLVTZ> Damn. It's 80 here during the day
<KLVTZ> i really wish for at least rain :(
<TJ-> UK here... 07:28
<mmazing> it was 20 F here a few days ago
<KLVTZ> Now that's a great time
<TJ-> And I'm wishing for sun and warmth... want to swap? :)
<KLVTZ> damnn brrrr
<KLVTZ> Yeah TJ let's switch!
<KLVTZ> My gift for you lol
<mmazing> where in cali? LA?
<mmazing> im in kansas, i have family in san diego and LA though
<TJ-> Ha... as long as you walk both Huskies and bath them afterwards!
<mmazing> im ... not a fan of LA
<mmazing> my business partner recently moved to where i am from LA, and they are freaking out about how cold it is here haha
<mmazing> also, on top of my 14+ hour day of extended family xmas, i came home to my dog having destroyed my front door :\
<mmazing> he even had people over to feed/water/let him out
<KLVTZ> @mmazing, I'm in irvine at the moment!
<KLVTZ> I head back to a slightly colder climate in the High Desert next week'
<KLVTZ> at least there, at night, its 15 F
<KLVTZ> I would always recommend a person who comes to visit cali to visit northern cali
<KLVTZ> its like a different stat
<KLVTZ> state8
<KLVTZ> Norcal vs Socal
<KLVTZ> a huge difference
<mmazing> yeah, i've driven a bit in northern california, was nice, the only part i seem to despise is LA haha
<mmazing> i even like san diego
<mmazing> i lived in boston for 3 years too, it's not the population density, it's the people
<mmazing> i can't even describe it
<inq> hi
<inq> after migrating a php web app i am getting redirect loop error. i have total two htaccess files one for moodle and another for jooml. first htaccess http://paste.ubuntu.com/6582362/ and second file http://paste.ubuntu.com/6582364/
<inq> its not my code. i got this app to add some features.
<inq> please help me to remove this redirect error.
<KLVTZ> Your system headers are looping endlessly means somewhere in your app, your file is redirecting. How large is your app?
<KLVTZ> Your best bet is to deduct from your current app file.
<KLVTZ> I'm pretty sure a .htaccess file is preventing you, unless your rewrite rules are somehow upsetting your request. I'll take a look
<KLVTZ> pretty sure it is not*
<KLVTZ> pretty sure it is not preventing you.
<inq> KLVTZ: app is too larg.
<KLVTZ> ok
<inq> KLVTZ: how do i solve this redirect loop error?
<KLVTZ> First off, you mention that your getting a redirect after you migtated an app?
<inq> KLVTZ: this is not my app. i got it to extend further. so i setup test server on rackspace. original web app is on aws.
<KLVTZ> migrated*
<KLVTZ> And it's working on aws?
<inq> KLVTZ: yes firefox and chromium tells redirect loop
<inq> KLVTZ: yes. i did not touched aws. becasue that is developed be previous developer.
<inq> its working fine on aws.
<inq> by*
<KLVTZ> Alright. Hmmm and those two .htaccess files are on aws as well?
<inq> yes.
<inq> it exact copy of aws.
<inq> i only changed the ip address.
<inq> there were many links for original aws web app in the database too. so i first changed link in database to point to new rackspace. and then migrated the web app.
<inq> does changing "localhost" to "actual_ip_address" makes any difference?
<KLVTZ> are you on an SSL load balancer?
<inq> there is no ssl on original aws web app.
<inq> and i dont know what is ssl load balancer.
<KLVTZ> check out this
<KLVTZ> http://www.localwisdom.com/blog/2012/10/htaccess-ssl-redirect-on-rackspace-cloud-sites/
<inq> KLVTZ: but the original website do not ake use of ssl certificates. i checked with the owner. moodle has something inbuild to handle encryption.
<inq> i read that article. but we dont have ssl.
<KLVTZ> hmmm :|
<KLVTZ> can do you try out something? I'm not sure if it will work but put in both htaccess: RewriteBase /
<KLVTZ> and then restart server
<KLVTZ> brb
<inq> KLVTZ: tried rewrite base /. it still gives error this page is not redirecting properly.
<inq> KLVTZ: does two seperate .htacces one for  moodle and one for joomla makes it complex and cause error?
<KLVTZ> Are those two htacess files in the same directory?
<inq> KLVTZ: no
<TJ-> inq: Increase the RewiteLogLevel and check the log to see precisely what is being done
<inq> TJ-: ok
<babinlonston> GnuTLS error -15: An unexpected TLS packet was received. while login into my vsftpd Using ssl, How to fix it
<krababbel> Is there a tutorial for using LDAPscripts with 'groupOfNames'? I can create groups and users using the scripts, when I objectclass is set to 'posixGroup', but not 'groupOfNames'. I have an empty LDAP directory, I just installed it.
<TitoN> Hi i just got a dell r320 but after completed installation it stops before grub even loads.....it sits on looking for devices
<smb> zul, Could you replace your version of ubuntu-xend-probe.patch with the one in my home on chinstrap before the official upload of libvirt-1.2.0 to Trusty, please. That should fix the libxl detection again.
<TitoN> I did a raid 1....ended up with 1 virtual drive..... but i asume that is the problem..... maybe i should change ahci to raid instead
<zul> smb:  yep
<smb> Ta
<TitoN> Anyone?
<hallyn_> rbasak: i opened bugs 1261416 and 1261419 - not sure how involved you want to be.
<uvirtbot> Launchpad bug 1261416 in auto-upgrade-testing "re-tool against (perhaps) uvtool" [Undecided,New] https://launchpad.net/bugs/1261416
<uvirtbot> Launchpad bug 1261419 in sandbox-upgrader "Switch to using downloaded cloud images." [Undecided,New] https://launchpad.net/bugs/1261419
<rbasak> hallyn_: thanks. It's on my list, though don't know how involved I can get in it. If uvtool needs features to support those use cases, I can certainly look at adding those.
<zul> roaksoax:  https://code.launchpad.net/~zulcss/keystone/keystoneclient-refresh/+merge/199139
<jamespag`> zul, ?
<zul> oh
<zul> jamespag`:  when you get a sec https://code.launchpad.net/~zulcss/keystone/keystoneclient-refresh/+merge/199139
<jamespag`> adam_g, zul: either of you have time to review my neutron and nova merges? I'd like to drop them into testing this week if possible
<jamespag`>  https://code.launchpad.net/~james-page/nova/compute-plus-others/+merge/198763
<jamespag`>  https://code.launchpad.net/~james-page/neutron/ml2-ovs-cleanup-fixes/+merge/198546
<jamespag`> wait- thats me
<jamespag`> hrm?
<zul> jamespag`:  what does ml2 mean again?
<jamespag`> zul, am I me again now?
<jamespag`> nope
<jamespag`> modular layer 2
<zul> ah yes
<zul> jamespag`:  +1 on both of them
<jamespag`> zul, ta
<jamespag`> zj
<jamespag`> zul, ta
<Chillaholic> How can i pass variables to a sed command? this is not working:   sed "/$1/d" $INDEX
<Chillaholic> forget it , wrong chat xD
<sarnold> hallyn_: did you get your EPERM sorted out? were you starting the program via a strace'd shell / terminal? you might need to grand capbility sys_trace to the tracer..
<hallyn_> sarnold: yeah thanks, got past that.
<hallyn_> sarnold: i thought things used to be more consistent re EPERM vs EACCES
<hallyn_> but when non-root tries to read a roto file i'm getting EACCES...
<hallyn_> sarnold: thanks :)
<sarnold> hallyn_: tbh the handful of times I thought I understood the EPERM vs EACCES errors, I was probably just deluding myself :) hehe
<hallyn_> sarnold: i'm pretty sure it used to be that EACCESS meant lsm denied it
<sarnold> hallyn_: hrm, what did it mean before lsms?
<hallyn_> sarnold: dunno :)
<sarnold> hehe :)
<hallyn_> sarnold: anyway at this point i'm at a loss for why i can't get libvirt-launched qemu to do pulseaudio, and i'm out of time :(
<sarnold> hallyn_ :(
<mdma> Hi! Any guy with nagios knowledge? Last Check time stamp is incorrect...
<Pici> mdma: You may want to ask in #nagios as well.
<mdma> Sorry no answer in nagios....
<krababbel> Is there a tutorial for using LDAPscripts with 'groupOfNames'? I can create groups and users using the scripts, when I objectclass is set to 'posixGroup', but not 'groupOfNames'. I have an empty LDAP directory, I just installed it.
<RealKillaz> Hi there guys
<RealKillaz> The last couple of months we have been hit very hard by crashes of various servers running ubuntu 10.04
<RealKillaz> Some of them in different locations....
<RealKillaz> First question: how can I find out why a server crashed in the logs?  We've been looking and searching .. no luck
<RealKillaz> Is there like a action plan to follow.... to find out the root cause of the crash?
<pmatulis> RealKillaz: study linux-crashdump package
<pmatulis> a recent ubuntu server guide has a writeup
<lickalott> gents, still looking for backup options.
<lickalott> i've messed with FSarchiver, but can't configure because of some blkid issue (no googling will help apparently).  I've done a dd copy but I don't want the entire drive "imaged" when less than 1/2 is actually used, and clonezilla is a little too intrusive (i.e. reboot to get an image).  So I'm looking for help with either other options or to install clonezilla to the hdd.
<phunyguy> lickalott, please don't crosspost :(
<RealKillaz> pmatulis, looks good thank you... will look into it
<lickalott> I can never get answers in here.  I've literally been asking for 3 days and the ONLY person to even say anything was you phunyguy
<sarnold> lickalott: check out rsnapshot, rdiff, tarsnap (not free, not locally hosted, but looks neat). check out duplicity
<lickalott> I F*ckin love you sarnold
<lickalott> thank you!
<sarnold> :)
<lickalott> really?  that's specifically why I added the *
<lickalott> ^^ wasn't towards you sarnold
<phunyguy> lickalott: just because you put the *, doesn't NOT make it a swear.
<phunyguy> lickalott: so please try to keep it family friendly.
<lickalott> rog
<phunyguy> lickalott: also, sidenote, did someone else say something to you about it too?
<phunyguy> because I didn't see it... wonder what is going on with Freenodeexample.
<phunyguy> err accidental paste
<lickalott> got a pm from ubottu.
<phunyguy> because I didn't see it... wonder what is going on with Freenode.**
<phunyguy> oh, ubottu is a bot.
<phunyguy> someone probably sent that to you.
<phunyguy> that is why I clarified.
<lickalott> yeah, someone sent it.  But i'm not gonna call them out publicly.
<phunyguy> it's all good.  Just have to keep it clean. :)
<lickalott> it's just funny.  i could've not added the * (like most other douches on irc) but i specficially chose to do it to mask the actual word, yet I still get my balls busted over it.  Not a big deal, but there was intent to keep it clean.
<bittin> Middelburg
#ubuntu-server 2013-12-17
<phunyguy> lickalott: nobody said you were trying to be malicious.... these are friendly reminders.  :)
<lickalott> copy
<phunyguy> so I have a question for the server masses.  What would be the best way for 5-10 users, on about 20 machines to sync user data across, so that I can manage users and groups on server, and they appear the same on all machines?
<phunyguy> I saw the OpenLDAP method, but was curious if there was something simpler.
<lickalott> was gonna say LDAP
<lickalott> prob the easiest.  Don't think they make a command line version of Active Directory....lol
<phunyguy> yeah, I am just worried about user and group management in LDAP itself.
<phunyguy> seems pretty difficult.
<lickalott> only other way would be to share out the files/folders that you want them to access (i.e. nfs, smb, etc...)
<phunyguy> well that's not what I am worried about.
<lickalott> but if they change their password on their machine you'd have to change it on your main server for authentication
<lickalott> what is your end game?
<phunyguy> I just want all machines to reflect the same UID/GID as everything else.
<phunyguy> I could do it all manually, but any time something changes, it has to be done on all of them.
<lickalott> yeah
<lickalott> lemme look around a bit
<sarnold> back in the day we used to rdist /etc/shadow, /etc/passwd, /etc/groups .. probably ldap is less bad. :)
<phunyguy> sarnold: exactly, especially since service accounts could potentially use different UID/GID
<sarnold> phunyguy: ooof, that's probably a much larger issue today than it was way back then, too :)
<phunyguy> indeed.
<lickalott> http://www.linux.com/community/forums/system-management/active-directory-alternative/13905#p13905
<phunyguy> NIS
<phunyguy> that was it
<lickalott> NIS or NIS+ may work for you
<phunyguy> I used that in the past.
<lickalott> beat me
<phunyguy> thanks
<phunyguy> I saw it in the link you posted :)
<lickalott> look into CUPS for print servers as well (if you need it)
<lickalott> phunyguy, I got one for you
<lickalott> ever installed clonezilla to an hdd?
<phunyguy> nope
<phunyguy> so you are looking for a backup solution, eh?
<lickalott> what do you use to back up your stuff?
<phunyguy> I have a few tricks up my sleeve.
<phunyguy> first question, what are you backing up?
<lickalott> yeah.  I've tried dd, FSarchiver (can't configure because it pukes at teh blkid portion), and clonezilla on a usb drive it a pita because I don't want to have to reboot every fri.
<phunyguy> so you want to back up your entire system?
<lickalott> I have a script (cron job) that backs up my profile, but i just rebuilt and wanted a fresh image in case the server goes down again
<lickalott> true
<phunyguy> does it need to be CLI, or will a GUI app work?
<lickalott> i'm running server 12.04
<phunyguy> hrm...
<phunyguy> duplicity is one.
<phunyguy> if you have a GUI, you can do backintime
<phunyguy> and an extreme centralized solution, you can use BackupPC
<lickalott> sarnold mentioned a few.  i still need to sit down and research some.
<phunyguy> BackupPC is rsync-based, and does incrementals.
<lickalott> backup PC = linux?
<lickalott> ahh
<phunyguy> yeah, it requires a webserver and it is perl based
<phunyguy> basically it goes out to your machines, and rsyncs them
<phunyguy> so you put in what machines you want it to back up and it does it on the schedule you specify.  There is a bit of a learning curve though.
<phunyguy> backintime is the same type of thing, but has a GUI, and is client to server, instead of server to client.
<TheLordOfTime> for Apache2, where does it access its mime.types?
<TheLordOfTime> by default.
<TheLordOfTime> does it use /etc/mime.types or no?
<sarnold> hallyn_,stgraber, funny "iinuxcontainers.org" on https://github.com/lxc
<stgraber> sarnold: fixed
<sarnold> stgraber: thanks :)
<sarnold> hallyn_: handled ;)
<stgraber> sarnold: I'm still amazed we get over 600 visitors/day on linuxcontainers.org considering how little there's to see :)
<sarnold> stgraber: nice! :) I suspect people are looking for a five-minute-guide to using lxc to see if it'll solve their problems..
<sarnold> stgraber: (at least, I've considered that it'd be nice to have full-featured containers of all our supported releases to have full apt-file caches ready -- my schroots have nothing in them, since they're used for sbuild...
<sarnold> .. so I went to linuxcontainers.org in part to see a five-minute guide :) hehe
<stgraber> sarnold: haha, yeah, I usually have one container per supported release and per architecture (though armel/armhf using qemu-user-static isn't nearly as reliable as I'd like...)
<phunyguy> does anyone know if it is possible to have NIS cache login info for when laptops are not able to see the network? (for example, at boot)
<sarnold> phunyguy: investigate https://fedorahosted.org/sssd/
<phunyguy> oooh
<phunyguy> ok
<phunyguy> thanks
<phunyguy> sarnold: are you sure that is not just for ldap?
<sarnold> phunyguy: hrm. It might be. :/ I had the vague impression from somewhere that it was "more" but never looked into it much myself
<phunyguy> yeah... I got all excited with NIS, until I realized that it doesn't do any caching
<sarnold> probably in part because NIS was designed to be deployed alongside NFS; if one is down there's no point trying to use the other :)
<phunyguy> there has to be some solution that will work for me :(
<phunyguy> I mean I can do LDAP, but I am not sure how hard it will be to manage
<phunyguy> about ready to just say screw it and do manual user/group membership
<sarnold> phunyguy: if you do go that route, look into what chef, puppet, and ansible can do for you
<phunyguy> puppet looks promising....
<phunyguy> My brain hurts.
<babinlonston> Any one there to help me ? facing issue with  vsftpd using ssl  , Error:	GnuTLS error -12: A TLS fatal alert has been received. ,Error:	Could not connect to server, This is the Error I'm Facing
<sarnold> babinlonston: you might want to try connecting to the server using openssl's s_client program, it supports e.g. -tls1 -tls1_1 -tls1_2 -ssl3 and so forth switches..
<babinlonston> sarnold: now i'm using filezilla i'm facing this issue in filezilla, even i have tried winscp too
<yolanda> jamespage, about adding ubuntu headers in openstack projects, shall i create a blueprint here? https://blueprints.launchpad.net/oslo/
<jamespage> yolanda, can't we just do it under a bug? or was a blueprint requested?
<yolanda> jamespage, well, they told me to create a custom middleware under oslo
<yolanda> i think that's the process, right?
<jamespage> yolanda, probably - this is a better question for openstack-dev tbg
<jamespage> tbh
<yolanda> i'm afraid that this takes lots of time to be approved
<lifeless> Ubuntu headers?
<yolanda> lifeless, welll, not ubuntu, but distribution headers
<yolanda> talking about that: https://review.openstack.org/#/c/61128/
<lifeless> so, lets choose a channel and stick to it ;) -> #openstack-dev :)
<yolanda> yes, raised question there
<Darkstar1_> Morning all
<Darkstar1_> How can I find login logs going back a few months?
<Darkstar1_> last only carries me as far as the last 10
<yolanda> jamespage, did an initial approach for active/active rabbitmq: https://code.launchpad.net/~yolanda.robla/charms/precise/cinder/ha/+merge/199271, https://code.launchpad.net/~yolanda.robla/charms/precise/rabbitmq-server/ha/+merge/198768
<jamespage> yolanda, looks like a good start - how does it test?
<jamespage> can you rip out rabbit nodes and still manage the deployment?
<yolanda> jamespage, i looked at cinder.conf, verified that rabbit_hosts were there, and refreshed when adding new unit
<jamespage> yolanda, i'd probably do a bit more testing than that
<yolanda> and checked in logfile that cinder connects correctly - it's always grabbing first node anyway
<jamespage> to ensure that its does actually fail over as well
<yolanda> jamespage, sure, what do you suggest?
<jamespage> so poweroff the first node
<jamespage> and see if cinder switches OK
<yolanda> ok
<yolanda> jamespage, magic! http://paste.ubuntu.com/6588536/
<jamespage> yolanda, nice
<jamespage> yolanda, do we need to land a charmhelpers branch first?
<yolanda> according to doc, there are some config vars to define the delay, retries, etc... do you think it makes sense to add them on cinder charm and in config?
<yolanda> jamespage, and yes, it was just a sample on cinder, but I need to update charmhelpers
<jamespage> yolanda, I'd hope that there are sane defaults for that sort of stuff
<jamespage> yolanda, OK - propose the charm-helpers merge and then re-sync
<yolanda> yes, they are defaults
<jamespage> yolanda, but looks good
<jamespage> nice work btw
<jamespage> adam_g, active/active rabbitmq with cinder ^^
<yolanda> jamespage, it was partially done on rabbitmq, but i found that it was always sending rabbitmq_hosts var. I just send it now if vip is not present
<jamespage> yolanda, makes sense
<yolanda> great, i'll add it into charmhelpers, and then it's as easy as to refresh templates in other charms: ceilometer, nova-compute and neutron. The others don't support it
<jamespage> yolanda, do we not need to set some of the bit here:
<jamespage> http://docs.openstack.org/high-availability-guide/content/_configure_openstack_services_to_use_rabbitmq.html
<jamespage> durable queues and ha policy?
<jamespage> for 12.04 users they still get old rabbitmq
<jamespage> pre 3.0
<yolanda> jamespage, i'm not sure about it. I added the HA policy flag to rabbit>=3.0 , but this means that rabbit>=3.0 needs rabbit_ha_queues=true added?
<yolanda> and for rabbitmq_durable_queues, i think it doesn't make any different between pre 3.0 and post 3.0 , it's just another config setting
<jamespage> yolanda, hmm - I just pulled your branch into my environment
<jamespage> after killing one of the nodes, and then trying to create a volume it sticks in creating
<yolanda> it doesn't connect to new node?
<jamespage> the scheduler and volume services have not noticed that rabbitmq #1 has disappeared
<jamespage> yolanda, the api service has as its tried to use it
<jamespage> and noticed
<yolanda> i did the test and it reconnected myself, which version are you using?
<jamespage> but the scheduler and volume service as just waiting for notifications from the powered off
<jamespage> yolanda, grizzly
<jamespage> yolanda, I see the multiple node config in the cinder charm OK
<yolanda> i'm with cloud:precise-havana/proposed
<yolanda> let me try with grizzly then
<jamespage> yolanda, have all the cinder services noticed the drop?
<yolanda> yes
<jamespage> yolanda, well it might be that in grizzly the messaging layer is not as good
<yolanda> jamespage, well, in cinder-api log i don't see any try to connect to rabbit
<jamespage> yolanda, can you create volumes?
<yolanda> that is only logged for scheduler and volume in my case
<yolanda> let me try to create some
<yolanda> i haven't related with keystone, i'll deploy full environment and try
<jamespage> yolanda, +1 this needs a good test to validate it works how we think it does
<yolanda> sure
<yolanda> first wanted to check the approach
<jamespage> I know adam_g had some concerns re subscribers noticing rabbitmq had gone away
<jamespage> zul, can you make sure the lab-local changes for openstack-ubuntu-testing get back to branch on LP please
<jamespage> yolanda, hmm - I'm not seeing the scheduler and volume services notice the failed rabbitmq node
<yolanda> i'm deploying with grizzly now to check it
<yolanda> on havana worked perfectly
<yolanda> maybe it needs some config settings?
<jamespage> yolanda, that is on havana - I re-deployed
<jamespage> yolanda, how did you turn off your rabbitmq-server node
<jamespage> I just powered mine done
<yolanda> jamespage, it stopped service
<yolanda> I did a rabbitmq-server stop
<jamespage> yolanda, well that's not quite the same thing - that probably correctly terminates client connections
<jamespage> in a failure that is not guaranteed
<yolanda> jamespage, what did you do to test it?
<jamespage> yolanda, I'm testing on openstack - so I did a 'nova stop <uuid>' on the first unit
<yolanda> jamespage, and rabbit was down?
<jamespage> effectively making it disappear like it was unplugged
<yolanda> ok, i'll try in the same way
<zul> jamespage:  ack
<yolanda> jamespage, are you following headers discussion on openstack-dev mailing list? what do you think about it?
<sda> hi all, I would like to be able to connect to my virtual machine desktop with another device (another desktop, laptop, tablet) and be able to choose what resolution use, and be able to connect multiple user at the same time. VNC is not good for do that, any idea?
<plm> Hi all
<plm> people, my sata HD on my server show in dmesg error reading and timeout to reading. I tryed smartctl and I have segmentation fault. well, my hd I think has badblocks. I need to do a entire copy of it. What is better/secure solution?
<plm> using dd?
<jamespage> yolanda, I am - can't say I'm surprised
<yolanda> jamespage, yes, this feedback is the one i expected when i filed the bug
<plm> or clonezilla?
<jamespage> as a system admin the first thing I would do is endeavour to disclose as little information as possible about what my deployment is running on
<jamespage> plm, dd is probably OK_ but you will probably have issues reading the backblocks so it might not succeed
<yolanda> jamespage, and the --version call doesn't help us for this case
<jamespage> yolanda, nope
<plm> jamespage: and the clonezilla? I cant lost data
<yolanda> so do you think is better to keep that as patches? or just discard the feature for openstack?
<jamespage> plm, never used clonezilla
<jamespage> yolanda, I'm concerned about patch cost
<yolanda> maintenance...
<jamespage> most patches need refreshing from time-to-time especially with the CI approach we take with openstack packages
<yolanda> it could be a bit hard to maintain, as it needs to be on all the components
 * jamespage thinks about this a bit more
<plm> jamespage: what you recomend?
<jamespage> plm, tbh the only time I ever had data important enough to have to recover a bad disk, I sent it to a specialized company todo that.
<jamespage> its notoriously difficult to get it right
<jamespage> plm, sorry - no backups I guess?
<plm> jamespage: yes, has backup, but it old..
<plm> *is
<pmatulis> for dm-multipath, is there a standard method of being notified of a path failure?
<jamespage> yolanda, I don't think you will get this upstream
<yolanda> jamespage,yes, i don't expect it
<jamespage> yolanda, still thinking about it
<jamespage> yolanda, blimey I'm split on this one
<yolanda> jamespage, i'm thinking if adding this feature will discourage people using our packages?
<jamespage> yolanda, I think so long as its minimal overhead and configurable no
<jamespage> think Apache ServerToken/ServerSignature
<jamespage> only displays on server generated error pages, completely configurable in terms of disabling it
<yolanda> jamespage, for our case, it's just simple to set a None in the key
<yolanda> but shipping that as patches will mean to maintain a patch forever
<jamespage> zul, there is still something wonky with the precise chroots in the lab
<jamespage> swift is failing todo semaphore locking in its unit tests
<zul> jamespage:  yeah ill take a look
<zul> jamespage:  its next on my list
<jamespage> zul, goody
<jamespage> I fixed that python-jsonpatch issue btw
<jamespage> zigo has a fix from me :-)
<zul> jamespage:  goody
<zul> just packaging  savanna yippe skipped
<jamespage> adam_g, if you have time the ceilometer charm branches are ready for re-review - I made the changes we discussed in the agent charm to selectively pick data from the relation
<jamespage> zul, can I get a +1 on python-jsonpath-rw for backporting for icehouse please - ceilometer needs it for trunk
<jamespage> its in universe so we will need to MIR as well I guess
<zul> jamespage:  +1
<jamespage> zul, ta
<xevwork> I've created a preseed file that I'm using with 12.04.3 and I'm trying to add RAID configuration to it. I just want an extremely basic RAID setup: root and swap mirrored on sda and sdb. During installation, it successfully creates md0, but fails while creating md1. It's creating swap partitions that I'm not asking for and they're interfering with the creation of the second RAID device.
<xevwork> Does anyone have any tips for getting preseeded RAID to work?
<smoser> rbasak, ping for ubuntu-meeting
<zul> Daviey:  can you have a look at python-taskflow its blocking the opentack-ci stuff
<Daviey> zul: ok
<Daviey> zul: Accepted.. python-babel is depended on twice and there is an extra leading space on the last line of d/control.. but nothing to block on :)
<zul> Daviey:  cool thanks
<xevwork> I'm trying to preseed a RAID configuration. When the installer partitions the drives, it successfully creates the first array but fails on the second. If I check the logs, it says that it couldn't write the array's metadata. Looking further into it, there are swap partitions that I did not ask for!
<xevwork> Here's my configuration: http://pastebin.com/MmfgzBE5
<xevwork> It's creating /dev/sda5 and /dev/sdb5 as swap partitions and activating them.
<jrwren> i'm using nova-compute, havana, from cloud archive, following the guide and having an issue when I start an instance. the libvirt driver creates the disk image, but its owned by libvirt-qemu, then nova-compute tries to use libguestfs to inject the keys and it fails because nova-compute is running as nova user and can't write to the file.
<jrwren> nevermind. wrong perms on /boot/vmlinuz*
<sm_> Hello, Is there somebody that does know even something about mail-stack-delivery?
<wiehan> How does one set up a system wide proxy (something like https://www.privateinternetaccess.com/) on ubuntu server 12.04.3 through cli?
<patdk-wk_> atleast 50 different ways
<wiehan> patdk-wk_, simplest would be?
<patdk-wk_> way too hard, if your asking
<patdk-wk_> first you need the machine your protecting
<wiehan> easiest then?
<patdk-wk_> then you need a machine you buy, somewhere on the internet
<wiehan> it's my 12.04.3 torrent box in the garage. have access to it via ssh
<patdk-wk_> what good is that?
<wiehan> patdk-wk_, can track down a paid for server easily
<patdk-wk_> it's still in your house
<wiehan> the idea is to still protect it (make it invisible) to torrent police or whatnot
<sm_> Something like PeerBlock?
<keithzg> Is anyone around using Mosh? I've loved it so far but I'm kindof missing the MOTD info (you know, with current loads, if there are pending updates, etc), which doesn't get displayed when logging in via Mosh.  Does anyone know how I might enable that?
<patdk-wk_> it is so much easier to just not *download* *illegal* things
<wiehan> patdk-wk_, thank you captain obvious
<wiehan> sm_, I guess, I'll have to investigate peerblock?
<sm_> wiehan, Are you trying to do something like PeerBlock, but for Ubuntu Srv?
<wiehan> sm_, I just want my IP hidden when I download stuff. We just had a landmark case in our country
<wiehan> What I use it for actually is quite irrelevant, as no one wants them to be snooped on
<patdk-wk_> what you use it for is ver relevent, to if I bother to help :)
<sm_> wiehan, What about torrenting trough VPN?
<keithzg> Hrmm. I see in Mosh's changelog for 1.1.94-1 (which was many versions ago, currently 1.2.4a) that it  "Now prints message of the day (motd)". Is Ubuntu's MOTD somehow non-standard or otherwise wonky then, or is it the client-side implementation of Mosh that's at fault? Hmm.
<wiehan> sm_, I have the server box set up already with a lot invested in it. I run a transmission torrent server and can access it through any device in the house, I also run a media server on the same machine. It was a big investment
<wiehan> sm_, that works great
<sm_> wiehan, May I ask how much did you spend on it?
<sm_> In Euros please.
<wiehan> sm_, I would just like to add a little anonymity  to it
<wiehan> sm_, well, the project itself was a lot of fun to do. I have a server cabinet set up with fans and a micro atx server build that I did from scratch with PoE switches and an adsl router and and and... I guess with my IP camera investment - around 1000 euro
<sm_> wiehan, That's fine. I was just curious. I dont really thing that there are really any other solusions than VPM or something else. That's a big investment indeed.
<sm_> *Think
<wiehan> sm_, I'll pay for a vpn service gladly. I just want to know how to set it up on ubuntu server
<sm_> You are using Transmission?
<wiehan> sm_, I mean something like these http://thebestproxyserver.com/
<wiehan> sm_, Transmission indeed
<sm_> Okey. You might be able to set it up with this guide: http://www.cyberciti.biz/tips/howto-configure-ubuntu-fedora-linux-pptp-client.html
<wiehan> sm_, ty will investigate
<sm_> wiehan, This might be useful 2: https://forum.transmissionbt.com/viewtopic.php?f=1&t=10732
<sda> Hi all! I would like to access my desktop from another device. I would also like to be able to choose the resolution at connection like RDP. Also I would like to be able to connect with different users. Do you have any Idea? VNC doesn't seems fit my need!
<TheLordOfTime> sda, "connect with different users" is gonna be hard without something like TeamViewer...
<TheLordOfTime> and that's not a good solution for what you need though
<sda> TheLordOfTime, Truth is I have a server, I would like to start the server with CLI and then ask the users to connect to it to have a full desktop enviroment
<TheLordOfTime> ahh...
<sarnold> sda: I believe that's one of the features of e.g. http://www.edubuntu.org/documentation/ltsp-live
<keithzg> Hmphh. Even new text files I upload seem to mostly get placed as unknown files if they don't have a file extension. That's quite annoying.
<keithzg> Oops, wrong channel, although in fairness my owncloud instance IS running on ubuntu server ;)
<keithzg> Here, though, I'm still wondering how to make the damned MOTD show up when logging in via Mosh instead of SSH.
<sw_> hi. how can I set up on my Ubuntu server that whenever some user logs in via SSH the history is cleared when they exit SSH? I want it to be for all users
<sarnold> keithzg: hrm, moshing to one of my systems shows the usual "N packages can be upgraded..." message
<keithzg> sarnold: Hrmm. Odd. I've even tried it now with two 13.10 servers, both running Mosh 1.2.4a, but no luck, no upgrade/capacity/load messages, just straight to a prompt line.
<sarnold> sw_: check out the HISTFILE environment variable in the bash(1) manpage
<pmatulis> sw_: that's a shell-specific question.  if bash, study /etc/bash.bash.logout
<sw_> sarnold: I seen that actually, so set it to some place it'll be lost? also where should this be set to be picked up for all users?
<vlad_starkov> Question: I'm choosing SSD for Ubuntu+KVM host OS. The guests will be on HDD RAID 10. What capacity of SSD will be enough?
<sarnold> sw_: yeah, I'd aim it at /dev/null -- it's funny, the manpage says to unset the variable to not save the history, but it's hard to place an "unset" in the right place to keep it unset... well, I guess if a user's ~/.bashrc or ~/.bash_profile over-writes the value, it'll over-write the value...
<keithzg> sw_: If you set HISTFILESIZE=0 in /etc/bash.bashrc it should work for all users assuming you're okay with users being able to override that if they want.
<sarnold> vlad_starkov: I've got a pandaboard "server" (though it has a full desktop install on it) that takes 26 gigabytes. If you go for 64 gigabytes, that'll give you some overhead space for e.g. a squid-deb-proxy, some swap, and some free space to prevent excessive writing
<vlad_starkov> sarnold: the server has 16Gb RAM. So what size the swap partition should be?
<sarnold> vlad_starkov: my laptop's got 16 gigs RAM, I sometimes have ten VMs running at once (768 M ram in the VMs) and I don't think I've seen more than one gigabyte of swap use
<vlad_starkov> sarnold: I see
<sarnold> vlad_starkov: (I did go with 16 gigs swap on my laptop, primarily so I could use hibernate if I wanted.)
<sw_> keithzg: I have an /etc/bashrc, no /etc/bash.bashrc, is that the same?
<vlad_starkov> sarnold: how many free space should I reserve on SSD? Should I partition it somehow or just leave unpartitioned?
<sarnold> vlad_starkov: I like having a separate /home partition but if this machine won't have any "real" local users, you can probably skip it
<keithzg> sw_: Yeah, that should be the same, that's the older convention IIRC (I see bash.bashrc on a pair of newly configured 13.10 machines, but I remember it used to be just /etc./bashrc)
<sw_> keithzg: thanks! so is it better to 'unset HISTFILE', or 'HISTFILE=/dev/null', or 'HISTFILESIZE=0'?
<sw_> I guess they all do the same thing, but would one be more logical? :p
<keithzg> sw_: Yeah, the result is pretty much the same. I'd gravitate towards the last two;  I know with HISTFILESIZE=0 the history will exist for the session and then be lost upon logging out, I assume the same is true for the /dev/null method but I don't know for sure.
<keithzg> sarnold: Hmm, I don't see /etc/motd on the servers I'm trying to get a message via my Mosh login, whereabouts is that pulled from nowadays then?
<vlad_starkov> sarnold: thanks
<sarnold> keithzg: check out /etc/update-motd.d/
<keithzg> Hrmm. Okay, and then it runs and writes to /var/run/motd for every login. Interesting.
<keithzg> Apparently if I create /etc/motd manually it spits it out upon login via Mosh.
<sarnold> keithzg: do you have the pam_motd module configured in /etc/pam,d/sshd ?
<sarnold> /etc/pam.d/sshd
<MrBill> Im looking to restore data from an old dat tape but don't know what program was used to back the data up. Can anyone here help me with this?
<sarnold> MrBill: first thoughts: tar pax cpio lonetar (commercial program, dunno if you can still get it..)
<sarnold> MrBill: perhaps amanda? it might use other tools to do the actual tape work..
<MrBill> Alright ill take a look. Tar fails. that was my first guess. ill try the others you mentioned. I also tried to do jsut a raw dd dump of the tape so i wouldnt ahve to keep waiting around for the tape, but that kept throwing IO errors.
<sarnold> ugh, yeah, I can imagine. It's been ages since I've done tape things, I don't know if I'd expect a 'dd' to work or not. I'd hope it would...
<mdeslaur> MrBill: was the tape even written from a linux server?
<MrBill> there was supposed to be a copy of some really interesting software on this particular tape, so im really hoping it is not bad.
<vlad_starkov> About SSD: https://sites.google.com/site/easylinuxtipsproject/ssd#TOC-Limit-swap-wear-and-tame-the-inode-cache
<MrBill> well, the main machine that ran the show at the business that this server was at was running some form of unix/linux, and there are linux style directories listed on it, so i would assume so.
<mdeslaur> ok
<mdeslaur> there's arkeia too
<MrBill> listed on the label of the tape that is
<sarnold> vlad_starkov: yikes, the advice on that page ranges all over the place -- using ahci is very nearly required, setting up fstrim in a cronjob is a good idea, noatime breaks some features where the default "relatime" drastically reduces atime updates but doesn't break features ..changing the swappiness will help some users and hurt other users, and disabling the browser caches is just insane.
<vlad_starkov> sarnold: what about item "Ubuntu 12.04: change the scheduler to deadline" ?
<sarnold> vlad_starkov: sounds decent enough.
<vlad_starkov> sarnold: what Ubuntu-Server version do you recommend for KVM?
<sarnold> vlad_starkov: 12.04 LTS -- it's the newest released LTS. :)
<vlad_starkov> sarnold: OK)
<sarnold> vlad_starkov: if you're looking to build something on 14.04 LTS when it comes out, then perhaps it'd be worth testing with trusty along the development path
<vlad_starkov> ok
<vlad_starkov> Thnks
<vlad_starkov> A good explanation about TRIM feature for SSD http://www.youtube.com/watch?v=NnBk2IGYerU
<keithzg> sarnold: Looks like it's set up in /etc/pam.d/sshd (http://pastebin.ubuntu.com/6590964/); and yeah, it works fine if I login via SSH, just not mosh.
<sarnold> keithzg: odd, I thought sshd was responsible for setting up the mosh channel..
<keithzg> sarnold: Well, it sets up the initial connection/handshake and starts the client-side mosh instance, but then it's mosh->mosh, at least as far as I understand.
<keithzg> sarnold: I'm tempted to just symlink /var/run/motd to /etc/motd, heh. That should do the job, at least.
<sarnold> keithzg: if you go that way it might be easiest to uninstall the dynamic motd package..
<keithzg> sarnold: Oh, but in theory though, the dynamic motd will be running every time mosh does the ssh handshakey portion, no? And then mosh reads the new motd through the symlink, et voila.
<keithzg> Or maybe I'm missing something and being overly optimistic, since it doesn't seem to be updating . . . even when I login via ssh. Hmm. Still info circa Dec 12.
<vlad_starkov> Question: Is it fine choice for os SSD: http://ark.intel.com/products/74949/Intel-SSD-DC-S3500-Series-80GB-2_5in-SATA-6Gbs-20nm-MLC ?
<sda> Hi all! I would like to create a remote session on my desktop from another device. I would also like to be able to choose the resolution reconnect. And be able to connect multiple different users.
<TheLordOfTime> sda, that question on its own is vague.
<TheLordOfTime> sda, [2013/12/17 13:51:01] <sda> TheLordOfTime, Truth is I have a server, I would like to start the server with CLI and then ask the users to connect to it to have a full desktop enviroment
<TheLordOfTime> [2013/12/17 13:54:33] <sarnold> sda: I believe that's one of the features of e.g. http://www.edubuntu.org/documentation/ltsp-live
<TheLordOfTime> sda, from about 3 hours ago
<sda> TheLordOfTime,  yes, but it's not what i searched, i worked 3hours with it :) Truth is I would like something like RDP for windows. But xrdp on linux doesn't work as well as on Windows
<soahccc> Can anybody give me some tips of how to pinpoint the cause of occasional lag on my server. I can't see anything with htop (delay 0.25) nor with iostat (iotop doesn't work unfortunately). Syslog doesn't show anything interesting and the raid is also operating normally. I don't know what to do know :(
<soahccc> With lag I mean a webpage takes > 20 seconds to load, connection via SSH hangs, etc.
<soahccc> The load is around 5 while the only thing I notice is an iowait of 2%
<sarnold> soahccc: are you doing anything like logging hostnames in apache request logs?
<wam> soahccc: vserver or bare metal?
#ubuntu-server 2013-12-18
<Gaming4JC> Hello, I got the idea that my webhost Ubuntu Server doesn't have enough space for e.g. the uploads folder. Is it possible to have a folder accessible to the main server while actually uploading to the second server? If so what program/method would you guys suggest?
<jrwren> Gaming4JC: are you looking for a network filesystem?  NFS?
<sarnold> nfs? cifs? ceph? nbd? iscsi? s3 or similar "object" storage?
<Gaming4JC> jrwren: perhaps. My idea is to have a website to provide package files for a distro, however I can't mirror them all on one server since the HDD is too small.
<Gaming4JC> so I wanted to break it up by having one of the biggest folders on another server, while still acessible for anyone downloading
<Gaming4JC> from the main url.
<jrwren> Gaming4JC: if it is just web, use a CDN
<Gaming4JC> right but I'm too cheap for paying for a CDN, I'd rather make my own :D
<Gaming4JC> sarnold: jrwren: NFS + remote mounting should do the trick, thanks for the tip guys :)
<sarnold> Gaming4JC: cool :) have fun!
<mattcen> Hi all. I'm trying to debug a running cupsd instance with gdb (I want to check it's calling a specific function). I've tried installing cups-dbg, followed by cups-dbgsym (from ddebs.ubuntu.com), but no matter how invoke gdb, It says it can't find debugging symbols for /usr/sbin/cupsd. Any ideas?
<sarnold> does it need to be gdb? ltrace or latrace may be easier
<mattcen> I've never heard of either of them
<mattcen> They appear not to be available on Lucid (yes, I realise I'm dealing with a really old OS, please don't judge; it'll be going away in a couple of months)
<mattcen> Oh nevermind, I wasn't looking hard enough
<sarnold> mattcen: latrace perhaps not, I only found out about it a few weeks back; but ltrace is as old as the hills..
<mattcen> Doesn't look like it's giving my anything useful
<mattcen> "unexpected breakpoint" followed by "Child exited"
<sarnold> !
<sarnold> well that's strange
<mattcen> Either way, in order to inspect the contents of the binaries I need to be able to load the symbols, and that's what appears to be failing
<mattcen> Keep in mind this is a running instance; it may behave differently if I started a new instance
<sarnold> right :/
<mattcen> Oh dear. Cups forks into the background, and it's not letting me follow the process (if I start a new cups instance that is)
<mattcen> So yeah, new ideas appreciated...
<pjetr> Hi, a bit of a noob question. I've removed ruby 1.8 and installed 2.0 by compiling it from sources. The command ruby still points to the old /usr/bin/ruby instead of /usr/local/bin/ruby
<pjetr> how do I update this?
<pjetr> okay, and could anybody help me rephrase that so that I get results when I google?
<jamespage> zul, need a +1 for backporting psutil - need >= 0.6.1 for neutron in icehouse
<jamespage> zul, raising a MP to version on the package right now
<yolanda> jamespage, is rabbitmq-server for grizzly working for you?
<jamespage> yolanda, yes
<yolanda> i used cloud:precise-grizzly as source, but i get this error
<yolanda> http://paste.ubuntu.com/6593527/
<jamespage> yolanda, why are you using that on the source for rabbitmq-server? its not  in the cloud archive
<yolanda> did you ouse same source?
<yolanda> oh, just set that setting generally in the deployment
<yolanda> not specially for rabbitmq, sorry
<yolanda> rabbit version is Installed: 2.7.1-0ubuntu4
<jamespage> zul, https://code.launchpad.net/~james-page/ceilometer/fixups-december-master/+merge/199438
<jamespage> yolanda, I suspect that is some sort of other problem - where are you testing?
<jamespage> yolanda, rabbitmq does funny things when dns/ip's don't resolve correctly
<yolanda>  jamespage, just trying to setup an openstack environment to test active-active
<yolanda> but zone 2 stopped working today, switched to zone 1 and saw these errors
<jamespage> yolanda, where not what :-)
<zetheroo> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<zetheroo> I am wondering if there is any more specifics relating to this issue with webmin from the Official Ubuntu camp .. !?
<rbasak> zetheroo: I'm not sure that anybody in the "Ubuntu camp" actually uses or develops webmin.
<rbasak> zetheroo: so if you use webmin, you quite severely limit the number of people who might understand the situation and be able to help you if you get stuck.
<rbasak> zetheroo: however, it's all free software, right? So there's nothing to stop you from using it.
<jamespage> zul, golly the neutron unit test suite takes along time to run!
<rbasak> Or if there's a separate group who can help you with Ubuntu Server and webmin, then that works, too. I'm not just sure that group exists; they're certainly not here.
<cfhowlett> webmin is no longer recommended.  consider you options.
<zul> jamespage:  more tests more awesomeness
<jamespage> zul, I'm trying to get the test suite to a point where we can gate on it again
<zul> jamespage:  ack
<jamespage> zul, almost have the ml2 stuff working - that's my pre-christmas objective
<zetheroo>  rbasak: I do use it .. but I am using it very carefully because I am wary of what Ubuntu is talking about when it says the above ..
<rbasak> zetheroo: you can use it, but just be aware that there are not many people who can help you if you turn out to need help, and nobody knows how well it works. Also, if you do ask for help, please be sure to let people know that you're using webmin, so you don't waste their time, since they're just going to get confused about the state of your system and misadvise you on that basis anyway.
<jamespage> zul, why would the waitress unit tests not run in a package build?
<zul> jamespage:  i dont remember right now still waking up :)
<zetheroo> rbasak: sure, of course. Just to be clear though, I am not asking for help so much as I am asking if anyone knows the details behind the message above ...
<zul> jamespage:  i think it tries to access a webpage to scrape it
<yolanda> jamespage, at the moment, send the MP for charmhelpers: https://code.launchpad.net/~yolanda.robla/charm-helpers/rabbitmq_ha/+merge/199453
<bgardner> zetheroo: The last time I investigated this, the major difference was where webmin expects to find config files & what the correct methods to read or update them are vs where Ubuntu places them.
<bgardner> zetheroo: My conclusion was to listen to ubottu and walk away from webmin.  :P  I liked webmin, but the risk is not worth the reward.
<zetheroo> bgardner: ok, tks
<zetheroo> is there a GUI for mdadm ?
<pablo_> Is there anyone with knowledge of Ubuntu AMI for Amazon?
<Shockwave> hi people!
<Shockwave> help me with install openaudit please
<Shockwave> iá¸¿ downlod in the server but I canot install in server ubuntu
<Shockwave> is very complicated for me
<hallyn_> zul: so what is the status of libvirt 1.2.0 for trusty?
<zul> hallyn_:  im going to pound it out today
<hallyn_> zul: oh, and the commit manoj wanted is in 1.2.0, so no extra work actually needed there.
<hallyn_> cool, thanks
<zul> jamespage:  ping got a second?
<jamespage> zul, not right now
<zul> jamespage:  ok ill wait
<Shockwave> do you have tutorial for install open-audit=?
<jamespage> zul, https://code.launchpad.net/~james-page/neutron/test-fixes/+merge/199479
<zul> jamespage:  can you send a merge request for psutil
<zul> upstream
<zul> hallyn_/jamespage: does this look sane to you? http://pastebin.ubuntu.com/6594812/
<hallyn_> zul: no, doesn't python-libvirt need to depend on libvirt-python?
<hallyn_> or does libvirt-bin do that? no, it can't, or at least didn't in your last version
<zul> hallyn_:  i fixed it locally, im more worried about the conflict line
<zul> i mean replaces line
<zul> hallyn_:  the new libvirt-python source package, the binary package will be called python-libvirt
<zul> so that should be ok
<hallyn_> oh, then hold on,
<hallyn_> i got mixed up :)
<hallyn_> so what is going to force uers with libvirt-python installed to get upgraded to python-libvirt?
<hallyn_> you still ned a libvirt-python package in there, empty, depending on python-libvirt, dn't you?
<hallyn_> i'm sorry.
<hallyn_> now i see.
<hallyn_> zul: for the Replaces - does it actually replace some files from older libvirt-bin?
<zul> hallyn_:  i belive so
<hallyn_> dpkg -x and make sure :)  if not, then drop the REplaces...
<hallyn_> and if so, don't you also need Breaks or Conflics?
<hallyn_> i'm no expert, that's just based on my painful qemu experience :)
<zul> hallyn_:  im not sure thats why i want jamespage's opinon as well
<jamespage> zul, google renaming a debian package
<jamespage> its the same principle
<jamespage> hallyn is right
<zul> jamespage:  but the binary package name is the same as the old one
<jamespage> zul, one second
<zul> jamespage: k
<Shockwave> lokooo lokooo lokoo
<zul> jamespage:  https://code.launchpad.net/~zulcss/cinder/taskflow/+merge/199488 as well
<jamespage> zul, hows the versioning?
<jamespage> zul, looks OK
<jamespage> I don't think you even need the breaks bit
<jamespage> as its not a rename; so long as libvirt has stopped outputting python-libvirt its all good
<zul> ok cool thanks
<jamespage> sorry - Repalces
<jamespage> not breaks
<zul> hallyn_:  ok i have python-libvirt buidilng fine now
<hallyn_> and upgrading?
<zul> yeah
<zul> hallyn_: http://people.canonical.com/~chucks/libvirt
<zetheroo> what will be the qemu version in 14.04?
<hallyn_> zetheroo: probably 1.7
<zetheroo> nice
<hallyn_> zetheroo: that's in trusty now
<zetheroo> ok
<imMute> so my kernel options include "console=ttyS0,115200n8" and even though I run "dmesg -n 7", KERN_DEBUG messages aren't printed to the console - I have to run dmesg to see them.  This is not the case on my other Linux machine - what is different about Ubuntu?
<jamespage> zul: did you ping me with a merge-proposal? I can't find it
<jamespage> zul, also if you could review and merge https://code.launchpad.net/~james-page/ceilometer/fixups-december-master/+merge/199438 and kickoff the lab jobs that would be appreicated :-)
<zul> <zul> jamespage:  https://code.launchpad.net/~zulcss/cinder/taskflow/+merge/199488 as well
<jamespage> zul, thats it
<jamespage> zul, approved with requirement for minor typo fix in changelog
<zul> jamespage:  okies
<rbasak> imMute: you're looking on your serial port, right? #ubuntu-kernel might be able to help you.
<adam_g> jamespage, just looked at the ceilometer branches. +1
<K4k> Hey, what's the best way to account for different hard disk naming schemes in different system manufacturers in preseed files?
<K4k> I currently have it set "d-i partman-auto/disk string /dev/sda" but I just ran into an issue where the drives in a server a named "sdaa, sdab, sdac, etc"
<TitoN> hi. i just got a dell r320 server and wanted to install ubuntu on it. I tried to setup a raid1 but it didnt seem to work when i did a raid1 with discs in raid mode as opposed to ahci mode and then do a software raid..... with software raid the os installs but after reboot it stops att looking for devices......anyone know what that can be?
<TitoN> anyone here?
<manjo> zul, will the final version of libvirt for trusty be 1.1.3++ ?
<manjo> zul, there are a few projects that depend it being > 1.1.3
<zul> 1.2
<zul> mango: so yes if my math is right ;)
<manjo> zul, can we bump that version to 1.1.3++ ?
<manjo> ah you said 1.2
<manjo> I kept reading it as 1.1.2 ...
<manjo> zul thanks
<binaryhat> i have port forwarding set on my router for ssh but i cant ssh from the outside to the server.
<K4k> Is anyone else having trouble with the install mirrors right now?
<K4k> I'm having a hard time believing that a netboot mirror would just up and break on a product as large as Ubuntu and I'm convinced it's my config but have no way to confirm this.
<metasansana> How do I skip the first screen for a new install using kickstart or preseedin?
<metasansana> The screen with the logo and the install options
<Jinxed-> Any ideas of software that could be used a VTC conferencing node supporting multi-user VTC?
<hallyn_> zul: ok, pkg build took forever, but python-libvirt upgrades finally worked right (how could they not with the rename :)
<hallyn_> starting qrtn ow
<adam_g> zul, any idea why we skip so many of these tests? http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/trusty/keystone/trusty/view/head:/debian/patches/fix-ubuntu-tests.patch
#ubuntu-server 2013-12-19
<Zal> Hi all, anyone know of any known problem with the latest ubuntu precise LTS AMI? Since switching to it, we're getting segfaults when trying to use Apache + SSL. strace isn't showing anything useful.
<Zal> Or, how about ... where can I find a changelog for differences between Precise LTS Amazon machine imgages that are released?
<sarnold> Zal: this isn't exactl what you asked for, but it might yet be useful.. https://lists.ubuntu.com/archives/precise-changes/2013-December/date.html
<Zal> sarnold, that's certainly a great start, thank you!
<adam_g> ahs3, any plans for a new jenkinsapi upload to debian?
<ahs3> adam_g: hadn't planned on it until next week when i have some time.  need it sooner?
<adam_g> ahs3, nah, was gonna do a merge to ubuntu but figured id see if there was an update coming first
<adam_g> i'll hold off
<ahs3> adam_g: okey dokey.  if you need to do an NMU, go for it
<adam_g> ahs3, cool thanks
<Sephizor> Hi, can anyone possibly help with a problem I'm having with postfix/dovecot/spamassassin?
<pmatulis> !ask | Sephizor
<ubottu> Sephizor: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Sephizor> Fair enough. Just thought I'd see if anyone had general knowledge of the subject area first
<Sephizor> Anyway...Ever since I installed spamassassin yesterday, I've not been getting any mail at all in my inbox
<sarnold> sounds like mission accomplished :)
<jkitchen> indeed
<Sephizor> Heh...
<jkitchen> can you do that for me too?
<sarnold> lol
<Sephizor> I have a virtual user setup with postfix/dovecot
<jkitchen> in all seriousness though, are the messages in your queue? "mailq" will tell you
<Sephizor> And it seems like the deliver command isn't working
<jkitchen> mailq should also say *why* they're in your queue.
<Sephizor> Yeah, there are messages in the queue
<Sephizor> "Unknown mail transport error" and "temporary failure"
<Sephizor> Not much help :|
<jkitchen> can you paste a full message?
<Sephizor> Define "full message"
<jkitchen> ^.*$
<Sephizor> Lol
<jkitchen> ?
<Sephizor> I mean like...do you want me to paste the output of "mailq" or a mail.log entry?
<jkitchen> yes
<pmatulis> /var/log/syslog will show you the mail being processed, that's where i would look first
<Sephizor> Dec 19 01:19:43 trixie postfix/error[2651]: 2A7CA1825E: to=<sephizor@sephizor.com>, relay=none, delay=0.11, delays=0.11/0/0/0, dsn=4.3.0, status=deferred (unknown mail transport error)
<Sephizor> Ehh...ok, that one was me editing configs to try and track down the problem
<Sephizor> The error I was getting before:
<Sephizor> Dec 19 01:22:27 trixie dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=1052(spamd) egid=1051(spamd) missing +r perm: /var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)
<pmatulis> did you follow the hint Sephizor ?
<Sephizor> Yes, the file is owned by root:root but I tried changing it to dovecot:root with no success
<jkitchen> Sephizor: based on that log message: 1) what user is trying to read 2) what file?
<jkitchen> and 3) what error is it getting when it tries
<pmatulis> spamd is being prevented from reading
<jkitchen> pmatulis: ssshh!
<jkitchen> :)
<Sephizor> I know
<Sephizor> I've added a+r
<Sephizor> to it
<Sephizor> But guys, please can we drop the condescending tone?
<jkitchen> Sephizor: right, but what about directories above it? what are those perms?
<jkitchen> Sephizor: sorry, wasn't trying to be condescending, was trying to teach
<jkitchen> by answering those questions you inherently think about what the problem could be
<Sephizor> I know, I'm not a Linux noob though at all
<jkitchen> "spamd user is trying to read /var/run/dovecot/auth-userdb and is getting permission denied"
<jkitchen> so, first thing to check: perms on /, /var, /var/run, /var/run/dovecot, /var/run/dovecot/auth-userdb
<Sephizor> I'm just confused why adding spamassassin suddenly breaks everything when it worked fine for ages
<Sephizor> Oh, and I changed the user to dovecot
<Sephizor> With no success
<jkitchen> and make sure spamd user would be able to traverse all of those directories and read the file (in this case most likely a socket)
<Sephizor> Still had that error
<jkitchen> changed what user to dovecot?
<Sephizor> In the master.cf postfix config
<Sephizor> To run spamd
<jkitchen> ok
<jkitchen> Sephizor: what are the permissions on /, /var, /var/run, /var/run/dovecot, /var/run/dovecot/auth-userdb
<Sephizor> Ok, so, /var/run/dovecot is 755 root:root
<jkitchen> (yes, I always check /, I had / get chmodded once and that caused some weird issues)
<Sephizor>  /var/run is 755 root:root
<Sephizor>  / is 755 root:root
<jkitchen> and /var/run/dovecot/auth-userdb?
<Sephizor>  644 root:root
<jkitchen> ok, then that's no longer the error you're getting
<jkitchen> *or* you're looking at the wrong path. postfix likes to chroot things
<Sephizor> Error changed to "missing +w", so I've added that too...just to wait until it tries to process the queue again I guess
<jkitchen> ok, but you don't want to just blindly chmod +w files
<jkitchen> especially when they are email related
<jkitchen> how did you incorporate spamassassin into your postfix / dovecot setup?
<Sephizor> Added "-o content_filter" to the smtp line
<Sephizor> And added the following at the bottom of the file:
<Sephizor> spamassassin    unix    -       n       n       -       -       pipe
<Sephizor>   flags=DRhu user=spamd argv=/usr/lib/dovecot/deliver
<Sephizor>   -f ${sender} -d ${recipient}
<jkitchen> ok, so that's where you changed user to dovecot previously?
<Sephizor> user=dovecot
<Sephizor> Yeah
<jkitchen> ok
<jkitchen> can you post your full master.cf and main.cf files? (using a pastebin of course)
<jkitchen> also, you don't need to wait around for postfix to try again, you can always 'postfix flush' to force things to try again
<jkitchen> assuming you don't have an enormous mail queue it should be fine
<Sephizor> 30 mails
<Sephizor> Not too big
<jkitchen> yea, that's nothing.
<jkitchen> I'm talking if your queue is over a million or something hehe
<Sephizor> :p
<Sephizor> Hang on...gotta scp these down from my server >.<
<sarnold> if you install pastebinit on your server you can more easily pastebin content originating from it..
<Sephizor> main.cf: http://paste.ubuntu.com/6597408/
<Sephizor> master.cf: http://paste.ubuntu.com/6597424/
<Sephizor> I've also tried this using sendmail for the spamd command
<Sephizor> See anything?
<jkitchen> Sephizor: yes
<jkitchen> your "spamassassin" content filter is trying to use dovecot/deliver ...
<jkitchen> I think that needs to change to something like "spamc"
<jkitchen> https://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix
<pmatulis> Sephizor: where did you get your configurations from?
<jkitchen> you have mailbox_command dovecot deliver
<jkitchen> which is probably correct
<Sephizor> Ok, I changed argv to have "/usr/bin/spamc -f -e" before the dovecot command (as per other tutorials)
<jkitchen> no, I think you need to remove the dovecot command entirely
<Sephizor> Oh
<jkitchen> it's a content filter, not a final delivery sequence
<jkitchen> either that or you can implement it in the mailbox_command in master.cf, perhaps
<Sephizor> Ok, so now the queue is empty
<Sephizor> But still no mai;
<Sephizor> *mail
<jkitchen> what do the logs say?
<Sephizor> Dec 19 02:02:20 trixie postfix/pipe[3930]: B37201825F: to=<sephizor@sephizor.com>, relay=spamassassin, delay=2296, delays=2271/13/0/11, dsn=2.0.0, status=sent (delivered via spamassassin service)
<Sephizor> So I'm guessing I have to put the deliver command in the master.cf
<Sephizor> Still no luck :(
<Sephizor> So I gave up
<Sephizor> Removed spamassassin with apt-get purge
<Sephizor> And removed all stuff relating to it from the postfix config
<Sephizor> And I still get an error about it...wtf!?
<Sephizor> Anyone know how I can get rid of a "
<Sephizor> warning: connect to transport private
<Sephizor> " error?
<Sephizor> After uninstalling spamassassin
<Sephizor> I've found the cause, the message was received when spamassassin was still installed and now it's stuck in the mail queue
<Sephizor> But I don't want to remove it from the queue since it's an important email which I need to read >.<
<zul> adam_g: some of the tests were skipped because of babel issues when havana was out
<Sephizor> Oh f'ing yes! I managed to retrieve the mail!
<Sephizor> It was a response to a job application
<Sephizor> That would have been hell if I'd lost that
<JanC> Sephizor: mail is just text files you know, so reading it while it's still in the quee would have been possible too  ;)
<JanC> just stored as text files
<Sephizor> It said the contents were deferred
<Sephizor> So I couldn't read it with postcat
<Sephizor> Now I just need to figure out where spamassassin actually "delievered" the mail that was in the queue before to...Since it said it was successful but isn't in my inbox
<hallyn_> zul: down to three failures in the libvirt tests.  one i know about and need to fix in qrt one day.  the others are two of the same failure, but worrisome
<hallyn_> http://paste.ubuntu.com/6597877/
<hallyn_> looks like after a device is removed, it is not removed from the apparmor policy
<hallyn_> jdstrand: ^ I assume, based on the test being there, that it is supposed to be?
<_ruben> bugger .. backported targetcli (2.1-1) doesn't work on precise
<_ruben> doh .. forgot to backport its library dependencies
<XATRIX> Hi guys, what's wrong with it ?
<XATRIX> http://ur1.ca/g7zko
<XATRIX> As long as i see , i have no installed midnight commander.
<jamespage> adam_g, ta - promulgated!
<zul> jamespage:  seen this?
<jamespage> zul, seen what?
<zul> jamespage:  doh https://launchpadlibrarian.net/160202855/buildlog_ubuntu-precise-i386.neutron_1%3A2014.1%2Bgit201312190800~precise-0ubuntu1_FAILEDTOBUILD.txt.gz
<zul> jamespage:  seems like subunit is missing testtools
<jamespage> zul, I thought I fixed that up yesterday
<zul> jamespage:  hmm..
<jamespage> zul, evidently not
<jamespage> zul, I thought it was due to an early backport of subunit that just needed a rebuild
<jamespage> zul, its only impacting on 12.04
<zul> jamespage:  ack
<jamespage> zul, I disabled the test execution for neutron in the lab - it takes so long the build times out and dies
<jamespage> we need todo something about that but not quite sure what right now
<zul> jamespage:  okies thats unfortunate
<jamespage> zul, we limit concurrency which does not help
<jamespage> zul, I could bump it back up again and see
<zul> jamespage:  cool
<jamespage> zul, actually I think this is my bad - I dropped it 4->1 for concurrency two commits ago
<jamespage> I'm going to push that back up
<zul> jamespage:  cool...i thought i merged my taskflow cinder fix yesterday apparently i didnt
<zul> jamespage:  the percona testssuite fails btw
<jamespage> zul, yeah - I just saw
<jamespage> thats on 14.04
<jamespage> zul, OK thats wierd - in the lab it actually runs the tests on 12.04 with no problems - they time out but...
<zul> jamespage:  doh! http://pastebin.ubuntu.com/6599908/
<caribou> I'm looking at the cloud-initramfs-tools FTBS
<caribou> seems that Dustin's last commit brings overlayroot/etc/update-motd.d which is a directory under overlayroot/etc
<caribou> this breaks the install statement in the Makefile that returns an error because of the directory under etc
<jamespage> zul, the only diff I can think of re subunit is that in the lab it gets built on amd64 arch, but in PPA its done on i386
<zul> jamespage:  weird
<jamespage> zul, just trying that now
<jamespage> zul, is OK in 14.04 and in the lab archive
<jamespage> but broken in the PPA's
<zul> gotcha
<kirkland> caribou: hmm, do you have a fix?
<kirkland> caribou: sorry about that...
<caribou> kirkland: looking for one; I'm not a Makefile/install guru; just need to figure out how to install the subdir as well
<caribou> kirkland: no worry
<jamespage> zul, linked the MIR for python-jsonpath-rw + ply to your openstack blueprint
<zul> jamespage:  thanks
<jamespage> zul, all OK - ply needs some test enablement (currently fails some python3 tests but OK under python2)
<zul> jamespage:  cool networkx still uses python-support
<jamespage> zul, that will need fixing I guess
<zul> jamespage:  fixing it now
<jamespage> nice
<jamespage> zul, make sure that goes back to Debian - that's definately delta we don;t want to worry about going forwards :-)
<jamespage> zul, Ran 9828 tests in 2536.629s
<jamespage> omg that's alot of tets
<jamespage> and one still fails...
 * jamespage sighs
<zul> neutron?
<jamespage> zul, was there a specific reason we have not mir'ed jsonrpclib
<jamespage> its needed for one of the mechanism drivers for ml2
<jamespage> and I noticed it was pushed out of requirements.txt
<zul> jamespage:  upstream sneaked it in during our FF
<jamespage> zul, I'll add it to the MIR list
<zul> jamespage:  ok
<zul> it seems to me we are doing more MIR this cycle than last
<jamespage> zul, nice easy one this time -https://code.launchpad.net/~james-page/neutron/enable-jsonrpclib/+merge/199670
<zul> jamespage:  +1 merry christmas ;)
<jamespage> zul, ta
<zul> jamespage:  just a heads up in keystone http://pastebin.ubuntu.com/6600207/
<jamespage> zul, ok - ta
<zul> jamespage:  i dont know how it affects the charms if any
<jamespage> zul, well as it deprecated - nothing immediately
<jdstrand> hallyn_: re apparmor profile updated on detach> yes. that is a very old (2.5+ years) test
<TheLordOfTime> rbasak: ping
<jdstrand> hallyn_: if it isn't doing it, then it seems there is a regression
<rbasak> TheLordOfTime: otp
<TheLordOfTime> rbasak: mind if I ask the reason for the drop of lua from nginx-extras for the MIR? (one of the Debian maintainers is curious)
<TheLordOfTime> (unless I missed policy somewhere, which sometimes happens since there's so much to track >.>)
<rbasak> TheLordOfTime: because lua is in universe. Source packages in main cannot build-dep on packages in universe.
<TheLordOfTime> rbasak: that's what i suspected, wasn't sure.
<TheLordOfTime> rbasak: there is a decent bit of usage of the lua plugin in nginx, if anything, -extras might just be left in universe...
<TheLordOfTime> rbasak: honestly, I'd rather *not* have to have the server team maintain -extras, there's third-party plugins that not even the nginx team truly maintains
<rbasak> TheLordOfTime: unfortunately we can't do that. The source must be buildable entirely without universe.
<TheLordOfTime> and are causing issues (case in point Debian Bug 732251)
<uvirtbot> Debian bug 732251 in nginx-extras "nginx-extras fastcgi_cache and proxy_cache both trigger errors with the push module" [Minor,Open] http://bugs.debian.org/732251
<rbasak> TheLordOfTime: or, we need to pull lua into main. I think that's unlikely though.
<TheLordOfTime> rbasak: if neither of those options is likely, we're likely to see a lot more bugs about the lack of a lua module
<rbasak> jackweirdy: o/
<TheLordOfTime> which means ultimately for those bugs we're going to have to Won'tFix those and say "Use the nginx team PPA if you want the Lua module"
<rbasak> TheLordOfTime: unfortunately that's a cost of having a "support everything!" package in main.
<TheLordOfTime> rbasak: you speak truth.
<TheLordOfTime> rbasak: Debian can complain, but as long as the nginx team PPAs end up having whatever Debian has in it I don't think they'll make a huge fuss about it
<TheLordOfTime> assuming you don't mind the perpetual deviation from bug triage policy for "no lua" bugs and me having to send people over to use the nginx team PPA while at the same time marking "Won't Fix" on any "Please include the lua module" or similar bugs.
<TheLordOfTime> (ultimately, that makes my job easier for triaging either way)
<rbasak> TheLordOfTime: otp. Will respond in a bit.
<jamespage> TheLordOfTime, rbasak: if we want to keep -extras its probably possible to have a second source package still in universe that builds those
<jamespage> but its an overhead I'd rather avoid
<TheLordOfTime> jamespage: workaround is as i said, direct people who are annoyed about the lack of Lua in main-included nginx to the team's ppas, which aren't part of main...
<TheLordOfTime> s/team/nginx team/
<TheLordOfTime> but that's just a measure to get people off our case, according to Debian maintainers, there is moderate use of the lua plugin in -extras
 * TheLordOfTime personally only uses nginx-full because he doesn't need the extra crap in -extras, but meh
<hallyn_> jdstrand: i'm not sure where that regression is being introduced then.  The disk device is still being removed from the domain before security_apparmor.c:reload_profile() is called, so I woudl *expect* it to do the right thing...
<jdstrand> hallyn_: did they refactor the security hooks in some way? in the distant past, there were changes made that seemed ok but only actually worked for selinux because it uses on disk labelling and we use dynamic labelling
<hallyn_> jdstrand: not sure.  i'll have to dig (and am afraid i may not have time)
<hallyn_> jdstrand: would you say it's ok to push libvirt 1.2 with that regression and keep a bug open about it?
<rbasak> TheLordOfTime: I think you summarised everything well. For "no lua" bugs, we can just mark them as dupes of a won't fix bug which has an explanation and pointers to alternatives (eg. a PPA).
<TheLordOfTime> rbasak: assuming the MIR is accepted, and nginx migrates to main with the lua drop, would it hurt for me to create the bug that we can mark the others as a dupe of after that, or should I just wait for people to start complaining
<TheLordOfTime> (because the complaining *usually* ends up in my email first >.>)
<rbasak> TheLordOfTime: preempting emails and creating a bug in advance is absolutely fine.
<jdstrand> hallyn_: so long as it gets fixed before release, sure. the thing is, if you detach a device from one vm and attach the same device to another vm, the apparmor profile still allows access to it so we break enforcement of vm isolation
<TheLordOfTime> mmkay, i'll add that to my todo list if the MIR is approved and nginx migrates over.
<jdstrand> hallyn_: I'd definitely put it into the 'High' category and targeted for trusty
<hallyn_> jdstrand: yup
<hallyn_> zul: ^ go ahead and push libvirt when you're happy with it.  I'll push a fix for the regression hopfully on monday.
<hallyn_> zul: (and lemme know when you push so i can open a bug for the regression0
<hallyn_> eh i'll just open the bug now
<hallyn_> ere i forget
<zul> hallyn_:  the problem with libvirt-python is that going to be stuck in new unless we get an archive admin to look at it today
<zul> jdstrand:  can you review libvirt-python for me so we dont break the new libvirt im going to be uploading?
<jdstrand> zul: review? what do you mean?
<jdstrand> zul: do you mean deNEW?
<zul> jdstrand:  source new
<jdstrand> zul: libvirt-python is a new source?
<zul> jdstrand:  it is
<hallyn_> jdstrand: upstream split it up into two packages
<jdstrand> weird
<zul> jdstrand:  what hallyn_  said
<jdstrand> anyway, won't things break because it'll also need a MIR?
<zul> it needs a MIR yes
<zul> hallyn_:  im uploading it noew
<zul> jdstrand:  should be a simple package to review
<jdstrand> zul: ok, I might not be able to do it immediately
<zul> jdstrand:  ok
<zul> hallyn_/jdstrand: im going to wait until libvirt-python is reviewed before uploading libvirt 1.2
<jdstrand> zul: can you file a mir bug-- it doesn't have to do the whole rigamarole for MIR. just say that it is a package split and all the code was in the archive before
<zul> jdstrand:  sure
<jdstrand> zul: well, assuming that is true of course :) if it isn't, please follow MIR procedure
<zul> jdstrand:  it is
<hallyn_> zul: sounds good, thanks
<zul> hallyn_/jdstrand: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1262758
<uvirtbot> Launchpad bug 1262758 in libvirt "[MIR] libvirt-python" [Undecided,New]
<zul> jamespage:  still around?
<jamespage> zul, yes
<zul> jamespage:  so there is a couple of patches for django 1.6 and horizon in gerrit maybe we should grab them
<jamespage> zul, +1
<zul> jamespage:  i added savanna to the lab
<_root_> anyone can help me with this?  http://askubuntu.com/questions/393067/php-fpm-eating-memory-creating-many-pools
<sarnold> _root_: are all those extra threads actually causing any harm?
<TheLordOfTime> sarnold: i think he's concerned about RAM usage
<TheLordOfTime> sarnold: i'm also pretty certain that he should turn on "Color threads differently" in his htop
<TheLordOfTime> so that we can see what're actually threads and what're actually processes
<sarnold> TheLordOfTime: could be; if so, running 'smem' would be worthwhile..
<TheLordOfTime> rbasak: mind if I borrow your debdiff on the MIR, and add to it to remove the Lua part in the package description, or should I wait for the MIR to be done/worked on/approved ?
<TheLordOfTime> rbasak: oh, also, your debdiff fails to include the current delta we have in Ubuntu, is that a problem?
<adam_g> jamespage, in case you're still around before the holiday, i just proposed the 2013.2.1 branch updates. was hoping to push the packages to saucy-proposed queue before i break
<toyotapie> Is there anyway to see the memory type from within linux ? dmesg was not forthcoming
<patdk-wk_> toyotapie, lshw
<toyotapie> can lshw tell the difference between Registered DIMMs and unbuffered with ECC?
<mic__> hello, does the partman in 12.04.3LTS server installer understand 4k drives?
<sarnold> toyotapie: if it can't, try also dmidecode
<mic__> I cannot confirm - and the installation media has NO fdisk :S
<sarnold> mic__: perhaps gdisk?
<mic__> mic__: but I am about to install ubuntu server from the CD
<mic__> mic__: I try fdisk, parted etc. - none of these are included
<mic__> sarnold: sorry ;)
<mic__> sarnold: small mistype ;)
<mic__> sarnold: so it's utterly hard to verify it during installation. And the performance penalty is very very big...
<sarnold> mic__: yeah, you wouldn't want to screw that up. :)
<mic__> sarnold: but who decided to remove fdisk from the install media? ;) for a server install! ;)
<sarnold> mic__: I assume it'd be someone who knew that fdisk couldn't handle AF drives or GPT formatting and would just muck things up. that's just a guess though :)
<TheLordOfTime> hmm... i have a question regarding MIRs, who do i poke today...
<TheLordOfTime> other than rbasak, i ping him enough
<mic__> this is ridiculous.
<mic__> :(
<mic__> and the rescue system has fdisk, sfdisk and all that jazz.
<fdr-> Hello, has anyone else noticed that the us-west apt mirror is having an issue I think:
<fdr-> "W: Failed to fetch bzip2:/var/lib/apt/lists/partial/us-west-2.ec2.archive.ubuntu.com_ubuntu_dists_precise-updates_main_source_Sources  Hash Sum mismatch"
<fdr-> I've had this happen a few times when using "ami-8635a9b6"
<sarnold> fdr-: are you perchance using apt-cacher-ng?
<fdr-> sarnold: not that I know of
<fdr-> I also booted a fresh system a few times today to try this out (an image burning process I wanted to run in the background)
<fdr-> Other regions seem okay in the same program
#ubuntu-server 2013-12-20
<rbasak> TheLordOfTime: up to you what you want to do. Probably best not to upload until the MIR is approved. I just started with the Debian nginx as an experiment, and posted the result in the bug so as to have a starting point to do it properly. It's not meant to represent a proposed upload.
<techdragon> Ubuntu 12.04 LTS, on Rackspace, 4GB RAM allocated to the vm, and i just went to tune the kernel to help postgresql. Have I done my math wrong or does my vm really have its shmall value set to twice its available memory?  kernel.shmall = 2097152,  2097152 * 4096 = 8589934592KB = 8GB
<techdragon> ^85... (B, not KB, made a typo)
<jamespage> rbasak, hey - could you put some detail into https://blueprints.launchpad.net/ubuntu/+spec/servercloud-1311-uvtools
<jamespage> specifically work items and fillout on the blueprint spec
<rbasak> jamespage: I was under the impression that blueprint was dead. There was nothing to do from the UDS session.
<jamespage> rbasak, so we are not doing any work on uvtools?
<rbasak> I do need to write documentation, I suppose. That's the only real work item.
<rbasak> And fixing bugs.
<rbasak> No other work has been committed to. It works for the use cases that are needed (juju).
<rbasak> Perhaps this should change, but nobody expressed any other needs at the UDS session.
<rbasak> I plan to make it more useful, but there are no specific goals for Trusty.
<rbasak> Unless someone would like to actually give me some.
<jamespage> rbasak, does it support any other work? maybe in juju?
<rbasak> It supports the KVM containers in juju
<rbasak> maas-test uses it, too.
<jamespage> rbasak, you are probably right in that it does not need its own BP
<jamespage> rbasak, I've marked it obsolete...
<jamespage> sorry - superceded
<rbasak> jamespage: thanks!
<jamespage> rbasak, np
<jamespage> rbasak, just trying to get things tidied pre-xmas
<rbasak> jamespage: I appreciate it
<jamespage> rbasak, hopefully status.ubuntu.com might actually reflect our blueprints now - I just went through and accepted and set priorities!
<jamespage> rbasak, I love some of our upstreams more than others - https://launchpad.net/ubuntu/+source/ceph/0.72.1-3/+build/5344708
<rbasak> jamespage: nice!
<jamespage> rbasak, also builds find on arm64
<jamespage> rbasak, how brave are you feeling? want to take a punt at trying to re-sync mysql with Debian in the new year?
<jamespage> rbasak, I know SpamapS is keen to see that happen as well
<rbasak> jamespage: yeah that's something we need to do. I can add it to my TODO for next year
<jamespage> rbasak, excellent - I'll assign the work-item to you for January then :-)  I can help get stuff back into Debian to help remove/reduce delta BTW
<rbasak> ack
<ehnde> is there an ubuntu channel specific to virtualizatioN?
<rbasak> I don't think so, no.
<soren> ehnde: There used to be, but it was folded into this one.
<ehnde> ok, thanks soren
<Mike3620> How do I make chmod 0666 /dev/null work every time I reboot my server /dev/null changes back to 0600. How do I stop this from happening.
<ddsss_> how would I make so mounted nfs4 share is owned by certain user?
<imMute> Mike3620: probably have to make a udev rule
<SpamapS> rbasak: anything I can do to help you sync Debian back up with Ubuntu: just let me know.
<SpamapS> rbasak: would love to just be able to consume those lovely Ubuntu security updates directly. ;-)
<TheLordOfTime> rbasak: (late reply) OK, I'll leave it be and wait.  If they do need a debdiff based off of the delta we already have in Trusty, it'll probably be one of us two who gets to it first.
<TheLordOfTime> since i fixed the issue with / mounting as ro (apparently it was being stupid and needed an fsck before it would mount)
<Underbyte> apparently i'm howling at the moon here, but mysql's 'reload' directive is misleading and stupid, where would be the appropriate place to bitch about this? a bug tracker perhaps?
<Underbyte> (as in /etc/init.d/mysql reload does not reload jack shit)
<IdleOne> Can you please keep the language clean
<Underbyte> sure.
<plm> hi all
<bittin> hi
<plm> anyone know how to compile this https://github.com/VRT-onderzoek-en-innovatie/libsimplelog ? Dont have any README to say how to install. not INSTALL doc, make not wirks, dont have configure too. any idea?
<plm> bittin: any idea?
<sarnold> plm: http://www.sourceware.org/autobook/autobook/autobook_43.html
<sarnold> plm: the bit that starts "aclocal && automake --gnu --add-missing && autoconf" is probably the starting point that is missing
<sarnold> plm: once you've done that, hopefully you'll be able to do the usual ./configure && make && sudo make install   dance
<plm> sarnold: ok
<ubuntutis> i need help should i configure for phpmyadmin with dbconfig-common
<ehnde> i just converted a vmware player .vmdk to qcow2. now i 'm tryint to run it in virt-manager and getting Boot failed: not a bootable disk
<ehnde> any idea what might have gone wrong?
<ehnde> nevermind, i got it
<ehnde> when i converted the disk to qcow2, virsh saw it as a raw disk
#ubuntu-server 2013-12-21
<QnD> hey all
<QnD> can anyone give me feedback on if "tiger" is a good route to go for a security solution
<QnD> 12.04.3 LTS ^
<sarnold> 12, 15 years back it was awesome.. I don't know if they've kept it up to date well enough over the years or not
<sarnold> a lot of the steps that those 'hardening' kinds of scripts that used to be popular (e.g. bastille) are now just "default configurations" of most services; their utility isn't what they once were
<sarnold> .. and it's not like ~/.rhosts works any more :) hehe
<sarnold> but it might still yet be useful, I haven't looked
<QnD> lol
<QnD> im just looking for something that will give me a heads up... snort was another option
<QnD> i just have transmission-cli/web and ssh running
<sarnold> I think the false positive rate of snort might be more annoying than its worth. but, I can definitely understand the desire to have some kind of status..
<QnD> my previous load had gotten slammed bad
<QnD> yeh i hear ya on snort throwing all sorts of stuff out
<QnD> that was why i kept that as a plan b
<QnD> i dont really care about NIDS... more client side IDS
<sarnold> apparmor profile on transmission wouldn't be out of the question :) I haven't yet seen any bittorent code that I thought looked beautifully well-written.
<QnD> no doubt... i hate upnp aswell... but seeding doesnt seem to like the suggested single port forwarding scheme
<QnD> why upnp is even around with no security is beyond me ?
<QnD> that ptmx exploit being unpatched is a strange issue as well
<QnD> what ever happened to *nix being secure ?
<QnD> any kernel of any OS that is static in nature is an open door to shell code running too well
<QnD> i just refuse to give up on ubuntu :(  ever since redhat sold out i swore i would stay loyal to ubuntu
<QnD> is ssh being exploited at all .... anyone have any input on any 0day issues
<sarnold> last I heard was a post-authentication problem that .. allowed access to user shell. Thankfully sshd's worst problems seem behind it.
<sarnold> my dog is telling me it's time for a walk
<QnD> right on.... priorities.... dogs are alot more loyal then people LoL
<QnD> can anyone tell me if this is normal
<QnD> [22:53:32] Warning: Hidden directory found: /dev/.udev
<QnD> [22:53:32] Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'
<QnD> 12.04.3 server ^
<babinlonston> I My VPS i need to Update the mysql version 5.1 to 5.5 so i need to take backup of my all database's there are totally 12 database's , how can i Backup all database's by single command, And how can i restore it after updating mysql, guide me buddies ..
<QnD> babinlonston what about just rsync
<QnD> or use a partition that is mirrored
<babinlonston> QnD: im talking about Database backup
<QnD> yeh I was figuring on backing up the DB via the actual db files
<QnD> in mysql I am not aware of any commands that will back up everything at once... I only use *sql at a superficial level
<QnD> just figured using a system type backup of the db files may be a solution
<QnD> how can i trace "custom logging function 0x7fb54c021250 registered" <- udev
<phunyguy> quick question, is it possible to have clients "register" with bind, so it stores their name and IP?
<teenox_> Anyone up for a good challenge? I've spent over 30 hours trying to get chromium to run on a remote desktop environment and having no luck.
<teenox_> putting lubuntu on a VPS running ubunutu 12.04 64-bit and tightvnc to vnc to desktop
<teenox_> chromium won't launch, just a quick blink of a pink screen and crashes
<teenox_> when I try to run "chromium-browser" from terminal, i get: Xlib extension âRANDRâ missing on display ":1"
<teenox_> exhausted everything I can come up with, so came here to beg for help ;)
<teenox_> Someone want to take a shot at this one: http://askubuntu.com/questions/393517/lubuntu-why-wont-chromium-to-run
<mgw> How can I prevent a process running with fakeroot from trying to read /root/.ssh (when performing an ssh operation)?
<sarnold> mgw: I assume you more or less want it to use your /home/mgw/.ssh/ instead so that it continues to work as expected?
<mgw> sarnold: correct
<mgw> or perhaps some location otherwise specified
<mgw> but /home/mgw/.ssh would be a big improvement
<mgw> I'm trying to do a pip install within a fakeroot env
<mgw> git+ssh
<mgw> using dh_virtualenv
<mgw> And of course it can neither read nor write /root/.ssh
<sarnold> mgw: just thinking aloud, perhaps you could start a new filesystem namespace (see unshare(1)) and mount --bind /home/mgw/.ssh /root/.ssh
<mgw> hmm, interesting idea
<sarnold> the downside of course is that setting up the filesystem namespace requires root privs -- real root privs :) hehe
<mgw> :-/ that wouldn't work too well then
<mgw> I need to unwrap whatever system call is determining the location of .ssh
<mgw> or else find an environment variable that can override it
<sarnold> mgw: if you can stuff a HOME=/fooo just before that ssh or git command, that might do the job, way easier..
<mgw> I can't, but maybe in front of pip
<mgw> It's being called through subprocess.check_output (python)
<mgw> I did try overriding HOME in env
<sarnold> hrm, no luck there?
<sarnold> I seem to recall that python has several ways to fiddle with environment variables, and one only modifies the current process, the other modifies the environment handed to children... is that right?
<sarnold> sounds a little silly when I write it...
<mgw> I'm not sure
<mgw> trying to figure out how to google that idea
<sarnold> http://docs.python.org/2/library/os.html
<mgw> putenv
<sarnold> I was wrong, it's more that os.environ[] doesn't necessarily reflect the environment if it was modified with putenv() after the os module was loaded. d'oh :)
<mgw> doesn't work
<mgw> Could not create directory '/root/.ssh'.
<sarnold> bah. perhaps it's looking up home via getent
<mgw> it's pip that's oing it
<mgw> the actual lookup
<mgw> or something pip calls
<mgw> I wonder how I could remap getent back to the real one
<mgw> without killing the fakeroot
<mgw> or just 'whoami'
<mgw> $ fakeroot whoami
<mgw> root
<sarnold> if you know it happens in pip you might be able to monkeypatch the methods in python. that sounds less fun though.
<mgw> sarnold: https://github.com/pypa/pip/blob/master/pip/vcs/git.py#L111
<mgw> but pip itself is being called via subprocess, not as a python package
<mgw> or module
<mgw> in dh_virtualenv
<mgw> so monkeypatching isn't an option without rewriting
<sarnold> mgw: okay. that actually makes me relieved. that's a horrible idea. :)
<sarnold> mgw: how about git's GIT_SSH environment variable? that looks promising.
<mgw> sarnold: https://github.com/git/git/blob/6a907786af835ac15962be53f1492f23e044f479/git-gui/lib/sshkey.tcl#L5
<mgw> hmm
<sarnold> tcl???
<sarnold> someone's still writing tcl. go figure.
<mgw> https://github.com/git/git/blob/7794a680e63a2a11b73cb1194653662f2769a792/Documentation/git.txt#L830
<mgw> looks like it points to a binary
<mgw> but I might be able to use that
<mgw> that tcl link is wrong
<sarnold> yeah, but thanks, it was worth a laugh :) hehe
<mgw> sarnold: thanks!
<mgw> https://gist.github.com/mgwilliams/b48fe2baa5d405edb30b
<sarnold> mgw: Hey! that's pretty cool. :)
<sarnold> mgw: thanks for sharing the end result :)
<loostro> hi, i've done sudo apt-get --purge remove apache2 and then sudo apt-get install apache2
<loostro> and it sais the package is installed, but whereis apache2 returns nothing
<loostro> and there is nothing in /etc/apache2, /etc/init.d/apache2 does not exist
<loostro> how do i install apache2 package?
<rbasak> SpamapS: thanks, will do.
<hXm> hello
<hXm> someone alive?
<hXm> i have a dedicated server with various domains, I want to make a smtp service, I also want to receive emails but forwarding them
<hXm> is that possible?
<hXm> or I need create a full imap server
<SpamapS> hXm: IMAP is for downloading email that has been delivered to a mail server.
<SpamapS> hXm: SMTP is used to transport email between servers.
<SpamapS> hXm: you probably want this https://help.ubuntu.com/lts/serverguide/email-services.html
<hXm> yes, I just wanted to receive an email ni my server and forward it to my main@account.com without configure 2 acocunts
<OtherGordo> Hey, I have OpenBSD 5.4 running as a guest under a Ubuntu 12.04 LTS KVM, but am having an issue with virsh shutdown not working / freezing guest.
<OtherGordo> Install steps and details: https://gist.github.com/gordonturner/8069133#file-openbsd-5-4-guest-shutdown-md
<OtherGordo> Any suggestions are welcome.
<RoyK> OtherGordo: guess #openbsd would be appropriate
<OtherGordo> RoyK: I just came from there :-)
<RoyK> OtherGordo: hehe
<lifeless> smoser: ping - around?
<RoyK>  
<Nicekiwi> hey so I'm getting a segmentation fault when I run apt-get update, help?
#ubuntu-server 2013-12-22
<jrwren> Nicekiwi: echo -e "run update\nbt" | gdb apt-get
<jrwren> to get a stack trae and pastebin it
<Nicekiwi> jrwren, seems to be happening intermittently :/
<zkvvoob> Hello! Could someone please help me find why I cannot SEND emails from an email client, while the webmail sending works fine? I have a Ubuntu 12.10 server with Postfix/Dovecot configured.
<airtonix> word of warning. stay away from zentyal. biggest piece of junk ever.
<nadurven> Hello! Could someone please help me find out why I cannot SEND emails from my email client while the webmail sending works? Ubuntu 12.10 server with Postfix/Dovecot
<pmatulis> nad...
<jbruce> I asked this question in ubuntu as well, but I'm trying to setup ubuntu server 13.10 as a diskless server using the DisklessUbuntuHowto guide. Does anyone here have experience with this process? I'm hitting a kernel panic when the system tries to mount the nfs share during boot.
<guntbert> jbruce: no help from me but a question: where is that guide you are referring to?
<jbruce> guntbert: https://help.ubuntu.com/community/DisklessUbuntuHowto
<jbruce> I've now spent about 10-15 hours trying to get this to work and I'm thoroughly pissed haha.
<Patrickdk> I just installed two diskless ubuntu todayt
<Patrickdk> I went iscsi instead of nfs though
#ubuntu-server 2014-12-15
<pmatulis> Vadim_: vim :)
<makara> hi. Snappy discussion here?
<abhishek> I have nfs storage entry in fstab file. will it remount automatically if I restart the nfs service ?
<makara> abhishek: why don't you just try it?
<makara> "The fstab file is read by the mount command, which happens automatically at boot time to determine the overall file system structure, and thereafter when a user executes the mount command to modify that structure."
<abhishek> I know it .. I want to know how nfs service works .. I mean is it read fstab entry during start up ??
<abhishek> this is resolved now ..  I doesn't ... you have to remount nfs partition after nfs start up :)
<makara> Snappy anyone?
<jamespage> makara, #snappy :-)
<makara> thanks
<makara> i'm trying to setup a proxy server in ec2
<makara> i see no snappy images yet so I just used the standard
<makara> i can't connect through the elastic ip
<makara> the security group allows all ports and protocols
<makara> I've done this last year, but today they require creating a VPC
<makara> how can I troubleshoot this?
<adsc> for some reason, i can no longer login using pubkey over ssh
<adsc> i repeat the steps, create a new key, copy key over to authorized_keys on server, try again, no luck
<teward> adsc: is the server configured for ssh key auth being enabled?
<adsc> yeah, it already worked
<adsc> until i did updates today
<adsc> after the updates and reboot because of kernelupdate, it no longer works
<patdk-wk> how many keys do you have configured on your machine your logging in as?
<patdk-wk> each key counts as a login attempt
<patdk-wk> so having too many private keys, till it locates the right one, will not allow logins
<adsc> i can tell you how i set it up
<patdk-wk> what does setup have to do with anything?
<adsc> it's a bit unconventional, because it's basically a shared key
<adsc> i have an account xadmin on the server i want to log in to
<adsc> i run ssh-keygen on this server, not on the local computer
<adsc> i cat the public key into authorized keys of xadmin user on the server
<adsc> then i get the private key onto the client's computer
<adsc> client then logs in with ssh -i keyfile xadmin@server
<lordievader> Good afternoon.
<adsc> this it must have to do with hostname resolution
<NTQ> Hi. Is it possible to use the wheezy-backports in Ubuntu 12.04 LTS Server for upgrading dovecot from version 2.0.19 to 2.2.9?
<avid_fan> How many have upgraded using the "do-release-upgrade"?
<andol> NTQ: If the dependecies line up, probably.
<andol> avid_fan: Do you really expect to get a number? :)
<avid_fan> andol: I see your point. :-) Let me rephrase. Has anyone tried an upgrade using the "do-release-upgrade" command and have it work properly? Does anyone here use this as their first choice when performing an upgrade?
<kasad> aloha guys and well guys, we all know our women stay away from places like this :P
<Pici> uhh...
<kasad> avid_fan: that's something I've been considering for a while, but alas, I have plesk installed and I am afraid it will be very ugly scenario once I do the upgrade
<Pici> kasad: We'd appreciate if you didn't make comments like that here.  There are plenty of men and women here that don't particularly like seeing such comments in this channel.
<adsc> ooh boy, I just found out the cause of my ssh publickey auth problem: encrypted home dir
<kasad> so if you are not in a rush, I will probably find a way to virtualize that server in next 24 hours and can report you results
<adsc> it's actually the first point on the troubleshooting list here: https://help.ubuntu.com/community/SSH/OpenSSH/Keys#Troubleshooting
<kasad> Pici: it was a joke, mostly geared towards my fiancee who is reading what I type
<kasad> I apologize if i offended anyone
<adsc> so if someone else has this problem in the future, just link him there
<adsc> the reason why it worked previously on my end was probably because I had another console open where I was still logged in, and thus the home dir unencrypted
<avid_fan> kasad: No rush. I've just never tried it. I've always started from scratch and migrated whatever I might need from the old. Just curious to know if it's something often used.
<kasad> avid_fan if that is your usual nickname, I can pm you after I perform the upgrade. Need to finish setting up few other things (just moved to new place so everything is in chaos)
<qman__> NTQ: possible? Maybe. Good idea? Most definitely not.
<kasad> and a weird thing happened, since I was moving, and was without net for couple days and my WS doesn't have wifi adapter, and I needed desktop enviroment
<qman__> avid_fan: do-release-upgrade is the supported upgrade method, and I have used it with great success many, many times over the years
<kasad> I installed lubuntu-desktop via apt-get install lubuntu-desktop
<kasad> and now peculiar thing happened, wlan0 became eth1
<NTQ> qman__: The problem is that I want to use dsync to migrate my mails from an external mail server to my own. And it seems that you need 2.1.4+ for this: http://wiki2.dovecot.org/Migration/Dsync
<kasad> and there's no option for configuring wlan (eth1) in gui
<avid_fan> kasad: It is my usual nickname. But don't go through it just for me. I have a possible server, not running anything mission critical, I can try. From the amount of replies, it doesn't sound like an often used approach.
<avid_fan> qman__: Thanks for the feedback.
<kasad> avid_fan: I am doing it anyway, I am currently on 10.04.4 LTS
<qman__> NTQ: if there is not already an ubuntu backport or ppa available, the correct way is to build an ubuntu package yourself
<avid_fan> kasad: Best of luck. :-)
<qman__> NTQ: mixing distro sources is never a good idea
<NTQ> qman__: I know. That's the reason I am here.
<kasad> avid_fan: so as soon as I virtualize this setup (because company I worked for full time, now part time, uses plesk setup, and I managed to mush plesk 9 which doesn't ask for licence and lets you host single domain (so I can host other projects/domains) as subdomains and successfully mirror their production setup
<kasad> but considering that it's plesk  (9.54 to be precise), it will break horribly once I upgrade
<kasad> but first I need to fix this wireless, since I need to setup one dd-wrt, and would like to have net and be able to use the router at the same time
<kasad> anyone got idea how to setup wifi, now that wlan mysteriously turned into eth1
<kasad> and mostly completely ignores me (no configuration options in gui, I tried this: (psl wait sec for paste link)
<qman__> NTQ: you might use https://launchpad.net/~pdiffs/+archive/ubuntu/dovecot-backports
<kasad> http://hastebin.com/owekotureb.hs
<kasad> but nada (192.168.1.1 is dd-wrt), but it doesn't even try to connect
<kasad> now in the meantime I figure that due to nature of dd-wrt I have to have 2 different subnets, but that's beside the point, wlan (eth1) was disconnected
<kasad> anyone with suggestion?
<kasad> any*
<kasad> /s/suggestion/sugesstions
<thebozz> Hi guys, we're having trouble deploying Openstack over MAAS using openstack-install. We're using this tutorial: http://www.ubuntu.com/download/cloud/install-ubuntu-openstack . We're at step 4, and we're getting this output: http://pastebin.com/Byaxct7c
<jhobbs> thebozz: whast your juju status say?
<thebozz> jhobbs: hey, sup? Unfortunately, I can't see it now... my boss decided to reinstall MAAS to document the process up to where we're now. We'll try again later and see what we can find.
<jhobbs> ok
<happyraver1958> Details here:  http://ubuntuforums.org/showthread.php?t=2255175&p=13187916#post13187916
<happyraver1958> anybody here familiar with BIND9?
<happyraver1958> I've been looking for help on this for awhile and it's weird
<happyraver1958> I'm using Ubuntu 14.04.1, BIND9, trying to set up a server with views for both internal and external name resolution
<happyraver1958> but when the server is configured with views and rfc1918 zone file and reverse lookup, it won't respond to DNS queries, but as soon as I remove reverse lookup and rfc1918 zone file, it works just fine
<happyraver1958> anybody has had that problem before?
<sarnold> happyraver1958: it's probably a bad idea to try server example.com yourself
<happyraver1958> well, that's just for privacy, and it's a generic name
<sarnold> ah
<happyraver1958> but my real DNS name is being used in the configuration files
<patdk-wk> there is no config file info
<patdk-wk> nothing in that post
<patdk-wk> except an error
<happyraver1958> which post?
<patdk-wk> Details here:
<patdk-wk> did you post another one?
<happyraver1958> I just clicked on my link and it takes me straight to my post on ubuntu forums
<patdk-wk> yes
<happyraver1958> Post ID is 13187916
<patdk-wk> there is only a single log line there
<happyraver1958> if that helps :)
<patdk-wk> so what help would you like?
<patdk-wk> we don't have access to your server
<happyraver1958> you may have to scroll up to see the rest of the post
<patdk-wk> we cant see the config
<happyraver1958> http://ubuntuforums.org/showthread.php?t=2255175
<patdk-wk> ah, infomation overload
<happyraver1958> try this other one
<happyraver1958> 21st century = information overload... the next step in evolutionary history
<happyraver1958> I've removed the RFC1918 zone file altogether from the configuration to avoid that issue, I may add it later once I figure out why that config file is wrecking my server
<patdk-wk> well, the firs tissue
<patdk-wk> dig, cannot connect to server
<happyraver1958> I've only added my reverse lookup config files
<patdk-wk> that has nothing to do with the problem in bind
<happyraver1958> I may have to re-punch a hole in my firewall for that to work
<patdk-wk> wait, notify?
<patdk-wk> why is it receiving a notify?
<patdk-wk> it's not a slave server
<happyraver1958> it is most certainly not a slave server
<patdk-wk> ya, none of this is making sense
<patdk-wk> so much random info posted
<patdk-wk> and it has all been muged
<happyraver1958> the weird thing is, when I remove the reverse lookup config, it works! which means I'm screwing something up in the reverse lookup configuration to wreck the forward lookup... somehow...
<happyraver1958> I can narrow down any part of the configuration to make things easy, but I'd need to know which parts of the configuration you need to look at
<patdk-wk> well, what is the *current* issue?
<happyraver1958> the same issue as before, my DNS server will not respond to queries when views are being used
<happyraver1958> if I remove reverse lookups, it works, but I need to have reverse lookups configured for my DNS configuration to be complete
<happyraver1958> and have an actual working DNS server, and I don't know why it won't work with the combination of forward lookups and reverse lookups
<happyraver1958> the daemon runs, but it won't respond to queries when views and reverse lookups are active
<happyraver1958> if I remove views, it works just fine with reverse lookups and all, but as soon as I activate views AND reverse lookups, it won't respond to queries
<happyraver1958> I've been at it for weeks now  :(
<zzxc> So I have a question. Where should I put the build directory for our app on a production machine?
<patdk-wk> ideally, you don't build on a production machine, ever
<sarnold> zzxc: if the app runs as a user, the user's homedir seems fair
<happyraver1958> zzxc: If you absolutely have to put the build directory on your production server, you could use /usr/local/bin, it works ok for us and it doesn't interfere with our database or apps
<patdk-wk> happyraver1958, ah, that is your isuse
<patdk-wk> you have bad ordering
<patdk-wk> your { any; }; MUST be last
<happyraver1958> zzxc: and yes, the home directory of the non-root user would be ideal!
<patdk-wk> so when you put something before it, it's screwed up :)
<happyraver1958> my { ANY; } must be last, in which configuration file?
<patdk-wk> like, zone.rfc1918
<patdk-wk> the whole zone.rfc1918 file
<zzxc> patdk-wk: True. Unfortantly we don't have a good system for building the application remotely currently, and we haven't really run into proformance issue for building the app during heavy usage.
<patdk-wk> the reverse-loopup view
<patdk-wk> your internal view MUST be before any less restrictive view
<patdk-wk> zzxc, the issue is, production is assumed to be a vaunerability, risk to hacking
<patdk-wk> so you don't want to build your stuff on it ever
<patdk-wk> but other than that, anywhere you deem fit?
<patdk-wk> probably a users folder, or maybe in /opt
<happyraver1958> patdk-wk: I'm checking it out right now...
<happyraver1958> I ran a named-checkconf and my "view "external" { match-clients { any; }; }; is the very last view in my configuration.  I have reverse lookup first, then Internal, then External, which is the one with the {  any;  }; in match-clients
<zzxc> patdk-wk: Yeah I'm aware of that. I've been trying to get building moved over to a build server running jenkins, but progress on that has been pretty slow.
<happyraver1958> both my reverse lookup and internal zones have match-clients [ 192.168/16; };
<patdk-wk> they all have any except internal
<patdk-wk> view "reverse-lookup"  {
<patdk-wk>     match-clients  {  any;  };
<patdk-wk> view "reverse-addresses" IN  {
<patdk-wk>     match-clients  {  any;  };
<happyraver1958> I've been trying to many things that I've changed that while trying these many things
<patdk-wk> I can only comment on the *current* config I can see
<happyraver1958> nowmy configuration looks like this:  http://pastebin.com/FGeci7Aj
<patdk-wk> you have forward first, but no forwarders?
<happyraver1958> I intend on adding the configuration for that once I get the server to work
<happyraver1958> I've just removed that forward first and it's still the same :(
<happyraver1958> I know I'm missing something somewhere, which may seem intuitive and obvious to somebody else
<patdk-wk> what was the test?
<happyraver1958> from the server itself, I run nslookup host.example.com 192.168.151.25
<happyraver1958> which is the IP address of the server at the end
<happyraver1958> and it will respond with either SERVFAIL or it will resolve the host name and give me the IP address
<happyraver1958> I can most definitely telnet into port 53, I ran that test too to make sure the port is open
<patdk-wk> can you test from a different computer?
<patdk-wk> not sure if localhost is causing an issue
<patdk-wk> or even ipv6
<patdk-wk> with that limited scope
<patdk-wk> and, what happens if you merge those two vies? since they are the same anyways?
<patdk-wk> as I wonder if it sees the first one, and never the second one, cause the first one matched
<happyraver1958> I tested localhost too, I removed it from the configuration and all it does it change the error message from SERVFAIL to no response
<patdk-wk> yes, views are first match serviced
<patdk-wk> and any others WILL be ignored
<patdk-wk> so you can't have all those views
<patdk-wk> ""view clauses are processed in the order in which they appear in the named.conf file. Thus, in the example above the 'badguys' view clause matching condition (any) also satisfies the 'trusted' view matching condition. However, since 'trusted' appears first its matching condition is the first to be satisfied and view matching stops.
<happyraver1958> in that case, the server should respond by matching that view with its corresponding zone file and resolving the host name
<patdk-wk> no
<happyraver1958> because that's what I'm trying to do; yes, I admit, it was by accident that I came up with that order of views
<patdk-wk> the view that matches ONLY has the reverse-dns entries, not the forward
<patdk-wk> so it never sees example.com
<patdk-wk> you need to merge those two views
<happyraver1958> WOW!!  I never thought of that!
<patdk-wk> you can't have overlapping view ip address ranges
<happyraver1958> I'm trying it right now!
<happyraver1958> now the forward lookup works, but not the reverse lookup (sigh)
<happyraver1958> don't get me wrong, I'm very grateful for your insight patdk-wk, THANKS1
<happyraver1958> don't get me wrong, I'm very grateful for your insight patdk-wk, THANKS!
<happyraver1958> I just feel frustrated that it doesn't work the way it should  :(
<patdk-wk> it's bind :)
<patdk-wk> no one knows how it *should* work
<happyraver1958> LOL true
<happyraver1958> I'll be right back
<sarnold> defined by the source :) whatever it does is The Right Way
<happyraver1958> I'll try to exclude with ! the local LAN in all those { any: }; clauses
<happyraver1958> maybe that will prevent the unwanted matches
<keithzg_> Is there a decent tutorial/wiki-page for setting up Dnsmasq for providing DNS on a local network? I see https://help.ubuntu.com/community/Dnsmasq but it references /etc/dnsmasq.conf which doesn't even seem to exist by default these days.
<sarnold> keithzg_: why not a real dns server like pdns or unbound or knot or djbdns or bind?
<patdk-wk> unbound is not a dns server
 * patdk-wk is confused though
<keithzg> sarnold: well, I suppose I could look into those, it's mostly because in my own personal life I've always just had dnsmasq running on my home routers and it's been perfectly fine. Meanwhile the crazy djbdns+bind setup at my work here is causing nothing but problems, and djbdns is . . . not user friendly
<patdk-wk> is he talking server or recursive?
<keithzg> patdk-wk: Just internal, for resolving local names.
<patdk-wk> that didn't answer anything
<patdk-wk> is it *answering* questions? or is it *looking* up answers from other locations?
<keithzg> Well I'm not going to claim I understand 100% what I'm talking about.
<sarnold> patdk-wk: ah, thanks
<keithzg> patdk-wk: ah, I see what you mean (I think). Answering.
<patdk-wk> then your looking at pdns, nsd, bind, ...
<patdk-wk> dnsmasq can do it, but it's very limited i nthat fasion
<keithzg> Fair enough. I've just been beating my head against the djbdns setup that's existing right now (and where reverse lookups are completely failing, causing all sorts of havoc) and I'm looking to test a replacement that's as simple as possible.
<sarnold> keithzg: I'm just routinely impressed at how many "newly discovered" dns implementation flaws don't affect djbdns over the last decade..
<patdk-wk> well, he was one to *overcode* things
<patdk-wk> it has been a long time since I looked at the code
<patdk-wk> but problem these days is, no one does input/type checking
<sarnold> djb code isn't really meant to be -read-, I think...
<keithzg> Oh, it does seem extremely secure. The guy was probably a genius in that respect. Unfortunately, he seriously *underdocumented* :P
<patdk-wk> djb is known to all that use the internet :)
<patdk-wk> you cant avoid his talks :)
 * patdk-wk wonders off to add dnscurve support, so djb can talk to my dns servers :)
<keithzg> At least on the server where we have djbdns installed, the tools don't even come with man pages or usage (--help does nothing; djb only helps those that help themselves, I suppose :P)
<mgw> i'm trying to get dnsmasq+resolvconf+static ip working in a somewhat non-traditional way
<mgw> I thought I had this working before, but it's not now
<mgw> specifically, the resolvconf 'base' file is not getting applied to /var/run/dnsmasq/resolv.conf
<keithzg> I've been getting SERVFAIL replies on reverse lookups, and the best documentation I've found for it is someone who read the code and figured out that many different errors are reported the same ( http://www.dqd.com/~mayoff/notes/djbdns/dnscache-log.html#servfail ) so . . . sigh.
<mgw> i don't want to put my dns in /etc/network/interfaces, as I'd like to be able to update dns without bouncing the interface
<patdk-wk> well, dns doesn't exactly have error messages
<patdk-wk> mgw, don't use resolvconf?
<mgw> patdk-wk: yeah, maybe that's the best idea
<mgw> since it's not doing anything really anyway
<mgw> now that I've eliminated dhcp
<keithzg> patdk-wk: fair enough, but I would've hoped the log file for the service itself would. But it isn't any more verbose than the response messages are, just "servfail 206.186.1.10.in-addr.arpa. input/output error" and such.
 * keithzg is a bit clueless about all this anyways; without any verbose logs to go on it's rather fruitless
<mgw> patdk-wk: so if i'm using dnsmasq as a local caching resolver, what would be the logical place for my upstream dns resolv.conf?
<mgw> resolvconf puts it in /var/run/dnsmasq, but that seems to be an odd place to put it manually
<thebozz> jhobbs: after a full reinstall we got to the same step and it failed in the same way. I tried running `juju status`, and got 'environment "" not found'.
<avid_fan> keithzg: Read your back-and-forth with patdk-wk. Are you trying to use DJB dnscache to resolve internal hosts? And those internal DNS zones, they're on a BIND server?
<allen> I changed a directory to be "777" (/var/www/html/mywordpress)
<allen> and have restarted apache, but the website says that i don't have permission to access?
<allen> 403
<allen> actually, not 403, but Forbidden nonetheless, sorry.
<teward> 403 / Forbidden are identical
<teward> but using 777 is, of course, a sign of failing, security wise
<teward> allen: change the directory's owner and group to www-data (or root:www-data, but probably www-data:www-data) with `sudo chown1
<teward> `sudo chown`  *
<allen> teward, thank you for your help
<WhiteIntel_> my server stopps during boot at "stopping userspace bootsplash" (12.04) any idea?
<patdk-wk> ya, something after that is having an issue
<WhiteIntel_> yes but what^^
#ubuntu-server 2014-12-16
<nilesh> Hello, what is the proper method to allow tcpdump in apparmor when it is in enforcing mode?
<nilesh> I tried aa-genprof, but that doesn't work. I'm still getting permission denied when it goes back in enforcing mode.
<jjohansen> nilesh: what does the DENIED message in the logs look like?
<jjohansen>   grep DENIED /var/log/syslog
<jjohansen> or
<jjohansen>   dmesg | grep DENIED
<nilesh> jjohansen: it's denying all kinds of sockets
<nilesh> and this happens for mysqld, tcpdump, dhclient
<nilesh> currently I've put all of them in complain mode
<nilesh> even checked apparmor_parser, and the final profile file does contain the relevant declarations (net_raw, inet, etc)
<jjohansen> nilesh: right but what are the messages, can you pastebin them? I could then tell you what rules you need to add
<nilesh> one second
<nilesh> jjohansen: here https://gist.github.com/anonymous/17aed11fde3276b44449
<jjohansen> nilesh: what release are you running? And did you replace the profile?
<jjohansen> The profile looks like it has the necessary rules
<nilesh> it's natty with 3.2 kernel... (this is used for some custom software, so we are unable to upgrade to a supported ubuntu version right now)
<nilesh> the work is in progress
<jjohansen> nilesh: okay, so this seems to be familiar, I'll see if I can dig up a bug.
 * nilesh fingers crossed
<jjohansen> nilesh: hrmm, I didn't find it, would you be willing to try a newer compiler?
<jjohansen> nilesh: actually just try
<jjohansen>   sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.tcpdump
<jjohansen> first and check that the profile was properly reloaded
<jjohansen> nilesh: okay its looking like I can't build a natty package in the ppa anymore, I will have to see if I can't setup locally to do it
<jjohansen> nilesh: the other thing you could paste me is the output of
<jjohansen> apparmor_parser -QT -S /etc/apparmor.d/usr.sbin.tcpdump | hexdump -C
<jjohansen> nilesh: I am going to step away for a few hours and will look at this more when I get back
<nilesh> jjohansen: https://nileshgr.com/tcpdump_apparmor_hexdump
<lordievader> Good morning
<jamespage> jodh, morning
<jodh> jamespage: hi!
<jamespage> jodh, so.... is doko the only foundations team person who deals with python? I have a core language problem I need resolving in 12.04
<jamespage> but I'm not 100% comfortable doing the update myself
<jamespage> https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1081022
<uvirtbot> Launchpad bug 1081022 in python2.7 "logging.SysLogHandler doesn't close UNIX socket when connection failed" [Undecided,Fix released]
<jodh> jamespage: not just doko - we have barry of course. But he's on vac now.
<jamespage> hmm I can't find doko on irc either
<jodh> jamespage: I think doko should be around later. If not, then slangasek/stgraber might be the best bet.
<jamespage> jodh, ack - I'll ping doko later
<jamespage> I'm happy todo the SRU - just wanted a expert review of my patch pre-upload
<Odd_Bloke> Am I right in thinking that the ordering of dependencies in /etc/init.d/.depend.* isn't significant (i.e. a: b c is equivalent to a: c b)?
<qis> Hi! Would you suggest using the ubuntu LTS server image as a workstation base to get rid of ubuntu-specific GUI applications?
<qis> For Android and Chromium development.
<qis> Or rather the desktop version and manually uninstall all unrequired software?
<lordievader> qis: I'd use the server iso or the mini iso, indeed.
<qis> lordievader: Thanks.
<qis> I'll go with the server iso since I need a postgresql database anyway.
<jadesoturi> hi all. im in a process of purchasing a new hp proliant dl380p server, and hp is pushing me to get a HP 512MB P-series Smart Array Flash Backed Write Cache for caching most accessed files from the raid array on to the OS ssd. is there a software/free way of doing this without loosing much performance?
<jadesoturi> from what i understand, its possible to achieve this using LVM with 1 vg and 2 lvs - 1 for "slow" raid and 1 for the SSD raid array...
<jadesoturi> but is it as good as using the smart array option=
<sheptard> jadesoturi: zfs + l2arc on ssd
<jadesoturi> sheptard, ok. zfs as filesystem for the OS then ?
<jadesoturi> have to googel l2arc. :P heh e
<sheptard> it's the caching part of zfs
<jadesoturi> ok. and this would give me the same results as using that smart cache controller?
<sheptard> well
<jadesoturi> and i am still able to use LVM  ?
<sheptard> if you want something simple that just works, go with what you were thinking and the 'smart' cache controller
<jadesoturi> cause im thinking of setting up a encrypted LVM on top of the raid(will be handeled by the built in raid controller)
<jadesoturi> ok.. l2arc is complicated setup ?
<sheptard> zfs is different
<sheptard> l2arc is part of zfs
<sheptard> I'd just go your route
<sheptard> and haggle HP down on the price of the controller
<jadesoturi> ok. never used ZFS, so know little about it.. :)
<jadesoturi> this is a "Barebone" server that we will be expanding later on. but performance is crucial, so if a little more work gets me the extra horsepower im willing to do it.:P hehe
<sheptard> if performance is critical, why are you encrypting
<Lightsword> Iâm trying to use ubuntu-server as a proxy with iptables, Iâm using these rules but it doesnât seem to be working https://gist.github.com/jameshilliard/45d4bcf840533116bf07
<jadesoturi> well, as i understand, that does not affect performance, since its decrypted on boot, or does it actually encrypt all the time. safety is important since it will be handling personal client information..
<Eggs_> jadesoturi: you dont really want to use any raid card with ZFS as it messes with it, so i suggest using the cache, though the 512MB seems very small
<jadesoturi> yeah, thats why i wanted to use a part of the os ssd for that instead..
<jadesoturi> Eggs_, so software raid would be better then ?
<sheptard> jadesoturi: if you're going to spend all that money on a hw raid controller, might as well use it as a hw raid controller
<jadesoturi> well. the HW raid controller is part of the proliant dl380p chassie.. so cant really opt out it, but i can choose not to use it if l2arc is safer/better..
<Eggs_> jadesoturi: with the raid controller you will have more headaches than its worth on ZFS
<jadesoturi> that smart array cache is just an addon..
<jadesoturi> Eggs_, ok..
<sheptard> jadesoturi: does it have battery backup at least?
<jadesoturi> so how does one secury one self from drive failure on ZFS ?
<jadesoturi> sheptard, the smart array controller or the built in raid controller?
<mardraum> can't you set the controller to JBOD?
<jadesoturi> mardraum, dont have it in hand yet, so not sure, but most likely..
<mardraum> jadesoturi: you choose a raid level you are comfortable with in terms of redundancy
<Eggs_> jadesoturi: ZFS is designed to be used with direct access to the disks for fault tollerance, you `scrub` the disks and it checks the checksums against a table and corrects any bit rot
<White_Cat> is there a mail server that I can use with ubuntu-server. I was looking at postfix but that requires creation of ubuntu accounts per each email account. I'd rather keep the two seperate
<jadesoturi> ok. so what happens when a drive fails then? dataloss? how is redundancy handeled?
<maswan> the hp raid "flash-backed" raid controller is a raid controller with 512MB write-back RAM cache
<maswan> the flash comes in as the fallback when power is lost, then it gets flushed to flash
<maswan> (only need small caps instead of the big batteries of old raid controllers with write-back cache)
<maswan> it is not accessable as a disk from the OS for zil or so
<jadesoturi> ok.. thanks for the info:) so the "caching part is handeled by the raid controller then, without ubuntu ever knowing about it then?
<jadesoturi> i just want a safe and redundant solution wthout having to cash out all of my money.
<Eggs_> jadesoturi: you can set drives as hotswappable,  if a drive fails the new one picks up, or you can manullly replace the drive without rebooting, very similar to what raid controller does but its all software based
<jadesoturi> ok.. so it is a software raid with a different name then:) ehhe
<jadesoturi> how many drives can fail before there will be dataloss?
<mardraum> jadesoturi: the reality is though, since you are ponying up the cash for a decent server, it does have decent hardware RAID
<mardraum> jadesoturi: depends on your RAID level, every time
<mardraum> and this is coming from a big ZFS guy (me, though not on ubuntu).
<Eggs_> jadesoturi: you can set up RAID5,6,10 etc
<Eggs_> jadesoturi: i use ZFS as a large store, 20TB
<sheptard> ~140'ish TB here
<jadesoturi> ok. let me get this straight.. if i use ZFS, then i should NOT use the built in raid, but use software raid instead? (ref. your comment about ZFS being picky with hw raid)? is this correct?
<mardraum> jadesoturi: ZFS is your entire RAID solution, you present the disks to it as JBOD
<jadesoturi> we are going for raid 6 to begin with, and over to raid 60 later, as it has better write performance( just cant afford all the drives to begin with).. starting with 3tb and the plan is to extend to 15TB by q3 2015..
<mardraum> you don't sound like you know much about this or are willing to research (no offense). If you don't want to get fired, go with the HP RAID, which is perfectly good.
<jadesoturi> mardraum, thanks you, exactly what i was wondering about..
<jadesoturi> well. i know enough about raid, nut not zfs,, got a little confused here..
<mardraum> I would suggest get this into production and in your spare time play with ZFS and understand it more
<jadesoturi> and i am willing to do the research, this being part of it.. always best to talk to people who deal with it on a regular basis, isnt it?
<Eggs_> jadesoturi: zfs has only recently become native to linux, it used to be fuse and its much better now, its defintatly worth a test
<jadesoturi> most likely is what im gonna do - start off with hd raid and lvm cache, and move one to ZFS once i know more about it.. :)
<jadesoturi> Eggs_, i will play with it a little and see. thank you so much for the help.. just one last question: the LVM cache feature - anyone used it or have any performance info on it? tried google but cant seem to find much in terms of comparison.
<Eggs_> jadesoturi: i guess any kind of caching system depends entirly on the data your accessing, what is it used for?
<jadesoturi> document archive with php processing, pdfs, docx, jpegs etc..
<jadesoturi> i know i can use dmcache, bcache etc also, but not sure witch one is best suited for the setup we are doing here..
<jadesoturi> anyways. thank you for great answers.. gonne stick around in here:) but have to run to a meeting.. be back later to bug you guys some more if its ok ;)
<jadesoturi> checked up on it, the built in controller does not support JBOD, solution is single raid0 drives, but that does really work in the long run... looks like raid+lvm it is untill i get a LSI sas controller and learn zfs some more,, shame.. i liked what i read about it...
<qis> Is there a guide how to install cloud9 on a local ubuntu 14.04 server?
<qis> Yes, I tried googling for it. A lot of noise!
<qis> Hmm, I'll just make a VM snapshot and try the instructions on https://github.com/ajaxorg/cloud9/
<daviiiddddddd> hi
<daviiiddddddd> someone can help me plz?
<daviiiddddddd> i've reinstalled dhcp-server, but /etc/dhcp is empty.
<daviiiddddddd> i need to configure dhcp.conf in order to customize my net
<daviiiddddddd> but folder is empty :(
<daviiiddddddd> noone can help me?
<jadesoturi> http://ubuntuserverguide.com/2012/06/how-install-dhcp-server-on-ubuntu-server.html
<qis> Is there a real ubuntu documentation?
<qis> Like FreeBSDs handbook.
<qis> Or can I just use the debian documentation for server configuration and management?
<qis> At least the pre-systemd one.
<Eggs_> qis: i dont think so, ubuntu messes with the networking a lot so its not going to be the same as debian
<Eggs_> qis: but i dont really know more than that sorry
<qis> Ok.
<jadesoturi> qis, if you have allready checked the documentation on help.ubuntu.com then forums/google is your best bet i guess
<qis> jadesoturi: Forums have a long response time. Google and forum search usually return a lot of noise in form of outdated or inept answers.
<jadesoturi> valid point.. but guess thats the reality of the internets now-a-days.
<zul> jamespage:  https://bugs.launchpad.net/cinder/+bug/1403068
<uvirtbot> Launchpad bug 1403068 in cinder "Tests fail with python 2.7.9" [Undecided,New]
<jamespage> \o/
<zul> jamespage:  same with neutron
<jadesoturi> what filesystem would you recommend for a relativly large raid6+lvm setup ? 3-4tb to begin with and will be growing uo to 15-20tb during the next year. files are mostly pictures and docx/pds with normal size.
<jadesoturi> im thinking btrfs or XFS, (ZFS will be considered later, not supported on current hardware due to lack of JBOD) or will a regualar ext4 do ?
 * patdk-wk just uses ext4
<patdk-wk> due to lack of xfs knowledge
<patdk-wk> I have ran ext4 systems upto 26tb
<patdk-wk> btrfs, heh, has not been good to me
<jadesoturi> hehe ok:) isnt the limit 16TB on ext4 ?
<patdk-wk> many years ago
<jadesoturi> okok..
<jadesoturi> well iknow btrfs might be a little unsafe, but supposted to perform very nice, right? and is heading to replace ext4 as the "main" fs in distros?
<patdk-wk> that can be very much debated :)
<patdk-wk> sure every thing someone makes they would love to be the default
<jadesoturi> thing is every file that will be written will first be preprocessed in php, do this might be a bit CPU intensive need a FS that is not so resource hungry, but still able to perform nicely:)
<patdk-wk> but the btrfs teams priories are not inline with that goal :)
<jadesoturi> eheh that is true, just read some noise on the internets about it..
<patdk-wk> yes, they dream about that
<patdk-wk> but they fail to *do the dirty work* to make btrfs usable enough for that goal
<patdk-wk> and instead put effort into pretty things
<jadesoturi> ok. so what you are saying is that btrfs is a nogo in a production system ?
<patdk-wk> personally? use btrfs on data you don't care about
<jadesoturi> that leaves xfs and ext4 - where xfs is the best thing for big files, but how does it go with files from 1 to maybe 25mb ?
<jadesoturi> cause thats the regular size of the files for that server..
<patdk-wk> why is xfs best for big files?
<patdk-wk> last benchmark I did, ext4 and xfs for large files where the same
<jadesoturi> apperntly redhat did some test etc and measured very nice performance on 200mb+ filesizes..
<patdk-wk> except when deleting LOTS of LARGE files, xfs would be craploads faster
<patdk-wk> but ext4, heh, most of that was fixed
<jadesoturi> hmm ok. so from what you are saying, not much to gain from xfs ?
<patdk-wk> there are gains with xfs
<patdk-wk> but there are issues too
<patdk-wk> so you have to pick what your willing to deal with
<patdk-wk> for me, it's lack of knowledge to fix it, when it goes wrong
<jhobbs> rbasak: howdy
<ppetraki> xfs plays better with raid
<jadesoturi> ppetraki, really ? this will be a raid6/60 setup with lvm on top and ssds in raid 1 for the os...
<jhobbs> rbasak: know much cloud-init? got any ideas what's going on here? https://bugs.launchpad.net/maas/+bug/1402861
<uvirtbot> Launchpad bug 1402861 in maas "cloud-config-url ignored, install fails" [Undecided,New]
<jhobbs> rbasak: i think cloud-init is timing out trying to reach cloud-config-url and is silently failing, but i'm not sure how to prove it
<ppetraki> jadesoturi, https://raid.wiki.kernel.org/index.php/RAID_setup#XFS
<jadesoturi> thank you. ill have a look :)
<ppetraki> you'll want a wide stripe, like 256K.. and your SSDs, you should over provision them by 20% to give the garbage collector headroom e.g. only allocate 80% of the disk
<jadesoturi> ok... this will be a hw raid, using the builtin p420i smart array controller from hp... but should i also use the xfs on the os drives? these drives will just run the os and be used for caching from the raid array.
<ppetraki> jadesoturi, that would come down to preference, ext4 would be fine for OS.
<ppetraki> jadesoturi, you should also just test it with fio, see how the array behaves wrt that filesystem
<ppetraki> jadesoturi, RAID60 is a little overkill IMHO, customers tend to put off spare replacements...
<jadesoturi> well. my boss wants safety, so this gives him 2 drives fail before shit goes down... and this being a big array and all..
<jadesoturi> also, i read it has better write performance then raid 6
<patdk-wk> what size disks?
<ppetraki> jadesoturi, you could install a cache to get better read performance
<jadesoturi> 900gb SAS 10k drives..
<ppetraki> jadesoturi, like rapid disk
<jadesoturi> ppetraki, im going to go for lvm caching to the ssd drives..
<jadesoturi> hp wants me to buy smart cache though.. but its so pricy..
<jadesoturi> what is rapid disk ?
<patdk-wk> what are you optimizing for?
<patdk-wk> writes? reads?
<patdk-wk> and what kinds of writes/reads do you have?
<patdk-wk> and what size is your working set?
<jadesoturi> well. preferebly both...
<patdk-wk> you can't have both :)
<ppetraki> jadesoturi, http://www.rapiddisk.org/
<patdk-wk> unless both are equal, then it's not optimized :)
<jadesoturi> hehe. appertly zfs has both if i understand it correctly, but thats another story..
<ppetraki> jadesoturi, it's a writethrough mem cache, so all your reads will come from memory
<patdk-wk> normally, I only ever optimize for writes, as my servers only do writes
<patdk-wk> reads are all cached in ram
<patdk-wk> zfs optimizes HEAVY on writes
<ppetraki> jadesoturi, so... you won't need the 0 in RAID 60
<patdk-wk> and causes read hell
<patdk-wk> this is why zfs needs lots of ram
 * ppetraki can't stand zfs, can't wait to get a new hd in laptop to give it the boot
 * ppetraki correction btrfs :)
 * patdk-wk hugs his zfs systems
<jadesoturi> hehe so split opinions on this matter:P
<ppetraki> I'm sure it works, btrfs, not so much
<patdk-wk> well, the issue with zfs, and btrfs, is it optimizes writes, cause it's cow
<patdk-wk> so all writes are APPENDED to the end of the disk
<patdk-wk> nice stream writes, from your random writes
<patdk-wk> so it's fast
<jadesoturi> well. the system will be running a php/mysql web app where users will be uploading files(mostly jpegs and some pdfs) and doing some revieing of this files and editing the db.. so i guess we need to optimize for writes..
<patdk-wk> the problem is, when you read that data back in, it becomes purely random reads
<patdk-wk> this will cause HUGE performance issues, if you attempt to do a *streaming read* backup job
<ppetraki> jadesoturi, so back to parity, yeah, RAID5/6 whatever, just make sure you actually have hotspares. RAID 0+ anything increases your liability because if you lose a member, your data is gone. With the failure rate of drives these days it's easy to lose both your parity drives in RAID6 in the span of a few days
<jadesoturi> hmm ok. so you saying go for raid6 instead of 60 ? also, still better to have 2 drive failover then 1.....
<patdk-wk> you should never use raid5 :)
<jadesoturi> yeah. sort of got that - got a long as email from dell the other day where they officially recommended to move away from raid5 .. lol
<ppetraki> raid6 + several hot spares + read cache like rapiddisk or equiv
<ppetraki> and test test test with fio :)
<jadesoturi> ok. can i use lvm cache(dmcache) instead of rapiddisk ? since rapiddisk cache to dram right? and we are a little low on our specs to start with..
<patdk-wk> I dunno about hotspares
<patdk-wk> it's better to make them a parity disk than a spare if you can
<patdk-wk> so if you went raid6 + 3 spare, I would do raid60 +1spare instead
<ppetraki> sure you can use the lvm version. Though you might want to add more RAM, especially if you're using SSDs. it's cheaper than NAND flash that's for sure and last longer :)
<patdk-wk> only lasts as long as the power does :)
<jadesoturi> well. we will be starting with 6 drives, need 4 to build the array,, so 2 can go for spare...  power is on UPS and emergency generator, we are strting with 32gb and planing to up it to 128 during next year..
<ppetraki> well, I just assume people have the power thing figured out by now...
<jadesoturi> ppetraki, you were talking about raid0+ something being not safe as if you loose a member your out of luck, but isnt thats why raid60 is nice? cause it adds that "safety" option..
<jadesoturi> allowing for 2 drives to fail before your out of luck ?
<jadesoturi> anyways.. got to run now, be back tomorrow or later tonight. cots to catch that bus. thanks for great insight guys:) i think we will go for XFS on the raid array and ext4 on the OS drives with raid6 to start with and then move on to 60 once we get some more drives inside:)
<ppetraki> jadesoturi, *if* you keep up the RAID6 yeah, it works. but memory is cheaper than disk and you're not caching the world
<patdk-wk> ppetraki, your forgetting about a huge issue though
<patdk-wk> one large raid6 is fine and good
 * ppetraki little distracted by work
<patdk-wk> except when 1 disk is bad
<patdk-wk> then your performance goes down to 20% what it was
<patdk-wk> till the rebuild completes
<ppetraki> patdk-wk, that's what hotspares are for
<patdk-wk> no
<patdk-wk> it has to rebuild
<patdk-wk> TILL it is rebuilt, your screwed
<ppetraki> well, sure, it took a fault
<patdk-wk> doing a raid60, will mitigate that, only 70%
<ppetraki> it's all about context and the availability of the application, if you need something that's nonstop then buy an equalogic
<patdk-wk> cause half of it, is stil lfull speed
<ppetraki> sure, with twice the disks
<ppetraki> SSDs aren't cheap
<patdk-wk> equalogic?
<ppetraki> you have a valid point
<patdk-wk> ours kept going down, about 3times a year, they are cold storage mode now, we don't even power them up anymore
<patdk-wk> anything that needs good reliability and speed we put onto pure systems
<patdk-wk> 3years now, and 0 failures from over a dozen of those
<ppetraki> I don't know what's up with your deployment. I work with a storage dev formally from EQL so that sort of uptime comes as a surprise to me
<patdk-wk> or well, several failures, but nothing service impacting, and rarely performance impacting
<patdk-wk> it was just a unit connecting via 8g fc, to a vmware cluster
<patdk-wk> just had problem after problem after problem
<patdk-wk> or rather, it worked fine, till stressed, then would fall over
<ppetraki> I don't doubt your experience, it just strikes me as odd.
<patdk-wk> the whole thing seemed odd, have some others without issues
<patdk-wk> but they never get stressed
<patdk-wk> and the unit that was having issues, without production data now, runs fine
<patdk-wk> but distrust has been built
<ppetraki> it is odd, usually they work hard to rectify stuff like that
<rbasak> jhobbs: sorry, otp since you pinged
<diegoholiveira> guys, i wrote a upstart script and when I call it with sudo service my-service start it does not back to prompt, it keeps running forever. How can i made it back to prompt?
<sheptard> &
<diegoholiveira> i try it without success :(
<diegoholiveira> i also try to use nohup with &
<HellMind> my pptp client is adding a route rule before it connects, how can I disable that feature
<bekks> HellMind: Most likely it add the route after it connects, doesnt it?
<HellMind> bekks: no, thats the default route, before it adds some route to not loss connectivity to the server, here is an example: 190.210.182.172 dev lo  scope link  src 192.168.0.1
<HellMind> 190.210.182.172 is the pptp server, 192.168.0.1 is the client box ip,
<bekks> A route using the loopback interface?!
<HellMind> yes, it seems if for avoid using the new defaultroute to connect to the pptp server
<HellMind> ugly but it does that
<bekks> HellMind: Could you pastebin netstat -rn please?
<HellMind> http://pastebin.com/uLRiQznM
<HellMind> bekks
<bekks> HellMind: You are using xen as well.
<HellMind> yes
<bekks> HellMind: And that route you are talking about is a host route, not a defaultroute.
<HellMind> yep, the pptp server ip
<HellMind> when I do pon thatpptp it adds it
<HellMind> if I remove it it got added again
<bekks> But thats no defaultroute.
<HellMind> isnt added using ip.up ip.down cuz it never executes those
<HellMind> the default route is  192.168.0.1 which is the same ip as the server
<HellMind> I use ip rule (marks) to choose routes
<bekks> But you dont have a defaultroute, no matter which tool you use.
<HellMind> Which?
<bekks> ?
<redfox> Hi, i've a problem with apt.-get on kernel  ... someoune could "save me"?
<redfox>  linux-generic : Depends: linux-headers-generic (= 3.2.0.69.82) but 3.2.0.74.88 is to be installed
<sarnold> redfox: perhaps your mirror has an inconsistent set of packages; it'd be a little bit of work to add new servers for e.g. germany-based servers, but it is likely to let you continue
<redfox> there was an error on /boot partition, was too little, so I deleted old kernel (not the one that is "incriminated")
<redfox> I made autoremove options and after made so
<redfox> sarnold: what do you mean?
<sarnold> redfox: well, your /etc/apt/sources.list will probably include something like it.archive.ubuntu.com, right? if you add similar lines for de.archive.ubuntu.com, you'll download package lists from two mirror networks, and there's a good chance the other mirror will be updated by now
<sarnold> redfox: ... hmm, is the real problem that you're out of drive space to install them? I thought it gave different errors for that..
<kevindf> Does a bind9 dns server use alot of hardware resources on a network with ~ 3 pc's
<kevindf> Just to set up some A records on my network
<kevindf> for*
<redfox> sarnold: I made the change on source, without success, the errors are: dpkg: dependency problems prevent configuration of linux-generic:
<redfox>  linux-generic depends on linux-image-generic (= 3.2.0.69.82); however:
<redfox>   Package linux-image-generic is not configured yet.
<redfox>  linux-generic depends on linux-headers-generic (= 3.2.0.69.82); however:
<redfox>   Version of linux-headers-generic on system is 3.2.0.74.88.
<sarnold> redfox: did you re-run apt-get update  first?
<redfox> sure
<sarnold> kevindf: feel free to use the weakest, oldest machine you own for that job
<sarnold> redfox: hmm. maybe you've got worse problems then :/
<redfox> I know ....  any suggest to reinstall old modules ?
<sarnold> redfox: how much free space do you have on /boot ?
<kevindf> sarnold: That's kind of the problem :) I'm using weak old machines, one of them is running a Zabbix, webmin, apache, mysql server and other one apache, teamspeak, openvpn server
<redfox>   236M  187M   37M  84% /boot
<redfox> df
<kevindf> i wonder if i could add a dns server up to that on one of the servers
<redfox> sarnold: this is output on apt-get dist-upgrade
<redfox> The following packages have unmet dependencies.
<redfox>  linux-generic : Depends: linux-headers-generic (= 3.2.0.69.82) but 3.2.0.74.88 is installed
<redfox>  linux-image-generic : Depends: linux-image-3.2.0-69-generic but it is not installed
<sarnold> redfox: yeah, cleaning some older kernels might help; you can apt-get purge linux-headers-generic and linux-generic, apt-get purge older kernels, then apt-get install linux-generic and linux-headers-generic again (to make sure you keep getting security updates)
<redfox> sarnold: the problem is that apt-get before want to solve conflict
<sarnold> redfox: that's why I like to remove the packages that introduce the specific version requirements..
<redfox> any ideas?
<sarnold> redfox: any luck with apt-get purge linux-generic linux-headers-generic  ?
<redfox> sarnold no it wants to install before linux eneric .. .that has unmet dependance
<genii> That might be painful if you don't reinstall linux-image-generic immediately again afterwards
<sarnold> genii: indeed, that's the last bit of advice from earlier :) hehe
<redfox> it don't want to install
<redfox> there's a way to "tell" to ignore the depends?
<redfox> only for this 2 package for now?
<sarnold> redfox: not easily; purging packages until apt is content with its database is often the easiest way out
<redfox> but I can't purge it
<redfox> apt-get purge linux.... can't execute before it don't solve the pgrade problems
<sarnold> redfox: can you pastebin the results from the most recent apt-get purge linux-generic linux-headers-generic  attempt?
<redfox> http://pastebin.com/jq7qDY5E
<redfox> this is apt-get -f install
<redfox> http://pastebin.com/WHWYC0ve
<sarnold> redfox: okay, now try this: apt-get purge linux-generic linux-headers-generic linux-image-generic
<sarnold> redfox: it'll probably throw another error message..
<redfox> NO ERROR
<redfox> now I'll reinstall it?
<redfox> apt-get install  linux-generic linux-headers-generic linux-image-generic
<redfox> sarnold you save my life :)
<sarnold> redfox: now check out dpkg -l 'linux*' | grep ii   -- prune that list as needed
<redfox> sarnold: what you mean?
<sarnold> redfox: chances are good you've got four to six kernels installed; I suggest deleting all but two kernels. keep the kernel you're running, keep the newest kernel, and if they're the same, keep one more :)
<redfox> sarnold: http://pastebin.com/aCHtqUcQ
<sarnold> redfox: and what does uname -r   show?
<redfox> 3.2.0-37-generic
<redfox> I didnt reboot
<sarnold> it's been a while, hehe :)
<redfox> yes
<redfox> sarnold: so I can do easily: apt-get remove linux-headers-3.2.0-68 linux-headers-3.2.0-68-generic  linux-image-3.2.0-68-generic
<sarnold> redfox: yeah, and keep going; I think this ought to do what you want: http://paste.ubuntu.com/9544128/
<redfox> sarnold: Wonderful, now I have only 2 kerner. 74 last and 37. should I reboot and purge 37 too?
<sarnold> redfox: not yet
<sarnold> redfox: reinstall the metapackages, first, apt-get install  linux-generic linux-headers-generic linux-image-generic
<redfox> for all say  ....  is already the newest version.
<sarnold> redfox: okay, I -think- you're put back together again :)
<redfox> fiuuu let's try to reboot?
<sarnold> redfox: don't delete the -37 right away, though, it's served you well lately, you might as well hold on to it while testing the -74  :)
<redfox> sarnold: ok so reboot? or there are other check that you want me to do .. to be sure
<genii> It's always good to keep at least one other previous working kernel around
<sarnold> redfox: I think you're good for rebooting
<redfox> I'm doing
<redfox> sarnold: WOW i'ts up
<sarnold> redfox: :D
<redfox> and the kernel is the last
<sarnold> redfox: you might want to take the german mirrors back out of your apt sources, maybe just comment them out; you ddon't really need to download all the lists twice, and out-of-sync mirrors doesn't happen all that often
<adsf_> bitfury: test
<redfox> sarnold: yeah I put back the original mirror list ... I must thank you .... you save me :)
<sarnold> redfox: great :) have fun!
<adsf_> bitfury: test
#ubuntu-server 2014-12-17
<devilspgd> n00b bash question. I want to umount the path where a shell script lives, can it copy itself to a temporary location and run from there?
<devilspgd> Or more specifically, how do I make the copy from the original location terminate immediately?
<devilspgd> I thought throwing a "&" on the end of the call to temp script might work, but it still holds a lock on the original script in the child.
<sarnold> devilspgd: the 'exec' builtin might be what you need, it replaces the current process with a new process -- which could be /tmp/path/to/copied/shellscript.sh  or simimlar
<devilspgd> That sounds like exactly the one, thanks.
<devilspgd> Works like a charm, thanks. I knew I read something somewhere at one point, but I couldn't think of it at the time.
<sarnold> nice :)
<LarsN> would this be the right place to ask about the Orange-Box?
<LarsN> I have one, and just need to be pointed at some proper documentation on the best way to interact with Juju and Maas
<nilesh> jjohansen: found anything?
<jjohansen> nilesh: I haven't gotten back to it yet
<jjohansen> nilesh: however the hexdump you provided shows me that the compliled profile has dropped the network rules
<jjohansen> nilesh: so either I am going to have to track down why its dropping those rules, and then maybe be able to provide a work around, OR I am going to have to build you a new parser that doesn't have the issue
<jjohansen> hrmmm, I guess that is a little more than when we talked last
<jjohansen> nilesh: can you provide me the output of
<jjohansen>   cat /sys/kernel/security/apparmor/features
<jjohansen> and
<jjohansen>   cat /etc/apparmor.d/cache/.features
<White_Cat> Is there a mail server that I can use with ubuntu-server. I was looking at postfix but that requires creation of ubuntu accounts per each email account. I'd rather keep the two seperate as users will never ever login to the ubuntu server and they tend to use less than ideally srong passwords
<jjohansen> White_Cat: there are lots of mail servers http://en.wikipedia.org/wiki/Comparison_of_mail_servers
<White_Cat> well yes
<White_Cat> thats why I am asking for a reccomendation :)
<White_Cat> its more of a taste issue after a certain point
<White_Cat> and I tend to have poor taste in mail servers :p
<alex88> export PATH=$PATH:$HOME/vendor/vips/bin and export PATH="$PATH:$HOME/vendor/vips/bin" isn't exactly the same thing?
<White_Cat> ideally I want the mail server to have exchange support
<jjohansen> alex88: no they aren't if either of the $PATH or $HOME variables contain whitespace
<alex88> jjohansen: oh awesome, thanks a lot!
<lordievader> Good morning.
<nocturnal_> I got a server that was going to be e-wasted and installed ubuntu-server on it. i've been using it to store my media, however i have a lot of cpu power that is not being used.
<nocturnal_> does anyone have any ideas or fun projects that might help me learn more about computing?
<Rajvi> Hello Everyone.
<nocturnal_> Hi Rajvi
<Rajvi> What's the easiest & effective procedure to switch between multiple php & apache versions on a LAMP setup?
<Rajvi> ?
<nocturnal_> I don't know
<nocturnal_> are you upgrading?
<Rajvi> No, I need to use somehow php 4.x & some old Apache version , so what this old program works!
<adsc> can't you just run a virtual machine?
<nocturnal_> Don't you just need to configure PHP to work with Apache? Which version of PHP?
<samgoody> Hello all. when I do cat /etc/hosts I get a different listed fqdn then hostname -f
<samgoody> I realize that something extremely obvious, like I shouldnt be checking /etc/hosts for the fqdn. Could someone help?
<Eggs_> samgoody: if you have changed you hostname previously you need to change it in /etc/hosts too, which you may have forgot to do
<samgoody> Thanks.
<samgoody> I changed it once using hostname me.example.com
<samgoody> And since then have had issues ;)
<samgoody> Also, whereas before this my hostname was "me", and fqdn was "me.oldomain.com" the new hostname is the same as the hostname -f: me.example.com
<samgoody> How do I fix that so that hostname should be "me" and only fqdn be "me.example.com"
<Eggs_> samgoody: not too sure on that one, i would just have it the same, are you wanting it different for the bash promt or something?
<samgoody> No, I just figured it ought to be different since that's what I see in all examples of hostnames online
<Eggs_> samgoody: its based on the /etc/hosts file, so at the top instead of having 127.0.0.1 me you would have 127.0.0.1 me.olddmain.com
<samgoody> thanks
<sunstar> does the php_mail function work for anyone? i've been using ubuntu since 9.10 and phpmail has never worked on any of my boxes. is this normal?
<samgoody> 127.0.0.1       localhost.localdomain localhost
<samgoody> What does the localhost.localdomain mean
<samgoody> On the linode tutorial, they suggest: 127.0.0.1  localhost
<samgoody> Why skip that?
<YamakasY_> why is this partition scheme ignored ? it just creates swap and / on vg00 http://pastebin.com/7a3uyXZh
<jamespage> tinoco, looking at https://bugs.launchpad.net/ubuntu/+source/pacemaker/+bug/1382842
<uvirtbot> Launchpad bug 1382842 in pacemaker "SRU breaks pacemaker in 14.04" [High,In progress]
<jamespage> the pacemaker binary is tied directly to the binary versions of the libraries it produces?
<tinoco> jamespage: i fixed one regression yes
<tinoco> it looks like libraries were not being updated together
<jamespage> tinoco, erm they are
<jamespage> tinoco, I'm trying to understand why it breaks
<tinoco> so there could be a situation when users updated binary without libraries
<jamespage> tinoco, the ABI is the same upstream version
<jamespage> so it should not
<tinoco> jamespage:  let me revisit this
<tinoco> so i can remember proplery
<jamespage> tinoco, if the pacemaker binary hard depends on exactly the same packaging version, then we should do that in debian/control
<tinoco> i remembered
<tinoco> version used by Ubuntu did not cause
<tinoco> dh_makeshlibs to behave properly
<tinoco> (the string gitXXXX-something)
<tinoco> https://bugs.launchpad.net/ubuntu/+source/pacemaker/+bug/1368737/comments/17
<uvirtbot> Launchpad bug 1368737 in pacemaker "Pacemaker can seg fault on crm node online/standby" [Undecided,In progress]
<tinoco> take a look at this comment please
<TimN> Is there any way I can only allow a specific list of IP adresses to a specific port on my server?
<teward> TimN: firewall restrictions, or at the application level.
<TimN> I don't think it's possible at application level. It's about a Minecraft server.
<teward> TimN: probably individual rules in iptables or ufw to allow from specific IP addresses.
<teward> TimN: then you're stuck using firewall rules
<TimN> Okay, so iptables...
<teward> TimN: or ufw
<teward> i use iptables
<teward> `sudo iptables -A INPUT -p tcp --dport MINECRAFTPORT -s IP.AD.DR.ESS -j ACCEPT
<teward> one of each of those for the IP addresses you want to allow
<teward> sudo iptables -A INPUT -p tcp --dport MINECRAFTPORT -j REJECT --reject-with icmp-host-unreachable
<teward> that should ONLY be run as the last rule
<TimN> That blocks all others?
<teward> (and that adds a REJECT such that if it doesn't match the other IP addresses, it'll just fail for others
<teward> yep
<TimN> Ah.
<teward> that's what the last one there does
<TimN> And if I'd want to add another IP later?
<teward> TimN: `sudo iptables -L -n INPUT`
<teward> find the rule which has REJECT as the target
<teward> count where in the ruleset that is
<teward> then: sudo iptables -I INPUT THENUMBER -p tcp --dport MINECRAFTPORT -s IP.AD.DR.ESS -j ACCEPT
<TimN> Are those rules placed in a file?
<teward> TimN: no, those are command-line commands you run
<teward> they're not saved unless you save them with `iptables-save > /some/path/`.
<jhobbs> http://dev.bukkit.org/bukkit-plugins/iplist/
<teward> you can use the iptables-persistent package to help though
<jhobbs> if you use bukkit :/
<TimN> Jhobbs, would be nice if Bukkit was available. ;P
<TimN> Teward, does "sudo iptables -I INPUT THENUMBER -p tcp --dport MINECRAFTPORT -s IP.AD.DR.ESS -j ACCEPT" place the rule before THENUMBER or as THENUMBER?
<teward> TimN: it inserts it as THENUMBER and then pushes what was there down one
<teward> so if the REJECT is the 5th rule, then -I INPUT 5 puts your new rule before that 5th rule (the REJECT) as rule #5, and the REJECT moves to rule #6
<TimN> Okay. Nice.
<TimN> Thanks for your help. =)
<rbasak> gnuoy: looking at lp:~gnuoy/ubuntu/vivid/python-logutils/update-to-0.3.3-2, I can't seem to apply fix-_levelNames-vs-_levelToName.patch cleanly. I'm not sure if this is me not handling the bzr branch right though.
<rbasak> Ah, I see you're on holiday this afternoon.
<rbasak> I'm out from tomorrow.
<rbasak> I'll leave it for now.
<rbasak> gnuoy: looks to me that the patch is right, but it isn't applied in the bzr branch even though .pc/ says it should be or something.
<rbasak> This is an area where I get very frustrated with UDD and bzr. AIUI, stuff in UDD is supposed to be committed with all quilt patches applied and a corresponding .pc/ set up correctly.
<rbasak> So the first thing I tried to do was "quilt pop -a" on your branch, which failed.
<rbasak> OTOH, "quilt pop -a" on lp:ubuntu/python-logutils works
<fandi> hi
<fandi> i got udp packet
<fandi> here is my result from tcpdump
<fandi> http://paste.ubuntu.com/9551966/
<fandi> is there any exploit on rpcbind or rpc.stat
<fandi>  ?
<fandi> please need your help :) thanks
<teward> fandi: those look like DNS requests and responses... but without me dumping that into wireshark i can'tbe certain of that.
<fandi> teward: yups it's query unavailable domain A? lzj.passwd1.com.
<fandi> teward: i never found like this, and only rcpbind, rpc.stat which running with proto udp
<teward> fandi: looks like something on your system is triggering those queries, but from a simple packet log you won't find out what's issuing those requests on your system
<teward> unless it's whatever's running on rpc
<fandi> teward: is possible to try stop rpc ?
<samba35> i have configure a network with openvswitch i am faceing two issuses ,1 )how do i fix ifconfig eth0 to ipaddress 0.0.0.0 after bridge is configure (i am using ovs version 2.0.2 with vlan
<tinoco> jamespage:  talking about LP: #1382842, fix is on LP: #1368737
<tinoco> jamespage:  could u sponsor that ?
<jamespage> bug 1368737
<uvirtbot> Launchpad bug 1368737 in pacemaker "Pacemaker can seg fault on crm node online/standby" [Undecided,In progress] https://launchpad.net/bugs/1368737
<jamespage> bug 1382842
<uvirtbot> Launchpad bug 1382842 in hacluster "SRU breaks pacemaker in 14.04" [High,In progress] https://launchpad.net/bugs/1382842
<jamespage> tinoco, that last one was the one I had query over
<tinoco> yep
<tinoco> just talked with dosaboy
<tinoco> it seems that they might have a temporary fix into a charm
<tinoco> because apt-get update might misbehave
<jamespage> tinoco, I was unclear as to why pacemaker requires an exact package version match with its associated libs
<jamespage> tinoco, there is a charm bug and dosaboy has a fix for that which will help things
<tinoco> 1368737 -> #16 and #17
<jamespage> tinoco, but I'm not 100% happy with the fix approach
<tinoco> jamespage:  u think changing version would be better ?
<jamespage> no
<jamespage> tinoco, I just don't see why the mismatch causes this error
<tinoco> because of latest fix (-updated)
<tinoco> libraries have to be at the same version
<tinoco> orelse you get:
<tinoco> Oct 18 20:54:16 saturn crmd[23424]: warning: do_lrm_control: Failed to sign on to the LRM 2 (30 max) times
<jamespage> oh right I see
<jamespage> in which case that's not the right fix
<jamespage> pacemaker should be depending explicitly in d/control on a matching binary version
<jamespage> which will force the upgrade
<jamespage> making shlibs depend on a packaging version is not a good idea
<jamespage> tinoco, leave this with me - I need to sortout vivid first and the packaging is awkward
<tinoco> jamespage: ok. let me know if you need me to change anything for you
<tinoco> tks james ;)
<jamespage> tinoco, np
<tinoco> jamespage: i was also talking with arges about proposing 1.1.12 into sid (mid jan)
<tinoco> and bringing the new version to ubuntu also.. 1.1.12 has lots of bug fixes
<jamespage> tinoco, yeah maybe
<tinoco> that would be good for us (a lot)
<jamespage> tinoco, I've been working on 1.1.12 for vivid
<tinoco> perfect :)
<tinoco> so iÂ´ll leave it with  you tks again
<jamespage> tinoco, but I might chicken out and do 1.1.11 for now
<tinoco> ok.. iÂ´ll propose 1.1.12 to debian-ha
<tinoco> and see what they come up with
<jkyle> I'm getting the following error when trying to add a gpg key to a precise server: keyserver timed out
<jkyle> I thought it might be due to port 11371 being blocked, but nmap -p 11371 keyserver.ubuntu.com shows the port as open
<jkyle> and Ihave no firewall on this machine
<rberg_> you could try a different key server
<jkyle> well, I can. but this is for some automated scripts. so is keyserver.ubuntu.com unreliable in some way? Is there a more reliable keyserver I should use?
<rberg_> that I dont know
<rww> jkyle: yes, keyserver.ubuntu.com is unreliable. I'd recommend pool.sks-keyservers.net
<pmatulis> rww: how did you conclude keyserver.ubuntu.com is unreliable?  is there a known problem?
<rww> pmatulis: because half the time I make requests to it it fails
<rww> and the response I got from someone (forget who) was "yeah, that's a thing" basically
<pmatulis> rww: alright, thx
<alias_neo> Hey chaps. Having issues authenticating to my freeipa server from ubuntu 14.10 server. I can authenticate from 14.04 desktop and 14.04 server though. Anyone have any ideas please?
<sarnold> alias_neo: any errors or warnings on either the client or the server?
<alias_neo> The server doesn't complain, but I've got the sssd logging on high on the client, there's quite a lot of stuff, nothing that stands out to me (but I'm an sssd/ipa noob)
<alias_neo> I@m just about to compare it with the sssd log of a working client
<alias_neo>  I see this in the broken server log just before it all goes wrong:  No ccache file for user [<username>] found.
<sarnold> alias_neo: interesting... what's a ccache file in the context of freeipa? :)
<alias_neo> Not entirely sure but I believe it's to do with sssd caching credentials
<sarnold> aha, so not a caching c compiler >:->
<alias_neo> hehe no
<YamakasY> any partman pro's in here ?
<YamakasY> man it's giving me a hard time
<proq> can someone point me to the best guide to installing a gnome desktop environment on ubuntu server 14.10?
<dasjoe> proq: "apt-get install tasksel; tasksel install ubuntu-gnome-desktop" should do the trick
<proq> thanks
<dasjoe> Mind you, this will pull in everything as if you selected "GNOME desktop" during the installation
<Noskcaj> zul, We can you check if we can sync python-tornado now? upstream says it was fixed by our current pycurl. https://github.com/tornadoweb/tornado/issues/671
<YamakasY> which channel do I need for partman help ?
<pmatulis> YamakasY: try #ubuntu-installer
<YamakasY> pmatulis: yeah that channel seems to be dead
<pmatulis> YamakasY: it's definitely not a "hot" channel but i wouldn't call it dead
<pmatulis> YamakasY: maybe a mailing list is more appropriate
<YamakasY> pmatulis: yeah got some help months ago... good idea
<kyle__> if you have multiple interfaces, and only one has the gateway line, will that always be set as the default gateway in the routing table?
<kyle__> I have a bridge (virbr1) that sets a specific route via postup, and a tagged vlan, which is supposed to have the default route (set using gateway in interfaces file), but it's using the virbr1's route as default, and the tagged vlans as specific.  I think
<kyle__> s/specific/static/
<kyle__> But you know what I mean.  Ihope.
#ubuntu-server 2014-12-18
<xibalba> hey folks, i need some assistance in getting my virtualbox virtual machine to startup
<xibalba> i get the following error when trying to start the VM: VBoxManage: error: The virtual machine 'zcs' has terminated unexpectedly during startup with exit code 1 (0x1)
<xibalba> VBoxManage: error: Details: code NS_ERROR_FAILURE (0x80004005), component Machine, interface IMachine
<xibalba> Ubuntu 14
<LarsN> Is anyone who has first hand experience with the Ubuntu Orange Box handy?
<Patrickdk> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<LarsN> I have an orange box.  http://www.ubuntu.com/cloud/jumpstart-training,  I'm wondering how I can power off one of the nodes that appears to auto-boot on AC restore, and simultaniously isn't responding to the Intel AMT.
<LarsN> Second, I am wondering If I want to reset the orange box 100% to a "default" state, is it as simple as adding the orange box PPA, juju PPA, and installing 14.04 on the node, then apt-get installing the orange-box package?
<LarsN> finally, is there any published documentation on how to actually use and set this thing up besides having Canonical come out for Jumpstart training?
<Patrickdk> ah, heh
<LarsN> Patrickdk: see why I asked first?
<sarnold> :)
<LarsN> it's not a "normal" ubuntu-server question.
<Patrickdk> well, now I know what an orange box is
<sarnold> this may be the first time when it makes a certain amount of sense, hehe :)
<Patrickdk> but ya, not sure that is an irc thing :(
<LarsN> where can I find a list of #ubuntu-* channels?
<sarnold> LarsN: is there a maas gui running on a port on localhost? it might have easy buttons for turning machines off and on
<Patrickdk> it's a very canonical thing :)
<LarsN> sarnold: there is a MAAS url, or there was prior to my running the: orange-box-purge-all command.
<sarnold> LarsN: oh :) haha
<LarsN> there will be again once the apt-get install completes.
<LarsN> Patrickdk: this is true.  One of the designers of this thing lives in my home town
<LarsN> I may just have to call him tomorrow.
<sarnold> kirkland: any chance you're around to answer some orangebox questions for LarsN?
<LarsN> or, I don't suppose you're in Austin this week?  <-- kirkland :)
<LarsN> sarnold, Patrickdk: either way, thanks :)
<sarnold> LarsN: good luck and have fun :)
<LarsN> not the most cost effective way to build a micro-cloud.  but a convenient way to build a cloud in a box, for prototying some SaaS products :)
<LarsN> the fun bit is, I only found out about the "orange-box-*" commands because of the "history" command on the default ubuntu user.
<Patrickdk> :)
<sarnold> LarsN: yeah, for a demo unit it's pretty fantastic. for an actual deployment, perhaps less so.
 * Patrickdk forgets what he is doing
<LarsN> sarnold: Tranquil PC is working on a unit with 8x "server grade" xeon systems, and enterpris like switches.
<Patrickdk> oh ya, scheduled production breakage
<sarnold> Patrickdk: you're about to break all your customer's production systems
<LarsN> still not sure that's what I want to deploy for a customer,  But more interesting.
<sarnold> LarsN: ooh. yeah, interesting.
<LarsN> more likely we'll go with something like SuperMicro "MicroCloud" or "FatTwin" chassis.
<sarnold> those fattwin look pretty slick
<LarsN> I have two of those ordered as well
<sarnold> haven't looked at the microcloud things yet
<sarnold> :D
<LarsN> micro cloud is 3u, by 12 nodes.
<sarnold> oooo
<LarsN> single socket each.
<sarnold> yeah I suspect those will be better performance for your dollar than an orange box, and something you'd be happy to run in production too
<LarsN> already have 3 of those as compute nodes in an openstack cloud.
<LarsN> well stink.  It's hanging up at the same place it did yesterday.
<LarsN> http://pastie.org/9787552
<LarsN> I take it back, it might not actually be hung.
<sarnold> LarsN: how long have you waited? it might a bit..
<LarsN> opened virt-manager, and actually see it bootstrapping with MaaS
<sarnold> some of those maas operations have step 1 go download 200 megabytes or something similar
<l2ksolkov> Does Ubuntu server 14.04 have any cronjobs on a default install?
<LarsN> l2ksolkov: it may.  especially if during the defauilt install you told it to do the security updates.
<LarsN> in which case you, at a minimum, have a midnight(ish) apt-get update/upgrade for security packages.
<LarsN> l2ksolkov: it's easy to check.  look at /etc/cron.*
<l2ksolkov> LarsN: the reason i'm asking is because at 6:30 every morning something runs and the fan on the computer goes up to full speed, waking me up.
<LarsN> l2ksolkov: cat /etc/crontab
<l2ksolkov> LarsN: yup there's a few in cron.daily
<LarsN> l2ksolkov: re-schedule those for say 9am?
<l2ksolkov> LarsN: done, i'm not sure why it ran at 6:30 though
<LarsN> l2ksolkov: 6:30 is before "many" systems folks hit the office.
<LarsN> nice to have the daily tasks done before then :)
<l2ksolkov> LarsN: thanks, now what little peaceful sleep i get will no longer be interupted by a NASA rocket at 6:30 in the morning.
<LarsN> Sleep is for the weak.
 * LarsN kids :)
<l2ksolkov> Well :P
<Rajvi> Hello Folks, I don't know what I am doing wrong . i copied my web application to /var/www/html. I get error messages.  I get of error messages stating folders aren't writable. Please help
<jadesoturi> webserver? what application is it?
<jadesoturi> https://answers.launchpad.net/ubuntu/+source/apache2/+question/251991 check this maybe?
<Rajvi> Many Thanks! I knew it!
<jadesoturi> no worries:)
<Rajvi> U guys rock!
<rajvi> Hello Guys, I get write access errors for my web app
<rajvi> I am the owner of the /html directory
<jamespage> tinoco, morning - working through the pacemaker fixes now
<jamespage> tinoco, the matched library versions problem I've fixed in a different way by matching exactly the pacemaker library versions in d/control
<jamespage> tinoco, https://launchpad.net/ubuntu/+source/pacemaker/1.1.11-1ubuntu1
<jamespage> vivid almost done
<tinoco> jamespage: tks james, really appreciate ;)
<jamespage> tinoco, utopic and trusty sru's also uploaded for review
<jamespage> commented on both bugs; the binary version match bug could do with a test case
<Ronnie> I have some unknown load/cpu issues on server. See screenshot: http://imgur.com/QURGdNt. The amount of CPU0-CPU3 is a lot higher than alle the CPU used by the processes listed. Anyone knows where this ghost CPU comes from?
<garnus> b)
<pmatulis> whoah, dnsmasq is not in 'main'
<BaNzoune1> Hey, If I've nothing under State when doing a netstart what does that mean? https://gist.github.com/AlexGaspar/0e67c25405e9db853a5f
<patdk-wk> it means *nothing*
<patdk-wk> did you expect a meaning?
<BaNzoune1> I don't know what I should expect, I've setup fluentd (if by anychance you know it), it supposes to listen on 24224 tcp to recieve 'message' and 24224 udp for heartbeats but only the tcp seems to go throught, I'm trying to figure out what's going on :/
<patdk-wk> you failed to understand what UDP is
<patdk-wk> UDP has no state, it shouldn't ever display a state
<BaNzoune1> Okay, I didn't know that, thank you :)
<kirkland> LarsN: sarnold: howdy, I'm around for a few minutes, what's up?
<matyy> Hey, I activated the root login on a server. I want to mount it's filesystem with sshfs with root priviliges. I don't find a way to sudo with sshfs. I also tried to work it out with groups, but than all newly created files have the group of the creator... which is bad, because I have to chown them constantly. This is all in an LAN, the only connection to the internet is via a reverse proxy, so direct connection to the internet at a
<matyy> *no
<matyy> is there any security concern but people hacking into my LAN? I only leave it activated while I am doing some work, than I deactivate it again anyway... Still, just curious, didn't get no replies on the ubuntu forums
<leo_sift> I'm experiencing a very weird issue on a new server install. "if" does not recognize eth0, "ifconfig" does. eth0 does not seem to be handled in initial boot, but does get mounted. dns-nameservers on eth0 are not added to resolv.conf  http://paste.ubuntu.com/9561166/
<dasjoe> kirkland: Hi, quick question about Snappy and Core. Will there be a way to turn a standard Core installation on real hardware into Snappy?
<kirkland> dasjoe: unfortunately, no, there's no path from traditional->snappy or snappy->traditional
<kirkland> dasjoe: I've heard some talk, perhaps, by people who might like to "snapshot" a traditional ubuntu install, and turn that into a base image for a snappy install
<kirkland> dasjoe: that's probably (stress, probably) doable, with some work with the tooling
<dasjoe> kirkland: too bad. I'm playing around with Core and ZFS a bit, so turning one of my PoC NUCs into Snappy would've been nice
<kirkland> dasjoe: heh, well, keep us posted on the list, if you do something interesting there ;-)
<dasjoe> kirkland: sure, which list would that be? I'm using eCryptfs, too ;)
<kirkland> dasjoe: snappy-devel
<dasjoe> kirkland: Thanks, subscribed
<MagicMystic> hello all...got my first mail server up and running. so far so good!
<MagicMystic> I'm running postfix/dovecot/spamassasin/camav etc..
<MagicMystic> using about 60% of ram. is this acceptable?
<MagicMystic> currently 1gb of ram on server
<MagicMystic> the mail server will be used for only a couple of accounts
<lordievader> MagicMystic: With or without buffers and caches?
<MagicMystic> lordievader: sorry...not sure where I would use buffers and caches...
<MagicMystic> running on a vps
<lordievader> MagicMystic: http://www.linuxatemyram.com/
<MagicMystic> lordievader: tnx for the link brb
<MagicMystic> going to run free -m and will report back
<MagicMystic> lordievader: just checked free -m shows I have 359 mb remaining
<lordievader> MagicMystic: And how much cache?
<MagicMystic> lordievader: 127
<lordievader> So you still have around 460Mb free. That's sounds about right.
<MagicMystic> lordievader: enough loaf to do the job?
<lordievader> MagicMystic: Do you have swap?
<MagicMystic> lordievader: yes. 1gb of swap - currently only using 7mb of swap
<MagicMystic> server is running an ssd as well
<lordievader> MagicMystic: Then there is no need to worry about the out-of-memory killer.
<MagicMystic> lordievader: thanks! first time running an essential service like mail...and a bit paranoid
<MagicMystic> the webview of the vps shows high cpu usage - however according to top it is barely using any cpu. should I be looking anywhere else to confirm this?
<lordievader> MagicMystic: Check atop, it might simply be the periodic timer.
<MagicMystic> lordievader: got it. many thanks for your suggestions and help. good karma to you my friend.
<lordievader> MagicMystic: No problem, have fun ;)
<linuxgeek_> hi, in the top command 1 will show all the cpu cores and M will sort process by memory usage
<linuxgeek_> i use nohup top -b > test_top.txt &. can the 1 and M options be passed so the test_top.txt is written with these options?
<pmatulis> this channel should have a karma bot
<patdk-wk> pmatulis--
<pmatulis> ouch
<lucidguy> I have a Linux server with a large local xfs filesystem.  I need my Windows clients (authenticate via Windows AD) and my Linux clients  (authenticate via different ldap server) to access this same filesystem.  The server will export the fs to the Linux clients via NFS and Windows clients via Samba/smb.  How can one accomplish this?
<K4k> Do you have to do anything special to "activate" new files in /etc/cron.d?
<K4k> I've created a new job file with two jobs in it, the scripts the jobs are running work fine when run manually but they are not running during their prescribed times and I'm not sure why
<pmatulis> K4k: maybe have a read of 'man cron'.  you may have missed something
<rajvi> Hello folks, Could anyone tell me what's wrong with user configuration  file for Tomcat7. https://paste.ee/p/6ejW3
<K4k> pmatulis: After re-assessing things I'm still lost. I've read man(8) and according to it, the only specific things to consider with cron.d is the permissions should not be group or world writable and it must be owned by root.
<K4k> I have another line just below the two that aren't working now that is * * * * * root /usr/local/bin/touch-test.sh that just puts the date in a log file
<K4k> that works fine
<K4k> the two lines above are doing the same thing but not working.
<K4k> though there was a note in man(8) about using cron.d being a bad idea... no explaination to why was given, however.
<K4k> HA! It must be time to go home... I just solved the cron.d mystery... permissions were wrong on the destinarion directory that the script was trying to put files in... I guess I should put a catch-all in there for other errors to email me if it happens again :)
<pmatulis> K4k: nicely done!
<Naphatul> would someone mind checking my raid 1 setup
<Naphatul> https://bpaste.net/show/e0e0611c4153  https://bpaste.net/show/27dea3f6cd67  https://bpaste.net/show/64bb56df4134
<Naphatul> relevant info, just want to make sure it's configured right
<Naphatul> also i can write while they're resyncing right?
<Naphatul> also any tips on increasing build time would be helpfull
<Naphatul> also curious why is it only doing 20MB/s
<IPPhoneGuy> check /proc/sys/dev/raid/speed_limit
<IPPhoneGuy> =)
<IPPhoneGuy> max is probably set it 20
<Naphatul> IPPhoneGuy: max is set to 200,000
<Naphatul> that would be 200MB/s no?
<acovrig> what could cause an iptables -v -t nat -L to take a long time? Usually I've seen it return in seconds, but with a specific system, it seems to always take ~2-6min
<acovrig> http://pastebin.com/HTHp7p3D is the output of time iptables, why almost 3min!?
<Patrickdk> acovrig, anything on your system can cause it to be slow
<acovrig> if I flush my iptables (iptables -t nat -F && iptables -F) to test something, will the rules come back if I reboot?
<PryMar56> acovrig, do the bridges exist ? virb0 and lxcbr0?
<acovrig> PryMar56, yes, but I don't know what either of them are or where they came from (lxcbr0 => docker?) how/can I remove the virbr0?
<PryMar56> acovrig, man virsh
#ubuntu-server 2014-12-19
<PryMar56> that is shell for libvirt
<PryMar56> you can remove the default network
<acovrig> PryMar56, brctl delbr virbr0?
<PryMar56> sure, till reboot
<acovrig> PryMar56, can I permanently do that (since I don't think I use it), or would I need to put something in /etc/init.d?
<acovrig> PryMar56, I do have VMs in kvm/libvirt, but they're using other bridges, none of them are using virbr0
<PryMar56> virsh net-undefine default
 * PryMar56 apologizes for spoon feeding
<acovrig_> PryMar56, thanks
<acovrig_> when masquerading, what if do I specify, the one I'm expecting a connection on, or the one I'm connecting to?
<PryMar56> acovrig_, looking at the iptables trace, the bridges are MASQ'd
<PryMar56> you can dump those rules as `iptables-save`
<acovrig_> PryMar56, I'm currently double-NAT'd (for the next ~week) 192.168.5.0/24 is an ubuntu machine running pfsense as a router VM (libvirt); it connects (WAN) to a 192.168.2.0/24 LAN; if I have 'iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE' in 5.4 (the VM host), other clients can't connect to anything on the 192.168.2.0/24 network.
<acovrig_> PryMar56, 5.4 is a client-to-client-LAN gateway to the 5.0/24 network from an openvpn overlay network (to a VPS)
<acovrig_> PryMar56, when setting this system as a gateway, do I MASQUERADE br0 (LAN with 5.0/24) or tun0 (OpenVPN client IP to overlay network)?
<PryMar56> don't try that at home, setup is for professionals only... pretty complicated to say for me
<Dirnan> Having trouble with postfix not recieving or sending outside domain
<Dirnan> any takers
<Dirnan> i can login to the pop server remotely and send and recoeve to only local accounts
<LarsN> kirkland: are you there?
<fandi> hi
<fandi> i got gpg error : link this
<fandi> http://paste.ubuntu.com/9566355/
<fandi> how to delete gpg key or disable that
<lordievader> Good morning.
<jamespage> coreycb, zul: I've bumped new versions of alembic and oslo.utils into vivid; oslo.context is in the NEW queue
<zul> jamespage:  whats using oslo.context?
<jamespage> zul, neutron
<jamespage> zul, does the py 2.7.9 incompatibility matertilize via unverified certs?
<zul> jamespage:  it does
<jamespage> zul, where is the bug again? keystone is impacted
<zul> jamespage:  https://github.com/python/peps/blob/master/pep-0476.txt
<zul> jamespage:  https://bugs.launchpad.net/cinder/+bug/1403068
<uvirtbot> Launchpad bug 1403068 in cinder "Tests fail with python 2.7.9" [Undecided,New]
<zul> jamespage:  i have a patch that ignores some test failures for cinder if you want (rtslib)
<jamespage> zul: I think glanceclient is impacted as well
<zul> fuuuu
<jamespage> zul: hmmm
<jamespage> yes
<jamespage> oslo.vmware 0.8.0 uploaded
<jamespage> zul, ok trying a patch to glance tests
<jamespage> glancelient that is
<jamespage> coreycb, btw I'm applygin a new uversionmangle - "s/\.0b/~b/"
<zul> jamespage:  http://paste.ubuntu.com/9569176/
<jamespage> zul, I see the issue with glanceleitn
<jamespage> zul, glanceclient fixed and proposed upstream
<zul> jamespage:  cool
<thor77> hello, i tried to install mpd with pulse-audio like described here http://mpd.wikia.com/wiki/PulseAudio on my ubuntu 14.10-server, but i stuck on this (http://mpd.wikia.com/wiki/PulseAudio#Adjusting_Volume_.2F_Sinks_.2F_etc.) step, i dont get it to connect to pulse using pacmd, it always says "No PulseAudio daemon running, or not running as session daemon" but i can see a pulseaudio process with "ps x"
<kirkland> LarsN: yes, hi
<coreycb> jamespage, looks like python-rtslib-fb needs to get into main for cinder, and python-wsgiref needs to be synced
<jamespage> coreycb, nack on rtslib
<jamespage> coreycb, just patch it out - see zuls pastebin above
<coreycb> jamespage, ok
<jamespage> coreycb, zul: can I get a +1 for including rabbitmq-server in the kilo CA please - 3.3.5 introduced better default queue failover
<coreycb> jamespage, +1
<coreycb> jamespage, should I request a sync of python-wsgiref?
<jamespage> coreycb, I can't see that in debian or ubuntu?
<jrwren> any simplestreams folks around?
<jrwren> how does simplestreams get the latest version?  is it lexical order? numeric order?
<jrwren> e.g. jq '.products."com.ubuntu.cloud.daily:server:14.10:amd64".versions |keys' com.ubuntu.cloud\:daily\:aws.json  looks numeric, can I rely on that?
<coreycb> jamespage, nevermind it's in libpython2.7-stdlib
<agend> hi - i'm just setting up server - and I need plenty of requests per second, started with ubuntu, and had nf_conntrack problem - fixed it, got better rps troughput - but I wonder is there linux distro which would be tuned for high permormance http serving out of the box?
<agend> or some links to sources about tuning ubuntu server?
<coreycb> jamespage, what do you think about getting a new vesion of pecan > 0.8.0 into vivid?  (ceilometer)
<jamespage> coreycb, sounds like a good idea - I assume its required for ceilometer?
<jrwren> agend: not afaik. Are you server static content or an application. Typically you would tune your application to be faster.
<coreycb> jamespage, sorry, yes it's required by ceilometer
<jamespage> coreycb, ++ then
<agend> jrwren: content is dynamic, and not its not application problem - its written in go and it's pretty fast. I have to tune the os
<jrwren> agend: ah, so already profiled. Interesting. What issues are you seeing then?
<jamespage> coreycb, https://github.com/openstack/requirements/commit/70b10edb67ae72bf1f2436ee5abe6ae208ea4d2a
<jamespage> argh!
<agend> jrwren: like i said: nf_conntrack so far, got it better, now waiting for next surprise
<agend> jrwren: looks like i have to be ubuntu expert to get it done
<coreycb> jamespage, oh great
<jrwren> agend: i'm not sure what nf_conntrack is, but I've mostly run on cloudimg, which is a bit different than ubuntu-server
<agend> jrwren: running on bare metal
<jamespage> coreycb, I'm seeing a nova test failure I think its related to that
<coreycb> jamespage, and 0.9.2 is the latest version it looks like
<jamespage> coreycb, yeah
<jamespage> coreycb, just thinking as to whether we should revert back to 0.9.1
<tekk> hi guys, once the server has booted up and services initialized, just before it goes to the console login prompt, the video mode seemingly changesâ¦ does anyone know where this is configured? as my kvm-switch doesnât seem to support it.
<coreycb> jamespage, or temporarily revert the 0.9.2 change the caused it
<tekk> iâm abou to try GRUB_GFXPAYLOAD_LINUX=keep
<tekk> well that didnât owrk
<jamespage> coreycb, actually it might be OK
<jamespage> coreycb, zul reverted the offending commit - I think I just has a bad test run locally - in ppa its fine
<coreycb> jamespage, ok
<coreycb> jamespage, https://code.launchpad.net/~corey.bryant/ubuntu/vivid/python-pecan/merge
<jamespage> coreycb, "Merge from Debian unstable?"
<coreycb> no?
<jamespage> coreycb, what are you merging? I'm confused
<jamespage> vivid has the same version as debian right now
<jamespage> coreycb, I was expecting 'New upstream release'
<coreycb> jamespage, ok.. yeah I guess we're forking in a way
<jamespage> coreycb, probably only for a bit - I've told zigo we're pushing kilo-1 updates this week
<jamespage> so he should have an eye out
<jamespage> coreycb, merge == pull in changes from debian, re-apply ubuntu delta
<jamespage> coreycb, new upstream release == just ubuntu
<jamespage> coreycb, sync - just sync over from debian -> ubuntu
<jamespage> (drop any changes)
<coreycb> jamespage, yeah, makes sense
<coreycb> jamespage, ok pushed a new version
<jamespage> coreycb, for future reference, you don't need to say 'updated maintainer' - that's impled for a 0ubuntu1
<coreycb> jamespage, ok
<tekk> anyone?
<jamespage> coreycb, I'm this close to having nova ready I think
<jamespage> coreycb, unfortunately my power rate sync patch breaks tests now
 * jamespage sighs
<coreycb> jamespage, :/
<jamespage> coreycb, if https://launchpad.net/~james-page/+archive/ubuntu/vivid/+build/6661407 completes +1
<jamespage> coreycb, swift is done btw
<jamespage> but that's all from my list
<coreycb> jamespage, ok.  I'm a bit behind.  ceilometer is just waiting on python-pecan and should be all set once we get the new version.  cinder has a few more failing tests that I need to figure out.
<coreycb> jamespage, that's all I've made it to so far
<jamespage> coreycb, pecan uploaded - thanks!
<coreycb> jamespage, thank you!
<tekk> after booting, just before the login prompt the screen resolution changes to something i donât supportâ¦ any ideas? (Ubuntu Server 14.04)
<jamespage> coreycb, nova - done
<jamespage> coreycb, and with that I'm off
<coreycb> jamespage, alright, thanks
<Karunamon> huh, didn't know this channel existed. neat
<Karunamon> repeating my other question then - is anyone aware if it is possible to control the installer dialog when doing a preseed/kickstart?
<pmatulis> Karunamon: you can suppress most dialogs by providing a pre-determined answer
 * mait is getting "AuthType Basic configured without corresponding module" from apache2 in 14.04.1 LTS
<mait> after upgrading from precise
<Meerkat> they upgraded apache 2.2 to 2.4 so there are some changes. site config files need to end in .conf for example.
<mait> Got past some of those initial issues...
<mait> I was thinking others might have seen this. My config looks very close to the example given for Apache 2.4 by apache.org
<Meerkat> mait, enter apache2ctl -M
<Meerkat> is auth_basic_module listed there?
<mait> Yes. Actually, the simple case works. My troubles are with AuthnProviderAlias
<Meerkat> https://stackoverflow.com/questions/21385818/apache-authtype-not-set-internal-500-error/21386863#21386863
<Meerkat> mait, does that help?
<mait> Yes, that was part of what I've already gotten past.
<Meerkat> could you paste your config file then?
<mait> Thanks, but I think there's something about 2.4 that doesn't work like 2.2's mod_authn_alias did.
<Meerkat> mait, indeed. "The functionality provided by mod_authn_alias in previous versions (i.e., the AuthnProviderAlias directive) has been moved into mod_authn_core. "
<Meerkat> https://httpd.apache.org/docs/2.4/upgrading.html
<mait> I'm trying to do the first example in http://httpd.apache.org/docs/2.4/mod/mod_authn_core.html
<NineTeen67Comet> Hello all .. I'm not totally new at running my webserver, but I did a clean install of 14.04 (01) and now when I set up my sites they all point right back to the default Apache page . did something change?
<Meerkat> NineTeen67Comet, what does ls /etc/apache2/sites-enabled/ return?
<NineTeen67Comet> 000-default.conf and www.openlug.com.conf (my site) .. I've got more to add, but the first one was broken so I quit to seek knowledge :) ..
<Meerkat> if you wanna remove 000-default.conf you can do so with "a2dissite 000-default"
<NineTeen67Comet> Yeah .. headed in the right direction .. thank you much Meerkat .
<Meerkat> then you need to enter "service apache2 reload" to load the new configuration.
<NineTeen67Comet> Roger .. buttoned that one up .. I'm usually pretty good with the Ubuntu server (Been running it since I left Gentoo in 06 or so) .. So much thanks, I've been kicking myself all day ..
 * mait may be hitting https://issues.apache.org/bugzilla/show_bug.cgi?id=55622 using apache2 2.4.7-1ubuntu4
<uvirtbot> mait: Error: Could not parse XML returned by issues.apache.org: HTTP Error 404: Not Found
<mait> https://issues.apache.org/bugzilla/show_bug.cgi?id=55622
<uvirtbot> mait: Error: Could not parse XML returned by issues.apache.org: HTTP Error 404: Not Found
<mait> Hmm. my broswer like it at least :(
<Meerkat> it works for me too.
<asantoni_> hi all, an apt-get nfs-kernel-server update on ubuntu 12.04 seems to have taken our production NFS share down :(
<asantoni_> it's like read-only
<bekks> Did you restart the nfs server after updating?
<asantoni_> I just did that a few mins ago, did I do it right? I did sudo serviec nfs-kernel-server restart
<asantoni_> logs on the server show
<asantoni_> http://pastebin.com/bntfyJKJ
<asantoni_> dmesg on the client machines show: [23366474.713247] NFS: state manager: check lease failed on NFSv4 server xyz.com with error 13
<bekks> Did you remount the share?
<asantoni_> bekks: yeah, first I did "sudo umount -lf /mnt/nfs", then::
<asantoni_> sudo mount.nfs -o nosuid,nodev,noatime,nodiratime,noacl,nocto,rsize=32768,wsize=32768 xyz.com:/mnt/disk/nfs /mnt/nfs/
<asantoni_> it remounts but it's read-only... I get permission denied if I try to create or modify files
<bekks> Whats the output of "mount | grep nfs" on the client?
<asantoni_> nfs.xyz.com:/mnt/disk/nfs on /mnt/nfs type nfs (rw,nosuid,nodev,noatime,nodiratime,noacl,nocto,rsize=32768,wsize=32768,vers=4,addr=2a01:4f8:150:1309::2,clientaddr=2a01:4f8:150:30a8::2)
<bekks> oh, you are using ipv6
<asantoni_> still getting permission denied all the time, it's weird
<asantoni_> OK I turned on access logging (rpcdebug -m nfs -s proc) and I see: kernel: [3201308.065629] NFS reply getattr: 0
<asantoni_> OK so
<asantoni_> anonuid=0 and anongid=0 saved us
<asantoni_> the rpc idmapping thing is apparently not working right all of a sudden
<asantoni_> maybe it is some ipv6 vs. ipv4 issue
#ubuntu-server 2014-12-20
<IamR00T> can anyone help me with ipsec? i tried to verify the install and portfowarding failed and i dont know why
<bradthepizzaman> hello?
<pmatulis> hello
<bradthepizzaman_> can anyone help me with ipsec? i tried to verify the install and portfowarding failed and i dont know why
<samba35> i am planning to build a system for virtualization server with 4-5 guest ,with 16 gb ram ,which board and cpu do you recommand ,i want to use pci passthrougt
<lordievader> Good morning.
<blackyboy> Hi any one used icinga ? How can i add my client machines with icinga server ? Did i want to install nrpe package in both client and server machines ? Now i have installed icinga2 and its working fine only localhost as now under monitoring, I want to add some of the live production Servers to icinga now
<andol> blackyboy: For starters, how about addding some config to the Icinga server, pointing out those machines you want to monitor? Just to perform external checks that is all you need. If you want to be able to have Icinga perform local checks on other machines then nrpe is an option. Personally I prefer using check_by_ssh, having the Icinga server use an ssh login to perform local checks.
<andol> blackyboy: This is also where I probably need to go a bit RTFM on you, given that Icinga really is a tool you need to know a bit about before you can properly use it.
<blackyboy> ok let me search for check_by_ssh
<andol> blackyboy: Nah, don't cherry-pick like that, start with some basic documentation.
<squashua> Hey there :)
<squashua> My Ubuntu 14.04.1 VPS won't show anything in /var/www
<squashua> I think I've probably messed up the permissions... I'm using Apache.
<squashua> Version 2.4.7
<squashua> I'd be grateful for any help anybody could give :)
<squashua> The directory listing is blank and it won't show any files.
<squashua> IP address is 5.175.160.89
<squashua> It just 404s everything
<squashua> Hello??
<squashua> Oh never mind got some help from a friend :) turns out the document root was set wrong. Sorry if I took up lots of your time :)
<Prezident> /join #ubuntu-se
#ubuntu-server 2014-12-21
<linuxmint> Hello, I setup an NFS. I have 4 HDDs and don't know how to make HDD 2, 3 and 4 be used for extra storage?
<Axton> So i am running my ubuntu server on a laptop. But I just got a HP miniserver. What is the most easy way to tranfer from old to new server. Just moved old HDD into new server or, reinstall OS and app again..?
<linuxmint> I'm looking to use mhddfs to allow 4 HDDs to be used as server storage. I'm wondering when I 'merge' the 4 HDDs together, if I'll wreck HDD1 which has Ubuntu and NFS installed?
<samba35> on my system when i run netstat -ant i don't see port 80 open  (same with lsof -i4 )but i am able to check web server is running with localhost and check with telnet and port 80 is open
<samba35> but it show port 80 open with ip6 not ip4
<bekks> samba35: So it is running on IPv6, not IPv4.
<samba35> when i run telnet ipv4 80 i am able to pass telnet so ,its on ipv4
<bekks> Then you would see it on lsof -i4
<bekks> Which you said you dont.
<Meerkat> Every time I upgrade my kernel on 14.04 the grub menu.lst wants to replace /dev/vda1 with /dev/sda1 - How do I make it keep /dev/vda1 by default?
<teward> p
<patdk-lap> what is a vda1?
<ikonia> virtual disk
<ikonia> using the virtio driver
<patdk-lap> well fix it then
<patdk-lap> dpkg-reconfigure grub?
<Meerkat> patdk-lap, I do not know how to fix it, which is why I asked for help.
<patdk-lap> why I said to use dpkg-reconfigure
<patdk-lap> it will be on one of the grub packages you have installed
<patdk-lap>  I don't know what flavor of grub your using
<Meerkat> I ran the command but nothing showed up.
<Meerkat> Hopefully it is just really fast and it works from now on :)
<l2ksolkov> is it possible to install ubuntu server ONTO a USB drive and boot off it?
<SchrodingersScat> sounds ok
<teward> anyone got a link to the arguments for ntfs mounts in /etc/fstab?  I need to mount an NTFS drive on one of my servers here, but need to dig into the options a little deeper.
<dasjoe> teward: "man mount.ntfs" may help
<teward> dasjoe: thanks.  I take it the HTML gui manpages site will have that?
<teward> i'm stuck on a netbook, so terminal res is ***small*** :/
<dasjoe> teward: http://manpages.ubuntu.com/manpages/trusty/en/man8/mount.ntfs.8.html
<teward> thanks :)
<dasjoe> Sure :)
#ubuntu-server 2015-12-14
<logixmorg> Hey everyone, sorry to bother y'all. I recently bought and built a new computer. However it has the new "Secure Boot" from Asus. No matter the install method I do I can't see to get ubuntu server working properly. The closest I got was just a few minutes ago when everything seemed to go fine. Then when it reboots I see the first few lines of code p
<logixmorg> rocessing then a blank screen. Any suggestions?
<hateball> logixmorg: Some details like version of Ubuntu and model of motherboard may help
<logixmorg> Ubuntu Server 14.04 LTS version
<logixmorg> Asus Z170k motherboard
<ianorlin> logixmorg: Z170 is new hardware which 14.04 point release
<ianorlin> it might not recognize stuff as that is skylake
<logixmorg> Ahh well that is unfortunate, so the i5 I have on the motherboard is considered skyline?
<ianorlin> I might try 15.10
<logixmorg> Thank you, I'm downloading it now and will report back (Hopefully with success)
<hateball> logixmorg: well 14.04.3 should have the same HW support as 15.10
<hateball> iirc
<logixmorg> That's really unfortunate
<hateball> !hwe
<ubottu> The Ubuntu LTS enablement stacks provide newer kernel and X support for existing LTS releases, see https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<ianorlin> hateball: I think 14.04.3 is same as 15.04
<ianorlin> as there has not been a lts point release since 15.10 came out
<ianorlin> I think that is like feburary
<logixmorg> So as far as the hardware I have now, support may not be released till February?
<hateball> ianorlin: ah yes
<hateball> logixmorg: you can install 15.10, but you will need to get 4.3 kernel from the mainline ppa for full support
<ianorlin> hateball: what is in 4.3 that is not in 4.2
<logixmorg> Forgive my ignorance but how would I combine the 4.3 kernel with the 15.10? Would I open it up using my windows computer and simply delete the kernel then had the 4.3 kernel in?
<hateball> ianorlin: support for skylake gpu iirc
<logixmorg> OH so the on board graphics is the problem here? Would buying a compatible graphics card that is not skylake be a work around for this problem?
<hateball> you can boot with nomodeset and then add mainline kernel ppa, all according to google
<ianorlin> well I think you could nomodeset and install server
<logixmorg> Good news!! A simple install of 15.10 did the trick
<logixmorg> Thank you for the help and suggestions :)
<YamakasY> what is the size of a trusty mirror atm ?
<YamakasY> I'm here now at around 370GB but that is a lot of you ask me and I think sources are included also
<jamespage> smoser, I had another run at https://code.launchpad.net/~james-page/simplestreams/multihypervisor/+merge/278127
<jamespage> optionally enabled and also sets hypervisor_type in resulting streams data so that external tools can query by
<jamespage> smb, hey - remember that problem we kept hitting on utopic where umounted block devices got help onto by the kernel?
<jamespage> smb, http://paste.ubuntu.com/14003285/
<smb> jamespage, erm... I vaguely remember some umount problems somewhen in the past but I have troubles parsing your line there...
<smb> Ah ok.. the case where something managed to get into a state where the journal would not go away
<jamespage> smb, yah - that's the one
<smb> jamespage, So did you find a reliable way to get into the state? iirc we could never isolate the reasons
<jamespage> smb, I see that on a trusty daily image
<smb> jamespage, That is not exactly an answer to my question... ;)
<jamespage> smb, we'll I've spun up 10 machines today all of them have the same problem; just re-trying with the release stream image to try to bisect
<smb> jamespage, OK, spun up means using maas or uvtool or something else?
<jamespage> smb, nope these are all ontop of an openstack cloud
<jamespage> so using juju
<T3DDY> Best Ubuntu VPN server software for Ubuntu server?
<ikonia> T3DDY: anyone you like
<ikonia> people have different perceptions of "best"
<smb> jamespage, Which adds a ton of things that get done. Just near impossible to give any advice. I think it was doing the install via curtin and that I think is using a trusty kernel environment but I am not sure about anything there
<jamespage> smb, release image does the same thing - how do I start to debug this?
<smb> jamespage, first thing would be to figure out what things get mounted and unmounted over time... then the question is whether it is possible either to stop in between or even better if it is possible to recreate the problem with simple manual steps that follow that sequence
<smoser> jamespage, nice.
<jamespage> smoser, you like? I was toying with adding another config option to allow a user to specify the mappings
<smoser> its not clear what i would pass to --hypervisor-mapping?
<smoser> oh. thats what you were playing with i suppose.
<smoser> i like the config to enable that or not. that is good.
<jamespage> smoser, so something like --hypervisor-mappings="root.tar.xz=lxc,disk.img=qemu,disk1.img=qemu"
<jamespage> or that could be a pointer to a yaml or suchlike
<jamespage> mappings:
<jamespage>   - lxc:
<jamespage>       [ "root.tar.xz", "root.tar.gz" ]
<jamespage> and so on
<smoser> jamespage, i think thats fine. you considered the other way?
<smoser> yeah. i like your way
<smoser> (i was thining the other way as 'lxc=root.tar.xz'...)
<smoser> magicalChicken, o/
<magicalChicken> smoser: o/
<smoser> jamespage, fyi, you are chair on server meeting this week
<jamespage> smoser, okay....
<jamespage> better make and effort to show up them
<jamespage> n
<napoleon1234> Hello I have installed postfix on my ubuntu 14.04 LTS I have tried to send emails because I am currently setting up a Firefox Sync service. I just need to send emails. But when I try to send an email manually via connecting to port 25 via netcat I just get that the "recipient was rejected: <the domain of the rcpt>"
<napoleon1234> someone an Idea how I can fix this? I use normally centOS and I didn't had this problem before...
<napoleon1234> it's a fresh postfix install
<teward> rbasak: ping, if you're around, could use someone to bounce an opinion off of
<rbasak> teward: o/
<teward> (regarding nginx)
<teward> rbasak: so, working on the merge, lotsa changes.  including the modules Debian ships with nginx-full, do we update nginx-core to have the non-third-party module set that nginx-full now has, or no?
<teward> (already had to alter the description of the package and build rules)
<teward> when we created -core we gave it the same set of modules as -full, minus third party
<teward> if we diverge i'll have to edit the package descrip. further
<teward> just need a second opinion :)
<teward> (i'm for making the change to match -full, OR to match what nginx.org upstream does)
<rbasak> teward: so there's a change in upstream or Debian that adds additional modules, but these are official upstream modules and not from third parties?
<teward> rbasak: correct
<rbasak> teward: are they coded from scratch by upstream or adopted from previous third party modules?
<teward> they're not the third party modules at all, far from it actually
<teward> urgh i hate my system one sec
<teward> graphics glitch
 * teward beats xorg with a stick
<rbasak> I just want to confirm that it isn't that upstream have said "that's a handy third party module, let's adopt it!"
<rbasak> If the provenance of the new modules aren't any of the modules that the security team explicitly nacked, then I'd say stick with keeping the Ubuntu delta from Debian down. The definition of core was "Debian's -full less third party modules" and we can retain that definition.
<rbasak> That's easiest for you too, I think?
<rbasak> It's fine for new upstream code to end up in main without a security review by default. We rely on upstream diligence in that regard for all packages in main.
<teward> rbasak: indeed.  "OPTIONAL HTTP MODULES" was any optional modules that shipped with the nginx source code but were not third-party
<teward> and we have several changes.
<teward> enable http substitution support, enable 'stream' module, enable gunzip module, enable Thread Pool functions, all from nginx's upstream tarball
<teward> that's the only changes
<teward> though we *could* pull right from nginx.org's main repository for their open source version and base nginx-core on *that* instead
<teward> since they made that open-source and available recently
<teward> but i think it's easier to just clone nginx-full minus third-party modules
<teward> and none of these appear to be NACK'd by the security team
<rbasak> teward: +1
<nat0> Ugh I hate this fucking distro
<RoyK> nat0: tried anything better? ;)
<nat0> Yeah, almost anything else.
<RoyK> then why do you use it?
<nat0> Clients are always right, even when they're idiots.
<icezimm> RoyK: maybe a good question would be: "come here to complain will make things better?" heheh
 * RoyK is managing some 100+ rhel/centos machines and feel like he's in the stone age when doing so
<nat0> But seriously, how is it I need 500+GB of local mirrors to preseed deployment onto a new machine?
<RoyK> icezimm: perhaps better, yes
<icezimm> hehehe
<RoyK> icezimm: but then, I rarely use ubuntu on servers - turned my head back to debian
<nat0> Why does deploying trusty require a full wily and wily-update path?  Why doesn't disabling upgrades and PGP sig integrity in the preseed file prevent anna from 404ing upon not finding a wily-updates path for a trusty install.
<RoyK> nat0: sounds like you've done something funny
<nat0> I would agree, except it's been a week of combing over this server and finding no reason for it.
<rbasak> nat0: that doesn't sound right to me.
<rbasak> nat0: I don't think any of the things you mention are mandatory.
<rbasak> nat0: deploying one particular release certainly doesn't require any other.
<coreycb> zul, can you sponsor an upload to xenial for python-os-win?  https://code.launchpad.net/~corey.bryant/ubuntu/+source/python-os-win/+git/python-os-win/+ref/debian/mitaka
<DannyButterman> HI there
<DannyButterman> I need help reconfiguring a degraded RAID10 array
<DannyButterman> it seems like I have no swap anymore, the partition type is unknown and all my disks have 1MB of unused space
<patdk-wk> sounds normal
<DannyButterman> patdk-wk: Normal ? no swap ? cat /proc/mdstat showing only three devices and saying md0 (swap partition) is inactive ? Disk manager saying the new disk has unknown partition while it's MBR for the three others ? and the date partition on this disk is of type "oxfd" while it's "RAID auto Linux (bootable)" for the three other disks ? There are a lot of things which don't seem normal at all. I turn to this IRC as a last solution bec
<DannyButterman> ause Google is not halping
<DannyButterman> heping
<DannyButterman> helping !
<patdk-wk> so you checked everything, except your raid
<patdk-wk> if it says the md0 (swap) is inactive (bad, not working, missing, ...)
<patdk-wk> you need to make it active
<patdk-wk> first yo uhave to see why it's inactive (missing disks, corrupted, ....)
<patdk-wk> your problem is no different than, someone took the drive out of my computer, and now my drive missing, why
<patdk-wk> so first step is to ask mdadm what is wrong
<DannyButterman> padtk-wk: ok it may be inactive because I removed one faulty disk and replaced it by a new one. I did rebuilt the main array (md1) but could not do the same for the swap space (md0) So I guess it's why it's inactive, but how do I rebuild a swap space ?
<patdk-wk> I dunno, you haven't stated why md0 is inactive yet
<patdk-wk> I cannot guess
<patdk-wk> inactive != has a failed disk
<patdk-wk> inactive == offline, or all disks failed that are needed
<DannyButterman> patdk-wk: How can mdadm could tell me what is wrong with md0 ?
<patdk-wk> mdadm --detail /dev/md0
<DannyButterman> mdadm is stating the obvious: "md device /dev/md0 does not appear to be active" lol
<patdk-wk> hmm, different command
<DannyButterman> patdk-wk: which different command ?
<DannyButterman> patdk-wk: Perhaps I could add /dev/sdb1 (dedicated space for swap on new disk sdb) to the array, and it would be active then ? but how do I proceed ?
<DannyButterman> patdk-wk: anyway, thank you for paying attention
<EmilienM> zul: hey, how can I test mitaka-1 ? is https://launchpad.net/~ubuntu-cloud-archive/+archive/ubuntu/mitaka-staging tested & stable ?
<patdk-wk> DannyButterman, maybe, mdadm --examine --scan
<coreycb> EmilienM, it's not available yet
<EmilienM> coreycb: hey, ok good to know
<EmilienM> coreycb: do you have any timeframe? that's for puppet ci
<coreycb> EmilienM, hopefully in the next week we'll have mitaka-1 in -proposed
<EmilienM> coreycb: awesome!
<EmilienM> coreycb: can you ping me?
<coreycb> EmilienM, sure
<EmilienM> I'll work on the bump
<EmilienM> thanks coreycb :)
<coreycb> ddellav_, I just pushed python-oslo.messaging 3.0.0-1ubuntu2, so once that is built you should be back in business with ceilometer
<coreycb> s/pushed/uploaded
<DannyButterman> patdk-wk: it displays five arrays, first being /dev/md/0, second metadata third and fourth containers and last /dev/md/1
<sarnold> DannyButterman: hahahahaha
<sarnold> DannyButterman: thanks for the wonderful nickname :)
<patdk-wk> not much we can do, without seeing it
<DannyButterman> sarnold: congratulations, I've used it for years and you are the first to notice :D
<DannyButterman> patdk-wk:pastebin.com/QhzyTU6Z
<patdk-wk> hmm
<sarnold> DannyButterman: looks like there won't be a shortage of chunky monkey for the next month!
<patdk-wk> what if you do a, mdadm -A /dev/md/0
<DannyButterman> sarnold ^^
<DannyButterman> patdk-wk: no output for this command, no error either. It changes nothing regarding the mdadm examine scan output
<patdk-wk> it won't
<patdk-wk> but what does /proc/mdstat say?
<patdk-wk> no ouput should be, it worked
<DannyButterman> patdk-wk:pastebin.com/pW0cZsBu
<patdk-wk> odd
<patdk-wk> it marked all your disks as not active, but as spares
<DannyButterman> patdk-wk:what if I started over ? Removing the disk and again trying to rebuild the swap array and the data array ?
<patdk-wk> that would be my recommendation
<patdk-wk> I can only guess it was a raid0
<patdk-wk> I would not bother doing raid at all
<patdk-wk> just mount 4 seperate swap volumes
<DannyButterman> patdk-wk: it was a raid10, and still is for the /dev/md1. let's say okI do the four swap volumes. But how do I make the "new" disk MBR ? And the data partition on it, bootable ?
<patdk-wk> heh?
<patdk-wk> what does that have to do with swap or raid?
<patdk-wk> you don't boot to raid (normally)
<patdk-wk> and you do not boot to swap
<patdk-wk> if your asking about mbr now, it's too late
<patdk-wk> you have to set that up long before you touch thedisk
<DannyButterman> patdk-wk: That's waht the Disk manegr tells me for the three other disks. I find it odd that the new disk has a different partition type and its data volume has no bootable flag like the three others on the other disks ('RAID auto Linux (bootable)')
<patdk-wk> bootable flag is useless
<patdk-wk> you are installing grub
<patdk-wk> grub could care less about *bootable*
<patdk-wk> and yes, mbr cannot boot to a raid volume, it won't work
<patdk-wk> unless the raid is raid1 ONLY
<patdk-wk> so to set it bootable, is pointless, unless the mbr bootloader unstatands it, and it doesn't
<DannyButterman> patdk-wk: the how to's instructed me to do so for the bootable flag. About the mbr, I would expect the raid mecanism to replicate it also
<patdk-wk> if the mbr is replaced with grub (like normal), it will work, and grub doesn't use the bootable flag
<patdk-wk> raid mecanism?
<patdk-wk> the bios doesn't support raid
<patdk-wk> and the mbr is too small to handle raid (500 bytes)
<patdk-wk> or less, 450bytes?
<DannyButterman> software RAID logic I you prefer
<patdk-wk> yes but you need software to do software raid
<patdk-wk> I just said and explained, nothing that boots, understands it
<patdk-wk> so it won't work
<patdk-wk> grub supports raid, grub doesn't use the bootable flag, so pointless
<patdk-wk> if you had a raid1 /boot, then it could make sense, but you would still use grub, so still no need
<patdk-wk> when you boot your computer with ubuntu, it is pretty simple
<patdk-wk> bios -> mbr -> grub -> uuid of /boot
<patdk-wk> grub must be installed in a raid1 fasion on all *bootable* disks
<patdk-wk> so a mirrored copy on all of them
<ikonia> patdk-wk: most useful 1 line of the month, kudos
<patdk-wk> what one? :)
<ikonia> the boot process on raid
<ikonia> pretty much %99 of raid questions need that before they speak
<DannyButterman> patdk-wk: Following the RAID configuration in ubuntu 14.04 server install, with the help of howto's on RAID configuration ended up on what I explain. I would assume the ubuntu server install would not do stupid and useless things :s
<patdk-wk> stupid? no, useless, yes
<patdk-wk> it's not stupid, as it is a *human hint*
<patdk-wk> but it is rather useless, from a boot point of view
<ikonia> the raid install works just fine
<ikonia> you just have to understand the rules of raid
<patdk-wk> and the documents are not created to be sliplined and efficient
<patdk-wk> they are designed to be generic and mainstream
<ikonia> they also expect a level of knowledge
<DannyButterman> patdk-wk: ok but the install process did not ask me how I would like grub to be managed in the raid context, I don't even know how to tell it do do otherwise ("grub must be installed in a raid1 fashion on all *bootable* disks")
<patdk-wk> that is cause it's not an option, and the installer does it for you
<patdk-wk> it installed grub on all bootable disks
<patdk-wk> being every raid disk that holds /boot
<patdk-wk> as far as marking the partition bootable, that is likely just code leftover from old/before grub
<patdk-wk> it's not needed, it doesn't hurt anything
<patdk-wk> you can set it bootable if you want, no problems with that, but doing so won't *fix* anything
<patdk-wk> more important is, make sure you get grub reinstalled onto that disk
<DannyButterman> patdk-wk: OK, but the MBR partition type ? I did not ask it to do so. I only specified I wanted the volumes to be "primary" not "logical"
<patdk-wk> and?
<patdk-wk> is there something wrong with the type?
<patdk-wk> just change it, no issue there
<patdk-wk> grub won't care about it
<patdk-wk> mdadm I think will care some
<patdk-wk> but I do not think it will even care
<patdk-wk> most things use uuid these days
<patdk-wk> and the mbr infomation is just for human identification
<DannyButterman> And the three other disks are MBR partition type. The new one is not. I can't change it, nor I can't add the bootloader flag (I know it doesn't matter but it my "monk" side lol)
<patdk-wk> you mean mbr vs gpt?
<patdk-wk> that depends on your bios
<patdk-wk> gpt is better, supports disks > 2tb
<patdk-wk> has more *partitions*
<patdk-wk> though i find 1 or 2, more than enough
<DannyButterman> patdk-wk: I don't know if it's related to "MBR vs GPT" , it's just what the disk manager says, and I don't like when severeal disks that are supposed to have the same configuration, do not have the same configuration. And this MBR partition type listed in disk manager is one of these differences
<patdk-wk> well, change it
<patdk-wk> and set bootable if yo uwant
<patdk-wk> it's very simple to do
<patdk-wk> I have no idea how you created the partitions on the new disk
<patdk-wk> but that all has to be done manually by you
<DannyButterman> patdk-wk: the partitions were created by "sfdisk -d /dev/sda | sfdisk /dev/sdb" something like that
<patdk-wk> well, that will make an exact copy
<patdk-wk> assuming they did not use GPT anywhere
<patdk-wk> if the disks where gpt, instead of mbr, it would not work correctly, and have kindof random results
<patdk-wk> hmm, none of my disks have the boot flag set at all
<DannyButterman> patdk-wk: as far as disk manager can tell, it's not an exact copy alas
<patdk-wk> run gdisk -l on them and see what it says
<patdk-wk> Partition table scan:
<patdk-wk>   MBR: MBR only
<patdk-wk>   BSD: not present
<patdk-wk>   APM: not present
<patdk-wk>   GPT: not present
<patdk-wk> if any say gpt, than fdisk/sfdisk should not be used
<DannyButterman> patdk-wk: about the boot flag on the data volumes, it's something from the howto I used.
<DannyButterman> it's not from the server RAID install process
<ddellav_> coreycb, ok cool, let me know
<DannyButterman> patdk-wk:they're all MBR only
<coreycb> ddellav_, it's available in proposed now
<DannyButterman> Anyway, thank you so much for your time patdk-wk, bye
<ddellav_> coreycb, fantastic, thanks
#ubuntu-server 2015-12-15
<vikram_> Hi All
<vikram_> I am looking out for a allinone openstack package for openstack
<vikram_> can anyone plz suggest some .iso
<Walex2> vikram_: given the enormous number of OpenStack components that is a very vague question
<Walex2> vikram_: the "standard" way of doing OpenStack on Ubuntu server is via Juju "charms" though. Unfortunately both Juju and OpenStack tend to be amazingly buggy.
<vikram_> Walex2: oh
<vikram_> Walex2: I just want a basic openstack deployment model
<vikram_> i remember one ubuntu package for icehouse was released earlier
<ducasse> I'm setting up a home file server and was thinking of using ZFS to mirror the main data disks, but the machine hasn't got ECC memory. Should I still go with ZFS, or would it be better to use mdadm + ext4 or maybe btrfs?
<RickyB98> hello :)
<RickyB98> i configured sasl on postfix and dovecot, but my client can still use SMTP without logging in.. authentication works, but no login works too.. how can i restrict that?
<RickyB98> also, i configured mail to use Maildir/, doing MAIL=/home/myuser/Maildir/, but when i open an email with mail from mailutils, they get deleted and saved to mbox.. what's the variable to change that?
<RickyB98> anyone here?
<rbasak> !patience | RickyB98
<ubottu> RickyB98: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<RickyB98> i'm not repeating your question..
<RickyB98> my question*
<rbasak> "if nobody knows your answer, nobody will answer you"
<rbasak> Sorry I can't tune the bot's reply for the exact situation. It's close enough and I hope still helpful.
<RickyB98> however, someone in #ubuntu told me to come here.. now i was being answered there, should i go back there?
<RickyB98> going to idle here anyway, not gonna run away after 5 minutes :P
<ziyourenxiang> RickyB98: by client do you mean an external machine connecting to yoru postfix over SMTP and relaying?
<RickyB98> client as in a mail client, could be thunderbird or anything
<RickyB98> i'm using mac's default atm
<matt_dupre> ducasse: I've been running ZFS without ECC for years and never noticed any problems.  I'm not really qualified to judge the risk vs non-ECCed mdadm / btrfs, but personally I wouldn't consider it a factor in deciding between them.
<ducasse> matt_dupre: OK, thanks. Is it a good choice for a small, home fileserver?
<matt_dupre> ducasse: I like it: I actually run on FreeBSD, but I hear ZFS on Linux has come on a long way.  I think the biggest weakness is that it can be tricky to add disks later on.
<ducasse> matt_dupre: I though one of it's strengths was that is was easy to expand by adding disks, but that might not be true for mirrors - I don't know.
<matt_dupre> (For example, you can't add a disk to a RAIDZ, so you can't just buy an extra disk every couple of years.  Big upgrades (e.g. doubling capacity) are usually simpler.
<matt_dupre> Yeah, mirrors are easier
<ducasse> matt_dupre: that's what I will be doing. If I set up 2x3TB now I can expand with two new disks later, right?
<matt_dupre> Yeah, you can go from a RAID1 to a RAID10
<ducasse> matt_dupre: OK, thanks. I think I'll go with ZFS because there's a possibility I will move to either FreeBSD or FreeNAS later, and then I should be able to just export/import the pool, according to everything I've read... Besides, I'm not sure if btrfs is really a good alternative yet.
<matt_dupre> Yeah, as long as you take care to create the pool at the minimum version supported across everything.
<matt_dupre> Other bit of creation-time advice is to try to get the right ashift (google it).  Your drives are probably 4k sectors internally, but report as being 512byte.
<ducasse> matt_dupre: I know about the ashift thing, all drives use 4K physical, 512 logical, so I'll use 12. Also I think FreeBSD is generally ahead of ZoL in what feature flags are supported, so that should be fine. Thanks a lot for your advice!
<coreycb> jamespage, I've been struggling for too long to get hypothesis test failures situated, so I'm going to drop hypothesis from python-cryptography for now.  It only affects one test function.
<jamespage> coreycb, okay
<wojtczak> my ubuntu server doesnt boot, I've installed it via debootstrap on lvm and raid. made sure to configure network, grub in chroot. now the server doesnt respond, back in rescue mode I don't see network interfaces in dmesg. I've tried adding ixgbe module to /etc/modules but this does not help. https://gist.github.com/sabcio/5a8dea26ecee26af5fa5
<MACscr> ok, so im booting servers through pxe iscsi root and using the same initdrd.ig for all servers. The problem is that i need a unique /etc/iscsi/initiatorname.iscsi in initrd for each host. Any way to dynamically create it? ive seen ways to do it with sysconfig on a redhat based system, but no clue for ubuntu/deb
<Walex2> wojtczak: you may have to add them to the 'initrd'
<MACscr> Walex2: was that meant for me or was someone else talking about initrd before i got in here?
<wojtczak> Walex2: thx, something to google about
<MACscr> ah, guess you were. lol
<coreycb> jamespage, can you sponsor my changes for xenial?  https://git.launchpad.net/~corey.bryant/ubuntu/+source/python-cryptography/
<coreycb> jamespage, it builds successfully
<smoser> magicalChicken, rharper i tried to write some of the things i think are next on the list for curtin at
<smoser>  https://public.etherpad-mozilla.org/p/curtin-work-201512
<magicalChicken> smoser: Nice
<magicalChicken> smoser: I had started doing some work on separating logic between block and block meta last night
<magicalChicken> smoser: https://code.launchpad.net/~wesley-wiedenmeier/curtin/partitioning-cleanup
<smoser> looking
<coreycb> zul, can you sponsor this for xenial?  https://git.launchpad.net/~corey.bryant/ubuntu/+source/python-cryptography/
<zul> coreycb: yeah lemme finish what im doing first
<coreycb> zul, sponsoring it
<coreycb> :)
<coreycb> zul, I dropped hypothesis from python-cryptography for now because it's tests don't run and I've had trouble getting them running successfully.  It only affects one test function for python-cryptography.
<smoser> magicalChicken, why 'extra_init' ?
<magicalChicken> smoser: Ah, yeah, I know that's a little ugly
<magicalChicken> smoser: The idea was that the BlockDevice class could be the parent of Disk as well as Partition
<smoser> well, i agree with that.
<magicalChicken> smoser: And possibly the virtual filesystem layers as well, and I wanted to keep as much common functionality in the super class as possible
<smoser> but super() is the typical way of doing that. no?
<magicalChicken> smoser: Yeah, I guess that would probably be better, it's probably not great to try to just have one __init__
<smoser> and then generally, when you're doing something.. unless you have a reason to merge with a branch from somewhere other than trunk, you should avoid that.
<smoser> to just keep a branch doing 1 thing.
<magicalChicken> smoser: Yeah that makes sense
<magicalChicken> smoser: I was thinking I could add a Disk.wipe() function that could call the block.wipe_volume function
<magicalChicken> smoser: But yeah, it would probably have been better to wait to merge that
<smoser> right.
<smoser> the other htig is that we have 2 types of block devices. one that is "to be done" and one that is existing now.
<smoser> BlockDevice(dev="/dev/vda")
<magicalChicken> smoser: yeah, that makes sense
<smoser> BlockDevice(config={'id': 'abc', 'type': xx}
<magicalChicken> smoser: This code should handle that okay though I think
<magicalChicken> smoser: You can create a disk based on the path it already has
<magicalChicken> smoser: maybe a function to determine the difference between a config and what exists would be good
<zul> coreycb: done
<smoser> magicalChicken, right. essentially a factory
<rharper> smoser: reading
<magicalChicken> smoser: I was also thinking instead of going through config elements one at a time we could unflatten the config into a hirearchy of BlockDevice instances
<magicalChicken> smoser: And apply the config from the top down
<smoser> i think that is generally necessary, yes
<magicalChicken> smoser: That should be faster, because we could create all the partitions in one go and keep track of state on everything
<rharper> if we have the order, it'
<rharper> it's also possible to run some of those in parallel
<rharper> no reason I can create a partition on 5 different devices at the same time either (though that's performance enhancement for later)
<smoser> i didnt realize we were creating each partition individually.
<smoser> stil
<magicalChicken> rharper: yeah, that would be pretty nice
<smoser> yeah, ./split-disk.py /dev/vdb 32
<smoser> is taking a while :)
<rharper> hehe
<coreycb> zul, thanks, appreciate it
<magicalChicken> smoser: Yeah, the way the partitions are made right now is kinda slow...
<smoser> rharper, i'm not opposed to parallel. but i'm not happy with the predictability of the whole system as it is . i dont feel a strong need to add more to races to it. :)
<rharper> smoser: magicalChicken, also, I think we need to look again at the udevadm settle bits, there are some extra flags like the --exit-if-exits=/path/to/file/
<rharper> smoser: for sure; I'm highlighting some opportunity once we switch away from in-order handling
<magicalChicken> rharper: yeah, that would definitely help the current devsync fix
<magicalChicken> rharper: also, refactoring like this would mean that we could keep track of whether or not we've synced with udev for each device
<smoser> hm.
<nat0> Is there any debian-installer instruction that can be passed thru a preseed file to tell anna-installer not to check for upgrade paths on the repo mirror?
<nat0> It's truly bizarre how this is only a problem when deploying new ubuntu machines and not vanilla debian ones...
<smoser> nat0, sorry, cant help.
<nat0> ;_;
<smoser> rharper, magicalChicken so, i never recognized this before
<smoser> but there is a device node availability limitation that means more than 16 partitions is odd.
<smoser> ie, /dev/vda16 wont get created nor will /sys/class/block/vda16 exist
<rharper> yeah, the minor number space right ?
<smoser> right
<rharper> yeah, hence lvm
<magicalChicken> wow, I didn't know that
<magicalChicken> so should we check if the partitioning config has more than 16 parts on a disk?
<magicalChicken> or is that something that we should trust the config generator to do?
<patdk-wk> would be more than lvm, should apply to all block devices
<patdk-wk> such as putting >16 partitions into a gpt disk
<smoser> http://paste.ubuntu.com/14029368/ <-- some info on it.
<smoser> patdk-wk, right. thats just what i did ^. i put 20 partitions on a gpt disk, and only 15 of the partitions have block devices.
<rharper> patdk-wk: lvm and devicemapper can work around it by allowing new device node space to map to other parts of the disk
<patdk-wk> oh, he meant lvm as a solution :)
<rharper> that's why I mentioned lvm
 * patdk-wk doesn't like lvm
<RoyK> patdk-wk: why not?
<patdk-wk> it goes ontop of the devicemapper stack
<patdk-wk> and I have noticed nothing but write latency issues when I use that
<RoyK> so what if it works?
<patdk-wk> it seems to buffer my writes for a few seconds
<patdk-wk> causing horrible issues on some of my servers, and on my workstation
<patdk-wk> remove lvm/devicemapper, no more random stalls while it writes
<RoyK> patdk-wk: then something is probably bad somewhere else - I'm using it on 150 servers and it works well for me ;)
<patdk-wk> heh? you should know that is not the definition of *it works*
<patdk-wk> the ONLY change, was to remove lvm
<patdk-wk> and the problems went away
<patdk-wk> no hardware changes
<patdk-wk> nothing else
<smoser> interesting, even if you worked around this limitation by having dm magically create device nodes named /dev/vdb16 that did what it *should* do it wouldnt appear the same in /sys/class/block as /dev/vdb15 does . the reader would have to know about dm to understand it.
<patdk-wk> had the issue here on ubuntu 10.04/12.04, and on rhel5
<RoyK> patdk-wk: I've never seen 2-3secs latency
<patdk-wk> royk, there are kernel settings for it
<RoyK> patdk-wk: what sorts?
<patdk-wk> they might have changed, I had adjust them, but never could find ones that seemed to work better
<RoyK> patdk-wk: got any docs on this?
<patdk-wk> looking
<patdk-wk> back when I cared to fix this issue, I did :)
<patdk-wk> but been a few years
<RoyK> patdk-wk: it just seems strange, after all, centos/rhel has been shipping with lvm by default for years
<patdk-wk> yes, and I was having all kinds of issues on a very busy webserver
<patdk-wk> removed that lvm from it, issues went away
<RoyK> strng
<patdk-wk> but it seemed to me, if I remember write, it was getting buffered twice into the write buffer or something like that
<patdk-wk> adjust vm.dirty_writeback_centisecs would help to a point
<patdk-wk> heh, cannot remember the right things
<patdk-wk> but I had the isuse on several different machines, the result was always the same, it would feel like the machine just froze up for several seconds, while it dumped a bunch of writes to disk, then go back to normal
<patdk-wk> and only happened with using devicemapper
<smoser>  https://bugs.launchpad.net/curtin/+bug/1526437 <-- magicalChicken rharper
<ubottu> Launchpad bug 1526437 in curtin "should refuse to partition disk with more than 15 partitions" [Low,Confirmed]
<magicalChicken> smoser: Makes sense
<magicalChicken> smoser: I can add a check for that in partition_handler sometime today
<smoser> magicalChicken, give yourself a name at $ sudo /tmp/even-partition /dev/vdb 20
<smoser> size=40960M numparts=20 partitions_of=2047M label=gpt dev=/dev/vdb
<smoser> curstart=2048 curend=4194304 part=0
<smoser> curstart=4194304 curend=8386560 part=1
<smoser> curstart=8386560 curend=12578816 part=2
<smoser> curstart=12578816 curend=16771072 part=3
<smoser> curstart=16771072 curend=20963328 part=4
<smoser> curstart=20963328 curend=25155584 part=5
<smoser> curstart=25155584 curend=29347840 part=6
<smoser> curstart=29347840 curend=33540096 part=7
<smoser> curstart=33540096 curend=37732352 part=8
<smoser> curstart=37732352 curend=41924608 part=9
<smoser> curstart=41924608 curend=46116864 part=10
<smoser> curstart=46116864 curend=50309120 part=11
<smoser> curstart=50309120 curend=54501376 part=12
<smoser> curstart=54501376 curend=58693632 part=13
<smoser> curstart=58693632 curend=62885888 part=14
<smoser> curstart=62885888 curend=67078144 part=15
<smoser> curstart=67078144 curend=71270400 part=16
<smoser> curstart=71270400 curend=75462656 part=17
<smoser> curstart=75462656 curend=79654912 part=18
<smoser> curstart=79654912 curend=83884032 part=19
<smoser> created 20 partitions on /dev/vdb
<smoser> $ ls -l /sys/class/block/vdb* -d
<smoser> lrwxrwxrwx 1 root root 0 Dec 10 18:58 /sys/class/block/vdb -> ../../devices/pci0000:00/0000:00:04.0/virtio2/block/vdb
<smoser> lrwxrwxrwx 1 root root 0 Dec 15 16:25 /sys/class/block/vdb1 -> ../../devices/pci0000:00/0000:00:04.0/virtio2/block/vdb/vdb1
<rharper> heh
<smoser> lrwxrwxrwx 1 root root 0 Dec 15 16:25 /sys/class/block/vdb10 -> ../../devices/pci0000:00/0000:00:04.0/virtio2/block/vdb/vdb10
<smoser> lrwxrwxrwx 1 root root 0 Dec 15 16:25 /sys/class/block/vdb11 -> ../../devices/pci0000:00/0000:00:04.0/virtio2/block/vdb/vdb11
<smoser> lrwxrwxrwx 1 root root 0 Dec 15 16:25 /sys/class/block/vdb12 -> ../../devices/pci0000:00/0000:00:04.0/virtio2/block/vdb/vdb12
<smoser> lrwxrwxrwx 1 root root 0 Dec 15 16:25 /sys/class/block/vdb13 -> ../../devices/pci0000:00/0000:00:04.0/virtio2/block/vdb/vdb13
<smoser> lrwxrwxrwx 1 root root 0 Dec 15 16:25 /sys/class/block/vdb14 -> ../../devices/pci0000:00/0000:00:04.0/virtio2/block/vdb/vdb14
<smoser> lrwxrwxrwx 1 root root 0 Dec 15 16:25 /sys/class/block/vdb15 -> ../../devices/pci0000:00/0000:00:04.0/virtio2/block/vdb/vdb15
<smoser> lrwxrwxrwx 1 r
<rharper> magicalChicken: I'd wait until we're building the config hierarchy, we'll instantly know then (rather than just checking if the current partition exceeds the limit)
<smoser> oh crap
<smoser> shame on smoser
<smoser> shame
<smoser> https://public.etherpad-mozilla.org/p/curtin-work-201512
<magicalChicken> rharper: Yeah, that makes sense
<magicalChicken> smoser: lol
<smoser> magicalChicken, so i think the first thing to do is to get "create a set of tests that run multiple storage configs serially"
<magicalChicken> smoser: Yeah, that makes sense
<smoser> with minimal cleanup or improvement involved
<magicalChicken> smoser: Maybe the best thing to do would be to just write a script to do multiple installs in a vm and communicate with it via http or something
<smoser> and then we will heavily rely on those tests to ensure that otherthings are working well.
<smoser> i think we specifically want to shortcut 'install'
<rharper> smoser: we also talked about running multiple curtin install commands
<magicalChicken> yeah, 90% of the time is spent doing extract/curthooks right now
<rharper> it could be a payload of configs, and running curtin install on each one in sequence
<smoser> rharper, testing suport for how subiquity calls curtin is important. i'll agree with that.
<magicalChicken> I think that one platform could be used for both goals though
<smoser> i just want to test storage config specifically.
<magicalChicken> we just need a way to start a vm, then from a test script pass in configs to partition or configs to install
<smoser> i'm not opposed at all to running 'nosetests tests/vm-storage-tests/' inside a vm
<magicalChicken> yeah, that would work pretty well
<magicalChicken> and we could just have a data partition like with vmtests where it could write it's results as it runs
<teward> anyone willing to sanity-check the nginx merge debdiff for me, out of curiosity?  Hate to ask, but as I've been working on this since 11:00 yesterday (with an 8 hour break overnight for sleep!)... it could use another check
<smoser> right.
<magicalChicken> I can get started on that now, I can't really find any decent way to identify a disk to udev on Trusty
<smoser> teward, if you pastebinit, i can say "that looks too long for me to review right now".  ie, i can take a very cursory look.
<teward> smoser: would an uploaded-to-launchpad link work?  https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1510096/+attachment/4535172/+files/nginx-merge_debian-vs-ubuntu_nginx_1.9.6-2_1.9.6-2ubuntu1.debdiff
<ubottu> Launchpad bug 1510096 in nginx (Ubuntu) "Please merge 1.9.6-2 (main) from Debian Unstable (main)" [Wishlist,In progress]
<teward> SILENCE, bug bot >.<
<smoser> magicalChicken, lets try to separate out the copying of results somewhere from the running of the tests.
<smoser> and even separate the tests by number of disks required or something.
<teward> smoser: it *should* be fine, the larger merge debdiff from 1.9.3 -> 1.9.6 aincluded is on the bug
<magicalChicken> sure, okay
<teward> (but that debdiff there compares Debian to the merge itself, to see what's actually changed there)
<smoser> as ideally i'd like to be able to launch a vm somewhere, and then just type: nosetests tests/vm-storage-config
<smoser> and skipIf@ the ones that aren't going to run for me.
<smoser> teward, i was afraid you were going ot say 'merge' :)
<teward> smoser: it is a merge :)
<smoser> always so hard to do that.
<teward> smoser: i've got both debdiffs present, force of habit
<teward> it builds.  it runs.  it IDs as the updated software.
<teward> and because Sec team mandates it, HTTP/2 is disabled
<teward> the headache is it expands the delta
<smoser> have you looked at all at rbasak's process for merges ? its really good. separating out the 'logical ubuntu delta' into a set of patches.
<smoser> https://github.com/basak/ubuntu-git-tools
<teward> yeah i have, except I've never been able to get a handle on his process...
<teward> and the 'logical ubuntu delta' is the one i did link here
<teward> (all the stuff from the previous merges included, plus additional *new* mandates from the sec team)
<teward> (i.e. the Ubuntu branding, ubuntu-core added, the apport hooks we had to add for Wily+...
<teward> i should probably put this down for a day and relax :/
<teward> i can wait for rbasak to once-over it
<teward> though i can easily upload direct :P
<smoser> teward, you seem to have done a careful job, but i think i dont have time to review at the moment.
<smoser> magicalChicken, do you have a reason taht you have used 'partprobe' rather than 'blockdev --rereadpt' ?
<magicalChicken> smoser: not really, I assumed they did the same thing pretty much
<magicalChicken> smoser: I know partprobe triggers the udev events for creating the block device
<smoser> yeah. they are definitely different. and partprobe is smarter i think.  watch 'udevadm monitor' and run each. partprobe generates a lot more interaction.
<smoser> i think the difference is that partprobe is actually reading the partition table itself, and telling the kernel about it. where rrpart is just telling the kernel "hey, reread the table there".
<magicalChicken> smoser: that makes sense
<magicalChicken> smoser: I guess we don't actually need to read the table ourselves then
<magicalChicken> smoser: I think once we stop doing everything in steps and write the whole partition table in one go then we won't really need to do that anymore
<smoser> magicalChicken, well just suspect we dont need to do it now.
<magicalChicken> tjat
<magicalChicken> *that's probably true
<smoser> tjat
<smoser> well said
<magicalChicken> lol
<smoser> magicalChicken, one other thing 'll add to thath pad.
<smoser> nicder subprocess execution output log
<smoser> http://paste.ubuntu.com/14025172/
<magicalChicken> smoser, yeah that would be nice to do
<magicalChicken> smoser, we don't need to show all stdout when curtin fails, we could always write stdout to a tmp file, but including it in the logs takes up a lot of space
<smoser> i think we want it in the log. i dont care about space. i just want to easily see the error.
<magicalChicken> okay, yeah. it shouldn't take too much work to get it to print with proper formatting
#ubuntu-server 2015-12-16
<profall> Hello
<profall> so a - (negative) nice value
<profall> means the process has more priority?
<sarnold> yes
<lordievader> Good morning.
<selinuxium> Hi all, completely new at all things Docker/Juju/Chef/Ansible/etc... I have a spare Wily Laptop 4 cores with 8gb to playground on... Any suggestions on where to start? (Apart from the obvious limitations of the laptop) :)
<ikonia> selinuxium: start with what ?
<selinuxium> I am interested in server/application automation. I am not sure on the differences between the differnet orchestration tools. ShoudlI use Juju with Docker for instance? Is it a better idea to learn Juju on it's own? Am i barking up the wrong tree entirely?
<ikonia> just have a play, do some research
<ikonia> everyone has different needs
<lordievader> selinuxium: Start of small and work your way up.
<selinuxium> :)
<dasjoe> There's still https://www.reddit.com/r/linuxadmin/comments/2s924h/how_did_you_get_your_start/cnnw1ma
<coreycb> jamespage, can you sync python-openstacksdk from experimental?  it builds ok on xenial.  it's a dep of python-senlinclient which is a dep of heat.
<coreycb> I don't have permission to sync it
<coreycb> jamespage, actually I think we need a new release of that so I'll work on that
<jamespage> coreycb, ack
<Yossarianuk> hi - can anyone explain why I see different environment variables  -> using cat /proc/PID/enviorn  if I use 'service [daemon] start compared to /etc/init.d/[daemon] ?
<Yossarianuk> i.e I have variables in /etc/environment  - if I use 'service  [daemon] start I cannot see the env variables using 'cat /proc/[PID]/environ
<Yossarianuk> but can if I use /etc/init.d/[daemon]
<MACscr> did i just disable this service from automatically starting or did it just state that an startup link doesnt exist? http://pastie.org/pastes/10636134/text?key=mvzsl8twaufflytdp8phqq
<Yossarianuk> ive found the answer to my question -> http://unix.stackexchange.com/questions/44370/how-to-make-unix-service-see-environment-variables
<davegarath> MACscr: tgt should be handed by its conf file in /etc/init/...
<MACscr> davegarath: so i just remove the file if i dont want  it to auto start?
<MACscr> i need to create some other checks first
<MACscr> and then just start it manually
<MACscr> dont want any iscsi targets up until my gluster volume is verified mounted
<davegarath> MACscr: you can configure tgt with dependencies with glusterfs. It will not start ultil gluster is ready
<MACscr> davegarath: gluster as service running is different than a particular gluster volume beeing mounted
<MACscr> being
<davegarath> MACscr: you can write a service ad-hoc
<MACscr> i have no idea what im doing though, so it might still be possible
<davegarath> MACscr: btw, instead removing the file I suggest you to disable it at your runlevel ( I suppose 2 )
<MACscr> wasnt there
<MACscr> seems like such a nasty way to handle a service starting up or not
<icezimm> hello, I'd like to know if its possible to install maas on 15.10 and provision openstack on 14.04?
<icezimm> I'm facing some problemsâ¦ just would like to validate this setup
<coreycb> jamespage, it looks like ironic's not doing b's rc's anymore, so I'll plan on packaging 4.3.0
<coreycb> ddellav, ^
<teward> rbasak: ping, but if you're busy disregard
<rbasak> teward: o/
<teward> rbasak: post-ping my laptop died, apologies.  Care to review the merge debdiff for me prior to upload?
<teward> sarnold did a once over yesterday, but another set of eyes is appreciated
<rbasak> teward: sure. In the bug?
<teward> should be, both the huge one (1.9.3-1ubuntu1 ->  1.9.6-2ubuntu1) and the small one (1.9.6-2 (Debian) -> 1.9.6-2ubuntu1 (merge))
<teward> if all checks out i'll upload ASAP
<teward> though i may have to beat my laptop to make the power work
<rbasak> OK, looking.
<teward> rbasak: thank you kindly!  :)
<teward> (after beating my head on that for over 20 hours overall, every sanity-check is appreciated)
<teward> oh, and sec team mandate was followed too (and I even confirmed it)
<rbasak> teward: how thoroughly do you want me to review this? Superficially looking at just the diff it looks like a high quality merge. Everything looks good in principle.
<teward> rbasak: basic sanity checks :)
<rbasak> teward: I haven't exhaustively examined it though, like for example checking each configured module in -core etc.
<rbasak> teward: all basic sanity checks passed. Thank you for the merge. Excellent work!
<teward> rbasak: i don't need that thorough a check - the third party stuff has to be added with --add-module flags, which are excluded in the common build flags and excluded in the -core build flags entirely.
<rbasak> Ah, that's good.
<teward> the only changes were to copy-paste the full configure args up, and remove the --add-module stuff
<teward> that and description changes due to the HTTP/2 thing from the sec team
<rbasak> One moment
<rbasak> teward: I wonder how much of a surprise HTTP/2 missing will be for users, and where we might be able to call it out specifically.
<rbasak> teward: just to avoid your pain in filed bugs.
<rbasak> teward: maybe call out specifically in the description that HTTP/2 is not built for security reasons? Or in README.Debian? I'm not sure how much that will help though, so it's entirely up to you.
<rbasak> (rather than just removing it from the list which could appear to be a mistake even though it isn't)
<rbasak> Admittedly you have documented it in the changelog.
<rbasak> So it's just a case of deciding where appropriate will minimise user confusion.
<rbasak> rharper: great work with bug 1511735, thanks.
<ubottu> bug 1511735 in libnl3 (Ubuntu Trusty) "libnl: fail to bind() netlink sockets" [Undecided,New] https://launchpad.net/bugs/1511735
<rbasak> rharper: are you happy on the regression risk to SRU this?
<rbasak> rharper: a couple of really minor things. Can you explain in the changelog why we're SRU-ing (ie. what bug we're fixing) as well as the patches you've applied? Because some users are very selective about what SRUs they accept and the changelog helps them make that decision.
<rbasak> rharper: and one even more minor thing which I wouldn't worry about fixing, but for next time. I really appreciate the detail in the dep3 headers, just note that Last-Update values technically should be hyphenated.
<rharper> rbasak: thanks for the feedback.  I'm pretty sure in the changelog I recorded which bug we're fixing and which patches I applied
<rharper> certainly can make sure we split up the DEP3 date header, sorry about that;
<rharper> rbasak: the submitter mentioned that 3 of the patches are upstream but not in 3.2.26, which is what's currently targeted for xenial, wondering if we then should merge upward to 3.2.27 (which would include all of the fixes we;re applyin to trusty)
<rharper> rbasak: I have to run to an appt; I'll sync up with you; thanks for the feedback
<rbasak> rharper: yes, you did record the bug number and which patches you were applying. I'm asking for a short description of what you're fixing in the changelog though so others don't have to look up unless they want more info than a short summary.
<rbasak> rharper: np. Thank you for your work!
<rbasak> rharper: we don't want to end up in a situation that Trusty has bugs fixed that Xenial doesn't, since then users would experience regression on upgrade.
<rbasak> rharper: so we can cherry-pick into Xenial, or bump to 3.2.27 if you like.
<rbasak> rharper: either way we'll then need to sync in future once Debian has caught up.
<teward> rbasak: upload will be delayed thanks to power issues on my system :/
<teward> but it will eventually get uploaded
<rbasak> np
<beisner> jamespage, precise-icehouse proposed full deploy tests look good.  tempest results are == precise-icehouse updates.
<beisner> jamespage, also:  wily-liberty-proposed + trusty-liberty-proposed looks good.  tempest results are == liberty-updates.
<rharper> rbasak: I'll look at a merge for libnl-3 in Xenial, if that's clean( I think it should as libnl-3 in trusty had no ubuntu patches) then that'll be the best
<rharper> s/merge/sync
<rbasak> rharper: I don't think Debian have the version you need yet?
<rharper> bah
<rharper> ok
<rbasak> rharper: if so then just plain version upload is fine, rather than a merge, if you want to go that route.
<rbasak> And then sync from Debian when they do upload the newer one.
<rharper> Nicolas offered to rebase the patches versus the version in Xenial now
<rbasak> Probably polite to file a bug with them, give them patches, etc.
<rharper> but I'll defer to you for the best course of action
<rharper> so, we'd get an upload of a new release in Ubuntu, file a debian bug against version in unstable , send patches with the bug ?
<rbasak> rharper: right.
<rharper> rbasak: cool, I updated the bug with the suggested direction
<rbasak> rharper: cherry-picking upstream patches or updating to the latest upstream release in Ubuntu ahead of Debian are both fine.
<rbasak> rharper: it's just down to time and effort you want to commit, both now and in future maintenance. I think that depends on the patches so you're best to judge that.
<rbasak> Updating ahead of Debian risks less support from Debian if we don't sync before Xenial's release, which depends on Debian's schedule.
<rharper> everything is already upstream, so I don't think we have any real patch maintenance; but I don't see much risk in just uploading the latest since the delta we carry is debians which is all packaging related
<rharper> ah, ok
<rbasak> But it might be so minor as not to matter.
<rbasak> Cherry-picking is the same - we risk having to maintain something diverged from upstream if we don't end up updating before Xenial's release.
<rharper> ok, if we get the Debian bug filed and patches applied, then we can just sync that version into Xenial
#ubuntu-server 2015-12-17
<Logos01> Anyone here able to help me work out an issue with a new install?  I am unable to automatically mount LVM mountpoints.
<Logos01> They mount perfectly fine when I run the mount command manually providing the fully qualified device path; but if I try using the fstab entries then I receive an error, "mount: special device /dev/mapper/vg-lv_opt does not exist"
<Logos01> That is to say, If I execute "mount /dev/mapper/vg-lv_opt /opt" ... then it mounts. But just calling "mount /opt" (or booting the OS, or calling "mount -a") gets the above error.
<sarnold> can you pastebinyour fstab?
<sarnold> does ls -l /dev/mapper/ before you try any mounts look sane?
<Logos01> sarnold: I'm talking to you *from* those mounts right now, actually; and yes it does.
<Logos01> I booted the OS up by manually mounting the entries in fstab.
<Logos01> But just a sec
<sarnold> Logos01: heh, I figured it might be hard :/ heh
<Logos01> sarnold: http://pastebin.ubuntu.com/14069921/
<Logos01> sarnold: This is a completely new one to me.
<Logos01> I mean, yeah -- the vg is actually named "vg_ogd-itd002l" ... but the manual mount command successfully executes w/ the /dev/mapper filename which is w/ "vg_ogd--itd002l"
<Logos01> I've removed and rebuilt the initrd a number of times; I've tried reinstalling lvm2 repeatedly
<Logos01> I've got a *separate* issue right now where I seem unable to sssd auth on this system (like I had with my other ubuntu machine; but I'm working that separately and think I'm onto something there.)
<Logos01> sarnold: swapon behaves the same way.
<Logos01> swapon -a fails; swapon /dev/mapper/vg_ogd--itd002l_lv_swap works.
<sarnold> Logos01: sorry, it looks sane to me, no idea..
<Logos01> Yeah...
<Logos01> Crap.
<sarnold> sticking / on lvm feels funny to me, it feels like the sort of thing I' might to avoid just because it sounds difficult.
<sarnold> but it _really_ should work.
<sarnold> it can't be that crazy to want that, right? :)
<Logos01> sarnold: It's default practice.
<Logos01> You just keep /boot outside of it.
<Logos01> Technically you can just do /boot/grub these days, but using / on lvm w/ /boot outside has been the norm for over a decade.
<Logos01> sarnold: Here's what's better for you ...
<Logos01> the recovery shell successfully mounts /
<Logos01> initrd does that is.
<Logos01> But mount -a still complains about the special device not existing.
<sarnold> .. it's all the others that give you trouble :)
<sarnold> ha
<Logos01> sarnold: No, it does too -- it just reports that error and then executes the manual mount execution on it's own.
<Logos01> I wonder if this isn't some sort of AppArmor thing.
<Logos01> I have auditd enabled but it's not showing me anything like SELinux's AVC errors.
<sarnold> that'd be easy to check, dmesg | grep DEN
<sarnold> ah, then grep DEN /var/log/audit/audit..og
<Logos01> 'dmesg | grep DEN' comes empty.
<sarnold> ah, then grep DEN /var/log/audit/audit.log
<Logos01> same for audit.log
<Logos01> But good to know. :)
<Logos01> Is there a way to increase mount verbosity beyond just calling mount -v?
<Logos01> strace maybe ... need to wait for this system update to complete then.
<Logos01> (It's got some 600 something packages to update. I enabled the universe/multiverse/restricted packages for trusty, and the main/universe/multiverse/restricted packages for trusty-backports trusty-security trusty-updates in the hopes that maybe this is just an outdated package problem.
<Logos01> )
<sarnold> trusty-backports is slightly iffy, I'm not sure that gets much attention / traffic / etc..
<Logos01> I've used it for some time without any problems I've been able to discern, on other systems.
<Logos01> So it's an environment I'm accustomed to.
<Logos01> Okay here's an interesting quirk.
<Logos01> Just modified /etc/fstab to use the /dev/dm-N entry for /opt
<Logos01> And then called "mount /opt"
<Logos01> That worked.
<Logos01> When I call "mount", it shows the "/dev/mapper/vg_ogd--itd002l-lv_opt" path rather than "/dev/dm-7"
<Logos01> O_o
<Logos01> I wonder...
<Logos01> Huh.  Changing it to /dev/vg_ogd-itd002l/lv_opt *ALSO* worked.
<Logos01> ARGH
<sarnold> odd
<Logos01> sarnold: No, it's really not.
<Logos01> Look at my pastebin again.
<Logos01> Look at the character between the vg and lv and tell me if you spot anything.
<Logos01> Namely; is it a "_" or is it a "-" ?
 * Logos01 facedesks
<sarnold> argh :)
<Logos01> Man.
<Logos01> I will note that I manually wrote the fstab
<Logos01> Now onto why my AD users can't authenticate.
<Logos01> sarnold: Maybe you have a clue about this one, specifically -- I installed sssd for centralized auth, but Ubiquity (desktop, yes, I know) is not allowing SSSD users to log in -- only local.
<sarnold> Logos01: I don't know much about sssd.. I think I'd start looking at /etc/pam.d/lightdm and go from there
<teward> sarnold: ping
<teward> nginx uploaded successfully, let me know if there's any other issues that come up (next 'leg' would be to get 1.9.9 in but i'm not planning to work on that until after the new year)
<sarnold> thanks teward :)
<Logos01> sarnold: Looks like there's some lightdm configuration you have to do to allow manual user logins.
<Logos01> sarnold: Here's a new one on me. I can only do succcessful DNS resolution on unqualified domain names right now.
<Logos01> (Internal domain)
<sarnold> Logos01: does it change if you request e.g. google.com. vs google.com  (no dot)?
<Logos01> Haven't tried external
<Logos01> External works either way.
<Logos01> Internal ... "ads01." does not resolve; "ads01" does.  "ads01.internal.domain" does not.
<sarnold> ads01.internal.domain.  ?
<Logos01> sarnold: No dice.
<Logos01> sarnold: Aaahh -- it was /etc/nsswitch.
<Logos01> nsswitch.conf that is
<Logos01> "hosts: files mdns4_minimal [NOTFOUND=return] dns" needed to just be "hosts: files dns"
<Logos01> And now SSSD is working.
<Logos01> Time to restart lightdm and see if the rest is as well
<sarnold> Logos01: _eww_ ;/
<sarnold> I mean, great that you nailed that down, but still.
<Logos01> sarnold: I blame my people's AD -based DNS and how it's configured.
<sarnold> odd that I've got a similar config but never noticed errors
<Logos01> sarnold: What I was implying was that my group's particular setup of AD DNS makes that reply invalid for my environment
<Logos01> Thus breaking kinit, thus breaking sssd authentication (which more or less wraps around kinit)
<sarnold> Logos01: did you get everything sorted out?
<Logos01> sarnold: I in fact did, yes. All was good. Turns out it's not /etc/lightdm/ anymore, by the way.
<Logos01> Different file directory location. People just can't have nice things; gotta change it all up up in hurr
<adun153> Where can I get ceph Hammer binaries/packages for Ubuntu 14.04.3? I just realized that trying ceph-deploy gives me Firefly binaries.
<Logos01> adun153: There's likely a PPA or something like that. I couldn't say.  But just be sure to check the reputability of any PPA you're touching on.
<nameuser_> Hi there
<sexywoodenspoon> Morning all. Anyone used postfix before? Trying to use the mailbox_command setting but it's not working on receiving mail
<sexywoodenspoon> Anyone got any tips on firing a script when postfix picks up an email
<Logos01> sexywoodenspoon: Define "picks up an email" more clearly.
<ikonia> sexywoodenspoon: what are you trying to actually do
<sexywoodenspoon> When an email comes to postfix for a domain that exists, run a bash script.
<sexywoodenspoon> log sender, recipient, date to a db
<rbasak> sexywoodenspoon: you probably can do it the way you're trying, but you might find it easier to do it at the user end using procmail.
<rbasak> Then you run under the user's privs instead of postfix's more restricted ones, too.
<rbasak> Because that is what may be biting you.
<rbasak> It's a more well trodden path, too.
<sexywoodenspoon> Hmm would that still work for virtual boxes? i.e. forwarders with no physical mailboxes?
<ikonia> rbasak: just pull that from the logs
<ikonia> it's easier to manipulate logs than it is how you're doing it
<rbasak> procmail doesn't have to deliver to a mailbox in the end. It can just deliver to /dev/null if you want.
<ikonia> more so as the script will be executed as the user that the mail is being delivered to
<rbasak> However your bash script does need to run as _some_ user.
<ikonia> which means your user needs to be a real user, eg: not virtual
<sexywoodenspoon> I was hoping the logs would do what I wanted and was mis-sold the mailbox_command command on Stack
<sexywoodenspoon> as if logs were the dirty thing to do
<kjackal> o/
<lordievader> Good morning.
<coreycb> jamespage, can you sync python-keystoneauth1 2.1.0-3 from experimental?
<jamespage> coreycb, sycn'ed
<coreycb> jamespage, thanks
<mdeslaur> dannf: sorry for the grub2 collision
<dannf> mdeslaur: np - we had a few more bug fixes to get in anyway
<coreycb> jamespage, can you sync python-openstacksdk from experimental please?
 * coreycb no privs
<stemid> this is incorrect http://packages.ubuntu.com/search?searchon=contents&keywords=pyvenv&mode=filename&suite=trusty&arch=any because I have python3.4 installed on trusty and there is no /usr/bin/pyvenv-3.4 file. I've also checked dpkg -L python3.4 | grep pyvenv
<stemid> anyone know if pyvenv is available for ubuntu trusty?
<TJ-> !info python3.4-venv trusty | stemid
<ubottu> stemid: python3.4-venv (source: python3.4): Interactive high-level object-oriented language (pyvenv binary, version 3.4). In component main, is optional. Version 3.4.3-1ubuntu1~14.04.3 (trusty), package size 5 kB, installed size 56 kB
<asheesh_> Hello Everyone, need some help
<asheesh_> trying to install Openstack using the guide at https://help.ubuntu.com/lts/clouddocs/installer/en/single-install.html for setting a private cloud
<asheesh_> but it's kind of stuck at starting services stage
<asheesh_> it has activated neutron and compute on separate machines (which it created for single machine setup)
<asheesh_> but all other services are pending for few hours now
<asheesh_> it did gave some errors in commands.log related to jujucharms.com being down, due to which it was unable to download charms for glance simplestream image sync service
<asheesh_> I told juju guys on their #juju IRC channel and their api service for juju charms is up and running
<asheesh_> but nothing has been happening in console.log either
<asheesh_> will appreciate any help, been trying to setup this using single-install guide for past 2 days
<asheesh_> after a few hours, I got [INFO: 12-17 22:02:59, openstack-status:104] Starting deployment of OpenStack
<asheesh_> like 15 minutes ago, but it's still stuck and nothing seem to be happening
<asheesh_> paste bin here : http://pastebin.com/zWdHNTNn
<Wicaeed> Looking at the sources.list for apt, when you use deb-i386/deb-amd64 on a mirror vs just using 'deb', what is determining the architecture that the mirror is grabbing?
<ikonia> Wicaeed: your machine
<ikonia> (as in it's arch)
<Wicaeed> ok, makes sense :)
<genii> !multiarch
 * genii smacks the bot
<ikonia> I think that factoid is obsolete now anyway
<Wicaeed> any way to calculate the size of a repo before you dl it?
<Wicaeed> for mirroring
<ikonia> depends on the tool, things like apt-mirror used to do a size and checksum calcuation before anything
<genii> Roughly 33G
<Mitchell1992> Hello... I'm trying to install Ubuntu Server virtually on top of Hyper-V. It's stuck on Installing the System... 83%. Is there a compatibility issue I'm not aware of?
<teward> genii, i think that's just hte ISO mirrors
<genii> teward: The last time I mirrored main,universe, multiverse, and restricted, it was somewhere between 32 and 35G
<neonixcoder> Good day team, I am posting this on #ubuntu channel as well
<neonixcoder> I am having an issue with my pptp connection. Its not connecting instantaneously. Its taking multiple connection retries and then disconnecting.
<neonixcoder> I enable debug mode and output is http://pastebin.com/xmUsQ1gN
<neonixcoder> Any suggestions?
<sarnold> neonixcoder: you should probably take the opportunity to move to something better: https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/
<neonixcoder> Hay Arnold, How are you?
<sarnold> neonixcoder: pretty good, thanks; how are you?
<neonixcoder> Ya, I know it is bit old. Right now I have to stick to it as we are planing to move to OpenVPN in near future..1
<sarnold> good good
<neonixcoder> I am good, thanks.
<neonixcoder> My concern is, some times it connects  in a min and some times it connects after long time
<neonixcoder> Any suggestion, Arnold?
<sarnold> no, sorry, I didn't see anything immediately obvious in your logs
<sarnold> I've got two wild guesses: (1) maybe you need to fiddle with your connection's MTU; if you're using pptp then perhaps something else is terribly broken and PMTU doesn't work.
<sarnold> (2) maybe someone is doing active MITM attacks and preventing connections when their cracking load is a bit too high. This one's a bit paranoid though..
<neonixcoder> hmm
<neonixcoder> Let me see
#ubuntu-server 2015-12-18
<neonixcoder> Hay Arnold. The issue is number of max connection limit
<neonixcoder> Our hosts reached that value.
<sarnold> neonixcoder: ah! :)
<sarnold> fun
<neonixcoder> Now I increased that count and it is working fine now..
<nameuser_> I'm looking for an easy way to do full server backup. Something like Macrium Reflect ( http://www.macrium.com/reflectfree.aspx)
<nameuser_> I know Clonezilla, but it requires the system to reboot
<nameuser_> Rsnapshot is more for backing up files
<patdk-lap> duplicity :)
<patdk-lap> or if you want to go the payed route, acronis
<Logos01> nameuser_: bacula.
<Logos01> rsnapshot can do the job, but bacula is a very robust enterprise-ready fully OSS backup engine.
<Logos01> (And it's block-level)
<nameuser_> Thank you!
<nameuser_1> Just bought a SSD for my self hosted web server. Expected a huge i
<nameuser_1> Expected a hugh improvement
<nameuser_1> But disappointed
<patdk-lap> heh?
<patdk-lap> why?
<nameuser_1> Except when installing or backup/restore server, the postgresql query speed doesn't seem to improve mouch
<patdk-lap> and you tested that disk speed was the problem?
<nameuser_1> Test disk speed with hdparm and dd
<patdk-lap> heh?
<nameuser_1> The ssd is fine
<patdk-lap> what does those have to do with anything?
<patdk-lap> hdparm doesn't do anything
<patdk-lap> and dd doesn't test anything, that has to do with sql
<patdk-lap> and on an ssd, dd really is horrid
<nameuser_1> so give me some tips then
<patdk-lap> instead of doing a streaming test, using dd, with all 0's
<patdk-lap> do a test that is correct for your usage
<patdk-lap> what that is, I dunno, that depends on your usage
<patdk-lap> first, ask postgresql what the problem is
<patdk-lap> I dunno postgresql, but it's simple enough in mysql
<patdk-lap> if you have cpu issue, locking issues, disk issues, ...
<nameuser_1> Yea
<znf> Hi
<znf> Doesn't ubuntu-server have a way to finish a install over ssh?
<asheesh_> Need some help with openstack single install on an Ubuntu server using Juju
<asheesh_> The installer is waiting for creating some machines for 4 hours now
<theptr> Is it a good idea to run an ms active directory on ubuntu 14.04 with samba ?
<patdk-wk> theptr, never had that work, good enough, personally
<theptr> patdk-wk, I want to keep as many as possible linux so
<patdk-wk> you asked my thoughts, I gave them, now you want to say they are invalid?
<rbasak> hallyn, stgraber: is lxc on vivid trying to run a xenial container known to be broken? Wily works, but Xenial doesn't. I see an init process with a bunch of subprocess zombies and nothing else. I also see an apparmor denial but I think I get that in the success case with wily too.
<rbasak> audit: type=1400 audit(1450447067.190:28): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 profile="lxc-container-default" name="/" pid=18303 comm="systemd-machine" flags="rw, rslave"
<rbasak> Using lxc-start-ephemeral.
<ifohancroft> Hello, guys. I am having trouble creating a software RAID 0 on Ubuntu Server 14.04.3 x86_64 using two discs (/dev/sdb and /dev/sdc) using mdadm
<ifohancroft> I've created it using mdadm --create /dev/md0 --level=raid0 --raid-devices=2 /dev/sdb /dev/sdc
<ifohancroft> Then I've created folder 'storage' (without the quotes) in / then I've put in fstab Then I've put this in /etc/fstab /dev/md0 /storage ext4 defaults 0 0
<ifohancroft> Then I rebooted and after grub times expires and ubuntu loads i pretty much get a black screen
<patdk-wk> well, that isn't going to work
<patdk-wk> you never told mdadm to *mount* your raid
<ifohancroft> How to do that?
<patdk-wk> mdadm --detail --scan >> /etc/mdadm/mdadm.conf
<ifohancroft> I will execute that in a minute, as soon as the server boots (well from recovery console)
<ifohancroft> btw I've manually put lines in mdadm.conf now I executed the command and will check the conf
<ifohancroft> well it looks the same
<ifohancroft> first line: DEVICE /dev/sd[bc]
<ifohancroft> second line: ARRAY /dev/md0 devices=/dev/sdb,/dev/sdc
<patdk-wk> that is strange
<patdk-wk> it doesn't do something like, ARRAY /dev/md0 UUID=xxxxx
<patdk-wk> generally, depending on the drives to be called the correct letters, is a horrible thing to depend on
<patdk-wk> such as, replacing a disk, adding a disk, or even installing a new hba
<patdk-wk> will cause that all to get changed
<patdk-wk> a disk failing
<ifohancroft> actually i think for some reason it's not writing in the conf
<ifohancroft> i just checked
<ifohancroft> i deleted it and executed the command again and the conf was empty
<ifohancroft> also i don't think it was created after i installed mdadm and created it manually
<ifohancroft> mdadm after being installed mentionend mdamd.cf maybe its conf is somewhere else?
<patdk-wk> it's not
<patdk-wk> I have a few systems, including this one I'm on now, using 14.04.3 with mdadm
<ifohancroft> so maybe if I change it to use UUID? however which UUID is that of which drive or of what and how do i find it?
<patdk-wk> first I would comment out DEVICE line
<patdk-wk> blkid will give you the UUID
<patdk-wk> hmm, it will give it in a different format though
<patdk-wk> what does mdadm -Es, give you?
<ifohancroft> oh awesome it gives me the UUID and stuff of /dev/md0
<ifohancroft> it gives:
<patdk-wk> you do NOT want the uuid of md0
<ifohancroft> ARRAY /dev/md/0 metadata=1.2 UUID=uu:id:etc name=os1.0
<patdk-wk> unless your putting it into /etc/fstab
<ifohancroft> name=os1:0 i mean
<patdk-wk> no, that iline is good
<patdk-wk> I meant blkid one
<patdk-wk> from blkid:  /dev/md0: UUID="626a5a92-b783-44ff-8a7d-a0236287892f" TYPE="ext4"
<ifohancroft> should I put the uuid in fstab instead of '/dev/md0'
<patdk-wk> that UUID is of the ext4 filesystem installed ON md0 :)
<patdk-wk> that is optional, but generally better
<ifohancroft> well it doesn'ty give me uuid of md0
<ifohancroft> blkid i mean
<patdk-wk> incase md0 is called something else, but not *as* likely to happen
<patdk-wk> is md0 started/assymbled?
<patdk-wk> did you format it with a filesystem yet?
<ifohancroft> maybe i should not put it in fstab as /dev/md0 but as /dev/md/0?
<ifohancroft> the md0?
<ifohancroft> let me check
<patdk-wk> ya
<ifohancroft> fdisk can't find it
<patdk-wk> fdisk finds partitions
<patdk-wk> did you put a partition on md0?
<ifohancroft> i don't think i did though (stupid tutorials on the web, show you how to do something and what to do but not how)
<patdk-wk> I never do
<ifohancroft> i don't think i have
<ifohancroft> but not why i mean
<patdk-wk> you are not suppose to use tutorials
<patdk-wk> a tutorial is notes someone created for their usage
<patdk-wk> documentation is created to explain to others
<ifohancroft> good point, thank you (didn't know that to be honest)
<patdk-wk> so a tutorial/blog/... is only useful if you already know how to use something
<ifohancroft> btw atm mdadm --detail /dev/md0 gives me mdadm: cannot open /dev/md0 no such file or directory
<patdk-wk> well, that is cause most poeple advertize it wrong :)
<patdk-wk> they make a tutorial thinking to help other people
<patdk-wk> forgetting to put in all their *thoughts* on why they did any of it
<ifohancroft> i guess the raid is not created atm because i executed mdadm --create /dev/md0 --level=raid0 --raid-devices=0 /dev/sdb /dev/sdc and it asks me to create it again
<ifohancroft> says they appear to be part of a raid array and that partition table exists there etc and asks to continue the array creation
<ifohancroft> at this point how should I proceed into creating the array, making it stick after reboot and making it auto-mount on boot etc
<ifohancroft> create it, check the uuid, put it in mdadm.conf then reboot?
<rbasak> hallyn, stgraber: fyi, upgrading to wily fixed the issue. I can start xenial containers now. I don't know if that's due to a side effect of the upgrade or an actual package version difference though.
<ifohancroft> patdk-lap: I created the raid again, used the command to make mdadm put stuff in its conf, cleared the conf from my stuff so only what it put in there stays in there, saved it, rebooted and pretty much the same thing (a black screen)
<patdk-wk> I think your having a different issue
<patdk-wk> and don't think mdadm is the problem :(
<ifohancroft> I will boot into recovery console and check if the raid is up and running, if it is i will try to find what else might be the problem, if not, I will try to get it to work and then see if the problem presists
<patdk-wk> at this point
<patdk-wk> I would just remove mdadm.conf and your line from fstab (thought shouldn't be needed)
<patdk-wk> even with it failing, it should not give you a blank screen
<ifohancroft> ok, I removed them and am now rebooting to see what will happen
<ifohancroft> yeah, still the same, let me try few things
<ifohancroft> without the drives inside, it's booting and even the grub timeout time (you know the time after which the chosen option will be auto loaded )
<ifohancroft> but that is probably because of less drives and because the only drive now inside is an ssd on which is the os
<ifohancroft> also i think with the drives formated and without partitions it can also boot
<ifohancroft> i will try to erase them and try to boot with them inside
<ifohancroft> before I start creating the raid should i have some partition on the drives and any flags set?
<ifohancroft> or should i keep them as unallocated space
<patdk-wk> optional
<patdk-wk> generally it can be a good idea to create a parition, and use that parition to mdadm
<ifohancroft> I think the problem now may have been that the raid was still running, I stopped it now and rebooted now we will see
<patdk-wk> just so you don't accidently think it's a blank disk and create a partition on it later, wiping it
<ifohancroft> so create ext4 on each then create raid then I guess I should create a partition on /dev/md0 then mount it?
<patdk-wk> flags are completely useless these days, really
<patdk-wk> dunno what you mean by create ext4
<ifohancroft> btw yes, now that the raid is stopped (using sudo mdadm --stop /dev/md0 and sudo mdadm --zero-superblock /dev/sdX... for each drive)
<patdk-wk> disk, partition, mdadm on partition, ext4/... on md
<ifohancroft> i mean create ext4 partition
<patdk-wk> why?
<patdk-wk> there is no such thing as an ext4 partition
<ifohancroft> didn't you mean that is a good idea to do so i don't think the disk is empty?
<ifohancroft> ah yeah it's a filesystem
<ifohancroft> so i guess i didn't realize there is a difference between a partition and filesystem
<ifohancroft> so i am starting from scratch now in creating the raid, what is the first thing i should do?
<patdk-wk> the filesystem type in the partition table is also mostly useless
<jrwren> one of those important subtle distinctions
<patdk-wk> normally set to 83 == linux filesystem
<patdk-wk> but it is mdadm, not linux filesystem
<patdk-wk> so generally fd is perferred
<patdk-wk> mdadm auto mount
<patdk-wk> fd  Linux raid auto
<patdk-wk>    Device Boot      Start         End      Blocks   Id  System
<patdk-wk> /dev/sda1            2048   128901119    64449536   fd  Linux raid autodetect
<ifohancroft> so I should operate on /dev/sdb1 not /dev/sdb?
<ifohancroft> or?
<patdk-wk> optional, but most people expect partition table to exist
<patdk-wk> so if it does, you can future protect yourself
<patdk-wk> but it's strictly not needed
<patdk-wk> I used to never use partitions
<ifohancroft> ok now I have /dev/sdb1 start 2048 End 1953525167 Blocks 976761560 ID 83 System Linux
<patdk-wk> then I found several *utilities* they kept wiping out my drives that didn't have partitions, really upset me
<ifohancroft> lol
<ifohancroft> so your point about creating a partition is a very good one
<patdk-wk> oh? you have an uninitialized disk, let me fix that for you!
<ifohancroft> :D
<ifohancroft> how did you set Linux raid autodetect to your drive and does it matter if it's just Linux or Linux raid autodetec or is this just a comment to the partition?
<patdk-wk> it doesn't matter what it is
<ifohancroft> ah yeah I found it
<patdk-wk> but I think mdadm checks it
<ifohancroft> the id
<ifohancroft> ok so what should I do next? Create raid with mdadm -C /dev/md0 --level=raid0 --raid-devices=2 /dev/sdb1 /dev/sdc1 ?
<patdk-wk> sure
<ifohancroft> Ok it is created. Now I should make mdadm put the conf for the array in its conf?
<patdk-wk> yes
<patdk-wk> post that line here too
<ifohancroft> mdadm --detail --scan >> /etc/mdadm/mdadm.conf
<patdk-wk> well, I meant of the line added to mdadm.conf
<ifohancroft> ah :D
<ifohancroft> ARRAY /dev/md0 metadata=1.2 name=os1:0 UUID=700:long:etc
<patdk-wk> ok
<patdk-wk> that looks good
<patdk-wk> blkid has stuff
<ifohancroft> so I should check blkid now?
<patdk-wk> should show linux_raid_member lines
<ifohancroft> well it shows /dev/sdb1, /dev/sda1, /dev/sda3, /dev/sda4 and /dev/sdc1 (no /dev/md0)
<patdk-wk> yes
<ifohancroft> on both /dev/sdb1 and /dev/sdc1 it says that its TTYPE is linux_raid_member
<patdk-wk> mdadm --assymble
<ifohancroft> mdadm --assemble?
<patdk-wk> probably
<patdk-wk> english was my first language
<ifohancroft> :D
<ifohancroft> it says an md device must be given in this mode
<ifohancroft> so mdadm --asemble /dev/md0?
<ifohancroft> (btw i will go for a cigarette)
<patdk-wk> ah
<patdk-wk> mdadm --assemble --scan
<ifohancroft> back and ok
<ifohancroft> done
<patdk-wk> now blkid shows md0?
<patdk-wk> or it might not
<patdk-wk> but md0 exists now right?
<patdk-wk> probably best to, cat /proc/mdstat
<ifohancroft> yes, it doesn't show md0 and yes catting /proc/mdstat shows md0:active raid0 sdc1[1] sdb1[0]
<patdk-wk> ok, time to mkfs.ext4 /dev/md0 ....
<ifohancroft> done
<patdk-wk> blkid
<patdk-wk> add to /etc/fstab using the UUID
<ifohancroft> yes it now shows UUID
<ifohancroft> of md0
<ifohancroft> defaults for options and 0 0 for dump and pass?
<patdk-wk> well, likely 1 or 2 for pass
<patdk-wk> but it shouldn't matter much
<ifohancroft> ok i put 1 like on /
<ifohancroft> so now in theory it's all done and a reboot follows?
<patdk-wk> yes
<patdk-wk> since you don't need it in initramfs
<patdk-wk> as it's not a boot/root drive
<ifohancroft> ok, time to pray to the server :D
<ifohancroft> It works! Thank you so much dude! I will write the stuff down and look at documentation to fill in the gaps (learn the stuff I now figured out I don't know)
<ifohancroft> btw as my user I don't have write permission on there atm, did I not mount it well or it's normal
<ifohancroft> I mean I didn't mount it as read only or something?
<patdk-wk> dunno
<patdk-wk> but you didn't setup permissions
<patdk-wk> so likely only root has write access
<ifohancroft> well I can write as root
<ifohancroft> if it was read write I won't be able to write even as root, right?
<patdk-wk> yes
<ifohancroft> Thank you very much!
<ifohancroft> I should really start like right now to see what I don't know much about or don't understand and fill in the gaps
<capoderra> hello, all. I've just install ubuntu server and the top and left portions lay off screen so I am having a hard time configuring files.
<capoderra> xrandr only works in GUI
<capoderra> I've tried fbset, but I can't get it to change my resolution
<capoderra> i've tried fbset -xres=1360 -yres=850, but that outputs the usage for fbset
<capoderra> this last command supposedly worked for somebody, but it doesn't work for me, even with the same version of fbset
<teward> capoderra: have your monitor autoconfigure
<stgraber> rbasak: well, that's pretty odd seeing how lxc is identical in vivid and wily (exact same source)
<stgraber> rbasak: the behavior you describe sounds like a broken or crashed lxcfs though
<capoderra> teward, sorry, it's a TV connected via HDMI
<teward> capoderra: oh.  I typically see HDMI TVs cut off things, and I never found a way to resolve it, server or otherwise
<teward> (TVs aren't the best for that stuff)
<ogra_> capoderra, find the "overscan" option in your TV settings menu ... and toggle it
<capoderra> teward, it's all I got. It's funny, I never had that problem on my old machine.
<davidic657> Hi guys, had a server with hetzner for a while now and never seem to get kernel updates, just the kernel dev, Ubuntu 12.04.5 its currently at Linux 3.11.0-26-generic on x86_64 is this normal?  I ticket hetzner and they just said they have nothing to do with software etc as usual
<capoderra> ogra_, I don't think I have that
<ogra_> it might be named differently ... but it should be there ... TVs that dont have it are rare
<capoderra> teward, the old machine used a VGA cable. This one has to be HDMI because it doesn't have a vga port
<davidic657> anyone tell me what the current kernel should be for Ubuntu 12.04.5 64 bit server should be please
<davidic657> Do not understand why I do not get main kernel updates, just the dev updates
<ogra_> davidic657, https://launchpad.net/ubuntu/+source/linux
<ogra_> (scroll to the bottom)
<davidic657> ty
<davidic657> ogra_:  hetzner wont answer me why it does not upgrade?
<ogra_> upgrade from what to what ?
<ogra_> the latest kernel in precise is obviously  3.2.0-96.136  ...
<davidic657> ogra_: says Linux 3.11.0-26-generic on x86_64 here
<davidic657> sry bit confused here
<quantic> likely installed a hwe kernel.
<ogra_> 3.11 ?
<ogra_> well, hwe kernels come from other LTS releases
<davidic657> quantic: all I get is the dev updates
<ogra_> there is no 3.11 in either of them
<ogra_> the hwe kernel for 14.04 would be 3.14 based
<quantic> 3.11 is the kernel from saucy.
<davidic657> not sure what they are up to
<quantic> 12.04 has an hwe kernel that's 3.11. 12.04.4, I believe.
<ogra_> yeah, that looks like a broken release upgrade
<quantic> ogra_: not necessarily.
<quantic> https://wiki.ubuntu.com/Kernel/LTSEnablementStack#Kernel.2BAC8-Support.A12.04.x_Ubuntu_Kernel_Support
<davidic657> just want to know if the kernel is ok and no security problem, never get any updates
<davidic657> thanks guys for the input
<quantic> davidic657: install the "linux-generic-lts-trusty" package.
<quantic> davidic657: And review https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<davidic657> noob here proberbly mess everything up :)
<davidic657> should be ok fingers crossed
<ogra_> yeah, what quantic said "linux-generic-lts-trusty" should get you 3.13
<quantic> davidic657: Just install a single package, it will pull in the currently-supported kernel.
<davidic657> thanks
<rbasak> stgraber: I think that's reasonably consistent with what I've seen. If the latest SRU is broken but the release pocket works in both Wily and Vivid, then that is consistent with my observations.
<rbasak> stgraber: I only upgraded in Wily to work around a different bug.
<stgraber> rbasak: except that we also use the exact same lxc source in xenial as wily and vivid (1.1.5 + 2 bugfix uploads for all 3)
<stgraber> rbasak: anyway, the symptoms point towards lxcfs (as mentioned in the bug), hopefully hallyn can take a look when he's back
<rbasak> That makes sense. Thanks.
<capoderra> is anybody familiar with fail2ban? Do I need it if I'm going connecting to my server from my local network?
<patdk-wk> nothing
<patdk-wk> except if you are in a habbit if not using the right password, you might want to add yourself to the exceptions
<patdk-wk> or adjust what it blocks, to only block external
<patdk-wk> or add a firewall rule that overrides fail2ban rules
<patdk-wk> so many things you can do
<capoderra> wait wait
<capoderra> ok, fail2ban, as I understand, prevents brute force attempts to crack ssh password... but if I'm going to only connect to my server from another computer on the same local network, do I need fail2ban?
<capoderra> What i'm saying is..
<capoderra> my server is not facing the wide open internet
<genii> capoderra: If the ssh port is not forwarded at the router from the internet at alrge to that machine, you're pretty safe without it
<patdk-wk> it protects against attacks that it is programmed to notice
<genii> *large
<patdk-wk> if the attacks cannot attack your server, why do you care?
<capoderra> genii, that's what I was thinking
<capoderra> patdk-wk, I'm not a security expert, so I just wanted to confirm my assumptoins
<patdk-wk> well, it doesn't help to have an extra layer
<patdk-wk> just incase someone opens it up later
<patdk-wk> or someone attacks it on the local network (though probably easier ways to do it)
<patdk-wk> but strictly, if what you say is true, it's not required
<capoderra> ok, thanks so much
<patdk-wk> and it's really not for security too much
<patdk-wk> though it can help slow down brute force attempts
<capoderra> I have another question. In my /etc/ssh/sshd_config file, there is a %h before the pathway to my authorized_keys... what is that?
<quantic> capoderra: Thats a shorthand for the user's home directory. I.e. the authorized keys file for each user is located in that path relative to the users home directory.
<capoderra> got it
<jarkinox> how can I make ubuntu server detect and mount my external drive on reboot?
<jarkinox> i have to unplug/plug every time
<Synthead> jarkinox: what do you have now?
<jarkinox> Synthead what do you mean?
<Synthead> jarkinox: how are you mounting it?  Do you have any /etc/fstab or auto-mount settings?  What do you mean by "have to unplug/plug"?  When you do that, what happens?
<jarkinox> fdisk -l doesnât even show the drive after reboot
<jarkinox> i unplug the harddrive, and then it shows up
<jarkinox> Synthead ^
<Synthead> jarkinox: is there any kind of error in the ring buffer (dmesg) about the drive after the server is booted with it plugged in?
<Synthead> jarkinox: is it usb?
<Synthead> jarkinox: what make/model of the drive?  if it's usb, what does it show in lsusb?
<jarkinox> Synthead: It is usb
<jarkinox> itâs a western digital 3tb drive
<jarkinox> let me check on those other items you asked for
<Synthead> jarkinox: a lot of hard drives hang a while as they spin up
<Synthead> jarkinox: maybe it's timing out as it's being queried by some means?
<jarkinox> what am i looking for in dmesg?  thereâs a lot there.  can you give me a grep command?
<Synthead> jarkinox: might check lsusb first and grep for its description
<Synthead> jarkinox: perhaps grep for /dev/sd ?
<Synthead> jarkinox: I recommend dmesg | less and just / to try to look for it
<Synthead> -i (without /) toggles case sensitivity
<jarkinox> jarkinox@Ubuntu:~$ lsusb
<jarkinox> Bus 001 Device 002: ID 0480:a003 Toshiba America Info. Systems, Inc.
<jarkinox> Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
<jarkinox> Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
<jarkinox> Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
<jarkinox> Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
<jarkinox> not in there
<Synthead> jarkinox: is your drive plugged in?
<jarkinox> yup
<Synthead> jarkinox: are you able to use it?
<jarkinox> yes, but after a reboot, i need to physically remove the usb and plug it back in
<jarkinox> then itâs detected
<Synthead> jarkinox: what does lsusb say when you unplug it, then plug it back in?
<Synthead> by the way, is this drive going to be permanently installed on this box?
<jarkinox> Bus 001 Device 007: ID 1058:1230 Western Digital Technologies, Inc.
<jarkinox> Bus 001 Device 002: ID 0480:a003 Toshiba America Info. Systems, Inc.
<jarkinox> Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
<jarkinox> Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
<jarkinox> Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
<jarkinox> Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
<jarkinox> yes, permanently on the box
<Synthead> jarkinox: you might seriously reconsider using it via the usb enclosure
<Synthead> jarkinox: there's is almost always a data drive inside
<Synthead> sata*
<jarkinox> what does that mean?
<Synthead> jarkinox: if you remove the drive from the enclosure and plug it directly into your motherboard with sata, not only will you circumvent this issue, but you'll have an enormous speed improvement
<Synthead> jarkinox: usb 2 or 3?
<jarkinox> ok now thereâs something in dmesg
<jarkinox> can i paste a bunch of lines without it looking like spam?
<Synthead> jarkinox: pastie.org
<jarkinox> itâs usb 3 on a very old Dell box
<Synthead> usb 3 isn't so bad
<Synthead> jarkinox: does the dell box have usb 3 as well?
<jarkinox> http://pastie.org/private/uvsblr2ncn5nubgzanjr9w
<jarkinox> i seriously doubt it has usb 3
<jarkinox> itâs ancient
<jarkinox> back when 80 gigs was a lot
<Synthead> jarkinox: are you ok with your read and write speed being a combined 30 MiB/s ?
<jarkinox> yeah, i donât use it a whole bunch.  itâs like cold storage
<jarkinox> but i like to tinker with things :)
<jarkinox> donât mind a little speed improvement
<Synthead> jarkinox: ok, as long as you're aware.  sata 2 will operate at 3 GiB/s, which is ~100x faster.  Your drive will likely peak at a couple hundred MiB/s though, being a disk with platters
<Synthead> jarkinox: do you see "Western Digital" anywhere in your ring buffer before plugging that disk in?
<jarkinox> dmesg | grep Western
<jarkinox> [14339.730100] usb 1-4: Manufacturer: Western Digital
<jarkinox> nope, only after I plugged it in
<Synthead> jarkinox: what about "USB"?
<Synthead> jarkinox: anything worth mentioning?
<Synthead> jarkinox: also, when the drive is unplugged with the platters stopped, how long does it take to spin up and be recognized?
<Synthead> just generally
<Synthead> 5-10 seconds ish?
<jarkinox> yeah itâs pretty quick
<Synthead> some motherboards have a setting in the bios that goes by the tune of "wait for disks" or something
<Synthead> it doesn't continue to boot until all attached storage responds
<jarkinox> http://pastie.org/private/cv1dpaa1wqmedwcfj3hblg
<jarkinox> the box boots fine even with the hard drive attached
<jarkinox> thereâs another Toshiba drive attached that doesnât have the problem
<Synthead> you might look at dmesg via less as just grep'ing dmesg will remove a lot of nice errors
<jarkinox> how far back does dmesg go?
<Synthead> jarkinox: since the box was booted unless you clear the buffer
<jarkinox> i rebooted today after some updates
<Synthead> what is the model of your dell?  dmidecode will tell you
<jarkinox> DE051
<jarkinox> released 2006
<Synthead> jarkinox: do you have a visible grub boot loader when the machine is turned on?
<jarkinox> thereâs no monitor attached to it
<jarkinox> and no gui
<Synthead> jarkinox: oh right on
<jarkinox> so paste the whole dmesg?
<Synthead> jarkinox: the reason I mentioned it is because you might check if this is the problem preemptively by interacting with the grub menu while the disk spools up
<Synthead> after ~15 seconds, boot the os and see if the disk was detected
<Synthead> jarkinox: if you really wanted, you could
<jarkinox> i could go that route but that would require attaching a monitor and keyboard, and Iâm determined to figure this out via ssh :)
<Synthead> jarkinox: that's a lot of text
<jarkinox> yeah i donât want to but iâm not sure what iâm looking for in dmesg
<Synthead> jarkinox: what is your grub timeout value?
<jarkinox> where would I find that?
<Synthead> jarkinox: probably /boot/grub/grub.cfg
<Synthead> jarkinox: ubuntu will kill any changes make directly in that file via scripts, but this would only be a temporary test
<Synthead> jarkinox: actually, if you have to wait for the disk to spool up before it works properly, maybe just putting a longer timeout in there would be good enough
<Synthead> you'll probably want to do it the "formal" way via /etc/defaults/grub, though
<jarkinox> itâs either 2 or 30
<jarkinox> not too sure how to read this bash script
<Synthead> gruc.cfg shouldn't be a bash script
<Synthead> what does the line say?
<jarkinox> sorry, itâs not.  I think itâs perl
<jarkinox> Iâm a C# guy so itâs all jibberish to me ;-)
<Synthead> jarkinox: what file?
<jarkinox> ok hold on, there was a note in there to go to /etc/default/grub
<jarkinox> GRUB_TIMEOUT = 2
<Synthead> jarkinox: as mentioned, grub.cfg is the real config script for grub.  grub doesn't care about /etc/default/grub, but it's where you'd make permanent changes
<Synthead> if you want to make a temporary test, /boot/grub/grub.cfg is fine.  If you want to make permanent changes, /etc/default/grub is where you'd likely put it, then run some kind of grub updater script
<Synthead> tbh, I'm more of an Arch guy, so I hand-write grub.cfg
<jarkinox>  terminal_output gfxterm
<jarkinox>  85 if [ "${recordfail}" = 1 ] ; then
<jarkinox>  86   set timeout=30
<jarkinox>  87 else
<jarkinox>  88   if [ x$feature_timeout_style = xy ] ; then
<jarkinox>  89     set timeout_style=menu
<jarkinox>  90     set timeout=2
<jarkinox> Arch guy?
<Synthead> bleh
<jarkinox> Architect?
<Synthead> Arch Linux
<jarkinox> whoa
 * jarkinox bows down
<Synthead> heh, nah, it's not like that
#ubuntu-server 2015-12-19
<Synthead> but thanks
<Synthead> anyway, might edit /etc/default/grub cause there's logic I didn't expect in grub.cfg
<jarkinox> change it from 2 to 30?
<Synthead> I think update-grub will generate a new grub.cfg (run it as root)
<Synthead> sure
<Synthead> then reboot and see if your drive is recognized
<jarkinox> so what I pasted you didnât expect?
<Synthead> heh, yeah, I was expecting just a set timeout=n in there
<Synthead> line 90 is probably what you'd change, but changing that would be a bit of a hack with that logic wrapped around it imo
<Synthead> oh, while you're acquainted to that timeout in grub.cfg, you might check if /etc/default/grub and update-grub actually changes that timeout valie on line 90
<Synthead> value
<jarkinox> in /etc/default/grub itâs line 9
<Synthead> GRUB_TIMEOUT, yeah?
<jarkinox> i was just going to change /etc/default/grub
<Synthead> yeah, change that file, then run sudo update-grub
<Synthead> without running update-grub, grub.cfg will not be changed and for this scope, there would be no changes to how your system boots
<Synthead> tbh, I wouldn't be surprised if your HDD is recognized after this
<jarkinox> then reboot?
<Synthead> did you run update-grub yet?
<jarkinox> yup
<Synthead> was that line changed in /boot/grub/grub.cfg?
<jarkinox> woops, didnât check :)
<jarkinox> too late
<Synthead> hahaha
<Synthead> it probably was :)
<jarkinox> iâm super reckless
<Synthead> nah
<Synthead> it's your box without any HA apps, right?
<jarkinox> high availability?
<Synthead> ah crap, google.com is down! where do you work again?  I am not responsible!
<Synthead> hehe
<jarkinox> yeah itâs mine.  cobwebs inside and everything
<Synthead> yeah
<Synthead> yeah you're good
<Synthead> prepare for an ungodly 28 extra seconds!
<jarkinox> seriously
<jarkinox> this is torture
<Synthead> I saw you should boot grub from a floppy
<Synthead> maybe a zip disk
<jarkinox> no dice
<Synthead> still not recognized?
<jarkinox> nope
<Synthead> ah, shucks
<Synthead> might put that timeout back ;)
<jarkinox> grub.cfg does show timeout = 30
<jarkinox> so that worked, but thatâs it
<Synthead> yeah this stuff didn't fix it
<Synthead> hm
<jarkinox> no worries Synthead
<jarkinox> thanks for the help though
<Synthead> still thinking about your issue
<jarkinox> i read somewhere messing with fstab might be the trick
<jarkinox> know about that?
<Synthead> jarkinox: well, the issue seems to be at a lower level than that
<Synthead> fstab just affects present disks
<Synthead> your disk isn't recognized yet
<Synthead> what about https://bbs.archlinux.org/viewtopic.php?pid=1081842#p1081842 ?
<Synthead> you might be able to add usb-storage.delay_use=5 (or something higher) to your kernel options
<TJ-> jarkinox: does the external enclosure have its own power supply?
<Synthead> looks like you can add it to modprobe.d too
<Synthead> jarkinox: what if you did this?  echo "options usb_storage delay_use=5" > /etc/modprobe.d/usb-storage-delay.conf
<Synthead> jarkinox: you'd have to run this as root (not sudo)
<Synthead> jarkinox: sudo -i will get you in as root
<Synthead> jarkinox: after touching that file (and setting grub's timeout back to what it was), try rebooting and checking again
<jarkinox> TJ: It does have itâs own power supply
<jarkinox> Synthead: Iâll need to digest what you posted
<TJ-> jarkinox: that device is known to have a problem; it's the additional enclosure device that causes the issue
<Synthead> TJ-: it's going to be a permanent install on this box and his mobo has only usb 2
<jarkinox> yeah I had a problem with it from the very beginning because itâs 3tb and was partitioned using GUID
<Synthead> jarkinox: basically, via that file, you'd be telling the linux kernel to wait for 5 seconds before giving up detecting this drive
<jarkinox> iâm fine with it if the device itself is the problem
<Synthead> jarkinox: it defaults to 1 second.  might experiment with something silly, like 30, just to ensure that this isn't the issue
<jarkinox> i was just pissed i couldnât configure it properly when my toshiba hdd was working fine
<jarkinox> iâll try that
<jarkinox> later though.  Itâs time for my hourly daytime beer :)
<Synthead> hehe
<Synthead> jarkinox: good luck, and enjoy :)
<jarkinox> thanks Synthead.  really appreciate it
<Synthead> jarkinox: if this is too much of a headache, ripping out the HDD from that enclosure and attaching it via SATA will almost certainly make it work
<Synthead> jarkinox: you're welcome!
<freeroute> hi, suppose I want to give a local domain name (like cabbage.carrot) to a local machine running 14.04. Would the first part of this answer apply to me too? http://askubuntu.com/a/190954
<freeroute> (also is cabbage.carrot an FQDN or an unqualified one?)
<RoyK> freeroute: it'll be your fqdn
<RoyK> freeroute: that is, if cabbage is your hostname
<RoyK> fqdn == hostname.domain
<RoyK> as in myhost.subdom.dom.tld
<RoyK> or something like that
<RoyK> freeroute: most use .local for the tld if it's locl
<freeroute> RoyK: as I see, so if I simply edit the /etc/hostname and /etc/hosts, restart the service and all local machines will be able to reach the machine when they type http://cabbage.carrot? Or do I have to somewhere make a DNS server?
<freeroute> *ah
<RoyK> you need dns
<RoyK> or hardcoded things in /etc/hosts
<RoyK> for each client
<freeroute> ooh ok.
<freeroute> cool, thanks :)
<sorin-mihai> I have 3 servers with only one NIC, accesible over the internet, that I want to use as kvm hosts to make some sort of LAN of VMs then use the VMs to learn more about OpenStack. what is the faster aproach to this kind of setup?
<RoyK> just use bridging
<RoyK> if you want them in a cluster, you'll need shared storage of some kind
<RoyK> nfs is the easiest
<RoyK> and you'll want corosync etc to avoid starting the same vm two places
<RoyK> sorin-mihai: local or shared storage?
<sorin-mihai> RoyK, I'm kinda new at this... each server has it's own storage
<RoyK> sorin-mihai: do you want to run them separately or as a cluster?
<sorin-mihai> now I only have the latest ubuntu installed, and I think that a cluster ov VMs would do. I don't think MaaS installed on hardware would help, since I don't have enough servers
<RoyK> sorin-mihai: perhaps try #virt @ irc.oftc.net
<RoyK> sorin-mihai: setting up a kvm cluster isn't too hard, but if you're new at this, it might take a while studying how it works
<sorin-mihai> MaaS would work for a cluster of VMs for a PoC?
<RoyK> MaaS doesn't have anything to do with the cluster config
<sorin-mihai> I think that if I get a kvm cluster with 9 VMs then I can go on with the MaaS stuff. or is it too much overhead?
<sorin-mihai> something like kvm cluster > MaaS > Autopilot > OpenStack
<lordievader> Good morning.
<Club-Mate> hello everybody, I am planning to set up a homeserver and thought about using ubuntu-server. I hope someone can answer me a few question
<lordievader> Club-Mate: Go ahead, ask ;)
<Club-Mate> Ok thanks, if you choosed Ubuntu-Server, why did you as there are other Linux alternatives that would probably do I good job too.
<rbasak> I think what matters most if you're getting started is how you're going to get help.
<rbasak> If you have a friend who loves Gentoo and will help you, get started with Gentoo. Etc.
<rbasak> If you dont' have anyone local, then consider how you'll get help on the Internet generally.
<rbasak> Ubuntu Server is the most popular distro for homeserver use I think. Certainly one of the top ones. So that means that you're more likely to find help on the Internet when you need it. Included direct help for your problems as well as general guides on how to do things.
<lordievader> Club-Mate: Ubuntu/Debian are easy to get going. I personally run Gentoo on my homeserver. But we usually go with Debian/Ubuntu since they are easy and well known.
<Club-Mate> Thanks. If I want to use certain services like OwnCloud, can I simply install them from the official repositories or do I have to download them from the Developer's website to get the latest version? A PPA would be an easy alternative to repository?
<flarunt> you could use a docker container
<patdk-lap> the only way you can get latest, in a distro, is fedora probably, and likely gentoo
<patdk-lap> or you forget the distro, and install it yourself, from the source
<han420> I'm logging into a ubuntu server used for LAMP that hasn't been maintained for years. What are some basic things to check other than apt-get updates?
<TJ-> han420: are you concerned about potential compromise of the server?
<han420> there are no signs of that that I can see, but I'd like to start by looking for them
<han420> or checking if everything's normal - is there some standard procedures? some logs to look at?
<TJ-> han420: well, if the logs aren't compromised, they're all under /var/log/  'auth.log'
<rbasak> I would take the server offline and take a snapshot using a known uncompromised machine.
<TJ-> han420: if you're at all concerned then take it offline, mount its file-systems on another host, and use some rootkit scannera
<rbasak> Then compare everything on the filesystem against what Ubuntu shipped in packages.
<rbasak> And account for all differences.
<TJ-> han420: original file MD5 hashes per-package can be found under /var/lib/dpkg/info/<package>.md5sums (using a known good host of course)
<rbasak> Finally update it while it's still offline.
<rbasak> I don't consider MD5 good enough for checking that. Use SHA1 at least. SHA2 preferably. Or just do a byte-for-byte comparison as you'll have to calculate hashes anyway.
<han420> Thank you, I'll look into it
<YamakasY> is there some alternative for dell openmanager ?
<YamakasY> I think it uses too much resources ?
<Walex2> YamakasY: the only source for Dell OpenManager is Dell....
<YamakasY> Walex2: alternative != source
<Pap00se> how do u add modify user accounts on proftpd in ubuntu, please point me to a guide either via ftp commands or via ssh terminal
<Pap00se> how do u add modify user accounts on proftpd in ubuntu, please point me to a guide either via ftp commands or via ssh terminal
<jak2000> i have 1 nic, inserted one more (a second) nic, but ifconfig only see 1
<jak2000> http://pastebin.com/aSc1S7bC
<Walex2> jak2000: 'lspci'
<Walex2> Pap00se: http://www.proftpd.org/docs/howto/Authentication.html
<Walex2> Pap00se: looks for "virtual users"
<Walex2> Pap00se: and in particular 'mod_auth_file'
<Walex2> Pap00se: http://www.proftpd.org/docs/modules/mod_auth_file.html
<Walex2> Pap00se: http://www.proftpd.org/docs/faq/faq_full.html#AEN699
<patdk-wk> Walex2, dunno if that would help at all
<patdk-wk> he wanted to modify user accounts for it, but we don't know what he is using for user accounts
<patdk-wk> if it is system/pam/file/ldap/sql/...
<patdk-wk> proftpd supports a lot of different user systems
<Walex2> patdk-wk: that is part of the documentation for almost all of them :-)
 * patdk-wk also wonders why he wants a guide, and not documentation :)
<jak2000> Walex2: http://pastebin.com/aSc1S7bC
<jak2000> how to enable the second eth?
<bekks> jak2000: The same way as you enable the first one.
<bekks> jak2000: ifconfig only shows active interfaces, ifconfig -a shows all interfaces.
<jak2000> ok edit the
<patdk-wk> ifconfig shouldn't be used at all
<bekks> jak2000: How did you configure your first nic - using /etc/netwok/interfaces?
<jak2000> interfaces file right?
<jak2000> yes
<Walex2> jak2000: note line 19
<bekks> Then configure the second nic in there, too.
<jak2000> bekks how to rstart network service?
<bekks> jak2000: Depends on the ubuntu release.
<patdk-wk> you don't
<jak2000> 14.04
<patdk-wk> use the ifup/down commands
<jak2000> bekks patdk-lap: http://pastie.org/10641935
<patdk-wk> your missing the auto line
<patdk-wk> why is there a gateway on it?
<patdk-wk> only one interface should have a gateway defined, or your just asking for problems
<jak2000> removed...
<jak2000> done
<jak2000> not know why answer the ping
<jak2000> but answer the ping :)
<Pap00se> thanks walex
<PryMar56> checking out a new VPS with 15.04 on VZ. There is no apache2 unit in list-unit-files. Is this normal when we are handed the VPS already setup?
<PryMar56> oh, see I got wise by asking the ques. Its in /etc/rc2.d
<spaok> hello
<pmatulis> hello
#ubuntu-server 2015-12-20
<bill_> does 14.03 server distribution not support wirelss network?
<rbasak> Ubuntu Server connects to wireless networks fine.
<bill_> it won't recognise my card
<rbasak> You may need to install the wpasupplicant package though, and you will need configure /etc/network/intefaces as usual.
<rbasak> I believe it should recognise anything that Ubuntu generally does. If there's no support then it may be a Linux-wide thing.
<bill_> 14.04 desktop uses it when i boot the cd
<rbasak> Maybe you need a firmware package or something.
<bill_> all other distributions use it
<rbasak> If Ubuntu on the desktop can work with it then it can be made to work on Ubuntu Server. They share the same core platform, including kernel.
<bill_> i thought it should...but it doesn't
<TJ-> bill_: -desktop installs network-manager whereas -server doesn't. network-manager handles a lot of the background plumbing for WiFi so it 'just works'.  You can use network-manager service (without any GUI components) on -server, too
<bill_> i will run the disk check on the install cd
<bill_> maybe it's broken
<bill_> i will try that
<bill_> thank you TJ
<rbasak> TJ-: if it's just a single wireless network that needs connecting to, then no need for network-manager. Just wpasupplicant and /etc/network/interfaces can achieve all that network manager can in terms of that.
<bill_> at the moment i have 14.04 desktop almost installed
<bill_> i'll strip out the desktop 'fluff and install some more serveices
<rbasak> network manager is much higher up the stack than plain wireless driver problems.
<bill_> i only want it to store the backups from other computers on the network
<bill_> thanks for your help
<bill_> i'll revisit this later
<toor> Hello, I am trying to set up my ubuntu server as a mailserver but I can't get it to send the mails, it only receives them.
<slidinghorn> toor: what error(s) do you receive when attempting to send mail?  What are the logs telling you?  Also, which version of Ubuntu Server are you using?
<toor> There are no errors and I cannot find any error logs. Ubuntu 14.04 TLS.
<toor> LTS*
<slidinghorn> toor: are you using postfix or sendmail or something else?
<toor> postfix, dovecot and I used the mail command.
<slidinghorn> toor: you should be able to view your postfix log in /var/log/mail.log
<toor> "No such file or directory"
<slidinghorn> toor: then you've likely changed some kind of configuration on your system telling it to log elsewhere
<toor> There is no such file anywhere on the system.
<slidinghorn> toor: again, that's because you've changed something from the postfix default...please pastebin the result of postconf -n     and link it here
<TJ-> Cound be there's no syslog service, too
<toor> http://pastebin.com/21wJeY2L
<slidinghorn> toor: have you restarted postfix & rsyslog?   sudo service postfix restart && sudo service rsyslog restart
<toor> postfix/postfix-script: fatal: the Postfix mail system is already running
<toor>                                                                          [fail]
<TJ-> sounds like a PID file is present but the process has died, or else you started the process manually
<toor> I wrote "service postfix start" when the computer booted.
<toor> Is there a guide or something that works in all cases?
<toor> Could it be that it's Ubuntu's fault? I don't remember having problems installing on Debian
<jelly> it's not likely ubuntu's QA would allow for completely broken packaging of postfix that did not log by default
<toor> Well I could try to reinstall and try from scratch..
<toor> Could you private message me a tutorial that would work if I did that?
<jelly> it would be better to try and understand the current state and the desired working state, instead of reinstalling blindly
<toor> It's too complicated for me.
<jelly> toor: for example: if the service command says the service is already running, can you verify that by looking at the process list?  There should be a process named "master".
<jelly> toor: some amount of basic unix knowedge and analytical skills is needed to run a linux server.
<Sling> if i plan a cronjob for lets say 1 2 3 1,3 0 /path/to/script.sh
<Sling> it runs at 2:01 on the 3rd of january and march
<Sling> what would the 'dow' parameter do here, only run it when that date is a sunday?
<bekks> Yes.
<Sling> hm so i would want that to be * I guess :)
<bekks> Yes. :)
<Sling> would be a funny 'why didnt my letsencrypt certs renew' debug session
<patdk-lap> heh mine are on manual
<patdk-lap> lets encrypt is not very friendly much other than a certificate
<patdk-lap> cannot use certificate pinning/dane/... with it, cause it changes so often, and you need to renew, but delay using it
<Sling> patdk-lap: then you're pinning the wrong certs I guess
<patdk-lap> how so?
<Sling> well you can also pin the letsencrypt intermediate for example
<patdk-lap> pinning an intermediate or ca certificate is a horrible thing to do
<patdk-lap> it means anyone that uses that same ca, can spoof you
<patdk-lap> and it assumes they dont rotate them out, most ca's rotate the intermediates yearly
<patdk-lap> letsencrypt hasn't said how they plan to do it yet
<Sling> true
<patdk-lap> so you might just pin outself out of a useful website
<Sling> (I don't have pinning atm)
<patdk-lap> and there is no way to fix that, other than hope your old certificate isn't expired
<patdk-lap> and the pin expiration time is highly short, and having it short is a bad idea
<devster31> why can't you pin them?
<patdk-lap> well, I normally use 6month pins
<patdk-lap> letsencrypt is only good for 3
<patdk-lap> I cannot pin a new one, till everyone knows about it
<patdk-lap> so say, I give it a 1month overlap
<patdk-lap> so the new cert is not useful for atleast 1 month
<patdk-lap> I add it to my websites pin
<patdk-lap> then after a month, I switch to it
<ianorlin> patdk-lap: then maybe not use letsencrypt for this
<patdk-lap> and have the pin expire in a month
<patdk-lap> use it for a month, and start process to new one again
<Sling> renewing doesn't imply using a new private key though
<Sling> so you could still use the same pin?
<patdk-lap> using the same key is possible
<patdk-lap> but kindof defeats the point
<patdk-lap> half the point of getting a new cert, is to rotate the keys
<patdk-lap> so the bruteforce would have to start over
<patdk-lap> if you start reusing the keys, your likely going get yourself into trouble
<Sling> not pinning the leaf isn't that bad though, plenty of people do it that way
<Sling> even companies like github
<Sling> they pin their root CA
<Sling> anyway I still need to dive into that topic someday, first getting all my boxes set up with autmatic renewal + LE
<ianorlin> I think someone could setup certs worse than letsencypt
<patdk-lap> yes, I just wish they had a 6month option
<patdk-lap> for usecases like this
<patdk-lap> 3months is fine for if you don't need any leadtime for the cert
<patdk-lap> atleast I got it programmed to update dane automatically
<patdk-lap> but haven't picked a solution to delay activation yet
<patdk-lap> probably will patch their program to keep two certs in the folder, and only use the old one
<andol> patdk-lap: Another option might be to pregerante key+csr, publish parallel dane/tlsa record, and then renew based on on that explicit csr.
<patdk-lap> but pinning is based only on the cert
<patdk-lap> I think
<andol> patdk-lap: No, pinning is based on the key material, and you can/should generate a backup pin based on an existing csr.
<patdk-lap> actually it's both
<andol> patdk-lap: How do you mean that it's both?
<patdk-lap> you can do it either way
<patdk-lap> pin by cert
<patdk-lap> or pin by public key
<andol> Ok, my bad.
<andol> Only seen pins based on the public key.
<andol> Why would you want to do it any other way?
<patdk-lap> easier to do :)
<andol> Well, writing that helper script is a one time thing in both cases.
<patdk-lap> if everyone could write that :)
<patdk-lap> most of the people using certificates have no idea how they work
<patdk-lap> let alone there are two parts to them
<andol> Not sure if one should try out HPKP unless one really knows what ones is doing? :-)
<patdk-lap> that is the problem
<patdk-lap> boss tells you to do it :)
<patdk-lap> or, you are new into that department
<patdk-lap> managing certs isn't exactly the highest and most important thing in a company view generally
<patdk-lap> it's easy to kindof tell, based on all the dnssec issues
<patdk-lap> certificate is annoying, and generally easily fixable, or worked around
<patdk-lap> dnssec is normally very noticable
<andol> Hmm, I think most DNSSEC issues are more about people not doing DNS right, which then becomes more much visable then you add DNSSEC.
<andol> But yeah, I agree with your more general point, about there being stuff like certs, dns(sec), etc which isn't given the needed importance.
#ubuntu-server 2016-12-19
<Javezim> Anyone had an issue with GlusterFS Running on ZFS, where by deleting data from Gluster pool doesn't delete it from the ZFS Bricks available space on Ubuntu 16.04
<Javezim> Doing a du -csh, the data has gone, but doing a df -h shows that the data is still there
<Javezim> the df -h never shrinks after deleting files
<SpaceBass> hey folks
<SpaceBass> anyone familiar with EncFS? I'm using -o umask='0002' but it's not honoring that once it's mounted
<SpaceBass> I end up with: -rwxrwxr-x
<trippeh_> well that do match the umask. maybe you want 0007 or 0027 instead?
<trippeh_> (never used encfs myself)
<SpaceBass> trippeh_, I think you're right...it 0007 isn't it?
<trippeh_> if you want other to be none, yes
<SpaceBass> that worked - thanks trippeh_ !
<trippeh_> np :)
<SuperLag> I'm running into this issue. http://lvb.link/2gQpCM9 I'm trying to use Ubuntu Server as a template to create new VMs from, and the VMs created from the template have no networking. Is there any way to permanently fix that issue, so I can continue to use it in an *automated* fastion? or am I stuck with manually editing files every time, to fix it?
<SuperLag> I'm using kitchen-test, which spins up an Ubuntu VM and runs the cookbooks I've written, and tests everything, then it destroys the VM
<SuperLag> Chef stuff, that is.
<fluvvell> I virtually never use ftp, but am setting up vsftpd - certificates work for tls, but I
<fluvvell> get stuck around the jail setup, which file do I put the user I'm allowing in?
<fluvvell> I get a prompt using filezilla, the correct certificate comes up, then it fails on password.
<fluvvell> I know I don't put the username in the same file as the disallowed users,
<fluvvell> I wanted to chroot the user - sandbox him as it were but I'm going in circles
<fluvvell> I am setting up vsftpd - certificates work for tls, but I get stuck around the jail setup, which file do I put the user I'm allowing in?  I get a prompt using filezilla, the correct certificate comes up, then it fails on password.
<fluvvell>  I know I don't put the username in the same file as the disallowed users,  I wanted to chroot the user - sandbox him as it were but I'm going in circles  Anyone used vsftpd successfully?
<caribou> rbasak: I need to revisit my nut merge : AFAICT, I followed the wiki instructions step by step
<rbasak> caribou: we can go through it together if you like. I know the documentation is a bit lacking.
<caribou> rbasak: I may have found the reason : using usd tag on the logical goes to fetch the version in the changelog and, once the changelog is removed from the reconstruct/{vers}, it has the debian version at the top
<caribou> rbasak: unless I've made yet another mistakke
<caribou> rbasak: if you checkout to the logical/{vers} tag, the changelog has 2.7.2-4 as a version, w/o the ubuntu1, which is in the changelog commit of the reconstruct/{version}
<rbasak> caribou: I don't follow. What steps are you taking exactly?
<caribou> rbasak: https://wiki.ubuntu.com/UbuntuDevelopment/Merging/GitWorkflow#Detailed_workflow
<rbasak> Oh, I think I see.
<caribou> rbasak: sorry, I meant deconstruct/{vers} though
<caribou> rbasak: step #6 creates the tag
<rbasak> Yes, that's a bug in either "usd tag" or the workflow documentation.
<rbasak> I'll file a bug.
<rbasak> For now, can you rename the tag manually please?
<rbasak> Sorry about that. I've never actually used "usd tag" - I predate the tooling and tend to do things by hand :-/
<rbasak> caribou: I filed bug 1651113
<ubottu> bug 1651113 in usd-importer ""usd tag" cannot tag logical tags" [High,Triaged] https://launchpad.net/bugs/1651113
<caribou> rbasak: well, I was doing it by hand the first time and mistakenly took 2.7.4-4 so  I decided that it would be better to adhere strictly to the doc :-)
<caribou> rbasak: ok, will do & force push the change
<caribou> rbasak: done
<rbasak> caribou: have you got commits 11414d6 and 0d4aab8 muddled?
<rbasak> Old logical commit 40d6910 too.
<rbasak> Actually it's just 40d6910 that seems to be squashed into 11414d6 now.
<caribou> rbasak: I'll look at it
<rbasak> caribou: and did you manage to send any of the delta to Debian please?
<rbasak> caribou: so for the logical, I'd expect 40d6910 and 53cc078 to be squashed together. Logically, it's just "add nut to dialout group", as opposed to "add nut to dialout group, then fix how we did it".
<rbasak> caribou: and then in your merge branch, 11414d6 needs splitting out, with the "add nut to dialout group" part squashed with 0d4aab8f in a separate commit that is just "add nut to dialout group".
<caribou> rbasak: thanks for the review, I'll try to get it done by EOD
<rbasak> caribou: no problem, and no rush. I haven't finished the review, but this fix probably should involve rebasing and will mutate all the commit ids. So shall I want for you to do that before continuing?
<caribou> rbasak: I'm fighting a QEMU upstream bisection in-package
<rbasak> caribou: you can create a merge.v3 when you're ready.
<caribou> rbasak: yes, that was my thought
<rbasak> caribou: sounds good. Also don't forget to check that debian/changelog still matches after those changes.
<caribou> smoser: any  news regarding the SRU for LP: #1648380 ?
<ubottu> Launchpad bug 1648380 in cloud-init (Ubuntu Yakkety) "cloud-init fails to find CloudSigma datasource with cloud-init 0.7.8-1-g3705bb5-0ubuntu1" [High,Confirmed] https://launchpad.net/bugs/1648380
<caribou> seems to be blocked by another SRU
<smoser> caribou, yeah, its blocked by the other... the other is supposed to i think go in today
<smoser> and there is an upload in the queue to go in as soon as it can
<smoser> https://launchpad.net/ubuntu/xenial/+queue?queue_state=1&queue_text=cloud-init
<caribou> smoser: thanks!
<smoser> but we didn't want to re-start a waiting period on the one already in -proposed
<cpaelzer> rbasak: FYI since Debian split off some packages the strongswan update is in the NEW queue
<cpaelzer> rbasak: I tihnk this is just normal, but if you think there is something odd going on and I'd need to adapt anything let me know
<rbasak> cpaelzer: that sounds as expected, thanks.
<whitekidney> is there any way to do livepatching on ubuntu servers **without** the canonical livepatch service?
<genii> !info ksplice
<ubottu> Package ksplice does not exist in yakkety
<genii> Apparently not.
<genii> !info ksplice xenial
<ubottu> Package ksplice does not exist in xenial
<genii> !info ksplice trusty
<whitekidney> ksplice is only free for desktop systems
<ubottu> ksplice (source: ksplice): Patching live kernel without having to reboot. In component universe, is optional. Version 0.9.9-5 (trusty), package size 527 kB, installed size 3525 kB (Only available for i386; amd64; arm; armel; armhf)
<genii> ..besides which it seems to have been removed or superceded
<whitekidney> ya exactly, by what :P ive been googling around
<nacc> whitekidney: i mean, sure, you could presumably provide the patch data yourself to your kernel? but then you'd need to maintain/provide that data. That is, you'd do the live patching just like you would with a mainline kernel?
<nacc> whitekidney: ksplice was deleted from debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805916
<ubottu> Debian bug 805916 in ftp.debian.org "RM: ksplice -- ROM; FTBFS; obsolete" [Normal,Open]
<nacc> whitekidney: i'm assuming you'd want to read Documenation/livepatch/* in the kernel source
<hasenov> hello, anyone know how to succesfully import an image into novalxd that is not ubuntu?
<hasenov> specifically, i would like to import centos image
<hasenov> i was able to succesfully import images from cloud-images.ubuntu.com
<hasenov> however all those images hosted are ubuntu
<hasenov> the images hosted from cloud.centos.org do not seem to work
<sarnold> hey hasenov :) the centos kernels may be fairly different from the ubuntu kernels, I'm not 100% sure the software in the container would be prepared for the kernel configuration options we used on our kernels
<hasenov> oh i see, sarnold, would you be able to explain to me why centos container images work with lxd however fail to start up with novalxd?
<hasenov> im just trying to figure out how it all works
<hasenov> i am able to succesfully start up centos container instances using "lxc start instance" however when i try to start up same image with novalxd it wont work
<sarnold> hasenov: ahh I see
<sarnold> hasenov: are you able to import the images into glance?
<hasenov> sarnold: hi, i can import it succesfully
<hasenov> however when i start it from the horizon web ui it refuses to start
<sarnold> hasenov: oh, that's a start; what error do you get?
<hasenov> on the log console i dont get any error, it completely empty
<hasenov> however when i goto the compute-nova log file, i get WARNING nova.compute.manager [-] [instance: 8ec8e338-a0cf-4968-88bc-8a6d4bfa2d31] Instance shutdown by itself. Calling the stop API. Current vm_state: active, current task_state: None, original DB power_state: 4, current VM power_state: 4
<hasenov> its status is Active, however Power State always goes to Shut Down
<hasenov> hmm, if i go into the compute node and try to start it up manually with "lxc start instance" it throws out
<hasenov>             lxc 20161219195844.236 ERROR    lxc_start - start.c:start:1439 - No such file or directory - failed to exec /sbin/init
<hasenov>             lxc 20161219195844.236 ERROR    lxc_sync - sync.c:__sync_wait:57 - An error occurred in another process (expected sequence number 5)
<hasenov>             lxc 20161219195844.236 ERROR    lxc_start - start.c:__lxc_start:1354 - failed to spawn 'instance-00000020'
<hasenov>             lxc 20161219195844.748 ERROR    lxc_conf - conf.c:run_buffer:347 - Script exited with status 1
<hasenov>             lxc 20161219195844.748 ERROR    lxc_start - start.c:lxc_fini:555 - failed to run post-stop hooks for container 'instance-00000020'.
<hasenov>             lxc 20161219195844.748 WARN     lxc_commands - commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive response
<hasenov>             lxc 20161219195844.748 WARN     lxc_commands - commands.c:lxc_cmd_rsp_recv:172 - command get_cgroup failed to receive response
<hasenov> however the same image works with lxc outside of the compute node, if that makes sense
<sarnold> yeah, that makes sense; you'd expect lxd to be good at handling lxd images :)
<dasjoe> kirkland: hi! I think it'd be nice if manpg.es/ would keep pointing to the latest LTS, I just realized it points at zesty as of now :)
<hasenov> yeah, i get this error for the cloud centos image too
<hasenov> guess i am SOL on this?
<sarnold> hasenov: it's probably worth a bug report or a mail to the server mail list
<sarnold> rbasak: nice reply to ubuntu-devel re security sponsoring, thanks :)
#ubuntu-server 2016-12-20
<xnox> rbasak, which tomcat server is the default in xenial?
<xnox> 7 or 8?
 * xnox ponders if the tasksel tasks are out of date in xenial
<sarnold> my tools tell me tomcat8 is in main in xenial
<nacc> xnox: should be tomcat8 in 16.04
<nacc> xnox: tomcat7 is in universe, iirc
<nacc> xnox: and i believe we also updated the seeds
<xnox> sarnold, nacc: ack, will fix tasksel in xenial.
<nacc> xnox: thanks!
<Nicho1as> Hi, I need an efficient software load balancer for my vsftpd cluster thingy; could anyone recommend one to me?
<karstensrage> how do you read /var/crash files? im not use the GUI at all and everything seems to indicate you have to use the UI?
<Hetfield> good morning
<Hetfield> i need a fast clarification about autopilot-juju-conjure status in ubuntu nowadays
<kdo__> Hi
<kdo__> I have tried to install Ubuntu 16.04 Server on PowerEdge R530, the installation is working but it is really slow
<kdo__> I made Raid 6 install and the server got 8Go RAM
<kdo__> I don't understand because there is no error in console log
<kdo__> moreover it seems certified to work https://certification.ubuntu.com/hardware/201411-16164
<kdo__> I made a mistake the server got 16 Go Ram
<lordievader> kdo__: Is there something hogging the cpu?
<kdo__> lordievader : no
<lordievader> kdo__: Could you run 'vmstat 1' for a while and give the last few lines?
<mnms_> Anyone experienced error:  Diskfilter writes are not supported ?
<mnms_> Hi
<ikonia> mnms_: as I recall it's something to do with raid devices when the machine boots and it can't access the file system in a certain way
<ikonia> I think it's software raid only when /boot can't be accessed as a raw device
<mnms_> ikonia: what is the best solution for this ?
<ikonia> mnms_: I think you'd have to understand what triggers it properly, I'm working from memory
<ikonia> mnms_: what's your disk config/layout
<ikonia> mnms_: the other thing is, is it causing you a problem ?
<mnms_> cause my system doesnt boot up without pressing key
<ikonia> ahh, so it won't actually boot without interaction
<mnms_> thats right
<ikonia> mnms_: tell me about your disk config, specfically around /boot and /
<ikonia> lets see if we can figure it out
<mnms_> ikonia: I have software raid
<mnms_> mirror
<ikonia> as in mdadm software raid ?
<mnms_> ikonia: everything is under root. I dont have separate boot partition
<lordievader> I had that issue once, this fixed it for me: https://askubuntu.com/questions/468466/diskfilter-writes-are-not-supported-what-triggers-this-error
<lordievader> Has a good explanation of how it happens too.
<ikonia> ooh, lets see
<mnms_> lordievader: you applied a patch ?
<ikonia> ahhhh I see,
<lordievader> mnms_: Back when I ran Ubuntu, yes.
<ikonia> I don't think you should have to patch this on a modern ubuntu
<mnms_> It is 14.04
<lordievader> From the same page "Still not fixed in 16.04. This breakneck pace of bug fixing is hard to keep up with."
<mnms_> lordievader, ikonia: So what do you propose? apt-get uprgade, patch ?
<mnms_> I dont want to go with quick boot = 0
<lordievader> mnms_: I applied his patch, back then.
<mnms_> lordievader: and everything was fine after that ?
<mnms_> no problems ?
<lordievader> Not that I can remember.
<mnms_> I understand I could also add disk which is not in RAID and installer grub there?
<ikonia> is /boot under LVM
<ikonia> or / under lvm
<cpaelzer> rbasak: are you stil laround for a mysql dependency to Debian question?
<mnms_> ikonia: yes
<ikonia> mnms_: easy fix, mirror a 500mb partition as /boot, then put the rest in lvm on a second mirrored partition
<ikonia> problem solved
<rbasak> cpaelzer: o/
<rbasak> Today is my last day.
<rbasak> Before January, that is. I am coming back :-)
<cpaelzer> yeah, thanks for not being another one :-)
<cpaelzer> I was breaking our strongwan changes up to be ready for Debian
<cpaelzer> and I'm pretty far - or so I thought
<cpaelzer> but now comes mysql
<cpaelzer> which gives me a build error on debian-sid
<cpaelzer> rbasak: I know that you were in the midst of all these mysql/mariadb things
<cpaelzer> rbasak: so I hope for an advice
<cpaelzer> current Ubuntu strongwan pulls libmysqlclient-dev and works building the mysql plugin
<cpaelzer> the same fails in Debian-sid
<rbasak> Can you show me a build log?
<cpaelzer> I kind of blindly try exchaning for libmariadbclient-dev now, but any betetr advice is useful
<rbasak> For compatiblity with both, you should now use default-libmysqlclient-dev if possible, but that shouldn't matter.
<cpaelzer> rbasak: ok, pasting buildlog now ...
<cpaelzer> rbasak: http://paste.ubuntu.com/23659110/
<cpaelzer> rbasak: I was too eager putting it in an autopkgtest right away, so I had to fetch the buildlog before pastebining it
<rbasak> Ah
<rbasak> I can't find the bug right now, but it is fixed in VCS
<rbasak> Sorry we don't have an upload to sid right now. We haven't found a DD to do it.
<mnms_> ikonia, lordievader: thanks for help
<rbasak> If building in sid, you can build against default-libmysqlclient-dev and that'll build against MariaDB and should fix the issue.
<ikonia> mnms_: no problem
<rbasak> (and you'll want to do that anyway for Debian)
<cpaelzer> rbasak: ok trying with  default-libmysqlclient-dev already
<cpaelzer> rbasak: as I read you 5 minutes before as "that is the way it should be done"
<cpaelzer> rbasak: thanks, I'll let you know if that fixed my issues
<mnms_> ikonia: do you always create separate boot partition ?
<mnms_> or just /
<ikonia> mnms_: I do personally yes
<mnms_> ikonia: / /boot swap is enough for most cases I quess ?
<cpaelzer> rbasak: at least in sbuild it is happy now, spinnign up autopkgtest again
<ikonia> mnms_: you can slice it up however you're most happy, there is no right and wrong
<mnms_> ikonia: ok, great
<cpaelzer> but well I reuse built binaries so I won't double check compilation - only the dep8s int here
<cpaelzer> rbasak: thanks for the hint
<lordievader> mnms_: No problem
<jgrimm> smoser, powersj, rbasak, caribou: irc mtg
<jgrimm> smoser, caribou: what needs to happen yet for the cloud-init SRU mentioned in meeting?
<dudeji> Hi guys, I have two ubuntu servers under load balancer bt one of them is giving too much CPU-load due to IO operations , what can be probable issue ?
<caribou> jgrimm: the SRU team needs to push it to xenial-proposed
<smoser> sru team member just needs to let into -proposed for xenial and for yakkety
<caribou> yeah, & for yakkety
<jgrimm> rbasak, ^^ this was the one you'd already pre-reviewed i thought?
<smoser> yakkety is much larger sru
<smoser> http://launchpadlibrarian.net/299016220/cloud-init_0.7.8-68-gca3ae67-0ubuntu1~16.10.1_source.changes
<jgrimm> well, not the yakkety part
<jgrimm> that is, our discussion last week was that xenial should go immediately after proposed cleared (Monday)
<smoser> http://launchpadlibrarian.net/298091288/cloud-init_0.7.8-49-g9e904bb-0ubuntu1~16.04.3_source.changes
<dudeji> this is the error i am getting : CPU iowait time (xxx:system.cpu.util[,iowait]): 29.07 %
<smoser> possibly i guess rbasak might ask for a re-upload with only the new changes in that list
<smoser> (ie, only 16.04.3... id' uploaded as a replacement for .2 so it had both the chagnes listed)
<rbasak> smoser: I was about to accept cloud-init into Xenial. Are you referring to Yakkety? I hadn't looked at that at all.
<smoser> rbasak, there is both needed.
<smoser> xenial is small
<smoser> yakkety is larger
<smoser> xenial's changes file (http://launchpadlibrarian.net/298091288/cloud-init_0.7.8-49-g9e904bb-0ubuntu1~16.04.3_source.changes) has 2 entries
<smoser> see ?
<smoser> i can re-upload with only the one if you'd like
<rbasak> I did review both changes, so I'm happy to accept both. Unless you want to do one at a time?
<smoser> rbasak, no. that snot what i meant.
<smoser> the Changes file
<smoser> has 2 Changes
<rbasak> Oh
<rbasak> Ah, I see.
<smoser> i think if you release it, wont the bugs for 0.7.8-49-g9e904bb-0ubuntu1~16.04.2 get re-marked
<rbasak> Yes. That'll probably confuse the tooling.
<rbasak> Sorry. I follow now. Please do re-upload with that removed.
<smoser> you can NACK that one and i will re-upload. with a new changes
<smoser> ok
<rbasak> I'll leave the current one there if that's OK. Easier to diff in one go when both are present.
<smoser> does that work?
<rbasak> Yes
<smoser> i'll upload the same thing, just different changes
<smoser> ok
<smoser> rbasak, uploaded
<jgrimm> smoser, rbasak: thank you
<caribou> smoser: rbasak: testing uploaded cloud-init atm
<smoser> caribou, easiest thing to do is just launch an instance, then install it.
<smoser> tnen rm -Rf /var/lib/cloud /var/log/cloud-init*
<smoser> reboot
<caribou> smoser: not sure I still have my instance on their cloud
<smoser> oh. i thought htat is what you meant by uploaded
<caribou> smoser:  no the uploaded to xenial-proposed
<caribou> smoser: my local test is correct though; it fails later but does find the datasource
<caribou> smoser: I'll ask them for one
<smoser> caribou, i can give you one
<caribou> smoser: then go ahead & I'll test it
<smoser> one thing that sucks on their clloud... to my knowledge i now have some funds available on only their zrh region.
<smoser> ie, funds are region specific
<jgrimm> rbasak, are you also handling the yakkety-proposed cloud-init SRU?
<smoser> caribou, well, i'm trying
<rbasak> jgrimm: no, that hasn't been on my list
<jgrimm> rbasak, no worries, that's what i assumed but noticed that it was v-d now too
<caribou> smoser: fine, I'm lightning up the christmas tree in the meantime :-)
<smoser> caribou, ubuntu@31.171.245.29
<smoser> i think you should be able to get in
<caribou> smoser: ok tryign
<caribou> trying
<caribou> smoser: ok, I'm in
<caribou> smoser: works fine on Xenial \o/
<smoser> caribou, you all done ?
<caribou> smoser: for Xenial, yes
<smoser> k. i'll kill that then
<caribou> smoser: upgraded, remove /var/lib/cloud & rebooted
<rbasak> nacc: o/
<rbasak> nacc: FYI, I made some progress on the unapproved queue work
<rbasak> nacc: not close to ready yet: https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+ref/unapproved
<rbasak> nacc: I had to refactor some other bits though so you might be interested
<rbasak> eg. https://git.launchpad.net/~racb/usd-importer/diff/usd/git_repository.py?h=unapproved&id=9ad33082e532707403d1b91ac91f975825707cd2
<rbasak> and https://git.launchpad.net/~racb/usd-importer/diff/usd/importer.py?h=unapproved&id=ac4197077503c34c9b5662c521b46a9cbdba2555
<rbasak> https://git.launchpad.net/~racb/usd-importer/diff/usd/git_repository.py?h=unapproved&id=ac4197077503c34c9b5662c521b46a9cbdba2555
<rbasak> https://git.launchpad.net/~racb/usd-importer/diff/usd/git_repository.py?h=unapproved&id=d23e267aebe8c1bbed2b8df1f38c6a7651303413
<rbasak> That sort of thing
<bildz> Can someone help me with an issue with Postfix.  I have tried editing the /etc/aliases file (and running newaliases) and have also created a .forward file for the user account used to send messages, but it all appears to be rejected locally.  Please take a look at the following output and let me know what I am doing wrong.  http://pastebin.com/5s6FnA3b   thanks!
<sarnold> bildz: does postfix/local do 'local' deliveries, to unix mbox or maildirs? do those user accounts need to exist in /etc/passwd and so on?
<nacc> rbasak: nice, will take a look!
<bildz> sarnold: its a default postfix install of 16.04
<bildz> i just added a relay host
#ubuntu-server 2016-12-21
<jturek> not sure if this is the right place (just let me know)  i am testing Jorge's kubernetes tutorial on 16.10 w/ latest ppa against a local lxd (fresh install as well) and it crashes on me before getting to the deployment section
<sarnold> does the ppa support 16.10?
<sarnold> (it's relatively common for people to target their ppas to e.g. only LTSes or only the most recent LTS..)
<jturek> Gotcha,  i feel like a goof if that was the case--- i'll check
<tjkoury> Hey everyone
<tjkoury> Any conjure-up gurus out there: Do you have to install MAAS separately, as well as put in all the environment info in a .yaml file and create a cloud config, or should conjure-up do all that for you through the prompts?
<jturek> tjkoury: i am learning the same thing right now doing conjure-up for the first time
<tjkoury> jturek kk
<tjkoury> I haven't gotten it to work at all; sometimes it says 'no controller' and throws python errors, other times it starts provisioning but hangs forever 'waiting for server'
<tjkoury> or 'waiting for machine'
<tjkoury> on 16.04
<jturek> https://github.com/castrojo/kubernetes.github.io/blob/ubuntu-lifecycle-revisions/docs/getting-started-guides/ubuntu/local.md
<jturek> tjkoury: are you doing lxd?
<jturek> tjkoury: are you doing, i found that conjure will crash if ipv6 is enabled (instead of exposing the ipv6 is not supported log entry, it just pukes instead
<munsking> Hello, where can i edit what WM/DE gets started with startx? my .xinitrc and .xsession are empty and it auto-starts fluxbox, i want to stop that.
<lordievader> Probably comes from /etc/X11/Xsession.{conf,d/}
<munsking> lordievader: can't find it with grep though
<lordievader> munsking: Hmm, what if you grep the /etc/X11/ folder recursively for fluxbox?
<munsking> lordievader: did that as well it only finds stuff in /etc/X11/fluxbox (which makes sense), not a single xorg conf file
<munsking> i commented out "exec fluxbox" in ~/.fluxbox/startup and that kinda worked, but it seems wrong, something has to call that file from somewhere, i need to disable it there
<lordievader> You could strace the startx command, look at what files it opens...
<munsking> hmm, i'll try that after my smoke break, thanks for the idea
<JanC> startx is a script IIRC
<JanC> you could also uninstall fluxbox if you don't want it at all
<JanC> something inside /etc/X11/ is probably sourcing a script elsewhere which then finds fluxbox, so follow it from there  :)
<JanC> (I'm sure I did that myself years ago, but I can't really remember what I found back then)
<munsking> JanC: i don't want fluxbox, but the other user does, it'll be a admin laptop we'll take with us if we have to go to other departments n stuff
<JanC> reading manuals & docs might be useful too...
<sonu_nk> how to generate DKIM / DomainKeys from domain. domain name to generate your DNS record:
<blackflow> sonu_nk: you need OpenDKIM. Here's a tutorial with Postfix: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy
<blackflow> sonu_nk: ubuntu: https://help.ubuntu.com/community/Postfix/DKIM
<mnms_> Hi guys. I asked yesterday about Diskfilter writes are not supported. One possible solution is to update grub maybe this will help, if this fail I will try to apply patch. My question is do I can update only grub package ?
<mnms_> I dont want to update all not up to date packages
<tomreyn> mnms_: apt-get update && apt-get install grub-pc
<tomreyn> this would only update the grub-pc package and its dependencies
<tomreyn> mnms_: actually: sudo apt-get update && sudo apt-get install grub-pc
<mnms_> tomreyn: Ok I updated only grub package but I choose wrong option. I selected to keep old version of /etc/default/grub
<mnms_> doing apt-get --reinstall install doesnt allow me to select again
<tomreyn> mnms_: move the configursation file out of the way and reinstall
<mnms_> I should select maintainer version
<mnms_> what would happen if I would remove with purge ?
<mnms_> and then install ?
<mnms_> tomaw: ^^
<mnms_> tomreyn:    ^ ^
<tomreyn> or use: should work, too, you'll loose all configurations of this very package
<tomreyn> please ignore "or use:"
<mnms_> tomreyn:   I would like to have generic configuration from package I done want to have any local changes done by me
<tomreyn> mnms_: which ubuntu release is this?
<mnms_> 14.04
<mnms_> I accidentaly cliked keep local version while installing newest grub version
<tomreyn> can you show the output of: dpkg -l grub\*
<tomreyn> on a pastebin, please
<tomreyn> !pastebin | mnms_
<ubottu> mnms_: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<mnms_> tomreyn: please http://paste.ubuntu.com/23664134/
<tomreyn> mnms_: so you should "apt-get purge <PACKAGENAMES>" all of these grub packages which are current installed, then "apt-get install <PACKAGENAMES>" to re-install them
<tomreyn> + sudo
<mnms_> tomreyn: Any way to purge all those grub packages with one command ?
<tomreyn> just list all the packages on the same line
<mnms_> ahhh ok :)
<tomreyn> sudo apt-get purge <PACKAGE1> <PACKAGE2> <PACKAGE3> ...
<mnms_> tomreyn: only those are installed, may of them not
<mnms_> many*
<mnms_> installed: grub-common* grub-gfxpayload-lists* grub-pc* grub-pc-bin* grub2-common*
<mnms_> tomreyn: Im asked about removing all to files from /boot/grub and is telling me that system will be unbootable
<mnms_> I understand after this purge I will install again grub and my system will be bootable yes ?
<tomreyn> mnms_: yes thats correct
<tomreyn> the system will be unbootable until you have reinstalled grub
<mnms_> tomreyn: Ok I installed grub-common again
<mnms_> and grub
<mnms_> should I do smth more ?
<mnms_> I see there is a grub-install command
<tomreyn> mnms_: make sure you end up with all grub packages installed which you used to have installed
<tomreyn> finally, do: sudo update-grub; then install grub on the disk / partition where it should be, using: sudo grub-install /dev/XXX    # where XXX is the partition / block device it should live on.
<mnms_> tomreyn: now good question If I have raid mirror should I install rub on raid md1 or sda ?
<mnms_> grub*
<tomreyn> probably sda (and to the other array members' MBR as well)
<mnms_> right now the other member is deatached cause raid is degenerated
<mnms_> its working only on one disk
<tomreyn> wenn then do it later when you re-add it
<tomreyn> if you only have one member then just put it to its MBR for now.
<tomreyn> is this a server? since you're asking this in #ubuntu-server
<mnms_> Yes
<tomreyn> i see. well such generic questions you could also ask in #ubuntu, but i guess either is fine
<tomreyn> (see /topic)
<mnms_> Sorry. Can I stay here to finish my problem ?
<tomreyn> i'm not to decide it. but i doubt anyone will mind.
<tomreyn> also #ubuntu is pretty busy right now.
<mnms_> I choose wrong partition, I think it was swap I have to purge an install again those packages
<mnms_> Or not..
<mnms_> tomreyn: could you look at this http://paste.ubuntu.com/23664218/
<tomreyn> mnms_: no need to reinstall, you just need to grub-install to the proper block device
<tomreyn> mnms_: i looked at what you posted to pastebin.com
<tomreyn> looks like you have os-prober installed, this tends to spill a bunch of warnings
<mnms_> tomreyn: I still need to do grub-install, cause I thought installing those packages did that
<mnms_> ?
<mnms_> there is line with grub install in this pastebin
<tomreyn> mnms_: you said you installed to the wrong device, so i suggested you run grub-install to point it to the correct device
<tomreyn> i don't see "grub install" mentioned at http://paste.ubuntu.com/23664218/
<mnms_> tomreyn: Ok sorry. Because of this warnings I thought it was wrong device, but I was wrong
<mnms_> please look at line 3 and 4
<tomreyn> if you don't have a multi boot system, and on a server you probably don't, then i would suggest you just uninstall os-prober and run update-grub again
<tomreyn> that will provide a nicer output
<tomreyn> and yes you're right, grub.install did run
<mnms_> tomreyn: multi boot is when I have more than one system installed?
<tomreyn> mnms_: correct
<tomreyn> and when you want to be able to boot either of them from bare metal
<mnms_> tomreyn: Before I do that can I reboot system now? It "should" work?
<tomreyn> mnms_: if the grub boot code got installed to the right device, it should work now
<mnms_> tomreyn: trying to reboot! :)
<tomreyn> good luck
<mnms_> tomreyn: It works but grub update didnt solve my problem "Diskfilter writes are not supported"
<mnms_> :)
<tomreyn> mnms_: that's not the problem you asked for help with, though.
<mnms_> tomreyn: yes of course, thanks for your help
<tomreyn> mnms_: according to https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1274320 it is fixed in grub2 on trusty.
<ubottu> Launchpad bug 1274320 in grub2-signed (Ubuntu) "Error: diskfilter writes are not supported" [Undecided,Confirmed]
<tomreyn> version 2.02~beta2-9ubuntu1.7 and higher should be fixed
<tomreyn> it'S really not an important message, however
<mnms_> tomreyn: I have  grub-pc 2.02~beta2-9ubuntu1.12
<mnms_> tomreyn: But it force me to press key without that it will not boot up
<tomreyn> that'll be a different issue
<mnms_> tomreyn: do you have any idea what could I do to start my system without interaction ??
<tomreyn> mnms_: no, sorry, not without you providing more information and me spending more time on it, which i currently cannot.
<mnms_> tomreyn: Maybe you could give some hint, which direction should I go, if not I understand and thanks for your time :)
<tomreyn> mnms_: sthe same approahc as for any other issue, really: start by installing any pending updates (and reboot to see whether it helped). review log files to identify and solve or work around this issue. if it's still an issue then, try searching the web using different combinations of search terms to identify this issue and possible solutions or workarounds. if you can't find it, ask in #ubuntu providing your configuration and ubuntu
<tomreyn> release version.
<tomreyn> you may want to do the web search before reviewing your log files, based on personal preferences.
<mnms_> tomreyn: thanks
<tomreyn> welcome, and good luck, now please excuse me.
<jrwren> is there a way to set environment variables which will be set in the processes spawned? e.g. the 3rd party elasticsearch deb fails to install unless ES_SKIP_SET_KERNEL_PARAMETERS=true.  https://github.com/elastic/elasticsearch/commit/32df032c5944326e351a7910a877d1992563f791
<jrwren> arguably, its a bad postinst, but is there a way to set such an env var in cloud-config?
<sarnold> ES_SKIP_SET_KERNEL_PARAMETERS=true apt-get install elasticsearch
<sarnold> or maybe ES_SKIP_SET_KERNEL_PARAMETERS=true ; export ES_SKIP_SET_KERNEL_PARAMETERS ; apt-get install elasticsearch
<sarnold> I have to admit I've forgotten the rules when 'export' is needed
 * sarnold hangs his head
<jrwren> ha! i guess I can do that easily enough. that means, use runcmd instead of packages module.
<jrwren> silly me, I didn't even think of that because of the packages module.
<jrwren> thanks sarnold
<sarnold> aha :)
<sarnold> yes I can see how that would present a pretty big stumbling block :)
#ubuntu-server 2016-12-22
<CrummyGummy_> Morning
<lordievader> o/
<CrummyGummy_> Systemd seems to have locked me out of one of my servers with "System is booting up.Connection closed by 10.3.0.214"
<CrummyGummy_> any ideas how to get in without a reboot?
<CrummyGummy_> Everything is running ok
<CrummyGummy_> Just can't get in :(
<lordievader> Well... if sshd ain't started....
<lordievader> Remoting in is going to be difficult.
<tlyng> I've tried running the "canonical-kubernetes" distribution using juju, how to I stop it and remove it?
<tlyng> it's partially up and running now
<tomreyn> CrummyGummy_: you may still be able to authenticate via ssh as root in this situation.
<CrummyGummy_> tomreyn: I don't keep root passwords :(
<tomreyn> CrummyGummy_: then i guess unless you have out-of-band management you're going to have to move there physically
<CrummyGummy_> IPMI will save the day. I just have to wait for AH. Unfortunately
<tomreyn> "AH"?
<CrummyGummy_> after hours
<tomreyn> oh
<tomreyn> well good luck there
<adsc> is there anything else I have to do to get apache2 to listen to 4443 instead of 443 besides changing the port in the virtualhost configuration? Here is the .conf file for the virtualhost: https://hastebin.com/iwaxegobin.apache
<adsc> it's an ubuntu server 14.04 installation, btw.
<adsc> i also did a2enmod ssl and a2ensite default-ssl.conf
<adsc> lsof -i only shows http and https ports being listened on
<adsc> i've already been helped in #httpd, thx
<tjkoury> conjure-up doesn't work on 16.04; keeps saying that a controller is missing, which is supposed to be created during the juju bootstrap process.
<foo> I'm having a strange issue I haven't seen before, and I don't believe I've changed any configs that would cause this. If I drop 1 or 2 packets, my ssh connection freezes and doesn't come back. I'm nearly certain I've had this issue and ssh session may just freeze for a sec or so, but never completely freeze. Anyone know if there is a setting I can check for this or something? Than you
<sarnold> foo: nothing comes to mind, but I've gained a feeling that something about ssh is fairly brittle about networking.. every few months someone files a bug that they can't connect to a specific ancient device using ssh and the answer half the time is to set a lower MTU for the connection.
<sarnold> foo: why PMTU doesn't sort that out automatically I just don't understand.
<foo> sarnold: thank you. It's so strange. I've been working the same way for years and all of a sudden I have this issue. Maybe there is another variable at this specific coffee shop I'm at, or my hotspot has some sort of internal networking issue right now.
<nacc> i would blame the coffeeshop router, maybe?
<sarnold> foo: you might want to try the 'mosh' tool; it uses ssh for authentication and then runs its own udp-based client/server mechanism, with neat 'predictive typing' terminal handling so you can still do line editing tasks over very lossy connections..
<sarnold> foo: it hasn't had the review that ssh has had :( but it's neat to work with it. It automatically adapts to changed addresses in many situations too, which is very convenient for short-dhcp-lease environmments, laptops moving between APs, etc..
<foo> sarnold: ah, thank you
<trippeh_> mosh is very nice when sitting on the train :)
<genii> foo: Does the place used a captured portal ?
<foo> genii: I'm using my own hotspot, which is what makes this extra strange. I'm connected to my hotspot via wifi. If there is something beyond that, I'm not connected via a captured portal (which I believe is what starbucks uses, which is where I'm at, but not on their network)
<M3mphiZ> I'm currently preparing my ubuntu 16.04.1 lts server for nextcloud. I ran apt install php-smbclient. which downloaded a bunch of dependencies and set them up. but at the end i still get: WARNING: Module smbclient ini file doesn't exist under /etc/php/7.0/mods-available. Any Ideas?
<nacc> M3mphiZ: LP: #1579034
<ubottu> Launchpad bug 1579034 in php-smbclient (Ubuntu Xenial) "installs smbclient.ini to wrong directory when used with php 7" [Undecided,Fix committed] https://launchpad.net/bugs/1579034
<nacc> M3mphiZ: if you could test that and mark it as v-d, the fix will roll out
<M3mphiZ> nacc: v-d?
<nacc> M3mphiZ: verification-done, see the last comment
<M3mphiZ> nacc: yep its in the wrong dir.
<nacc> M3mphiZ: yes, i know
<nacc> M3mphiZ: please read the bug, test the fix and see if the fix works
<M3mphiZ> nacc: works
<nacc> M3mphiZ: thanks, please put a comment in the bug with the version tested and chagne the tag, it will then get picked up the SRU team
<nacc> M3mphiZ: thanks for helping make ubuntu better, as well! :)
<M3mphiZ> nacc: done.
<nacc> M3mphiZ: thanks! for clarity's sake, you tested '0.8.0~rc1-2build1', right (`apt policy php-smbclient` output woudl be sufficient)
<M3mphiZ> nacc: both dpkg -s and apt policy show 0.8.0~rc1-2
<M3mphiZ> nacc: no build number mentioned
<nacc> M3mphiZ: hrm, that doesn't seem right
<nacc> M3mphiZ: you added proposed and updated?
<nacc> M3mphiZ: can you pastebin `apt policy php-smbclient`?
<M3mphiZ> nacc: i didnt add proposed
<nacc> M3mphiZ: then what did you test?
<nacc> M3mphiZ: the shipped version is broken
<nacc> M3mphiZ: super confused, you should not have marked it as v-d if you didn't verify the fixed package.
<M3mphiZ> nacc: To fix I had to copy /etc/php/mods-available/smbclient.ini to /etc/php/7.0/mods-available/smbclient.ini and then re-install php-smbclient. thats what i tested and worked
<nacc> no
<nacc> that's not an accurate test
<nacc> sigh
<nacc> M3mphiZ: note i specifically asked you to read the bug and the last comment
<M3mphiZ> nacc: ok verified now
<M3mphiZ> removed the file from both locations, removed php-smbclient, and installed php-smbclient/xenial-proposed
<M3mphiZ> nacc: php-m lists smbclient now
<nacc> M3mphiZ: thanks! if you could put a comment in to that effect, with the `apt policy php-smbclient` output (or simply the version), that'd be great, and mark it v-d again
<M3mphiZ> nacc: done. :)
<nacc> M3mphiZ: thanks!
<nacc> M3mphiZ: should trickle into the -updates component in a bit (maybe delayed due to the holidays :)
<T-Co> I'm trying to make an AMI and have added additional EBS volume. I now want to use cloud-config to make btrfs and mount it to /var/lib/docker before rancher kicks off docker install... I have tried to debug with cloud-init -d init but no avail
<T-Co> I have 3 simple runcmd commands in an yml and AFAIK they are being read
<T-Co> 2016-12-22 21:11:47,706 - util.py[DEBUG]: Reading from /etc/cloud/cloud.cfg.d/45_fs_setup.cfg (quiet=False)
<T-Co> 2016-12-22 21:11:47,706 - util.py[DEBUG]: Read 114 bytes from /etc/cloud/cloud.cfg.d/45_fs_setup.cfg
<T-Co> Any pointers? Running on xenial
#ubuntu-server 2016-12-23
<EvilAngel> can someone tell me how to remove the auditing going on in my dmesg log about apparmor? I've disabled it. I've removed it. I autoremoved it and I purged it yet like a damn virus it's still there
<EvilAngel> does ubuntu make an iso without that nasty software?
<sarnold> I think either security.apparmor=0 or just apparmor=0 on the kernel command line will disable it
<sarnold> or security.selinux=1, security.tomoyo=1, security.smack=1, thta ought to do the trick too, if you'd rather use one of the other lsms
<EvilAngel> oh
<EvilAngel> ok, i hadn't found that in any of the docs i read online
<EvilAngel> thanks sarnold
<EvilAngel> sarnold: thanks again. that worked and survived the reboot
<EvilAngel> with apparmor=0 security=""
<sarnold> EvilAngel: sorry to hear it wasn't working out for you :(
<sarnold> EvilAngel: glad to hear the solution worked though ;) heh
<EvilAngel> well I don't know what happened
<EvilAngel> I deleted my log but I saw a lower mem corruption immediately after apparmor
<EvilAngel> in the logs
<sarnold> o_O
<sarnold> odd indeed
<EvilAngel> and I have seen way to many audits going on  with it
<EvilAngel> then I read one blogger I respect a lot say he disables it on all his servers first thing since a properly configured server really doesn't need it
<EvilAngel> I do use selinux though
<EvilAngel> but I know how to manage that one
<EvilAngel> but I just don't need it on every system is all
<sarnold> hehe by the same logic one might say a firewall isn't needed either, since properly configured software would't do anything you didn't want.
<sarnold> I for one like all the belts and suspenders I can get
<EvilAngel> that's true too
<EvilAngel> and I do know ppl that don't use a fw
<EvilAngel> not saying I'd go that route but if you know your system it can be done
<EvilAngel> a firewall isnt' a soluton for a server exploit
<EvilAngel> service*
<sarnold> depends, if the exploited server has any control over the firewall, hehe
<EvilAngel> that's true too
<sarnold> the firewall's also nice for accidental misconfigurations
<sarnold> and I like to think of apparmor as serving similar roles; it limits the damage of potential exploits, and limits the damage of accidentally run-amok software..
<EvilAngel> it can also make trivial tasks take way too long if you're new to apparmor, selinux too
<sarnold> aye
<sarnold> that's very true :)
<EvilAngel> i'm just lucky I got michael jang's rhcsa/rhce book and watched SELINUX for mere mortals on youtube
<EvilAngel> lol
<sarnold> also, a bit of misapplication of policy and *bam* you get to drive to the computer to let yourself back in :)
<EvilAngel> dude, no doubt
<EvilAngel> it's even worse when your server is accross the atlantic
<sarnold> unfun drive :)
<EvilAngel> lol
<EvilAngel> drop of cable lube on the tip of a qtip works wonders on those tiny little balls in the logitech marble mouse
<EvilAngel> random fact of the day...
<mrtAkdeniz> Howdy!
<mrtAkdeniz> Guys there are lots of "denied" relay logs on my server, mails are not sending from them, it is ok but they are making smtp server busy, so my mails are on delay
<mrtAkdeniz> I don't know where to ask or what to do, any ideas?
<mrtAkdeniz> it is like "1 seconds, 10 delayed"
<blackflow> mrtAkdeniz: is that Postfix? those are always accompanied with IP address that attemptd to relay
<mrtAkdeniz> blackflow, exim.. thanks to stupid cpanel
<blackflow> so you can check if it's: a) some process in your network that failed to authenticate  or  b) external probes for open relays
<blackflow> exim? cpanel? Is that ubuntu?
<mrtAkdeniz> blackflow, idk, centos mb
<blackflow> so ask in #centos, lol
<mrtAkdeniz> That's why i asked for "what to do :("
<mrtAkdeniz> lemme try it, thanks blackflow :)
<blackflow> mrtAkdeniz: though my points a) and b) still stand
<mrtAkdeniz> blackflow, from and to addresses are like "asdhfh123@hotmail.com" to "asdfjajsdf@gmail.com", so i'm sure it is an attack
<mrtAkdeniz> and i don't know what is their ip and how to block them
<mrtAkdeniz> there is just a domain, which is my domain
<blackflow> open relay probe most likely. unless severely misconfigured, a cpanel server will not allow relaying without authentication
<blackflow> it's a default config, I mean.
<mrtAkdeniz> blackflow, that is the problem, they are being denied
<mrtAkdeniz> but always makes busy, so delay on e-mail traffic :\
<blackflow> can you see if same IPs are re-trying?
<blackflow> if so, something like fail2ban would help tho cpanel has its own mechanism which I'm not familiar with.
<mrtAkdeniz> blackflow, there is no IP, just domain.. and it is my domain
<blackflow> there's always IP, check the message ID back in teh log, there should be a connect
<blackflow> (string)
<mrtAkdeniz> let me check again
<blackflow> I don't remember Exim specific log lines any more, but I do remember it logs IPs that connected and attempted something. a transaction ID must be logged. so anywa it has "cphulk" which you should investigate and see if it can help.
<blackflow> if this was Ubuntu + Postfix, it'd be very easy to apply fail2ban.
<blackflow> (consider switching to :)   )
<mrtAkdeniz> blackflow, not my own servers, the companies which i'm working on :\
<blackflow> cpanel has helpful forums, and I don't know if they're present with a chan on Freenode.
<blackflow> centos guys won't help you, come to think of it, cpanel compiles its own software and heavily modifies it.
<blackflow> (unless there's someone in #centos familiar with cpanel and its internals)
<mrtAkdeniz> blackflow, they told exactly same "we are not cpanel help" but i don't think it is related to cpanel.. it is a common server and security problem and I don't know what to do :3
<blackflow> it is very much related to cpanel because cpanel compiles its own software and modifies it.
<mrtAkdeniz> blackflow, btw, there is an IP, which is server's IP, and domain is server's domain.. I think something like wordpress extensions are doing that, but have no time to check all of them.. so not my problem anymore :P
<blackflow> at the very least, it's the question of how to configure exim to log these denials in a way that would allow you to ban the IPs. or maybe even exim has some tarpitting features where it would throttle down IPs
<mrtAkdeniz> blackflow, so even exim is cpanel's product in that case.. i see :\
<blackflow> if it was a WP extension, you'd see that in the logs, it'd be local transport of sorts. "pickup" if this was Postfix.
<mrtAkdeniz> It is almost 2017, why the hell people still need cpanel or whm IDK.. even 12-years-old's sysadmin novadays :P
<mrtAkdeniz> by the way, thanks for your time and ideas blackflow
<blackflow> cpanel compiles its own software because they made the decision to run on CentOS only, but then CentOS "stability through age of software" turned out to be a very bad business idea because customers wanted latest. So they compile their own. which then kinda removes the "stability" from CentOS, but that's anotehr story. :)
<mrtAkdeniz> blackflow, true. there is a inverse proportion between stability and up-to-date
<blackflow> mrtAkdeniz: nah, the 12yr olds you mention are not sysadmins. They're owners of pwned boxes because unless something or someone does it for you, you have to secure it yourself which nobody is doing :) just look at the whole docker movement.   Ranting. Will stop now :)
<blackflow> mrtAkdeniz: that's why I like Ubuntu, it's the sweet spot between long term and edge
<mrtAkdeniz> blackflow, that was sarcasm :P They think that "apt-get install" is enough for being SysAdmin..
<mrtAkdeniz> blackflow, exactly! I've arch on my computer but using ubuntu for my development environment
<blackflow> mrtAkdeniz: btw, just a heads up, there's a vulnerability in Exim that will be announced in the next 2-3 days, so keep an eye on that. cPanel will produce an update asap but that will probably require manual intervention, I never trusted cpanel's "auto-update"
<mrtAkdeniz> blackflow, I never trusted cpanel :) thanks for information, probably I'll force them to make a fresh server install without cpanel or whm or any shit.
<Genk1> hello all
<Genk1> I have a special rsyslog question. I want to create a template that send a specific log format via HTTP
<Genk1> The normal command I use for such things is :  curl -XPOST http://ip:5155/gelf -p0 -d '{"short_message":"Hello there", "host":"example.org", "facility":"test", "_foo":"bar"}'
<Genk1> I want to translate this in syslog nomenclature
<blackflow> Genk1: I'm not aware of rsyslog being capable of sending out json via http in any shape or form
<Genk1> blackflow, so I need an agent like logstash then ?
<blackflow> Genk1: syslog-ng might be capable:  https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/reference-destination-http-nonjava.html
<blackflow> or yea use any log parsing program
<blackflow> Genk1: if you know how to, you can pipe out from rsyslog to a program of choice that then forwards via http. something could be whipped up in perl with a few lines of code or maybe even bash but do note it's not going to perform well
<Genk1> blackflow, hmm yes I was thinking about the same thing I was looking for an rsyslog module for talking to external process
<Genk1> blackflow, thanks a lot I will try all of those
<macskay> hi guys, im trying to set my PS1 env-variable but when setting it nothing happens: https://www.refheap.com/124376
<macskay> why does that happen?
<blackflow> macskay:    export PS1="..."
<Seveas> macskay: you probably have a $PROMPT_COMMAND which overrides $PS1
#ubuntu-server 2016-12-24
<NginUS> How do I pin php v5.6 after I add the ppa?
<tomreyn> !pinning
<ubottu> pinning is an advanced feature that APT can use to prefer particular packages over others. See https://help.ubuntu.com/community/PinningHowto
<tomreyn> NginUS: ^
<tomreyn> using PPAs, and especially pinning to specific versions or branches also bears the potential to end up with unsupported software versions with known vulnerabilities after a while.
<NginUS> I have this http://bit.ly/2iproVZ in /etc/apt/preferences.d/php5.6 But when I do sudo aptitude update && sudo aptitude install --simulate php, It still tries 7.x
<NginUS> I have 2 files contradicting each other, how do I find which one the forst line is in? http://bit.ly/2hlvRwP
<NginUS> is noone here?
<patdk-lap> why did you use -1?
<patdk-lap> -1 == only install if there is NO OTHER version available
<patdk-lap> so yes, it would install ANYTHING but 5.6 if it can
<patdk-lap> he left :(
<whitekidney> if i want to allow multiple hosts to access a nfs share, how do i approach that? i cant find any documentation on how hosts are seperated in /etc/exports
<whitekidney> comma? space?
<whitekidney>  like this?: /myfolder 192.168.1.1,80.123.123.4(rw,root_squash,sync)
<whitekidney> oh here we go, my google-fu eventually worked. http://www.linuxquestions.org/questions/linux-general-1/nfs-allowing-multiple-hosts-666377/
<ikonia> exports is the server not the client
<whitekidney> yeah, i wanted to allow multiple hosts to access the nfs share
<ikonia> oh, you're putting individual IP's in the share rather than just using the subnet and file/share level permissions
<whitekidney> they are not on the same subnet
<ikonia> it would appear that one of them is an internet address ???
<whitekidney> indeed
<whitekidney> i should probably set up vpn between our servers, hmm
<ikonia> please tell me you're not sharing NFS over the internet ?
<whitekidney> :) it's going to be used to share some temporary generated files
<ikonia> no idea what that has to do with anything
<ikonia> sharing NFS over the internet is a very bad idea
<ikonia> but it's up to you
<whitekidney> how come ?
<ikonia> big security implications
<whitekidney> i thought nfs with kerb5 wasn't such a bad thing anymore
<ikonia> still not good on the public interenet
<ikonia> but it's totally your call
<whitekidney> well, you've yet to explain why in detail, i'm fullly aware that exposing nfs to the internet is a bad idea, however i've heard that with nfs4 and proper auth (kerb5) this shouldn't really be an issue?
<whitekidney> please do educate me if you think i'm wrong
<ikonia> it still exposes a flawed service and daemon set
<ikonia> if you think it's fine, and you're comfortable with it, thats fine
<whitekidney> so what do you suggest then for real time file syncing to remote hosts?
<ikonia> what's the actual use case you have
<EvilAngel> yeah
<EvilAngel> i'd open nfs to the web
<EvilAngel> i'd never*
<EvilAngel> it's Sun's cruel joke on the world after all
<EvilAngel> oes anyone have a clue why running 'brctl addif br0 eth0' would lock me out of my dedi box running ubuntu?
<ikonia> EvilAngel: builting a bridge to a device that then knocks the routing off that device
<EvilAngel> i guessed that but how can I share my public facing eth0 with the vm's?
<EvilAngel> I thought that was a bridge?
<EvilAngel> oh ok, i'm groking this now ikonia, thanks
<ikonia> EvilAngel: basically you need to setup the bridge interfaces on the right IP's and then just link them (bridge) to the physical device, however the table going into that physical device must have access to a layer 7 device that can tranposrt those networks
<EvilAngel> but only one ip can be assigned to an iface so I'm basically needing port forwarding for my vm's running services like http etc
<ikonia> no, multiple IP's can be assigned to an interface
<ikonia> thats why I specfically said layer 7 transport
<ikonia> EvilAngel: you could also do this a lot simpler with iptbles forwarding
<ikonia> rather than bridged network devices
<EvilAngel> ok, i think you're right
<drab> hi, is there something special to install ubuntu-server xenial in uefi mode?
<drab> I found some references to ubuntu installation, but unclear if it's different for -server somehow
<drab> I'm pxe booting and it's not obiovus to me if it's installing eufi mode or not, but after installation I still can't boot from that drive
<drab> http://askubuntu.com/questions/696999/unable-to-install-grub-in-dev-nvme
<drab> for example that mentions "choose to create an EFI boot section"
<drab> I see no such thing from parted during ubuntu-server install
<OerHeks> drab, do that from a live desktop iso ?
<drab> before reboot I tried to get a shell, chrooted into target and installed efivar and efibootmgr
<drab> and trying either resulted in a "EFI variables are not supported on this system"
<drab> which sounds like I'm not booted EFI mode for whatever reason...
#ubuntu-server 2016-12-25
<engineer-pearl> I ran sudo apt-get update and did not get nearly as much output as I'm used to getting (I'm used to getting screenfulls of output, but now I have six lines including an error about the extension '.ucf-old' being invalid. Has anyone else seen this and/or know what caused it?
<bekks> engineer-pearl: Can you pastebin the entire output please?
<engineer-pearl> http://paste.ubuntu.com/23684650/ for apt-get update
<bekks> No errors to be seen.
<engineer-pearl> Nothing concerning anyway (The extension was likely changed so it would be ignored in the first place), but I did expect more output than I got. The older history logs also support that a lot more was checked (So I don't think it's just that I got used to the output on my laptop)
<bekks> Why do you expect more output that what you got?
<engineer-pearl> Mainly because I usually get more output
<bekks> So enable more sources ;)
<engineer-pearl> oh I just ran it on my computer and I think I found what happened - though I'm guessing it was a change cause I didn't notice this behavior before: When I ran sudo apt-get update on my laptop, it gives more output the first time, then a similar output the second time
#ubuntu-server 2017-12-18
<cpaelzer> good morning
<TariusWork> good morning : This is highly relative because it depends on user time zone :D :D ... And I think that this is international channel for many peoples from many time zones.
<albech> Anyone here running Bareos backup? I am a little worried about that they only release packages with the initial version and all updates are through Git unless you pay for the commercial version. Wondering how many issues people are experiencing with the community version.
<andol> albech: Well, looks like the GitHub repository contains their ./debian packaging folder, so ought to be fairly trivial to build your own packages whenever there is a new minor release. Then I guess there is also the Bareos packages in the regular Ubuntu archives, but I have no experience with how well they are kept up to date.
<albech> andol: cheers.. Guess id have to have a buildbox and move compiled package to production. Looked a little at the pricing and there is very little change that i can convince management to go from our free self written backup solution to a paid solution in the price range they are asking :(
<ren0v0> Hi, can anyone help me as to why i'm getting this log in cron service?   Dec 18 10:17:01 prod-lb CRON[20762]: pam_unix(cron:account): expired password for user root (root enforced)
<ahasenack> ren0v0: I suppose some cron script is using su or sudo to switch to root, and that is triggering that that log
<ahasenack> you should be able to see which script in the same log
<ren0v0> ahasenack, no there is nothing about the script, but the script works fine manually run and in cron.daily
<ahasenack> did you check /var/log/syslog or /var/log/auth?
<ren0v0> the issue here is as you can see from this paste > https://pastebin.com/tjFtwj1f  > that ubunt has different line entries for daily and hourly. hourly doesn't use "anacron", is this a mistake?
<ahasenack> ren0v0: I think the anacron is fine
<ren0v0> ahasenack, my point is anacron isn't used in the cron.hourly job, why?
<ahasenack> anacron is meant to "catch up" cron jobs that didn't run when the system was off
<ahasenack> an hourly cron job that didn't run is ok to run in the next hour, so no need for anacron to "speed it up"
<ahasenack> that's my thinking
<ren0v0> ahasenack, hmm interesting
<ren0v0> but, could the lack of this anacron pipe cause this auth issue ?
<ahasenack> do you have a password for root?
<ahasenack> it's complaining the password is expired, maybe all you need to do is reset it, if that's part of your password policy
<ren0v0> ahasenack, sure i can set one, but ubuntu doesn't have one by default does it ?
<ren0v0> i'm sure it does on ubuntu server though
<ren0v0> ahasenack, the weird thing is that cron.daily runs fine, which is why it confused me
<ahasenack> you have the same job in cron.hourly and cron.daily?
<ren0v0> nope
<ren0v0> i moved it
<ahasenack> try pasting a bit more context from syslog around that expired password line
<ren0v0> ahasenack, you might be right about the password expiring
<ren0v0> i usually change it, but maybe this time i didn't, and this is a droplet so i think theyn might expire root passwords
<ahasenack> well, it's what the log is saying :)
<ackk> rbasak, hi, do you see any reason ubuntu-advantage-tools couldnt' use bash rather than dash?
<ren0v0> Hi, i thought that open files were limited by the figure in "ulimit -n", for me that is "163840". however, if i run "lsof | wc -l", the figure is greater that this number, why is that ?
<ahasenack> ren0v0: ulimit is not global
<ahasenack> ren0v0: the global setting is somewhere in /proc
<ren0v0> cat /proc/sys/fs/file-nr    ?
<ahasenack> I don't remember from memory
<ren0v0> well this shows far less at 7000, not 180,000
<ren0v0> so not sure what the difference is
<ahasenack> I think file-max is a better choice
<ren0v0> this is like 2million
<ackk> ren0v0, file-nr is a read-only attr, it shows the current value (see man proc)
<ren0v0> ackk, that's useful also, as its far different than "lsof | wc -l"
<ren0v0> like, 150,000 difference
<rbasak> ackk: as long as the package depends on it, I believe it's OK.
<rbasak> ackk: though you might be the only thing depending on it in a minimal environment, so people may not like that. Which seed are you in again?
<ackk> rbasak, ubuntu-minimal
<ahasenack> cpaelzer: these are the changes I noticed when rebuilding libzstd with dh9 compared to dh10: http://pastebin.ubuntu.com/26208547/ (on xenial)
<ackk> rbasak, u-a-tools don't depend on dash fwiw
<ackk> as it's Essential: yes
<ahasenack> cpaelzer: seems ok
<ackk> rbasak, it doen't have any Depends: ATM
<rbasak> ackk: is it possible to install only ubuntu-minimal without bash installed?
<rbasak> If it is, then by switching to bash you'd be imposing that upon ubuntu-minimal.
<cpaelzer> ahasenack: reading the link
<cpaelzer> ahasenack: yep LGTM as well
<ahasenack> thx
<ahasenack> vimdiff is nice for this kind of thing, thanks for the suggestion
<cpaelzer> yw
<ahasenack> rbasak: dmb meeting is in ~1h8min?
<rbasak> ahasenack: yes. Thank you for the reminder!
<ahasenack> cheers
 * ahasenack -> lunch
<ackk> rbasak, isn't it the same as dash?
<ackk> rbasak, since both dash and bash are Essential, they have to be installed anyway, right?
<rbasak> I didn't think bash was Essential?
<rbasak> If it is, then sorry, you're right.
<ackk> yeah I'm slightly surprised it is
<ackk> but it is
<rbasak> Then no reason for a dependency as I think you said, and sure, use it.
<ackk> rbasak, cool, thanks for confirming
<rbasak> The only other reason I know about is performance (eg. startup scripts), but I don't think that's an issue for this tool.
<ackk> right, it's not something that's even run automatically
<ahasenack> ackk: is bash Essential since precise?
<dpb1> right, that was my next question
<dpb1> :)
<boxrick> Is there anyway to suppress the Ubuntu preseed whine about no gateway
<boxrick> My network has no gateway, so this warning needs to just accept that and carry on.
<ahasenack> it's unusual, so it sounds like a good warning to have
<boxrick> Well, this is a fully automated install. So any popup is complete disaster.
<ahasenack> ah, it stops the install?
<boxrick> Yea
<ahasenack> ok, didn't know that
<ahasenack> can you set the gateway to your own ip?
<rbasak> I think you can bypass it, but I don't recall the detail right now.
<boxrick> I can set it to anything but it seems a bit of a sad fix
<ahasenack> maybe set it just to satisfy the installer and later remove it via another step in your automation?
<rbasak> The warning is just another debconf prompt whose answer you can preseed.
<rbasak> I think.
<ahasenack> just thinking about workarounds, sorry
<boxrick> No its good thanks :)
<rbasak> You just need to figure out the name of the prompt I think.
<boxrick> Why apologise for helping! Any ideas how I can find the name of the prompt?
<rbasak> It'll be in a debconf template somewhere
<rbasak> Somewhere in the source.
<rbasak> I can't remmber the package name
<rbasak> The package that does network configuration in the installer
<rbasak> netcfg maybe?
<rbasak> Here we are
<rbasak> debian/netcfg-dhcp.templates in the netcfg package
<rbasak> http://paste.ubuntu.com/26209463/
<rbasak> netcfg/no_default_route
<rbasak> Type: boolean
<rbasak> Try setting that to yes or true or similar.
<rbasak> Assuming the message against that key in the template file is the message you see?
<TJ-> wouldn't it be netcfg/get_gateway=none  ?
<rbasak> Maybe. I'm just guessing!
<TJ-> me too!
<rbasak> I suspect get_gateway might make it ignore any DHCP response. And no_default_route will make it proceed without a gateway. But again, I'm just guessing :)
<rbasak> ignore any DHCP response> I mean ignore the gateway part only, of course
<boxrick> Yea will have to try
<boxrick> From my experience, any static config is complete
<boxrick> Not just small sub components
<tomreyn> is there an EOL for 12.04 ESM? if so, which? also, will there be ESM for 14.04?
<tomreyn> sorry, i meant to ask this in -hardened
<jiffe> so upgrading ubuntu seems to have broken python (and everything in the upgrade that depended on python)
<tomreyn> ok
<jiffe> I'm not sure how to fix this, asking in #python they just say its an ubuntu problem
<jiffe> it fails at Exception: python3.5 -c 'import imp; print(imp.get_tag())' failed with status code 1 with ImportError: No module named '_sysconfigdata_m'
<jiffe> but that module does seem to exist
<tomreyn> describe what you were doing, show input and output, explain which ubuntu release you are working on and which major modifications you have made.
<tomreyn> !paste | jiffe
<ubottu> jiffe: For posting multi-line texts into the channel, please use https://paste.ubuntu.com | To post !screenshots use https://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<jiffe> I had to add /usr/lib/python3.5/plat-x86_64-linux-gnu/ to the python path and then apt-get upgrade finished
<jiffe> I don't know if that path is missing from something
<dpb1> jiffe: what ubuntu release, and what were you upgrading?
<dpb1> jiffe: often this information can be pastebined from /var/log/apt/...
<jiffe> just doing an apt-get upgrade on Ubuntu 16.04.3 LTS
<dpb1> and what package failed to upgrade.
<jiffe> these are the packages it was installing: apport bind9-host distro-info-data dnsmasq-base dnsutils dpkg dpkg-dev grub-legacy-ec2 klibc-utils libbind9-140 libdns-export162 libdns162 libdpkg-perl libisc-export160 libisc160 libisccc140 libisccfg140 libklibc liblwres141 libpulse0 lxcfs lxd lxd-client mdadm python3-apport python3-problem-report ubuntu-minimal ubuntu-server ubuntu-standard
<jiffe> first error occurred after python3-problem-report
<dpb1> ok
<dpb1> jiffe: dpkg -l |grep python-problem-report?
<jiffe> interesting, its not in dpkg -l
<jiffe> oh whoops, missing the 3, its there
<jiffe> ii  python3-problem-report                                                                                            2.20.1-0ubuntu2.14                                            all                                                           Python 3 library to handle problem reports
<dpb1> and I take it you applied the workaround already?
<dpb1> therefor you are on the more updated version.
<jiffe> yes everything installed after fixing the path
<jiffe> the global path is still broke, I only fixed it for that shell's session
<jiffe> opening a new ssh session python3.5 is still failing for the same reason
<jiffe> also I don't know why I'd be the only one affected here, I don't know that people are using python on this machine
<jiffe> certainly not python3.5 so that should all be default
<dpb1> jiffe: what does yours say?
<dpb1> http://paste.ubuntu.com/26211504/
<sarnold> what's he sys.path on a fresh shell? echo 'import sys; print(sys.path)' | python3.5
<sarnold> hah, I see dpb1 beat me to it :)
<dpb1> jiffe: in the past when things have bitten me like this, it's usually that I have pip modules installed that are misbehaving, I"m using a custom version of python3 that I compiled it myself, etc.
<jiffe> I can't even run python3.5 because of this path issue, even running python3.5 with no arguments fails, python3's path lists ['', '/usr/lib/python35.zip', '/usr/lib/python3.5', '/usr/lib/python3.5/plat-x86_64-linux-gnu', '/usr/lib/python3.5/lib-dynload', '/usr/local/lib/python3.5/dist-packages', '/usr/lib/python3/dist-packages']
<dpb1> `which python3`
<jiffe> python3 is /usr/bin/python3 and python3.5 is /usr/local/bin/python3.5
<dpb1> well
<dpb1> /usr/local/bin/python3.5 smells of a compiled version of python on the system indeed
<dpb1> (user-compiled, I mean)
<dpb1> ls -ld /usr/bin/python3  ?
<jiffe> /usr/bin/python3 -> python3.5
<dpb1> ls -ld /usr/bin/python3.5
<jiffe> /usr/bin/python3.5
<jiffe> binary no symlink
<dpb1> ok
<jiffe> not sure where /usr/local/bin/python3.5 came from, nothing compiled on this machine
<jiffe> binary timestamp is july 2016 and this machine was built this year
<jiffe> couple months ago
<dpb1> what's your sha1sum
<dpb1> on my two xenial systems it's 3eab1d3d6cafd34315183305819cbbc361ded361  (/usr/bin/python3.5)
<dpb1> (amd64)
<jiffe> that matches /usr/bin/python3.5, different sum for /usr/local
<sarnold> try dpkg -S /usr/local/bin/python3.5. Maybe you've got a gross package installed?
<jiffe> yeah I don't know what this is or why its here but that's the problem, I renamed it and python3.5 works fine from /usr/bin
<dpb1> ok
<dpb1> ya, I've had that before
#ubuntu-server 2017-12-19
<sarnold> ahasenack: congratulations :)
<cpaelzer> moin btw
<lordievader> Good morning
<cpaelzer> hiho lordievader
<cpaelzer> rbasak: I'll look at libzstd MPs as I discussed with ahasenack yesterday
<cpaelzer> rbasak: I see mongodb is still up so look at that afterwards
<lordievader> Hey cpaelzer
<cpaelzer> rbasak: the mongodb MP LGTM
<cpaelzer> rbasak: but there was no s390x test build yet
<cpaelzer> rbasak: I opened one up and linked it in my general ack, you can wait until you know for sure it builds there as well and then upload
<cpaelzer> rbasak: is that ok for you?
<rbasak> cpaelzer: that's fine. Thanks!
<cpaelzer> nice how persistent this microsoft technical support scam is, I needed to talk through three people to have them give up
<cpaelzer> with the second I started trying to sell Ubunutu UA, but they didn't even really get what I meant
<disposable> in lxd 2.20, my host server reports 11GB used ram. if i run 'free' inside a container, it reports 60GB used ram. however, adding its processes' RSS usage only adds up to about 8GB. is there a magic option to set in the container's profile config that will make it report mem usage correctly?
<cpaelzer> disposable: maybe https://github.com/lxc/lxcfs/issues/175
<cpaelzer> the suggested fix there is only 15 days old, so maybe not release anywhere
<disposable> cpaelzer: thank you. most of the ram related lxd bugs seem unanswered, i must have skipped over this one.
<jamespage> ahasenack: congrats!
 * jamespage just caught up on email
<dpb1> morning all
<teward> *yawns*
<teward> the chaos begins.  >.<
<teward> *glares at seven malfunctioning Ubuntu servers*
<powersj> teward: exams done?
<teward> yup
<teward> and i've graduated.
<teward> y'all owe me gifts :P
<teward> loljk
<powersj> woohoo! \o/ congrats
<dpb1> teward: they let you graduate?  :)
<teward> lol dpb1
<teward> in other news: 14.04 git is broken when you're stuck behind a proxy because for some reason gnutls is stupid.
<teward> >.<
<metastable> GnuTLS is stupid? Say it ain't so, Jack.
<dpb1> Office hours are starting as of 20 minutes ago!
<cpaelzer> gz teward!
<teward> metastable: lol.  Thankfully a quick recompile with openssl instead of gnutls solves the headache I was seeing on Trusty.
<teward> ... unless the web proxy here wants to be stupid too...
<teward> but meh
<teward> dpb1: how fortunate I'm around now for my 'office hours' :)
<dpb1> teward: hah
<teward> dpb1: powersj: cpaelzer: rbasak: just an FYI, I'm without internet for a couple days as a result of the move from college to work, and it takes a couple days for Comcast to get off their collective butts to move my service over.  Once it's available I'll push an updated nginx into the repos.  Just wanted to give you all the FYI.
<rbasak> teward: OK. Thanks!
<teward> i mean, I have internet at work, but that's work and I'm usually busy :P
#ubuntu-server 2017-12-20
<hdon__> hi all :) is ubuntu server configured to synchronize clock via ntp by default?
<sarnold> hdon__: I believe it is, at least the seeded-in-ubuntu tool reports that it's in the ubuntu-server dailies, and in ubuntu
<hdon__> thanks sarnold :)
<hdon__> can i set up a chroot and install trusty on it from a xenial system?
<sarnold> hdon__: debootstrap can probably help
<sarnold> hdon__: why do you want a trusty chroot?
<sarnold> there may be better ways to do whatever it is you're doing, I get skeptical whenever anyone uses a chroot for anything :)
<hdon__> sarnold: need to work on a legacy app
<mwhahaha> jamespage, coreycb: just a heads up but neutron tempest tests seem to be in a bad spot for pike (i think we're still on pike) http://logs.openstack.org/23/498723/27/check/puppet-openstack-integration-4-scenario001-tempest-ubuntu-xenial/856db37/job-output.txt.gz#_2017-12-19_20_54_29_276144
<RoboApe> hi all
<cpaelzer> good morning
<cpaelzer> rbasak: was there any hickup on the slof SRU-MPs?
<cpaelzer> rbasak: you mentioned to look at them already yesterday, but I see no update
<cpaelzer> rbasak: if there is anything I shall resolve please let me know - or did you again hit things on the review process itself?
<lordievader> Good morning
<adac> any idea what this problem might be about? https://i.imgur.com/s2T7xra.png hapening to me on 16.04 with proxmox
<TJ-> adac: ATA SFF is the legacy ATA IDE interface, and it looks like the device is erroring in a way the kernel cannot handle
<adac> TJ-, thank you! Is there a way I can find out what exactly it is causing it?
<adac> I now upgraded the kernel everywhere
<TJ-> adac: Clues, if any, should be in the kern.log
<adac> TJ-, Had a look at it, but it doesn't seem be written out actually
<TJ-> adac: is the BUG happening during early boot time?
<adac> TJ-, actually the host was running for quite some time. Then at some point it was not responsive anymore
<adac> and then I had a lookk at proxmox vpn view
<adac> where I got this error
<TJ-> adac: so there should be kernel logging then
<TJ-> the only time logging won't be available is at early boot before the file-system containing /var/log/ is mounted read-write, or at shutdown
<adac> TJ-, this is booting up log or? https://gist.github.com/anonymous/705067de0b94127485abcaa1d26fff31
<TJ-> adac: yes, usually /var/log/kern.log
<adac> TJ-, yes and before this booting up log entries I tried to search for an error but there seems to be none
<adac> is there a good way to search for errors?
<adac> in the log file
<TJ-> adac: reading is the only way :)
<adac> hehe ok
<adac> I mean I'd expect the error right before the reboot, or?
<TJ-> adac: basic procedure is locate the boot-up entries after the system restarted and work backwards. You'd expect any clues to be just before the new-boot messages
<adac> *reboot entries
<adac> exactly
<adac> but there is noe
<adac> none
<TJ-> adac: but sometimes they could have happened some time ago, rather than being Bang! Snap! Drat! Oh! BUG!
<adac> hehe ok I will scroll up again a bit then :)
<adac> brb
<TJ-> adac: I'd focus on the ATA devices attached, check their SMART status (smartctl), and so on
<adac> TJ-, ok! One more question: can this also come from external mounts like with davfs?
<TJ-> adac: anything on an ATA interface I'd think
<adac> TJ-, what really seems to make problems is this davs mount
<adac> it is completely unreliable
<adac> it is mounted on all my servers
<adac> and yesterday I was copying over something there from another server
<adac> and I think nearly at the same time this incident happend
<TJ-> adac: I can't imagine how a webDAV network mount is going to be using ATA!
<adac> me neither actually
<adac> :)
<coreycb> jamespage: this is ready for a review when you get a chance: https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/percona-xtradb-cluster-5.7/+git/percona-xtradb-cluster-5.7/+ref/master
<coreycb> jamespage: and the xtrabackup updates are here for now. once approved i think they can be pushed to the existing xtrabackup repo: https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/percona-xtrabackup-2.4.9/+git/percona-xtrabackup-2.4.9
#ubuntu-server 2017-12-21
<cpaelzer> good morning
<lordievader> Good morning
<jamespage> cpaelzer: good morning
<jamespage> cpaelzer: need some help with https://bugs.launchpad.net/cloud-archive/+bug/1739585
<ubottu> Launchpad bug 1739585 in Ubuntu Cloud Archive "L2 guest failed to boot under nested KVM: entry failed, hardware error 0x0" [Undecided,New]
<cpaelzer> hi jamespage
<cpaelzer> let me read
<jamespage> cpaelzer: ta
<cpaelzer> jamespage: you know the nested story is "it works great most of the time until it doesn't" :-)
<jamespage> cpaelzer: yup
<cpaelzer> so this is one :-)
<jamespage> cpaelzer: unfortunately we kinda rely on this for testing
<jamespage> cpaelzer: I guess I could switch back to using userspace qemu
<cpaelzer> sure I know the CI things behind this
<cpaelzer> which isn't 100% reliable either
<cpaelzer> jamespage: you could think next time you buy HW to buy AMD which is said to be slightly more stable at nested
<cpaelzer> like 99.99 vs 99.9 %
<jamespage> lol
<cpaelzer> but none in the 5-9s or more
<cpaelzer> jamespage: to confirm - this is Host "xenial (4.4) + queens stack" running zesty (or X-HWE) 4.10 KVM guests and in said KVM guests running 4.10 again
<jamespage> cpaelzer: base cloud is 4.4 with ocata
<cpaelzer> ok
<jamespage> cpaelzer: test cloud is xenial (4.4 or 4.10) with queens stack
<jamespage> from bionic basically
<cpaelzer> yep
<cpaelzer> ok
<cpaelzer> thx
<cpaelzer> jamespage: also I wonder about "specific hosts" in the bug - what makes them "specific"
<cpaelzer> just a few of your systems but those always failing?
<jamespage> cpaelzer: I think they are the newer hardware ones
<jamespage> cpaelzer: yeah confirmed - flemming is ~12 months old, caipora is 6 years old
<cpaelzer> jamespage: is flemming the failing one and is it >=Haswell thne?
<jamespage> yes
<jamespage> its a "Intel(R) Xeon(R) CPU E5-2650 v4"
<cpaelzer> jamespage: IIRC openstack will make model a host-passthrough or host-model right?
<cpaelzer> jamespage: I dumped some background, comparison data from my system and a few requests to the bug
<jamespage> cpaelzer: ta
<cpaelzer> jamespage: I hope based on this we can spot a difference that is a tunable you might be able to change
<cpaelzer> but no guarantees
<cpaelzer> this is just setting up the scanners based on how this issue showed up a few years ago
<jamespage> cpaelzer: http://paste.ubuntu.com/26226375/ thats in the vm
<jamespage> http://paste.ubuntu.com/26226377/ is the host
<jamespage> so infact its a broadwell, not a haswell
<jamespage> so I think that's host-model rather than host-passthrough
<cpaelzer> jamespage: (me reading)
<jamespage> cpaelzer: attached stuff
<cpaelzer> thx
<jamespage> cpaelzer: the last two are odd - one is from an OK host the other from a failing one
<jamespage> the OK host as an AMD cpu definition
<jamespage> but its not AMD?
<cpaelzer> G4 AMD ?
<cpaelzer> wut
<jamespage> yeah
<jamespage> that's what I said
<cpaelzer> jamespage: I'm picke dup for lunch, back later
<cpaelzer> jamespage: how much can you tune the cpu definitions?
<cpaelzer> for testing would you be fine dropping all these host-* things?
<cpaelzer> a "normal"  defautl cpu might do
<cpaelzer> back later
<jamespage> cpaelzer: ack - tbh this is not a priority right now - need to figure it out but its nearly christmas :-)
<jamespage> cpaelzer: tbh I'm a bit baffled - libvirt and qemu are identitical to pike, where I've not seen this issue
<jamespage> I guess its possible non of my hypervisors landed on a newer hardware machine
<jamespage> coreycb: good and bad news
<jamespage> good news is I have a oct profile that will configure a queens v3 cloud and tempest configuration
<jamespage> bad news - https://bugs.launchpad.net/cloud-archive/+bug/1739585
<ubottu> Launchpad bug 1739585 in Ubuntu Cloud Archive "L2 guest failed to boot under nested KVM: entry failed, hardware error 0x0" [Undecided,Incomplete]
<jamespage> I found a bug!
<jamespage> \o/
<cpaelzer> hmm
<cpaelzer> back with you and reading jamespage
<cpaelzer> jamespage: I can't reproduce, maybe all my chips are just too old
<cpaelzer> jamespage: I tried to add all the custom cpu magic, but that isn't (as expected) compatible with the cpus I have
<cpaelzer> and with a smaller set it doesn't trigger
<cpaelzer> jamespage: I updated the bug but wanted to ask how much you have control over what cpu definition openstack adds in these cases?
<jamespage> cpaelzer: I can tweak what the L2 hypervisors do, but not really the L1's
<cpaelzer> hmm
<cpaelzer> for now that is the best I could recommend to try
<cpaelzer> too bad you can't normalize L1's
<cpaelzer> as there will be the HW dependent part
<cpaelzer> likely L2 only carries things forward
<cpaelzer> but it looks broken enough that even only tweaking L2 might help
<jamespage> cpaelzer: actually I'm not sure this is not a longstanding issue
<jamespage> cpaelzer: I just think I tripped ont he same problem with a xenial/pike test
<jamespage> yes indded i have
<cpaelzer> ok
<cpaelzer> so less of a regression than we thougth
<cpaelzer> but still an issue that stalls/stops your tests
<cpaelzer> any luck with trying to convince openstack not to try to define the custom cpu?
<ToAruShiroiNeko> I am trying to follow https://www.ostechnix.com/install-and-configure-dns-server-ubuntu-16-04-lts/
<ToAruShiroiNeko> I am a bit confused
<Ussat> My first question would be, why do you want to run a DNS server ?
<ToAruShiroiNeko> My hostname provider does not provide dns as well
<ToAruShiroiNeko> It was quite shocking so I am trying to learn how to do this thing.
<ToAruShiroiNeko> basically all the DNS server will do is to resolve two websites and its relevant subdomains
<rbasak> That tutorial doesn't really do what you want.
<rbasak> All the right pieces are there, but you need to understand which bits you want. It might be easier to find a more suited tutorial.
<ToAruShiroiNeko> yes, it seems to be creating a local dns server
<rbasak> Yeah. For a LAN, with reverse DNS, and with the local machine configured to use its own service.
<rbasak> None of those things are relevant for an Internet DNS server to host a properly delegated name.
<rbasak> It's usually an error to point anything directly to a master DNS server, too.
<ToAruShiroiNeko> right so do you have a tutorial or keyword in mind for me?
<ToAruShiroiNeko> I am uncertain what I should seek :/
<metastable> It may be more helpful to find a DNS hosting service than to try to roll your own, as a misconfigured public-facing DNS server can be exploited to leverage attacks on others.
<rbasak> Depnds on the goal.
<rbasak> As a learning experience, it's fine :)
<rbasak> A misconfigured anything on the the Internet can be exploited.
<metastable> A misconfigured DNS server especially so. Saying that it's as bad as anything else is a false equivalence.
<rbasak> Installing bind in Ubuntu should be safe on its default.
<rbasak> And so should simply adding a zone.
<rbasak> Which I believe is all that is needed here.
<rbasak> If it is not safe by default, please file a security bug, and I'll be happy to look at it urgently.
<rbasak> Following unsafe third party instructions (such as enabling forwarding) is not safe.
<sdeziel> ToAruShiroiNeko: part 2 of the tutorial you referenced touches on how to setup a master server, that's probably a good starting point
<rbasak> But then that's sort of a tautology.
<rbasak> sdeziel, ToAruShiroiNeko: it does, but it also conflates that with adding a reverse zone and pointing the server to its own master DNS server. The first is not necessary, and the second would be a misconfiguration in this case.
<Ussat> Running a public facing DNS server correctly is not trivial, I would find a hosting service that will do it
<sdeziel> rbasak: ToAruShiroiNeko: yeah, I don't know why they are putting it as dns-nameservers in /etc/network/interfaces. It wouldn't work if only part 2 is followed
<Ussat> I would seriousely consider finding a service to do this
<Ussat> a mis-confgured public facing dns server is a huger target
<Ussat> huge
<ToAruShiroiNeko> Are there free providers for this where I can simply register a domain?
<ToAruShiroiNeko> in the past I have only used godaddy
<Ussat> I dont know about free, but most are inexpensive
<metastable> CloudFlare will host your DNS for free. You just need to change the nameservers at the domain's current registrar.
<Ussat> there ya go
<ToAruShiroiNeko> I can do that, sure
<metastable> DNS updates are also VERY, VERY quick. Seconds, in most cases.
<ToAruShiroiNeko> yes but my goal was to run this for two domains only and forward everything else to a known one, if I can out source this for free, I will love to do that
<metastable> CloudFlare will do what you want.
<ToAruShiroiNeko> yup, creating and account etc
<metastable> Note that CloudFlare does a lot more than just DNS, but I don't use any of those features.
#ubuntu-server 2017-12-22
<lordievader> Good morning
<tobasco> jamespage: coreycb pushed patch to remove l2gw from puppet integration testing because of this: https://bugs.launchpad.net/ubuntu/+source/networking-l2gw/+bug/1739779
<ubottu> Launchpad bug 1739779 in networking-l2gw (Ubuntu) "L2GatewayPlugin cannot be loaded in queens: no attribute FAULT_MAP" [Undecided,New]
<tobasco> seems like python-networking-l2gw has not been cut for queens, probably no deliverable from that project either yet
<coreycb> tobasco: thanks for reporting that
<tobasco> np let me know if there is anything i can help with, i checked master on networking-l2gw and it was fixed there
<Sircle>  I see "InRelease" when I do apt update. Whats wronge?
<TJ-> Sircle: nothing
<hwpplayer1> Hi people any good news ?
#ubuntu-server 2017-12-23
<gartral> ok all... got a recursive dependency in 17.04 server... nodejs-dev wants libssl1.0-dev which wants libssl-dev which replaces libssl1.0-dev... how do I fix this?!
#ubuntu-server 2017-12-24
<daincredibleholg> Good afternoon. I was wondering if anyone here runs Dovecot on a Ubuntu 16.04 Server and sees this error message as well: "Error: imap-master: Failed to import client state: Message count mismatch after handling expunges". Any ideas how to fix this? It is only appearing for certain users, which makes it a bit harder to pin point
<Rudolph> is there a way to bind a process to a privled port without running it with sudo?
<TJ-> Rudolph: I think it's needs CAP_NET_ADMIN
<Rudolph> how would I apply that to my process?
<TJ-> there's a simple overview and example here https://stackoverflow.com/questions/29099797/raw-capture-capabilities-cap-net-raw-cap-net-admin-not-working-outside-usr-b#30826137
<Rudolph> neat thanks
<Rudolph> hey guys... this is the output of systemd-resolve --status: http://ix.io/Dn8. I'm on ubuntu 17.10. How can I remove the dns server for ens3 and only use the one for ens7
#ubuntu-server 2018-12-17
<faekjarz> Hi There! A hypothetical scenario: a symlink under a read-only mount, it points to a file under a read-write mount - is it writable, when using the path under the read-only mount?
<andol> faekjarz: Sounds like an easy enough thing to test/verify yourself?
<faekjarz> Oh thanks, mate, no worries! Are you a snarky teacher type, or someone who just couldn't resist? :P
<lordievader> Good morning
<jamespage> cpaelzer: are you working that rmq issue with permissions on the erlang cookie?
<jamespage> cpaelzer: I think the break is due to the new erlang 21.2 uploaded last week
<jamespage> cpaelzer: or maybe 1:21.1.1+dfsg-2
<cpaelzer> jamespage: I'm not working on it
<cpaelzer> jamespage: I was just assisting mwhudson who was asking for a test on s390x
<cpaelzer> I just started libvirt/qemu merges of the cycle which has a lot of extra tasks as usual  - that will keep me busy for a while
<jamespage> cpaelzer: OK I'll see if I can figure it out
<jamespage> cpaelzer: I'll test from https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3568/+packages and upload in the morning
<[diablo]> good afternoon #ubuntu-server
<[diablo]> guys I want to make a template of 18.04 for use with Proxmox ...
<[diablo]> is there any funky built in scripts for vaping the NIC's, logs, users, blah blah so I can convert a machine to a template please?
<[diablo]> Good afternoon #ubuntu-server .. guys I want to make a 18.04 template for use with Proxmox. Is there any scripts to clean up a system (logs, users, mac addresses, etc etc) which I can then shut the box down and convert it to a template please?
<rbasak> [diablo]: look into cloud-init. If you use cloud images, you can set up an instance and it becomes a template by self-detecting a change of instance id on next boot.
<rbasak> Cloud images with the use of cloud-init are how we solve this general problem on Ubuntu.
<[diablo]> hi rbasak
<[diablo]> will do thank you
<[diablo]> rbasak I read something about installing in OEM mode
<rbasak> I'm not familiar with OEM mode. That's more of a desktop thing.
<[diablo]> ah ok
<JanC> oem-config is more for interactive post-install configuration and you want non-interactive...
<JanC> (it doesn't necessarily have to be a desktop thing)
<NyanCat> cryptodan_mobile: this is VERY late but yes
<NyanCat> I did have to install the sudo package though, but was logged in as root
<DammitJim> in ubuntu 18, how does one manage time synching?
<DammitJim> I was reading that timesync takes care of it, but I can't define the servers I want my server to sync with?
<sdeziel> DammitJim: man timesyncd.conf
<sdeziel> DammitJim: otherwise, it will usually sync with DHCP provided NTP
<DammitJim> hmmmm
<sdeziel> DammitJim: there is also the distro specific fallback (ntp.ubuntu.com)
<allquixotic> PSA: To get macvtap working on Ubuntu 18.04 after a server migration to newer hardware, I had to change `yakkety` to `bionic` in <type arch='x86_64' machine='pc-i440fx-yakkety'>hvm</type>. I figured it out because I was comparing a working VM with an older one that was on the older machine type, tried it just for fun, and it worked. Update your qemu machine types! Good general advice
<[diablo]> anyone know if it's possible to force ubuntu (18.04) to regenerate the sshd host keys on boot automatically if the files aren't present please?
<[diablo]> or make the entire box redo it's first boot setup
<mwhudson> [diablo]: dpkg-reconfigure openssh-server should do it i think
<[diablo]> hi mwhudson yeah it does
<mwhudson> how did you manage to get into that state?
<[diablo]> but I want it to run on boot
<[diablo]> I'm making a template
<mwhudson> generating them is one of the things cloud-init can do
<[diablo]> for VM's ... so each needs to be unique
<[diablo]> mwhudson yeah, I think I need to flag it to do that tho
<mwhudson> cloud-init is the general solution to doing per-instance customization of vms for sure
<mwhudson> hmm
<mwhudson> i'd have to go look but if it's doing anything at all, i'd have guessed it would make ssh host keys
<[diablo]> I will make a new template and run a test... perhaps it does it if the shutdown machine has no _host files
<mwhudson> oh right yes
<mwhudson> it won't overwrite any that are there by default
<mwhudson> i would definitely make sure your template does not have any host keys
<[diablo]> just spinning up a new one, to see if cloud-init generates them once again...
<mwhudson> the other thing i guess is that you have to make sure cloud-init does per-instance things when you boot your vms
<mwhudson> which is all down to instance id iirc
<[diablo]> ah yeah it does, so if I rm them from the vm before shutting it down, and then converting to template in proxmox, when I spin it up as a new vm cloud-init does generate new keys
<mwhudson> [diablo]: glad to hear it
<[diablo]> cheers mwhudson ...right off to bed.. midnight
<[diablo]> all the best
#ubuntu-server 2018-12-18
<Gizmo3D> any 18.04 guru's around?
<sarnold> it depends on the question
<Gizmo3D> ah! root is 100% full, sda is 2tb, but sda3 appears not being used
<Gizmo3D> would you know the proper procedure to extend
<sarnold> was the intention to use sda3 for /home and it wasn't? how did it come to be partitioned in a way that one partition isn't used?
<Gizmo3D> not sure, was a clean load, all space should be avail to root
<Gizmo3D> i didn't specify any partitooning during install
<bindi> did you just install?
<Gizmo3D> yesterday
<bindi> reinstall and do it properly
<Gizmo3D> i wish, i put into production before i noticed space was messed up
<AndyChow888> Hey Gizmo3D. What's your issue?
<Gizmo3D> root full, sda is 2tb, sda3 doesn't seem to be a part of it
<AndyChow888> What's your output on lsblk?
<Gizmo3D> https://paste.ubuntu.com/p/Jyh8VYQNCV/
<AndyChow888> Well, your / is on sda3, it's just the lvm that is 4G, instead of 1.8T
<Gizmo3D> so how can i fix that
<AndyChow888> You could do something like "lvextend -L+1T", as su. That would give you an extra terabyte.
<Gizmo3D> syntax
<AndyChow888> Gizmo3D, give me the outputs of pvscan and lvdisplay
<Gizmo3D> k 1 sec
<Gizmo3D> https://paste.ubuntu.com/p/XqHhHmCnWG/
<AndyChow888> So 0"lvextend -L+1T /dev/ubuntu-vg/ubuntu-lv"
<Gizmo3D> k that seems to have worked but.. https://paste.ubuntu.com/p/K4HyQ63GDq/
<Gizmo3D> i see the /dev/mapper.... still at 100%
<AndyChow888> Can you run df -lh?
<AndyChow888> I can't read your output
<Gizmo3D> https://paste.ubuntu.com/p/NjX8r8zf6s/
<Gizmo3D> how about: resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv
<AndyChow888> Oh, are you using encryption?
<AndyChow888> Gizmo3D, don
<AndyChow888> 't resize2fs on a mounted partition.
<Gizmo3D> not that i'm aware of
<Gizmo3D> thus i asked lol
<AndyChow888> Try "lvextend -L+1T /dev/mapper/ubuntu-vg/ubuntu-lv"
<Gizmo3D> not enough space left lol, do i reclaim the 1t
<AndyChow888> Try "lvextend -L+500G /dev/mapper/ubuntu-vg/ubuntu-lv"
<Gizmo3D> hmmm, that extended but df -lh didn't adjust, wonder if a reboot is in order
<mybalzitch> mount -o remount
<Gizmo3D> mount -o remount
<Gizmo3D> lol
<mybalzitch> mount -o remount /dev/mapper/ubuntu-vg/ubuntu-lv
<AndyChow888> Given that that's root, I doubt it will work. You could try rebooting it. But if this is a production server, can you really reboot?
<Gizmo3D> yup, no one logged on right now, gone home
<Gizmo3D> mount said mount point does not exist
<Gizmo3D> rebooting for the hell of it
<AndyChow888> do you have a /etc/crypttab file?
<Gizmo3D> too late
<Gizmo3D> have to wait a few mins
<AndyChow888> Once it has rebooted, check if it does. If it does, check carefully that it does not contain actual passwords, and paste the output. If it contains passwords, replace them with "password" in the paste.
<Gizmo3D> k
<Gizmo3D> cryptab is blank
<Gizmo3D> df -lh still says 100% on /dev/mapper/....
<AndyChow888> Gizmo3D, crypttab, two t.
<Gizmo3D> ???
<Gizmo3D> crypt tab just has the commented header formats
<AndyChow888> Do you have a file called /etc/crypttab?
<Gizmo3D> yup
<AndyChow888> Oh, everything is commented?
<Gizmo3D> no entries
<Gizmo3D> yup, just 1 line
<Gizmo3D> i don't even see where that 1T and 500g went
<AndyChow888> Your lvdisplay output still shows LV size as 4.00GiB?
<Gizmo3D> nope that is showing 1.49
<Gizmo3D> so space is there but the /dev/mapper/.. still 100% used
<AndyChow888> Gizmo3D, try pvresize /dev/sda3
<AndyChow888> I don't think it will do anything, but I'm out of ideas.
<Gizmo3D> 1 physical volume(s) resized / 0 physical volume(s) not resized
<AndyChow888> Humm. did it work?
<Gizmo3D> nope, same results
<Gizmo3D> Andy, I did a resize2f /dev/mapper/ubuntu--vg-ubuntu--lg-root
<Gizmo3D> took about 30sec
<Gizmo3D> df -lh good, rebooted, df still good
<AndyChow888> Ok, great.
<AndyChow888> resize2f can be dangerous, but I'm glad it worked in your case.
<Gizmo3D> thank you for your help, just saved me from rebulding an email server from scratch
<Gizmo3D> would have sucked putting together a temp, migrate, build new and migrate all back
<AndyChow888> You should still do that, eventually, as your server doesn't seem well configured.
<Gizmo3D> after xmas, no need to mess up holidays
<lordievader> Good morning
<kstenerud> Does anyone know how to fix this kind of error in git-ubuntu:
<kstenerud> $ git ubuntu merge finish ubuntu/devel --bug 1808319
<kstenerud> 12/18/2018 11:41:41 - ERROR:ubuntu/devel version (7.4.3+git20180713-1) is after debian/sid version (7.4.3+git20180713-1). Are you sure you want to merge? (Pass -f to force the merge).
<ubottu> bug 1808319 in logwatch (Ubuntu) "Please merge 7.4.3+git20180713-1 into disco" [Undecided,New] https://launchpad.net/bugs/1808319
<[diablo]> afternoon #ubuntu-server ... anyone know if there's local mirrors to the cloud images please? Bloody slow downloading from https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img
<cpaelzer> thanks jamespage for the erlang fix!
<jamespage> cpaelzer: yeah s390x rmq needs fixing
<Odd_Bloke> [diablo]: I don't believe there is, I'm afraid.
<jamespage> cpaelzer: raised https://bugs.launchpad.net/ubuntu/+source/rabbitmq-server/+bug/1808984
<ubottu> Launchpad bug 1808984 in rabbitmq-server (Ubuntu) "s390x: erlang.cookie creation fails when changing file permissions" [Undecided,New]
<jamespage> the wrong permissions error was the second issue, caused by the automatic cookie creation failing to change permissions.
<smoser> rbasak, cpaelzer loking for thoughts. i uploaded grub-legacy-ec2
<smoser>  https://launchpad.net/ubuntu/+source/grub-legacy-ec2
<smoser> and then noticed that i had done so with '1:1ubuntu1' rather than what i think is probably more correct '1:2'
<smoser> should i re-upload as 1:2 ?
<rbasak> smoser: I think both 1:1 and 1:2 are wrong.
<smoser> :)
<smoser> what is right?
<smoser> the 1: is due to change from it being part of cloud-init and under cloud-init's versioning
<smoser> andthen separated out.
<rbasak> I think you definitely need an "ubuntu" in there to avoid autosync from Debian in case they also upload a source package called grub-legacy-ec2
<rbasak> So -0ubuntu1 etc
<rbasak> Presumably with the epoch.
<rbasak> So 1:0ubuntu1 would have been right originally I think.
<rbasak> And then 1:0ubuntu2
<smoser> so then 1:1ubuntu1 seems fine?
<rbasak> But I think 1:1ubuntu1 is fine for now and there isn't anything that can be solved with a new upload
<smoser> thanks
<jamespage> cpaelzer: ok so its something endian-y but my erlang is not good enough
<[diablo]> cheers Odd_Bloke ,sorry only just seen the reply
<muhaha> Is there any systemd audit log?  Or to view system activity I have to install auditd package and then look into /var/log/audit/audit.log ?
<balance1> hi
<_13LACK_> balance1: hi
<balance1> so a friend has a ubuntu server and if he has a usb device plugged in he gets into maintenance mode. What could be the reason for that? I wasn't able to see anything problematic but then I don't know ubuntu at all and this part of linux also isn't my speciality.
<teward> 'maintenance mode' sounds like something specific to that server
<teward> we'd need more information to try and help out
<teward> like what exactly they're seeing, what error messages if any they see, what's on the USB device, etc.
<_13LACK_> balance1: look the fstab line ... the fifth field and sixth field
<_13LACK_> example: LABEL=t-home2   /home      ext4    defaults,auto_da_alloc      0  2
<_13LACK_> the "0" and "2" means frequency and order to filesystem checks at boot time
<_13LACK_> balance1: maybe the fifth field (0 on this example) have a non-zero value
<balance1> give me a min, I cna't look at it but I do have some logs and stuff, maby ethe fstab file was in there too
<balance1> teward, he has a HP ProLiant Microserver Gen8 - I somehow assumed that maintenance mode is a ubuntu-server specific thing. _13LACK_ no fstab file atm but I looked at it and it seemed to just mount the hard disks and 1-2 partitions, nothing special. The usb device (e.g. a usb stick, he tried 1-2) aren't listed in the fstab file - why should they? or do you think it's possible that the order in the fstab files start at a
<balance1> higher number, allowing an usb stick to "hijack" the lower and thus the server tries to boot form it? or what's your though here?
<teward> balance1: sometimes if fstab refers to a USB device and one is connected it'll fail out
<teward> if misconfigured
<teward> but that's usually rarer
<balance1> I'll have to recheck, it might be possible since the usb device is a "dock" to change HDDs. I first thought it might get mounted using fstab but iirc it doesn't. I'll have to recheck. Sadly I can't just ssh on the server so what logs might be helpful here?
<_13LACK_> balance1: I just think that someone had created a fstab mount line manualy to this USB drive.
<balance1> _13LACK_, woudl make sense, I'll have to recheck
<_13LACK_> balance1: Tell me... If remove USB drive from server and power on the server, it gets into maintence mode?
<_13LACK_> balance1: If have a fstab mount line, try to set the numbers as "0 0"
<balance1> _13LACK_, the server works fine if you start it without a usb drive inserted(port doesnt matter btw).  you can then plug it in once it's started up
<balance1> _13LACK_, I'll check the file but atm I cant access it. so I'll have to wait
<_13LACK_> balance1: ok... I just gave you an idea.
<_13LACK_> balance1: I have to go now... I wish you good lucky
<muhaha> Is there any systemd audit log in Ubuntu 18 by default?  Or to view system activity I have to install auditd package and then look into /var/log/audit/audit.log ,right ? ?
<DammitJim> What is a good enterprise backup solution for laptops (that also run VMs)?
<DammitJim> maybe not a good question for ubuntu-server even though I picture the backup software running on a server...
#ubuntu-server 2018-12-19
<lordievader> Good morning
<lotuspsychje> DemomanCA: explain the details of your issue here please
<lotuspsychje> DemomanCA: also idle & patient a bit, as volunteers might still wakeup at this time
<DemomanCA> Thanks lotuspsychje, so I have a fresh 18.04 install, 2 network interfaces together in an LACP bond. Interface works fine on boot, grabs IPv4 and IPv6 address from my DHCP server, all good. However, any time systemd-networkd restarts, the network stops working. Main causes are systemd updates or if I change a config and run sudo netplan apply. No idea where to start troubleshooting
<DemomanCA> this....
<muhaha> Anyone is using OpenID,SAML for login to Ubuntu ?
<Delvien> Changed /etc/hostname, and entries in /etc/hosts and still cant get ubuntu server to change its hostname. what am I missing?
<tomreyn> dhcp
<Delvien> its statically set
<tomreyn> which ubuntu release is it?
<Delvien> 18.04.1
<tomreyn> does "hostnamectl status" report what you expect it to report?
<Delvien> Static hostname is correct, transient hostname shows old one?
<Delvien> did a hostnamectl set-hostname, gonna reboot see if it sticks this time
<tomreyn> i would quote the man page but it's a bit long
<Delvien> and it reverted again
<tomreyn> hmm, how did you install?
<teward> did you edit /etc/cloud/cloud.cfg and make sure yo uset preserve_hostname from 'false' to 'true'?
<teward> if you used the live installer it might do evil things like this if you reboot and revert the hostnames after you make changes
<Delvien> i did live installer, but preserve_hostname is set to false
<teward> set it to true
<teward> it should now stick
<Delvien> OHhh i see
<Delvien> man things have changed for ubuntu server since the last time i used it
<teward> cloud-init is an annoying piece of [CENSORED REDACTED CENSORED] and if that file is present in the install it can cause headaches
<teward> nah it's a subiquity / live installer ISO headache
<teward> if you use the alternate installer it still works as normal
<Delvien> yeah had to fix the damn sources too
<teward> though you still need to hostnamectl and such
<Delvien> Ahhh that did it
<Delvien> thank god, i was about to switch back to fedora server lol
<powersj> teward, have you filed a bug against subiquity for this behavior?
<teward> powersj: IIRC this is known cloud-init behavior
<teward> not subiquity
<powersj> that doesn't mean subiquity is doing the right thing
<teward> true, but i haven't filed a bug yet, no.
<teward> E:TOOBUSY
<teward> powersj: also, since I use a modified 18.04.1 template to deploy all my servers, or I'm doing per-system manual installs, or installs that're LXD container based... I don't have the issue anymore
<teward> so i've never gotten around to it :P
<teward> powersj: assuming I don't forget, should I file a bug against cloud-init or subiquity in this case?
<teward> because it sounds like subiquity needs to adjust the cloud config but doesn't.
<teward> and I haven't tested the 18.10 or 19.04 dailies yet to see if they exhibit the same behavior
<powersj> teward, I'd say start with subiquity
<teward> ack
<teward> powersj: would i have to do that from a live session or would filing from my 18.04 install suffice?
<teward> at least for the `ubuntu-bug` stuff
<powersj> your install is fine
<teward> oh... that's unusual
<teward> $ ubuntu-bug subiquity
<teward> dpkg-query: no packages found matching subiquity
<teward> :|
<teward> guess i'll do it manually then
<teward> powersj: https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/1809155 <--
<ubottu> Launchpad bug 1809155 in subiquity (Ubuntu) "subiquity in 18.04.1 via cloud-init doesn't set hostname persistence" [Undecided,New]
<powersj> teward, thanks!
<NyanCat> ... Anyone know where I can find auth.log or like, anything else?
<NyanCat> my /var/log is uncomfortably empty
<sarnold> did you happen to mount other filesystems over it?
<sarnold> or are you currently 'in' a namespace without populated directory?
<NyanCat> No, it's a brand new system
<NyanCat> There are files *in* /var/log, just not auth.log, syslog or kern.log
<teward> powersj: five monopoly bucks says it's a cloudinit headache problem :P
<NyanCat> Should probably mention that this is OVH's 16.04 ARM template
<NyanCat> Which is already stupid annoying to begin with as it's missing some very basic packages
<NyanCat> but I can't imagine why they'd have taken out logging
<tomreyn> hdn't ovh signed this agreement not to modify ubuntu images?
<NyanCat> I'm missing quite a few things by the looks of it, TBH
<NyanCat> I was able to read the sshd logs with journalctl but that's not really a replacement (IMO) for auth.log
<NyanCat> I'm gonna send in a ticket asking them 'the hell they're doing
<tomreyn> there used to be this https://www.reddit.com/r/linux/comments/4ov74y/ovh_founder_on_twitter_canonical_is_attempting_to/
<teward> tomreyn: did they?  Was that enforced with Canonical Legal?
<teward> if it was we can go bash OVH with a hammer... :P
<tomreyn> i don't remember the final outcome, but have a hunch they agreed to the terms in the end.
<NyanCat> https://www.irccloud.com/pastebin/TUpJsg4e/
<NyanCat> for anyone curious though there's the directory structure in /var/log
<tomreyn> is this a VM or dedicated?
<NyanCat> It's a dedicated server
<NyanCat> One of their ARM servers though
<tomreyn> and which version does lsb_release -ds report exactly?
<NyanCat> well that's just it
<NyanCat> lsb_release doesn't work
<NyanCat> /etc/os-release $VERSION is set to 16.04 though
<teward> lsb_release doesn't work how?
<teward> doesn't say anything?  isn't installed?
<teward> E:NotEnoughInfo
<tomreyn> also: cat /etc/issue
<NyanCat> Looks like just lsb-release isn't installed
<NyanCat> stand by
<tomreyn> if you could pastebin /etc/os-release that's be nice, too
<NyanCat> Ubuntu 16.04 LTS
<tomreyn> so it's 16.04.0 apparently
<NyanCat> https://www.irccloud.com/pastebin/1IWduBTP/
<tomreyn> it is :-(
<tomreyn> i suspect there may be no syslogging daemon installed, thus no /var/log/syslog
<NyanCat> tomreyn: that's exactly it
<NyanCat> rsyslog is not installed
<NyanCat> It just seems, if OVH was going for a minimal image to use on these servers, that's probably the one thing I wouldn't have left out of the image, you know
<NyanCat> so Â¯\_(ã)_/Â¯
<NyanCat> issue fixed
<tomreyn> NyanCat: you might want to install updates, though, since you must be lacking a lot.
<NyanCat> that's the other screwy thing
<NyanCat> there's nothing available
<tomreyn> it'd be nice to see your apt-cache policy (after apt-get update)
<NyanCat> https://www.irccloud.com/pastebin/T4mM5IDb/
<tomreyn> no security patches for you
<tomreyn> nor any updates
<NyanCat> well, it's not like i needed security, it's not paramount or anything, right???
<NyanCat> ....*nervous laugh*
<tomreyn> NyanCat: i'm sure your host can provide a qualified statement on this.
<NyanCat> lol
<NyanCat> OVH and qualified in the same sentence
<NyanCat> Worth a shot, but sending a trouble ticket to OVH is like giving a kid $5 to go get bread and expecting them to come back with bread
<tomreyn> in the past it's been common for hosters (i've seen several do so) running arm systems to fix the kernel image to the image they shipped, for whihc no sources were available.
<tomreyn> that's because upgrading them is not neccessarily flawless, and if they break repairing cantake more time.
<tomreyn> and if you decide to stick to a certain kernel image you may want to keep the user space the same, too, i guess. so maybe this is what you'Re seeing.
<tomreyn> is it a good idea to do this, and connect this to the internet? definitely no.
<NyanCat> I'm running "vanilla" according to them
<NyanCat> When you image the server one of the advanced configuration options is to use the distribution or vanilla kernel
<tomreyn> cat /proc/version should tell
<NyanCat> ..... no way
<NyanCat> I'll send you a message for this one, it does reveal IPs
<tomreyn> NyanCat: the FQDN in the kernel string just reveals the hostname of the system this kernel was built on.
<NyanCat> So it's purely coincidental that the FQDN happens to resolve to an IP in the same subnet as my server
<NyanCat> I suppose, if that particular block was reserved for their ARM servers
<tomreyn> i don't know how they do IPAM, there is #ovh, maybe someone knows there, but i doubt they'll disclose it.
<mwhudson> teward: thanks for filing that bug
<maddawg2> hmm so i installed ubuntu server 18.04LTS and it seems (correct me if I'm wrong) that 3rd party repositories are disabled?
<maddawg2> if so how do i enable them
<sarnold> add files to /etc/apt/sources.list.d/ as you decide you want them
<mwhudson> maddawg2: you expected some third party repos to be enabled by default?
<maddawg2> umm no i added them but for whatever reason apt-get is providing me errors now that were not existing in 16.04
<maddawg2> i think maybe i found the reason
<maddawg2> universe repository is disabled i think by default
<mwhudson> ah that
<maddawg2> it was unable to grab dependencies
<mwhudson> that's fixed in the latest iso btw
<maddawg2> ah
<maddawg2> good to know.. i downloaded this one maybe 6 months ago but never got around to upgrading my server
<mwhudson> http://releases.ubuntu.com/18.04.1.0/
<maddawg2> hm the ISO i have is labeled: ubuntu-18.04.1-live-server-amd64.iso
<maddawg2> that not the same as 18.04.1.0?
<tomreyn> file names will be the same
<tomreyn> checksums will differ
<tomreyn> actually i'm wrong, sorry
<tomreyn> the updated ISOs seem to be named ubuntu-18.04.1.0-live-server-amd64.iso (extra ".0")
<maddawg2> i wonder why it wasnt there to begin with tbh
<maddawg2> seems like a big oversight... makes me wonder wehat else is borked :-P
<sarnold> an apt update && apt upgrade will show you the rest :)
<tomreyn> maddawg2: if you would like a similar result to what the old (debian) installers provided, then use the 'alternative' (non-'live') server installer
#ubuntu-server 2018-12-20
<tomreyn> i.e. the live installer still deviates in more ways from the result the d-i would provide. the bug tracker has more details, but i'm not going into those now. ;-)
<lordievader> Good morning
<AlecTaylor> hi
<AlecTaylor> I'm thinking to move from Ubuntu Server. It's a little heavy, and whenever I login it needs upgrades then it needs a reboot. What's a better solution, maybe something with livepatch and auto updates?
<Ussat> https://www.phoronix.com/scan.php?page=news_item&px=Debian-AH-Archive-Removal
<Ussat> srsly
<keithzg[m]> Hmmmm, I'm suddenly (as of a few hours ago) getting no mails actually delivered on our mailserver with "delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)", everything's still in the postfix queue just not actually ending up in people's Maildirs, and amavisd does seem to be running . . .
<sarnold> keithzg[m]: what process did you expect to be listening on port 10024? does that process have logs?
<sdeziel> keithzg: what's in the logs regarding amavis?
<keithzg[m]> sdeziel: Nothing that seemed like any sort of failure, but about 20min ago I restarted amavis and about 2min after that everything started working again, so all's well that ends well?
<sdeziel> keithzg[m]: I've never seen amavisd vanish so I'd be a little worried
<sdeziel> maybe OOM reaped it?
<keithzg[m]> sarnold: 'twas indeed amavis on that port, and as far as I can tell it didn't really log any errors anywhere
<sarnold> :(
<keithzg[m]> sdeziel: Yeah it is indeed concerning; I'd be tempted to point fingers at the postfix update but that seems to be purely coincidental timing since it hadn't actually been pulled down by unattended-upgrades yet.
<sdeziel> keithzg[m]: amavis is the process listening on that socket so it can't be postfix's fault
<sdeziel> this is the "ingestion" port IIRC
<keithzg[m]> sdeziel I was thinking in terms of "postfix isn't actually trying to send to 10024 it just thinks it is", but yeah doesn't appear to have been the problem.
<sarnold> you got a connection refused error
<sarnold> that's a nice and concrete thing to work with :)
<keithzg[m]> Yeah and it does seem to have pointed me in the right direction since restarting amavis solved things for now. Tomorrow Keith will get to worry about the Why and if it might happen again, heh.
<sarnold> :D
#ubuntu-server 2018-12-21
<Jenshae> Hi all. I have managed to automate Ubuntu server in samba mounting Windows shares, doing rsync, backing up to encrypted, etc, etc. However, I still can't connect remotely to work via either an SSH tunnel to the Ubuntu server nor freeRDP to the Windows Terminals. This was meant to be my day off. :(
<Jenshae> I would use a WinBlows VM but it decided to ruin my day - https://i.imgur.com/88Ujl78.png
<Jenshae> Anyone have a good guide on how to mimic or use RDP settings to make up a connection via SSH or FreeRDP?
<tomreyn> Jenshae: are you asking how to connect to a windows system from an ubuntu client using the SSH or RDP protocols?
<tomreyn> posting blue screens on an ubuntu channel isnt ging to get you a lot of help ;)
<Jenshae> tomreyn: I am trying any method to connect to either the Windows or Ubuntu server at work from my home Ubuntu machine that has a WinVM.
<tomreyn> Jenshae: so you're trying to connect from within the windows vm running on your home ubuntu machine, or form the home ubuntu machine itself?
<Jenshae> Ideally, I would connect from my Ubuntu PC to the Ubuntu server at work.
<tomreyn> Jenshae: this is usually done with SSH to get access to a shell, and /or to tunnel the graphical desktop through a secure connection.
<tomreyn> Jenshae: however, running an internet accessible service on your work computer puts the company network at some risk, and you should first of all verify what this is ok by company policies. and then verify that you'Re actually able to make this conection (i.e. there are no firewalls getting in the way).
<tomreyn> the common way companies 'solve' this (and other) problems is by running a central VPN server, through which you can then connect to your work network from trusted remote computers.
<Jenshae> tomreyn: Considering I am the IT manager, I am sure it is fine. :P Besides, SSH would be more secure than the non-VPN WinDohs solution that my boss bought.
<Jenshae> I think my SSH attempts are failing because of the UTM.
<tomreyn> that may be. i assume the UTM is managed by you / your department then?
<Jenshae> I just don't know how to setup all the routing. E.G. would the external IP then the server I want be sufficient? Do I use the UTM as a gateway or the domain controller?
<Jenshae> Yes.
<Jenshae> I can add the port exception, it is closed right now because I don't need it.
<tomreyn> i understood UTM as "unified threat management", are you referring to a specific software or hardware?
<Jenshae> Former is correct
<tomreyn> former is also very unspecific.
<Jenshae> PC -> router -> webs -> routers -> UTM -> DC -> servers
<tomreyn> your goal must be to run an openssh server on the company ubuntu server, then configure the companies routing / firewalls to allow inbound traffic on the WAN interface to the servers' LAN address, on TCP port 22
<Jenshae> I think I just need to know what to put where in the connection string.
<Jenshae> Back later, I better head in and get the reboots done before others arrive.
<tomreyn> good luck
<Jenshae> Cheers o7
<tomreyn> on the ssh client on your ubuntu at home you'd connect to the (public) ip address of the company WAN router / firewall / UTM system. the next thing to work out then is authentication, but there are many guides online on that.
<tobias-urdin> coreycb: a friendly reminder that neutron and it's sub-projects (like neutron-dynamic-routing) just swapped over to new os-ken (ryu fork) which requires a new package
<kale> how do i change hostname?
<kale> or to ask in another way. how do i get ubuntu server to release its dhcp lease when it shuts own?
<TJ-> kale: I'm not sure systemd-networkd does preserve leases over a shutdown. It writes them to the /run/ tmpfs under /run/systemd/netif/leases/ so that doesn't persist. I think you'd need to ask in #systemd on how to enforce a release. I don't see anything in the man-page
<coreycb> tobias-urdin: thanks. it'll probably be after the new year before that gets done. btw eventlet was updated to 0.24.1.
<tobias-urdin> coreycb: thanks, happy holidays and new year in advance :)
<coreycb> tobias-urdin: thanks, and likewise! enjoy your holidays.
<bieb> I am trying to setup static IP on a fresh install of 18.04. I have edited the yaml file, and saved it, I then run "netplan --debug try" to see if there are any errors, all it says is: "error while loading /etc/netplan/01-netcfg.yaml, aborting." do I need to apply the file before debugging? I wanted to debug to make sure I entered the syntax correct, and had the right number of tabs at the beginning of the lines.
<lordcirth> bieb, did you run netplan try as root?
<bieb> lordcirth: yes
<lordcirth> bieb, most likely you have a YAML syntax error
<lordcirth> bieb, if you pastebin the config, I can take a look
<bieb> lordcirth: thanks.. I will look at it further.. and then hit pastebin, if I dont see the error
<Delvien> Docker kill <container id> gives me an error "unknown error after kill: runc did not terminate sucessfully: container_linux.go:393: signaling init process caused "permission denied"
<Delvien> apparently its an ubuntu only problem?
<Delvien> nevermind figured it out
<keithzg[m]> Almost right on schedule, mail delivery is failing again much like yesterday, although it's actually a *different* error message this time: `(delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting)`
<keithzg[m]> The amavis service claims to be running fine, but I think I'll try restarting it anyways since that seemed to clear it last time, and that would then help establish if it is indeed at least part of the problem.
<keithzg[m]> Definitely doesn't seem to be an OOM issue killing Amavis, since the mail server was only at ~2GB used out of 16GB RAM, and 0 out of the 32GB swap.
<JanC> not sure how your mail setup works, but temporarily suspended might refer to a service that is restarting and whatever was talking to it will retry later?
<JanC> or maybe amavis or something else can only handle a certain number of messages in parallel
<JanC> as long as it retries later there should be no problem
<JanC> if it loses messages then of course there is a real issue
#ubuntu-server 2018-12-22
<keithzg[m]> JanC: After I restarted the Amavis service it instantly started passing along emails again, and flushing the postfix queue led to the mail system instantly tossing all the ones that had been building up in the queue into the respective mailboxes. Luckily indeed nothing is actually getting lost, but this is a rather unsettling quiet failure condition . . .
<keithzg[m]> I've added a mailq check to the icinga2 monitoring setup I use so I can notice (without relying on email, heh) when this happens, but alas I'm no closer yet to figuring out why it's happening . . .
<tomreyn> have you considered https://rspamd.com/comparison.html
<cryptodan_mobile> Find out why Mavis died
<cryptodan_mobile> Amvis
<cryptodan_mobile> Amavis*
<keithzg[m]> cryptodan_mobile: The problem in my case is, Amavis doesn't even appear to have died; it just mysteriously isn't responding to requests. The service status, and even the output of `ps`, give the impression everything's still A-OK, with no indication otherwise . . .
<cryptodan_mobile> Check mail.log
<sarnold> strace it
<sarnold> perf top it
<keithzg[m]> cryptodan_mobile: mail.log doesn't give any indication at all as to why amavis isn't actually responding, it only shows that it isn't; there's no indication otherwise of amavis going wrong, no lines claiming it's shutting down, etc etc.
<keithzg[m]> sarnold: Yeah it's getting to the point of having to dig that deep, alas I'm pretty inexpert at that level.
<keithzg[m]> I guess now's the time to start finally learning ;)
<keithzg[m]> Well, "now" as in the near future, it's now the Friday evening that I start my Christmas holidays, heh
<cryptodan_mobile> keithzg[m]: could pastebin the log line showing amavis not working
<keithzg[m]> cryptodan_mobile: As I wrote above, this time around the log line for each mail not being able to exit Postfox's queue was `(delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting)`. The previous time it was instead `delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)`, which more directly pointed to amavis
<keithzg[m]> being the problem. Those lines, and that the postfix queue was visibly filling up with mail thus not being delivered, were the extent of evidence of anything going wrong that I could find.
<Sven_vB> hi! what's the situation of php5 in Ubuntu 14.04 LTS trusty? ("<ubottu> Sorry, I don't know anything about php5")
<Sven_vB> mostly, will it receive security updates next year?
<Sven_vB> s:will it:which versions will:
<tomreyn> are you planning to go into ESM? otherwise anytime is a good time to migrate off 14.04 which reach EOL in april.
<cryptodan_mobile> That means that amavis died and was no longer running. A few lines up from that should be a reason why keithzg[m]
<Sven_vB> anything that buys me time on upgrading my ancient web app makes my christmas holidays better. :)
<tomreyn> Sven_vB: ^ other than that i'm also interested in an answer to your question, but (a) you're more likely to get this during the week, (b) with no answer i'd expect that anything "ubuntu-support-status" on a fully patched system lists as supported is supported.
<Sven_vB> wow, ubottu says ESM is available even for 12.04 :D
<tomreyn> until arpil, yes
<Sven_vB> that's better than nothing. :) thanks!
<keithzg[m]> cryptodan_mobile: Sure wasn't anything else listing anything that gave any indication in that log that amavis had died. And as aforementioned, `ps` showed it still running, as did the service status and journal.
<NyanCat> tomreyn: Just an update... They don't care (In RE: OVH)
<NyanCat> Right now the only way I've figured out to restart or reload networking is to restart the server after modifying interfaces
<NyanCat> As for rsyslog, their response was that it's as minimal as possible
<NyanCat> They didn't comment on the fact that this template is for 12.04.0
<NyanCat> er, 16.04.0
<tomreyn> NyanCat: a pity. but that's a common approach with hosters offering hosted arm hardware. maybe the arm64 situation is or may get better, but i'm not certain.
<NyanCat> I'm under the impression they had a Kernel issue that essentially crippled the outbound traffic rate to 50Mbps
<NyanCat> Which is now resolved
<NyanCat> The issue with OVH ARM servers is that they're essentially EOL, they only built so many and they have no plans to produce anymore
<NyanCat> My guess is because of this logic, they just don't give a shit
<tomreyn> "resolved" by use of an outdated custom kernel which will never get updates?
<NyanCat> and whatever happens happens
<tomreyn> ilyad's (online.net) scaleway brand offers arm64, might be worth a try
<NyanCat> why isn't apt-transfer-https installed
<NyanCat> why OVH
<NyanCat> I'm playing around to see if I can get updates on this server\
<NyanCat> tomreyn: looks like you can get updates for this arch by adding xenial-security and xenial-updates to the sources.list file
<NyanCat> I'm going based on http://ports.ubuntu.com/ubuntu-ports/dists/
<tomreyn> NyanCat: of course you can. will it break the server? idk.
<NyanCat> we're about to find out
<tomreyn> also it may be better to reinstall if you already decided you dont trust their images. i never do.
<NyanCat> I'm not using this server for anything critical
<NyanCat> so I
<NyanCat> * so I'm just screwing around to get it to work properly at this momnet
<NyanCat> Just finished updating the server, issued reboot
<NyanCat> Let's see if we get back online or not
<NyanCat> oh hey, tomreyn
<NyanCat> Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.9.124-armada375 armv7l)
<NyanCat> I got in, looks like nothing's broken so far, and now the system is a tad more secure
<tomreyn> the kernel isnt, i suppose
<tomreyn> "cat /proc/version" says what?
<NyanCat> Linux version 4.9.124-armada375 (root@ns3034447.ip-51-255-90.eu) (gcc version 5.3.1 20160413 (Ubuntu/Linaro 5.3.1-14ubuntu2) ) #1 SMP Mon Sep 3 19:18:09 CEST 2018
<tomreyn> oh, sep 3, that's not as old as i assumed
<tomreyn> but its not an ubuntu kernel, and i assume you dont know how it was built
<NyanCat> If I had to guess, I would say by OVH
<NyanCat> based on the hostname of the build box
<NyanCat> which is kinda bad because I specifically said to use the distribution kernel and not OVH's special kernel when I imaged the machine
<NyanCat> But eh, if it works it works I suppose
<tomreyn> grub prefers the highest kernel version by default. ubuntu 16.04 comes with 4.4.0
<tomreyn> but then it's probably not a grub boot anyways
<NyanCat> that's a negative
<NyanCat> ran `dpkg -l grub*` which returned no results
<tomreyn> well, it's ARM
<NyanCat> but yeah, I did check in the repos and the kernel i'm running appears to be the latest available for armada
<tomreyn> which repository is it from?
<NyanCat> APT-Sources: http://last.public.ovh.hdaas.snap.mirrors.ovh.net/ubuntu xenial/main armhf Packages
<NyanCat> OVH's own, go figure
<tomreyn> upstream long term support for 4.9 is at 4.9.147, yours at 4.9.124, changelog is https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.147
<tomreyn> diff https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/diff/?id=v4.9.147&id2=v4.9.124&dt=2
<tomreyn> looks like yours lacks spectre fixes
<tomreyn> you could see what this reports https://github.com/speed47/spectre-meltdown-checker
<NyanCat> reports vulnerable to spectre
<NyanCat> :D
<tomreyn> so you might want to try to upgrade to a newer kernel actually. but then this may also require firmware patches.
<tomreyn> i guess i'd contact support and tell them you dont like what they sold you.
<tomreyn> (and that they should be letting systems in configurations which are insecure out of thee box, and difficult, if at all posibble, to secure)
<foo> Time to leave 14.04 and upgrade to 18.04.1 on Digital Ocean. Fresh install. Here goes nothing.
#ubuntu-server 2018-12-23
<foo> I'm moving an old digital ocean ubuntu 14.04 install to 18.04. I was going to see if I could retain old IP address... but after thinking about this a bit more, is there any disadvantage to simple updating A records (with a TTL of 10 minutes) to the new IP? Only downside is some IPs may cache for a 10 min window, correct?
<tomreyn> you may need to update PTRs as well
<tomreyn> + you will need to update the systems' network configuration
<foo> tomreyn: reverse DNS and/or PTR, yes. Will put in a request for that. Network conf is defaulting to digital ocean. Thank you! Doing some tests now to ensure sites run well, fairly basic.
<foo> tomreyn: Main purpose for PTR is for e-mail to not get flagged as spam, eh/ Or what else?
<tomreyn> nay other systems with IP based access control configurations will need to be updated accordingly.
<tomreyn> the main purpose of a PTR is to indicate who manages it, what its purpose is. FcRDNS is a common anti spam measure and the most common use of PTRs, yes.
<foo> tomreyn: I see, thank you
<tomreyn> (besides of just IPAM)
<foo> I'm on ubuntu 18.04, previously 14.04. On 14.04 I had my init scripts in /etc/init/
<foo> Is this still the place to put them on 18.04?
<tomreyn> !releasenotes | foo: Yes, but only if you strictly still have to use sysv init scripts. You really should use systemd, though, as discussed in the release notes
<ubottu> foo: Yes, but only if you strictly still have to use sysv init scripts. You really should use systemd, though, as discussed in the release notes: For release notes of a given Ubuntu release, please refer to the 'Docs' column on the 'List of releases' table at https://wiki.ubuntu.com/Releases
<foo> tomreyn: thank you, I set everything up on systemd now. Last step is to make sure it starts the service on reboot
<lotuspsychje> ask your details here weq
<weq> yeah just need to fix my driver again so I'm at the same point until I bug you guys with my issue.
<weq> damn wierd netgear usb card.
<weq> weird*
<weq> anyone able to share some insight in why a ubuntu server aren't able to connect to a wifi network? I can see the wifi with iwlist and afaik the netplan configuration is correct. Networkctl just reports that it is degraded in connection status.
<lotuspsychje> weq: interesting would be to paste your syslog errors about it, volunteers can take a look for you whats it about
<lotuspsychje> weq: your server doesnt have an eth port?
<weq> this is a home lab, so I have ethernet atm but I wish to utilize it on wifi for the convenince of it.
<weq> having a ethernet cable across the entire living room ain't exactly a popular opinion in the household.
<lotuspsychje> weq: could use those powerline eth adapters maybe in the future
<lotuspsychje> server over wifi doenst sound very comfy right?
<weq> it is just a lab, but it is so annoying to be so close but not having it pair with the AP. it can clearly detect it via iwlist scan
<tomreyn> weq: if you can show the netplan and resulting systemd-networkd and wpa_supplicant configurations (without revealing passwords / sensitive info), that'd make it easier to help you
<weq> trying to dump it all with pastebinit now
<weq> I'm threading on water on my wifi skills in linux also fyi
<weq> made a wpa_supplicant config with the iface name here http://paste.ubuntu.com/p/wjM8J3dBsT
<weq>  the netplan cfg is http://paste.ubuntu.com/p/J5BHMQS7Vd/
<weq> I'm sorta making throwing everything at this box to see what sticks
<weq> https://paste.ubuntu.com/p/64Y4tbzsX6/ last 50 lines of the syslog
<weq> dunno exactly what else would be of benefit to share, so please just ask for more intel.
<lotuspsychje> weq: your server up to date?
<weq> yes clean install of 18.04 update&upgrade completely.
<weq> installed yesterday.
<lotuspsychje> weq: chipset of your wifi card?
<tomreyn> contents of /etc/systemd/network/ may be of interest
<weq> afaik it is "Netgear-A6210", had to find a 3rd party driver and compile it myself.
<tomreyn> line 13 of http://paste.ubuntu.com/p/J5BHMQS7Vd/ is indented by one extra speace. not an issue, though, i think.
<lotuspsychje> weq: what was wrong with the driver module by default?
<weq> unsupported afaik.
<weq> tomreyn: the network folder is empty.
<weq> removing the extra space and then running netplan generate & apply did nothing.
<weq> nothing new of intrest in syslog either.
<weq> http://paste.ubuntu.com/p/c6TYmxkY6X/
<weq> https://paste.ubuntu.com/p/7qhqFXmntx/ the driver seems to work
<lotuspsychje> weq: can you tail -f /var/log/syslog and plug out wifi/plug back in and pastebin the output
<tomreyn> nothing in /run/systemd/network either?
<weq> sure. but the comments on the driver is that it might be unstable when plugging out and in
<tomreyn> ...nor in /lib/systemd/network ?
<weq> there is contents in that folder tomreyn, it has two config files. the one with the wlan0 interface just states that is will use dhcp etc nothing about SSID or anything similiar
<weq> in the /run folder
<weq> dhcp, linklocal,mtu and metric is all that is that file.
<weq> Ty for the intrest, I have to step out a while because of the inlaws etc. but if you have any points just highlight me and I'll probably keep working at this through the x-mas so :P
<tomreyn> i'venever done this myself, just reading up on it and doing peer review
<TJ-> weq: I'm confused; if you're using netplan to configure the WiFi why are you also configuring wpa_supplicant?
<bipul> When i'm booting Ubuntu server on Virtualbox. It's taking too much time to get network configured?
<weq> TJ-: been basically trying everything I've been able to google regarding how to configure it to see what stuck to the box.
<weq> I'm not that familiar with all these networking manager options in ubuntu anymore. and defintely not familiar with wifi in linux as my primary configuration is ethernet on linux and purely as a server host environment while this is basically a "wireless-lab" at the inlaws place.
<TJ-> weq: if this is a 18.04+ server install it'll be using systemd-networkd
<TJ-> weq: at each boot, the netplan YAML is 'rendered' into the network-manager config in /run/systemd/network/
<weq> and that is "all" right? netplan to populate the systemd-networkd ?
<TJ-> weq: you shouldn't need to do anything else; in fact if you manually create a wpa_supplicant.conf and have the wpa_supplicant service enabled it'll likely fight with systemd-networkd
<weq> I'll make sure to remove wpa_supplicant then, am I supposed to see the configuation regarding ssid etc in the /run/systemd/network configuration? cause I can't find any trace of it there.
<weq> it is present in my YAML and as far as I can see that configuration is correct though.
<weq> are there any options to configure wpa2-psk etc incase there are some negation errors? just to rule things out.
<TJ-> weq: I'm not entirely sure, my memory is struggling on that right now, but as I recall when configuring a wireless link systemd-networkd will activate it's own private instance of wpa_supplicant. I need to check on that though, got to ssh into a remote system to check!
<weq> I know for a fact that the provider is not supporting this particular nic on nix but there are community made drivers that do seem to work as I can clearly see the wifi network when scanning with iwlist. But I'm not sure if there is some feature missing in the driver to be able to connect. This is a bit out of my daily routine.
<weq> There is nothing of value in this system as of now so if it help I can set up a user and screen if you'd been be willing to take a look at this configuration later perhaps? We have have some x-mas things to go through here as I recon everyone has. regardless of geeky we are.
<TJ-> weq: remind of the pastebin link with your netplan config; I'll test it here
<TJ-> weq: no matter; found it
<weq> ty for trying.
<weq> if it is of any information this is the driver that I've compiled and installed              the wifi network when scanning with iwlist. But I'm not sure if there is some feature missing in the driver to be able to connect. This is a bit out of my daily   caliculk
<weq> whops
<weq> https://github.com/kaduke/Netgear-A6210
<weq> this touchpad, sry fot he mispaste.
<TJ-> weq: OK, I've created a separate YAML for wifis, and using "netplan --debug generate" to see what it creates. You should do that too to understand what it does. It looks like it generates both systemd-networkd and wpa_supplicant service files
<TJ-> weq: I daren't allow it to actually apply since that system is a very long way away :)
<weq> ok I'll try that soon to see what happens, but can you confirm that there is anything related to the wifi ssid and/or passphrase for the network in the /run configuration?
<weq> cause I'm not that familiar with netplan, so just curious if I'm supposed to see any of the ssid&passphrase information in my yaml in the networkd config. Cause what I've understood so far is that netplan is just a simplified method of making networkd config. YAML -> systemd-networkd.conf's
<weq> I would sorta expect that netplan would tell me of any syntax errors in the yaml though if it is sane.
<TJ-> weq: as the --debug shows, it writes a wpa_supplicant conf file to /run/netplan/ which you can inspect
<weq> ah k I'll traverse that as soon as I can, thanks. But are there any logs that will show the "pairing" attempt other that what I can expect from syslog?
<TJ-> weq: it is creating systemd services so you can look at those logs
<TJ-> weq: e.g. "systemctl status xxxx" or "journalctl -u xxxx.service"
<mojtaba> Hello, I am using Ubuntu 16.04 LTS and Torsocks as system wide proxy. Do you know how can I fix DNS leakage through Socks?
<weq> TJ-: hmm ok, I found the files you mentioned in run and the debug options. It is still the same error message. Dependency failed for WPA supplicant for netplan wlan0.
<weq> and I found this, though it is related to archlinux. https://bbs.archlinux.org/viewtopic.php?id=150087 It is similar but I'm not quite following the logic here. Not that familiar with systemctl at all.
<weq> and it seems like that "wpa_supplicant" config I made with ssid etc aren't being used what so ever and it afaik it shouldn't conflict given that paths I see in netplan --debug
<weq> and when I check the systemctl --all --type device I can see that the sys-subsystem-net-devices-wlan0.device is marked as loaded inactive dead
<weq> instead of the others devices in the list that is active and plugged.
<cryptodan_mobile> weq: does / did wifi work in a live session?
<weq> you need to explain that further for me to give a response cryptodan_mobile. You mean just a live linux? Haven't tried it. There is no driver natively available so I had to compile and install it from a community source.
<weq> http://paste.ubuntu.com/p/zXMKrhQ76B/
<weq> this is the entire systemctl device list
<cryptodan_mobile> Weq you sure that nic has a ralink chip
<weq> it is able to scan see the avaiable wifis here.
<lotuspsychje> wasnt it netgear?
<weq> it is the netgear ac1200 usb dongle, which afaik is the Netgear A6210
<weq> if I use iwlist to scan for wifi networks I can see the network I'm trying to connect to.
<weq> and as far as I can see in the /run files that TJ- described earlier both the ssid and passphrase is correct.
<cryptodan_mobile> weq: run "dmesg | nc termbin.com 9999" share link here
<lotuspsychje> cryptodan_mobile: weq told us his wifi driver didnt work by default, hence why the own compile
<weq> https://termbin.com/zpq1
<lotuspsychje> im also curious why
<weq> there is no wifi adapter available if I do ipconfig -a without compiling the driver then modprobing it.
<foo> Is there a way to use "mail" command in linux ubuntu with mailgun? I just did apt-get install mailutils... and realized it installed postfix + mysql common ... plus a bunch of stuff I probably don't want... I some random stuff on my system uses mail command but everything is routed through mailgun.
<weq> as far as you guys is this adapter natively supported?
<weq> https://paste.ubuntu.com/p/zXMKrhQ76B/ in that paste I'm curious if I'm supposed to use a different device than the one marked as dead. If I compare strings towards what is dmesg I can see the "same" information regarding usb and 1-5 at line 98. If that is really the device.
<weq> cause that seems to be the same scenario as this https://bbs.archlinux.org/viewtopic.php?id=150087
<lotuspsychje> mt7662u_sta: version magic '4.15.0-29-generic SMP mod_unload ' should be '4.15.0-43-generic SMP mod_unload
<cryptodan_mobile> weq: is secure boot enabled
<weq> no.
<weq> it is old hw so no secure boot
<lotuspsychje> could it be wrongly compiled weq ?
<weq> lotuspsychje: that might be due it had an older version prior, I had to make clean && make && make install this morning just to get the adapter back. probably due to an update.
<weq> lotuspsychje: it could, but I'm out of my league here.
<weq> I have not enough experience or knowledge on this topic to claim one or the other here.
<lotuspsychje> weq: well the best way of debugging things on ubuntu, is to keep as much as vanilla possible, perhaps see why the netgear driver doesnt load by default first?
<weq> any simple method of removing the driver I compiled to start from there? if that helps with the process of you getting a better grasp of the situation.
<weq> or would you prefere that I just start from scratch?
<lotuspsychje> yeah i would go from scratch
<weq> ok reinstalling now
<cryptodan_mobile> Weq [ 325.095355] ModemManager[772]: segfault at 0 ip 000055c5b3009659 sp 00007fffba8ebb20 error 4 in ModemManager[55c5b2fce000+123000]
<weq> that is greek to me... :-/
<cryptodan_mobile> So that maybe why it's not working that happened after the driver loaded
<weq> so reinstall, apt update&&apt upgrade anything else I should do before we try a more structured method of doing this?
<lotuspsychje> weq: always keep system up to date is always a good idea :p
<weq> that is my intentions :P
<cryptodan_mobile> Try using ubuntu 18.04
<weq> cryptodan_mobile: desktop you mean?
<cryptodan_mobile> Yeah
<weq> soon done reinstalling so will give that ago if there is "logical" reasoning to this after this. Had a crapton of troubles trying to even make the boot usb for some reason. Rufus didn't want to make the usb correct so had to a use a different linux laptop I had lying around to even make the usb to get a stick with no defects.
<weq> ok soon done updating. no wifi card visible in ifconfig -a
<lotuspsychje> weq: check with sudo lshw -C network
<weq> only the ethernet adapter there.
<lotuspsychje> weq: allright, then we need your full syslog after install, boot
<lotuspsychje> lets c what happens there
<weq> after a clean boot?
<lotuspsychje> weq: make sure system up to date to kernel -43 also ok
<weq> yeah will finish apt until it is completly done, reboot then pastebin the entire syslog
<lotuspsychje> great
<weq> do pastebinit filter syslog by default or something?
<weq> cat /var/log/syslog | nc termbin.com 9999 -> http://termbin.com/ju8w
<lotuspsychje> weq: something badly wrong with ureadahead there
<weq> what does that mean?
<lotuspsychje> big error list
<lotuspsychje> not sure why it does that
<Checkmate> Hey its possible to get https to my vps ip ?
<Checkmate> I've followed some steps on google but nothing happen !!
<weq> lotuspsychje: but should that have any impact on the issue? As far as I can understand ureadahead is only there to put config in cache basically?
<lotuspsychje> weq: well the errors list so far, i didnt find why your netgear didnt load, not related to our issue no
<weq> hmmm it even cut of the paste since there were so many messages.
<TJ-> weq: I'm back; just looked at the dmesg; the kernel you're using is v4.15. Instead of trying to build the kernel module out-of-tree why not try an Ubuntu Mainline build of either v4.19 or v4.20, which both have that module
<lotuspsychje> ah good idea TJ-
<weq> tail -f /var/log/syslog -n 500 | nc termbin.com 9999 -> https://termbin.com/7qie
<TJ-> grep -n '0846.*9053' /lib/modules/*/module*
<TJ-> /lib/modules/4.19.0-041900-lowlatency/modules.alias:9769:alias usb:v0846p9053d*dc*dsc*dp*ic*isc*ip*in* mt76x2u
<TJ-> /lib/modules/4.20.0-042000rc4-lowlatency/modules.alias:9796:alias usb:v0846p9053d*dc*dsc*dp*ic*isc*ip*in* mt76x2u
<TJ-> !mainline | weq
<ubottu> weq: The kernel team supply continuous mainline kernel builds which can be useful for tracking down issues or testing recent changes in the Linux kernel. More information is available at https://wiki.ubuntu.com/Kernel/MainlineBuilds
<weq> do-release-upgrade and go to 18.10 ?
<weq> is that what you want me to try?
<TJ-> weq: I have a script to automate dowload/install of Ubuntu mainline kernels  http://iam.tj/projects/ubuntu/wget_kernel_mainline.sh
<TJ-> weq: no, don't change the installed release, just install a recent mainline kernel :)
<weq> TJ-: just to inform you, we reinstalled now are running a clean 18.04 fully patched with no 3rd party driver atm.
<weq> so run your script and presto?
<TJ-> weq: by default the script will fetch/install the latest build, which might be a release-candidate. You also need to add the Ubuntu kernel team's GPG public key to the system keyring
<weq> I will be prompted for that won't I? after wget script && ./ script ?
<TJ-> weq: download the script, make it executable ("chmod +x wget_kernel_mainline.sh") then do "wget_kernel_mainline.sh -l" to fetch and display the list of versions
<TJ-> weq: I recommend doing this in $HOME/Downloads/ since it'll create a sub-dir ./kernels/ to download into
<weq> root@zulu:~# ./wget_kernel_mainline.sh -l | pastebinit
<weq> http://paste.ubuntu.com/p/pb5Mg3wKwx/
<TJ-> weq: Linus is due to release v4.20 before xmas day so it's OK to fetch the latest v4.20-rc7
<TJ-> weq: OK, now do "wget_kernel_mainline.sh" and it'll fetch v4.20-rc7
<weq> fetching now
<TJ-> weq: as I said you'll get a warning/error about not being able to verify the signature so you'll need to add that key to your sysytem keyring - the script tells you how :)
<TJ-> (or should!)
<weq> does the script also do some dpkg -i here?
<TJ-> weq: yes, it does everything
<weq> http://paste.ubuntu.com/p/7kHxKmwJbF/ so... apt install gpg or something? what package am I missing?
<weq> gnupg2?
<TJ-> weq: eerrrrr you've found a bug! it should have reported the failed key. is gnupg (gpg2) installed on that system?
<weq> nope clean install
<weq> so install gnupg2 the rerun the script ?
<weq> just to not frack anything up I'd rather do this step by step.
<TJ-> weq: yes, you can rerun the script, it won't upset it and it won't re-download anything it has already fetched
<weq> yes to install gnupg2 right?
<TJ-> weq: yes, although it should be installed to support apt-key
<weq> and then apt-key and the RSA key right?
<weq> since that also fails
<TJ-> weq: this is the key you need: http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x0856F197B892ACEA
<weq> ok key installed and it is unpacking the deb files now.
<TJ-> nice one :)
<TJ-> so the script did tell you the key ID finally?
<TJ-> I'd best add some functionality to ensure gpg is available and working!
<weq> wth?... https://paste.ubuntu.com/p/5TyVN42HcJ/
<weq> I think there might be some fs issues here. I see all of the suddenly it has remounted as RO.
<TJ-> weq: looks like the storage device/file-system went read-only in the middle of operations
<TJ-> weq: check "dmesg | tail -n 50"
<weq> fsck /dev/sda2 -y now, rebooting
<weq> it happened last time I rebooted also,
<weq> err reinstalled.
<TJ-> weq: better check the SMART log if the device has one, using smartmon-tools smartctl tool
<TJ-> weq: I have to go to dinner now, hopefully you can sort that issue out
<weq> would be wierd if there is any physical issues on the drive as it is brand spanking new but we'll see.
<weq> ok TJ-, script also done now and rebooting to boot into the 4.20 kernel.
<weq> ok we are now on 4.20.0-042000rc7-generic, syslog is as long as the chinese wall because of the unknown ureadahead error but I can upload it in it's entirety to a server if needed.
<weq> lshw -C network still only reveals the ethernet card and no usb card. lsusb still shows that the realtek card is there.
<lotuspsychje> weq: that dongle is kinda old?
<weq> made 4 years ago or so.
<weq> the father in-law do have a linksys wifi pci adapter here as well which is even older but I sorta want to avoid trying that it is 11mbps only.
<lotuspsychje> weq: can we see your new syslog on the 4.20?
<weq> ofc I'm crap at sed so able to help me filter away the crap from ureadahead so that you get only the valuable parts instead of half of the syslog ?
<weq> hmmm I've lost internet on that machine now all of the sudden
<weq> there restarted systemd.networkd.service
<TJ-> weq: I'm beginning to suspect many of the issues on that system are due to a broken disk drive
<TJ-> weq: the earlier segfault in ModemManager for example, and the other issues
<weq> installing smartmontools now
<weq> smartctl -a /dev/sda ?
<weq> is that suffient?
<TJ-> weq: yes
<weq> http://paste.ubuntu.com/p/QYk8hzTfKz/
<weq> overall passed
<TJ-> weq: so the next suspect is the RAM modules, because there's something not right causing the I/O problems
<TJ-> weq: but referring back to v4.20 and the WiFi module, we need to see the kernel boot log to get any sense of what went wrong
<weq> how can I share that properly?
<weq> given that we have thousands of ureadahead ignored relative path messages in syslog.
<weq> cat /var/log/syslog | sed -i 'zulu ureadahead[378]' > full_syslog.log or something ?
<weq> I'm really crappy at regex and sed
<TJ-> weq: "sudo apt install pastebinit" then "journalctl -b | grep -v ureadahead | pastebinit"
<weq> http://paste.ubuntu.com/p/3SSPNPWDqQ/
<weq> I see it at line 751
<TJ-> line 923 "mt76x2u: probe of 1-5:1.0 failed with error -2"
<TJ-> weq: lets see if it needs firmware, although that wouldn't result in this error -2: "modinfo mt76x2u" and see which firmware files it lists, then check if they're in /lib/firmware/ - if not, we possibly need to grab/extract them from the mediatek source package
<weq> http://paste.ubuntu.com/p/cXMTvw54g3/
<weq> no mediatek in /lib/firmware
<TJ-> -2 == -ENOENT which isn't very revealing
<weq> root@zulu:~# ls /lib/firmware/ | grep mediatek
<weq> no results
<TJ-> weq: where did you get the original mediatek source package from? do you still have it so we can extract the firmware files from it?
<weq> what source package? you mean the 3rd party driver I found prior to reinstalling?
<weq> as of now this what we done, clean install, patch OS, upgrade to 4.20, install smart tools
<TJ-> weq: yes
<weq> https://github.com/kaduke/Netgear-A6210 this was the repo I downloaded in the previous install
<weq> and then compiled & installed so I could see the wifi networks with iwlist
<weq> git clone repo, make, make install, modprobe, iwlist wlan0 scan showed the wifi in the previous install. Haven't done anything like that in this install yet.
<weq> only what you've suggested.
<weq> thanks again for being so patient and willing to lend me your experience.
<TJ-> weq: they're in the latest linux-firmware repo: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/mediatek
<TJ-> weq: you can fetch the 2 you need; you'll need to create the directory for them, as in "sudo mkdir /lib/firmware/mediatek" first
<weq> can I just wget them raw or clone the repo and copy them into /lib/firmware?
<weq> ok
<TJ-> weq: yes, you can fetch them with wget
<weq> all of them ?
<TJ-> weq: you only need the 2 that the modinfo command listed
<weq> ah k
<weq> 7662 then
<TJ-> weq: those of them "mt7662u*"
<weq> root@zulu:/lib/firmware/mediatek# ls
<weq> mt7662u.bin  mt7662u_rom_patch.bin
<TJ-> weq: then check if the module is still loaded with "lsmod | grep mt76" - if no result, then try "sudo modprobe mt76z2u" then recheck kernel log with "dmesg | tail"
<TJ-> oops, typo
<TJ-> weq:  "sudo modprobe mt76x2u" then recheck kernel log with "dmesg | tail"
<weq> http://paste.ubuntu.com/p/F2CX5Nft8p/ no idea what I'm looking at there if it is correct or not. Does it automatially load files that just pop in?
<TJ-> weq: it's loaded so we need to unload it first; "sudo modprobe -r mt76x2u"
<weq> then modprobe mt76x2u to reload it right?
<TJ-> yes
<TJ-> and lets hope that -2 error was due to missing firmware, and now it gets further
<weq> another command another error
<weq> -5 now
<weq> http://paste.ubuntu.com/p/8QGdtdnR2Z/
<TJ-> That's -EIO
<weq> hmm I was a bit quick -71 also dunno what makes more sense for you.
<TJ-> weq: LoL "mt76x2u 1-5:1.0: ROM patch build: <!DOCTYPE html>" that's your fault !!! :D
<TJ-> your wget command hasn't fetched a raw firmware file it has fetched an HTML document :D
<weq> how? :P I just did wget after copying the file.
<weq> lol I see it :P
<TJ-> weq: presumably the link you gave wget doesn't fetch the raw file but an HTML overview
<weq> yeah I'll fix that quick and modprobe -r and modprobe it once more
<TJ-> You need the "plain" links
<TJ-> Thank goodness it showed the file header in the log else we'd not have realised
<weq> sorry, not used to git.kernel.org compared to github etc.
<weq> http://paste.ubuntu.com/p/D8XgpYpkP2/ there
<weq> modprobe -r && modprobe done
<TJ-> Try removing and re-inserting the USB device itself
<weq> ok
<TJ-> it may be confused with everything we've done to it :D
<weq> http://paste.ubuntu.com/p/yPbZn64QBP/ after unplug and insert
<TJ-> wooo hooo, you have a device wlxc0ffd4b2f709
<TJ-> try "iwconfig"
<TJ-> you might want to "sudo apt install wireless-tools" for additional bits and pieces for diagnosis
<TJ-> then you can do things like "sudo iwlist scan" to see if it can detect any APs
<weq> gotta go afk here couple of mins so please stay with me when I return
<TJ-> weq: I suspect all you need now is put that device name in the netplan config :)
<weq> there done opening presentens today. lets give this ago.
<TJ-> You're early!
<weq> this familiy does it on the 23rd and the 24th cause they are such a big familiy at the 24th so it would take the entire night otherwise.
<weq> so mostly today and some minors tomorrow.
<weq> but no go it looks like TJ-...
<weq> http://paste.ubuntu.com/p/w7kTkGsVgd/
<weq> it can see the wifi still and heck of alot more info with iwlist scan now than before.
<weq> but it won't pair it seems
<TJ-> weq: OK, but you're making progress. So now we look at the wpa log
<weq> networkctl says almost the same as before. setup = configuring
<weq> indeed
<weq> where is the wpa log?
<TJ-> weq: something like " journalctl --u netplan-wpa@wlxc0ffd4b2f709.service "
<weq> http://paste.ubuntu.com/p/qKQG8RDxWs/ such a great error
<TJ-> weq: so maybe that starts the main wpa_supplicant.service? is there a log for that?
<TJ-> weq: you could do "journalctl -n 50"
<weq> yeah it is complaing about missing /sbin/wpa_supplicant
<weq> so I guess I need that package also
<TJ-> hahah yes well it would help :DD
<weq> Dec 23 21:09:34 zulu systemd[4528]: netplan-wpa@wlxc0ffd4b2f709.service: Failed to execute command: No such file or directory
<weq> Dec 23 21:09:34 zulu systemd[4528]: netplan-wpa@wlxc0ffd4b2f709.service: Failed at step EXEC spawning /sbin/wpa_supplicant: No such file or directory
<TJ-> weq: at least its an easy fix
<weq> crossing my fingers now.
<weq> hmm that killed my ssh connection also, gotta check the host physically then. probably restarted networkd or something
<weq> nah even worse. kernel panic..
<TJ-> I've not seem many pain-free experiences with USB 802.1ac devices
<weq> it is working.. it seems... going to unplug the ethernet and just try a reboot to confirm
<weq> we are connected and have gotten an ip atleast.
<TJ-> :)
<weq> I'm at a loss for words how grateful I am for your patience to you all.
<weq> No freakin way I'd be able to do this without for sure.
<TJ-> weq: in these kind of hardware/driver cases I always recommend checking if the latest mainline kernel can help
<weq> I have rather little experience with hardware and drivers in linux.
<weq> hmm seems like we aren't there yet though :P
<weq> we have IP but I'm unable to ping the gw.
<TJ-> weq: can the gatweay ping the PC?
<weq> in arp I can see the gw ip and mac.
<TJ-> any firewall rules on either?
<weq> not able to ping from the router, but my laptop can't ping the linux box
<TJ-> If the PC has obtained an address using DHCP then you know they can talk
<weq> yeah but not sure what is happening exactly here now.
<weq> ifconfig doesn't report any rx or tx errors either.
<TJ-> go back to the logs
<TJ-> "journalctl -n 50" -- any recent clues?
<weq> nope.
<weq> resolved complains about using degraded feature set but I'm pinging ip's not any dns names.
<TJ-> plug in the cable, install tcpdump, monitor the wifi link
<TJ-> weq: that warning is pretty standard
<weq> yeah figured as much
<weq> hmmm any suggestion to parameter on tcpdump? tcpdump -i interface -vv -w tcpdump.pcap or something?
<weq> with those params it does capture some data atleast
<TJ-> weq: "sudo tcpdump -ni wlxc0ffd4b2f709" is enough
<TJ-> weq: the purpose is to confirm there are packets received and sent
<weq> there is content yeah, can see some traffic like the apple tv in the household etc.
<weq> started a ping from the box to the gw as well
<TJ-> weq: are those multicast packets then?
<weq> 60 packages received by filter 0 dropped by kernel
<weq> yeah apple devices are noisy that way
<TJ-> weq: has the PC got a valid route? "ip route show"
<weq> https://paste.ubuntu.com/p/ZbRG5M6Fwc/ the tcpdump
<weq> yeah it has configure 192.168.1.1 as default for wifi device
<weq> but a gw shouldn't be needed for lan?
<TJ-> what is the IP address on the PC?
<weq> 205
<TJ-> OK, so I see successful ping echo/responses there
<weq> wow yeah there are some
<weq> there is huge package loss
<weq> 98% package loss infact in the other tty I started a ping
<weq> out of 261 transmitted only 5 were sucessfull.
<weq> poor implementation of the driver then? cause the physical location and coverage should not be a issue
<weq> I'm sitting with my win laptop at the same location without any issues nor loss.
<TJ-> yeah; I read that there is an issue when the device scans but I thought that was effectvely solved by now
<TJ-> I'm afraid you've managed to pick a device where the manufacturer doesn't care about Linux
<weq> not a choice really :P
<weq> father in-law's available choice of viable HW for a potentional wifi lab :P
<weq> well then I'm going to call it for this particular nic tbh.
<weq> so if he wants a wifi lab based solely on a ubuntu that nic is a no go.
<TJ-> You've done everything you can with it. It's a problem for any Linux device
<weq> for productivty I'd think I'd rather recommend him sticking to win10 on this machine and vbox for experimenting
<weq> you've done everything :P I'm just a puppet with the idea in this.
<TJ-> there are a few manufacturers known for no/terrible support for Linux
<TJ-> I'd just use an 802.11n device, that works reliably
<weq> the linksys device he has might have better success but 11mbps only :|
<TJ-> 802.11an even
<weq> might as well use sneakernet then.
<weq> thanks again for all the help and assistance. I learned a ton atleast. Thanks TJ- cryptodan_mobile and lotuspsychje.
<Checkmate> I've question do i can get https with green bar on a vps ip address ?
<Checkmate> i always got message with Your connection is not private
<mybalzitch> letsencrypt would probably be the simplest solution
<cryptodan_mobile> Checkmate: you are using a self signed cert
<Checkmate> mybalzitch yeah for domains not ips :v
#ubuntu-server 2019-12-16
<lordievader> Good morning
<Ecko_> Huh
<sarthor> HI, Can I create restore point / reset point in Ubuntu 16.04 Server ? If yes, Can some one please guide me or share tutorial etc url. I searched web, but am unable to find the exact one. or may be I was not lucky to identify the accurate one. HELP Please.
<oerheks> sarthor, there is no such option AFAIK
<lordievader> You can make a disk image and restore that.
<Odd_Bloke> Aison: Is that radvd issue persisting?
<coreycb> sahid: aodh looks good but can you drop py2 BDs and make sure it builds on bionic?
<sahid> coreycb: ok
<sahid> coreycb: do you want me to make sure that build on bionic for all the packages?
<coreycb> sahid: one may be enough to sanity check. for nova I switched to pybuild and debhelper = 12, which may have helped with the cloud archive backport
<coreycb> sahid: on our spread sheet I'll note the ones that are likely merge candidates
<coreycb> sahid: btw same py2 comment for everything in focal
<coreycb> jamespage: I'm uploading a new version of python-pysaml and dropped dfsg from the version now that Files-Excluded have been fixed in the release tarball.
<Aison> Odd_Bloke, no, it suddenly disappeard?!? no idea why
<Odd_Bloke> Aison: That's... good, I guess? :p
<Aison> Odd_Bloke, yes, that's good :-) just strange that it stopped working ^^
#ubuntu-server 2019-12-17
<RootChaos> morning all, i'm having a tuff time picking up new LUNs on Ubuntu 18.04 - Using the rescan-scsi-bus -a --largelun -w -c -d command is not picking up any new LUNs assigned to the host from the storage controller - I'm not sure what to try next... Hoping someone here might have some ideas?
#ubuntu-server 2019-12-18
<lordievader> Good morning
<coreycb> sahid: designate is pushed/uploaded. thanks.
<sahid> thanks coreycb
<coreycb> cool, thanks
<coreycb> sahid: aodh pushed and uploaded
<coreycb> sahid: i just backported a new python-diskimage-builder so hoping that fixes up the ussuri backports
<sahid> ack, i think we need to bump the ersion of python3-sqlalchemy-utils to >= 0.33.10
<coreycb> sahid: ok I pushed a branch to lp:~ubuntu-server-dev/ubuntu/+source/python-sqlalchemy-utils. I see upper-constraints at 0.36.0.
<coreycb> sahid: networking-* uploaded
<sahid> coreycb: ack thanks
<okdana> hello, could someone help me understand how i'm meant to use pg_upgradecluster (tool for upgrading postgres databases) when the ubuntu repos don't maintain the older postgres packages it needs to work?
<okdana> e.g. cosmic/disco/eoan only have postgresql-11
<sdeziel> okdana: I've only used this tool when upgrading from LTS to LTS but it shouldn't matter. According to my notes, the new version will be able to upgrade the old cluster
<sdeziel> okdana: when I upgrade from Xenial to Bionic, I do: pg_dropcluster --stop 10 main && pg_upgradecluster 9.5 main && pg_dropcluster 9.5 main
<okdana> that's what i'm planning to do, experimenting with upgrading from bionic to focal (which does have 11 and 12, but obv i'm on 10)
<okdana> but pg_upgradecluster returns: pg_controldata not found, please install postgresql-10
<okdana> and it was my past experience that it needs the binaries from the current/old version
<sdeziel> okdana: IIRC, the old PG version is letf installed after an upgrade, no?
<okdana> for an in-place upgrade, probably, yeah
<okdana> you reckon that's the intended use case?
<sdeziel> okdana: right, I've only used that tool when doing in-place upgrades and thought it was your case
<sdeziel> okdana: if you need the old version on a freshly installed machine you can probably resort to using apt.postgresql.org
<okdana> unfortunately not, it will be a sort of 'a/b' situation, where focal is installed from scratch onto another partition and then we switch over there
<okdana> yeah, might have to
<okdana> i think we might have done that last time actually, but we were already using their repo anyway
<okdana> unfortunately the postgres repo doesn't have any focal packages yet
<Ussat> anyone have a min to look at something. My syslog-ng conf file has directives for both UDP and TCP, but I am not getting any logs via tcp, netstat shows I AM listening.  https://pastebin.com/K5HV6amj
<Ussat> anyone have any ideas, this is latest Ubuntu 18.X
<Ussat> UDP works fine
<Fieldy> hello, how do i restart the network on ubuntu server 18.04.3 LTS? I would rather not reboot just to do this
<mybalzitch> have you tried "sudo service networking restart"
<Fieldy> ahh, i was doing sysctl not service. i'll give that a shot
<Fieldy> er systemctl. tired.
<mybalzitch> :)
<mybalzitch> I'm not sure it works with netplan, might only be a ifupdown thing
<mybalzitch> but I purged that trash from my install
<mybalzitch> sudo service netplan restart might do something
<Fieldy> thanks!
<tomreyn> on 18.04, the "service" command should really be a wrapper around systemctl, like it was a wrapper around upstart and Sys V init in the past.
#ubuntu-server 2019-12-19
<sdeziel> Ussat: you probably double checked but maybe it's iptables getting in the way? I'd also verify with tcpdump to see what's going on
<DWSR> Hey all, I'm trying to figure out how to run a Bionic Minimal image on KVM (specifically `proxmox`) without the use of `uvtool`. It looks like this is published as either a rootfs tarball, a squashfs tarball, or a QCOW2 image. I've tried using the image, but I'm not having much luck and the VM is just stuck booting forever. Where can I look for
<DWSR> more information?
<Fieldy> what's the proper way to configure networking in server 18.04.3 LTS? many examples I see talk about configuring /etc/network/interfaces , another mentions /etc/systemd/ however that's empty, another says netplan...
<mwhudson> Fieldy: netplan is the default
<Fieldy> mwhudson: okay, thank you
<coreycb> sahid: will networking-odl build with testresources >= 2.0.0?
<coreycb> sahid: are you looking at networking-bgpvpn fixes?
<sahid> coreycb: nop i'm working in magnum and manila to merge them from Debian
<coreycb> sahid: ok can you look at networking-bgpvpn/-odl when you get a chance since the uploads are failing builds
<sahid> sure i will
<coreycb> thanks
<coreycb> sahid: i'm going to bump babel to 2.7.0 and I think that'll fix the backport failure
<coreycb> sahid: except i'm getting that LP "Path translation timed out" error again..
<coreycb> sahid: apparently that isn't fixed yet ^. i thought it was working but nonetheless cjwatson can work around it if we give tell him the repo we need.
<sahid> coreycb: I bumped python-sqlachemy-utils if you are ok to merge it that to resolve the dep issue with masakari
<sahid> and magnum seems to be ready
<roaksoax> win 3
<coreycb> sahid: any chance we could get to 3.36.0? https://github.com/openstack/requirements/blob/master/upper-constraints.txt#L310
<sahid> coreycb: why?
<sahid> ah ok
<sahid> i will try
<coreycb> sahid: thanks. the more we can get to align with upper-constraints the better, especially with an LTS.
<sahid> coreycb: i think we are good with python-sqlalchemy-utils now
<sahid> masakari still does not want to merge, 'im on it
<coreycb> sahid: ok. I don't think we want to merge masakari.
<Ussat> \o/ JUst a follow up from yesterday, syslog-ng issue fixed
<Ussat> and a big FU to syslog for having a different formnat for recieving UDP and TCP...could not just simpoly change the protocol :)
<adamsmith34> Hello! I'm so close: 18.04 minimal install joined to Windows Server 2012 R2 domain but domain users are not found so I'm unable to authenticate using them. What piece of the puzzle should I look at?
<lordcirth> adamsmith34, what are you using for the join? sssd, nscd? Did you edit /etc/nssswitch?
<adamsmith34> I've discovered that the sssd service failed to start. It appears that I don't have a keytab.
<adamsmith34> Editing /etc/samba/smb.conf now...
<adamsmith34> I did edit /etc/nsswitch.conf, to answer your question.
<adamsmith34> Yep, sssd.service failing to start because of the missing keytab was part of the problem. I also found a typo in my /etc/smb.conf file. However, now when checking with 'su - domainuser' I get a return of "su: SYstem error". Any ideas?
<lordcirth> adamsmith34, there should be something more helpful in auth.log
<adamsmith34> Looks like it: pam_unix(lightdm:auth): authentication failure;
<adamsmith34> And other similar messages
<adamsmith34> It looks like the domain user authenticates but then access is denied.
<adamsmith34> pam_sss(su:auth): authentication success...pam_sss(su:account): Access denied for user: 4 (system error)..pam_acct_mgmt: system error
<sikun> do you have to specify the mtu on a bridge interface if the mtu is already specified on the bridge port? (jumbo frames)
<NwS> Heya guys a noob Q. I've installed ubuntu 18.04 on my server, created lvms etc, and now after a few months I've noticed that the default partition is tiny (like 3.9GB). Is there a way to increase that size without messing up the rest of the setup?
<bryce> NwS, did you set up the root partition with LVM?  If so see standard LVM tutorial on how to add to it.
<bryce> NwS, if not, lots of slightly more hassle ways of redoing the partition.  If you can handle having the server down for a period of time, then backup and restore onto a new partition is fairly straightforward and low risk
<bryce> NwS, workaround, might be to just create a new partition, copy everything from, say, /var or /usr to it, and then mount that partition on /var.
#ubuntu-server 2019-12-20
<NwS> bryce, I didn't touch the root partition at all I just created a new LVM (if I remember correctly) with all the HDD space left (didn't even notice how much) following a guide so I can setup the seedbox there and started using it
<NwS> https://pastebin.com/TWz474TK here is a df -h
<bryce> NwS yeah your / is totally on a lvm partition.  Just shrink your /data partition and increase / to what you want, you'll be good to go.
<bryce> NwS, google has tons of lvm tutorials, here's one that should cover what you need:  https://linuxtechlab.com/beginners-guide-resizing-lvm/
<blscoe> Hello. I would like to question about a cenario. I have a server with mail system, but it works only local because my provider block SMTP ports. I have a friend that have a public IP and no restrictions to send and receive emails with SMTP ports. I would like configure my postfix to send and receive all e-mails through my friend's server (redirect inbound and outbond traffic). For do it I going to install a postfix in my friend's
<blscoe> server to send or redirect this emails for internet (outbounding traffic) and receive the emails by the internet for my domain and redirect to my server over another port than 25, like submission port (inbound traffic).
<blscoe> I can redirect my MX entries to the Public IP of my friend. But my question is about what kind of configuration I need to use in my server and in my friend's server to do it. (Smarthost, Satelite?)
<blscoe> I read about a similar service called reflection, but I would like to configure by myself in postfix.
<blscoe> Thanks for help!
<blscoe> I got the answer lane, is transport_map. Thank you and sorry for anything. :)
<coreycb> sahid: do you mind if I update networking-odl? it's the last failing backport for ussuri atm.
<sahid> coreycb: yes please
<coreycb> sahid: ok that's on it's way
<coreycb> sahid: I've created lp:~ubuntu-server-dev/ubuntu/+source/python-tabulate. note that is going to require an MIR.
<coreycb> sahid: do you have any fixes in flight for networking-bgpvpn?
<coreycb> sahid: I think this upstream hasn't caught up to the latest neutron updates, in particular https://opendev.org/openstack/neutron/commit/b4972e246d972885e216d437eb192ef76e82e890
<sahid> coreycb: nop i think you were working on it
<coreycb> sahid: do you have a bug open upstream for the barbican py38 failures? if not can you open one and we'll doc it in the patch header.
<coreycb> sahid: fyi re patch headers: http://packaging.ubuntu.com/html/patches-to-packages.html#patch-headers
<sahid> coreycb: ack
<coreycb> sahid: same for masakari and manila - they'll need upstream bugs. thanks. good to catch these early in the cycle and hopefully upstream will get to them before we have to.
<coreycb> sahid: in the bugs i've been opening i've been telling upstream how to update tox.ini to pick up python3.8 in bionic to recreate. basepython has typically needed updating to point directly at python3.8. (tox -e py38 by default wasn't getting the right py3 version without that)
<coreycb> sahid: example bug 1856848
<ubottu> bug 1856848 in OpenStack Identity (keystone) "py38 unit test failure - TestCheckForMutableDefaultArgs" [Undecided,Confirmed] https://launchpad.net/bugs/1856848
<coreycb> sahid: sorry one more thing please tag bugs with py38
#ubuntu-server 2019-12-22
<vlm> working on an assignment and wondering if its possibel to limit a users access to the use of functions and aliases other than changing ownership of files,is this possible through a pam module or so?
<weedmic> vlm: you can do this with group membership, for example, vboxuser group, no membership - no way to start vbox.  you can do that with anything
<vlm> weedmic ahh ok cheers
